From null at suse.de Fri Nov 1 08:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Nov 2024 08:30:05 -0000 Subject: SUSE-SU-2024:3861-1: moderate: Security update for uwsgi Message-ID: <173044980596.6932.16329370933793073688@smelt2.prg2.suse.org> # Security update for uwsgi Announcement ID: SUSE-SU-2024:3861-1 Release Date: 2024-11-01T06:34:07Z Rating: moderate References: * bsc#1222332 Cross-References: * CVE-2024-24795 CVSS scores: * CVE-2024-24795 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for uwsgi fixes the following issues: * CVE-2024-24795: Fixed HTTP Response Splitting in multiple modules (bsc#1222332) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3861=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3861=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3861=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3861=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3861=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * uwsgi-xslt-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-emperor_pg-2.0.19.1-150400.8.3.1 * uwsgi-sqlite3-2.0.19.1-150400.8.3.1 * uwsgi-emperor_pg-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-jvm-2.0.19.1-150400.8.3.1 * uwsgi-pypy-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-debugsource-2.0.19.1-150400.8.3.1 * uwsgi-psgi-2.0.19.1-150400.8.3.1 * apache2-mod_uwsgi-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-emperor_zeromq-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-ldap-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-lua-2.0.19.1-150400.8.3.1 * uwsgi-gevent-2.0.19.1-150400.8.3.1 * uwsgi-xslt-2.0.19.1-150400.8.3.1 * uwsgi-jvm-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-pam-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-psgi-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-python3-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-pam-2.0.19.1-150400.8.3.1 * uwsgi-libffi-2.0.19.1-150400.8.3.1 * uwsgi-python3-2.0.19.1-150400.8.3.1 * uwsgi-glusterfs-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-pypy-2.0.19.1-150400.8.3.1 * uwsgi-greenlet-2.0.19.1-150400.8.3.1 * uwsgi-greenlet-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-libffi-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-2.0.19.1-150400.8.3.1 * uwsgi-emperor_zeromq-2.0.19.1-150400.8.3.1 * uwsgi-gevent-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-glusterfs-2.0.19.1-150400.8.3.1 * uwsgi-logzmq-2.0.19.1-150400.8.3.1 * uwsgi-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-sqlite3-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-logzmq-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-php7-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-php7-2.0.19.1-150400.8.3.1 * uwsgi-ldap-2.0.19.1-150400.8.3.1 * apache2-mod_uwsgi-2.0.19.1-150400.8.3.1 * uwsgi-lua-debuginfo-2.0.19.1-150400.8.3.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * uwsgi-xslt-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-emperor_pg-2.0.19.1-150400.8.3.1 * uwsgi-sqlite3-2.0.19.1-150400.8.3.1 * uwsgi-emperor_pg-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-jvm-2.0.19.1-150400.8.3.1 * uwsgi-pypy-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-debugsource-2.0.19.1-150400.8.3.1 * uwsgi-psgi-2.0.19.1-150400.8.3.1 * apache2-mod_uwsgi-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-emperor_zeromq-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-ldap-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-lua-2.0.19.1-150400.8.3.1 * uwsgi-gevent-2.0.19.1-150400.8.3.1 * uwsgi-xslt-2.0.19.1-150400.8.3.1 * uwsgi-jvm-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-pam-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-psgi-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-python3-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-pam-2.0.19.1-150400.8.3.1 * uwsgi-libffi-2.0.19.1-150400.8.3.1 * uwsgi-python3-2.0.19.1-150400.8.3.1 * uwsgi-glusterfs-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-pypy-2.0.19.1-150400.8.3.1 * uwsgi-greenlet-2.0.19.1-150400.8.3.1 * uwsgi-greenlet-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-libffi-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-2.0.19.1-150400.8.3.1 * uwsgi-emperor_zeromq-2.0.19.1-150400.8.3.1 * uwsgi-gevent-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-glusterfs-2.0.19.1-150400.8.3.1 * uwsgi-logzmq-2.0.19.1-150400.8.3.1 * uwsgi-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-sqlite3-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-logzmq-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-php7-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-php7-2.0.19.1-150400.8.3.1 * uwsgi-ldap-2.0.19.1-150400.8.3.1 * apache2-mod_uwsgi-2.0.19.1-150400.8.3.1 * uwsgi-lua-debuginfo-2.0.19.1-150400.8.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * uwsgi-xslt-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-emperor_pg-2.0.19.1-150400.8.3.1 * uwsgi-sqlite3-2.0.19.1-150400.8.3.1 * uwsgi-emperor_pg-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-jvm-2.0.19.1-150400.8.3.1 * uwsgi-pypy-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-debugsource-2.0.19.1-150400.8.3.1 * uwsgi-psgi-2.0.19.1-150400.8.3.1 * apache2-mod_uwsgi-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-emperor_zeromq-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-ldap-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-lua-2.0.19.1-150400.8.3.1 * uwsgi-gevent-2.0.19.1-150400.8.3.1 * uwsgi-xslt-2.0.19.1-150400.8.3.1 * uwsgi-jvm-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-pam-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-psgi-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-python3-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-pam-2.0.19.1-150400.8.3.1 * uwsgi-libffi-2.0.19.1-150400.8.3.1 * uwsgi-python3-2.0.19.1-150400.8.3.1 * uwsgi-glusterfs-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-pypy-2.0.19.1-150400.8.3.1 * uwsgi-greenlet-2.0.19.1-150400.8.3.1 * uwsgi-greenlet-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-libffi-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-2.0.19.1-150400.8.3.1 * uwsgi-emperor_zeromq-2.0.19.1-150400.8.3.1 * uwsgi-gevent-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-glusterfs-2.0.19.1-150400.8.3.1 * uwsgi-logzmq-2.0.19.1-150400.8.3.1 * uwsgi-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-sqlite3-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-logzmq-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-php7-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-php7-2.0.19.1-150400.8.3.1 * uwsgi-ldap-2.0.19.1-150400.8.3.1 * apache2-mod_uwsgi-2.0.19.1-150400.8.3.1 * uwsgi-lua-debuginfo-2.0.19.1-150400.8.3.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * uwsgi-xslt-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-emperor_pg-2.0.19.1-150400.8.3.1 * uwsgi-sqlite3-2.0.19.1-150400.8.3.1 * uwsgi-emperor_pg-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-jvm-2.0.19.1-150400.8.3.1 * uwsgi-pypy-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-debugsource-2.0.19.1-150400.8.3.1 * uwsgi-psgi-2.0.19.1-150400.8.3.1 * apache2-mod_uwsgi-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-emperor_zeromq-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-ldap-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-lua-2.0.19.1-150400.8.3.1 * uwsgi-gevent-2.0.19.1-150400.8.3.1 * uwsgi-xslt-2.0.19.1-150400.8.3.1 * uwsgi-jvm-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-pam-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-psgi-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-python3-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-pam-2.0.19.1-150400.8.3.1 * uwsgi-libffi-2.0.19.1-150400.8.3.1 * uwsgi-python3-2.0.19.1-150400.8.3.1 * uwsgi-glusterfs-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-pypy-2.0.19.1-150400.8.3.1 * uwsgi-greenlet-2.0.19.1-150400.8.3.1 * uwsgi-greenlet-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-libffi-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-2.0.19.1-150400.8.3.1 * uwsgi-emperor_zeromq-2.0.19.1-150400.8.3.1 * uwsgi-gevent-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-glusterfs-2.0.19.1-150400.8.3.1 * uwsgi-logzmq-2.0.19.1-150400.8.3.1 * uwsgi-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-sqlite3-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-logzmq-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-php7-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-php7-2.0.19.1-150400.8.3.1 * uwsgi-ldap-2.0.19.1-150400.8.3.1 * apache2-mod_uwsgi-2.0.19.1-150400.8.3.1 * uwsgi-lua-debuginfo-2.0.19.1-150400.8.3.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * uwsgi-xslt-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-emperor_pg-2.0.19.1-150400.8.3.1 * uwsgi-sqlite3-2.0.19.1-150400.8.3.1 * uwsgi-emperor_pg-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-jvm-2.0.19.1-150400.8.3.1 * uwsgi-pypy-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-debugsource-2.0.19.1-150400.8.3.1 * uwsgi-psgi-2.0.19.1-150400.8.3.1 * apache2-mod_uwsgi-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-emperor_zeromq-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-ldap-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-lua-2.0.19.1-150400.8.3.1 * uwsgi-gevent-2.0.19.1-150400.8.3.1 * uwsgi-xslt-2.0.19.1-150400.8.3.1 * uwsgi-jvm-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-pam-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-psgi-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-python3-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-pam-2.0.19.1-150400.8.3.1 * uwsgi-libffi-2.0.19.1-150400.8.3.1 * uwsgi-python3-2.0.19.1-150400.8.3.1 * uwsgi-glusterfs-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-pypy-2.0.19.1-150400.8.3.1 * uwsgi-greenlet-2.0.19.1-150400.8.3.1 * uwsgi-greenlet-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-libffi-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-2.0.19.1-150400.8.3.1 * uwsgi-emperor_zeromq-2.0.19.1-150400.8.3.1 * uwsgi-gevent-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-glusterfs-2.0.19.1-150400.8.3.1 * uwsgi-logzmq-2.0.19.1-150400.8.3.1 * uwsgi-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-sqlite3-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-logzmq-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-php7-debuginfo-2.0.19.1-150400.8.3.1 * uwsgi-php7-2.0.19.1-150400.8.3.1 * uwsgi-ldap-2.0.19.1-150400.8.3.1 * apache2-mod_uwsgi-2.0.19.1-150400.8.3.1 * uwsgi-lua-debuginfo-2.0.19.1-150400.8.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24795.html * https://bugzilla.suse.com/show_bug.cgi?id=1222332 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Nov 2024 16:30:05 -0000 Subject: SUSE-SU-2024:3878-1: moderate: Security update for rubygem-actionmailer-5_1 Message-ID: <173047860510.4695.18213717975456905609@smelt2.prg2.suse.org> # Security update for rubygem-actionmailer-5_1 Announcement ID: SUSE-SU-2024:3878-1 Release Date: 2024-11-01T15:32:40Z Rating: moderate References: * bsc#1231723 Cross-References: * CVE-2024-47889 CVSS scores: * CVE-2024-47889 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47889 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise High Availability Extension 15 SP2 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.1 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.1 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for rubygem-actionmailer-5_1 fixes the following issues: * CVE-2024-47889: Fixed Possible ReDoS vulnerability in block_format in Action Mailer (bsc#1231723). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Availability Extension 15 SP2 zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2024-3878=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2024-3878=1 * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2024-3878=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-3878=1 ## Package List: * SUSE Linux Enterprise High Availability Extension 15 SP2 (s390x x86_64) * ruby2.5-rubygem-actionmailer-5_1-5.1.4-150000.3.3.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x) * ruby2.5-rubygem-actionmailer-5_1-5.1.4-150000.3.3.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (ppc64le s390x) * ruby2.5-rubygem-actionmailer-5_1-5.1.4-150000.3.3.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (ppc64le x86_64) * ruby2.5-rubygem-actionmailer-5_1-5.1.4-150000.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47889.html * https://bugzilla.suse.com/show_bug.cgi?id=1231723 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Nov 2024 16:30:11 -0000 Subject: SUSE-SU-2024:3877-1: moderate: Security update for rubygem-actionpack-5_1 Message-ID: <173047861163.4695.17472962735320457927@smelt2.prg2.suse.org> # Security update for rubygem-actionpack-5_1 Announcement ID: SUSE-SU-2024:3877-1 Release Date: 2024-11-01T15:31:28Z Rating: moderate References: * bsc#1228667 * bsc#1231729 Cross-References: * CVE-2024-42228 * CVE-2024-47887 CVSS scores: * CVE-2024-42228 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42228 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47887 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47887 ( NVD ): 6.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for rubygem-actionpack-5_1 fixes the following issues: * CVE-2024-47887: Fixed Possible ReDoS vulnerability in HTTP Token authentication in Action Controller (bsc#1231729). * CVE-2024-42228: Fixed uninitialized value *size when calling amdgpu_vce_cs_reloc (bsc#1228667). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-3877=1 * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2024-3877=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2024-3877=1 * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2024-3877=1 ## Package List: * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 s390x x86_64) * ruby2.5-rubygem-actionpack-5_1-5.1.4-150000.3.32.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le x86_64) * ruby2.5-rubygem-actionpack-5_1-5.1.4-150000.3.32.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (s390x) * ruby2.5-rubygem-actionpack-5_1-5.1.4-150000.3.32.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-actionpack-5_1-5.1.4-150000.3.32.1 ## References: * https://www.suse.com/security/cve/CVE-2024-42228.html * https://www.suse.com/security/cve/CVE-2024-47887.html * https://bugzilla.suse.com/show_bug.cgi?id=1228667 * https://bugzilla.suse.com/show_bug.cgi?id=1231729 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Nov 2024 16:30:14 -0000 Subject: SUSE-SU-2024:3876-1: important: Security update for python-waitress Message-ID: <173047861438.4695.2470307204246451819@smelt2.prg2.suse.org> # Security update for python-waitress Announcement ID: SUSE-SU-2024:3876-1 Release Date: 2024-11-01T15:29:52Z Rating: important References: * bsc#1232554 * bsc#1232556 Cross-References: * CVE-2024-49768 * CVE-2024-49769 CVSS scores: * CVE-2024-49768 ( SUSE ): 9.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-49768 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2024-49768 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2024-49769 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49769 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49769 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * Python 3 Module 15-SP5 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for python-waitress fixes the following issues: * CVE-2024-49768: Fixed request processing race condition in HTTP pipelining with invalid first request when lookahead is enabled (bsc#1232556) * CVE-2024-49769: Fixed incorrect connection clean up leads to a busy-loop and resource exhaustion (bsc#1232554) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3876=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-3876=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-3876=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3876=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3876=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3876=1 ## Package List: * openSUSE Leap 15.5 (noarch) * python311-waitress-2.1.2-150400.12.7.1 * python311-waitress-doc-2.1.2-150400.12.7.1 * Python 3 Module 15-SP5 (noarch) * python311-waitress-2.1.2-150400.12.7.1 * python311-waitress-doc-2.1.2-150400.12.7.1 * Python 3 Module 15-SP6 (noarch) * python311-waitress-2.1.2-150400.12.7.1 * python311-waitress-doc-2.1.2-150400.12.7.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python311-waitress-2.1.2-150400.12.7.1 * python311-waitress-doc-2.1.2-150400.12.7.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python311-waitress-2.1.2-150400.12.7.1 * python311-waitress-doc-2.1.2-150400.12.7.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * python311-waitress-2.1.2-150400.12.7.1 * python311-waitress-doc-2.1.2-150400.12.7.1 ## References: * https://www.suse.com/security/cve/CVE-2024-49768.html * https://www.suse.com/security/cve/CVE-2024-49769.html * https://bugzilla.suse.com/show_bug.cgi?id=1232554 * https://bugzilla.suse.com/show_bug.cgi?id=1232556 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:30:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Nov 2024 16:30:20 -0000 Subject: SUSE-SU-2024:3875-1: moderate: Security update for java-11-openjdk Message-ID: <173047862053.4695.14721585268857724195@smelt2.prg2.suse.org> # Security update for java-11-openjdk Announcement ID: SUSE-SU-2024:3875-1 Release Date: 2024-11-01T15:29:10Z Rating: moderate References: * bsc#1231702 * bsc#1231711 * bsc#1231716 * bsc#1231719 Cross-References: * CVE-2024-21208 * CVE-2024-21210 * CVE-2024-21217 * CVE-2024-21235 CVSS scores: * CVE-2024-21208 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-21208 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21208 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21210 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-21210 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21210 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21217 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-21217 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21217 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21235 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-21235 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21235 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP5 * Legacy Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for java-11-openjdk fixes the following issues: Updated to version 11.0.25+9 (October 2024 CPU): * CVE-2024-21208: Fixed partial DoS in component Networking (bsc#1231702) * CVE-2024-21210: Fixed unauthorized read/write access to data in component Hotspot (bsc#1231711) * CVE-2024-21217: Fixed partial DoS in component Serialization (bsc#1231716) * CVE-2024-21235: Fixed unauthorized read/write access to data in component Hotspot (bsc#1231719) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3875=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3875=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3875=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-3875=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3875=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3875=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3875=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3875=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3875=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3875=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3875=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3875=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3875=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3875=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3875=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3875=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3875=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3875=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-src-11.0.25.0-150000.3.119.1 * java-11-openjdk-debuginfo-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-jmods-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * openSUSE Leap 15.5 (noarch) * java-11-openjdk-javadoc-11.0.25.0-150000.3.119.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-debuginfo-11.0.25.0-150000.3.119.1 * java-11-openjdk-src-11.0.25.0-150000.3.119.1 * java-11-openjdk-debuginfo-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-jmods-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-debuginfo-11.0.25.0-150000.3.119.1 * openSUSE Leap 15.6 (noarch) * java-11-openjdk-javadoc-11.0.25.0-150000.3.119.1 * Basesystem Module 15-SP5 (ppc64le x86_64) * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * Legacy Module 15-SP6 (ppc64le s390x) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-debuginfo-11.0.25.0-150000.3.119.1 * java-11-openjdk-debuginfo-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-debuginfo-11.0.25.0-150000.3.119.1 * SUSE Package Hub 15 15-SP5 (noarch) * java-11-openjdk-javadoc-11.0.25.0-150000.3.119.1 * SUSE Package Hub 15 15-SP6 (noarch) * java-11-openjdk-javadoc-11.0.25.0-150000.3.119.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 s390x) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-debuginfo-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (s390x) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-debuginfo-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-debuginfo-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-debuginfo-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Manager Proxy 4.3 (x86_64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Manager Server 4.3 (s390x) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-debuginfo-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21208.html * https://www.suse.com/security/cve/CVE-2024-21210.html * https://www.suse.com/security/cve/CVE-2024-21217.html * https://www.suse.com/security/cve/CVE-2024-21235.html * https://bugzilla.suse.com/show_bug.cgi?id=1231702 * https://bugzilla.suse.com/show_bug.cgi?id=1231711 * https://bugzilla.suse.com/show_bug.cgi?id=1231716 * https://bugzilla.suse.com/show_bug.cgi?id=1231719 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:30:26 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Nov 2024 16:30:26 -0000 Subject: SUSE-SU-2024:3874-1: important: Security update for ruby2.5 Message-ID: <173047862664.4695.3468006211604879891@smelt2.prg2.suse.org> # Security update for ruby2.5 Announcement ID: SUSE-SU-2024:3874-1 Release Date: 2024-11-01T15:26:07Z Rating: important References: * bsc#1224390 * bsc#1228072 * bsc#1228794 * bsc#1228799 * bsc#1229673 Cross-References: * CVE-2024-35176 * CVE-2024-39908 * CVE-2024-41123 * CVE-2024-41946 * CVE-2024-43398 CVSS scores: * CVE-2024-35176 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-39908 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41123 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-41123 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41123 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41123 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41946 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-41946 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41946 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43398 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43398 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities can now be installed. ## Description: This update for ruby2.5 fixes the following issues: * CVE-2024-43398: Fixed DoS when parsing a XML that has many deep elements with the same local name attributes (bsc#1229673) * CVE-2024-41123: Fixed DoS when parsing an XML that contains many specific characters such as whitespaces, >] and ]> (bsc#1228794) * CVE-2024-41946: Fixed DoS when parsing an XML that has many entity expansions with SAX2 or pull parser API (bsc#1228799) * CVE-2024-35176: Fixed DoS when parsing an XML that has many left angled brackets in an attribute value (bsc#1224390) * CVE-2024-39908: Fixed ReDos when parsing an XML that has many specific characters (bsc#1228072) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3874=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3874=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3874=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3874=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3874=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3874=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3874=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3874=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3874=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3874=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3874=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3874=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3874=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3874=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Manager Server 4.3 (ppc64le s390x) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * Basesystem Module 15-SP5 (ppc64le) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * Basesystem Module 15-SP6 (x86_64) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 ## References: * https://www.suse.com/security/cve/CVE-2024-35176.html * https://www.suse.com/security/cve/CVE-2024-39908.html * https://www.suse.com/security/cve/CVE-2024-41123.html * https://www.suse.com/security/cve/CVE-2024-41946.html * https://www.suse.com/security/cve/CVE-2024-43398.html * https://bugzilla.suse.com/show_bug.cgi?id=1224390 * https://bugzilla.suse.com/show_bug.cgi?id=1228072 * https://bugzilla.suse.com/show_bug.cgi?id=1228794 * https://bugzilla.suse.com/show_bug.cgi?id=1228799 * https://bugzilla.suse.com/show_bug.cgi?id=1229673 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:30:29 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Nov 2024 16:30:29 -0000 Subject: SUSE-SU-2024:3873-1: important: Security update for rubygem-bundler Message-ID: <173047862930.4695.12122151750675296356@smelt2.prg2.suse.org> # Security update for rubygem-bundler Announcement ID: SUSE-SU-2024:3873-1 Release Date: 2024-11-01T15:23:36Z Rating: important References: * bsc#1193578 Cross-References: * CVE-2021-43809 CVSS scores: * CVE-2021-43809 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2021-43809 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for rubygem-bundler fixes the following issues: * CVE-2021-43809: Fixed remote execution via Gemfile argument injection (bsc#1193578) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3873=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3873=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3873=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3873=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3873=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3873=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3873=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3873=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3873=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3873=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3873=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 * ruby2.5-rubygem-bundler-doc-1.16.1-150000.3.6.1 * Basesystem Module 15-SP5 (ppc64le x86_64) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 * Basesystem Module 15-SP6 (aarch64 s390x x86_64) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (ppc64le x86_64) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 s390x) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 * SUSE Manager Server 4.3 (s390x x86_64) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-43809.html * https://bugzilla.suse.com/show_bug.cgi?id=1193578 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:30:34 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Nov 2024 16:30:34 -0000 Subject: SUSE-SU-2024:3872-1: moderate: Security update for openssl-1_1 Message-ID: <173047863461.4695.1414642892444294637@smelt2.prg2.suse.org> # Security update for openssl-1_1 Announcement ID: SUSE-SU-2024:3872-1 Release Date: 2024-11-01T15:20:59Z Rating: moderate References: * bsc#1220262 Cross-References: * CVE-2023-50782 CVSS scores: * CVE-2023-50782 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-1_1 fixes the following issues: * CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3872=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3872=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3872=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3872=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3872=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3872=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3872=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3872=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3872=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3872=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x) * libopenssl1_1-1.1.1l-150400.7.75.1 * openssl-1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-1.1.1l-150400.7.75.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.75.1 * openssl-1_1-debugsource-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-1.1.1l-150400.7.75.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.75.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x) * libopenssl1_1-1.1.1l-150400.7.75.1 * openssl-1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-1.1.1l-150400.7.75.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.75.1 * openssl-1_1-debugsource-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-1.1.1l-150400.7.75.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.75.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (s390x x86_64) * libopenssl1_1-1.1.1l-150400.7.75.1 * openssl-1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-1.1.1l-150400.7.75.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.75.1 * openssl-1_1-debugsource-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-1.1.1l-150400.7.75.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.75.1 * SUSE Linux Enterprise Micro 5.4 (s390x x86_64) * libopenssl1_1-1.1.1l-150400.7.75.1 * openssl-1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-1.1.1l-150400.7.75.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.75.1 * openssl-1_1-debugsource-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-1.1.1l-150400.7.75.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.75.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libopenssl1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.75.1 * openssl-1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-1.1.1l-150400.7.75.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.75.1 * openssl-1_1-debugsource-1.1.1l-150400.7.75.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.75.1 * libopenssl1_1-32bit-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-1.1.1l-150400.7.75.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.75.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * libopenssl1_1-1.1.1l-150400.7.75.1 * openssl-1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-1.1.1l-150400.7.75.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.75.1 * openssl-1_1-debugsource-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-1.1.1l-150400.7.75.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.75.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * libopenssl1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.75.1 * openssl-1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-1.1.1l-150400.7.75.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.75.1 * openssl-1_1-debugsource-1.1.1l-150400.7.75.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.75.1 * libopenssl1_1-32bit-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-1.1.1l-150400.7.75.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.75.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libopenssl1_1-1.1.1l-150400.7.75.1 * openssl-1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-1.1.1l-150400.7.75.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.75.1 * openssl-1_1-debugsource-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-1.1.1l-150400.7.75.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.75.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.75.1 * libopenssl1_1-32bit-1.1.1l-150400.7.75.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.75.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libopenssl1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.75.1 * openssl-1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-1.1.1l-150400.7.75.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.75.1 * openssl-1_1-debugsource-1.1.1l-150400.7.75.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.75.1 * libopenssl1_1-32bit-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-1.1.1l-150400.7.75.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.75.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libopenssl1_1-1.1.1l-150400.7.75.1 * openssl-1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-1.1.1l-150400.7.75.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.75.1 * openssl-1_1-debugsource-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-1.1.1l-150400.7.75.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.75.1 * SUSE Manager Server 4.3 (x86_64) * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.75.1 * libopenssl1_1-32bit-1.1.1l-150400.7.75.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.75.1 ## References: * https://www.suse.com/security/cve/CVE-2023-50782.html * https://bugzilla.suse.com/show_bug.cgi?id=1220262 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:30:40 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Nov 2024 16:30:40 -0000 Subject: SUSE-SU-2024:3871-1: important: Security update for openssl-3 Message-ID: <173047864082.4695.3039796887777254093@smelt2.prg2.suse.org> # Security update for openssl-3 Announcement ID: SUSE-SU-2024:3871-1 Release Date: 2024-11-01T15:20:05Z Rating: important References: * bsc#1220262 * bsc#1230698 Cross-References: * CVE-2023-50782 * CVE-2024-41996 CVSS scores: * CVE-2023-50782 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-41996 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41996 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for openssl-3 fixes the following issues: * CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262) * CVE-2024-41996: Avoid expensive public key validation for known safe-prime groups (DHEATATTACK) (bsc#1230698) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3871=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3871=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3871=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3871=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3871=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3871=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3871=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.69.1 * openssl-3-debugsource-3.0.8-150400.4.69.1 * libopenssl3-3.0.8-150400.4.69.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.69.1 * openssl-3-debugsource-3.0.8-150400.4.69.1 * libopenssl3-3.0.8-150400.4.69.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.69.1 * openssl-3-debugsource-3.0.8-150400.4.69.1 * libopenssl3-3.0.8-150400.4.69.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.69.1 * openssl-3-debugsource-3.0.8-150400.4.69.1 * libopenssl3-3.0.8-150400.4.69.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.69.1 * libopenssl3-3.0.8-150400.4.69.1 * openssl-3-debuginfo-3.0.8-150400.4.69.1 * openssl-3-3.0.8-150400.4.69.1 * openssl-3-debugsource-3.0.8-150400.4.69.1 * libopenssl-3-devel-3.0.8-150400.4.69.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (ppc64le s390x x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.69.1 * libopenssl3-3.0.8-150400.4.69.1 * openssl-3-debuginfo-3.0.8-150400.4.69.1 * openssl-3-3.0.8-150400.4.69.1 * openssl-3-debugsource-3.0.8-150400.4.69.1 * libopenssl-3-devel-3.0.8-150400.4.69.1 * SUSE Manager Server 4.3 (s390x) * libopenssl3-debuginfo-3.0.8-150400.4.69.1 * libopenssl3-3.0.8-150400.4.69.1 * openssl-3-debuginfo-3.0.8-150400.4.69.1 * openssl-3-3.0.8-150400.4.69.1 * openssl-3-debugsource-3.0.8-150400.4.69.1 * libopenssl-3-devel-3.0.8-150400.4.69.1 ## References: * https://www.suse.com/security/cve/CVE-2023-50782.html * https://www.suse.com/security/cve/CVE-2024-41996.html * https://bugzilla.suse.com/show_bug.cgi?id=1220262 * https://bugzilla.suse.com/show_bug.cgi?id=1230698 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:30:43 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Nov 2024 16:30:43 -0000 Subject: SUSE-SU-2024:3870-1: important: Security update for webkit2gtk3 Message-ID: <173047864363.4695.7802158406155418663@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2024:3870-1 Release Date: 2024-11-01T15:19:12Z Rating: important References: * bsc#1231039 Cross-References: * CVE-2024-23206 * CVE-2024-23213 * CVE-2024-23222 * CVE-2024-23271 * CVE-2024-27808 * CVE-2024-27820 * CVE-2024-27833 * CVE-2024-27834 * CVE-2024-27838 * CVE-2024-27851 * CVE-2024-40866 * CVE-2024-44187 * CVE-2024-4558 CVSS scores: * CVE-2024-23206 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-23206 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-23213 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23213 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23222 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23222 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23271 ( SUSE ): 4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2024-27808 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27808 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27820 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27820 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27833 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27833 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27834 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27838 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-27838 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-27851 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27851 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40866 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-40866 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-44187 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-44187 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves 13 vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.46.0 (bsc#1231039). * CVE-2024-40866 * CVE-2024-44187 Already fixed in version 2.44.3: * CVE-2024-4558 * CVE-2024-27838 * CVE-2024-27851 Already fixed in version 2.44.2: * CVE-2024-27834 * CVE-2024-27808 * CVE-2024-27820 * CVE-2024-27833 Already fixed in version 2.44.1: * CVE-2024-23222 * CVE-2024-23206 * CVE-2024-23213 * CVE-2024-23271 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3870=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3870=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3870=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3870=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * libjavascriptcoregtk-4_0-18-2.46.0-150200.121.1 * typelib-1_0-JavaScriptCore-4_0-2.46.0-150200.121.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150200.121.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.0-150200.121.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150200.121.1 * webkit2gtk3-debugsource-2.46.0-150200.121.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150200.121.1 * webkit2gtk3-devel-2.46.0-150200.121.1 * webkit2gtk-4_0-injected-bundles-2.46.0-150200.121.1 * libwebkit2gtk-4_0-37-2.46.0-150200.121.1 * typelib-1_0-WebKit2-4_0-2.46.0-150200.121.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * libwebkit2gtk3-lang-2.46.0-150200.121.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x) * libjavascriptcoregtk-4_0-18-2.46.0-150200.121.1 * typelib-1_0-JavaScriptCore-4_0-2.46.0-150200.121.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150200.121.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.0-150200.121.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150200.121.1 * webkit2gtk3-debugsource-2.46.0-150200.121.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150200.121.1 * webkit2gtk3-devel-2.46.0-150200.121.1 * webkit2gtk-4_0-injected-bundles-2.46.0-150200.121.1 * libwebkit2gtk-4_0-37-2.46.0-150200.121.1 * typelib-1_0-WebKit2-4_0-2.46.0-150200.121.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * libwebkit2gtk3-lang-2.46.0-150200.121.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (s390x) * libjavascriptcoregtk-4_0-18-2.46.0-150200.121.1 * typelib-1_0-JavaScriptCore-4_0-2.46.0-150200.121.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150200.121.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.0-150200.121.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150200.121.1 * webkit2gtk3-debugsource-2.46.0-150200.121.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150200.121.1 * webkit2gtk3-devel-2.46.0-150200.121.1 * webkit2gtk-4_0-injected-bundles-2.46.0-150200.121.1 * libwebkit2gtk-4_0-37-2.46.0-150200.121.1 * typelib-1_0-WebKit2-4_0-2.46.0-150200.121.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * libwebkit2gtk3-lang-2.46.0-150200.121.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libjavascriptcoregtk-4_0-18-2.46.0-150200.121.1 * typelib-1_0-JavaScriptCore-4_0-2.46.0-150200.121.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150200.121.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.0-150200.121.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150200.121.1 * webkit2gtk3-debugsource-2.46.0-150200.121.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150200.121.1 * webkit2gtk3-devel-2.46.0-150200.121.1 * webkit2gtk-4_0-injected-bundles-2.46.0-150200.121.1 * libwebkit2gtk-4_0-37-2.46.0-150200.121.1 * typelib-1_0-WebKit2-4_0-2.46.0-150200.121.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * libwebkit2gtk3-lang-2.46.0-150200.121.1 ## References: * https://www.suse.com/security/cve/CVE-2024-23206.html * https://www.suse.com/security/cve/CVE-2024-23213.html * https://www.suse.com/security/cve/CVE-2024-23222.html * https://www.suse.com/security/cve/CVE-2024-23271.html * https://www.suse.com/security/cve/CVE-2024-27808.html * https://www.suse.com/security/cve/CVE-2024-27820.html * https://www.suse.com/security/cve/CVE-2024-27833.html * https://www.suse.com/security/cve/CVE-2024-27834.html * https://www.suse.com/security/cve/CVE-2024-27838.html * https://www.suse.com/security/cve/CVE-2024-27851.html * https://www.suse.com/security/cve/CVE-2024-40866.html * https://www.suse.com/security/cve/CVE-2024-44187.html * https://www.suse.com/security/cve/CVE-2024-4558.html * https://bugzilla.suse.com/show_bug.cgi?id=1231039 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:30:47 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Nov 2024 16:30:47 -0000 Subject: SUSE-SU-2024:3869-1: important: Security update for webkit2gtk3 Message-ID: <173047864708.4695.12528901680273160630@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2024:3869-1 Release Date: 2024-11-01T15:18:16Z Rating: important References: * bsc#1231039 Cross-References: * CVE-2024-23206 * CVE-2024-23213 * CVE-2024-23222 * CVE-2024-23271 * CVE-2024-27808 * CVE-2024-27820 * CVE-2024-27833 * CVE-2024-27834 * CVE-2024-27838 * CVE-2024-27851 * CVE-2024-40866 * CVE-2024-44187 * CVE-2024-4558 CVSS scores: * CVE-2024-23206 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-23206 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-23213 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23213 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23222 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23222 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23271 ( SUSE ): 4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2024-27808 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27808 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27820 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27820 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27833 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27833 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27834 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27838 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-27838 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-27851 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27851 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40866 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-40866 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-44187 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-44187 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Retail Branch Server 4.3 An update that solves 13 vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.46.0 (bsc#1231039). * CVE-2024-40866 * CVE-2024-44187 Already fixed in version 2.44.3: * CVE-2024-4558 * CVE-2024-27838 * CVE-2024-27851 Already fixed in version 2.44.2: * CVE-2024-27834 * CVE-2024-27808 * CVE-2024-27820 * CVE-2024-27833 Already fixed in version 2.44.1: * CVE-2024-23222 * CVE-2024-23206 * CVE-2024-23213 * CVE-2024-23271 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3869=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3869=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-3869=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3869=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3869=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3869=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3869=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3869=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3869=1 ## Package List: * openSUSE Leap 15.4 (noarch) * WebKitGTK-4.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-6.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-4.1-lang-2.46.0-150400.4.91.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * typelib-1_0-JavaScriptCore-6_0-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-2.46.0-150400.4.91.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.0-150400.4.91.1 * webkit-jsc-6.0-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkitgtk-6_0-injected-bundles-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-2.46.0-150400.4.91.1 * webkit2gtk4-debugsource-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150400.4.91.1 * webkit-jsc-4-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-2.46.0-150400.4.91.1 * webkit2gtk3-devel-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.46.0-150400.4.91.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkit2gtk3-minibrowser-2.46.0-150400.4.91.1 * webkit-jsc-4.1-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_1-2.46.0-150400.4.91.1 * webkit2gtk4-minibrowser-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-devel-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkit2gtk4-devel-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-minibrowser-2.46.0-150400.4.91.1 * webkit2gtk3-debugsource-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-debugsource-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-2.46.0-150400.4.91.1 * webkit2gtk4-minibrowser-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_0-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150400.4.91.1 * webkit-jsc-4-debuginfo-2.46.0-150400.4.91.1 * webkit2gtk3-minibrowser-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit-6_0-2.46.0-150400.4.91.1 * webkit-jsc-6.0-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_1-2.46.0-150400.4.91.1 * webkit-jsc-4.1-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_0-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-2.46.0-150400.4.91.1 * openSUSE Leap 15.4 (x86_64) * libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-32bit-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-32bit-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-32bit-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-32bit-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.0-150400.4.91.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-64bit-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-64bit-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-64bit-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-64bit-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.46.0-150400.4.91.1 * Basesystem Module 15-SP5 (noarch) * WebKitGTK-4.0-lang-2.46.0-150400.4.91.1 * Basesystem Module 15-SP5 (aarch64 ppc64le) * libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-devel-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-debugsource-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_0-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_0-2.46.0-150400.4.91.1 * Desktop Applications Module 15-SP5 (noarch) * WebKitGTK-4.1-lang-2.46.0-150400.4.91.1 * Desktop Applications Module 15-SP5 (ppc64le) * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-2.46.0-150400.4.91.1 * webkit2gtk3-debugsource-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_1-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_1-2.46.0-150400.4.91.1 * webkit2gtk3-devel-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-6.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-4.1-lang-2.46.0-150400.4.91.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libwebkit2gtk-4_0-37-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkitgtk-6_0-injected-bundles-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-2.46.0-150400.4.91.1 * webkit2gtk4-debugsource-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-2.46.0-150400.4.91.1 * webkit2gtk3-devel-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-devel-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkit2gtk3-debugsource-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-debugsource-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_0-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_1-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_0-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-2.46.0-150400.4.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-6.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-4.1-lang-2.46.0-150400.4.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libwebkit2gtk-4_0-37-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkitgtk-6_0-injected-bundles-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-2.46.0-150400.4.91.1 * webkit2gtk4-debugsource-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-2.46.0-150400.4.91.1 * webkit2gtk3-devel-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-devel-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkit2gtk3-debugsource-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-debugsource-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_0-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_1-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_0-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-2.46.0-150400.4.91.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * WebKitGTK-4.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-6.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-4.1-lang-2.46.0-150400.4.91.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libwebkit2gtk-4_0-37-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkitgtk-6_0-injected-bundles-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-2.46.0-150400.4.91.1 * webkit2gtk4-debugsource-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-2.46.0-150400.4.91.1 * webkit2gtk3-devel-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-devel-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkit2gtk3-debugsource-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-debugsource-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_0-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_1-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_0-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-2.46.0-150400.4.91.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * WebKitGTK-4.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-6.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-4.1-lang-2.46.0-150400.4.91.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64) * libwebkit2gtk-4_0-37-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkitgtk-6_0-injected-bundles-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-2.46.0-150400.4.91.1 * webkit2gtk4-debugsource-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-2.46.0-150400.4.91.1 * webkit2gtk3-devel-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-devel-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkit2gtk3-debugsource-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-debugsource-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_0-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_1-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_0-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-2.46.0-150400.4.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-6.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-4.1-lang-2.46.0-150400.4.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libwebkit2gtk-4_0-37-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkitgtk-6_0-injected-bundles-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-2.46.0-150400.4.91.1 * webkit2gtk4-debugsource-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-2.46.0-150400.4.91.1 * webkit2gtk3-devel-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-devel-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkit2gtk3-debugsource-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-debugsource-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_0-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_1-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_0-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-2.46.0-150400.4.91.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * WebKitGTK-4.0-lang-2.46.0-150400.4.91.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-devel-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-debugsource-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_0-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_0-2.46.0-150400.4.91.1 ## References: * https://www.suse.com/security/cve/CVE-2024-23206.html * https://www.suse.com/security/cve/CVE-2024-23213.html * https://www.suse.com/security/cve/CVE-2024-23222.html * https://www.suse.com/security/cve/CVE-2024-23271.html * https://www.suse.com/security/cve/CVE-2024-27808.html * https://www.suse.com/security/cve/CVE-2024-27820.html * https://www.suse.com/security/cve/CVE-2024-27833.html * https://www.suse.com/security/cve/CVE-2024-27834.html * https://www.suse.com/security/cve/CVE-2024-27838.html * https://www.suse.com/security/cve/CVE-2024-27851.html * https://www.suse.com/security/cve/CVE-2024-40866.html * https://www.suse.com/security/cve/CVE-2024-44187.html * https://www.suse.com/security/cve/CVE-2024-4558.html * https://bugzilla.suse.com/show_bug.cgi?id=1231039 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:30:52 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Nov 2024 16:30:52 -0000 Subject: SUSE-SU-2024:3867-1: important: Security update for xorg-x11-server Message-ID: <173047865250.4695.13077676321554720699@smelt2.prg2.suse.org> # Security update for xorg-x11-server Announcement ID: SUSE-SU-2024:3867-1 Release Date: 2024-11-01T15:13:51Z Rating: important References: * bsc#1231565 Cross-References: * CVE-2024-9632 CVSS scores: * CVE-2024-9632 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-9632 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-9632 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for xorg-x11-server fixes the following issues: * CVE-2024-9632: Fixed heap-based buffer overflow privilege escalation in _XkbSetCompatMap (bsc#1231565). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3867=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3867=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3867=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3867=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3867=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3867=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3867=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3867=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-3867=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-3867=1 ## Package List: * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.99.1 * xorg-x11-server-1.20.3-150200.22.5.99.1 * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.99.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.99.1 * xorg-x11-server-extra-1.20.3-150200.22.5.99.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.99.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.99.1 * xorg-x11-server-1.20.3-150200.22.5.99.1 * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.99.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.99.1 * xorg-x11-server-extra-1.20.3-150200.22.5.99.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.99.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.99.1 * xorg-x11-server-1.20.3-150200.22.5.99.1 * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.99.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.99.1 * xorg-x11-server-extra-1.20.3-150200.22.5.99.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.99.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * xorg-x11-server-wayland-1.20.3-150200.22.5.99.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.99.1 * xorg-x11-server-wayland-debuginfo-1.20.3-150200.22.5.99.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.99.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.99.1 * xorg-x11-server-1.20.3-150200.22.5.99.1 * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.99.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.99.1 * xorg-x11-server-extra-1.20.3-150200.22.5.99.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.99.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.99.1 * xorg-x11-server-1.20.3-150200.22.5.99.1 * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.99.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.99.1 * xorg-x11-server-extra-1.20.3-150200.22.5.99.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.99.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.99.1 * xorg-x11-server-1.20.3-150200.22.5.99.1 * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.99.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.99.1 * xorg-x11-server-extra-1.20.3-150200.22.5.99.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.99.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.99.1 * xorg-x11-server-1.20.3-150200.22.5.99.1 * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.99.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.99.1 * xorg-x11-server-extra-1.20.3-150200.22.5.99.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.99.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * xorg-x11-server-wayland-1.20.3-150200.22.5.99.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.99.1 * xorg-x11-server-wayland-debuginfo-1.20.3-150200.22.5.99.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.99.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * xorg-x11-server-wayland-1.20.3-150200.22.5.99.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.99.1 * xorg-x11-server-wayland-debuginfo-1.20.3-150200.22.5.99.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.99.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9632.html * https://bugzilla.suse.com/show_bug.cgi?id=1231565 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:30:54 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Nov 2024 16:30:54 -0000 Subject: SUSE-SU-2024:3866-1: important: Security update for xorg-x11-server Message-ID: <173047865493.4695.293081602058831526@smelt2.prg2.suse.org> # Security update for xorg-x11-server Announcement ID: SUSE-SU-2024:3866-1 Release Date: 2024-11-01T15:13:09Z Rating: important References: * bsc#1231565 Cross-References: * CVE-2024-9632 CVSS scores: * CVE-2024-9632 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-9632 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-9632 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for xorg-x11-server fixes the following issues: * CVE-2024-9632: Fixed heap-based buffer overflow privilege escalation in _XkbSetCompatMap (bsc#1231565). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3866=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3866=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3866=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3866=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3866=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3866=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3866=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3866=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3866=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * xorg-x11-server-sdk-1.20.3-150400.38.51.1 * xorg-x11-server-source-1.20.3-150400.38.51.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-debugsource-1.20.3-150400.38.51.1 * xorg-x11-server-extra-1.20.3-150400.38.51.1 * xorg-x11-server-1.20.3-150400.38.51.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * xorg-x11-server-sdk-1.20.3-150400.38.51.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-debugsource-1.20.3-150400.38.51.1 * xorg-x11-server-extra-1.20.3-150400.38.51.1 * xorg-x11-server-1.20.3-150400.38.51.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * xorg-x11-server-sdk-1.20.3-150400.38.51.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-debugsource-1.20.3-150400.38.51.1 * xorg-x11-server-extra-1.20.3-150400.38.51.1 * xorg-x11-server-1.20.3-150400.38.51.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * xorg-x11-server-sdk-1.20.3-150400.38.51.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-debugsource-1.20.3-150400.38.51.1 * xorg-x11-server-extra-1.20.3-150400.38.51.1 * xorg-x11-server-1.20.3-150400.38.51.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-sdk-1.20.3-150400.38.51.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-debugsource-1.20.3-150400.38.51.1 * xorg-x11-server-extra-1.20.3-150400.38.51.1 * xorg-x11-server-1.20.3-150400.38.51.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * xorg-x11-server-sdk-1.20.3-150400.38.51.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-debugsource-1.20.3-150400.38.51.1 * xorg-x11-server-extra-1.20.3-150400.38.51.1 * xorg-x11-server-1.20.3-150400.38.51.1 * SUSE Manager Proxy 4.3 (x86_64) * xorg-x11-server-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-debugsource-1.20.3-150400.38.51.1 * xorg-x11-server-extra-1.20.3-150400.38.51.1 * xorg-x11-server-1.20.3-150400.38.51.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * xorg-x11-server-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-debugsource-1.20.3-150400.38.51.1 * xorg-x11-server-extra-1.20.3-150400.38.51.1 * xorg-x11-server-1.20.3-150400.38.51.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * xorg-x11-server-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-debugsource-1.20.3-150400.38.51.1 * xorg-x11-server-extra-1.20.3-150400.38.51.1 * xorg-x11-server-1.20.3-150400.38.51.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9632.html * https://bugzilla.suse.com/show_bug.cgi?id=1231565 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:31:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Nov 2024 16:31:02 -0000 Subject: SUSE-SU-2024:3864-1: important: Security update for apache2 Message-ID: <173047866222.4695.2167721947683288896@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2024:3864-1 Release Date: 2024-11-01T15:06:52Z Rating: important References: * bsc#1228097 Cross-References: * CVE-2024-40725 CVSS scores: * CVE-2024-40725 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-40725 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2024-40725: Fixed source code disclosure of local content (bsc#1228097) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3864=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3864=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3864=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3864=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3864=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-3864=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3864=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3864=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3864=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3864=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3864=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3864=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3864=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3864=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * apache2-worker-debuginfo-2.4.51-150400.6.37.1 * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-devel-2.4.51-150400.6.37.1 * apache2-example-pages-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-event-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-worker-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * apache2-event-debuginfo-2.4.51-150400.6.37.1 * openSUSE Leap 15.4 (noarch) * apache2-doc-2.4.51-150400.6.37.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.37.1 * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-devel-2.4.51-150400.6.37.1 * apache2-example-pages-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-event-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-worker-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * apache2-event-debuginfo-2.4.51-150400.6.37.1 * openSUSE Leap 15.5 (noarch) * apache2-doc-2.4.51-150400.6.37.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-event-debuginfo-2.4.51-150400.6.37.1 * apache2-event-2.4.51-150400.6.37.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-devel-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-worker-2.4.51-150400.6.37.1 * Server Applications Module 15-SP5 (noarch) * apache2-doc-2.4.51-150400.6.37.1 * Server Applications Module 15-SP6 (noarch) * apache2-doc-2.4.51-150400.6.37.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.37.1 * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-devel-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-worker-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.37.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.37.1 * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-devel-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-worker-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.37.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.37.1 * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-devel-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-worker-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * apache2-doc-2.4.51-150400.6.37.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.37.1 * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-devel-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-worker-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.37.1 * SUSE Manager Proxy 4.3 (x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.37.1 * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-devel-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-worker-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * SUSE Manager Proxy 4.3 (noarch) * apache2-doc-2.4.51-150400.6.37.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.37.1 * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-devel-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-worker-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.37.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.37.1 * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-devel-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-worker-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * SUSE Manager Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.37.1 ## References: * https://www.suse.com/security/cve/CVE-2024-40725.html * https://bugzilla.suse.com/show_bug.cgi?id=1228097 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:31:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Nov 2024 16:31:06 -0000 Subject: SUSE-SU-2024:3863-1: critical: Security update for cups-filters Message-ID: <173047866621.4695.8068680748362116259@smelt2.prg2.suse.org> # Security update for cups-filters Announcement ID: SUSE-SU-2024:3863-1 Release Date: 2024-11-01T15:05:23Z Rating: critical References: * bsc#1230937 * bsc#1231294 Cross-References: * CVE-2024-47076 * CVE-2024-47850 CVSS scores: * CVE-2024-47076 ( SUSE ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H * CVE-2024-47076 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-47076 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N * CVE-2024-47850 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H * CVE-2024-47850 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H * CVE-2024-47850 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for cups-filters fixes the following issues: * CVE-2024-47850: cups-browsed can be abused to initiate remote DDoS against third-party targets (bsc#1231294) * CVE-2024-47076: Fixed lack of input sanitization in cfGetPrinterAttributes5 (bsc#1230937). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3863=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3863=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3863=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3863=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3863=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3863=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3863=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3863=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3863=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3863=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3863=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3863=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3863=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3863=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3863=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3863=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3863=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3863=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3863=1 ## Package List: * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Manager Proxy 4.3 (x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 ## References: * https://www.suse.com/security/cve/CVE-2024-47076.html * https://www.suse.com/security/cve/CVE-2024-47850.html * https://bugzilla.suse.com/show_bug.cgi?id=1230937 * https://bugzilla.suse.com/show_bug.cgi?id=1231294 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 20:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 01 Nov 2024 20:30:09 -0000 Subject: SUSE-SU-2024:3879-1: moderate: Security update for python3 Message-ID: <173049300950.6932.3685490877561380262@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2024:3879-1 Release Date: 2024-11-01T16:05:07Z Rating: moderate References: * bsc#1230906 * bsc#1232241 Cross-References: * CVE-2024-9287 CVSS scores: * CVE-2024-9287 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2024-9287 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2024-9287 ( NVD ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python3 fixes the following issues: Security fixes: * CVE-2024-9287: properly quote path names provided when creating a virtual environment (bsc#1232241) Other fixes: * Drop .pyc files from docdir for reproducible builds (bsc#1230906) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3879=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3879=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3879=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3879=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3879=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3879=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3879=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3879=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3879=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3879=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3879=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-3879=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3879=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3879=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3879=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python3-testsuite-debuginfo-3.6.15-150300.10.75.1 * python3-dbm-debuginfo-3.6.15-150300.10.75.1 * libpython3_6m1_0-3.6.15-150300.10.75.1 * python3-tools-3.6.15-150300.10.75.1 * python3-doc-devhelp-3.6.15-150300.10.75.1 * python3-debuginfo-3.6.15-150300.10.75.1 * python3-base-3.6.15-150300.10.75.1 * python3-tk-debuginfo-3.6.15-150300.10.75.1 * python3-curses-3.6.15-150300.10.75.1 * python3-curses-debuginfo-3.6.15-150300.10.75.1 * python3-debugsource-3.6.15-150300.10.75.1 * python3-devel-3.6.15-150300.10.75.1 * python3-testsuite-3.6.15-150300.10.75.1 * python3-core-debugsource-3.6.15-150300.10.75.1 * python3-tk-3.6.15-150300.10.75.1 * python3-dbm-3.6.15-150300.10.75.1 * python3-base-debuginfo-3.6.15-150300.10.75.1 * python3-doc-3.6.15-150300.10.75.1 * python3-idle-3.6.15-150300.10.75.1 * python3-devel-debuginfo-3.6.15-150300.10.75.1 * python3-3.6.15-150300.10.75.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.75.1 * openSUSE Leap 15.3 (x86_64) * libpython3_6m1_0-32bit-3.6.15-150300.10.75.1 * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.75.1 * openSUSE Leap 15.3 (aarch64_ilp32) * libpython3_6m1_0-64bit-debuginfo-3.6.15-150300.10.75.1 * libpython3_6m1_0-64bit-3.6.15-150300.10.75.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * python3-base-debuginfo-3.6.15-150300.10.75.1 * python3-debuginfo-3.6.15-150300.10.75.1 * python3-debugsource-3.6.15-150300.10.75.1 * libpython3_6m1_0-3.6.15-150300.10.75.1 * python3-base-3.6.15-150300.10.75.1 * python3-core-debugsource-3.6.15-150300.10.75.1 * python3-3.6.15-150300.10.75.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.75.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python3-testsuite-debuginfo-3.6.15-150300.10.75.1 * python3-dbm-debuginfo-3.6.15-150300.10.75.1 * libpython3_6m1_0-3.6.15-150300.10.75.1 * python3-tools-3.6.15-150300.10.75.1 * python3-doc-devhelp-3.6.15-150300.10.75.1 * python3-debuginfo-3.6.15-150300.10.75.1 * python3-base-3.6.15-150300.10.75.1 * python3-tk-debuginfo-3.6.15-150300.10.75.1 * python3-curses-3.6.15-150300.10.75.1 * python3-curses-debuginfo-3.6.15-150300.10.75.1 * python3-debugsource-3.6.15-150300.10.75.1 * python3-devel-3.6.15-150300.10.75.1 * python3-testsuite-3.6.15-150300.10.75.1 * python3-core-debugsource-3.6.15-150300.10.75.1 * python3-tk-3.6.15-150300.10.75.1 * python3-dbm-3.6.15-150300.10.75.1 * python3-base-debuginfo-3.6.15-150300.10.75.1 * python3-doc-3.6.15-150300.10.75.1 * python3-idle-3.6.15-150300.10.75.1 * python3-devel-debuginfo-3.6.15-150300.10.75.1 * python3-3.6.15-150300.10.75.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.75.1 * openSUSE Leap 15.5 (x86_64) * libpython3_6m1_0-32bit-3.6.15-150300.10.75.1 * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.75.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python3-testsuite-debuginfo-3.6.15-150300.10.75.1 * python3-dbm-debuginfo-3.6.15-150300.10.75.1 * libpython3_6m1_0-3.6.15-150300.10.75.1 * python3-tools-3.6.15-150300.10.75.1 * python3-doc-devhelp-3.6.15-150300.10.75.1 * python3-debuginfo-3.6.15-150300.10.75.1 * python3-base-3.6.15-150300.10.75.1 * python3-tk-debuginfo-3.6.15-150300.10.75.1 * python3-curses-3.6.15-150300.10.75.1 * python3-curses-debuginfo-3.6.15-150300.10.75.1 * python3-debugsource-3.6.15-150300.10.75.1 * python3-devel-3.6.15-150300.10.75.1 * python3-testsuite-3.6.15-150300.10.75.1 * python3-core-debugsource-3.6.15-150300.10.75.1 * python3-tk-3.6.15-150300.10.75.1 * python3-dbm-3.6.15-150300.10.75.1 * python3-base-debuginfo-3.6.15-150300.10.75.1 * python3-doc-3.6.15-150300.10.75.1 * python3-idle-3.6.15-150300.10.75.1 * python3-devel-debuginfo-3.6.15-150300.10.75.1 * python3-3.6.15-150300.10.75.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.75.1 * openSUSE Leap 15.6 (x86_64) * libpython3_6m1_0-32bit-3.6.15-150300.10.75.1 * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.75.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * python3-base-debuginfo-3.6.15-150300.10.75.1 * python3-debuginfo-3.6.15-150300.10.75.1 * python3-debugsource-3.6.15-150300.10.75.1 * libpython3_6m1_0-3.6.15-150300.10.75.1 * python3-base-3.6.15-150300.10.75.1 * python3-core-debugsource-3.6.15-150300.10.75.1 * python3-3.6.15-150300.10.75.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.75.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * python3-base-debuginfo-3.6.15-150300.10.75.1 * python3-debuginfo-3.6.15-150300.10.75.1 * python3-debugsource-3.6.15-150300.10.75.1 * libpython3_6m1_0-3.6.15-150300.10.75.1 * python3-base-3.6.15-150300.10.75.1 * python3-core-debugsource-3.6.15-150300.10.75.1 * python3-3.6.15-150300.10.75.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.75.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * python3-base-debuginfo-3.6.15-150300.10.75.1 * python3-debuginfo-3.6.15-150300.10.75.1 * python3-debugsource-3.6.15-150300.10.75.1 * libpython3_6m1_0-3.6.15-150300.10.75.1 * python3-base-3.6.15-150300.10.75.1 * python3-core-debugsource-3.6.15-150300.10.75.1 * python3-3.6.15-150300.10.75.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.75.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * python3-base-debuginfo-3.6.15-150300.10.75.1 * python3-debuginfo-3.6.15-150300.10.75.1 * python3-debugsource-3.6.15-150300.10.75.1 * libpython3_6m1_0-3.6.15-150300.10.75.1 * python3-base-3.6.15-150300.10.75.1 * python3-core-debugsource-3.6.15-150300.10.75.1 * python3-3.6.15-150300.10.75.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.75.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * python3-base-debuginfo-3.6.15-150300.10.75.1 * python3-debuginfo-3.6.15-150300.10.75.1 * python3-debugsource-3.6.15-150300.10.75.1 * libpython3_6m1_0-3.6.15-150300.10.75.1 * python3-base-3.6.15-150300.10.75.1 * python3-core-debugsource-3.6.15-150300.10.75.1 * python3-3.6.15-150300.10.75.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.75.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python3-curses-3.6.15-150300.10.75.1 * python3-base-debuginfo-3.6.15-150300.10.75.1 * python3-dbm-debuginfo-3.6.15-150300.10.75.1 * python3-debuginfo-3.6.15-150300.10.75.1 * python3-curses-debuginfo-3.6.15-150300.10.75.1 * python3-debugsource-3.6.15-150300.10.75.1 * python3-devel-3.6.15-150300.10.75.1 * libpython3_6m1_0-3.6.15-150300.10.75.1 * python3-idle-3.6.15-150300.10.75.1 * python3-tk-debuginfo-3.6.15-150300.10.75.1 * python3-base-3.6.15-150300.10.75.1 * python3-core-debugsource-3.6.15-150300.10.75.1 * python3-tk-3.6.15-150300.10.75.1 * python3-devel-debuginfo-3.6.15-150300.10.75.1 * python3-3.6.15-150300.10.75.1 * python3-dbm-3.6.15-150300.10.75.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.75.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python3-curses-3.6.15-150300.10.75.1 * python3-base-debuginfo-3.6.15-150300.10.75.1 * python3-dbm-debuginfo-3.6.15-150300.10.75.1 * python3-debuginfo-3.6.15-150300.10.75.1 * python3-curses-debuginfo-3.6.15-150300.10.75.1 * python3-debugsource-3.6.15-150300.10.75.1 * python3-devel-3.6.15-150300.10.75.1 * libpython3_6m1_0-3.6.15-150300.10.75.1 * python3-idle-3.6.15-150300.10.75.1 * python3-tk-debuginfo-3.6.15-150300.10.75.1 * python3-base-3.6.15-150300.10.75.1 * python3-core-debugsource-3.6.15-150300.10.75.1 * python3-tk-3.6.15-150300.10.75.1 * python3-devel-debuginfo-3.6.15-150300.10.75.1 * python3-3.6.15-150300.10.75.1 * python3-dbm-3.6.15-150300.10.75.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.75.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.75.1 * python3-tools-3.6.15-150300.10.75.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.75.1 * python3-tools-3.6.15-150300.10.75.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * python3-base-debuginfo-3.6.15-150300.10.75.1 * python3-debuginfo-3.6.15-150300.10.75.1 * python3-debugsource-3.6.15-150300.10.75.1 * libpython3_6m1_0-3.6.15-150300.10.75.1 * python3-base-3.6.15-150300.10.75.1 * python3-core-debugsource-3.6.15-150300.10.75.1 * python3-3.6.15-150300.10.75.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.75.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * python3-base-debuginfo-3.6.15-150300.10.75.1 * python3-debuginfo-3.6.15-150300.10.75.1 * python3-debugsource-3.6.15-150300.10.75.1 * libpython3_6m1_0-3.6.15-150300.10.75.1 * python3-base-3.6.15-150300.10.75.1 * python3-core-debugsource-3.6.15-150300.10.75.1 * python3-3.6.15-150300.10.75.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.75.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9287.html * https://bugzilla.suse.com/show_bug.cgi?id=1230906 * https://bugzilla.suse.com/show_bug.cgi?id=1232241 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 4 08:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Nov 2024 08:30:06 -0000 Subject: SUSE-SU-2024:3885-1: important: Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6) Message-ID: <173070900627.6932.2522171092680181177@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6) Announcement ID: SUSE-SU-2024:3885-1 Release Date: 2024-11-04T07:03:47Z Rating: important References: * bsc#1225819 Cross-References: * CVE-2023-52752 CVSS scores: * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_22 fixes one issue. The following security issue was fixed: * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2024-3885=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3885=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_4-debugsource-2-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_22-default-2-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-2-150600.13.6.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_4-debugsource-2-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_22-default-2-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-2-150600.13.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52752.html * https://bugzilla.suse.com/show_bug.cgi?id=1225819 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 4 08:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Nov 2024 08:30:11 -0000 Subject: SUSE-SU-2024:3884-1: important: Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6) Message-ID: <173070901179.6932.11424600002039601762@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6) Announcement ID: SUSE-SU-2024:3884-1 Release Date: 2024-11-04T07:03:37Z Rating: important References: * bsc#1225819 * bsc#1228349 * bsc#1228786 Cross-References: * CVE-2023-52752 * CVE-2024-40909 * CVE-2024-40954 CVSS scores: * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_17 fixes several issues. The following security issues were fixed: * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1228349). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3884=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2024-3884=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_17-default-4-150600.13.6.1 * kernel-livepatch-SLE15-SP6_Update_3-debugsource-4-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-4-150600.13.6.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_17-default-4-150600.13.6.1 * kernel-livepatch-SLE15-SP6_Update_3-debugsource-4-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-4-150600.13.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-40909.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1228349 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 4 08:30:18 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Nov 2024 08:30:18 -0000 Subject: SUSE-SU-2024:3882-1: important: Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6) Message-ID: <173070901870.6932.1637299707242764048@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6) Announcement ID: SUSE-SU-2024:3882-1 Release Date: 2024-11-04T06:33:41Z Rating: important References: * bsc#1225819 * bsc#1228349 * bsc#1228786 * bsc#1231419 Cross-References: * CVE-2023-52752 * CVE-2024-40909 * CVE-2024-40954 * CVE-2024-42133 CVSS scores: * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42133 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42133 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_14 fixes several issues. The following security issues were fixed: * CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG (bsc#1231419) * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1228349). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3882=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2024-3882=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_2-debugsource-4-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-4-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_14-default-4-150600.13.6.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_2-debugsource-4-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-4-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_14-default-4-150600.13.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-40909.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-42133.html * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1228349 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1231419 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 4 08:30:23 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Nov 2024 08:30:23 -0000 Subject: SUSE-SU-2024:3881-1: important: Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6) Message-ID: <173070902349.6932.6195671185540874270@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6) Announcement ID: SUSE-SU-2024:3881-1 Release Date: 2024-11-04T06:33:33Z Rating: important References: * bsc#1225739 * bsc#1225819 * bsc#1228786 * bsc#1231419 Cross-References: * CVE-2023-52752 * CVE-2024-36899 * CVE-2024-40954 * CVE-2024-42133 CVSS scores: * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42133 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42133 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_7 fixes several issues. The following security issues were fixed: * CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG (bsc#1231419) * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3881=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2024-3881=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_7-default-4-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-4-150600.13.6.1 * kernel-livepatch-SLE15-SP6_Update_1-debugsource-4-150600.13.6.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_7-default-4-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-4-150600.13.6.1 * kernel-livepatch-SLE15-SP6_Update_1-debugsource-4-150600.13.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-42133.html * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1231419 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 4 08:30:37 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Nov 2024 08:30:37 -0000 Subject: SUSE-SU-2024:3880-1: important: Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6) Message-ID: <173070903725.6932.7886869270187701557@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6) Announcement ID: SUSE-SU-2024:3880-1 Release Date: 2024-11-04T06:33:25Z Rating: important References: * bsc#1225011 * bsc#1225012 * bsc#1225099 * bsc#1225309 * bsc#1225311 * bsc#1225312 * bsc#1225313 * bsc#1225739 * bsc#1225819 * bsc#1226325 * bsc#1226327 * bsc#1228786 * bsc#1231419 Cross-References: * CVE-2023-52752 * CVE-2023-52846 * CVE-2024-35817 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-36899 * CVE-2024-36964 * CVE-2024-40954 * CVE-2024-42133 CVSS scores: * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42133 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42133 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 13 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_21 fixes several issues. The following security issues were fixed: * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG (bsc#1231419) * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2024-3880=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3880=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1 * kernel-livepatch-SLE15-SP6_Update_0-debugsource-6-150600.4.10.1 * kernel-livepatch-6_4_0-150600_21-default-debuginfo-6-150600.4.10.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1 * kernel-livepatch-SLE15-SP6_Update_0-debugsource-6-150600.4.10.1 * kernel-livepatch-6_4_0-150600_21-default-debuginfo-6-150600.4.10.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-42133.html * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1231419 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 4 12:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Nov 2024 12:30:04 -0000 Subject: SUSE-SU-2024:3899-1: important: Security update for MozillaFirefox Message-ID: <173072340480.14191.1457798853950790767@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2024:3899-1 Release Date: 2024-11-04T11:16:01Z Rating: important References: * bsc#1231879 Cross-References: * CVE-2024-10458 * CVE-2024-10459 * CVE-2024-10460 * CVE-2024-10461 * CVE-2024-10462 * CVE-2024-10463 * CVE-2024-10464 * CVE-2024-10465 * CVE-2024-10466 * CVE-2024-10467 CVSS scores: * CVE-2024-10458 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-10458 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2024-10458 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-10458 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-10459 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-10459 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-10459 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-10459 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-10460 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-10460 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-10460 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-10460 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-10461 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N * CVE-2024-10461 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-10461 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-10462 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-10462 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-10462 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-10463 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-10463 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-10463 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-10464 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-10464 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-10464 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-10465 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-10465 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10465 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-10466 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-10466 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-10466 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-10467 ( SUSE ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-10467 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-10467 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 128.4.0 ESR (bsc#1231879): * CVE-2024-10458: Permission leak via embed or object elements * CVE-2024-10459: Use-after-free in layout with accessibility * CVE-2024-10460: Confusing display of origin for external protocol handler prompt * CVE-2024-10461: XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response * CVE-2024-10462: Origin of permission prompt could be spoofed by long URL * CVE-2024-10463: Cross origin video frame leak * CVE-2024-10464: History interface could have been used to cause a Denial of Service condition in the browser * CVE-2024-10465: Clipboard "paste" button persisted across tabs * CVE-2024-10466: DOM push subscription message could hang Firefox * CVE-2024-10467: Memory safety bugs fixed in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-3899=1 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2024-3899=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 (x86_64) * MozillaFirefox-debugsource-128.4.0-112.234.2 * MozillaFirefox-translations-common-128.4.0-112.234.2 * MozillaFirefox-debuginfo-128.4.0-112.234.2 * MozillaFirefox-128.4.0-112.234.2 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 (noarch) * MozillaFirefox-devel-128.4.0-112.234.2 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-128.4.0-112.234.2 * MozillaFirefox-translations-common-128.4.0-112.234.2 * MozillaFirefox-debuginfo-128.4.0-112.234.2 * MozillaFirefox-128.4.0-112.234.2 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 (noarch) * MozillaFirefox-devel-128.4.0-112.234.2 ## References: * https://www.suse.com/security/cve/CVE-2024-10458.html * https://www.suse.com/security/cve/CVE-2024-10459.html * https://www.suse.com/security/cve/CVE-2024-10460.html * https://www.suse.com/security/cve/CVE-2024-10461.html * https://www.suse.com/security/cve/CVE-2024-10462.html * https://www.suse.com/security/cve/CVE-2024-10463.html * https://www.suse.com/security/cve/CVE-2024-10464.html * https://www.suse.com/security/cve/CVE-2024-10465.html * https://www.suse.com/security/cve/CVE-2024-10466.html * https://www.suse.com/security/cve/CVE-2024-10467.html * https://bugzilla.suse.com/show_bug.cgi?id=1231879 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 4 12:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Nov 2024 12:30:08 -0000 Subject: SUSE-SU-2024:3898-1: important: Security update for MozillaFirefox Message-ID: <173072340897.14191.5501874605951130530@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2024:3898-1 Release Date: 2024-11-04T11:15:08Z Rating: important References: * bsc#1231879 Cross-References: * CVE-2024-10458 * CVE-2024-10459 * CVE-2024-10460 * CVE-2024-10461 * CVE-2024-10462 * CVE-2024-10463 * CVE-2024-10464 * CVE-2024-10465 * CVE-2024-10466 * CVE-2024-10467 CVSS scores: * CVE-2024-10458 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-10458 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2024-10458 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-10458 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-10459 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-10459 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-10459 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-10459 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-10460 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-10460 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-10460 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-10460 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-10461 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N * CVE-2024-10461 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-10461 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-10462 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-10462 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-10462 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-10463 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-10463 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-10463 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-10464 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-10464 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-10464 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-10465 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-10465 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10465 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-10466 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-10466 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-10466 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-10467 ( SUSE ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-10467 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-10467 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP5 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 128.4.0 ESR (bsc#1231879): * CVE-2024-10458: Permission leak via embed or object elements * CVE-2024-10459: Use-after-free in layout with accessibility * CVE-2024-10460: Confusing display of origin for external protocol handler prompt * CVE-2024-10461: XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response * CVE-2024-10462: Origin of permission prompt could be spoofed by long URL * CVE-2024-10463: Cross origin video frame leak * CVE-2024-10464: History interface could have been used to cause a Denial of Service condition in the browser * CVE-2024-10465: Clipboard "paste" button persisted across tabs * CVE-2024-10466: DOM push subscription message could hang Firefox * CVE-2024-10467: Memory safety bugs fixed in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3898=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3898=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3898=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3898=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3898=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3898=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3898=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3898=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3898=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-3898=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-3898=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3898=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3898=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3898=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3898=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3898=1 ## Package List: * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Enterprise Storage 7.1 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * MozillaFirefox-branding-upstream-128.4.0-150200.152.158.1 * openSUSE Leap 15.5 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * MozillaFirefox-branding-upstream-128.4.0-150200.152.158.1 * openSUSE Leap 15.6 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * Desktop Applications Module 15-SP5 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * Desktop Applications Module 15-SP6 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10458.html * https://www.suse.com/security/cve/CVE-2024-10459.html * https://www.suse.com/security/cve/CVE-2024-10460.html * https://www.suse.com/security/cve/CVE-2024-10461.html * https://www.suse.com/security/cve/CVE-2024-10462.html * https://www.suse.com/security/cve/CVE-2024-10463.html * https://www.suse.com/security/cve/CVE-2024-10464.html * https://www.suse.com/security/cve/CVE-2024-10465.html * https://www.suse.com/security/cve/CVE-2024-10466.html * https://www.suse.com/security/cve/CVE-2024-10467.html * https://bugzilla.suse.com/show_bug.cgi?id=1231879 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 4 16:30:26 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Nov 2024 16:30:26 -0000 Subject: SUSE-SU-2024:3905-1: moderate: Security update for openssl-1_1 Message-ID: <173073782616.28253.13737012552332060563@smelt2.prg2.suse.org> # Security update for openssl-1_1 Announcement ID: SUSE-SU-2024:3905-1 Release Date: 2024-11-04T12:39:19Z Rating: moderate References: * bsc#1220262 * bsc#1224258 * bsc#1224260 * bsc#1224264 * bsc#1224265 * bsc#1224266 * bsc#1224267 * bsc#1224268 * bsc#1224269 * bsc#1224270 * bsc#1224271 * bsc#1224272 * bsc#1224273 * bsc#1224275 * bsc#1228618 * bsc#1228619 * bsc#1228623 Cross-References: * CVE-2023-50782 CVSS scores: * CVE-2023-50782 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has 16 security fixes can now be installed. ## Description: This update for openssl-1_1 fixes the following issues: Security fixes: * CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262) Other fixes: * FIPS: AES GCM external IV implementation (bsc#1228618) * FIPS: Mark PBKDF2 and HKDF HMAC input keys with size >= 112 bits as approved in the SLI. (bsc#1228623) * FIPS: Enforce KDF in FIPS style (bsc#1224270) * FIPS: Mark HKDF and TLSv1.3 KDF as approved in the SLI (bsc#1228619) * FIPS: The X9.31 scheme is not approved for RSA signature operations in FIPS 186-5. (bsc#1224269) * FIPS: Differentiate the PSS length requirements (bsc#1224275) * FIPS: Mark sigGen and sigVer primitives as non-approved (bsc#1224272) * FIPS: Disable PKCSv1.5 and shake in FIPS mode (bsc#1224271) * FIPS: Mark SHA1 as non-approved in the SLI (bsc#1224266) * FIPS: DH FIPS selftest and safe prime group (bsc#1224264) * FIPS: Remove not needed FIPS DRBG files (bsc#1224268) * FIPS: Add Pair-wise Consistency Test when generating DH key (bsc#1224265) * FIPS: Disallow non-approved KDF types (bsc#1224267) * FIPS: Disallow RSA sigVer with 1024 and ECDSA sigVer/keyVer P-192 (bsc#1224273) * FIPS: DRBG component chaining (bsc#1224258) * FIPS: Align CRNGT_BUFSIZ with Jitter RNG output size (bsc#1224260) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-3905=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3905=1 openSUSE-SLE-15.6-2024-3905=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3905=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3905=1 ## Package List: * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openssl-1_1-debugsource-1.1.1w-150600.5.9.1 * openssl-1_1-debuginfo-1.1.1w-150600.5.9.1 * openssl-1_1-1.1.1w-150600.5.9.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libopenssl-1_1-devel-1.1.1w-150600.5.9.1 * openssl-1_1-1.1.1w-150600.5.9.1 * openssl-1_1-debuginfo-1.1.1w-150600.5.9.1 * libopenssl1_1-debuginfo-1.1.1w-150600.5.9.1 * openssl-1_1-debugsource-1.1.1w-150600.5.9.1 * libopenssl1_1-1.1.1w-150600.5.9.1 * openSUSE Leap 15.6 (x86_64) * libopenssl1_1-32bit-1.1.1w-150600.5.9.1 * libopenssl-1_1-devel-32bit-1.1.1w-150600.5.9.1 * libopenssl1_1-32bit-debuginfo-1.1.1w-150600.5.9.1 * openSUSE Leap 15.6 (noarch) * openssl-1_1-doc-1.1.1w-150600.5.9.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libopenssl1_1-64bit-1.1.1w-150600.5.9.1 * libopenssl-1_1-devel-64bit-1.1.1w-150600.5.9.1 * libopenssl1_1-64bit-debuginfo-1.1.1w-150600.5.9.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openssl-1_1-debugsource-1.1.1w-150600.5.9.1 * openssl-1_1-debuginfo-1.1.1w-150600.5.9.1 * libopenssl1_1-debuginfo-1.1.1w-150600.5.9.1 * libopenssl1_1-1.1.1w-150600.5.9.1 * Basesystem Module 15-SP6 (x86_64) * libopenssl1_1-32bit-1.1.1w-150600.5.9.1 * libopenssl1_1-32bit-debuginfo-1.1.1w-150600.5.9.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openssl-1_1-debugsource-1.1.1w-150600.5.9.1 * libopenssl-1_1-devel-1.1.1w-150600.5.9.1 * openssl-1_1-debuginfo-1.1.1w-150600.5.9.1 ## References: * https://www.suse.com/security/cve/CVE-2023-50782.html * https://bugzilla.suse.com/show_bug.cgi?id=1220262 * https://bugzilla.suse.com/show_bug.cgi?id=1224258 * https://bugzilla.suse.com/show_bug.cgi?id=1224260 * https://bugzilla.suse.com/show_bug.cgi?id=1224264 * https://bugzilla.suse.com/show_bug.cgi?id=1224265 * https://bugzilla.suse.com/show_bug.cgi?id=1224266 * https://bugzilla.suse.com/show_bug.cgi?id=1224267 * https://bugzilla.suse.com/show_bug.cgi?id=1224268 * https://bugzilla.suse.com/show_bug.cgi?id=1224269 * https://bugzilla.suse.com/show_bug.cgi?id=1224270 * https://bugzilla.suse.com/show_bug.cgi?id=1224271 * https://bugzilla.suse.com/show_bug.cgi?id=1224272 * https://bugzilla.suse.com/show_bug.cgi?id=1224273 * https://bugzilla.suse.com/show_bug.cgi?id=1224275 * https://bugzilla.suse.com/show_bug.cgi?id=1228618 * https://bugzilla.suse.com/show_bug.cgi?id=1228619 * https://bugzilla.suse.com/show_bug.cgi?id=1228623 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 4 16:30:32 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 04 Nov 2024 16:30:32 -0000 Subject: SUSE-SU-2024:3904-1: moderate: Security update for openssl-1_1 Message-ID: <173073783202.28253.15689994817516352359@smelt2.prg2.suse.org> # Security update for openssl-1_1 Announcement ID: SUSE-SU-2024:3904-1 Release Date: 2024-11-04T12:38:45Z Rating: moderate References: * bsc#1220262 Cross-References: * CVE-2023-50782 CVSS scores: * CVE-2023-50782 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-1_1 fixes the following issues: * CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3904=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3904=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3904=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3904=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3904=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3904=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3904=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3904=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3904=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3904=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libopenssl1_1-debuginfo-1.1.1d-150200.11.97.1 * libopenssl1_1-1.1.1d-150200.11.97.1 * openssl-1_1-1.1.1d-150200.11.97.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.97.1 * libopenssl-1_1-devel-1.1.1d-150200.11.97.1 * openssl-1_1-debugsource-1.1.1d-150200.11.97.1 * libopenssl1_1-hmac-1.1.1d-150200.11.97.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.97.1 * libopenssl1_1-32bit-1.1.1d-150200.11.97.1 * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.97.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libopenssl1_1-debuginfo-1.1.1d-150200.11.97.1 * libopenssl1_1-1.1.1d-150200.11.97.1 * openssl-1_1-1.1.1d-150200.11.97.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.97.1 * libopenssl-1_1-devel-1.1.1d-150200.11.97.1 * openssl-1_1-debugsource-1.1.1d-150200.11.97.1 * libopenssl1_1-hmac-1.1.1d-150200.11.97.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * openssl-1_1-doc-1.1.1d-150200.11.97.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.97.1 * libopenssl1_1-32bit-1.1.1d-150200.11.97.1 * libopenssl-1_1-devel-32bit-1.1.1d-150200.11.97.1 * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.97.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libopenssl1_1-debuginfo-1.1.1d-150200.11.97.1 * libopenssl1_1-1.1.1d-150200.11.97.1 * openssl-1_1-1.1.1d-150200.11.97.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.97.1 * libopenssl-1_1-devel-1.1.1d-150200.11.97.1 * openssl-1_1-debugsource-1.1.1d-150200.11.97.1 * libopenssl1_1-hmac-1.1.1d-150200.11.97.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.97.1 * libopenssl1_1-32bit-1.1.1d-150200.11.97.1 * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.97.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libopenssl1_1-debuginfo-1.1.1d-150200.11.97.1 * libopenssl1_1-1.1.1d-150200.11.97.1 * openssl-1_1-1.1.1d-150200.11.97.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.97.1 * libopenssl-1_1-devel-1.1.1d-150200.11.97.1 * openssl-1_1-debugsource-1.1.1d-150200.11.97.1 * libopenssl1_1-hmac-1.1.1d-150200.11.97.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * openssl-1_1-doc-1.1.1d-150200.11.97.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.97.1 * libopenssl1_1-32bit-1.1.1d-150200.11.97.1 * libopenssl-1_1-devel-32bit-1.1.1d-150200.11.97.1 * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.97.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libopenssl1_1-debuginfo-1.1.1d-150200.11.97.1 * libopenssl1_1-1.1.1d-150200.11.97.1 * openssl-1_1-1.1.1d-150200.11.97.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.97.1 * libopenssl-1_1-devel-1.1.1d-150200.11.97.1 * openssl-1_1-debugsource-1.1.1d-150200.11.97.1 * libopenssl1_1-hmac-1.1.1d-150200.11.97.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.97.1 * libopenssl1_1-32bit-1.1.1d-150200.11.97.1 * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.97.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libopenssl1_1-debuginfo-1.1.1d-150200.11.97.1 * libopenssl1_1-1.1.1d-150200.11.97.1 * openssl-1_1-1.1.1d-150200.11.97.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.97.1 * libopenssl-1_1-devel-1.1.1d-150200.11.97.1 * openssl-1_1-debugsource-1.1.1d-150200.11.97.1 * libopenssl1_1-hmac-1.1.1d-150200.11.97.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * openssl-1_1-doc-1.1.1d-150200.11.97.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.97.1 * libopenssl1_1-32bit-1.1.1d-150200.11.97.1 * libopenssl-1_1-devel-32bit-1.1.1d-150200.11.97.1 * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.97.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libopenssl1_1-debuginfo-1.1.1d-150200.11.97.1 * libopenssl1_1-1.1.1d-150200.11.97.1 * openssl-1_1-1.1.1d-150200.11.97.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.97.1 * libopenssl-1_1-devel-1.1.1d-150200.11.97.1 * openssl-1_1-debugsource-1.1.1d-150200.11.97.1 * libopenssl1_1-hmac-1.1.1d-150200.11.97.1 * SUSE Enterprise Storage 7.1 (noarch) * openssl-1_1-doc-1.1.1d-150200.11.97.1 * SUSE Enterprise Storage 7.1 (x86_64) * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.97.1 * libopenssl1_1-32bit-1.1.1d-150200.11.97.1 * libopenssl-1_1-devel-32bit-1.1.1d-150200.11.97.1 * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.97.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libopenssl1_1-debuginfo-1.1.1d-150200.11.97.1 * libopenssl1_1-1.1.1d-150200.11.97.1 * openssl-1_1-1.1.1d-150200.11.97.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.97.1 * libopenssl-1_1-devel-1.1.1d-150200.11.97.1 * openssl-1_1-debugsource-1.1.1d-150200.11.97.1 * libopenssl1_1-hmac-1.1.1d-150200.11.97.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libopenssl1_1-debuginfo-1.1.1d-150200.11.97.1 * libopenssl1_1-1.1.1d-150200.11.97.1 * openssl-1_1-1.1.1d-150200.11.97.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.97.1 * libopenssl-1_1-devel-1.1.1d-150200.11.97.1 * openssl-1_1-debugsource-1.1.1d-150200.11.97.1 * libopenssl1_1-hmac-1.1.1d-150200.11.97.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libopenssl1_1-debuginfo-1.1.1d-150200.11.97.1 * libopenssl1_1-1.1.1d-150200.11.97.1 * openssl-1_1-1.1.1d-150200.11.97.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.97.1 * libopenssl-1_1-devel-1.1.1d-150200.11.97.1 * openssl-1_1-debugsource-1.1.1d-150200.11.97.1 * libopenssl1_1-hmac-1.1.1d-150200.11.97.1 ## References: * https://www.suse.com/security/cve/CVE-2023-50782.html * https://bugzilla.suse.com/show_bug.cgi?id=1220262 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Nov 5 08:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 05 Nov 2024 08:30:07 -0000 Subject: SUSE-SU-2024:3911-1: important: Security update for govulncheck-vulndb Message-ID: <173079540718.14191.2424248779388693486@smelt2.prg2.suse.org> # Security update for govulncheck-vulndb Announcement ID: SUSE-SU-2024:3911-1 Release Date: 2024-11-05T07:45:06Z Rating: important References: * jsc#PED-11136 Cross-References: * CVE-2022-45157 * CVE-2023-22644 * CVE-2023-32197 * CVE-2024-10214 * CVE-2024-10241 * CVE-2024-22030 * CVE-2024-22036 * CVE-2024-33662 * CVE-2024-36814 * CVE-2024-38365 * CVE-2024-39223 * CVE-2024-47003 * CVE-2024-47067 * CVE-2024-47182 * CVE-2024-47534 * CVE-2024-47616 * CVE-2024-47825 * CVE-2024-47827 * CVE-2024-47832 * CVE-2024-47877 * CVE-2024-48909 * CVE-2024-48921 * CVE-2024-49380 * CVE-2024-49381 * CVE-2024-49753 * CVE-2024-49757 * CVE-2024-50312 * CVE-2024-7558 * CVE-2024-7594 * CVE-2024-8037 * CVE-2024-8038 * CVE-2024-8901 * CVE-2024-8975 * CVE-2024-8996 * CVE-2024-9180 * CVE-2024-9264 * CVE-2024-9312 * CVE-2024-9313 * CVE-2024-9341 * CVE-2024-9355 * CVE-2024-9407 * CVE-2024-9486 * CVE-2024-9594 * CVE-2024-9675 CVSS scores: * CVE-2023-22644 ( NVD ): 9.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2023-22644 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-22644 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-10214 ( NVD ): 3.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N * CVE-2024-10241 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-22030 ( NVD ): 8.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2024-36814 ( NVD ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-38365 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2024-39223 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47003 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47003 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47067 ( NVD ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47182 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-47182 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47534 ( NVD ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47534 ( NVD ): 0.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N * CVE-2024-47616 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-47825 ( NVD ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N * CVE-2024-47827 ( NVD ): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47832 ( NVD ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47877 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-48909 ( NVD ): 2.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N * CVE-2024-48909 ( NVD ): 2.4 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N * CVE-2024-48921 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-49380 ( NVD ): 8.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-49381 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-49753 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2024-49757 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-50312 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-50312 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-50312 ( NVD ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-7558 ( NVD ): 8.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H * CVE-2024-7594 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8037 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2024-8038 ( NVD ): 7.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H * CVE-2024-8901 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-8901 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N * CVE-2024-8975 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-8975 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8996 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-8996 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-9180 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-9180 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-9264 ( SUSE ): 9.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-9264 ( SUSE ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-9264 ( NVD ): 9.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-9264 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-9264 ( NVD ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-9312 ( NVD ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2024-9313 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-9341 ( SUSE ): 5.8 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-9341 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9341 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9355 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L * CVE-2024-9407 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-9407 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9407 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N * CVE-2024-9486 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-9594 ( NVD ): 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2024-9675 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2024-9675 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-9675 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves 44 vulnerabilities and contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20241030T212825 2024-10-30T21:28:25Z ( jsc#PED-11136 ) * Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3230 CVE-2024-48921 GHSA-qjvc-p88j-j9rm * GO-2024-3232 CVE-2024-10241 GHSA-6mvp-gh77-7vwh * Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3226 CVE-2024-47827 GHSA-ghjw-32xw-ffwr * GO-2024-3227 CVE-2024-10214 GHSA-hm57-h27x-599c * GO-2024-3228 GHSA-wcx9-ccpj-hx3c * Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3207 GHSA-p5wf-cmr4-xrwr * GO-2024-3208 CVE-2024-47825 GHSA-3wwx-63fv-pfq6 * GO-2024-3210 CVE-2024-8901 * GO-2024-3211 CVE-2024-50312 * GO-2024-3212 GHSA-rjfv-pjvx-mjgv * GO-2024-3213 CVE-2024-49380 * GO-2024-3214 CVE-2024-49381 * GO-2024-3215 CVE-2024-9264 GHSA-q99m-qcv4-fpm7 * GO-2024-3216 CVE-2024-49753 GHSA-6cf5-w9h3-4rqv * GO-2024-3217 CVE-2024-49757 GHSA-3rmw-76m6-4gjc * GO-2024-3219 GHSA-7h65-4p22-39j6 * GO-2024-3220 CVE-2023-32197 GHSA-7h8m-pvw3-5gh4 * GO-2024-3221 CVE-2024-22036 GHSA-h99m-6755-rgwc * GO-2024-3222 GHSA-x7xj-jvwp-97rv * GO-2024-3223 CVE-2022-45157 GHSA-xj7w-r753-vj8v * GO-2024-3224 CVE-2024-39223 GHSA-8wxx-35qc-vp6r * Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3189 CVE-2024-38365 GHSA-27vh-h6mc-q6g8 * GO-2024-3203 CVE-2024-9486 * GO-2024-3204 CVE-2024-9594 * Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3189 CVE-2024-38365 GHSA-27vh-h6mc-q6g8 * GO-2024-3196 CVE-2024-47877 GHSA-8rm2-93mq-jqhc * GO-2024-3199 GHSA-vv6c-69r6-chg9 * GO-2024-3200 CVE-2024-48909 GHSA-3c32-4hq9-6wgj * GO-2024-3201 CVE-2023-22644 * Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3166 CVE-2024-47534 GHSA-4f8r-qqr9-fq8j * GO-2024-3171 CVE-2024-9341 GHSA-mc76-5925-c5p6 * Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3161 CVE-2024-22030 GHSA-h4h5-9833-v2p4 * GO-2024-3162 CVE-2024-7594 GHSA-jg74-mwgw-v6x3 * GO-2024-3163 CVE-2024-47182 * GO-2024-3164 CVE-2024-47003 GHSA-59hf-mpf8-pqjh * GO-2024-3166 CVE-2024-47534 GHSA-4f8r-qqr9-fq8j * GO-2024-3167 CVE-2024-9355 GHSA-3h3x-2hwv-hr52 * GO-2024-3168 CVE-2024-8975 GHSA-chqx-36rm-rf8h * GO-2024-3169 CVE-2024-9407 GHSA-fhqq-8f65-5xfc * GO-2024-3170 CVE-2024-8996 GHSA-m5gv-m5f9-wgv4 * GO-2024-3172 CVE-2024-33662 GHSA-9mjw-79r6-c9m8 * GO-2024-3173 CVE-2024-7558 GHSA-mh98-763h-m9v4 * GO-2024-3174 CVE-2024-8037 GHSA-8v4w-f4r9-7h6x * GO-2024-3175 CVE-2024-8038 GHSA-xwgj-vpm9-q2rq * GO-2024-3179 CVE-2024-47616 GHSA-r7rh-jww5-5fjr * GO-2024-3181 CVE-2024-9313 GHSA-x5q3-c8rm-w787 * GO-2024-3182 GHSA-wpr2-j6gr-pjw9 * GO-2024-3184 CVE-2024-36814 GHSA-9cp9-8gw2-8v7m * GO-2024-3185 CVE-2024-47832 * GO-2024-3186 CVE-2024-9675 GHSA-586p-749j-fhwp * GO-2024-3188 CVE-2024-9312 GHSA-4gfw-wf7c-w6g2 * GO-2024-3190 CVE-2024-47067 GHSA-8pph-gfhp-w226 * GO-2024-3191 CVE-2024-9180 GHSA-rr8j-7w34-xp5j ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3911=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3911=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3911=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3911=1 ## Package List: * openSUSE Leap 15.5 (noarch) * govulncheck-vulndb-0.0.20241030T212825-150000.1.9.1 * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20241030T212825-150000.1.9.1 * SUSE Package Hub 15 15-SP5 (noarch) * govulncheck-vulndb-0.0.20241030T212825-150000.1.9.1 * SUSE Package Hub 15 15-SP6 (noarch) * govulncheck-vulndb-0.0.20241030T212825-150000.1.9.1 ## References: * https://www.suse.com/security/cve/CVE-2022-45157.html * https://www.suse.com/security/cve/CVE-2023-22644.html * https://www.suse.com/security/cve/CVE-2023-32197.html * https://www.suse.com/security/cve/CVE-2024-10214.html * https://www.suse.com/security/cve/CVE-2024-10241.html * https://www.suse.com/security/cve/CVE-2024-22030.html * https://www.suse.com/security/cve/CVE-2024-22036.html * https://www.suse.com/security/cve/CVE-2024-33662.html * https://www.suse.com/security/cve/CVE-2024-36814.html * https://www.suse.com/security/cve/CVE-2024-38365.html * https://www.suse.com/security/cve/CVE-2024-39223.html * https://www.suse.com/security/cve/CVE-2024-47003.html * https://www.suse.com/security/cve/CVE-2024-47067.html * https://www.suse.com/security/cve/CVE-2024-47182.html * https://www.suse.com/security/cve/CVE-2024-47534.html * https://www.suse.com/security/cve/CVE-2024-47616.html * https://www.suse.com/security/cve/CVE-2024-47825.html * https://www.suse.com/security/cve/CVE-2024-47827.html * https://www.suse.com/security/cve/CVE-2024-47832.html * https://www.suse.com/security/cve/CVE-2024-47877.html * https://www.suse.com/security/cve/CVE-2024-48909.html * https://www.suse.com/security/cve/CVE-2024-48921.html * https://www.suse.com/security/cve/CVE-2024-49380.html * https://www.suse.com/security/cve/CVE-2024-49381.html * https://www.suse.com/security/cve/CVE-2024-49753.html * https://www.suse.com/security/cve/CVE-2024-49757.html * https://www.suse.com/security/cve/CVE-2024-50312.html * https://www.suse.com/security/cve/CVE-2024-7558.html * https://www.suse.com/security/cve/CVE-2024-7594.html * https://www.suse.com/security/cve/CVE-2024-8037.html * https://www.suse.com/security/cve/CVE-2024-8038.html * https://www.suse.com/security/cve/CVE-2024-8901.html * https://www.suse.com/security/cve/CVE-2024-8975.html * https://www.suse.com/security/cve/CVE-2024-8996.html * https://www.suse.com/security/cve/CVE-2024-9180.html * https://www.suse.com/security/cve/CVE-2024-9264.html * https://www.suse.com/security/cve/CVE-2024-9312.html * https://www.suse.com/security/cve/CVE-2024-9313.html * https://www.suse.com/security/cve/CVE-2024-9341.html * https://www.suse.com/security/cve/CVE-2024-9355.html * https://www.suse.com/security/cve/CVE-2024-9407.html * https://www.suse.com/security/cve/CVE-2024-9486.html * https://www.suse.com/security/cve/CVE-2024-9594.html * https://www.suse.com/security/cve/CVE-2024-9675.html * https://jira.suse.com/browse/PED-11136 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 6 12:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 06 Nov 2024 12:30:10 -0000 Subject: SUSE-SU-2024:3927-1: moderate: Security update for curl Message-ID: <173089621036.14191.15483349576406839599@smelt2.prg2.suse.org> # Security update for curl Announcement ID: SUSE-SU-2024:3927-1 Release Date: 2024-11-06T10:16:18Z Rating: moderate References: * bsc#1232528 Cross-References: * CVE-2024-9681 CVSS scores: * CVE-2024-9681 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-9681 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for curl fixes the following issues: * CVE-2024-9681: Fixed HSTS subdomain overwrites parent cache entry (bsc#1232528) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2024-3927=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-3927=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 (aarch64 ppc64le s390x x86_64) * libcurl4-debuginfo-8.0.1-11.98.1 * curl-8.0.1-11.98.1 * curl-debuginfo-8.0.1-11.98.1 * libcurl4-8.0.1-11.98.1 * curl-debugsource-8.0.1-11.98.1 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 (s390x x86_64) * libcurl4-debuginfo-32bit-8.0.1-11.98.1 * libcurl4-32bit-8.0.1-11.98.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 (x86_64) * libcurl4-debuginfo-8.0.1-11.98.1 * curl-8.0.1-11.98.1 * curl-debuginfo-8.0.1-11.98.1 * libcurl4-8.0.1-11.98.1 * libcurl4-32bit-8.0.1-11.98.1 * curl-debugsource-8.0.1-11.98.1 * libcurl4-debuginfo-32bit-8.0.1-11.98.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9681.html * https://bugzilla.suse.com/show_bug.cgi?id=1232528 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 6 12:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 06 Nov 2024 12:30:14 -0000 Subject: SUSE-SU-2024:3926-1: moderate: Security update for curl Message-ID: <173089621402.14191.1579198852325026320@smelt2.prg2.suse.org> # Security update for curl Announcement ID: SUSE-SU-2024:3926-1 Release Date: 2024-11-06T10:16:06Z Rating: moderate References: * bsc#1232528 Cross-References: * CVE-2024-9681 CVSS scores: * CVE-2024-9681 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-9681 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for curl fixes the following issues: * CVE-2024-9681: Fixed HSTS subdomain overwrites parent cache entry (bsc#1232528) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3926=1 SUSE-SLE- INSTALLER-15-SP4-2024-3926=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3926=1 SUSE- SLE-INSTALLER-15-SP4-2024-3926=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3926=1 SUSE-SLE-INSTALLER-15-SP4-2024-3926=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3926=1 SUSE- SLE-INSTALLER-15-SP4-2024-3926=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3926=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3926=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3926=1 * SUSE Linux Enterprise High Performance Computing 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3926=1 * SUSE Linux Enterprise Server 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3926=1 * SUSE Linux Enterprise Desktop 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3926=1 * SUSE Linux Enterprise High Performance Computing 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3926=1 * SUSE Linux Enterprise Server 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3926=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3926=1 * SUSE Linux Enterprise Desktop 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3926=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3926=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3926=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3926=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3926=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3926=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3926=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3926=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3926=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3926=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3926=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * SUSE Manager Proxy 4.3 (x86_64) * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * libcurl4-32bit-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * libcurl4-32bit-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Manager Server 4.3 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * openSUSE Leap 15.4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-32bit-8.0.1-150400.5.56.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libcurl4-64bit-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-64bit-8.0.1-150400.5.56.1 * libcurl4-64bit-8.0.1-150400.5.56.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * openSUSE Leap 15.5 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-32bit-8.0.1-150400.5.56.1 * SUSE Linux Enterprise High Performance Computing 15 SP4 (aarch64 x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Server 15 SP4 (aarch64 ppc64le s390x x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Desktop 15 SP4 (x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise High Performance Computing 15 SP5 (aarch64 x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Server 15 SP5 (aarch64 ppc64le s390x x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Desktop 15 SP5 (x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * Basesystem Module 15-SP5 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * libcurl4-32bit-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9681.html * https://bugzilla.suse.com/show_bug.cgi?id=1232528 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 6 12:30:16 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 06 Nov 2024 12:30:16 -0000 Subject: SUSE-SU-2024:3925-1: moderate: Security update for curl Message-ID: <173089621672.14191.8228266978406987560@smelt2.prg2.suse.org> # Security update for curl Announcement ID: SUSE-SU-2024:3925-1 Release Date: 2024-11-06T10:14:33Z Rating: moderate References: * bsc#1232528 Cross-References: * CVE-2024-9681 CVSS scores: * CVE-2024-9681 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-9681 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for curl fixes the following issues: * CVE-2024-9681: Fixed HSTS subdomain overwrites parent cache entry (bsc#1232528) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3925=1 openSUSE-SLE-15.6-2024-3925=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3925=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libcurl4-debuginfo-8.6.0-150600.4.12.1 * curl-debugsource-8.6.0-150600.4.12.1 * libcurl4-8.6.0-150600.4.12.1 * curl-debuginfo-8.6.0-150600.4.12.1 * libcurl-devel-8.6.0-150600.4.12.1 * curl-8.6.0-150600.4.12.1 * openSUSE Leap 15.6 (x86_64) * libcurl-devel-32bit-8.6.0-150600.4.12.1 * libcurl4-32bit-debuginfo-8.6.0-150600.4.12.1 * libcurl4-32bit-8.6.0-150600.4.12.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libcurl4-64bit-debuginfo-8.6.0-150600.4.12.1 * libcurl-devel-64bit-8.6.0-150600.4.12.1 * libcurl4-64bit-8.6.0-150600.4.12.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libcurl4-debuginfo-8.6.0-150600.4.12.1 * curl-debugsource-8.6.0-150600.4.12.1 * libcurl4-8.6.0-150600.4.12.1 * curl-debuginfo-8.6.0-150600.4.12.1 * libcurl-devel-8.6.0-150600.4.12.1 * curl-8.6.0-150600.4.12.1 * Basesystem Module 15-SP6 (x86_64) * libcurl4-32bit-8.6.0-150600.4.12.1 * libcurl4-32bit-debuginfo-8.6.0-150600.4.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9681.html * https://bugzilla.suse.com/show_bug.cgi?id=1232528 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 6 12:30:19 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 06 Nov 2024 12:30:19 -0000 Subject: SUSE-SU-2024:3924-1: moderate: Security update for python310 Message-ID: <173089621989.14191.15086637910082498309@smelt2.prg2.suse.org> # Security update for python310 Announcement ID: SUSE-SU-2024:3924-1 Release Date: 2024-11-06T10:14:11Z Rating: moderate References: * bsc#1230906 * bsc#1232241 Cross-References: * CVE-2024-9287 CVSS scores: * CVE-2024-9287 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2024-9287 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2024-9287 ( NVD ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python310 fixes the following issues: * CVE-2024-9287: Fixed quoted path names provided when creating a virtual environment (bsc#1232241). Bug fixes: * Drop .pyc files from docdir for reproducible builds (bsc#1230906). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3924=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3924=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3924=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python310-dbm-debuginfo-3.10.15-150400.4.60.1 * python310-base-3.10.15-150400.4.60.1 * python310-doc-3.10.15-150400.4.60.1 * python310-idle-3.10.15-150400.4.60.1 * python310-3.10.15-150400.4.60.1 * python310-curses-debuginfo-3.10.15-150400.4.60.1 * python310-devel-3.10.15-150400.4.60.1 * python310-core-debugsource-3.10.15-150400.4.60.1 * python310-tools-3.10.15-150400.4.60.1 * python310-debuginfo-3.10.15-150400.4.60.1 * python310-tk-debuginfo-3.10.15-150400.4.60.1 * python310-tk-3.10.15-150400.4.60.1 * python310-curses-3.10.15-150400.4.60.1 * python310-testsuite-debuginfo-3.10.15-150400.4.60.1 * libpython3_10-1_0-3.10.15-150400.4.60.1 * python310-testsuite-3.10.15-150400.4.60.1 * python310-doc-devhelp-3.10.15-150400.4.60.1 * python310-base-debuginfo-3.10.15-150400.4.60.1 * python310-debugsource-3.10.15-150400.4.60.1 * libpython3_10-1_0-debuginfo-3.10.15-150400.4.60.1 * python310-dbm-3.10.15-150400.4.60.1 * openSUSE Leap 15.4 (x86_64) * python310-32bit-debuginfo-3.10.15-150400.4.60.1 * python310-base-32bit-3.10.15-150400.4.60.1 * libpython3_10-1_0-32bit-debuginfo-3.10.15-150400.4.60.1 * python310-base-32bit-debuginfo-3.10.15-150400.4.60.1 * libpython3_10-1_0-32bit-3.10.15-150400.4.60.1 * python310-32bit-3.10.15-150400.4.60.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libpython3_10-1_0-64bit-debuginfo-3.10.15-150400.4.60.1 * python310-64bit-3.10.15-150400.4.60.1 * libpython3_10-1_0-64bit-3.10.15-150400.4.60.1 * python310-base-64bit-3.10.15-150400.4.60.1 * python310-64bit-debuginfo-3.10.15-150400.4.60.1 * python310-base-64bit-debuginfo-3.10.15-150400.4.60.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python310-dbm-debuginfo-3.10.15-150400.4.60.1 * python310-base-3.10.15-150400.4.60.1 * python310-doc-3.10.15-150400.4.60.1 * python310-idle-3.10.15-150400.4.60.1 * python310-3.10.15-150400.4.60.1 * python310-curses-debuginfo-3.10.15-150400.4.60.1 * python310-devel-3.10.15-150400.4.60.1 * python310-core-debugsource-3.10.15-150400.4.60.1 * python310-tools-3.10.15-150400.4.60.1 * python310-debuginfo-3.10.15-150400.4.60.1 * python310-tk-debuginfo-3.10.15-150400.4.60.1 * python310-tk-3.10.15-150400.4.60.1 * python310-curses-3.10.15-150400.4.60.1 * python310-testsuite-debuginfo-3.10.15-150400.4.60.1 * libpython3_10-1_0-3.10.15-150400.4.60.1 * python310-testsuite-3.10.15-150400.4.60.1 * python310-doc-devhelp-3.10.15-150400.4.60.1 * python310-base-debuginfo-3.10.15-150400.4.60.1 * python310-debugsource-3.10.15-150400.4.60.1 * libpython3_10-1_0-debuginfo-3.10.15-150400.4.60.1 * python310-dbm-3.10.15-150400.4.60.1 * openSUSE Leap 15.5 (x86_64) * python310-32bit-debuginfo-3.10.15-150400.4.60.1 * python310-base-32bit-3.10.15-150400.4.60.1 * libpython3_10-1_0-32bit-debuginfo-3.10.15-150400.4.60.1 * python310-base-32bit-debuginfo-3.10.15-150400.4.60.1 * libpython3_10-1_0-32bit-3.10.15-150400.4.60.1 * python310-32bit-3.10.15-150400.4.60.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python310-dbm-debuginfo-3.10.15-150400.4.60.1 * python310-base-3.10.15-150400.4.60.1 * python310-doc-3.10.15-150400.4.60.1 * python310-idle-3.10.15-150400.4.60.1 * python310-3.10.15-150400.4.60.1 * python310-curses-debuginfo-3.10.15-150400.4.60.1 * python310-devel-3.10.15-150400.4.60.1 * python310-core-debugsource-3.10.15-150400.4.60.1 * python310-tools-3.10.15-150400.4.60.1 * python310-debuginfo-3.10.15-150400.4.60.1 * python310-tk-debuginfo-3.10.15-150400.4.60.1 * python310-tk-3.10.15-150400.4.60.1 * python310-curses-3.10.15-150400.4.60.1 * python310-testsuite-debuginfo-3.10.15-150400.4.60.1 * libpython3_10-1_0-3.10.15-150400.4.60.1 * python310-testsuite-3.10.15-150400.4.60.1 * python310-doc-devhelp-3.10.15-150400.4.60.1 * python310-base-debuginfo-3.10.15-150400.4.60.1 * python310-debugsource-3.10.15-150400.4.60.1 * libpython3_10-1_0-debuginfo-3.10.15-150400.4.60.1 * python310-dbm-3.10.15-150400.4.60.1 * openSUSE Leap 15.6 (x86_64) * python310-32bit-debuginfo-3.10.15-150400.4.60.1 * python310-base-32bit-3.10.15-150400.4.60.1 * libpython3_10-1_0-32bit-debuginfo-3.10.15-150400.4.60.1 * python310-base-32bit-debuginfo-3.10.15-150400.4.60.1 * libpython3_10-1_0-32bit-3.10.15-150400.4.60.1 * python310-32bit-3.10.15-150400.4.60.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9287.html * https://bugzilla.suse.com/show_bug.cgi?id=1230906 * https://bugzilla.suse.com/show_bug.cgi?id=1232241 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 6 12:30:22 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 06 Nov 2024 12:30:22 -0000 Subject: SUSE-SU-2024:3923-1: important: Security update for gradle Message-ID: <173089622233.14191.9817811153458997195@smelt2.prg2.suse.org> # Security update for gradle Announcement ID: SUSE-SU-2024:3923-1 Release Date: 2024-11-06T10:13:52Z Rating: important References: * bsc#1212931 Cross-References: * CVE-2023-35947 CVSS scores: * CVE-2023-35947 ( SUSE ): 6.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:L * CVE-2023-35947 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for gradle fixes the following issues: * CVE-2023-35947: Fixed an issue while unpacking tar archives, where files could be created outside of the unpack location (bsc#1212931). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3923=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3923=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3923=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3923=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3923=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3923=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3923=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3923=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3923=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3923=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3923=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3923=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3923=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3923=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3923=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-3923=1 ## Package List: * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * gradle-4.4.1-150200.3.27.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.27.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.27.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.27.1 ## References: * https://www.suse.com/security/cve/CVE-2023-35947.html * https://bugzilla.suse.com/show_bug.cgi?id=1212931 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 6 12:30:28 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 06 Nov 2024 12:30:28 -0000 Subject: SUSE-SU-2024:3921-1: important: Security update for libgsf Message-ID: <173089622815.14191.17059879323835126511@smelt2.prg2.suse.org> # Security update for libgsf Announcement ID: SUSE-SU-2024:3921-1 Release Date: 2024-11-06T10:11:57Z Rating: important References: * bsc#1231282 * bsc#1231283 Cross-References: * CVE-2024-36474 * CVE-2024-42415 CVSS scores: * CVE-2024-36474 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-36474 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-36474 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-42415 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42415 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-42415 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-42415 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for libgsf fixes the following issues: * CVE-2024-42415, CVE-2024-36474: Fixed integer overflows affecting memory allocation (bsc#1231282, bsc#1231283). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3921=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3921=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3921=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3921=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3921=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3921=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3921=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libgsf-debugsource-1.14.46-150200.3.3.1 * libgsf-1-114-1.14.46-150200.3.3.1 * libgsf-1-114-debuginfo-1.14.46-150200.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libgsf-debugsource-1.14.46-150200.3.3.1 * libgsf-1-114-1.14.46-150200.3.3.1 * libgsf-1-114-debuginfo-1.14.46-150200.3.3.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libgsf-debugsource-1.14.46-150200.3.3.1 * libgsf-1-114-1.14.46-150200.3.3.1 * libgsf-1-114-debuginfo-1.14.46-150200.3.3.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libgsf-debugsource-1.14.46-150200.3.3.1 * libgsf-1-114-1.14.46-150200.3.3.1 * libgsf-1-114-debuginfo-1.14.46-150200.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libgsf-debugsource-1.14.46-150200.3.3.1 * libgsf-1-114-1.14.46-150200.3.3.1 * libgsf-1-114-debuginfo-1.14.46-150200.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libgsf-debugsource-1.14.46-150200.3.3.1 * libgsf-1-114-1.14.46-150200.3.3.1 * libgsf-1-114-debuginfo-1.14.46-150200.3.3.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libgsf-debugsource-1.14.46-150200.3.3.1 * libgsf-1-114-1.14.46-150200.3.3.1 * libgsf-1-114-debuginfo-1.14.46-150200.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36474.html * https://www.suse.com/security/cve/CVE-2024-42415.html * https://bugzilla.suse.com/show_bug.cgi?id=1231282 * https://bugzilla.suse.com/show_bug.cgi?id=1231283 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 6 12:30:31 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 06 Nov 2024 12:30:31 -0000 Subject: SUSE-SU-2024:3920-1: important: Security update for libgsf Message-ID: <173089623123.14191.11296060670203003284@smelt2.prg2.suse.org> # Security update for libgsf Announcement ID: SUSE-SU-2024:3920-1 Release Date: 2024-11-06T10:11:30Z Rating: important References: * bsc#1231282 * bsc#1231283 Cross-References: * CVE-2024-36474 * CVE-2024-42415 CVSS scores: * CVE-2024-36474 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-36474 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-36474 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-42415 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42415 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-42415 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-42415 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for libgsf fixes the following issues: * CVE-2024-42415, CVE-2024-36474: Fixed integer overflows affecting memory allocation (bsc#1231282, bsc#1231283). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3920=1 openSUSE-SLE-15.6-2024-3920=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-3920=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-3920=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libgsf-debuginfo-1.14.51-150600.4.3.1 * typelib-1_0-Gsf-1-1.14.51-150600.4.3.1 * libgsf-1-114-debuginfo-1.14.51-150600.4.3.1 * libgsf-tools-1.14.51-150600.4.3.1 * libgsf-debugsource-1.14.51-150600.4.3.1 * gsf-office-thumbnailer-debuginfo-1.14.51-150600.4.3.1 * libgsf-devel-1.14.51-150600.4.3.1 * gsf-office-thumbnailer-1.14.51-150600.4.3.1 * libgsf-1-114-1.14.51-150600.4.3.1 * libgsf-tools-debuginfo-1.14.51-150600.4.3.1 * openSUSE Leap 15.6 (noarch) * libgsf-lang-1.14.51-150600.4.3.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libgsf-debuginfo-1.14.51-150600.4.3.1 * libgsf-1-114-1.14.51-150600.4.3.1 * libgsf-1-114-debuginfo-1.14.51-150600.4.3.1 * libgsf-debugsource-1.14.51-150600.4.3.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * libgsf-debuginfo-1.14.51-150600.4.3.1 * typelib-1_0-Gsf-1-1.14.51-150600.4.3.1 * libgsf-devel-1.14.51-150600.4.3.1 * libgsf-debugsource-1.14.51-150600.4.3.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (noarch) * libgsf-lang-1.14.51-150600.4.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36474.html * https://www.suse.com/security/cve/CVE-2024-42415.html * https://bugzilla.suse.com/show_bug.cgi?id=1231282 * https://bugzilla.suse.com/show_bug.cgi?id=1231283 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 6 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 06 Nov 2024 16:30:05 -0000 Subject: SUSE-SU-2024:3929-1: moderate: Security update for python36 Message-ID: <173091060547.17443.15093336373084634721@smelt2.prg2.suse.org> # Security update for python36 Announcement ID: SUSE-SU-2024:3929-1 Release Date: 2024-11-06T15:33:43Z Rating: moderate References: * bsc#1230906 * bsc#1232241 Cross-References: * CVE-2024-9287 CVSS scores: * CVE-2024-9287 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2024-9287 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2024-9287 ( NVD ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python36 fixes the following issues: Security fixes: * CVE-2024-9287: properly quote path names provided when creating a virtual environment (bsc#1232241) Other fixes: * Drop .pyc files from docdir for reproducible builds (bsc#1230906) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-3929=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 (x86_64) * libpython3_6m1_0-debuginfo-3.6.15-70.1 * python36-base-3.6.15-70.1 * python36-debugsource-3.6.15-70.1 * python36-3.6.15-70.1 * python36-base-debuginfo-3.6.15-70.1 * libpython3_6m1_0-3.6.15-70.1 * libpython3_6m1_0-32bit-3.6.15-70.1 * python36-debuginfo-3.6.15-70.1 * libpython3_6m1_0-debuginfo-32bit-3.6.15-70.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9287.html * https://bugzilla.suse.com/show_bug.cgi?id=1230906 * https://bugzilla.suse.com/show_bug.cgi?id=1232241 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 6 16:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 06 Nov 2024 16:30:10 -0000 Subject: SUSE-SU-2024:3922-1: important: Security update for libgsf Message-ID: <173091061069.17443.13575694476479165502@smelt2.prg2.suse.org> # Security update for libgsf Announcement ID: SUSE-SU-2024:3922-1 Release Date: 2024-11-06T10:12:34Z Rating: important References: * bsc#1231282 * bsc#1231283 Cross-References: * CVE-2024-36474 * CVE-2024-42415 CVSS scores: * CVE-2024-36474 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-36474 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-36474 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-42415 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42415 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-42415 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-42415 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for libgsf fixes the following issues: * CVE-2024-42415, CVE-2024-36474: Fixed integer overflows affecting memory allocation (bsc#1231282, bsc#1231283). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3922=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3922=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-3922=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3922=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3922=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3922=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3922=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3922=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-3922=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libgsf-tools-1.14.50-150400.3.6.1 * libgsf-1-114-1.14.50-150400.3.6.1 * typelib-1_0-Gsf-1-1.14.50-150400.3.6.1 * gsf-office-thumbnailer-debuginfo-1.14.50-150400.3.6.1 * libgsf-1-114-debuginfo-1.14.50-150400.3.6.1 * libgsf-tools-debuginfo-1.14.50-150400.3.6.1 * libgsf-devel-1.14.50-150400.3.6.1 * libgsf-debugsource-1.14.50-150400.3.6.1 * gsf-office-thumbnailer-1.14.50-150400.3.6.1 * openSUSE Leap 15.4 (x86_64) * libgsf-1-114-32bit-1.14.50-150400.3.6.1 * libgsf-1-114-32bit-debuginfo-1.14.50-150400.3.6.1 * openSUSE Leap 15.4 (noarch) * libgsf-lang-1.14.50-150400.3.6.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libgsf-1-114-64bit-1.14.50-150400.3.6.1 * libgsf-1-114-64bit-debuginfo-1.14.50-150400.3.6.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libgsf-tools-1.14.50-150400.3.6.1 * libgsf-1-114-1.14.50-150400.3.6.1 * typelib-1_0-Gsf-1-1.14.50-150400.3.6.1 * gsf-office-thumbnailer-debuginfo-1.14.50-150400.3.6.1 * libgsf-1-114-debuginfo-1.14.50-150400.3.6.1 * libgsf-tools-debuginfo-1.14.50-150400.3.6.1 * libgsf-devel-1.14.50-150400.3.6.1 * libgsf-debugsource-1.14.50-150400.3.6.1 * gsf-office-thumbnailer-1.14.50-150400.3.6.1 * openSUSE Leap 15.5 (x86_64) * libgsf-1-114-32bit-1.14.50-150400.3.6.1 * libgsf-1-114-32bit-debuginfo-1.14.50-150400.3.6.1 * openSUSE Leap 15.5 (noarch) * libgsf-lang-1.14.50-150400.3.6.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libgsf-1-114-1.14.50-150400.3.6.1 * libgsf-1-114-debuginfo-1.14.50-150400.3.6.1 * libgsf-debugsource-1.14.50-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libgsf-1-114-1.14.50-150400.3.6.1 * libgsf-1-114-debuginfo-1.14.50-150400.3.6.1 * libgsf-debugsource-1.14.50-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libgsf-1-114-1.14.50-150400.3.6.1 * libgsf-1-114-debuginfo-1.14.50-150400.3.6.1 * libgsf-debugsource-1.14.50-150400.3.6.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libgsf-1-114-1.14.50-150400.3.6.1 * typelib-1_0-Gsf-1-1.14.50-150400.3.6.1 * libgsf-1-114-debuginfo-1.14.50-150400.3.6.1 * libgsf-devel-1.14.50-150400.3.6.1 * libgsf-debugsource-1.14.50-150400.3.6.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * libgsf-lang-1.14.50-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libgsf-1-114-1.14.50-150400.3.6.1 * libgsf-1-114-debuginfo-1.14.50-150400.3.6.1 * libgsf-debugsource-1.14.50-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libgsf-1-114-1.14.50-150400.3.6.1 * libgsf-1-114-debuginfo-1.14.50-150400.3.6.1 * libgsf-debugsource-1.14.50-150400.3.6.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * typelib-1_0-Gsf-1-1.14.50-150400.3.6.1 * libgsf-devel-1.14.50-150400.3.6.1 * libgsf-debugsource-1.14.50-150400.3.6.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (noarch) * libgsf-lang-1.14.50-150400.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36474.html * https://www.suse.com/security/cve/CVE-2024-42415.html * https://bugzilla.suse.com/show_bug.cgi?id=1231282 * https://bugzilla.suse.com/show_bug.cgi?id=1231283 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 7 12:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 07 Nov 2024 12:30:06 -0000 Subject: SUSE-SU-2024:3943-1: moderate: Security update for openssl-3 Message-ID: <173098260671.14367.244619314918178064@smelt2.prg2.suse.org> # Security update for openssl-3 Announcement ID: SUSE-SU-2024:3943-1 Release Date: 2024-11-07T10:12:08Z Rating: moderate References: * bsc#1220262 Cross-References: * CVE-2023-50782 CVSS scores: * CVE-2023-50782 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-3 fixes the following issues: * CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3943=1 openSUSE-SLE-15.6-2024-3943=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3943=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * openssl-3-3.1.4-150600.5.21.1 * libopenssl-3-fips-provider-debuginfo-3.1.4-150600.5.21.1 * libopenssl3-3.1.4-150600.5.21.1 * libopenssl-3-fips-provider-3.1.4-150600.5.21.1 * openssl-3-debuginfo-3.1.4-150600.5.21.1 * openssl-3-debugsource-3.1.4-150600.5.21.1 * libopenssl-3-devel-3.1.4-150600.5.21.1 * libopenssl3-debuginfo-3.1.4-150600.5.21.1 * openSUSE Leap 15.6 (x86_64) * libopenssl-3-devel-32bit-3.1.4-150600.5.21.1 * libopenssl-3-fips-provider-32bit-debuginfo-3.1.4-150600.5.21.1 * libopenssl3-32bit-3.1.4-150600.5.21.1 * libopenssl-3-fips-provider-32bit-3.1.4-150600.5.21.1 * libopenssl3-32bit-debuginfo-3.1.4-150600.5.21.1 * openSUSE Leap 15.6 (noarch) * openssl-3-doc-3.1.4-150600.5.21.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libopenssl-3-fips-provider-64bit-3.1.4-150600.5.21.1 * libopenssl3-64bit-3.1.4-150600.5.21.1 * libopenssl-3-devel-64bit-3.1.4-150600.5.21.1 * libopenssl-3-fips-provider-64bit-debuginfo-3.1.4-150600.5.21.1 * libopenssl3-64bit-debuginfo-3.1.4-150600.5.21.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openssl-3-3.1.4-150600.5.21.1 * libopenssl-3-fips-provider-debuginfo-3.1.4-150600.5.21.1 * libopenssl3-3.1.4-150600.5.21.1 * libopenssl-3-fips-provider-3.1.4-150600.5.21.1 * openssl-3-debuginfo-3.1.4-150600.5.21.1 * openssl-3-debugsource-3.1.4-150600.5.21.1 * libopenssl-3-devel-3.1.4-150600.5.21.1 * libopenssl3-debuginfo-3.1.4-150600.5.21.1 * Basesystem Module 15-SP6 (x86_64) * libopenssl-3-fips-provider-32bit-debuginfo-3.1.4-150600.5.21.1 * libopenssl3-32bit-3.1.4-150600.5.21.1 * libopenssl-3-fips-provider-32bit-3.1.4-150600.5.21.1 * libopenssl3-32bit-debuginfo-3.1.4-150600.5.21.1 ## References: * https://www.suse.com/security/cve/CVE-2023-50782.html * https://bugzilla.suse.com/show_bug.cgi?id=1220262 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 7 12:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 07 Nov 2024 12:30:12 -0000 Subject: SUSE-SU-2024:3942-1: important: Security update for ghostscript Message-ID: <173098261263.14367.5580673409922113788@smelt2.prg2.suse.org> # Security update for ghostscript Announcement ID: SUSE-SU-2024:3942-1 Release Date: 2024-11-07T10:11:51Z Rating: important References: * bsc#1232265 * bsc#1232267 * bsc#1232269 * bsc#1232270 Cross-References: * CVE-2024-46951 * CVE-2024-46953 * CVE-2024-46955 * CVE-2024-46956 CVSS scores: * CVE-2024-46951 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-46953 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-46955 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-46956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for ghostscript fixes the following issues: * CVE-2024-46951: Fixed arbitrary code execution via unchecked "Implementation" pointer in "Pattern" color space (bsc#1232265). * CVE-2024-46953: Fixed integer overflow when parsing the page format results in path truncation, path traversal, code execution (bsc#1232267). * CVE-2024-46956: Fixed arbitrary code execution via out of bounds data access in filenameforall (bsc#1232270). * CVE-2024-46955: Fixed out of bounds read when reading color in "Indexed" color space (bsc#1232269). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2024-3942=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-3942=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-23.86.1 * ghostscript-x11-9.52-23.86.1 * ghostscript-x11-debuginfo-9.52-23.86.1 * ghostscript-9.52-23.86.1 * ghostscript-debuginfo-9.52-23.86.1 * ghostscript-devel-9.52-23.86.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 (x86_64) * ghostscript-debugsource-9.52-23.86.1 * ghostscript-x11-9.52-23.86.1 * ghostscript-x11-debuginfo-9.52-23.86.1 * ghostscript-9.52-23.86.1 * ghostscript-debuginfo-9.52-23.86.1 * ghostscript-devel-9.52-23.86.1 ## References: * https://www.suse.com/security/cve/CVE-2024-46951.html * https://www.suse.com/security/cve/CVE-2024-46953.html * https://www.suse.com/security/cve/CVE-2024-46955.html * https://www.suse.com/security/cve/CVE-2024-46956.html * https://bugzilla.suse.com/show_bug.cgi?id=1232265 * https://bugzilla.suse.com/show_bug.cgi?id=1232267 * https://bugzilla.suse.com/show_bug.cgi?id=1232269 * https://bugzilla.suse.com/show_bug.cgi?id=1232270 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 7 12:30:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 07 Nov 2024 12:30:20 -0000 Subject: SUSE-SU-2024:3941-1: important: Security update for ghostscript Message-ID: <173098262011.14367.6248969678446605236@smelt2.prg2.suse.org> # Security update for ghostscript Announcement ID: SUSE-SU-2024:3941-1 Release Date: 2024-11-07T10:11:36Z Rating: important References: * bsc#1232265 * bsc#1232267 * bsc#1232269 * bsc#1232270 Cross-References: * CVE-2024-46951 * CVE-2024-46953 * CVE-2024-46955 * CVE-2024-46956 CVSS scores: * CVE-2024-46951 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-46953 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-46955 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-46956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities can now be installed. ## Description: This update for ghostscript fixes the following issues: * CVE-2024-46951: Fixed arbitrary code execution via unchecked "Implementation" pointer in "Pattern" color space (bsc#1232265). * CVE-2024-46953: Fixed integer overflow when parsing the page format results in path truncation, path traversal, code execution (bsc#1232267). * CVE-2024-46956: Fixed arbitrary code execution via out of bounds data access in filenameforall (bsc#1232270). * CVE-2024-46955: Fixed out of bounds read when reading color in "Indexed" color space (bsc#1232269). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3941=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3941=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3941=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3941=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3941=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3941=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3941=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3941=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3941=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3941=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3941=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3941=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3941=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3941=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3941=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3941=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3941=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3941=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3941=1 ## Package List: * SUSE Manager Retail Branch Server 4.3 (x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Manager Proxy 4.3 (x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 ## References: * https://www.suse.com/security/cve/CVE-2024-46951.html * https://www.suse.com/security/cve/CVE-2024-46953.html * https://www.suse.com/security/cve/CVE-2024-46955.html * https://www.suse.com/security/cve/CVE-2024-46956.html * https://bugzilla.suse.com/show_bug.cgi?id=1232265 * https://bugzilla.suse.com/show_bug.cgi?id=1232267 * https://bugzilla.suse.com/show_bug.cgi?id=1232269 * https://bugzilla.suse.com/show_bug.cgi?id=1232270 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 7 12:30:23 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 07 Nov 2024 12:30:23 -0000 Subject: SUSE-SU-2024:3940-1: important: Security update for libarchive Message-ID: <173098262353.14367.2263618049626354154@smelt2.prg2.suse.org> # Security update for libarchive Announcement ID: SUSE-SU-2024:3940-1 Release Date: 2024-11-07T10:09:14Z Rating: important References: * bsc#1225972 * bsc#1231624 Cross-References: * CVE-2024-20697 * CVE-2024-48958 CVSS scores: * CVE-2024-20697 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-20697 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-48958 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-48958 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-48958 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-48958 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for libarchive fixes the following issues: * CVE-2024-20697: Fixed Out of bounds Remote Code Execution Vulnerability (bsc#1225972). * CVE-2024-48958: Fixed out-of-bounds access via a crafted archive file in execute_filter_delta function (bsc#1231624). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3940=1 openSUSE-SLE-15.6-2024-3940=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3940=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3940=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * bsdtar-3.7.2-150600.3.9.1 * bsdtar-debuginfo-3.7.2-150600.3.9.1 * libarchive13-3.7.2-150600.3.9.1 * libarchive-debugsource-3.7.2-150600.3.9.1 * libarchive13-debuginfo-3.7.2-150600.3.9.1 * libarchive-devel-3.7.2-150600.3.9.1 * openSUSE Leap 15.6 (x86_64) * libarchive13-32bit-3.7.2-150600.3.9.1 * libarchive13-32bit-debuginfo-3.7.2-150600.3.9.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libarchive13-64bit-debuginfo-3.7.2-150600.3.9.1 * libarchive13-64bit-3.7.2-150600.3.9.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libarchive13-3.7.2-150600.3.9.1 * libarchive13-debuginfo-3.7.2-150600.3.9.1 * libarchive-devel-3.7.2-150600.3.9.1 * libarchive-debugsource-3.7.2-150600.3.9.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * bsdtar-debuginfo-3.7.2-150600.3.9.1 * bsdtar-3.7.2-150600.3.9.1 * libarchive-debugsource-3.7.2-150600.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-20697.html * https://www.suse.com/security/cve/CVE-2024-48958.html * https://bugzilla.suse.com/show_bug.cgi?id=1225972 * https://bugzilla.suse.com/show_bug.cgi?id=1231624 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 7 12:30:29 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 07 Nov 2024 12:30:29 -0000 Subject: SUSE-SU-2024:3939-1: important: Security update for ruby2.1 Message-ID: <173098262915.14367.14498948829475862705@smelt2.prg2.suse.org> # Security update for ruby2.1 Announcement ID: SUSE-SU-2024:3939-1 Release Date: 2024-11-07T10:08:56Z Rating: important References: * bsc#1230930 Cross-References: * CVE-2024-47220 CVSS scores: * CVE-2024-47220 ( SUSE ): 8.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-47220 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2024-47220 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for ruby2.1 fixes the following issues: * CVE-2024-47220: Fixed HTTP request smuggling in WEBrick (bsc#1230930) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2024-3939=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-3939=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 (aarch64 ppc64le s390x x86_64) * ruby2.1-2.1.9-19.9.1 * ruby2.1-debugsource-2.1.9-19.9.1 * ruby2.1-stdlib-2.1.9-19.9.1 * ruby2.1-stdlib-debuginfo-2.1.9-19.9.1 * ruby2.1-debuginfo-2.1.9-19.9.1 * libruby2_1-2_1-debuginfo-2.1.9-19.9.1 * libruby2_1-2_1-2.1.9-19.9.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 (x86_64) * ruby2.1-2.1.9-19.9.1 * ruby2.1-debugsource-2.1.9-19.9.1 * ruby2.1-stdlib-2.1.9-19.9.1 * ruby2.1-stdlib-debuginfo-2.1.9-19.9.1 * ruby2.1-debuginfo-2.1.9-19.9.1 * libruby2_1-2_1-debuginfo-2.1.9-19.9.1 * libruby2_1-2_1-2.1.9-19.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47220.html * https://bugzilla.suse.com/show_bug.cgi?id=1230930 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 7 12:30:44 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 07 Nov 2024 12:30:44 -0000 Subject: SUSE-SU-2024:3938-1: important: Security update for go1.22-openssl Message-ID: <173098264440.14367.5244254639186192566@smelt2.prg2.suse.org> # Security update for go1.22-openssl Announcement ID: SUSE-SU-2024:3938-1 Release Date: 2024-11-07T10:08:24Z Rating: important References: * bsc#1218424 * bsc#1219988 * bsc#1220999 * bsc#1221000 * bsc#1221001 * bsc#1221002 * bsc#1221003 * bsc#1221400 * bsc#1224017 * bsc#1224018 * bsc#1225973 * bsc#1225974 * bsc#1227314 * bsc#1230252 * bsc#1230253 * bsc#1230254 * jsc#PED-1962 * jsc#SLE-18320 Cross-References: * CVE-2023-45288 * CVE-2023-45289 * CVE-2023-45290 * CVE-2024-24783 * CVE-2024-24784 * CVE-2024-24785 * CVE-2024-24787 * CVE-2024-24788 * CVE-2024-24789 * CVE-2024-24790 * CVE-2024-24791 * CVE-2024-34155 * CVE-2024-34156 * CVE-2024-34158 CVSS scores: * CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45289 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-45289 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-45290 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24783 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24783 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-24784 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-24785 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-24787 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-24788 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-24789 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-24789 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-24790 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L * CVE-2024-24790 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-24791 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34155 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34155 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-34156 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34156 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34158 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34158 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 14 vulnerabilities, contains two features and has two security fixes can now be installed. ## Description: This update for go1.22-openssl fixes the following issues: This update ships go1.22-openssl 1.22.7.1 (jsc#SLE-18320) * Update to version 1.22.7.1 cut from the go1.22-fips-release branch at the revision tagged go1.22.7-1-openssl-fips. * Update to Go 1.22.7 (#229) * go1.22.7 (released 2024-09-05) includes security fixes to the encoding/gob, go/build/constraint, and go/parser packages, as well as bug fixes to the fix command and the runtime. CVE-2024-34155 CVE-2024-34156 CVE-2024-34158: \- go#69142 go#69138 bsc#1230252 security: fix CVE-2024-34155 go/parser: stack exhaustion in all Parse* functions (CVE-2024-34155) \- go#69144 go#69139 bsc#1230253 security: fix CVE-2024-34156 encoding/gob: stack exhaustion in Decoder.Decode (CVE-2024-34156) \- go#69148 go#69141 bsc#1230254 security: fix CVE-2024-34158 go/build/constraint: stack exhaustion in Parse (CVE-2024-34158) \- go#68811 os: TestChtimes failures \- go#68825 cmd/fix: fails to run on modules whose go directive value is in "1.n.m" format introduced in Go 1.21.0 \- go#68972 cmd/cgo: aix c-archive corrupting stack * go1.22.6 (released 2024-08-06) includes fixes to the go command, the compiler, the linker, the trace command, the covdata command, and the bytes, go/types, and os/exec packages. * go#68594 cmd/compile: internal compiler error with zero-size types * go#68546 cmd/trace/v2: pprof profiles always empty * go#68492 cmd/covdata: too many open files due to defer f.Close() in for loop * go#68475 bytes: IndexByte can return -4294967295 when memory usage is above 2^31 on js/wasm * go#68370 go/types: assertion failure in recent range statement checking logic * go#68331 os/exec: modifications to Path ignored when *Cmd is created using Command with an absolute path on Windows * go#68230 cmd/compile: inconsistent integer arithmetic result on Go 1.22+arm64 with/without -race * go#68222 cmd/go: list with -export and -covermode=atomic fails to build * go#68198 cmd/link: issues with Xcode 16 beta * Update to version 1.22.5.3 cut from the go1.22-fips-release branch at the revision tagged go1.22.5-3-openssl-fips. * Only load openssl if fips == "1" Avoid loading openssl whenever GOLANG_FIPS is not 1. Previously only an unset variable would cause the library load to be skipped, but users may also expect to be able to set eg. GOLANG_FIPS=0 in environments without openssl. * Update to version 1.22.5.2 cut from the go1.22-fips-release branch at the revision tagged go1.22.5-2-openssl-fips. * Only load OpenSSL when in FIPS mode * Update to version 1.22.5.1 cut from the go1.22-fips-release branch at the revision tagged go1.22.5-1-openssl-fips. * Update to go1.22.5 * go1.22.5 (released 2024-07-02) includes security fixes to the net/http package, as well as bug fixes to the compiler, cgo, the go command, the linker, the runtime, and the crypto/tls, go/types, net, net/http, and os/exec packages. CVE-2024-24791: * go#68200 go#67555 bsc#1227314 security: fix CVE CVE-2024-24791 net/http: expect: 100-continue handling is broken in various ways * go#65983 cmd/compile: hash of unhashable type * go#65994 crypto/tls: segfault when calling tlsrsakex.IncNonDefault() * go#66598 os/exec: calling Cmd.Start after setting Cmd.Path manually to absolute path without ".exe" no longer implicitly adds ".exe" in Go 1.22 * go#67298 runtime: "fatal: morestack on g0" on amd64 after upgrade to Go 1.21, stale bounds * go#67715 cmd/cgo/internal/swig,cmd/go,x/build: swig cgo tests incompatible with C++ toolchain on builders * go#67798 cmd/compile: internal compiler error: unexpected type: () in for-range * go#67820 cmd/compile: package- level variable initialization with constant dependencies doesn't match order specified in Go spec * go#67850 go/internal/gccgoimporter: go building failing with gcc 14.1.0 * go#67934 net: go DNS resolver fails to connect to local DNS server * go#67945 cmd/link: using -fuzz with test that links with cgo on darwin causes linker failure * go#68052 cmd/go: go list -u -m all fails loading module retractions: module requires go >= 1.N+1 (running go 1.N) * go#68122 cmd/link: runtime.mach_vm_region_trampoline: unsupported dynamic relocation for symbol libc_mach_task_self_ (type=29 (R_GOTPCREL) stype=46 (SDYNIMPORT)) * Update to version 1.22.4.1 cut from the go1.22-fips-release branch at the revision tagged go1.22.4-1-openssl-fips. * Update to go1.22.4 * go1.22.4 (released 2024-06-04) includes security fixes to the archive/zip and net/netip packages, as well as bug fixes to the compiler, the go command, the linker, the runtime, and the os package. CVE-2024-24789 CVE-2024-24790: * go#67554 go#66869 bsc#1225973 security: fix CVE-2024-24789 archive/zip: EOCDR comment length handling is inconsistent with other ZIP implementations * go#67682 go#67680 bsc#1225974 security: fix CVE-2024-24790 net/netip: unexpected behavior from Is methods for IPv4-mapped IPv6 addresses * go#67188 runtime/metrics: /memory/classes/heap/unused:bytes spikes * go#67212 cmd/compile: SIGBUS unaligned access on mips64 via qemu-mips64 * go#67236 cmd/go: mod tidy reports toolchain not available with 'go 1.21' * go#67258 runtime: unexpected fault address 0 * go#67311 cmd/go: TestScript/gotoolchain_issue66175 fails on tip locally * go#67314 cmd/go,cmd/link: TestScript/build_issue48319 and TestScript/build_plugin_reproducible failing on LUCI gotip-darwin-amd64-longtest builder due to non-reproducible LC_UUID * go#67352 crypto/x509: TestPlatformVerifier failures on Windows due to broken connections * go#67460 cmd/compile: internal compiler error: panic with range over integer value * go#67527 cmd/link: panic: machorelocsect: size mismatch * go#67650 runtime: SIGSEGV after performing clone(CLONE_PARENT) via C constructor prior to runtime start * go#67696 os: RemoveAll susceptible to symlink race * Update to version 1.22.3.3 cut from the go1.22-fips-release branch at the revision tagged go1.22.3-3-openssl-fips. * config: update openssl backend (#201) * Update to version 1.22.3.2 cut from the go1.22-fips-release branch at the revision tagged go1.22.3-2-openssl-fips. * patches: restore signature of HashSign/HashVerify (#199) * Update to version 1.22.3.1 cut from the go1.22-fips-release branch at the revision tagged go1.22.3-1-openssl-fips. * Update to go1.22.3 * fix: rename patch file * Backport change https://go-review.googlesource.com/c/go/+/554615 to Go1.22 (#193) runtime: crash asap and extend total sleep time for slow machine in test Running with few threads usually does not need 500ms to crash, so let it crash as soon as possible. While the test may caused more time on slow machine, try to expand the sleep time in test. * cmd/go: re-enable CGO for Go toolchain commands (#190) * crypto/ecdsa: Restore HashSign and HashVerify (#189) * go1.22.3 (released 2024-05-07) includes security fixes to the go command and the net package, as well as bug fixes to the compiler, the runtime, and the net/http package. CVE-2024-24787 CVE-2024-24788: * go#67122 go#67119 bsc#1224017 security: fix CVE-2024-24787 cmd/go: arbitrary code execution during build on darwin * go#67040 go#66754 bsc#1224018 security: fix CVE-2024-24788 net: high cpu usage in extractExtendedRCode * go#67018 cmd/compile: Go 1.22.x failed to be bootstrapped from 386 to ppc64le * go#67017 cmd/compile: changing a hot concrete method to interface method triggers a PGO ICE * go#66886 runtime: deterministic fallback hashes across process boundary * go#66698 net/http: TestRequestLimit/h2 becomes significantly more expensive and slower after x/net at v0.23.0 * Update to version 1.22.2.1 cut from the go1.22-fips-release branch at the revision tagged go1.22.2-1-openssl-fips. * Update to go1.22.2 * go1.22.2 (released 2024-04-03) includes a security fix to the net/http package, as well as bug fixes to the compiler, the go command, the linker, and the encoding/gob, go/types, net/http, and runtime/trace packages. CVE-2023-45288: * go#66298 go#65051 bsc#1221400 security: fix CVE-2023-45288 net/http, x/net/http2: close connections when receiving too many headers * go#65858 cmd/compile: unreachable panic with GODEBUG=gotypesalias=1 * go#66060 cmd/link: RISC-V external link, failed to find text symbol for HI20 relocation * go#66076 cmd/compile: out-of-bounds panic with uint32 conversion and modulus operation in Go 1.22.0 on arm64 * go#66134 cmd/compile: go test . results in CLOSURE ... : internal compiler error: assertion failed * go#66137 cmd/go: go 1.22.0: go test throws errors when processing folders not listed in coverpkg argument * go#66178 cmd/compile: ICE: panic: interface conversion: ir.Node is _ir.ConvExpr, not_ ir.IndexExpr * go#66201 runtime/trace: v2 traces contain an incorrect timestamp scaling factor on Windows * go#66255 net/http: http2 round tripper nil pointer dereference causes panic causing deadlock * go#66256 cmd/go: git shallow fetches broken at CL 556358 * go#66273 crypto/x509: Certificate no longer encodable using encoding/gob in Go1.22 * go#66412 cmd/link: bad carrier sym for symbol runtime.elf_savegpr0.args_stackmap on ppc64le * Update to version 1.22.1.2 cut from the go1.22-fips-release branch at the revision tagged go1.22.1-2-openssl-fips. * config: Update openssl v2 module (#178) * Remove subpackage go1.x-openssl-libstd for compiled shared object libstd.so. * Continue to build experimental libstd only on go1.x Tumbleweed. * Removal fixes build errors on go1.x-openssl Factory and ALP. * Use of libstd.so is experimental and not recommended for general use, Go currently has no ABI. * Feature go build -buildmode=shared is deprecated by upstream, but not yet removed. * Initial package go1.22-openssl version 1.22.1.1 cut from the go1.22-fips- release branch at the revision tagged go1.22.1-1-openssl-fips. * Go upstream merged branch dev.boringcrypto in go1.19+. * In go1.x enable BoringCrypto via GOEXPERIMENT=boringcrypto. * In go1.x-openssl enable FIPS mode (or boring mode as the package is named) either via an environment variable GOLANG_FIPS=1 or by virtue of booting the host in FIPS mode. * When the operating system is operating in FIPS mode, Go applications which import crypto/tls/fipsonly limit operations to the FIPS ciphersuite. * go1.x-openssl is delivered as two large patches to go1.x applying necessary modifications from the golang-fips/go GitHub project for the Go crypto library to use OpenSSL as the external cryptographic library in a FIPS compliant way. * go1.x-openssl modifies the crypto/* packages to use OpenSSL for cryptographic operations. * go1.x-openssl uses dlopen() to call into OpenSSL. * SUSE RPM packaging introduces a fourth version digit go1.x.y.z corresponding to the golang-fips/go patchset tagged revision. * Patchset improvements can be updated independently of upstream Go maintenance releases. * go1.22.1 (released 2024-03-05) includes security fixes to the crypto/x509, html/template, net/http, net/http/cookiejar, and net/mail packages, as well as bug fixes to the compiler, the go command, the runtime, the trace command, and the go/types and net/http packages. CVE-2023-45289 CVE-2023-45290 CVE-2024-24783 CVE-2024-24784 CVE-2024-24785: * go#65831 go#65390 bsc#1220999 security: fix CVE-2024-24783 crypto/x509: Verify panics on certificates with an unknown public key algorithm * go#65849 go#65083 bsc#1221002 security: fix CVE-2024-24784 net/mail: comments in display names are incorrectly handled * go#65850 go#65383 bsc#1221001 security: fix CVE-2023-45290 net/http: memory exhaustion in Request.ParseMultipartForm * go#65859 go#65065 bsc#1221000 security: fix CVE-2023-45289 net/http, net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect * go#65969 go#65697 bsc#1221003 security: fix CVE-2024-24785 html/template: errors returned from MarshalJSON methods may break template escaping * go#65352 cmd/go: go generate fails silently when run on a package in a nested workspace module * go#65471 internal/testenv: TestHasGoBuild failures on the LUCI noopt builders * go#65474 internal/testenv: support LUCI mobile builders in testenv tests * go#65577 cmd/trace/v2: goroutine analysis page doesn't identify goroutines consistently * go#65618 cmd/compile: Go 1.22 build fails with 1.21 PGO profile on internal/saferio change * go#65619 cmd/compile: Go 1.22 changes support for modules that declare go 1.0 * go#65641 cmd/cgo/internal/testsanitizers,x/build: LUCI clang15 builders failing * go#65644 runtime: crash in race detector when execution tracer reads from CPU profile buffer * go#65728 go/types: nil pointer dereference in Alias.Underlying() * go#65759 net/http: context cancellation can leave HTTP client with deadlocked HTTP/1.1 connections in Go1.22 * go#65760 runtime: Go 1.22.0 fails to build from source on armv7 Alpine Linux * go#65818 runtime: go1.22.0 test with -race will SIGSEGV or SIGBUS or Bad Pointer * go#65852 cmd/go: "missing ziphash" error with go.work * go#65883 runtime: scheduler sometimes starves a runnable goroutine on wasm platforms * bsc#1219988 ensure VERSION file is present in GOROOT as required by go tool dist and go tool distpack * go1.22 (released 2024-02-06) is a major release of Go. go1.22.x minor releases will be provided through February 2024. https://github.com/golang/go/wiki/Go-Release-Cycle go1.22 arrives six months after go1.21. Most of its changes are in the implementation of the toolchain, runtime, and libraries. As always, the release maintains the Go 1 promise of compatibility. We expect almost all Go programs to continue to compile and run as before. * Language change: go1.22 makes two changes to for loops. Previously, the variables declared by a for loop were created once and updated by each iteration. In go1.22, each iteration of the loop creates new variables, to avoid accidental sharing bugs. The transition support tooling described in the proposal continues to work in the same way it did in Go 1.21. * Language change: For loops may now range over integers * Language change: go1.22 includes a preview of a language change we are considering for a future version of Go: range-over-function iterators. Building with GOEXPERIMENT=rangefunc enables this feature. * go command: Commands in workspaces can now use a vendor directory containing the dependencies of the workspace. The directory is created by go work vendor, and used by build commands when the -mod flag is set to vendor, which is the default when a workspace vendor directory is present. Note that the vendor directory's contents for a workspace are different from those of a single module: if the directory at the root of a workspace also contains one of the modules in the workspace, its vendor directory can contain the dependencies of either the workspace or of the module, but not both. * go get is no longer supported outside of a module in the legacy GOPATH mode (that is, with GO111MODULE=off). Other build commands, such as go build and go test, will continue to work indefinitely for legacy GOPATH programs. * go mod init no longer attempts to import module requirements from configuration files for other vendoring tools (such as Gopkg.lock). * go test -cover now prints coverage summaries for covered packages that do not have their own test files. Prior to Go 1.22 a go test -cover run for such a package would report: ? mymod/mypack [no test files] and now with go1.22, functions in the package are treated as uncovered: mymod/mypack coverage: 0.0% of statements Note that if a package contains no executable code at all, we can't report a meaningful coverage percentage; for such packages the go tool will continue to report that there are no test files. * trace: The trace tool's web UI has been gently refreshed as part of the work to support the new tracer, resolving several issues and improving the readability of various sub-pages. The web UI now supports exploring traces in a thread-oriented view. The trace viewer also now displays the full duration of all system calls. These improvements only apply for viewing traces produced by programs built with go1.22 or newer. A future release will bring some of these improvements to traces produced by older version of Go. * vet: References to loop variables The behavior of the vet tool has changed to match the new semantics (see above) of loop variables in go1.22. When analyzing a file that requires go1.22 or newer (due to its go.mod file or a per-file build constraint), vetcode> no longer reports references to loop variables from within a function literal that might outlive the iteration of the loop. In Go 1.22, loop variables are created anew for each iteration, so such references are no longer at risk of using a variable after it has been updated by the loop. * vet: New warnings for missing values after append The vet tool now reports calls to append that pass no values to be appended to the slice, such as slice = append(slice). Such a statement has no effect, and experience has shown that is nearly always a mistake. * vet: New warnings for deferring time.Since The vet tool now reports a non- deferred call to time.Since(t) within a defer statement. This is equivalent to calling time.Now().Sub(t) before the defer statement, not when the deferred function is called. In nearly all cases, the correct code requires deferring the time.Since call. * vet: New warnings for mismatched key-value pairs in log/slog calls The vet tool now reports invalid arguments in calls to functions and methods in the structured logging package, log/slog, that accept alternating key/value pairs. It reports calls where an argument in a key position is neither a string nor a slog.Attr, and where a final key is missing its value. * runtime: The runtime now keeps type-based garbage collection metadata nearer to each heap object, improving the CPU performance (latency or throughput) of Go programs by 1-3%. This change also reduces the memory overhead of the majority Go programs by approximately 1% by deduplicating redundant metadata. Some programs may see a smaller improvement because this change adjusts the size class boundaries of the memory allocator, so some objects may be moved up a size class. A consequence of this change is that some objects' addresses that were previously always aligned to a 16 byte (or higher) boundary will now only be aligned to an 8 byte boundary. Some programs that use assembly instructions that require memory addresses to be more than 8-byte aligned and rely on the memory allocator's previous alignment behavior may break, but we expect such programs to be rare. Such programs may be built with GOEXPERIMENT=noallocheaders to revert to the old metadata layout and restore the previous alignment behavior, but package owners should update their assembly code to avoid the alignment assumption, as this workaround will be removed in a future release. * runtime: On the windows/amd64 port, programs linking or loading Go libraries built with -buildmode=c-archive or -buildmode=c-shared can now use the SetUnhandledExceptionFilter Win32 function to catch exceptions not handled by the Go runtime. Note that this was already supported on the windows/386 port. * compiler: Profile-guided Optimization (PGO) builds can now devirtualize a higher proportion of calls than previously possible. Most programs from a representative set of Go programs now see between 2 and 14% improvement from enabling PGO. * compiler: The compiler now interleaves devirtualization and inlining, so interface method calls are better optimized. * compiler: go1.22 also includes a preview of an enhanced implementation of the compiler's inlining phase that uses heuristics to boost inlinability at call sites deemed "important" (for example, in loops) and discourage inlining at call sites deemed "unimportant" (for example, on panic paths). Building with GOEXPERIMENT=newinliner enables the new call-site heuristics; see issue #61502 for more info and to provide feedback. * linker: The linker's -s and -w flags are now behave more consistently across all platforms. The -w flag suppresses DWARF debug information generation. The -s flag suppresses symbol table generation. The -s flag also implies the -w flag, which can be negated with -w=0. That is, -s -w=0 will generate a binary with DWARF debug information generation but without the symbol table. * linker: On ELF platforms, the -B linker flag now accepts a special form: with -B gobuildid, the linker will generate a GNU build ID (the ELF NT_GNU_BUILD_ID note) derived from the Go build ID. * linker: On Windows, when building with -linkmode=internal, the linker now preserves SEH information from C object files by copying the .pdata and .xdata sections into the final binary. This helps with debugging and profiling binaries using native tools, such as WinDbg. Note that until now, C functions' SEH exception handlers were not being honored, so this change may cause some programs to behave differently. -linkmode=external is not affected by this change, as external linkers already preserve SEH information. * bootstrap: As mentioned in the Go 1.20 release notes, go1.22 now requires the final point release of Go 1.20 or later for bootstrap. We expect that Go 1.24 will require the final point release of go1.22 or later for bootstrap. * core library: New math/rand/v2 package: go1.22 includes the first ?v2? package in the standard library, math/rand/v2. The changes compared to math/rand are detailed in proposal go#61716. The most important changes are: * The Read method, deprecated in math/rand, was not carried forward for math/rand/v2. (It remains available in math/rand.) The vast majority of calls to Read should use crypto/rand?s Read instead. Otherwise a custom Read can be constructed using the Uint64 method. * The global generator accessed by top-level functions is unconditionally randomly seeded. Because the API guarantees no fixed sequence of results, optimizations like per-thread random generator states are now possible. * The Source interface now has a single Uint64 method; there is no Source64 interface. * Many methods now use faster algorithms that were not possible to adopt in math/rand because they changed the output streams. * The Intn, Int31, Int31n, Int63, and Int64n top-level functions and methods from math/rand are spelled more idiomatically in math/rand/v2: IntN, Int32, Int32N, Int64, and Int64N. There are also new top-level functions and methods Uint32, Uint32N, Uint64, Uint64N, Uint, and UintN. * The new generic function N is like Int64N or Uint64N but works for any integer type. For example a random duration from 0 up to 5 minutes is rand.N(5*time.Minute). * The Mitchell & Reeds LFSR generator provided by math/rand?s Source has been replaced by two more modern pseudo-random generator sources: ChaCha8 PCG. ChaCha8 is a new, cryptographically strong random number generator roughly similar to PCG in efficiency. ChaCha8 is the algorithm used for the top-level functions in math/rand/v2. As of go1.22, math/rand's top-level functions (when not explicitly seeded) and the Go runtime also use ChaCha8 for randomness. * We plan to include an API migration tool in a future release, likely Go 1.23. * core library: New go/version package: The new go/version package implements functions for validating and comparing Go version strings. * core library: Enhanced routing patterns: HTTP routing in the standard library is now more expressive. The patterns used by net/http.ServeMux have been enhanced to accept methods and wildcards. This change breaks backwards compatibility in small ways, some obvious?patterns with "{" and "}" behave differently? and some less so?treatment of escaped paths has been improved. The change is controlled by a GODEBUG field named httpmuxgo121. Set httpmuxgo121=1 to restore the old behavior. * Minor changes to the library As always, there are various minor changes and updates to the library, made with the Go 1 promise of compatibility in mind. There are also various performance improvements, not enumerated here. * archive/tar: The new method Writer.AddFS adds all of the files from an fs.FS to the archive. * archive/zip: The new method Writer.AddFS adds all of the files from an fs.FS to the archive. * bufio: When a SplitFunc returns ErrFinalToken with a nil token, Scanner will now stop immediately. Previously, it would report a final empty token before stopping, which was usually not desired. Callers that do want to report a final empty token can do so by returning []byte{} rather than nil. * cmp: The new function Or returns the first in a sequence of values that is not the zero value. * crypto/tls: ConnectionState.ExportKeyingMaterial will now return an error unless TLS 1.3 is in use, or the extended_master_secret extension is supported by both the server and client. crypto/tls has supported this extension since Go 1.20. This can be disabled with the tlsunsafeekm=1 GODEBUG setting. * crypto/tls: By default, the minimum version offered by crypto/tls servers is now TLS 1.2 if not specified with config.MinimumVersion, matching the behavior of crypto/tls clients. This change can be reverted with the tls10server=1 GODEBUG setting. * crypto/tls: By default, cipher suites without ECDHE support are no longer offered by either clients or servers during pre-TLS 1.3 handshakes. This change can be reverted with the tlsrsakex=1 GODEBUG setting. * crypto/x509: The new CertPool.AddCertWithConstraint method can be used to add customized constraints to root certificates to be applied during chain building. * crypto/x509: On Android, root certificates will now be loaded from /data/misc/keychain/certs-added as well as /system/etc/security/cacerts. * crypto/x509: A new type, OID, supports ASN.1 Object Identifiers with individual components larger than 31 bits. A new field which uses this type, Policies, is added to the Certificate struct, and is now populated during parsing. Any OIDs which cannot be represented using a asn1.ObjectIdentifier will appear in Policies, but not in the old PolicyIdentifiers field. When calling CreateCertificate, the Policies field is ignored, and policies are taken from the PolicyIdentifiers field. Using the x509usepolicies=1 GODEBUG setting inverts this, populating certificate policies from the Policies field, and ignoring the PolicyIdentifiers field. We may change the default value of x509usepolicies in Go 1.23, making Policies the default field for marshaling. * database/sql: The new Null[T] type provide a way to scan nullable columns for any column types. * debug/elf: Constant R_MIPS_PC32 is defined for use with MIPS64 systems. Additional R_LARCH_* constants are defined for use with LoongArch systems. * encoding: The new methods AppendEncode and AppendDecode added to each of the Encoding types in the packages encoding/base32, encoding/base64, and encoding/hex simplify encoding and decoding from and to byte slices by taking care of byte slice buffer management. * encoding: The methods base32.Encoding.WithPadding and base64.Encoding.WithPadding now panic if the padding argument is a negative value other than NoPadding. * encoding/json: Marshaling and encoding functionality now escapes '\b' and '\f' characters as \b and \f instead of \u0008 and \u000c. * go/ast: The following declarations related to syntactic identifier resolution are now deprecated: Ident.Obj, Object, Scope, File.Scope, File.Unresolved, Importer, Package, NewPackage. In general, identifiers cannot be accurately resolved without type information. Consider, for example, the identifier K in T{K: ""}: it could be the name of a local variable if T is a map type, or the name of a field if T is a struct type. New programs should use the go/types package to resolve identifiers; see Object, Info.Uses, and Info.Defs for details. * go/ast: The new ast.Unparen function removes any enclosing parentheses from an expression. * go/types: The new Alias type represents type aliases. Previously, type aliases were not represented explicitly, so a reference to a type alias was equivalent to spelling out the aliased type, and the name of the alias was lost. The new representation retains the intermediate Alias. This enables improved error reporting (the name of a type alias can be reported), and allows for better handling of cyclic type declarations involving type aliases. In a future release, Alias types will also carry type parameter information. The new function Unalias returns the actual type denoted by an Alias type (or any other Type for that matter). * go/types: Because Alias types may break existing type switches that do not know to check for them, this functionality is controlled by a GODEBUG field named gotypesalias. With gotypesalias=0, everything behaves as before, and Alias types are never created. With gotypesalias=1, Alias types are created and clients must expect them. The default is gotypesalias=0. In a future release, the default will be changed to gotypesalias=1. Clients of go/types are urged to adjust their code as soon as possible to work with gotypesalias=1 to eliminate problems early. * go/types: The Info struct now exports the FileVersions map which provides per-file Go version information. * go/types: The new helper method PkgNameOf returns the local package name for the given import declaration. * go/types: The implementation of SizesFor has been adjusted to compute the same type sizes as the compiler when the compiler argument for SizesFor is "gc". The default Sizes implementation used by the type checker is now types.SizesFor("gc", "amd64"). * go/types: The start position (Pos) of the lexical environment block (Scope) that represents a function body has changed: it used to start at the opening curly brace of the function body, but now starts at the function's func token. * html/template: Javascript template literals may now contain Go template actions, and parsing a template containing one will no longer return ErrJSTemplate. Similarly the GODEBUG setting jstmpllitinterp no longer has any effect. * io: The new SectionReader.Outer method returns the ReaderAt, offset, and size passed to NewSectionReader. * log/slog: The new SetLogLoggerLevel function controls the level for the bridge between the `slog` and `log` packages. It sets the minimum level for calls to the top-level `slog` logging functions, and it sets the level for calls to `log.Logger` that go through `slog`. * math/big: The new method Rat.FloatPrec computes the number of fractional decimal digits required to represent a rational number accurately as a floating-point number, and whether accurate decimal representation is possible in the first place. * net: When io.Copy copies from a TCPConn to a UnixConn, it will now use Linux's splice(2) system call if possible, using the new method TCPConn.WriteTo. * net: The Go DNS Resolver, used when building with "-tags=netgo", now searches for a matching name in the Windows hosts file, located at %SystemRoot%\System32\drivers\etc\hosts, before making a DNS query. * net/http: The new functions ServeFileFS, FileServerFS, and NewFileTransportFS are versions of the existing ServeFile, FileServer, and NewFileTransport, operating on an fs.FS. * net/http: The HTTP server and client now reject requests and responses containing an invalid empty Content-Length header. The previous behavior may be restored by setting GODEBUG field httplaxcontentlength=1. * net/http: The new method Request.PathValue returns path wildcard values from a request and the new method Request.SetPathValue sets path wildcard values on a request. * net/http/cgi: When executing a CGI process, the PATH_INFO variable is now always set to the empty string or a value starting with a / character, as required by RFC 3875. It was previously possible for some combinations of Handler.Root and request URL to violate this requirement. * net/netip: The new AddrPort.Compare method compares two AddrPorts. * os: On Windows, the Stat function now follows all reparse points that link to another named entity in the system. It was previously only following IO_REPARSE_TAG_SYMLINK and IO_REPARSE_TAG_MOUNT_POINT reparse points. * os: On Windows, passing O_SYNC to OpenFile now causes write operations to go directly to disk, equivalent to O_SYNC on Unix platforms. * os: On Windows, the ReadDir, File.ReadDir, File.Readdir, and File.Readdirnames functions now read directory entries in batches to reduce the number of system calls, improving performance up to 30%. * os: When io.Copy copies from a File to a net.UnixConn, it will now use Linux's sendfile(2) system call if possible, using the new method File.WriteTo. * os/exec: On Windows, LookPath now ignores empty entries in %PATH%, and returns ErrNotFound (instead of ErrNotExist) if no executable file extension is found to resolve an otherwise-unambiguous name. * os/exec: On Windows, Command and Cmd.Start no longer call LookPath if the path to the executable is already absolute and has an executable file extension. In addition, Cmd.Start no longer writes the resolved extension back to the Path field, so it is now safe to call the String method concurrently with a call to Start. * reflect: The Value.IsZero method will now return true for a floating-point or complex negative zero, and will return true for a struct value if a blank field (a field named _) somehow has a non-zero value. These changes make IsZero consistent with comparing a value to zero using the language == operator. * reflect: The PtrTo function is deprecated, in favor of PointerTo. * reflect: The new function TypeFor returns the Type that represents the type argument T. Previously, to get the reflect.Type value for a type, one had to use reflect.TypeOf((*T)(nil)).Elem(). This may now be written as reflect.TypeForT. * runtime/metrics: Four new histogram metrics /sched/pauses/stopping/gc:seconds, /sched/pauses/stopping/other:seconds, /sched/pauses/total/gc:seconds, and /sched/pauses/total/other:seconds provide additional details about stop-the-world pauses. The "stopping" metrics report the time taken from deciding to stop the world until all goroutines are stopped. The "total" metrics report the time taken from deciding to stop the world until it is started again. * runtime/metrics: The /gc/pauses:seconds metric is deprecated, as it is equivalent to the new /sched/pauses/total/gc:seconds metric. * runtime/metrics: /sync/mutex/wait/total:seconds now includes contention on runtime-internal locks in addition to sync.Mutex and sync.RWMutex. * runtime/pprof: Mutex profiles now scale contention by the number of goroutines blocked on the mutex. This provides a more accurate representation of the degree to which a mutex is a bottleneck in a Go program. For instance, if 100 goroutines are blocked on a mutex for 10 milliseconds, a mutex profile will now record 1 second of delay instead of 10 milliseconds of delay. * runtime/pprof: Mutex profiles also now include contention on runtime- internal locks in addition to sync.Mutex and sync.RWMutex. Contention on runtime-internal locks is always reported at runtime._LostContendedRuntimeLock. A future release will add complete stack traces in these cases. * runtime/pprof: CPU profiles on Darwin platforms now contain the process's memory map, enabling the disassembly view in the pprof tool. * runtime/trace: The execution tracer has been completely overhauled in this release, resolving several long-standing issues and paving the way for new use-cases for execution traces. * runtime/trace: Execution traces now use the operating system's clock on most platforms (Windows excluded) so it is possible to correlate them with traces produced by lower-level components. Execution traces no longer depend on the reliability of the platform's clock to produce a correct trace. Execution traces are now partitioned regularly on-the-fly and as a result may be processed in a streamable way. Execution traces now contain complete durations for all system calls. Execution traces now contain information about the operating system threads that goroutines executed on. The latency impact of starting and stopping execution traces has been dramatically reduced. Execution traces may now begin or end during the garbage collection mark phase. * runtime/trace: To allow Go developers to take advantage of these improvements, an experimental trace reading package is available at golang.org/x/exp/trace. Note that this package only works on traces produced by programs built with go1.22 at the moment. Please try out the package and provide feedback on the corresponding proposal issue. * runtime/trace: If you experience any issues with the new execution tracer implementation, you may switch back to the old implementation by building your Go program with GOEXPERIMENT=noexectracer2. If you do, please file an issue, otherwise this option will be removed in a future release. * slices: The new function Concat concatenates multiple slices. * slices: Functions that shrink the size of a slice (Delete, DeleteFunc, Compact, CompactFunc, and Replace) now zero the elements between the new length and the old length. * slices: Insert now always panics if the argument i is out of range. Previously it did not panic in this situation if there were no elements to be inserted. * syscall: The syscall package has been frozen since Go 1.4 and was marked as deprecated in Go 1.11, causing many editors to warn about any use of the package. However, some non-deprecated functionality requires use of the syscall package, such as the os/exec.Cmd.SysProcAttr field. To avoid unnecessary complaints on such code, the syscall package is no longer marked as deprecated. The package remains frozen to most new functionality, and new code remains encouraged to use golang.org/x/sys/unix or golang.org/x/sys/windows where possible. * syscall: On Linux, the new SysProcAttr.PidFD field allows obtaining a PID FD when starting a child process via StartProcess or os/exec. * syscall: On Windows, passing O_SYNC to Open now causes write operations to go directly to disk, equivalent to O_SYNC on Unix platforms. * testing/slogtest: The new Run function uses sub-tests to run test cases, providing finer-grained control. * Ports: Darwin: On macOS on 64-bit x86 architecture (the darwin/amd64 port), the Go toolchain now generates position-independent executables (PIE) by default. Non-PIE binaries can be generated by specifying the -buildmode=exe build flag. On 64-bit ARM-based macOS (the darwin/arm64 port), the Go toolchain already generates PIE by default. go1.22 is the last release that will run on macOS 10.15 Catalina. Go 1.23 will require macOS 11 Big Sur or later. * Ports: Arm: The GOARM environment variable now allows you to select whether to use software or hardware floating point. Previously, valid GOARM values were 5, 6, or 7. Now those same values can be optionally followed by ,softfloat or ,hardfloat to select the floating-point implementation. This new option defaults to softfloat for version 5 and hardfloat for versions 6 and 7. * Ports: Loong64: The loong64 port now supports passing function arguments and results using registers. The linux/loong64 port now supports the address sanitizer, memory sanitizer, new-style linker relocations, and the plugin build mode. * OpenBSD go1.22 adds an experimental port to OpenBSD on big-endian 64-bit PowerPC (openbsd/ppc64). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3938=1 SUSE-2024-3938=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3938=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * go1.22-openssl-doc-1.22.7.1-150600.13.3.1 * go1.22-openssl-1.22.7.1-150600.13.3.1 * go1.22-openssl-debuginfo-1.22.7.1-150600.13.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.22-openssl-race-1.22.7.1-150600.13.3.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.22-openssl-doc-1.22.7.1-150600.13.3.1 * go1.22-openssl-race-1.22.7.1-150600.13.3.1 * go1.22-openssl-1.22.7.1-150600.13.3.1 * go1.22-openssl-debuginfo-1.22.7.1-150600.13.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45288.html * https://www.suse.com/security/cve/CVE-2023-45289.html * https://www.suse.com/security/cve/CVE-2023-45290.html * https://www.suse.com/security/cve/CVE-2024-24783.html * https://www.suse.com/security/cve/CVE-2024-24784.html * https://www.suse.com/security/cve/CVE-2024-24785.html * https://www.suse.com/security/cve/CVE-2024-24787.html * https://www.suse.com/security/cve/CVE-2024-24788.html * https://www.suse.com/security/cve/CVE-2024-24789.html * https://www.suse.com/security/cve/CVE-2024-24790.html * https://www.suse.com/security/cve/CVE-2024-24791.html * https://www.suse.com/security/cve/CVE-2024-34155.html * https://www.suse.com/security/cve/CVE-2024-34156.html * https://www.suse.com/security/cve/CVE-2024-34158.html * https://bugzilla.suse.com/show_bug.cgi?id=1218424 * https://bugzilla.suse.com/show_bug.cgi?id=1219988 * https://bugzilla.suse.com/show_bug.cgi?id=1220999 * https://bugzilla.suse.com/show_bug.cgi?id=1221000 * https://bugzilla.suse.com/show_bug.cgi?id=1221001 * https://bugzilla.suse.com/show_bug.cgi?id=1221002 * https://bugzilla.suse.com/show_bug.cgi?id=1221003 * https://bugzilla.suse.com/show_bug.cgi?id=1221400 * https://bugzilla.suse.com/show_bug.cgi?id=1224017 * https://bugzilla.suse.com/show_bug.cgi?id=1224018 * https://bugzilla.suse.com/show_bug.cgi?id=1225973 * https://bugzilla.suse.com/show_bug.cgi?id=1225974 * https://bugzilla.suse.com/show_bug.cgi?id=1227314 * https://bugzilla.suse.com/show_bug.cgi?id=1230252 * https://bugzilla.suse.com/show_bug.cgi?id=1230253 * https://bugzilla.suse.com/show_bug.cgi?id=1230254 * https://jira.suse.com/browse/PED-1962 * https://jira.suse.com/browse/SLE-18320 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 7 12:30:49 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 07 Nov 2024 12:30:49 -0000 Subject: SUSE-SU-2024:3937-1: important: Security update for go1.23-openssl Message-ID: <173098264971.14367.16354914962953513120@smelt2.prg2.suse.org> # Security update for go1.23-openssl Announcement ID: SUSE-SU-2024:3937-1 Release Date: 2024-11-07T10:08:07Z Rating: important References: * bsc#1229122 * bsc#1230252 * bsc#1230253 * bsc#1230254 * jsc#SLE-18320 Cross-References: * CVE-2024-34155 * CVE-2024-34156 * CVE-2024-34158 CVSS scores: * CVE-2024-34155 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34155 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-34156 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34156 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34158 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34158 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities, contains one feature and has one security fix can now be installed. ## Description: This update for go1.23-openssl fixes the following issues: This update ships go1.23-openssl version 1.23.2.2. (jsc#SLE-18320) * go1.23.2 (released 2024-10-01) includes fixes to the compiler, cgo, the runtime, and the maps, os, os/exec, time, and unique packages. * go#69119 os: double close pidfd if caller uses pidfd updated by os.StartProcess * go#69156 maps: segmentation violation in maps.Clone * go#69219 cmd/cgo: alignment issue with int128 inside of a struct * go#69240 unique: fatal error: found pointer to free object * go#69333 runtime,time: timer.Stop returns false even when no value is read from the channel * go#69383 unique: large string still referenced, after interning only a small substring * go#69402 os/exec: resource leak on exec failure * go#69511 cmd/compile: mysterious crashes and non-determinism with range over func * Update to version 1.23.1.1 cut from the go1.23-fips-release branch at the revision tagged go1.23.1-1-openssl-fips. * Update to Go 1.23.1 (#238) * go1.23.1 (released 2024-09-05) includes security fixes to the encoding/gob, go/build/constraint, and go/parser packages, as well as bug fixes to the compiler, the go command, the runtime, and the database/sql, go/types, os, runtime/trace, and unique packages. CVE-2024-34155 CVE-2024-34156 CVE-2024-34158: * go#69143 go#69138 bsc#1230252 security: fix CVE-2024-34155 go/parser: stack exhaustion in all Parse* functions * go#69145 go#69139 bsc#1230253 security: fix CVE-2024-34156 encoding/gob: stack exhaustion in Decoder.Decode * go#69149 go#69141 bsc#1230254 security: fix CVE-2024-34158 go/build/constraint: stack exhaustion in Parse * go#68812 os: TestChtimes failures * go#68894 go/types: 'under' panics on Alias type * go#68905 cmd/compile: error in Go 1.23.0 with generics, type aliases and indexing * go#68907 os: CopyFS overwrites existing file in destination. * go#68973 cmd/cgo: aix c-archive corrupting stack * go#68992 unique: panic when calling unique.Make with string casted as any * go#68994 cmd/go: any invocation creates read-only telemetry configuration file under GOMODCACHE * go#68995 cmd/go: multi-arch build via qemu fails to exec go binary * go#69041 database/sql: panic in database/sql.(*connRequestSet).deleteIndex * go#69087 runtime/trace: crash during traceAdvance when collecting call stack for cgo-calling goroutine * go#69094 cmd/go: breaking change in 1.23rc2 with version constraints in GOPATH mode * go1.23 (released 2024-08-13) is a major release of Go. go1.23.x minor releases will be provided through August 2025. https://github.com/golang/go/wiki/Go-Release-Cycle go1.23 arrives six months after go1.22. Most of its changes are in the implementation of the toolchain, runtime, and libraries. As always, the release maintains the Go 1 promise of compatibility. We expect almost all Go programs to continue to compile and run as before. * Language change: Go 1.23 makes the (Go 1.22) "range-over-func" experiment a part of the language. The "range" clause in a "for-range" loop now accepts iterator functions of the following types: func(func() bool) func(func(K) bool) func(func(K, V) bool) as range expressions. Calls of the iterator argument function produce the iteration values for the "for-range" loop. For details see the iter package documentation and the language spec. For motivation see the 2022 "range-over-func" discussion. * Language change: Go 1.23 includes preview support for generic type aliases. Building the toolchain with GOEXPERIMENT=aliastypeparams enables this feature within a package. (Using generic alias types across package boundaries is not yet supported.) * Opt-in Telemetry: Starting in Go 1.23, the Go toolchain can collect usage and breakage statistics that help the Go team understand how the Go toolchain is used and how well it is working. We refer to these statistics as Go telemetry. Go telemetry is an opt-in system, controlled by the go telemetry command. By default, the toolchain programs collect statistics in counter files that can be inspected locally but are otherwise unused (go telemetry local). To help us keep Go working well and understand Go usage, please consider opting in to Go telemetry by running go telemetry on. In that mode, anonymous counter reports are uploaded to telemetry.go.dev weekly, where they are aggregated into graphs and also made available for download by any Go contributors or users wanting to analyze the data. See "Go Telemetry" for more details about the Go Telemetry system. * go command: Setting the GOROOT_FINAL environment variable no longer has an effect (#62047). Distributions that install the go command to a location other than $GOROOT/bin/go should install a symlink instead of relocating or copying the go binary. * go command: The new go env -changed flag causes the command to print only those settings whose effective value differs from the default value that would be obtained in an empty environment with no prior uses of the -w flag. * go command: The new go mod tidy -diff flag causes the command not to modify the files but instead print the necessary changes as a unified diff. It exits with a non-zero code if updates are needed. * go command: The go list -m -json command now includes new Sum and GoModSum fields. This is similar to the existing behavior of the go mod download -json command. * go command: The new godebug directive in go.mod and go.work declares a GODEBUG setting to apply for the work module or workspace in use. * go vet: The go vet subcommand now includes the stdversion analyzer, which flags references to symbols that are too new for the version of Go in effect in the referring file. (The effective version is determined by the go directive in the file's enclosing go.mod file, and by any //go:build constraints in the file.) For example, it will report a diagnostic for a reference to the reflect.TypeFor function (introduced in go1.22) from a file in a module whose go.mod file specifies go 1.21. * cgo: cmd/cgo supports the new -ldflags flag for passing flags to the C linker. The go command uses it automatically, avoiding "argument list too long" errors with a very large CGO_LDFLAGS. * go trace: The trace tool now better tolerates partially broken traces by attempting to recover what trace data it can. This functionality is particularly helpful when viewing a trace that was collected during a program crash, since the trace data leading up to the crash will now be recoverable under most circumstances. * Runtime: The traceback printed by the runtime after an unhandled panic or other fatal error now indents the second and subsequent lines of the error message (for example, the argument to panic) by a single tab, so that it can be unambiguously distinguished from the stack trace of the first goroutine. See go#64590 for discussion. * Compiler: The build time overhead to building with Profile Guided Optimization has been reduced significantly. Previously, large builds could see 100%+ build time increase from enabling PGO. In Go 1.23, overhead should be in the single digit percentages. * Compiler: The compiler in Go 1.23 can now overlap the stack frame slots of local variables accessed in disjoint regions of a function, which reduces stack usage for Go applications. * Compiler: For 386 and amd64, the compiler will use information from PGO to align certain hot blocks in loops. This improves performance an additional 1-1.5% at a cost of an additional 0.1% text and binary size. This is currently only implemented on 386 and amd64 because it has not shown an improvement on other platforms. Hot block alignment can be disabled with -gcflags=[=]-d=alignhot=0. * Linker: The linker now disallows using a //go:linkname directive to refer to internal symbols in the standard library (including the runtime) that are not marked with //go:linkname on their definitions. Similarly, the linker disallows references to such symbols from assembly code. For backward compatibility, existing usages of //go:linkname found in a large open-source code corpus remain supported. Any new references to standard library internal symbols will be disallowed. * Linker: A linker command line flag -checklinkname=0 can be used to disable this check, for debugging and experimenting purposes. * Linker: When building a dynamically linked ELF binary (including PIE binary), the new -bindnow flag enables immediate function binding. * Standard library changes: * timer: 1.23 makes two significant changes to the implementation of time.Timer and time.Ticker. First, Timers and Tickers that are no longer referred to by the program become eligible for garbage collection immediately, even if their Stop methods have not been called. Earlier versions of Go did not collect unstopped Timers until after they had fired and never collected unstopped Tickers. Second, the timer channel associated with a Timer or Ticker is now unbuffered, with capacity 0. The main effect of this change is that Go now guarantees that for any call to a Reset or Stop method, no stale values prepared before that call will be sent or received after the call. Earlier versions of Go used channels with a one- element buffer, making it difficult to use Reset and Stop correctly. A visible effect of this change is that len and cap of timer channels now returns 0 instead of 1, which may affect programs that poll the length to decide whether a receive on the timer channel will succeed. Such code should use a non-blocking receive instead. These new behaviors are only enabled when the main Go program is in a module with a go.mod go line using Go 1.23.0 or later. When Go 1.23 builds older programs, the old behaviors remain in effect. The new GODEBUG setting asynctimerchan=1 can be used to revert back to asynchronous channel behaviors even when a program names Go 1.23.0 or later in its go.mod file. * unique: The new unique package provides facilities for canonicalizing values (like "interning" or "hash-consing"). Any value of comparable type may be canonicalized with the new Make[T] function, which produces a reference to a canonical copy of the value in the form of a Handle[T]. Two Handle[T] are equal if and only if the values used to produce the handles are equal, allowing programs to deduplicate values and reduce their memory footprint. Comparing two Handle[T] values is efficient, reducing down to a simple pointer comparison. * iter: The new iter package provides the basic definitions for working with user-defined iterators. * slices: The slices package adds several functions that work with iterators: * All returns an iterator over slice indexes and values. * Values returns an iterator over slice elements. * Backward returns an iterator that loops over a slice backward. * Collect collects values from an iterator into a new slice. * AppendSeq appends values from an iterator to an existing slice. * Sorted collects values from an iterator into a new slice, and then sorts the slice. * SortedFunc is like Sorted but with a comparison function. * SortedStableFunc is like SortFunc but uses a stable sort algorithm. * Chunk returns an iterator over consecutive sub-slices of up to n elements of a slice. * maps: The maps package adds several functions that work with iterators: * All returns an iterator over key-value pairs from a map. * Keys returns an iterator over keys in a map. * Values returns an iterator over values in a map. * Insert adds the key-value pairs from an iterator to an existing map. * Collect collects key-value pairs from an iterator into a new map and returns it. * structs: The new structs package provides types for struct fields that modify properties of the containing struct type such as memory layout. In this release, the only such type is HostLayout which indicates that a structure with a field of that type has a layout that conforms to host platform expectations. * Minor changes to the standard library: As always, there are various minor changes and updates to the library, made with the Go 1 promise of compatibility in mind. * archive/tar: If the argument to FileInfoHeader implements the new FileInfoNames interface, then the interface methods will be used to set the Uname/Gname of the file header. This allows applications to override the system-dependent Uname/Gname lookup. * crypto/tls: The TLS client now supports the Encrypted Client Hello draft specification. This feature can be enabled by setting the Config.EncryptedClientHelloConfigList field to an encoded ECHConfigList for the host that is being connected to. * crypto/tls: The QUICConn type used by QUIC implementations includes new events reporting on the state of session resumption, and provides a way for the QUIC layer to add data to session tickets and session cache entries. * crypto/tls: 3DES cipher suites were removed from the default list used when Config.CipherSuites is nil. The default can be reverted by adding tls3des=1 to the GODEBUG environment variable. * crypto/tls: The experimental post-quantum key exchange mechanism X25519Kyber768Draft00 is now enabled by default when Config.CurvePreferences is nil. The default can be reverted by adding tlskyber=0 to the GODEBUG environment variable. * crypto/tls: Go 1.23 changed the behavior of X509KeyPair and LoadX509KeyPair to populate the Certificate.Leaf field of the returned Certificate. The new x509keypairleaf GODEBUG setting is added for this behavior. * crypto/x509: CreateCertificateRequest now correctly supports RSA-PSS signature algorithms. * crypto/x509: CreateCertificateRequest and CreateRevocationList now verify the generated signature using the signer's public key. If the signature is invalid, an error is returned. This has been the behavior of CreateCertificate since Go 1.16. * crypto/x509: The x509sha1 GODEBUG setting will be removed in the next Go major release (Go 1.24). This will mean that crypto/x509 will no longer support verifying signatures on certificates that use SHA-1 based signature algorithms. * crypto/x509: The new ParseOID function parses a dot-encoded ASN.1 Object Identifier string. The OID type now implements the encoding.BinaryMarshaler, encoding.BinaryUnmarshaler, encoding.TextMarshaler, encoding.TextUnmarshaler interfaces. database/sql * crypto/x509: Errors returned by driver.Valuer implementations are now wrapped for improved error handling during operations like DB.Query, DB.Exec, and DB.QueryRow. * debug/elf: The debug/elf package now defines PT_OPENBSD_NOBTCFI. This ProgType is used to disable Branch Tracking Control Flow Integrity (BTCFI) enforcement on OpenBSD binaries. * debug/elf: Now defines the symbol type constants STT_RELC, STT_SRELC, and STT_GNU_IFUNC. * encoding/binary The new Encode and Decode functions are byte slice equivalents to Read and Write. Append allows marshaling multiple data into the same byte slice. * go/ast: The new Preorder function returns a convenient iterator over all the nodes of a syntax tree. * go/types: The Func type, which represents a function or method symbol, now has a Func.Signature method that returns the function's type, which is always a Signature. * go/types: The Alias type now has an Rhs method that returns the type on the right-hand side of its declaration: given type A = B, the Rhs of A is B. (go#66559) * go/types: The methods Alias.Origin, Alias.SetTypeParams, Alias.TypeParams, and Alias.TypeArgs have been added. They are needed for generic alias types. * go/types: By default, go/types now produces Alias type nodes for type aliases. This behavior can be controlled by the GODEBUG gotypesalias flag. Its default has changed from 0 in Go 1.22 to 1 in Go 1.23. * math/rand/v2: The Uint function and Rand.Uint method have been added. They were inadvertently left out of Go 1.22. * math/rand/v2: The new ChaCha8.Read method implements the io.Reader interface. * net: The new type KeepAliveConfig permits fine-tuning the keep-alive options for TCP connections, via a new TCPConn.SetKeepAliveConfig method and new KeepAliveConfig fields for Dialer and ListenConfig. * net: The DNSError type now wraps errors caused by timeouts or cancellation. For example, errors.Is(someDNSErr, context.DeadlineExceedeed) will now report whether a DNS error was caused by a timeout. * net: The new GODEBUG setting netedns0=0 disables sending EDNS0 additional headers on DNS requests, as they reportedly break the DNS server on some modems. * net/http: Cookie now preserves double quotes surrounding a cookie value. The new Cookie.Quoted field indicates whether the Cookie.Value was originally quoted. * net/http: The new Request.CookiesNamed method retrieves all cookies that match the given name. * net/http: The new Cookie.Partitioned field identifies cookies with the Partitioned attribute. * net/http: The patterns used by ServeMux now allow one or more spaces or tabs after the method name. Previously, only a single space was permitted. * net/http: The new ParseCookie function parses a Cookie header value and returns all the cookies which were set in it. Since the same cookie name can appear multiple times the returned Values can contain more than one value for a given key. * net/http: The new ParseSetCookie function parses a Set-Cookie header value and returns a cookie. It returns an error on syntax error. * net/http: ServeContent, ServeFile, and ServeFileFS now remove the Cache- Control, Content-Encoding, Etag, and Last-Modified headers when serving an error. These headers usually apply to the non-error content, but not to the text of errors. * net/http: Middleware which wraps a ResponseWriter and applies on-the-fly encoding, such as Content-Encoding: gzip, will not function after this change. The previous behavior of ServeContent, ServeFile, and ServeFileFS may be restored by setting GODEBUG=httpservecontentkeepheaders=1. Note that middleware which changes the size of the served content (such as by compressing it) already does not function properly when ServeContent handles a Range request. On-the-fly compression should use the Transfer-Encoding header instead of Content-Encoding. * net/http: For inbound requests, the new Request.Pattern field contains the ServeMux pattern (if any) that matched the request. This field is not set when GODEBUG=httpmuxgo121=1 is set. * net/http/httptest: The new NewRequestWithContext method creates an incoming request with a context.Context. * net/netip: In Go 1.22 and earlier, using reflect.DeepEqual to compare an Addr holding an IPv4 address to one holding the IPv4-mapped IPv6 form of that address incorrectly returned true, even though the Addr values were different when comparing with == or Addr.Compare. This bug is now fixed and all three approaches now report the same result. * os: The Stat function now sets the ModeSocket bit for files that are Unix sockets on Windows. These files are identified by having a reparse tag set to IO_REPARSE_TAG_AF_UNIX. * os: On Windows, the mode bits reported by Lstat and Stat for reparse points changed. Mount points no longer have ModeSymlink set, and reparse points that are not symlinks, Unix sockets, or dedup files now always have ModeIrregular set. This behavior is controlled by the winsymlink setting. For Go 1.23, it defaults to winsymlink=1. Previous versions default to winsymlink=0. * os: The CopyFS function copies an io/fs.FS into the local filesystem. * os: On Windows, Readlink no longer tries to normalize volumes to drive letters, which was not always even possible. This behavior is controlled by the winreadlinkvolume setting. For Go 1.23, it defaults to winreadlinkvolume=1. Previous versions default to winreadlinkvolume=0. * os: On Linux with pidfd support (generally Linux v5.4+), Process-related functions and methods use pidfd (rather than PID) internally, eliminating potential mistargeting when a PID is reused by the OS. Pidfd support is fully transparent to a user, except for additional process file descriptors that a process may have. * path/filepath: The new Localize function safely converts a slash-separated path into an operating system path. * path/filepath: On Windows, EvalSymlinks no longer evaluates mount points, which was a source of many inconsistencies and bugs. This behavior is controlled by the winsymlink setting. For Go 1.23, it defaults to winsymlink=1. Previous versions default to winsymlink=0. * path/filepath: On Windows, EvalSymlinks no longer tries to normalize volumes to drive letters, which was not always even possible. This behavior is controlled by the winreadlinkvolume setting. For Go 1.23, it defaults to winreadlinkvolume=1. Previous versions default to winreadlinkvolume=0. * reflect: The new methods synonymous with the methods of the same name in Value are added to Type: * Type.OverflowComplex * Type.OverflowFloat * Type.OverflowInt * Type.OverflowUint * reflect: The new SliceAt function is analogous to NewAt, but for slices. * reflect: The Value.Pointer and Value.UnsafePointer methods now support values of kind String. * reflect: The new methods Value.Seq and Value.Seq2 return sequences that iterate over the value as though it were used in a for/range loop. The new methods Type.CanSeq and Type.CanSeq2 report whether calling Value.Seq and Value.Seq2, respectively, will succeed without panicking. * runtime/debug: The SetCrashOutput function allows the user to specify an alternate file to which the runtime should write its fatal crash report. It may be used to construct an automated reporting mechanism for all unexpected crashes, not just those in goroutines that explicitly use recover. * runtime/pprof: The maximum stack depth for alloc, mutex, block, threadcreate and goroutine profiles has been raised from 32 to 128 frames. * runtime/trace: The runtime now explicitly flushes trace data when a program crashes due to an uncaught panic. This means that more complete trace data will be available in a trace if the program crashes while tracing is active. * slices: The Repeat function returns a new slice that repeats the provided slice the given number of times. * sync: The Map.Clear method deletes all the entries, resulting in an empty Map. It is analogous to clear. * sync/atomic: The new And and Or operators apply a bitwise AND or OR to the given input, returning the old value. * syscall: The syscall package now defines WSAENOPROTOOPT on Windows. * syscall: The GetsockoptInt function is now supported on Windows. * testing/fstest: TestFS now returns a structured error that can be unwrapped (via method Unwrap() []error). This allows inspecting errors using errors.Is or errors.As. * text/template: Templates now support the new "else with" action, which reduces template complexity in some use cases. * time: Parse and ParseInLocation now return an error if the time zone offset is out of range. * unicode/utf16: The RuneLen function returns the number of 16-bit words in the UTF-16 encoding of the rune. It returns -1 if the rune is not a valid value to encode in UTF-16. * Port: Darwin: As announced in the Go 1.22 release notes, Go 1.23 requires macOS 11 Big Sur or later; support for previous versions has been discontinued. * Port: Linux: Go 1.23 is the last release that requires Linux kernel version 2.6.32 or later. Go 1.24 will require Linux kernel version 3.17 or later, with an exception that systems running 3.10 or later will continue to be supported if the kernel has been patched to support the getrandom system call. * Port: OpenBSD: Go 1.23 adds experimental support for OpenBSD on 64-bit RISC-V (GOOS=openbsd, GOARCH=riscv64). * Port: ARM64: Go 1.23 introduces a new GOARM64 environment variable, which specifies the minimum target version of the ARM64 architecture at compile time. Allowed values are v8.{0-9} and v9.{0-5}. This may be followed by an option specifying extensions implemented by target hardware. Valid options are ,lse and ,crypto. The GOARM64 environment variable defaults to v8.0. * Port: RISC-V: Go 1.23 introduces a new GORISCV64 environment variable, which selects the RISC-V user-mode application profile for which to compile. Allowed values are rva20u64 and rva22u64. The GORISCV64 environment variable defaults to rva20u64. * Port: Wasm: The go_wasip1_wasm_exec script in GOROOT/misc/wasm has dropped support for versions of wasmtime < 14.0.0. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3937=1 openSUSE-SLE-15.6-2024-3937=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3937=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * go1.23-openssl-debuginfo-1.23.2.2-150600.13.3.1 * go1.23-openssl-doc-1.23.2.2-150600.13.3.1 * go1.23-openssl-1.23.2.2-150600.13.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.23-openssl-race-1.23.2.2-150600.13.3.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.23-openssl-debuginfo-1.23.2.2-150600.13.3.1 * go1.23-openssl-doc-1.23.2.2-150600.13.3.1 * go1.23-openssl-1.23.2.2-150600.13.3.1 * go1.23-openssl-race-1.23.2.2-150600.13.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34155.html * https://www.suse.com/security/cve/CVE-2024-34156.html * https://www.suse.com/security/cve/CVE-2024-34158.html * https://bugzilla.suse.com/show_bug.cgi?id=1229122 * https://bugzilla.suse.com/show_bug.cgi?id=1230252 * https://bugzilla.suse.com/show_bug.cgi?id=1230253 * https://bugzilla.suse.com/show_bug.cgi?id=1230254 * https://jira.suse.com/browse/SLE-18320 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 7 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 07 Nov 2024 16:30:05 -0000 Subject: SUSE-SU-2024:3944-1: moderate: Security update for python3 Message-ID: <173099700581.14191.7845100995751167886@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2024:3944-1 Release Date: 2024-11-07T15:57:52Z Rating: moderate References: * bsc#1230906 * bsc#1232241 Cross-References: * CVE-2024-9287 CVSS scores: * CVE-2024-9287 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2024-9287 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2024-9287 ( NVD ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2024-9287: Fixed quoted path names provided when creating a virtual environment (bsc#1232241). Bug fixes: * Drop .pyc files from docdir for reproducible builds (bsc#1230906). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-3944=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 (x86_64) * python3-debugsource-3.4.10-25.142.1 * python3-3.4.10-25.142.1 * python3-curses-debuginfo-3.4.10-25.142.1 * libpython3_4m1_0-debuginfo-3.4.10-25.142.1 * python3-base-debuginfo-3.4.10-25.142.1 * python3-devel-debuginfo-3.4.10-25.142.1 * python3-tk-debuginfo-3.4.10-25.142.1 * libpython3_4m1_0-3.4.10-25.142.1 * libpython3_4m1_0-debuginfo-32bit-3.4.10-25.142.1 * python3-base-3.4.10-25.142.1 * libpython3_4m1_0-32bit-3.4.10-25.142.1 * python3-base-debugsource-3.4.10-25.142.1 * python3-curses-3.4.10-25.142.1 * python3-debuginfo-3.4.10-25.142.1 * python3-devel-3.4.10-25.142.1 * python3-base-debuginfo-32bit-3.4.10-25.142.1 * python3-tk-3.4.10-25.142.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9287.html * https://bugzilla.suse.com/show_bug.cgi?id=1230906 * https://bugzilla.suse.com/show_bug.cgi?id=1232241 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 7 20:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 07 Nov 2024 20:30:06 -0000 Subject: SUSE-SU-2024:3945-1: moderate: Security update for python39 Message-ID: <173101140650.14191.8381535737917457670@smelt2.prg2.suse.org> # Security update for python39 Announcement ID: SUSE-SU-2024:3945-1 Release Date: 2024-11-07T16:24:16Z Rating: moderate References: * bsc#1230906 * bsc#1232241 Cross-References: * CVE-2024-9287 CVSS scores: * CVE-2024-9287 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2024-9287 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2024-9287 ( NVD ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green Affected Products: * Legacy Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python39 fixes the following issues: * CVE-2024-9287: Fixed quoted path names provided when creating a virtual environment (bsc#1232241). Bug fixes: * Drop .pyc files from docdir for reproducible builds (bsc#1230906). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3945=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3945=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3945=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-3945=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python39-devel-3.9.20-150300.4.55.2 * python39-base-debuginfo-3.9.20-150300.4.55.2 * libpython3_9-1_0-3.9.20-150300.4.55.2 * python39-testsuite-3.9.20-150300.4.55.2 * python39-dbm-3.9.20-150300.4.55.1 * python39-tk-debuginfo-3.9.20-150300.4.55.1 * python39-base-3.9.20-150300.4.55.2 * python39-curses-debuginfo-3.9.20-150300.4.55.1 * python39-tk-3.9.20-150300.4.55.1 * libpython3_9-1_0-debuginfo-3.9.20-150300.4.55.2 * python39-testsuite-debuginfo-3.9.20-150300.4.55.2 * python39-debuginfo-3.9.20-150300.4.55.1 * python39-idle-3.9.20-150300.4.55.1 * python39-tools-3.9.20-150300.4.55.2 * python39-3.9.20-150300.4.55.1 * python39-debugsource-3.9.20-150300.4.55.1 * python39-core-debugsource-3.9.20-150300.4.55.2 * python39-curses-3.9.20-150300.4.55.1 * python39-dbm-debuginfo-3.9.20-150300.4.55.1 * python39-doc-3.9.20-150300.4.55.1 * python39-doc-devhelp-3.9.20-150300.4.55.1 * openSUSE Leap 15.3 (x86_64) * libpython3_9-1_0-32bit-debuginfo-3.9.20-150300.4.55.2 * libpython3_9-1_0-32bit-3.9.20-150300.4.55.2 * python39-32bit-3.9.20-150300.4.55.1 * python39-base-32bit-3.9.20-150300.4.55.2 * python39-32bit-debuginfo-3.9.20-150300.4.55.1 * python39-base-32bit-debuginfo-3.9.20-150300.4.55.2 * openSUSE Leap 15.3 (aarch64_ilp32) * python39-base-64bit-3.9.20-150300.4.55.2 * python39-base-64bit-debuginfo-3.9.20-150300.4.55.2 * libpython3_9-1_0-64bit-3.9.20-150300.4.55.2 * python39-64bit-3.9.20-150300.4.55.1 * libpython3_9-1_0-64bit-debuginfo-3.9.20-150300.4.55.2 * python39-64bit-debuginfo-3.9.20-150300.4.55.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python39-devel-3.9.20-150300.4.55.2 * python39-base-debuginfo-3.9.20-150300.4.55.2 * libpython3_9-1_0-3.9.20-150300.4.55.2 * python39-testsuite-3.9.20-150300.4.55.2 * python39-dbm-3.9.20-150300.4.55.1 * python39-tk-debuginfo-3.9.20-150300.4.55.1 * python39-base-3.9.20-150300.4.55.2 * python39-curses-debuginfo-3.9.20-150300.4.55.1 * python39-tk-3.9.20-150300.4.55.1 * libpython3_9-1_0-debuginfo-3.9.20-150300.4.55.2 * python39-testsuite-debuginfo-3.9.20-150300.4.55.2 * python39-debuginfo-3.9.20-150300.4.55.1 * python39-idle-3.9.20-150300.4.55.1 * python39-tools-3.9.20-150300.4.55.2 * python39-3.9.20-150300.4.55.1 * python39-debugsource-3.9.20-150300.4.55.1 * python39-core-debugsource-3.9.20-150300.4.55.2 * python39-curses-3.9.20-150300.4.55.1 * python39-dbm-debuginfo-3.9.20-150300.4.55.1 * python39-doc-3.9.20-150300.4.55.1 * python39-doc-devhelp-3.9.20-150300.4.55.1 * openSUSE Leap 15.5 (x86_64) * libpython3_9-1_0-32bit-debuginfo-3.9.20-150300.4.55.2 * libpython3_9-1_0-32bit-3.9.20-150300.4.55.2 * python39-32bit-3.9.20-150300.4.55.1 * python39-base-32bit-3.9.20-150300.4.55.2 * python39-32bit-debuginfo-3.9.20-150300.4.55.1 * python39-base-32bit-debuginfo-3.9.20-150300.4.55.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python39-devel-3.9.20-150300.4.55.2 * python39-base-debuginfo-3.9.20-150300.4.55.2 * libpython3_9-1_0-3.9.20-150300.4.55.2 * python39-testsuite-3.9.20-150300.4.55.2 * python39-dbm-3.9.20-150300.4.55.1 * python39-tk-debuginfo-3.9.20-150300.4.55.1 * python39-base-3.9.20-150300.4.55.2 * python39-curses-debuginfo-3.9.20-150300.4.55.1 * python39-tk-3.9.20-150300.4.55.1 * libpython3_9-1_0-debuginfo-3.9.20-150300.4.55.2 * python39-testsuite-debuginfo-3.9.20-150300.4.55.2 * python39-debuginfo-3.9.20-150300.4.55.1 * python39-idle-3.9.20-150300.4.55.1 * python39-tools-3.9.20-150300.4.55.2 * python39-3.9.20-150300.4.55.1 * python39-debugsource-3.9.20-150300.4.55.1 * python39-core-debugsource-3.9.20-150300.4.55.2 * python39-curses-3.9.20-150300.4.55.1 * python39-dbm-debuginfo-3.9.20-150300.4.55.1 * python39-doc-3.9.20-150300.4.55.1 * python39-doc-devhelp-3.9.20-150300.4.55.1 * openSUSE Leap 15.6 (x86_64) * libpython3_9-1_0-32bit-debuginfo-3.9.20-150300.4.55.2 * libpython3_9-1_0-32bit-3.9.20-150300.4.55.2 * python39-32bit-3.9.20-150300.4.55.1 * python39-base-32bit-3.9.20-150300.4.55.2 * python39-32bit-debuginfo-3.9.20-150300.4.55.1 * python39-base-32bit-debuginfo-3.9.20-150300.4.55.2 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python39-base-3.9.20-150300.4.55.2 * python39-3.9.20-150300.4.55.1 * python39-curses-3.9.20-150300.4.55.1 * libpython3_9-1_0-3.9.20-150300.4.55.2 * python39-dbm-3.9.20-150300.4.55.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9287.html * https://bugzilla.suse.com/show_bug.cgi?id=1230906 * https://bugzilla.suse.com/show_bug.cgi?id=1232241 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 8 08:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 08 Nov 2024 08:30:06 -0000 Subject: SUSE-SU-2024:3950-1: moderate: Security update for govulncheck-vulndb Message-ID: <173105460626.22715.15571285580674004920@smelt2.prg2.suse.org> # Security update for govulncheck-vulndb Announcement ID: SUSE-SU-2024:3950-1 Release Date: 2024-11-08T07:57:37Z Rating: moderate References: * jsc#PED-11136 Cross-References: * CVE-2024-0132 * CVE-2024-0133 * CVE-2024-10005 * CVE-2024-10006 * CVE-2024-10086 * CVE-2024-10452 * CVE-2024-39720 * CVE-2024-46872 * CVE-2024-47401 * CVE-2024-50052 * CVE-2024-50354 * CVE-2024-8185 CVSS scores: * CVE-2024-0132 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-0132 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-0132 ( NVD ): 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H * CVE-2024-0132 ( NVD ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-0133 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N * CVE-2024-0133 ( SUSE ): 4.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N * CVE-2024-0133 ( NVD ): 4.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N * CVE-2024-0133 ( NVD ): 3.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N * CVE-2024-10005 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-10006 ( NVD ): 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2024-10086 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-10452 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-10452 ( SUSE ): 2.2 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N * CVE-2024-10452 ( NVD ): 2.2 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N * CVE-2024-39720 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-39720 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39720 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2024-46872 ( NVD ): 4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2024-47401 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50052 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2024-50354 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8185 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8185 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8185 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves 12 vulnerabilities and contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: * Update to version 0.0.20241104T154416 2024-11-04T15:44:16Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3233 CVE-2024-46872 GHSA-762g-9p7f-mrww * GO-2024-3234 CVE-2024-47401 GHSA-762v-rq7q-ff97 * GO-2024-3235 CVE-2024-50052 GHSA-g376-m3h3-mj4r * GO-2024-3237 CVE-2024-0133 GHSA-f748-7hpg-88ch * GO-2024-3239 CVE-2024-0132 GHSA-mjjw-553x-87pq * GO-2024-3240 CVE-2024-10452 GHSA-66c4-2g2v-54qw * GO-2024-3241 CVE-2024-10006 GHSA-5c4w-8hhh-3c3h * GO-2024-3242 CVE-2024-10086 GHSA-99wr-c2px-grmh * GO-2024-3243 CVE-2024-10005 GHSA-chgm-7r52-whjj * Update to version 0.0.20241101T215616 2024-11-01T21:56:16Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3244 CVE-2024-50354 GHSA-cph5-3pgr-c82g * GO-2024-3245 CVE-2024-39720 * GO-2024-3246 CVE-2024-8185 GHSA-g233-2p4r-3q7v ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3950=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3950=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3950=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3950=1 ## Package List: * SUSE Package Hub 15 15-SP6 (noarch) * govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1 * openSUSE Leap 15.5 (noarch) * govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1 * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1 * SUSE Package Hub 15 15-SP5 (noarch) * govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0132.html * https://www.suse.com/security/cve/CVE-2024-0133.html * https://www.suse.com/security/cve/CVE-2024-10005.html * https://www.suse.com/security/cve/CVE-2024-10006.html * https://www.suse.com/security/cve/CVE-2024-10086.html * https://www.suse.com/security/cve/CVE-2024-10452.html * https://www.suse.com/security/cve/CVE-2024-39720.html * https://www.suse.com/security/cve/CVE-2024-46872.html * https://www.suse.com/security/cve/CVE-2024-47401.html * https://www.suse.com/security/cve/CVE-2024-50052.html * https://www.suse.com/security/cve/CVE-2024-50354.html * https://www.suse.com/security/cve/CVE-2024-8185.html * https://jira.suse.com/browse/PED-11136 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 8 08:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 08 Nov 2024 08:30:09 -0000 Subject: SUSE-SU-2024:3949-1: important: Security update for apache2 Message-ID: <173105460975.22715.4085734208271309386@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2024:3949-1 Release Date: 2024-11-08T07:57:14Z Rating: important References: * bsc#1216423 Cross-References: * CVE-2023-45802 CVSS scores: * CVE-2023-45802 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45802 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2023-45802: HTTP/2 stream memory not reclaimed right away on RST (bsc#1216423). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2024-3949=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-3949=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 (aarch64 ppc64le s390x x86_64) * apache2-tls13-debugsource-2.4.51-35.66.1 * apache2-tls13-prefork-2.4.51-35.66.1 * apache2-tls13-utils-debuginfo-2.4.51-35.66.1 * apache2-tls13-worker-2.4.51-35.66.1 * apache2-utils-debuginfo-2.4.51-35.66.1 * apache2-tls13-worker-debuginfo-2.4.51-35.66.1 * apache2-debuginfo-2.4.51-35.66.1 * apache2-prefork-debuginfo-2.4.51-35.66.1 * apache2-utils-2.4.51-35.66.1 * apache2-prefork-2.4.51-35.66.1 * apache2-worker-2.4.51-35.66.1 * apache2-tls13-debuginfo-2.4.51-35.66.1 * apache2-2.4.51-35.66.1 * apache2-example-pages-2.4.51-35.66.1 * apache2-worker-debuginfo-2.4.51-35.66.1 * apache2-debugsource-2.4.51-35.66.1 * apache2-tls13-2.4.51-35.66.1 * apache2-tls13-example-pages-2.4.51-35.66.1 * apache2-tls13-utils-2.4.51-35.66.1 * apache2-tls13-prefork-debuginfo-2.4.51-35.66.1 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 (noarch) * apache2-doc-2.4.51-35.66.1 * apache2-tls13-doc-2.4.51-35.66.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 (x86_64) * apache2-tls13-debugsource-2.4.51-35.66.1 * apache2-tls13-prefork-2.4.51-35.66.1 * apache2-tls13-utils-debuginfo-2.4.51-35.66.1 * apache2-tls13-worker-2.4.51-35.66.1 * apache2-utils-debuginfo-2.4.51-35.66.1 * apache2-tls13-worker-debuginfo-2.4.51-35.66.1 * apache2-debuginfo-2.4.51-35.66.1 * apache2-prefork-debuginfo-2.4.51-35.66.1 * apache2-utils-2.4.51-35.66.1 * apache2-prefork-2.4.51-35.66.1 * apache2-worker-2.4.51-35.66.1 * apache2-tls13-debuginfo-2.4.51-35.66.1 * apache2-2.4.51-35.66.1 * apache2-example-pages-2.4.51-35.66.1 * apache2-worker-debuginfo-2.4.51-35.66.1 * apache2-debugsource-2.4.51-35.66.1 * apache2-tls13-2.4.51-35.66.1 * apache2-tls13-example-pages-2.4.51-35.66.1 * apache2-tls13-utils-2.4.51-35.66.1 * apache2-tls13-prefork-debuginfo-2.4.51-35.66.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 (noarch) * apache2-doc-2.4.51-35.66.1 * apache2-tls13-doc-2.4.51-35.66.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45802.html * https://bugzilla.suse.com/show_bug.cgi?id=1216423 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 8 08:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 08 Nov 2024 08:30:17 -0000 Subject: SUSE-SU-2024:3948-1: important: Security update for qemu Message-ID: <173105461736.22715.4119629675202753492@smelt2.prg2.suse.org> # Security update for qemu Announcement ID: SUSE-SU-2024:3948-1 Release Date: 2024-11-08T07:28:56Z Rating: important References: * bsc#1229007 * bsc#1230834 * bsc#1230915 Cross-References: * CVE-2024-7409 * CVE-2024-8354 * CVE-2024-8612 CVSS scores: * CVE-2024-7409 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-7409 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7409 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8354 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8354 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8354 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8354 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8612 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-8612 ( SUSE ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-8612 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for qemu fixes the following issues: * CVE-2024-8354: Fixed assertion failure in usb_ep_get() (bsc#1230834). * CVE-2024-8612: Fixed nformation leak in virtio devices (bsc#1230915). * CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure (bsc#1229007). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3948=1 openSUSE-SLE-15.5-2024-3948=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3948=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3948=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3948=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3948=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3948=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * qemu-block-gluster-7.1.0-150500.49.24.1 * qemu-audio-jack-7.1.0-150500.49.24.1 * qemu-ksm-7.1.0-150500.49.24.1 * qemu-block-dmg-7.1.0-150500.49.24.1 * qemu-ivshmem-tools-7.1.0-150500.49.24.1 * qemu-block-dmg-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-oss-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.24.1 * qemu-tools-debuginfo-7.1.0-150500.49.24.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.24.1 * qemu-block-nfs-7.1.0-150500.49.24.1 * qemu-ui-spice-app-7.1.0-150500.49.24.1 * qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.24.1 * qemu-chardev-baum-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-dbus-7.1.0-150500.49.24.1 * qemu-linux-user-debuginfo-7.1.0-150500.49.24.1 * qemu-x86-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-spice-7.1.0-150500.49.24.1 * qemu-accel-tcg-x86-7.1.0-150500.49.24.1 * qemu-hw-usb-host-7.1.0-150500.49.24.1 * qemu-extra-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-alsa-debuginfo-7.1.0-150500.49.24.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-usb-host-debuginfo-7.1.0-150500.49.24.1 * qemu-accel-qtest-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-alsa-7.1.0-150500.49.24.1 * qemu-hw-usb-smartcard-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.24.1 * qemu-block-ssh-7.1.0-150500.49.24.1 * qemu-vhost-user-gpu-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.24.1 * qemu-guest-agent-7.1.0-150500.49.24.1 * qemu-s390x-debuginfo-7.1.0-150500.49.24.1 * qemu-ppc-7.1.0-150500.49.24.1 * qemu-linux-user-debugsource-7.1.0-150500.49.24.1 * qemu-debugsource-7.1.0-150500.49.24.1 * qemu-ui-opengl-7.1.0-150500.49.24.1 * qemu-linux-user-7.1.0-150500.49.24.1 * qemu-ui-dbus-debuginfo-7.1.0-150500.49.24.1 * qemu-extra-7.1.0-150500.49.24.1 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.24.1 * qemu-audio-pa-7.1.0-150500.49.24.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.24.1 * qemu-tools-7.1.0-150500.49.24.1 * qemu-block-nfs-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-oss-7.1.0-150500.49.24.1 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.24.1 * qemu-ppc-debuginfo-7.1.0-150500.49.24.1 * qemu-headless-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.24.1 * qemu-arm-debuginfo-7.1.0-150500.49.24.1 * qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.24.1 * qemu-block-ssh-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-jack-debuginfo-7.1.0-150500.49.24.1 * qemu-arm-7.1.0-150500.49.24.1 * qemu-lang-7.1.0-150500.49.24.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.24.1 * qemu-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.24.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-spice-core-7.1.0-150500.49.24.1 * qemu-audio-dbus-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-usb-redirect-7.1.0-150500.49.24.1 * qemu-hw-display-qxl-7.1.0-150500.49.24.1 * qemu-audio-dbus-7.1.0-150500.49.24.1 * qemu-audio-pa-debuginfo-7.1.0-150500.49.24.1 * qemu-block-curl-7.1.0-150500.49.24.1 * qemu-chardev-spice-7.1.0-150500.49.24.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-curses-7.1.0-150500.49.24.1 * qemu-ui-gtk-7.1.0-150500.49.24.1 * qemu-ui-curses-debuginfo-7.1.0-150500.49.24.1 * qemu-accel-qtest-7.1.0-150500.49.24.1 * qemu-chardev-baum-7.1.0-150500.49.24.1 * qemu-7.1.0-150500.49.24.1 * qemu-block-iscsi-7.1.0-150500.49.24.1 * qemu-x86-7.1.0-150500.49.24.1 * qemu-s390x-7.1.0-150500.49.24.1 * qemu-block-iscsi-debuginfo-7.1.0-150500.49.24.1 * qemu-block-gluster-debuginfo-7.1.0-150500.49.24.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.24.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.24.1 * openSUSE Leap 15.5 (s390x x86_64 i586) * qemu-kvm-7.1.0-150500.49.24.1 * openSUSE Leap 15.5 (noarch) * qemu-sgabios-8-150500.49.24.1 * qemu-ipxe-1.0.0+-150500.49.24.1 * qemu-microvm-7.1.0-150500.49.24.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.24.1 * qemu-SLOF-7.1.0-150500.49.24.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.24.1 * qemu-skiboot-7.1.0-150500.49.24.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * qemu-block-rbd-7.1.0-150500.49.24.1 * qemu-block-rbd-debuginfo-7.1.0-150500.49.24.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.24.1 * qemu-tools-7.1.0-150500.49.24.1 * qemu-ui-spice-core-7.1.0-150500.49.24.1 * qemu-hw-usb-redirect-7.1.0-150500.49.24.1 * qemu-hw-display-qxl-7.1.0-150500.49.24.1 * qemu-audio-spice-7.1.0-150500.49.24.1 * qemu-block-curl-7.1.0-150500.49.24.1 * qemu-chardev-spice-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.24.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.24.1 * qemu-tools-debuginfo-7.1.0-150500.49.24.1 * qemu-7.1.0-150500.49.24.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.24.1 * qemu-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.24.1 * qemu-guest-agent-7.1.0-150500.49.24.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.24.1 * qemu-debugsource-7.1.0-150500.49.24.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-opengl-7.1.0-150500.49.24.1 * openSUSE Leap Micro 5.5 (x86_64) * qemu-accel-tcg-x86-7.1.0-150500.49.24.1 * qemu-x86-debuginfo-7.1.0-150500.49.24.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.24.1 * qemu-x86-7.1.0-150500.49.24.1 * openSUSE Leap Micro 5.5 (noarch) * qemu-sgabios-8-150500.49.24.1 * qemu-ipxe-1.0.0+-150500.49.24.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.24.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.24.1 * openSUSE Leap Micro 5.5 (s390x) * qemu-s390x-debuginfo-7.1.0-150500.49.24.1 * qemu-s390x-7.1.0-150500.49.24.1 * openSUSE Leap Micro 5.5 (aarch64) * qemu-arm-debuginfo-7.1.0-150500.49.24.1 * qemu-arm-7.1.0-150500.49.24.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.24.1 * qemu-tools-7.1.0-150500.49.24.1 * qemu-ui-spice-core-7.1.0-150500.49.24.1 * qemu-hw-usb-redirect-7.1.0-150500.49.24.1 * qemu-hw-display-qxl-7.1.0-150500.49.24.1 * qemu-audio-spice-7.1.0-150500.49.24.1 * qemu-block-curl-7.1.0-150500.49.24.1 * qemu-chardev-spice-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.24.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.24.1 * qemu-tools-debuginfo-7.1.0-150500.49.24.1 * qemu-7.1.0-150500.49.24.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.24.1 * qemu-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.24.1 * qemu-guest-agent-7.1.0-150500.49.24.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.24.1 * qemu-debugsource-7.1.0-150500.49.24.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-opengl-7.1.0-150500.49.24.1 * SUSE Linux Enterprise Micro 5.5 (aarch64) * qemu-arm-debuginfo-7.1.0-150500.49.24.1 * qemu-arm-7.1.0-150500.49.24.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * qemu-sgabios-8-150500.49.24.1 * qemu-ipxe-1.0.0+-150500.49.24.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.24.1 * qemu-SLOF-7.1.0-150500.49.24.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.24.1 * SUSE Linux Enterprise Micro 5.5 (ppc64le) * qemu-ppc-debuginfo-7.1.0-150500.49.24.1 * qemu-ppc-7.1.0-150500.49.24.1 * SUSE Linux Enterprise Micro 5.5 (s390x) * qemu-s390x-debuginfo-7.1.0-150500.49.24.1 * qemu-s390x-7.1.0-150500.49.24.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * qemu-accel-tcg-x86-7.1.0-150500.49.24.1 * qemu-x86-debuginfo-7.1.0-150500.49.24.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.24.1 * qemu-x86-7.1.0-150500.49.24.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * qemu-debuginfo-7.1.0-150500.49.24.1 * qemu-tools-debuginfo-7.1.0-150500.49.24.1 * qemu-debugsource-7.1.0-150500.49.24.1 * qemu-tools-7.1.0-150500.49.24.1 * SUSE Package Hub 15 15-SP5 (noarch) * qemu-sgabios-8-150500.49.24.1 * qemu-microvm-7.1.0-150500.49.24.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.24.1 * qemu-SLOF-7.1.0-150500.49.24.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.24.1 * qemu-skiboot-7.1.0-150500.49.24.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * qemu-extra-7.1.0-150500.49.24.1 * qemu-block-nfs-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-oss-7.1.0-150500.49.24.1 * qemu-block-gluster-7.1.0-150500.49.24.1 * qemu-audio-jack-7.1.0-150500.49.24.1 * qemu-block-dmg-7.1.0-150500.49.24.1 * qemu-extra-debuginfo-7.1.0-150500.49.24.1 * qemu-ivshmem-tools-7.1.0-150500.49.24.1 * qemu-block-dmg-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-oss-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.24.1 * qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-jack-debuginfo-7.1.0-150500.49.24.1 * qemu-accel-qtest-7.1.0-150500.49.24.1 * qemu-accel-qtest-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-usb-smartcard-7.1.0-150500.49.24.1 * qemu-vhost-user-gpu-7.1.0-150500.49.24.1 * qemu-block-nfs-7.1.0-150500.49.24.1 * qemu-debuginfo-7.1.0-150500.49.24.1 * qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.24.1 * qemu-block-gluster-debuginfo-7.1.0-150500.49.24.1 * qemu-debugsource-7.1.0-150500.49.24.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x) * qemu-accel-tcg-x86-7.1.0-150500.49.24.1 * qemu-audio-alsa-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-alsa-7.1.0-150500.49.24.1 * qemu-audio-pa-7.1.0-150500.49.24.1 * qemu-x86-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-pa-debuginfo-7.1.0-150500.49.24.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.24.1 * qemu-x86-7.1.0-150500.49.24.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le) * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.24.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le x86_64) * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.24.1 * qemu-s390x-debuginfo-7.1.0-150500.49.24.1 * qemu-s390x-7.1.0-150500.49.24.1 * SUSE Package Hub 15 15-SP5 (aarch64 s390x x86_64) * qemu-ppc-debuginfo-7.1.0-150500.49.24.1 * qemu-ppc-7.1.0-150500.49.24.1 * SUSE Package Hub 15 15-SP5 (ppc64le s390x x86_64) * qemu-arm-debuginfo-7.1.0-150500.49.24.1 * qemu-arm-7.1.0-150500.49.24.1 * SUSE Package Hub 15 15-SP5 (s390x) * qemu-hw-display-virtio-vga-7.1.0-150500.49.24.1 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-spice-app-7.1.0-150500.49.24.1 * qemu-chardev-spice-7.1.0-150500.49.24.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-spice-core-7.1.0-150500.49.24.1 * qemu-hw-usb-redirect-7.1.0-150500.49.24.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-qxl-7.1.0-150500.49.24.1 * qemu-ui-opengl-7.1.0-150500.49.24.1 * qemu-ui-gtk-7.1.0-150500.49.24.1 * qemu-audio-spice-7.1.0-150500.49.24.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * qemu-chardev-baum-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-dbus-7.1.0-150500.49.24.1 * qemu-audio-dbus-debuginfo-7.1.0-150500.49.24.1 * qemu-ksm-7.1.0-150500.49.24.1 * qemu-audio-dbus-7.1.0-150500.49.24.1 * qemu-block-curl-7.1.0-150500.49.24.1 * qemu-hw-usb-host-7.1.0-150500.49.24.1 * qemu-block-rbd-7.1.0-150500.49.24.1 * qemu-block-rbd-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-curses-7.1.0-150500.49.24.1 * qemu-block-ssh-debuginfo-7.1.0-150500.49.24.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-curses-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-usb-host-debuginfo-7.1.0-150500.49.24.1 * qemu-lang-7.1.0-150500.49.24.1 * qemu-chardev-baum-7.1.0-150500.49.24.1 * qemu-7.1.0-150500.49.24.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.24.1 * qemu-block-ssh-7.1.0-150500.49.24.1 * qemu-block-iscsi-7.1.0-150500.49.24.1 * qemu-debuginfo-7.1.0-150500.49.24.1 * qemu-guest-agent-7.1.0-150500.49.24.1 * qemu-block-iscsi-debuginfo-7.1.0-150500.49.24.1 * qemu-debugsource-7.1.0-150500.49.24.1 * qemu-ui-dbus-debuginfo-7.1.0-150500.49.24.1 * Server Applications Module 15-SP5 (aarch64) * qemu-arm-debuginfo-7.1.0-150500.49.24.1 * qemu-arm-7.1.0-150500.49.24.1 * Server Applications Module 15-SP5 (aarch64 ppc64le x86_64) * qemu-hw-display-virtio-vga-7.1.0-150500.49.24.1 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-spice-app-7.1.0-150500.49.24.1 * qemu-chardev-spice-7.1.0-150500.49.24.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-spice-core-7.1.0-150500.49.24.1 * qemu-hw-usb-redirect-7.1.0-150500.49.24.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-qxl-7.1.0-150500.49.24.1 * qemu-ui-opengl-7.1.0-150500.49.24.1 * qemu-ui-gtk-7.1.0-150500.49.24.1 * qemu-audio-spice-7.1.0-150500.49.24.1 * Server Applications Module 15-SP5 (noarch) * qemu-sgabios-8-150500.49.24.1 * qemu-ipxe-1.0.0+-150500.49.24.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.24.1 * qemu-SLOF-7.1.0-150500.49.24.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.24.1 * qemu-skiboot-7.1.0-150500.49.24.1 * Server Applications Module 15-SP5 (ppc64le) * qemu-ppc-debuginfo-7.1.0-150500.49.24.1 * qemu-ppc-7.1.0-150500.49.24.1 * Server Applications Module 15-SP5 (s390x x86_64) * qemu-kvm-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.24.1 * Server Applications Module 15-SP5 (s390x) * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.24.1 * qemu-s390x-debuginfo-7.1.0-150500.49.24.1 * qemu-s390x-7.1.0-150500.49.24.1 * Server Applications Module 15-SP5 (x86_64) * qemu-accel-tcg-x86-7.1.0-150500.49.24.1 * qemu-audio-alsa-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-alsa-7.1.0-150500.49.24.1 * qemu-audio-pa-7.1.0-150500.49.24.1 * qemu-x86-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-pa-debuginfo-7.1.0-150500.49.24.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.24.1 * qemu-x86-7.1.0-150500.49.24.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7409.html * https://www.suse.com/security/cve/CVE-2024-8354.html * https://www.suse.com/security/cve/CVE-2024-8612.html * https://bugzilla.suse.com/show_bug.cgi?id=1229007 * https://bugzilla.suse.com/show_bug.cgi?id=1230834 * https://bugzilla.suse.com/show_bug.cgi?id=1230915 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 8 16:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 08 Nov 2024 16:30:04 -0000 Subject: SUSE-SU-2024:3960-1: important: Security update for libheif Message-ID: <173108340428.14191.17242972427904460724@smelt2.prg2.suse.org> # Security update for libheif Announcement ID: SUSE-SU-2024:3960-1 Release Date: 2024-11-08T15:26:36Z Rating: important References: * bsc#1231714 Cross-References: * CVE-2024-41311 CVSS scores: * CVE-2024-41311 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41311 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-41311 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * Desktop Applications Module 15-SP5 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for libheif fixes the following issues: * CVE-2024-41311: Fixed out-of-bounds read and write in ImageOverlay:parse() due to decoding a heif file containing an overlay image with forged offsets (bsc#1231714). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3960=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3960=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3960=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3960=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3960=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-3960=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-3960=1 ## Package List: * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * gdk-pixbuf-loader-libheif-1.12.0-150400.3.14.1 * libheif-devel-1.12.0-150400.3.14.1 * libheif-debugsource-1.12.0-150400.3.14.1 * gdk-pixbuf-loader-libheif-debuginfo-1.12.0-150400.3.14.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * gdk-pixbuf-loader-libheif-1.12.0-150400.3.14.1 * libheif-devel-1.12.0-150400.3.14.1 * libheif-debugsource-1.12.0-150400.3.14.1 * gdk-pixbuf-loader-libheif-debuginfo-1.12.0-150400.3.14.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libheif1-1.12.0-150400.3.14.1 * libheif-debugsource-1.12.0-150400.3.14.1 * gdk-pixbuf-loader-libheif-debuginfo-1.12.0-150400.3.14.1 * libheif1-debuginfo-1.12.0-150400.3.14.1 * gdk-pixbuf-loader-libheif-1.12.0-150400.3.14.1 * libheif-devel-1.12.0-150400.3.14.1 * openSUSE Leap 15.4 (x86_64) * libheif1-32bit-1.12.0-150400.3.14.1 * libheif1-32bit-debuginfo-1.12.0-150400.3.14.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libheif1-64bit-1.12.0-150400.3.14.1 * libheif1-64bit-debuginfo-1.12.0-150400.3.14.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libheif1-1.12.0-150400.3.14.1 * libheif-debugsource-1.12.0-150400.3.14.1 * gdk-pixbuf-loader-libheif-debuginfo-1.12.0-150400.3.14.1 * libheif1-debuginfo-1.12.0-150400.3.14.1 * gdk-pixbuf-loader-libheif-1.12.0-150400.3.14.1 * libheif-devel-1.12.0-150400.3.14.1 * openSUSE Leap 15.5 (x86_64) * libheif1-32bit-1.12.0-150400.3.14.1 * libheif1-32bit-debuginfo-1.12.0-150400.3.14.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libheif1-1.12.0-150400.3.14.1 * libheif-debugsource-1.12.0-150400.3.14.1 * gdk-pixbuf-loader-libheif-debuginfo-1.12.0-150400.3.14.1 * libheif1-debuginfo-1.12.0-150400.3.14.1 * gdk-pixbuf-loader-libheif-1.12.0-150400.3.14.1 * libheif-devel-1.12.0-150400.3.14.1 * openSUSE Leap 15.6 (x86_64) * libheif1-32bit-1.12.0-150400.3.14.1 * libheif1-32bit-debuginfo-1.12.0-150400.3.14.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libheif1-1.12.0-150400.3.14.1 * libheif1-debuginfo-1.12.0-150400.3.14.1 * libheif-debugsource-1.12.0-150400.3.14.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libheif1-1.12.0-150400.3.14.1 * libheif1-debuginfo-1.12.0-150400.3.14.1 * libheif-debugsource-1.12.0-150400.3.14.1 ## References: * https://www.suse.com/security/cve/CVE-2024-41311.html * https://bugzilla.suse.com/show_bug.cgi?id=1231714 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 8 16:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 08 Nov 2024 16:30:07 -0000 Subject: SUSE-SU-2024:3959-1: moderate: Security update for python312 Message-ID: <173108340795.14191.12839532718216005110@smelt2.prg2.suse.org> # Security update for python312 Announcement ID: SUSE-SU-2024:3959-1 Release Date: 2024-11-08T15:25:38Z Rating: moderate References: * bsc#1230906 * bsc#1232241 Cross-References: * CVE-2024-9287 CVSS scores: * CVE-2024-9287 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2024-9287 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2024-9287 ( NVD ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python312 fixes the following issues: * CVE-2024-9287: Fixed quoted path names provided when creating a virtual environment (bsc#1232241). Bug fixes: * Drop .pyc files from docdir for reproducible builds (bsc#1230906). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3959=1 openSUSE-SLE-15.6-2024-3959=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-3959=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python312-3.12.7-150600.3.9.1 * python312-curses-debuginfo-3.12.7-150600.3.9.1 * python312-dbm-3.12.7-150600.3.9.1 * python312-idle-3.12.7-150600.3.9.1 * python312-testsuite-3.12.7-150600.3.9.1 * libpython3_12-1_0-3.12.7-150600.3.9.1 * python312-tk-3.12.7-150600.3.9.1 * python312-base-3.12.7-150600.3.9.1 * python312-base-debuginfo-3.12.7-150600.3.9.1 * python312-dbm-debuginfo-3.12.7-150600.3.9.1 * python312-tools-3.12.7-150600.3.9.1 * libpython3_12-1_0-debuginfo-3.12.7-150600.3.9.1 * python312-doc-devhelp-3.12.7-150600.3.9.1 * python312-testsuite-debuginfo-3.12.7-150600.3.9.1 * python312-curses-3.12.7-150600.3.9.1 * python312-devel-3.12.7-150600.3.9.1 * python312-tk-debuginfo-3.12.7-150600.3.9.1 * python312-core-debugsource-3.12.7-150600.3.9.1 * python312-debugsource-3.12.7-150600.3.9.1 * python312-doc-3.12.7-150600.3.9.1 * python312-debuginfo-3.12.7-150600.3.9.1 * openSUSE Leap 15.6 (x86_64) * python312-base-32bit-debuginfo-3.12.7-150600.3.9.1 * libpython3_12-1_0-32bit-3.12.7-150600.3.9.1 * python312-base-32bit-3.12.7-150600.3.9.1 * python312-32bit-debuginfo-3.12.7-150600.3.9.1 * python312-32bit-3.12.7-150600.3.9.1 * libpython3_12-1_0-32bit-debuginfo-3.12.7-150600.3.9.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libpython3_12-1_0-64bit-debuginfo-3.12.7-150600.3.9.1 * python312-64bit-3.12.7-150600.3.9.1 * python312-base-64bit-debuginfo-3.12.7-150600.3.9.1 * python312-base-64bit-3.12.7-150600.3.9.1 * python312-64bit-debuginfo-3.12.7-150600.3.9.1 * libpython3_12-1_0-64bit-3.12.7-150600.3.9.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python312-tk-debuginfo-3.12.7-150600.3.9.1 * python312-curses-3.12.7-150600.3.9.1 * libpython3_12-1_0-debuginfo-3.12.7-150600.3.9.1 * python312-3.12.7-150600.3.9.1 * python312-core-debugsource-3.12.7-150600.3.9.1 * python312-curses-debuginfo-3.12.7-150600.3.9.1 * python312-dbm-3.12.7-150600.3.9.1 * python312-base-debuginfo-3.12.7-150600.3.9.1 * python312-base-3.12.7-150600.3.9.1 * python312-idle-3.12.7-150600.3.9.1 * python312-tk-3.12.7-150600.3.9.1 * python312-debugsource-3.12.7-150600.3.9.1 * libpython3_12-1_0-3.12.7-150600.3.9.1 * python312-dbm-debuginfo-3.12.7-150600.3.9.1 * python312-devel-3.12.7-150600.3.9.1 * python312-tools-3.12.7-150600.3.9.1 * python312-debuginfo-3.12.7-150600.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9287.html * https://bugzilla.suse.com/show_bug.cgi?id=1230906 * https://bugzilla.suse.com/show_bug.cgi?id=1232241 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 8 16:30:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 08 Nov 2024 16:30:13 -0000 Subject: SUSE-SU-2024:3958-1: moderate: Security update for python311 Message-ID: <173108341308.14191.4720758267497396379@smelt2.prg2.suse.org> # Security update for python311 Announcement ID: SUSE-SU-2024:3958-1 Release Date: 2024-11-08T15:25:20Z Rating: moderate References: * bsc#1230906 * bsc#1232241 Cross-References: * CVE-2024-9287 CVSS scores: * CVE-2024-9287 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2024-9287 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2024-9287 ( NVD ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python311 fixes the following issues: * CVE-2024-9287: Fixed quoted path names provided when creating a virtual environment (bsc#1232241). Bug fixes: * Drop .pyc files from docdir for reproducible builds (bsc#1230906). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3958=1 openSUSE-SLE-15.6-2024-3958=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3958=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-3958=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python311-tk-debuginfo-3.11.10-150600.3.9.2 * python311-debuginfo-3.11.10-150600.3.9.2 * python311-doc-devhelp-3.11.10-150600.3.9.3 * python311-base-3.11.10-150600.3.9.2 * python311-3.11.10-150600.3.9.2 * python311-dbm-debuginfo-3.11.10-150600.3.9.2 * libpython3_11-1_0-3.11.10-150600.3.9.2 * python311-core-debugsource-3.11.10-150600.3.9.2 * python311-tk-3.11.10-150600.3.9.2 * python311-doc-3.11.10-150600.3.9.3 * python311-testsuite-debuginfo-3.11.10-150600.3.9.2 * python311-dbm-3.11.10-150600.3.9.2 * python311-curses-3.11.10-150600.3.9.2 * python311-base-debuginfo-3.11.10-150600.3.9.2 * python311-idle-3.11.10-150600.3.9.2 * python311-debugsource-3.11.10-150600.3.9.2 * python311-devel-3.11.10-150600.3.9.2 * python311-tools-3.11.10-150600.3.9.2 * libpython3_11-1_0-debuginfo-3.11.10-150600.3.9.2 * python311-curses-debuginfo-3.11.10-150600.3.9.2 * python311-testsuite-3.11.10-150600.3.9.2 * openSUSE Leap 15.6 (x86_64) * python311-32bit-debuginfo-3.11.10-150600.3.9.2 * python311-base-32bit-debuginfo-3.11.10-150600.3.9.2 * libpython3_11-1_0-32bit-debuginfo-3.11.10-150600.3.9.2 * libpython3_11-1_0-32bit-3.11.10-150600.3.9.2 * python311-base-32bit-3.11.10-150600.3.9.2 * python311-32bit-3.11.10-150600.3.9.2 * openSUSE Leap 15.6 (aarch64_ilp32) * libpython3_11-1_0-64bit-debuginfo-3.11.10-150600.3.9.2 * python311-64bit-3.11.10-150600.3.9.2 * libpython3_11-1_0-64bit-3.11.10-150600.3.9.2 * python311-base-64bit-3.11.10-150600.3.9.2 * python311-base-64bit-debuginfo-3.11.10-150600.3.9.2 * python311-64bit-debuginfo-3.11.10-150600.3.9.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python311-core-debugsource-3.11.10-150600.3.9.2 * libpython3_11-1_0-3.11.10-150600.3.9.2 * python311-base-3.11.10-150600.3.9.2 * libpython3_11-1_0-debuginfo-3.11.10-150600.3.9.2 * python311-base-debuginfo-3.11.10-150600.3.9.2 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python311-idle-3.11.10-150600.3.9.2 * python311-tk-debuginfo-3.11.10-150600.3.9.2 * python311-debuginfo-3.11.10-150600.3.9.2 * python311-dbm-debuginfo-3.11.10-150600.3.9.2 * python311-core-debugsource-3.11.10-150600.3.9.2 * python311-curses-debuginfo-3.11.10-150600.3.9.2 * python311-debugsource-3.11.10-150600.3.9.2 * python311-devel-3.11.10-150600.3.9.2 * python311-dbm-3.11.10-150600.3.9.2 * python311-tools-3.11.10-150600.3.9.2 * python311-3.11.10-150600.3.9.2 * python311-curses-3.11.10-150600.3.9.2 * python311-tk-3.11.10-150600.3.9.2 ## References: * https://www.suse.com/security/cve/CVE-2024-9287.html * https://bugzilla.suse.com/show_bug.cgi?id=1230906 * https://bugzilla.suse.com/show_bug.cgi?id=1232241 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 8 16:30:19 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 08 Nov 2024 16:30:19 -0000 Subject: SUSE-SU-2024:3957-1: moderate: Security update for python311 Message-ID: <173108341949.14191.11293693777935406245@smelt2.prg2.suse.org> # Security update for python311 Announcement ID: SUSE-SU-2024:3957-1 Release Date: 2024-11-08T15:24:57Z Rating: moderate References: * bsc#1230906 * bsc#1232241 Cross-References: * CVE-2024-9287 CVSS scores: * CVE-2024-9287 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2024-9287 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2024-9287 ( NVD ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python311 fixes the following issues: * CVE-2024-9287: Fixed quoted path names provided when creating a virtual environment (bsc#1232241). Bug fixes: * Drop .pyc files from docdir for reproducible builds (bsc#1230906). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3957=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3957=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-3957=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-3957=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python311-debugsource-3.11.10-150400.9.38.2 * python311-curses-3.11.10-150400.9.38.2 * python311-tk-debuginfo-3.11.10-150400.9.38.2 * python311-tk-3.11.10-150400.9.38.2 * python311-testsuite-debuginfo-3.11.10-150400.9.38.2 * python311-doc-devhelp-3.11.10-150400.9.38.1 * python311-doc-3.11.10-150400.9.38.1 * python311-dbm-3.11.10-150400.9.38.2 * python311-curses-debuginfo-3.11.10-150400.9.38.2 * python311-debuginfo-3.11.10-150400.9.38.2 * python311-testsuite-3.11.10-150400.9.38.2 * libpython3_11-1_0-debuginfo-3.11.10-150400.9.38.2 * libpython3_11-1_0-3.11.10-150400.9.38.2 * python311-idle-3.11.10-150400.9.38.2 * python311-3.11.10-150400.9.38.2 * python311-core-debugsource-3.11.10-150400.9.38.2 * python311-devel-3.11.10-150400.9.38.2 * python311-dbm-debuginfo-3.11.10-150400.9.38.2 * python311-base-3.11.10-150400.9.38.2 * python311-base-debuginfo-3.11.10-150400.9.38.2 * python311-tools-3.11.10-150400.9.38.2 * openSUSE Leap 15.4 (x86_64) * python311-32bit-3.11.10-150400.9.38.2 * python311-32bit-debuginfo-3.11.10-150400.9.38.2 * libpython3_11-1_0-32bit-3.11.10-150400.9.38.2 * python311-base-32bit-3.11.10-150400.9.38.2 * python311-base-32bit-debuginfo-3.11.10-150400.9.38.2 * libpython3_11-1_0-32bit-debuginfo-3.11.10-150400.9.38.2 * openSUSE Leap 15.4 (aarch64_ilp32) * python311-64bit-debuginfo-3.11.10-150400.9.38.2 * libpython3_11-1_0-64bit-3.11.10-150400.9.38.2 * libpython3_11-1_0-64bit-debuginfo-3.11.10-150400.9.38.2 * python311-64bit-3.11.10-150400.9.38.2 * python311-base-64bit-3.11.10-150400.9.38.2 * python311-base-64bit-debuginfo-3.11.10-150400.9.38.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python311-debugsource-3.11.10-150400.9.38.2 * python311-curses-3.11.10-150400.9.38.2 * python311-tk-debuginfo-3.11.10-150400.9.38.2 * python311-tk-3.11.10-150400.9.38.2 * python311-testsuite-debuginfo-3.11.10-150400.9.38.2 * python311-doc-devhelp-3.11.10-150400.9.38.1 * python311-doc-3.11.10-150400.9.38.1 * python311-dbm-3.11.10-150400.9.38.2 * python311-curses-debuginfo-3.11.10-150400.9.38.2 * python311-debuginfo-3.11.10-150400.9.38.2 * python311-testsuite-3.11.10-150400.9.38.2 * libpython3_11-1_0-debuginfo-3.11.10-150400.9.38.2 * libpython3_11-1_0-3.11.10-150400.9.38.2 * python311-3.11.10-150400.9.38.2 * python311-idle-3.11.10-150400.9.38.2 * python311-core-debugsource-3.11.10-150400.9.38.2 * python311-devel-3.11.10-150400.9.38.2 * python311-dbm-debuginfo-3.11.10-150400.9.38.2 * python311-base-3.11.10-150400.9.38.2 * python311-base-debuginfo-3.11.10-150400.9.38.2 * python311-tools-3.11.10-150400.9.38.2 * openSUSE Leap 15.5 (x86_64) * python311-32bit-3.11.10-150400.9.38.2 * python311-32bit-debuginfo-3.11.10-150400.9.38.2 * libpython3_11-1_0-32bit-3.11.10-150400.9.38.2 * python311-base-32bit-3.11.10-150400.9.38.2 * python311-base-32bit-debuginfo-3.11.10-150400.9.38.2 * libpython3_11-1_0-32bit-debuginfo-3.11.10-150400.9.38.2 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * libpython3_11-1_0-3.11.10-150400.9.38.2 * python311-base-3.11.10-150400.9.38.2 * python311-3.11.10-150400.9.38.2 * Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python311-debugsource-3.11.10-150400.9.38.2 * python311-curses-3.11.10-150400.9.38.2 * python311-curses-debuginfo-3.11.10-150400.9.38.2 * python311-dbm-debuginfo-3.11.10-150400.9.38.2 * python311-tk-debuginfo-3.11.10-150400.9.38.2 * libpython3_11-1_0-3.11.10-150400.9.38.2 * python311-tk-3.11.10-150400.9.38.2 * python311-base-3.11.10-150400.9.38.2 * python311-debuginfo-3.11.10-150400.9.38.2 * python311-base-debuginfo-3.11.10-150400.9.38.2 * python311-doc-devhelp-3.11.10-150400.9.38.1 * python311-tools-3.11.10-150400.9.38.2 * python311-doc-3.11.10-150400.9.38.1 * python311-3.11.10-150400.9.38.2 * python311-dbm-3.11.10-150400.9.38.2 * python311-idle-3.11.10-150400.9.38.2 * python311-core-debugsource-3.11.10-150400.9.38.2 * libpython3_11-1_0-debuginfo-3.11.10-150400.9.38.2 * python311-devel-3.11.10-150400.9.38.2 ## References: * https://www.suse.com/security/cve/CVE-2024-9287.html * https://bugzilla.suse.com/show_bug.cgi?id=1230906 * https://bugzilla.suse.com/show_bug.cgi?id=1232241 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 8 16:30:24 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 08 Nov 2024 16:30:24 -0000 Subject: SUSE-SU-2024:3954-1: moderate: Security update for java-21-openjdk Message-ID: <173108342488.14191.13811196358928414593@smelt2.prg2.suse.org> # Security update for java-21-openjdk Announcement ID: SUSE-SU-2024:3954-1 Release Date: 2024-11-08T13:10:09Z Rating: moderate References: * bsc#1231702 * bsc#1231711 * bsc#1231716 * bsc#1231719 Cross-References: * CVE-2024-21208 * CVE-2024-21210 * CVE-2024-21217 * CVE-2024-21235 CVSS scores: * CVE-2024-21208 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-21208 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21208 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21210 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-21210 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21210 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21217 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-21217 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21217 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21235 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-21235 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21235 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for java-21-openjdk fixes the following issues: * Update to upstream tag jdk-21.0.5+13 (October 2024 CPU) * Security fixes * JDK-8307383: Enhance DTLS connections * JDK-8311208: Improve CDS Support * JDK-8328286, CVE-2024-21208, bsc#1231702: Enhance HTTP client * JDK-8328544, CVE-2024-21210, bsc#1231711: Improve handling of vectorization * JDK-8328726: Better Kerberos support * JDK-8331446, CVE-2024-21217, bsc#1231716: Improve deserialization support * JDK-8332644, CVE-2024-21235, bsc#1231719: Improve graph optimizations * JDK-8335713: Enhance vectorization analysis * Other changes * JDK-6355567: AdobeMarkerSegment causes failure to read valid JPEG * JDK-6967482: TAB-key does not work in JTables after selecting details-view in JFileChooser * JDK-7022325: TEST_BUG: test/java/util/zip/ZipFile/ /ReadLongZipFileName.java leaks files if it fails * JDK-8051959: Add thread and timestamp options to java.security.debug system property * JDK-8073061: (fs) Files.copy(foo, bar, REPLACE_EXISTING) deletes bar even if foo is not readable * JDK-8166352: FilePane.createDetailsView() removes JTable TAB, SHIFT-TAB functionality * JDK-8170817: G1: Returning MinTLABSize from unsafe_max_tlab_alloc causes TLAB flapping * JDK-8211847: [aix] java/lang/ProcessHandle/InfoTest.java fails: "reported cputime less than expected" * JDK-8211854: [aix] java/net/ServerSocket/ /AcceptInheritHandle.java fails: read times out * JDK-8222884: ConcurrentClassDescLookup.java times out intermittently * JDK-8238169: BasicDirectoryModel getDirectories and DoChangeContents.run can deadlock * JDK-8241550: [macOS] SSLSocketImpl/ReuseAddr.java failed due to "BindException: Address already in use" * JDK-8242564: javadoc crashes:: class cast exception com.sun.tools.javac.code.Symtab$6 * JDK-8260633: [macos] java/awt/dnd/MouseEventAfterStartDragTest/ /MouseEventAfterStartDragTest.html test failed * JDK-8261433: Better pkcs11 performance for libpkcs11:C_EncryptInit/libpkcs11:C_DecryptInit * JDK-8269428: java/util/concurrent/ConcurrentHashMap/ /ToArray.java timed out * JDK-8269657: Test java/nio/channels/DatagramChannel/ /Loopback.java failed: Unexpected message * JDK-8280120: [IR Framework] Add attribute to @IR to enable/disable IR matching based on the architecture * JDK-8280392: java/awt/Focus/NonFocusableWindowTest/ /NonfocusableOwnerTest.java failed with "RuntimeException: Test failed." * JDK-8280988: [XWayland] Click on title to request focus test failures * JDK-8280990: [XWayland] XTest emulated mouse click does not bring window to front * JDK-8283223: gc/stringdedup/TestStringDeduplicationFullGC.java #Parallel failed with "RuntimeException: String verification failed" * JDK-8287325: AArch64: fix virtual threads with -XX:UseBranchProtection=pac-ret * JDK-8291809: Convert compiler/c2/cr7200264/TestSSE2IntVect.java to IR verification test * JDK-8294148: Support JSplitPane for instructions and test UI * JDK-8299058: AssertionError in sun.net.httpserver.ServerImpl when connection is idle * JDK-8299487: Test java/net/httpclient/whitebox/ /SSLTubeTestDriver.java timed out * JDK-8299790: os::print_hex_dump is racy * JDK-8299813: java/nio/channels/DatagramChannel/Disconnect.java fails with jtreg test timeout due to lost datagram * JDK-8301686: TLS 1.3 handshake fails if server_name doesn't match resuming session * JDK-8303920: Avoid calling out to python in DataDescriptorSignatureMissing test * JDK-8305072: Win32ShellFolder2.compareTo is inconsistent * JDK-8305825: getBounds API returns wrong value resulting in multiple Regression Test Failures on Ubuntu 23.04 * JDK-8307193: Several Swing jtreg tests use class.forName on L&F classes * JDK-8307352: AARCH64: Improve itable_stub * JDK-8307778: com/sun/jdi/cds tests fail with jtreg's Virtual test thread factory * JDK-8307788: vmTestbase/gc/gctests/LargeObjects/large003/ /TestDescription.java timed out * JDK-8308286: Fix clang warnings in linux code * JDK-8308660: C2 compilation hits 'node must be dead' assert * JDK-8309067: gtest/AsyncLogGtest.java fails again in stderrOutput_vm * JDK-8309621: [XWayland][Screencast] screen capture failure with sun.java2d.uiScale other than 1 * JDK-8309685: Fix -Wconversion warnings in assembler and register code * JDK-8309894: compiler/vectorapi/ /VectorLogicalOpIdentityTest.java fails on SVE system with UseSVE=0 * JDK-8310072: JComboBox/DisabledComboBoxFontTestAuto: Enabled and disabled ComboBox does not match in these LAFs: GTK+ * JDK-8310108: Skip ReplaceCriticalClassesForSubgraphs when EnableJVMCI is specified * JDK-8310201: Reduce verbose locale output in -XshowSettings launcher option * JDK-8310334: [XWayland][Screencast] screen capture error message in debug * JDK-8310628: GcInfoBuilder.c missing JNI Exception checks * JDK-8310683: Refactor StandardCharset/standard.java to use JUnit * JDK-8310906: Fix -Wconversion warnings in runtime, oops and some code header files. * JDK-8311306: Test com/sun/management/ThreadMXBean/ /ThreadCpuTimeArray.java failed: out of expected range * JDK-8311666: Disabled tests in test/jdk/sun/java2d/marlin * JDK-8311989: Test java/lang/Thread/virtual/Reflection.java timed out * JDK-8312049: runtime/logging/ClassLoadUnloadTest can be improved * JDK-8312111: open/test/jdk/java/awt/Robot/ModifierRobotKey/ /ModifierRobotKeyTest.java fails on ubuntu 23.04 * JDK-8312140: jdk/jshell tests failed with JDI socket timeouts * JDK-8312200: Fix Parse::catch_call_exceptions memory leak * JDK-8312229: Crash involving yield, switch and anonymous classes * JDK-8313674: (fc) java/nio/channels/FileChannel/ /BlockDeviceSize.java should test for more block devices * JDK-8313697: [XWayland][Screencast] consequent getPixelColor calls are slow * JDK-8313983: jmod create --target-platform should replace existing ModuleTarget attribute * JDK-8314163: os::print_hex_dump prints incorrectly for big endian platforms and unit sizes larger than 1 * JDK-8314225: SIGSEGV in JavaThread::is_lock_owned * JDK-8314515: java/util/concurrent/SynchronousQueue/ /Fairness.java failed with "Error: fair=false i=8 j=0" * JDK-8314614: jdk/jshell/ImportTest.java failed with "InternalError: Failed remote listen" * JDK-8315024: Vector API FP reduction tests should not test for exact equality * JDK-8315031: YoungPLABSize and OldPLABSize not aligned by ObjectAlignmentInBytes * JDK-8315422: getSoTimeout() would be in try block in SSLSocketImpl * JDK-8315505: CompileTask timestamp printed can overflow * JDK-8315576: compiler/codecache/CodeCacheFullCountTest.java fails after JDK-8314837 * JDK-8315804: Open source several Swing JTabbedPane JTextArea JTextField tests * JDK-8315923: pretouch_memory by atomic-add-0 fragments huge pages unexpectedly * JDK-8315965: Open source various AWT applet tests * JDK-8315969: compiler/rangechecks/ /TestRangeCheckHoistingScaledIV.java: make flagless * JDK-8316104: Open source several Swing SplitPane and RadioButton related tests * JDK-8316131: runtime/cds/appcds/TestParallelGCWithCDS.java fails with JNI error * JDK-8316193: jdk/jfr/event/oldobject/TestListenerLeak.java java.lang.Exception: Could not find leak * JDK-8316211: Open source several manual applet tests * JDK-8316240: Open source several add/remove MenuBar manual tests * JDK-8316285: Opensource JButton manual tests * JDK-8316306: Open source and convert manual Swing test * JDK-8316328: Test jdk/jfr/event/oldobject/ /TestSanityDefault.java times out for some heap sizes * JDK-8316361: C2: assert(!failure) failed: Missed optimization opportunity in PhaseIterGVN with -XX:VerifyIterativeGVN=10 * JDK-8316389: Open source few AWT applet tests * JDK-8316756: C2 EA fails with "missing memory path" when encountering unsafe_arraycopy stub call * JDK-8317112: Add screenshot for Frame/DefaultSizeTest.java * JDK-8317128: java/nio/file/Files/CopyAndMove.java failed with AccessDeniedException * JDK-8317240: Promptly free OopMapEntry after fail to insert the entry to OopMapCache * JDK-8317288: [macos] java/awt/Window/Grab/GrabTest.java: Press on the outside area didn't cause ungrab * JDK-8317299: safepoint scalarization doesn't keep track of the depth of the JVM state * JDK-8317360: Missing null checks in JfrCheckpointManager and JfrStringPool initialization routines * JDK-8317372: Refactor some NumberFormat tests to use JUnit * JDK-8317446: ProblemList gc/arguments/TestNewSizeFlags.java on macosx-aarch64 in Xcomp * JDK-8317449: ProblemList serviceability/jvmti/stress/ /StackTrace/NotSuspended/ /GetStackTraceNotSuspendedStressTest.java on several platforms * JDK-8317635: Improve GetClassFields test to verify correctness of field order * JDK-8317696: Fix compilation with clang-16 * JDK-8317738: CodeCacheFullCountTest failed with "VirtualMachineError: Out of space in CodeCache for method handle intrinsic" * JDK-8317831: compiler/codecache/CheckLargePages.java fails on OL 8.8 with unexpected memory string * JDK-8318071: IgnoreUnrecognizedVMOptions flag still causes failure in ArchiveHeapTestClass * JDK-8318479: [jmh] the test security.CacheBench failed for multiple threads run * JDK-8318605: Enable parallelism in vmTestbase/nsk/stress/stack tests * JDK-8319197: Exclude hb-subset and hb-style from compilation * JDK-8319406: x86: Shorter movptr(reg, imm) for 32-bit immediates * JDK-8319773: Avoid inflating monitors when installing hash codes for LM_LIGHTWEIGHT * JDK-8319793: C2 compilation fails with "Bad graph detected in build_loop_late" after JDK-8279888 * JDK-8319817: Charset constructor should make defensive copy of aliases * JDK-8319818: Address GCC 13.2.0 warnings (stringop-overflow and dangling-pointer) * JDK-8320079: The ArabicBox.java test has no control buttons * JDK-8320212: Disable GCC stringop-overflow warning for affected files * JDK-8320379: C2: Sort spilling/unspilling sequence for better ld/st merging into ldp/stp on AArch64 * JDK-8320602: Lock contention in SchemaDVFactory.getInstance() * JDK-8320608: Many jtreg printing tests are missing the @printer keyword * JDK-8320655: awt screencast robot spin and sync issues with native libpipewire api * JDK-8320675: PrinterJob/SecurityDialogTest.java hangs * JDK-8320945: problemlist tests failing on latest Windows 11 update * JDK-8321025: Enable Neoverse N1 optimizations for Neoverse V2 * JDK-8321176: [Screencast] make a second attempt on screencast failure * JDK-8321206: Make Locale related system properties `StaticProperty` * JDK-8321220: JFR: RecordedClass reports incorrect modifiers * JDK-8321278: C2: Partial peeling fails with assert "last_peel <\- first_not_peeled" * JDK-8321509: False positive in get_trampoline fast path causes crash * JDK-8321933: TestCDSVMCrash.java spawns two processes * JDK-8322008: Exclude some CDS tests from running with -Xshare:off * JDK-8322062: com/sun/jdi/JdwpAllowTest.java does not performs negative testing with prefix length * JDK-8322330: JavadocHelperTest.java OOMEs with Parallel GC and ZGC * JDK-8322726: C2: Unloaded signature class kills argument value * JDK-8322743: C2: prevent lock region elimination in OSR compilation * JDK-8322766: Micro bench SSLHandshake should use default algorithms * JDK-8322881: java/nio/file/Files/CopyMoveVariations.java fails with AccessDeniedException due to permissions of files in /tmp * JDK-8322971: KEM.getInstance() should check if a 3rd-party security provider is signed * JDK-8322996: BoxLockNode creation fails with assert(reg < CHUNK_SIZE) failed: sanity * JDK-8323122: AArch64: Increase itable stub size estimate * JDK-8323196: jdk/jfr/api/consumer/filestream/TestOrdered.java failed with "Events are not ordered! Reuse = false" * JDK-8323274: C2: array load may float above range check * JDK-8323552: AbstractMemorySegmentImpl#mismatch returns -1 when comparing distinct areas of the same instance of MemorySegment * JDK-8323577: C2 SuperWord: remove AlignVector restrictions on IR tests added in JDK-8305055 * JDK-8323584: AArch64: Unnecessary ResourceMark in NativeCall::set_destination_mt_safe * JDK-8323670: A few client tests intermittently throw ConcurrentModificationException * JDK-8323682: C2: guard check is not generated in Arrays.copyOfRange intrinsic when allocation is eliminated by EA * JDK-8323782: Race: Thread::interrupt vs. AbstractInterruptibleChannel.begin * JDK-8323801: tag doesn't strikethrough the text * JDK-8323972: C2 compilation fails with assert(!x->as_Loop()->is_loop_nest_inner_loop()) failed: loop was transformed * JDK-8324174: assert(m->is_entered(current)) failed: invariant * JDK-8324577: [REDO] - [IMPROVE] OPEN_MAX is no longer the max limit on macOS >= 10.6 for RLIMIT_NOFILE * JDK-8324580: SIGFPE on THP initialization on kernels < 4.10 * JDK-8324641: [IR Framework] Add Setup method to provide custom arguments and set fields * JDK-8324668: JDWP process management needs more efficient file descriptor handling * JDK-8324755: Enable parallelism in vmTestbase/gc/gctests/LargeObjects tests * JDK-8324781: runtime/Thread/TestAlwaysPreTouchStacks.java failed with Expected a higher ratio between stack committed and reserved * JDK-8324808: Manual printer tests have no Pass/Fail buttons, instructions close set 3 * JDK-8324969: C2: prevent elimination of unbalanced coarsened locking regions * JDK-8324983: Race in CompileBroker::possibly_add_compiler_threads * JDK-8325022: Incorrect error message on client authentication * JDK-8325037: x86: enable and fix hotspot/jtreg/compiler/vectorization/TestRoundVectFloat.java * JDK-8325083: jdk/incubator/vector/Double512VectorTests.java crashes in Assembler::vex_prefix_and_encode * JDK-8325179: Race in BasicDirectoryModel.validateFileCache * JDK-8325218: gc/parallel/TestAlwaysPreTouchBehavior.java fails * JDK-8325382: (fc) FileChannel.transferTo throws IOException when position equals size * JDK-8325384: sun/security/ssl/SSLSessionImpl/ /ResumptionUpdateBoundValues.java failing intermittently when main thread is a virtual thread * JDK-8325469: Freeze/Thaw code can crash in the presence of OSR frames * JDK-8325494: C2: Broken graph after not skipping CastII node anymore for Assertion Predicates after JDK-8309902 * JDK-8325520: Vector loads and stores with indices and masks incorrectly compiled * JDK-8325542: CTW: Runner can produce negative StressSeed * JDK-8325587: Shenandoah: ShenandoahLock should allow blocking in VM * JDK-8325616: JFR ZGC Allocation Stall events should record stack traces * JDK-8325620: HTMLReader uses ConvertAction instead of specified CharacterAction for , , * JDK-8325754: Dead AbstractQueuedSynchronizer$ConditionNodes survive minor garbage collections * JDK-8325763: Revert properties: vm.opt.x.* * JDK-8326106: Write and clear stack trace table outside of safepoint * JDK-8326129: Java Record Pattern Match leads to infinite loop * JDK-8326332: Unclosed inline tags cause misalignment in summary tables * JDK-8326717: Disable stringop-overflow in shenandoahLock.cpp * JDK-8326734: text-decoration applied to lost when mixed with or * JDK-8327007: javax/swing/JSpinner/8008657/bug8008657.java fails * JDK-8327040: Problemlist ActionListenerCalledTwiceTest.java test failing in macos14 * JDK-8327137: Add test for ConcurrentModificationException in BasicDirectoryModel * JDK-8327401: Some jtreg tests fail on Wayland without any tracking bug * JDK-8327423: C2 remove_main_post_loops: check if main-loop belongs to pre-loop, not just assert * JDK-8327424: ProblemList serviceability/sa/TestJmapCore.java on all platforms with ZGC * JDK-8327501: Common ForkJoinPool prevents class unloading in some cases * JDK-8327650: Test java/nio/channels/DatagramChannel/ /StressNativeSignal.java timed out * JDK-8327787: Convert javax/swing/border/Test4129681.java applet test to main * JDK-8327840: Automate javax/swing/border/Test4129681.java * JDK-8327990: [macosx-aarch64] Various tests fail with -XX:+AssertWXAtThreadSync * JDK-8328011: Convert java/awt/Frame/GetBoundsResizeTest/ /GetBoundsResizeTest.java applet test to main * JDK-8328075: Shenandoah: Avoid forwarding when objects don't move in full-GC * JDK-8328110: Allow simultaneous use of PassFailJFrame with split UI and additional windows * JDK-8328115: Convert java/awt/font/TextLayout/ /TestJustification.html applet test to main * JDK-8328158: Convert java/awt/Choice/NonFocusablePopupMenuTest to automatic main test * JDK-8328218: Delete test java/awt/Window/FindOwner/FindOwner.html * JDK-8328234: Remove unused nativeUtils files * JDK-8328238: Convert few closed manual applet tests to main * JDK-8328269: NonFocusablePopupMenuTest.java should be marked as headful * JDK-8328273: sun/management/jmxremote/bootstrap/ /RmiRegistrySslTest.java failed with java.rmi.server.ExportException: Port already in use * JDK-8328366: Thread.setContextClassloader from thread in FJP commonPool task no longer works after JDK-8327501 * JDK-8328560: java/awt/event/MouseEvent/ClickDuringKeypress/ /ClickDuringKeypress.java imports Applet * JDK-8328561: test java/awt/Robot/ManualInstructions/ /ManualInstructions.java isn't used * JDK-8328642: Convert applet test MouseDraggedOutCauseScrollingTest.html to main * JDK-8328647: TestGarbageCollectorMXBean.java fails with C1-only and -Xcomp * JDK-8328697: SubMenuShowTest and SwallowKeyEvents tests stabilization * JDK-8328785: IOException: Symbol not found: C_GetInterface for PKCS11 interface prior to V3.0 * JDK-8328896: Fontmetrics for large Fonts has zero width * JDK-8328953: JEditorPane.read throws ChangedCharSetException * JDK-8328999: Update GIFlib to 5.2.2 * JDK-8329004: Update Libpng to 1.6.43 * JDK-8329088: Stack chunk thawing races with concurrent GC stack iteration * JDK-8329103: assert(!thread->in_asgct()) failed during multi-mode profiling * JDK-8329126: No native wrappers generated anymore with -XX:-TieredCompilation after JDK-8251462 * JDK-8329134: Reconsider TLAB zapping * JDK-8329258: TailCall should not use frame pointer register for jump target * JDK-8329510: Update ProblemList for JFileChooser/8194044/FileSystemRootTest.java * JDK-8329559: Test javax/swing/JFrame/bug4419914.java failed because The End and Start buttons are not placed correctly and Tab focus does not move as expected * JDK-8329665: fatal error: memory leak: allocating without ResourceMark * JDK-8329667: [macos] Issue with JTree related fix for JDK-8317771 * JDK-8329995: Restricted access to `/proc` can cause JFR initialization to crash * JDK-8330027: Identity hashes of archived objects must be based on a reproducible random seed * JDK-8330063: Upgrade jQuery to 3.7.1 * JDK-8330133: libj2pkcs11.so crashes on some pkcs#11 v3.0 libraries * JDK-8330146: assert(!_thread->is_in_any_VTMS_transition()) failed * JDK-8330520: linux clang build fails in os_linux.cpp with static_assert with no message is a C++17 extension * JDK-8330576: ZYoungCompactionLimit should have range check * JDK-8330611: AES-CTR vector intrinsic may read out of bounds (x86_64, AVX-512) * JDK-8330748: ByteArrayOutputStream.writeTo(OutputStream) pins carrier * JDK-8330814: Cleanups for KeepAliveCache tests * JDK-8330819: C2 SuperWord: bad dominance after pre-loop limit adjustment with base that has CastLL after pre-loop * JDK-8330849: Add test to verify memory usage with recursive locking * JDK-8330981: ZGC: Should not dedup strings in the finalizer graph * JDK-8331011: [XWayland] TokenStorage fails under Security Manager * JDK-8331063: Some HttpClient tests don't report leaks * JDK-8331077: nroff man page update for jar tool * JDK-8331142: Add test for number of loader threads in BasicDirectoryModel * JDK-8331153: JFR: Improve logging of jdk/jfr/api/consumer/filestream/TestOrdered.java * JDK-8331164: createJMHBundle.sh download jars fail when url needed to be redirected * JDK-8331266: Bump update version for OpenJDK: jdk-21.0.5 * JDK-8331405: Shenandoah: Optimize ShenandoahLock with TTAS * JDK-8331411: Shenandoah: Reconsider spinning duration in ShenandoahLock * JDK-8331421: ubsan: vmreg.cpp checking error member call on misaligned address * JDK-8331495: Limit BasicDirectoryModel/LoaderThreadCount.java to Windows only * JDK-8331518: Tests should not use the "Classpath" exception form of the legal header * JDK-8331572: Allow using OopMapCache outside of STW GC phases * JDK-8331573: Rename CollectedHeap::is_gc_active to be explicitly about STW GCs * JDK-8331575: C2: crash when ConvL2I is split thru phi at LongCountedLoop * JDK-8331605: jdk/test/lib/TestMutuallyExclusivePlatformPredicates.java test failure * JDK-8331626: unsafe.cpp:162:38: runtime error in index_oop_from_field_offset_long - applying non-zero offset 4563897424 to null pointer * JDK-8331714: Make OopMapCache installation lock-free * JDK-8331731: ubsan: relocInfo.cpp:155:30: runtime error: applying non-zero offset to null pointer * JDK-8331746: Create a test to verify that the cmm id is not ignored * JDK-8331771: ZGC: Remove OopMapCacheAlloc_lock ordering workaround * JDK-8331789: ubsan: deoptimization.cpp:403:29: runtime error: load of value 208, which is not a valid value for type 'bool' * JDK-8331798: Remove unused arg of checkErgonomics() in TestMaxHeapSizeTools.java * JDK-8331854: ubsan: copy.hpp:218:10: runtime error: addition of unsigned offset to 0x7fc2b4024518 overflowed to 0x7fc2b4024510 * JDK-8331863: DUIterator_Fast used before it is constructed * JDK-8331885: C2: meet between unloaded and speculative types is not symmetric * JDK-8331931: JFR: Avoid loading regex classes during startup * JDK-8331999: BasicDirectoryModel/LoaderThreadCount.java frequently fails on Windows in CI * JDK-8332008: Enable issuestitle check * JDK-8332113: Update nsk.share.Log to be always verbose * JDK-8332154: Memory leak in SynchronousQueue * JDK-8332174: Remove 2 (unpaired) RLO Unicode characters in ff_Adlm.xml * JDK-8332248: (fc) java/nio/channels/FileChannel/ /BlockDeviceSize.java failed with RuntimeException * JDK-8332424: Update IANA Language Subtag Registry to Version 2024-05-16 * JDK-8332431: NullPointerException in JTable of SwingSet2 * JDK-8332473: ubsan: growableArray.hpp:290:10: runtime error: null pointer passed as argument 1, which is declared to never be null * JDK-8332490: JMH org.openjdk.bench.java.util.zip .InflaterInputStreams.inflaterInputStreamRead OOM * JDK-8332499: Gtest codestrings.validate_vm fail on linux x64 when hsdis is present * JDK-8332524: Instead of printing "TLSv1.3," it is showing "TLS13" * JDK-8332589: ubsan: unix/native/libjava/ProcessImpl_md.c:562:5: runtime error: null pointer passed as argument 2, which is declared to never be null * JDK-8332675: test/hotspot/jtreg/gc/testlibrary/Helpers.java compileClass javadoc does not match after 8321812 * JDK-8332699: ubsan: jfrEventSetting.inline.hpp:31:43: runtime error: index 163 out of bounds for type 'jfrNativeEventSetting [162]' * JDK-8332717: ZGC: Division by zero in heuristics * JDK-8332720: ubsan: instanceKlass.cpp:3550:76: runtime error: member call on null pointer of type 'struct Array' * JDK-8332818: ubsan: archiveHeapLoader.cpp:70:27: runtime error: applying non-zero offset 18446744073707454464 to null pointer * JDK-8332825: ubsan: guardedMemory.cpp:35:11: runtime error: null pointer passed as argument 2, which is declared to never be null * JDK-8332885: Clarify failure_handler self-tests * JDK-8332894: ubsan: vmError.cpp:2090:26: runtime error: division by zero * JDK-8332898: failure_handler: log directory of commands * JDK-8332903: ubsan: opto/output.cpp:1002:18: runtime error: load of value 171, which is not a valid value for type 'bool' * JDK-8332904: ubsan ppc64le: c1_LIRGenerator_ppc.cpp:581:21: runtime error: signed integer overflow: 9223372036854775807 + 1 cannot be represented in type 'long int' * JDK-8332905: C2 SuperWord: bad AD file, with RotateRightV and first operand not a pack * JDK-8332920: C2: Partial Peeling is wrongly applied for CmpU with negative limit * JDK-8332935: Crash: assert(*lastPtr != 0) failed: Mismatched JNINativeInterface tables, check for new entries * JDK-8332936: Test vmTestbase/metaspace/gc/watermark_70_80/ /TestDescription.java fails with no GC's recorded * JDK-8332959: C2: ZGC fails with 'Incorrect load shift' when invoking Object.clone() reflectively on an array * JDK-8333088: ubsan: shenandoahAdaptiveHeuristics.cpp:245:44: runtime error: division by zero * JDK-8333093: Incorrect comment in zAddress_aarch64.cpp * JDK-8333099: Missing check for is_LoadVector in StoreNode::Identity * JDK-8333149: ubsan : memset on nullptr target detected in jvmtiEnvBase.cpp get_object_monitor_usage * JDK-8333178: ubsan: jvmti_tools.cpp:149:16: runtime error: null pointer passed as argument 2, which is declared to never be null * JDK-8333270: HandlersOnComplexResetUpdate and HandlersOnComplexUpdate tests fail with "Unexpected reference" if timeoutFactor is less than 1/3 * JDK-8333277: ubsan: mlib_ImageScanPoly.c:292:43: runtime error: division by zero * JDK-8333353: Delete extra empty line in CodeBlob.java * JDK-8333354: ubsan: frame.inline.hpp:91:25: and src/hotspot/share/runtime/frame.inline.hpp:88:29: runtime error: member call on null pointer of type 'const struct SmallRegisterMap' * JDK-8333361: ubsan,test : libHeapMonitorTest.cpp:518:9: runtime error: null pointer passed as argument 2, which is declared to never be null * JDK-8333363: ubsan: instanceKlass.cpp: runtime error: member call on null pointer of type 'struct AnnotationArray' * JDK-8333366: C2: CmpU3Nodes are not pushed back to worklist in PhaseCCP leading to non-fixpoint assertion failure * JDK-8333398: Uncomment the commented test in test/jdk/java/ /util/jar/JarFile/mrjar/MultiReleaseJarAPI.java * JDK-8333462: Performance regression of new DecimalFormat() when compare to jdk11 * JDK-8333477: Delete extra empty spaces in Makefiles * JDK-8333542: Breakpoint in parallel code does not work * JDK-8333622: ubsan: relocInfo_x86.cpp:101:56: runtime error: pointer index expression with base (-1) overflowed * JDK-8333639: ubsan: cppVtables.cpp:81:55: runtime error: index 14 out of bounds for type 'long int [1]' * JDK-8333652: RISC-V: compiler/vectorapi/ /VectorGatherMaskFoldingTest.java fails when using RVV * JDK-8333716: Shenandoah: Check for disarmed method before taking the nmethod lock * JDK-8333724: Problem list security/infra/java/security/cert/ /CertPathValidator/certification/CAInterop.java #teliasonerarootcav1 * JDK-8333804: java/net/httpclient/ForbiddenHeadTest.java threw an exception with 0 failures * JDK-8333887: ubsan: unsafe.cpp:247:13: runtime error: store to null pointer of type 'volatile int' * JDK-8334078: RISC-V: TestIntVect.java fails after JDK-8332153 when running without RVV * JDK-8334123: log the opening of Type 1 fonts * JDK-8334166: Enable binary check * JDK-8334239: Introduce macro for ubsan method/function exclusions * JDK-8334297: (so) java/nio/channels/SocketChannel/OpenLeak.java should not depend on SecurityManager * JDK-8334332: TestIOException.java fails if run by root * JDK-8334333: MissingResourceCauseTestRun.java fails if run by root * JDK-8334339: Test java/nio/file/attribute/ /BasicFileAttributeView/CreationTime.java fails on alinux3 * JDK-8334418: Update IANA Language Subtag Registry to Version 2024-06-14 * JDK-8334421: assert(!oldbox->is_unbalanced()) failed: this should not be called for unbalanced region * JDK-8334482: Shenandoah: Deadlock when safepoint is pending during nmethods iteration * JDK-8334592: ProblemList serviceability/jvmti/stress/ /StackTrace/NotSuspended/ /GetStackTraceNotSuspendedStressTest.java in jdk21 on all platforms * JDK-8334594: Generational ZGC: Deadlock after OopMap rewrites in 8331572 * JDK-8334600: TEST java/net/MulticastSocket/IPMulticastIF.java fails on linux-aarch64 * JDK-8334618: ubsan: support setting additional ubsan check options * JDK-8334653: ISO 4217 Amendment 177 Update * JDK-8334769: Shenandoah: Move CodeCache_lock close to its use in ShenandoahConcurrentNMethodIterator * JDK-8334867: Add back assertion from JDK-8325494 * JDK-8335007: Inline OopMapCache table * JDK-8335134: Test com/sun/jdi/BreakpointOnClassPrepare.java timeout * JDK-8335150: Test LogGeneratedClassesTest.java fails on rpmbuild mock enviroment * JDK-8335237: ubsan: vtableStubs.hpp is_vtable_stub exclude from ubsan checks * JDK-8335283: Build failure due to 'no_sanitize' attribute directive ignored * JDK-8335409: Can't allocate and retain memory from resource area in frame::oops_interpreted_do oop closure after 8329665 * JDK-8335493: check_gc_overhead_limit should reset SoftRefPolicy::_should_clear_all_soft_refs * JDK-8335536: Fix assertion failure in IdealGraphPrinter when append is true * JDK-8335743: jhsdb jstack cannot print some information on the waiting thread * JDK-8335775: Remove extraneous 's' in comment of rawmonitor.cpp test file * JDK-8335904: Fix invalid comment in ShenandoahLock * JDK-8335967: "text-decoration: none" does not work with "A" HTML tags * JDK-8336284: Test TestClhsdbJstackLock.java/ TestJhsdbJstackLock.java fails with -Xcomp after JDK-8335743 * JDK-8336301: test/jdk/java/nio/channels/ /AsyncCloseAndInterrupt.java leaves around a FIFO file upon test completion * JDK-8336342: Fix known X11 library locations in sysroot * JDK-8336343: Add more known sysroot library locations for ALSA * JDK-8336926: jdk/internal/util/ReferencedKeyTest.java can fail with ConcurrentModificationException * JDK-8336928: GHA: Bundle artifacts removal broken * JDK-8337038: Test java/nio/file/attribute/ /BasicFileAttributeView/CreationTime.java shoud set as /native * JDK-8337283: configure.log is truncated when build dir is on different filesystem * JDK-8337622: IllegalArgumentException in java.lang.reflect.Field.get * JDK-8337664: Distrust TLS server certificates issued after Oct 2024 and anchored by Entrust Root CAs * JDK-8338139: {ClassLoading,Memory}MXBean::isVerbose methods are inconsistent with their setVerbose methods * JDK-8338286: GHA: Demote x86_32 to hotspot build only * JDK-8338696: (fs) BasicFileAttributes.creationTime() falls back to epoch if birth time is unavailable (Linux) * JDK-8339869: [21u] Test CreationTime.java fails with UnsatisfiedLinkError after 8334339 * JDK-8341057: Add 2 SSL.com TLS roots * JDK-8341059: Change Entrust TLS distrust date to November 12, 2024 * JDK-8341674: [21u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 21.0.5 * JDK-8341989: [21u] Back out JDK-8327501 and JDK-8328366 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3954=1 openSUSE-SLE-15.6-2024-3954=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3954=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * java-21-openjdk-src-21.0.5.0-150600.3.6.3 * java-21-openjdk-jmods-21.0.5.0-150600.3.6.3 * java-21-openjdk-21.0.5.0-150600.3.6.3 * java-21-openjdk-headless-debuginfo-21.0.5.0-150600.3.6.3 * java-21-openjdk-demo-21.0.5.0-150600.3.6.3 * java-21-openjdk-devel-21.0.5.0-150600.3.6.3 * java-21-openjdk-debuginfo-21.0.5.0-150600.3.6.3 * java-21-openjdk-headless-21.0.5.0-150600.3.6.3 * java-21-openjdk-devel-debuginfo-21.0.5.0-150600.3.6.3 * java-21-openjdk-debugsource-21.0.5.0-150600.3.6.3 * openSUSE Leap 15.6 (noarch) * java-21-openjdk-javadoc-21.0.5.0-150600.3.6.3 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-21-openjdk-21.0.5.0-150600.3.6.3 * java-21-openjdk-headless-debuginfo-21.0.5.0-150600.3.6.3 * java-21-openjdk-demo-21.0.5.0-150600.3.6.3 * java-21-openjdk-devel-21.0.5.0-150600.3.6.3 * java-21-openjdk-debuginfo-21.0.5.0-150600.3.6.3 * java-21-openjdk-headless-21.0.5.0-150600.3.6.3 * java-21-openjdk-devel-debuginfo-21.0.5.0-150600.3.6.3 * java-21-openjdk-debugsource-21.0.5.0-150600.3.6.3 ## References: * https://www.suse.com/security/cve/CVE-2024-21208.html * https://www.suse.com/security/cve/CVE-2024-21210.html * https://www.suse.com/security/cve/CVE-2024-21217.html * https://www.suse.com/security/cve/CVE-2024-21235.html * https://bugzilla.suse.com/show_bug.cgi?id=1231702 * https://bugzilla.suse.com/show_bug.cgi?id=1231711 * https://bugzilla.suse.com/show_bug.cgi?id=1231716 * https://bugzilla.suse.com/show_bug.cgi?id=1231719 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 11 08:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 11 Nov 2024 08:30:06 -0000 Subject: SUSE-SU-2024:3964-1: moderate: Security update for python-wxPython Message-ID: <173131380603.5045.2920489650984447148@smelt2.prg2.suse.org> # Security update for python-wxPython Announcement ID: SUSE-SU-2024:3964-1 Release Date: 2024-11-09T16:39:54Z Rating: moderate References: * bsc#1228252 * bsc#1232590 Cross-References: * CVE-2024-50602 CVSS scores: * CVE-2024-50602 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-50602 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python-wxPython fixes the following issues: Security issue fixed: * CVE-2024-50602: Fixed a denial of service in the vendored libexpat's XML_ResumeParser function (bsc#1232590). Non-security issues fixed: * rebuilt for python 3.11 (bsc#1228252). * add repack script, do not include packaging/ dir in sources * Reduce complexity by not rewriting subpackages at all. * Appease factory-auto bot about package src name. * Add additional patches fixing the situation with Python 3.10 compatibility. * Split out the TW python3 flavors into multibuild using the python_subpackage_only mechanism: Multiple python3 flavors sequentially require too much space and time in one build. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3964=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3964=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python311-wxPython-debugsource-4.1.1-150400.3.8.1 * python311-wxPython-lang-4.1.1-150400.3.8.1 * python311-wxPython-debuginfo-4.1.1-150400.3.8.1 * python311-wxPython-4.1.1-150400.3.8.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python311-wxPython-debugsource-4.1.1-150400.3.8.1 * python311-wxPython-lang-4.1.1-150400.3.8.1 * python311-wxPython-debuginfo-4.1.1-150400.3.8.1 * python311-wxPython-4.1.1-150400.3.8.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50602.html * https://bugzilla.suse.com/show_bug.cgi?id=1228252 * https://bugzilla.suse.com/show_bug.cgi?id=1232590 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 11 08:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 11 Nov 2024 08:30:11 -0000 Subject: SUSE-SU-2024:3963-1: moderate: Security update for java-17-openjdk Message-ID: <173131381118.5045.3107921676251927953@smelt2.prg2.suse.org> # Security update for java-17-openjdk Announcement ID: SUSE-SU-2024:3963-1 Release Date: 2024-11-09T16:39:43Z Rating: moderate References: * bsc#1231702 * bsc#1231711 * bsc#1231716 * bsc#1231719 Cross-References: * CVE-2024-21208 * CVE-2024-21210 * CVE-2024-21217 * CVE-2024-21235 CVSS scores: * CVE-2024-21208 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-21208 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21208 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21210 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-21210 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21210 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21217 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-21217 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21217 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21235 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-21235 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21235 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Legacy Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities can now be installed. ## Description: This update for java-17-openjdk fixes the following issues: * Update to upstream tag jdk-17.0.13+11 (October 2024 CPU) * Security fixes * JDK-8307383: Enhance DTLS connections * JDK-8290367, JDK-8332643: Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property * JDK-8328286, CVE-2024-21208, bsc#1231702: Enhance HTTP client * JDK-8328544, CVE-2024-21210, bsc#1231711: Improve handling of vectorization * JDK-8328726: Better Kerberos support * JDK-8331446, CVE-2024-21217, bsc#1231716: Improve deserialization support * JDK-8332644, CVE-2024-21235, bsc#1231719: Improve graph optimizations * JDK-8335713: Enhance vectorization analysis * Other changes * JDK-7022325: TEST_BUG: test/java/util/zip/ZipFile/ /ReadLongZipFileName.java leaks files if it fails * JDK-7026262: HttpServer: improve handling of finished HTTP exchanges * JDK-7124313: [macosx] Swing Popups should overlap taskbar * JDK-8005885: enhance PrintCodeCache to print more data * JDK-8051959: Add thread and timestamp options to java.security.debug system property * JDK-8170817: G1: Returning MinTLABSize from unsafe_max_tlab_alloc causes TLAB flapping * JDK-8183227: read/write APIs in class os shall return ssize_t * JDK-8193547: Regression automated test '/open/test/jdk/java/ /awt/Toolkit/DesktopProperties/rfe4758438.java' fails * JDK-8222884: ConcurrentClassDescLookup.java times out intermittently * JDK-8233725: ProcessTools.startProcess() has output issues when using an OutputAnalyzer at the same time * JDK-8238169: BasicDirectoryModel getDirectories and DoChangeContents.run can deadlock * JDK-8241550: [macOS] SSLSocketImpl/ReuseAddr.java failed due to "BindException: Address already in use" * JDK-8255898: Test java/awt/FileDialog/FilenameFilterTest/ /FilenameFilterTest.java fails on Mac OS * JDK-8256291: RunThese30M fails "assert(_class_unload ? true : ((((JfrTraceIdBits::load(class_loader_klass)) & ((1 << 4) << 8)) != 0))) failed: invariant" * JDK-8257540: javax/swing/JFileChooser/8041694/bug8041694.java failed with "RuntimeException: The selected directory name is not the expected 'd ' but 'D '." * JDK-8259866: two java.util tests failed with "IOException: There is not enough space on the disk" * JDK-8260633: [macos] java/awt/dnd/MouseEventAfterStartDragTest/ /MouseEventAfterStartDragTest.html test failed * JDK-8261433: Better pkcs11 performance for libpkcs11:C_EncryptInit/libpkcs11:C_DecryptInit * JDK-8263031: HttpClient throws Exception if it receives a Push Promise that is too large * JDK-8265919: RunThese30M fails "assert((!(((((JfrTraceIdBits::load(value)) & ((1 << 4) << 8)) != 0))))) failed: invariant" * JDK-8269428: java/util/concurrent/ConcurrentHashMap/ /ToArray.java timed out * JDK-8269657: Test java/nio/channels/DatagramChannel/ /Loopback.java failed: Unexpected message * JDK-8272232: javax/swing/JTable/4275046/bug4275046.java failed with "Expected value in the cell: 'rededited' but found 'redEDITED'." * JDK-8272558: IR Test Framework README misses some flags * JDK-8272777: Clean up remaining AccessController warnings in test library * JDK-8273216: JCMD does not work across container boundaries with Podman * JDK-8273430: Suspicious duplicate condition in java.util.regex.Grapheme#isExcludedSpacingMark * JDK-8273541: Cleaner Thread creates with normal priority instead of MAX_PRIORITY - 2 * JDK-8275851: Deproblemlist open/test/jdk/javax/swing/ /JComponent/6683775/bug6683775.java * JDK-8276660: Scalability bottleneck in java.security.Provider.getService() * JDK-8277042: add test for 8276036 to compiler/codecache * JDK-8279068: IGV: Update to work with JDK 16 and 17 * JDK-8279164: Disable TLS_ECDH_* cipher suites * JDK-8279222: Incorrect legacyMap.get in java.security.Provider after JDK-8276660 * JDK-8279337: The MToolkit is still referenced in a few places * JDK-8279641: Create manual JTReg tests for Swing accessibility * JDK-8279878: java/awt/font/JNICheck/JNICheck.sh test fails on Ubuntu 21.10 * JDK-8280034: ProblemList jdk/jfr/api/consumer/recordingstream/ /TestOnEvent.java on linux-x64 * JDK-8280392: java/awt/Focus/NonFocusableWindowTest/ /NonfocusableOwnerTest.java failed with "RuntimeException: Test failed." * JDK-8280970: Cleanup dead code in java.security.Provider * JDK-8280982: [Wayland] [XWayland] java.awt.Robot taking screenshots * JDK-8280988: [XWayland] Click on title to request focus test failures * JDK-8280990: [XWayland] XTest emulated mouse click does not bring window to front * JDK-8280993: [XWayland] Popup is not closed on click outside of area controlled by XWayland * JDK-8280994: [XWayland] Drag and Drop does not work in java -> wayland app direction * JDK-8281944: JavaDoc throws java.lang.IllegalStateException: ERRONEOUS * JDK-8282354: Remove dependancy of TestHttpServer, HttpTransaction, HttpCallback from open/test/jdk/ tests * JDK-8282526: Default icon is not painted properly * JDK-8283728: jdk.hotspot.agent: Wrong location for RISCV64ThreadContext.java * JDK-8284316: Support accessibility ManualTestFrame.java for non SwingSet tests * JDK-8284585: PushPromiseContinuation test fails intermittently in timeout * JDK-8285497: Add system property for Java SE specification maintenance version * JDK-8288568: Reduce runtime of java.security microbenchmarks * JDK-8289182: NMT: MemTracker::baseline should return void * JDK-8290966: G1: Record number of PLAB filled and number of direct allocations * JDK-8291760: PipelineLeaksFD.java still fails: More or fewer pipes than expected * JDK-8292044: HttpClient doesn't handle 102 or 103 properly * JDK-8292739: Invalid legacy entries may be returned by Provider.getServices() call * JDK-8292948: JEditorPane ignores font-size styles in external linked css-file * JDK-8293862: javax/swing/JFileChooser/8046391/bug8046391.java failed with 'Cannot invoke "java.awt.Image.getWidth(java.awt.image.ImageObserver)" because "retVal" is null' * JDK-8293872: Make runtime/Thread/ThreadCountLimit.java more robust * JDK-8294148: Support JSplitPane for instructions and test UI * JDK-8294691: dynamicArchive/RelativePath.java is running other test case * JDK-8294994: Update Jarsigner and Keytool i18n tests to validate i18n compliance * JDK-8295111: dpkg appears to have problems resolving symbolically linked native libraries * JDK-8296410: HttpClient throws java.io.IOException: no statuscode in response for HTTP2 * JDK-8296812: sprintf is deprecated in Xcode 14 * JDK-8297878: KEM: Implementation * JDK-8298381: Improve handling of session tickets for multiple SSLContexts * JDK-8298596: vmTestbase/nsk/sysdict/vm/stress/chain/chain008/ /chain008.java fails with "NoClassDefFoundError: Could not initialize class java.util.concurrent.ThreadLocalRandom" * JDK-8298809: Clean up vm/compiler/InterfaceCalls JMH * JDK-8299058: AssertionError in sun.net.httpserver.ServerImpl when connection is idle * JDK-8299254: Support dealing with standard assert macro * JDK-8299378: sprintf is deprecated in Xcode 14 * JDK-8299395: Remove metaprogramming/removeCV.hpp * JDK-8299396: Remove metaprogramming/removeExtent.hpp * JDK-8299397: Remove metaprogramming/isFloatingPoint.hpp * JDK-8299398: Remove metaprogramming/isConst.hpp * JDK-8299399: Remove metaprogramming/isArray.hpp * JDK-8299402: Remove metaprogramming/isVolatile.hpp * JDK-8299479: Remove metaprogramming/decay.hpp * JDK-8299481: Remove metaprogramming/removePointer.hpp * JDK-8299482: Remove metaprogramming/isIntegral.hpp * JDK-8299487: Test java/net/httpclient/whitebox/ /SSLTubeTestDriver.java timed out * JDK-8299635: Hotspot update for deprecated sprintf in Xcode 14 * JDK-8299779: Test tools/jpackage/share/jdk/jpackage/tests/ /MainClassTest.java timed out * JDK-8299813: java/nio/channels/DatagramChannel/Disconnect.java fails with jtreg test timeout due to lost datagram * JDK-8299971: Remove metaprogramming/conditional.hpp * JDK-8299972: Remove metaprogramming/removeReference.hpp * JDK-8300169: Build failure with clang-15 * JDK-8300260: Remove metaprogramming/isSame.hpp * JDK-8300264: Remove metaprogramming/isPointer.hpp * JDK-8300265: Remove metaprogramming/isSigned.hpp * JDK-8300806: Update googletest to v1.13.0 * JDK-8300910: Remove metaprogramming/integralConstant.hpp * JDK-8301132: Test update for deprecated sprintf in Xcode 14 * JDK-8301200: Don't scale timeout stress with timeout factor * JDK-8301274: update for deprecated sprintf for security components * JDK-8301279: update for deprecated sprintf for management components * JDK-8301686: TLS 1.3 handshake fails if server_name doesn't match resuming session * JDK-8301704: Shorten the number of GCs in UnloadingTest.java to verify a class loader not being unloaded * JDK-8302495: update for deprecated sprintf for java.desktop * JDK-8302800: Augment NaN handling tests of FDLIBM methods * JDK-8303216: Prefer ArrayList to LinkedList in sun.net.httpserver.ServerImpl * JDK-8303466: C2: failed: malformed control flow. Limit type made precise with MaxL/MinL * JDK-8303527: update for deprecated sprintf for jdk.hotspot.agent * JDK-8303617: update for deprecated sprintf for jdk.jdwp.agent * JDK-8303830: update for deprecated sprintf for jdk.accessibility * JDK-8303891: Speed up Zip64SizeTest using a small ZIP64 file * JDK-8303920: Avoid calling out to python in DataDescriptorSignatureMissing test * JDK-8303942: os::write should write completely * JDK-8303965: java.net.http.HttpClient should reset the stream if response headers contain malformed header fields * JDK-8304375: jdk/jfr/api/consumer/filestream/TestOrdered.java failed with "Expected at least some events to be out of order! Reuse = false" * JDK-8304962: sun/net/www/http/KeepAliveCache/B5045306.java: java.lang.RuntimeException: Failed: Initial Keep Alive Connection is not being reused * JDK-8304963: HttpServer closes connection after processing HEAD after JDK-7026262 * JDK-8305072: Win32ShellFolder2.compareTo is inconsistent * JDK-8305079: Remove finalize() from compiler/c2/Test719030 * JDK-8305081: Remove finalize() from test/hotspot/jtreg/compiler/runtime/Test8168712 * JDK-8305825: getBounds API returns wrong value resulting in multiple Regression Test Failures on Ubuntu 23.04 * JDK-8305959: x86: Improve itable_stub * JDK-8306583: Add JVM crash check in CDSTestUtils.executeAndLog * JDK-8306929: Avoid CleanClassLoaderDataMetaspaces safepoints when previous versions are shared * JDK-8306946: jdk/test/lib/process/ /ProcessToolsStartProcessTest.java fails with "wrong number of lines in OutputAnalyzer output" * JDK-8307091: A few client tests intermittently throw ConcurrentModificationException * JDK-8307193: Several Swing jtreg tests use class.forName on L&F classes * JDK-8307352: AARCH64: Improve itable_stub * JDK-8307448: Test RedefineSharedClassJFR fail due to wrong assumption * JDK-8307779: Relax the java.awt.Robot specification * JDK-8307848: update for deprecated sprintf for jdk.attach * JDK-8307850: update for deprecated sprintf for jdk.jdi * JDK-8308022: update for deprecated sprintf for java.base * JDK-8308144: Uncontrolled memory consumption in SSLFlowDelegate.Reader * JDK-8308184: Launching java with large number of jars in classpath with java.protocol.handler.pkgs system property set can lead to StackOverflowError * JDK-8308801: update for deprecated sprintf for libnet in java.base * JDK-8308891: TestCDSVMCrash.java needs @requires vm.cds * JDK-8309241: ClassForNameLeak fails intermittently as the class loader hasn't been unloaded * JDK-8309621: [XWayland][Screencast] screen capture failure with sun.java2d.uiScale other than 1 * JDK-8309703: AIX build fails after JDK-8280982 * JDK-8309756: Occasional crashes with pipewire screen capture on Wayland * JDK-8309934: Update GitHub Actions to use JDK 17 for building jtreg * JDK-8310070: Test: javax/net/ssl/DTLS/DTLSWontNegotiateV10.java timed out * JDK-8310108: Skip ReplaceCriticalClassesForSubgraphs when EnableJVMCI is specified * JDK-8310201: Reduce verbose locale output in -XshowSettings launcher option * JDK-8310334: [XWayland][Screencast] screen capture error message in debug * JDK-8310628: GcInfoBuilder.c missing JNI Exception checks * JDK-8310683: Refactor StandardCharset/standard.java to use JUnit * JDK-8311208: Improve CDS Support * JDK-8311666: Disabled tests in test/jdk/sun/java2d/marlin * JDK-8312049: runtime/logging/ClassLoadUnloadTest can be improved * JDK-8312140: jdk/jshell tests failed with JDI socket timeouts * JDK-8312229: Crash involving yield, switch and anonymous classes * JDK-8313256: Exclude failing multicast tests on AIX * JDK-8313394: Array Elements in OldObjectSample event has the incorrect description * JDK-8313674: (fc) java/nio/channels/FileChannel/ /BlockDeviceSize.java should test for more block devices * JDK-8313697: [XWayland][Screencast] consequent getPixelColor calls are slow * JDK-8313873: java/nio/channels/DatagramChannel/ /SendReceiveMaxSize.java fails on AIX due to small default RCVBUF size and different IPv6 Header interpretation * JDK-8313901: [TESTBUG] test/hotspot/jtreg/compiler/codecache/ /CodeCacheFullCountTest.java fails with java.lang.VirtualMachineError * JDK-8314476: TestJstatdPortAndServer.java failed with "java.rmi.NoSuchObjectException: no such object in table" * JDK-8314614: jdk/jshell/ImportTest.java failed with "InternalError: Failed remote listen" * JDK-8314837: 5 compiled/codecache tests ignore VM flags * JDK-8315024: Vector API FP reduction tests should not test for exact equality * JDK-8315362: NMT: summary diff reports threads count incorrectly * JDK-8315422: getSoTimeout() would be in try block in SSLSocketImpl * JDK-8315437: Enable parallelism in vmTestbase/nsk/monitoring/stress/classload tests * JDK-8315442: Enable parallelism in vmTestbase/nsk/monitoring/stress/thread tests * JDK-8315559: Delay TempSymbol cleanup to avoid symbol table churn * JDK-8315576: compiler/codecache/CodeCacheFullCountTest.java fails after JDK-8314837 * JDK-8315651: Stop hiding AIX specific multicast socket errors via NetworkConfiguration (aix) * JDK-8315684: Parallelize sun/security/util/math/TestIntegerModuloP.java * JDK-8315774: Enable parallelism in vmTestbase/gc/g1/unloading tests * JDK-8315804: Open source several Swing JTabbedPane JTextArea JTextField tests * JDK-8315936: Parallelize gc/stress/TestStressG1Humongous.java test * JDK-8315965: Open source various AWT applet tests * JDK-8316104: Open source several Swing SplitPane and RadioButton related tests * JDK-8316193: jdk/jfr/event/oldobject/TestListenerLeak.java java.lang.Exception: Could not find leak * JDK-8316211: Open source several manual applet tests * JDK-8316240: Open source several add/remove MenuBar manual tests * JDK-8316285: Opensource JButton manual tests * JDK-8316306: Open source and convert manual Swing test * JDK-8316328: Test jdk/jfr/event/oldobject/ /TestSanityDefault.java times out for some heap sizes * JDK-8316387: Exclude more failing multicast tests on AIX after JDK-8315651 * JDK-8316389: Open source few AWT applet tests * JDK-8316468: os::write incorrectly handles partial write * JDK-8316973: GC: Make TestDisableDefaultGC use createTestJvm * JDK-8317112: Add screenshot for Frame/DefaultSizeTest.java * JDK-8317228: GC: Make TestXXXHeapSizeFlags use createTestJvm * JDK-8317288: [macos] java/awt/Window/Grab/GrabTest.java: Press on the outside area didn't cause ungrab * JDK-8317316: G1: Make TestG1PercentageOptions use createTestJvm * JDK-8317343: GC: Make TestHeapFreeRatio use createTestJvm * JDK-8317358: G1: Make TestMaxNewSize use createTestJvm * JDK-8317360: Missing null checks in JfrCheckpointManager and JfrStringPool initialization routines * JDK-8317372: Refactor some NumberFormat tests to use JUnit * JDK-8317635: Improve GetClassFields test to verify correctness of field order * JDK-8317831: compiler/codecache/CheckLargePages.java fails on OL 8.8 with unexpected memory string * JDK-8318039: GHA: Bump macOS and Xcode versions * JDK-8318089: Class space not marked as such with NMT when CDS is off * JDK-8318474: Fix memory reporter for thread_count * JDK-8318479: [jmh] the test security.CacheBench failed for multiple threads run * JDK-8318605: Enable parallelism in vmTestbase/nsk/stress/stack tests * JDK-8318696: Do not use LFS64 symbols on Linux * JDK-8318986: Improve GenericWaitBarrier performance * JDK-8319103: Popups that request focus are not shown on Linux with Wayland * JDK-8319197: Exclude hb-subset and hb-style from compilation * JDK-8319406: x86: Shorter movptr(reg, imm) for 32-bit immediates * JDK-8319713: Parallel: Remove PSAdaptiveSizePolicy::should_full_GC * JDK-8320079: The ArabicBox.java test has no control buttons * JDK-8320379: C2: Sort spilling/unspilling sequence for better ld/st merging into ldp/stp on AArch64 * JDK-8320602: Lock contention in SchemaDVFactory.getInstance() * JDK-8320608: Many jtreg printing tests are missing the @printer keyword * JDK-8320655: awt screencast robot spin and sync issues with native libpipewire api * JDK-8320692: Null icon returned for .exe without custom icon * JDK-8320945: problemlist tests failing on latest Windows 11 update * JDK-8321025: Enable Neoverse N1 optimizations for Neoverse V2 * JDK-8321176: [Screencast] make a second attempt on screencast failure * JDK-8321220: JFR: RecordedClass reports incorrect modifiers * JDK-8322008: Exclude some CDS tests from running with -Xshare:off * JDK-8322330: JavadocHelperTest.java OOMEs with Parallel GC and ZGC * JDK-8322726: C2: Unloaded signature class kills argument value * JDK-8322971: KEM.getInstance() should check if a 3rd-party security provider is signed * JDK-8323122: AArch64: Increase itable stub size estimate * JDK-8323584: AArch64: Unnecessary ResourceMark in NativeCall::set_destination_mt_safe * JDK-8323670: A few client tests intermittently throw ConcurrentModificationException * JDK-8323801: tag doesn't strikethrough the text * JDK-8324577: [REDO] - [IMPROVE] OPEN_MAX is no longer the max limit on macOS >= 10.6 for RLIMIT_NOFILE * JDK-8324646: Avoid Class.forName in SecureRandom constructor * JDK-8324648: Avoid NoSuchMethodError when instantiating NativePRNG * JDK-8324668: JDWP process management needs more efficient file descriptor handling * JDK-8324753: [AIX] adjust os_posix after JDK-8318696 * JDK-8324755: Enable parallelism in vmTestbase/gc/gctests/LargeObjects tests * JDK-8324933: ConcurrentHashTable::statistics_calculate synchronization is expensive * JDK-8325022: Incorrect error message on client authentication * JDK-8325179: Race in BasicDirectoryModel.validateFileCache * JDK-8325194: GHA: Add macOS M1 testing * JDK-8325384: sun/security/ssl/SSLSessionImpl/ /ResumptionUpdateBoundValues.java failing intermittently when main thread is a virtual thread * JDK-8325444: GHA: JDK-8325194 causes a regression * JDK-8325567: jspawnhelper without args fails with segfault * JDK-8325620: HTMLReader uses ConvertAction instead of specified CharacterAction for , , * JDK-8325621: Improve jspawnhelper version checks * JDK-8325754: Dead AbstractQueuedSynchronizer$ConditionNodes survive minor garbage collections * JDK-8326106: Write and clear stack trace table outside of safepoint * JDK-8326332: Unclosed inline tags cause misalignment in summary tables * JDK-8326446: The User and System of jdk.CPULoad on Apple M1 are inaccurate * JDK-8326734: text-decoration applied to lost when mixed with or * JDK-8327007: javax/swing/JSpinner/8008657/bug8008657.java fails * JDK-8327137: Add test for ConcurrentModificationException in BasicDirectoryModel * JDK-8327312: [17u] Problem list ReflectionCallerCacheTest.java due to 8324978 * JDK-8327424: ProblemList serviceability/sa/TestJmapCore.java on all platforms with ZGC * JDK-8327650: Test java/nio/channels/DatagramChannel/ /StressNativeSignal.java timed out * JDK-8327787: Convert javax/swing/border/Test4129681.java applet test to main * JDK-8327840: Automate javax/swing/border/Test4129681.java * JDK-8328011: Convert java/awt/Frame/GetBoundsResizeTest/ /GetBoundsResizeTest.java applet test to main * JDK-8328075: Shenandoah: Avoid forwarding when objects don't move in full-GC * JDK-8328110: Allow simultaneous use of PassFailJFrame with split UI and additional windows * JDK-8328115: Convert java/awt/font/TextLayout/ /TestJustification.html applet test to main * JDK-8328158: Convert java/awt/Choice/NonFocusablePopupMenuTest to automatic main test * JDK-8328218: Delete test java/awt/Window/FindOwner/FindOwner.html * JDK-8328234: Remove unused nativeUtils files * JDK-8328238: Convert few closed manual applet tests to main * JDK-8328269: NonFocusablePopupMenuTest.java should be marked as headful * JDK-8328273: sun/management/jmxremote/bootstrap/ /RmiRegistrySslTest.java failed with java.rmi.server.ExportException: Port already in use * JDK-8328560: java/awt/event/MouseEvent/ClickDuringKeypress/ /ClickDuringKeypress.java imports Applet * JDK-8328561: test java/awt/Robot/ManualInstructions/ /ManualInstructions.java isn't used * JDK-8328642: Convert applet test MouseDraggedOutCauseScrollingTest.html to main * JDK-8328647: TestGarbageCollectorMXBean.java fails with C1-only and -Xcomp * JDK-8328896: Fontmetrics for large Fonts has zero width * JDK-8328953: JEditorPane.read throws ChangedCharSetException * JDK-8328999: Update GIFlib to 5.2.2 * JDK-8329004: Update Libpng to 1.6.43 * JDK-8329103: assert(!thread->in_asgct()) failed during multi-mode profiling * JDK-8329109: Threads::print_on() tries to print CPU time for terminated GC threads * JDK-8329126: No native wrappers generated anymore with -XX:-TieredCompilation after JDK-8251462 * JDK-8329134: Reconsider TLAB zapping * JDK-8329510: Update ProblemList for JFileChooser/8194044/FileSystemRootTest.java * JDK-8329559: Test javax/swing/JFrame/bug4419914.java failed because The End and Start buttons are not placed correctly and Tab focus does not move as expected * JDK-8329605: hs errfile generic events - move memory protections and nmethod flushes to separate sections * JDK-8329663: hs_err file event log entry for thread adding/removing should print current thread * JDK-8329667: [macos] Issue with JTree related fix for JDK-8317771 * JDK-8329995: Restricted access to `/proc` can cause JFR initialization to crash * JDK-8330063: Upgrade jQuery to 3.7.1 * JDK-8330524: Linux ppc64le compile warning with clang in os_linux_ppc.cpp * JDK-8330611: AES-CTR vector intrinsic may read out of bounds (x86_64, AVX-512) * JDK-8330615: avoid signed integer overflows in zip_util.c readCen / hashN * JDK-8331011: [XWayland] TokenStorage fails under Security Manager * JDK-8331063: Some HttpClient tests don't report leaks * JDK-8331077: nroff man page update for jar tool * JDK-8331164: createJMHBundle.sh download jars fail when url needed to be redirected * JDK-8331265: Bump update version for OpenJDK: jdk-17.0.13 * JDK-8331331: :tier1 target explanation in doc/testing.md is incorrect * JDK-8331466: Problemlist serviceability/dcmd/gc/ /RunFinalizationTest.java on generic-all * JDK-8331605: jdk/test/lib/TestMutuallyExclusivePlatformPredicates.java test failure * JDK-8331746: Create a test to verify that the cmm id is not ignored * JDK-8331798: Remove unused arg of checkErgonomics() in TestMaxHeapSizeTools.java * JDK-8331885: C2: meet between unloaded and speculative types is not symmetric * JDK-8332008: Enable issuestitle check * JDK-8332113: Update nsk.share.Log to be always verbose * JDK-8332174: Remove 2 (unpaired) RLO Unicode characters in ff_Adlm.xml * JDK-8332248: (fc) java/nio/channels/FileChannel/ /BlockDeviceSize.java failed with RuntimeException * JDK-8332424: Update IANA Language Subtag Registry to Version 2024-05-16 * JDK-8332524: Instead of printing "TLSv1.3," it is showing "TLS13" * JDK-8332898: failure_handler: log directory of commands * JDK-8332936: Test vmTestbase/metaspace/gc/watermark_70_80/ /TestDescription.java fails with no GC's recorded * JDK-8333270: HandlersOnComplexResetUpdate and HandlersOnComplexUpdate tests fail with "Unexpected reference" if timeoutFactor is less than 1/3 * JDK-8333353: Delete extra empty line in CodeBlob.java * JDK-8333398: Uncomment the commented test in test/jdk/java/ /util/jar/JarFile/mrjar/MultiReleaseJarAPI.java * JDK-8333477: Delete extra empty spaces in Makefiles * JDK-8333698: [17u] TestJstatdRmiPort fails after JDK-8333667 * JDK-8333716: Shenandoah: Check for disarmed method before taking the nmethod lock * JDK-8333724: Problem list security/infra/java/security/cert/ /CertPathValidator/certification/CAInterop.java #teliasonerarootcav1 * JDK-8333804: java/net/httpclient/ForbiddenHeadTest.java threw an exception with 0 failures * JDK-8334166: Enable binary check * JDK-8334297: (so) java/nio/channels/SocketChannel/OpenLeak.java should not depend on SecurityManager * JDK-8334332: TestIOException.java fails if run by root * JDK-8334333: MissingResourceCauseTestRun.java fails if run by root * JDK-8334335: [TESTBUG] Backport of 8279164 to 11u & 17u includes elements of JDK-8163327 * JDK-8334339: Test java/nio/file/attribute/ /BasicFileAttributeView/CreationTime.java fails on alinux3 * JDK-8334418: Update IANA Language Subtag Registry to Version 2024-06-14 * JDK-8334482: Shenandoah: Deadlock when safepoint is pending during nmethods iteration * JDK-8334600: TEST java/net/MulticastSocket/IPMulticastIF.java fails on linux-aarch64 * JDK-8334653: ISO 4217 Amendment 177 Update * JDK-8334769: Shenandoah: Move CodeCache_lock close to its use in ShenandoahConcurrentNMethodIterator * JDK-8335536: Fix assertion failure in IdealGraphPrinter when append is true * JDK-8335775: Remove extraneous 's' in comment of rawmonitor.cpp test file * JDK-8335808: update for deprecated sprintf for jfrTypeSetUtils * JDK-8335918: update for deprecated sprintf for jvmti * JDK-8335967: "text-decoration: none" does not work with "A" HTML tags * JDK-8336301: test/jdk/java/nio/channels/ /AsyncCloseAndInterrupt.java leaves around a FIFO file upon test completion * JDK-8336928: GHA: Bundle artifacts removal broken * JDK-8337038: Test java/nio/file/attribute/ /BasicFileAttributeView/CreationTime.java shoud set as /native * JDK-8337283: configure.log is truncated when build dir is on different filesystem * JDK-8337664: Distrust TLS server certificates issued after Oct 2024 and anchored by Entrust Root CAs * JDK-8337669: [17u] Backport of JDK-8284047 missed to delete a file * JDK-8338139: {ClassLoading,Memory}MXBean::isVerbose methods are inconsistent with their setVerbose methods * JDK-8338696: (fs) BasicFileAttributes.creationTime() falls back to epoch if birth time is unavailable (Linux) * JDK-8339869: [21u] Test CreationTime.java fails with UnsatisfiedLinkError after 8334339 * JDK-8341057: Add 2 SSL.com TLS roots * JDK-8341059: Change Entrust TLS distrust date to November 12, 2024 * JDK-8341673: [17u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 17.0.13 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3963=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3963=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3963=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3963=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3963=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3963=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3963=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3963=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3963=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3963=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-3963=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3963=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3963=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3963=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * SUSE Manager Proxy 4.3 (x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-jmods-17.0.13.0-150400.3.48.2 * java-17-openjdk-src-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * openSUSE Leap 15.4 (noarch) * java-17-openjdk-javadoc-17.0.13.0-150400.3.48.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-jmods-17.0.13.0-150400.3.48.2 * java-17-openjdk-src-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * openSUSE Leap 15.5 (noarch) * java-17-openjdk-javadoc-17.0.13.0-150400.3.48.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-jmods-17.0.13.0-150400.3.48.2 * java-17-openjdk-src-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * openSUSE Leap 15.6 (noarch) * java-17-openjdk-javadoc-17.0.13.0-150400.3.48.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 ## References: * https://www.suse.com/security/cve/CVE-2024-21208.html * https://www.suse.com/security/cve/CVE-2024-21210.html * https://www.suse.com/security/cve/CVE-2024-21217.html * https://www.suse.com/security/cve/CVE-2024-21235.html * https://bugzilla.suse.com/show_bug.cgi?id=1231702 * https://bugzilla.suse.com/show_bug.cgi?id=1231711 * https://bugzilla.suse.com/show_bug.cgi?id=1231716 * https://bugzilla.suse.com/show_bug.cgi?id=1231719 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 11 08:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 11 Nov 2024 08:30:14 -0000 Subject: SUSE-SU-2024:3962-1: important: Security update for apache2 Message-ID: <173131381472.5045.8407898274228706310@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2024:3962-1 Release Date: 2024-11-09T16:38:27Z Rating: important References: * bsc#1216423 Cross-References: * CVE-2023-45802 CVSS scores: * CVE-2023-45802 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45802 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2023-45802: HTTP/2 stream memory not reclaimed right away on RST (bsc#1216423). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3962=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3962=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3962=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3962=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3962=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3962=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3962=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * apache2-prefork-2.4.51-150200.3.76.1 * apache2-2.4.51-150200.3.76.1 * apache2-utils-2.4.51-150200.3.76.1 * apache2-worker-debuginfo-2.4.51-150200.3.76.1 * apache2-prefork-debuginfo-2.4.51-150200.3.76.1 * apache2-debuginfo-2.4.51-150200.3.76.1 * apache2-debugsource-2.4.51-150200.3.76.1 * apache2-utils-debuginfo-2.4.51-150200.3.76.1 * apache2-worker-2.4.51-150200.3.76.1 * apache2-devel-2.4.51-150200.3.76.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * apache2-doc-2.4.51-150200.3.76.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * apache2-prefork-2.4.51-150200.3.76.1 * apache2-2.4.51-150200.3.76.1 * apache2-utils-2.4.51-150200.3.76.1 * apache2-worker-debuginfo-2.4.51-150200.3.76.1 * apache2-prefork-debuginfo-2.4.51-150200.3.76.1 * apache2-debuginfo-2.4.51-150200.3.76.1 * apache2-debugsource-2.4.51-150200.3.76.1 * apache2-utils-debuginfo-2.4.51-150200.3.76.1 * apache2-worker-2.4.51-150200.3.76.1 * apache2-devel-2.4.51-150200.3.76.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * apache2-doc-2.4.51-150200.3.76.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * apache2-prefork-2.4.51-150200.3.76.1 * apache2-2.4.51-150200.3.76.1 * apache2-utils-2.4.51-150200.3.76.1 * apache2-worker-debuginfo-2.4.51-150200.3.76.1 * apache2-prefork-debuginfo-2.4.51-150200.3.76.1 * apache2-debuginfo-2.4.51-150200.3.76.1 * apache2-debugsource-2.4.51-150200.3.76.1 * apache2-utils-debuginfo-2.4.51-150200.3.76.1 * apache2-worker-2.4.51-150200.3.76.1 * apache2-devel-2.4.51-150200.3.76.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * apache2-doc-2.4.51-150200.3.76.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * apache2-prefork-2.4.51-150200.3.76.1 * apache2-2.4.51-150200.3.76.1 * apache2-utils-2.4.51-150200.3.76.1 * apache2-worker-debuginfo-2.4.51-150200.3.76.1 * apache2-prefork-debuginfo-2.4.51-150200.3.76.1 * apache2-debuginfo-2.4.51-150200.3.76.1 * apache2-debugsource-2.4.51-150200.3.76.1 * apache2-utils-debuginfo-2.4.51-150200.3.76.1 * apache2-worker-2.4.51-150200.3.76.1 * apache2-devel-2.4.51-150200.3.76.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * apache2-doc-2.4.51-150200.3.76.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * apache2-prefork-2.4.51-150200.3.76.1 * apache2-2.4.51-150200.3.76.1 * apache2-utils-2.4.51-150200.3.76.1 * apache2-worker-debuginfo-2.4.51-150200.3.76.1 * apache2-prefork-debuginfo-2.4.51-150200.3.76.1 * apache2-debuginfo-2.4.51-150200.3.76.1 * apache2-debugsource-2.4.51-150200.3.76.1 * apache2-utils-debuginfo-2.4.51-150200.3.76.1 * apache2-worker-2.4.51-150200.3.76.1 * apache2-devel-2.4.51-150200.3.76.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * apache2-doc-2.4.51-150200.3.76.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * apache2-prefork-2.4.51-150200.3.76.1 * apache2-2.4.51-150200.3.76.1 * apache2-utils-2.4.51-150200.3.76.1 * apache2-worker-debuginfo-2.4.51-150200.3.76.1 * apache2-prefork-debuginfo-2.4.51-150200.3.76.1 * apache2-debuginfo-2.4.51-150200.3.76.1 * apache2-debugsource-2.4.51-150200.3.76.1 * apache2-utils-debuginfo-2.4.51-150200.3.76.1 * apache2-worker-2.4.51-150200.3.76.1 * apache2-devel-2.4.51-150200.3.76.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * apache2-doc-2.4.51-150200.3.76.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * apache2-prefork-2.4.51-150200.3.76.1 * apache2-2.4.51-150200.3.76.1 * apache2-utils-2.4.51-150200.3.76.1 * apache2-worker-debuginfo-2.4.51-150200.3.76.1 * apache2-prefork-debuginfo-2.4.51-150200.3.76.1 * apache2-debuginfo-2.4.51-150200.3.76.1 * apache2-debugsource-2.4.51-150200.3.76.1 * apache2-utils-debuginfo-2.4.51-150200.3.76.1 * apache2-worker-2.4.51-150200.3.76.1 * apache2-devel-2.4.51-150200.3.76.1 * SUSE Enterprise Storage 7.1 (noarch) * apache2-doc-2.4.51-150200.3.76.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45802.html * https://bugzilla.suse.com/show_bug.cgi?id=1216423 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 11 08:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 11 Nov 2024 08:30:17 -0000 Subject: SUSE-SU-2024:3961-1: important: Security update for apache2 Message-ID: <173131381717.5045.6553440194768604712@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2024:3961-1 Release Date: 2024-11-09T16:37:56Z Rating: important References: * bsc#1216423 Cross-References: * CVE-2023-45802 CVSS scores: * CVE-2023-45802 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45802 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2023-45802: HTTP/2 stream memory not reclaimed right away on RST (bsc#1216423). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3961=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3961=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3961=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3961=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3961=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-3961=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3961=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3961=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3961=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3961=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3961=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3961=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3961=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3961=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-example-pages-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-event-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-event-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * openSUSE Leap 15.4 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-example-pages-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-event-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-event-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * openSUSE Leap 15.5 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-event-debuginfo-2.4.51-150400.6.40.1 * apache2-event-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * Server Applications Module 15-SP5 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * Server Applications Module 15-SP6 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Manager Proxy 4.3 (x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Manager Proxy 4.3 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Manager Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.40.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45802.html * https://bugzilla.suse.com/show_bug.cgi?id=1216423 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 11 12:30:15 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 11 Nov 2024 12:30:15 -0000 Subject: SUSE-SU-2024:3968-1: moderate: Security update for expat Message-ID: <173132821515.14191.10543101514422246970@smelt2.prg2.suse.org> # Security update for expat Announcement ID: SUSE-SU-2024:3968-1 Release Date: 2024-11-11T08:57:56Z Rating: moderate References: * bsc#1232579 Cross-References: * CVE-2024-50602 CVSS scores: * CVE-2024-50602 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-50602 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for expat fixes the following issues: * CVE-2024-50602: Fixed a denial of service via XML_ResumeParser (bsc#1232579). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-3968=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 (x86_64) * expat-debuginfo-32bit-2.1.0-21.40.1 * libexpat1-debuginfo-2.1.0-21.40.1 * expat-debugsource-2.1.0-21.40.1 * libexpat1-2.1.0-21.40.1 * expat-2.1.0-21.40.1 * libexpat1-32bit-2.1.0-21.40.1 * expat-debuginfo-2.1.0-21.40.1 * libexpat1-debuginfo-32bit-2.1.0-21.40.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50602.html * https://bugzilla.suse.com/show_bug.cgi?id=1232579 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 11 12:30:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 11 Nov 2024 12:30:20 -0000 Subject: SUSE-SU-2024:3966-1: moderate: Security update for expat Message-ID: <173132822021.14191.7429353989492953305@smelt2.prg2.suse.org> # Security update for expat Announcement ID: SUSE-SU-2024:3966-1 Release Date: 2024-11-11T08:34:18Z Rating: moderate References: * bsc#1232579 Cross-References: * CVE-2024-50602 CVSS scores: * CVE-2024-50602 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-50602 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for expat fixes the following issues: * CVE-2024-50602: Fixed a denial of service via XML_ResumeParser (bsc#1232579). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3966=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3966=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3966=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * expat-debuginfo-2.2.5-150000.3.33.1 * libexpat1-2.2.5-150000.3.33.1 * expat-debugsource-2.2.5-150000.3.33.1 * libexpat1-debuginfo-2.2.5-150000.3.33.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * expat-debuginfo-2.2.5-150000.3.33.1 * libexpat1-2.2.5-150000.3.33.1 * expat-debugsource-2.2.5-150000.3.33.1 * libexpat1-debuginfo-2.2.5-150000.3.33.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * expat-debuginfo-2.2.5-150000.3.33.1 * libexpat1-2.2.5-150000.3.33.1 * expat-debugsource-2.2.5-150000.3.33.1 * libexpat1-debuginfo-2.2.5-150000.3.33.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50602.html * https://bugzilla.suse.com/show_bug.cgi?id=1232579 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Nov 12 08:30:15 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 12 Nov 2024 08:30:15 -0000 Subject: SUSE-SU-2024:3976-1: important: Security update for pcp Message-ID: <173140021515.4943.6783414246129776139@smelt2.prg2.suse.org> # Security update for pcp Announcement ID: SUSE-SU-2024:3976-1 Release Date: 2024-11-12T07:12:38Z Rating: important References: * bsc#1186511 * bsc#1217826 * bsc#1222121 * bsc#1222815 * bsc#1230551 * bsc#1230552 * bsc#1231345 * jsc#PED-8192 * jsc#PED-8389 Cross-References: * CVE-2023-6917 * CVE-2024-3019 * CVE-2024-45769 * CVE-2024-45770 CVSS scores: * CVE-2023-6917 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-3019 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45769 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-45769 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45769 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45770 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2024-45770 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2024-45770 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves four vulnerabilities, contains two features and has three security fixes can now be installed. ## Description: This update for pcp fixes the following issues: pcp was updated from version 3.11.9 to version 6.2.0 (jsc#PED-8192, jsc#PED-8389): * Security issues fixed: * CVE-2024-45770: Fixed a symlink attack that allows escalating from the pcp to the root user (bsc#1230552) * CVE-2024-45769: Fixed a heap corruption through metric pmstore operations (bsc#1230551) * CVE-2023-6917: Fixed local privilege escalation from pcp user to root in /usr/libexec/pcp/lib/pmproxy (bsc#1217826) * CVE-2024-3019: Disabled redis proxy by default (bsc#1222121) * Major changes: * Add version 3 PCP archive support: instance domain change-deltas, Y2038-safe timestamps, nanosecond-precision timestamps, arbitrary timezones support, 64-bit file offsets used throughout for larger (beyond 2GB) individual volumes. * Opt-in using the /etc/pcp.conf PCP_ARCHIVE_VERSION setting * Version 2 archives remain the default (for next few years). * Switch to using OpenSSL only throughout PCP (dropped NSS/NSPR); this impacts on libpcp, PMAPI clients and PMCD use of encryption; these are now configured and used consistently with pmproxy HTTPS support and redis- server, which were both already using OpenSSL. * New nanosecond precision timestamp PMAPI calls for PCP library interfaces that make use of timestamps. These are all optional, and full backward compatibility is preserved for existing tools. * For the full list of changes please consult the packaged CHANGELOG file * Other packaging changes: * Reintroduce libuv support for SUSE Linux Enterprise 15 (bsc#1231345) * Moved pmlogger_daily into main package (bsc#1222815) * Switched logutil and pmieutil scripts from Type=oneshot to Type=exec (bsc#1186511) * Change dependency from openssl-devel >= 1.1.1 to openssl-devel >= 1.0.2p. Required for SUSE Linux Enterprise 12. * Disabled 'pmda-infiniband' subpackage for SUSE Linux Enterprise 12 to resolve build issues. * Introduce 'pmda-resctrl' package, disabled for architectures other than x86_64. * Change the architecture for various subpackages to 'noarch' as they contain no binaries. * Disable 'pmda-mssql', as it fails to build. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3976=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * pcp-pmda-summary-6.2.0-6.29.2 * pcp-pmda-cisco-debuginfo-6.2.0-6.29.2 * pcp-pmda-zimbra-6.2.0-6.29.2 * pcp-pmda-shping-6.2.0-6.29.2 * libpcp_gui2-debuginfo-6.2.0-6.29.2 * perl-PCP-LogSummary-6.2.0-6.29.2 * perl-PCP-LogImport-6.2.0-6.29.2 * pcp-pmda-apache-6.2.0-6.29.2 * pcp-pmda-apache-debuginfo-6.2.0-6.29.2 * pcp-pmda-logger-debuginfo-6.2.0-6.29.2 * pcp-pmda-mailq-debuginfo-6.2.0-6.29.2 * pcp-pmda-nvidia-gpu-6.2.0-6.29.2 * perl-PCP-MMV-6.2.0-6.29.2 * pcp-import-collectl2pcp-debuginfo-6.2.0-6.29.2 * pcp-pmda-bind2-6.2.0-6.29.2 * libpcp3-6.2.0-6.29.2 * pcp-pmda-mounts-debuginfo-6.2.0-6.29.2 * pcp-pmda-bash-debuginfo-6.2.0-6.29.2 * pcp-pmda-summary-debuginfo-6.2.0-6.29.2 * perl-PCP-LogImport-debuginfo-6.2.0-6.29.2 * pcp-pmda-docker-6.2.0-6.29.2 * libpcp_web1-6.2.0-6.29.2 * pcp-pmda-mounts-6.2.0-6.29.2 * pcp-pmda-weblog-debuginfo-6.2.0-6.29.2 * pcp-pmda-gfs2-debuginfo-6.2.0-6.29.2 * pcp-pmda-systemd-debuginfo-6.2.0-6.29.2 * pcp-pmda-roomtemp-6.2.0-6.29.2 * libpcp_trace2-6.2.0-6.29.2 * pcp-debugsource-6.2.0-6.29.2 * pcp-pmda-lustrecomm-6.2.0-6.29.2 * pcp-devel-debuginfo-6.2.0-6.29.2 * python3-pcp-debuginfo-6.2.0-6.29.2 * libpcp3-debuginfo-6.2.0-6.29.2 * pcp-pmda-logger-6.2.0-6.29.2 * perl-PCP-PMDA-6.2.0-6.29.2 * perl-PCP-PMDA-debuginfo-6.2.0-6.29.2 * pcp-pmda-systemd-6.2.0-6.29.2 * pcp-pmda-cisco-6.2.0-6.29.2 * pcp-pmda-gfs2-6.2.0-6.29.2 * pcp-pmda-weblog-6.2.0-6.29.2 * pcp-pmda-trace-debuginfo-6.2.0-6.29.2 * pcp-pmda-trace-6.2.0-6.29.2 * libpcp_mmv1-debuginfo-6.2.0-6.29.2 * pcp-pmda-dm-debuginfo-6.2.0-6.29.2 * perl-PCP-MMV-debuginfo-6.2.0-6.29.2 * pcp-pmda-shping-debuginfo-6.2.0-6.29.2 * libpcp_trace2-debuginfo-6.2.0-6.29.2 * pcp-pmda-cifs-6.2.0-6.29.2 * pcp-pmda-nvidia-gpu-debuginfo-6.2.0-6.29.2 * pcp-pmda-mailq-6.2.0-6.29.2 * pcp-pmda-docker-debuginfo-6.2.0-6.29.2 * pcp-pmda-sendmail-debuginfo-6.2.0-6.29.2 * pcp-system-tools-6.2.0-6.29.2 * libpcp_web1-debuginfo-6.2.0-6.29.2 * libpcp_gui2-6.2.0-6.29.2 * pcp-pmda-cifs-debuginfo-6.2.0-6.29.2 * pcp-pmda-lustrecomm-debuginfo-6.2.0-6.29.2 * libpcp_import1-6.2.0-6.29.2 * pcp-devel-6.2.0-6.29.2 * pcp-6.2.0-6.29.2 * pcp-import-collectl2pcp-6.2.0-6.29.2 * libpcp-devel-6.2.0-6.29.2 * pcp-pmda-bash-6.2.0-6.29.2 * pcp-pmda-sendmail-6.2.0-6.29.2 * pcp-pmda-dm-6.2.0-6.29.2 * python3-pcp-6.2.0-6.29.2 * pcp-pmda-roomtemp-debuginfo-6.2.0-6.29.2 * libpcp_import1-debuginfo-6.2.0-6.29.2 * libpcp_mmv1-6.2.0-6.29.2 * pcp-debuginfo-6.2.0-6.29.2 * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch) * pcp-pmda-gluster-6.2.0-6.29.2 * pcp-pmda-unbound-6.2.0-6.29.2 * pcp-pmda-lmsensors-6.2.0-6.29.2 * pcp-pmda-netfilter-6.2.0-6.29.2 * pcp-pmda-mysql-6.2.0-6.29.2 * pcp-doc-6.2.0-6.29.2 * pcp-pmda-oracle-6.2.0-6.29.2 * pcp-pmda-gpsd-6.2.0-6.29.2 * pcp-pmda-lustre-6.2.0-6.29.2 * pcp-pmda-nfsclient-6.2.0-6.29.2 * pcp-pmda-bonding-6.2.0-6.29.2 * pcp-pmda-ds389log-6.2.0-6.29.2 * pcp-pmda-slurm-6.2.0-6.29.2 * pcp-pmda-samba-6.2.0-6.29.2 * pcp-pmda-ds389-6.2.0-6.29.2 * pcp-pmda-nutcracker-6.2.0-6.29.2 * pcp-pmda-news-6.2.0-6.29.2 * pcp-pmda-mic-6.2.0-6.29.2 * pcp-pmda-activemq-6.2.0-6.29.2 * pcp-pmda-nginx-6.2.0-6.29.2 * pcp-import-mrtg2pcp-6.2.0-6.29.2 * pcp-pmda-pdns-6.2.0-6.29.2 * pcp-pmda-gpfs-6.2.0-6.29.2 * pcp-pmda-postfix-6.2.0-6.29.2 * pcp-pmda-memcache-6.2.0-6.29.2 * pcp-pmda-snmp-6.2.0-6.29.2 * pcp-pmda-elasticsearch-6.2.0-6.29.2 * pcp-pmda-zswap-6.2.0-6.29.2 * pcp-pmda-named-6.2.0-6.29.2 * pcp-export-pcp2influxdb-6.2.0-6.29.2 * pcp-pmda-dbping-6.2.0-6.29.2 * pcp-pmda-rsyslog-6.2.0-6.29.2 * pcp-import-sar2pcp-6.2.0-6.29.2 * pcp-import-iostat2pcp-6.2.0-6.29.2 * pcp-import-ganglia2pcp-6.2.0-6.29.2 * pcp-conf-6.2.0-6.29.2 * pcp-export-pcp2graphite-6.2.0-6.29.2 * pcp-pmda-redis-6.2.0-6.29.2 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le x86_64) * pcp-pmda-perfevent-debuginfo-6.2.0-6.29.2 * pcp-pmda-perfevent-6.2.0-6.29.2 ## References: * https://www.suse.com/security/cve/CVE-2023-6917.html * https://www.suse.com/security/cve/CVE-2024-3019.html * https://www.suse.com/security/cve/CVE-2024-45769.html * https://www.suse.com/security/cve/CVE-2024-45770.html * https://bugzilla.suse.com/show_bug.cgi?id=1186511 * https://bugzilla.suse.com/show_bug.cgi?id=1217826 * https://bugzilla.suse.com/show_bug.cgi?id=1222121 * https://bugzilla.suse.com/show_bug.cgi?id=1222815 * https://bugzilla.suse.com/show_bug.cgi?id=1230551 * https://bugzilla.suse.com/show_bug.cgi?id=1230552 * https://bugzilla.suse.com/show_bug.cgi?id=1231345 * https://jira.suse.com/browse/PED-8192 * https://jira.suse.com/browse/PED-8389 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Nov 12 16:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 12 Nov 2024 16:30:08 -0000 Subject: SUSE-SU-2024:3977-1: important: Security update for xen Message-ID: <173142900867.4790.17772411419490323784@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:3977-1 Release Date: 2024-11-12T12:19:03Z Rating: important References: * bsc#1232542 * bsc#1232622 * bsc#1232624 Cross-References: * CVE-2024-45818 * CVE-2024-45819 CVSS scores: * CVE-2024-45818 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-45818 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-45819 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N * CVE-2024-45819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2024-45818: Fixed deadlock in x86 HVM standard VGA handling (XSA-463) (bsc#1232622). * CVE-2024-45819: Fixed libxl data leaks to PVH guests via ACPI tables (XSA-464) (bsc#1232624). Bug fixes: * Remove usage of net-tools-deprecated from supportconfig plugin (bsc#1232542). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3977=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3977=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3977=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3977=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3977=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3977=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3977=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3977=1 ## Package List: * openSUSE Leap 15.3 (aarch64 x86_64 i586) * xen-debugsource-4.14.6_22-150300.3.84.1 * xen-devel-4.14.6_22-150300.3.84.1 * xen-tools-domU-4.14.6_22-150300.3.84.1 * xen-libs-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-4.14.6_22-150300.3.84.1 * xen-tools-domU-debuginfo-4.14.6_22-150300.3.84.1 * openSUSE Leap 15.3 (x86_64) * xen-libs-32bit-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-32bit-4.14.6_22-150300.3.84.1 * openSUSE Leap 15.3 (aarch64 x86_64) * xen-doc-html-4.14.6_22-150300.3.84.1 * xen-tools-4.14.6_22-150300.3.84.1 * xen-4.14.6_22-150300.3.84.1 * xen-tools-debuginfo-4.14.6_22-150300.3.84.1 * openSUSE Leap 15.3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_22-150300.3.84.1 * openSUSE Leap 15.3 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-64bit-4.14.6_22-150300.3.84.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * xen-4.14.6_22-150300.3.84.1 * xen-debugsource-4.14.6_22-150300.3.84.1 * xen-devel-4.14.6_22-150300.3.84.1 * xen-tools-domU-4.14.6_22-150300.3.84.1 * xen-tools-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-4.14.6_22-150300.3.84.1 * xen-tools-4.14.6_22-150300.3.84.1 * xen-tools-domU-debuginfo-4.14.6_22-150300.3.84.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_22-150300.3.84.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * xen-4.14.6_22-150300.3.84.1 * xen-debugsource-4.14.6_22-150300.3.84.1 * xen-devel-4.14.6_22-150300.3.84.1 * xen-tools-domU-4.14.6_22-150300.3.84.1 * xen-tools-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-4.14.6_22-150300.3.84.1 * xen-tools-4.14.6_22-150300.3.84.1 * xen-tools-domU-debuginfo-4.14.6_22-150300.3.84.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_22-150300.3.84.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * xen-4.14.6_22-150300.3.84.1 * xen-debugsource-4.14.6_22-150300.3.84.1 * xen-devel-4.14.6_22-150300.3.84.1 * xen-tools-domU-4.14.6_22-150300.3.84.1 * xen-tools-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-4.14.6_22-150300.3.84.1 * xen-tools-4.14.6_22-150300.3.84.1 * xen-tools-domU-debuginfo-4.14.6_22-150300.3.84.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_22-150300.3.84.1 * SUSE Enterprise Storage 7.1 (x86_64) * xen-4.14.6_22-150300.3.84.1 * xen-debugsource-4.14.6_22-150300.3.84.1 * xen-devel-4.14.6_22-150300.3.84.1 * xen-tools-domU-4.14.6_22-150300.3.84.1 * xen-tools-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-4.14.6_22-150300.3.84.1 * xen-tools-4.14.6_22-150300.3.84.1 * xen-tools-domU-debuginfo-4.14.6_22-150300.3.84.1 * SUSE Enterprise Storage 7.1 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_22-150300.3.84.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * xen-debugsource-4.14.6_22-150300.3.84.1 * xen-libs-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-4.14.6_22-150300.3.84.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * xen-debugsource-4.14.6_22-150300.3.84.1 * xen-libs-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-4.14.6_22-150300.3.84.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * xen-debugsource-4.14.6_22-150300.3.84.1 * xen-libs-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-4.14.6_22-150300.3.84.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45818.html * https://www.suse.com/security/cve/CVE-2024-45819.html * https://bugzilla.suse.com/show_bug.cgi?id=1232542 * https://bugzilla.suse.com/show_bug.cgi?id=1232622 * https://bugzilla.suse.com/show_bug.cgi?id=1232624 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Nov 12 20:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 12 Nov 2024 20:30:09 -0000 Subject: SUSE-SU-2024:3980-1: moderate: Security update for xen Message-ID: <173144340981.1688.14185395016513058303@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:3980-1 Release Date: 2024-11-12T16:14:14Z Rating: moderate References: * bsc#1027519 * bsc#1230366 * bsc#1232542 * bsc#1232622 * bsc#1232624 Cross-References: * CVE-2024-45817 * CVE-2024-45818 * CVE-2024-45819 CVSS scores: * CVE-2024-45817 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-45817 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45818 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-45818 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-45819 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N * CVE-2024-45819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities and has two security fixes can now be installed. ## Description: This update for xen fixes the following issues: Security issues fixed: * CVE-2024-45818: xen: Deadlock in x86 HVM standard VGA handling (bsc#1232622) * CVE-2024-45819: xen: libxl leaks data to PVH guests via ACPI tables (bsc#1232624) * CVE-2024-45817: xen: x86: Deadlock in vlapic_error() (bsc#1230366) Non-security issues fixed: * Removed usage of net-tools-deprecated from supportconfig plugin (bsc#1232542) * Upstream bug fixes (bsc#1027519) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3980=1 openSUSE-SLE-15.5-2024-3980=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3980=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3980=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3980=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3980=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64 i586) * xen-tools-domU-4.17.5_06-150500.3.42.1 * xen-tools-domU-debuginfo-4.17.5_06-150500.3.42.1 * xen-devel-4.17.5_06-150500.3.42.1 * xen-debugsource-4.17.5_06-150500.3.42.1 * xen-libs-4.17.5_06-150500.3.42.1 * xen-libs-debuginfo-4.17.5_06-150500.3.42.1 * openSUSE Leap 15.5 (x86_64) * xen-libs-32bit-4.17.5_06-150500.3.42.1 * xen-libs-32bit-debuginfo-4.17.5_06-150500.3.42.1 * openSUSE Leap 15.5 (aarch64 x86_64) * xen-tools-debuginfo-4.17.5_06-150500.3.42.1 * xen-4.17.5_06-150500.3.42.1 * xen-doc-html-4.17.5_06-150500.3.42.1 * xen-tools-4.17.5_06-150500.3.42.1 * openSUSE Leap 15.5 (noarch) * xen-tools-xendomains-wait-disk-4.17.5_06-150500.3.42.1 * openSUSE Leap 15.5 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.17.5_06-150500.3.42.1 * xen-libs-64bit-4.17.5_06-150500.3.42.1 * openSUSE Leap Micro 5.5 (x86_64) * xen-debugsource-4.17.5_06-150500.3.42.1 * xen-libs-4.17.5_06-150500.3.42.1 * xen-libs-debuginfo-4.17.5_06-150500.3.42.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * xen-debugsource-4.17.5_06-150500.3.42.1 * xen-libs-4.17.5_06-150500.3.42.1 * xen-libs-debuginfo-4.17.5_06-150500.3.42.1 * Basesystem Module 15-SP5 (x86_64) * xen-tools-domU-4.17.5_06-150500.3.42.1 * xen-libs-4.17.5_06-150500.3.42.1 * xen-debugsource-4.17.5_06-150500.3.42.1 * xen-tools-domU-debuginfo-4.17.5_06-150500.3.42.1 * xen-libs-debuginfo-4.17.5_06-150500.3.42.1 * Server Applications Module 15-SP5 (x86_64) * xen-4.17.5_06-150500.3.42.1 * xen-tools-debuginfo-4.17.5_06-150500.3.42.1 * xen-devel-4.17.5_06-150500.3.42.1 * xen-debugsource-4.17.5_06-150500.3.42.1 * xen-tools-4.17.5_06-150500.3.42.1 * Server Applications Module 15-SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.5_06-150500.3.42.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45817.html * https://www.suse.com/security/cve/CVE-2024-45818.html * https://www.suse.com/security/cve/CVE-2024-45819.html * https://bugzilla.suse.com/show_bug.cgi?id=1027519 * https://bugzilla.suse.com/show_bug.cgi?id=1230366 * https://bugzilla.suse.com/show_bug.cgi?id=1232542 * https://bugzilla.suse.com/show_bug.cgi?id=1232622 * https://bugzilla.suse.com/show_bug.cgi?id=1232624 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Nov 12 20:30:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 12 Nov 2024 20:30:13 -0000 Subject: SUSE-SU-2024:3979-1: moderate: Security update for xen Message-ID: <173144341383.1688.310014133131746326@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:3979-1 Release Date: 2024-11-12T16:13:53Z Rating: moderate References: * bsc#1231046 * bsc#1232622 * bsc#1232624 Cross-References: * CVE-2024-45818 * CVE-2024-45819 CVSS scores: * CVE-2024-45818 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-45818 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-45819 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N * CVE-2024-45819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for xen fixes the following issues: Security issues fixed: * CVE-2024-45818: xen: Deadlock in x86 HVM standard VGA handling (bsc#1232622) * CVE-2024-45819: xen: libxl leaks data to PVH guests via ACPI tables (bsc#1232624) Non-security issue fixed: * Xen host hung at boot up with repeated "(XEN) APIC error on CPU on CPU53: 40(40), Received illegal vector" (bsc#1231046) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2024-3979=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-3979=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 (x86_64) * xen-libs-32bit-4.12.4_58-3.124.1 * xen-doc-html-4.12.4_58-3.124.1 * xen-debugsource-4.12.4_58-3.124.1 * xen-tools-4.12.4_58-3.124.1 * xen-tools-domU-debuginfo-4.12.4_58-3.124.1 * xen-libs-debuginfo-32bit-4.12.4_58-3.124.1 * xen-libs-debuginfo-4.12.4_58-3.124.1 * xen-tools-debuginfo-4.12.4_58-3.124.1 * xen-tools-domU-4.12.4_58-3.124.1 * xen-4.12.4_58-3.124.1 * xen-libs-4.12.4_58-3.124.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 (x86_64) * xen-libs-32bit-4.12.4_58-3.124.1 * xen-doc-html-4.12.4_58-3.124.1 * xen-debugsource-4.12.4_58-3.124.1 * xen-tools-4.12.4_58-3.124.1 * xen-tools-domU-debuginfo-4.12.4_58-3.124.1 * xen-libs-debuginfo-32bit-4.12.4_58-3.124.1 * xen-libs-debuginfo-4.12.4_58-3.124.1 * xen-tools-debuginfo-4.12.4_58-3.124.1 * xen-tools-domU-4.12.4_58-3.124.1 * xen-4.12.4_58-3.124.1 * xen-libs-4.12.4_58-3.124.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45818.html * https://www.suse.com/security/cve/CVE-2024-45819.html * https://bugzilla.suse.com/show_bug.cgi?id=1231046 * https://bugzilla.suse.com/show_bug.cgi?id=1232622 * https://bugzilla.suse.com/show_bug.cgi?id=1232624 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 13 12:38:52 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 13 Nov 2024 12:38:52 -0000 Subject: SUSE-SU-2024:3986-1: important: Security update for the Linux Kernel Message-ID: <173150153253.4790.13243054682570331291@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3986-1 Release Date: Rating: important References: * bsc#1065729 * bsc#1194869 * bsc#1217845 * bsc#1218562 * bsc#1219596 * bsc#1219803 * bsc#1220382 * bsc#1223384 * bsc#1223700 * bsc#1223824 * bsc#1223848 * bsc#1224088 * bsc#1224574 * bsc#1225611 * bsc#1226003 * bsc#1226498 * bsc#1226623 * bsc#1226631 * bsc#1226797 * bsc#1226848 * bsc#1228119 * bsc#1228244 * bsc#1228269 * bsc#1228410 * bsc#1228454 * bsc#1228537 * bsc#1228620 * bsc#1228743 * bsc#1228747 * bsc#1228857 * bsc#1229019 * bsc#1229429 * bsc#1229450 * bsc#1229585 * bsc#1229677 * bsc#1229769 * bsc#1229808 * bsc#1229891 * bsc#1230055 * bsc#1230132 * bsc#1230179 * bsc#1230220 * bsc#1230289 * bsc#1230295 * bsc#1230339 * bsc#1230341 * bsc#1230375 * bsc#1230414 * bsc#1230429 * bsc#1230456 * bsc#1230501 * bsc#1230527 * bsc#1230550 * bsc#1230600 * bsc#1230620 * bsc#1230710 * bsc#1230762 * bsc#1230763 * bsc#1230773 * bsc#1230774 * bsc#1230801 * bsc#1230831 * bsc#1230914 * bsc#1230918 * bsc#1231016 * bsc#1231035 * bsc#1231072 * bsc#1231073 * bsc#1231075 * bsc#1231081 * bsc#1231082 * bsc#1231083 * bsc#1231084 * bsc#1231085 * bsc#1231087 * bsc#1231089 * bsc#1231092 * bsc#1231093 * bsc#1231094 * bsc#1231096 * bsc#1231098 * bsc#1231100 * bsc#1231101 * bsc#1231102 * bsc#1231105 * bsc#1231108 * bsc#1231111 * bsc#1231114 * bsc#1231115 * bsc#1231116 * bsc#1231117 * bsc#1231131 * bsc#1231132 * bsc#1231135 * bsc#1231136 * bsc#1231138 * bsc#1231148 * bsc#1231169 * bsc#1231170 * bsc#1231171 * bsc#1231178 * bsc#1231179 * bsc#1231183 * bsc#1231187 * bsc#1231191 * bsc#1231193 * bsc#1231195 * bsc#1231197 * bsc#1231200 * bsc#1231202 * bsc#1231203 * bsc#1231276 * bsc#1231293 * bsc#1231384 * bsc#1231434 * bsc#1231435 * bsc#1231436 * bsc#1231439 * bsc#1231440 * bsc#1231441 * bsc#1231442 * bsc#1231452 * bsc#1231474 * bsc#1231481 * bsc#1231496 * bsc#1231502 * bsc#1231537 * bsc#1231539 * bsc#1231540 * bsc#1231541 * bsc#1231617 * bsc#1231634 * bsc#1231635 * bsc#1231636 * bsc#1231637 * bsc#1231638 * bsc#1231639 * bsc#1231640 * bsc#1231673 * bsc#1231828 * bsc#1231849 * bsc#1231855 * bsc#1231856 * bsc#1231857 * bsc#1231858 * bsc#1231859 * bsc#1231860 * bsc#1231861 * bsc#1231864 * bsc#1231865 * bsc#1231868 * bsc#1231869 * bsc#1231871 * bsc#1231872 * bsc#1231901 * bsc#1231902 * bsc#1231903 * bsc#1231904 * bsc#1231906 * bsc#1231907 * bsc#1231908 * bsc#1231914 * bsc#1231916 * bsc#1231924 * bsc#1231926 * bsc#1231931 * bsc#1231935 * bsc#1231942 * bsc#1231944 * bsc#1231947 * bsc#1231950 * bsc#1231951 * bsc#1231953 * bsc#1231954 * bsc#1231955 * bsc#1231956 * bsc#1231957 * bsc#1231965 * bsc#1231967 * bsc#1231968 * bsc#1231987 * bsc#1231988 * bsc#1231989 * bsc#1231990 * bsc#1231998 * bsc#1232000 * bsc#1232003 * bsc#1232009 * bsc#1232013 * bsc#1232015 * bsc#1232016 * bsc#1232017 * bsc#1232018 * bsc#1232033 * bsc#1232034 * bsc#1232036 * bsc#1232043 * bsc#1232047 * bsc#1232048 * bsc#1232049 * bsc#1232050 * bsc#1232056 * bsc#1232075 * bsc#1232076 * bsc#1232080 * bsc#1232083 * bsc#1232084 * bsc#1232085 * bsc#1232089 * bsc#1232090 * bsc#1232093 * bsc#1232094 * bsc#1232097 * bsc#1232098 * bsc#1232105 * bsc#1232109 * bsc#1232111 * bsc#1232114 * bsc#1232116 * bsc#1232117 * bsc#1232124 * bsc#1232126 * bsc#1232127 * bsc#1232129 * bsc#1232130 * bsc#1232131 * bsc#1232132 * bsc#1232134 * bsc#1232135 * bsc#1232140 * bsc#1232141 * bsc#1232142 * bsc#1232145 * bsc#1232147 * bsc#1232148 * bsc#1232151 * bsc#1232152 * bsc#1232154 * bsc#1232155 * bsc#1232156 * bsc#1232159 * bsc#1232160 * bsc#1232162 * bsc#1232164 * bsc#1232174 * bsc#1232180 * bsc#1232182 * bsc#1232183 * bsc#1232185 * bsc#1232187 * bsc#1232189 * bsc#1232192 * bsc#1232195 * bsc#1232196 * bsc#1232200 * bsc#1232208 * bsc#1232217 * bsc#1232218 * bsc#1232220 * bsc#1232221 * bsc#1232222 * bsc#1232232 * bsc#1232250 * bsc#1232251 * bsc#1232253 * bsc#1232254 * bsc#1232255 * bsc#1232256 * bsc#1232260 * bsc#1232262 * bsc#1232263 * bsc#1232275 * bsc#1232279 * bsc#1232282 * bsc#1232285 * bsc#1232287 * bsc#1232295 * bsc#1232309 * bsc#1232310 * bsc#1232312 * bsc#1232313 * bsc#1232314 * bsc#1232315 * bsc#1232316 * bsc#1232317 * bsc#1232329 * bsc#1232332 * bsc#1232333 * bsc#1232334 * bsc#1232335 * bsc#1232339 * bsc#1232340 * bsc#1232342 * bsc#1232345 * bsc#1232349 * bsc#1232359 * bsc#1232362 * bsc#1232369 * bsc#1232370 * bsc#1232378 * bsc#1232381 * bsc#1232383 * bsc#1232392 * bsc#1232394 * bsc#1232395 * bsc#1232417 * bsc#1232418 * bsc#1232424 * bsc#1232427 * bsc#1232432 * bsc#1232435 * bsc#1232503 * bsc#1232504 * bsc#1232505 * bsc#1232506 * bsc#1232507 * bsc#1232511 * bsc#1232519 * bsc#1232520 * bsc#1232529 * bsc#1232552 * bsc#1232623 * bsc#1232626 * bsc#1232627 * bsc#1232628 * bsc#1232629 * bsc#1232757 * bsc#1232768 * jsc#PED-10559 * jsc#PED-10978 * jsc#PED-9901 Cross-References: * CVE-2023-52766 * CVE-2023-52800 * CVE-2023-52881 * CVE-2023-52917 * CVE-2023-52918 * CVE-2023-52919 * CVE-2023-6270 * CVE-2024-26758 * CVE-2024-26761 * CVE-2024-26767 * CVE-2024-26943 * CVE-2024-27026 * CVE-2024-27043 * CVE-2024-35980 * CVE-2024-36244 * CVE-2024-38576 * CVE-2024-38577 * CVE-2024-38599 * CVE-2024-41016 * CVE-2024-41031 * CVE-2024-41047 * CVE-2024-41082 * CVE-2024-42145 * CVE-2024-44932 * CVE-2024-44958 * CVE-2024-44964 * CVE-2024-45016 * CVE-2024-45025 * CVE-2024-46678 * CVE-2024-46721 * CVE-2024-46754 * CVE-2024-46766 * CVE-2024-46770 * CVE-2024-46775 * CVE-2024-46777 * CVE-2024-46797 * CVE-2024-46802 * CVE-2024-46803 * CVE-2024-46804 * CVE-2024-46805 * CVE-2024-46806 * CVE-2024-46807 * CVE-2024-46809 * CVE-2024-46810 * CVE-2024-46811 * CVE-2024-46812 * CVE-2024-46813 * CVE-2024-46814 * CVE-2024-46815 * CVE-2024-46816 * CVE-2024-46817 * CVE-2024-46818 * CVE-2024-46819 * CVE-2024-46821 * CVE-2024-46825 * CVE-2024-46826 * CVE-2024-46827 * CVE-2024-46828 * CVE-2024-46830 * CVE-2024-46831 * CVE-2024-46834 * CVE-2024-46835 * CVE-2024-46836 * CVE-2024-46840 * CVE-2024-46841 * CVE-2024-46842 * CVE-2024-46843 * CVE-2024-46846 * CVE-2024-46848 * CVE-2024-46849 * CVE-2024-46851 * CVE-2024-46852 * CVE-2024-46853 * CVE-2024-46854 * CVE-2024-46855 * CVE-2024-46857 * CVE-2024-46859 * CVE-2024-46860 * CVE-2024-46861 * CVE-2024-46864 * CVE-2024-46870 * CVE-2024-46871 * CVE-2024-47658 * CVE-2024-47660 * CVE-2024-47661 * CVE-2024-47662 * CVE-2024-47663 * CVE-2024-47664 * CVE-2024-47665 * CVE-2024-47667 * CVE-2024-47668 * CVE-2024-47669 * CVE-2024-47670 * CVE-2024-47671 * CVE-2024-47672 * CVE-2024-47673 * CVE-2024-47674 * CVE-2024-47675 * CVE-2024-47681 * CVE-2024-47682 * CVE-2024-47684 * CVE-2024-47685 * CVE-2024-47686 * CVE-2024-47687 * CVE-2024-47688 * CVE-2024-47692 * CVE-2024-47693 * CVE-2024-47695 * CVE-2024-47696 * CVE-2024-47697 * CVE-2024-47698 * CVE-2024-47699 * CVE-2024-47702 * CVE-2024-47704 * CVE-2024-47705 * CVE-2024-47706 * CVE-2024-47707 * CVE-2024-47709 * CVE-2024-47710 * CVE-2024-47712 * CVE-2024-47713 * CVE-2024-47714 * CVE-2024-47715 * CVE-2024-47718 * CVE-2024-47719 * CVE-2024-47720 * CVE-2024-47723 * CVE-2024-47727 * CVE-2024-47728 * CVE-2024-47730 * CVE-2024-47731 * CVE-2024-47732 * CVE-2024-47735 * CVE-2024-47737 * CVE-2024-47738 * CVE-2024-47739 * CVE-2024-47741 * CVE-2024-47742 * CVE-2024-47743 * CVE-2024-47744 * CVE-2024-47745 * CVE-2024-47747 * CVE-2024-47748 * CVE-2024-47749 * CVE-2024-47750 * CVE-2024-47751 * CVE-2024-47752 * CVE-2024-47753 * CVE-2024-47754 * CVE-2024-47756 * CVE-2024-47757 * CVE-2024-49850 * CVE-2024-49851 * CVE-2024-49853 * CVE-2024-49855 * CVE-2024-49858 * CVE-2024-49860 * CVE-2024-49861 * CVE-2024-49862 * CVE-2024-49863 * CVE-2024-49864 * CVE-2024-49867 * CVE-2024-49870 * CVE-2024-49871 * CVE-2024-49874 * CVE-2024-49875 * CVE-2024-49877 * CVE-2024-49878 * CVE-2024-49879 * CVE-2024-49882 * CVE-2024-49886 * CVE-2024-49888 * CVE-2024-49890 * CVE-2024-49891 * CVE-2024-49892 * CVE-2024-49896 * CVE-2024-49898 * CVE-2024-49900 * CVE-2024-49902 * CVE-2024-49903 * CVE-2024-49906 * CVE-2024-49907 * CVE-2024-49908 * CVE-2024-49914 * CVE-2024-49917 * CVE-2024-49918 * CVE-2024-49919 * CVE-2024-49920 * CVE-2024-49928 * CVE-2024-49929 * CVE-2024-49930 * CVE-2024-49931 * CVE-2024-49935 * CVE-2024-49936 * CVE-2024-49937 * CVE-2024-49938 * CVE-2024-49939 * CVE-2024-49946 * CVE-2024-49947 * CVE-2024-49949 * CVE-2024-49950 * CVE-2024-49953 * CVE-2024-49954 * CVE-2024-49955 * CVE-2024-49957 * CVE-2024-49958 * CVE-2024-49960 * CVE-2024-49961 * CVE-2024-49962 * CVE-2024-49963 * CVE-2024-49965 * CVE-2024-49966 * CVE-2024-49967 * CVE-2024-49969 * CVE-2024-49972 * CVE-2024-49973 * CVE-2024-49974 * CVE-2024-49981 * CVE-2024-49982 * CVE-2024-49985 * CVE-2024-49986 * CVE-2024-49991 * CVE-2024-49993 * CVE-2024-49995 * CVE-2024-49996 * CVE-2024-50000 * CVE-2024-50001 * CVE-2024-50002 * CVE-2024-50007 * CVE-2024-50008 * CVE-2024-50013 * CVE-2024-50017 * CVE-2024-50019 * CVE-2024-50020 * CVE-2024-50021 * CVE-2024-50022 * CVE-2024-50023 * CVE-2024-50024 * CVE-2024-50025 * CVE-2024-50027 * CVE-2024-50028 * CVE-2024-50031 * CVE-2024-50033 * CVE-2024-50035 * CVE-2024-50040 * CVE-2024-50041 * CVE-2024-50042 * CVE-2024-50044 * CVE-2024-50045 * CVE-2024-50046 * CVE-2024-50047 * CVE-2024-50048 * CVE-2024-50049 * CVE-2024-50055 * CVE-2024-50058 * CVE-2024-50059 * CVE-2024-50060 * CVE-2024-50061 * CVE-2024-50062 * CVE-2024-50063 * CVE-2024-50064 * CVE-2024-50069 * CVE-2024-50073 * CVE-2024-50074 * CVE-2024-50075 * CVE-2024-50076 * CVE-2024-50077 * CVE-2024-50078 CVSS scores: * CVE-2023-52766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52800 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52800 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52881 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52917 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2023-52917 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52917 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52918 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52918 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52918 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26758 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26761 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26767 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-26767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26943 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27026 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36244 ( SUSE ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2024-38576 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38576 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-38577 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38577 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38599 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-41016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-41031 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41047 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-41082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44932 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44932 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44958 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44964 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:H/SI:H/SA:H * CVE-2024-44964 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44964 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45016 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45025 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45025 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46678 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L * CVE-2024-46678 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46678 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46721 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46721 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46754 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46754 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46766 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46770 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46770 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46775 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46777 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46797 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46797 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46797 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46802 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46802 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46802 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46803 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46803 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46803 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46804 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46804 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-46804 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46805 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46805 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46805 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46806 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46806 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46806 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46807 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46807 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46807 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46809 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46809 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46809 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46810 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46810 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46810 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46811 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46811 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46811 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46812 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46812 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46813 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46813 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46813 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46814 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46814 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46814 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46815 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46816 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46816 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46817 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46819 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46819 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46821 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46821 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46825 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-46826 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46827 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46828 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46830 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46831 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46831 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46834 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46834 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46835 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46836 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46836 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46840 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46840 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46841 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46841 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46842 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46842 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46843 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46843 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46846 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46846 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46848 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46848 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46849 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46849 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46851 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46852 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46853 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46854 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-46854 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-46855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46855 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46857 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46859 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46859 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46860 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46860 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46861 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46864 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46864 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46870 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46870 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46870 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46871 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-46871 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-46871 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47658 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47658 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47658 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47660 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-47660 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47660 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47661 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-47661 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-47661 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47662 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-47662 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-47662 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47663 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47663 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47663 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47664 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47664 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47664 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47665 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47665 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47665 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47667 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-47667 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2024-47667 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47668 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-47668 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-47668 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47669 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47669 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-47669 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47670 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47670 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47671 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-47671 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47672 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47672 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47673 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47673 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47674 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47674 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47674 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47675 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47675 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47675 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47681 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47681 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47681 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47682 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47682 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-47682 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47684 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47684 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47685 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-47685 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-47685 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47686 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-47686 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-47686 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47687 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47687 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47687 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47688 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47688 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47688 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47692 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47692 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47692 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47693 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-47693 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-47693 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47695 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-47695 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-47695 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47696 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47696 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47696 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47697 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-47697 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-47697 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47698 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-47698 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-47698 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47699 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47699 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47699 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47702 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47702 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47702 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47704 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47704 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47705 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47705 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47705 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47706 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47706 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47706 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47707 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47707 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47707 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47709 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47709 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47709 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47710 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-47710 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47710 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47712 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47712 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47713 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47713 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47714 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47714 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47715 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47715 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47715 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47718 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47718 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47719 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47719 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-47719 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47720 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47720 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47723 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47723 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47723 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47727 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47727 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47727 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47728 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47730 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47731 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47731 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47731 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47732 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47732 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47735 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47735 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47737 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-47737 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47737 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47738 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47738 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47739 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47741 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47741 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47741 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47742 ( SUSE ): 8.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-47742 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2024-47742 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47743 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47743 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47743 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47744 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47744 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47744 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47745 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47745 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47745 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47747 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47747 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47747 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47748 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47748 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47748 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47749 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47749 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47749 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47750 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47750 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47750 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47751 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47751 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47751 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47752 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47752 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47752 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47753 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47753 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47754 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47754 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47756 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47756 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47756 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47757 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47757 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47757 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49850 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49850 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49850 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49851 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49851 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49853 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49853 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49853 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49855 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49855 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49855 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49858 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-49858 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-49858 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49860 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49860 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49860 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49861 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2024-49861 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-49861 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-49862 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-49862 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-49862 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49863 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49863 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49864 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49864 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49867 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49867 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49867 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49870 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-49870 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-49870 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49871 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49871 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49874 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49874 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49874 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49875 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49875 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-49875 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-49877 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49877 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49877 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49878 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-49878 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-49879 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49879 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49882 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49882 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49888 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49888 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49890 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49890 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49890 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49891 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49891 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49891 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49892 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49892 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49892 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49896 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49896 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49898 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49898 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49900 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-49900 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-49900 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49902 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49902 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49903 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49903 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49903 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49906 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49906 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49907 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49908 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49908 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49908 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49914 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49914 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49914 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49917 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49917 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49918 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49918 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49918 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49919 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49919 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49920 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49928 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-49928 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-49928 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49929 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49929 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49930 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49931 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49931 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49931 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49935 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49935 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49936 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49936 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49937 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49937 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49938 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49938 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49939 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49946 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49949 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49949 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49950 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49953 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49953 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49954 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49954 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49955 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49955 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49957 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49957 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49958 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49960 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49960 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49960 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49961 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49961 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49962 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49962 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49962 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49963 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49963 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49965 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49965 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49966 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49966 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49967 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49967 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49969 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49969 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49969 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49972 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-49972 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-49972 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49973 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49974 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49974 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49974 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49981 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49981 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49982 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49985 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49985 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49986 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49986 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49991 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49993 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49993 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-49993 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49995 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49995 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-49995 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49996 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49996 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50000 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50000 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50001 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50001 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50002 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50002 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50007 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50007 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50007 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50008 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-50008 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-50008 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50013 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50017 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50017 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50019 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50019 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50020 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50020 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50021 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50022 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50022 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50023 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50023 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50024 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50024 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50025 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50025 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50027 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50027 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50028 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50031 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50031 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50033 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50033 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50035 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50035 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50035 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50040 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50040 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50041 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50041 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50042 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50044 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50044 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50045 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50046 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50046 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50047 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50047 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50048 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50048 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50049 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50049 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50055 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50055 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50058 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50058 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50059 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50059 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50060 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50061 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50061 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50062 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50062 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50063 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50063 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50064 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50069 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50069 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50073 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50073 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-50073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50074 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50075 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50075 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50076 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50076 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-50077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50078 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50078 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Real Time Module 15-SP6 An update that solves 268 vulnerabilities, contains three features and has 60 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-36244: net/sched: taprio: extend minimum interval restriction to entire cycle too (bsc#1226797). * CVE-2024-41031: mm/filemap: skip to create PMD-sized page cache if needed (bsc#1228454). * CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command (bsc#1228620). * CVE-2024-44958: sched/smt: Fix unbalance sched_smt_present dec/inc (bsc#1230179). * CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429). * CVE-2024-45025: fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE (bsc#1230456). * CVE-2024-46678: bonding: change ipsec_lock from spin lock to mutex (bsc#1230550). * CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710) * CVE-2024-46754: bpf: Remove tst_run from lwt_seg6local_prog_ops (bsc#1230801). * CVE-2024-46766: ice: move netif_queue_set_napi to rtnl-protected sections (bsc#1230762). * CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763). * CVE-2024-46775: drm/amd/display: Validate function returns (bsc#1230774). * CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773). * CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191). * CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197). * CVE-2024-46826: ELF: fix kernel.randomize_va_space double read (bsc#1231115). * CVE-2024-46828: uprobes: fix kernel info leak via "[uprobes]" vma (bsc#1231114). * CVE-2024-46831: net: microchip: vcap: Fix use-after-free error in kunit test (bsc#1231117). * CVE-2024-46834: ethtool: fail closed if we can't get max channel used in indirection tables (bsc#1231096). * CVE-2024-46840: btrfs: clean up our handling of refs == 0 in snapshot delete (bsc#1231105). * CVE-2024-46841: btrfs: do not BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() (bsc#1231094). * CVE-2024-46843: scsi: ufs: core: Remove SCSI host only if added (bsc#1231100). * CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084). * CVE-2024-46855: netfilter: nft_socket: fix sk refcount leaks (bsc#1231085). * CVE-2024-46857: net/mlx5: Fix bridge mode operations when there are no VFs (bsc#1231087). * CVE-2024-46870: drm/amd/display: Disable DMCUB timeout for DCN35 (bsc#1231435). * CVE-2024-47658: crypto: stm32/cryp - call finalize with bh disabled (bsc#1231436). * CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439). * CVE-2024-47664: spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware (bsc#1231442). * CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673). * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987). * CVE-2024-47685: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (bsc#1231998). * CVE-2024-47687: vdpa/mlx5: Fix invalid mr resource destroy (bsc#1232003). * CVE-2024-47692: nfsd: return -EINVAL when namelen is 0 (bsc#1231857). * CVE-2024-47704: drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944). * CVE-2024-47705: block: fix potential invalid pointer dereference in blk_add_partition (bsc#1231872). * CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942). * CVE-2024-47707: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (bsc#1231935). * CVE-2024-47710: sock_map: Add a cond_resched() in sock_hash_free() (bsc#1232049). * CVE-2024-47727: x86/tdx: Fix "in-kernel MMIO" check (bsc#1232116). * CVE-2024-47730: crypto: hisilicon/qm - inject error before stopping queue (bsc#1232075). * CVE-2024-47731: drivers/perf: Fix ali_drw_pmu driver interrupt status clearing (bsc#1232117). * CVE-2024-47739: padata: use integer wrap around to prevent deadlock on seq_nr overflow (bsc#1232124). * CVE-2024-47741: btrfs: fix race setting file private on concurrent lseek using same fd (bsc#1231869). * CVE-2024-47745: mm: split critical region in remap_file_pages() and invoke LSMs in between (bsc#1232135). * CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145). * CVE-2024-47752: media: mediatek: vcodec: Fix H264 stateless decoder smatch warning (bsc#1232130). * CVE-2024-47753: media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning (bsc#1231868). * CVE-2024-47754: media: mediatek: vcodec: Fix H264 multi stateless decoder smatch warning (bsc#1232131). * CVE-2024-49864: rxrpc: Fix a race between socket set up and I/O thread creation (bsc#1232256). * CVE-2024-49867: btrfs: wait for fixup workers before stopping cleaner kthread during umount (bsc#1232262). * CVE-2024-49882: ext4: fix double brelse() the buffer of the extents path (bsc#1232200). * CVE-2024-49888: bpf: Fix a sdiv overflow issue (bsc#1232208). * CVE-2024-49890: drm/amd/pm: ensure the fw_info is not null before using it (bsc#1232217). * CVE-2024-49892: drm/amd/display: Initialize get_bytes_per_element's default to 1 (bsc#1232220). * CVE-2024-49896: drm/amd/display: Check stream before comparing them (bsc#1232221). * CVE-2024-49898: drm/amd/display: Check null-initialized variables (bsc#1232222). * CVE-2024-49906: drm/amd/display: Check null pointer before try to access it (bsc#1232332). * CVE-2024-49907: drm/amd/display: Check null pointers before using dc->clk_mgr (bsc#1232334). * CVE-2024-49908: drm/amd/display: Add null check for 'afb' in amdgpu_dm_update_cursor (bsc#1232335). * CVE-2024-49914: drm/amd/display: Add null check for pipe_ctx->plane_state in (bsc#1232369). * CVE-2024-49917: drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn30_init_hw (bsc#1231965). * CVE-2024-49918: drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer (bsc#1231967). * CVE-2024-49919: drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer (bsc#1231968). * CVE-2024-49920: drm/amd/display: Check null pointers before multiple uses (bsc#1232313). * CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424). * CVE-2024-49946: ppp: do not assume bh is held in ppp_channel_bridge_input() (bsc#1232164). * CVE-2024-49949: net: avoid potential underflow in qdisc_pkt_len_init() with UFO (bsc#1232160). * CVE-2024-49950: Bluetooth: L2CAP: Fix uaf in l2cap_connect (bsc#1232159). * CVE-2024-49953: net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice (bsc#1232156). * CVE-2024-49954: static_call: Replace pointless WARN_ON() in static_call_module_notify() (bsc#1232155). * CVE-2024-49958: ocfs2: reserve space for inline xattr before attaching reflink tree (bsc#1232151). * CVE-2024-49960: ext4: fix timer use-after-free on failed mount (bsc#1232395). * CVE-2024-49967: ext4: no need to continue when the number of entries is 1 (bsc#1232140). * CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519). * CVE-2024-49972: drm/amd/display: Deallocate DML memory if allocation fails (bsc#1232315). * CVE-2024-49973: r8169: add tally counter fields added with RTL8125 (bsc#1232105). * CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383). * CVE-2024-49986: platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors (bsc#1232093). * CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282). * CVE-2024-49993: iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0 count (bsc#1232316). * CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432). * CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089). * CVE-2024-50000: net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() (bsc#1232085). * CVE-2024-50001: net/mlx5: Fix error path in multi-packet WQE transmit (bsc#1232084). * CVE-2024-50002: static_call: Handle module init failure correctly in static_call_del_module() (bsc#1232083). * CVE-2024-50020: ice: Fix improper handling of refcount in ice_sriov_set_msix_vec_count() (bsc#1231989). * CVE-2024-50021: ice: Fix improper handling of refcount in ice_dpll_init_rclk_pins() (bsc#1231957). * CVE-2024-50022: device-dax: correct pgoff align in dax_set_mapping() (bsc#1231956). * CVE-2024-50024: net: Fix an unsafe loop on the list (bsc#1231954). * CVE-2024-50027: thermal: core: Free tzp copy along with the thermal zone (bsc#1231951). * CVE-2024-50028: thermal: core: Reference count the zone in thermal_zone_get_by_id() (bsc#1231950). * CVE-2024-50033: slip: make slhc_remember() more robust against malicious packets (bsc#1231914). * CVE-2024-50035: ppp: fix ppp_async_encode() illegal access (bsc#1232392). * CVE-2024-50040: igb: Do not bring the device up after non-fatal error (bsc#1231908). * CVE-2024-50041: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash (bsc#1231907). * CVE-2024-50042: ice: Fix increasing MSI-X on VF (bsc#1231906). * CVE-2024-50045: netfilter: br_netfilter: fix panic with metadata_dst skb (bsc#1231903). * CVE-2024-50046: kabi fix for NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() (bsc#1231902). * CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418). * CVE-2024-50059: ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition (bsc#1232345). * CVE-2024-50060: io_uring: check if we need to reschedule during overflow flush (bsc#1232417). * CVE-2024-50063: kABI: bpf: struct bpf_map kABI workaround (bsc#1232435). * CVE-2024-50064: zram: do not free statically defined names (bsc#1231901). The following non-security bugs were fixed: * 9p: explicitly deny setlease attempts (git-fixes). * ACPI: CPPC: Add support for setting EPP register in FFH (stable-fixes). * ACPI: CPPC: Make rmw_lock a raw_spin_lock (git-fixes). * ACPI: EC: Do not release locks during operation region accesses (stable- fixes). * ACPI: PAD: fix crash in exit_round_robin() (stable-fixes). * ACPI: PRM: Clean up guid type in struct prm_handler_info (git-fixes). * ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context (git- fixes). * ACPI: battery: Fix possible crash when unregistering a battery hook (git- fixes). * ACPI: battery: Simplify battery hook locking (stable-fixes). * ACPI: button: Add DMI quirk for Samsung Galaxy Book2 to fix initial lid detection issue (stable-fixes). * ACPI: resource: Add Asus ExpertBook B2502CVA to irq1_level_low_skip_override[] (stable-fixes). * ACPI: resource: Add Asus Vivobook X1704VAP to irq1_level_low_skip_override[] (stable-fixes). * ACPI: resource: Add LG 16T90SP to irq1_level_low_skip_override[] (stable- fixes). * ACPI: resource: Add another DMI match for the TongFang GMxXGxx (stable- fixes). * ACPI: video: Add force_vendor quirk for Panasonic Toughbook CF-18 (stable- fixes). * ACPICA: Fix memory leak if acpi_ps_get_next_field() fails (stable-fixes). * ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails (stable-fixes). * ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() (stable-fixes). * ACPICA: iasl: handle empty connection_node (stable-fixes). * ALSA/hda: intel-sdw-acpi: cleanup sdw_intel_scan_controller (stable-fixes). * ALSA/hda: intel-sdw-acpi: fetch fwnode once in sdw_intel_scan_controller() (stable-fixes). * ALSA/hda: intel-sdw-acpi: simplify sdw-master-count property read (stable- fixes). * ALSA: Reorganize kerneldoc parameter names (stable-fixes). * ALSA: asihpi: Fix potential OOB array access (stable-fixes). * ALSA: core: add isascii() check to card ID generator (stable-fixes). * ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (git-fixes). * ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2 (stable- fixes). * ALSA: hda/conexant - Use cached pin control for Node 0x1d on HP EliteOne 1000 G2 (git-fixes). * ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin (git-fixes). * ALSA: hda/conexant: fix some typos (stable-fixes). * ALSA: hda/cs8409: Fix possible NULL dereference (git-fixes). * ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs (bsc#1219803). * ALSA: hda/realtek: Add a quirk for HP Pavilion 15z-ec200 (stable-fixes). * ALSA: hda/realtek: Add quirk for Huawei MateBook 13 KLV-WX9 (stable-fixes). * ALSA: hda/realtek: Add subwoofer quirk for Acer Predator G9-593 (stable- fixes). * ALSA: hda/realtek: Add subwoofer quirk for Infinix ZERO BOOK 13 (stable- fixes). * ALSA: hda/realtek: Enable mic on Vaio VJFH52 (stable-fixes). * ALSA: hda/realtek: Fix headset mic on TUXEDO Gemini 17 Gen3 (stable-fixes). * ALSA: hda/realtek: Fix headset mic on TUXEDO Stellaris 16 Gen6 mb1 (stable- fixes). * ALSA: hda/realtek: Fix the push button function for the ALC257 (git-fixes). * ALSA: hda/realtek: Limit internal Mic boost on Dell platform (stable-fixes). * ALSA: hda/realtek: Refactor and simplify Samsung Galaxy Book init (stable- fixes). * ALSA: hda/realtek: Update default depop procedure (git-fixes). * ALSA: hda/realtek: fix mute/micmute LED for HP mt645 G8 (stable-fixes). * ALSA: hda/realtek: tas2781: Fix ROG ALLY X audio (stable-fixes). * ALSA: hda/tas2781: Add new quirk for Lenovo Y990 Laptop (stable-fixes). * ALSA: hda/tas2781: Add new quirk for Lenovo, ASUS, Dell projects (stable- fixes). * ALSA: hda/tas2781: select CRC32 instead of CRC32_SARWATE (git-fixes). * ALSA: hda: Sound support for HP Spectre x360 16 inch model 2024 (stable- fixes). * ALSA: hda: tas2781: Fix missing setup at runtime PM (bsc#1230132). * ALSA: hdsp: Break infinite MIDI input flush loop (stable-fixes). * ALSA: line6: add hw monitor volume control to POD HD500X (stable-fixes). * ALSA: line6: update contact information (stable-fixes). * ALSA: mixer_oss: Remove some incorrect kfree_const() usages (git-fixes). * ALSA: silence integer wrapping warning (stable-fixes). * ALSA: usb-audio: Add delay quirk for VIVO USB-C HEADSET (stable-fixes). * ALSA: usb-audio: Add input value sanity checks for standard types (stable- fixes). * ALSA: usb-audio: Add logitech Audio profile quirk (stable-fixes). * ALSA: usb-audio: Add native DSD support for Luxman D-08u (stable-fixes). * ALSA: usb-audio: Add quirk for HP 320 FHD Webcam (bsc#1232768). * ALSA: usb-audio: Add quirks for Dell WD19 dock (stable-fixes). * ALSA: usb-audio: Define macros for quirk table entries (stable-fixes). * ALSA: usb-audio: Replace complex quirk lines with macros (stable-fixes). * ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet (stable-fixes). * ASoC: Intel: bytcr_rt5640: Add support for non ACPI instantiated codec (stable-fixes). * ASoC: Intel: sst: Fix used of uninitialized ctx to log an error (git-fixes). * ASoC: Intel: sst: Support LPE0F28 ACPI HID (stable-fixes). * ASoC: amd: yc: Add quirk for HP Dragonfly pro one (stable-fixes). * ASoC: atmel: mchp-pdmc: Skip ALSA restoration if substream runtime is uninitialized (git-fixes). * ASoC: codecs: lpass-rx-macro: add missing CDC_RX_BCL_VBAT_RF_PROC2 to default regs values (stable-fixes). * ASoC: codecs: rt5640: Always disable IRQs from rt5640_cancel_work() (stable- fixes). * ASoC: codecs: wsa883x: Handle reading version failure (stable-fixes). * ASoC: cs42l51: Fix some error handling paths in cs42l51_probe() (git-fixes). * ASoC: dapm: fix bounds checker error in dapm_widget_list_create (git-fixes). * ASoC: fsl_sai: Enable 'FIFO continue on error' FCONT bit (stable-fixes). * ASoC: imx-card: Set card.owner to avoid a warning calltrace if SND=m (git- fixes). * ASoC: max98388: Fix missing increment of variable slot_found (git-fixes). * ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() (git-fixes). * ASoC: qcom: sm8250: add qrb4210-rb2-sndcard compatible string (stable- fixes). * ASoC: tas2781: Use of_property_read_reg() (stable-fixes). * Bluetooth: Call iso_exit() on module unload (git-fixes). * Bluetooth: ISO: Fix multiple init when debugfs is disabled (git-fixes). * Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (git- fixes). * Bluetooth: Remove debugfs directory on module init failure (git-fixes). * Bluetooth: bnep: fix wild-memory-access in proto_unregister (git-fixes). * Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). * Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0489:0xe122 (stable- fixes). * Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001 (git- fixes). * Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs (git-fixes). * Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (git-fixes). * Drop USB dwc2 patch that caused a regression on RPi3 (bsc#1232342) * Drop the previous HD-audio TAS2781 fix (bsc#1230132) The proposed fix turned out to be incorrect * HID: Ignore battery for all ELAN I2C-HID devices (stable-fixes). * HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() (git-fixes). * HID: i2c-hid: Remove I2C_HID_QUIRK_SET_PWR_WAKEUP_DEV quirk (stable-fixes). * HID: multitouch: Add support for Thinkpad X12 Gen 2 Kbd Portfolio (stable- fixes). * HID: multitouch: Add support for lenovo Y9000P Touchpad (stable-fixes). * HID: plantronics: Workaround for an unexcepted opposite volume key (stable- fixes). * Input: adp5589-keys - fix NULL pointer dereference (git-fixes). * Input: adp5589-keys - fix adp5589_gpio_get_value() (git-fixes). * Input: edt-ft5x06 - fix regmap leak when probe fails (git-fixes). * Input: i8042 - add TUXEDO Stellaris 15 Slim Gen6 AMD to i8042 quirk table (stable-fixes). * Input: i8042 - add TUXEDO Stellaris 16 Gen5 AMD to i8042 quirk table (stable-fixes). * Input: i8042 - add another board name for TUXEDO Stellaris Gen5 AMD line (stable-fixes). * KVM: Fix coalesced_mmio_has_room() to avoid premature userspace exit (git- fixes). * KVM: SVM: Disallow guest from changing userspace's MSR_AMD64_DE_CFG value (git-fixes). * KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock (git- fixes). * KVM: VMX: Also clear SGX EDECCSSA in KVM CPU caps when SGX is disabled (git- fixes). * KVM: VMX: Set PFERR_GUEST_{FINAL,PAGE}_MASK if and only if the GVA is valid (git-fixes). * KVM: Write the per-page "segment" when clearing (part of) a guest page (git- fixes). * KVM: s390: Change virtual to physical address access in diag 0x258 handler (git-fixes bsc#1232626). * KVM: s390: Fix SORTL and DFLTCC instruction format error in __insn32_query (git-fixes bsc#1231276). * KVM: s390: gaccess: Check if guest address is in memslot (git-fixes bsc#1232623). * KVM: x86/mmu: Skip emulation on page fault iff 1+ SPs were unprotected (git- fixes). * KVM: x86/mmu: Trigger unprotect logic only on write-protection page faults (git-fixes). * KVM: x86: Dedup fastpath MSR post-handling logic (git-fixes). * KVM: x86: Enforce x2APIC's must-be-zero reserved ICR bits (git-fixes). * KVM: x86: Exit to userspace if fastpath triggers one on instruction skip (git-fixes). * KVM: x86: Move x2APIC ICR helper above kvm_apic_write_nodecode() (git- fixes). * KVM: x86: Re-enter guest if WRMSR(X2APIC_ICR) fastpath is successful (git- fixes). * KVM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC) (git-fixes). * NFS: Avoid unnecessary rescanning of the per-server delegation list (git- fixes). * NFSD: Fix NFSv4's PUTPUBFH operation (git-fixes). * NFSD: Mark filecache "down" if init fails (git-fixes). * NFSv3: only use NFS timeout for MOUNT when protocols are compatible (bsc#1231016). * NFSv4: Fix clearing of layout segments in layoutreturn (git-fixes). * PCI: Add ACS quirk for Qualcomm SA8775P (stable-fixes). * PCI: Add function 0 DMA alias quirk for Glenfly Arise chip (stable-fixes). * PCI: Fix pci_enable_acs() support for the ACS quirks (bsc#1229019). * PCI: Mark Creative Labs EMU20k2 INTx masking as broken (stable-fixes). * RAS/AMD/ATL: Add amd_atl pr_fmt() prefix (jsc#PED-10559). * RAS/AMD/ATL: Expand helpers for adding and removing base and hole (jsc#PED-10559). * RAS/AMD/ATL: Implement DF 4.5 NP2 denormalization (jsc#PED-10559). * RAS/AMD/ATL: Read DRAM hole base early (jsc#PED-10559). * RAS/AMD/ATL: Validate address map when information is gathered (jsc#PED-10559). * RDMA/bnxt_re: Add a check for memory allocation (git-fixes) * RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop (git-fixes) * RDMA/bnxt_re: Change the sequence of updating the CQ toggle value (git- fixes) * RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (git-fixes) * RDMA/bnxt_re: Fix a possible memory leak (git-fixes) * RDMA/bnxt_re: Fix incorrect AVID type in WQE structure (git-fixes) * RDMA/bnxt_re: Fix incorrect dereference of srq in async event (git-fixes) * RDMA/bnxt_re: Fix out of bound check (git-fixes) * RDMA/bnxt_re: Fix the GID table length (git-fixes) * RDMA/bnxt_re: Fix the max CQ WQEs for older adapters (git-fixes) * RDMA/bnxt_re: Fix the usage of control path spin locks (git-fixes) * RDMA/bnxt_re: Return more meaningful error (git-fixes) * RDMA/bnxt_re: synchronize the qp-handle table array (git-fixes) * RDMA/core: Fix ENODEV error for iWARP test over vlan (git-fixes) * RDMA/cxgb4: Dump vendor specific QP details (git-fixes) * RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP (git-fixes) * RDMA/irdma: Fix misspelling of "accept*" (git-fixes) * RDMA/mad: Improve handling of timed out WRs of mad agent (git-fixes) * RDMA/mana_ib: use the correct page size for mapping user-mode doorbell page (git-fixes). * RDMA/mana_ib: use the correct page table index based on hardware page size (git-fixes). * RDMA/mlx5: Enforce umem boundaries for explicit ODP page faults (git-fixes) * RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down (git- fixes) * RDMA/mlx5: Use sq timestamp as QP timestamp when RoCE is disabled (git- fixes). * RDMA/rtrs-srv: Avoid null pointer deref during path establishment (git- fixes) * RDMA/srpt: Make slab cache names unique (git-fixes) * Revert "ALSA: hda/conexant: Mute speakers at suspend / shutdown" (bsc#1228269). * Revert "ALSA: hda: Conditionally use snooping for AMD HDMI" (stable-fixes). * Revert "KEYS: encrypted: Add check for strsep" (git-fixes). * Revert "driver core: Fix uevent_show() vs driver detach race" (git-fixes). * Revert "ixgbe: Manual AN-37 for troublesome link partners for X550 SFI" (git-fixes). * Revert "ubifs: ubifs_symlink: Fix memleak of inode->i_link in error path" (git-fixes). * Revert "wifi: iwlwifi: remove retry loops in start" (git-fixes). * SUNRPC: Fix integer overflow in decode_rc_list() (git-fixes). * SUNRPC: Fixup gss_status tracepoint error output (git-fixes). * SUNRPC: clnt.c: Remove misleading comment (git-fixes). * USB: appledisplay: close race between probe and completion handler (git- fixes). * USB: misc: cypress_cy7c63: check for short transfer (git-fixes). * USB: misc: yurex: fix race between read and write (git-fixes). * USB: serial: option: add Telit FN920C04 MBIM compositions (stable-fixes). * USB: serial: option: add support for Quectel EG916Q-GL (stable-fixes). * Use pahole -j1 option for reproducible builds (bsc#1230414 bsc#1229450). * accel/qaic: Fix the for loop used to walk SG table (git-fixes). * arm64: Subscribe Microsoft Azure Cobalt 100 to erratum 3194386 (git-fixes) * arm64: cputype: Add Neoverse-N3 definitions (git-fixes) * arm64: errata: Enable the AC03_CPU_38 workaround for ampere1a (git-fixes). * arm64: errata: Expand speculative SSBS workaround once more (git-fixes) * arm64: esr: Define ESR_ELx_EC_* constants as UL (git-fixes) * arm64: fix selection of HAVE_DYNAMIC_FTRACE_WITH_ARGS (git-fixes). * arm64: probes: Fix simulate_ldr*_literal() (git-fixes) * arm64: probes: Fix uprobes for big-endian kernels (git-fixes) * arm64: probes: Remove broken LDR (literal) uprobe support (git-fixes) * ata: libata: Set DID_TIME_OUT for commands that actually timed out (git- fixes). * ata: libata: avoid superfluous disk spin down + spin up during hibernation (git-fixes). * audit: do not WARN_ON_ONCE(!current->mm) in audit_exe_compare() (git-fixes). * audit: do not take task_lock() in audit_exe_compare() code path (git-fixes). * block: print symbolic error name instead of error code (bsc#1231872). * block: sed-opal: add ioctl IOC_OPAL_SET_SID_PW (bsc#1229677). * bnxt_en: Cap the size of HWRM_PORT_PHY_QCFG forwarded response (git-fixes). * bnxt_en: Fix error recovery for 5760X (P7) chips (git-fixes). * bnxt_en: Fix the PCI-AER routines (git-fixes). * bnxt_en: Restore PTP tx_avail count in case of skb_pad() error (git-fixes). * bnxt_en: refactor reset close code (git-fixes). * bpf, lsm: Add disabled BPF LSM hook list (git-fixes). * bpf, net: Fix a potential race in do_sock_getsockopt() (git-fixes). * bpf, verifier: Correct tail_call_reachable for bpf prog (git-fixes). * bpf, x64: Remove tail call detection (git-fixes). * bpf,perf: Fix perf_event_detach_bpf_prog error handling (git-fixes). * bpf: Fail verification for sign-extension of packet data/data_end/data_meta (git-fixes). * bpf: Fix bpf_strtol and bpf_strtoul helpers for 32bit (git-fixes). * bpf: Fix error message on kfunc arg type mismatch (git-fixes). * bpf: Fix helper writes to read-only maps (git-fixes). * bpf: Fix tailcall cases in test_bpf (git-fixes). * bpf: Fix truncation bug in coerce_reg_to_size_sx() (git-fixes). * bpf: Improve check_raw_mode_ok test for MEM_UNINIT-tagged types (git-fixes). * bpf: Remove truncation test in bpf_strtol and bpf_strtoul helpers (git- fixes). * bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error (git-fixes). * bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos (git-fixes). * btf, scripts: rust: drop is_rust_module.sh (bsc#1230414 bsc#1229450). * btrfs: send: fix invalid clone operation for file that got its size decreased (git-fixes). * can: netlink: avoid call to do_set_data_bittiming callback with stale can_priv::ctrlmode (stable-fixes). * ceph: fix cap ref leak via netfs init_request (bsc#1231384). * clk: bcm: bcm53573: fix OF node leak in init (stable-fixes). * clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D (stable-fixes). * comedi: ni_routing: tools: Check when the file could not be opened (stable- fixes). * config: Disable LAM on x86 (bsc#1217845) * cpufreq/amd-pstate: Fix amd_pstate mode switch on shared memory systems (git-fixes). * crypto: hisilicon/qm - flush all work before driver removed (bsc#1232075) * crypto: octeontx - Fix authenc setkey (stable-fixes). * crypto: octeontx* - Select CRYPTO_AUTHENC (git-fixes). * crypto: octeontx2 - Fix authenc setkey (stable-fixes). * crypto: powerpc/p10-aes-gcm - Add dependency on CRYPTO_SIMD and re-enable CRYPTO_AES_GCM_P10 (bsc#1230501 ltc#208632). * crypto: powerpc/p10-aes-gcm - Disable CRYPTO_AES_GCM_P10 (bsc#1230501 ltc#208632). * crypto: powerpc/p10-aes-gcm - Re-write AES/GCM stitched implementation (bsc#1230501 ltc#208632). * crypto: powerpc/p10-aes-gcm - Register modules as SIMD (bsc#1230501 ltc#208632). * cxgb4: Properly lock TX queue for the selftest (git-fixes). * cxgb4: add forgotten u64 ivlan cast before shift (git-fixes). * cxgb4: unnecessary check for 0 in the free_sge_txq_uld() function (git- fixes). * dcache: keep dentry_hashtable or d_hash_shift even when not used (git- fixes). * debugfs: fix automount d_fsdata usage (git-fixes). * devlink: Fix command annotation documentation (git-fixes). * dmaengine: sh: rz-dmac: handle configs where one address is zero (git- fixes). * dmaengine: ti: k3-udma: Set EOP for all TRs in cyclic BCDMA transfer (git- fixes). * driver core: bus: Fix double free in driver API bus_register() (stable- fixes). * driver core: bus: Return -EIO instead of 0 when show/store invalid bus attribute (stable-fixes). * drm/amd/amdgpu: Fix double unlock in amdgpu_mes_add_ring (git-fixes). * drm/amd/display: Add HDMI DSC native YCbCr422 support (stable-fixes). * drm/amd/display: Add disable timeout option (bsc#1231435) * drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944) * drm/amd/display: Check null pointer before dereferencing se (stable-fixes). * drm/amd/display: Clean up dsc blocks in accelerated mode (stable-fixes). * drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too (stable-fixes). * drm/amd/display: Remove a redundant check in authenticated_dp (stable- fixes). * drm/amd/display: Revert "Check HDCP returned status" (stable-fixes). * drm/amd/display: Round calculated vtotal (stable-fixes). * drm/amd/display: Skip to enable dsc if it has been off (stable-fixes). * drm/amd/display: Validate backlight caps are sane (stable-fixes). * drm/amd/pm: Vangogh: Fix kernel memory out of bounds write (git-fixes). * drm/amd: Guard against bad data for ATIF ACPI method (git-fixes). * drm/amdgpu/swsmu: Only force workload setup on init (git-fixes). * drm/amdgpu/vcn: enable AV1 on both instances (stable-fixes). * drm/i915/gem: fix bitwise and logical AND mixup (git-fixes). * drm/i915/hdcp: fix connector refcounting (git-fixes). * drm/mediatek: Fix get efuse issue for MT8188 DPTX (git-fixes). * drm/msm/dpu: check for overflow in _dpu_crtc_setup_lm_bounds() (git-fixes). * drm/msm/dpu: do not always program merge_3d block (git-fixes). * drm/msm/dpu: make sure phys resources are properly initialized (git-fixes). * drm/msm/dpu: move CRTC resource assignment to dpu_encoder_virt_atomic_check (git-fixes). * drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate calculation (git-fixes). * drm/msm/dsi: improve/fix dsc pclk calculation (git-fixes). * drm/msm: Allocate memory for disp snapshot with kvzalloc() (git-fixes). * drm/msm: Avoid NULL dereference in msm_disp_state_print_regs() (git-fixes). * drm/radeon: Fix encoder->possible_clones (git-fixes). * drm/sched: Add locking to drm_sched_entity_modify_sched (git-fixes). * drm/sched: Always wake up correct scheduler in drm_sched_entity_push_job (git-fixes). * drm/v3d: Stop the active perfmon before being destroyed (git-fixes). * drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA (stable-fixes). * drm/vc4: Stop the active perfmon before being destroyed (git-fixes). * drm/vmwgfx: Handle surface check failure correctly (git-fixes). * drm: Consistently use struct drm_mode_rect for FB_DAMAGE_CLIPS (git-fixes). * e1000e: Fix S0ix residency on corporate systems (git-fixes). * e1000e: change I219 (19) devices to ADP (git-fixes). * e1000e: fix force smbus during suspend flow (git-fixes). * e1000e: move force SMBUS near the end of enable_ulp function (git-fixes). * efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (stable-fixes). * eth: bnxt: fix counting packets discarded due to OOM and netpoll (git- fixes). * ext4: do not track ranges in fast_commit if inode has inlined data (bsc#1231635). * ext4: fix fast commit inode enqueueing during a full journal commit (bsc#1231636). * ext4: fix incorrect tid assumption in ext4_fc_mark_ineligible() (bsc#1231637). * ext4: fix possible tid_t sequence overflows (bsc#1231634). * ext4: mark fc as ineligible using an handle in ext4_xattr_set() (bsc#1231640). * ext4: use handle to mark fc as ineligible in __track_dentry_update() (bsc#1231639). * fat: fix uninitialized variable (git-fixes). * fbcon: Fix a NULL pointer dereference issue in fbcon_putcs (stable-fixes). * fbdev: sisfb: Fix strbuf array overflow (stable-fixes). * fgraph: Change the name of cpuhp state to "fgraph:online" (git-fixes). * fgraph: Fix missing unlock in register_ftrace_graph() (git-fixes). * fgraph: Use CPU hotplug mechanism to initialize idle shadow stacks (git- fixes). * filemap: remove use of wait bookmarks (bsc#1224088). * firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier() (git- fixes). * firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup() (git- fixes). * firmware: arm_sdei: Fix the input parameter of cpuhp_remove_state() (git- fixes). * fs/9p: drop inodes immediately on non-.L too (git-fixes). * fs/9p: fix the cache always being enabled on files with qid flags (git- fixes). * genirq/msi: Fix off-by-one error in msi_domain_alloc() (git-fixes). * gpio: aspeed: Add the flush write to ensure the write complete (git-fixes). * gpio: aspeed: Use devm_clk api to manage clock source (git-fixes). * gpio: davinci: fix lazy disable (git-fixes). * gve: Fix XDP TX completion handling when counters overflow (git-fixes). * gve: Fix an edge case for TSO skb validity check (git-fixes). * gve: ignore nonrelevant GSO type bits when processing TSO headers (git- fixes). * hid: intel-ish-hid: Fix uninitialized variable 'rv' in ish_fw_xfer_direct_dma (git-fixes). * hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event (git-fixes). * hwmon: (adm9240) Add missing dependency on REGMAP_I2C (git-fixes). * hwmon: (adt7470) Add missing dependency on REGMAP_I2C (git-fixes). * hwmon: (max16065) Fix alarm attributes (git-fixes). * hwmon: (max16065) Remove use of i2c_match_id() (stable-fixes). * hwmon: (mc34vr500) Add missing dependency on REGMAP_I2C (git-fixes). * hwmon: (nct6775) add G15CF to ASUS WMI monitoring list (stable-fixes). * hwmon: (tmp513) Add missing dependency on REGMAP_I2C (git-fixes). * hwmon: intel-m10-bmc-hwmon: relabel Columbiaville to CVL Die Temperature (git-fixes). * i2c: core: Setup i2c_adapter runtime-pm before calling device_add() (git- fixes). * i2c: core: fix lockdep warning for sparsely nested adapter chain (git- fixes). * i2c: cpm: Remove linux,i2c-index conversion from be32 (git-fixes). * i2c: exynos5: Calculate t_scl_l, t_scl_h according to i2c spec (git-fixes). * i2c: i801: Add lis3lv02d for Dell Precision 3540 (git-fixes). * i2c: i801: Add lis3lv02d for Dell XPS 15 7590 (git-fixes). * i2c: i801: Use a different adapter-name for IDF adapters (stable-fixes). * i2c: i801: add helper i801_restore_regs (git-fixes). * i2c: ismt: kill transaction in hardware on timeout (git-fixes). * i2c: ocores: Move system PM hooks to the NOIRQ phase (git-fixes). * i2c: ocores: Remove #ifdef guards for PM related functions (git-fixes). * i2c: omap: switch to NOIRQ_SYSTEM_SLEEP_PM_OPS() and RUNTIME_PM_OPS() (git- fixes). * i2c: omap: wakeup the controller during suspend() callback (git-fixes). * i2c: rcar: properly format a debug output (git-fixes). * i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume (git-fixes). * i2c: stm32f7: perform most of irq job in threaded handler (git-fixes). * i2c: synquacer: Deal with optional PCLK correctly (git-fixes). * i2c: synquacer: Remove a clk reference from struct synquacer_i2c (stable- fixes). * i2c: xiic: Try re-initialization on bus busy timeout (git-fixes). * i2c: xiic: improve error message when transfer fails to start (stable- fixes). * i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition (stable-fixes). * i40e: Fix XDP program unloading while removing the driver (git-fixes). * i40e: Report MFS in decimal base instead of hex (git-fixes). * iavf: Fix TC config comparison with existing adapter TC config (git-fixes). * ice: Fix VSI list rule with ICE_SW_LKUP_LAST type (git-fixes). * ice: Fix checking for unsupported keys on non-tunnel device (git-fixes). * ice: Fix lldp packets dropping after changing the number of channels (git- fixes). * ice: Fix netif_is_ice() in Safe Mode (git-fixes). * ice: Fix package download algorithm (git-fixes). * ice: Fix recipe read procedure (git-fixes). * ice: Fix reset handler (git-fixes). * ice: Flush FDB entries before reset (git-fixes). * ice: Interpret .set_channels() input differently (git-fixes). * ice: Rebuild TC queues on VSI queue reconfiguration (git-fixes). * ice: Reject pin requests with unsupported flags (git-fixes). * ice: add flag to distinguish reset from .ndo_bpf in XDP rings config (git- fixes). * ice: add missing WRITE_ONCE when clearing ice_rx_ring::xdp_prog (git-fixes). * ice: avoid IRQ collision to fix init failure on ACPI S3 resume (git-fixes). * ice: clear port vlan config during reset (git-fixes). * ice: disallow DPLL_PIN_STATE_SELECTABLE for dpll output pins (git-fixes). * ice: do not bring the VSI up, if it was down before the XDP setup (git- fixes). * ice: do not busy wait for Rx queue disable in ice_qp_dis() (git-fixes). * ice: fix 200G PHY types to link speed mapping (git-fixes). * ice: fix 200G link speed message log (git-fixes). * ice: fix ICE_LAST_OFFSET formula (git-fixes). * ice: fix VLAN replay after reset (git-fixes). * ice: fix VSI lists confusion when adding VLANs (git-fixes). * ice: fix accounting for filters shared by multiple VSIs (git-fixes). * ice: fix accounting if a VLAN already exists (git-fixes). * ice: fix iteration of TLVs in Preserved Fields Area (git-fixes). * ice: fix page reuse when PAGE_SIZE is over 8k (git-fixes). * ice: fix reads from NVM Shadow RAM on E830 and E825-C devices (git-fixes). * ice: fix truesize operations for PAGE_SIZE >= 8192 (git-fixes). * ice: implement AQ download pkg retry (git-fixes). * ice: map XDP queues to vectors in ice_vsi_map_rings_to_vectors() (git- fixes). * ice: remove af_xdp_zc_qps bitmap (git-fixes). * ice: replace synchronize_rcu with synchronize_net (git-fixes). * ice: respect netif readiness in AF_XDP ZC related ndo's (git-fixes). * ice: set correct dst VSI in only LAN filters (git-fixes). * ice: tc: allow zero flags in parsing tc flower (git-fixes). * ice: tc: check src_vsi in case of traffic from VF (git-fixes). * ice: use proper macro for testing bit (git-fixes). * idpf: Interpret .set_channels() input differently (git-fixes). * idpf: avoid bloating &idpf_q_vector with big %NR_CPUS (git-fixes). * idpf: do not enable NAPI and interrupts prior to allocating Rx buffers (git- fixes). * idpf: do not skip over ethtool tcp-data-split setting (git-fixes). * idpf: fix UAFs when destroying the queues (git-fixes). * idpf: fix memleak in vport interrupt configuration (git-fixes). * idpf: fix memory leaks and crashes while performing a soft reset (git- fixes). * ieee802154: Fix build error (git-fixes). * igb: Always call igb_xdp_ring_update_tail() under Tx lock (git-fixes). * igb: Fix not clearing TimeSync interrupts for 82580 (git-fixes). * igc: Fix double reset adapter triggered from a single taprio cmd (git- fixes). * igc: Fix packet still tx after gate close by reducing i226 MAC retry buffer (git-fixes). * igc: Fix qbv tx latency by setting gtxoffset (git-fixes). * igc: Fix qbv_config_change_errors logics (git-fixes). * igc: Fix reset adapter logics when tx mode change (git-fixes). * igc: Unlock on error in igc_io_resume() (git-fixes). * iio: accel: bma400: Fix uninitialized variable field_value in tap event handling (git-fixes). * iio: accel: kx022a: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes). * iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() (git- fixes). * iio: adc: ti-ads124s08: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes). * iio: adc: ti-ads8688: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes). * iio: adc: ti-lmp92064: add missing select REGMAP_SPI in Kconfig (git-fixes). * iio: amplifiers: ada4250: add missing select REGMAP_SPI in Kconfig (git- fixes). * iio: dac: ad3552r: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes). * iio: dac: ad5766: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git- fixes). * iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig (git-fixes). * iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig (git-fixes). * iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig (git- fixes). * iio: frequency: adf4377: add missing select REMAP_SPI in Kconfig (git- fixes). * iio: frequency: admv4420: fix missing select REMAP_SPI in Kconfig (git- fixes). * iio: gts-helper: Fix memory leaks for the error path of iio_gts_build_avail_scale_table() (git-fixes). * iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table() (git- fixes). * iio: hid-sensors: Fix an error handling path in _hid_sensor_set_report_latency() (git-fixes). * iio: light: opt3001: add missing full-scale range value (git-fixes). * iio: light: veml6030: fix ALS sensor resolution (git-fixes). * iio: light: veml6030: fix IIO device retrieval from embedded device (git- fixes). * iio: light: veml6030: fix microlux value calculation (git-fixes). * iio: magnetometer: ak8975: Convert enum->pointer for data in the match tables (stable-fixes). * iio: magnetometer: ak8975: Fix 'Unexpected device' error (git-fixes). * iio: magnetometer: ak8975: drop incorrect AK09116 compatible (git-fixes). * iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes). * io_uring/eventfd: move to more idiomatic RCU free usage (git-fixes). * io_uring/io-wq: do not allow pinning outside of cpuset (git-fixes). * io_uring/io-wq: inherit cpuset of cgroup in io worker (git-fixes). * io_uring/net: harden multishot termination case for recv (git-fixes). * io_uring/rw: fix cflags posting for single issue multishot read (git-fixes). * io_uring/rw: treat -EOPNOTSUPP for IOCB_NOWAIT like -EAGAIN (git-fixes). * io_uring/sqpoll: do not allow pinning outside of cpuset (git-fixes). * io_uring/sqpoll: do not put cpumask on stack (git-fixes). * io_uring/sqpoll: retain test for whether the CPU is valid (git-fixes). * io_uring: check for presence of task_work rather than TIF_NOTIFY_SIGNAL (git-fixes). * iommu/amd: Allocate the page table root using GFP_KERNEL (git-fixes). * iommu/amd: Do not set the D bit on AMD v2 table entries (git-fixes). * iommu/amd: Fix typo of , instead of ; (git-fixes). * iommu/vt-d: Always reserve a domain ID for identity setup (git-fixes). * iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices (git- fixes). * iommufd: Check the domain owner of the parent before creating a nesting domain (git-fixes). * iommufd: Protect against overflow of ALIGN() during iova allocation (git- fixes). * jbd2: correctly compare tids with tid_geq function in jbd2_fc_begin_commit (bsc#1231638). * jfs: Fix sanity check in dbMount (git-fixes). * jfs: Fix uaf in dbFreeBits (git-fixes). * jfs: Fix uninit-value access of new_ea in ea_buffer (git-fixes). * jfs: UBSAN: shift-out-of-bounds in dbFindBits (git-fixes). * jfs: check if leafidx greater than num leaves per dmap tree (git-fixes). * jump_label: Fix static_key_slow_dec() yet again (git-fixes). * kABI fix of VM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC) (git-fixes). * kABI: bpf: enum bpf_{type_flag,arg_type} kABI workaround (git-fixes). * kABI: bpf: struct bpf_insn_acces_aux kABI workaround (git-fixes). * kasan: Fix Software Tag-Based KASAN with GCC (git-fixes). * kbuild, bpf: Use test-ge check for v1.25-only pahole (bsc#1230414 bsc#1229450). * kbuild,bpf: Add module-specific pahole flags for distilled base BTF (bsc#1230414 bsc#1229450). * kbuild,bpf: Switch to using --btf_features for pahole v1.26 and later (bsc#1230414 bsc#1229450). * kbuild: avoid too many execution of scripts/pahole-flags.sh (bsc#1230414 bsc#1229450). * kbuild: bpf: Tell pahole to DECL_TAG kfuncs (bsc#1230414 bsc#1229450). * kconfig: qconf: fix buffer overflow in debug links (git-fixes). * keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiry (git-fixes). * keys: Fix overwrite of key expiration on instantiation (git-fixes). * kthread: unpark only parked kthread (git-fixes). * lib/xarray: introduce a new helper xas_get_order (bsc#1231617). * mac80211: MAC80211_MESSAGE_TRACING should depend on TRACING (git-fixes). * macsec: do not increment counters for an unrelated SA (git-fixes). * maple_tree: correct tree corruption on spanning store (git-fixes). * media: i2c: imx335: Enable regulator supplies (stable-fixes). * media: imx335: Fix reset-gpio handling (git-fixes). * media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler warning (git-fixes). * media: videobuf2-core: clear memory related fields in __vb2_plane_dmabuf_put() (stable-fixes). * mei: use kvmalloc for read buffer (git-fixes). * mfd: intel_soc_pmic_chtwc: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes). * minmax: avoid overly complex min()/max() macro arguments in xen (git-fixes). * mlx5: avoid truncating error message (git-fixes). * mlx5: stop warning for 64KB pages (git-fixes). * mm/filemap: optimize filemap folio adding (bsc#1231617). * mm/filemap: return early if failed to allocate memory for split (bsc#1231617). * mm: khugepaged: fix the arguments order in khugepaged_collapse_file trace point (git-fixes). * mm: mmap: no need to call khugepaged_enter_vma() for stack (jsc#PED-10978). * modpost: fix acpi MODULE_DEVICE_TABLE built with mismatched endianness (git- fixes). * modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host (git-fixes). * module: abort module loading when sysfs setup suffer errors (git-fixes). * nbd: fix race between timeout and normal completion (bsc#1230918). * net/mlx5: Add missing masks and QoS bit masks for scheduling elements (git- fixes). * net/mlx5: Added cond_resched() to crdump collection (git-fixes). * net/mlx5: Check capability for fw_reset (git-fixes). * net/mlx5: Check for invalid vector index on EQ creation (git-fixes). * net/mlx5: Explicitly set scheduling element and TSAR type (git-fixes). * net/mlx5: Fix command bitmask initialization (git-fixes). * net/mlx5: Fix error handling in irq_pool_request_irq (git-fixes). * net/mlx5: Lag, do bond only if slaves agree on roce state (git-fixes). * net/mlx5: Lag, do not use the hardcoded value of the first port (git-fixes). * net/mlx5: Stop waiting for PCI if pci channel is offline (git-fixes). * net/mlx5: Unregister notifier on eswitch init failure (git-fixes). * net/mlx5: Update the list of the PCI supported devices (git-fixes). * net/mlx5e: Add a check for the return value from mlx5_port_set_eth_ptys (git-fixes). * net/mlx5e: Add missing link mode to ptys2ext_ethtool_map (git-fixes). * net/mlx5e: Add missing link modes to ptys2ethtool_map (git-fixes). * net/mlx5e: Add mqprio_rl cleanup and free in mlx5e_priv_cleanup() (git- fixes). * net/mlx5e: Correctly report errors for ethtool rx flows (git-fixes). * net/mlx5e: Do not call cleanup on profile rollback failure (git-fixes). * net/mlx5e: Fix IPsec tunnel mode offload feature check (git-fixes). * net/mlx5e: Fix UDP GSO for encapsulated packets (git-fixes). * net/mlx5e: Fix features validation check for tunneled UDP (non-VXLAN) packets (git-fixes). * net/mlx5e: Require mlx5 tc classifier action support for IPsec prio capability (git-fixes). * net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer exhaustion (git-fixes). * net: mana: Implement get_ringparam/set_ringparam for mana (bsc#1229891). * net: mana: Improve mana_set_channels() in low mem conditions (bsc#1230289). * net: phy: Remove LED entry from LEDs list on unregister (git-fixes). * net: phy: bcm84881: Fix some error handling paths (git-fixes). * net: phy: dp83869: fix memory corruption when enabling fiber (git-fixes). * net: qede: sanitize 'rc' in qede_add_tc_flower_fltr() (git-fixes). * net: qede: use return from qede_parse_actions() (git-fixes). * net: qede: use return from qede_parse_flow_attr() for flow_spec (git-fixes). * net: qede: use return from qede_parse_flow_attr() for flower (git-fixes). * net: stmmac: dwmac-tegra: Fix link bring-up sequence (git-fixes) * net: sysfs: Fix /sys/class/net/<iface> path for statistics (git-fixes). * net: test for not too small csum_start in virtio_net_hdr_to_skb() (git- fixes). * net: usb: usbnet: fix name regression (get-fixes). * net: usb: usbnet: fix race in probe failure (git-fixes). * netdevsim: use cond_resched() in nsim_dev_trap_report_work() (git-fixes). * nfs: fix memory leak in error path of nfs4_do_reclaim (git-fixes). * nfsd: call cache_put if xdr_reserve_space returns NULL (git-fixes). * nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net (git-fixes). * nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (git-fixes). * nfsd: fix refcount leak when file is unhashed after being found (git-fixes). * nfsd: map the EBADMSG to nfserr_io to avoid warning (git-fixes). * nfsd: remove unneeded EEXIST error check in nfsd_do_file_acquire (git- fixes). * nfsd: return -EINVAL when namelen is 0 (git-fixes). * nilfs2: fix kernel bug due to missing clearing of buffer delay flag (git- fixes). * nouveau/dmem: Fix privileged error in copy engine channel (git-fixes). * nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error (git- fixes). * nouveau/gsp: Avoid addressing beyond end of rpc->entries (stable-fixes). * ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() (git- fixes). * nvme-multipath: suppress partition scan until the disk is ready (bsc#1228244). * nvme-pci: fix race condition between reset and nvme_dev_disable() (git- fixes). * nvme-pci: qdepth 1 quirk (git-fixes). * nvme-pci: set doorbell config before unquiescing (git-fixes). * nvme: disable CC.CRIME (NVME_CC_CRIME) (jsc#PED-9901). * nvme: null terminate nvme_tls_attrs (git-fixes). * nvme: re-fix error-handling for io_uring nvme-passthrough (git-fixes). * nvmet-auth: assign dh_key to NULL after kfree_sensitive (git-fixes). * ocfs2: fix the la space leak when unmounting an ocfs2 volume (git-fixes). * ocfs2: fix uninit-value in ocfs2_get_block() (git-fixes). * ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (git-fixes). * parport: Proper fix for array out-of-bounds access (git-fixes). * phy: freescale: imx8m-pcie: Do CMN_RST just before PHY PLL lock check (git- fixes). * phy: qcom: qmp-combo: move driver data initialisation earlier (git-fixes). * phy: qcom: qmp-usb: fix NULL-deref on runtime suspend (git-fixes). * phy: tegra: xusb: Add error pointer check in xusb.c (git-fixes). * phy: ti: phy-j721e-wiz: fix usxgmii configuration (git-fixes). * pinctrl: apple: check devm_kasprintf() returned value (git-fixes). * pinctrl: ocelot: fix system hang on level based interrupts (stable-fixes). * platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug (git-fixes). * platform/x86: dell-sysman: add support for alienware products (stable- fixes). * platform/x86: dell-wmi: Ignore suspend notifications (stable-fixes). * platform/x86: lenovo-ymc: Ignore the 0x0 state (stable-fixes). * platform/x86: touchscreen_dmi: add nanote-next quirk (stable-fixes). * power: reset: brcmstb: Do not go into infinite loop if reset fails (stable- fixes). * powercap: intel_rapl: Fix off by one in get_rpi() (git-fixes). * powerpc/64: Convert patch_instruction() to patch_u32() (bsc#1194869). * powerpc/boot: Handle allocation failure in simple_realloc() (bsc#1194869). * powerpc/boot: Only free if realloc() succeeds (bsc#1194869). * powerpc/code-patching: Add generic memory patching (bsc#1194869). * powerpc/code-patching: Perform hwsync in __patch_instruction() in case of failure (bsc#1194869). * powerpc/crypto: do not build aes-gcm-p10 by default (bsc#1230501 ltc#208632). * powerpc/crypto: fix missing skcipher dependency for aes-gcm-p10 (bsc#1230501 ltc#208632). * powerpc/vdso: Fix VDSO data access when running in a non-root time namespace (bsc#1194869). * powerpc/xics: Check return value of kasprintf in icp_native_map_one_cpu (bsc#1194869). * powerpc/xmon: Fix disassembly CPU feature checks (bsc#1065729). * printk: Add notation to console_srcu locking (bsc#1232183). * qed: avoid truncating work queue length (git-fixes). * rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow (bsc#1226631). * rcu: Fix buffer overflow in print_cpu_stall_info() (bsc#1226623). * rpm/check-for-config-changes: add HAVE_RUST and RUSTC_SUPPORTS_ to IGNORED_CONFIGS_RE They depend on SHADOW_CALL_STACK. * rpm/release-projects: Add SLFO projects (bsc#1231293). * rpmsg: glink: Handle rejected intent request better (git-fixes). * runtime constants: add default dummy infrastructure (git-fixes). * runtime constants: add x86 architecture support (git-fixes). * s390/mm: Add cond_resched() to cmm_alloc/free_pages() (bsc#1228747). * s390/pci: Handle PCI error codes other than 0x3a (git-fixes bsc#1232629). * s390/sclp: Deactivate sclp after all its users (git-fixes bsc#1232628). * s390/sclp_vt220: Convert newlines to CRLF instead of LFCR (git-fixes bsc#1232627). * scsi: fnic: Move flush_work initialization out of if block (bsc#1230055). * scsi: lpfc: Add ELS_RSP cmd to the list of WQEs to flush in lpfc_els_flush_cmd() (bsc#1232757). * scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1232757). * scsi: lpfc: Fix kref imbalance on fabric ndlps from dev_loss_tmo handler (bsc#1232757). * scsi: lpfc: Remove trailing space after \n newline (bsc#1232757). * scsi: lpfc: Restrict support for 32 byte CDBs to specific HBAs (bsc#1232757 bsc#1228119). * scsi: lpfc: Revise TRACE_EVENT log flag severities from KERN_ERR to KERN_WARNING (bsc#1232757). * scsi: lpfc: Support loopback tests with VMID enabled (bsc#1232757). * scsi: lpfc: Update lpfc version to 14.4.0.5 (bsc#1232757). * scsi: lpfc: Update phba link state conditional before sending CMF_SYNC_WQE (bsc#1232757). * selftests/bpf: Add a test case to write mtu result into .rodata (git-fixes). * selftests/bpf: Add a test case to write strtol result into .rodata (git- fixes). * selftests/bpf: Add test for sign extension in coerce_subreg_to_size_sx() (git-fixes). * selftests/bpf: Add test for truncation after sign extension in coerce_reg_to_size_sx() (git-fixes). * selftests/bpf: Add tests for ldsx of pkt data/data_end/data_meta accesses (git-fixes). * selftests/bpf: Fix ARG_PTR_TO_LONG {half-,}uninitialized test (git-fixes). * selftests/bpf: Rename ARG_PTR_TO_LONG test description (git-fixes). * selftests/bpf: test for malformed BPF_CORE_TYPE_ID_LOCAL relocation (git- fixes). * serial: imx: Update mctrl old_status on RTSD interrupt (git-fixes). * serial: protect uart_port_dtr_rts() in uart_shutdown() too (stable-fixes). * soundwire: intel_bus_common: enable interrupts before exiting reset (stable- fixes). * spi: atmel-quadspi: Fix wrong register value written to MR (git-fixes). * spi: mtk-snfi: fix kerneldoc for mtk_snand_is_page_ops() (git-fixes). * spi: s3c64xx: fix timeout counters in flush_fifo (git-fixes). * spi: spi-fsl-dspi: Fix crash when not using GPIO chip select (git-fixes). * spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm enabled (git- fixes). * splice: always fsnotify_access(in), fsnotify_modify(out) on success (git- fixes). * splice: fsnotify_access(fd)/fsnotify_modify(fd) in vmsplice (git-fixes). * splice: fsnotify_access(in), fsnotify_modify(out) on success in tee (git- fixes). * srcu: Fix callbacks acceleration mishandling (git-fixes). * staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() (git-fixes). * sumversion: Fix a memory leak in get_src_version() (git-fixes). * supported.conf: mark nhpoly1305 module as supported (bsc#1231035) * supported.conf: mark ultravisor userspace access as supported (bsc#1232090) * task_work: add kerneldoc annotation for 'data' argument (git-fixes). * thunderbolt: Improve DisplayPort tunnel setup process to be more robust (stable-fixes). * tools: hv: rm .*.cmd when make clean (git-fixes). * tracing/hwlat: Fix a race during cpuhp processing (git-fixes). * tracing/osnoise: Fix build when timerlat is not enabled (git-fixes). * tracing/osnoise: Skip running osnoise if all instances are off (git-fixes). * tracing/osnoise: Switch from PF_NO_SETAFFINITY to migrate_disable (git- fixes). * tracing/osnoise: Use a cpumask to know what threads are kthreads (git- fixes). * tracing/timerlat: Add interface_lock around clearing of kthread in stop_kthread() (git-fixes). * tracing/timerlat: Add user-space interface (git-fixes). * tracing/timerlat: Drop interface_lock in stop_kthread() (git-fixes). * tracing/timerlat: Fix a race during cpuhp processing (git-fixes). * tracing/timerlat: Fix duplicated kthread creation due to CPU online/offline (git-fixes). * tracing/timerlat: Move hrtimer_init to timerlat_fd open() (git-fixes). * tracing/timerlat: Only clear timer if a kthread exists (git-fixes). * tracing: Consider the NULL character when validating the event length (git- fixes). * tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (stable-fixes). * ubifs: Fix adding orphan entry twice for the same inode (git-fixes). * ubifs: Fix unattached xattr inode if powercut happens after deleting (git- fixes). * ubifs: add check for crypto_shash_tfm_digest (git-fixes). * ubifs: dbg_orphan_check: Fix missed key type checking (git-fixes). * unicode: Do not special case ignorable code points (stable-fixes). * uprobe: avoid out-of-bounds memory access of fetching args (git-fixes). * uprobes: encapsulate preparation of uprobe args buffer (git-fixes). * uprobes: introduce the global struct vm_special_mapping xol_mapping (bsc#1231114). * uprobes: turn xol_area->pages into xol_area->page (bsc#1231114). * usb: chipidea: udc: enable suspend interrupt after usb reset (stable-fixes). * usb: dwc2: Adjust the timing of USB Driver Interrupt Registration in the Crashkernel Scenario (stable-fixes). * usb: dwc3: Wait for EndXfer completion before restoring GUSB2PHYCFG (git- fixes). * usb: dwc3: core: Stop processing of pending events if controller is halted (git-fixes). * usb: gadget: core: force synchronous registration (git-fixes). * usb: gadget: f_uac2: Replace snprintf() with the safer scnprintf() variant (stable-fixes). * usb: gadget: f_uac2: fix non-newline-terminated function name (stable- fixes). * usb: gadget: f_uac2: fix return value for UAC2_ATTRIBUTE_STRING store (git- fixes). * usb: phy: Fix API devm_usb_put_phy() can not release the phy (git-fixes). * usb: storage: ignore bogus device raised by JieLi BR21 USB sound chip (stable-fixes). * usb: typec: altmode should keep reference to parent (git-fixes). * usb: typec: fix unreleased fwnode_handle in typec_port_register_altmodes() (git-fixes). * usb: xhci: Fix problem with xhci resume from suspend (stable-fixes). * usb: xhci: fix loss of data on Cadence xHC (git-fixes). * usbip: tools: Fix detach_port() invalid port error path (git-fixes). * usbnet: fix cyclical race on disconnect with work queue (git-fixes). * vdpa: Fix an error handling path in eni_vdpa_probe() (git-fixes). * vdpa_sim_blk: Fix the potential leak of mgmt_dev (git-fixes). * vdpa_sim_blk: allocate the buffer zeroed (git-fixes). * vduse: avoid using __GFP_NOFAIL (git-fixes). * vfs: dcache: move hashlen_hash() from callers into d_hash() (git-fixes). * vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (git-fixes). * vhost_vdpa: assign irq bypass producer token correctly (git-fixes). * virtio_console: fix misc probe bugs (git-fixes). * vmalloc: modify the alloc_vmap_area() error message for better diagnostics (jsc#PED-10978). * vmxnet3: Add XDP support (bsc#1226498). * vmxnet3: Fix missing reserved tailroom (bsc#1226498). * vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame (bsc#1226498). * vmxnet3: add command to allow disabling of offloads (bsc#1226498). * vmxnet3: add latency measurement support in vmxnet3 (bsc#1226498). * vmxnet3: prepare for version 9 changes (bsc#1226498). * vmxnet3: update to version 9 (bsc#1226498). * vt: prevent kernel-infoleak in con_font_get() (git-fixes). * wifi: ath10k: Fix memory leak in management tx (git-fixes). * wifi: ath11k: Fix invalid ring usage in full monitor mode (git-fixes). * wifi: ath11k: fix array out-of-bound access in SoC stats (stable-fixes). * wifi: ath12k: fix array out-of-bound access in SoC stats (stable-fixes). * wifi: ath9k: fix possible integer overflow in ath9k_get_et_stats() (stable- fixes). * wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (stable-fixes). * wifi: brcm80211: BRCM_TRACING should depend on TRACING (git-fixes). * wifi: cfg80211: Set correct chandef when starting CAC (stable-fixes). * wifi: cfg80211: clear wdev->cqm_config pointer on free (git-fixes). * wifi: iwlegacy: Fix "field-spanning write" warning in il_enqueue_hcmd() (git-fixes). * wifi: iwlwifi: allow only CN mcc from WRDD (stable-fixes). * wifi: iwlwifi: config: label 'gl' devices as discrete (git-fixes). * wifi: iwlwifi: mvm: Fix a race in scan abort flow (stable-fixes). * wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() (git-fixes). * wifi: iwlwifi: mvm: avoid NULL pointer dereference (stable-fixes). * wifi: iwlwifi: mvm: do not add default link in fw restart flow (git-fixes). * wifi: iwlwifi: mvm: do not leak a link on AP removal (git-fixes). * wifi: iwlwifi: mvm: drop wrong STA selection in TX (stable-fixes). * wifi: iwlwifi: mvm: use correct key iteration (stable-fixes). * wifi: iwlwifi: remove AX101, AX201 and AX203 support from LNL (stable- fixes). * wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower (git-fixes). * wifi: mac80211: fix RCU list iterations (stable-fixes). * wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys (git-fixes). * wifi: mt76: mt7915: add dummy HW offload of IEEE 802.11 fragmentation (stable-fixes). * wifi: mt76: mt7915: disable tx worker during tx BA session enable/disable (stable-fixes). * wifi: mt76: mt7915: hold dev->mt76.mutex while disabling tx worker (stable- fixes). * wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() (stable-fixes). * wifi: rtw88: 8821cu: Remove VID/PID 0bda:c82c (stable-fixes). * wifi: rtw88: Fix USB/SDIO devices not transmitting beacons (git-fixes). * wifi: rtw88: select WANT_DEV_COREDUMP (stable-fixes). * wifi: rtw89: avoid reading out of bounds when loading TX power FW elements (stable-fixes). * wifi: rtw89: avoid to add interface to list twice when SER (stable-fixes). * wifi: rtw89: correct base HT rate mask for firmware (stable-fixes). * x86/CPU/AMD: Only apply Zenbleed fix for Zen2 during late microcode load (git-fixes). * x86/Documentation: Indent 'note::' directive for protocol version number note (git-fixes). * x86/PCI: Check pcie_find_root_port() return for NULL (git-fixes). * x86/amd_nb: Add new PCI IDs for AMD family 1Ah model 60h (git-fixes). * x86/apic: Always explicitly disarm TSC-deadline timer (git-fixes). * x86/apic: Make x2apic_disable() work correctly (git-fixes). * x86/bugs: Do not use UNTRAIN_RET with IBPB on entry (git-fixes). * x86/bugs: Skip RSB fill at VMEXIT (git-fixes). * x86/cpufeatures: Add a IBPB_NO_RET BUG flag (git-fixes). * x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET (git-fixes). * x86/entry: Have entry_ibpb() invalidate return predictions (git-fixes). * x86/entry: Remove unwanted instrumentation in common_interrupt() (git- fixes). * x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency (git-fixes). * x86/mm: Use IPIs to synchronize LAM enablement (git-fixes). * x86/resctrl: Annotate get_mem_config() functions as __init (git-fixes). * x86/resctrl: Avoid overflow in MB settings in bw_validate() (git-fixes). * x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (git- fixes). * x86: do the user address masking outside the user access area (git-fixes). * x86: fix user address masking non-canonical speculation issue (git-fixes). * x86: make the masked_user_access_begin() macro use its argument only once (git-fixes). * x86: support user address masking instead of non-speculative conditional (git-fixes). * xfs: check opcode and iovec count match in xlog_recover_attri_commit_pass2 (git-fixes). * xfs: check shortform attr entry flags specifically (git-fixes). * xfs: convert delayed extents to unwritten when zeroing post eof blocks (git- fixes). * xfs: fix finding a last resort AG in xfs_filestream_pick_ag (git-fixes). * xfs: fix freeing speculative preallocations for preallocated files (git- fixes). * xfs: make sure sb_fdblocks is non-negative (git-fixes). * xfs: make the seq argument to xfs_bmapi_convert_delalloc() optional (git- fixes). * xfs: make xfs_bmapi_convert_delalloc() to allocate the target offset (git- fixes). * xfs: remove a racy if_bytes check in xfs_reflink_end_cow_extent (git-fixes). * xfs: validate recovered name buffers when recovering xattr items (git- fixes). * xhci: Add a quirk for writing ERST in high-low order (git-fixes). * xhci: Fix Link TRB DMA in command ring stopped completion event (git-fixes). * xhci: Fix incorrect stream context type macro (git-fixes). * xhci: Mitigate failed set dequeue pointer commands (git-fixes). * xhci: Use pm_runtime_get to prevent RPM on unsupported systems (git-fixes). * xhci: tegra: fix checked USB2 port number (git-fixes). * zonefs: Improve error handling (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3986=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2024-3986=1 * SUSE Real Time Module 15-SP6 zypper in -t patch SUSE-SLE-Module-RT-15-SP6-2024-3986=1 ## Package List: * openSUSE Leap 15.6 (x86_64) * kernel-rt-devel-debuginfo-6.4.0-150600.10.17.1 * gfs2-kmp-rt-6.4.0-150600.10.17.1 * kernel-rt-vdso-debuginfo-6.4.0-150600.10.17.1 * cluster-md-kmp-rt-6.4.0-150600.10.17.1 * ocfs2-kmp-rt-debuginfo-6.4.0-150600.10.17.1 * cluster-md-kmp-rt-debuginfo-6.4.0-150600.10.17.1 * reiserfs-kmp-rt-debuginfo-6.4.0-150600.10.17.1 * kernel-rt-optional-6.4.0-150600.10.17.1 * kernel-rt_debug-devel-debuginfo-6.4.0-150600.10.17.1 * kernel-rt-debugsource-6.4.0-150600.10.17.1 * dlm-kmp-rt-debuginfo-6.4.0-150600.10.17.1 * kernel-rt_debug-livepatch-devel-6.4.0-150600.10.17.1 * kernel-rt-extra-debuginfo-6.4.0-150600.10.17.1 * kernel-rt-extra-6.4.0-150600.10.17.1 * kernel-rt-optional-debuginfo-6.4.0-150600.10.17.1 * gfs2-kmp-rt-debuginfo-6.4.0-150600.10.17.1 * kernel-rt_debug-vdso-debuginfo-6.4.0-150600.10.17.1 * kselftests-kmp-rt-debuginfo-6.4.0-150600.10.17.1 * kernel-rt_debug-debugsource-6.4.0-150600.10.17.1 * kernel-rt_debug-debuginfo-6.4.0-150600.10.17.1 * kernel-rt-debuginfo-6.4.0-150600.10.17.1 * kernel-rt_debug-vdso-6.4.0-150600.10.17.1 * dlm-kmp-rt-6.4.0-150600.10.17.1 * kselftests-kmp-rt-6.4.0-150600.10.17.1 * kernel-rt_debug-devel-6.4.0-150600.10.17.1 * kernel-rt-vdso-6.4.0-150600.10.17.1 * ocfs2-kmp-rt-6.4.0-150600.10.17.1 * reiserfs-kmp-rt-6.4.0-150600.10.17.1 * kernel-rt-devel-6.4.0-150600.10.17.1 * kernel-syms-rt-6.4.0-150600.10.17.1 * kernel-rt-livepatch-devel-6.4.0-150600.10.17.1 * openSUSE Leap 15.6 (noarch) * kernel-source-rt-6.4.0-150600.10.17.1 * kernel-devel-rt-6.4.0-150600.10.17.1 * openSUSE Leap 15.6 (nosrc x86_64) * kernel-rt-6.4.0-150600.10.17.1 * kernel-rt_debug-6.4.0-150600.10.17.1 * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-SLE15-SP6-RT_Update_5-debugsource-1-150600.1.3.1 * kernel-livepatch-6_4_0-150600_10_17-rt-1-150600.1.3.1 * kernel-livepatch-6_4_0-150600_10_17-rt-debuginfo-1-150600.1.3.1 * SUSE Real Time Module 15-SP6 (x86_64) * kernel-rt-devel-debuginfo-6.4.0-150600.10.17.1 * kernel-rt_debug-devel-6.4.0-150600.10.17.1 * gfs2-kmp-rt-6.4.0-150600.10.17.1 * gfs2-kmp-rt-debuginfo-6.4.0-150600.10.17.1 * kernel-rt-debuginfo-6.4.0-150600.10.17.1 * cluster-md-kmp-rt-6.4.0-150600.10.17.1 * kernel-rt-debugsource-6.4.0-150600.10.17.1 * cluster-md-kmp-rt-debuginfo-6.4.0-150600.10.17.1 * kernel-syms-rt-6.4.0-150600.10.17.1 * ocfs2-kmp-rt-6.4.0-150600.10.17.1 * ocfs2-kmp-rt-debuginfo-6.4.0-150600.10.17.1 * kernel-rt_debug-debugsource-6.4.0-150600.10.17.1 * dlm-kmp-rt-6.4.0-150600.10.17.1 * kernel-rt-devel-6.4.0-150600.10.17.1 * kernel-rt_debug-devel-debuginfo-6.4.0-150600.10.17.1 * dlm-kmp-rt-debuginfo-6.4.0-150600.10.17.1 * kernel-rt_debug-debuginfo-6.4.0-150600.10.17.1 * SUSE Real Time Module 15-SP6 (noarch) * kernel-source-rt-6.4.0-150600.10.17.1 * kernel-devel-rt-6.4.0-150600.10.17.1 * SUSE Real Time Module 15-SP6 (nosrc x86_64) * kernel-rt-6.4.0-150600.10.17.1 * kernel-rt_debug-6.4.0-150600.10.17.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52766.html * https://www.suse.com/security/cve/CVE-2023-52800.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2023-52917.html * https://www.suse.com/security/cve/CVE-2023-52918.html * https://www.suse.com/security/cve/CVE-2023-52919.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2024-26758.html * https://www.suse.com/security/cve/CVE-2024-26761.html * https://www.suse.com/security/cve/CVE-2024-26767.html * https://www.suse.com/security/cve/CVE-2024-26943.html * https://www.suse.com/security/cve/CVE-2024-27026.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-35980.html * https://www.suse.com/security/cve/CVE-2024-36244.html * https://www.suse.com/security/cve/CVE-2024-38576.html * https://www.suse.com/security/cve/CVE-2024-38577.html * https://www.suse.com/security/cve/CVE-2024-38599.html * https://www.suse.com/security/cve/CVE-2024-41016.html * https://www.suse.com/security/cve/CVE-2024-41031.html * https://www.suse.com/security/cve/CVE-2024-41047.html * https://www.suse.com/security/cve/CVE-2024-41082.html * https://www.suse.com/security/cve/CVE-2024-42145.html * https://www.suse.com/security/cve/CVE-2024-44932.html * https://www.suse.com/security/cve/CVE-2024-44958.html * https://www.suse.com/security/cve/CVE-2024-44964.html * https://www.suse.com/security/cve/CVE-2024-45016.html * https://www.suse.com/security/cve/CVE-2024-45025.html * https://www.suse.com/security/cve/CVE-2024-46678.html * https://www.suse.com/security/cve/CVE-2024-46721.html * https://www.suse.com/security/cve/CVE-2024-46754.html * https://www.suse.com/security/cve/CVE-2024-46766.html * https://www.suse.com/security/cve/CVE-2024-46770.html * https://www.suse.com/security/cve/CVE-2024-46775.html * https://www.suse.com/security/cve/CVE-2024-46777.html * https://www.suse.com/security/cve/CVE-2024-46797.html * https://www.suse.com/security/cve/CVE-2024-46802.html * https://www.suse.com/security/cve/CVE-2024-46803.html * https://www.suse.com/security/cve/CVE-2024-46804.html * https://www.suse.com/security/cve/CVE-2024-46805.html * https://www.suse.com/security/cve/CVE-2024-46806.html * https://www.suse.com/security/cve/CVE-2024-46807.html * https://www.suse.com/security/cve/CVE-2024-46809.html * https://www.suse.com/security/cve/CVE-2024-46810.html * https://www.suse.com/security/cve/CVE-2024-46811.html * https://www.suse.com/security/cve/CVE-2024-46812.html * https://www.suse.com/security/cve/CVE-2024-46813.html * https://www.suse.com/security/cve/CVE-2024-46814.html * https://www.suse.com/security/cve/CVE-2024-46815.html * https://www.suse.com/security/cve/CVE-2024-46816.html * https://www.suse.com/security/cve/CVE-2024-46817.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-46819.html * https://www.suse.com/security/cve/CVE-2024-46821.html * https://www.suse.com/security/cve/CVE-2024-46825.html * https://www.suse.com/security/cve/CVE-2024-46826.html * https://www.suse.com/security/cve/CVE-2024-46827.html * https://www.suse.com/security/cve/CVE-2024-46828.html * https://www.suse.com/security/cve/CVE-2024-46830.html * https://www.suse.com/security/cve/CVE-2024-46831.html * https://www.suse.com/security/cve/CVE-2024-46834.html * https://www.suse.com/security/cve/CVE-2024-46835.html * https://www.suse.com/security/cve/CVE-2024-46836.html * https://www.suse.com/security/cve/CVE-2024-46840.html * https://www.suse.com/security/cve/CVE-2024-46841.html * https://www.suse.com/security/cve/CVE-2024-46842.html * https://www.suse.com/security/cve/CVE-2024-46843.html * https://www.suse.com/security/cve/CVE-2024-46846.html * https://www.suse.com/security/cve/CVE-2024-46848.html * https://www.suse.com/security/cve/CVE-2024-46849.html * https://www.suse.com/security/cve/CVE-2024-46851.html * https://www.suse.com/security/cve/CVE-2024-46852.html * https://www.suse.com/security/cve/CVE-2024-46853.html * https://www.suse.com/security/cve/CVE-2024-46854.html * https://www.suse.com/security/cve/CVE-2024-46855.html * https://www.suse.com/security/cve/CVE-2024-46857.html * https://www.suse.com/security/cve/CVE-2024-46859.html * https://www.suse.com/security/cve/CVE-2024-46860.html * https://www.suse.com/security/cve/CVE-2024-46861.html * https://www.suse.com/security/cve/CVE-2024-46864.html * https://www.suse.com/security/cve/CVE-2024-46870.html * https://www.suse.com/security/cve/CVE-2024-46871.html * https://www.suse.com/security/cve/CVE-2024-47658.html * https://www.suse.com/security/cve/CVE-2024-47660.html * https://www.suse.com/security/cve/CVE-2024-47661.html * https://www.suse.com/security/cve/CVE-2024-47662.html * https://www.suse.com/security/cve/CVE-2024-47663.html * https://www.suse.com/security/cve/CVE-2024-47664.html * https://www.suse.com/security/cve/CVE-2024-47665.html * https://www.suse.com/security/cve/CVE-2024-47667.html * https://www.suse.com/security/cve/CVE-2024-47668.html * https://www.suse.com/security/cve/CVE-2024-47669.html * https://www.suse.com/security/cve/CVE-2024-47670.html * https://www.suse.com/security/cve/CVE-2024-47671.html * https://www.suse.com/security/cve/CVE-2024-47672.html * https://www.suse.com/security/cve/CVE-2024-47673.html * https://www.suse.com/security/cve/CVE-2024-47674.html * https://www.suse.com/security/cve/CVE-2024-47675.html * https://www.suse.com/security/cve/CVE-2024-47681.html * https://www.suse.com/security/cve/CVE-2024-47682.html * https://www.suse.com/security/cve/CVE-2024-47684.html * https://www.suse.com/security/cve/CVE-2024-47685.html * https://www.suse.com/security/cve/CVE-2024-47686.html * https://www.suse.com/security/cve/CVE-2024-47687.html * https://www.suse.com/security/cve/CVE-2024-47688.html * https://www.suse.com/security/cve/CVE-2024-47692.html * https://www.suse.com/security/cve/CVE-2024-47693.html * https://www.suse.com/security/cve/CVE-2024-47695.html * https://www.suse.com/security/cve/CVE-2024-47696.html * https://www.suse.com/security/cve/CVE-2024-47697.html * https://www.suse.com/security/cve/CVE-2024-47698.html * https://www.suse.com/security/cve/CVE-2024-47699.html * https://www.suse.com/security/cve/CVE-2024-47702.html * https://www.suse.com/security/cve/CVE-2024-47704.html * https://www.suse.com/security/cve/CVE-2024-47705.html * https://www.suse.com/security/cve/CVE-2024-47706.html * https://www.suse.com/security/cve/CVE-2024-47707.html * https://www.suse.com/security/cve/CVE-2024-47709.html * https://www.suse.com/security/cve/CVE-2024-47710.html * https://www.suse.com/security/cve/CVE-2024-47712.html * https://www.suse.com/security/cve/CVE-2024-47713.html * https://www.suse.com/security/cve/CVE-2024-47714.html * https://www.suse.com/security/cve/CVE-2024-47715.html * https://www.suse.com/security/cve/CVE-2024-47718.html * https://www.suse.com/security/cve/CVE-2024-47719.html * https://www.suse.com/security/cve/CVE-2024-47720.html * https://www.suse.com/security/cve/CVE-2024-47723.html * https://www.suse.com/security/cve/CVE-2024-47727.html * https://www.suse.com/security/cve/CVE-2024-47728.html * https://www.suse.com/security/cve/CVE-2024-47730.html * https://www.suse.com/security/cve/CVE-2024-47731.html * https://www.suse.com/security/cve/CVE-2024-47732.html * https://www.suse.com/security/cve/CVE-2024-47735.html * https://www.suse.com/security/cve/CVE-2024-47737.html * https://www.suse.com/security/cve/CVE-2024-47738.html * https://www.suse.com/security/cve/CVE-2024-47739.html * https://www.suse.com/security/cve/CVE-2024-47741.html * https://www.suse.com/security/cve/CVE-2024-47742.html * https://www.suse.com/security/cve/CVE-2024-47743.html * https://www.suse.com/security/cve/CVE-2024-47744.html * https://www.suse.com/security/cve/CVE-2024-47745.html * https://www.suse.com/security/cve/CVE-2024-47747.html * https://www.suse.com/security/cve/CVE-2024-47748.html * https://www.suse.com/security/cve/CVE-2024-47749.html * https://www.suse.com/security/cve/CVE-2024-47750.html * https://www.suse.com/security/cve/CVE-2024-47751.html * https://www.suse.com/security/cve/CVE-2024-47752.html * https://www.suse.com/security/cve/CVE-2024-47753.html * https://www.suse.com/security/cve/CVE-2024-47754.html * https://www.suse.com/security/cve/CVE-2024-47756.html * https://www.suse.com/security/cve/CVE-2024-47757.html * https://www.suse.com/security/cve/CVE-2024-49850.html * https://www.suse.com/security/cve/CVE-2024-49851.html * https://www.suse.com/security/cve/CVE-2024-49853.html * https://www.suse.com/security/cve/CVE-2024-49855.html * https://www.suse.com/security/cve/CVE-2024-49858.html * https://www.suse.com/security/cve/CVE-2024-49860.html * https://www.suse.com/security/cve/CVE-2024-49861.html * https://www.suse.com/security/cve/CVE-2024-49862.html * https://www.suse.com/security/cve/CVE-2024-49863.html * https://www.suse.com/security/cve/CVE-2024-49864.html * https://www.suse.com/security/cve/CVE-2024-49867.html * https://www.suse.com/security/cve/CVE-2024-49870.html * https://www.suse.com/security/cve/CVE-2024-49871.html * https://www.suse.com/security/cve/CVE-2024-49874.html * https://www.suse.com/security/cve/CVE-2024-49875.html * https://www.suse.com/security/cve/CVE-2024-49877.html * https://www.suse.com/security/cve/CVE-2024-49878.html * https://www.suse.com/security/cve/CVE-2024-49879.html * https://www.suse.com/security/cve/CVE-2024-49882.html * https://www.suse.com/security/cve/CVE-2024-49886.html * https://www.suse.com/security/cve/CVE-2024-49888.html * https://www.suse.com/security/cve/CVE-2024-49890.html * https://www.suse.com/security/cve/CVE-2024-49891.html * https://www.suse.com/security/cve/CVE-2024-49892.html * https://www.suse.com/security/cve/CVE-2024-49896.html * https://www.suse.com/security/cve/CVE-2024-49898.html * https://www.suse.com/security/cve/CVE-2024-49900.html * https://www.suse.com/security/cve/CVE-2024-49902.html * https://www.suse.com/security/cve/CVE-2024-49903.html * https://www.suse.com/security/cve/CVE-2024-49906.html * https://www.suse.com/security/cve/CVE-2024-49907.html * https://www.suse.com/security/cve/CVE-2024-49908.html * https://www.suse.com/security/cve/CVE-2024-49914.html * https://www.suse.com/security/cve/CVE-2024-49917.html * https://www.suse.com/security/cve/CVE-2024-49918.html * https://www.suse.com/security/cve/CVE-2024-49919.html * https://www.suse.com/security/cve/CVE-2024-49920.html * https://www.suse.com/security/cve/CVE-2024-49928.html * https://www.suse.com/security/cve/CVE-2024-49929.html * https://www.suse.com/security/cve/CVE-2024-49930.html * https://www.suse.com/security/cve/CVE-2024-49931.html * https://www.suse.com/security/cve/CVE-2024-49935.html * https://www.suse.com/security/cve/CVE-2024-49936.html * https://www.suse.com/security/cve/CVE-2024-49937.html * https://www.suse.com/security/cve/CVE-2024-49938.html * https://www.suse.com/security/cve/CVE-2024-49939.html * https://www.suse.com/security/cve/CVE-2024-49946.html * https://www.suse.com/security/cve/CVE-2024-49947.html * https://www.suse.com/security/cve/CVE-2024-49949.html * https://www.suse.com/security/cve/CVE-2024-49950.html * https://www.suse.com/security/cve/CVE-2024-49953.html * https://www.suse.com/security/cve/CVE-2024-49954.html * https://www.suse.com/security/cve/CVE-2024-49955.html * https://www.suse.com/security/cve/CVE-2024-49957.html * https://www.suse.com/security/cve/CVE-2024-49958.html * https://www.suse.com/security/cve/CVE-2024-49960.html * https://www.suse.com/security/cve/CVE-2024-49961.html * https://www.suse.com/security/cve/CVE-2024-49962.html * https://www.suse.com/security/cve/CVE-2024-49963.html * https://www.suse.com/security/cve/CVE-2024-49965.html * https://www.suse.com/security/cve/CVE-2024-49966.html * https://www.suse.com/security/cve/CVE-2024-49967.html * https://www.suse.com/security/cve/CVE-2024-49969.html * https://www.suse.com/security/cve/CVE-2024-49972.html * https://www.suse.com/security/cve/CVE-2024-49973.html * https://www.suse.com/security/cve/CVE-2024-49974.html * https://www.suse.com/security/cve/CVE-2024-49981.html * https://www.suse.com/security/cve/CVE-2024-49982.html * https://www.suse.com/security/cve/CVE-2024-49985.html * https://www.suse.com/security/cve/CVE-2024-49986.html * https://www.suse.com/security/cve/CVE-2024-49991.html * https://www.suse.com/security/cve/CVE-2024-49993.html * https://www.suse.com/security/cve/CVE-2024-49995.html * https://www.suse.com/security/cve/CVE-2024-49996.html * https://www.suse.com/security/cve/CVE-2024-50000.html * https://www.suse.com/security/cve/CVE-2024-50001.html * https://www.suse.com/security/cve/CVE-2024-50002.html * https://www.suse.com/security/cve/CVE-2024-50007.html * https://www.suse.com/security/cve/CVE-2024-50008.html * https://www.suse.com/security/cve/CVE-2024-50013.html * https://www.suse.com/security/cve/CVE-2024-50017.html * https://www.suse.com/security/cve/CVE-2024-50019.html * https://www.suse.com/security/cve/CVE-2024-50020.html * https://www.suse.com/security/cve/CVE-2024-50021.html * https://www.suse.com/security/cve/CVE-2024-50022.html * https://www.suse.com/security/cve/CVE-2024-50023.html * https://www.suse.com/security/cve/CVE-2024-50024.html * https://www.suse.com/security/cve/CVE-2024-50025.html * https://www.suse.com/security/cve/CVE-2024-50027.html * https://www.suse.com/security/cve/CVE-2024-50028.html * https://www.suse.com/security/cve/CVE-2024-50031.html * https://www.suse.com/security/cve/CVE-2024-50033.html * https://www.suse.com/security/cve/CVE-2024-50035.html * https://www.suse.com/security/cve/CVE-2024-50040.html * https://www.suse.com/security/cve/CVE-2024-50041.html * https://www.suse.com/security/cve/CVE-2024-50042.html * https://www.suse.com/security/cve/CVE-2024-50044.html * https://www.suse.com/security/cve/CVE-2024-50045.html * https://www.suse.com/security/cve/CVE-2024-50046.html * https://www.suse.com/security/cve/CVE-2024-50047.html * https://www.suse.com/security/cve/CVE-2024-50048.html * https://www.suse.com/security/cve/CVE-2024-50049.html * https://www.suse.com/security/cve/CVE-2024-50055.html * https://www.suse.com/security/cve/CVE-2024-50058.html * https://www.suse.com/security/cve/CVE-2024-50059.html * https://www.suse.com/security/cve/CVE-2024-50060.html * https://www.suse.com/security/cve/CVE-2024-50061.html * https://www.suse.com/security/cve/CVE-2024-50062.html * https://www.suse.com/security/cve/CVE-2024-50063.html * https://www.suse.com/security/cve/CVE-2024-50064.html * https://www.suse.com/security/cve/CVE-2024-50069.html * https://www.suse.com/security/cve/CVE-2024-50073.html * https://www.suse.com/security/cve/CVE-2024-50074.html * https://www.suse.com/security/cve/CVE-2024-50075.html * https://www.suse.com/security/cve/CVE-2024-50076.html * https://www.suse.com/security/cve/CVE-2024-50077.html * https://www.suse.com/security/cve/CVE-2024-50078.html * https://bugzilla.suse.com/show_bug.cgi?id=1065729 * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1217845 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1219596 * https://bugzilla.suse.com/show_bug.cgi?id=1219803 * https://bugzilla.suse.com/show_bug.cgi?id=1220382 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1223700 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1223848 * https://bugzilla.suse.com/show_bug.cgi?id=1224088 * https://bugzilla.suse.com/show_bug.cgi?id=1224574 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1226003 * https://bugzilla.suse.com/show_bug.cgi?id=1226498 * https://bugzilla.suse.com/show_bug.cgi?id=1226623 * https://bugzilla.suse.com/show_bug.cgi?id=1226631 * https://bugzilla.suse.com/show_bug.cgi?id=1226797 * https://bugzilla.suse.com/show_bug.cgi?id=1226848 * https://bugzilla.suse.com/show_bug.cgi?id=1228119 * https://bugzilla.suse.com/show_bug.cgi?id=1228244 * https://bugzilla.suse.com/show_bug.cgi?id=1228269 * https://bugzilla.suse.com/show_bug.cgi?id=1228410 * https://bugzilla.suse.com/show_bug.cgi?id=1228454 * https://bugzilla.suse.com/show_bug.cgi?id=1228537 * https://bugzilla.suse.com/show_bug.cgi?id=1228620 * https://bugzilla.suse.com/show_bug.cgi?id=1228743 * https://bugzilla.suse.com/show_bug.cgi?id=1228747 * https://bugzilla.suse.com/show_bug.cgi?id=1228857 * https://bugzilla.suse.com/show_bug.cgi?id=1229019 * https://bugzilla.suse.com/show_bug.cgi?id=1229429 * https://bugzilla.suse.com/show_bug.cgi?id=1229450 * https://bugzilla.suse.com/show_bug.cgi?id=1229585 * https://bugzilla.suse.com/show_bug.cgi?id=1229677 * https://bugzilla.suse.com/show_bug.cgi?id=1229769 * https://bugzilla.suse.com/show_bug.cgi?id=1229808 * https://bugzilla.suse.com/show_bug.cgi?id=1229891 * https://bugzilla.suse.com/show_bug.cgi?id=1230055 * https://bugzilla.suse.com/show_bug.cgi?id=1230132 * https://bugzilla.suse.com/show_bug.cgi?id=1230179 * https://bugzilla.suse.com/show_bug.cgi?id=1230220 * https://bugzilla.suse.com/show_bug.cgi?id=1230289 * https://bugzilla.suse.com/show_bug.cgi?id=1230295 * https://bugzilla.suse.com/show_bug.cgi?id=1230339 * https://bugzilla.suse.com/show_bug.cgi?id=1230341 * https://bugzilla.suse.com/show_bug.cgi?id=1230375 * https://bugzilla.suse.com/show_bug.cgi?id=1230414 * https://bugzilla.suse.com/show_bug.cgi?id=1230429 * https://bugzilla.suse.com/show_bug.cgi?id=1230456 * https://bugzilla.suse.com/show_bug.cgi?id=1230501 * https://bugzilla.suse.com/show_bug.cgi?id=1230527 * https://bugzilla.suse.com/show_bug.cgi?id=1230550 * https://bugzilla.suse.com/show_bug.cgi?id=1230600 * https://bugzilla.suse.com/show_bug.cgi?id=1230620 * https://bugzilla.suse.com/show_bug.cgi?id=1230710 * https://bugzilla.suse.com/show_bug.cgi?id=1230762 * https://bugzilla.suse.com/show_bug.cgi?id=1230763 * https://bugzilla.suse.com/show_bug.cgi?id=1230773 * https://bugzilla.suse.com/show_bug.cgi?id=1230774 * https://bugzilla.suse.com/show_bug.cgi?id=1230801 * https://bugzilla.suse.com/show_bug.cgi?id=1230831 * https://bugzilla.suse.com/show_bug.cgi?id=1230914 * https://bugzilla.suse.com/show_bug.cgi?id=1230918 * https://bugzilla.suse.com/show_bug.cgi?id=1231016 * https://bugzilla.suse.com/show_bug.cgi?id=1231035 * https://bugzilla.suse.com/show_bug.cgi?id=1231072 * https://bugzilla.suse.com/show_bug.cgi?id=1231073 * https://bugzilla.suse.com/show_bug.cgi?id=1231075 * https://bugzilla.suse.com/show_bug.cgi?id=1231081 * https://bugzilla.suse.com/show_bug.cgi?id=1231082 * https://bugzilla.suse.com/show_bug.cgi?id=1231083 * https://bugzilla.suse.com/show_bug.cgi?id=1231084 * https://bugzilla.suse.com/show_bug.cgi?id=1231085 * https://bugzilla.suse.com/show_bug.cgi?id=1231087 * https://bugzilla.suse.com/show_bug.cgi?id=1231089 * https://bugzilla.suse.com/show_bug.cgi?id=1231092 * https://bugzilla.suse.com/show_bug.cgi?id=1231093 * https://bugzilla.suse.com/show_bug.cgi?id=1231094 * https://bugzilla.suse.com/show_bug.cgi?id=1231096 * https://bugzilla.suse.com/show_bug.cgi?id=1231098 * https://bugzilla.suse.com/show_bug.cgi?id=1231100 * https://bugzilla.suse.com/show_bug.cgi?id=1231101 * https://bugzilla.suse.com/show_bug.cgi?id=1231102 * https://bugzilla.suse.com/show_bug.cgi?id=1231105 * https://bugzilla.suse.com/show_bug.cgi?id=1231108 * https://bugzilla.suse.com/show_bug.cgi?id=1231111 * https://bugzilla.suse.com/show_bug.cgi?id=1231114 * https://bugzilla.suse.com/show_bug.cgi?id=1231115 * https://bugzilla.suse.com/show_bug.cgi?id=1231116 * https://bugzilla.suse.com/show_bug.cgi?id=1231117 * https://bugzilla.suse.com/show_bug.cgi?id=1231131 * https://bugzilla.suse.com/show_bug.cgi?id=1231132 * https://bugzilla.suse.com/show_bug.cgi?id=1231135 * https://bugzilla.suse.com/show_bug.cgi?id=1231136 * https://bugzilla.suse.com/show_bug.cgi?id=1231138 * https://bugzilla.suse.com/show_bug.cgi?id=1231148 * https://bugzilla.suse.com/show_bug.cgi?id=1231169 * https://bugzilla.suse.com/show_bug.cgi?id=1231170 * https://bugzilla.suse.com/show_bug.cgi?id=1231171 * https://bugzilla.suse.com/show_bug.cgi?id=1231178 * https://bugzilla.suse.com/show_bug.cgi?id=1231179 * https://bugzilla.suse.com/show_bug.cgi?id=1231183 * https://bugzilla.suse.com/show_bug.cgi?id=1231187 * https://bugzilla.suse.com/show_bug.cgi?id=1231191 * https://bugzilla.suse.com/show_bug.cgi?id=1231193 * https://bugzilla.suse.com/show_bug.cgi?id=1231195 * https://bugzilla.suse.com/show_bug.cgi?id=1231197 * https://bugzilla.suse.com/show_bug.cgi?id=1231200 * https://bugzilla.suse.com/show_bug.cgi?id=1231202 * https://bugzilla.suse.com/show_bug.cgi?id=1231203 * https://bugzilla.suse.com/show_bug.cgi?id=1231276 * https://bugzilla.suse.com/show_bug.cgi?id=1231293 * https://bugzilla.suse.com/show_bug.cgi?id=1231384 * https://bugzilla.suse.com/show_bug.cgi?id=1231434 * https://bugzilla.suse.com/show_bug.cgi?id=1231435 * https://bugzilla.suse.com/show_bug.cgi?id=1231436 * https://bugzilla.suse.com/show_bug.cgi?id=1231439 * https://bugzilla.suse.com/show_bug.cgi?id=1231440 * https://bugzilla.suse.com/show_bug.cgi?id=1231441 * https://bugzilla.suse.com/show_bug.cgi?id=1231442 * https://bugzilla.suse.com/show_bug.cgi?id=1231452 * https://bugzilla.suse.com/show_bug.cgi?id=1231474 * https://bugzilla.suse.com/show_bug.cgi?id=1231481 * https://bugzilla.suse.com/show_bug.cgi?id=1231496 * https://bugzilla.suse.com/show_bug.cgi?id=1231502 * https://bugzilla.suse.com/show_bug.cgi?id=1231537 * https://bugzilla.suse.com/show_bug.cgi?id=1231539 * https://bugzilla.suse.com/show_bug.cgi?id=1231540 * https://bugzilla.suse.com/show_bug.cgi?id=1231541 * https://bugzilla.suse.com/show_bug.cgi?id=1231617 * https://bugzilla.suse.com/show_bug.cgi?id=1231634 * https://bugzilla.suse.com/show_bug.cgi?id=1231635 * https://bugzilla.suse.com/show_bug.cgi?id=1231636 * https://bugzilla.suse.com/show_bug.cgi?id=1231637 * https://bugzilla.suse.com/show_bug.cgi?id=1231638 * https://bugzilla.suse.com/show_bug.cgi?id=1231639 * https://bugzilla.suse.com/show_bug.cgi?id=1231640 * https://bugzilla.suse.com/show_bug.cgi?id=1231673 * https://bugzilla.suse.com/show_bug.cgi?id=1231828 * https://bugzilla.suse.com/show_bug.cgi?id=1231849 * https://bugzilla.suse.com/show_bug.cgi?id=1231855 * https://bugzilla.suse.com/show_bug.cgi?id=1231856 * https://bugzilla.suse.com/show_bug.cgi?id=1231857 * https://bugzilla.suse.com/show_bug.cgi?id=1231858 * https://bugzilla.suse.com/show_bug.cgi?id=1231859 * https://bugzilla.suse.com/show_bug.cgi?id=1231860 * https://bugzilla.suse.com/show_bug.cgi?id=1231861 * https://bugzilla.suse.com/show_bug.cgi?id=1231864 * https://bugzilla.suse.com/show_bug.cgi?id=1231865 * https://bugzilla.suse.com/show_bug.cgi?id=1231868 * https://bugzilla.suse.com/show_bug.cgi?id=1231869 * https://bugzilla.suse.com/show_bug.cgi?id=1231871 * https://bugzilla.suse.com/show_bug.cgi?id=1231872 * https://bugzilla.suse.com/show_bug.cgi?id=1231901 * https://bugzilla.suse.com/show_bug.cgi?id=1231902 * https://bugzilla.suse.com/show_bug.cgi?id=1231903 * https://bugzilla.suse.com/show_bug.cgi?id=1231904 * https://bugzilla.suse.com/show_bug.cgi?id=1231906 * https://bugzilla.suse.com/show_bug.cgi?id=1231907 * https://bugzilla.suse.com/show_bug.cgi?id=1231908 * https://bugzilla.suse.com/show_bug.cgi?id=1231914 * https://bugzilla.suse.com/show_bug.cgi?id=1231916 * https://bugzilla.suse.com/show_bug.cgi?id=1231924 * https://bugzilla.suse.com/show_bug.cgi?id=1231926 * https://bugzilla.suse.com/show_bug.cgi?id=1231931 * https://bugzilla.suse.com/show_bug.cgi?id=1231935 * https://bugzilla.suse.com/show_bug.cgi?id=1231942 * https://bugzilla.suse.com/show_bug.cgi?id=1231944 * https://bugzilla.suse.com/show_bug.cgi?id=1231947 * https://bugzilla.suse.com/show_bug.cgi?id=1231950 * https://bugzilla.suse.com/show_bug.cgi?id=1231951 * https://bugzilla.suse.com/show_bug.cgi?id=1231953 * https://bugzilla.suse.com/show_bug.cgi?id=1231954 * https://bugzilla.suse.com/show_bug.cgi?id=1231955 * https://bugzilla.suse.com/show_bug.cgi?id=1231956 * https://bugzilla.suse.com/show_bug.cgi?id=1231957 * https://bugzilla.suse.com/show_bug.cgi?id=1231965 * https://bugzilla.suse.com/show_bug.cgi?id=1231967 * https://bugzilla.suse.com/show_bug.cgi?id=1231968 * https://bugzilla.suse.com/show_bug.cgi?id=1231987 * https://bugzilla.suse.com/show_bug.cgi?id=1231988 * https://bugzilla.suse.com/show_bug.cgi?id=1231989 * https://bugzilla.suse.com/show_bug.cgi?id=1231990 * https://bugzilla.suse.com/show_bug.cgi?id=1231998 * https://bugzilla.suse.com/show_bug.cgi?id=1232000 * https://bugzilla.suse.com/show_bug.cgi?id=1232003 * https://bugzilla.suse.com/show_bug.cgi?id=1232009 * https://bugzilla.suse.com/show_bug.cgi?id=1232013 * https://bugzilla.suse.com/show_bug.cgi?id=1232015 * https://bugzilla.suse.com/show_bug.cgi?id=1232016 * https://bugzilla.suse.com/show_bug.cgi?id=1232017 * https://bugzilla.suse.com/show_bug.cgi?id=1232018 * https://bugzilla.suse.com/show_bug.cgi?id=1232033 * https://bugzilla.suse.com/show_bug.cgi?id=1232034 * https://bugzilla.suse.com/show_bug.cgi?id=1232036 * https://bugzilla.suse.com/show_bug.cgi?id=1232043 * https://bugzilla.suse.com/show_bug.cgi?id=1232047 * https://bugzilla.suse.com/show_bug.cgi?id=1232048 * https://bugzilla.suse.com/show_bug.cgi?id=1232049 * https://bugzilla.suse.com/show_bug.cgi?id=1232050 * https://bugzilla.suse.com/show_bug.cgi?id=1232056 * https://bugzilla.suse.com/show_bug.cgi?id=1232075 * https://bugzilla.suse.com/show_bug.cgi?id=1232076 * https://bugzilla.suse.com/show_bug.cgi?id=1232080 * https://bugzilla.suse.com/show_bug.cgi?id=1232083 * https://bugzilla.suse.com/show_bug.cgi?id=1232084 * https://bugzilla.suse.com/show_bug.cgi?id=1232085 * https://bugzilla.suse.com/show_bug.cgi?id=1232089 * https://bugzilla.suse.com/show_bug.cgi?id=1232090 * https://bugzilla.suse.com/show_bug.cgi?id=1232093 * https://bugzilla.suse.com/show_bug.cgi?id=1232094 * https://bugzilla.suse.com/show_bug.cgi?id=1232097 * https://bugzilla.suse.com/show_bug.cgi?id=1232098 * https://bugzilla.suse.com/show_bug.cgi?id=1232105 * https://bugzilla.suse.com/show_bug.cgi?id=1232109 * https://bugzilla.suse.com/show_bug.cgi?id=1232111 * https://bugzilla.suse.com/show_bug.cgi?id=1232114 * https://bugzilla.suse.com/show_bug.cgi?id=1232116 * https://bugzilla.suse.com/show_bug.cgi?id=1232117 * https://bugzilla.suse.com/show_bug.cgi?id=1232124 * https://bugzilla.suse.com/show_bug.cgi?id=1232126 * https://bugzilla.suse.com/show_bug.cgi?id=1232127 * https://bugzilla.suse.com/show_bug.cgi?id=1232129 * https://bugzilla.suse.com/show_bug.cgi?id=1232130 * https://bugzilla.suse.com/show_bug.cgi?id=1232131 * https://bugzilla.suse.com/show_bug.cgi?id=1232132 * https://bugzilla.suse.com/show_bug.cgi?id=1232134 * https://bugzilla.suse.com/show_bug.cgi?id=1232135 * https://bugzilla.suse.com/show_bug.cgi?id=1232140 * https://bugzilla.suse.com/show_bug.cgi?id=1232141 * https://bugzilla.suse.com/show_bug.cgi?id=1232142 * https://bugzilla.suse.com/show_bug.cgi?id=1232145 * https://bugzilla.suse.com/show_bug.cgi?id=1232147 * https://bugzilla.suse.com/show_bug.cgi?id=1232148 * https://bugzilla.suse.com/show_bug.cgi?id=1232151 * https://bugzilla.suse.com/show_bug.cgi?id=1232152 * https://bugzilla.suse.com/show_bug.cgi?id=1232154 * https://bugzilla.suse.com/show_bug.cgi?id=1232155 * https://bugzilla.suse.com/show_bug.cgi?id=1232156 * https://bugzilla.suse.com/show_bug.cgi?id=1232159 * https://bugzilla.suse.com/show_bug.cgi?id=1232160 * https://bugzilla.suse.com/show_bug.cgi?id=1232162 * https://bugzilla.suse.com/show_bug.cgi?id=1232164 * https://bugzilla.suse.com/show_bug.cgi?id=1232174 * https://bugzilla.suse.com/show_bug.cgi?id=1232180 * https://bugzilla.suse.com/show_bug.cgi?id=1232182 * https://bugzilla.suse.com/show_bug.cgi?id=1232183 * https://bugzilla.suse.com/show_bug.cgi?id=1232185 * https://bugzilla.suse.com/show_bug.cgi?id=1232187 * https://bugzilla.suse.com/show_bug.cgi?id=1232189 * https://bugzilla.suse.com/show_bug.cgi?id=1232192 * https://bugzilla.suse.com/show_bug.cgi?id=1232195 * https://bugzilla.suse.com/show_bug.cgi?id=1232196 * https://bugzilla.suse.com/show_bug.cgi?id=1232200 * https://bugzilla.suse.com/show_bug.cgi?id=1232208 * https://bugzilla.suse.com/show_bug.cgi?id=1232217 * https://bugzilla.suse.com/show_bug.cgi?id=1232218 * https://bugzilla.suse.com/show_bug.cgi?id=1232220 * https://bugzilla.suse.com/show_bug.cgi?id=1232221 * https://bugzilla.suse.com/show_bug.cgi?id=1232222 * https://bugzilla.suse.com/show_bug.cgi?id=1232232 * https://bugzilla.suse.com/show_bug.cgi?id=1232250 * https://bugzilla.suse.com/show_bug.cgi?id=1232251 * https://bugzilla.suse.com/show_bug.cgi?id=1232253 * https://bugzilla.suse.com/show_bug.cgi?id=1232254 * https://bugzilla.suse.com/show_bug.cgi?id=1232255 * https://bugzilla.suse.com/show_bug.cgi?id=1232256 * https://bugzilla.suse.com/show_bug.cgi?id=1232260 * https://bugzilla.suse.com/show_bug.cgi?id=1232262 * https://bugzilla.suse.com/show_bug.cgi?id=1232263 * https://bugzilla.suse.com/show_bug.cgi?id=1232275 * https://bugzilla.suse.com/show_bug.cgi?id=1232279 * https://bugzilla.suse.com/show_bug.cgi?id=1232282 * https://bugzilla.suse.com/show_bug.cgi?id=1232285 * https://bugzilla.suse.com/show_bug.cgi?id=1232287 * https://bugzilla.suse.com/show_bug.cgi?id=1232295 * https://bugzilla.suse.com/show_bug.cgi?id=1232309 * https://bugzilla.suse.com/show_bug.cgi?id=1232310 * https://bugzilla.suse.com/show_bug.cgi?id=1232312 * https://bugzilla.suse.com/show_bug.cgi?id=1232313 * https://bugzilla.suse.com/show_bug.cgi?id=1232314 * https://bugzilla.suse.com/show_bug.cgi?id=1232315 * https://bugzilla.suse.com/show_bug.cgi?id=1232316 * https://bugzilla.suse.com/show_bug.cgi?id=1232317 * https://bugzilla.suse.com/show_bug.cgi?id=1232329 * https://bugzilla.suse.com/show_bug.cgi?id=1232332 * https://bugzilla.suse.com/show_bug.cgi?id=1232333 * https://bugzilla.suse.com/show_bug.cgi?id=1232334 * https://bugzilla.suse.com/show_bug.cgi?id=1232335 * https://bugzilla.suse.com/show_bug.cgi?id=1232339 * https://bugzilla.suse.com/show_bug.cgi?id=1232340 * https://bugzilla.suse.com/show_bug.cgi?id=1232342 * https://bugzilla.suse.com/show_bug.cgi?id=1232345 * https://bugzilla.suse.com/show_bug.cgi?id=1232349 * https://bugzilla.suse.com/show_bug.cgi?id=1232359 * https://bugzilla.suse.com/show_bug.cgi?id=1232362 * https://bugzilla.suse.com/show_bug.cgi?id=1232369 * https://bugzilla.suse.com/show_bug.cgi?id=1232370 * https://bugzilla.suse.com/show_bug.cgi?id=1232378 * https://bugzilla.suse.com/show_bug.cgi?id=1232381 * https://bugzilla.suse.com/show_bug.cgi?id=1232383 * https://bugzilla.suse.com/show_bug.cgi?id=1232392 * https://bugzilla.suse.com/show_bug.cgi?id=1232394 * https://bugzilla.suse.com/show_bug.cgi?id=1232395 * https://bugzilla.suse.com/show_bug.cgi?id=1232417 * https://bugzilla.suse.com/show_bug.cgi?id=1232418 * https://bugzilla.suse.com/show_bug.cgi?id=1232424 * https://bugzilla.suse.com/show_bug.cgi?id=1232427 * https://bugzilla.suse.com/show_bug.cgi?id=1232432 * https://bugzilla.suse.com/show_bug.cgi?id=1232435 * https://bugzilla.suse.com/show_bug.cgi?id=1232503 * https://bugzilla.suse.com/show_bug.cgi?id=1232504 * https://bugzilla.suse.com/show_bug.cgi?id=1232505 * https://bugzilla.suse.com/show_bug.cgi?id=1232506 * https://bugzilla.suse.com/show_bug.cgi?id=1232507 * https://bugzilla.suse.com/show_bug.cgi?id=1232511 * https://bugzilla.suse.com/show_bug.cgi?id=1232519 * https://bugzilla.suse.com/show_bug.cgi?id=1232520 * https://bugzilla.suse.com/show_bug.cgi?id=1232529 * https://bugzilla.suse.com/show_bug.cgi?id=1232552 * https://bugzilla.suse.com/show_bug.cgi?id=1232623 * https://bugzilla.suse.com/show_bug.cgi?id=1232626 * https://bugzilla.suse.com/show_bug.cgi?id=1232627 * https://bugzilla.suse.com/show_bug.cgi?id=1232628 * https://bugzilla.suse.com/show_bug.cgi?id=1232629 * https://bugzilla.suse.com/show_bug.cgi?id=1232757 * https://bugzilla.suse.com/show_bug.cgi?id=1232768 * https://jira.suse.com/browse/PED-10559 * https://jira.suse.com/browse/PED-10978 * https://jira.suse.com/browse/PED-9901 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 13 12:42:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 13 Nov 2024 12:42:08 -0000 Subject: SUSE-SU-2024:3985-1: important: Security update for the Linux Kernel Message-ID: <173150172862.4790.12176806192868152296@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3985-1 Release Date: 2024-11-13T10:13:42Z Rating: important References: * bsc#1054914 * bsc#1065729 * bsc#1194869 * bsc#1204171 * bsc#1205796 * bsc#1206188 * bsc#1206344 * bsc#1209290 * bsc#1210449 * bsc#1210627 * bsc#1213034 * bsc#1216813 * bsc#1218562 * bsc#1223384 * bsc#1223524 * bsc#1223824 * bsc#1225189 * bsc#1225336 * bsc#1225611 * bsc#1225762 * bsc#1226498 * bsc#1226631 * bsc#1226797 * bsc#1227437 * bsc#1227885 * bsc#1228119 * bsc#1228269 * bsc#1228709 * bsc#1228743 * bsc#1228747 * bsc#1229005 * bsc#1229019 * bsc#1229450 * bsc#1229454 * bsc#1229456 * bsc#1229556 * bsc#1229769 * bsc#1229837 * bsc#1229891 * bsc#1230055 * bsc#1230179 * bsc#1230289 * bsc#1230405 * bsc#1230414 * bsc#1230429 * bsc#1230456 * bsc#1230550 * bsc#1230600 * bsc#1230620 * bsc#1230715 * bsc#1230722 * bsc#1230763 * bsc#1230773 * bsc#1230774 * bsc#1230801 * bsc#1230903 * bsc#1230918 * bsc#1231016 * bsc#1231072 * bsc#1231073 * bsc#1231084 * bsc#1231085 * bsc#1231087 * bsc#1231094 * bsc#1231096 * bsc#1231105 * bsc#1231114 * bsc#1231115 * bsc#1231148 * bsc#1231179 * bsc#1231191 * bsc#1231193 * bsc#1231195 * bsc#1231197 * bsc#1231200 * bsc#1231203 * bsc#1231277 * bsc#1231293 * bsc#1231327 * bsc#1231344 * bsc#1231375 * bsc#1231383 * bsc#1231439 * bsc#1231442 * bsc#1231496 * bsc#1231502 * bsc#1231539 * bsc#1231540 * bsc#1231578 * bsc#1231673 * bsc#1231857 * bsc#1231861 * bsc#1231872 * bsc#1231883 * bsc#1231885 * bsc#1231887 * bsc#1231888 * bsc#1231889 * bsc#1231890 * bsc#1231892 * bsc#1231893 * bsc#1231895 * bsc#1231896 * bsc#1231897 * bsc#1231902 * bsc#1231903 * bsc#1231907 * bsc#1231914 * bsc#1231929 * bsc#1231935 * bsc#1231936 * bsc#1231937 * bsc#1231938 * bsc#1231939 * bsc#1231940 * bsc#1231941 * bsc#1231942 * bsc#1231944 * bsc#1231950 * bsc#1231954 * bsc#1231958 * bsc#1231960 * bsc#1231961 * bsc#1231962 * bsc#1231965 * bsc#1231967 * bsc#1231968 * bsc#1231972 * bsc#1231973 * bsc#1231976 * bsc#1231979 * bsc#1231987 * bsc#1231988 * bsc#1231990 * bsc#1231991 * bsc#1231992 * bsc#1231995 * bsc#1231996 * bsc#1231997 * bsc#1231998 * bsc#1232001 * bsc#1232004 * bsc#1232005 * bsc#1232006 * bsc#1232007 * bsc#1232025 * bsc#1232026 * bsc#1232033 * bsc#1232034 * bsc#1232035 * bsc#1232036 * bsc#1232037 * bsc#1232038 * bsc#1232039 * bsc#1232043 * bsc#1232049 * bsc#1232067 * bsc#1232069 * bsc#1232070 * bsc#1232071 * bsc#1232075 * bsc#1232083 * bsc#1232084 * bsc#1232085 * bsc#1232089 * bsc#1232097 * bsc#1232104 * bsc#1232105 * bsc#1232108 * bsc#1232114 * bsc#1232116 * bsc#1232119 * bsc#1232120 * bsc#1232123 * bsc#1232124 * bsc#1232133 * bsc#1232135 * bsc#1232136 * bsc#1232140 * bsc#1232145 * bsc#1232149 * bsc#1232150 * bsc#1232151 * bsc#1232154 * bsc#1232155 * bsc#1232160 * bsc#1232163 * bsc#1232164 * bsc#1232170 * bsc#1232172 * bsc#1232174 * bsc#1232175 * bsc#1232191 * bsc#1232196 * bsc#1232199 * bsc#1232200 * bsc#1232201 * bsc#1232217 * bsc#1232220 * bsc#1232221 * bsc#1232229 * bsc#1232233 * bsc#1232237 * bsc#1232251 * bsc#1232253 * bsc#1232259 * bsc#1232260 * bsc#1232262 * bsc#1232263 * bsc#1232282 * bsc#1232285 * bsc#1232286 * bsc#1232304 * bsc#1232305 * bsc#1232307 * bsc#1232309 * bsc#1232310 * bsc#1232313 * bsc#1232314 * bsc#1232316 * bsc#1232329 * bsc#1232332 * bsc#1232335 * bsc#1232337 * bsc#1232342 * bsc#1232345 * bsc#1232352 * bsc#1232354 * bsc#1232355 * bsc#1232358 * bsc#1232361 * bsc#1232366 * bsc#1232367 * bsc#1232368 * bsc#1232369 * bsc#1232374 * bsc#1232381 * bsc#1232383 * bsc#1232392 * bsc#1232395 * bsc#1232418 * bsc#1232424 * bsc#1232432 * bsc#1232435 * bsc#1232442 * bsc#1232446 * bsc#1232501 * bsc#1232519 * bsc#1232630 * bsc#1232631 * bsc#1232632 * bsc#1232757 Cross-References: * CVE-2021-47416 * CVE-2021-47534 * CVE-2022-3435 * CVE-2022-45934 * CVE-2022-48664 * CVE-2022-48879 * CVE-2022-48946 * CVE-2022-48947 * CVE-2022-48948 * CVE-2022-48949 * CVE-2022-48951 * CVE-2022-48953 * CVE-2022-48954 * CVE-2022-48955 * CVE-2022-48956 * CVE-2022-48957 * CVE-2022-48958 * CVE-2022-48959 * CVE-2022-48960 * CVE-2022-48961 * CVE-2022-48962 * CVE-2022-48966 * CVE-2022-48967 * CVE-2022-48968 * CVE-2022-48969 * CVE-2022-48970 * CVE-2022-48971 * CVE-2022-48972 * CVE-2022-48973 * CVE-2022-48975 * CVE-2022-48977 * CVE-2022-48978 * CVE-2022-48980 * CVE-2022-48981 * CVE-2022-48985 * CVE-2022-48987 * CVE-2022-48988 * CVE-2022-48991 * CVE-2022-48992 * CVE-2022-48994 * CVE-2022-48995 * CVE-2022-48997 * CVE-2022-48999 * CVE-2022-49000 * CVE-2022-49002 * CVE-2022-49003 * CVE-2022-49005 * CVE-2022-49006 * CVE-2022-49007 * CVE-2022-49010 * CVE-2022-49011 * CVE-2022-49012 * CVE-2022-49014 * CVE-2022-49015 * CVE-2022-49016 * CVE-2022-49017 * CVE-2022-49019 * CVE-2022-49020 * CVE-2022-49021 * CVE-2022-49022 * CVE-2022-49023 * CVE-2022-49024 * CVE-2022-49025 * CVE-2022-49026 * CVE-2022-49027 * CVE-2022-49028 * CVE-2022-49029 * CVE-2022-49031 * CVE-2022-49032 * CVE-2023-2166 * CVE-2023-28327 * CVE-2023-52766 * CVE-2023-52800 * CVE-2023-52881 * CVE-2023-52919 * CVE-2023-6270 * CVE-2024-27043 * CVE-2024-36244 * CVE-2024-36957 * CVE-2024-39476 * CVE-2024-40965 * CVE-2024-42145 * CVE-2024-42226 * CVE-2024-42253 * CVE-2024-44931 * CVE-2024-44947 * CVE-2024-44958 * CVE-2024-45016 * CVE-2024-45025 * CVE-2024-46678 * CVE-2024-46716 * CVE-2024-46719 * CVE-2024-46754 * CVE-2024-46770 * CVE-2024-46775 * CVE-2024-46777 * CVE-2024-46809 * CVE-2024-46811 * CVE-2024-46813 * CVE-2024-46814 * CVE-2024-46815 * CVE-2024-46816 * CVE-2024-46817 * CVE-2024-46818 * CVE-2024-46826 * CVE-2024-46828 * CVE-2024-46834 * CVE-2024-46840 * CVE-2024-46841 * CVE-2024-46848 * CVE-2024-46849 * CVE-2024-46854 * CVE-2024-46855 * CVE-2024-46857 * CVE-2024-47660 * CVE-2024-47661 * CVE-2024-47664 * CVE-2024-47668 * CVE-2024-47672 * CVE-2024-47673 * CVE-2024-47674 * CVE-2024-47684 * CVE-2024-47685 * CVE-2024-47692 * CVE-2024-47704 * CVE-2024-47705 * CVE-2024-47706 * CVE-2024-47707 * CVE-2024-47710 * CVE-2024-47720 * CVE-2024-47727 * CVE-2024-47730 * CVE-2024-47738 * CVE-2024-47739 * CVE-2024-47745 * CVE-2024-47747 * CVE-2024-47748 * CVE-2024-49858 * CVE-2024-49860 * CVE-2024-49866 * CVE-2024-49867 * CVE-2024-49881 * CVE-2024-49882 * CVE-2024-49883 * CVE-2024-49886 * CVE-2024-49890 * CVE-2024-49892 * CVE-2024-49894 * CVE-2024-49895 * CVE-2024-49896 * CVE-2024-49897 * CVE-2024-49899 * CVE-2024-49901 * CVE-2024-49906 * CVE-2024-49908 * CVE-2024-49909 * CVE-2024-49911 * CVE-2024-49912 * CVE-2024-49913 * CVE-2024-49914 * CVE-2024-49917 * CVE-2024-49918 * CVE-2024-49919 * CVE-2024-49920 * CVE-2024-49922 * CVE-2024-49923 * CVE-2024-49929 * CVE-2024-49930 * CVE-2024-49933 * CVE-2024-49936 * CVE-2024-49939 * CVE-2024-49946 * CVE-2024-49949 * CVE-2024-49954 * CVE-2024-49955 * CVE-2024-49958 * CVE-2024-49959 * CVE-2024-49960 * CVE-2024-49962 * CVE-2024-49967 * CVE-2024-49969 * CVE-2024-49973 * CVE-2024-49974 * CVE-2024-49975 * CVE-2024-49982 * CVE-2024-49991 * CVE-2024-49993 * CVE-2024-49995 * CVE-2024-49996 * CVE-2024-50000 * CVE-2024-50001 * CVE-2024-50002 * CVE-2024-50006 * CVE-2024-50014 * CVE-2024-50019 * CVE-2024-50024 * CVE-2024-50028 * CVE-2024-50033 * CVE-2024-50035 * CVE-2024-50041 * CVE-2024-50045 * CVE-2024-50046 * CVE-2024-50047 * CVE-2024-50048 * CVE-2024-50049 * CVE-2024-50055 * CVE-2024-50058 * CVE-2024-50059 * CVE-2024-50061 * CVE-2024-50063 * CVE-2024-50081 CVSS scores: * CVE-2021-47416 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47534 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47534 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-3435 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-3435 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-45934 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2022-45934 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48879 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48879 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48946 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48946 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48948 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48948 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48949 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48949 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48949 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48951 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48951 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48951 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48953 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48953 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48953 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48954 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48954 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48955 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48955 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48957 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48957 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48957 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48958 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48959 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48959 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48959 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48960 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48960 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48960 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48961 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48961 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48961 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48962 ( SUSE ): 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48962 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2022-48962 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48966 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48966 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48966 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48967 ( SUSE ): 7.0 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48967 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-48967 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-48968 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48968 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48968 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48969 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48969 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48970 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48970 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48971 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48971 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48971 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48972 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48972 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48972 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48973 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48973 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2022-48973 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48975 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48975 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48977 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48977 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48978 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48978 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2022-48978 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48980 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48980 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2022-48980 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48981 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48981 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2022-48981 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48985 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48985 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48987 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48987 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48987 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48988 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48988 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48988 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48991 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48991 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48992 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48992 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48992 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48994 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2022-48994 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-48994 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48995 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48995 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48995 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48997 ( SUSE ): 1.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48997 ( SUSE ): 2.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2022-48997 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48999 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48999 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-49000 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49000 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49000 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49002 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49002 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49002 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49003 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49003 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49003 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49005 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2022-49005 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2022-49005 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49006 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49006 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49006 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49007 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49007 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49010 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49010 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49010 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49011 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49012 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49012 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49014 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49014 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49015 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49015 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49017 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49017 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49019 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49019 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49020 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49020 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49020 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49021 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49022 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49022 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49023 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49023 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49024 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49024 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49025 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49025 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49026 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49026 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49027 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49027 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-49028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49028 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49029 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49029 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49031 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49031 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-49032 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49032 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-2166 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2166 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28327 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28327 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52800 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52800 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52881 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36244 ( SUSE ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2024-36957 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-39476 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39476 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40965 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40965 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42226 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42226 ( NVD ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42253 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-42253 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-42253 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44931 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-44931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44958 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45016 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45025 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45025 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46678 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L * CVE-2024-46678 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46678 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46716 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-46719 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46719 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46754 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46754 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46770 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46770 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46775 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46777 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46809 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46809 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46809 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46811 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46811 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46811 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46813 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46813 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46813 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46814 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46814 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46814 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46815 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46816 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46816 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46817 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46826 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46828 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46834 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46834 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46840 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46840 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46841 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46841 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46848 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46848 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46849 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46849 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46854 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-46854 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-46855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46855 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46857 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47660 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-47660 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47660 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47661 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-47661 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-47661 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47664 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47664 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47664 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47668 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-47668 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-47668 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47672 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47672 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47673 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47673 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47674 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47674 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47674 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47684 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47684 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47685 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-47685 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-47685 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47692 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47692 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47692 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47704 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47704 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47705 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47705 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47705 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47706 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47706 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47706 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47707 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47707 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47707 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47710 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-47710 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47710 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47720 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47720 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47727 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47727 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47727 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47730 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47738 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47738 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47739 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47745 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47745 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47745 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47747 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47747 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47747 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47748 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47748 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47748 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49858 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-49858 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-49858 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49860 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49860 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49860 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49866 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49866 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49867 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49867 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49867 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49881 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49881 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49882 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49882 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49883 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49883 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49890 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49890 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49890 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49892 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49892 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49892 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49894 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-49894 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-49894 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49895 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49895 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-49895 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49896 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49896 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49897 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49897 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49897 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49899 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49899 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49901 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49906 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49906 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49908 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49908 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49908 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49909 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49909 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49911 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49912 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49912 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49912 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49913 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49913 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49914 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49914 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49914 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49917 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49917 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49918 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49918 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49918 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49919 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49919 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49920 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49922 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49922 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49922 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49923 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49923 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49923 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49929 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49929 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49930 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49933 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49933 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49936 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49936 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49939 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49946 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49949 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49949 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49954 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49954 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49955 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49955 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49958 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49959 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49959 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49960 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49960 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49960 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49962 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49962 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49962 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49967 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49967 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49969 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49969 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49969 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49973 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49974 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49974 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49974 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49975 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49975 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49982 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49991 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49993 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49993 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-49993 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49995 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49995 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-49995 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49996 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49996 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50000 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50000 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50001 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50001 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50002 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50002 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50006 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50006 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50006 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50014 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50014 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50019 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50019 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50024 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50024 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50028 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50033 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50033 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50035 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50035 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50035 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50041 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50041 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50045 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50046 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50046 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50047 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50047 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50048 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50048 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50049 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50049 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50055 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50055 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50058 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50058 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50059 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50059 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50061 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50061 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50063 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50063 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50081 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50081 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Real Time Module 15-SP5 An update that solves 211 vulnerabilities and has 41 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-48879: efi: fix NULL-deref in init error path (bsc#1229556). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1231893). * CVE-2022-48957: dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_remove() (bsc#1231973). * CVE-2022-48958: ethernet: aeroflex: fix potential skb leak in greth_init_rings() (bsc#1231889). * CVE-2022-48959: net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() (bsc#1231976). * CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (bsc#1231979). * CVE-2022-48962: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() (bsc#1232286). * CVE-2022-48966: net: mvneta: Fix an out of bounds check (bsc#1232191). * CVE-2022-48980: net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing() (bsc#1232233). * CVE-2022-48991: mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma (bsc#1232070). * CVE-2022-49015: net: hsr: Fix potential use-after-free (bsc#1231938). * CVE-2022-49017: tipc: re-fetch skb cb after tipc_msg_validate (bsc#1232004). * CVE-2022-49020: net/9p: Fix a potential socket leak in p9_socket_open (bsc#1232175). * CVE-2024-36244: net/sched: taprio: extend minimum interval restriction to entire cycle too (bsc#1226797). * CVE-2024-36957: octeontx2-af: avoid off-by-one read from userspace (bsc#1225762). * CVE-2024-39476: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (bsc#1227437). * CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885). * CVE-2024-42226: Prevent potential failure in handle_tx_event() for Transfer events without TRB (bsc#1228709). * CVE-2024-42253: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race (bsc#1229005). * CVE-2024-44931: gpio: prevent potential speculation leaks in gpio_device_get_desc() (bsc#1229837). * CVE-2024-44958: sched/smt: Fix unbalance sched_smt_present dec/inc (bsc#1230179). * CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429). * CVE-2024-45025: fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE (bsc#1230456). * CVE-2024-46678: bonding: change ipsec_lock from spin lock to mutex (bsc#1230550). * CVE-2024-46716: dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor (bsc#1230715). * CVE-2024-46754: bpf: Remove tst_run from lwt_seg6local_prog_ops (bsc#1230801). * CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763). * CVE-2024-46775: drm/amd/display: Validate function returns (bsc#1230774). * CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773). * CVE-2024-46809: drm/amd/display: Check BIOS images before it is used (bsc#1231148). * CVE-2024-46811: drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box (bsc#1231179). * CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191). * CVE-2024-46814: drm/amd/display: Check msg_id before processing transcation (bsc#1231193). * CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231195). * CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197). * CVE-2024-46817: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (bsc#1231200). * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231203). * CVE-2024-46826: ELF: fix kernel.randomize_va_space double read (bsc#1231115). * CVE-2024-46828: uprobes: fix kernel info leak via "[uprobes]" vma (bsc#1231114). * CVE-2024-46834: ethtool: fail closed if we can't get max channel used in indirection tables (bsc#1231096). * CVE-2024-46840: btrfs: clean up our handling of refs == 0 in snapshot delete (bsc#1231105). * CVE-2024-46841: btrfs: do not BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() (bsc#1231094). * CVE-2024-46848: perf/x86/intel: Limit the period on Haswell (bsc#1231072). * CVE-2024-46849: ASoC: meson: axg-card: fix 'use-after-free' (bsc#1231073). * CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084). * CVE-2024-46855: netfilter: nft_socket: fix sk refcount leaks (bsc#1231085). * CVE-2024-46857: net/mlx5: Fix bridge mode operations when there are no VFs (bsc#1231087). * CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439). * CVE-2024-47661: drm/amd/display: Avoid overflow from uint32_t to uint8_t (bsc#1231496). * CVE-2024-47664: spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware (bsc#1231442). * CVE-2024-47668: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (bsc#1231502). * CVE-2024-47672: wifi: iwlwifi: mvm: do not wait for tx queues if firmware is dead (bsc#1231540). * CVE-2024-47673: wifi: iwlwifi: mvm: pause TCM when the firmware is stopped (bsc#1231539). * CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673). * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987). * CVE-2024-47685: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (bsc#1231998). * CVE-2024-47692: nfsd: return -EINVAL when namelen is 0 (bsc#1231857). * CVE-2024-47704: drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944). * CVE-2024-47705: block: fix potential invalid pointer dereference in blk_add_partition (bsc#1231872). * CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942). * CVE-2024-47707: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (bsc#1231935). * CVE-2024-47710: sock_map: Add a cond_resched() in sock_hash_free() (bsc#1232049). * CVE-2024-47720: drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func (bsc#1232043). * CVE-2024-47727: x86/tdx: Fix "in-kernel MMIO" check (bsc#1232116). * CVE-2024-47730: crypto: hisilicon/qm - inject error before stopping queue (bsc#1232075). * CVE-2024-47738: wifi: mac80211: do not use rate mask for offchannel TX either (bsc#1232114). * CVE-2024-47739: padata: use integer wrap around to prevent deadlock on seq_nr overflow (bsc#1232124). * CVE-2024-47745: mm: split critical region in remap_file_pages() and invoke LSMs in between (bsc#1232135). * CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145). * CVE-2024-47748: vhost_vdpa: assign irq bypass producer token correctly (bsc#1232174). * CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861). * CVE-2024-49866: tracing/timerlat: Fix a race during cpuhp processing (bsc#1232259). * CVE-2024-49881: ext4: update orig_path in ext4_find_extent() (bsc#1232201). * CVE-2024-49882: ext4: fix double brelse() the buffer of the extents path (bsc#1232200). * CVE-2024-49883: ext4: aovid use-after-free in ext4_ext_insert_extent() (bsc#1232199). * CVE-2024-49886: platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug (bsc#1232196). * CVE-2024-49890: drm/amd/pm: ensure the fw_info is not null before using it (bsc#1232217). * CVE-2024-49892: drm/amd/display: Initialize get_bytes_per_element's default to 1 (bsc#1232220). * CVE-2024-49894: drm/amd/display: Fix index out of bounds in degamma hardware format translation (bsc#1232354). * CVE-2024-49896: drm/amd/display: Check stream before comparing them (bsc#1232221). * CVE-2024-49897: drm/amd/display: Check phantom_stream before it is used (bsc#1232355). * CVE-2024-49899: drm/amd/display: Initialize denominators' default to 1 (bsc#1232358). * CVE-2024-49901: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs (bsc#1232305). * CVE-2024-49906: drm/amd/display: Check null pointer before try to access it (bsc#1232332). * CVE-2024-49909: drm/amd/display: Add NULL check for function pointer in dcn32_set_output_transfer_func (bsc#1232337). * CVE-2024-49911: drm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func (bsc#1232366). * CVE-2024-49914: drm/amd/display: Add null check for pipe_ctx->plane_state in (bsc#1232369). * CVE-2024-49917: drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn30_init_hw (bsc#1231965). * CVE-2024-49918: drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer (bsc#1231967). * CVE-2024-49919: drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer (bsc#1231968). * CVE-2024-49920: drm/amd/display: Check null pointers before multiple uses (bsc#1232313). * CVE-2024-49922: drm/amd/display: Check null pointers before using them (bsc#1232374). * CVE-2024-49923: drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags (bsc#1232361). * CVE-2024-49929: wifi: iwlwifi: mvm: avoid NULL pointer dereference (bsc#1232253). * CVE-2024-49930: wifi: ath11k: fix array out-of-bound access in SoC stats (bsc#1232260). * CVE-2024-49933: blk_iocost: fix more out of bound shifts (bsc#1232368). * CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424). * CVE-2024-49939: wifi: rtw89: avoid to add interface to list twice when SER (bsc#1232381). * CVE-2024-49946: ppp: do not assume bh is held in ppp_channel_bridge_input() (bsc#1232164). * CVE-2024-49949: net: avoid potential underflow in qdisc_pkt_len_init() with UFO (bsc#1232160). * CVE-2024-49954: static_call: Replace pointless WARN_ON() in static_call_module_notify() (bsc#1232155). * CVE-2024-49955: ACPI: battery: Fix possible crash when unregistering a battery hook (bsc#1232154). * CVE-2024-49958: ocfs2: reserve space for inline xattr before attaching reflink tree (bsc#1232151). * CVE-2024-49959: jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error (bsc#1232149). * CVE-2024-49960: ext4: fix timer use-after-free on failed mount (bsc#1232395). * CVE-2024-49962: ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() (bsc#1232314). * CVE-2024-49967: ext4: no need to continue when the number of entries is 1 (bsc#1232140). * CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519). * CVE-2024-49973: r8169: add tally counter fields added with RTL8125 (bsc#1232105). * CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383). * CVE-2024-49975: uprobes: fix kernel info leak via "[uprobes]" vma (bsc#1232104). * CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282). * CVE-2024-49993: iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0 count (bsc#1232316). * CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432). * CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089). * CVE-2024-50000: net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() (bsc#1232085). * CVE-2024-50001: net/mlx5: Fix error path in multi-packet WQE transmit (bsc#1232084). * CVE-2024-50002: static_call: Handle module init failure correctly in static_call_del_module() (bsc#1232083). * CVE-2024-50006: ext4: fix i_data_sem unlock order in ext4_ind_migrate() (bsc#1232442). * CVE-2024-50014: ext4: fix access to uninitialised lock in fc replay path (bsc#1232446). * CVE-2024-50019: kthread: unpark only parked kthread (bsc#1231990). * CVE-2024-50024: net: Fix an unsafe loop on the list (bsc#1231954). * CVE-2024-50028: thermal: core: Reference count the zone in thermal_zone_get_by_id() (bsc#1231950). * CVE-2024-50033: slip: make slhc_remember() more robust against malicious packets (bsc#1231914). * CVE-2024-50035: ppp: fix ppp_async_encode() illegal access (bsc#1232392). * CVE-2024-50041: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash (bsc#1231907). * CVE-2024-50045: netfilter: br_netfilter: fix panic with metadata_dst skb (bsc#1231903). * CVE-2024-50046: kabi fix for NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() (bsc#1231902). * CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418). * CVE-2024-50048: fbcon: Fix a NULL pointer dereference issue in fbcon_putcs (bsc#1232310). * CVE-2024-50055: driver core: bus: Fix double free in driver API bus_register() (bsc#1232329). * CVE-2024-50058: serial: protect uart_port_dtr_rts() in uart_shutdown() too (bsc#1232285). * CVE-2024-50059: ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition (bsc#1232345). * CVE-2024-50061: i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition (bsc#1232263). * CVE-2024-50063: kABI: bpf: struct bpf_map kABI workaround (bsc#1232435). * CVE-2024-50081: blk-mq: setup queue ->tag_set before initializing hctx (bsc#1232501). The following non-security bugs were fixed: * ACPI: EC: Do not release locks during operation region accesses (stable- fixes). * ACPI: PAD: fix crash in exit_round_robin() (stable-fixes). * ACPI: PRM: Clean up guid type in struct prm_handler_info (git-fixes). * ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context (git- fixes). * ACPI: battery: Call power_supply_changed() when adding hooks (bsc#1232154) * ACPI: battery: Simplify battery hook locking (bsc#1232154) * ACPI: resource: Add Asus ExpertBook B2502CVA to irq1_level_low_skip_override[] (stable-fixes). * ACPI: resource: Add Asus Vivobook X1704VAP to irq1_level_low_skip_override[] (stable-fixes). * ACPI: resource: Add another DMI match for the TongFang GMxXGxx (stable- fixes). * ACPICA: Fix memory leak if acpi_ps_get_next_field() fails (stable-fixes). * ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails (stable-fixes). * ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() (stable-fixes). * ACPICA: iasl: handle empty connection_node (stable-fixes). * ALSA: asihpi: Fix potential OOB array access (stable-fixes). * ALSA: core: add isascii() check to card ID generator (stable-fixes). * ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (git-fixes). * ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2 (stable- fixes). * ALSA: hda/conexant - Use cached pin control for Node 0x1d on HP EliteOne 1000 G2 (git-fixes). * ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin (git-fixes). * ALSA: hda/cs8409: Fix possible NULL dereference (git-fixes). * ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs (git-fixes). * ALSA: hda/realtek - FIxed ALC285 headphone no sound (stable-fixes). * ALSA: hda/realtek - Fixed ALC256 headphone no sound (stable-fixes). * ALSA: hda/realtek: Add a quirk for HP Pavilion 15z-ec200 (stable-fixes). * ALSA: hda/realtek: Add quirk for Huawei MateBook 13 KLV-WX9 (stable-fixes). * ALSA: hda/realtek: Fix the push button function for the ALC257 (git-fixes). * ALSA: hda/realtek: Update default depop procedure (git-fixes). * ALSA: hda: Fix kctl->id initialization (git-fixes). * ALSA: hda: cs35l41: fix module autoloading (git-fixes). * ALSA: hdsp: Break infinite MIDI input flush loop (stable-fixes). * ALSA: line6: add hw monitor volume control to POD HD500X (stable-fixes). * ALSA: mixer_oss: Remove some incorrect kfree_const() usages (git-fixes). * ALSA: usb-audio: Add delay quirk for VIVO USB-C HEADSET (stable-fixes). * ALSA: usb-audio: Add input value sanity checks for standard types (stable- fixes). * ALSA: usb-audio: Add logitech Audio profile quirk (stable-fixes). * ALSA: usb-audio: Add native DSD support for Luxman D-08u (stable-fixes). * ALSA: usb-audio: Define macros for quirk table entries (stable-fixes). * ALSA: usb-audio: Replace complex quirk lines with macros (stable-fixes). * ASoC: allow module autoloading for table db1200_pids (stable-fixes). * ASoC: imx-card: Set card.owner to avoid a warning calltrace if SND=m (git- fixes). * ASoC: intel: fix module autoloading (stable-fixes). * ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() (git-fixes). * ASoC: rt5682: Return devm_of_clk_add_hw_provider to transfer the error (git- fixes). * ASoC: soc-pcm: Do not zero TDM masks in __soc_pcm_open() (git-fixes). * ASoC: tda7419: fix module autoloading (stable-fixes). * Bluetooth: Call iso_exit() on module unload (git-fixes). * Bluetooth: ISO: Fix multiple init when debugfs is disabled (git-fixes). * Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (git- fixes). * Bluetooth: Remove debugfs directory on module init failure (git-fixes). * Bluetooth: bnep: fix wild-memory-access in proto_unregister (git-fixes). * Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). * Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001 (git- fixes). * Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (git-fixes). * Drop HD-audio conexant patch that caused a regression on Thinkpad (bsc#1228269) * Drop USB dwc2 patch that caused a regression on RPi3 (bsc#1232342) * HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() (git-fixes). * HID: multitouch: Add support for GT7868Q (stable-fixes). * HID: multitouch: Add support for Thinkpad X12 Gen 2 Kbd Portfolio (stable- fixes). * HID: plantronics: Workaround for an unexcepted opposite volume key (stable- fixes). * Input: adp5589-keys - fix NULL pointer dereference (git-fixes). * Input: adp5589-keys - fix adp5589_gpio_get_value() (git-fixes). * Input: ads7846 - ratelimit the spi_sync error message (stable-fixes). * Input: goodix - use the new soc_intel_is_byt() helper (stable-fixes). * Input: synaptics - enable SMBus for HP Elitebook 840 G2 (stable-fixes). * KVM: Fix coalesced_mmio_has_room() to avoid premature userspace exit (git- fixes). * KVM: Fix lockdep false negative during host resume (git-fixes). * KVM: Grab a reference to KVM for VM and vCPU stats file descriptors (git- fixes). * KVM: Optimize kvm_make_vcpus_request_mask() a bit (git-fixes). * KVM: Pre-allocate cpumasks for kvm_make_all_cpus_request_except() (git- fixes). * KVM: Reject overly excessive IDs in KVM_CREATE_VCPU (git-fixes). * KVM: SVM: Disallow guest from changing userspace's MSR_AMD64_DE_CFG value (git-fixes). * KVM: SVM: Do not advertise Bus Lock Detect to guest if SVM support is missing (git-fixes). * KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE (git-fixes). * KVM: Unconditionally get a ref to /dev/kvm module when creating a VM (git- fixes). * KVM: Write the per-page "segment" when clearing (part of) a guest page (git- fixes). * KVM: arm64: Add missing memory barriers when switching to pKVM's hyp pgd (git-fixes). * KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode (git- fixes). * KVM: arm64: Fix AArch32 register narrowing on userspace write (git-fixes). * KVM: arm64: GICv4: Do not perform a map to a mapped vLPI (git-fixes). * KVM: arm64: Invalidate EL1&0 TLB entries for all VMIDs in nvhe hyp init (git-fixes). * KVM: arm64: Preserve PSTATE.SS for the guest while single-step is enabled (git-fixes). * KVM: arm64: Release pfn, i.e. put page, if copying MTE tags hits ZONE_DEVICE (git-fixes). * KVM: arm64: mixed-width check should be skipped for uninitialized vCPUs (git-fixes). * KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler (git-fixes). * KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() (git-fixes). * KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() (git- fixes). * KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id (git-fixes). * KVM: arm64: vgic-v4: Restore pending state on host userspace write (git- fixes). * KVM: eventfd: Fix false positive RCU usage warning (git-fixes). * KVM: fix memoryleak in kvm_init() (git-fixes). * KVM: s390: Change virtual to physical address access in diag 0x258 handler (git-fixes bsc#1232631). * KVM: s390: Fix SORTL and DFLTCC instruction format error in __insn32_query (git-fixes bsc#1231277). * KVM: s390: gaccess: Check if guest address is in memslot (git-fixes bsc#1232630). * KVM: x86/mmu: Fold rmap_recycle into rmap_add (git-fixes). * KVM: x86/mmu: Rename slot_handle_leaf to slot_handle_level_4k (git-fixes). * KVM: x86: Use a stable condition around all VT-d PI paths (git-fixes). * Makefile.compiler: replace cc-ifversion with compiler-specific macros (bsc#1230414 bsc#1229450). * NFS: Avoid unnecessary rescanning of the per-server delegation list (git- fixes). * NFSD: Fix NFSv4's PUTPUBFH operation (git-fixes). * NFSD: Mark filecache "down" if init fails (git-fixes). * NFSv3: only use NFS timeout for MOUNT when protocols are compatible (bsc#1231016). * NFSv4: Fix clearing of layout segments in layoutreturn (git-fixes). * PCI: Add ACS quirk for Qualcomm SA8775P (stable-fixes). * PCI: Add function 0 DMA alias quirk for Glenfly Arise chip (stable-fixes). * PCI: Fix pci_enable_acs() support for the ACS quirks (bsc#1229019). * PCI: Mark Creative Labs EMU20k2 INTx masking as broken (stable-fixes). * RDMA/bnxt_re: Add a check for memory allocation (git-fixes) * RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (git-fixes) * RDMA/bnxt_re: Fix incorrect AVID type in WQE structure (git-fixes) * RDMA/bnxt_re: Fix the GID table length (git-fixes) * RDMA/bnxt_re: Fix the max CQ WQEs for older adapters (git-fixes) * RDMA/bnxt_re: Fix the usage of control path spin locks (git-fixes) * RDMA/bnxt_re: Return more meaningful error (git-fixes) * RDMA/bnxt_re: synchronize the qp-handle table array (git-fixes) * RDMA/cxgb4: Dump vendor specific QP details (git-fixes) * RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP (git-fixes) * RDMA/hns: Remove unused abnormal interrupt of type RAS (git-fixes) * RDMA/irdma: Fix misspelling of "accept*" (git-fixes) * RDMA/mad: Improve handling of timed out WRs of mad agent (git-fixes) * RDMA/mana_ib: use the correct page size for mapping user-mode doorbell page (git-fixes). * RDMA/mana_ib: use the correct page table index based on hardware page size (git-fixes). * RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down (git- fixes) * RDMA/rtrs-srv: Avoid null pointer deref during path establishment (git- fixes) * RDMA/srpt: Make slab cache names unique (git-fixes) * SUNRPC: Fix integer overflow in decode_rc_list() (git-fixes). * SUNRPC: Fixup gss_status tracepoint error output (git-fixes). * SUNRPC: clnt.c: Remove misleading comment (git-fixes). * USB: appledisplay: close race between probe and completion handler (stable- fixes). * USB: misc: cypress_cy7c63: check for short transfer (stable-fixes). * USB: misc: yurex: fix race between read and write (stable-fixes). * USB: serial: option: add Telit FN920C04 MBIM compositions (stable-fixes). * USB: serial: option: add support for Quectel EG916Q-GL (stable-fixes). * USB: serial: pl2303: add device id for Macrosilicon MS3020 (stable-fixes). * Use pahole -j1 option for reproducible builds (bsc#1230414 bsc#1229450). * add bug reference for a mana change (bsc#1229769). * add bug references to existing mana changes (bsc#1232033, bsc#1232034, bsc#1232036). * afs: Revert "afs: Hide silly-rename files from userspace" (git-fixes). * arm64: cputype: Add Neoverse-N3 definitions (git-fixes) * arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399 Puma (git-fixes). * arm64: errata: Expand speculative SSBS workaround once more (git-fixes) * arm64: esr: Define ESR_ELx_EC_* constants as UL (git-fixes) * arm64: probes: Fix simulate_ldr*_literal() (git-fixes) * arm64: probes: Fix uprobes for big-endian kernels (git-fixes) * arm64: probes: Remove broken LDR (literal) uprobe support (git-fixes) * block: print symbolic error name instead of error code (bsc#1231872). * bpf, lsm: Add disabled BPF LSM hook list (git-fixes). * bpf, net: Fix a potential race in do_sock_getsockopt() (git-fixes). * bpf, verifier: Correct tail_call_reachable for bpf prog (git-fixes). * bpf, x64: Remove tail call detection (git-fixes). * bpf,perf: Fix perf_event_detach_bpf_prog error handling (git-fixes). * bpf: Add --skip_encoding_btf_inconsistent_proto, --btf_gen_optimized to pahole flags for v1.25 (bsc#1230414 bsc#1229450). * bpf: Allow helpers to accept pointers with a fixed size (git-fixes). * bpf: Check for helper calls in check_subprogs() (git-fixes). * bpf: Fix bpf_strtol and bpf_strtoul helpers for 32bit (git-fixes). * bpf: Fix helper writes to read-only maps (git-fixes). * bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation (bsc#1231375). * bpf: Fix tailcall cases in test_bpf (git-fixes). * bpf: Improve check_raw_mode_ok test for MEM_UNINIT-tagged types (git-fixes). * bpf: Remove truncation test in bpf_strtol and bpf_strtoul helpers (git- fixes). * bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error (git-fixes). * bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos (git-fixes). * btf, scripts: Exclude Rust CUs with pahole (bsc#1230414 bsc#1229450). * bus: integrator-lm: fix OF node leak in probe() (git-fixes). * ceph: fix cap ref leak via netfs init_request (bsc#1231383). * char: tpm: Fix possible memory leak in tpm_bios_measurements_open() (git- fixes). * clk: Add a devm variant of clk_rate_exclusive_get() (bsc#1227885). * clk: Provide !COMMON_CLK dummy for devm_clk_rate_exclusive_get() (bsc#1227885). * comedi: ni_routing: tools: Check when the file could not be opened (stable- fixes). * cpufreq/amd-pstate: Fix amd_pstate mode switch on shared memory systems (git-fixes). * crypto: hisilicon - Remove pci_aer_clear_nonfatal_status() call (bsc#1232075) * crypto: hisilicon/qm - re-enable communicate interrupt before notifying PF (bsc#1232075) * debugfs: fix automount d_fsdata usage (git-fixes). * dn_route: set rt neigh to blackhole_netdev instead of loopback_dev in ifdown (bsc#1216813). * drbd: Add NULL check for net_conf to prevent dereference in state validation (git-fixes). * drbd: Fix atomicity violation in drbd_uuid_set_bm() (git-fixes). * driver core: bus: Return -EIO instead of 0 when show/store invalid bus attribute (stable-fixes). * drm/amd/amdgpu: Fix double unlock in amdgpu_mes_add_ring (git-fixes). * drm/amd/display: Add null check for 'afb' in amdgpu_dm_plane_handle_cursor_update (v2) (stable-fixes). * drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream (stable-fixes). * drm/amd/display: Allow backlight to go below `AMDGPU_DM_DEFAULT_MIN_BACKLIGHT` (stable-fixes). * drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944) * drm/amd/display: Check null pointer before dereferencing se (stable-fixes). * drm/amd/display: Check null pointers before using dc->clk_mgr (stable- fixes). * drm/amd/display: Check stream before comparing them (stable-fixes). * drm/amd/display: Fix Synaptics Cascaded Panamera DSC Determination (stable- fixes). * drm/amd/display: Fix index out of bounds in DCN30 color transformation (stable-fixes). * drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation (stable-fixes). * drm/amd/display: Fix index out of bounds in degamma hardware format translation (stable-fixes). * drm/amd/display: Fix system hang while resume with TBT monitor (stable- fixes). * drm/amd/display: Handle null 'stream_status' in 'planes_changed_for_existing_stream' (stable-fixes). * drm/amd/display: Initialize get_bytes_per_element's default to 1 (stable- fixes). * drm/amd/display: Round calculated vtotal (stable-fixes). * drm/amd/display: Validate backlight caps are sane (stable-fixes). * drm/amd/pm: ensure the fw_info is not null before using it (stable-fixes). * drm/amd: Guard against bad data for ATIF ACPI method (git-fixes). * drm/amdgpu: Replace one-element array with flexible-array member (stable- fixes). * drm/amdgpu: add raven1 gfxoff quirk (stable-fixes). * drm/amdgpu: disallow multiple BO_HANDLES chunks in one submit (stable- fixes). * drm/amdgpu: enable gfxoff quirk on HP 705G4 (stable-fixes). * drm/amdgpu: fix unchecked return value warning for amdgpu_gfx (stable- fixes). * drm/amdgpu: prevent BO_HANDLES error from being overwritten (git-fixes). * drm/amdgpu: properly handle vbios fake edid sizing (git-fixes). * drm/amdkfd: Fix resource leak in criu restore queue (stable-fixes). * drm/msm/dpu: do not always program merge_3d block (git-fixes). * drm/msm/dpu: make sure phys resources are properly initialized (git-fixes). * drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate calculation (git-fixes). * drm/msm: Allocate memory for disp snapshot with kvzalloc() (git-fixes). * drm/msm: Avoid NULL dereference in msm_disp_state_print_regs() (git-fixes). * drm/printer: Allow NULL data in devcoredump printer (stable-fixes). * drm/radeon/r100: Handle unknown family in r100_cp_init_microcode() (stable- fixes). * drm/radeon: Fix encoder->possible_clones (git-fixes). * drm/radeon: Replace one-element array with flexible-array member (stable- fixes). * drm/radeon: properly handle vbios fake edid sizing (git-fixes). * drm/rockchip: define gamma registers for RK3399 (stable-fixes). * drm/rockchip: support gamma control on RK3399 (stable-fixes). * drm/sched: Add locking to drm_sched_entity_modify_sched (git-fixes). * drm/v3d: Stop the active perfmon before being destroyed (git-fixes). * drm/vc4: Stop the active perfmon before being destroyed (git-fixes). * drm/vmwgfx: Handle surface check failure correctly (git-fixes). * drm: Consistently use struct drm_mode_rect for FB_DAMAGE_CLIPS (git-fixes). * drm: komeda: Fix an issue related to normalized zpos (stable-fixes). * efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (stable-fixes). * erofs: avoid consecutive detection for Highmem memory (git-fixes). * erofs: avoid infinite loop in z_erofs_do_read_page() when reading beyond EOF (git-fixes). * erofs: fix pcluster use-after-free on UP platforms (git-fixes). * erofs: fix potential overflow calculating xattr_isize (git-fixes). * erofs: stop parsing non-compact HEAD index if clusterofs is invalid (git- fixes). * exportfs: use pr_debug for unreachable debug statements (git-fixes). * ext4: fix slab-use-after-free in ext4_split_extent_at() (bsc#1232201) * fat: fix uninitialized variable (git-fixes). * fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes). * fbdev: sisfb: Fix strbuf array overflow (stable-fixes). * fgraph: Change the name of cpuhp state to "fgraph:online" (git-fixes). * fgraph: Fix missing unlock in register_ftrace_graph() (git-fixes). * fgraph: Use CPU hotplug mechanism to initialize idle shadow stacks (git- fixes). * filelock: fix potential use-after-free in posix_lock_inode (git-fixes). * firmware: tegra: bpmp: Drop unused mbox_client_to_bpmp() (git-fixes). * fs/namespace: fnic: Switch to use %ptTd (git-fixes). * fs/pipe: Fix lockdep false-positive in watchqueue pipe_write() (git-fixes). * fs: Fix file_set_fowner LSM hook inconsistencies (git-fixes). * gpio: aspeed: Add the flush write to ensure the write complete (git-fixes). * gpio: aspeed: Use devm_clk api to manage clock source (git-fixes). * gpio: davinci: fix lazy disable (git-fixes). * hid: intel-ish-hid: Fix uninitialized variable 'rv' in ish_fw_xfer_direct_dma (git-fixes). * hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event (git-fixes). * hwmon: (adm9240) Add missing dependency on REGMAP_I2C (git-fixes). * hwmon: (tmp513) Add missing dependency on REGMAP_I2C (git-fixes). * i2c: i801: Use a different adapter-name for IDF adapters (stable-fixes). * i2c: imx-lpi2c: return -EINVAL when i2c peripheral clk does not work (bsc#1227885). * i2c: imx-lpi2c: use bulk clk API (bsc#1227885). * i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume (git-fixes). * i2c: xiic: Fix RX IRQ busy check (stable-fixes). * i2c: xiic: Fix broken locking on tx_msg (stable-fixes). * i2c: xiic: Fix pm_runtime_set_suspended() with runtime pm enabled (git- fixes). * i2c: xiic: Switch from waitqueue to completion (stable-fixes). * i2c: xiic: Try re-initialization on bus busy timeout (git-fixes). * i2c: xiic: Use devm_clk_get_enabled() (stable-fixes). * i2c: xiic: improve error message when transfer fails to start (stable- fixes). * i2c: xiic: xiic_xfer(): Fix runtime PM leak on error path (git-fixes). * ice: Unbind the workqueue (bsc#1231344). * iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig (git-fixes). * iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig (git-fixes). * iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig (git- fixes). * iio: hid-sensors: Fix an error handling path in _hid_sensor_set_report_latency() (git-fixes). * iio: light: opt3001: add missing full-scale range value (git-fixes). * iio: light: veml6030: fix ALS sensor resolution (git-fixes). * iio: light: veml6030: fix IIO device retrieval from embedded device (git- fixes). * iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes). * iommu/vt-d: Always reserve a domain ID for identity setup (git-fixes). * ipv6: blackhole_netdev needs snmp6 counters (bsc#1216813). * ipv6: give an IPv6 dev to blackhole_netdev (bsc#1216813). * jfs: Fix sanity check in dbMount (git-fixes). * jfs: Fix uaf in dbFreeBits (git-fixes). * jfs: Fix uninit-value access of new_ea in ea_buffer (git-fixes). * jfs: UBSAN: shift-out-of-bounds in dbFindBits (git-fixes). * jfs: check if leafidx greater than num leaves per dmap tree (git-fixes). * kABI: bpf: enum bpf_{type_flag,arg_type} kABI workaround (git-fixes). * kABI: bpf: struct bpf_func_proto kABI workaround (git-fixes). * kab: fix after net: add more sanity check in virtio_net_hdr_to_skb() (git- fixes). * kabi fix of KVM: arm64: Preserve PSTATE.SS for the guest while single-step is enabled (git-fixes). * kabi: fix after KVM: arm64: mixed-width check should be skipped for uninitialized vCPUs (git-fixes). * kabi: fix after kvm: add guest_state_{enter,exit}_irqoff() (git-fixes). * kbuild, bpf: Use test-ge check for v1.25-only pahole (bsc#1230414 bsc#1229450). * kbuild,bpf: Add module-specific pahole flags for distilled base BTF (bsc#1230414 bsc#1229450). * kbuild,bpf: Switch to using --btf_features for pahole v1.26 and later (bsc#1230414 bsc#1229450). * kbuild: add test-{ge,gt,le,lt} macros (bsc#1230414 bsc#1229450). * kbuild: avoid too many execution of scripts/pahole-flags.sh (bsc#1230414 bsc#1229450). * kbuild: bpf: Tell pahole to DECL_TAG kfuncs (bsc#1230414 bsc#1229450). * kvm/arm64: rework guest entry logic (git-fixes). * kvm: Add support for arch compat vm ioctls (git-fixes). * kvm: add guest_state_{enter,exit}_irqoff() (git-fixes). * media: videobuf2-core: clear memory related fields in __vb2_plane_dmabuf_put() (stable-fixes). * module: abort module loading when sysfs setup suffer errors (git-fixes). * nbd: fix race between timeout and normal completion (bsc#1230918). * net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX (bsc#1226797) * net: add more sanity check in virtio_net_hdr_to_skb() (git-fixes). * net: mana: Implement get_ringparam/set_ringparam for mana (bsc#1229891). * net: mana: Improve mana_set_channels() in low mem conditions (bsc#1230289). * net: socket: suppress unused warning (git-fixes). * net: test for not too small csum_start in virtio_net_hdr_to_skb() (git- fixes). * net: usb: usbnet: fix name regression (git-fixes). * netdevsim: use cond_resched() in nsim_dev_trap_report_work() (git-fixes). * nfs: fix memory leak in error path of nfs4_do_reclaim (git-fixes). * nfsd: call cache_put if xdr_reserve_space returns NULL (git-fixes). * nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (git-fixes). * nfsd: fix refcount leak when file is unhashed after being found (git-fixes). * nfsd: map the EBADMSG to nfserr_io to avoid warning (git-fixes). * nfsd: remove unneeded EEXIST error check in nfsd_do_file_acquire (git- fixes). * nfsd: return -EINVAL when namelen is 0 (git-fixes). * nilfs2: fix kernel bug due to missing clearing of buffer delay flag (git- fixes). * nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error (git- fixes). * ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() (git- fixes). * ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition (stable-fixes). * nvme-multipath: system fails to create generic nvme device (git-fixes). * nvme-pci: qdepth 1 quirk (git-fixes). * nvmet-auth: assign dh_key to NULL after kfree_sensitive (git-fixes). * ocfs2: fix the la space leak when unmounting an ocfs2 volume (git-fixes). * ocfs2: fix uninit-value in ocfs2_get_block() (git-fixes). * ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (git-fixes). * parport: Proper fix for array out-of-bounds access (git-fixes). * platform/surface: aggregator_registry: Add support for Surface Laptop Go 3 (stable-fixes). * platform/x86: touchscreen_dmi: add nanote-next quirk (stable-fixes). * power: reset: brcmstb: Do not go into infinite loop if reset fails (stable- fixes). * powerpc/64: Convert patch_instruction() to patch_u32() (bsc#1194869). * powerpc/boot: Handle allocation failure in simple_realloc() (bsc#1194869). * powerpc/boot: Only free if realloc() succeeds (bsc#1194869). * powerpc/code-patching: Add generic memory patching (bsc#1194869). * powerpc/code-patching: Consolidate and cache per-cpu patching context (bsc#1194869). * powerpc/code-patching: Do not call is_vmalloc_or_module_addr() without CONFIG_MODULES (bsc#1194869). * powerpc/code-patching: Fix error handling in do_patch_instruction() (bsc#1194869). * powerpc/code-patching: Fix oops with DEBUG_VM enabled (bsc#1194869). * powerpc/code-patching: Fix unmap_patch_area() error handling (bsc#1194869). * powerpc/code-patching: Perform hwsync in __patch_instruction() in case of failure (bsc#1194869). * powerpc/code-patching: Pre-map patch area (bsc#1194869). * powerpc/code-patching: Remove #ifdef CONFIG_STRICT_KERNEL_RWX (bsc#1194869). * powerpc/code-patching: Remove pr_debug()/pr_devel() messages and fix check() (bsc#1194869). * powerpc/code-patching: Reorganise do_patch_instruction() to ease error handling (bsc#1194869). * powerpc/code-patching: Speed up page mapping/unmapping (bsc#1194869). * powerpc/code-patching: Use WARN_ON and fix check in poking_init (bsc#1194869). * powerpc/code-patching: Use jump_label to check if poking_init() is done (bsc#1194869). * powerpc/code-patching: Use temporary mm for Radix MMU (bsc#1194869). * powerpc/code-patching: introduce patch_instructions() (bsc#1194869). * powerpc/ftrace: Use patch_instruction() return directly (bsc#1194869). * powerpc/imc-pmu: Fix use of mutex in IRQs disabled section (bsc#1054914 git- fixes). * powerpc/imc-pmu: Use the correct spinlock initializer (bsc#1054914 git- fixes). * powerpc/inst: Refactor ___get_user_instr() (bsc#1194869). * powerpc/lib: Add __init attribute to eligible functions (bsc#1194869). * powerpc/tlb: Add local flush for page given mm_struct and psize (bsc#1194869). * powerpc/vdso: Fix VDSO data access when running in a non-root time namespace (bsc#1194869). * powerpc/vdso: Merge vdso64 and vdso32 into a single directory (bsc#1194869). * powerpc/vdso: Rework VDSO32 makefile to add a prefix to object files (bsc#1194869). * powerpc/vdso: augment VDSO32 functions to support 64 bits build (bsc#1194869). * powerpc/xics: Check return value of kasprintf in icp_native_map_one_cpu (bsc#1194869). * powerpc/xmon: Fix disassembly CPU feature checks (bsc#1065729). * powerpc: Allow clearing and restoring registers independent of saved breakpoint state (bsc#1194869). * rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow (bsc#1226631). * rcu: Add rcutree.nohz_full_patience_delay to reduce nohz_full (bsc#1231327) * s390/mm: Add cond_resched() to cmm_alloc/free_pages() (bsc#1228747). * s390/sclp_vt220: Convert newlines to CRLF instead of LFCR (git-fixes bsc#1232632). * sched/isolation: Prevent boot crash when the boot CPU is (bsc#1231327) * scsi: NCR5380: Check for phase match during PDMA fixup (git-fixes). * scsi: aacraid: Rearrange order of struct aac_srb_unit (git-fixes). * scsi: core: Fix the return value of scsi_logical_block_count() (git-fixes). * scsi: core: Handle devices which return an unusually large VPD page count (git-fixes). * scsi: core: alua: I/O errors for ALUA state transitions (git-fixes). * scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() (git-fixes). * scsi: fnic: Move flush_work initialization out of if block (bsc#1230055). * scsi: hpsa: Fix allocation size for Scsi_Host private data (git-fixes). * scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed (git-fixes). * scsi: libsas: Fix the failure of adding phy with zero-address to port (git- fixes). * scsi: lpfc: Add ELS_RSP cmd to the list of WQEs to flush in lpfc_els_flush_cmd() (bsc#1232757). * scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1232757). * scsi: lpfc: Fix kref imbalance on fabric ndlps from dev_loss_tmo handler (bsc#1232757). * scsi: lpfc: Remove trailing space after \n newline (bsc#1232757). * scsi: lpfc: Restrict support for 32 byte CDBs to specific HBAs (git-fixes). * scsi: lpfc: Revise TRACE_EVENT log flag severities from KERN_ERR to KERN_WARNING (bsc#1232757). * scsi: lpfc: Support loopback tests with VMID enabled (bsc#1232757). * scsi: lpfc: Update lpfc version to 14.4.0.5 (bsc#1232757). * scsi: lpfc: Update phba link state conditional before sending CMF_SYNC_WQE (bsc#1232757). * scsi: mac_scsi: Disallow bus errors during PDMA send (git-fixes). * scsi: mac_scsi: Refactor polling loop (git-fixes). * scsi: mac_scsi: Revise printk(KERN_DEBUG ...) messages (git-fixes). * scsi: mpi3mr: Avoid IOMMU page faults on REPORT ZONES (git-fixes). * scsi: mpi3mr: Fix ATA NCQ priority support (git-fixes). * scsi: mpt3sas: Avoid IOMMU page faults on REPORT ZONES (git-fixes). * scsi: qedf: Set qed_slowpath_params to zero before use (git-fixes). * scsi: smartpqi: correct stream detection (git-fixes). * scsi: smartpqi: revert propagate-the-multipath-failure-to-SML-quickly (git- fixes). * scsi: spi: Fix sshdr use (git-fixes). * scsi: wd33c93: Do not use stale scsi_pointer value (git-fixes). * selftests/bpf: Add a test case to write mtu result into .rodata (git-fixes). * selftests/bpf: Add a test case to write strtol result into .rodata (git- fixes). * selftests/bpf: Fix ARG_PTR_TO_LONG {half-,}uninitialized test (git-fixes). * selftests/bpf: Rename ARG_PTR_TO_LONG test description (git-fixes). * selftests/bpf: test for malformed BPF_CORE_TYPE_ID_LOCAL relocation (git- fixes). * spi: bcm63xx: Enable module autoloading (stable-fixes). * spi: bcm63xx: Fix module autoloading (git-fixes). * spi: lpspi: Silence error message upon deferred probe (stable-fixes). * spi: lpspi: Simplify some error message (git-fixes). * spi: lpspi: release requested DMA channels (stable-fixes). * spi: ppc4xx: Avoid returning 0 when failed to parse and map IRQ (git-fixes). * spi: ppc4xx: handle irq_of_parse_and_map() errors (git-fixes). * spi: s3c64xx: fix timeout counters in flush_fifo (git-fixes). * spi: spi-fsl-lpspi: Undo runtime PM changes at driver exit time (git-fixes). * spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm enabled (git- fixes). * spi: spidev: Add missing spi_device_id for jg10309-01 (git-fixes). * static_call: Do not make __static_call_return0 static (git-fixes). * tracing/hwlat: Fix a race during cpuhp processing (git-fixes). * tracing/uprobes: Use trace_event_buffer_reserve() helper (git-fixes). * tracing: Consider the NULL character when validating the event length (git- fixes). * uprobe: avoid out-of-bounds memory access of fetching args (git-fixes). * uprobes: encapsulate preparation of uprobe args buffer (git-fixes). * usb: chipidea: udc: enable suspend interrupt after usb reset (stable-fixes). * usb: dwc2: Adjust the timing of USB Driver Interrupt Registration in the Crashkernel Scenario (stable-fixes). * usb: dwc3: core: Stop processing of pending events if controller is halted (git-fixes). * usb: gadget: core: force synchronous registration (git-fixes). * usb: storage: ignore bogus device raised by JieLi BR21 USB sound chip (stable-fixes). * usb: typec: altmode should keep reference to parent (git-fixes). * usb: xhci: Fix problem with xhci resume from suspend (stable-fixes). * usb: yurex: Fix inconsistent locking bug in yurex_read() (git-fixes). * usb: yurex: Replace snprintf() with the safer scnprintf() variant (stable- fixes). * usbnet: ipheth: fix carrier detection in modes 1 and 4 (stable-fixes). * vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (git-fixes). * vhost_vdpa: assign irq bypass producer token correctly (git-fixes). * virtio-net: synchronize probe with ndo_set_features (git-fixes). * virtio_console: fix misc probe bugs (git-fixes). * virtio_net: fixing XDP for fully checksummed packets handling (git-fixes). * vmxnet3: add command to allow disabling of offloads (bsc#1226498). * vmxnet3: add latency measurement support in vmxnet3 (bsc#1226498). * vmxnet3: prepare for version 9 changes (bsc#1226498). * vmxnet3: update to version 9 (bsc#1226498). * vsock/virtio: fix packet delivery to tap device (git-fixes). * wifi: ath11k: fix array out-of-bound access in SoC stats (stable-fixes). * wifi: ath9k: Remove error checks when creating debugfs entries (git-fixes). * wifi: ath9k: fix parameter check in ath9k_init_debug() (stable-fixes). * wifi: ath9k: fix possible integer overflow in ath9k_get_et_stats() (stable- fixes). * wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (stable-fixes). * wifi: iwlwifi: clear trans->state earlier upon error (stable-fixes). * wifi: iwlwifi: lower message level for FW buffer destination (stable-fixes). * wifi: iwlwifi: mvm: fix iwl_mvm_scan_fits() calculation (stable-fixes). * wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() (stable-fixes). * wifi: rtw88: select WANT_DEV_COREDUMP (stable-fixes). * workqueue: Avoid using isolated cpus' timers on (bsc#1231327) * workqueue: mark power efficient workqueue as unbounded if (bsc#1231327) * x86/bugs: Do not use UNTRAIN_RET with IBPB on entry (git-fixes). * x86/bugs: Skip RSB fill at VMEXIT (git-fixes). * x86/cpufeatures: Add a IBPB_NO_RET BUG flag (git-fixes). * x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET (git-fixes). * x86/entry: Have entry_ibpb() invalidate return predictions (git-fixes). * x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency (git-fixes). * x86/kaslr: Expose and use the end of the physical memory address space (bsc#1230405). * xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (bsc#1216813). * xhci: Fix incorrect stream context type macro (git-fixes). * xhci: Mitigate failed set dequeue pointer commands (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Real Time Module 15-SP5 zypper in -t patch SUSE-SLE-Module-RT-15-SP5-2024-3985=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3985=1 openSUSE-SLE-15.5-2024-3985=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3985=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3985=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3985=1 ## Package List: * SUSE Real Time Module 15-SP5 (x86_64) * kernel-rt_debug-debugsource-5.14.21-150500.13.76.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.76.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.76.1 * kernel-rt_debug-devel-5.14.21-150500.13.76.1 * kernel-rt_debug-vdso-5.14.21-150500.13.76.1 * dlm-kmp-rt-5.14.21-150500.13.76.1 * ocfs2-kmp-rt-5.14.21-150500.13.76.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.76.1 * kernel-rt-vdso-5.14.21-150500.13.76.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.76.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.76.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.76.1 * cluster-md-kmp-rt-5.14.21-150500.13.76.1 * kernel-syms-rt-5.14.21-150500.13.76.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.76.1 * kernel-rt-debugsource-5.14.21-150500.13.76.1 * kernel-rt-devel-5.14.21-150500.13.76.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.76.1 * kernel-rt-debuginfo-5.14.21-150500.13.76.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.76.1 * gfs2-kmp-rt-5.14.21-150500.13.76.1 * SUSE Real Time Module 15-SP5 (noarch) * kernel-source-rt-5.14.21-150500.13.76.1 * kernel-devel-rt-5.14.21-150500.13.76.1 * SUSE Real Time Module 15-SP5 (nosrc x86_64) * kernel-rt_debug-5.14.21-150500.13.76.1 * kernel-rt-5.14.21-150500.13.76.1 * openSUSE Leap 15.5 (noarch) * kernel-source-rt-5.14.21-150500.13.76.1 * kernel-devel-rt-5.14.21-150500.13.76.1 * openSUSE Leap 15.5 (x86_64) * kernel-rt_debug-debugsource-5.14.21-150500.13.76.1 * reiserfs-kmp-rt-5.14.21-150500.13.76.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.76.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.76.1 * kselftests-kmp-rt-5.14.21-150500.13.76.1 * kernel-livepatch-SLE15-SP5-RT_Update_22-debugsource-1-150500.11.3.1 * kernel-rt_debug-livepatch-devel-5.14.21-150500.13.76.1 * kernel-rt-optional-5.14.21-150500.13.76.1 * kernel-rt-livepatch-devel-5.14.21-150500.13.76.1 * kernel-rt_debug-devel-5.14.21-150500.13.76.1 * kernel-rt_debug-vdso-5.14.21-150500.13.76.1 * dlm-kmp-rt-5.14.21-150500.13.76.1 * kernel-livepatch-5_14_21-150500_13_76-rt-1-150500.11.3.1 * ocfs2-kmp-rt-5.14.21-150500.13.76.1 * kernel-rt-extra-5.14.21-150500.13.76.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.76.1 * kernel-rt-vdso-5.14.21-150500.13.76.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.76.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.76.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.76.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.76.1 * cluster-md-kmp-rt-5.14.21-150500.13.76.1 * kernel-syms-rt-5.14.21-150500.13.76.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.76.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.76.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.76.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.76.1 * kernel-rt-debugsource-5.14.21-150500.13.76.1 * kernel-rt-devel-5.14.21-150500.13.76.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.76.1 * kernel-rt-debuginfo-5.14.21-150500.13.76.1 * kernel-livepatch-5_14_21-150500_13_76-rt-debuginfo-1-150500.11.3.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.76.1 * kernel-rt-livepatch-5.14.21-150500.13.76.1 * gfs2-kmp-rt-5.14.21-150500.13.76.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt_debug-5.14.21-150500.13.76.1 * kernel-rt-5.14.21-150500.13.76.1 * openSUSE Leap Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.76.1 * openSUSE Leap Micro 5.5 (x86_64) * kernel-rt-debugsource-5.14.21-150500.13.76.1 * kernel-rt-debuginfo-5.14.21-150500.13.76.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.76.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debugsource-5.14.21-150500.13.76.1 * kernel-rt-debuginfo-5.14.21-150500.13.76.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.76.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_76-rt-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_13_76-rt-debuginfo-1-150500.11.3.1 * kernel-livepatch-SLE15-SP5-RT_Update_22-debugsource-1-150500.11.3.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47416.html * https://www.suse.com/security/cve/CVE-2021-47534.html * https://www.suse.com/security/cve/CVE-2022-3435.html * https://www.suse.com/security/cve/CVE-2022-45934.html * https://www.suse.com/security/cve/CVE-2022-48664.html * https://www.suse.com/security/cve/CVE-2022-48879.html * https://www.suse.com/security/cve/CVE-2022-48946.html * https://www.suse.com/security/cve/CVE-2022-48947.html * https://www.suse.com/security/cve/CVE-2022-48948.html * https://www.suse.com/security/cve/CVE-2022-48949.html * https://www.suse.com/security/cve/CVE-2022-48951.html * https://www.suse.com/security/cve/CVE-2022-48953.html * https://www.suse.com/security/cve/CVE-2022-48954.html * https://www.suse.com/security/cve/CVE-2022-48955.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2022-48957.html * https://www.suse.com/security/cve/CVE-2022-48958.html * https://www.suse.com/security/cve/CVE-2022-48959.html * https://www.suse.com/security/cve/CVE-2022-48960.html * https://www.suse.com/security/cve/CVE-2022-48961.html * https://www.suse.com/security/cve/CVE-2022-48962.html * https://www.suse.com/security/cve/CVE-2022-48966.html * https://www.suse.com/security/cve/CVE-2022-48967.html * https://www.suse.com/security/cve/CVE-2022-48968.html * https://www.suse.com/security/cve/CVE-2022-48969.html * https://www.suse.com/security/cve/CVE-2022-48970.html * https://www.suse.com/security/cve/CVE-2022-48971.html * https://www.suse.com/security/cve/CVE-2022-48972.html * https://www.suse.com/security/cve/CVE-2022-48973.html * https://www.suse.com/security/cve/CVE-2022-48975.html * https://www.suse.com/security/cve/CVE-2022-48977.html * https://www.suse.com/security/cve/CVE-2022-48978.html * https://www.suse.com/security/cve/CVE-2022-48980.html * https://www.suse.com/security/cve/CVE-2022-48981.html * https://www.suse.com/security/cve/CVE-2022-48985.html * https://www.suse.com/security/cve/CVE-2022-48987.html * https://www.suse.com/security/cve/CVE-2022-48988.html * https://www.suse.com/security/cve/CVE-2022-48991.html * https://www.suse.com/security/cve/CVE-2022-48992.html * https://www.suse.com/security/cve/CVE-2022-48994.html * https://www.suse.com/security/cve/CVE-2022-48995.html * https://www.suse.com/security/cve/CVE-2022-48997.html * https://www.suse.com/security/cve/CVE-2022-48999.html * https://www.suse.com/security/cve/CVE-2022-49000.html * https://www.suse.com/security/cve/CVE-2022-49002.html * https://www.suse.com/security/cve/CVE-2022-49003.html * https://www.suse.com/security/cve/CVE-2022-49005.html * https://www.suse.com/security/cve/CVE-2022-49006.html * https://www.suse.com/security/cve/CVE-2022-49007.html * https://www.suse.com/security/cve/CVE-2022-49010.html * https://www.suse.com/security/cve/CVE-2022-49011.html * https://www.suse.com/security/cve/CVE-2022-49012.html * https://www.suse.com/security/cve/CVE-2022-49014.html * https://www.suse.com/security/cve/CVE-2022-49015.html * https://www.suse.com/security/cve/CVE-2022-49016.html * https://www.suse.com/security/cve/CVE-2022-49017.html * https://www.suse.com/security/cve/CVE-2022-49019.html * https://www.suse.com/security/cve/CVE-2022-49020.html * https://www.suse.com/security/cve/CVE-2022-49021.html * https://www.suse.com/security/cve/CVE-2022-49022.html * https://www.suse.com/security/cve/CVE-2022-49023.html * https://www.suse.com/security/cve/CVE-2022-49024.html * https://www.suse.com/security/cve/CVE-2022-49025.html * https://www.suse.com/security/cve/CVE-2022-49026.html * https://www.suse.com/security/cve/CVE-2022-49027.html * https://www.suse.com/security/cve/CVE-2022-49028.html * https://www.suse.com/security/cve/CVE-2022-49029.html * https://www.suse.com/security/cve/CVE-2022-49031.html * https://www.suse.com/security/cve/CVE-2022-49032.html * https://www.suse.com/security/cve/CVE-2023-2166.html * https://www.suse.com/security/cve/CVE-2023-28327.html * https://www.suse.com/security/cve/CVE-2023-52766.html * https://www.suse.com/security/cve/CVE-2023-52800.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2023-52919.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-36244.html * https://www.suse.com/security/cve/CVE-2024-36957.html * https://www.suse.com/security/cve/CVE-2024-39476.html * https://www.suse.com/security/cve/CVE-2024-40965.html * https://www.suse.com/security/cve/CVE-2024-42145.html * https://www.suse.com/security/cve/CVE-2024-42226.html * https://www.suse.com/security/cve/CVE-2024-42253.html * https://www.suse.com/security/cve/CVE-2024-44931.html * https://www.suse.com/security/cve/CVE-2024-44947.html * https://www.suse.com/security/cve/CVE-2024-44958.html * https://www.suse.com/security/cve/CVE-2024-45016.html * https://www.suse.com/security/cve/CVE-2024-45025.html * https://www.suse.com/security/cve/CVE-2024-46678.html * https://www.suse.com/security/cve/CVE-2024-46716.html * https://www.suse.com/security/cve/CVE-2024-46719.html * https://www.suse.com/security/cve/CVE-2024-46754.html * https://www.suse.com/security/cve/CVE-2024-46770.html * https://www.suse.com/security/cve/CVE-2024-46775.html * https://www.suse.com/security/cve/CVE-2024-46777.html * https://www.suse.com/security/cve/CVE-2024-46809.html * https://www.suse.com/security/cve/CVE-2024-46811.html * https://www.suse.com/security/cve/CVE-2024-46813.html * https://www.suse.com/security/cve/CVE-2024-46814.html * https://www.suse.com/security/cve/CVE-2024-46815.html * https://www.suse.com/security/cve/CVE-2024-46816.html * https://www.suse.com/security/cve/CVE-2024-46817.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-46826.html * https://www.suse.com/security/cve/CVE-2024-46828.html * https://www.suse.com/security/cve/CVE-2024-46834.html * https://www.suse.com/security/cve/CVE-2024-46840.html * https://www.suse.com/security/cve/CVE-2024-46841.html * https://www.suse.com/security/cve/CVE-2024-46848.html * https://www.suse.com/security/cve/CVE-2024-46849.html * https://www.suse.com/security/cve/CVE-2024-46854.html * https://www.suse.com/security/cve/CVE-2024-46855.html * https://www.suse.com/security/cve/CVE-2024-46857.html * https://www.suse.com/security/cve/CVE-2024-47660.html * https://www.suse.com/security/cve/CVE-2024-47661.html * https://www.suse.com/security/cve/CVE-2024-47664.html * https://www.suse.com/security/cve/CVE-2024-47668.html * https://www.suse.com/security/cve/CVE-2024-47672.html * https://www.suse.com/security/cve/CVE-2024-47673.html * https://www.suse.com/security/cve/CVE-2024-47674.html * https://www.suse.com/security/cve/CVE-2024-47684.html * https://www.suse.com/security/cve/CVE-2024-47685.html * https://www.suse.com/security/cve/CVE-2024-47692.html * https://www.suse.com/security/cve/CVE-2024-47704.html * https://www.suse.com/security/cve/CVE-2024-47705.html * https://www.suse.com/security/cve/CVE-2024-47706.html * https://www.suse.com/security/cve/CVE-2024-47707.html * https://www.suse.com/security/cve/CVE-2024-47710.html * https://www.suse.com/security/cve/CVE-2024-47720.html * https://www.suse.com/security/cve/CVE-2024-47727.html * https://www.suse.com/security/cve/CVE-2024-47730.html * https://www.suse.com/security/cve/CVE-2024-47738.html * https://www.suse.com/security/cve/CVE-2024-47739.html * https://www.suse.com/security/cve/CVE-2024-47745.html * https://www.suse.com/security/cve/CVE-2024-47747.html * https://www.suse.com/security/cve/CVE-2024-47748.html * https://www.suse.com/security/cve/CVE-2024-49858.html * https://www.suse.com/security/cve/CVE-2024-49860.html * https://www.suse.com/security/cve/CVE-2024-49866.html * https://www.suse.com/security/cve/CVE-2024-49867.html * https://www.suse.com/security/cve/CVE-2024-49881.html * https://www.suse.com/security/cve/CVE-2024-49882.html * https://www.suse.com/security/cve/CVE-2024-49883.html * https://www.suse.com/security/cve/CVE-2024-49886.html * https://www.suse.com/security/cve/CVE-2024-49890.html * https://www.suse.com/security/cve/CVE-2024-49892.html * https://www.suse.com/security/cve/CVE-2024-49894.html * https://www.suse.com/security/cve/CVE-2024-49895.html * https://www.suse.com/security/cve/CVE-2024-49896.html * https://www.suse.com/security/cve/CVE-2024-49897.html * https://www.suse.com/security/cve/CVE-2024-49899.html * https://www.suse.com/security/cve/CVE-2024-49901.html * https://www.suse.com/security/cve/CVE-2024-49906.html * https://www.suse.com/security/cve/CVE-2024-49908.html * https://www.suse.com/security/cve/CVE-2024-49909.html * https://www.suse.com/security/cve/CVE-2024-49911.html * https://www.suse.com/security/cve/CVE-2024-49912.html * https://www.suse.com/security/cve/CVE-2024-49913.html * https://www.suse.com/security/cve/CVE-2024-49914.html * https://www.suse.com/security/cve/CVE-2024-49917.html * https://www.suse.com/security/cve/CVE-2024-49918.html * https://www.suse.com/security/cve/CVE-2024-49919.html * https://www.suse.com/security/cve/CVE-2024-49920.html * https://www.suse.com/security/cve/CVE-2024-49922.html * https://www.suse.com/security/cve/CVE-2024-49923.html * https://www.suse.com/security/cve/CVE-2024-49929.html * https://www.suse.com/security/cve/CVE-2024-49930.html * https://www.suse.com/security/cve/CVE-2024-49933.html * https://www.suse.com/security/cve/CVE-2024-49936.html * https://www.suse.com/security/cve/CVE-2024-49939.html * https://www.suse.com/security/cve/CVE-2024-49946.html * https://www.suse.com/security/cve/CVE-2024-49949.html * https://www.suse.com/security/cve/CVE-2024-49954.html * https://www.suse.com/security/cve/CVE-2024-49955.html * https://www.suse.com/security/cve/CVE-2024-49958.html * https://www.suse.com/security/cve/CVE-2024-49959.html * https://www.suse.com/security/cve/CVE-2024-49960.html * https://www.suse.com/security/cve/CVE-2024-49962.html * https://www.suse.com/security/cve/CVE-2024-49967.html * https://www.suse.com/security/cve/CVE-2024-49969.html * https://www.suse.com/security/cve/CVE-2024-49973.html * https://www.suse.com/security/cve/CVE-2024-49974.html * https://www.suse.com/security/cve/CVE-2024-49975.html * https://www.suse.com/security/cve/CVE-2024-49982.html * https://www.suse.com/security/cve/CVE-2024-49991.html * https://www.suse.com/security/cve/CVE-2024-49993.html * https://www.suse.com/security/cve/CVE-2024-49995.html * https://www.suse.com/security/cve/CVE-2024-49996.html * https://www.suse.com/security/cve/CVE-2024-50000.html * https://www.suse.com/security/cve/CVE-2024-50001.html * https://www.suse.com/security/cve/CVE-2024-50002.html * https://www.suse.com/security/cve/CVE-2024-50006.html * https://www.suse.com/security/cve/CVE-2024-50014.html * https://www.suse.com/security/cve/CVE-2024-50019.html * https://www.suse.com/security/cve/CVE-2024-50024.html * https://www.suse.com/security/cve/CVE-2024-50028.html * https://www.suse.com/security/cve/CVE-2024-50033.html * https://www.suse.com/security/cve/CVE-2024-50035.html * https://www.suse.com/security/cve/CVE-2024-50041.html * https://www.suse.com/security/cve/CVE-2024-50045.html * https://www.suse.com/security/cve/CVE-2024-50046.html * https://www.suse.com/security/cve/CVE-2024-50047.html * https://www.suse.com/security/cve/CVE-2024-50048.html * https://www.suse.com/security/cve/CVE-2024-50049.html * https://www.suse.com/security/cve/CVE-2024-50055.html * https://www.suse.com/security/cve/CVE-2024-50058.html * https://www.suse.com/security/cve/CVE-2024-50059.html * https://www.suse.com/security/cve/CVE-2024-50061.html * https://www.suse.com/security/cve/CVE-2024-50063.html * https://www.suse.com/security/cve/CVE-2024-50081.html * https://bugzilla.suse.com/show_bug.cgi?id=1054914 * https://bugzilla.suse.com/show_bug.cgi?id=1065729 * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1204171 * https://bugzilla.suse.com/show_bug.cgi?id=1205796 * https://bugzilla.suse.com/show_bug.cgi?id=1206188 * https://bugzilla.suse.com/show_bug.cgi?id=1206344 * https://bugzilla.suse.com/show_bug.cgi?id=1209290 * https://bugzilla.suse.com/show_bug.cgi?id=1210449 * https://bugzilla.suse.com/show_bug.cgi?id=1210627 * https://bugzilla.suse.com/show_bug.cgi?id=1213034 * https://bugzilla.suse.com/show_bug.cgi?id=1216813 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1223524 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1225189 * https://bugzilla.suse.com/show_bug.cgi?id=1225336 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1225762 * https://bugzilla.suse.com/show_bug.cgi?id=1226498 * https://bugzilla.suse.com/show_bug.cgi?id=1226631 * https://bugzilla.suse.com/show_bug.cgi?id=1226797 * https://bugzilla.suse.com/show_bug.cgi?id=1227437 * https://bugzilla.suse.com/show_bug.cgi?id=1227885 * https://bugzilla.suse.com/show_bug.cgi?id=1228119 * https://bugzilla.suse.com/show_bug.cgi?id=1228269 * https://bugzilla.suse.com/show_bug.cgi?id=1228709 * https://bugzilla.suse.com/show_bug.cgi?id=1228743 * https://bugzilla.suse.com/show_bug.cgi?id=1228747 * https://bugzilla.suse.com/show_bug.cgi?id=1229005 * https://bugzilla.suse.com/show_bug.cgi?id=1229019 * https://bugzilla.suse.com/show_bug.cgi?id=1229450 * https://bugzilla.suse.com/show_bug.cgi?id=1229454 * https://bugzilla.suse.com/show_bug.cgi?id=1229456 * https://bugzilla.suse.com/show_bug.cgi?id=1229556 * https://bugzilla.suse.com/show_bug.cgi?id=1229769 * https://bugzilla.suse.com/show_bug.cgi?id=1229837 * https://bugzilla.suse.com/show_bug.cgi?id=1229891 * https://bugzilla.suse.com/show_bug.cgi?id=1230055 * https://bugzilla.suse.com/show_bug.cgi?id=1230179 * https://bugzilla.suse.com/show_bug.cgi?id=1230289 * https://bugzilla.suse.com/show_bug.cgi?id=1230405 * https://bugzilla.suse.com/show_bug.cgi?id=1230414 * https://bugzilla.suse.com/show_bug.cgi?id=1230429 * https://bugzilla.suse.com/show_bug.cgi?id=1230456 * https://bugzilla.suse.com/show_bug.cgi?id=1230550 * https://bugzilla.suse.com/show_bug.cgi?id=1230600 * https://bugzilla.suse.com/show_bug.cgi?id=1230620 * https://bugzilla.suse.com/show_bug.cgi?id=1230715 * https://bugzilla.suse.com/show_bug.cgi?id=1230722 * https://bugzilla.suse.com/show_bug.cgi?id=1230763 * https://bugzilla.suse.com/show_bug.cgi?id=1230773 * https://bugzilla.suse.com/show_bug.cgi?id=1230774 * https://bugzilla.suse.com/show_bug.cgi?id=1230801 * https://bugzilla.suse.com/show_bug.cgi?id=1230903 * https://bugzilla.suse.com/show_bug.cgi?id=1230918 * https://bugzilla.suse.com/show_bug.cgi?id=1231016 * https://bugzilla.suse.com/show_bug.cgi?id=1231072 * https://bugzilla.suse.com/show_bug.cgi?id=1231073 * https://bugzilla.suse.com/show_bug.cgi?id=1231084 * https://bugzilla.suse.com/show_bug.cgi?id=1231085 * https://bugzilla.suse.com/show_bug.cgi?id=1231087 * https://bugzilla.suse.com/show_bug.cgi?id=1231094 * https://bugzilla.suse.com/show_bug.cgi?id=1231096 * https://bugzilla.suse.com/show_bug.cgi?id=1231105 * https://bugzilla.suse.com/show_bug.cgi?id=1231114 * https://bugzilla.suse.com/show_bug.cgi?id=1231115 * https://bugzilla.suse.com/show_bug.cgi?id=1231148 * https://bugzilla.suse.com/show_bug.cgi?id=1231179 * https://bugzilla.suse.com/show_bug.cgi?id=1231191 * https://bugzilla.suse.com/show_bug.cgi?id=1231193 * https://bugzilla.suse.com/show_bug.cgi?id=1231195 * https://bugzilla.suse.com/show_bug.cgi?id=1231197 * https://bugzilla.suse.com/show_bug.cgi?id=1231200 * https://bugzilla.suse.com/show_bug.cgi?id=1231203 * https://bugzilla.suse.com/show_bug.cgi?id=1231277 * https://bugzilla.suse.com/show_bug.cgi?id=1231293 * https://bugzilla.suse.com/show_bug.cgi?id=1231327 * https://bugzilla.suse.com/show_bug.cgi?id=1231344 * https://bugzilla.suse.com/show_bug.cgi?id=1231375 * https://bugzilla.suse.com/show_bug.cgi?id=1231383 * https://bugzilla.suse.com/show_bug.cgi?id=1231439 * https://bugzilla.suse.com/show_bug.cgi?id=1231442 * https://bugzilla.suse.com/show_bug.cgi?id=1231496 * https://bugzilla.suse.com/show_bug.cgi?id=1231502 * https://bugzilla.suse.com/show_bug.cgi?id=1231539 * https://bugzilla.suse.com/show_bug.cgi?id=1231540 * https://bugzilla.suse.com/show_bug.cgi?id=1231578 * https://bugzilla.suse.com/show_bug.cgi?id=1231673 * https://bugzilla.suse.com/show_bug.cgi?id=1231857 * https://bugzilla.suse.com/show_bug.cgi?id=1231861 * https://bugzilla.suse.com/show_bug.cgi?id=1231872 * https://bugzilla.suse.com/show_bug.cgi?id=1231883 * https://bugzilla.suse.com/show_bug.cgi?id=1231885 * https://bugzilla.suse.com/show_bug.cgi?id=1231887 * https://bugzilla.suse.com/show_bug.cgi?id=1231888 * https://bugzilla.suse.com/show_bug.cgi?id=1231889 * https://bugzilla.suse.com/show_bug.cgi?id=1231890 * https://bugzilla.suse.com/show_bug.cgi?id=1231892 * https://bugzilla.suse.com/show_bug.cgi?id=1231893 * https://bugzilla.suse.com/show_bug.cgi?id=1231895 * https://bugzilla.suse.com/show_bug.cgi?id=1231896 * https://bugzilla.suse.com/show_bug.cgi?id=1231897 * https://bugzilla.suse.com/show_bug.cgi?id=1231902 * https://bugzilla.suse.com/show_bug.cgi?id=1231903 * https://bugzilla.suse.com/show_bug.cgi?id=1231907 * https://bugzilla.suse.com/show_bug.cgi?id=1231914 * https://bugzilla.suse.com/show_bug.cgi?id=1231929 * https://bugzilla.suse.com/show_bug.cgi?id=1231935 * https://bugzilla.suse.com/show_bug.cgi?id=1231936 * https://bugzilla.suse.com/show_bug.cgi?id=1231937 * https://bugzilla.suse.com/show_bug.cgi?id=1231938 * https://bugzilla.suse.com/show_bug.cgi?id=1231939 * https://bugzilla.suse.com/show_bug.cgi?id=1231940 * https://bugzilla.suse.com/show_bug.cgi?id=1231941 * https://bugzilla.suse.com/show_bug.cgi?id=1231942 * https://bugzilla.suse.com/show_bug.cgi?id=1231944 * https://bugzilla.suse.com/show_bug.cgi?id=1231950 * https://bugzilla.suse.com/show_bug.cgi?id=1231954 * https://bugzilla.suse.com/show_bug.cgi?id=1231958 * https://bugzilla.suse.com/show_bug.cgi?id=1231960 * https://bugzilla.suse.com/show_bug.cgi?id=1231961 * https://bugzilla.suse.com/show_bug.cgi?id=1231962 * https://bugzilla.suse.com/show_bug.cgi?id=1231965 * https://bugzilla.suse.com/show_bug.cgi?id=1231967 * https://bugzilla.suse.com/show_bug.cgi?id=1231968 * https://bugzilla.suse.com/show_bug.cgi?id=1231972 * https://bugzilla.suse.com/show_bug.cgi?id=1231973 * https://bugzilla.suse.com/show_bug.cgi?id=1231976 * https://bugzilla.suse.com/show_bug.cgi?id=1231979 * https://bugzilla.suse.com/show_bug.cgi?id=1231987 * https://bugzilla.suse.com/show_bug.cgi?id=1231988 * https://bugzilla.suse.com/show_bug.cgi?id=1231990 * https://bugzilla.suse.com/show_bug.cgi?id=1231991 * https://bugzilla.suse.com/show_bug.cgi?id=1231992 * https://bugzilla.suse.com/show_bug.cgi?id=1231995 * https://bugzilla.suse.com/show_bug.cgi?id=1231996 * https://bugzilla.suse.com/show_bug.cgi?id=1231997 * https://bugzilla.suse.com/show_bug.cgi?id=1231998 * https://bugzilla.suse.com/show_bug.cgi?id=1232001 * https://bugzilla.suse.com/show_bug.cgi?id=1232004 * https://bugzilla.suse.com/show_bug.cgi?id=1232005 * https://bugzilla.suse.com/show_bug.cgi?id=1232006 * https://bugzilla.suse.com/show_bug.cgi?id=1232007 * https://bugzilla.suse.com/show_bug.cgi?id=1232025 * https://bugzilla.suse.com/show_bug.cgi?id=1232026 * https://bugzilla.suse.com/show_bug.cgi?id=1232033 * https://bugzilla.suse.com/show_bug.cgi?id=1232034 * https://bugzilla.suse.com/show_bug.cgi?id=1232035 * https://bugzilla.suse.com/show_bug.cgi?id=1232036 * https://bugzilla.suse.com/show_bug.cgi?id=1232037 * https://bugzilla.suse.com/show_bug.cgi?id=1232038 * https://bugzilla.suse.com/show_bug.cgi?id=1232039 * https://bugzilla.suse.com/show_bug.cgi?id=1232043 * https://bugzilla.suse.com/show_bug.cgi?id=1232049 * https://bugzilla.suse.com/show_bug.cgi?id=1232067 * https://bugzilla.suse.com/show_bug.cgi?id=1232069 * https://bugzilla.suse.com/show_bug.cgi?id=1232070 * https://bugzilla.suse.com/show_bug.cgi?id=1232071 * https://bugzilla.suse.com/show_bug.cgi?id=1232075 * https://bugzilla.suse.com/show_bug.cgi?id=1232083 * https://bugzilla.suse.com/show_bug.cgi?id=1232084 * https://bugzilla.suse.com/show_bug.cgi?id=1232085 * https://bugzilla.suse.com/show_bug.cgi?id=1232089 * https://bugzilla.suse.com/show_bug.cgi?id=1232097 * https://bugzilla.suse.com/show_bug.cgi?id=1232104 * https://bugzilla.suse.com/show_bug.cgi?id=1232105 * https://bugzilla.suse.com/show_bug.cgi?id=1232108 * https://bugzilla.suse.com/show_bug.cgi?id=1232114 * https://bugzilla.suse.com/show_bug.cgi?id=1232116 * https://bugzilla.suse.com/show_bug.cgi?id=1232119 * https://bugzilla.suse.com/show_bug.cgi?id=1232120 * https://bugzilla.suse.com/show_bug.cgi?id=1232123 * https://bugzilla.suse.com/show_bug.cgi?id=1232124 * https://bugzilla.suse.com/show_bug.cgi?id=1232133 * https://bugzilla.suse.com/show_bug.cgi?id=1232135 * https://bugzilla.suse.com/show_bug.cgi?id=1232136 * https://bugzilla.suse.com/show_bug.cgi?id=1232140 * https://bugzilla.suse.com/show_bug.cgi?id=1232145 * https://bugzilla.suse.com/show_bug.cgi?id=1232149 * https://bugzilla.suse.com/show_bug.cgi?id=1232150 * https://bugzilla.suse.com/show_bug.cgi?id=1232151 * https://bugzilla.suse.com/show_bug.cgi?id=1232154 * https://bugzilla.suse.com/show_bug.cgi?id=1232155 * https://bugzilla.suse.com/show_bug.cgi?id=1232160 * https://bugzilla.suse.com/show_bug.cgi?id=1232163 * https://bugzilla.suse.com/show_bug.cgi?id=1232164 * https://bugzilla.suse.com/show_bug.cgi?id=1232170 * https://bugzilla.suse.com/show_bug.cgi?id=1232172 * https://bugzilla.suse.com/show_bug.cgi?id=1232174 * https://bugzilla.suse.com/show_bug.cgi?id=1232175 * https://bugzilla.suse.com/show_bug.cgi?id=1232191 * https://bugzilla.suse.com/show_bug.cgi?id=1232196 * https://bugzilla.suse.com/show_bug.cgi?id=1232199 * https://bugzilla.suse.com/show_bug.cgi?id=1232200 * https://bugzilla.suse.com/show_bug.cgi?id=1232201 * https://bugzilla.suse.com/show_bug.cgi?id=1232217 * https://bugzilla.suse.com/show_bug.cgi?id=1232220 * https://bugzilla.suse.com/show_bug.cgi?id=1232221 * https://bugzilla.suse.com/show_bug.cgi?id=1232229 * https://bugzilla.suse.com/show_bug.cgi?id=1232233 * https://bugzilla.suse.com/show_bug.cgi?id=1232237 * https://bugzilla.suse.com/show_bug.cgi?id=1232251 * https://bugzilla.suse.com/show_bug.cgi?id=1232253 * https://bugzilla.suse.com/show_bug.cgi?id=1232259 * https://bugzilla.suse.com/show_bug.cgi?id=1232260 * https://bugzilla.suse.com/show_bug.cgi?id=1232262 * https://bugzilla.suse.com/show_bug.cgi?id=1232263 * https://bugzilla.suse.com/show_bug.cgi?id=1232282 * https://bugzilla.suse.com/show_bug.cgi?id=1232285 * https://bugzilla.suse.com/show_bug.cgi?id=1232286 * https://bugzilla.suse.com/show_bug.cgi?id=1232304 * https://bugzilla.suse.com/show_bug.cgi?id=1232305 * https://bugzilla.suse.com/show_bug.cgi?id=1232307 * https://bugzilla.suse.com/show_bug.cgi?id=1232309 * https://bugzilla.suse.com/show_bug.cgi?id=1232310 * https://bugzilla.suse.com/show_bug.cgi?id=1232313 * https://bugzilla.suse.com/show_bug.cgi?id=1232314 * https://bugzilla.suse.com/show_bug.cgi?id=1232316 * https://bugzilla.suse.com/show_bug.cgi?id=1232329 * https://bugzilla.suse.com/show_bug.cgi?id=1232332 * https://bugzilla.suse.com/show_bug.cgi?id=1232335 * https://bugzilla.suse.com/show_bug.cgi?id=1232337 * https://bugzilla.suse.com/show_bug.cgi?id=1232342 * https://bugzilla.suse.com/show_bug.cgi?id=1232345 * https://bugzilla.suse.com/show_bug.cgi?id=1232352 * https://bugzilla.suse.com/show_bug.cgi?id=1232354 * https://bugzilla.suse.com/show_bug.cgi?id=1232355 * https://bugzilla.suse.com/show_bug.cgi?id=1232358 * https://bugzilla.suse.com/show_bug.cgi?id=1232361 * https://bugzilla.suse.com/show_bug.cgi?id=1232366 * https://bugzilla.suse.com/show_bug.cgi?id=1232367 * https://bugzilla.suse.com/show_bug.cgi?id=1232368 * https://bugzilla.suse.com/show_bug.cgi?id=1232369 * https://bugzilla.suse.com/show_bug.cgi?id=1232374 * https://bugzilla.suse.com/show_bug.cgi?id=1232381 * https://bugzilla.suse.com/show_bug.cgi?id=1232383 * https://bugzilla.suse.com/show_bug.cgi?id=1232392 * https://bugzilla.suse.com/show_bug.cgi?id=1232395 * https://bugzilla.suse.com/show_bug.cgi?id=1232418 * https://bugzilla.suse.com/show_bug.cgi?id=1232424 * https://bugzilla.suse.com/show_bug.cgi?id=1232432 * https://bugzilla.suse.com/show_bug.cgi?id=1232435 * https://bugzilla.suse.com/show_bug.cgi?id=1232442 * https://bugzilla.suse.com/show_bug.cgi?id=1232446 * https://bugzilla.suse.com/show_bug.cgi?id=1232501 * https://bugzilla.suse.com/show_bug.cgi?id=1232519 * https://bugzilla.suse.com/show_bug.cgi?id=1232630 * https://bugzilla.suse.com/show_bug.cgi?id=1232631 * https://bugzilla.suse.com/show_bug.cgi?id=1232632 * https://bugzilla.suse.com/show_bug.cgi?id=1232757 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 13 12:46:18 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 13 Nov 2024 12:46:18 -0000 Subject: SUSE-SU-2024:3984-1: important: Security update for the Linux Kernel Message-ID: <173150197828.4790.2946943091162949113@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3984-1 Release Date: 2024-11-13T10:13:14Z Rating: important References: * bsc#1065729 * bsc#1194869 * bsc#1217845 * bsc#1218562 * bsc#1219596 * bsc#1219803 * bsc#1220382 * bsc#1223384 * bsc#1223700 * bsc#1223824 * bsc#1223848 * bsc#1224088 * bsc#1224574 * bsc#1225611 * bsc#1226003 * bsc#1226498 * bsc#1226623 * bsc#1226631 * bsc#1226797 * bsc#1226848 * bsc#1228119 * bsc#1228244 * bsc#1228269 * bsc#1228410 * bsc#1228454 * bsc#1228537 * bsc#1228620 * bsc#1228743 * bsc#1228747 * bsc#1228857 * bsc#1229019 * bsc#1229429 * bsc#1229450 * bsc#1229585 * bsc#1229677 * bsc#1229769 * bsc#1229808 * bsc#1229891 * bsc#1230055 * bsc#1230132 * bsc#1230179 * bsc#1230220 * bsc#1230289 * bsc#1230295 * bsc#1230339 * bsc#1230341 * bsc#1230375 * bsc#1230414 * bsc#1230429 * bsc#1230456 * bsc#1230501 * bsc#1230527 * bsc#1230550 * bsc#1230600 * bsc#1230620 * bsc#1230710 * bsc#1230762 * bsc#1230763 * bsc#1230773 * bsc#1230774 * bsc#1230801 * bsc#1230831 * bsc#1230914 * bsc#1230918 * bsc#1231016 * bsc#1231035 * bsc#1231072 * bsc#1231073 * bsc#1231075 * bsc#1231081 * bsc#1231082 * bsc#1231083 * bsc#1231084 * bsc#1231085 * bsc#1231087 * bsc#1231089 * bsc#1231092 * bsc#1231093 * bsc#1231094 * bsc#1231096 * bsc#1231098 * bsc#1231100 * bsc#1231101 * bsc#1231102 * bsc#1231105 * bsc#1231108 * bsc#1231111 * bsc#1231114 * bsc#1231115 * bsc#1231116 * bsc#1231117 * bsc#1231131 * bsc#1231132 * bsc#1231135 * bsc#1231136 * bsc#1231138 * bsc#1231148 * bsc#1231169 * bsc#1231170 * bsc#1231171 * bsc#1231178 * bsc#1231179 * bsc#1231183 * bsc#1231187 * bsc#1231191 * bsc#1231193 * bsc#1231195 * bsc#1231197 * bsc#1231200 * bsc#1231202 * bsc#1231203 * bsc#1231276 * bsc#1231293 * bsc#1231384 * bsc#1231434 * bsc#1231435 * bsc#1231436 * bsc#1231439 * bsc#1231440 * bsc#1231441 * bsc#1231442 * bsc#1231452 * bsc#1231474 * bsc#1231481 * bsc#1231496 * bsc#1231502 * bsc#1231537 * bsc#1231539 * bsc#1231540 * bsc#1231541 * bsc#1231617 * bsc#1231634 * bsc#1231635 * bsc#1231636 * bsc#1231637 * bsc#1231638 * bsc#1231639 * bsc#1231640 * bsc#1231673 * bsc#1231828 * bsc#1231849 * bsc#1231855 * bsc#1231856 * bsc#1231857 * bsc#1231858 * bsc#1231859 * bsc#1231860 * bsc#1231861 * bsc#1231864 * bsc#1231865 * bsc#1231868 * bsc#1231869 * bsc#1231871 * bsc#1231872 * bsc#1231901 * bsc#1231902 * bsc#1231903 * bsc#1231904 * bsc#1231906 * bsc#1231907 * bsc#1231908 * bsc#1231914 * bsc#1231916 * bsc#1231924 * bsc#1231926 * bsc#1231931 * bsc#1231935 * bsc#1231942 * bsc#1231944 * bsc#1231947 * bsc#1231950 * bsc#1231951 * bsc#1231953 * bsc#1231954 * bsc#1231955 * bsc#1231956 * bsc#1231957 * bsc#1231965 * bsc#1231967 * bsc#1231968 * bsc#1231987 * bsc#1231988 * bsc#1231989 * bsc#1231990 * bsc#1231998 * bsc#1232000 * bsc#1232003 * bsc#1232009 * bsc#1232013 * bsc#1232015 * bsc#1232016 * bsc#1232017 * bsc#1232018 * bsc#1232033 * bsc#1232034 * bsc#1232036 * bsc#1232043 * bsc#1232047 * bsc#1232048 * bsc#1232049 * bsc#1232050 * bsc#1232056 * bsc#1232075 * bsc#1232076 * bsc#1232079 * bsc#1232080 * bsc#1232083 * bsc#1232084 * bsc#1232085 * bsc#1232089 * bsc#1232093 * bsc#1232094 * bsc#1232097 * bsc#1232098 * bsc#1232105 * bsc#1232109 * bsc#1232111 * bsc#1232114 * bsc#1232116 * bsc#1232117 * bsc#1232124 * bsc#1232126 * bsc#1232127 * bsc#1232129 * bsc#1232130 * bsc#1232131 * bsc#1232132 * bsc#1232134 * bsc#1232135 * bsc#1232140 * bsc#1232141 * bsc#1232142 * bsc#1232145 * bsc#1232147 * bsc#1232148 * bsc#1232149 * bsc#1232151 * bsc#1232152 * bsc#1232154 * bsc#1232155 * bsc#1232156 * bsc#1232159 * bsc#1232160 * bsc#1232162 * bsc#1232164 * bsc#1232174 * bsc#1232180 * bsc#1232182 * bsc#1232183 * bsc#1232185 * bsc#1232187 * bsc#1232189 * bsc#1232192 * bsc#1232195 * bsc#1232196 * bsc#1232199 * bsc#1232200 * bsc#1232201 * bsc#1232208 * bsc#1232217 * bsc#1232218 * bsc#1232220 * bsc#1232221 * bsc#1232222 * bsc#1232232 * bsc#1232250 * bsc#1232251 * bsc#1232253 * bsc#1232254 * bsc#1232255 * bsc#1232256 * bsc#1232259 * bsc#1232260 * bsc#1232262 * bsc#1232263 * bsc#1232275 * bsc#1232279 * bsc#1232282 * bsc#1232285 * bsc#1232287 * bsc#1232295 * bsc#1232305 * bsc#1232307 * bsc#1232309 * bsc#1232310 * bsc#1232312 * bsc#1232313 * bsc#1232314 * bsc#1232315 * bsc#1232316 * bsc#1232317 * bsc#1232329 * bsc#1232332 * bsc#1232333 * bsc#1232334 * bsc#1232335 * bsc#1232337 * bsc#1232339 * bsc#1232340 * bsc#1232342 * bsc#1232345 * bsc#1232349 * bsc#1232352 * bsc#1232354 * bsc#1232355 * bsc#1232359 * bsc#1232362 * bsc#1232369 * bsc#1232370 * bsc#1232378 * bsc#1232381 * bsc#1232383 * bsc#1232392 * bsc#1232394 * bsc#1232395 * bsc#1232417 * bsc#1232418 * bsc#1232424 * bsc#1232427 * bsc#1232432 * bsc#1232435 * bsc#1232501 * bsc#1232502 * bsc#1232503 * bsc#1232504 * bsc#1232505 * bsc#1232506 * bsc#1232507 * bsc#1232511 * bsc#1232519 * bsc#1232520 * bsc#1232529 * bsc#1232552 * bsc#1232623 * bsc#1232626 * bsc#1232627 * bsc#1232628 * bsc#1232629 * bsc#1232757 * bsc#1232768 * bsc#1232819 * jsc#PED-10559 * jsc#PED-10978 * jsc#PED-9899 * jsc#PED-9901 Cross-References: * CVE-2023-52766 * CVE-2023-52800 * CVE-2023-52881 * CVE-2023-52917 * CVE-2023-52918 * CVE-2023-52919 * CVE-2023-6270 * CVE-2024-26758 * CVE-2024-26761 * CVE-2024-26767 * CVE-2024-26943 * CVE-2024-27026 * CVE-2024-27043 * CVE-2024-35980 * CVE-2024-36244 * CVE-2024-38576 * CVE-2024-38577 * CVE-2024-38599 * CVE-2024-41016 * CVE-2024-41031 * CVE-2024-41047 * CVE-2024-41082 * CVE-2024-42145 * CVE-2024-44932 * CVE-2024-44958 * CVE-2024-44964 * CVE-2024-45016 * CVE-2024-45025 * CVE-2024-46678 * CVE-2024-46721 * CVE-2024-46754 * CVE-2024-46766 * CVE-2024-46770 * CVE-2024-46775 * CVE-2024-46777 * CVE-2024-46797 * CVE-2024-46802 * CVE-2024-46803 * CVE-2024-46804 * CVE-2024-46805 * CVE-2024-46806 * CVE-2024-46807 * CVE-2024-46809 * CVE-2024-46810 * CVE-2024-46811 * CVE-2024-46812 * CVE-2024-46813 * CVE-2024-46814 * CVE-2024-46815 * CVE-2024-46816 * CVE-2024-46817 * CVE-2024-46818 * CVE-2024-46819 * CVE-2024-46821 * CVE-2024-46825 * CVE-2024-46826 * CVE-2024-46827 * CVE-2024-46828 * CVE-2024-46830 * CVE-2024-46831 * CVE-2024-46834 * CVE-2024-46835 * CVE-2024-46836 * CVE-2024-46840 * CVE-2024-46841 * CVE-2024-46842 * CVE-2024-46843 * CVE-2024-46846 * CVE-2024-46848 * CVE-2024-46849 * CVE-2024-46851 * CVE-2024-46852 * CVE-2024-46853 * CVE-2024-46854 * CVE-2024-46855 * CVE-2024-46857 * CVE-2024-46859 * CVE-2024-46860 * CVE-2024-46861 * CVE-2024-46864 * CVE-2024-46870 * CVE-2024-46871 * CVE-2024-47658 * CVE-2024-47660 * CVE-2024-47661 * CVE-2024-47662 * CVE-2024-47663 * CVE-2024-47664 * CVE-2024-47665 * CVE-2024-47667 * CVE-2024-47668 * CVE-2024-47669 * CVE-2024-47670 * CVE-2024-47671 * CVE-2024-47672 * CVE-2024-47673 * CVE-2024-47674 * CVE-2024-47675 * CVE-2024-47681 * CVE-2024-47682 * CVE-2024-47684 * CVE-2024-47685 * CVE-2024-47686 * CVE-2024-47687 * CVE-2024-47688 * CVE-2024-47692 * CVE-2024-47693 * CVE-2024-47695 * CVE-2024-47696 * CVE-2024-47697 * CVE-2024-47698 * CVE-2024-47699 * CVE-2024-47702 * CVE-2024-47704 * CVE-2024-47705 * CVE-2024-47706 * CVE-2024-47707 * CVE-2024-47709 * CVE-2024-47710 * CVE-2024-47712 * CVE-2024-47713 * CVE-2024-47714 * CVE-2024-47715 * CVE-2024-47718 * CVE-2024-47719 * CVE-2024-47720 * CVE-2024-47723 * CVE-2024-47727 * CVE-2024-47728 * CVE-2024-47730 * CVE-2024-47731 * CVE-2024-47732 * CVE-2024-47735 * CVE-2024-47737 * CVE-2024-47738 * CVE-2024-47739 * CVE-2024-47741 * CVE-2024-47742 * CVE-2024-47743 * CVE-2024-47744 * CVE-2024-47745 * CVE-2024-47747 * CVE-2024-47748 * CVE-2024-47749 * CVE-2024-47750 * CVE-2024-47751 * CVE-2024-47752 * CVE-2024-47753 * CVE-2024-47754 * CVE-2024-47756 * CVE-2024-47757 * CVE-2024-49850 * CVE-2024-49851 * CVE-2024-49852 * CVE-2024-49853 * CVE-2024-49855 * CVE-2024-49858 * CVE-2024-49860 * CVE-2024-49861 * CVE-2024-49862 * CVE-2024-49863 * CVE-2024-49864 * CVE-2024-49866 * CVE-2024-49867 * CVE-2024-49870 * CVE-2024-49871 * CVE-2024-49874 * CVE-2024-49875 * CVE-2024-49877 * CVE-2024-49878 * CVE-2024-49879 * CVE-2024-49881 * CVE-2024-49882 * CVE-2024-49883 * CVE-2024-49886 * CVE-2024-49888 * CVE-2024-49890 * CVE-2024-49891 * CVE-2024-49892 * CVE-2024-49894 * CVE-2024-49895 * CVE-2024-49896 * CVE-2024-49897 * CVE-2024-49898 * CVE-2024-49900 * CVE-2024-49901 * CVE-2024-49902 * CVE-2024-49903 * CVE-2024-49906 * CVE-2024-49907 * CVE-2024-49908 * CVE-2024-49909 * CVE-2024-49913 * CVE-2024-49914 * CVE-2024-49917 * CVE-2024-49918 * CVE-2024-49919 * CVE-2024-49920 * CVE-2024-49928 * CVE-2024-49929 * CVE-2024-49930 * CVE-2024-49931 * CVE-2024-49935 * CVE-2024-49936 * CVE-2024-49937 * CVE-2024-49938 * CVE-2024-49939 * CVE-2024-49946 * CVE-2024-49947 * CVE-2024-49949 * CVE-2024-49950 * CVE-2024-49953 * CVE-2024-49954 * CVE-2024-49955 * CVE-2024-49957 * CVE-2024-49958 * CVE-2024-49959 * CVE-2024-49960 * CVE-2024-49961 * CVE-2024-49962 * CVE-2024-49963 * CVE-2024-49965 * CVE-2024-49966 * CVE-2024-49967 * CVE-2024-49969 * CVE-2024-49972 * CVE-2024-49973 * CVE-2024-49974 * CVE-2024-49981 * CVE-2024-49982 * CVE-2024-49985 * CVE-2024-49986 * CVE-2024-49991 * CVE-2024-49993 * CVE-2024-49995 * CVE-2024-49996 * CVE-2024-50000 * CVE-2024-50001 * CVE-2024-50002 * CVE-2024-50007 * CVE-2024-50008 * CVE-2024-50013 * CVE-2024-50015 * CVE-2024-50017 * CVE-2024-50019 * CVE-2024-50020 * CVE-2024-50021 * CVE-2024-50022 * CVE-2024-50023 * CVE-2024-50024 * CVE-2024-50025 * CVE-2024-50027 * CVE-2024-50028 * CVE-2024-50031 * CVE-2024-50033 * CVE-2024-50035 * CVE-2024-50040 * CVE-2024-50041 * CVE-2024-50042 * CVE-2024-50044 * CVE-2024-50045 * CVE-2024-50046 * CVE-2024-50047 * CVE-2024-50048 * CVE-2024-50049 * CVE-2024-50055 * CVE-2024-50058 * CVE-2024-50059 * CVE-2024-50060 * CVE-2024-50061 * CVE-2024-50062 * CVE-2024-50063 * CVE-2024-50064 * CVE-2024-50069 * CVE-2024-50073 * CVE-2024-50074 * CVE-2024-50075 * CVE-2024-50076 * CVE-2024-50077 * CVE-2024-50078 * CVE-2024-50080 * CVE-2024-50081 CVSS scores: * CVE-2023-52766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52800 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52800 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52881 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52917 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2023-52917 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2023-52917 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52918 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52918 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52918 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26758 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26761 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26767 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-26767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26943 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27026 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36244 ( SUSE ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2024-38576 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38576 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-38577 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38577 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38599 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-41016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-41031 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41047 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-41082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44932 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44932 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44958 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44964 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:L/VI:L/VA:H/SC:H/SI:H/SA:H * CVE-2024-44964 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44964 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45016 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45025 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45025 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46678 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:L * CVE-2024-46678 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46678 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46721 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46721 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46754 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46754 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46766 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46770 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46770 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46775 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46777 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46797 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46797 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46797 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46802 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46802 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46802 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46803 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46803 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46803 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46804 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46804 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-46804 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46805 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46805 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46805 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46806 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46806 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46806 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46807 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46807 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46807 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46809 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46809 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46809 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46810 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46810 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46810 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46811 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46811 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46811 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46812 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46812 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46813 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46813 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46813 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46814 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46814 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46814 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46815 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46816 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46816 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46817 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46819 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46819 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46821 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46821 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46825 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-46826 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46827 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46828 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46830 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46831 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46831 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46834 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46834 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46835 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46836 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46836 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46840 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46840 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46841 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46841 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46842 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46842 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46843 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46843 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46846 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46846 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46848 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46848 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46849 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46849 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46851 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46852 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46853 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46854 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-46854 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-46855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46855 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46857 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46859 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46859 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46860 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46860 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46861 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46864 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46864 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46870 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46870 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46870 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46871 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-46871 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-46871 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47658 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47658 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47658 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47660 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-47660 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47660 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47661 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-47661 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-47661 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47662 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-47662 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-47662 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47663 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47663 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47663 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47664 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47664 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47664 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47665 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47665 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47665 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47667 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-47667 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2024-47667 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47668 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-47668 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-47668 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47669 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47669 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-47669 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47670 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47670 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47671 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-47671 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47672 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47672 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47673 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47673 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47674 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47674 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47674 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47675 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47675 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47675 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47681 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47681 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47681 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47682 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47682 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-47682 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47684 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47684 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47685 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-47685 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-47685 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47686 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-47686 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-47686 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47687 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47687 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47687 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47688 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47688 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47688 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47692 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47692 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47692 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47693 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-47693 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-47693 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47695 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-47695 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-47695 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47696 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47696 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47696 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47697 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-47697 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-47697 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47698 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-47698 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-47698 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47699 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47699 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47699 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47702 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47702 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47702 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47704 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47704 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47705 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47705 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47705 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47706 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47706 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47706 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47707 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47707 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47707 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47709 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47709 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47709 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47710 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-47710 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47710 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47712 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47712 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47713 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47713 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47714 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47714 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47715 ( SUSE ): 7.1 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47715 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47715 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47718 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47718 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47719 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47719 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-47719 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47720 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47720 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47723 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47723 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47723 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47727 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47727 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47727 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47728 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47730 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47731 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47731 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47731 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47732 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47732 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47735 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47735 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47737 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-47737 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47737 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47738 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47738 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47739 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47741 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47741 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47741 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47742 ( SUSE ): 8.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-47742 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2024-47742 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47743 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47743 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47743 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47744 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47744 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47744 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47745 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47745 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47745 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47747 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47747 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47747 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47748 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47748 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47748 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47749 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47749 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47749 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47750 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47750 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47750 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47751 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47751 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47751 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47752 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47752 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47752 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47753 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47753 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47753 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47754 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47754 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47756 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47756 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47756 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47757 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47757 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47757 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49850 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49850 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49850 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49851 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49851 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49852 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49852 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49852 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49853 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49853 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49853 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49855 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49855 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49855 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49858 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-49858 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-49858 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49860 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49860 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49860 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49861 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:L/SC:N/SI:N/SA:N * CVE-2024-49861 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-49861 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-49862 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-49862 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-49862 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49863 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49863 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49864 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49864 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49866 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49866 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49867 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49867 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49867 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49870 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-49870 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-49870 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49871 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49871 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49874 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49874 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49874 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49875 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49875 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-49875 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-49877 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49877 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49877 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49878 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-49878 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-49879 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49879 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49881 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49881 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49882 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49882 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49883 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49883 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49888 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49888 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49890 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49890 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49890 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49891 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49891 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49891 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49892 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49892 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49892 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49894 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-49894 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-49894 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49895 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49895 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-49895 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49896 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49896 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49897 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49897 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49897 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49898 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49898 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49900 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-49900 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-49900 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49901 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49902 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49902 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49903 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49903 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49903 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49906 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49906 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49907 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49908 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49908 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49908 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49909 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49909 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49913 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49913 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49914 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49914 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49914 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49917 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49917 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49918 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49918 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49918 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49919 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49919 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49920 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49928 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-49928 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-49928 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49929 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49929 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49930 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49931 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49931 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49931 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49935 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49935 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49936 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49936 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49937 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49937 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49938 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49938 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49939 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49946 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49949 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49949 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49950 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49953 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49953 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49954 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49954 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49955 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49955 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49957 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49957 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49958 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49959 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49959 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49960 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49960 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49960 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49961 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49961 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49962 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49962 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49962 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49963 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49963 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49965 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49965 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49966 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49966 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49967 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49967 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49969 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49969 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49969 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49972 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-49972 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-49972 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49973 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49974 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49974 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49974 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49981 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49981 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49982 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49985 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49985 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49986 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49986 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49991 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49993 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49993 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-49993 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49995 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49995 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-49995 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49996 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49996 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50000 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50000 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50001 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50001 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50002 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50002 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50007 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50007 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50007 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50008 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-50008 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-50008 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50013 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50015 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50015 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50017 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50017 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50019 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50019 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50020 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50020 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50021 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50022 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50022 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50023 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50023 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50024 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50024 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50025 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50025 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50027 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50027 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50028 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50031 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50031 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50033 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50033 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50035 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50035 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50035 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50040 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50040 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50041 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50041 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50042 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50044 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50044 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50045 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50046 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50046 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50047 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50047 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50048 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50048 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50049 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50049 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50055 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50055 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50058 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50058 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50059 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50059 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50060 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50061 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50061 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50062 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50062 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50063 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50063 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50064 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50069 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50069 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50073 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50073 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-50073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50074 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50075 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50075 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50076 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50076 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-50077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50078 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50078 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50080 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50081 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50081 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 282 vulnerabilities, contains four features and has 59 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-36244: net/sched: taprio: extend minimum interval restriction to entire cycle too (bsc#1226797). * CVE-2024-41031: mm/filemap: skip to create PMD-sized page cache if needed (bsc#1228454). * CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command (bsc#1228620). * CVE-2024-44958: sched/smt: Fix unbalance sched_smt_present dec/inc (bsc#1230179). * CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429). * CVE-2024-45025: fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE (bsc#1230456). * CVE-2024-46678: bonding: change ipsec_lock from spin lock to mutex (bsc#1230550). * CVE-2024-46721: pparmor: fix possible NULL pointer dereference (bsc#1230710) * CVE-2024-46754: bpf: Remove tst_run from lwt_seg6local_prog_ops (bsc#1230801). * CVE-2024-46766: ice: move netif_queue_set_napi to rtnl-protected sections (bsc#1230762). * CVE-2024-46770: ice: Add netif_device_attach/detach into PF reset flow (bsc#1230763). * CVE-2024-46775: drm/amd/display: Validate function returns (bsc#1230774). * CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773). * CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191). * CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197). * CVE-2024-46826: ELF: fix kernel.randomize_va_space double read (bsc#1231115). * CVE-2024-46828: uprobes: fix kernel info leak via "[uprobes]" vma (bsc#1231114). * CVE-2024-46831: net: microchip: vcap: Fix use-after-free error in kunit test (bsc#1231117). * CVE-2024-46834: ethtool: fail closed if we can't get max channel used in indirection tables (bsc#1231096). * CVE-2024-46840: btrfs: clean up our handling of refs == 0 in snapshot delete (bsc#1231105). * CVE-2024-46841: btrfs: do not BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() (bsc#1231094). * CVE-2024-46843: scsi: ufs: core: Remove SCSI host only if added (bsc#1231100). * CVE-2024-46854: net: dpaa: Pad packets to ETH_ZLEN (bsc#1231084). * CVE-2024-46855: netfilter: nft_socket: fix sk refcount leaks (bsc#1231085). * CVE-2024-46857: net/mlx5: Fix bridge mode operations when there are no VFs (bsc#1231087). * CVE-2024-46870: drm/amd/display: Disable DMCUB timeout for DCN35 (bsc#1231435). * CVE-2024-47658: crypto: stm32/cryp - call finalize with bh disabled (bsc#1231436). * CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439). * CVE-2024-47664: spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware (bsc#1231442). * CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673). * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987). * CVE-2024-47685: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (bsc#1231998). * CVE-2024-47687: vdpa/mlx5: Fix invalid mr resource destroy (bsc#1232003). * CVE-2024-47692: nfsd: return -EINVAL when namelen is 0 (bsc#1231857). * CVE-2024-47704: drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944). * CVE-2024-47705: block: fix potential invalid pointer dereference in blk_add_partition (bsc#1231872). * CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942). * CVE-2024-47707: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (bsc#1231935). * CVE-2024-47710: sock_map: Add a cond_resched() in sock_hash_free() (bsc#1232049). * CVE-2024-47727: x86/tdx: Fix "in-kernel MMIO" check (bsc#1232116). * CVE-2024-47730: crypto: hisilicon/qm - inject error before stopping queue (bsc#1232075). * CVE-2024-47731: drivers/perf: Fix ali_drw_pmu driver interrupt status clearing (bsc#1232117). * CVE-2024-47739: padata: use integer wrap around to prevent deadlock on seq_nr overflow (bsc#1232124). * CVE-2024-47741: btrfs: fix race setting file private on concurrent lseek using same fd (bsc#1231869). * CVE-2024-47745: mm: split critical region in remap_file_pages() and invoke LSMs in between (bsc#1232135). * CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145). * CVE-2024-47752: media: mediatek: vcodec: Fix H264 stateless decoder smatch warning (bsc#1232130). * CVE-2024-47753: media: mediatek: vcodec: Fix VP8 stateless decoder smatch warning (bsc#1231868). * CVE-2024-47754: media: mediatek: vcodec: Fix H264 multi stateless decoder smatch warning (bsc#1232131). * CVE-2024-49852: scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() (bsc#1232819). * CVE-2024-49864: rxrpc: Fix a race between socket set up and I/O thread creation (bsc#1232256). * CVE-2024-49867: btrfs: wait for fixup workers before stopping cleaner kthread during umount (bsc#1232262). * CVE-2024-49881: ext4: update orig_path in ext4_find_extent() (bsc#1232201). * CVE-2024-49882: ext4: fix double brelse() the buffer of the extents path (bsc#1232200). * CVE-2024-49883: ext4: aovid use-after-free in ext4_ext_insert_extent() (bsc#1232199). * CVE-2024-49888: bpf: Fix a sdiv overflow issue (bsc#1232208). * CVE-2024-49890: drm/amd/pm: ensure the fw_info is not null before using it (bsc#1232217). * CVE-2024-49892: drm/amd/display: Initialize get_bytes_per_element's default to 1 (bsc#1232220). * CVE-2024-49894: drm/amd/display: Fix index out of bounds in degamma hardware format translation (bsc#1232354). * CVE-2024-49895: drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation (bsc#1232352). * CVE-2024-49896: drm/amd/display: Check stream before comparing them (bsc#1232221). * CVE-2024-49897: drm/amd/display: Check phantom_stream before it is used (bsc#1232355). * CVE-2024-49898: drm/amd/display: Check null-initialized variables (bsc#1232222). * CVE-2024-49901: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs (bsc#1232305). * CVE-2024-49906: drm/amd/display: Check null pointer before try to access it (bsc#1232332). * CVE-2024-49907: drm/amd/display: Check null pointers before using dc->clk_mgr (bsc#1232334). * CVE-2024-49908: drm/amd/display: Add null check for 'afb' in amdgpu_dm_update_cursor (bsc#1232335). * CVE-2024-49909: drm/amd/display: Add NULL check for function pointer in dcn32_set_output_transfer_func (bsc#1232337). * CVE-2024-49913: drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream (bsc#1232307). * CVE-2024-49914: drm/amd/display: Add null check for pipe_ctx->plane_state in (bsc#1232369). * CVE-2024-49917: drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn30_init_hw (bsc#1231965). * CVE-2024-49918: drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer (bsc#1231967). * CVE-2024-49919: drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer (bsc#1231968). * CVE-2024-49920: drm/amd/display: Check null pointers before multiple uses (bsc#1232313). * CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424). * CVE-2024-49946: ppp: do not assume bh is held in ppp_channel_bridge_input() (bsc#1232164). * CVE-2024-49949: net: avoid potential underflow in qdisc_pkt_len_init() with UFO (bsc#1232160). * CVE-2024-49950: Bluetooth: L2CAP: Fix uaf in l2cap_connect (bsc#1232159). * CVE-2024-49953: net/mlx5e: Fix crash caused by calling __xfrm_state_delete() twice (bsc#1232156). * CVE-2024-49954: static_call: Replace pointless WARN_ON() in static_call_module_notify() (bsc#1232155). * CVE-2024-49958: ocfs2: reserve space for inline xattr before attaching reflink tree (bsc#1232151). * CVE-2024-49959: jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error (bsc#1232149). * CVE-2024-49960: ext4: fix timer use-after-free on failed mount (bsc#1232395). * CVE-2024-49967: ext4: no need to continue when the number of entries is 1 (bsc#1232140). * CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519). * CVE-2024-49972: drm/amd/display: Deallocate DML memory if allocation fails (bsc#1232315). * CVE-2024-49973: r8169: add tally counter fields added with RTL8125 (bsc#1232105). * CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383). * CVE-2024-49986: platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors (bsc#1232093). * CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282). * CVE-2024-49993: iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0 count (bsc#1232316). * CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432). * CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089). * CVE-2024-50000: net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() (bsc#1232085). * CVE-2024-50001: net/mlx5: Fix error path in multi-packet WQE transmit (bsc#1232084). * CVE-2024-50002: static_call: Handle module init failure correctly in static_call_del_module() (bsc#1232083). * CVE-2024-50015: ext4: dax: fix overflowing extents beyond inode size when partially writing (bsc#1232079). * CVE-2024-50020: ice: Fix improper handling of refcount in ice_sriov_set_msix_vec_count() (bsc#1231989). * CVE-2024-50021: ice: Fix improper handling of refcount in ice_dpll_init_rclk_pins() (bsc#1231957). * CVE-2024-50022: device-dax: correct pgoff align in dax_set_mapping() (bsc#1231956). * CVE-2024-50024: net: Fix an unsafe loop on the list (bsc#1231954). * CVE-2024-50027: thermal: core: Free tzp copy along with the thermal zone (bsc#1231951). * CVE-2024-50028: thermal: core: Reference count the zone in thermal_zone_get_by_id() (bsc#1231950). * CVE-2024-50033: slip: make slhc_remember() more robust against malicious packets (bsc#1231914). * CVE-2024-50035: ppp: fix ppp_async_encode() illegal access (bsc#1232392). * CVE-2024-50040: igb: Do not bring the device up after non-fatal error (bsc#1231908). * CVE-2024-50041: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash (bsc#1231907). * CVE-2024-50042: ice: Fix increasing MSI-X on VF (bsc#1231906). * CVE-2024-50045: netfilter: br_netfilter: fix panic with metadata_dst skb (bsc#1231903). * CVE-2024-50046: kabi fix for NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() (bsc#1231902). * CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418). * CVE-2024-50059: ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition (bsc#1232345). * CVE-2024-50060: io_uring: check if we need to reschedule during overflow flush (bsc#1232417). * CVE-2024-50063: kABI: bpf: struct bpf_map kABI workaround (bsc#1232435). * CVE-2024-50064: zram: do not free statically defined names (bsc#1231901). * CVE-2024-50080: ublk: do not allow user copy for unprivileged device (bsc#1232502). * CVE-2024-50081: blk-mq: setup queue ->tag_set before initializing hctx (bsc#1232501). The following non-security bugs were fixed: * 9p: explicitly deny setlease attempts (git-fixes). * ACPI: CPPC: Add support for setting EPP register in FFH (stable-fixes). * ACPI: CPPC: Make rmw_lock a raw_spin_lock (git-fixes). * ACPI: EC: Do not release locks during operation region accesses (stable- fixes). * ACPI: PAD: fix crash in exit_round_robin() (stable-fixes). * ACPI: PRM: Clean up guid type in struct prm_handler_info (git-fixes). * ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context (git- fixes). * ACPI: battery: Fix possible crash when unregistering a battery hook (git- fixes). * ACPI: battery: Simplify battery hook locking (stable-fixes). * ACPI: button: Add DMI quirk for Samsung Galaxy Book2 to fix initial lid detection issue (stable-fixes). * ACPI: resource: Add Asus ExpertBook B2502CVA to irq1_level_low_skip_override[] (stable-fixes). * ACPI: resource: Add Asus Vivobook X1704VAP to irq1_level_low_skip_override[] (stable-fixes). * ACPI: resource: Add LG 16T90SP to irq1_level_low_skip_override[] (stable- fixes). * ACPI: resource: Add another DMI match for the TongFang GMxXGxx (stable- fixes). * ACPI: video: Add force_vendor quirk for Panasonic Toughbook CF-18 (stable- fixes). * ACPICA: Fix memory leak if acpi_ps_get_next_field() fails (stable-fixes). * ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails (stable-fixes). * ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() (stable-fixes). * ACPICA: iasl: handle empty connection_node (stable-fixes). * ALSA/hda: intel-sdw-acpi: cleanup sdw_intel_scan_controller (stable-fixes). * ALSA/hda: intel-sdw-acpi: fetch fwnode once in sdw_intel_scan_controller() (stable-fixes). * ALSA/hda: intel-sdw-acpi: simplify sdw-master-count property read (stable- fixes). * ALSA: Reorganize kerneldoc parameter names (stable-fixes). * ALSA: asihpi: Fix potential OOB array access (stable-fixes). * ALSA: core: add isascii() check to card ID generator (stable-fixes). * ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (git-fixes). * ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2 (stable- fixes). * ALSA: hda/conexant - Use cached pin control for Node 0x1d on HP EliteOne 1000 G2 (git-fixes). * ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin (git-fixes). * ALSA: hda/conexant: fix some typos (stable-fixes). * ALSA: hda/cs8409: Fix possible NULL dereference (git-fixes). * ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs (bsc#1219803). * ALSA: hda/realtek: Add a quirk for HP Pavilion 15z-ec200 (stable-fixes). * ALSA: hda/realtek: Add quirk for Huawei MateBook 13 KLV-WX9 (stable-fixes). * ALSA: hda/realtek: Add subwoofer quirk for Acer Predator G9-593 (stable- fixes). * ALSA: hda/realtek: Add subwoofer quirk for Infinix ZERO BOOK 13 (stable- fixes). * ALSA: hda/realtek: Enable mic on Vaio VJFH52 (stable-fixes). * ALSA: hda/realtek: Fix headset mic on TUXEDO Gemini 17 Gen3 (stable-fixes). * ALSA: hda/realtek: Fix headset mic on TUXEDO Stellaris 16 Gen6 mb1 (stable- fixes). * ALSA: hda/realtek: Fix the push button function for the ALC257 (git-fixes). * ALSA: hda/realtek: Limit internal Mic boost on Dell platform (stable-fixes). * ALSA: hda/realtek: Refactor and simplify Samsung Galaxy Book init (stable- fixes). * ALSA: hda/realtek: Update default depop procedure (git-fixes). * ALSA: hda/realtek: fix mute/micmute LED for HP mt645 G8 (stable-fixes). * ALSA: hda/realtek: tas2781: Fix ROG ALLY X audio (stable-fixes). * ALSA: hda/tas2781: Add new quirk for Lenovo Y990 Laptop (stable-fixes). * ALSA: hda/tas2781: Add new quirk for Lenovo, ASUS, Dell projects (stable- fixes). * ALSA: hda/tas2781: select CRC32 instead of CRC32_SARWATE (git-fixes). * ALSA: hda: Sound support for HP Spectre x360 16 inch model 2024 (stable- fixes). * ALSA: hda: tas2781: Fix missing setup at runtime PM (bsc#1230132). * ALSA: hdsp: Break infinite MIDI input flush loop (stable-fixes). * ALSA: line6: add hw monitor volume control to POD HD500X (stable-fixes). * ALSA: line6: update contact information (stable-fixes). * ALSA: mixer_oss: Remove some incorrect kfree_const() usages (git-fixes). * ALSA: silence integer wrapping warning (stable-fixes). * ALSA: usb-audio: Add delay quirk for VIVO USB-C HEADSET (stable-fixes). * ALSA: usb-audio: Add input value sanity checks for standard types (stable- fixes). * ALSA: usb-audio: Add logitech Audio profile quirk (stable-fixes). * ALSA: usb-audio: Add native DSD support for Luxman D-08u (stable-fixes). * ALSA: usb-audio: Add quirk for HP 320 FHD Webcam (bsc#1232768). * ALSA: usb-audio: Add quirks for Dell WD19 dock (stable-fixes). * ALSA: usb-audio: Define macros for quirk table entries (stable-fixes). * ALSA: usb-audio: Replace complex quirk lines with macros (stable-fixes). * ASoC: Intel: bytcr_rt5640: Add DMI quirk for Vexia Edu Atla 10 tablet (stable-fixes). * ASoC: Intel: bytcr_rt5640: Add support for non ACPI instantiated codec (stable-fixes). * ASoC: Intel: sst: Fix used of uninitialized ctx to log an error (git-fixes). * ASoC: Intel: sst: Support LPE0F28 ACPI HID (stable-fixes). * ASoC: amd: yc: Add quirk for HP Dragonfly pro one (stable-fixes). * ASoC: atmel: mchp-pdmc: Skip ALSA restoration if substream runtime is uninitialized (git-fixes). * ASoC: codecs: lpass-rx-macro: add missing CDC_RX_BCL_VBAT_RF_PROC2 to default regs values (stable-fixes). * ASoC: codecs: rt5640: Always disable IRQs from rt5640_cancel_work() (stable- fixes). * ASoC: codecs: wsa883x: Handle reading version failure (stable-fixes). * ASoC: cs42l51: Fix some error handling paths in cs42l51_probe() (git-fixes). * ASoC: dapm: fix bounds checker error in dapm_widget_list_create (git-fixes). * ASoC: fsl_sai: Enable 'FIFO continue on error' FCONT bit (stable-fixes). * ASoC: imx-card: Set card.owner to avoid a warning calltrace if SND=m (git- fixes). * ASoC: max98388: Fix missing increment of variable slot_found (git-fixes). * ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() (git-fixes). * ASoC: qcom: sm8250: add qrb4210-rb2-sndcard compatible string (stable- fixes). * ASoC: tas2781: Use of_property_read_reg() (stable-fixes). * Bluetooth: Call iso_exit() on module unload (git-fixes). * Bluetooth: ISO: Fix multiple init when debugfs is disabled (git-fixes). * Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (git- fixes). * Bluetooth: Remove debugfs directory on module init failure (git-fixes). * Bluetooth: bnep: fix wild-memory-access in proto_unregister (git-fixes). * Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). * Bluetooth: btusb: Add Realtek RTL8852C support ID 0x0489:0xe122 (stable- fixes). * Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001 (git- fixes). * Bluetooth: hci: fix null-ptr-deref in hci_read_supported_codecs (git-fixes). * Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (git-fixes). * HID: Ignore battery for all ELAN I2C-HID devices (stable-fixes). * HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() (git-fixes). * HID: i2c-hid: Remove I2C_HID_QUIRK_SET_PWR_WAKEUP_DEV quirk (stable-fixes). * HID: multitouch: Add support for Thinkpad X12 Gen 2 Kbd Portfolio (stable- fixes). * HID: multitouch: Add support for lenovo Y9000P Touchpad (stable-fixes). * HID: plantronics: Workaround for an unexcepted opposite volume key (stable- fixes). * Input: adp5589-keys - fix NULL pointer dereference (git-fixes). * Input: adp5589-keys - fix adp5589_gpio_get_value() (git-fixes). * Input: edt-ft5x06 - fix regmap leak when probe fails (git-fixes). * Input: i8042 - add TUXEDO Stellaris 15 Slim Gen6 AMD to i8042 quirk table (stable-fixes). * Input: i8042 - add TUXEDO Stellaris 16 Gen5 AMD to i8042 quirk table (stable-fixes). * Input: i8042 - add another board name for TUXEDO Stellaris Gen5 AMD line (stable-fixes). * KVM: Fix coalesced_mmio_has_room() to avoid premature userspace exit (git- fixes). * KVM: SVM: Disallow guest from changing userspace's MSR_AMD64_DE_CFG value (git-fixes). * KVM: Use dedicated mutex to protect kvm_usage_count to avoid deadlock (git- fixes). * KVM: VMX: Also clear SGX EDECCSSA in KVM CPU caps when SGX is disabled (git- fixes). * KVM: VMX: Set PFERR_GUEST_{FINAL,PAGE}_MASK if and only if the GVA is valid (git-fixes). * KVM: Write the per-page "segment" when clearing (part of) a guest page (git- fixes). * KVM: s390: Change virtual to physical address access in diag 0x258 handler (git-fixes bsc#1232626). * KVM: s390: Fix SORTL and DFLTCC instruction format error in __insn32_query (git-fixes bsc#1231276). * KVM: s390: gaccess: Check if guest address is in memslot (git-fixes bsc#1232623). * KVM: x86/mmu: Skip emulation on page fault iff 1+ SPs were unprotected (git- fixes). * KVM: x86/mmu: Trigger unprotect logic only on write-protection page faults (git-fixes). * KVM: x86: Dedup fastpath MSR post-handling logic (git-fixes). * KVM: x86: Enforce x2APIC's must-be-zero reserved ICR bits (git-fixes). * KVM: x86: Exit to userspace if fastpath triggers one on instruction skip (git-fixes). * KVM: x86: Move x2APIC ICR helper above kvm_apic_write_nodecode() (git- fixes). * KVM: x86: Re-enter guest if WRMSR(X2APIC_ICR) fastpath is successful (git- fixes). * KVM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC) (git-fixes). * NFS: Avoid unnecessary rescanning of the per-server delegation list (git- fixes). * NFSD: Fix NFSv4's PUTPUBFH operation (git-fixes). * NFSD: Mark filecache "down" if init fails (git-fixes). * NFSv3: only use NFS timeout for MOUNT when protocols are compatible (bsc#1231016). * NFSv4: Fix clearing of layout segments in layoutreturn (git-fixes). * PCI: Add ACS quirk for Qualcomm SA8775P (stable-fixes). * PCI: Add function 0 DMA alias quirk for Glenfly Arise chip (stable-fixes). * PCI: Fix pci_enable_acs() support for the ACS quirks (bsc#1229019). * PCI: Mark Creative Labs EMU20k2 INTx masking as broken (stable-fixes). * RAS/AMD/ATL: Add amd_atl pr_fmt() prefix (jsc#PED-10559). * RAS/AMD/ATL: Expand helpers for adding and removing base and hole (jsc#PED-10559). * RAS/AMD/ATL: Implement DF 4.5 NP2 denormalization (jsc#PED-10559). * RAS/AMD/ATL: Read DRAM hole base early (jsc#PED-10559). * RAS/AMD/ATL: Validate address map when information is gathered (jsc#PED-10559). * RDMA/bnxt_re: Add a check for memory allocation (git-fixes) * RDMA/bnxt_re: Avoid CPU lockups due fifo occupancy check loop (git-fixes) * RDMA/bnxt_re: Change the sequence of updating the CQ toggle value (git- fixes) * RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (git-fixes) * RDMA/bnxt_re: Fix a possible memory leak (git-fixes) * RDMA/bnxt_re: Fix incorrect AVID type in WQE structure (git-fixes) * RDMA/bnxt_re: Fix incorrect dereference of srq in async event (git-fixes) * RDMA/bnxt_re: Fix out of bound check (git-fixes) * RDMA/bnxt_re: Fix the GID table length (git-fixes) * RDMA/bnxt_re: Fix the max CQ WQEs for older adapters (git-fixes) * RDMA/bnxt_re: Fix the usage of control path spin locks (git-fixes) * RDMA/bnxt_re: Return more meaningful error (git-fixes) * RDMA/bnxt_re: synchronize the qp-handle table array (git-fixes) * RDMA/core: Fix ENODEV error for iWARP test over vlan (git-fixes) * RDMA/cxgb4: Dump vendor specific QP details (git-fixes) * RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP (git-fixes) * RDMA/irdma: Fix misspelling of "accept*" (git-fixes) * RDMA/mad: Improve handling of timed out WRs of mad agent (git-fixes) * RDMA/mana_ib: use the correct page size for mapping user-mode doorbell page (git-fixes). * RDMA/mana_ib: use the correct page table index based on hardware page size (git-fixes). * RDMA/mlx5: Enforce umem boundaries for explicit ODP page faults (git-fixes) * RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down (git- fixes) * RDMA/mlx5: Use sq timestamp as QP timestamp when RoCE is disabled (git- fixes). * RDMA/rtrs-srv: Avoid null pointer deref during path establishment (git- fixes) * RDMA/srpt: Make slab cache names unique (git-fixes) * SUNRPC: Fix integer overflow in decode_rc_list() (git-fixes). * SUNRPC: Fixup gss_status tracepoint error output (git-fixes). * SUNRPC: clnt.c: Remove misleading comment (git-fixes). * USB: appledisplay: close race between probe and completion handler (git- fixes). * USB: misc: cypress_cy7c63: check for short transfer (git-fixes). * USB: misc: yurex: fix race between read and write (git-fixes). * USB: serial: option: add Telit FN920C04 MBIM compositions (stable-fixes). * USB: serial: option: add support for Quectel EG916Q-GL (stable-fixes). * Update config files: Enable NFSD_V2 (bsc#1230914) * Use pahole -j1 option for reproducible builds (bsc#1230414 bsc#1229450). * accel/qaic: Fix the for loop used to walk SG table (git-fixes). * add bug reference for a mana change (bsc#1229769). * add bug references to existing mana changes (bsc#1232033, bsc#1232034, bsc#1232036). * arm64: Subscribe Microsoft Azure Cobalt 100 to erratum 3194386 (git-fixes) * arm64: cputype: Add Neoverse-N3 definitions (git-fixes) * arm64: errata: Enable the AC03_CPU_38 workaround for ampere1a (git-fixes). * arm64: errata: Expand speculative SSBS workaround once more (git-fixes) * arm64: esr: Define ESR_ELx_EC_* constants as UL (git-fixes) * arm64: fix selection of HAVE_DYNAMIC_FTRACE_WITH_ARGS (git-fixes). * arm64: probes: Fix simulate_ldr*_literal() (git-fixes) * arm64: probes: Fix uprobes for big-endian kernels (git-fixes) * arm64: probes: Remove broken LDR (literal) uprobe support (git-fixes) * ata: libata: Set DID_TIME_OUT for commands that actually timed out (git- fixes). * ata: libata: avoid superfluous disk spin down + spin up during hibernation (git-fixes). * audit: do not WARN_ON_ONCE(!current->mm) in audit_exe_compare() (git-fixes). * audit: do not take task_lock() in audit_exe_compare() code path (git-fixes). * block: print symbolic error name instead of error code (bsc#1231872). * block: sed-opal: add ioctl IOC_OPAL_SET_SID_PW (bsc#1229677). * bnxt_en: Cap the size of HWRM_PORT_PHY_QCFG forwarded response (git-fixes). * bnxt_en: Fix error recovery for 5760X (P7) chips (git-fixes). * bnxt_en: Fix the PCI-AER routines (git-fixes). * bnxt_en: Restore PTP tx_avail count in case of skb_pad() error (git-fixes). * bnxt_en: refactor reset close code (git-fixes). * bpf, lsm: Add disabled BPF LSM hook list (git-fixes). * bpf, net: Fix a potential race in do_sock_getsockopt() (git-fixes). * bpf, verifier: Correct tail_call_reachable for bpf prog (git-fixes). * bpf, x64: Remove tail call detection (git-fixes). * bpf,perf: Fix perf_event_detach_bpf_prog error handling (git-fixes). * bpf: Fail verification for sign-extension of packet data/data_end/data_meta (git-fixes). * bpf: Fix bpf_strtol and bpf_strtoul helpers for 32bit (git-fixes). * bpf: Fix error message on kfunc arg type mismatch (git-fixes). * bpf: Fix helper writes to read-only maps (git-fixes). * bpf: Fix tailcall cases in test_bpf (git-fixes). * bpf: Fix truncation bug in coerce_reg_to_size_sx() (git-fixes). * bpf: Improve check_raw_mode_ok test for MEM_UNINIT-tagged types (git-fixes). * bpf: Remove truncation test in bpf_strtol and bpf_strtoul helpers (git- fixes). * bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error (git-fixes). * bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos (git-fixes). * btf, scripts: rust: drop is_rust_module.sh (bsc#1230414 bsc#1229450). * btrfs: send: fix invalid clone operation for file that got its size decreased (git-fixes). * can: netlink: avoid call to do_set_data_bittiming callback with stale can_priv::ctrlmode (stable-fixes). * ceph: fix cap ref leak via netfs init_request (bsc#1231384). * clk: bcm: bcm53573: fix OF node leak in init (stable-fixes). * clk: imx: Remove CLK_SET_PARENT_GATE for DRAM mux for i.MX7D (stable-fixes). * comedi: ni_routing: tools: Check when the file could not be opened (stable- fixes). * config: Disable LAM on x86 (bsc#1217845) * cpufreq/amd-pstate: Fix amd_pstate mode switch on shared memory systems (git-fixes). * crypto: hisilicon/qm - flush all work before driver removed (bsc#1232075) * crypto: octeontx - Fix authenc setkey (stable-fixes). * crypto: octeontx* - Select CRYPTO_AUTHENC (git-fixes). * crypto: octeontx2 - Fix authenc setkey (stable-fixes). * crypto: powerpc/p10-aes-gcm - Add dependency on CRYPTO_SIMD and re-enable CRYPTO_AES_GCM_P10 (bsc#1230501 ltc#208632) * crypto: powerpc/p10-aes-gcm - Disable CRYPTO_AES_GCM_P10 (bsc#1230501 ltc#208632). * crypto: powerpc/p10-aes-gcm - Re-write AES/GCM stitched implementation (bsc#1230501 ltc#208632). * crypto: powerpc/p10-aes-gcm - Register modules as SIMD (bsc#1230501 ltc#208632). * cxgb4: Properly lock TX queue for the selftest (git-fixes). * cxgb4: add forgotten u64 ivlan cast before shift (git-fixes). * cxgb4: unnecessary check for 0 in the free_sge_txq_uld() function (git- fixes). * dcache: keep dentry_hashtable or d_hash_shift even when not used (git- fixes). * debugfs: fix automount d_fsdata usage (git-fixes). * devlink: Fix command annotation documentation (git-fixes). * dmaengine: sh: rz-dmac: handle configs where one address is zero (git- fixes). * dmaengine: ti: k3-udma: Set EOP for all TRs in cyclic BCDMA transfer (git- fixes). * driver core: bus: Fix double free in driver API bus_register() (stable- fixes). * driver core: bus: Return -EIO instead of 0 when show/store invalid bus attribute (stable-fixes). * drm/amd/amdgpu: Fix double unlock in amdgpu_mes_add_ring (git-fixes). * drm/amd/display: Add HDMI DSC native YCbCr422 support (stable-fixes). * drm/amd/display: Add disable timeout option (bsc#1231435) * drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944) * drm/amd/display: Check null pointer before dereferencing se (stable-fixes). * drm/amd/display: Clean up dsc blocks in accelerated mode (stable-fixes). * drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too (stable-fixes). * drm/amd/display: Remove a redundant check in authenticated_dp (stable- fixes). * drm/amd/display: Revert "Check HDCP returned status" (stable-fixes). * drm/amd/display: Round calculated vtotal (stable-fixes). * drm/amd/display: Skip to enable dsc if it has been off (stable-fixes). * drm/amd/display: Validate backlight caps are sane (stable-fixes). * drm/amd/pm: Vangogh: Fix kernel memory out of bounds write (git-fixes). * drm/amd: Guard against bad data for ATIF ACPI method (git-fixes). * drm/amdgpu/swsmu: Only force workload setup on init (git-fixes). * drm/amdgpu/vcn: enable AV1 on both instances (stable-fixes). * drm/i915/gem: fix bitwise and logical AND mixup (git-fixes). * drm/i915/hdcp: fix connector refcounting (git-fixes). * drm/mediatek: Fix get efuse issue for MT8188 DPTX (git-fixes). * drm/msm/dpu: check for overflow in _dpu_crtc_setup_lm_bounds() (git-fixes). * drm/msm/dpu: do not always program merge_3d block (git-fixes). * drm/msm/dpu: make sure phys resources are properly initialized (git-fixes). * drm/msm/dpu: move CRTC resource assignment to dpu_encoder_virt_atomic_check (git-fixes). * drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate calculation (git-fixes). * drm/msm/dsi: improve/fix dsc pclk calculation (git-fixes). * drm/msm: Allocate memory for disp snapshot with kvzalloc() (git-fixes). * drm/msm: Avoid NULL dereference in msm_disp_state_print_regs() (git-fixes). * drm/radeon: Fix encoder->possible_clones (git-fixes). * drm/sched: Add locking to drm_sched_entity_modify_sched (git-fixes). * drm/sched: Always wake up correct scheduler in drm_sched_entity_push_job (git-fixes). * drm/v3d: Stop the active perfmon before being destroyed (git-fixes). * drm/vboxvideo: Replace fake VLA at end of vbva_mouse_pointer_shape with real VLA (stable-fixes). * drm/vc4: Stop the active perfmon before being destroyed (git-fixes). * drm/vmwgfx: Handle surface check failure correctly (git-fixes). * drm: Consistently use struct drm_mode_rect for FB_DAMAGE_CLIPS (git-fixes). * e1000e: Fix S0ix residency on corporate systems (git-fixes). * e1000e: change I219 (19) devices to ADP (git-fixes). * e1000e: fix force smbus during suspend flow (git-fixes). * e1000e: move force SMBUS near the end of enable_ulp function (git-fixes). * efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (stable-fixes). * eth: bnxt: fix counting packets discarded due to OOM and netpoll (git- fixes). * ext4: do not track ranges in fast_commit if inode has inlined data (bsc#1231635). * ext4: fix fast commit inode enqueueing during a full journal commit (bsc#1231636). * ext4: fix incorrect tid assumption in ext4_fc_mark_ineligible() (bsc#1231637). * ext4: fix possible tid_t sequence overflows (bsc#1231634). * ext4: fix slab-use-after-free in ext4_split_extent_at() (bsc#1232201) * ext4: mark fc as ineligible using an handle in ext4_xattr_set() (bsc#1231640). * ext4: use handle to mark fc as ineligible in __track_dentry_update() (bsc#1231639). * fat: fix uninitialized variable (git-fixes). * fbcon: Fix a NULL pointer dereference issue in fbcon_putcs (stable-fixes). * fbdev: sisfb: Fix strbuf array overflow (stable-fixes). * fgraph: Change the name of cpuhp state to "fgraph:online" (git-fixes). * fgraph: Fix missing unlock in register_ftrace_graph() (git-fixes). * fgraph: Use CPU hotplug mechanism to initialize idle shadow stacks (git- fixes). * filemap: remove use of wait bookmarks (bsc#1224088). * firmware: arm_scmi: Fix slab-use-after-free in scmi_bus_notifier() (git- fixes). * firmware: arm_scmi: Fix the double free in scmi_debugfs_common_setup() (git- fixes). * firmware: arm_sdei: Fix the input parameter of cpuhp_remove_state() (git- fixes). * fs/9p: drop inodes immediately on non-.L too (git-fixes). * fs/9p: fix the cache always being enabled on files with qid flags (git- fixes). * genirq/msi: Fix off-by-one error in msi_domain_alloc() (git-fixes). * gpio: aspeed: Add the flush write to ensure the write complete (git-fixes). * gpio: aspeed: Use devm_clk api to manage clock source (git-fixes). * gpio: davinci: fix lazy disable (git-fixes). * gve: Fix XDP TX completion handling when counters overflow (git-fixes). * gve: Fix an edge case for TSO skb validity check (git-fixes). * gve: ignore nonrelevant GSO type bits when processing TSO headers (git- fixes). * hid: intel-ish-hid: Fix uninitialized variable 'rv' in ish_fw_xfer_direct_dma (git-fixes). * hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event (git-fixes). * hwmon: (adm9240) Add missing dependency on REGMAP_I2C (git-fixes). * hwmon: (adt7470) Add missing dependency on REGMAP_I2C (git-fixes). * hwmon: (max16065) Fix alarm attributes (git-fixes). * hwmon: (max16065) Remove use of i2c_match_id() (stable-fixes). * hwmon: (mc34vr500) Add missing dependency on REGMAP_I2C (git-fixes). * hwmon: (nct6775) add G15CF to ASUS WMI monitoring list (stable-fixes). * hwmon: (tmp513) Add missing dependency on REGMAP_I2C (git-fixes). * hwmon: intel-m10-bmc-hwmon: relabel Columbiaville to CVL Die Temperature (git-fixes). * i2c: core: Setup i2c_adapter runtime-pm before calling device_add() (git- fixes). * i2c: core: fix lockdep warning for sparsely nested adapter chain (git- fixes). * i2c: cpm: Remove linux,i2c-index conversion from be32 (git-fixes). * i2c: exynos5: Calculate t_scl_l, t_scl_h according to i2c spec (git-fixes). * i2c: i801: Add lis3lv02d for Dell Precision 3540 (git-fixes). * i2c: i801: Add lis3lv02d for Dell XPS 15 7590 (git-fixes). * i2c: i801: Use a different adapter-name for IDF adapters (stable-fixes). * i2c: i801: add helper i801_restore_regs (git-fixes). * i2c: ismt: kill transaction in hardware on timeout (git-fixes). * i2c: ocores: Move system PM hooks to the NOIRQ phase (git-fixes). * i2c: ocores: Remove #ifdef guards for PM related functions (git-fixes). * i2c: omap: switch to NOIRQ_SYSTEM_SLEEP_PM_OPS() and RUNTIME_PM_OPS() (git- fixes). * i2c: omap: wakeup the controller during suspend() callback (git-fixes). * i2c: rcar: properly format a debug output (git-fixes). * i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume (git-fixes). * i2c: stm32f7: perform most of irq job in threaded handler (git-fixes). * i2c: synquacer: Deal with optional PCLK correctly (git-fixes). * i2c: synquacer: Remove a clk reference from struct synquacer_i2c (stable- fixes). * i2c: xiic: Try re-initialization on bus busy timeout (git-fixes). * i2c: xiic: improve error message when transfer fails to start (stable- fixes). * i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition (stable-fixes). * i40e: Fix XDP program unloading while removing the driver (git-fixes). * i40e: Report MFS in decimal base instead of hex (git-fixes). * iavf: Fix TC config comparison with existing adapter TC config (git-fixes). * ice: Fix VSI list rule with ICE_SW_LKUP_LAST type (git-fixes). * ice: Fix checking for unsupported keys on non-tunnel device (git-fixes). * ice: Fix lldp packets dropping after changing the number of channels (git- fixes). * ice: Fix netif_is_ice() in Safe Mode (git-fixes). * ice: Fix package download algorithm (git-fixes). * ice: Fix recipe read procedure (git-fixes). * ice: Fix reset handler (git-fixes). * ice: Flush FDB entries before reset (git-fixes). * ice: Interpret .set_channels() input differently (git-fixes). * ice: Rebuild TC queues on VSI queue reconfiguration (git-fixes). * ice: Reject pin requests with unsupported flags (git-fixes). * ice: add flag to distinguish reset from .ndo_bpf in XDP rings config (git- fixes). * ice: add missing WRITE_ONCE when clearing ice_rx_ring::xdp_prog (git-fixes). * ice: avoid IRQ collision to fix init failure on ACPI S3 resume (git-fixes). * ice: clear port vlan config during reset (git-fixes). * ice: disallow DPLL_PIN_STATE_SELECTABLE for dpll output pins (git-fixes). * ice: do not bring the VSI up, if it was down before the XDP setup (git- fixes). * ice: do not busy wait for Rx queue disable in ice_qp_dis() (git-fixes). * ice: fix 200G PHY types to link speed mapping (git-fixes). * ice: fix 200G link speed message log (git-fixes). * ice: fix ICE_LAST_OFFSET formula (git-fixes). * ice: fix VLAN replay after reset (git-fixes). * ice: fix VSI lists confusion when adding VLANs (git-fixes). * ice: fix accounting for filters shared by multiple VSIs (git-fixes). * ice: fix accounting if a VLAN already exists (git-fixes). * ice: fix iteration of TLVs in Preserved Fields Area (git-fixes). * ice: fix page reuse when PAGE_SIZE is over 8k (git-fixes). * ice: fix reads from NVM Shadow RAM on E830 and E825-C devices (git-fixes). * ice: fix truesize operations for PAGE_SIZE >= 8192 (git-fixes). * ice: implement AQ download pkg retry (git-fixes). * ice: map XDP queues to vectors in ice_vsi_map_rings_to_vectors() (git- fixes). * ice: remove af_xdp_zc_qps bitmap (git-fixes). * ice: replace synchronize_rcu with synchronize_net (git-fixes). * ice: respect netif readiness in AF_XDP ZC related ndo's (git-fixes). * ice: set correct dst VSI in only LAN filters (git-fixes). * ice: tc: allow zero flags in parsing tc flower (git-fixes). * ice: tc: check src_vsi in case of traffic from VF (git-fixes). * ice: use proper macro for testing bit (git-fixes). * idpf: Interpret .set_channels() input differently (git-fixes). * idpf: avoid bloating &idpf_q_vector with big %NR_CPUS (git-fixes). * idpf: do not enable NAPI and interrupts prior to allocating Rx buffers (git- fixes). * idpf: do not skip over ethtool tcp-data-split setting (git-fixes). * idpf: fix UAFs when destroying the queues (git-fixes). * idpf: fix memleak in vport interrupt configuration (git-fixes). * idpf: fix memory leaks and crashes while performing a soft reset (git- fixes). * ieee802154: Fix build error (git-fixes). * igb: Always call igb_xdp_ring_update_tail() under Tx lock (git-fixes). * igb: Fix not clearing TimeSync interrupts for 82580 (git-fixes). * igc: Fix double reset adapter triggered from a single taprio cmd (git- fixes). * igc: Fix packet still tx after gate close by reducing i226 MAC retry buffer (git-fixes). * igc: Fix qbv tx latency by setting gtxoffset (git-fixes). * igc: Fix qbv_config_change_errors logics (git-fixes). * igc: Fix reset adapter logics when tx mode change (git-fixes). * igc: Unlock on error in igc_io_resume() (git-fixes). * iio: accel: bma400: Fix uninitialized variable field_value in tap event handling (git-fixes). * iio: accel: kx022a: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes). * iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() (git- fixes). * iio: adc: ti-ads124s08: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes). * iio: adc: ti-ads8688: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes). * iio: adc: ti-lmp92064: add missing select REGMAP_SPI in Kconfig (git-fixes). * iio: amplifiers: ada4250: add missing select REGMAP_SPI in Kconfig (git- fixes). * iio: dac: ad3552r: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes). * iio: dac: ad5766: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git- fixes). * iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig (git-fixes). * iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig (git-fixes). * iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig (git- fixes). * iio: frequency: adf4377: add missing select REMAP_SPI in Kconfig (git- fixes). * iio: frequency: admv4420: fix missing select REMAP_SPI in Kconfig (git- fixes). * iio: gts-helper: Fix memory leaks for the error path of iio_gts_build_avail_scale_table() (git-fixes). * iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table() (git- fixes). * iio: hid-sensors: Fix an error handling path in _hid_sensor_set_report_latency() (git-fixes). * iio: light: opt3001: add missing full-scale range value (git-fixes). * iio: light: veml6030: fix ALS sensor resolution (git-fixes). * iio: light: veml6030: fix IIO device retrieval from embedded device (git- fixes). * iio: light: veml6030: fix microlux value calculation (git-fixes). * iio: magnetometer: ak8975: Convert enum->pointer for data in the match tables (stable-fixes). * iio: magnetometer: ak8975: Fix 'Unexpected device' error (git-fixes). * iio: magnetometer: ak8975: drop incorrect AK09116 compatible (git-fixes). * iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes). * io_uring/eventfd: move to more idiomatic RCU free usage (git-fixes). * io_uring/io-wq: do not allow pinning outside of cpuset (git-fixes). * io_uring/io-wq: inherit cpuset of cgroup in io worker (git-fixes). * io_uring/net: harden multishot termination case for recv (git-fixes). * io_uring/rw: fix cflags posting for single issue multishot read (git-fixes). * io_uring/rw: treat -EOPNOTSUPP for IOCB_NOWAIT like -EAGAIN (git-fixes). * io_uring/sqpoll: do not allow pinning outside of cpuset (git-fixes). * io_uring/sqpoll: do not put cpumask on stack (git-fixes). * io_uring/sqpoll: retain test for whether the CPU is valid (git-fixes). * io_uring: check for presence of task_work rather than TIF_NOTIFY_SIGNAL (git-fixes). * iommu/amd: Allocate the page table root using GFP_KERNEL (git-fixes). * iommu/amd: Do not set the D bit on AMD v2 table entries (git-fixes). * iommu/amd: Fix typo of , instead of ; (git-fixes). * iommu/vt-d: Always reserve a domain ID for identity setup (git-fixes). * iommu/vt-d: Fix incorrect pci_for_each_dma_alias() for non-PCI devices (git- fixes). * iommufd: Check the domain owner of the parent before creating a nesting domain (git-fixes). * iommufd: Protect against overflow of ALIGN() during iova allocation (git- fixes). * jbd2: correctly compare tids with tid_geq function in jbd2_fc_begin_commit (bsc#1231638). * jfs: Fix sanity check in dbMount (git-fixes). * jfs: Fix uaf in dbFreeBits (git-fixes). * jfs: Fix uninit-value access of new_ea in ea_buffer (git-fixes). * jfs: UBSAN: shift-out-of-bounds in dbFindBits (git-fixes). * jfs: check if leafidx greater than num leaves per dmap tree (git-fixes). * jump_label: Fix static_key_slow_dec() yet again (git-fixes). * kABI fix of VM: x86: Re-split x2APIC ICR into ICR+ICR2 for AMD (x2AVIC) (git-fixes). * kABI: bpf: enum bpf_{type_flag,arg_type} kABI workaround (git-fixes). * kABI: bpf: struct bpf_insn_acces_aux kABI workaround (git-fixes). * kasan: Fix Software Tag-Based KASAN with GCC (git-fixes). * kbuild, bpf: Use test-ge check for v1.25-only pahole (bsc#1230414 bsc#1229450). * kbuild,bpf: Add module-specific pahole flags for distilled base BTF (bsc#1230414 bsc#1229450). * kbuild,bpf: Switch to using --btf_features for pahole v1.26 and later (bsc#1230414 bsc#1229450). * kbuild: avoid too many execution of scripts/pahole-flags.sh (bsc#1230414 bsc#1229450). * kbuild: bpf: Tell pahole to DECL_TAG kfuncs (bsc#1230414 bsc#1229450). * kconfig: qconf: fix buffer overflow in debug links (git-fixes). * keys, dns: Allow key types (eg. DNS) to be reclaimed immediately on expiry (git-fixes). * keys: Fix overwrite of key expiration on instantiation (git-fixes). * kthread: unpark only parked kthread (git-fixes). * lib/xarray: introduce a new helper xas_get_order (bsc#1231617). * mac80211: MAC80211_MESSAGE_TRACING should depend on TRACING (git-fixes). * macsec: do not increment counters for an unrelated SA (git-fixes). * maple_tree: correct tree corruption on spanning store (git-fixes). * media: bttv: use audio defaults for winfast2000 (git-fixes). * media: core: v4l2-ioctl: check if ioctl is known to avoid NULL name (git- fixes). * media: i2c: imx335: Enable regulator supplies (stable-fixes). * media: imx335: Fix reset-gpio handling (git-fixes). * media: pci: ipu3-cio2: Initialise timing struct to avoid a compiler warning (git-fixes). * media: videobuf2-core: clear memory related fields in __vb2_plane_dmabuf_put() (stable-fixes). * media: videobuf2: fix typo: vb2_dbuf -> vb2_qbuf (git-fixes). * mei: use kvmalloc for read buffer (git-fixes). * mfd: intel_soc_pmic_chtwc: Make Lenovo Yoga Tab 3 X90F DMI match less strict (stable-fixes). * minmax: avoid overly complex min()/max() macro arguments in xen (git-fixes). * mlx5: avoid truncating error message (git-fixes). * mlx5: stop warning for 64KB pages (git-fixes). * mm/filemap: optimize filemap folio adding (bsc#1231617). * mm/filemap: return early if failed to allocate memory for split (bsc#1231617). * mm: khugepaged: fix the arguments order in khugepaged_collapse_file trace point (git-fixes). * mm: mmap: no need to call khugepaged_enter_vma() for stack (jsc#PED-10978). * modpost: fix acpi MODULE_DEVICE_TABLE built with mismatched endianness (git- fixes). * modpost: fix input MODULE_DEVICE_TABLE() built for 64-bit on 32-bit host (git-fixes). * module: abort module loading when sysfs setup suffer errors (git-fixes). * nbd: fix race between timeout and normal completion (bsc#1230918). * net/mlx5: Add missing masks and QoS bit masks for scheduling elements (git- fixes). * net/mlx5: Added cond_resched() to crdump collection (git-fixes). * net/mlx5: Check capability for fw_reset (git-fixes). * net/mlx5: Check for invalid vector index on EQ creation (git-fixes). * net/mlx5: Explicitly set scheduling element and TSAR type (git-fixes). * net/mlx5: Fix command bitmask initialization (git-fixes). * net/mlx5: Fix error handling in irq_pool_request_irq (git-fixes). * net/mlx5: Lag, do bond only if slaves agree on roce state (git-fixes). * net/mlx5: Lag, do not use the hardcoded value of the first port (git-fixes). * net/mlx5: Stop waiting for PCI if pci channel is offline (git-fixes). * net/mlx5: Unregister notifier on eswitch init failure (git-fixes). * net/mlx5: Update the list of the PCI supported devices (git-fixes). * net/mlx5e: Add a check for the return value from mlx5_port_set_eth_ptys (git-fixes). * net/mlx5e: Add missing link mode to ptys2ext_ethtool_map (git-fixes). * net/mlx5e: Add missing link modes to ptys2ethtool_map (git-fixes). * net/mlx5e: Add mqprio_rl cleanup and free in mlx5e_priv_cleanup() (git- fixes). * net/mlx5e: Correctly report errors for ethtool rx flows (git-fixes). * net/mlx5e: Do not call cleanup on profile rollback failure (git-fixes). * net/mlx5e: Fix IPsec tunnel mode offload feature check (git-fixes). * net/mlx5e: Fix UDP GSO for encapsulated packets (git-fixes). * net/mlx5e: Fix features validation check for tunneled UDP (non-VXLAN) packets (git-fixes). * net/mlx5e: Require mlx5 tc classifier action support for IPsec prio capability (git-fixes). * net/mlx5e: Use rx_missed_errors instead of rx_dropped for reporting buffer exhaustion (git-fixes). * net: mana: Implement get_ringparam/set_ringparam for mana (bsc#1229891). * net: mana: Improve mana_set_channels() in low mem conditions (bsc#1230289). * net: phy: Remove LED entry from LEDs list on unregister (git-fixes). * net: phy: bcm84881: Fix some error handling paths (git-fixes). * net: phy: dp83869: fix memory corruption when enabling fiber (git-fixes). * net: qede: sanitize 'rc' in qede_add_tc_flower_fltr() (git-fixes). * net: qede: use return from qede_parse_actions() (git-fixes). * net: qede: use return from qede_parse_flow_attr() for flow_spec (git-fixes). * net: qede: use return from qede_parse_flow_attr() for flower (git-fixes). * net: stmmac: dwmac-tegra: Fix link bring-up sequence (git-fixes) * net: sysfs: Fix /sys/class/net/<iface> path for statistics (git-fixes). * net: test for not too small csum_start in virtio_net_hdr_to_skb() (git- fixes). * net: usb: usbnet: fix name regression (get-fixes). * net: usb: usbnet: fix race in probe failure (git-fixes). * netdevsim: use cond_resched() in nsim_dev_trap_report_work() (git-fixes). * nfs: fix memory leak in error path of nfs4_do_reclaim (git-fixes). * nfsd: call cache_put if xdr_reserve_space returns NULL (git-fixes). * nfsd: cancel nfsd_shrinker_work using sync mode in nfs4_state_shutdown_net (git-fixes). * nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (git-fixes). * nfsd: fix refcount leak when file is unhashed after being found (git-fixes). * nfsd: map the EBADMSG to nfserr_io to avoid warning (git-fixes). * nfsd: remove unneeded EEXIST error check in nfsd_do_file_acquire (git- fixes). * nfsd: return -EINVAL when namelen is 0 (git-fixes). * nilfs2: fix kernel bug due to missing clearing of buffer delay flag (git- fixes). * nouveau/dmem: Fix privileged error in copy engine channel (git-fixes). * nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error (git- fixes). * nouveau/gsp: Avoid addressing beyond end of rpc->entries (stable-fixes). * ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() (git- fixes). * nvme-multipath: suppress partition scan until the disk is ready (bsc#1228244). * nvme-pci: fix race condition between reset and nvme_dev_disable() (git- fixes). * nvme-pci: qdepth 1 quirk (git-fixes). * nvme-pci: set doorbell config before unquiescing (git-fixes). * nvme: disable CC.CRIME (NVME_CC_CRIME) (jsc#PED-9901). * nvme: null terminate nvme_tls_attrs (git-fixes). * nvme: re-fix error-handling for io_uring nvme-passthrough (git-fixes). * nvmet-auth: assign dh_key to NULL after kfree_sensitive (git-fixes). * ocfs2: fix the la space leak when unmounting an ocfs2 volume (git-fixes). * ocfs2: fix uninit-value in ocfs2_get_block() (git-fixes). * ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (git-fixes). * parport: Proper fix for array out-of-bounds access (git-fixes). * phy: freescale: imx8m-pcie: Do CMN_RST just before PHY PLL lock check (git- fixes). * phy: qcom: qmp-combo: move driver data initialisation earlier (git-fixes). * phy: qcom: qmp-usb: fix NULL-deref on runtime suspend (git-fixes). * phy: tegra: xusb: Add error pointer check in xusb.c (git-fixes). * phy: ti: phy-j721e-wiz: fix usxgmii configuration (git-fixes). * pinctrl: apple: check devm_kasprintf() returned value (git-fixes). * pinctrl: ocelot: fix system hang on level based interrupts (stable-fixes). * platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug (git-fixes). * platform/x86: dell-sysman: add support for alienware products (stable- fixes). * platform/x86: dell-wmi: Ignore suspend notifications (stable-fixes). * platform/x86: lenovo-ymc: Ignore the 0x0 state (stable-fixes). * platform/x86: touchscreen_dmi: add nanote-next quirk (stable-fixes). * power: reset: brcmstb: Do not go into infinite loop if reset fails (stable- fixes). * powercap: intel_rapl: Fix off by one in get_rpi() (git-fixes). * powerpc/64: Convert patch_instruction() to patch_u32() (bsc#1194869). * powerpc/boot: Handle allocation failure in simple_realloc() (bsc#1194869). * powerpc/boot: Only free if realloc() succeeds (bsc#1194869). * powerpc/code-patching: Add generic memory patching (bsc#1194869). * powerpc/code-patching: Perform hwsync in __patch_instruction() in case of failure (bsc#1194869). * powerpc/crypto: do not build aes-gcm-p10 by default (bsc#1230501 ltc#208632). * powerpc/crypto: fix missing skcipher dependency for aes-gcm-p10 (bsc#1230501 ltc#208632). * powerpc/vdso: Fix VDSO data access when running in a non-root time namespace (bsc#1194869). * powerpc/xics: Check return value of kasprintf in icp_native_map_one_cpu (bsc#1194869). * powerpc/xmon: Fix disassembly CPU feature checks (bsc#1065729). * printk: Add notation to console_srcu locking (bsc#1232183). * qed: avoid truncating work queue length (git-fixes). * rcu-tasks: Fix show_rcu_tasks_trace_gp_kthread buffer overflow (bsc#1226631). * rcu: Fix buffer overflow in print_cpu_stall_info() (bsc#1226623). * rpm/check-for-config-changes: add HAVE_RUST and RUSTC_SUPPORTS_ to IGNORED_CONFIGS_RE They depend on SHADOW_CALL_STACK. * rpm/release-projects: Add SLFO projects (bsc#1231293). * rpmsg: glink: Handle rejected intent request better (git-fixes). * runtime constants: add default dummy infrastructure (git-fixes). * runtime constants: add x86 architecture support (git-fixes). * s390/mm: Add cond_resched() to cmm_alloc/free_pages() (bsc#1228747). * s390/pci: Handle PCI error codes other than 0x3a (git-fixes bsc#1232629). * s390/sclp: Deactivate sclp after all its users (git-fixes bsc#1232628). * s390/sclp_vt220: Convert newlines to CRLF instead of LFCR (git-fixes bsc#1232627). * scsi: fnic: Move flush_work initialization out of if block (bsc#1230055). * scsi: lpfc: Add ELS_RSP cmd to the list of WQEs to flush in lpfc_els_flush_cmd() (bsc#1232757). * scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1232757). * scsi: lpfc: Fix kref imbalance on fabric ndlps from dev_loss_tmo handler (bsc#1232757). * scsi: lpfc: Remove trailing space after \n newline (bsc#1232757). * scsi: lpfc: Restrict support for 32 byte CDBs to specific HBAs (bsc#1232757 bsc#1228119). * scsi: lpfc: Revise TRACE_EVENT log flag severities from KERN_ERR to KERN_WARNING (bsc#1232757). * scsi: lpfc: Support loopback tests with VMID enabled (bsc#1232757). * scsi: lpfc: Update lpfc version to 14.4.0.5 (bsc#1232757). * scsi: lpfc: Update phba link state conditional before sending CMF_SYNC_WQE (bsc#1232757). * selftests/bpf: Add a test case to write mtu result into .rodata (git-fixes). * selftests/bpf: Add a test case to write strtol result into .rodata (git- fixes). * selftests/bpf: Add test for sign extension in coerce_subreg_to_size_sx() (git-fixes). * selftests/bpf: Add test for truncation after sign extension in coerce_reg_to_size_sx() (git-fixes). * selftests/bpf: Add tests for ldsx of pkt data/data_end/data_meta accesses (git-fixes). * selftests/bpf: Fix ARG_PTR_TO_LONG {half-,}uninitialized test (git-fixes). * selftests/bpf: Rename ARG_PTR_TO_LONG test description (git-fixes). * selftests/bpf: test for malformed BPF_CORE_TYPE_ID_LOCAL relocation (git- fixes). * serial: imx: Update mctrl old_status on RTSD interrupt (git-fixes). * serial: protect uart_port_dtr_rts() in uart_shutdown() too (stable-fixes). * soundwire: intel_bus_common: enable interrupts before exiting reset (stable- fixes). * spi: atmel-quadspi: Fix wrong register value written to MR (git-fixes). * spi: mtk-snfi: fix kerneldoc for mtk_snand_is_page_ops() (git-fixes). * spi: s3c64xx: fix timeout counters in flush_fifo (git-fixes). * spi: spi-fsl-dspi: Fix crash when not using GPIO chip select (git-fixes). * spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm enabled (git- fixes). * splice: always fsnotify_access(in), fsnotify_modify(out) on success (git- fixes). * splice: fsnotify_access(fd)/fsnotify_modify(fd) in vmsplice (git-fixes). * splice: fsnotify_access(in), fsnotify_modify(out) on success in tee (git- fixes). * srcu: Fix callbacks acceleration mishandling (git-fixes). * staging: iio: frequency: ad9832: fix division by zero in ad9832_calc_freqreg() (git-fixes). * sumversion: Fix a memory leak in get_src_version() (git-fixes). * supported.conf: mark nhpoly1305 module as supported (bsc#1231035) * supported.conf: mark ultravisor userspace access as supported (bsc#1232090) * task_work: add kerneldoc annotation for 'data' argument (git-fixes). * thunderbolt: Improve DisplayPort tunnel setup process to be more robust (stable-fixes). * tools: hv: rm .*.cmd when make clean (git-fixes). * tracing/hwlat: Fix a race during cpuhp processing (git-fixes). * tracing/osnoise: Fix build when timerlat is not enabled (git-fixes). * tracing/osnoise: Skip running osnoise if all instances are off (git-fixes). * tracing/osnoise: Switch from PF_NO_SETAFFINITY to migrate_disable (git- fixes). * tracing/osnoise: Use a cpumask to know what threads are kthreads (git- fixes). * tracing/timerlat: Add interface_lock around clearing of kthread in stop_kthread() (git-fixes). * tracing/timerlat: Add user-space interface (git-fixes). * tracing/timerlat: Drop interface_lock in stop_kthread() (git-fixes). * tracing/timerlat: Fix a race during cpuhp processing (git-fixes). * tracing/timerlat: Fix duplicated kthread creation due to CPU online/offline (git-fixes). * tracing/timerlat: Move hrtimer_init to timerlat_fd open() (git-fixes). * tracing/timerlat: Only clear timer if a kthread exists (git-fixes). * tracing: Consider the NULL character when validating the event length (git- fixes). * tty: n_gsm: Fix use-after-free in gsm_cleanup_mux (stable-fixes). * ubifs: Fix adding orphan entry twice for the same inode (git-fixes). * ubifs: Fix unattached xattr inode if powercut happens after deleting (git- fixes). * ubifs: add check for crypto_shash_tfm_digest (git-fixes). * ubifs: dbg_orphan_check: Fix missed key type checking (git-fixes). * unicode: Do not special case ignorable code points (stable-fixes). * uprobe: avoid out-of-bounds memory access of fetching args (git-fixes). * uprobes: encapsulate preparation of uprobe args buffer (git-fixes). * uprobes: introduce the global struct vm_special_mapping xol_mapping (bsc#1231114). * uprobes: turn xol_area->pages into xol_area->page (bsc#1231114). * usb: chipidea: udc: enable suspend interrupt after usb reset (stable-fixes). * usb: dwc2: Adjust the timing of USB Driver Interrupt Registration in the Crashkernel Scenario (stable-fixes). * usb: dwc3: Wait for EndXfer completion before restoring GUSB2PHYCFG (git- fixes). * usb: dwc3: core: Stop processing of pending events if controller is halted (git-fixes). * usb: gadget: core: force synchronous registration (git-fixes). * usb: gadget: f_uac2: Replace snprintf() with the safer scnprintf() variant (stable-fixes). * usb: gadget: f_uac2: fix non-newline-terminated function name (stable- fixes). * usb: gadget: f_uac2: fix return value for UAC2_ATTRIBUTE_STRING store (git- fixes). * usb: phy: Fix API devm_usb_put_phy() can not release the phy (git-fixes). * usb: storage: ignore bogus device raised by JieLi BR21 USB sound chip (stable-fixes). * usb: typec: altmode should keep reference to parent (git-fixes). * usb: typec: fix unreleased fwnode_handle in typec_port_register_altmodes() (git-fixes). * usb: xhci: Fix problem with xhci resume from suspend (stable-fixes). * usb: xhci: fix loss of data on Cadence xHC (git-fixes). * usbip: tools: Fix detach_port() invalid port error path (git-fixes). * usbnet: fix cyclical race on disconnect with work queue (git-fixes). * vdpa: Fix an error handling path in eni_vdpa_probe() (git-fixes). * vdpa_sim_blk: Fix the potential leak of mgmt_dev (git-fixes). * vdpa_sim_blk: allocate the buffer zeroed (git-fixes). * vduse: avoid using __GFP_NOFAIL (git-fixes). * vfs: dcache: move hashlen_hash() from callers into d_hash() (git-fixes). * vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (git-fixes). * vhost_vdpa: assign irq bypass producer token correctly (git-fixes). * virtio_console: fix misc probe bugs (git-fixes). * vmalloc: modify the alloc_vmap_area() error message for better diagnostics (jsc#PED-10978). * vmxnet3: Add XDP support (bsc#1226498). * vmxnet3: Fix missing reserved tailroom (bsc#1226498). * vmxnet3: Fix packet corruption in vmxnet3_xdp_xmit_frame (bsc#1226498). * vmxnet3: add command to allow disabling of offloads (bsc#1226498). * vmxnet3: add latency measurement support in vmxnet3 (bsc#1226498). * vmxnet3: prepare for version 9 changes (bsc#1226498). * vmxnet3: update to version 9 (bsc#1226498). * vt: prevent kernel-infoleak in con_font_get() (git-fixes). * wifi: ath10k: Fix memory leak in management tx (git-fixes). * wifi: ath11k: Fix invalid ring usage in full monitor mode (git-fixes). * wifi: ath11k: fix array out-of-bound access in SoC stats (stable-fixes). * wifi: ath12k: fix array out-of-bound access in SoC stats (stable-fixes). * wifi: ath9k: fix possible integer overflow in ath9k_get_et_stats() (stable- fixes). * wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (stable-fixes). * wifi: brcm80211: BRCM_TRACING should depend on TRACING (git-fixes). * wifi: cfg80211: Set correct chandef when starting CAC (stable-fixes). * wifi: cfg80211: clear wdev->cqm_config pointer on free (git-fixes). * wifi: iwlegacy: Fix "field-spanning write" warning in il_enqueue_hcmd() (git-fixes). * wifi: iwlwifi: allow only CN mcc from WRDD (stable-fixes). * wifi: iwlwifi: config: label 'gl' devices as discrete (git-fixes). * wifi: iwlwifi: mvm: Fix a race in scan abort flow (stable-fixes). * wifi: iwlwifi: mvm: Fix response handling in iwl_mvm_send_recovery_cmd() (git-fixes). * wifi: iwlwifi: mvm: avoid NULL pointer dereference (stable-fixes). * wifi: iwlwifi: mvm: do not add default link in fw restart flow (git-fixes). * wifi: iwlwifi: mvm: do not leak a link on AP removal (git-fixes). * wifi: iwlwifi: mvm: drop wrong STA selection in TX (stable-fixes). * wifi: iwlwifi: mvm: use correct key iteration (stable-fixes). * wifi: iwlwifi: remove AX101, AX201 and AX203 support from LNL (stable- fixes). * wifi: mac80211: do not pass a stopped vif to the driver in .get_txpower (git-fixes). * wifi: mac80211: fix RCU list iterations (stable-fixes). * wifi: mac80211: skip non-uploaded keys in ieee80211_iter_keys (git-fixes). * wifi: mt76: mt7915: add dummy HW offload of IEEE 802.11 fragmentation (stable-fixes). * wifi: mt76: mt7915: disable tx worker during tx BA session enable/disable (stable-fixes). * wifi: mt76: mt7915: hold dev->mt76.mutex while disabling tx worker (stable- fixes). * wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() (stable-fixes). * wifi: rtw88: 8821cu: Remove VID/PID 0bda:c82c (stable-fixes). * wifi: rtw88: Fix USB/SDIO devices not transmitting beacons (git-fixes). * wifi: rtw88: select WANT_DEV_COREDUMP (stable-fixes). * wifi: rtw89: avoid reading out of bounds when loading TX power FW elements (stable-fixes). * wifi: rtw89: avoid to add interface to list twice when SER (stable-fixes). * wifi: rtw89: correct base HT rate mask for firmware (stable-fixes). * x86/CPU/AMD: Only apply Zenbleed fix for Zen2 during late microcode load (git-fixes). * x86/Documentation: Indent 'note::' directive for protocol version number note (git-fixes). * x86/PCI: Check pcie_find_root_port() return for NULL (git-fixes). * x86/amd_nb: Add new PCI IDs for AMD family 1Ah model 60h (git-fixes). * x86/apic: Always explicitly disarm TSC-deadline timer (git-fixes). * x86/apic: Make x2apic_disable() work correctly (git-fixes). * x86/bugs: Do not use UNTRAIN_RET with IBPB on entry (git-fixes). * x86/bugs: Skip RSB fill at VMEXIT (git-fixes). * x86/cpufeatures: Add a IBPB_NO_RET BUG flag (git-fixes). * x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET (git-fixes). * x86/entry: Have entry_ibpb() invalidate return predictions (git-fixes). * x86/entry: Remove unwanted instrumentation in common_interrupt() (git- fixes). * x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency (git-fixes). * x86/mm: Use IPIs to synchronize LAM enablement (git-fixes). * x86/resctrl: Annotate get_mem_config() functions as __init (git-fixes). * x86/resctrl: Avoid overflow in MB settings in bw_validate() (git-fixes). * x86/sev: Check for MWAITX and MONITORX opcodes in the #VC handler (git- fixes). * x86: do the user address masking outside the user access area (git-fixes). * x86: fix user address masking non-canonical speculation issue (git-fixes). * x86: make the masked_user_access_begin() macro use its argument only once (git-fixes). * x86: support user address masking instead of non-speculative conditional (git-fixes). * xfs: check opcode and iovec count match in xlog_recover_attri_commit_pass2 (git-fixes). * xfs: check shortform attr entry flags specifically (git-fixes). * xfs: convert delayed extents to unwritten when zeroing post eof blocks (git- fixes). * xfs: fix finding a last resort AG in xfs_filestream_pick_ag (git-fixes). * xfs: fix freeing speculative preallocations for preallocated files (git- fixes). * xfs: make sure sb_fdblocks is non-negative (git-fixes). * xfs: make the seq argument to xfs_bmapi_convert_delalloc() optional (git- fixes). * xfs: make xfs_bmapi_convert_delalloc() to allocate the target offset (git- fixes). * xfs: remove a racy if_bytes check in xfs_reflink_end_cow_extent (git-fixes). * xfs: validate recovered name buffers when recovering xattr items (git- fixes). * xhci: Add a quirk for writing ERST in high-low order (git-fixes). * xhci: Fix Link TRB DMA in command ring stopped completion event (git-fixes). * xhci: Fix incorrect stream context type macro (git-fixes). * xhci: Mitigate failed set dequeue pointer commands (git-fixes). * xhci: Use pm_runtime_get to prevent RPM on unsupported systems (git-fixes). * xhci: tegra: fix checked USB2 port number (git-fixes). * zonefs: Improve error handling (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3984=1 openSUSE-SLE-15.6-2024-3984=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-3984=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64) * kernel-azure-devel-6.4.0-150600.8.17.2 * reiserfs-kmp-azure-debuginfo-6.4.0-150600.8.17.2 * gfs2-kmp-azure-debuginfo-6.4.0-150600.8.17.2 * gfs2-kmp-azure-6.4.0-150600.8.17.2 * kernel-azure-optional-debuginfo-6.4.0-150600.8.17.2 * kselftests-kmp-azure-6.4.0-150600.8.17.2 * kernel-azure-debuginfo-6.4.0-150600.8.17.2 * kernel-azure-extra-6.4.0-150600.8.17.2 * kernel-azure-extra-debuginfo-6.4.0-150600.8.17.2 * kernel-azure-debugsource-6.4.0-150600.8.17.2 * kernel-syms-azure-6.4.0-150600.8.17.1 * kselftests-kmp-azure-debuginfo-6.4.0-150600.8.17.2 * reiserfs-kmp-azure-6.4.0-150600.8.17.2 * dlm-kmp-azure-debuginfo-6.4.0-150600.8.17.2 * ocfs2-kmp-azure-6.4.0-150600.8.17.2 * kernel-azure-optional-6.4.0-150600.8.17.2 * cluster-md-kmp-azure-debuginfo-6.4.0-150600.8.17.2 * kernel-azure-devel-debuginfo-6.4.0-150600.8.17.2 * ocfs2-kmp-azure-debuginfo-6.4.0-150600.8.17.2 * kernel-azure-livepatch-devel-6.4.0-150600.8.17.2 * dlm-kmp-azure-6.4.0-150600.8.17.2 * cluster-md-kmp-azure-6.4.0-150600.8.17.2 * openSUSE Leap 15.6 (aarch64 nosrc x86_64) * kernel-azure-6.4.0-150600.8.17.2 * openSUSE Leap 15.6 (x86_64) * kernel-azure-vdso-6.4.0-150600.8.17.2 * kernel-azure-vdso-debuginfo-6.4.0-150600.8.17.2 * openSUSE Leap 15.6 (noarch) * kernel-devel-azure-6.4.0-150600.8.17.1 * kernel-source-azure-6.4.0-150600.8.17.1 * Public Cloud Module 15-SP6 (aarch64 nosrc x86_64) * kernel-azure-6.4.0-150600.8.17.2 * Public Cloud Module 15-SP6 (aarch64 x86_64) * kernel-azure-devel-6.4.0-150600.8.17.2 * kernel-azure-devel-debuginfo-6.4.0-150600.8.17.2 * kernel-azure-debugsource-6.4.0-150600.8.17.2 * kernel-azure-debuginfo-6.4.0-150600.8.17.2 * kernel-syms-azure-6.4.0-150600.8.17.1 * Public Cloud Module 15-SP6 (noarch) * kernel-devel-azure-6.4.0-150600.8.17.1 * kernel-source-azure-6.4.0-150600.8.17.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52766.html * https://www.suse.com/security/cve/CVE-2023-52800.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2023-52917.html * https://www.suse.com/security/cve/CVE-2023-52918.html * https://www.suse.com/security/cve/CVE-2023-52919.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2024-26758.html * https://www.suse.com/security/cve/CVE-2024-26761.html * https://www.suse.com/security/cve/CVE-2024-26767.html * https://www.suse.com/security/cve/CVE-2024-26943.html * https://www.suse.com/security/cve/CVE-2024-27026.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-35980.html * https://www.suse.com/security/cve/CVE-2024-36244.html * https://www.suse.com/security/cve/CVE-2024-38576.html * https://www.suse.com/security/cve/CVE-2024-38577.html * https://www.suse.com/security/cve/CVE-2024-38599.html * https://www.suse.com/security/cve/CVE-2024-41016.html * https://www.suse.com/security/cve/CVE-2024-41031.html * https://www.suse.com/security/cve/CVE-2024-41047.html * https://www.suse.com/security/cve/CVE-2024-41082.html * https://www.suse.com/security/cve/CVE-2024-42145.html * https://www.suse.com/security/cve/CVE-2024-44932.html * https://www.suse.com/security/cve/CVE-2024-44958.html * https://www.suse.com/security/cve/CVE-2024-44964.html * https://www.suse.com/security/cve/CVE-2024-45016.html * https://www.suse.com/security/cve/CVE-2024-45025.html * https://www.suse.com/security/cve/CVE-2024-46678.html * https://www.suse.com/security/cve/CVE-2024-46721.html * https://www.suse.com/security/cve/CVE-2024-46754.html * https://www.suse.com/security/cve/CVE-2024-46766.html * https://www.suse.com/security/cve/CVE-2024-46770.html * https://www.suse.com/security/cve/CVE-2024-46775.html * https://www.suse.com/security/cve/CVE-2024-46777.html * https://www.suse.com/security/cve/CVE-2024-46797.html * https://www.suse.com/security/cve/CVE-2024-46802.html * https://www.suse.com/security/cve/CVE-2024-46803.html * https://www.suse.com/security/cve/CVE-2024-46804.html * https://www.suse.com/security/cve/CVE-2024-46805.html * https://www.suse.com/security/cve/CVE-2024-46806.html * https://www.suse.com/security/cve/CVE-2024-46807.html * https://www.suse.com/security/cve/CVE-2024-46809.html * https://www.suse.com/security/cve/CVE-2024-46810.html * https://www.suse.com/security/cve/CVE-2024-46811.html * https://www.suse.com/security/cve/CVE-2024-46812.html * https://www.suse.com/security/cve/CVE-2024-46813.html * https://www.suse.com/security/cve/CVE-2024-46814.html * https://www.suse.com/security/cve/CVE-2024-46815.html * https://www.suse.com/security/cve/CVE-2024-46816.html * https://www.suse.com/security/cve/CVE-2024-46817.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-46819.html * https://www.suse.com/security/cve/CVE-2024-46821.html * https://www.suse.com/security/cve/CVE-2024-46825.html * https://www.suse.com/security/cve/CVE-2024-46826.html * https://www.suse.com/security/cve/CVE-2024-46827.html * https://www.suse.com/security/cve/CVE-2024-46828.html * https://www.suse.com/security/cve/CVE-2024-46830.html * https://www.suse.com/security/cve/CVE-2024-46831.html * https://www.suse.com/security/cve/CVE-2024-46834.html * https://www.suse.com/security/cve/CVE-2024-46835.html * https://www.suse.com/security/cve/CVE-2024-46836.html * https://www.suse.com/security/cve/CVE-2024-46840.html * https://www.suse.com/security/cve/CVE-2024-46841.html * https://www.suse.com/security/cve/CVE-2024-46842.html * https://www.suse.com/security/cve/CVE-2024-46843.html * https://www.suse.com/security/cve/CVE-2024-46846.html * https://www.suse.com/security/cve/CVE-2024-46848.html * https://www.suse.com/security/cve/CVE-2024-46849.html * https://www.suse.com/security/cve/CVE-2024-46851.html * https://www.suse.com/security/cve/CVE-2024-46852.html * https://www.suse.com/security/cve/CVE-2024-46853.html * https://www.suse.com/security/cve/CVE-2024-46854.html * https://www.suse.com/security/cve/CVE-2024-46855.html * https://www.suse.com/security/cve/CVE-2024-46857.html * https://www.suse.com/security/cve/CVE-2024-46859.html * https://www.suse.com/security/cve/CVE-2024-46860.html * https://www.suse.com/security/cve/CVE-2024-46861.html * https://www.suse.com/security/cve/CVE-2024-46864.html * https://www.suse.com/security/cve/CVE-2024-46870.html * https://www.suse.com/security/cve/CVE-2024-46871.html * https://www.suse.com/security/cve/CVE-2024-47658.html * https://www.suse.com/security/cve/CVE-2024-47660.html * https://www.suse.com/security/cve/CVE-2024-47661.html * https://www.suse.com/security/cve/CVE-2024-47662.html * https://www.suse.com/security/cve/CVE-2024-47663.html * https://www.suse.com/security/cve/CVE-2024-47664.html * https://www.suse.com/security/cve/CVE-2024-47665.html * https://www.suse.com/security/cve/CVE-2024-47667.html * https://www.suse.com/security/cve/CVE-2024-47668.html * https://www.suse.com/security/cve/CVE-2024-47669.html * https://www.suse.com/security/cve/CVE-2024-47670.html * https://www.suse.com/security/cve/CVE-2024-47671.html * https://www.suse.com/security/cve/CVE-2024-47672.html * https://www.suse.com/security/cve/CVE-2024-47673.html * https://www.suse.com/security/cve/CVE-2024-47674.html * https://www.suse.com/security/cve/CVE-2024-47675.html * https://www.suse.com/security/cve/CVE-2024-47681.html * https://www.suse.com/security/cve/CVE-2024-47682.html * https://www.suse.com/security/cve/CVE-2024-47684.html * https://www.suse.com/security/cve/CVE-2024-47685.html * https://www.suse.com/security/cve/CVE-2024-47686.html * https://www.suse.com/security/cve/CVE-2024-47687.html * https://www.suse.com/security/cve/CVE-2024-47688.html * https://www.suse.com/security/cve/CVE-2024-47692.html * https://www.suse.com/security/cve/CVE-2024-47693.html * https://www.suse.com/security/cve/CVE-2024-47695.html * https://www.suse.com/security/cve/CVE-2024-47696.html * https://www.suse.com/security/cve/CVE-2024-47697.html * https://www.suse.com/security/cve/CVE-2024-47698.html * https://www.suse.com/security/cve/CVE-2024-47699.html * https://www.suse.com/security/cve/CVE-2024-47702.html * https://www.suse.com/security/cve/CVE-2024-47704.html * https://www.suse.com/security/cve/CVE-2024-47705.html * https://www.suse.com/security/cve/CVE-2024-47706.html * https://www.suse.com/security/cve/CVE-2024-47707.html * https://www.suse.com/security/cve/CVE-2024-47709.html * https://www.suse.com/security/cve/CVE-2024-47710.html * https://www.suse.com/security/cve/CVE-2024-47712.html * https://www.suse.com/security/cve/CVE-2024-47713.html * https://www.suse.com/security/cve/CVE-2024-47714.html * https://www.suse.com/security/cve/CVE-2024-47715.html * https://www.suse.com/security/cve/CVE-2024-47718.html * https://www.suse.com/security/cve/CVE-2024-47719.html * https://www.suse.com/security/cve/CVE-2024-47720.html * https://www.suse.com/security/cve/CVE-2024-47723.html * https://www.suse.com/security/cve/CVE-2024-47727.html * https://www.suse.com/security/cve/CVE-2024-47728.html * https://www.suse.com/security/cve/CVE-2024-47730.html * https://www.suse.com/security/cve/CVE-2024-47731.html * https://www.suse.com/security/cve/CVE-2024-47732.html * https://www.suse.com/security/cve/CVE-2024-47735.html * https://www.suse.com/security/cve/CVE-2024-47737.html * https://www.suse.com/security/cve/CVE-2024-47738.html * https://www.suse.com/security/cve/CVE-2024-47739.html * https://www.suse.com/security/cve/CVE-2024-47741.html * https://www.suse.com/security/cve/CVE-2024-47742.html * https://www.suse.com/security/cve/CVE-2024-47743.html * https://www.suse.com/security/cve/CVE-2024-47744.html * https://www.suse.com/security/cve/CVE-2024-47745.html * https://www.suse.com/security/cve/CVE-2024-47747.html * https://www.suse.com/security/cve/CVE-2024-47748.html * https://www.suse.com/security/cve/CVE-2024-47749.html * https://www.suse.com/security/cve/CVE-2024-47750.html * https://www.suse.com/security/cve/CVE-2024-47751.html * https://www.suse.com/security/cve/CVE-2024-47752.html * https://www.suse.com/security/cve/CVE-2024-47753.html * https://www.suse.com/security/cve/CVE-2024-47754.html * https://www.suse.com/security/cve/CVE-2024-47756.html * https://www.suse.com/security/cve/CVE-2024-47757.html * https://www.suse.com/security/cve/CVE-2024-49850.html * https://www.suse.com/security/cve/CVE-2024-49851.html * https://www.suse.com/security/cve/CVE-2024-49852.html * https://www.suse.com/security/cve/CVE-2024-49853.html * https://www.suse.com/security/cve/CVE-2024-49855.html * https://www.suse.com/security/cve/CVE-2024-49858.html * https://www.suse.com/security/cve/CVE-2024-49860.html * https://www.suse.com/security/cve/CVE-2024-49861.html * https://www.suse.com/security/cve/CVE-2024-49862.html * https://www.suse.com/security/cve/CVE-2024-49863.html * https://www.suse.com/security/cve/CVE-2024-49864.html * https://www.suse.com/security/cve/CVE-2024-49866.html * https://www.suse.com/security/cve/CVE-2024-49867.html * https://www.suse.com/security/cve/CVE-2024-49870.html * https://www.suse.com/security/cve/CVE-2024-49871.html * https://www.suse.com/security/cve/CVE-2024-49874.html * https://www.suse.com/security/cve/CVE-2024-49875.html * https://www.suse.com/security/cve/CVE-2024-49877.html * https://www.suse.com/security/cve/CVE-2024-49878.html * https://www.suse.com/security/cve/CVE-2024-49879.html * https://www.suse.com/security/cve/CVE-2024-49881.html * https://www.suse.com/security/cve/CVE-2024-49882.html * https://www.suse.com/security/cve/CVE-2024-49883.html * https://www.suse.com/security/cve/CVE-2024-49886.html * https://www.suse.com/security/cve/CVE-2024-49888.html * https://www.suse.com/security/cve/CVE-2024-49890.html * https://www.suse.com/security/cve/CVE-2024-49891.html * https://www.suse.com/security/cve/CVE-2024-49892.html * https://www.suse.com/security/cve/CVE-2024-49894.html * https://www.suse.com/security/cve/CVE-2024-49895.html * https://www.suse.com/security/cve/CVE-2024-49896.html * https://www.suse.com/security/cve/CVE-2024-49897.html * https://www.suse.com/security/cve/CVE-2024-49898.html * https://www.suse.com/security/cve/CVE-2024-49900.html * https://www.suse.com/security/cve/CVE-2024-49901.html * https://www.suse.com/security/cve/CVE-2024-49902.html * https://www.suse.com/security/cve/CVE-2024-49903.html * https://www.suse.com/security/cve/CVE-2024-49906.html * https://www.suse.com/security/cve/CVE-2024-49907.html * https://www.suse.com/security/cve/CVE-2024-49908.html * https://www.suse.com/security/cve/CVE-2024-49909.html * https://www.suse.com/security/cve/CVE-2024-49913.html * https://www.suse.com/security/cve/CVE-2024-49914.html * https://www.suse.com/security/cve/CVE-2024-49917.html * https://www.suse.com/security/cve/CVE-2024-49918.html * https://www.suse.com/security/cve/CVE-2024-49919.html * https://www.suse.com/security/cve/CVE-2024-49920.html * https://www.suse.com/security/cve/CVE-2024-49928.html * https://www.suse.com/security/cve/CVE-2024-49929.html * https://www.suse.com/security/cve/CVE-2024-49930.html * https://www.suse.com/security/cve/CVE-2024-49931.html * https://www.suse.com/security/cve/CVE-2024-49935.html * https://www.suse.com/security/cve/CVE-2024-49936.html * https://www.suse.com/security/cve/CVE-2024-49937.html * https://www.suse.com/security/cve/CVE-2024-49938.html * https://www.suse.com/security/cve/CVE-2024-49939.html * https://www.suse.com/security/cve/CVE-2024-49946.html * https://www.suse.com/security/cve/CVE-2024-49947.html * https://www.suse.com/security/cve/CVE-2024-49949.html * https://www.suse.com/security/cve/CVE-2024-49950.html * https://www.suse.com/security/cve/CVE-2024-49953.html * https://www.suse.com/security/cve/CVE-2024-49954.html * https://www.suse.com/security/cve/CVE-2024-49955.html * https://www.suse.com/security/cve/CVE-2024-49957.html * https://www.suse.com/security/cve/CVE-2024-49958.html * https://www.suse.com/security/cve/CVE-2024-49959.html * https://www.suse.com/security/cve/CVE-2024-49960.html * https://www.suse.com/security/cve/CVE-2024-49961.html * https://www.suse.com/security/cve/CVE-2024-49962.html * https://www.suse.com/security/cve/CVE-2024-49963.html * https://www.suse.com/security/cve/CVE-2024-49965.html * https://www.suse.com/security/cve/CVE-2024-49966.html * https://www.suse.com/security/cve/CVE-2024-49967.html * https://www.suse.com/security/cve/CVE-2024-49969.html * https://www.suse.com/security/cve/CVE-2024-49972.html * https://www.suse.com/security/cve/CVE-2024-49973.html * https://www.suse.com/security/cve/CVE-2024-49974.html * https://www.suse.com/security/cve/CVE-2024-49981.html * https://www.suse.com/security/cve/CVE-2024-49982.html * https://www.suse.com/security/cve/CVE-2024-49985.html * https://www.suse.com/security/cve/CVE-2024-49986.html * https://www.suse.com/security/cve/CVE-2024-49991.html * https://www.suse.com/security/cve/CVE-2024-49993.html * https://www.suse.com/security/cve/CVE-2024-49995.html * https://www.suse.com/security/cve/CVE-2024-49996.html * https://www.suse.com/security/cve/CVE-2024-50000.html * https://www.suse.com/security/cve/CVE-2024-50001.html * https://www.suse.com/security/cve/CVE-2024-50002.html * https://www.suse.com/security/cve/CVE-2024-50007.html * https://www.suse.com/security/cve/CVE-2024-50008.html * https://www.suse.com/security/cve/CVE-2024-50013.html * https://www.suse.com/security/cve/CVE-2024-50015.html * https://www.suse.com/security/cve/CVE-2024-50017.html * https://www.suse.com/security/cve/CVE-2024-50019.html * https://www.suse.com/security/cve/CVE-2024-50020.html * https://www.suse.com/security/cve/CVE-2024-50021.html * https://www.suse.com/security/cve/CVE-2024-50022.html * https://www.suse.com/security/cve/CVE-2024-50023.html * https://www.suse.com/security/cve/CVE-2024-50024.html * https://www.suse.com/security/cve/CVE-2024-50025.html * https://www.suse.com/security/cve/CVE-2024-50027.html * https://www.suse.com/security/cve/CVE-2024-50028.html * https://www.suse.com/security/cve/CVE-2024-50031.html * https://www.suse.com/security/cve/CVE-2024-50033.html * https://www.suse.com/security/cve/CVE-2024-50035.html * https://www.suse.com/security/cve/CVE-2024-50040.html * https://www.suse.com/security/cve/CVE-2024-50041.html * https://www.suse.com/security/cve/CVE-2024-50042.html * https://www.suse.com/security/cve/CVE-2024-50044.html * https://www.suse.com/security/cve/CVE-2024-50045.html * https://www.suse.com/security/cve/CVE-2024-50046.html * https://www.suse.com/security/cve/CVE-2024-50047.html * https://www.suse.com/security/cve/CVE-2024-50048.html * https://www.suse.com/security/cve/CVE-2024-50049.html * https://www.suse.com/security/cve/CVE-2024-50055.html * https://www.suse.com/security/cve/CVE-2024-50058.html * https://www.suse.com/security/cve/CVE-2024-50059.html * https://www.suse.com/security/cve/CVE-2024-50060.html * https://www.suse.com/security/cve/CVE-2024-50061.html * https://www.suse.com/security/cve/CVE-2024-50062.html * https://www.suse.com/security/cve/CVE-2024-50063.html * https://www.suse.com/security/cve/CVE-2024-50064.html * https://www.suse.com/security/cve/CVE-2024-50069.html * https://www.suse.com/security/cve/CVE-2024-50073.html * https://www.suse.com/security/cve/CVE-2024-50074.html * https://www.suse.com/security/cve/CVE-2024-50075.html * https://www.suse.com/security/cve/CVE-2024-50076.html * https://www.suse.com/security/cve/CVE-2024-50077.html * https://www.suse.com/security/cve/CVE-2024-50078.html * https://www.suse.com/security/cve/CVE-2024-50080.html * https://www.suse.com/security/cve/CVE-2024-50081.html * https://bugzilla.suse.com/show_bug.cgi?id=1065729 * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1217845 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1219596 * https://bugzilla.suse.com/show_bug.cgi?id=1219803 * https://bugzilla.suse.com/show_bug.cgi?id=1220382 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1223700 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1223848 * https://bugzilla.suse.com/show_bug.cgi?id=1224088 * https://bugzilla.suse.com/show_bug.cgi?id=1224574 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1226003 * https://bugzilla.suse.com/show_bug.cgi?id=1226498 * https://bugzilla.suse.com/show_bug.cgi?id=1226623 * https://bugzilla.suse.com/show_bug.cgi?id=1226631 * https://bugzilla.suse.com/show_bug.cgi?id=1226797 * https://bugzilla.suse.com/show_bug.cgi?id=1226848 * https://bugzilla.suse.com/show_bug.cgi?id=1228119 * https://bugzilla.suse.com/show_bug.cgi?id=1228244 * https://bugzilla.suse.com/show_bug.cgi?id=1228269 * https://bugzilla.suse.com/show_bug.cgi?id=1228410 * https://bugzilla.suse.com/show_bug.cgi?id=1228454 * https://bugzilla.suse.com/show_bug.cgi?id=1228537 * https://bugzilla.suse.com/show_bug.cgi?id=1228620 * https://bugzilla.suse.com/show_bug.cgi?id=1228743 * https://bugzilla.suse.com/show_bug.cgi?id=1228747 * https://bugzilla.suse.com/show_bug.cgi?id=1228857 * https://bugzilla.suse.com/show_bug.cgi?id=1229019 * https://bugzilla.suse.com/show_bug.cgi?id=1229429 * https://bugzilla.suse.com/show_bug.cgi?id=1229450 * https://bugzilla.suse.com/show_bug.cgi?id=1229585 * https://bugzilla.suse.com/show_bug.cgi?id=1229677 * https://bugzilla.suse.com/show_bug.cgi?id=1229769 * https://bugzilla.suse.com/show_bug.cgi?id=1229808 * https://bugzilla.suse.com/show_bug.cgi?id=1229891 * https://bugzilla.suse.com/show_bug.cgi?id=1230055 * https://bugzilla.suse.com/show_bug.cgi?id=1230132 * https://bugzilla.suse.com/show_bug.cgi?id=1230179 * https://bugzilla.suse.com/show_bug.cgi?id=1230220 * https://bugzilla.suse.com/show_bug.cgi?id=1230289 * https://bugzilla.suse.com/show_bug.cgi?id=1230295 * https://bugzilla.suse.com/show_bug.cgi?id=1230339 * https://bugzilla.suse.com/show_bug.cgi?id=1230341 * https://bugzilla.suse.com/show_bug.cgi?id=1230375 * https://bugzilla.suse.com/show_bug.cgi?id=1230414 * https://bugzilla.suse.com/show_bug.cgi?id=1230429 * https://bugzilla.suse.com/show_bug.cgi?id=1230456 * https://bugzilla.suse.com/show_bug.cgi?id=1230501 * https://bugzilla.suse.com/show_bug.cgi?id=1230527 * https://bugzilla.suse.com/show_bug.cgi?id=1230550 * https://bugzilla.suse.com/show_bug.cgi?id=1230600 * https://bugzilla.suse.com/show_bug.cgi?id=1230620 * https://bugzilla.suse.com/show_bug.cgi?id=1230710 * https://bugzilla.suse.com/show_bug.cgi?id=1230762 * https://bugzilla.suse.com/show_bug.cgi?id=1230763 * https://bugzilla.suse.com/show_bug.cgi?id=1230773 * https://bugzilla.suse.com/show_bug.cgi?id=1230774 * https://bugzilla.suse.com/show_bug.cgi?id=1230801 * https://bugzilla.suse.com/show_bug.cgi?id=1230831 * https://bugzilla.suse.com/show_bug.cgi?id=1230914 * https://bugzilla.suse.com/show_bug.cgi?id=1230918 * https://bugzilla.suse.com/show_bug.cgi?id=1231016 * https://bugzilla.suse.com/show_bug.cgi?id=1231035 * https://bugzilla.suse.com/show_bug.cgi?id=1231072 * https://bugzilla.suse.com/show_bug.cgi?id=1231073 * https://bugzilla.suse.com/show_bug.cgi?id=1231075 * https://bugzilla.suse.com/show_bug.cgi?id=1231081 * https://bugzilla.suse.com/show_bug.cgi?id=1231082 * https://bugzilla.suse.com/show_bug.cgi?id=1231083 * https://bugzilla.suse.com/show_bug.cgi?id=1231084 * https://bugzilla.suse.com/show_bug.cgi?id=1231085 * https://bugzilla.suse.com/show_bug.cgi?id=1231087 * https://bugzilla.suse.com/show_bug.cgi?id=1231089 * https://bugzilla.suse.com/show_bug.cgi?id=1231092 * https://bugzilla.suse.com/show_bug.cgi?id=1231093 * https://bugzilla.suse.com/show_bug.cgi?id=1231094 * https://bugzilla.suse.com/show_bug.cgi?id=1231096 * https://bugzilla.suse.com/show_bug.cgi?id=1231098 * https://bugzilla.suse.com/show_bug.cgi?id=1231100 * https://bugzilla.suse.com/show_bug.cgi?id=1231101 * https://bugzilla.suse.com/show_bug.cgi?id=1231102 * https://bugzilla.suse.com/show_bug.cgi?id=1231105 * https://bugzilla.suse.com/show_bug.cgi?id=1231108 * https://bugzilla.suse.com/show_bug.cgi?id=1231111 * https://bugzilla.suse.com/show_bug.cgi?id=1231114 * https://bugzilla.suse.com/show_bug.cgi?id=1231115 * https://bugzilla.suse.com/show_bug.cgi?id=1231116 * https://bugzilla.suse.com/show_bug.cgi?id=1231117 * https://bugzilla.suse.com/show_bug.cgi?id=1231131 * https://bugzilla.suse.com/show_bug.cgi?id=1231132 * https://bugzilla.suse.com/show_bug.cgi?id=1231135 * https://bugzilla.suse.com/show_bug.cgi?id=1231136 * https://bugzilla.suse.com/show_bug.cgi?id=1231138 * https://bugzilla.suse.com/show_bug.cgi?id=1231148 * https://bugzilla.suse.com/show_bug.cgi?id=1231169 * https://bugzilla.suse.com/show_bug.cgi?id=1231170 * https://bugzilla.suse.com/show_bug.cgi?id=1231171 * https://bugzilla.suse.com/show_bug.cgi?id=1231178 * https://bugzilla.suse.com/show_bug.cgi?id=1231179 * https://bugzilla.suse.com/show_bug.cgi?id=1231183 * https://bugzilla.suse.com/show_bug.cgi?id=1231187 * https://bugzilla.suse.com/show_bug.cgi?id=1231191 * https://bugzilla.suse.com/show_bug.cgi?id=1231193 * https://bugzilla.suse.com/show_bug.cgi?id=1231195 * https://bugzilla.suse.com/show_bug.cgi?id=1231197 * https://bugzilla.suse.com/show_bug.cgi?id=1231200 * https://bugzilla.suse.com/show_bug.cgi?id=1231202 * https://bugzilla.suse.com/show_bug.cgi?id=1231203 * https://bugzilla.suse.com/show_bug.cgi?id=1231276 * https://bugzilla.suse.com/show_bug.cgi?id=1231293 * https://bugzilla.suse.com/show_bug.cgi?id=1231384 * https://bugzilla.suse.com/show_bug.cgi?id=1231434 * https://bugzilla.suse.com/show_bug.cgi?id=1231435 * https://bugzilla.suse.com/show_bug.cgi?id=1231436 * https://bugzilla.suse.com/show_bug.cgi?id=1231439 * https://bugzilla.suse.com/show_bug.cgi?id=1231440 * https://bugzilla.suse.com/show_bug.cgi?id=1231441 * https://bugzilla.suse.com/show_bug.cgi?id=1231442 * https://bugzilla.suse.com/show_bug.cgi?id=1231452 * https://bugzilla.suse.com/show_bug.cgi?id=1231474 * https://bugzilla.suse.com/show_bug.cgi?id=1231481 * https://bugzilla.suse.com/show_bug.cgi?id=1231496 * https://bugzilla.suse.com/show_bug.cgi?id=1231502 * https://bugzilla.suse.com/show_bug.cgi?id=1231537 * https://bugzilla.suse.com/show_bug.cgi?id=1231539 * https://bugzilla.suse.com/show_bug.cgi?id=1231540 * https://bugzilla.suse.com/show_bug.cgi?id=1231541 * https://bugzilla.suse.com/show_bug.cgi?id=1231617 * https://bugzilla.suse.com/show_bug.cgi?id=1231634 * https://bugzilla.suse.com/show_bug.cgi?id=1231635 * https://bugzilla.suse.com/show_bug.cgi?id=1231636 * https://bugzilla.suse.com/show_bug.cgi?id=1231637 * https://bugzilla.suse.com/show_bug.cgi?id=1231638 * https://bugzilla.suse.com/show_bug.cgi?id=1231639 * https://bugzilla.suse.com/show_bug.cgi?id=1231640 * https://bugzilla.suse.com/show_bug.cgi?id=1231673 * https://bugzilla.suse.com/show_bug.cgi?id=1231828 * https://bugzilla.suse.com/show_bug.cgi?id=1231849 * https://bugzilla.suse.com/show_bug.cgi?id=1231855 * https://bugzilla.suse.com/show_bug.cgi?id=1231856 * https://bugzilla.suse.com/show_bug.cgi?id=1231857 * https://bugzilla.suse.com/show_bug.cgi?id=1231858 * https://bugzilla.suse.com/show_bug.cgi?id=1231859 * https://bugzilla.suse.com/show_bug.cgi?id=1231860 * https://bugzilla.suse.com/show_bug.cgi?id=1231861 * https://bugzilla.suse.com/show_bug.cgi?id=1231864 * https://bugzilla.suse.com/show_bug.cgi?id=1231865 * https://bugzilla.suse.com/show_bug.cgi?id=1231868 * https://bugzilla.suse.com/show_bug.cgi?id=1231869 * https://bugzilla.suse.com/show_bug.cgi?id=1231871 * https://bugzilla.suse.com/show_bug.cgi?id=1231872 * https://bugzilla.suse.com/show_bug.cgi?id=1231901 * https://bugzilla.suse.com/show_bug.cgi?id=1231902 * https://bugzilla.suse.com/show_bug.cgi?id=1231903 * https://bugzilla.suse.com/show_bug.cgi?id=1231904 * https://bugzilla.suse.com/show_bug.cgi?id=1231906 * https://bugzilla.suse.com/show_bug.cgi?id=1231907 * https://bugzilla.suse.com/show_bug.cgi?id=1231908 * https://bugzilla.suse.com/show_bug.cgi?id=1231914 * https://bugzilla.suse.com/show_bug.cgi?id=1231916 * https://bugzilla.suse.com/show_bug.cgi?id=1231924 * https://bugzilla.suse.com/show_bug.cgi?id=1231926 * https://bugzilla.suse.com/show_bug.cgi?id=1231931 * https://bugzilla.suse.com/show_bug.cgi?id=1231935 * https://bugzilla.suse.com/show_bug.cgi?id=1231942 * https://bugzilla.suse.com/show_bug.cgi?id=1231944 * https://bugzilla.suse.com/show_bug.cgi?id=1231947 * https://bugzilla.suse.com/show_bug.cgi?id=1231950 * https://bugzilla.suse.com/show_bug.cgi?id=1231951 * https://bugzilla.suse.com/show_bug.cgi?id=1231953 * https://bugzilla.suse.com/show_bug.cgi?id=1231954 * https://bugzilla.suse.com/show_bug.cgi?id=1231955 * https://bugzilla.suse.com/show_bug.cgi?id=1231956 * https://bugzilla.suse.com/show_bug.cgi?id=1231957 * https://bugzilla.suse.com/show_bug.cgi?id=1231965 * https://bugzilla.suse.com/show_bug.cgi?id=1231967 * https://bugzilla.suse.com/show_bug.cgi?id=1231968 * https://bugzilla.suse.com/show_bug.cgi?id=1231987 * https://bugzilla.suse.com/show_bug.cgi?id=1231988 * https://bugzilla.suse.com/show_bug.cgi?id=1231989 * https://bugzilla.suse.com/show_bug.cgi?id=1231990 * https://bugzilla.suse.com/show_bug.cgi?id=1231998 * https://bugzilla.suse.com/show_bug.cgi?id=1232000 * https://bugzilla.suse.com/show_bug.cgi?id=1232003 * https://bugzilla.suse.com/show_bug.cgi?id=1232009 * https://bugzilla.suse.com/show_bug.cgi?id=1232013 * https://bugzilla.suse.com/show_bug.cgi?id=1232015 * https://bugzilla.suse.com/show_bug.cgi?id=1232016 * https://bugzilla.suse.com/show_bug.cgi?id=1232017 * https://bugzilla.suse.com/show_bug.cgi?id=1232018 * https://bugzilla.suse.com/show_bug.cgi?id=1232033 * https://bugzilla.suse.com/show_bug.cgi?id=1232034 * https://bugzilla.suse.com/show_bug.cgi?id=1232036 * https://bugzilla.suse.com/show_bug.cgi?id=1232043 * https://bugzilla.suse.com/show_bug.cgi?id=1232047 * https://bugzilla.suse.com/show_bug.cgi?id=1232048 * https://bugzilla.suse.com/show_bug.cgi?id=1232049 * https://bugzilla.suse.com/show_bug.cgi?id=1232050 * https://bugzilla.suse.com/show_bug.cgi?id=1232056 * https://bugzilla.suse.com/show_bug.cgi?id=1232075 * https://bugzilla.suse.com/show_bug.cgi?id=1232076 * https://bugzilla.suse.com/show_bug.cgi?id=1232079 * https://bugzilla.suse.com/show_bug.cgi?id=1232080 * https://bugzilla.suse.com/show_bug.cgi?id=1232083 * https://bugzilla.suse.com/show_bug.cgi?id=1232084 * https://bugzilla.suse.com/show_bug.cgi?id=1232085 * https://bugzilla.suse.com/show_bug.cgi?id=1232089 * https://bugzilla.suse.com/show_bug.cgi?id=1232093 * https://bugzilla.suse.com/show_bug.cgi?id=1232094 * https://bugzilla.suse.com/show_bug.cgi?id=1232097 * https://bugzilla.suse.com/show_bug.cgi?id=1232098 * https://bugzilla.suse.com/show_bug.cgi?id=1232105 * https://bugzilla.suse.com/show_bug.cgi?id=1232109 * https://bugzilla.suse.com/show_bug.cgi?id=1232111 * https://bugzilla.suse.com/show_bug.cgi?id=1232114 * https://bugzilla.suse.com/show_bug.cgi?id=1232116 * https://bugzilla.suse.com/show_bug.cgi?id=1232117 * https://bugzilla.suse.com/show_bug.cgi?id=1232124 * https://bugzilla.suse.com/show_bug.cgi?id=1232126 * https://bugzilla.suse.com/show_bug.cgi?id=1232127 * https://bugzilla.suse.com/show_bug.cgi?id=1232129 * https://bugzilla.suse.com/show_bug.cgi?id=1232130 * https://bugzilla.suse.com/show_bug.cgi?id=1232131 * https://bugzilla.suse.com/show_bug.cgi?id=1232132 * https://bugzilla.suse.com/show_bug.cgi?id=1232134 * https://bugzilla.suse.com/show_bug.cgi?id=1232135 * https://bugzilla.suse.com/show_bug.cgi?id=1232140 * https://bugzilla.suse.com/show_bug.cgi?id=1232141 * https://bugzilla.suse.com/show_bug.cgi?id=1232142 * https://bugzilla.suse.com/show_bug.cgi?id=1232145 * https://bugzilla.suse.com/show_bug.cgi?id=1232147 * https://bugzilla.suse.com/show_bug.cgi?id=1232148 * https://bugzilla.suse.com/show_bug.cgi?id=1232149 * https://bugzilla.suse.com/show_bug.cgi?id=1232151 * https://bugzilla.suse.com/show_bug.cgi?id=1232152 * https://bugzilla.suse.com/show_bug.cgi?id=1232154 * https://bugzilla.suse.com/show_bug.cgi?id=1232155 * https://bugzilla.suse.com/show_bug.cgi?id=1232156 * https://bugzilla.suse.com/show_bug.cgi?id=1232159 * https://bugzilla.suse.com/show_bug.cgi?id=1232160 * https://bugzilla.suse.com/show_bug.cgi?id=1232162 * https://bugzilla.suse.com/show_bug.cgi?id=1232164 * https://bugzilla.suse.com/show_bug.cgi?id=1232174 * https://bugzilla.suse.com/show_bug.cgi?id=1232180 * https://bugzilla.suse.com/show_bug.cgi?id=1232182 * https://bugzilla.suse.com/show_bug.cgi?id=1232183 * https://bugzilla.suse.com/show_bug.cgi?id=1232185 * https://bugzilla.suse.com/show_bug.cgi?id=1232187 * https://bugzilla.suse.com/show_bug.cgi?id=1232189 * https://bugzilla.suse.com/show_bug.cgi?id=1232192 * https://bugzilla.suse.com/show_bug.cgi?id=1232195 * https://bugzilla.suse.com/show_bug.cgi?id=1232196 * https://bugzilla.suse.com/show_bug.cgi?id=1232199 * https://bugzilla.suse.com/show_bug.cgi?id=1232200 * https://bugzilla.suse.com/show_bug.cgi?id=1232201 * https://bugzilla.suse.com/show_bug.cgi?id=1232208 * https://bugzilla.suse.com/show_bug.cgi?id=1232217 * https://bugzilla.suse.com/show_bug.cgi?id=1232218 * https://bugzilla.suse.com/show_bug.cgi?id=1232220 * https://bugzilla.suse.com/show_bug.cgi?id=1232221 * https://bugzilla.suse.com/show_bug.cgi?id=1232222 * https://bugzilla.suse.com/show_bug.cgi?id=1232232 * https://bugzilla.suse.com/show_bug.cgi?id=1232250 * https://bugzilla.suse.com/show_bug.cgi?id=1232251 * https://bugzilla.suse.com/show_bug.cgi?id=1232253 * https://bugzilla.suse.com/show_bug.cgi?id=1232254 * https://bugzilla.suse.com/show_bug.cgi?id=1232255 * https://bugzilla.suse.com/show_bug.cgi?id=1232256 * https://bugzilla.suse.com/show_bug.cgi?id=1232259 * https://bugzilla.suse.com/show_bug.cgi?id=1232260 * https://bugzilla.suse.com/show_bug.cgi?id=1232262 * https://bugzilla.suse.com/show_bug.cgi?id=1232263 * https://bugzilla.suse.com/show_bug.cgi?id=1232275 * https://bugzilla.suse.com/show_bug.cgi?id=1232279 * https://bugzilla.suse.com/show_bug.cgi?id=1232282 * https://bugzilla.suse.com/show_bug.cgi?id=1232285 * https://bugzilla.suse.com/show_bug.cgi?id=1232287 * https://bugzilla.suse.com/show_bug.cgi?id=1232295 * https://bugzilla.suse.com/show_bug.cgi?id=1232305 * https://bugzilla.suse.com/show_bug.cgi?id=1232307 * https://bugzilla.suse.com/show_bug.cgi?id=1232309 * https://bugzilla.suse.com/show_bug.cgi?id=1232310 * https://bugzilla.suse.com/show_bug.cgi?id=1232312 * https://bugzilla.suse.com/show_bug.cgi?id=1232313 * https://bugzilla.suse.com/show_bug.cgi?id=1232314 * https://bugzilla.suse.com/show_bug.cgi?id=1232315 * https://bugzilla.suse.com/show_bug.cgi?id=1232316 * https://bugzilla.suse.com/show_bug.cgi?id=1232317 * https://bugzilla.suse.com/show_bug.cgi?id=1232329 * https://bugzilla.suse.com/show_bug.cgi?id=1232332 * https://bugzilla.suse.com/show_bug.cgi?id=1232333 * https://bugzilla.suse.com/show_bug.cgi?id=1232334 * https://bugzilla.suse.com/show_bug.cgi?id=1232335 * https://bugzilla.suse.com/show_bug.cgi?id=1232337 * https://bugzilla.suse.com/show_bug.cgi?id=1232339 * https://bugzilla.suse.com/show_bug.cgi?id=1232340 * https://bugzilla.suse.com/show_bug.cgi?id=1232342 * https://bugzilla.suse.com/show_bug.cgi?id=1232345 * https://bugzilla.suse.com/show_bug.cgi?id=1232349 * https://bugzilla.suse.com/show_bug.cgi?id=1232352 * https://bugzilla.suse.com/show_bug.cgi?id=1232354 * https://bugzilla.suse.com/show_bug.cgi?id=1232355 * https://bugzilla.suse.com/show_bug.cgi?id=1232359 * https://bugzilla.suse.com/show_bug.cgi?id=1232362 * https://bugzilla.suse.com/show_bug.cgi?id=1232369 * https://bugzilla.suse.com/show_bug.cgi?id=1232370 * https://bugzilla.suse.com/show_bug.cgi?id=1232378 * https://bugzilla.suse.com/show_bug.cgi?id=1232381 * https://bugzilla.suse.com/show_bug.cgi?id=1232383 * https://bugzilla.suse.com/show_bug.cgi?id=1232392 * https://bugzilla.suse.com/show_bug.cgi?id=1232394 * https://bugzilla.suse.com/show_bug.cgi?id=1232395 * https://bugzilla.suse.com/show_bug.cgi?id=1232417 * https://bugzilla.suse.com/show_bug.cgi?id=1232418 * https://bugzilla.suse.com/show_bug.cgi?id=1232424 * https://bugzilla.suse.com/show_bug.cgi?id=1232427 * https://bugzilla.suse.com/show_bug.cgi?id=1232432 * https://bugzilla.suse.com/show_bug.cgi?id=1232435 * https://bugzilla.suse.com/show_bug.cgi?id=1232501 * https://bugzilla.suse.com/show_bug.cgi?id=1232502 * https://bugzilla.suse.com/show_bug.cgi?id=1232503 * https://bugzilla.suse.com/show_bug.cgi?id=1232504 * https://bugzilla.suse.com/show_bug.cgi?id=1232505 * https://bugzilla.suse.com/show_bug.cgi?id=1232506 * https://bugzilla.suse.com/show_bug.cgi?id=1232507 * https://bugzilla.suse.com/show_bug.cgi?id=1232511 * https://bugzilla.suse.com/show_bug.cgi?id=1232519 * https://bugzilla.suse.com/show_bug.cgi?id=1232520 * https://bugzilla.suse.com/show_bug.cgi?id=1232529 * https://bugzilla.suse.com/show_bug.cgi?id=1232552 * https://bugzilla.suse.com/show_bug.cgi?id=1232623 * https://bugzilla.suse.com/show_bug.cgi?id=1232626 * https://bugzilla.suse.com/show_bug.cgi?id=1232627 * https://bugzilla.suse.com/show_bug.cgi?id=1232628 * https://bugzilla.suse.com/show_bug.cgi?id=1232629 * https://bugzilla.suse.com/show_bug.cgi?id=1232757 * https://bugzilla.suse.com/show_bug.cgi?id=1232768 * https://bugzilla.suse.com/show_bug.cgi?id=1232819 * https://jira.suse.com/browse/PED-10559 * https://jira.suse.com/browse/PED-10978 * https://jira.suse.com/browse/PED-9899 * https://jira.suse.com/browse/PED-9901 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 13 12:49:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 13 Nov 2024 12:49:20 -0000 Subject: SUSE-SU-2024:3983-1: important: Security update for the Linux Kernel Message-ID: <173150216004.4790.3217163600373022431@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3983-1 Release Date: 2024-11-13T10:12:32Z Rating: important References: * bsc#1204171 * bsc#1205796 * bsc#1206188 * bsc#1206344 * bsc#1209290 * bsc#1210449 * bsc#1210627 * bsc#1213034 * bsc#1216813 * bsc#1218562 * bsc#1223384 * bsc#1223524 * bsc#1223824 * bsc#1225189 * bsc#1225336 * bsc#1225611 * bsc#1225762 * bsc#1226498 * bsc#1226797 * bsc#1227437 * bsc#1227885 * bsc#1228119 * bsc#1228269 * bsc#1228709 * bsc#1228743 * bsc#1229005 * bsc#1229019 * bsc#1229450 * bsc#1229454 * bsc#1229456 * bsc#1229556 * bsc#1229769 * bsc#1229837 * bsc#1230179 * bsc#1230405 * bsc#1230414 * bsc#1230429 * bsc#1230456 * bsc#1230600 * bsc#1230620 * bsc#1230715 * bsc#1230722 * bsc#1230773 * bsc#1230801 * bsc#1230903 * bsc#1230918 * bsc#1231016 * bsc#1231072 * bsc#1231073 * bsc#1231094 * bsc#1231096 * bsc#1231105 * bsc#1231114 * bsc#1231148 * bsc#1231179 * bsc#1231191 * bsc#1231193 * bsc#1231195 * bsc#1231197 * bsc#1231200 * bsc#1231203 * bsc#1231293 * bsc#1231344 * bsc#1231375 * bsc#1231383 * bsc#1231439 * bsc#1231442 * bsc#1231496 * bsc#1231502 * bsc#1231539 * bsc#1231540 * bsc#1231578 * bsc#1231673 * bsc#1231857 * bsc#1231861 * bsc#1231872 * bsc#1231883 * bsc#1231885 * bsc#1231887 * bsc#1231888 * bsc#1231889 * bsc#1231890 * bsc#1231892 * bsc#1231893 * bsc#1231895 * bsc#1231896 * bsc#1231897 * bsc#1231902 * bsc#1231903 * bsc#1231907 * bsc#1231914 * bsc#1231929 * bsc#1231935 * bsc#1231936 * bsc#1231937 * bsc#1231938 * bsc#1231939 * bsc#1231940 * bsc#1231941 * bsc#1231942 * bsc#1231944 * bsc#1231950 * bsc#1231954 * bsc#1231958 * bsc#1231960 * bsc#1231961 * bsc#1231962 * bsc#1231965 * bsc#1231967 * bsc#1231968 * bsc#1231972 * bsc#1231973 * bsc#1231976 * bsc#1231979 * bsc#1231987 * bsc#1231988 * bsc#1231990 * bsc#1231992 * bsc#1231995 * bsc#1231996 * bsc#1231997 * bsc#1231998 * bsc#1232001 * bsc#1232004 * bsc#1232005 * bsc#1232006 * bsc#1232007 * bsc#1232025 * bsc#1232026 * bsc#1232033 * bsc#1232034 * bsc#1232035 * bsc#1232036 * bsc#1232037 * bsc#1232038 * bsc#1232039 * bsc#1232043 * bsc#1232049 * bsc#1232067 * bsc#1232069 * bsc#1232070 * bsc#1232071 * bsc#1232075 * bsc#1232083 * bsc#1232084 * bsc#1232085 * bsc#1232089 * bsc#1232097 * bsc#1232104 * bsc#1232105 * bsc#1232108 * bsc#1232114 * bsc#1232116 * bsc#1232119 * bsc#1232120 * bsc#1232123 * bsc#1232124 * bsc#1232133 * bsc#1232135 * bsc#1232136 * bsc#1232140 * bsc#1232145 * bsc#1232149 * bsc#1232150 * bsc#1232151 * bsc#1232154 * bsc#1232155 * bsc#1232160 * bsc#1232163 * bsc#1232164 * bsc#1232170 * bsc#1232172 * bsc#1232174 * bsc#1232175 * bsc#1232191 * bsc#1232196 * bsc#1232199 * bsc#1232200 * bsc#1232201 * bsc#1232217 * bsc#1232220 * bsc#1232221 * bsc#1232229 * bsc#1232233 * bsc#1232237 * bsc#1232251 * bsc#1232253 * bsc#1232259 * bsc#1232260 * bsc#1232262 * bsc#1232263 * bsc#1232282 * bsc#1232285 * bsc#1232286 * bsc#1232304 * bsc#1232305 * bsc#1232307 * bsc#1232309 * bsc#1232310 * bsc#1232313 * bsc#1232314 * bsc#1232316 * bsc#1232329 * bsc#1232332 * bsc#1232335 * bsc#1232337 * bsc#1232342 * bsc#1232345 * bsc#1232352 * bsc#1232354 * bsc#1232355 * bsc#1232358 * bsc#1232361 * bsc#1232366 * bsc#1232367 * bsc#1232368 * bsc#1232369 * bsc#1232374 * bsc#1232381 * bsc#1232383 * bsc#1232392 * bsc#1232395 * bsc#1232418 * bsc#1232424 * bsc#1232432 * bsc#1232435 * bsc#1232442 * bsc#1232446 * bsc#1232501 * bsc#1232519 * bsc#1232630 * bsc#1232631 * bsc#1232632 * bsc#1232757 Cross-References: * CVE-2021-47416 * CVE-2021-47534 * CVE-2022-3435 * CVE-2022-45934 * CVE-2022-48664 * CVE-2022-48879 * CVE-2022-48946 * CVE-2022-48947 * CVE-2022-48948 * CVE-2022-48949 * CVE-2022-48951 * CVE-2022-48953 * CVE-2022-48954 * CVE-2022-48955 * CVE-2022-48956 * CVE-2022-48957 * CVE-2022-48958 * CVE-2022-48959 * CVE-2022-48960 * CVE-2022-48961 * CVE-2022-48962 * CVE-2022-48966 * CVE-2022-48967 * CVE-2022-48968 * CVE-2022-48969 * CVE-2022-48970 * CVE-2022-48971 * CVE-2022-48972 * CVE-2022-48973 * CVE-2022-48975 * CVE-2022-48977 * CVE-2022-48978 * CVE-2022-48980 * CVE-2022-48981 * CVE-2022-48985 * CVE-2022-48987 * CVE-2022-48988 * CVE-2022-48991 * CVE-2022-48992 * CVE-2022-48994 * CVE-2022-48995 * CVE-2022-48997 * CVE-2022-48999 * CVE-2022-49000 * CVE-2022-49002 * CVE-2022-49003 * CVE-2022-49005 * CVE-2022-49006 * CVE-2022-49007 * CVE-2022-49010 * CVE-2022-49011 * CVE-2022-49012 * CVE-2022-49014 * CVE-2022-49015 * CVE-2022-49016 * CVE-2022-49017 * CVE-2022-49019 * CVE-2022-49020 * CVE-2022-49021 * CVE-2022-49022 * CVE-2022-49023 * CVE-2022-49024 * CVE-2022-49025 * CVE-2022-49026 * CVE-2022-49027 * CVE-2022-49028 * CVE-2022-49029 * CVE-2022-49031 * CVE-2022-49032 * CVE-2023-2166 * CVE-2023-28327 * CVE-2023-52766 * CVE-2023-52800 * CVE-2023-52881 * CVE-2023-52919 * CVE-2023-6270 * CVE-2024-27043 * CVE-2024-36244 * CVE-2024-36957 * CVE-2024-39476 * CVE-2024-40965 * CVE-2024-42145 * CVE-2024-42226 * CVE-2024-42253 * CVE-2024-44931 * CVE-2024-44947 * CVE-2024-44958 * CVE-2024-45016 * CVE-2024-45025 * CVE-2024-46716 * CVE-2024-46719 * CVE-2024-46754 * CVE-2024-46777 * CVE-2024-46809 * CVE-2024-46811 * CVE-2024-46813 * CVE-2024-46814 * CVE-2024-46815 * CVE-2024-46816 * CVE-2024-46817 * CVE-2024-46818 * CVE-2024-46828 * CVE-2024-46834 * CVE-2024-46840 * CVE-2024-46841 * CVE-2024-46848 * CVE-2024-46849 * CVE-2024-47660 * CVE-2024-47661 * CVE-2024-47664 * CVE-2024-47668 * CVE-2024-47672 * CVE-2024-47673 * CVE-2024-47674 * CVE-2024-47684 * CVE-2024-47685 * CVE-2024-47692 * CVE-2024-47704 * CVE-2024-47705 * CVE-2024-47706 * CVE-2024-47707 * CVE-2024-47710 * CVE-2024-47720 * CVE-2024-47727 * CVE-2024-47730 * CVE-2024-47738 * CVE-2024-47739 * CVE-2024-47745 * CVE-2024-47747 * CVE-2024-47748 * CVE-2024-49858 * CVE-2024-49860 * CVE-2024-49866 * CVE-2024-49867 * CVE-2024-49881 * CVE-2024-49882 * CVE-2024-49883 * CVE-2024-49886 * CVE-2024-49890 * CVE-2024-49892 * CVE-2024-49894 * CVE-2024-49895 * CVE-2024-49896 * CVE-2024-49897 * CVE-2024-49899 * CVE-2024-49901 * CVE-2024-49906 * CVE-2024-49908 * CVE-2024-49909 * CVE-2024-49911 * CVE-2024-49912 * CVE-2024-49913 * CVE-2024-49914 * CVE-2024-49917 * CVE-2024-49918 * CVE-2024-49919 * CVE-2024-49920 * CVE-2024-49922 * CVE-2024-49923 * CVE-2024-49929 * CVE-2024-49930 * CVE-2024-49933 * CVE-2024-49936 * CVE-2024-49939 * CVE-2024-49946 * CVE-2024-49949 * CVE-2024-49954 * CVE-2024-49955 * CVE-2024-49958 * CVE-2024-49959 * CVE-2024-49960 * CVE-2024-49962 * CVE-2024-49967 * CVE-2024-49969 * CVE-2024-49973 * CVE-2024-49974 * CVE-2024-49975 * CVE-2024-49982 * CVE-2024-49991 * CVE-2024-49993 * CVE-2024-49995 * CVE-2024-49996 * CVE-2024-50000 * CVE-2024-50001 * CVE-2024-50002 * CVE-2024-50006 * CVE-2024-50014 * CVE-2024-50019 * CVE-2024-50024 * CVE-2024-50028 * CVE-2024-50033 * CVE-2024-50035 * CVE-2024-50041 * CVE-2024-50045 * CVE-2024-50046 * CVE-2024-50047 * CVE-2024-50048 * CVE-2024-50049 * CVE-2024-50055 * CVE-2024-50058 * CVE-2024-50059 * CVE-2024-50061 * CVE-2024-50063 * CVE-2024-50081 CVSS scores: * CVE-2021-47416 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47534 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47534 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-3435 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-3435 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-45934 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2022-45934 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48879 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48879 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48946 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48946 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48948 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48948 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48949 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48949 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48949 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48951 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48951 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48951 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48953 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48953 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48953 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48954 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48954 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48955 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48955 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48957 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48957 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48957 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48958 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48959 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48959 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48959 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48960 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48960 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48960 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48961 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48961 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48961 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48962 ( SUSE ): 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48962 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2022-48962 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48966 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48966 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48966 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48967 ( SUSE ): 7.0 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48967 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-48967 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-48968 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48968 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48968 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48969 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48969 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48970 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48970 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48971 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48971 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48971 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48972 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48972 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48972 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48973 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48973 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2022-48973 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48975 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48975 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48977 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48977 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48978 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48978 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2022-48978 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48980 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48980 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2022-48980 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48981 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48981 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2022-48981 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48985 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48985 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48987 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48987 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48987 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48988 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48988 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48988 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48991 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48991 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48992 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48992 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48992 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48994 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2022-48994 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-48994 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48995 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48995 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48995 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48997 ( SUSE ): 1.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48997 ( SUSE ): 2.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2022-48997 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48999 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48999 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-49000 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49000 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49000 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49002 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49002 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49002 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49003 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49003 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49003 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49005 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2022-49005 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2022-49005 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49006 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49006 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49006 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49007 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49007 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49010 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49010 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49010 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49011 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49012 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49012 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49014 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49014 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49015 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49015 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49017 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49017 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49019 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49019 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49020 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49020 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49020 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49021 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49022 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49022 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49023 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49023 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49024 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49024 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49025 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49025 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49026 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49026 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49027 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49027 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-49028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49028 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49029 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49029 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49031 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49031 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-49032 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49032 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-2166 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2166 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28327 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28327 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52800 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52800 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52881 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36244 ( SUSE ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L * CVE-2024-36957 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-39476 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39476 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40965 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40965 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42226 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42226 ( NVD ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42253 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-42253 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-42253 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44931 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-44931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44958 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45016 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45025 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45025 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46716 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-46719 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46719 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46754 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46754 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46777 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46809 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46809 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46809 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46811 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46811 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46811 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46813 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46813 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46813 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46814 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46814 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46814 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46815 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46816 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46816 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46817 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46828 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46834 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46834 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46840 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46840 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46841 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46841 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46848 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46848 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46849 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46849 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47660 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-47660 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47660 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47661 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-47661 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-47661 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47664 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47664 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47664 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47668 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-47668 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-47668 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47672 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47672 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47673 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47673 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47674 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47674 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47674 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47684 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47684 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47685 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-47685 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-47685 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47692 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47692 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47692 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47704 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47704 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47705 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47705 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47705 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47706 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47706 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47706 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47707 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47707 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47707 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47710 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-47710 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47710 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47720 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47720 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47720 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47727 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47727 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47727 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47730 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47730 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47738 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47738 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47739 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47739 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47745 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47745 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47745 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47747 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47747 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47747 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47748 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47748 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47748 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49858 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-49858 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-49858 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49860 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49860 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49860 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49866 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49866 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49867 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49867 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49867 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49881 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49881 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49882 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49882 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49883 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49883 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49890 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49890 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49890 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49892 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49892 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49892 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49894 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-49894 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-49894 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49895 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49895 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-49895 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49896 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49896 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49897 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49897 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49897 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49899 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49899 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49901 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49906 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49906 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49908 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49908 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49908 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49909 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49909 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49911 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49912 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49912 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49912 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49913 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49913 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49914 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49914 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49914 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49917 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49917 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49918 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49918 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49918 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49919 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49919 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49920 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49922 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49922 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49922 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49923 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49923 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49923 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49929 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49929 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49930 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49933 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49933 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49936 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49936 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49939 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49946 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49949 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49949 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49954 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49954 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49955 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49955 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49958 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49959 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49959 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49960 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49960 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49960 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49962 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49962 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49962 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49967 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49967 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49969 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49969 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49969 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49973 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49973 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49974 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49974 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49974 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49975 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49975 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49982 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49991 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49993 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49993 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-49993 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49995 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49995 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-49995 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49996 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49996 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50000 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50000 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50001 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50001 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50002 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50002 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50006 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50006 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50006 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50014 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50014 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50019 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50019 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50024 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50024 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50028 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50033 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50033 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50035 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50035 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50035 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50041 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50041 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50045 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50046 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50046 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50047 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50047 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50048 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50048 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50049 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50049 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50055 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50055 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50058 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50058 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50059 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50059 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50061 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50061 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50063 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50063 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-50081 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50081 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 204 vulnerabilities and has 30 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-48879: efi: fix NULL-deref in init error path (bsc#1229556). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1231893). * CVE-2022-48957: dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_remove() (bsc#1231973). * CVE-2022-48958: ethernet: aeroflex: fix potential skb leak in greth_init_rings() (bsc#1231889). * CVE-2022-48959: net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() (bsc#1231976). * CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (bsc#1231979). * CVE-2022-48962: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() (bsc#1232286). * CVE-2022-48966: net: mvneta: Fix an out of bounds check (bsc#1232191). * CVE-2022-48980: net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing() (bsc#1232233). * CVE-2022-48991: mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma (bsc#1232070 git-fix prerequisity). * CVE-2022-49015: net: hsr: Fix potential use-after-free (bsc#1231938). * CVE-2022-49017: tipc: re-fetch skb cb after tipc_msg_validate (bsc#1232004). * CVE-2022-49020: net/9p: Fix a potential socket leak in p9_socket_open (bsc#1232175). * CVE-2024-36244: net/sched: taprio: extend minimum interval restriction to entire cycle too (bsc#1226797). * CVE-2024-36957: octeontx2-af: avoid off-by-one read from userspace (bsc#1225762). * CVE-2024-39476: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (bsc#1227437). * CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885). * CVE-2024-42226: Prevent potential failure in handle_tx_event() for Transfer events without TRB (bsc#1228709). * CVE-2024-42253: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race (bsc#1229005 stable-fixes). * CVE-2024-44931: gpio: prevent potential speculation leaks in gpio_device_get_desc() (bsc#1229837 stable-fixes). * CVE-2024-44958: sched/smt: Fix unbalance sched_smt_present dec/inc (bsc#1230179). * CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429). * CVE-2024-45025: fix bitmap corruption on close_range() with CLOSE_RANGE_UNSHARE (bsc#1230456). * CVE-2024-46716: dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor (bsc#1230715). * CVE-2024-46754: bpf: Remove tst_run from lwt_seg6local_prog_ops (bsc#1230801). * CVE-2024-46777: udf: Avoid excessive partition lengths (bsc#1230773). * CVE-2024-46809: drm/amd/display: Check BIOS images before it is used (bsc#1231148). * CVE-2024-46811: drm/amd/display: Fix index may exceed array range within fpu_update_bw_bounding_box (bsc#1231179). * CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191). * CVE-2024-46814: drm/amd/display: Check msg_id before processing transcation (bsc#1231193). * CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231195). * CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197). * CVE-2024-46817: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (bsc#1231200). * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231203). * CVE-2024-46828: uprobes: fix kernel info leak via "[uprobes]" vma (bsc#1231114). * CVE-2024-46834: ethtool: fail closed if we can't get max channel used in indirection tables (bsc#1231096). * CVE-2024-46840: btrfs: clean up our handling of refs == 0 in snapshot delete (bsc#1231105). * CVE-2024-46841: btrfs: do not BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() (bsc#1231094). * CVE-2024-46848: perf/x86/intel: Limit the period on Haswell (bsc#1231072). * CVE-2024-46849: ASoC: meson: axg-card: fix 'use-after-free' (bsc#1231073). * CVE-2024-47660: fsnotify: clear PARENT_WATCHED flags lazily (bsc#1231439). * CVE-2024-47661: drm/amd/display: Avoid overflow from uint32_t to uint8_t (bsc#1231496). * CVE-2024-47664: spi: hisi-kunpeng: Add verification for the max_frequency provided by the firmware (bsc#1231442). * CVE-2024-47668: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (bsc#1231502). * CVE-2024-47672: wifi: iwlwifi: mvm: do not wait for tx queues if firmware is dead (bsc#1231540). * CVE-2024-47673: wifi: iwlwifi: mvm: pause TCM when the firmware is stopped (bsc#1231539). * CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673). * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987). * CVE-2024-47685: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (bsc#1231998). * CVE-2024-47692: nfsd: return -EINVAL when namelen is 0 (bsc#1231857). * CVE-2024-47704: drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944). * CVE-2024-47705: block: fix potential invalid pointer dereference in blk_add_partition (bsc#1231872). * CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942). * CVE-2024-47707: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (bsc#1231935). * CVE-2024-47710: sock_map: Add a cond_resched() in sock_hash_free() (bsc#1232049). * CVE-2024-47720: drm/amd/display: Add null check for set_output_gamma in dcn30_set_output_transfer_func (bsc#1232043). * CVE-2024-47727: x86/tdx: Fix "in-kernel MMIO" check (bsc#1232116). * CVE-2024-47730: crypto: hisilicon/qm - inject error before stopping queue (bsc#1232075). * CVE-2024-47738: wifi: mac80211: do not use rate mask for offchannel TX either (bsc#1232114). * CVE-2024-47739: padata: use integer wrap around to prevent deadlock on seq_nr overflow (bsc#1232124). * CVE-2024-47745: mm: split critical region in remap_file_pages() and invoke LSMs in between (bsc#1232135). * CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145). * CVE-2024-47748: vhost_vdpa: assign irq bypass producer token correctly (bsc#1232174). * CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861). * CVE-2024-49866: tracing/timerlat: Fix a race during cpuhp processing (bsc#1232259). * CVE-2024-49881: ext4: update orig_path in ext4_find_extent() (bsc#1232201). * CVE-2024-49882: ext4: fix double brelse() the buffer of the extents path (bsc#1232200). * CVE-2024-49883: ext4: aovid use-after-free in ext4_ext_insert_extent() (bsc#1232199). * CVE-2024-49886: platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug (bsc#1232196). * CVE-2024-49890: drm/amd/pm: ensure the fw_info is not null before using it (bsc#1232217). * CVE-2024-49892: drm/amd/display: Initialize get_bytes_per_element's default to 1 (bsc#1232220). * CVE-2024-49896: drm/amd/display: Check stream before comparing them (bsc#1232221). * CVE-2024-49897: drm/amd/display: Check phantom_stream before it is used (bsc#1232355). * CVE-2024-49899: drm/amd/display: Initialize denominators' default to 1 (bsc#1232358). * CVE-2024-49901: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs (bsc#1232305). * CVE-2024-49906: drm/amd/display: Check null pointer before try to access it (bsc#1232332). * CVE-2024-49909: drm/amd/display: Add NULL check for function pointer in dcn32_set_output_transfer_func (bsc#1232337). * CVE-2024-49911: drm/amd/display: Add NULL check for function pointer in dcn20_set_output_transfer_func (bsc#1232366). * CVE-2024-49914: drm/amd/display: Add null check for pipe_ctx->plane_state in (bsc#1232369). * CVE-2024-49917: drm/amd/display: Add NULL check for clk_mgr and clk_mgr->funcs in dcn30_init_hw (bsc#1231965). * CVE-2024-49918: drm/amd/display: Add null check for head_pipe in dcn32_acquire_idle_pipe_for_head_pipe_in_layer (bsc#1231967). * CVE-2024-49919: drm/amd/display: Add null check for head_pipe in dcn201_acquire_free_pipe_for_layer (bsc#1231968). * CVE-2024-49920: drm/amd/display: Check null pointers before multiple uses (bsc#1232313). * CVE-2024-49922: drm/amd/display: Check null pointers before using them (bsc#1232374). * CVE-2024-49923: drm/amd/display: Pass non-null to dcn20_validate_apply_pipe_split_flags (bsc#1232361). * CVE-2024-49929: wifi: iwlwifi: mvm: avoid NULL pointer dereference (bsc#1232253). * CVE-2024-49930: wifi: ath11k: fix array out-of-bound access in SoC stats (bsc#1232260). * CVE-2024-49933: blk_iocost: fix more out of bound shifts (bsc#1232368). * CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424). * CVE-2024-49939: wifi: rtw89: avoid to add interface to list twice when SER (bsc#1232381). * CVE-2024-49946: ppp: do not assume bh is held in ppp_channel_bridge_input() (bsc#1232164). * CVE-2024-49949: net: avoid potential underflow in qdisc_pkt_len_init() with UFO (bsc#1232160). * CVE-2024-49954: static_call: Replace pointless WARN_ON() in static_call_module_notify() (bsc#1232155). * CVE-2024-49955: ACPI: battery: Fix possible crash when unregistering a battery hook (bsc#1232154). * CVE-2024-49958: ocfs2: reserve space for inline xattr before attaching reflink tree (bsc#1232151). * CVE-2024-49959: jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error (bsc#1232149). * CVE-2024-49960: ext4: fix timer use-after-free on failed mount (bsc#1232395). * CVE-2024-49967: ext4: no need to continue when the number of entries is 1 (bsc#1232140). * CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519). * CVE-2024-49973: r8169: add tally counter fields added with RTL8125 (bsc#1232105). * CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383). * CVE-2024-49975: uprobes: fix kernel info leak via "[uprobes]" vma (bsc#1232104). * CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282). * CVE-2024-49993: iommu/vt-d: Fix potential lockup if qi_submit_sync called with 0 count (bsc#1232316). * CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432). * CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089). * CVE-2024-50000: net/mlx5e: Fix NULL deref in mlx5e_tir_builder_alloc() (bsc#1232085). * CVE-2024-50001: net/mlx5: Fix error path in multi-packet WQE transmit (bsc#1232084). * CVE-2024-50002: static_call: Handle module init failure correctly in static_call_del_module() (bsc#1232083). * CVE-2024-50006: ext4: fix i_data_sem unlock order in ext4_ind_migrate() (bsc#1232442). * CVE-2024-50014: ext4: fix access to uninitialised lock in fc replay path (bsc#1232446). * CVE-2024-50019: kthread: unpark only parked kthread (bsc#1231990). * CVE-2024-50024: net: Fix an unsafe loop on the list (bsc#1231954). * CVE-2024-50028: thermal: core: Reference count the zone in thermal_zone_get_by_id() (bsc#1231950). * CVE-2024-50033: slip: make slhc_remember() more robust against malicious packets (bsc#1231914). * CVE-2024-50035: ppp: fix ppp_async_encode() illegal access (bsc#1232392). * CVE-2024-50041: i40e: Fix macvlan leak by synchronizing access to mac_filter_hash (bsc#1231907). * CVE-2024-50045: netfilter: br_netfilter: fix panic with metadata_dst skb (bsc#1231903). * CVE-2024-50046: kabi fix for NFSv4: Prevent NULL-pointer dereference in nfs42_complete_copies() (bsc#1231902). * CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418). * CVE-2024-50048: fbcon: Fix a NULL pointer dereference issue in fbcon_putcs (bsc#1232310). * CVE-2024-50055: driver core: bus: Fix double free in driver API bus_register() (bsc#1232329). * CVE-2024-50058: serial: protect uart_port_dtr_rts() in uart_shutdown() too (bsc#1232285). * CVE-2024-50059: ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition (bsc#1232345). * CVE-2024-50061: i3c: master: cdns: Fix use after free vulnerability in cdns_i3c_master Driver Due to Race Condition (bsc#1232263). * CVE-2024-50063: kABI: bpf: struct bpf_map kABI workaround (bsc#1232435). * CVE-2024-50081: blk-mq: setup queue ->tag_set before initializing hctx (bsc#1232501). The following non-security bugs were fixed: * ACPI: EC: Do not release locks during operation region accesses (stable- fixes). * ACPI: PAD: fix crash in exit_round_robin() (stable-fixes). * ACPI: PRM: Clean up guid type in struct prm_handler_info (git-fixes). * ACPI: PRM: Find EFI_MEMORY_RUNTIME block for PRM handler and context (git- fixes). * ACPI: battery: Call power_supply_changed() when adding hooks (bsc#1232154) * ACPI: battery: Simplify battery hook locking (bsc#1232154) * ACPI: resource: Add Asus ExpertBook B2502CVA to irq1_level_low_skip_override[] (stable-fixes). * ACPI: resource: Add Asus Vivobook X1704VAP to irq1_level_low_skip_override[] (stable-fixes). * ACPI: resource: Add another DMI match for the TongFang GMxXGxx (stable- fixes). * ACPICA: Fix memory leak if acpi_ps_get_next_field() fails (stable-fixes). * ACPICA: Fix memory leak if acpi_ps_get_next_namepath() fails (stable-fixes). * ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() (stable-fixes). * ACPICA: iasl: handle empty connection_node (stable-fixes). * ALSA: asihpi: Fix potential OOB array access (stable-fixes). * ALSA: core: add isascii() check to card ID generator (stable-fixes). * ALSA: firewire-lib: Avoid division by zero in apply_constraint_to_size() (git-fixes). * ALSA: hda/conexant - Fix audio routing for HP EliteOne 1000 G2 (stable- fixes). * ALSA: hda/conexant - Use cached pin control for Node 0x1d on HP EliteOne 1000 G2 (git-fixes). * ALSA: hda/conexant: Fix conflicting quirk for System76 Pangolin (git-fixes). * ALSA: hda/cs8409: Fix possible NULL dereference (git-fixes). * ALSA: hda/generic: Unconditionally prefer preferred_dacs pairs (git-fixes). * ALSA: hda/realtek - FIxed ALC285 headphone no sound (stable-fixes). * ALSA: hda/realtek - Fixed ALC256 headphone no sound (stable-fixes). * ALSA: hda/realtek: Add a quirk for HP Pavilion 15z-ec200 (stable-fixes). * ALSA: hda/realtek: Add quirk for Huawei MateBook 13 KLV-WX9 (stable-fixes). * ALSA: hda/realtek: Fix the push button function for the ALC257 (git-fixes). * ALSA: hda/realtek: Update default depop procedure (git-fixes). * ALSA: hda: Fix kctl->id initialization (git-fixes). * ALSA: hda: cs35l41: fix module autoloading (git-fixes). * ALSA: hdsp: Break infinite MIDI input flush loop (stable-fixes). * ALSA: line6: add hw monitor volume control to POD HD500X (stable-fixes). * ALSA: mixer_oss: Remove some incorrect kfree_const() usages (git-fixes). * ALSA: usb-audio: Add delay quirk for VIVO USB-C HEADSET (stable-fixes). * ALSA: usb-audio: Add input value sanity checks for standard types (stable- fixes). * ALSA: usb-audio: Add logitech Audio profile quirk (stable-fixes). * ALSA: usb-audio: Add native DSD support for Luxman D-08u (stable-fixes). * ALSA: usb-audio: Define macros for quirk table entries (stable-fixes). * ALSA: usb-audio: Replace complex quirk lines with macros (stable-fixes). * ASoC: allow module autoloading for table db1200_pids (stable-fixes). * ASoC: imx-card: Set card.owner to avoid a warning calltrace if SND=m (git- fixes). * ASoC: intel: fix module autoloading (stable-fixes). * ASoC: qcom: Fix NULL Dereference in asoc_qcom_lpass_cpu_platform_probe() (git-fixes). * ASoC: rt5682: Return devm_of_clk_add_hw_provider to transfer the error (git- fixes). * ASoC: soc-pcm: Do not zero TDM masks in __soc_pcm_open() (git-fixes). * ASoC: tda7419: fix module autoloading (stable-fixes). * Bluetooth: Call iso_exit() on module unload (git-fixes). * Bluetooth: ISO: Fix multiple init when debugfs is disabled (git-fixes). * Bluetooth: RFCOMM: FIX possible deadlock in rfcomm_sk_state_change (git- fixes). * Bluetooth: Remove debugfs directory on module init failure (git-fixes). * Bluetooth: bnep: fix wild-memory-access in proto_unregister (git-fixes). * Bluetooth: btmrvl: Use IRQF_NO_AUTOEN flag in request_irq() (git-fixes). * Bluetooth: btusb: Fix regression with fake CSR controllers 0a12:0001 (git- fixes). * Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (git-fixes). * HID: amd_sfh: Switch to device-managed dmam_alloc_coherent() (git-fixes). * HID: multitouch: Add support for GT7868Q (stable-fixes). * HID: multitouch: Add support for Thinkpad X12 Gen 2 Kbd Portfolio (stable- fixes). * HID: plantronics: Workaround for an unexcepted opposite volume key (stable- fixes). * Input: adp5589-keys - fix NULL pointer dereference (git-fixes). * Input: adp5589-keys - fix adp5589_gpio_get_value() (git-fixes). * Input: ads7846 - ratelimit the spi_sync error message (stable-fixes). * Input: goodix - use the new soc_intel_is_byt() helper (stable-fixes). * Input: synaptics - enable SMBus for HP Elitebook 840 G2 (stable-fixes). * KVM: Fix coalesced_mmio_has_room() to avoid premature userspace exit (git- fixes). * KVM: Fix lockdep false negative during host resume (git-fixes). * KVM: Grab a reference to KVM for VM and vCPU stats file descriptors (git- fixes). * KVM: Optimize kvm_make_vcpus_request_mask() a bit (git-fixes). * KVM: Pre-allocate cpumasks for kvm_make_all_cpus_request_except() (git- fixes). * KVM: Reject overly excessive IDs in KVM_CREATE_VCPU (git-fixes). * KVM: SVM: Disallow guest from changing userspace's MSR_AMD64_DE_CFG value (git-fixes). * KVM: SVM: Do not advertise Bus Lock Detect to guest if SVM support is missing (git-fixes). * KVM: SVM: fix emulation of msr reads/writes of MSR_FS_BASE and MSR_GS_BASE (git-fixes). * KVM: Unconditionally get a ref to /dev/kvm module when creating a VM (git- fixes). * KVM: Write the per-page "segment" when clearing (part of) a guest page (git- fixes). * KVM: arm64: Add missing memory barriers when switching to pKVM's hyp pgd (git-fixes). * KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode (git- fixes). * KVM: arm64: Fix AArch32 register narrowing on userspace write (git-fixes). * KVM: arm64: GICv4: Do not perform a map to a mapped vLPI (git-fixes). * KVM: arm64: Invalidate EL1&0 TLB entries for all VMIDs in nvhe hyp init (git-fixes). * KVM: arm64: Preserve PSTATE.SS for the guest while single-step is enabled (git-fixes). * KVM: arm64: Release pfn, i.e. put page, if copying MTE tags hits ZONE_DEVICE (git-fixes). * KVM: arm64: mixed-width check should be skipped for uninitialized vCPUs (git-fixes). * KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler (git-fixes). * KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() (git-fixes). * KVM: arm64: vgic-v2: Check for non-NULL vCPU in vgic_v2_parse_attr() (git- fixes). * KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id (git-fixes). * KVM: arm64: vgic-v4: Restore pending state on host userspace write (git- fixes). * KVM: eventfd: Fix false positive RCU usage warning (git-fixes). * KVM: fix memoryleak in kvm_init() (git-fixes). * KVM: s390: Change virtual to physical address access in diag 0x258 handler (git-fixes bsc#1232631). * KVM: s390: gaccess: Check if guest address is in memslot (git-fixes bsc#1232630). * KVM: x86/mmu: Fold rmap_recycle into rmap_add (git-fixes). * KVM: x86/mmu: Rename slot_handle_leaf to slot_handle_level_4k (git-fixes). * KVM: x86: Use a stable condition around all VT-d PI paths (git-fixes). * Makefile.compiler: replace cc-ifversion with compiler-specific macros (bsc#1230414 bsc#1229450). * NFS: Avoid unnecessary rescanning of the per-server delegation list (git- fixes). * NFSD: Fix NFSv4's PUTPUBFH operation (git-fixes). * NFSD: Mark filecache "down" if init fails (git-fixes). * NFSv3: only use NFS timeout for MOUNT when protocols are compatible (bsc#1231016). * NFSv4: Fix clearing of layout segments in layoutreturn (git-fixes). * PCI: Add ACS quirk for Qualcomm SA8775P (stable-fixes). * PCI: Add function 0 DMA alias quirk for Glenfly Arise chip (stable-fixes). * PCI: Fix pci_enable_acs() support for the ACS quirks (bsc#1229019). * PCI: Mark Creative Labs EMU20k2 INTx masking as broken (stable-fixes). * RDMA/bnxt_re: Add a check for memory allocation (git-fixes) * RDMA/bnxt_re: Fix a bug while setting up Level-2 PBL pages (git-fixes) * RDMA/bnxt_re: Fix incorrect AVID type in WQE structure (git-fixes) * RDMA/bnxt_re: Fix the GID table length (git-fixes) * RDMA/bnxt_re: Fix the max CQ WQEs for older adapters (git-fixes) * RDMA/bnxt_re: Fix the usage of control path spin locks (git-fixes) * RDMA/bnxt_re: Return more meaningful error (git-fixes) * RDMA/bnxt_re: synchronize the qp-handle table array (git-fixes) * RDMA/cxgb4: Dump vendor specific QP details (git-fixes) * RDMA/cxgb4: Fix RDMA_CM_EVENT_UNREACHABLE error for iWARP (git-fixes) * RDMA/hns: Remove unused abnormal interrupt of type RAS (git-fixes) * RDMA/irdma: Fix misspelling of "accept*" (git-fixes) * RDMA/mad: Improve handling of timed out WRs of mad agent (git-fixes) * RDMA/mana_ib: use the correct page size for mapping user-mode doorbell page (git-fixes). * RDMA/mana_ib: use the correct page table index based on hardware page size (git-fixes). * RDMA/mlx5: Round max_rd_atomic/max_dest_rd_atomic up instead of down (git- fixes) * RDMA/rtrs-srv: Avoid null pointer deref during path establishment (git- fixes) * RDMA/srpt: Make slab cache names unique (git-fixes) * SUNRPC: Fix integer overflow in decode_rc_list() (git-fixes). * SUNRPC: Fixup gss_status tracepoint error output (git-fixes). * SUNRPC: clnt.c: Remove misleading comment (git-fixes). * USB: appledisplay: close race between probe and completion handler (stable- fixes). * USB: misc: cypress_cy7c63: check for short transfer (stable-fixes). * USB: misc: yurex: fix race between read and write (stable-fixes). * USB: serial: option: add Telit FN920C04 MBIM compositions (stable-fixes). * USB: serial: option: add support for Quectel EG916Q-GL (stable-fixes). * USB: serial: pl2303: add device id for Macrosilicon MS3020 (stable-fixes). * Use pahole -j1 option for reproducible builds (bsc#1230414 bsc#1229450). * add bug reference for a mana change (bsc#1229769). * add bug references to existing mana changes (bsc#1232033, bsc#1232034, bsc#1232036). * afs: Revert "afs: Hide silly-rename files from userspace" (git-fixes). * arm64: cputype: Add Neoverse-N3 definitions (git-fixes) * arm64: dts: rockchip: override BIOS_DISABLE signal via GPIO hog on RK3399 Puma (git-fixes). * arm64: errata: Expand speculative SSBS workaround once more (git-fixes) * arm64: esr: Define ESR_ELx_EC_* constants as UL (git-fixes) * arm64: probes: Fix simulate_ldr*_literal() (git-fixes) * arm64: probes: Fix uprobes for big-endian kernels (git-fixes) * arm64: probes: Remove broken LDR (literal) uprobe support (git-fixes) * block: print symbolic error name instead of error code (bsc#1231872). * bpf, lsm: Add disabled BPF LSM hook list (git-fixes). * bpf, net: Fix a potential race in do_sock_getsockopt() (git-fixes). * bpf, verifier: Correct tail_call_reachable for bpf prog (git-fixes). * bpf, x64: Remove tail call detection (git-fixes). * bpf,perf: Fix perf_event_detach_bpf_prog error handling (git-fixes). * bpf: Add --skip_encoding_btf_inconsistent_proto, --btf_gen_optimized to pahole flags for v1.25 (bsc#1230414 bsc#1229450). * bpf: Allow helpers to accept pointers with a fixed size (git-fixes). * bpf: Check for helper calls in check_subprogs() (git-fixes). * bpf: Fix bpf_strtol and bpf_strtoul helpers for 32bit (git-fixes). * bpf: Fix helper writes to read-only maps (git-fixes). * bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation (bsc#1231375). * bpf: Fix tailcall cases in test_bpf (git-fixes). * bpf: Improve check_raw_mode_ok test for MEM_UNINIT-tagged types (git-fixes). * bpf: Remove truncation test in bpf_strtol and bpf_strtoul helpers (git- fixes). * bpf: Zero former ARG_PTR_TO_{LONG,INT} args in case of error (git-fixes). * bpf: correctly handle malformed BPF_CORE_TYPE_ID_LOCAL relos (git-fixes). * btf, scripts: Exclude Rust CUs with pahole (bsc#1230414 bsc#1229450). * bus: integrator-lm: fix OF node leak in probe() (git-fixes). * ceph: fix cap ref leak via netfs init_request (bsc#1231383). * clk: Add a devm variant of clk_rate_exclusive_get() (bsc#1227885). * clk: Provide !COMMON_CLK dummy for devm_clk_rate_exclusive_get() (bsc#1227885). * comedi: ni_routing: tools: Check when the file could not be opened (stable- fixes). * cpufreq/amd-pstate: Fix amd_pstate mode switch on shared memory systems (git-fixes). * crypto: hisilicon - Remove pci_aer_clear_nonfatal_status() call (bsc#1232075) * crypto: hisilicon/qm - re-enable communicate interrupt before notifying PF (bsc#1232075) * debugfs: fix automount d_fsdata usage (git-fixes). * dn_route: set rt neigh to blackhole_netdev instead of loopback_dev in ifdown (bsc#1216813). * drbd: Add NULL check for net_conf to prevent dereference in state validation (git-fixes). * drbd: Fix atomicity violation in drbd_uuid_set_bm() (git-fixes). * driver core: bus: Return -EIO instead of 0 when show/store invalid bus attribute (stable-fixes). * drm/amd/amdgpu: Fix double unlock in amdgpu_mes_add_ring (git-fixes). * drm/amd/display: Add null check for 'afb' in amdgpu_dm_plane_handle_cursor_update (v2) (stable-fixes). * drm/amd/display: Add null check for top_pipe_to_program in commit_planes_for_stream (stable-fixes). * drm/amd/display: Allow backlight to go below `AMDGPU_DM_DEFAULT_MIN_BACKLIGHT` (stable-fixes). * drm/amd/display: Check link_res->hpo_dp_link_enc before using it (bsc#1231944) * drm/amd/display: Check null pointer before dereferencing se (stable-fixes). * drm/amd/display: Check null pointers before using dc->clk_mgr (stable- fixes). * drm/amd/display: Check stream before comparing them (stable-fixes). * drm/amd/display: Fix Synaptics Cascaded Panamera DSC Determination (stable- fixes). * drm/amd/display: Fix index out of bounds in DCN30 color transformation (stable-fixes). * drm/amd/display: Fix index out of bounds in DCN30 degamma hardware format translation (stable-fixes). * drm/amd/display: Fix index out of bounds in degamma hardware format translation (stable-fixes). * drm/amd/display: Fix system hang while resume with TBT monitor (stable- fixes). * drm/amd/display: Handle null 'stream_status' in 'planes_changed_for_existing_stream' (stable-fixes). * drm/amd/display: Initialize get_bytes_per_element's default to 1 (stable- fixes). * drm/amd/display: Round calculated vtotal (stable-fixes). * drm/amd/display: Validate backlight caps are sane (stable-fixes). * drm/amd/pm: ensure the fw_info is not null before using it (stable-fixes). * drm/amd: Guard against bad data for ATIF ACPI method (git-fixes). * drm/amdgpu: Replace one-element array with flexible-array member (stable- fixes). * drm/amdgpu: add raven1 gfxoff quirk (stable-fixes). * drm/amdgpu: disallow multiple BO_HANDLES chunks in one submit (stable- fixes). * drm/amdgpu: enable gfxoff quirk on HP 705G4 (stable-fixes). * drm/amdgpu: fix unchecked return value warning for amdgpu_gfx (stable- fixes). * drm/amdgpu: prevent BO_HANDLES error from being overwritten (git-fixes). * drm/amdgpu: properly handle vbios fake edid sizing (git-fixes). * drm/amdkfd: Fix resource leak in criu restore queue (stable-fixes). * drm/msm/dpu: do not always program merge_3d block (git-fixes). * drm/msm/dpu: make sure phys resources are properly initialized (git-fixes). * drm/msm/dsi: fix 32-bit signed integer extension in pclk_rate calculation (git-fixes). * drm/msm: Allocate memory for disp snapshot with kvzalloc() (git-fixes). * drm/msm: Avoid NULL dereference in msm_disp_state_print_regs() (git-fixes). * drm/printer: Allow NULL data in devcoredump printer (stable-fixes). * drm/radeon/r100: Handle unknown family in r100_cp_init_microcode() (stable- fixes). * drm/radeon: Fix encoder->possible_clones (git-fixes). * drm/radeon: Replace one-element array with flexible-array member (stable- fixes). * drm/radeon: properly handle vbios fake edid sizing (git-fixes). * drm/rockchip: define gamma registers for RK3399 (stable-fixes). * drm/rockchip: support gamma control on RK3399 (stable-fixes). * drm/sched: Add locking to drm_sched_entity_modify_sched (git-fixes). * drm/v3d: Stop the active perfmon before being destroyed (git-fixes). * drm/vc4: Stop the active perfmon before being destroyed (git-fixes). * drm/vmwgfx: Handle surface check failure correctly (git-fixes). * drm: Consistently use struct drm_mode_rect for FB_DAMAGE_CLIPS (git-fixes). * drm: komeda: Fix an issue related to normalized zpos (stable-fixes). * efistub/tpm: Use ACPI reclaim memory for event log to avoid corruption (stable-fixes). * erofs: avoid consecutive detection for Highmem memory (git-fixes). * erofs: avoid infinite loop in z_erofs_do_read_page() when reading beyond EOF (git-fixes). * erofs: fix pcluster use-after-free on UP platforms (git-fixes). * erofs: fix potential overflow calculating xattr_isize (git-fixes). * erofs: stop parsing non-compact HEAD index if clusterofs is invalid (git- fixes). * exportfs: use pr_debug for unreachable debug statements (git-fixes). * ext4: fix slab-use-after-free in ext4_split_extent_at() (bsc#1232201) * fat: fix uninitialized variable (git-fixes). * fbdev: pxafb: Fix possible use after free in pxafb_task() (stable-fixes). * fbdev: sisfb: Fix strbuf array overflow (stable-fixes). * fgraph: Change the name of cpuhp state to "fgraph:online" (git-fixes). * fgraph: Fix missing unlock in register_ftrace_graph() (git-fixes). * fgraph: Use CPU hotplug mechanism to initialize idle shadow stacks (git- fixes). * filelock: fix potential use-after-free in posix_lock_inode (git-fixes). * firmware: tegra: bpmp: Drop unused mbox_client_to_bpmp() (git-fixes). * fs/namespace: fnic: Switch to use %ptTd (git-fixes). * fs/pipe: Fix lockdep false-positive in watchqueue pipe_write() (git-fixes). * fs: Fix file_set_fowner LSM hook inconsistencies (git-fixes). * gpio: aspeed: Add the flush write to ensure the write complete (git-fixes). * gpio: aspeed: Use devm_clk api to manage clock source (git-fixes). * gpio: davinci: fix lazy disable (git-fixes). * hid: intel-ish-hid: Fix uninitialized variable 'rv' in ish_fw_xfer_direct_dma (git-fixes). * hv_netvsc: Fix VF namespace also in synthetic NIC NETDEV_REGISTER event (git-fixes). * hwmon: (adm9240) Add missing dependency on REGMAP_I2C (git-fixes). * hwmon: (tmp513) Add missing dependency on REGMAP_I2C (git-fixes). * i2c: i801: Use a different adapter-name for IDF adapters (stable-fixes). * i2c: imx-lpi2c: return -EINVAL when i2c peripheral clk does not work (bsc#1227885). * i2c: imx-lpi2c: use bulk clk API (bsc#1227885). * i2c: stm32f7: Do not prepare/unprepare clock during runtime suspend/resume (git-fixes). * i2c: xiic: Fix RX IRQ busy check (stable-fixes). * i2c: xiic: Fix broken locking on tx_msg (stable-fixes). * i2c: xiic: Fix pm_runtime_set_suspended() with runtime pm enabled (git- fixes). * i2c: xiic: Switch from waitqueue to completion (stable-fixes). * i2c: xiic: Try re-initialization on bus busy timeout (git-fixes). * i2c: xiic: Use devm_clk_get_enabled() (stable-fixes). * i2c: xiic: improve error message when transfer fails to start (stable- fixes). * i2c: xiic: xiic_xfer(): Fix runtime PM leak on error path (git-fixes). * ice: Unbind the workqueue (bsc#1231344). * iio: dac: ad5770r: add missing select REGMAP_SPI in Kconfig (git-fixes). * iio: dac: ltc1660: add missing select REGMAP_SPI in Kconfig (git-fixes). * iio: dac: stm32-dac-core: add missing select REGMAP_MMIO in Kconfig (git- fixes). * iio: hid-sensors: Fix an error handling path in _hid_sensor_set_report_latency() (git-fixes). * iio: light: opt3001: add missing full-scale range value (git-fixes). * iio: light: veml6030: fix ALS sensor resolution (git-fixes). * iio: light: veml6030: fix IIO device retrieval from embedded device (git- fixes). * iio: proximity: mb1232: add missing select IIO_(TRIGGERED_)BUFFER in Kconfig (git-fixes). * iommu/vt-d: Always reserve a domain ID for identity setup (git-fixes). * ipv6: blackhole_netdev needs snmp6 counters (bsc#1216813). * ipv6: give an IPv6 dev to blackhole_netdev (bsc#1216813). * jfs: Fix sanity check in dbMount (git-fixes). * jfs: Fix uaf in dbFreeBits (git-fixes). * jfs: Fix uninit-value access of new_ea in ea_buffer (git-fixes). * jfs: UBSAN: shift-out-of-bounds in dbFindBits (git-fixes). * jfs: check if leafidx greater than num leaves per dmap tree (git-fixes). * kABI: bpf: enum bpf_{type_flag,arg_type} kABI workaround (git-fixes). * kABI: bpf: struct bpf_func_proto kABI workaround (git-fixes). * kab: fix after net: add more sanity check in virtio_net_hdr_to_skb() (git- fixes). * kabi fix of KVM: arm64: Preserve PSTATE.SS for the guest while single-step is enabled (git-fixes). * kabi: fix after KVM: arm64: mixed-width check should be skipped for uninitialized vCPUs (git-fixes). * kabi: fix after kvm: add guest_state_{enter,exit}_irqoff() (git-fixes). * kbuild, bpf: Use test-ge check for v1.25-only pahole (bsc#1230414 bsc#1229450). * kbuild,bpf: Add module-specific pahole flags for distilled base BTF (bsc#1230414 bsc#1229450). * kbuild,bpf: Switch to using --btf_features for pahole v1.26 and later (bsc#1230414 bsc#1229450). * kbuild: add test-{ge,gt,le,lt} macros (bsc#1230414 bsc#1229450). * kbuild: avoid too many execution of scripts/pahole-flags.sh (bsc#1230414 bsc#1229450). * kbuild: bpf: Tell pahole to DECL_TAG kfuncs (bsc#1230414 bsc#1229450). * kvm/arm64: rework guest entry logic (git-fixes). * kvm: Add support for arch compat vm ioctls (git-fixes). * kvm: add guest_state_{enter,exit}_irqoff() (git-fixes). * media: videobuf2-core: clear memory related fields in __vb2_plane_dmabuf_put() (stable-fixes). * module: abort module loading when sysfs setup suffer errors (git-fixes). * nbd: fix race between timeout and normal completion (bsc#1230918). * net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX (bsc#1226797) * net: add more sanity check in virtio_net_hdr_to_skb() (git-fixes). * net: socket: suppress unused warning (git-fixes). * net: test for not too small csum_start in virtio_net_hdr_to_skb() (git- fixes). * net: usb: usbnet: fix name regression (git-fixes). * netdevsim: use cond_resched() in nsim_dev_trap_report_work() (git-fixes). * nfs: fix memory leak in error path of nfs4_do_reclaim (git-fixes). * nfsd: call cache_put if xdr_reserve_space returns NULL (git-fixes). * nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (git-fixes). * nfsd: fix refcount leak when file is unhashed after being found (git-fixes). * nfsd: map the EBADMSG to nfserr_io to avoid warning (git-fixes). * nfsd: remove unneeded EEXIST error check in nfsd_do_file_acquire (git- fixes). * nfsd: return -EINVAL when namelen is 0 (git-fixes). * nilfs2: fix kernel bug due to missing clearing of buffer delay flag (git- fixes). * nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error (git- fixes). * ntb: intel: Fix the NULL vs IS_ERR() bug for debugfs_create_dir() (git- fixes). * ntb: ntb_hw_switchtec: Fix use after free vulnerability in switchtec_ntb_remove due to race condition (stable-fixes). * nvme-multipath: system fails to create generic nvme device (git-fixes). * nvme-pci: qdepth 1 quirk (git-fixes). * nvmet-auth: assign dh_key to NULL after kfree_sensitive (git-fixes). * ocfs2: fix the la space leak when unmounting an ocfs2 volume (git-fixes). * ocfs2: fix uninit-value in ocfs2_get_block() (git-fixes). * ocfs2: pass u64 to ocfs2_truncate_inline maybe overflow (git-fixes). * parport: Proper fix for array out-of-bounds access (git-fixes). * platform/surface: aggregator_registry: Add support for Surface Laptop Go 3 (stable-fixes). * platform/x86: touchscreen_dmi: add nanote-next quirk (stable-fixes). * power: reset: brcmstb: Do not go into infinite loop if reset fails (stable- fixes). * s390/sclp_vt220: Convert newlines to CRLF instead of LFCR (git-fixes bsc#1232632). * scsi: NCR5380: Check for phase match during PDMA fixup (git-fixes). * scsi: aacraid: Rearrange order of struct aac_srb_unit (git-fixes). * scsi: core: Fix the return value of scsi_logical_block_count() (git-fixes). * scsi: core: Handle devices which return an unusually large VPD page count (git-fixes). * scsi: core: alua: I/O errors for ALUA state transitions (git-fixes). * scsi: elx: libefc: Fix potential use after free in efc_nport_vport_del() (git-fixes). * scsi: hpsa: Fix allocation size for Scsi_Host private data (git-fixes). * scsi: libsas: Fix exp-attached device scan after probe failure scanned in again after probe failed (git-fixes). * scsi: libsas: Fix the failure of adding phy with zero-address to port (git- fixes). * scsi: lpfc: Add ELS_RSP cmd to the list of WQEs to flush in lpfc_els_flush_cmd() (bsc#1232757). * scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance (bsc#1232757). * scsi: lpfc: Fix kref imbalance on fabric ndlps from dev_loss_tmo handler (bsc#1232757). * scsi: lpfc: Remove trailing space after \n newline (bsc#1232757). * scsi: lpfc: Restrict support for 32 byte CDBs to specific HBAs (git-fixes). * scsi: lpfc: Revise TRACE_EVENT log flag severities from KERN_ERR to KERN_WARNING (bsc#1232757). * scsi: lpfc: Support loopback tests with VMID enabled (bsc#1232757). * scsi: lpfc: Update lpfc version to 14.4.0.5 (bsc#1232757). * scsi: lpfc: Update phba link state conditional before sending CMF_SYNC_WQE (bsc#1232757). * scsi: mac_scsi: Disallow bus errors during PDMA send (git-fixes). * scsi: mac_scsi: Refactor polling loop (git-fixes). * scsi: mac_scsi: Revise printk(KERN_DEBUG ...) messages (git-fixes). * scsi: mpi3mr: Avoid IOMMU page faults on REPORT ZONES (git-fixes). * scsi: mpi3mr: Fix ATA NCQ priority support (git-fixes). * scsi: mpt3sas: Avoid IOMMU page faults on REPORT ZONES (git-fixes). * scsi: qedf: Set qed_slowpath_params to zero before use (git-fixes). * scsi: smartpqi: correct stream detection (git-fixes). * scsi: smartpqi: revert propagate-the-multipath-failure-to-SML-quickly (git- fixes). * scsi: spi: Fix sshdr use (git-fixes). * scsi: wd33c93: Do not use stale scsi_pointer value (git-fixes). * selftests/bpf: Add a test case to write mtu result into .rodata (git-fixes). * selftests/bpf: Add a test case to write strtol result into .rodata (git- fixes). * selftests/bpf: Fix ARG_PTR_TO_LONG {half-,}uninitialized test (git-fixes). * selftests/bpf: Rename ARG_PTR_TO_LONG test description (git-fixes). * selftests/bpf: test for malformed BPF_CORE_TYPE_ID_LOCAL relocation (git- fixes). * spi: bcm63xx: Enable module autoloading (stable-fixes). * spi: bcm63xx: Fix module autoloading (git-fixes). * spi: lpspi: Silence error message upon deferred probe (stable-fixes). * spi: lpspi: Simplify some error message (git-fixes). * spi: lpspi: release requested DMA channels (stable-fixes). * spi: ppc4xx: Avoid returning 0 when failed to parse and map IRQ (git-fixes). * spi: ppc4xx: handle irq_of_parse_and_map() errors (git-fixes). * spi: s3c64xx: fix timeout counters in flush_fifo (git-fixes). * spi: spi-fsl-lpspi: Undo runtime PM changes at driver exit time (git-fixes). * spi: spi-imx: Fix pm_runtime_set_suspended() with runtime pm enabled (git- fixes). * spi: spidev: Add missing spi_device_id for jg10309-01 (git-fixes). * static_call: Do not make __static_call_return0 static (git-fixes). * tracing/hwlat: Fix a race during cpuhp processing (git-fixes). * tracing/uprobes: Use trace_event_buffer_reserve() helper (git-fixes). * tracing: Consider the NULL character when validating the event length (git- fixes). * uprobe: avoid out-of-bounds memory access of fetching args (git-fixes). * uprobes: encapsulate preparation of uprobe args buffer (git-fixes). * usb: chipidea: udc: enable suspend interrupt after usb reset (stable-fixes). * usb: dwc2: Adjust the timing of USB Driver Interrupt Registration in the Crashkernel Scenario (stable-fixes). * usb: dwc3: core: Stop processing of pending events if controller is halted (git-fixes). * usb: gadget: core: force synchronous registration (git-fixes). * usb: storage: ignore bogus device raised by JieLi BR21 USB sound chip (stable-fixes). * usb: typec: altmode should keep reference to parent (git-fixes). * usb: xhci: Fix problem with xhci resume from suspend (stable-fixes). * usb: yurex: Fix inconsistent locking bug in yurex_read() (git-fixes). * usb: yurex: Replace snprintf() with the safer scnprintf() variant (stable- fixes). * usbnet: ipheth: fix carrier detection in modes 1 and 4 (stable-fixes). * vhost/scsi: null-ptr-dereference in vhost_scsi_get_req() (git-fixes). * vhost_vdpa: assign irq bypass producer token correctly (git-fixes). * virtio-net: synchronize probe with ndo_set_features (git-fixes). * virtio_console: fix misc probe bugs (git-fixes). * virtio_net: fixing XDP for fully checksummed packets handling (git-fixes). * vmxnet3: add command to allow disabling of offloads (bsc#1226498). * vmxnet3: add latency measurement support in vmxnet3 (bsc#1226498). * vmxnet3: prepare for version 9 changes (bsc#1226498). * vmxnet3: update to version 9 (bsc#1226498). * vsock/virtio: fix packet delivery to tap device (git-fixes). * wifi: ath11k: fix array out-of-bound access in SoC stats (stable-fixes). * wifi: ath9k: Remove error checks when creating debugfs entries (git-fixes). * wifi: ath9k: fix parameter check in ath9k_init_debug() (stable-fixes). * wifi: ath9k: fix possible integer overflow in ath9k_get_et_stats() (stable- fixes). * wifi: ath9k_htc: Use __skb_set_length() for resetting urb before resubmit (stable-fixes). * wifi: iwlwifi: clear trans->state earlier upon error (stable-fixes). * wifi: iwlwifi: lower message level for FW buffer destination (stable-fixes). * wifi: iwlwifi: mvm: fix iwl_mvm_scan_fits() calculation (stable-fixes). * wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_cmd_802_11_scan_ext() (stable-fixes). * wifi: rtw88: select WANT_DEV_COREDUMP (stable-fixes). * x86/bugs: Do not use UNTRAIN_RET with IBPB on entry (git-fixes). * x86/bugs: Skip RSB fill at VMEXIT (git-fixes). * x86/cpufeatures: Add a IBPB_NO_RET BUG flag (git-fixes). * x86/cpufeatures: Define X86_FEATURE_AMD_IBPB_RET (git-fixes). * x86/entry: Have entry_ibpb() invalidate return predictions (git-fixes). * x86/hyperv: Set X86_FEATURE_TSC_KNOWN_FREQ when Hyper-V provides frequency (git-fixes). * x86/kaslr: Expose and use the end of the physical memory address space (bsc#1230405). * xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (bsc#1216813). * xhci: Fix incorrect stream context type macro (git-fixes). * xhci: Mitigate failed set dequeue pointer commands (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3983=1 openSUSE-SLE-15.5-2024-3983=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-3983=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64) * cluster-md-kmp-azure-debuginfo-5.14.21-150500.33.72.1 * cluster-md-kmp-azure-5.14.21-150500.33.72.1 * kernel-azure-extra-5.14.21-150500.33.72.1 * ocfs2-kmp-azure-debuginfo-5.14.21-150500.33.72.1 * kernel-azure-optional-debuginfo-5.14.21-150500.33.72.1 * kselftests-kmp-azure-5.14.21-150500.33.72.1 * kernel-azure-livepatch-devel-5.14.21-150500.33.72.1 * kernel-syms-azure-5.14.21-150500.33.72.1 * reiserfs-kmp-azure-5.14.21-150500.33.72.1 * ocfs2-kmp-azure-5.14.21-150500.33.72.1 * dlm-kmp-azure-debuginfo-5.14.21-150500.33.72.1 * kernel-azure-devel-debuginfo-5.14.21-150500.33.72.1 * gfs2-kmp-azure-debuginfo-5.14.21-150500.33.72.1 * kernel-azure-debuginfo-5.14.21-150500.33.72.1 * kselftests-kmp-azure-debuginfo-5.14.21-150500.33.72.1 * kernel-azure-extra-debuginfo-5.14.21-150500.33.72.1 * dlm-kmp-azure-5.14.21-150500.33.72.1 * reiserfs-kmp-azure-debuginfo-5.14.21-150500.33.72.1 * kernel-azure-optional-5.14.21-150500.33.72.1 * kernel-azure-devel-5.14.21-150500.33.72.1 * kernel-azure-debugsource-5.14.21-150500.33.72.1 * gfs2-kmp-azure-5.14.21-150500.33.72.1 * openSUSE Leap 15.5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.72.1 * openSUSE Leap 15.5 (x86_64) * kernel-azure-vdso-debuginfo-5.14.21-150500.33.72.1 * kernel-azure-vdso-5.14.21-150500.33.72.1 * openSUSE Leap 15.5 (noarch) * kernel-devel-azure-5.14.21-150500.33.72.1 * kernel-source-azure-5.14.21-150500.33.72.1 * Public Cloud Module 15-SP5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.72.1 * Public Cloud Module 15-SP5 (aarch64 x86_64) * kernel-azure-devel-debuginfo-5.14.21-150500.33.72.1 * kernel-azure-debuginfo-5.14.21-150500.33.72.1 * kernel-azure-devel-5.14.21-150500.33.72.1 * kernel-syms-azure-5.14.21-150500.33.72.1 * kernel-azure-debugsource-5.14.21-150500.33.72.1 * Public Cloud Module 15-SP5 (noarch) * kernel-devel-azure-5.14.21-150500.33.72.1 * kernel-source-azure-5.14.21-150500.33.72.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47416.html * https://www.suse.com/security/cve/CVE-2021-47534.html * https://www.suse.com/security/cve/CVE-2022-3435.html * https://www.suse.com/security/cve/CVE-2022-45934.html * https://www.suse.com/security/cve/CVE-2022-48664.html * https://www.suse.com/security/cve/CVE-2022-48879.html * https://www.suse.com/security/cve/CVE-2022-48946.html * https://www.suse.com/security/cve/CVE-2022-48947.html * https://www.suse.com/security/cve/CVE-2022-48948.html * https://www.suse.com/security/cve/CVE-2022-48949.html * https://www.suse.com/security/cve/CVE-2022-48951.html * https://www.suse.com/security/cve/CVE-2022-48953.html * https://www.suse.com/security/cve/CVE-2022-48954.html * https://www.suse.com/security/cve/CVE-2022-48955.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2022-48957.html * https://www.suse.com/security/cve/CVE-2022-48958.html * https://www.suse.com/security/cve/CVE-2022-48959.html * https://www.suse.com/security/cve/CVE-2022-48960.html * https://www.suse.com/security/cve/CVE-2022-48961.html * https://www.suse.com/security/cve/CVE-2022-48962.html * https://www.suse.com/security/cve/CVE-2022-48966.html * https://www.suse.com/security/cve/CVE-2022-48967.html * https://www.suse.com/security/cve/CVE-2022-48968.html * https://www.suse.com/security/cve/CVE-2022-48969.html * https://www.suse.com/security/cve/CVE-2022-48970.html * https://www.suse.com/security/cve/CVE-2022-48971.html * https://www.suse.com/security/cve/CVE-2022-48972.html * https://www.suse.com/security/cve/CVE-2022-48973.html * https://www.suse.com/security/cve/CVE-2022-48975.html * https://www.suse.com/security/cve/CVE-2022-48977.html * https://www.suse.com/security/cve/CVE-2022-48978.html * https://www.suse.com/security/cve/CVE-2022-48980.html * https://www.suse.com/security/cve/CVE-2022-48981.html * https://www.suse.com/security/cve/CVE-2022-48985.html * https://www.suse.com/security/cve/CVE-2022-48987.html * https://www.suse.com/security/cve/CVE-2022-48988.html * https://www.suse.com/security/cve/CVE-2022-48991.html * https://www.suse.com/security/cve/CVE-2022-48992.html * https://www.suse.com/security/cve/CVE-2022-48994.html * https://www.suse.com/security/cve/CVE-2022-48995.html * https://www.suse.com/security/cve/CVE-2022-48997.html * https://www.suse.com/security/cve/CVE-2022-48999.html * https://www.suse.com/security/cve/CVE-2022-49000.html * https://www.suse.com/security/cve/CVE-2022-49002.html * https://www.suse.com/security/cve/CVE-2022-49003.html * https://www.suse.com/security/cve/CVE-2022-49005.html * https://www.suse.com/security/cve/CVE-2022-49006.html * https://www.suse.com/security/cve/CVE-2022-49007.html * https://www.suse.com/security/cve/CVE-2022-49010.html * https://www.suse.com/security/cve/CVE-2022-49011.html * https://www.suse.com/security/cve/CVE-2022-49012.html * https://www.suse.com/security/cve/CVE-2022-49014.html * https://www.suse.com/security/cve/CVE-2022-49015.html * https://www.suse.com/security/cve/CVE-2022-49016.html * https://www.suse.com/security/cve/CVE-2022-49017.html * https://www.suse.com/security/cve/CVE-2022-49019.html * https://www.suse.com/security/cve/CVE-2022-49020.html * https://www.suse.com/security/cve/CVE-2022-49021.html * https://www.suse.com/security/cve/CVE-2022-49022.html * https://www.suse.com/security/cve/CVE-2022-49023.html * https://www.suse.com/security/cve/CVE-2022-49024.html * https://www.suse.com/security/cve/CVE-2022-49025.html * https://www.suse.com/security/cve/CVE-2022-49026.html * https://www.suse.com/security/cve/CVE-2022-49027.html * https://www.suse.com/security/cve/CVE-2022-49028.html * https://www.suse.com/security/cve/CVE-2022-49029.html * https://www.suse.com/security/cve/CVE-2022-49031.html * https://www.suse.com/security/cve/CVE-2022-49032.html * https://www.suse.com/security/cve/CVE-2023-2166.html * https://www.suse.com/security/cve/CVE-2023-28327.html * https://www.suse.com/security/cve/CVE-2023-52766.html * https://www.suse.com/security/cve/CVE-2023-52800.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2023-52919.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-36244.html * https://www.suse.com/security/cve/CVE-2024-36957.html * https://www.suse.com/security/cve/CVE-2024-39476.html * https://www.suse.com/security/cve/CVE-2024-40965.html * https://www.suse.com/security/cve/CVE-2024-42145.html * https://www.suse.com/security/cve/CVE-2024-42226.html * https://www.suse.com/security/cve/CVE-2024-42253.html * https://www.suse.com/security/cve/CVE-2024-44931.html * https://www.suse.com/security/cve/CVE-2024-44947.html * https://www.suse.com/security/cve/CVE-2024-44958.html * https://www.suse.com/security/cve/CVE-2024-45016.html * https://www.suse.com/security/cve/CVE-2024-45025.html * https://www.suse.com/security/cve/CVE-2024-46716.html * https://www.suse.com/security/cve/CVE-2024-46719.html * https://www.suse.com/security/cve/CVE-2024-46754.html * https://www.suse.com/security/cve/CVE-2024-46777.html * https://www.suse.com/security/cve/CVE-2024-46809.html * https://www.suse.com/security/cve/CVE-2024-46811.html * https://www.suse.com/security/cve/CVE-2024-46813.html * https://www.suse.com/security/cve/CVE-2024-46814.html * https://www.suse.com/security/cve/CVE-2024-46815.html * https://www.suse.com/security/cve/CVE-2024-46816.html * https://www.suse.com/security/cve/CVE-2024-46817.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-46828.html * https://www.suse.com/security/cve/CVE-2024-46834.html * https://www.suse.com/security/cve/CVE-2024-46840.html * https://www.suse.com/security/cve/CVE-2024-46841.html * https://www.suse.com/security/cve/CVE-2024-46848.html * https://www.suse.com/security/cve/CVE-2024-46849.html * https://www.suse.com/security/cve/CVE-2024-47660.html * https://www.suse.com/security/cve/CVE-2024-47661.html * https://www.suse.com/security/cve/CVE-2024-47664.html * https://www.suse.com/security/cve/CVE-2024-47668.html * https://www.suse.com/security/cve/CVE-2024-47672.html * https://www.suse.com/security/cve/CVE-2024-47673.html * https://www.suse.com/security/cve/CVE-2024-47674.html * https://www.suse.com/security/cve/CVE-2024-47684.html * https://www.suse.com/security/cve/CVE-2024-47685.html * https://www.suse.com/security/cve/CVE-2024-47692.html * https://www.suse.com/security/cve/CVE-2024-47704.html * https://www.suse.com/security/cve/CVE-2024-47705.html * https://www.suse.com/security/cve/CVE-2024-47706.html * https://www.suse.com/security/cve/CVE-2024-47707.html * https://www.suse.com/security/cve/CVE-2024-47710.html * https://www.suse.com/security/cve/CVE-2024-47720.html * https://www.suse.com/security/cve/CVE-2024-47727.html * https://www.suse.com/security/cve/CVE-2024-47730.html * https://www.suse.com/security/cve/CVE-2024-47738.html * https://www.suse.com/security/cve/CVE-2024-47739.html * https://www.suse.com/security/cve/CVE-2024-47745.html * https://www.suse.com/security/cve/CVE-2024-47747.html * https://www.suse.com/security/cve/CVE-2024-47748.html * https://www.suse.com/security/cve/CVE-2024-49858.html * https://www.suse.com/security/cve/CVE-2024-49860.html * https://www.suse.com/security/cve/CVE-2024-49866.html * https://www.suse.com/security/cve/CVE-2024-49867.html * https://www.suse.com/security/cve/CVE-2024-49881.html * https://www.suse.com/security/cve/CVE-2024-49882.html * https://www.suse.com/security/cve/CVE-2024-49883.html * https://www.suse.com/security/cve/CVE-2024-49886.html * https://www.suse.com/security/cve/CVE-2024-49890.html * https://www.suse.com/security/cve/CVE-2024-49892.html * https://www.suse.com/security/cve/CVE-2024-49894.html * https://www.suse.com/security/cve/CVE-2024-49895.html * https://www.suse.com/security/cve/CVE-2024-49896.html * https://www.suse.com/security/cve/CVE-2024-49897.html * https://www.suse.com/security/cve/CVE-2024-49899.html * https://www.suse.com/security/cve/CVE-2024-49901.html * https://www.suse.com/security/cve/CVE-2024-49906.html * https://www.suse.com/security/cve/CVE-2024-49908.html * https://www.suse.com/security/cve/CVE-2024-49909.html * https://www.suse.com/security/cve/CVE-2024-49911.html * https://www.suse.com/security/cve/CVE-2024-49912.html * https://www.suse.com/security/cve/CVE-2024-49913.html * https://www.suse.com/security/cve/CVE-2024-49914.html * https://www.suse.com/security/cve/CVE-2024-49917.html * https://www.suse.com/security/cve/CVE-2024-49918.html * https://www.suse.com/security/cve/CVE-2024-49919.html * https://www.suse.com/security/cve/CVE-2024-49920.html * https://www.suse.com/security/cve/CVE-2024-49922.html * https://www.suse.com/security/cve/CVE-2024-49923.html * https://www.suse.com/security/cve/CVE-2024-49929.html * https://www.suse.com/security/cve/CVE-2024-49930.html * https://www.suse.com/security/cve/CVE-2024-49933.html * https://www.suse.com/security/cve/CVE-2024-49936.html * https://www.suse.com/security/cve/CVE-2024-49939.html * https://www.suse.com/security/cve/CVE-2024-49946.html * https://www.suse.com/security/cve/CVE-2024-49949.html * https://www.suse.com/security/cve/CVE-2024-49954.html * https://www.suse.com/security/cve/CVE-2024-49955.html * https://www.suse.com/security/cve/CVE-2024-49958.html * https://www.suse.com/security/cve/CVE-2024-49959.html * https://www.suse.com/security/cve/CVE-2024-49960.html * https://www.suse.com/security/cve/CVE-2024-49962.html * https://www.suse.com/security/cve/CVE-2024-49967.html * https://www.suse.com/security/cve/CVE-2024-49969.html * https://www.suse.com/security/cve/CVE-2024-49973.html * https://www.suse.com/security/cve/CVE-2024-49974.html * https://www.suse.com/security/cve/CVE-2024-49975.html * https://www.suse.com/security/cve/CVE-2024-49982.html * https://www.suse.com/security/cve/CVE-2024-49991.html * https://www.suse.com/security/cve/CVE-2024-49993.html * https://www.suse.com/security/cve/CVE-2024-49995.html * https://www.suse.com/security/cve/CVE-2024-49996.html * https://www.suse.com/security/cve/CVE-2024-50000.html * https://www.suse.com/security/cve/CVE-2024-50001.html * https://www.suse.com/security/cve/CVE-2024-50002.html * https://www.suse.com/security/cve/CVE-2024-50006.html * https://www.suse.com/security/cve/CVE-2024-50014.html * https://www.suse.com/security/cve/CVE-2024-50019.html * https://www.suse.com/security/cve/CVE-2024-50024.html * https://www.suse.com/security/cve/CVE-2024-50028.html * https://www.suse.com/security/cve/CVE-2024-50033.html * https://www.suse.com/security/cve/CVE-2024-50035.html * https://www.suse.com/security/cve/CVE-2024-50041.html * https://www.suse.com/security/cve/CVE-2024-50045.html * https://www.suse.com/security/cve/CVE-2024-50046.html * https://www.suse.com/security/cve/CVE-2024-50047.html * https://www.suse.com/security/cve/CVE-2024-50048.html * https://www.suse.com/security/cve/CVE-2024-50049.html * https://www.suse.com/security/cve/CVE-2024-50055.html * https://www.suse.com/security/cve/CVE-2024-50058.html * https://www.suse.com/security/cve/CVE-2024-50059.html * https://www.suse.com/security/cve/CVE-2024-50061.html * https://www.suse.com/security/cve/CVE-2024-50063.html * https://www.suse.com/security/cve/CVE-2024-50081.html * https://bugzilla.suse.com/show_bug.cgi?id=1204171 * https://bugzilla.suse.com/show_bug.cgi?id=1205796 * https://bugzilla.suse.com/show_bug.cgi?id=1206188 * https://bugzilla.suse.com/show_bug.cgi?id=1206344 * https://bugzilla.suse.com/show_bug.cgi?id=1209290 * https://bugzilla.suse.com/show_bug.cgi?id=1210449 * https://bugzilla.suse.com/show_bug.cgi?id=1210627 * https://bugzilla.suse.com/show_bug.cgi?id=1213034 * https://bugzilla.suse.com/show_bug.cgi?id=1216813 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1223524 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1225189 * https://bugzilla.suse.com/show_bug.cgi?id=1225336 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1225762 * https://bugzilla.suse.com/show_bug.cgi?id=1226498 * https://bugzilla.suse.com/show_bug.cgi?id=1226797 * https://bugzilla.suse.com/show_bug.cgi?id=1227437 * https://bugzilla.suse.com/show_bug.cgi?id=1227885 * https://bugzilla.suse.com/show_bug.cgi?id=1228119 * https://bugzilla.suse.com/show_bug.cgi?id=1228269 * https://bugzilla.suse.com/show_bug.cgi?id=1228709 * https://bugzilla.suse.com/show_bug.cgi?id=1228743 * https://bugzilla.suse.com/show_bug.cgi?id=1229005 * https://bugzilla.suse.com/show_bug.cgi?id=1229019 * https://bugzilla.suse.com/show_bug.cgi?id=1229450 * https://bugzilla.suse.com/show_bug.cgi?id=1229454 * https://bugzilla.suse.com/show_bug.cgi?id=1229456 * https://bugzilla.suse.com/show_bug.cgi?id=1229556 * https://bugzilla.suse.com/show_bug.cgi?id=1229769 * https://bugzilla.suse.com/show_bug.cgi?id=1229837 * https://bugzilla.suse.com/show_bug.cgi?id=1230179 * https://bugzilla.suse.com/show_bug.cgi?id=1230405 * https://bugzilla.suse.com/show_bug.cgi?id=1230414 * https://bugzilla.suse.com/show_bug.cgi?id=1230429 * https://bugzilla.suse.com/show_bug.cgi?id=1230456 * https://bugzilla.suse.com/show_bug.cgi?id=1230600 * https://bugzilla.suse.com/show_bug.cgi?id=1230620 * https://bugzilla.suse.com/show_bug.cgi?id=1230715 * https://bugzilla.suse.com/show_bug.cgi?id=1230722 * https://bugzilla.suse.com/show_bug.cgi?id=1230773 * https://bugzilla.suse.com/show_bug.cgi?id=1230801 * https://bugzilla.suse.com/show_bug.cgi?id=1230903 * https://bugzilla.suse.com/show_bug.cgi?id=1230918 * https://bugzilla.suse.com/show_bug.cgi?id=1231016 * https://bugzilla.suse.com/show_bug.cgi?id=1231072 * https://bugzilla.suse.com/show_bug.cgi?id=1231073 * https://bugzilla.suse.com/show_bug.cgi?id=1231094 * https://bugzilla.suse.com/show_bug.cgi?id=1231096 * https://bugzilla.suse.com/show_bug.cgi?id=1231105 * https://bugzilla.suse.com/show_bug.cgi?id=1231114 * https://bugzilla.suse.com/show_bug.cgi?id=1231148 * https://bugzilla.suse.com/show_bug.cgi?id=1231179 * https://bugzilla.suse.com/show_bug.cgi?id=1231191 * https://bugzilla.suse.com/show_bug.cgi?id=1231193 * https://bugzilla.suse.com/show_bug.cgi?id=1231195 * https://bugzilla.suse.com/show_bug.cgi?id=1231197 * https://bugzilla.suse.com/show_bug.cgi?id=1231200 * https://bugzilla.suse.com/show_bug.cgi?id=1231203 * https://bugzilla.suse.com/show_bug.cgi?id=1231293 * https://bugzilla.suse.com/show_bug.cgi?id=1231344 * https://bugzilla.suse.com/show_bug.cgi?id=1231375 * https://bugzilla.suse.com/show_bug.cgi?id=1231383 * https://bugzilla.suse.com/show_bug.cgi?id=1231439 * https://bugzilla.suse.com/show_bug.cgi?id=1231442 * https://bugzilla.suse.com/show_bug.cgi?id=1231496 * https://bugzilla.suse.com/show_bug.cgi?id=1231502 * https://bugzilla.suse.com/show_bug.cgi?id=1231539 * https://bugzilla.suse.com/show_bug.cgi?id=1231540 * https://bugzilla.suse.com/show_bug.cgi?id=1231578 * https://bugzilla.suse.com/show_bug.cgi?id=1231673 * https://bugzilla.suse.com/show_bug.cgi?id=1231857 * https://bugzilla.suse.com/show_bug.cgi?id=1231861 * https://bugzilla.suse.com/show_bug.cgi?id=1231872 * https://bugzilla.suse.com/show_bug.cgi?id=1231883 * https://bugzilla.suse.com/show_bug.cgi?id=1231885 * https://bugzilla.suse.com/show_bug.cgi?id=1231887 * https://bugzilla.suse.com/show_bug.cgi?id=1231888 * https://bugzilla.suse.com/show_bug.cgi?id=1231889 * https://bugzilla.suse.com/show_bug.cgi?id=1231890 * https://bugzilla.suse.com/show_bug.cgi?id=1231892 * https://bugzilla.suse.com/show_bug.cgi?id=1231893 * https://bugzilla.suse.com/show_bug.cgi?id=1231895 * https://bugzilla.suse.com/show_bug.cgi?id=1231896 * https://bugzilla.suse.com/show_bug.cgi?id=1231897 * https://bugzilla.suse.com/show_bug.cgi?id=1231902 * https://bugzilla.suse.com/show_bug.cgi?id=1231903 * https://bugzilla.suse.com/show_bug.cgi?id=1231907 * https://bugzilla.suse.com/show_bug.cgi?id=1231914 * https://bugzilla.suse.com/show_bug.cgi?id=1231929 * https://bugzilla.suse.com/show_bug.cgi?id=1231935 * https://bugzilla.suse.com/show_bug.cgi?id=1231936 * https://bugzilla.suse.com/show_bug.cgi?id=1231937 * https://bugzilla.suse.com/show_bug.cgi?id=1231938 * https://bugzilla.suse.com/show_bug.cgi?id=1231939 * https://bugzilla.suse.com/show_bug.cgi?id=1231940 * https://bugzilla.suse.com/show_bug.cgi?id=1231941 * https://bugzilla.suse.com/show_bug.cgi?id=1231942 * https://bugzilla.suse.com/show_bug.cgi?id=1231944 * https://bugzilla.suse.com/show_bug.cgi?id=1231950 * https://bugzilla.suse.com/show_bug.cgi?id=1231954 * https://bugzilla.suse.com/show_bug.cgi?id=1231958 * https://bugzilla.suse.com/show_bug.cgi?id=1231960 * https://bugzilla.suse.com/show_bug.cgi?id=1231961 * https://bugzilla.suse.com/show_bug.cgi?id=1231962 * https://bugzilla.suse.com/show_bug.cgi?id=1231965 * https://bugzilla.suse.com/show_bug.cgi?id=1231967 * https://bugzilla.suse.com/show_bug.cgi?id=1231968 * https://bugzilla.suse.com/show_bug.cgi?id=1231972 * https://bugzilla.suse.com/show_bug.cgi?id=1231973 * https://bugzilla.suse.com/show_bug.cgi?id=1231976 * https://bugzilla.suse.com/show_bug.cgi?id=1231979 * https://bugzilla.suse.com/show_bug.cgi?id=1231987 * https://bugzilla.suse.com/show_bug.cgi?id=1231988 * https://bugzilla.suse.com/show_bug.cgi?id=1231990 * https://bugzilla.suse.com/show_bug.cgi?id=1231992 * https://bugzilla.suse.com/show_bug.cgi?id=1231995 * https://bugzilla.suse.com/show_bug.cgi?id=1231996 * https://bugzilla.suse.com/show_bug.cgi?id=1231997 * https://bugzilla.suse.com/show_bug.cgi?id=1231998 * https://bugzilla.suse.com/show_bug.cgi?id=1232001 * https://bugzilla.suse.com/show_bug.cgi?id=1232004 * https://bugzilla.suse.com/show_bug.cgi?id=1232005 * https://bugzilla.suse.com/show_bug.cgi?id=1232006 * https://bugzilla.suse.com/show_bug.cgi?id=1232007 * https://bugzilla.suse.com/show_bug.cgi?id=1232025 * https://bugzilla.suse.com/show_bug.cgi?id=1232026 * https://bugzilla.suse.com/show_bug.cgi?id=1232033 * https://bugzilla.suse.com/show_bug.cgi?id=1232034 * https://bugzilla.suse.com/show_bug.cgi?id=1232035 * https://bugzilla.suse.com/show_bug.cgi?id=1232036 * https://bugzilla.suse.com/show_bug.cgi?id=1232037 * https://bugzilla.suse.com/show_bug.cgi?id=1232038 * https://bugzilla.suse.com/show_bug.cgi?id=1232039 * https://bugzilla.suse.com/show_bug.cgi?id=1232043 * https://bugzilla.suse.com/show_bug.cgi?id=1232049 * https://bugzilla.suse.com/show_bug.cgi?id=1232067 * https://bugzilla.suse.com/show_bug.cgi?id=1232069 * https://bugzilla.suse.com/show_bug.cgi?id=1232070 * https://bugzilla.suse.com/show_bug.cgi?id=1232071 * https://bugzilla.suse.com/show_bug.cgi?id=1232075 * https://bugzilla.suse.com/show_bug.cgi?id=1232083 * https://bugzilla.suse.com/show_bug.cgi?id=1232084 * https://bugzilla.suse.com/show_bug.cgi?id=1232085 * https://bugzilla.suse.com/show_bug.cgi?id=1232089 * https://bugzilla.suse.com/show_bug.cgi?id=1232097 * https://bugzilla.suse.com/show_bug.cgi?id=1232104 * https://bugzilla.suse.com/show_bug.cgi?id=1232105 * https://bugzilla.suse.com/show_bug.cgi?id=1232108 * https://bugzilla.suse.com/show_bug.cgi?id=1232114 * https://bugzilla.suse.com/show_bug.cgi?id=1232116 * https://bugzilla.suse.com/show_bug.cgi?id=1232119 * https://bugzilla.suse.com/show_bug.cgi?id=1232120 * https://bugzilla.suse.com/show_bug.cgi?id=1232123 * https://bugzilla.suse.com/show_bug.cgi?id=1232124 * https://bugzilla.suse.com/show_bug.cgi?id=1232133 * https://bugzilla.suse.com/show_bug.cgi?id=1232135 * https://bugzilla.suse.com/show_bug.cgi?id=1232136 * https://bugzilla.suse.com/show_bug.cgi?id=1232140 * https://bugzilla.suse.com/show_bug.cgi?id=1232145 * https://bugzilla.suse.com/show_bug.cgi?id=1232149 * https://bugzilla.suse.com/show_bug.cgi?id=1232150 * https://bugzilla.suse.com/show_bug.cgi?id=1232151 * https://bugzilla.suse.com/show_bug.cgi?id=1232154 * https://bugzilla.suse.com/show_bug.cgi?id=1232155 * https://bugzilla.suse.com/show_bug.cgi?id=1232160 * https://bugzilla.suse.com/show_bug.cgi?id=1232163 * https://bugzilla.suse.com/show_bug.cgi?id=1232164 * https://bugzilla.suse.com/show_bug.cgi?id=1232170 * https://bugzilla.suse.com/show_bug.cgi?id=1232172 * https://bugzilla.suse.com/show_bug.cgi?id=1232174 * https://bugzilla.suse.com/show_bug.cgi?id=1232175 * https://bugzilla.suse.com/show_bug.cgi?id=1232191 * https://bugzilla.suse.com/show_bug.cgi?id=1232196 * https://bugzilla.suse.com/show_bug.cgi?id=1232199 * https://bugzilla.suse.com/show_bug.cgi?id=1232200 * https://bugzilla.suse.com/show_bug.cgi?id=1232201 * https://bugzilla.suse.com/show_bug.cgi?id=1232217 * https://bugzilla.suse.com/show_bug.cgi?id=1232220 * https://bugzilla.suse.com/show_bug.cgi?id=1232221 * https://bugzilla.suse.com/show_bug.cgi?id=1232229 * https://bugzilla.suse.com/show_bug.cgi?id=1232233 * https://bugzilla.suse.com/show_bug.cgi?id=1232237 * https://bugzilla.suse.com/show_bug.cgi?id=1232251 * https://bugzilla.suse.com/show_bug.cgi?id=1232253 * https://bugzilla.suse.com/show_bug.cgi?id=1232259 * https://bugzilla.suse.com/show_bug.cgi?id=1232260 * https://bugzilla.suse.com/show_bug.cgi?id=1232262 * https://bugzilla.suse.com/show_bug.cgi?id=1232263 * https://bugzilla.suse.com/show_bug.cgi?id=1232282 * https://bugzilla.suse.com/show_bug.cgi?id=1232285 * https://bugzilla.suse.com/show_bug.cgi?id=1232286 * https://bugzilla.suse.com/show_bug.cgi?id=1232304 * https://bugzilla.suse.com/show_bug.cgi?id=1232305 * https://bugzilla.suse.com/show_bug.cgi?id=1232307 * https://bugzilla.suse.com/show_bug.cgi?id=1232309 * https://bugzilla.suse.com/show_bug.cgi?id=1232310 * https://bugzilla.suse.com/show_bug.cgi?id=1232313 * https://bugzilla.suse.com/show_bug.cgi?id=1232314 * https://bugzilla.suse.com/show_bug.cgi?id=1232316 * https://bugzilla.suse.com/show_bug.cgi?id=1232329 * https://bugzilla.suse.com/show_bug.cgi?id=1232332 * https://bugzilla.suse.com/show_bug.cgi?id=1232335 * https://bugzilla.suse.com/show_bug.cgi?id=1232337 * https://bugzilla.suse.com/show_bug.cgi?id=1232342 * https://bugzilla.suse.com/show_bug.cgi?id=1232345 * https://bugzilla.suse.com/show_bug.cgi?id=1232352 * https://bugzilla.suse.com/show_bug.cgi?id=1232354 * https://bugzilla.suse.com/show_bug.cgi?id=1232355 * https://bugzilla.suse.com/show_bug.cgi?id=1232358 * https://bugzilla.suse.com/show_bug.cgi?id=1232361 * https://bugzilla.suse.com/show_bug.cgi?id=1232366 * https://bugzilla.suse.com/show_bug.cgi?id=1232367 * https://bugzilla.suse.com/show_bug.cgi?id=1232368 * https://bugzilla.suse.com/show_bug.cgi?id=1232369 * https://bugzilla.suse.com/show_bug.cgi?id=1232374 * https://bugzilla.suse.com/show_bug.cgi?id=1232381 * https://bugzilla.suse.com/show_bug.cgi?id=1232383 * https://bugzilla.suse.com/show_bug.cgi?id=1232392 * https://bugzilla.suse.com/show_bug.cgi?id=1232395 * https://bugzilla.suse.com/show_bug.cgi?id=1232418 * https://bugzilla.suse.com/show_bug.cgi?id=1232424 * https://bugzilla.suse.com/show_bug.cgi?id=1232432 * https://bugzilla.suse.com/show_bug.cgi?id=1232435 * https://bugzilla.suse.com/show_bug.cgi?id=1232442 * https://bugzilla.suse.com/show_bug.cgi?id=1232446 * https://bugzilla.suse.com/show_bug.cgi?id=1232501 * https://bugzilla.suse.com/show_bug.cgi?id=1232519 * https://bugzilla.suse.com/show_bug.cgi?id=1232630 * https://bugzilla.suse.com/show_bug.cgi?id=1232631 * https://bugzilla.suse.com/show_bug.cgi?id=1232632 * https://bugzilla.suse.com/show_bug.cgi?id=1232757 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 13 16:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 13 Nov 2024 16:30:08 -0000 Subject: SUSE-SU-2024:3987-1: moderate: Security update for java-1_8_0-openjdk Message-ID: <173151540827.13126.12632515231855370534@smelt2.prg2.suse.org> # Security update for java-1_8_0-openjdk Announcement ID: SUSE-SU-2024:3987-1 Release Date: 2024-11-13T14:56:32Z Rating: moderate References: * bsc#1228051 * bsc#1231702 * bsc#1231711 * bsc#1231716 * bsc#1231719 Cross-References: * CVE-2024-21145 * CVE-2024-21208 * CVE-2024-21210 * CVE-2024-21217 * CVE-2024-21235 CVSS scores: * CVE-2024-21145 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21145 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21145 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21208 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-21208 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21208 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21210 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-21210 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21210 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21217 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-21217 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21217 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21235 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-21235 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21235 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u432 (icedtea-3.33.0): * CVE-2024-21208: Enhance HTTP client (bsc#1231702). * CVE-2024-21210: Improve handling of vectorization (bsc#1231711). * CVE-2024-21217: Improve deserialization support (bsc#1231716). * CVE-2024-21235: Improve graph optimizations (bsc#1231719). * CVE-2024-21145: Improve 2D image (bsc#1228051). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2024-3987=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-3987=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openjdk-demo-1.8.0.432-27.108.2 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.432-27.108.2 * java-1_8_0-openjdk-devel-1.8.0.432-27.108.2 * java-1_8_0-openjdk-headless-1.8.0.432-27.108.2 * java-1_8_0-openjdk-1.8.0.432-27.108.2 * java-1_8_0-openjdk-debugsource-1.8.0.432-27.108.2 * java-1_8_0-openjdk-debuginfo-1.8.0.432-27.108.2 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.432-27.108.2 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.432-27.108.2 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 (x86_64) * java-1_8_0-openjdk-demo-1.8.0.432-27.108.2 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.432-27.108.2 * java-1_8_0-openjdk-devel-1.8.0.432-27.108.2 * java-1_8_0-openjdk-headless-1.8.0.432-27.108.2 * java-1_8_0-openjdk-1.8.0.432-27.108.2 * java-1_8_0-openjdk-debugsource-1.8.0.432-27.108.2 * java-1_8_0-openjdk-debuginfo-1.8.0.432-27.108.2 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.432-27.108.2 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.432-27.108.2 ## References: * https://www.suse.com/security/cve/CVE-2024-21145.html * https://www.suse.com/security/cve/CVE-2024-21208.html * https://www.suse.com/security/cve/CVE-2024-21210.html * https://www.suse.com/security/cve/CVE-2024-21217.html * https://www.suse.com/security/cve/CVE-2024-21235.html * https://bugzilla.suse.com/show_bug.cgi?id=1228051 * https://bugzilla.suse.com/show_bug.cgi?id=1231702 * https://bugzilla.suse.com/show_bug.cgi?id=1231711 * https://bugzilla.suse.com/show_bug.cgi?id=1231716 * https://bugzilla.suse.com/show_bug.cgi?id=1231719 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 14 12:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 14 Nov 2024 12:30:09 -0000 Subject: SUSE-SU-2024:3988-1: important: Security update for buildah Message-ID: <173158740914.4790.12781451851053052792@smelt2.prg2.suse.org> # Security update for buildah Announcement ID: SUSE-SU-2024:3988-1 Release Date: 2024-11-14T10:13:27Z Rating: important References: * bsc#1231208 * bsc#1231230 * bsc#1231499 * bsc#1231698 * bsc#1232522 Cross-References: * CVE-2024-9341 * CVE-2024-9407 * CVE-2024-9675 * CVE-2024-9676 CVSS scores: * CVE-2024-9341 ( SUSE ): 5.8 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-9341 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9341 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9407 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-9407 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9407 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N * CVE-2024-9675 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2024-9675 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-9675 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-9676 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-9676 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-9676 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for buildah fixes the following issues: * CVE-2024-9676: Fixed github.com/containers/storage: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) (bsc#1231698): * CVE-2024-9675: VUL-0: CVE-2024-9675: buildah,podman: buildah: cache arbitrary directory mount (bsc#1231499): * CVE-2024-9407: Fixed improper input validation in bind-propagation Option of Dockerfile RUN --mount Instruction (bsc#1231208) * CVE-2024-9341: Fixed FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library (bsc#1231230) * Using networking slirp4netns as default instead of pasta on SLE (bsc#1232522). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3988=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3988=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3988=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3988=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3988=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * buildah-1.35.4-150400.3.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * buildah-1.35.4-150400.3.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * buildah-1.35.4-150400.3.33.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * buildah-1.35.4-150400.3.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * buildah-1.35.4-150400.3.33.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9341.html * https://www.suse.com/security/cve/CVE-2024-9407.html * https://www.suse.com/security/cve/CVE-2024-9675.html * https://www.suse.com/security/cve/CVE-2024-9676.html * https://bugzilla.suse.com/show_bug.cgi?id=1231208 * https://bugzilla.suse.com/show_bug.cgi?id=1231230 * https://bugzilla.suse.com/show_bug.cgi?id=1231499 * https://bugzilla.suse.com/show_bug.cgi?id=1231698 * https://bugzilla.suse.com/show_bug.cgi?id=1232522 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 15 12:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 15 Nov 2024 12:30:07 -0000 Subject: SUSE-SU-2024:3998-1: important: Security update for glib2 Message-ID: <173167380784.4943.1039689484397121024@smelt2.prg2.suse.org> # Security update for glib2 Announcement ID: SUSE-SU-2024:3998-1 Release Date: 2024-11-15T09:12:05Z Rating: important References: * bsc#1233282 Cross-References: * CVE-2024-52533 CVSS scores: * CVE-2024-52533 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-52533 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H * CVE-2024-52533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for glib2 fixes the following issues: * CVE-2024-52533: Fixed a single byte buffer overflow (bsc#1233282). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3998=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3998=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3998=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3998=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3998=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3998=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3998=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3998=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3998=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3998=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * glib2-devel-2.62.6-150200.3.24.1 * glib2-devel-debuginfo-2.62.6-150200.3.24.1 * libgthread-2_0-0-2.62.6-150200.3.24.1 * glib2-tools-2.62.6-150200.3.24.1 * libgobject-2_0-0-2.62.6-150200.3.24.1 * libgmodule-2_0-0-2.62.6-150200.3.24.1 * libgobject-2_0-0-debuginfo-2.62.6-150200.3.24.1 * glib2-debugsource-2.62.6-150200.3.24.1 * libgio-2_0-0-2.62.6-150200.3.24.1 * libgio-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libgmodule-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libgthread-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-debuginfo-2.62.6-150200.3.24.1 * glib2-tools-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-2.62.6-150200.3.24.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * glib2-lang-2.62.6-150200.3.24.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * libglib-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libgmodule-2_0-0-32bit-2.62.6-150200.3.24.1 * libgio-2_0-0-32bit-2.62.6-150200.3.24.1 * libgobject-2_0-0-32bit-2.62.6-150200.3.24.1 * libgobject-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libgmodule-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-32bit-2.62.6-150200.3.24.1 * libgio-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * glib2-devel-2.62.6-150200.3.24.1 * glib2-devel-debuginfo-2.62.6-150200.3.24.1 * libgthread-2_0-0-2.62.6-150200.3.24.1 * glib2-tools-2.62.6-150200.3.24.1 * libgobject-2_0-0-2.62.6-150200.3.24.1 * libgmodule-2_0-0-2.62.6-150200.3.24.1 * libgobject-2_0-0-debuginfo-2.62.6-150200.3.24.1 * glib2-debugsource-2.62.6-150200.3.24.1 * libgio-2_0-0-2.62.6-150200.3.24.1 * libgio-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libgmodule-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libgthread-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-debuginfo-2.62.6-150200.3.24.1 * glib2-tools-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-2.62.6-150200.3.24.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * glib2-lang-2.62.6-150200.3.24.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * libglib-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libgio-2_0-0-32bit-2.62.6-150200.3.24.1 * libgmodule-2_0-0-32bit-2.62.6-150200.3.24.1 * libgobject-2_0-0-32bit-2.62.6-150200.3.24.1 * libgobject-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libgmodule-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-32bit-2.62.6-150200.3.24.1 * libgio-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * glib2-devel-2.62.6-150200.3.24.1 * glib2-devel-debuginfo-2.62.6-150200.3.24.1 * libgthread-2_0-0-2.62.6-150200.3.24.1 * glib2-tools-2.62.6-150200.3.24.1 * libgobject-2_0-0-2.62.6-150200.3.24.1 * libgmodule-2_0-0-2.62.6-150200.3.24.1 * libgobject-2_0-0-debuginfo-2.62.6-150200.3.24.1 * glib2-debugsource-2.62.6-150200.3.24.1 * libgio-2_0-0-2.62.6-150200.3.24.1 * libgio-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libgmodule-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libgthread-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-debuginfo-2.62.6-150200.3.24.1 * glib2-tools-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-2.62.6-150200.3.24.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * glib2-lang-2.62.6-150200.3.24.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * libglib-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libgmodule-2_0-0-32bit-2.62.6-150200.3.24.1 * libgio-2_0-0-32bit-2.62.6-150200.3.24.1 * libgobject-2_0-0-32bit-2.62.6-150200.3.24.1 * libgobject-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libgmodule-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-32bit-2.62.6-150200.3.24.1 * libgio-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * glib2-devel-2.62.6-150200.3.24.1 * glib2-devel-debuginfo-2.62.6-150200.3.24.1 * libgthread-2_0-0-2.62.6-150200.3.24.1 * glib2-tools-2.62.6-150200.3.24.1 * libgobject-2_0-0-2.62.6-150200.3.24.1 * libgmodule-2_0-0-2.62.6-150200.3.24.1 * libgobject-2_0-0-debuginfo-2.62.6-150200.3.24.1 * glib2-debugsource-2.62.6-150200.3.24.1 * libgio-2_0-0-2.62.6-150200.3.24.1 * libgio-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libgmodule-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libgthread-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-debuginfo-2.62.6-150200.3.24.1 * glib2-tools-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-2.62.6-150200.3.24.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * glib2-lang-2.62.6-150200.3.24.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * libglib-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libgio-2_0-0-32bit-2.62.6-150200.3.24.1 * libgmodule-2_0-0-32bit-2.62.6-150200.3.24.1 * libgobject-2_0-0-32bit-2.62.6-150200.3.24.1 * libgobject-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libgmodule-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-32bit-2.62.6-150200.3.24.1 * libgio-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * glib2-devel-2.62.6-150200.3.24.1 * glib2-devel-debuginfo-2.62.6-150200.3.24.1 * libgthread-2_0-0-2.62.6-150200.3.24.1 * glib2-tools-2.62.6-150200.3.24.1 * libgobject-2_0-0-2.62.6-150200.3.24.1 * libgmodule-2_0-0-2.62.6-150200.3.24.1 * libgobject-2_0-0-debuginfo-2.62.6-150200.3.24.1 * glib2-debugsource-2.62.6-150200.3.24.1 * libgio-2_0-0-2.62.6-150200.3.24.1 * libgio-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libgmodule-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libgthread-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-debuginfo-2.62.6-150200.3.24.1 * glib2-tools-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-2.62.6-150200.3.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * glib2-lang-2.62.6-150200.3.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * libglib-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libgmodule-2_0-0-32bit-2.62.6-150200.3.24.1 * libgio-2_0-0-32bit-2.62.6-150200.3.24.1 * libgobject-2_0-0-32bit-2.62.6-150200.3.24.1 * libgobject-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libgmodule-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-32bit-2.62.6-150200.3.24.1 * libgio-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * glib2-devel-2.62.6-150200.3.24.1 * glib2-devel-debuginfo-2.62.6-150200.3.24.1 * libgthread-2_0-0-2.62.6-150200.3.24.1 * glib2-tools-2.62.6-150200.3.24.1 * libgobject-2_0-0-2.62.6-150200.3.24.1 * libgmodule-2_0-0-2.62.6-150200.3.24.1 * libgobject-2_0-0-debuginfo-2.62.6-150200.3.24.1 * glib2-debugsource-2.62.6-150200.3.24.1 * libgio-2_0-0-2.62.6-150200.3.24.1 * libgio-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libgmodule-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libgthread-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-debuginfo-2.62.6-150200.3.24.1 * glib2-tools-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-2.62.6-150200.3.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * glib2-lang-2.62.6-150200.3.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * libglib-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libgio-2_0-0-32bit-2.62.6-150200.3.24.1 * libgmodule-2_0-0-32bit-2.62.6-150200.3.24.1 * libgobject-2_0-0-32bit-2.62.6-150200.3.24.1 * libgobject-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libgmodule-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-32bit-2.62.6-150200.3.24.1 * libgio-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * glib2-devel-2.62.6-150200.3.24.1 * glib2-devel-debuginfo-2.62.6-150200.3.24.1 * libgthread-2_0-0-2.62.6-150200.3.24.1 * glib2-tools-2.62.6-150200.3.24.1 * libgobject-2_0-0-2.62.6-150200.3.24.1 * libgmodule-2_0-0-2.62.6-150200.3.24.1 * libgobject-2_0-0-debuginfo-2.62.6-150200.3.24.1 * glib2-debugsource-2.62.6-150200.3.24.1 * libgio-2_0-0-2.62.6-150200.3.24.1 * libgio-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libgmodule-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libgthread-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-debuginfo-2.62.6-150200.3.24.1 * glib2-tools-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-2.62.6-150200.3.24.1 * SUSE Enterprise Storage 7.1 (noarch) * glib2-lang-2.62.6-150200.3.24.1 * SUSE Enterprise Storage 7.1 (x86_64) * libglib-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libgio-2_0-0-32bit-2.62.6-150200.3.24.1 * libgmodule-2_0-0-32bit-2.62.6-150200.3.24.1 * libgobject-2_0-0-32bit-2.62.6-150200.3.24.1 * libgobject-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libgmodule-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-32bit-2.62.6-150200.3.24.1 * libgio-2_0-0-32bit-debuginfo-2.62.6-150200.3.24.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * glib2-tools-2.62.6-150200.3.24.1 * libgobject-2_0-0-2.62.6-150200.3.24.1 * libgmodule-2_0-0-2.62.6-150200.3.24.1 * libgobject-2_0-0-debuginfo-2.62.6-150200.3.24.1 * glib2-debugsource-2.62.6-150200.3.24.1 * libgio-2_0-0-2.62.6-150200.3.24.1 * libgio-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libgmodule-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-debuginfo-2.62.6-150200.3.24.1 * glib2-tools-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-2.62.6-150200.3.24.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * glib2-tools-2.62.6-150200.3.24.1 * libgobject-2_0-0-2.62.6-150200.3.24.1 * libgmodule-2_0-0-2.62.6-150200.3.24.1 * libgobject-2_0-0-debuginfo-2.62.6-150200.3.24.1 * glib2-debugsource-2.62.6-150200.3.24.1 * libgio-2_0-0-2.62.6-150200.3.24.1 * libgio-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libgmodule-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-debuginfo-2.62.6-150200.3.24.1 * glib2-tools-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-2.62.6-150200.3.24.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * glib2-tools-2.62.6-150200.3.24.1 * libgobject-2_0-0-2.62.6-150200.3.24.1 * libgmodule-2_0-0-2.62.6-150200.3.24.1 * libgobject-2_0-0-debuginfo-2.62.6-150200.3.24.1 * glib2-debugsource-2.62.6-150200.3.24.1 * libgio-2_0-0-2.62.6-150200.3.24.1 * libgio-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libgmodule-2_0-0-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-debuginfo-2.62.6-150200.3.24.1 * glib2-tools-debuginfo-2.62.6-150200.3.24.1 * libglib-2_0-0-2.62.6-150200.3.24.1 ## References: * https://www.suse.com/security/cve/CVE-2024-52533.html * https://bugzilla.suse.com/show_bug.cgi?id=1233282 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 15 12:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 15 Nov 2024 12:30:10 -0000 Subject: SUSE-SU-2024:3997-1: moderate: Security update for python3-wxPython Message-ID: <173167381000.4943.9206077559581681348@smelt2.prg2.suse.org> # Security update for python3-wxPython Announcement ID: SUSE-SU-2024:3997-1 Release Date: 2024-11-15T08:36:38Z Rating: moderate References: * bsc#1232590 Cross-References: * CVE-2024-50602 CVSS scores: * CVE-2024-50602 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-50602 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python3-wxPython fixes the following issues: * CVE-2024-50602: Fixed a denial of service in the vendored libexpat's XML_ResumeParser function (bsc#1232590). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3997=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3997=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3997=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3997=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3997=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python3-wxPython-debugsource-4.1.1-150400.10.1 * python3-wxPython-4.1.1-150400.10.1 * python3-wxPython-lang-4.1.1-150400.10.1 * python3-wxPython-debuginfo-4.1.1-150400.10.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python3-wxPython-debugsource-4.1.1-150400.10.1 * python3-wxPython-4.1.1-150400.10.1 * python3-wxPython-lang-4.1.1-150400.10.1 * python3-wxPython-debuginfo-4.1.1-150400.10.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python3-wxPython-debugsource-4.1.1-150400.10.1 * python3-wxPython-4.1.1-150400.10.1 * python3-wxPython-lang-4.1.1-150400.10.1 * python3-wxPython-debuginfo-4.1.1-150400.10.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * python3-wxPython-debugsource-4.1.1-150400.10.1 * python3-wxPython-4.1.1-150400.10.1 * python3-wxPython-debuginfo-4.1.1-150400.10.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * python3-wxPython-debugsource-4.1.1-150400.10.1 * python3-wxPython-4.1.1-150400.10.1 * python3-wxPython-debuginfo-4.1.1-150400.10.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50602.html * https://bugzilla.suse.com/show_bug.cgi?id=1232590 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 15 12:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 15 Nov 2024 12:30:14 -0000 Subject: SUSE-SU-2024:3995-1: important: Security update for ucode-intel Message-ID: <173167381478.4943.11047820607831660589@smelt2.prg2.suse.org> # Security update for ucode-intel Announcement ID: SUSE-SU-2024:3995-1 Release Date: 2024-11-15T08:27:01Z Rating: important References: * bsc#1233313 Cross-References: * CVE-2024-21820 * CVE-2024-21853 * CVE-2024-23918 * CVE-2024-23984 * CVE-2024-24968 CVSS scores: * CVE-2024-21820 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N * CVE-2024-21820 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N * CVE-2024-21820 ( NVD ): 8.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-21820 ( NVD ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N * CVE-2024-21853 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-21853 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-21853 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-21853 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23918 ( SUSE ): 8.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-23918 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-23918 ( NVD ): 8.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-23918 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-23984 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-23984 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-23984 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-23984 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-24968 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-24968 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-24968 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-24968 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for ucode-intel fixes the following issues: * Intel CPU Microcode was updated to the 20241112 release (bsc#1233313) * CVE-2024-21853: Faulty finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel Xeon Processors may allow an authorized user to potentially enable denial of service via local access. * CVE-2024-23918: Improper conditions check in some Intel Xeon processor memory controller configurations when using Intel SGX may allow a privileged user to potentially enable escalation of privilege via local access. * CVE-2024-21820: Incorrect default permissions in some Intel Xeon processor memory controller configurations when using Intel SGX may allow a privileged user to potentially enable escalation of privilege via local access. * CVE-2024-24968: Improper finite state machines (FSMs) in hardware logic in some Intel Processors may allow an privileged user to potentially enable a denial of service via local access. * CVE-2024-23984: Observable discrepancy in RAPL interface for some Intel Processors may allow a privileged user to potentially enable information disclosure via local access. * Update for functional issues. New Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ADL | C0 | 06-97-02/07 | 00000036 | 00000037 | Core Gen12 | ADL | H0 | 06-97-05/07 | 00000036 | 00000037 | Core Gen12 | ADL | L0 | 06-9a-03/80 | 00000434 | 00000435 | Core Gen12 | ADL | R0 | 06-9a-04/80 | 00000434 | 00000435 | Core Gen12 | EMR-SP | A0 | 06-cf-01/87 | 21000230 | 21000283 | Xeon Scalable Gen5 | EMR-SP | A1 | 06-cf-02/87 | 21000230 | 21000283 | Xeon Scalable Gen5 | MTL | C0 | 06-aa-04/e6 | 0000001f | 00000020 | Core? Ultra Processor | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004122 | 00004123 | Core Gen13 | RPL-HX/S | C0 | 06-bf-02/07 | 00000036 | 00000037 | Core Gen13/Gen14 | RPL-S | H0 | 06-bf-05/07 | 00000036 | 00000037 | Core Gen13/Gen14 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004122 | 00004123 | Core Gen13 | SPR-SP | E3 | 06-8f-06/87 | 2b0005c0 | 2b000603 | Xeon Scalable Gen4 | SPR-SP | E4/S2 | 06-8f-07/87 | 2b0005c0 | 2b000603 | Xeon Scalable Gen4 | SPR-SP | E5/S3 | 06-8f-08/87 | 2b0005c0 | 2b000603 | Xeon Scalable Gen4 New Disclosures Updated in Prior Releases: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ICL-D | B0 | 06-6c-01/10 | 010002b0 | N/A | Xeon D-17xx/D-18xx, D-27xx/D-28xx | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003e7 | N/A | Xeon Scalable Gen3 * Intel CPU Microcode was updated to the 20241029 release Update for functional issues. Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | RPL-E/HX/S | B0 | 06-b7-01/32 | 00000129 | 0000012b | Core Gen13/Gen14 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-3995=1 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2024-3995=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 (x86_64) * ucode-intel-debuginfo-20241112-146.1 * ucode-intel-debugsource-20241112-146.1 * ucode-intel-20241112-146.1 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 (x86_64) * ucode-intel-debuginfo-20241112-146.1 * ucode-intel-debugsource-20241112-146.1 * ucode-intel-20241112-146.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21820.html * https://www.suse.com/security/cve/CVE-2024-21853.html * https://www.suse.com/security/cve/CVE-2024-23918.html * https://www.suse.com/security/cve/CVE-2024-23984.html * https://www.suse.com/security/cve/CVE-2024-24968.html * https://bugzilla.suse.com/show_bug.cgi?id=1233313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 15 16:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 15 Nov 2024 16:30:04 -0000 Subject: SUSE-SU-2024:3999-1: important: Security update for apache2 Message-ID: <173168820478.4790.1607161096055254504@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2024:3999-1 Release Date: 2024-11-15T13:35:34Z Rating: important References: * bsc#1233165 Cross-References: * CVE-2023-45802 CVSS scores: * CVE-2023-45802 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45802 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2023-45802: Fixed regression with previous fix (bsc#1233165). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3999=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3999=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3999=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3999=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3999=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3999=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3999=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3999=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-3999=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3999=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3999=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3999=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3999=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3999=1 ## Package List: * SUSE Manager Proxy 4.3 (x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Manager Proxy 4.3 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Manager Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-event-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-example-pages-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-event-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * openSUSE Leap 15.4 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-event-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-example-pages-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-event-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * openSUSE Leap 15.5 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-event-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-event-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * Server Applications Module 15-SP5 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * Server Applications Module 15-SP6 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.43.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45802.html * https://bugzilla.suse.com/show_bug.cgi?id=1233165 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Nov 2024 16:30:05 -0000 Subject: SUSE-SU-2024:4036-1: moderate: Security update for httpcomponents-client, httpcomponents-core Message-ID: <173194740510.4943.1001243061504795464@smelt2.prg2.suse.org> # Security update for httpcomponents-client, httpcomponents-core Announcement ID: SUSE-SU-2024:4036-1 Release Date: 2024-11-18T15:24:16Z Rating: moderate References: * bsc#1177488 Cross-References: * CVE-2020-13956 CVSS scores: * CVE-2020-13956 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N * CVE-2020-13956 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for httpcomponents-client, httpcomponents-core fixes the following issues: httpcomponents-client: \- Update to version 4.5.14 * HTTPCLIENT-2206: Corrected resource de-allocation by fluent response objects. * HTTPCLIENT-2174: URIBuilder to return a new empty list instead of unmodifiable Collections#emptyList. * Don't retry requests in case of NoRouteToHostException. * HTTPCLIENT-2144: RequestBuilder fails to correctly copy charset of requests with form url-encoded body. * PR #269: 4.5.x use array fill and more. \+ Use Arrays.fill(). \+ Remove redundant modifiers. \+ Use Collections.addAll() and Collection.addAll() APIs instead of loops. \+ Remove redundant returns. \+ No need to explicitly declare an array when calling a vararg method. \+ Remote extra semicolons (;). \+ Use a 'L' instead of 'l' to make long literals more readable. * PublicSuffixListParser.parseByType(Reader) allocates but does not use a 256 char StringBuilder. * Incorrect handling of malformed authority component by URIUtils#extractHost (bsc#1177488, CVE-2020-13956). * Avoid updating Content- Length header in a 304 response. * Bug fix: BasicExpiresHandler is annotated as immutable but is not (#239) * HTTPCLIENT-2076: Fixed NPE in LaxExpiresHandler. httpcomponents-core: \- Upgraded to version 4.4.14 * PR #231: 4.4.x Use better map apis and more. \+ Remove redundant modifiers. \+ Use Collections.addAll() API instead of loops. \+ Remove redundant returns. \+ No need to explicitly declare an array when calling a vararg method. \+ Remote extra semicolons (;). * Bug fix: Non-blocking TLSv1.3 connections can end up in an infinite event spin when closed concurrently by the local and the remote endpoints. * HTTPCORE-647: Non-blocking connection terminated due to 'java.io.IOException: Broken pipe' can enter an infinite loop flushing buffered output data. * PR #201, HTTPCORE-634: Fix race condition in AbstractConnPool that can cause internal state corruption when persistent connections are manually removed from the pool. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4036=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4036=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-4036=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-4036=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-4036=1 ## Package List: * openSUSE Leap 15.5 (noarch) * httpcomponents-client-cache-4.5.14-150200.3.9.1 * httpcomponents-core-4.4.14-150200.3.9.1 * httpcomponents-client-4.5.14-150200.3.9.1 * httpcomponents-client-javadoc-4.5.14-150200.3.9.1 * httpcomponents-core-javadoc-4.4.14-150200.3.9.1 * openSUSE Leap 15.6 (noarch) * httpcomponents-client-cache-4.5.14-150200.3.9.1 * httpcomponents-core-4.4.14-150200.3.9.1 * httpcomponents-client-4.5.14-150200.3.9.1 * httpcomponents-client-javadoc-4.5.14-150200.3.9.1 * httpcomponents-core-javadoc-4.4.14-150200.3.9.1 * Development Tools Module 15-SP5 (noarch) * httpcomponents-client-4.5.14-150200.3.9.1 * httpcomponents-core-4.4.14-150200.3.9.1 * Development Tools Module 15-SP6 (noarch) * httpcomponents-client-4.5.14-150200.3.9.1 * httpcomponents-core-4.4.14-150200.3.9.1 * SUSE Manager Server 4.3 Module 4.3 (noarch) * httpcomponents-client-4.5.14-150200.3.9.1 * httpcomponents-core-4.4.14-150200.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2020-13956.html * https://bugzilla.suse.com/show_bug.cgi?id=1177488 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Nov 2024 16:30:07 -0000 Subject: SUSE-SU-2024:4035-1: moderate: Security update for expat Message-ID: <173194740793.4943.13732618989891754121@smelt2.prg2.suse.org> # Security update for expat Announcement ID: SUSE-SU-2024:4035-1 Release Date: 2024-11-18T15:23:17Z Rating: moderate References: * bsc#1232579 Cross-References: * CVE-2024-50602 CVSS scores: * CVE-2024-50602 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-50602 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for expat fixes the following issues: * CVE-2024-50602: Fixed a denial of service via XML_ResumeParser (bsc#1232579). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4035=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-4035=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4035=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4035=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4035=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4035=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4035=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4035=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-4035=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4035=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4035=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * expat-debuginfo-2.4.4-150400.3.25.1 * expat-debugsource-2.4.4-150400.3.25.1 * libexpat-devel-2.4.4-150400.3.25.1 * libexpat1-2.4.4-150400.3.25.1 * expat-2.4.4-150400.3.25.1 * libexpat1-debuginfo-2.4.4-150400.3.25.1 * openSUSE Leap 15.4 (x86_64) * libexpat1-32bit-2.4.4-150400.3.25.1 * libexpat-devel-32bit-2.4.4-150400.3.25.1 * expat-32bit-debuginfo-2.4.4-150400.3.25.1 * libexpat1-32bit-debuginfo-2.4.4-150400.3.25.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libexpat1-64bit-2.4.4-150400.3.25.1 * libexpat1-64bit-debuginfo-2.4.4-150400.3.25.1 * libexpat-devel-64bit-2.4.4-150400.3.25.1 * expat-64bit-debuginfo-2.4.4-150400.3.25.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * expat-debuginfo-2.4.4-150400.3.25.1 * libexpat1-debuginfo-2.4.4-150400.3.25.1 * expat-debugsource-2.4.4-150400.3.25.1 * libexpat1-2.4.4-150400.3.25.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * expat-debuginfo-2.4.4-150400.3.25.1 * expat-debugsource-2.4.4-150400.3.25.1 * libexpat-devel-2.4.4-150400.3.25.1 * libexpat1-2.4.4-150400.3.25.1 * expat-2.4.4-150400.3.25.1 * libexpat1-debuginfo-2.4.4-150400.3.25.1 * openSUSE Leap 15.5 (x86_64) * libexpat1-32bit-2.4.4-150400.3.25.1 * libexpat-devel-32bit-2.4.4-150400.3.25.1 * expat-32bit-debuginfo-2.4.4-150400.3.25.1 * libexpat1-32bit-debuginfo-2.4.4-150400.3.25.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * expat-debuginfo-2.4.4-150400.3.25.1 * expat-debugsource-2.4.4-150400.3.25.1 * libexpat-devel-2.4.4-150400.3.25.1 * libexpat1-2.4.4-150400.3.25.1 * expat-2.4.4-150400.3.25.1 * libexpat1-debuginfo-2.4.4-150400.3.25.1 * openSUSE Leap 15.6 (x86_64) * libexpat1-32bit-2.4.4-150400.3.25.1 * libexpat-devel-32bit-2.4.4-150400.3.25.1 * expat-32bit-debuginfo-2.4.4-150400.3.25.1 * libexpat1-32bit-debuginfo-2.4.4-150400.3.25.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * expat-debuginfo-2.4.4-150400.3.25.1 * libexpat1-debuginfo-2.4.4-150400.3.25.1 * expat-debugsource-2.4.4-150400.3.25.1 * libexpat1-2.4.4-150400.3.25.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * expat-debuginfo-2.4.4-150400.3.25.1 * libexpat1-debuginfo-2.4.4-150400.3.25.1 * expat-debugsource-2.4.4-150400.3.25.1 * libexpat1-2.4.4-150400.3.25.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * expat-debuginfo-2.4.4-150400.3.25.1 * libexpat1-debuginfo-2.4.4-150400.3.25.1 * expat-debugsource-2.4.4-150400.3.25.1 * libexpat1-2.4.4-150400.3.25.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * expat-debuginfo-2.4.4-150400.3.25.1 * libexpat1-debuginfo-2.4.4-150400.3.25.1 * expat-debugsource-2.4.4-150400.3.25.1 * libexpat1-2.4.4-150400.3.25.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * expat-debuginfo-2.4.4-150400.3.25.1 * libexpat1-debuginfo-2.4.4-150400.3.25.1 * expat-debugsource-2.4.4-150400.3.25.1 * libexpat1-2.4.4-150400.3.25.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * expat-debuginfo-2.4.4-150400.3.25.1 * expat-debugsource-2.4.4-150400.3.25.1 * libexpat-devel-2.4.4-150400.3.25.1 * libexpat1-2.4.4-150400.3.25.1 * expat-2.4.4-150400.3.25.1 * libexpat1-debuginfo-2.4.4-150400.3.25.1 * Basesystem Module 15-SP5 (x86_64) * libexpat1-32bit-2.4.4-150400.3.25.1 * expat-32bit-debuginfo-2.4.4-150400.3.25.1 * libexpat1-32bit-debuginfo-2.4.4-150400.3.25.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * expat-debuginfo-2.4.4-150400.3.25.1 * expat-debugsource-2.4.4-150400.3.25.1 * libexpat-devel-2.4.4-150400.3.25.1 * libexpat1-2.4.4-150400.3.25.1 * expat-2.4.4-150400.3.25.1 * libexpat1-debuginfo-2.4.4-150400.3.25.1 * Basesystem Module 15-SP6 (x86_64) * libexpat1-32bit-2.4.4-150400.3.25.1 * expat-32bit-debuginfo-2.4.4-150400.3.25.1 * libexpat1-32bit-debuginfo-2.4.4-150400.3.25.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50602.html * https://bugzilla.suse.com/show_bug.cgi?id=1232579 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:30:55 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Nov 2024 16:30:55 -0000 Subject: SUSE-SU-2024:4029-1: important: Security update for SUSE Manager Salt Bundle Message-ID: <173194745563.4943.5420968066673163542@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-2024:4029-1 Release Date: 2024-11-18T13:29:50Z Rating: important References: * bsc#1219041 * bsc#1220357 * bsc#1222842 * bsc#1226141 * bsc#1226447 * bsc#1226448 * bsc#1226469 * bsc#1227547 * bsc#1228105 * bsc#1228780 * bsc#1229109 * bsc#1229539 * bsc#1229654 * bsc#1229704 * bsc#1229873 * bsc#1229994 * bsc#1229995 * bsc#1229996 * bsc#1230058 * bsc#1230059 * bsc#1230322 * jsc#MSQA-863 Cross-References: * CVE-2024-0397 * CVE-2024-3651 * CVE-2024-37891 * CVE-2024-4032 * CVE-2024-5569 * CVE-2024-6345 * CVE-2024-6923 * CVE-2024-7592 * CVE-2024-8088 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-3651 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3651 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37891 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-5569 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-6345 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8088 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 An update that solves nine vulnerabilities, contains one feature and has 12 security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security fixes on Python 3.11 interpreter: * CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes (bsc#1229873, bsc#1230059) * CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path (bsc#1229704, bsc#1230058) * CVE-2024-6923: Prevent email header injection due to unquoted newlines (bsc#1228780) * CVE-2024-4032: Rearranging definition of private global IP addresses (bsc#1226448) * CVE-2024-0397: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads (bsc#1226447) * Security fixes on Python dependencies: * CVE-2024-5569: zipp: Fixed a Denial of Service (DoS) vulnerability in the jaraco/zipp library (bsc#1227547, bsc#1229996) * CVE-2024-6345: setuptools: Sanitize any VCS URL used for download (bsc#1228105, bsc#1229995) * CVE-2024-3651: idna: Fix a potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842, bsc#1229994) * CVE-2024-37891: urllib3: Added the `Proxy-Authorization` header to the list of headers to strip from requests when redirecting to a different host (bsc#1226469, bsc#1229654) * Other bugs fixed: * Fixed failing x509 tests with OpenSSL < 1.1 * Avoid explicit reading of /etc/salt/minion (bsc#1220357) * Allow NamedLoaderContexts to be returned from loader * Reverted the change making reactor less blocking (bsc#1230322) * Use --cachedir for extension_modules in salt-call (bsc#1226141) * Prevent using SyncWrapper with no reason * Enable post_start_cleanup.sh to work in a transaction * Fixed the SELinux context for Salt Minion service (bsc#1219041) * Increase warn_until_date date for code we still support * Avoid crash on wrong output of systemctl version (bsc#1229539) * Improved error handling with different OpenSSL versions * Fixed cloud Minion configuration for multiple Masters (bsc#1229109) * Use Pygit2 id instead of deprecated oid in gitfs * Added passlib Python module to the bundle ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 zypper in -t patch SUSE-EL-9-CLIENT-TOOLS-2024-4029=1 ## Package List: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-1.47.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-3651.html * https://www.suse.com/security/cve/CVE-2024-37891.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://www.suse.com/security/cve/CVE-2024-5569.html * https://www.suse.com/security/cve/CVE-2024-6345.html * https://www.suse.com/security/cve/CVE-2024-6923.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://www.suse.com/security/cve/CVE-2024-8088.html * https://bugzilla.suse.com/show_bug.cgi?id=1219041 * https://bugzilla.suse.com/show_bug.cgi?id=1220357 * https://bugzilla.suse.com/show_bug.cgi?id=1222842 * https://bugzilla.suse.com/show_bug.cgi?id=1226141 * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 * https://bugzilla.suse.com/show_bug.cgi?id=1226469 * https://bugzilla.suse.com/show_bug.cgi?id=1227547 * https://bugzilla.suse.com/show_bug.cgi?id=1228105 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 * https://bugzilla.suse.com/show_bug.cgi?id=1229109 * https://bugzilla.suse.com/show_bug.cgi?id=1229539 * https://bugzilla.suse.com/show_bug.cgi?id=1229654 * https://bugzilla.suse.com/show_bug.cgi?id=1229704 * https://bugzilla.suse.com/show_bug.cgi?id=1229873 * https://bugzilla.suse.com/show_bug.cgi?id=1229994 * https://bugzilla.suse.com/show_bug.cgi?id=1229995 * https://bugzilla.suse.com/show_bug.cgi?id=1229996 * https://bugzilla.suse.com/show_bug.cgi?id=1230058 * https://bugzilla.suse.com/show_bug.cgi?id=1230059 * https://bugzilla.suse.com/show_bug.cgi?id=1230322 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:31:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Nov 2024 16:31:14 -0000 Subject: SUSE-SU-2024:4026-1: important: Security update for SUSE Manager Salt Bundle Message-ID: <173194747419.4943.6409039471907968708@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-2024:4026-1 Release Date: 2024-11-18T13:29:06Z Rating: important References: * bsc#1219041 * bsc#1220357 * bsc#1222842 * bsc#1226141 * bsc#1226447 * bsc#1226448 * bsc#1226469 * bsc#1227547 * bsc#1228105 * bsc#1228780 * bsc#1229109 * bsc#1229539 * bsc#1229654 * bsc#1229704 * bsc#1229873 * bsc#1229994 * bsc#1229995 * bsc#1229996 * bsc#1230058 * bsc#1230059 * bsc#1230322 * jsc#MSQA-863 Cross-References: * CVE-2024-0397 * CVE-2024-3651 * CVE-2024-37891 * CVE-2024-4032 * CVE-2024-5569 * CVE-2024-6345 * CVE-2024-6923 * CVE-2024-7592 * CVE-2024-8088 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-3651 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3651 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37891 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-5569 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-6345 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8088 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Manager Client Tools for Debian 12 An update that solves nine vulnerabilities, contains one feature and has 12 security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security fixes on Python 3.11 interpreter: * CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes (bsc#1229873, bsc#1230059) * CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path (bsc#1229704, bsc#1230058) * CVE-2024-6923: Prevent email header injection due to unquoted newlines (bsc#1228780) * CVE-2024-4032: Rearranging definition of private global IP addresses (bsc#1226448) * CVE-2024-0397: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads (bsc#1226447) * Security fixes on Python dependencies: * CVE-2024-5569: zipp: Fixed a Denial of Service (DoS) vulnerability in the jaraco/zipp library (bsc#1227547, bsc#1229996) * CVE-2024-6345: setuptools: Sanitize any VCS URL used for download (bsc#1228105, bsc#1229995) * CVE-2024-3651: idna: Fix a potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842, bsc#1229994) * CVE-2024-37891: urllib3: Added the `Proxy-Authorization` header to the list of headers to strip from requests when redirecting to a different host (bsc#1226469, bsc#1229654) * Other bugs fixed: * Fixed failing x509 tests with OpenSSL < 1.1 * Avoid explicit reading of /etc/salt/minion (bsc#1220357) * Allow NamedLoaderContexts to be returned from loader * Reverted the change making reactor less blocking (bsc#1230322) * Use --cachedir for extension_modules in salt-call (bsc#1226141) * Prevent using SyncWrapper with no reason * Enable post_start_cleanup.sh to work in a transaction * Fixed the SELinux context for Salt Minion service (bsc#1219041) * Increase warn_until_date date for code we still support * Avoid crash on wrong output of systemctl version (bsc#1229539) * Improved error handling with different OpenSSL versions * Fixed cloud Minion configuration for multiple Masters (bsc#1229109) * Use Pygit2 id instead of deprecated oid in gitfs * Added passlib Python module to the bundle ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Debian 12 zypper in -t patch SUSE-Debian-12-CLIENT-TOOLS-x86_64-2024-4026=1 ## Package List: * SUSE Manager Client Tools for Debian 12 (amd64) * venv-salt-minion-3006.0-2.23.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-3651.html * https://www.suse.com/security/cve/CVE-2024-37891.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://www.suse.com/security/cve/CVE-2024-5569.html * https://www.suse.com/security/cve/CVE-2024-6345.html * https://www.suse.com/security/cve/CVE-2024-6923.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://www.suse.com/security/cve/CVE-2024-8088.html * https://bugzilla.suse.com/show_bug.cgi?id=1219041 * https://bugzilla.suse.com/show_bug.cgi?id=1220357 * https://bugzilla.suse.com/show_bug.cgi?id=1222842 * https://bugzilla.suse.com/show_bug.cgi?id=1226141 * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 * https://bugzilla.suse.com/show_bug.cgi?id=1226469 * https://bugzilla.suse.com/show_bug.cgi?id=1227547 * https://bugzilla.suse.com/show_bug.cgi?id=1228105 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 * https://bugzilla.suse.com/show_bug.cgi?id=1229109 * https://bugzilla.suse.com/show_bug.cgi?id=1229539 * https://bugzilla.suse.com/show_bug.cgi?id=1229654 * https://bugzilla.suse.com/show_bug.cgi?id=1229704 * https://bugzilla.suse.com/show_bug.cgi?id=1229873 * https://bugzilla.suse.com/show_bug.cgi?id=1229994 * https://bugzilla.suse.com/show_bug.cgi?id=1229995 * https://bugzilla.suse.com/show_bug.cgi?id=1229996 * https://bugzilla.suse.com/show_bug.cgi?id=1230058 * https://bugzilla.suse.com/show_bug.cgi?id=1230059 * https://bugzilla.suse.com/show_bug.cgi?id=1230322 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:31:33 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Nov 2024 16:31:33 -0000 Subject: SUSE-SU-2024:4025-1: important: Security update for SUSE Manager Salt Bundle Message-ID: <173194749313.4943.15556022486509864907@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-2024:4025-1 Release Date: 2024-11-18T13:28:49Z Rating: important References: * bsc#1219041 * bsc#1220357 * bsc#1222842 * bsc#1226141 * bsc#1226447 * bsc#1226448 * bsc#1226469 * bsc#1227547 * bsc#1228105 * bsc#1228780 * bsc#1229109 * bsc#1229539 * bsc#1229654 * bsc#1229704 * bsc#1229873 * bsc#1229994 * bsc#1229995 * bsc#1229996 * bsc#1230058 * bsc#1230059 * bsc#1230322 * jsc#MSQA-863 Cross-References: * CVE-2024-0397 * CVE-2024-3651 * CVE-2024-37891 * CVE-2024-4032 * CVE-2024-5569 * CVE-2024-6345 * CVE-2024-6923 * CVE-2024-7592 * CVE-2024-8088 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-3651 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3651 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37891 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-5569 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-6345 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8088 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Manager Client Tools for Debian 11 An update that solves nine vulnerabilities, contains one feature and has 12 security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security fixes on Python 3.11 interpreter: * CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes (bsc#1229873, bsc#1230059) * CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path (bsc#1229704, bsc#1230058) * CVE-2024-6923: Prevent email header injection due to unquoted newlines (bsc#1228780) * CVE-2024-4032: Rearranging definition of private global IP addresses (bsc#1226448) * CVE-2024-0397: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads (bsc#1226447) * Security fixes on Python dependencies: * CVE-2024-5569: zipp: Fixed a Denial of Service (DoS) vulnerability in the jaraco/zipp library (bsc#1227547, bsc#1229996) * CVE-2024-6345: setuptools: Sanitize any VCS URL used for download (bsc#1228105, bsc#1229995) * CVE-2024-3651: idna: Fix a potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842, bsc#1229994) * CVE-2024-37891: urllib3: Added the `Proxy-Authorization` header to the list of headers to strip from requests when redirecting to a different host (bsc#1226469, bsc#1229654) * Other bugs fixed: * Fixed failing x509 tests with OpenSSL < 1.1 * Avoid explicit reading of /etc/salt/minion (bsc#1220357) * Allow NamedLoaderContexts to be returned from loader * Reverted the change making reactor less blocking (bsc#1230322) * Use --cachedir for extension_modules in salt-call (bsc#1226141) * Prevent using SyncWrapper with no reason * Enable post_start_cleanup.sh to work in a transaction * Fixed the SELinux context for Salt Minion service (bsc#1219041) * Increase warn_until_date date for code we still support * Avoid crash on wrong output of systemctl version (bsc#1229539) * Improved error handling with different OpenSSL versions * Fixed cloud Minion configuration for multiple Masters (bsc#1229109) * Use Pygit2 id instead of deprecated oid in gitfs * Added passlib Python module to the bundle ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Debian 11 zypper in -t patch SUSE-Debian-11-CLIENT-TOOLS-x86_64-2024-4025=1 ## Package List: * SUSE Manager Client Tools for Debian 11 (amd64) * venv-salt-minion-3006.0-2.61.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-3651.html * https://www.suse.com/security/cve/CVE-2024-37891.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://www.suse.com/security/cve/CVE-2024-5569.html * https://www.suse.com/security/cve/CVE-2024-6345.html * https://www.suse.com/security/cve/CVE-2024-6923.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://www.suse.com/security/cve/CVE-2024-8088.html * https://bugzilla.suse.com/show_bug.cgi?id=1219041 * https://bugzilla.suse.com/show_bug.cgi?id=1220357 * https://bugzilla.suse.com/show_bug.cgi?id=1222842 * https://bugzilla.suse.com/show_bug.cgi?id=1226141 * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 * https://bugzilla.suse.com/show_bug.cgi?id=1226469 * https://bugzilla.suse.com/show_bug.cgi?id=1227547 * https://bugzilla.suse.com/show_bug.cgi?id=1228105 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 * https://bugzilla.suse.com/show_bug.cgi?id=1229109 * https://bugzilla.suse.com/show_bug.cgi?id=1229539 * https://bugzilla.suse.com/show_bug.cgi?id=1229654 * https://bugzilla.suse.com/show_bug.cgi?id=1229704 * https://bugzilla.suse.com/show_bug.cgi?id=1229873 * https://bugzilla.suse.com/show_bug.cgi?id=1229994 * https://bugzilla.suse.com/show_bug.cgi?id=1229995 * https://bugzilla.suse.com/show_bug.cgi?id=1229996 * https://bugzilla.suse.com/show_bug.cgi?id=1230058 * https://bugzilla.suse.com/show_bug.cgi?id=1230059 * https://bugzilla.suse.com/show_bug.cgi?id=1230322 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:31:54 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Nov 2024 16:31:54 -0000 Subject: SUSE-SU-202410:15283-1: moderate: Security update for SUSE Manager Salt Bundle Message-ID: <173194751458.4943.18020414532752055165@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-202410:15283-1 Release Date: 2024-11-18T13:26:13Z Rating: moderate References: * bsc#1219041 * bsc#1220357 * bsc#1222842 * bsc#1226141 * bsc#1226447 * bsc#1226448 * bsc#1226469 * bsc#1227547 * bsc#1228105 * bsc#1228780 * bsc#1229109 * bsc#1229539 * bsc#1229654 * bsc#1229704 * bsc#1229873 * bsc#1229994 * bsc#1229995 * bsc#1229996 * bsc#1230058 * bsc#1230059 * bsc#1230322 * jsc#MSQA-863 Cross-References: * CVE-2024-0397 * CVE-2024-3651 * CVE-2024-37891 * CVE-2024-4032 * CVE-2024-5569 * CVE-2024-6345 * CVE-2024-6923 * CVE-2024-7592 * CVE-2024-8088 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-3651 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3651 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37891 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-5569 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-6345 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8088 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Manager Client Tools for Ubuntu 22.04 2204 An update that solves nine vulnerabilities, contains one feature and has 12 security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security fixes on Python 3.11 interpreter: * CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes (bsc#1229873, bsc#1230059) * CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path (bsc#1229704, bsc#1230058) * CVE-2024-6923: Prevent email header injection due to unquoted newlines (bsc#1228780) * CVE-2024-4032: Rearranging definition of private global IP addresses (bsc#1226448) * CVE-2024-0397: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads (bsc#1226447) * Security fixes on Python dependencies: * CVE-2024-5569: zipp: Fixed a Denial of Service (DoS) vulnerability in the jaraco/zipp library (bsc#1227547, bsc#1229996) * CVE-2024-6345: setuptools: Sanitize any VCS URL used for download (bsc#1228105, bsc#1229995) * CVE-2024-3651: idna: Fix a potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842, bsc#1229994) * CVE-2024-37891: urllib3: Added the `Proxy-Authorization` header to the list of headers to strip from requests when redirecting to a different host (bsc#1226469, bsc#1229654) * Other bugs fixed: * Fixed failing x509 tests with OpenSSL < 1.1 * Avoid explicit reading of /etc/salt/minion (bsc#1220357) * Allow NamedLoaderContexts to be returned from loader * Reverted the change making reactor less blocking (bsc#1230322) * Use --cachedir for extension_modules in salt-call (bsc#1226141) * Prevent using SyncWrapper with no reason * Enable post_start_cleanup.sh to work in a transaction * Fixed the SELinux context for Salt Minion service (bsc#1219041) * Increase warn_until_date date for code we still support * Avoid crash on wrong output of systemctl version (bsc#1229539) * Improved error handling with different OpenSSL versions * Fixed cloud Minion configuration for multiple Masters (bsc#1229109) * Use Pygit2 id instead of deprecated oid in gitfs * Added passlib Python module to the bundle ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Ubuntu 22.04 2204 zypper in -t patch suse-ubu224ct-client-tools-202410-15283=1 ## Package List: * SUSE Manager Client Tools for Ubuntu 22.04 2204 (amd64) * venv-salt-minion-3006.0-2.54.3 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-3651.html * https://www.suse.com/security/cve/CVE-2024-37891.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://www.suse.com/security/cve/CVE-2024-5569.html * https://www.suse.com/security/cve/CVE-2024-6345.html * https://www.suse.com/security/cve/CVE-2024-6923.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://www.suse.com/security/cve/CVE-2024-8088.html * https://bugzilla.suse.com/show_bug.cgi?id=1219041 * https://bugzilla.suse.com/show_bug.cgi?id=1220357 * https://bugzilla.suse.com/show_bug.cgi?id=1222842 * https://bugzilla.suse.com/show_bug.cgi?id=1226141 * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 * https://bugzilla.suse.com/show_bug.cgi?id=1226469 * https://bugzilla.suse.com/show_bug.cgi?id=1227547 * https://bugzilla.suse.com/show_bug.cgi?id=1228105 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 * https://bugzilla.suse.com/show_bug.cgi?id=1229109 * https://bugzilla.suse.com/show_bug.cgi?id=1229539 * https://bugzilla.suse.com/show_bug.cgi?id=1229654 * https://bugzilla.suse.com/show_bug.cgi?id=1229704 * https://bugzilla.suse.com/show_bug.cgi?id=1229873 * https://bugzilla.suse.com/show_bug.cgi?id=1229994 * https://bugzilla.suse.com/show_bug.cgi?id=1229995 * https://bugzilla.suse.com/show_bug.cgi?id=1229996 * https://bugzilla.suse.com/show_bug.cgi?id=1230058 * https://bugzilla.suse.com/show_bug.cgi?id=1230059 * https://bugzilla.suse.com/show_bug.cgi?id=1230322 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:32:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Nov 2024 16:32:17 -0000 Subject: SUSE-SU-202410:15282-1: important: Security update for SUSE Manager Salt Bundle Message-ID: <173194753740.4943.3957287242238886192@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-202410:15282-1 Release Date: 2024-11-18T13:26:00Z Rating: important References: * bsc#1219041 * bsc#1220357 * bsc#1222842 * bsc#1226141 * bsc#1226447 * bsc#1226448 * bsc#1226469 * bsc#1227547 * bsc#1228105 * bsc#1228780 * bsc#1229109 * bsc#1229539 * bsc#1229654 * bsc#1229704 * bsc#1229873 * bsc#1229994 * bsc#1229995 * bsc#1229996 * bsc#1230058 * bsc#1230059 * bsc#1230322 * jsc#MSQA-863 Cross-References: * CVE-2024-0397 * CVE-2024-3651 * CVE-2024-37891 * CVE-2024-4032 * CVE-2024-5569 * CVE-2024-6345 * CVE-2024-6923 * CVE-2024-7592 * CVE-2024-8088 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-3651 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3651 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37891 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-5569 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-6345 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8088 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Manager Client Tools for Ubuntu 20.04 2004 An update that solves nine vulnerabilities, contains one feature and has 12 security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security fixes on Python 3.11 interpreter: * CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes (bsc#1229873, bsc#1230059) * CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path (bsc#1229704, bsc#1230058) * CVE-2024-6923: Prevent email header injection due to unquoted newlines (bsc#1228780) * CVE-2024-4032: Rearranging definition of private global IP addresses (bsc#1226448) * CVE-2024-0397: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads (bsc#1226447) * Security fixes on Python dependencies: * CVE-2024-5569: zipp: Fixed a Denial of Service (DoS) vulnerability in the jaraco/zipp library (bsc#1227547, bsc#1229996) * CVE-2024-6345: setuptools: Sanitize any VCS URL used for download (bsc#1228105, bsc#1229995) * CVE-2024-3651: idna: Fix a potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842, bsc#1229994) * CVE-2024-37891: urllib3: Added the `Proxy-Authorization` header to the list of headers to strip from requests when redirecting to a different host (bsc#1226469, bsc#1229654) * Other bugs fixed: * Fixed failing x509 tests with OpenSSL < 1.1 * Avoid explicit reading of /etc/salt/minion (bsc#1220357) * Allow NamedLoaderContexts to be returned from loader * Reverted the change making reactor less blocking (bsc#1230322) * Use --cachedir for extension_modules in salt-call (bsc#1226141) * Prevent using SyncWrapper with no reason * Enable post_start_cleanup.sh to work in a transaction * Fixed the SELinux context for Salt Minion service (bsc#1219041) * Increase warn_until_date date for code we still support * Avoid crash on wrong output of systemctl version (bsc#1229539) * Improved error handling with different OpenSSL versions * Fixed cloud Minion configuration for multiple Masters (bsc#1229109) * Use Pygit2 id instead of deprecated oid in gitfs * Added passlib Python module to the bundle ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Ubuntu 20.04 2004 zypper in -t patch suse-ubu204ct-client-tools-202410-15282=1 ## Package List: * SUSE Manager Client Tools for Ubuntu 20.04 2004 (amd64) * venv-salt-minion-3006.0-2.63.3 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-3651.html * https://www.suse.com/security/cve/CVE-2024-37891.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://www.suse.com/security/cve/CVE-2024-5569.html * https://www.suse.com/security/cve/CVE-2024-6345.html * https://www.suse.com/security/cve/CVE-2024-6923.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://www.suse.com/security/cve/CVE-2024-8088.html * https://bugzilla.suse.com/show_bug.cgi?id=1219041 * https://bugzilla.suse.com/show_bug.cgi?id=1220357 * https://bugzilla.suse.com/show_bug.cgi?id=1222842 * https://bugzilla.suse.com/show_bug.cgi?id=1226141 * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 * https://bugzilla.suse.com/show_bug.cgi?id=1226469 * https://bugzilla.suse.com/show_bug.cgi?id=1227547 * https://bugzilla.suse.com/show_bug.cgi?id=1228105 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 * https://bugzilla.suse.com/show_bug.cgi?id=1229109 * https://bugzilla.suse.com/show_bug.cgi?id=1229539 * https://bugzilla.suse.com/show_bug.cgi?id=1229654 * https://bugzilla.suse.com/show_bug.cgi?id=1229704 * https://bugzilla.suse.com/show_bug.cgi?id=1229873 * https://bugzilla.suse.com/show_bug.cgi?id=1229994 * https://bugzilla.suse.com/show_bug.cgi?id=1229995 * https://bugzilla.suse.com/show_bug.cgi?id=1229996 * https://bugzilla.suse.com/show_bug.cgi?id=1230058 * https://bugzilla.suse.com/show_bug.cgi?id=1230059 * https://bugzilla.suse.com/show_bug.cgi?id=1230322 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:32:39 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Nov 2024 16:32:39 -0000 Subject: SUSE-SU-2024:4021-1: important: Security update for SUSE Manager Salt Bundle Message-ID: <173194755995.4943.6450836957671588648@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-2024:4021-1 Release Date: 2024-11-18T13:25:47Z Rating: important References: * bsc#1219041 * bsc#1220357 * bsc#1222842 * bsc#1226141 * bsc#1226447 * bsc#1226448 * bsc#1226469 * bsc#1227547 * bsc#1228105 * bsc#1228780 * bsc#1229109 * bsc#1229539 * bsc#1229654 * bsc#1229704 * bsc#1229873 * bsc#1229994 * bsc#1229995 * bsc#1229996 * bsc#1230058 * bsc#1230059 * bsc#1230322 * bsc#1231045 * bsc#1231697 * jsc#MSQA-863 Cross-References: * CVE-2024-0397 * CVE-2024-3651 * CVE-2024-37891 * CVE-2024-4032 * CVE-2024-5569 * CVE-2024-6345 * CVE-2024-6923 * CVE-2024-7592 * CVE-2024-8088 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-3651 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3651 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37891 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-5569 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-6345 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8088 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.0 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Client Tools for SLE 15 * SUSE Manager Client Tools for SLE Micro 5 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 Module 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that solves nine vulnerabilities, contains one feature and has 14 security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security fixes on Python 3.11 interpreter: * CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes (bsc#1229873, bsc#1230059) * CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path (bsc#1229704, bsc#1230058) * CVE-2024-6923: Prevent email header injection due to unquoted newlines (bsc#1228780) * CVE-2024-4032: Rearranging definition of private global IP addresses (bsc#1226448) * CVE-2024-0397: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads (bsc#1226447) * Security fixes on Python dependencies: * CVE-2024-5569: zipp: Fixed a Denial of Service (DoS) vulnerability in the jaraco/zipp library (bsc#1227547, bsc#1229996) * CVE-2024-6345: setuptools: Sanitize any VCS URL used for download (bsc#1228105, bsc#1229995) * CVE-2024-3651: idna: Fix a potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842, bsc#1229994) * CVE-2024-37891: urllib3: Added the `Proxy-Authorization` header to the list of headers to strip from requests when redirecting to a different host (bsc#1226469, bsc#1229654) * Other bugs fixed: * Added passlib Python module to the bundle * Allow NamedLoaderContexts to be returned from loader * Avoid crash on wrong output of systemctl version (bsc#1229539) * Avoid explicit reading of /etc/salt/minion (bsc#1220357) * Enable post_start_cleanup.sh to work in a transaction * Fixed cloud Minion configuration for multiple Masters (bsc#1229109) * Fixed failing x509 tests with OpenSSL < 1.1 * Fixed the SELinux context for Salt Minion service (bsc#1219041) * Fixed too frequent systemd service restart in test_system test * Fixed zyppnotify plugin after latest zypp/libzypp upgrades (bsc#1231697, bsc#1231045) * Improved error handling with different OpenSSL versions * Increase warn_until_date date for code we still support * Prevent using SyncWrapper with no reason * Reverted the change making reactor less blocking (bsc#1230322) * Use --cachedir for extension_modules in salt-call (bsc#1226141) * Use Pygit2 id instead of deprecated oid in gitfs ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-2024-4021=1 * SUSE Manager Client Tools for SLE Micro 5 zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2024-4021=1 * SUSE Manager Proxy 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2024-4021=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-4021=1 ## Package List: * SUSE Manager Client Tools for SLE 15 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-150000.3.67.1 * SUSE Manager Client Tools for SLE Micro 5 (aarch64 s390x x86_64) * venv-salt-minion-3006.0-150000.3.67.1 * SUSE Manager Proxy 4.3 Module 4.3 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-150000.3.67.1 * SUSE Manager Server 4.3 Module 4.3 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-150000.3.67.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-3651.html * https://www.suse.com/security/cve/CVE-2024-37891.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://www.suse.com/security/cve/CVE-2024-5569.html * https://www.suse.com/security/cve/CVE-2024-6345.html * https://www.suse.com/security/cve/CVE-2024-6923.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://www.suse.com/security/cve/CVE-2024-8088.html * https://bugzilla.suse.com/show_bug.cgi?id=1219041 * https://bugzilla.suse.com/show_bug.cgi?id=1220357 * https://bugzilla.suse.com/show_bug.cgi?id=1222842 * https://bugzilla.suse.com/show_bug.cgi?id=1226141 * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 * https://bugzilla.suse.com/show_bug.cgi?id=1226469 * https://bugzilla.suse.com/show_bug.cgi?id=1227547 * https://bugzilla.suse.com/show_bug.cgi?id=1228105 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 * https://bugzilla.suse.com/show_bug.cgi?id=1229109 * https://bugzilla.suse.com/show_bug.cgi?id=1229539 * https://bugzilla.suse.com/show_bug.cgi?id=1229654 * https://bugzilla.suse.com/show_bug.cgi?id=1229704 * https://bugzilla.suse.com/show_bug.cgi?id=1229873 * https://bugzilla.suse.com/show_bug.cgi?id=1229994 * https://bugzilla.suse.com/show_bug.cgi?id=1229995 * https://bugzilla.suse.com/show_bug.cgi?id=1229996 * https://bugzilla.suse.com/show_bug.cgi?id=1230058 * https://bugzilla.suse.com/show_bug.cgi?id=1230059 * https://bugzilla.suse.com/show_bug.cgi?id=1230322 * https://bugzilla.suse.com/show_bug.cgi?id=1231045 * https://bugzilla.suse.com/show_bug.cgi?id=1231697 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:33:01 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Nov 2024 16:33:01 -0000 Subject: SUSE-SU-2024:4020-1: important: Security update for SUSE Manager Salt Bundle Message-ID: <173194758116.4943.3638541006475977576@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-2024:4020-1 Release Date: 2024-11-18T13:25:06Z Rating: important References: * bsc#1219041 * bsc#1220357 * bsc#1222842 * bsc#1226141 * bsc#1226447 * bsc#1226448 * bsc#1226469 * bsc#1227547 * bsc#1228105 * bsc#1228780 * bsc#1229109 * bsc#1229539 * bsc#1229654 * bsc#1229704 * bsc#1229873 * bsc#1229994 * bsc#1229995 * bsc#1229996 * bsc#1230058 * bsc#1230059 * bsc#1230322 * bsc#1231045 * bsc#1231697 * jsc#MSQA-863 Cross-References: * CVE-2024-0397 * CVE-2024-3651 * CVE-2024-37891 * CVE-2024-4032 * CVE-2024-5569 * CVE-2024-6345 * CVE-2024-6923 * CVE-2024-7592 * CVE-2024-8088 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-3651 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3651 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37891 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-5569 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-6345 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8088 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 12 * SUSE Linux Enterprise Desktop 12 SP1 * SUSE Linux Enterprise Desktop 12 SP2 * SUSE Linux Enterprise Desktop 12 SP3 * SUSE Linux Enterprise Desktop 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 * SUSE Manager Client Tools for SLE 12 An update that solves nine vulnerabilities, contains one feature and has 14 security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security fixes on Python 3.11 interpreter: * CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes (bsc#1229873, bsc#1230059) * CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path (bsc#1229704, bsc#1230058) * CVE-2024-6923: Prevent email header injection due to unquoted newlines (bsc#1228780) * CVE-2024-4032: Rearranging definition of private global IP addresses (bsc#1226448) * CVE-2024-0397: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads (bsc#1226447) * Security fixes on Python dependencies: * CVE-2024-5569: zipp: Fixed a Denial of Service (DoS) vulnerability in the jaraco/zipp library (bsc#1227547, bsc#1229996) * CVE-2024-6345: setuptools: Sanitize any VCS URL used for download (bsc#1228105, bsc#1229995) * CVE-2024-3651: idna: Fix a potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842, bsc#1229994) * CVE-2024-37891: urllib3: Added the `Proxy-Authorization` header to the list of headers to strip from requests when redirecting to a different host (bsc#1226469, bsc#1229654) * Other bugs fixed: * Added passlib Python module to the bundle * Allow NamedLoaderContexts to be returned from loader * Avoid crash on wrong output of systemctl version (bsc#1229539) * Avoid explicit reading of /etc/salt/minion (bsc#1220357) * Enable post_start_cleanup.sh to work in a transaction * Fixed cloud Minion configuration for multiple Masters (bsc#1229109) * Fixed failing x509 tests with OpenSSL < 1.1 * Fixed the SELinux context for Salt Minion service (bsc#1219041) * Fixed zyppnotify plugin after latest zypp/libzypp upgrades (bsc#1231697, bsc#1231045) * Improved error handling with different OpenSSL versions * Increase warn_until_date date for code we still support * Prevent using SyncWrapper with no reason * Reverted the change making reactor less blocking (bsc#1230322) * Use --cachedir for extension_modules in salt-call (bsc#1226141) * Use Pygit2 id instead of deprecated oid in gitfs ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 12 zypper in -t patch SUSE-SLE-Manager-Tools-12-2024-4020=1 ## Package List: * SUSE Manager Client Tools for SLE 12 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-3.65.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-3651.html * https://www.suse.com/security/cve/CVE-2024-37891.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://www.suse.com/security/cve/CVE-2024-5569.html * https://www.suse.com/security/cve/CVE-2024-6345.html * https://www.suse.com/security/cve/CVE-2024-6923.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://www.suse.com/security/cve/CVE-2024-8088.html * https://bugzilla.suse.com/show_bug.cgi?id=1219041 * https://bugzilla.suse.com/show_bug.cgi?id=1220357 * https://bugzilla.suse.com/show_bug.cgi?id=1222842 * https://bugzilla.suse.com/show_bug.cgi?id=1226141 * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 * https://bugzilla.suse.com/show_bug.cgi?id=1226469 * https://bugzilla.suse.com/show_bug.cgi?id=1227547 * https://bugzilla.suse.com/show_bug.cgi?id=1228105 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 * https://bugzilla.suse.com/show_bug.cgi?id=1229109 * https://bugzilla.suse.com/show_bug.cgi?id=1229539 * https://bugzilla.suse.com/show_bug.cgi?id=1229654 * https://bugzilla.suse.com/show_bug.cgi?id=1229704 * https://bugzilla.suse.com/show_bug.cgi?id=1229873 * https://bugzilla.suse.com/show_bug.cgi?id=1229994 * https://bugzilla.suse.com/show_bug.cgi?id=1229995 * https://bugzilla.suse.com/show_bug.cgi?id=1229996 * https://bugzilla.suse.com/show_bug.cgi?id=1230058 * https://bugzilla.suse.com/show_bug.cgi?id=1230059 * https://bugzilla.suse.com/show_bug.cgi?id=1230322 * https://bugzilla.suse.com/show_bug.cgi?id=1231045 * https://bugzilla.suse.com/show_bug.cgi?id=1231697 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:33:18 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Nov 2024 16:33:18 -0000 Subject: SUSE-SU-2024:4019-1: important: Security update for SUSE Manager Client Tools Message-ID: <173194759820.4943.11020756884799837101@smelt2.prg2.suse.org> # Security update for SUSE Manager Client Tools Announcement ID: SUSE-SU-2024:4019-1 Release Date: 2024-11-18T13:24:46Z Rating: important References: * bsc#1213933 * bsc#1223142 * bsc#1226759 * bsc#1227341 * bsc#1227578 * bsc#1227606 * bsc#1228424 * bsc#1228685 * bsc#1229108 * bsc#1229432 * bsc#1229437 * bsc#1229501 * bsc#1230136 * bsc#1230139 * bsc#1230285 * bsc#1230288 * bsc#1230745 * bsc#1231157 * bsc#1231206 * jsc#ECO-3319 * jsc#MSQA-863 Cross-References: * CVE-2023-3978 CVSS scores: * CVE-2023-3978 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2023-3978 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 An update that solves one vulnerability, contains two features and has 18 security fixes can now be installed. ## Description: This update fixes the following issues: golang-github-lusitaniae-apache_exporter was updated from version 1.0.1 to 1.0.8: * Security issues fixed: * CVE-2023-3978: Fixed security bug in x/net dependency in version 1.0.2 (bsc#1213933) * Bugs fixed: * Require Go 1.20 when building for RedHat derivatives * Version 1.0.8 (bsc#1227341): * Update prometheus/client_golang to version 1.19.1 * Update x/net to version 0.23.0 * Version 1.0.7: * Update protobuf to version 1.33.0 * Update prometheus/client_golang to version 1.19.0 * Update prometheus/common to version 0.46.0 * Standardize landing page * Version 1.0.6: * Update prometheus/exporter-toolkit to version 0.11.0 * Update prometheus/client_golang to version 1.18.0 * Added User-Agent header * Version 1.0.4: * Update x/crypto to version 0.17.0 * Update alecthomas/kingpin/v2 to version 2.4.0 * Update prometheus/common to version 0.45.0 * Version 1.0.3: * Update prometheus/client_golang to version 1.17.0 * Update x/net 0.17.0 * Version 1.0.1: * Update prometheus/exporter-toolkit to version 0.10.0 * Update prometheus/common to version 0.44.0 * Update prometheus/client_golang to version 1.16.0 scap-security-guide was updated from version 0.1.73 to 0.1.74: * Version 0.1.74 (jsc#ECO-3319): * Added Amazon Linux 2023 product * Introduce new remediation type Kickstart * Make PAM macros more flexible to variables * Remove Debian 10 Product * Remove Red Hat Enterprise Linux 7 product * Update CIS RHEL9 control file to v2.0.0 spacecmd was updated from version 5.0.9-0 to 5.0.10-0: * Version 5.0.10-0: * Speed up softwarechannel_removepackages (bsc#1227606) * Fixed error in 'kickstart_delete' when using wildcards (bsc#1227578) * Spacecmd bootstrap now works with specified port (bsc#1229437) * Fixed sls backup creation as directory with spacecmd (bsc#1230745) uyuni-tools was updated from version 0.1.21-0 to 0.1.23-0: * Version 0.1.23-0: * Ensure namespace is defined in all kubernetes commands * Use SCC credentials to authenticate against registry.suse.com for kubernetes (bsc#1231157) * Fixed namespace usage on mgrctl cp command * Version 0.1.22-0: * Set projectId also for test packages/images * mgradm migration should not pull Confidential Computing and Hub image is replicas == 0 (bsc#1229432, bsc#1230136) * Do not allow SUSE Manager downgrade * Prevent completion issue when /var/log/uyuni-tools.log is missing * Fixed proxy shared volume flag * During migration, exclude mgr-sync configuration file (bsc#1228685) * Migrate from PostgreSQL 14 to PostgreSQL 16 pg_hba.conf and postgresql.conf files (bsc#1231206) * During migration, handle empty autoinstallation path (bsc#1230285) * During migration, handle symlinks (bsc#1230288) * During migration, trust the remote sender's file list (bsc#1228424) * Use SCC flags during podman pull * Restore SELinux permission after migration (bsc#1229501) * Share volumes between containers (bsc#1223142) * Save supportconfig in current directory (bsc#1226759) * Fixed error code handling on reinstallation (bsc#1230139) * Fixed creation of first user and organization * Added missing variable quotes for install vars (bsc#1229108) * Added API login and logout calls to allow persistent login ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 zypper in -t patch SUSE-EL-9-CLIENT-TOOLS-2024-4019=1 ## Package List: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (aarch64 ppc64le s390x x86_64) * mgrctl-0.1.23-1.11.1 * golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1 * mgrctl-debuginfo-0.1.23-1.11.1 * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (noarch) * mgrctl-bash-completion-0.1.23-1.11.1 * mgrctl-zsh-completion-0.1.23-1.11.1 * spacecmd-5.0.10-1.41.1 * scap-security-guide-redhat-0.1.74-1.29.1 ## References: * https://www.suse.com/security/cve/CVE-2023-3978.html * https://bugzilla.suse.com/show_bug.cgi?id=1213933 * https://bugzilla.suse.com/show_bug.cgi?id=1223142 * https://bugzilla.suse.com/show_bug.cgi?id=1226759 * https://bugzilla.suse.com/show_bug.cgi?id=1227341 * https://bugzilla.suse.com/show_bug.cgi?id=1227578 * https://bugzilla.suse.com/show_bug.cgi?id=1227606 * https://bugzilla.suse.com/show_bug.cgi?id=1228424 * https://bugzilla.suse.com/show_bug.cgi?id=1228685 * https://bugzilla.suse.com/show_bug.cgi?id=1229108 * https://bugzilla.suse.com/show_bug.cgi?id=1229432 * https://bugzilla.suse.com/show_bug.cgi?id=1229437 * https://bugzilla.suse.com/show_bug.cgi?id=1229501 * https://bugzilla.suse.com/show_bug.cgi?id=1230136 * https://bugzilla.suse.com/show_bug.cgi?id=1230139 * https://bugzilla.suse.com/show_bug.cgi?id=1230285 * https://bugzilla.suse.com/show_bug.cgi?id=1230288 * https://bugzilla.suse.com/show_bug.cgi?id=1230745 * https://bugzilla.suse.com/show_bug.cgi?id=1231157 * https://bugzilla.suse.com/show_bug.cgi?id=1231206 * https://jira.suse.com/browse/ECO-3319 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:34:31 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Nov 2024 16:34:31 -0000 Subject: SUSE-SU-2024:4011-1: moderate: Security update for SUSE Manager Client Tools Message-ID: <173194767130.4943.2927538841654436820@smelt2.prg2.suse.org> # Security update for SUSE Manager Client Tools Announcement ID: SUSE-SU-2024:4011-1 Release Date: 2024-11-18T13:23:33Z Rating: moderate References: * bsc#1213933 * bsc#1223142 * bsc#1226759 * bsc#1227341 * bsc#1227578 * bsc#1227606 * bsc#1228424 * bsc#1228685 * bsc#1229108 * bsc#1229260 * bsc#1229432 * bsc#1229437 * bsc#1229501 * bsc#1230136 * bsc#1230139 * bsc#1230285 * bsc#1230288 * bsc#1230745 * bsc#1231157 * bsc#1231206 * jsc#MSQA-863 Cross-References: * CVE-2023-3978 CVSS scores: * CVE-2023-3978 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2023-3978 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.0 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Client Tools for SLE 15 * SUSE Manager Client Tools for SLE Micro 5 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 Module 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability, contains one feature and has 19 security fixes can now be installed. ## Description: This update fixes the following issues: golang-github-lusitaniae-apache_exporter: * Security issues fixed: * CVE-2023-3978: Fixed security bug in x/net dependency (bsc#1213933) * Other changes and issues fixed: * Delete unpackaged debug files for RHEL * Do not include source files in the package for RHEL 9 * Require Go 1.20 when building for RedHat derivatives * Drop EnvironmentFile from the service definition * Explicitly unset $ARGS environment variable. Setting environment variables should be done in drop-in systemd configuration files. * Drop go_nostrip macro. It is not needed with current binutils and Go. * Migrate from `disabled` to `manual` source service type * Drop BuildRequires: golang-packaging * Upgrade to version 1.0.8 (bsc#1227341) * Update prometheus/client_golang to version 1.19.1 * Update x/net to version 0.23.0 * Upgrade to version 1.0.7 * Update protobuf to version 1.33.0 * Update prometheus/client_golang to version 1.19.0 * Update prometheus/common to version 0.46.0 * Standardize landing page * Upgrade to version 1.0.6 * Update prometheus/exporter-toolkit to version 0.11.0 * Update prometheus/client_golang to version 1.18.0 * Add User-Agent header * Upgrade to version 1.0.4 * Update x/crypto to version 0.17.0 * Update alecthomas/kingpin/v2 to version 2.4.0 * Update prometheus/common to version 0.45.0 * Upgrade to version 1.0.3 * Update prometheus/client_golang to version 1.17.0 * Update x/net 0.17.0 * Upgrade to version 1.0.1 * Update prometheus/exporter-toolkit to version 0.10.0 * Update prometheus/common to version 0.44.0 * Update prometheus/client_golang to version 1.16.0 golang-github-prometheus-promu: * Require Go >= 1.21 for building * Packaging improvements: * Drop export CGO_ENABLED="0". Use the default unless there is a defined requirement or benefit (bsc#1230623). * Update to version 0.16.0: * Do not discover user/host for reproducible builds * Fix example/prometheus build error * Update to version 0.15.0: * Add linux/riscv64 to default platforms * Use yaml.Unmarshalstrict to validate configuration files spacecmd: * Version 5.0.10-0 * Speed up softwarechannel_removepackages (bsc#1227606) * Fix error in 'kickstart_delete' when using wildcards (bsc#1227578) * Spacecmd bootstrap now works with specified port (bsc#1229437) * Fix sls backup creation as directory with spacecmd (bsc#1230745) uyuni-common-libs: * Version 5.0.5-0 * Enforce directory permissions at repo-sync when creating directories (bsc#1229260) uyuni-tools: * version 0.1.23-0 * Ensure namespace is defined in all kubernetes commands * Use SCC credentials to authenticate against registry.suse.com for kubernetes (bsc#1231157) * Fix namespace usage on mgrctl cp command * version 0.1.22-0 * Set projectId also for test packages/images * mgradm migration should not pull Confidential Computing and Hub image is replicas == 0 (bsc#1229432, bsc#1230136) * Do not allow SUSE Manager downgrade * Prevent completion issue when /var/log/uyuni-tools.log is missing * Fix proxy shared volume flag * During migration, exclude mgr-sync configuration file (bsc#1228685) * Migrate from PostgreSQL 14 to PostgreSQL 16 pg_hba.conf and postgresql.conf files (bsc#1231206) * During migration, handle empty autoinstallation path (bsc#1230285) * During migration, handle symlinks (bsc#1230288) * During migration, trust the remote sender's file list (bsc#1228424) * Use SCC flags during podman pull * Restore SELinux permission after migration (bsc#1229501) * Share volumes between containers (bsc#1223142) * Save supportconfig in current directory (bsc#1226759) * Fix error code handling on reinstallation (bsc#1230139) * Fix creating first user and organization * Add missing variable quotes for install vars (bsc#1229108) * Add API login and logout calls to allow persistent login Changes that only impact SUSE Manager 4.3: mgr-daemon: * Version 4.3.11-0 * Update translation strings spacewalk-client-tools: * Version 4.3.21-0 * Update translation strings ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4011=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4011=1 * SUSE Manager Client Tools for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-2024-4011=1 * SUSE Manager Client Tools for SLE Micro 5 zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2024-4011=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-4011=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-4011=1 * SUSE Manager Proxy 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2024-4011=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-4011=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-promu-0.16.0-150000.3.21.4 * wire-debuginfo-0.6.0-150000.1.17.4 * golang-github-lusitaniae-apache_exporter-debuginfo-1.0.8-150000.1.23.3 * golang-github-lusitaniae-apache_exporter-1.0.8-150000.1.23.3 * wire-0.6.0-150000.1.17.4 * openSUSE Leap 15.5 (noarch) * spacecmd-5.0.10-150000.3.127.3 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-promu-0.16.0-150000.3.21.4 * wire-debuginfo-0.6.0-150000.1.17.4 * golang-github-lusitaniae-apache_exporter-debuginfo-1.0.8-150000.1.23.3 * golang-github-lusitaniae-apache_exporter-1.0.8-150000.1.23.3 * wire-0.6.0-150000.1.17.4 * openSUSE Leap 15.6 (noarch) * spacecmd-5.0.10-150000.3.127.3 * SUSE Manager Client Tools for SLE 15 (aarch64 ppc64le s390x x86_64) * mgrctl-debuginfo-0.1.23-150000.1.13.3 * mgrctl-0.1.23-150000.1.13.3 * golang-github-lusitaniae-apache_exporter-debuginfo-1.0.8-150000.1.23.3 * golang-github-lusitaniae-apache_exporter-1.0.8-150000.1.23.3 * python3-uyuni-common-libs-5.0.5-150000.1.45.3 * SUSE Manager Client Tools for SLE 15 (noarch) * mgrctl-zsh-completion-0.1.23-150000.1.13.3 * python3-spacewalk-client-setup-4.3.21-150000.3.97.4 * python3-spacewalk-check-4.3.21-150000.3.97.4 * spacewalk-client-tools-4.3.21-150000.3.97.4 * mgr-daemon-4.3.11-150000.1.53.5 * spacecmd-5.0.10-150000.3.127.3 * spacewalk-check-4.3.21-150000.3.97.4 * python3-spacewalk-client-tools-4.3.21-150000.3.97.4 * mgrctl-lang-0.1.23-150000.1.13.3 * mgrctl-bash-completion-0.1.23-150000.1.13.3 * spacewalk-client-setup-4.3.21-150000.3.97.4 * SUSE Manager Client Tools for SLE Micro 5 (aarch64 s390x x86_64) * mgrctl-0.1.23-150000.1.13.3 * mgrctl-debuginfo-0.1.23-150000.1.13.3 * SUSE Manager Client Tools for SLE Micro 5 (noarch) * mgrctl-lang-0.1.23-150000.1.13.3 * mgrctl-bash-completion-0.1.23-150000.1.13.3 * mgrctl-zsh-completion-0.1.23-150000.1.13.3 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-promu-0.16.0-150000.3.21.4 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-promu-0.16.0-150000.3.21.4 * SUSE Manager Proxy 4.3 Module 4.3 (aarch64 ppc64le s390x x86_64) * golang-github-lusitaniae-apache_exporter-1.0.8-150000.1.23.3 * golang-github-lusitaniae-apache_exporter-debuginfo-1.0.8-150000.1.23.3 * SUSE Manager Server 4.3 Module 4.3 (aarch64 ppc64le s390x x86_64) * golang-github-lusitaniae-apache_exporter-1.0.8-150000.1.23.3 * golang-github-lusitaniae-apache_exporter-debuginfo-1.0.8-150000.1.23.3 ## References: * https://www.suse.com/security/cve/CVE-2023-3978.html * https://bugzilla.suse.com/show_bug.cgi?id=1213933 * https://bugzilla.suse.com/show_bug.cgi?id=1223142 * https://bugzilla.suse.com/show_bug.cgi?id=1226759 * https://bugzilla.suse.com/show_bug.cgi?id=1227341 * https://bugzilla.suse.com/show_bug.cgi?id=1227578 * https://bugzilla.suse.com/show_bug.cgi?id=1227606 * https://bugzilla.suse.com/show_bug.cgi?id=1228424 * https://bugzilla.suse.com/show_bug.cgi?id=1228685 * https://bugzilla.suse.com/show_bug.cgi?id=1229108 * https://bugzilla.suse.com/show_bug.cgi?id=1229260 * https://bugzilla.suse.com/show_bug.cgi?id=1229432 * https://bugzilla.suse.com/show_bug.cgi?id=1229437 * https://bugzilla.suse.com/show_bug.cgi?id=1229501 * https://bugzilla.suse.com/show_bug.cgi?id=1230136 * https://bugzilla.suse.com/show_bug.cgi?id=1230139 * https://bugzilla.suse.com/show_bug.cgi?id=1230285 * https://bugzilla.suse.com/show_bug.cgi?id=1230288 * https://bugzilla.suse.com/show_bug.cgi?id=1230745 * https://bugzilla.suse.com/show_bug.cgi?id=1231157 * https://bugzilla.suse.com/show_bug.cgi?id=1231206 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:34:49 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Nov 2024 16:34:49 -0000 Subject: SUSE-SU-2024:4010-1: moderate: Security update for SUSE Manager Client Tools Message-ID: <173194768939.4943.15019201387590113463@smelt2.prg2.suse.org> # Security update for SUSE Manager Client Tools Announcement ID: SUSE-SU-2024:4010-1 Release Date: 2024-11-18T13:22:18Z Rating: moderate References: * bsc#1213933 * bsc#1223142 * bsc#1226759 * bsc#1227341 * bsc#1227578 * bsc#1227606 * bsc#1228424 * bsc#1228685 * bsc#1229108 * bsc#1229260 * bsc#1229432 * bsc#1229437 * bsc#1229501 * bsc#1230136 * bsc#1230139 * bsc#1230285 * bsc#1230288 * bsc#1230623 * bsc#1230745 * bsc#1231157 * bsc#1231206 * jsc#MSQA-863 Cross-References: * CVE-2023-3978 CVSS scores: * CVE-2023-3978 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2023-3978 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise Desktop 12 * SUSE Linux Enterprise Desktop 12 SP1 * SUSE Linux Enterprise Desktop 12 SP2 * SUSE Linux Enterprise Desktop 12 SP3 * SUSE Linux Enterprise Desktop 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 * SUSE Manager Client Tools for SLE 12 An update that solves one vulnerability, contains one feature and has 20 security fixes can now be installed. ## Description: This update fixes the following issues: golang-github-lusitaniae-apache_exporter: * Security issues fixed: * CVE-2023-3978: Fixed security bug in x/net dependency (bsc#1213933) * Other changes and issues fixed: * Delete unpackaged debug files for RHEL * Do not include source files in the package for RHEL 9 * Require Go 1.20 when building for RedHat derivatives * Drop EnvironmentFile from the service definition * Explicitly unset $ARGS environment variable. Setting environment variables should be done in drop-in systemd configuration files. * Drop go_nostrip macro. It is not needed with current binutils and Go. * Migrate from `disabled` to `manual` source service type * Drop BuildRequires: golang-packaging * Upgrade to version 1.0.8 (bsc#1227341) * Update prometheus/client_golang to version 1.19.1 * Update x/net to version 0.23.0 * Upgrade to version 1.0.7 * Update protobuf to version 1.33.0 * Update prometheus/client_golang to version 1.19.0 * Update prometheus/common to version 0.46.0 * Standardize landing page * Upgrade to version 1.0.6 * Update prometheus/exporter-toolkit to version 0.11.0 * Update prometheus/client_golang to version 1.18.0 * Add User-Agent header * Upgrade to version 1.0.4 * Update x/crypto to version 0.17.0 * Update alecthomas/kingpin/v2 to version 2.4.0 * Update prometheus/common to version 0.45.0 * Upgrade to version 1.0.3 * Update prometheus/client_golang to version 1.17.0 * Update x/net 0.17.0 * Upgrade to version 1.0.1 * Update prometheus/exporter-toolkit to version 0.10.0 * Update prometheus/common to version 0.44.0 * Update prometheus/client_golang to version 1.16.0 golang-github-prometheus-promu: * Require Go >= 1.21 for building * Packaging improvements: * Drop export CGO_ENABLED="0". Use the default unless there is a defined requirement or benefit (bsc#1230623). * Update to version 0.16.0: * Do not discover user/host for reproducible builds * Fix example/prometheus build error * Update to version 0.15.0: * Add linux/riscv64 to default platforms * Use yaml.Unmarshalstrict to validate configuration files spacecmd: * Version 5.0.10-0 * Speed up softwarechannel_removepackages (bsc#1227606) * Fix error in 'kickstart_delete' when using wildcards (bsc#1227578) * Spacecmd bootstrap now works with specified port (bsc#1229437) * Fix sls backup creation as directory with spacecmd (bsc#1230745) uyuni-common-libs: * Version 5.0.5-0 * Enforce directory permissions at repo-sync when creating directories (bsc#1229260) uyuni-tools: * Version 0.1.23-0 * Ensure namespace is defined in all kubernetes commands * Use SCC credentials to authenticate against registry.suse.com for kubernetes (bsc#1231157) * Fix namespace usage on mgrctl cp command * Version 0.1.22-0 * Set projectId also for test packages/images * mgradm migration should not pull Confidential Computing and Hub image is replicas == 0 (bsc#1229432, bsc#1230136) * Do not allow SUSE Manager downgrade * Prevent completion issue when /var/log/uyuni-tools.log is missing * Fix proxy shared volume flag * During migration, exclude mgr-sync configuration file (bsc#1228685) * Migrate from PostgreSQL 14 to PostgreSQL 16 pg_hba.conf and postgresql.conf files (bsc#1231206) * During migration, handle empty autoinstallation path (bsc#1230285) * During migration, handle symlinks (bsc#1230288) * During migration, trust the remote sender's file list (bsc#1228424) * Use SCC flags during podman pull * Restore SELinux permission after migration (bsc#1229501) * Share volumes between containers (bsc#1223142) * Save supportconfig in current directory (bsc#1226759) * Fix error code handling on reinstallation (bsc#1230139) * Fix creating first user and organization * Add missing variable quotes for install vars (bsc#1229108) * Add API login and logout calls to allow persistent login Changes that only impact SUSE Manager 4.3: mgr-daemon: * Version 4.3.11-0 * Update translation strings spacewalk-client-tools: * Version 4.3.21-0 * Update translation strings ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 12 zypper in -t patch SUSE-SLE-Manager-Tools-12-2024-4010=1 ## Package List: * SUSE Manager Client Tools for SLE 12 (aarch64 ppc64le s390x x86_64) * golang-github-lusitaniae-apache_exporter-1.0.8-1.24.3 * mgrctl-0.1.23-1.13.2 * golang-github-prometheus-promu-0.16.0-1.21.3 * mgrctl-debuginfo-0.1.23-1.13.2 * python2-uyuni-common-libs-5.0.5-1.45.2 * SUSE Manager Client Tools for SLE 12 (noarch) * python2-spacewalk-client-setup-4.3.21-52.104.2 * spacecmd-5.0.10-38.150.2 * mgrctl-zsh-completion-0.1.23-1.13.2 * spacewalk-client-tools-4.3.21-52.104.2 * python2-spacewalk-check-4.3.21-52.104.2 * spacewalk-client-setup-4.3.21-52.104.2 * mgr-daemon-4.3.11-1.53.2 * mgrctl-bash-completion-0.1.23-1.13.2 * spacewalk-check-4.3.21-52.104.2 * python2-spacewalk-client-tools-4.3.21-52.104.2 ## References: * https://www.suse.com/security/cve/CVE-2023-3978.html * https://bugzilla.suse.com/show_bug.cgi?id=1213933 * https://bugzilla.suse.com/show_bug.cgi?id=1223142 * https://bugzilla.suse.com/show_bug.cgi?id=1226759 * https://bugzilla.suse.com/show_bug.cgi?id=1227341 * https://bugzilla.suse.com/show_bug.cgi?id=1227578 * https://bugzilla.suse.com/show_bug.cgi?id=1227606 * https://bugzilla.suse.com/show_bug.cgi?id=1228424 * https://bugzilla.suse.com/show_bug.cgi?id=1228685 * https://bugzilla.suse.com/show_bug.cgi?id=1229108 * https://bugzilla.suse.com/show_bug.cgi?id=1229260 * https://bugzilla.suse.com/show_bug.cgi?id=1229432 * https://bugzilla.suse.com/show_bug.cgi?id=1229437 * https://bugzilla.suse.com/show_bug.cgi?id=1229501 * https://bugzilla.suse.com/show_bug.cgi?id=1230136 * https://bugzilla.suse.com/show_bug.cgi?id=1230139 * https://bugzilla.suse.com/show_bug.cgi?id=1230285 * https://bugzilla.suse.com/show_bug.cgi?id=1230288 * https://bugzilla.suse.com/show_bug.cgi?id=1230623 * https://bugzilla.suse.com/show_bug.cgi?id=1230745 * https://bugzilla.suse.com/show_bug.cgi?id=1231157 * https://bugzilla.suse.com/show_bug.cgi?id=1231206 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:34:58 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Nov 2024 16:34:58 -0000 Subject: SUSE-SU-2024:4009-1: critical: Maintenance update for SUSE Manager 5.0: Server, Proxy and Retail Branch Server Message-ID: <173194769874.4943.8516404648296675163@smelt2.prg2.suse.org> # Maintenance update for SUSE Manager 5.0: Server, Proxy and Retail Branch Server Announcement ID: SUSE-SU-2024:4009-1 Release Date: 2024-11-18T13:21:54Z Rating: critical References: * bsc#1228945 * bsc#1229077 * bsc#1229923 * bsc#1230255 * bsc#1230536 * bsc#1231332 * bsc#1231568 * bsc#1231852 * bsc#1231900 * bsc#1231922 * jsc#MSQA-863 Cross-References: * CVE-2024-47533 * CVE-2024-49502 * CVE-2024-49503 CVSS scores: * CVE-2024-47533 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49502 ( SUSE ): 4.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-49502 ( SUSE ): 3.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N * CVE-2024-49503 ( SUSE ): 4.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-49503 ( SUSE ): 3.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise Micro 5.5 * SUSE Manager Proxy 5.0 Extension 5.0 * SUSE Manager Retail Branch Server 5.0 Extension 5.0 * SUSE Manager Server 5.0 Extension 5.0 An update that solves three vulnerabilities, contains one feature and has seven security fixes can now be installed. ## Recommended update for SUSE Manager Proxy 5.0 ### Description: This update fixes the following issues: proxy-httpd-image: * Version 5.0.8 * Store Proxy FQDN in rhn.conf for auth token use (bsc#1230255) proxy-salt-broker-image: * Version 5.0.8 * Update for next release proxy-squid-image: * Version 5.0.8 * Update for next release proxy-ssh-image: * Version 5.0.8 * Update for next release proxy-tftpd-image: * Version 5.0.8 * Update for next release ## Recommended update for SUSE Manager Retail Branch Server 5.0 ### Description: This update fixes the following issues: proxy-httpd-image: * Version 5.0.8 * Store Proxy FQDN in rhn.conf for auth token use (bsc#1230255) proxy-salt-broker-image: * Version 5.0.8 * Update for next release proxy-squid-image: * Version 5.0.8 * Update for next release proxy-ssh-image: * Version 5.0.8 * Update for next release proxy-tftpd-image: * Version 5.0.8 * Update for next release ## Security update for SUSE Manager Server 5.0 ### Description: This update fixes the following issues: server-attestation-image: * Version 5.0.6 * Update for next release server-hub-xmlrpc-api-image: * Version 5.0.8 * Update for next release server-image: * Version 5.0.9 * Add HANA and cluster formulas to Server image (bsc#1230536) * Use /etc/krb5.conf.d for all kerberos related configurations (bsc#1229077) * Do not install outdated package "spacewalk-utils-extras" on Server image (bsc#1228945) * Fix package name search when syncing volumes data (bsc#1229923) server-migration-14-16-image: * Version 5.0.9 * Update for next release susemanager-sync-data: * Version 5.0.8-0 * Add SUSE Linux Enterprise 15 SP5 LTSS channel families * Add MicroOS PPC channel family * Set Ubuntu 22.04 to released * Version 5.0.7-0 * Add Ubuntu 24.04 support * Add channel family for SLES 12 SP5 LTSS Extended Security ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 5.0 Extension 5.0 zypper in -t patch SUSE-SUSE-Manager-Proxy-5.0-2024-4009=1 * SUSE Manager Retail Branch Server 5.0 Extension 5.0 zypper in -t patch SUSE-SUSE-Manager-Retail-Branch-Server-5.0-2024-4009=1 * SUSE Manager Server 5.0 Extension 5.0 zypper in -t patch SUSE-SUSE-Manager-Server-5.0-2024-4009=1 ## Package List: * SUSE Manager Proxy 5.0 Extension 5.0 (aarch64) * suse-manager-5.0-aarch64-proxy-ssh-image-5.0.2-7.6.9 * suse-manager-5.0-aarch64-proxy-squid-image-5.0.2-7.6.11 * suse-manager-5.0-aarch64-proxy-httpd-image-5.0.2-7.6.29 * suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.2-7.6.9 * suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.2-7.6.30 * SUSE Manager Proxy 5.0 Extension 5.0 (ppc64le) * suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.2-7.6.30 * suse-manager-5.0-ppc64le-proxy-squid-image-5.0.2-7.6.11 * suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.2-7.6.9 * suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.2-7.6.29 * suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.2-7.6.9 * SUSE Manager Proxy 5.0 Extension 5.0 (s390x) * suse-manager-5.0-s390x-proxy-ssh-image-5.0.2-7.6.9 * suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.2-7.6.30 * suse-manager-5.0-s390x-proxy-httpd-image-5.0.2-7.6.29 * suse-manager-5.0-s390x-proxy-squid-image-5.0.2-7.6.11 * suse-manager-5.0-s390x-proxy-tftpd-image-5.0.2-7.6.9 * SUSE Manager Proxy 5.0 Extension 5.0 (x86_64) * suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.2-7.6.9 * suse-manager-5.0-x86_64-proxy-ssh-image-5.0.2-7.6.9 * suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.2-7.6.30 * suse-manager-5.0-x86_64-proxy-squid-image-5.0.2-7.6.11 * suse-manager-5.0-x86_64-proxy-httpd-image-5.0.2-7.6.29 * SUSE Manager Retail Branch Server 5.0 Extension 5.0 (aarch64) * suse-manager-5.0-aarch64-proxy-ssh-image-5.0.2-7.6.9 * suse-manager-5.0-aarch64-proxy-squid-image-5.0.2-7.6.11 * suse-manager-5.0-aarch64-proxy-httpd-image-5.0.2-7.6.29 * suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.2-7.6.9 * suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.2-7.6.30 * SUSE Manager Retail Branch Server 5.0 Extension 5.0 (ppc64le) * suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.2-7.6.30 * suse-manager-5.0-ppc64le-proxy-squid-image-5.0.2-7.6.11 * suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.2-7.6.9 * suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.2-7.6.29 * suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.2-7.6.9 * SUSE Manager Retail Branch Server 5.0 Extension 5.0 (s390x) * suse-manager-5.0-s390x-proxy-ssh-image-5.0.2-7.6.9 * suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.2-7.6.30 * suse-manager-5.0-s390x-proxy-httpd-image-5.0.2-7.6.29 * suse-manager-5.0-s390x-proxy-squid-image-5.0.2-7.6.11 * suse-manager-5.0-s390x-proxy-tftpd-image-5.0.2-7.6.9 * SUSE Manager Retail Branch Server 5.0 Extension 5.0 (x86_64) * suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.2-7.6.9 * suse-manager-5.0-x86_64-proxy-ssh-image-5.0.2-7.6.9 * suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.2-7.6.30 * suse-manager-5.0-x86_64-proxy-squid-image-5.0.2-7.6.11 * suse-manager-5.0-x86_64-proxy-httpd-image-5.0.2-7.6.29 * SUSE Manager Server 5.0 Extension 5.0 (aarch64) * suse-manager-5.0-aarch64-server-image-5.0.2-7.6.32 * suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.2-7.6.25 * suse-manager-5.0-aarch64-server-attestation-image-5.0.2-6.6.9 * suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.2-6.6.12 * SUSE Manager Server 5.0 Extension 5.0 (ppc64le) * suse-manager-5.0-ppc64le-server-image-5.0.2-7.6.32 * suse-manager-5.0-ppc64le-server-attestation-image-5.0.2-6.6.9 * suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.2-6.6.12 * suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.2-7.6.25 * SUSE Manager Server 5.0 Extension 5.0 (s390x) * suse-manager-5.0-s390x-server-migration-14-16-image-5.0.2-7.6.25 * suse-manager-5.0-s390x-server-attestation-image-5.0.2-6.6.9 * suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.2-6.6.12 * suse-manager-5.0-s390x-server-image-5.0.2-7.6.32 * SUSE Manager Server 5.0 Extension 5.0 (x86_64) * suse-manager-5.0-x86_64-server-image-5.0.2-7.6.32 * suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.2-6.6.12 * suse-manager-5.0-x86_64-server-attestation-image-5.0.2-6.6.9 * suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.2-7.6.25 ## References: * https://www.suse.com/security/cve/CVE-2024-47533.html * https://www.suse.com/security/cve/CVE-2024-49502.html * https://www.suse.com/security/cve/CVE-2024-49503.html * https://bugzilla.suse.com/show_bug.cgi?id=1228945 * https://bugzilla.suse.com/show_bug.cgi?id=1229077 * https://bugzilla.suse.com/show_bug.cgi?id=1229923 * https://bugzilla.suse.com/show_bug.cgi?id=1230255 * https://bugzilla.suse.com/show_bug.cgi?id=1230536 * https://bugzilla.suse.com/show_bug.cgi?id=1231332 * https://bugzilla.suse.com/show_bug.cgi?id=1231568 * https://bugzilla.suse.com/show_bug.cgi?id=1231852 * https://bugzilla.suse.com/show_bug.cgi?id=1231900 * https://bugzilla.suse.com/show_bug.cgi?id=1231922 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:35:57 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Nov 2024 16:35:57 -0000 Subject: SUSE-SU-2024:4007-1: critical: Maintenance update for SUSE Manager 4.3 Release Notes Message-ID: <173194775754.4943.16520155430282253622@smelt2.prg2.suse.org> # Maintenance update for SUSE Manager 4.3 Release Notes Announcement ID: SUSE-SU-2024:4007-1 Release Date: 2024-11-18T13:20:16Z Rating: critical References: * bsc#1146701 * bsc#1211899 * bsc#1212985 * bsc#1217003 * bsc#1217338 * bsc#1217978 * bsc#1218090 * bsc#1219450 * bsc#1219645 * bsc#1219887 * bsc#1221435 * bsc#1221505 * bsc#1223312 * bsc#1223988 * bsc#1224108 * bsc#1224209 * bsc#1225603 * bsc#1225619 * bsc#1225960 * bsc#1226090 * bsc#1226439 * bsc#1226461 * bsc#1226478 * bsc#1226687 * bsc#1226917 * bsc#1227133 * bsc#1227334 * bsc#1227406 * bsc#1227526 * bsc#1227543 * bsc#1227599 * bsc#1227606 * bsc#1227746 * bsc#1228036 * bsc#1228101 * bsc#1228130 * bsc#1228147 * bsc#1228286 * bsc#1228326 * bsc#1228345 * bsc#1228412 * bsc#1228545 * bsc#1228638 * bsc#1228851 * bsc#1228945 * bsc#1229079 * bsc#1229178 * bsc#1229260 * bsc#1229339 * bsc#1231332 * bsc#1231852 * bsc#1231900 * bsc#1231922 * jsc#MSQA-863 Cross-References: * CVE-2024-47533 * CVE-2024-49502 * CVE-2024-49503 CVSS scores: * CVE-2024-47533 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49502 ( SUSE ): 4.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-49502 ( SUSE ): 3.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N * CVE-2024-49503 ( SUSE ): 4.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-49503 ( SUSE ): 3.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves three vulnerabilities, contains one feature and has 50 security fixes can now be installed. ## Recommended update for SUSE Manager Proxy and Retail Branch Server 4.3 ### Description: This update fixes the following issues: release-notes-susemanager-proxy: * Update to SUSE Manager 4.3.14 * Bugs mentioned: bsc#1217003, bsc#1221505, bsc#1225619, bsc#1225960, bsc#1226917 bsc#1227606, bsc#1228036, bsc#1228345, bsc#1228851, bsc#1229079 bsc#1229260, bsc#1229339 ## Security update for SUSE Manager Server 4.3 ### Description: This update fixes the following issues: release-notes-susemanager: * Update to SUSE Manager 4.3.14 * Ubuntu 24.04 support as client * Product migration from RHEL and Clones to SUSE Liberty Linux * POS image templates now produce compressed images * Date format for API endpoints has been changed to ISO-8601 format * Security issues fixed: CVE-2024-47533, CVE-2024-49502, CVE-2024-49503 * Bugs mentioned: bsc#1146701, bsc#1211899, bsc#1212985, bsc#1217003, bsc#1217338 bsc#1217978, bsc#1218090, bsc#1219450, bsc#1219645, bsc#1219887 bsc#1221435, bsc#1221505, bsc#1223312, bsc#1223988, bsc#1224108 bsc#1224209, bsc#1225603, bsc#1225619, bsc#1225960, bsc#1226090 bsc#1226439, bsc#1226461, bsc#1226478, bsc#1226687, bsc#1226917 bsc#1227133, bsc#1227334, bsc#1227406, bsc#1227526, bsc#1227543 bsc#1227599, bsc#1227606, bsc#1227746, bsc#1228036, bsc#1228101 bsc#1228130, bsc#1228147, bsc#1228286, bsc#1228326, bsc#1228345 bsc#1228412, bsc#1228545, bsc#1228638, bsc#1228851, bsc#1228945 bsc#1229079, bsc#1229178, bsc#1229260, bsc#1229339, bsc#1231332 bsc#1231852, bsc#1231922, bsc#1231900 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4007=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4007=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4007=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4007=1 ## Package List: * openSUSE Leap 15.4 (noarch) * release-notes-susemanager-proxy-4.3.14-150400.3.90.1 * release-notes-susemanager-4.3.14-150400.3.122.1 * SUSE Manager Proxy 4.3 (noarch) * release-notes-susemanager-proxy-4.3.14-150400.3.90.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * release-notes-susemanager-proxy-4.3.14-150400.3.90.1 * SUSE Manager Server 4.3 (noarch) * release-notes-susemanager-4.3.14-150400.3.122.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47533.html * https://www.suse.com/security/cve/CVE-2024-49502.html * https://www.suse.com/security/cve/CVE-2024-49503.html * https://bugzilla.suse.com/show_bug.cgi?id=1146701 * https://bugzilla.suse.com/show_bug.cgi?id=1211899 * https://bugzilla.suse.com/show_bug.cgi?id=1212985 * https://bugzilla.suse.com/show_bug.cgi?id=1217003 * https://bugzilla.suse.com/show_bug.cgi?id=1217338 * https://bugzilla.suse.com/show_bug.cgi?id=1217978 * https://bugzilla.suse.com/show_bug.cgi?id=1218090 * https://bugzilla.suse.com/show_bug.cgi?id=1219450 * https://bugzilla.suse.com/show_bug.cgi?id=1219645 * https://bugzilla.suse.com/show_bug.cgi?id=1219887 * https://bugzilla.suse.com/show_bug.cgi?id=1221435 * https://bugzilla.suse.com/show_bug.cgi?id=1221505 * https://bugzilla.suse.com/show_bug.cgi?id=1223312 * https://bugzilla.suse.com/show_bug.cgi?id=1223988 * https://bugzilla.suse.com/show_bug.cgi?id=1224108 * https://bugzilla.suse.com/show_bug.cgi?id=1224209 * https://bugzilla.suse.com/show_bug.cgi?id=1225603 * https://bugzilla.suse.com/show_bug.cgi?id=1225619 * https://bugzilla.suse.com/show_bug.cgi?id=1225960 * https://bugzilla.suse.com/show_bug.cgi?id=1226090 * https://bugzilla.suse.com/show_bug.cgi?id=1226439 * https://bugzilla.suse.com/show_bug.cgi?id=1226461 * https://bugzilla.suse.com/show_bug.cgi?id=1226478 * https://bugzilla.suse.com/show_bug.cgi?id=1226687 * https://bugzilla.suse.com/show_bug.cgi?id=1226917 * https://bugzilla.suse.com/show_bug.cgi?id=1227133 * https://bugzilla.suse.com/show_bug.cgi?id=1227334 * https://bugzilla.suse.com/show_bug.cgi?id=1227406 * https://bugzilla.suse.com/show_bug.cgi?id=1227526 * https://bugzilla.suse.com/show_bug.cgi?id=1227543 * https://bugzilla.suse.com/show_bug.cgi?id=1227599 * https://bugzilla.suse.com/show_bug.cgi?id=1227606 * https://bugzilla.suse.com/show_bug.cgi?id=1227746 * https://bugzilla.suse.com/show_bug.cgi?id=1228036 * https://bugzilla.suse.com/show_bug.cgi?id=1228101 * https://bugzilla.suse.com/show_bug.cgi?id=1228130 * https://bugzilla.suse.com/show_bug.cgi?id=1228147 * https://bugzilla.suse.com/show_bug.cgi?id=1228286 * https://bugzilla.suse.com/show_bug.cgi?id=1228326 * https://bugzilla.suse.com/show_bug.cgi?id=1228345 * https://bugzilla.suse.com/show_bug.cgi?id=1228412 * https://bugzilla.suse.com/show_bug.cgi?id=1228545 * https://bugzilla.suse.com/show_bug.cgi?id=1228638 * https://bugzilla.suse.com/show_bug.cgi?id=1228851 * https://bugzilla.suse.com/show_bug.cgi?id=1228945 * https://bugzilla.suse.com/show_bug.cgi?id=1229079 * https://bugzilla.suse.com/show_bug.cgi?id=1229178 * https://bugzilla.suse.com/show_bug.cgi?id=1229260 * https://bugzilla.suse.com/show_bug.cgi?id=1229339 * https://bugzilla.suse.com/show_bug.cgi?id=1231332 * https://bugzilla.suse.com/show_bug.cgi?id=1231852 * https://bugzilla.suse.com/show_bug.cgi?id=1231900 * https://bugzilla.suse.com/show_bug.cgi?id=1231922 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:36:41 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 18 Nov 2024 16:36:41 -0000 Subject: SUSE-SU-2024:4006-1: critical: Maintenance update for SUSE Manager 4.3: Server, Proxy and Retail Branch Server Message-ID: <173194780126.4943.7839229889342576237@smelt2.prg2.suse.org> # Maintenance update for SUSE Manager 4.3: Server, Proxy and Retail Branch Server Announcement ID: SUSE-SU-2024:4006-1 Release Date: 2024-11-18T13:20:05Z Rating: critical References: * bsc#1146701 * bsc#1211899 * bsc#1212985 * bsc#1217003 * bsc#1217338 * bsc#1217978 * bsc#1218090 * bsc#1219450 * bsc#1219645 * bsc#1219887 * bsc#1221435 * bsc#1221505 * bsc#1223312 * bsc#1223988 * bsc#1224108 * bsc#1224209 * bsc#1225603 * bsc#1225619 * bsc#1225960 * bsc#1226090 * bsc#1226439 * bsc#1226461 * bsc#1226478 * bsc#1226687 * bsc#1226917 * bsc#1227133 * bsc#1227334 * bsc#1227406 * bsc#1227526 * bsc#1227543 * bsc#1227599 * bsc#1227606 * bsc#1227746 * bsc#1228036 * bsc#1228101 * bsc#1228130 * bsc#1228147 * bsc#1228286 * bsc#1228326 * bsc#1228345 * bsc#1228412 * bsc#1228545 * bsc#1228638 * bsc#1228851 * bsc#1228945 * bsc#1229079 * bsc#1229178 * bsc#1229260 * bsc#1229339 * bsc#1231332 * bsc#1231852 * bsc#1231900 * bsc#1231922 * jsc#MSQA-863 Cross-References: * CVE-2024-47533 * CVE-2024-49502 * CVE-2024-49503 CVSS scores: * CVE-2024-47533 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49502 ( SUSE ): 4.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-49502 ( SUSE ): 3.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N * CVE-2024-49503 ( SUSE ): 4.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-49503 ( SUSE ): 3.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.0 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Client Tools for SLE 15 * SUSE Manager Client Tools for SLE Micro 5 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 Module 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that solves three vulnerabilities, contains one feature and has 50 security fixes can now be installed. ## Security update for SUSE Manager Proxy and Retail Branch Server 4.3 ### Description: This update fixes the following issues: mgr-daemon: * Version 4.3.11-0 * Update translation strings spacecmd: * Version 4.3.29-0 * Speed up softwarechannel_removepackages (bsc#1227606) spacewalk-backend: * Version 4.3.30-0 * Make ISSv1 timezone independent (bsc#1221505) * reposync: introduce timeout when syncing DEB channels (bsc#1225960) * yum_src: use proper name variable name for subprocess.TimeoutExpired * Check and populate PTF attributes at the time of importing packages (bsc#1225619) * reposync: import GPG keys to RPM DB individually (bsc#1217003) * Add log string to the journal when services are stopped because of insufficient disk space spacewalk-certs-tools: * Version 4.3.26-0 * Fix private key format in jabberd certificate file (bsc#1228851) * Fix parsing Authority Key Identifier when keyid is not prefixed (bsc#1229079) * Support multiple certificates for root-ca-file and server-cert-file spacewalk-client-tools: * Version 4.3.21-0 * Update translation strings spacewalk-proxy: * Version 4.3.19-0 * Allow execute of ssh-keygen command on the Proxy to clean up SSH known_hosts (bsc#1228345) spacewalk-web: * Security issues fixed: * Version 4.3.42-0 * CVE-2024-49503: Escape organization credentials username to mitigate XSS vulnerability (bsc#1231922) * Version 4.3.41-0 * CVE-2024-49502: Validate proxy hostname format and escape proxy username to mitigate XSS vulnerabilities (bsc#1231852) * Bugs fixed: * Version 4.3.40-0 * Fix channel selection using SSM (bsc#1226917) * Fix datetime selection when using maintenance windows (bsc#1228036) susemanager-build-keys: * Extended 2048 bit SUSE SLE 12, 15 GA-SP5 key until 2028. (bsc#1229339) uyuni-common-libs: * Version 4.3.11-0 * Enforce directory permissions at repo-sync when creating directories (bsc#1229260) * Make ISSv1 timezone independent (bsc#1221505) uyuni-proxy-systemd-services: * version 4.3.14-0 * Update to SUSE Manager 4.3.14 How to apply this update: 1. Log in as root user to the SUSE Manager Proxy or Retail Branch Server. 2. Stop the proxy service: `spacewalk-proxy stop` 3. Apply the patch using either zypper patch or YaST Online Update. 4. Start the Spacewalk service: `spacewalk-proxy start` ## Security update for SUSE Manager Server 4.3 ### Description: This update fixes the following issues: cobbler: * Security issues fixed: * CVE-2024-47533: Prevent privilege escalation from none to admin (bsc#1231332) * Other bugs fixed: * Increase start timeout for cobblerd unit (bsc#1219450) * Provide sync_single_system for DHCP modules to improve performance (bsc#1219450) * Add input_string_*, input_boolean, input_int functions to public API * Add new setting for Uyuni authentication endpoint (bsc#1219887) grafana-formula: * Version 0.11.0 * Add SLES 15 SP6 to supported versions (bsc#1228286) inter-server-sync: * Version 0.3.5-0 * Decode boolean values for export (bsc#1228545) saltboot-formula: * Update to version 0.1.1723628891.ffb1da5 * Rework request stop function to avoid unnecessary warnings (bsc#1212985) spacecmd: * Version 4.3.29-0 * Speed up softwarechannel_removepackages (bsc#1227606) spacewalk-backend: * Version 4.3.30-0 * Make ISSv1 timezone independent (bsc#1221505) * reposync: introduce timeout when syncing DEB channels (bsc#1225960) * yum_src: use proper name variable name for subprocess.TimeoutExpired * Check and populate PTF attributes at the time of importing packages (bsc#1225619) * reposync: import GPG keys to RPM DB individually (bsc#1217003) * Add log string to the journal when services are stopped because of insufficient disk space spacewalk-certs-tools: * Version 4.3.26-0 * Fix private key format in jabberd certificate file (bsc#1228851) * Fix parsing Authority Key Identifier when keyid is not prefixed (bsc#1229079) * Support multiple certificates for root-ca-file and server-cert-file spacewalk-client-tools: * Version 4.3.21-0 * Update translation strings spacewalk-config: * Version 4.3.14-0 * Trust the Content-Length header from AJP (bsc#1226439) spacewalk-java: * Version 4.3.82-0 * Limit frontend-log message size (bsc#1231900) * Version 4.3.81-0 * Add detection of Ubuntu 24.04 * Version 4.3.80-0 * Use custom select instead of errata view for better performance (bsc#1225619) * Version 4.3.79-0 * Add info URL for cobbler to clean the system profile (bsc#1219645) * Require correct scap packages for Ubuntu * Require correct scap packages for Debian 12 (bsc#1227746) * Fix finding system_checkin_threshold configuration value on Sytems Overview page (bsc#1224108) * Allow changing base channel to SUSE Liberty Linux LTSS when the system is on Liberty (bsc#1228326) * Implement product migration from RHEL and Clones to SUSE Liberty Linux * Remove system also from proxy SSH known_hosts (bsc#1228345) * Fix NullPointerException when generating subscription matcher input (bsc#1228638) * Allow free products and SUSE Manager Proxy being managed by SUSE Manager Server PAYG * Open bootstrap script directory URL in a new page (bsc#1225603) * Delay package list refresh when Salt was updated (bsc#1217978) * Add SLE Micro 5 to the list of systems which support monitoring (bsc#1227334) * Add all SLE Micro systems to the list of systems which get PTF repositories * Update last sync refresh timestamp only when at least one time products were synced before * Prevent NullPointerException when listing history events without completion time (bsc#1146701) * Autoinstallation: prevent issues with duplicate IP address due to some networks (bsc#1226461) * Improve SQL queries and performance to check for PTF packages (bsc#1225619) * Check the correct Salt package before product migration (bsc#1224209) * Fix the date format output when using the HTTP API to use ISO 8601 format (bsc#1227543) * Fix transactional update check for SL Micro (bsc#1227406) * Improve score comparison in system search to fix ISE (bsc#1228412) * Fix package profile update on CentOS 7 when yum-utils is not installed (bsc#1227133) spacewalk-utils: * Version 4.3.22-0 * Add repositories for Ubuntu 24.04 LTS * Version 4.3.21-0 * Drop unsupported tool spacewalk-final-archive as it is broken and may disclose sensitive information (bsc#1228945) spacewalk-web: * Security issues fixed: * Version 4.3.42-0 * CVE-2024-49503: Escape organization credentials username to mitigate XSS vulnerability (bsc#1231922) * Version 4.3.41-0 * CVE-2024-49502: Validate proxy hostname format and escape proxy username to mitigate XSS vulnerabilities (bsc#1231852) * Bugs fixed: * Version 4.3.40-0 * Fix channel selection using SSM (bsc#1226917) * Fix datetime selection when using maintenance windows (bsc#1228036) susemanager: * Version 4.3.39-0 * Enable bootstrapping for Ubuntu 24.04 LTS * Version 4.3.38-0 * Add missing package python3-ply to bootstrap repo definition (bsc#1228130) * Create special bootstrap data for SUSE Manager Server 4.3 with LTSS updates for Hub scenario (bsc#1211899) * Add LTSS updates to SUSE Manager Proxy 4.3 bootstrap data * Add traditional stack to boostrap repo on sles15sp6 (bsc#1228147) * Change package to libdbus-glib-1-2 on sle15sp6 (bsc#1228147) susemanager-build-keys: * Extended 2048 bit SUSE SLE 12, 15 GA-SP5 key until 2028. (bsc#1229339) susemanager-docs_en: * Documented Ubuntu 24.04 LTS as a supported client OS in Client * SUSE Manager 4.3.14 documentation update * In network ports section, deleted partially outdated image, added port 443 for clients, and removed Cobbler only used internally (bsc#1217338) * Added installer-updates.suse.com to the list of URLs in Installation and Upgrade Guide (bsc#1229178) * Enhanced instructions about the permissions for the IAM role in Public Cloud Guide * Fixed OS minor number in Client Configuration Guide (bsc#1218090) * Added warning about Package Hub (bsc#1221435) * Removed Verify Packages section from Package Management chapter in Client Configuration Guide * Added note about usernames in PAM section in Administration Guide (bsc#1227599) * Updated Content Lifecycle Management (CLM) examples for Red Hat Enterprise Linux 9 (bsc#1226687) * Added VM based proxy installation in Installation and Upgrade Guide * Fixed PostgreSQL name entity * Improved Large Deployments Guide with better tuning values and extra parameters added * Updated lists of SUSE Linux Enterprise hardening profiles in openSCAP chapter in the Administration Guide susemanager-schema: * Version 4.3.27-0 * Introduce new attributes to detect PTF packages (bsc#1225619) susemanager-sls: * Version 4.3.45-0 * Start using DEB822 format for repository sources beginning with Ubuntu 24.04 * Version 4.3.44-0 * Speed-up mgrutil.remove_ssh_known_host runner (bsc#1223312) * Implement product migration from RHEL and clones to SUSE Liberty Linux * Disable transactional-update.timer on SLEM at bootstrap * Explicitly remove old venv-minion environment when updating Python versions * sumautil: properly detect bridge interfaces (bsc#1226461) * Fix typo on directories to clean up when deleting a system (bsc#1228101) * Translate GPG URL if it has server name and client behind proxy (bsc#1223988) * Fix yum-utils package missing on CentOS7 minions (bsc#1227133) * Implement IMDSv2 for AWS instance detection (bsc#1226090) * Fix package profile update on CentOS 7 when yum-utils is not installed (bsc#1227133) * Fix parsing passwords with special characters for PostgreSQL exporter susemanager-sync-data: * Version 4.3.21-0 * Add SLES15-SP5-LTSS channel families * Add MicroOS PPC channel family * Version 4.3.20-0 * Add Ubuntu 24.04 support * Version 4.3.19-0 * Fix CentOS 7 repo urls (bsc#1227526) * Add channel family for SLES 12 SP5 LTSS Extended Security * Implement product migration from RHEL and clones to SUSE Liberty Linux uyuni-common-libs: * Version 4.3.11-0 * Enforce directory permissions at repo-sync when creating directories (bsc#1229260) * Make ISSv1 timezone independent (bsc#1221505) uyuni-reportdb-schema: * Version 4.3.11-0 * Change Errata CVE column to type text as a varchar reaches the maximum (bsc#1226478) How to apply this update: 1. Log in as root user to the SUSE Manager Server. 2. Stop the Spacewalk service: `spacewalk-service stop` 3. Apply the patch using either zypper patch or YaST Online Update. 4. Start the Spacewalk service: `spacewalk-service start` ## Recommended update for SUSE Manager Client Tools ### Description: This update fixes the following issues: uyuni-proxy-systemd-services: * version 4.3.14-0 * Update to SUSE Manager 4.3.14 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE Micro 5 zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2024-4006=1 * SUSE Manager Proxy 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2024-4006=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-4006=1 * SUSE Manager Client Tools for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-2024-4006=1 ## Package List: * SUSE Manager Client Tools for SLE Micro 5 (noarch) * uyuni-proxy-systemd-services-4.3.14-150000.1.27.4 * SUSE Manager Proxy 4.3 Module 4.3 (noarch) * spacewalk-proxy-redirect-4.3.19-150400.3.29.9 * python3-spacewalk-certs-tools-4.3.26-150400.3.36.7 * spacewalk-proxy-package-manager-4.3.19-150400.3.29.9 * spacewalk-client-tools-4.3.21-150400.3.33.11 * uyuni-proxy-systemd-services-4.3.14-150000.1.27.4 * mgr-daemon-4.3.11-150400.3.21.6 * spacewalk-base-minimal-4.3.42-150400.3.52.1 * spacewalk-backend-4.3.30-150400.3.47.16 * spacecmd-4.3.29-150400.3.42.8 * spacewalk-proxy-salt-4.3.19-150400.3.29.9 * python3-spacewalk-client-setup-4.3.21-150400.3.33.11 * python3-spacewalk-client-tools-4.3.21-150400.3.33.11 * spacewalk-certs-tools-4.3.26-150400.3.36.7 * spacewalk-client-setup-4.3.21-150400.3.33.11 * spacewalk-proxy-common-4.3.19-150400.3.29.9 * susemanager-build-keys-15.4.10-150400.3.29.4 * spacewalk-proxy-broker-4.3.19-150400.3.29.9 * susemanager-build-keys-web-15.4.10-150400.3.29.4 * python3-spacewalk-check-4.3.21-150400.3.33.11 * spacewalk-proxy-management-4.3.19-150400.3.29.9 * spacewalk-check-4.3.21-150400.3.33.11 * spacewalk-base-minimal-config-4.3.42-150400.3.52.1 * SUSE Manager Proxy 4.3 Module 4.3 (x86_64) * python3-uyuni-common-libs-4.3.11-150400.3.21.6 * SUSE Manager Server 4.3 Module 4.3 (noarch) * spacewalk-backend-sql-postgresql-4.3.30-150400.3.47.16 * spacewalk-taskomatic-4.3.82-150400.3.96.1 * spacewalk-backend-sql-4.3.30-150400.3.47.16 * spacewalk-java-4.3.82-150400.3.96.1 * susemanager-schema-utility-4.3.27-150400.3.45.11 * spacewalk-backend-config-files-common-4.3.30-150400.3.47.16 * susemanager-schema-4.3.27-150400.3.45.11 * python3-spacewalk-certs-tools-4.3.26-150400.3.36.7 * spacewalk-backend-applet-4.3.30-150400.3.47.16 * spacewalk-java-postgresql-4.3.82-150400.3.96.1 * spacewalk-backend-server-4.3.30-150400.3.47.16 * spacewalk-client-tools-4.3.21-150400.3.33.11 * susemanager-docs_en-pdf-4.3.14-150400.9.66.2 * susemanager-docs_en-4.3.14-150400.9.66.2 * spacewalk-backend-xmlrpc-4.3.30-150400.3.47.16 * spacewalk-backend-package-push-server-4.3.30-150400.3.47.16 * spacewalk-base-minimal-4.3.42-150400.3.52.1 * spacewalk-backend-config-files-4.3.30-150400.3.47.16 * spacewalk-backend-4.3.30-150400.3.47.16 * spacecmd-4.3.29-150400.3.42.8 * spacewalk-base-4.3.42-150400.3.52.1 * python3-spacewalk-client-tools-4.3.21-150400.3.33.11 * spacewalk-backend-config-files-tool-4.3.30-150400.3.47.16 * spacewalk-certs-tools-4.3.26-150400.3.36.7 * spacewalk-backend-iss-export-4.3.30-150400.3.47.16 * spacewalk-html-4.3.42-150400.3.52.1 * susemanager-build-keys-15.4.10-150400.3.29.4 * saltboot-formula-0.1.1723628891.ffb1da5-150400.3.18.4 * spacewalk-utils-4.3.22-150400.3.29.2 * susemanager-build-keys-web-15.4.10-150400.3.29.4 * spacewalk-backend-xml-export-libs-4.3.30-150400.3.47.16 * spacewalk-java-config-4.3.82-150400.3.96.1 * susemanager-sls-4.3.45-150400.3.55.4 * spacewalk-java-lib-4.3.82-150400.3.96.1 * spacewalk-backend-app-4.3.30-150400.3.47.16 * uyuni-config-modules-4.3.45-150400.3.55.4 * spacewalk-backend-iss-4.3.30-150400.3.47.16 * spacewalk-utils-extras-4.3.22-150400.3.29.2 * cobbler-3.3.3-150400.5.52.3 * spacewalk-backend-tools-4.3.30-150400.3.47.16 * susemanager-sync-data-4.3.21-150400.3.35.2 * uyuni-reportdb-schema-4.3.11-150400.3.18.12 * spacewalk-base-minimal-config-4.3.42-150400.3.52.1 * spacewalk-config-4.3.14-150400.3.18.6 * grafana-formula-0.11.0-150400.3.21.4 * SUSE Manager Server 4.3 Module 4.3 (ppc64le s390x x86_64) * susemanager-4.3.39-150400.3.58.5 * inter-server-sync-0.3.5-150400.3.36.13 * python3-uyuni-common-libs-4.3.11-150400.3.21.6 * susemanager-tools-4.3.39-150400.3.58.5 * inter-server-sync-debuginfo-0.3.5-150400.3.36.13 * SUSE Manager Client Tools for SLE 15 (noarch) * uyuni-proxy-systemd-services-4.3.14-150000.1.27.4 ## References: * https://www.suse.com/security/cve/CVE-2024-47533.html * https://www.suse.com/security/cve/CVE-2024-49502.html * https://www.suse.com/security/cve/CVE-2024-49503.html * https://bugzilla.suse.com/show_bug.cgi?id=1146701 * https://bugzilla.suse.com/show_bug.cgi?id=1211899 * https://bugzilla.suse.com/show_bug.cgi?id=1212985 * https://bugzilla.suse.com/show_bug.cgi?id=1217003 * https://bugzilla.suse.com/show_bug.cgi?id=1217338 * https://bugzilla.suse.com/show_bug.cgi?id=1217978 * https://bugzilla.suse.com/show_bug.cgi?id=1218090 * https://bugzilla.suse.com/show_bug.cgi?id=1219450 * https://bugzilla.suse.com/show_bug.cgi?id=1219645 * https://bugzilla.suse.com/show_bug.cgi?id=1219887 * https://bugzilla.suse.com/show_bug.cgi?id=1221435 * https://bugzilla.suse.com/show_bug.cgi?id=1221505 * https://bugzilla.suse.com/show_bug.cgi?id=1223312 * https://bugzilla.suse.com/show_bug.cgi?id=1223988 * https://bugzilla.suse.com/show_bug.cgi?id=1224108 * https://bugzilla.suse.com/show_bug.cgi?id=1224209 * https://bugzilla.suse.com/show_bug.cgi?id=1225603 * https://bugzilla.suse.com/show_bug.cgi?id=1225619 * https://bugzilla.suse.com/show_bug.cgi?id=1225960 * https://bugzilla.suse.com/show_bug.cgi?id=1226090 * https://bugzilla.suse.com/show_bug.cgi?id=1226439 * https://bugzilla.suse.com/show_bug.cgi?id=1226461 * https://bugzilla.suse.com/show_bug.cgi?id=1226478 * https://bugzilla.suse.com/show_bug.cgi?id=1226687 * https://bugzilla.suse.com/show_bug.cgi?id=1226917 * https://bugzilla.suse.com/show_bug.cgi?id=1227133 * https://bugzilla.suse.com/show_bug.cgi?id=1227334 * https://bugzilla.suse.com/show_bug.cgi?id=1227406 * https://bugzilla.suse.com/show_bug.cgi?id=1227526 * https://bugzilla.suse.com/show_bug.cgi?id=1227543 * https://bugzilla.suse.com/show_bug.cgi?id=1227599 * https://bugzilla.suse.com/show_bug.cgi?id=1227606 * https://bugzilla.suse.com/show_bug.cgi?id=1227746 * https://bugzilla.suse.com/show_bug.cgi?id=1228036 * https://bugzilla.suse.com/show_bug.cgi?id=1228101 * https://bugzilla.suse.com/show_bug.cgi?id=1228130 * https://bugzilla.suse.com/show_bug.cgi?id=1228147 * https://bugzilla.suse.com/show_bug.cgi?id=1228286 * https://bugzilla.suse.com/show_bug.cgi?id=1228326 * https://bugzilla.suse.com/show_bug.cgi?id=1228345 * https://bugzilla.suse.com/show_bug.cgi?id=1228412 * https://bugzilla.suse.com/show_bug.cgi?id=1228545 * https://bugzilla.suse.com/show_bug.cgi?id=1228638 * https://bugzilla.suse.com/show_bug.cgi?id=1228851 * https://bugzilla.suse.com/show_bug.cgi?id=1228945 * https://bugzilla.suse.com/show_bug.cgi?id=1229079 * https://bugzilla.suse.com/show_bug.cgi?id=1229178 * https://bugzilla.suse.com/show_bug.cgi?id=1229260 * https://bugzilla.suse.com/show_bug.cgi?id=1229339 * https://bugzilla.suse.com/show_bug.cgi?id=1231332 * https://bugzilla.suse.com/show_bug.cgi?id=1231852 * https://bugzilla.suse.com/show_bug.cgi?id=1231900 * https://bugzilla.suse.com/show_bug.cgi?id=1231922 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Nov 19 12:30:38 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Nov 2024 12:30:38 -0000 Subject: SUSE-SU-2024:4038-1: important: Security update for the Linux Kernel Message-ID: <173201943841.4943.2084049805499309379@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:4038-1 Release Date: 2024-11-19T08:50:10Z Rating: important References: * bsc#1218562 * bsc#1223016 * bsc#1223384 * bsc#1223824 * bsc#1224526 * bsc#1226557 * bsc#1226848 * bsc#1228743 * bsc#1229454 * bsc#1229456 * bsc#1231673 * bsc#1231861 * bsc#1232097 * bsc#1232187 Cross-References: * CVE-2021-47589 * CVE-2023-6270 * CVE-2024-26898 * CVE-2024-27043 * CVE-2024-35937 * CVE-2024-38599 * CVE-2024-42145 * CVE-2024-44947 * CVE-2024-47674 * CVE-2024-47757 * CVE-2024-49860 * CVE-2024-49982 CVSS scores: * CVE-2021-47589 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47589 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26898 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26898 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26898 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35937 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-38599 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-42145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47674 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47674 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47674 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47757 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47757 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47757 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49860 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49860 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49860 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49982 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Server 11 SP4 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 An update that solves 12 vulnerabilities and has two security fixes can now be installed. ## Description: The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47589: igbvf: fix double free in `igbvf_probe` (bsc#1226557). * CVE-2024-35937: wifi: cfg80211: check A-MSDU format more carefully (bsc#1224526). * CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673). * CVE-2024-47757: nilfs2: fix potential oob read in nilfs_btree_check_delete() (bsc#1232187). * CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861). The following non-security bugs were fixed: * config: Disable NILFS2 (bsc#1232187) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2024-4038=1 * SUSE Linux Enterprise Server 11 SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2024-4038=1 ## Package List: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 (nosrc x86_64) * kernel-ec2-3.0.101-108.168.1 * kernel-default-3.0.101-108.168.1 * kernel-xen-3.0.101-108.168.1 * kernel-trace-3.0.101-108.168.1 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 (x86_64) * kernel-xen-base-3.0.101-108.168.1 * kernel-syms-3.0.101-108.168.1 * kernel-xen-devel-3.0.101-108.168.1 * kernel-default-devel-3.0.101-108.168.1 * kernel-default-base-3.0.101-108.168.1 * kernel-trace-base-3.0.101-108.168.1 * kernel-ec2-base-3.0.101-108.168.1 * kernel-trace-devel-3.0.101-108.168.1 * kernel-ec2-devel-3.0.101-108.168.1 * kernel-source-3.0.101-108.168.1 * SUSE Linux Enterprise Server 11 SP4 (nosrc x86_64) * kernel-ec2-3.0.101-108.168.1 * kernel-default-3.0.101-108.168.1 * kernel-xen-3.0.101-108.168.1 * kernel-trace-3.0.101-108.168.1 * SUSE Linux Enterprise Server 11 SP4 (x86_64) * kernel-xen-base-3.0.101-108.168.1 * kernel-syms-3.0.101-108.168.1 * kernel-xen-devel-3.0.101-108.168.1 * kernel-default-devel-3.0.101-108.168.1 * kernel-default-base-3.0.101-108.168.1 * kernel-trace-base-3.0.101-108.168.1 * kernel-ec2-base-3.0.101-108.168.1 * kernel-trace-devel-3.0.101-108.168.1 * kernel-ec2-devel-3.0.101-108.168.1 * kernel-source-3.0.101-108.168.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47589.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2024-26898.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-35937.html * https://www.suse.com/security/cve/CVE-2024-38599.html * https://www.suse.com/security/cve/CVE-2024-42145.html * https://www.suse.com/security/cve/CVE-2024-44947.html * https://www.suse.com/security/cve/CVE-2024-47674.html * https://www.suse.com/security/cve/CVE-2024-47757.html * https://www.suse.com/security/cve/CVE-2024-49860.html * https://www.suse.com/security/cve/CVE-2024-49982.html * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1223016 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1224526 * https://bugzilla.suse.com/show_bug.cgi?id=1226557 * https://bugzilla.suse.com/show_bug.cgi?id=1226848 * https://bugzilla.suse.com/show_bug.cgi?id=1228743 * https://bugzilla.suse.com/show_bug.cgi?id=1229454 * https://bugzilla.suse.com/show_bug.cgi?id=1229456 * https://bugzilla.suse.com/show_bug.cgi?id=1231673 * https://bugzilla.suse.com/show_bug.cgi?id=1231861 * https://bugzilla.suse.com/show_bug.cgi?id=1232097 * https://bugzilla.suse.com/show_bug.cgi?id=1232187 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Nov 19 12:30:40 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 19 Nov 2024 12:30:40 -0000 Subject: SUSE-SU-2024:4037-1: important: Security update for bea-stax, xstream Message-ID: <173201944074.4943.16217133559301497212@smelt2.prg2.suse.org> # Security update for bea-stax, xstream Announcement ID: SUSE-SU-2024:4037-1 Release Date: 2024-11-19T08:49:45Z Rating: important References: * bsc#1233085 Cross-References: * CVE-2024-47072 CVSS scores: * CVE-2024-47072 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47072 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47072 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for bea-stax, xstream fixes the following issues: * CVE-2024-47072: Fixed possible remote denial-of-service via a stack overflow (bsc#1233085). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-4037=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-4037=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4037=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-4037=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4037=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4037=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4037=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4037=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-4037=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4037=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4037=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-4037=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4037=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4037=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4037=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4037=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-4037=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4037=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4037=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4037=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4037=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-4037=1 ## Package List: * Development Tools Module 15-SP6 (noarch) * xstream-1.4.21-150200.3.28.1 * SUSE Manager Server 4.3 Module 4.3 (noarch) * xstream-1.4.21-150200.3.28.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Manager Proxy 4.3 (noarch) * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Manager Server 4.3 (noarch) * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Enterprise Storage 7.1 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * openSUSE Leap 15.5 (noarch) * bea-stax-1.2.0-150200.11.3.1 * xstream-javadoc-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * xstream-benchmark-1.4.21-150200.3.28.1 * xstream-parent-1.4.21-150200.3.28.1 * xstream-1.4.21-150200.3.28.1 * openSUSE Leap 15.6 (noarch) * bea-stax-1.2.0-150200.11.3.1 * xstream-javadoc-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * xstream-benchmark-1.4.21-150200.3.28.1 * xstream-parent-1.4.21-150200.3.28.1 * xstream-1.4.21-150200.3.28.1 * Basesystem Module 15-SP5 (noarch) * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * Basesystem Module 15-SP6 (noarch) * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * Development Tools Module 15-SP5 (noarch) * xstream-1.4.21-150200.3.28.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47072.html * https://bugzilla.suse.com/show_bug.cgi?id=1233085 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 22 12:30:01 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 22 Nov 2024 12:30:01 -0000 Subject: SUSE-SU-2024:4042-1: important: Security update for govulncheck-vulndb Message-ID: <173227860189.4943.8150017027600678560@smelt2.prg2.suse.org> # Security update for govulncheck-vulndb Announcement ID: SUSE-SU-2024:4042-1 Release Date: 2024-11-22T10:44:15Z Rating: important References: * jsc#PED-11136 Cross-References: * CVE-2024-10389 * CVE-2024-10975 * CVE-2024-45794 * CVE-2024-48057 * CVE-2024-51735 * CVE-2024-51744 * CVE-2024-51746 CVSS scores: * CVE-2024-10389 ( NVD ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:P/VC:L/VI:H/VA:L/SC:L/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:D/RE:L/U:Green * CVE-2024-10389 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:L/I:H/A:L * CVE-2024-10975 ( NVD ): 7.7 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N * CVE-2024-45794 ( NVD ): 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L * CVE-2024-48057 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-51735 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-51744 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-51744 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2024-51744 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N * CVE-2024-51746 ( NVD ): 1.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves seven vulnerabilities and contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: * Update to version 0.0.20241112T145010 2024-11-12T14:50:10Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3250 CVE-2024-51744 GHSA-29wx-vh33-7x7r * Update to version 0.0.20241108T172500 2024-11-08T17:25:00Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3260 CVE-2024-45794 GHSA-q78v-cv36-8fxj * GO-2024-3262 CVE-2024-10975 GHSA-2w5v-x29g-jw7j * Update to version 0.0.20241106T172143 2024-11-06T17:21:43Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3251 CVE-2024-10389 GHSA-q3rp-vvm7-j8jg * GO-2024-3252 CVE-2024-51746 GHSA-8pmp-678w-c8xx * GO-2024-3253 CVE-2024-48057 GHSA-ghx4-cgxw-7h9p * GO-2024-3254 CVE-2024-51735 GHSA-wvv7-wm5v-w2gv ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4042=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4042=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-4042=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-4042=1 ## Package List: * openSUSE Leap 15.5 (noarch) * govulncheck-vulndb-0.0.20241112T145010-150000.1.17.1 * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20241112T145010-150000.1.17.1 * SUSE Package Hub 15 15-SP5 (noarch) * govulncheck-vulndb-0.0.20241112T145010-150000.1.17.1 * SUSE Package Hub 15 15-SP6 (noarch) * govulncheck-vulndb-0.0.20241112T145010-150000.1.17.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10389.html * https://www.suse.com/security/cve/CVE-2024-10975.html * https://www.suse.com/security/cve/CVE-2024-45794.html * https://www.suse.com/security/cve/CVE-2024-48057.html * https://www.suse.com/security/cve/CVE-2024-51735.html * https://www.suse.com/security/cve/CVE-2024-51744.html * https://www.suse.com/security/cve/CVE-2024-51746.html * https://jira.suse.com/browse/PED-11136 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 25 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Nov 2024 16:30:05 -0000 Subject: SUSE-SU-2024:4051-1: important: Security update for glib2 Message-ID: <173255220506.2775.3349438352928936129@smelt2.prg2.suse.org> # Security update for glib2 Announcement ID: SUSE-SU-2024:4051-1 Release Date: 2024-11-25T15:38:23Z Rating: important References: * bsc#1233282 Cross-References: * CVE-2024-52533 CVSS scores: * CVE-2024-52533 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-52533 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H * CVE-2024-52533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for glib2 fixes the following issues: * CVE-2024-52533: Fixed a single byte buffer overflow (bsc#1233282). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2024-4051=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-4051=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 (aarch64 ppc64le s390x x86_64) * libgobject-2_0-0-debuginfo-2.48.2-12.43.1 * libgthread-2_0-0-2.48.2-12.43.1 * glib2-tools-2.48.2-12.43.1 * libgio-2_0-0-2.48.2-12.43.1 * libgobject-2_0-0-2.48.2-12.43.1 * libgio-2_0-0-debuginfo-2.48.2-12.43.1 * libgmodule-2_0-0-2.48.2-12.43.1 * glib2-tools-debuginfo-2.48.2-12.43.1 * libgmodule-2_0-0-debuginfo-2.48.2-12.43.1 * glib2-debugsource-2.48.2-12.43.1 * libglib-2_0-0-2.48.2-12.43.1 * libglib-2_0-0-debuginfo-2.48.2-12.43.1 * libgthread-2_0-0-debuginfo-2.48.2-12.43.1 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 (noarch) * glib2-lang-2.48.2-12.43.1 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 (s390x x86_64) * libgio-2_0-0-32bit-2.48.2-12.43.1 * libglib-2_0-0-debuginfo-32bit-2.48.2-12.43.1 * libglib-2_0-0-32bit-2.48.2-12.43.1 * libgmodule-2_0-0-debuginfo-32bit-2.48.2-12.43.1 * libgthread-2_0-0-debuginfo-32bit-2.48.2-12.43.1 * libgobject-2_0-0-32bit-2.48.2-12.43.1 * libgthread-2_0-0-32bit-2.48.2-12.43.1 * libgmodule-2_0-0-32bit-2.48.2-12.43.1 * libgio-2_0-0-debuginfo-32bit-2.48.2-12.43.1 * libgobject-2_0-0-debuginfo-32bit-2.48.2-12.43.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 (x86_64) * libgobject-2_0-0-debuginfo-2.48.2-12.43.1 * libglib-2_0-0-32bit-2.48.2-12.43.1 * libgmodule-2_0-0-debuginfo-32bit-2.48.2-12.43.1 * libgmodule-2_0-0-2.48.2-12.43.1 * glib2-tools-debuginfo-2.48.2-12.43.1 * glib2-debugsource-2.48.2-12.43.1 * libglib-2_0-0-2.48.2-12.43.1 * libgobject-2_0-0-32bit-2.48.2-12.43.1 * libgobject-2_0-0-debuginfo-32bit-2.48.2-12.43.1 * libgthread-2_0-0-2.48.2-12.43.1 * glib2-tools-2.48.2-12.43.1 * libglib-2_0-0-debuginfo-2.48.2-12.43.1 * libgio-2_0-0-32bit-2.48.2-12.43.1 * libgthread-2_0-0-32bit-2.48.2-12.43.1 * libgmodule-2_0-0-32bit-2.48.2-12.43.1 * libgio-2_0-0-debuginfo-32bit-2.48.2-12.43.1 * libgthread-2_0-0-debuginfo-2.48.2-12.43.1 * libgio-2_0-0-2.48.2-12.43.1 * libglib-2_0-0-debuginfo-32bit-2.48.2-12.43.1 * libgobject-2_0-0-2.48.2-12.43.1 * libgthread-2_0-0-debuginfo-32bit-2.48.2-12.43.1 * libgio-2_0-0-debuginfo-2.48.2-12.43.1 * libgmodule-2_0-0-debuginfo-2.48.2-12.43.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 (noarch) * glib2-lang-2.48.2-12.43.1 ## References: * https://www.suse.com/security/cve/CVE-2024-52533.html * https://bugzilla.suse.com/show_bug.cgi?id=1233282 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 25 16:30:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Nov 2024 16:30:13 -0000 Subject: SUSE-SU-2024:4050-1: critical: Security update for MozillaThunderbird Message-ID: <173255221332.2775.2763110413664033583@smelt2.prg2.suse.org> # Security update for MozillaThunderbird Announcement ID: SUSE-SU-2024:4050-1 Release Date: 2024-11-25T15:37:50Z Rating: critical References: * bsc#1231879 * bsc#1233355 Cross-References: * CVE-2024-10458 * CVE-2024-10459 * CVE-2024-10460 * CVE-2024-10461 * CVE-2024-10462 * CVE-2024-10463 * CVE-2024-10464 * CVE-2024-10465 * CVE-2024-10466 * CVE-2024-10467 * CVE-2024-11159 CVSS scores: * CVE-2024-10458 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-10458 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2024-10458 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-10458 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-10459 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-10459 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-10459 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-10459 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-10460 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-10460 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-10460 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-10460 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-10461 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N * CVE-2024-10461 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-10461 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-10461 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-10462 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-10462 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-10462 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-10462 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-10463 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-10463 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-10463 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-10463 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-10464 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-10464 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-10464 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-10464 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-10465 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-10465 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10465 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-10465 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-10466 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-10466 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-10466 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-10466 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-10467 ( SUSE ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-10467 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-10467 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-10467 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-11159 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-11159 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-11159 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves 11 vulnerabilities can now be installed. ## Description: This update for MozillaThunderbird fixes the following issues: * Mozilla Thunderbird 128.4.3 * fixed: Folder corruption could cause Thunderbird to freeze and become unusable * fixed: Message corruption could be propagated when reading mbox * fixed: Folder compaction was not abandoned on shutdown * fixed: Folder compaction did not clean up on failure * fixed: Collapsed NNTP thread incorrectly indicated there were unread messages * fixed: Navigating to next unread message did not wait for all messages to be loaded * fixed: Applying column view to folder and children could break if folder error occurred * fixed: Remote content notifications were broken with encrypted messages * fixed: Updating criteria of a saved search resulted in poor search performance * fixed: Drop-downs may not work in some places * fixed: Security fixes MFSA 2024-61 (bsc#1233355) * CVE-2024-11159 Potential disclosure of plaintext in OpenPGP encrypted message * Mozilla Thunderbird 128.4.2 * changed: Increased the auto-compaction threshold to reduce frequency of compaction * fixed: New profile creation caused console errors * fixed: Repair folder could result in older messages showing wrong date and time * fixed: Recently deleted messages could become undeleted if message compaction failed * fixed: Visual and UX improvements * fixed: Clicking on an HTML button could cause Thunderbird to freeze * fixed: Messages could not be selected for dragging * fixed: Could not open attached file in a MIME encrypted message * fixed: Account creation "Setup Documentation" link was broken * fixed: Unable to generate QR codes when exporting to mobile in some cases * fixed: Operating system reauthentication was missing when exporting QR codes for mobile * fixed: Could not drag all-day events from one day to another in week view * Mozilla Thunderbird 128.4.1 * new: Add the 20 year donation appeal * Mozilla Thunderbird 128.4 * new: Export Thunderbird account settings to Thunderbird Mobile via QRCode * fixed: Unable to send an unencrypted response to an OpenPGP encrypted message * fixed: Thunderbird update did not update language pack version until another restart * fixed: Security fixes MFSA 2024-58 (bsc#1231879) * CVE-2024-10458 Permission leak via embed or object elements * CVE-2024-10459 Use-after-free in layout with accessibility * CVE-2024-10460 Confusing display of origin for external protocol handler prompt * CVE-2024-10461 XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response * CVE-2024-10462 Origin of permission prompt could be spoofed by long URL * CVE-2024-10463 Cross origin video frame leak * CVE-2024-10464 History interface could have been used to cause a Denial of Service condition in the browser * CVE-2024-10465 Clipboard "paste" button persisted across tabs * CVE-2024-10466 DOM push subscription message could hang Firefox * CVE-2024-10467 Memory safety bugs fixed in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4050=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4050=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-4050=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-4050=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4050=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-4050=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-4050=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * MozillaThunderbird-debuginfo-128.4.3-150200.8.188.1 * MozillaThunderbird-translations-other-128.4.3-150200.8.188.1 * MozillaThunderbird-debugsource-128.4.3-150200.8.188.1 * MozillaThunderbird-128.4.3-150200.8.188.1 * MozillaThunderbird-translations-common-128.4.3-150200.8.188.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaThunderbird-debuginfo-128.4.3-150200.8.188.1 * MozillaThunderbird-translations-other-128.4.3-150200.8.188.1 * MozillaThunderbird-debugsource-128.4.3-150200.8.188.1 * MozillaThunderbird-128.4.3-150200.8.188.1 * MozillaThunderbird-translations-common-128.4.3-150200.8.188.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x) * MozillaThunderbird-debuginfo-128.4.3-150200.8.188.1 * MozillaThunderbird-translations-other-128.4.3-150200.8.188.1 * MozillaThunderbird-debugsource-128.4.3-150200.8.188.1 * MozillaThunderbird-128.4.3-150200.8.188.1 * MozillaThunderbird-translations-common-128.4.3-150200.8.188.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x) * MozillaThunderbird-debuginfo-128.4.3-150200.8.188.1 * MozillaThunderbird-translations-other-128.4.3-150200.8.188.1 * MozillaThunderbird-debugsource-128.4.3-150200.8.188.1 * MozillaThunderbird-128.4.3-150200.8.188.1 * MozillaThunderbird-translations-common-128.4.3-150200.8.188.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * MozillaThunderbird-debuginfo-128.4.3-150200.8.188.1 * MozillaThunderbird-translations-other-128.4.3-150200.8.188.1 * MozillaThunderbird-debugsource-128.4.3-150200.8.188.1 * MozillaThunderbird-128.4.3-150200.8.188.1 * MozillaThunderbird-translations-common-128.4.3-150200.8.188.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * MozillaThunderbird-debuginfo-128.4.3-150200.8.188.1 * MozillaThunderbird-translations-other-128.4.3-150200.8.188.1 * MozillaThunderbird-debugsource-128.4.3-150200.8.188.1 * MozillaThunderbird-128.4.3-150200.8.188.1 * MozillaThunderbird-translations-common-128.4.3-150200.8.188.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * MozillaThunderbird-debuginfo-128.4.3-150200.8.188.1 * MozillaThunderbird-translations-other-128.4.3-150200.8.188.1 * MozillaThunderbird-debugsource-128.4.3-150200.8.188.1 * MozillaThunderbird-128.4.3-150200.8.188.1 * MozillaThunderbird-translations-common-128.4.3-150200.8.188.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10458.html * https://www.suse.com/security/cve/CVE-2024-10459.html * https://www.suse.com/security/cve/CVE-2024-10460.html * https://www.suse.com/security/cve/CVE-2024-10461.html * https://www.suse.com/security/cve/CVE-2024-10462.html * https://www.suse.com/security/cve/CVE-2024-10463.html * https://www.suse.com/security/cve/CVE-2024-10464.html * https://www.suse.com/security/cve/CVE-2024-10465.html * https://www.suse.com/security/cve/CVE-2024-10466.html * https://www.suse.com/security/cve/CVE-2024-10467.html * https://www.suse.com/security/cve/CVE-2024-11159.html * https://bugzilla.suse.com/show_bug.cgi?id=1231879 * https://bugzilla.suse.com/show_bug.cgi?id=1233355 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 25 20:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 25 Nov 2024 20:30:11 -0000 Subject: SUSE-SU-2024:4052-1: important: Security update for postgresql, postgresql16, postgresql17 Message-ID: <173256661155.4943.17915542966882552036@smelt2.prg2.suse.org> # Security update for postgresql, postgresql16, postgresql17 Announcement ID: SUSE-SU-2024:4052-1 Release Date: 2024-11-25T16:10:44Z Rating: important References: * bsc#1219340 * bsc#1230423 * bsc#1233323 * bsc#1233325 * bsc#1233326 * bsc#1233327 * jsc#PED-11514 Cross-References: * CVE-2024-10976 * CVE-2024-10977 * CVE-2024-10978 * CVE-2024-10979 CVSS scores: * CVE-2024-10976 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10976 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10977 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10977 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10978 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10978 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10979 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-10979 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities, contains one feature and has two security fixes can now be installed. ## Description: This update for postgresql, postgresql16, postgresql17 fixes the following issues: This update ships postgresql17 , and fixes security issues with postgresql16: * bsc#1230423: Relax the dependency of extensions on the server version from exact major.minor to greater or equal, after Tom Lane confirmed on the PostgreSQL packagers list that ABI stability is being taken care of between minor releases. * bsc#1219340: The last fix was not correct. Improve it by removing the dependency again and call fillup only if it is installed. postgresql16 was updated to 16.6: * Repair ABI break for extensions that work with struct ResultRelInfo. * Restore functionality of ALTER {ROLE|DATABASE} SET role. * Fix cases where a logical replication slot's restart_lsn could go backwards. * Avoid deleting still-needed WAL files during pg_rewind. * Fix race conditions associated with dropping shared statistics entries. * Count index scans in contrib/bloom indexes in the statistics views, such as the pg_stat_user_indexes.idx_scan counter. * Fix crash when checking to see if an index's opclass options have changed. * Avoid assertion failure caused by disconnected NFA sub-graphs in regular expression parsing. * https://www.postgresql.org/docs/release/16.6/ postgresql16 was updated to 16.5: * CVE-2024-10976, bsc#1233323: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference. * CVE-2024-10977, bsc#1233325: Make libpq discard error messages received during SSL or GSS protocol negotiation. * CVE-2024-10978, bsc#1233326: Fix unintended interactions between SET SESSION AUTHORIZATION and SET ROLE * CVE-2024-10979, bsc#1233327: Prevent trusted PL/Perl code from changing environment variables. * https://www.postgresql.org/about/news/p-2955/ * https://www.postgresql.org/docs/release/16.5/ * Don't build the libs and mini flavor anymore to hand over to PostgreSQL 17. * https://www.postgresql.org/about/news/p-2910/ postgresql17 is shipped in version 17.2: * CVE-2024-10976, bsc#1233323: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference. * CVE-2024-10977, bsc#1233325: Make libpq discard error messages received during SSL or GSS protocol negotiation. * CVE-2024-10978, bsc#1233326: Fix unintended interactions between SET SESSION AUTHORIZATION and SET ROLE * CVE-2024-10979, bsc#1233327: Prevent trusted PL/Perl code from changing environment variables. * https://www.postgresql.org/about/news/p-2955/ * https://www.postgresql.org/docs/release/17.1/ * https://www.postgresql.org/docs/release/17.2/ Upgrade to 17.2: * Repair ABI break for extensions that work with struct ResultRelInfo. * Restore functionality of ALTER {ROLE|DATABASE} SET role. * Fix cases where a logical replication slot's restart_lsn could go backwards. * Avoid deleting still-needed WAL files during pg_rewind. * Fix race conditions associated with dropping shared statistics entries. * Count index scans in contrib/bloom indexes in the statistics views, such as the pg_stat_user_indexes.idx_scan counter. * Fix crash when checking to see if an index's opclass options have changed. * Avoid assertion failure caused by disconnected NFA sub-graphs in regular expression parsing. Upgrade to 17.0: * New memory management system for VACUUM, which reduces memory consumption and can improve overall vacuuming performance. * New SQL/JSON capabilities, including constructors, identity functions, and the JSON_TABLE() function, which converts JSON data into a table representation. * Various query performance improvements, including for sequential reads using streaming I/O, write throughput under high concurrency, and searches over multiple values in a btree index. * Logical replication enhancements, including: * Failover control * pg_createsubscriber, a utility that creates logical replicas from physical standbys * pg_upgrade now preserves replication slots on both publishers and subscribers * New client-side connection option, sslnegotiation=direct, that performs a direct TLS handshake to avoid a round-trip negotiation. * pg_basebackup now supports incremental backup. * COPY adds a new option, ON_ERROR ignore, that allows a copy operation to continue in the event of an error. * https://www.postgresql.org/about/news/p-2936/ * https://www.postgresql.org/docs/17/release-17.html ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2024-4052=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-4052=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 (aarch64 ppc64le s390x x86_64) * postgresql16-contrib-16.6-3.21.1 * libecpg6-debuginfo-17.2-3.5.1 * postgresql16-16.6-3.21.1 * postgresql16-debuginfo-16.6-3.21.1 * libpq5-17.2-3.5.1 * libpq5-debuginfo-17.2-3.5.1 * postgresql16-plpython-16.6-3.21.1 * postgresql16-plperl-debuginfo-16.6-3.21.1 * postgresql16-debugsource-16.6-3.21.1 * postgresql16-plperl-16.6-3.21.1 * postgresql16-pltcl-16.6-3.21.1 * postgresql16-pltcl-debuginfo-16.6-3.21.1 * postgresql16-contrib-debuginfo-16.6-3.21.1 * postgresql16-server-16.6-3.21.1 * postgresql16-plpython-debuginfo-16.6-3.21.1 * postgresql16-server-debuginfo-16.6-3.21.1 * libecpg6-17.2-3.5.1 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 (noarch) * postgresql-pltcl-17-4.29.1 * postgresql16-docs-16.6-3.21.1 * postgresql-docs-17-4.29.1 * postgresql-plpython-17-4.29.1 * postgresql-17-4.29.1 * postgresql-plperl-17-4.29.1 * postgresql-contrib-17-4.29.1 * postgresql-server-17-4.29.1 * SUSE Linux Enterprise Server 12 SP5 LTSS 12-SP5 (s390x x86_64) * libpq5-32bit-17.2-3.5.1 * libecpg6-debuginfo-32bit-17.2-3.5.1 * libecpg6-32bit-17.2-3.5.1 * libpq5-debuginfo-32bit-17.2-3.5.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 (x86_64) * libecpg6-debuginfo-17.2-3.5.1 * postgresql16-16.6-3.21.1 * postgresql16-debuginfo-16.6-3.21.1 * postgresql16-pltcl-debuginfo-16.6-3.21.1 * postgresql16-plperl-16.6-3.21.1 * libecpg6-debuginfo-32bit-17.2-3.5.1 * libecpg6-32bit-17.2-3.5.1 * libpq5-debuginfo-32bit-17.2-3.5.1 * postgresql16-plpython-debuginfo-16.6-3.21.1 * libpq5-32bit-17.2-3.5.1 * libpq5-debuginfo-17.2-3.5.1 * postgresql16-pltcl-16.6-3.21.1 * postgresql16-contrib-debuginfo-16.6-3.21.1 * postgresql16-server-debuginfo-16.6-3.21.1 * postgresql16-contrib-16.6-3.21.1 * libpq5-17.2-3.5.1 * postgresql16-plpython-16.6-3.21.1 * postgresql16-plperl-debuginfo-16.6-3.21.1 * libecpg6-17.2-3.5.1 * postgresql16-debugsource-16.6-3.21.1 * postgresql16-server-16.6-3.21.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security 12-SP5 (noarch) * postgresql-pltcl-17-4.29.1 * postgresql16-docs-16.6-3.21.1 * postgresql-docs-17-4.29.1 * postgresql-plpython-17-4.29.1 * postgresql-17-4.29.1 * postgresql-plperl-17-4.29.1 * postgresql-contrib-17-4.29.1 * postgresql-server-17-4.29.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10976.html * https://www.suse.com/security/cve/CVE-2024-10977.html * https://www.suse.com/security/cve/CVE-2024-10978.html * https://www.suse.com/security/cve/CVE-2024-10979.html * https://bugzilla.suse.com/show_bug.cgi?id=1219340 * https://bugzilla.suse.com/show_bug.cgi?id=1230423 * https://bugzilla.suse.com/show_bug.cgi?id=1233323 * https://bugzilla.suse.com/show_bug.cgi?id=1233325 * https://bugzilla.suse.com/show_bug.cgi?id=1233326 * https://bugzilla.suse.com/show_bug.cgi?id=1233327 * https://jira.suse.com/browse/PED-11514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Nov 26 08:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 26 Nov 2024 08:30:14 -0000 Subject: SUSE-SU-2024:4054-1: moderate: Security update for javapackages-tools, xmlgraphics-batik, xmlgraphics-commons, xmlgraphics-fop Message-ID: <173260981455.4943.4298887438977237429@smelt2.prg2.suse.org> # Security update for javapackages-tools, xmlgraphics-batik, xmlgraphics- commons, xmlgraphics-fop Announcement ID: SUSE-SU-2024:4054-1 Release Date: 2024-11-26T05:06:51Z Rating: moderate References: * bsc#1231347 * bsc#1231428 Cross-References: * CVE-2024-28168 CVSS scores: * CVE-2024-28168 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-28168 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L * CVE-2024-28168 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for javapackages-tools, xmlgraphics-batik, xmlgraphics-commons, xmlgraphics-fop fixes the following issues: xmlgraphics-fop was updated from version 2.8 to 2.10: * Security issues fixed: * CVE-2024-28168: Fixed improper restriction of XML External Entity (XXE) reference (bsc#1231428) * Upstream changes and bugs fixed: * Version 2.10: * footnote-body ignores rl-tb writing mode * SVG tspan content is displayed out of place * Added new schema to handle pdf/a and pdfa/ua * Correct fop version at runtime * NoSuchElementException when using font with no family name * Resolve classpath for binary distribution * Switch to spotbugs * Set an automatic module name * Rename packages to avoid conflicts with modules * Resize table only for multicolumn page * Missing jars in servlet * Optimise performance of PNG with alpha using raw loader * basic-link not navigating to corresponding footnote * Added option to sign PDF * Added secure processing for XSL input * Allow sections which need security permissions to be run when AllPermission denied in caller code * Remove unused PDFStructElem * Remove space generated by fo:wrapper * Reset content length for table changing ipd * Added alt text to PDF signature * Allow change of resource level for SVG in AFP * Exclude shape not in clipping path for AFP * Only support 1 column for redo of layout without page pos only * Switch to Jakarta servlet API * NPE when list item is split alongside an ipd change * Added mandatory MODCA triplet to AFP * Redo layout for multipage columns * Added image mask option for AFP * Skip written block ipds inside float * Allow curly braces for src url * Missing content for last page with change ipd * Added warning when different pdf languages are used * Only restart line manager when there is a linebreak for blocklayout * Version 2.9: * Values in PDF Number Trees must be indirect references * Do not delete files on syntax errors using command line * Surrogate pair edge-case causes Exception * Reset character spacing * SVG text containing certain glyphs isn't rendered * Remove duplicate classes from maven classpath * Allow use of page position only on redo of layout * Failure to render multi-block itemBody alongside float * Update to PDFBox 2.0.27 * NPE if link destination is missing with accessibility * Make property cache thread safe * Font size was rounded to 0 for AFP TTF * Cannot process a SVG using mvn jars * Remove serializer jar * Allow creating a PDF 2.0 document * Text missing after page break inside table inline * IllegalArgumentException for list in a table * Table width may be too wide when layout width changes * NPE when using broken link and PDF 1.5 * Allow XMP at PDF page level * Symbol font was not being mapped to unicode * Correct font differences table for Chrome * Link against Java 8 API * Added support for font-selection-strategy=character-by-character * Merge form fields in external PDFs * Fixed test for Java 11 xmlgraphics-batik was updated from version 1.17 to 1.18: * PNG transcoder references nonexistent class * Set offset to 0 if missing in stop tag * Validate throws NPE * Fixed missing arabic characters * Animated rotate tranform ignores y-origin at exactly 270 degrees * Set an automatic module name * Ignore inkscape properties * Switch to spotbugs * Allow source and target resolution configuration xmlgraphics-commons was updated from version 2.8 to 2.10: * Fixed test for Java 11 * Allow XMP at PDF page level * Allow source resolution configuration * Added new schema to handle pdf/a and pdfa/ua * Set an automatic module name * Switch to spotbugs * Do not use a singleton for ImageImplRegistry javapackages-tools was updated from version 6.3.0 to 6.3.4: * Version 6.3.4: * A corner case when which is not present * Remove dependency on which * Simplify after the which -> type -p change * jpackage_script: Remove pointless assignment when %java_home is unset * Don't export JAVA_HOME (bsc#1231347) * Version 6.3.2: * Search for JAVACMD under JAVA_HOME only if it's set * Obsolete set_jvm and set_jvm_dirs functions * Drop unneeded _set_java_home function * Remove JAVA_HOME check from check_java_env function * Bump codecov/codecov-action from 2.0.2 to 4.6.0 * Bump actions/setup-python from 4 to 5 * Bump actions/checkout from 2 to 4 * Added custom dependabot config * Remove the test for JAVA_HOME and error if it is not set * java-functions: Remove unneeded local variables * Fixed build status shield * Version 6.3.1: * Allow missing components with abs2rel * Fixed tests with python 3.4 * Sync spec file from Fedora * Drop default JRE/JDK * Fixed the use of java-functions in scripts * Test that we don't bomb on * Test variable expansion in artifactId * Interpolate properties also in the current artifact * Rewrite abs2rel in shell * Use asciidoctor instead of asciidoc * Fixed incompatibility with RPM 4.20 * Reproducible exclusions order in maven metadata * Do not bomb on construct * Make maven_depmap order of aliases reproducible ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4054=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4054=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4054=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4054=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-4054=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-4054=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-4054=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4054=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-4054=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4054=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4054=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4054=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4054=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-4054=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4054=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4054=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-4054=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4054=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4054=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4054=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4054=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-4054=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * openSUSE Leap 15.5 (noarch) * xmlgraphics-batik-svgpp-1.18-150200.4.10.2 * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * xmlgraphics-batik-javadoc-1.18-150200.4.10.2 * xmlgraphics-batik-ttf2svg-1.18-150200.4.10.2 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-batik-squiggle-1.18-150200.4.10.2 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-javadoc-2.10-150200.3.10.2 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-rasterizer-1.18-150200.4.10.2 * xmlgraphics-batik-css-1.18-150200.4.10.2 * xmlgraphics-batik-demo-1.18-150200.4.10.2 * xmlgraphics-batik-slideshow-1.18-150200.4.10.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * openSUSE Leap 15.6 (noarch) * xmlgraphics-batik-svgpp-1.18-150200.4.10.2 * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * xmlgraphics-batik-javadoc-1.18-150200.4.10.2 * xmlgraphics-batik-ttf2svg-1.18-150200.4.10.2 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-batik-squiggle-1.18-150200.4.10.2 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-javadoc-2.10-150200.3.10.2 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-rasterizer-1.18-150200.4.10.2 * xmlgraphics-batik-css-1.18-150200.4.10.2 * xmlgraphics-batik-demo-1.18-150200.4.10.2 * xmlgraphics-batik-slideshow-1.18-150200.4.10.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * Basesystem Module 15-SP5 (noarch) * python3-javapackages-6.3.4-150200.3.15.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * Basesystem Module 15-SP6 (noarch) * python3-javapackages-6.3.4-150200.3.15.1 * Development Tools Module 15-SP5 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * Development Tools Module 15-SP6 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * javapackages-local-6.3.4-150200.3.15.1 * SUSE Package Hub 15 15-SP6 (noarch) * xmlgraphics-batik-css-1.18-150200.4.10.2 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Manager Proxy 4.3 (x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Manager Proxy 4.3 (noarch) * python3-javapackages-6.3.4-150200.3.15.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * python3-javapackages-6.3.4-150200.3.15.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Manager Server 4.3 (noarch) * python3-javapackages-6.3.4-150200.3.15.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Enterprise Storage 7.1 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 ## References: * https://www.suse.com/security/cve/CVE-2024-28168.html * https://bugzilla.suse.com/show_bug.cgi?id=1231347 * https://bugzilla.suse.com/show_bug.cgi?id=1231428 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Nov 26 08:30:19 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 26 Nov 2024 08:30:19 -0000 Subject: SUSE-SU-2024:4053-1: important: Security update for ucode-intel Message-ID: <173260981962.4943.6958168034010497212@smelt2.prg2.suse.org> # Security update for ucode-intel Announcement ID: SUSE-SU-2024:4053-1 Release Date: 2024-11-26T03:37:12Z Rating: important References: * bsc#1233313 Cross-References: * CVE-2024-21820 * CVE-2024-21853 * CVE-2024-23918 * CVE-2024-23984 * CVE-2024-24968 CVSS scores: * CVE-2024-21820 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N * CVE-2024-21820 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N * CVE-2024-21820 ( NVD ): 8.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-21820 ( NVD ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N * CVE-2024-21853 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-21853 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-21853 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-21853 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23918 ( SUSE ): 8.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-23918 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-23918 ( NVD ): 8.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-23918 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-23984 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-23984 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-23984 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-23984 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-24968 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-24968 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-24968 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-24968 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities can now be installed. ## Description: This update for ucode-intel fixes the following issues: * Intel CPU Microcode was updated to the 20241112 release (bsc#1233313) * CVE-2024-21853: Faulty finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel Xeon Processors may allow an authorized user to potentially enable denial of service via local access. * CVE-2024-23918: Improper conditions check in some Intel Xeon processor memory controller configurations when using Intel SGX may allow a privileged user to potentially enable escalation of privilege via local access. * CVE-2024-21820: Incorrect default permissions in some Intel Xeon processor memory controller configurations when using Intel SGX may allow a privileged user to potentially enable escalation of privilege via local access. * CVE-2024-24968: Improper finite state machines (FSMs) in hardware logic in some Intel Processors may allow an privileged user to potentially enable a denial of service via local access. * CVE-2024-23984: Observable discrepancy in RAPL interface for some Intel Processors may allow a privileged user to potentially enable information disclosure via local access. * Update for functional issues. New Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ADL | C0 | 06-97-02/07 | 00000036 | 00000037 | Core Gen12 | ADL | H0 | 06-97-05/07 | 00000036 | 00000037 | Core Gen12 | ADL | L0 | 06-9a-03/80 | 00000434 | 00000435 | Core Gen12 | ADL | R0 | 06-9a-04/80 | 00000434 | 00000435 | Core Gen12 | EMR-SP | A0 | 06-cf-01/87 | 21000230 | 21000283 | Xeon Scalable Gen5 | EMR-SP | A1 | 06-cf-02/87 | 21000230 | 21000283 | Xeon Scalable Gen5 | MTL | C0 | 06-aa-04/e6 | 0000001f | 00000020 | Core? Ultra Processor | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004122 | 00004123 | Core Gen13 | RPL-HX/S | C0 | 06-bf-02/07 | 00000036 | 00000037 | Core Gen13/Gen14 | RPL-S | H0 | 06-bf-05/07 | 00000036 | 00000037 | Core Gen13/Gen14 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004122 | 00004123 | Core Gen13 | SPR-SP | E3 | 06-8f-06/87 | 2b0005c0 | 2b000603 | Xeon Scalable Gen4 | SPR-SP | E4/S2 | 06-8f-07/87 | 2b0005c0 | 2b000603 | Xeon Scalable Gen4 | SPR-SP | E5/S3 | 06-8f-08/87 | 2b0005c0 | 2b000603 | Xeon Scalable Gen4 New Disclosures Updated in Prior Releases: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ICL-D | B0 | 06-6c-01/10 | 010002b0 | N/A | Xeon D-17xx/D-18xx, D-27xx/D-28xx | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003e7 | N/A | Xeon Scalable Gen3 * Intel CPU Microcode was updated to the 20241029 release Update for functional issues. Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | RPL-E/HX/S | B0 | 06-b7-01/32 | 00000129 | 0000012b | Core Gen13/Gen14 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-4053=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4053=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4053=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4053=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4053=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4053=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4053=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-4053=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4053=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4053=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4053=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-4053=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4053=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4053=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4053=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4053=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-4053=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4053=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4053=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-4053=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4053=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4053=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4053=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4053=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-4053=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-4053=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-4053=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-4053=1 ## Package List: * openSUSE Leap Micro 5.5 (x86_64) * ucode-intel-20241112-150200.50.1 * openSUSE Leap 15.5 (x86_64) * ucode-intel-20241112-150200.50.1 * openSUSE Leap 15.6 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * ucode-intel-20241112-150200.50.1 * Basesystem Module 15-SP5 (x86_64) * ucode-intel-20241112-150200.50.1 * Basesystem Module 15-SP6 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Manager Proxy 4.3 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Manager Server 4.3 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Enterprise Storage 7.1 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * ucode-intel-20241112-150200.50.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21820.html * https://www.suse.com/security/cve/CVE-2024-21853.html * https://www.suse.com/security/cve/CVE-2024-23918.html * https://www.suse.com/security/cve/CVE-2024-23984.html * https://www.suse.com/security/cve/CVE-2024-24968.html * https://bugzilla.suse.com/show_bug.cgi?id=1233313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Nov 26 12:30:31 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 26 Nov 2024 12:30:31 -0000 Subject: SUSE-SU-2024:4063-1: important: Security update for postgresql, postgresql16, postgresql17 Message-ID: <173262423166.13579.2775173216037580192@smelt2.prg2.suse.org> # Security update for postgresql, postgresql16, postgresql17 Announcement ID: SUSE-SU-2024:4063-1 Release Date: 2024-11-26T09:16:21Z Rating: important References: * bsc#1219340 * bsc#1230423 * bsc#1233323 * bsc#1233325 * bsc#1233326 * bsc#1233327 * jsc#PED-11514 Cross-References: * CVE-2024-10976 * CVE-2024-10977 * CVE-2024-10978 * CVE-2024-10979 CVSS scores: * CVE-2024-10976 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10976 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10977 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10977 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10978 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10978 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10979 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-10979 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves four vulnerabilities, contains one feature and has two security fixes can now be installed. ## Description: This update for postgresql, postgresql16, postgresql17 fixes the following issues: This update ships postgresql17 , and fixes security issues with postgresql16: * bsc#1230423: Relax the dependency of extensions on the server version from exact major.minor to greater or equal, after Tom Lane confirmed on the PostgreSQL packagers list that ABI stability is being taken care of between minor releases. * bsc#1219340: The last fix was not correct. Improve it by removing the dependency again and call fillup only if it is installed. postgresql16 was updated to 16.6: * Repair ABI break for extensions that work with struct ResultRelInfo. * Restore functionality of ALTER {ROLE|DATABASE} SET role. * Fix cases where a logical replication slot's restart_lsn could go backwards. * Avoid deleting still-needed WAL files during pg_rewind. * Fix race conditions associated with dropping shared statistics entries. * Count index scans in contrib/bloom indexes in the statistics views, such as the pg_stat_user_indexes.idx_scan counter. * Fix crash when checking to see if an index's opclass options have changed. * Avoid assertion failure caused by disconnected NFA sub-graphs in regular expression parsing. * https://www.postgresql.org/docs/release/16.6/ postgresql16 was updated to 16.5: * CVE-2024-10976, bsc#1233323: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference. * CVE-2024-10977, bsc#1233325: Make libpq discard error messages received during SSL or GSS protocol negotiation. * CVE-2024-10978, bsc#1233326: Fix unintended interactions between SET SESSION AUTHORIZATION and SET ROLE * CVE-2024-10979, bsc#1233327: Prevent trusted PL/Perl code from changing environment variables. * https://www.postgresql.org/about/news/p-2955/ * https://www.postgresql.org/docs/release/16.5/ * Don't build the libs and mini flavor anymore to hand over to PostgreSQL 17. * https://www.postgresql.org/about/news/p-2910/ postgresql17 is shipped in version 17.2: * CVE-2024-10976, bsc#1233323: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference. * CVE-2024-10977, bsc#1233325: Make libpq discard error messages received during SSL or GSS protocol negotiation. * CVE-2024-10978, bsc#1233326: Fix unintended interactions between SET SESSION AUTHORIZATION and SET ROLE * CVE-2024-10979, bsc#1233327: Prevent trusted PL/Perl code from changing environment variables. * https://www.postgresql.org/about/news/p-2955/ * https://www.postgresql.org/docs/release/17.1/ * https://www.postgresql.org/docs/release/17.2/ Upgrade to 17.2: * Repair ABI break for extensions that work with struct ResultRelInfo. * Restore functionality of ALTER {ROLE|DATABASE} SET role. * Fix cases where a logical replication slot's restart_lsn could go backwards. * Avoid deleting still-needed WAL files during pg_rewind. * Fix race conditions associated with dropping shared statistics entries. * Count index scans in contrib/bloom indexes in the statistics views, such as the pg_stat_user_indexes.idx_scan counter. * Fix crash when checking to see if an index's opclass options have changed. * Avoid assertion failure caused by disconnected NFA sub-graphs in regular expression parsing. Upgrade to 17.0: * New memory management system for VACUUM, which reduces memory consumption and can improve overall vacuuming performance. * New SQL/JSON capabilities, including constructors, identity functions, and the JSON_TABLE() function, which converts JSON data into a table representation. * Various query performance improvements, including for sequential reads using streaming I/O, write throughput under high concurrency, and searches over multiple values in a btree index. * Logical replication enhancements, including: * Failover control * pg_createsubscriber, a utility that creates logical replicas from physical standbys * pg_upgrade now preserves replication slots on both publishers and subscribers * New client-side connection option, sslnegotiation=direct, that performs a direct TLS handshake to avoid a round-trip negotiation. * pg_basebackup now supports incremental backup. * COPY adds a new option, ON_ERROR ignore, that allows a copy operation to continue in the event of an error. * https://www.postgresql.org/about/news/p-2936/ * https://www.postgresql.org/docs/17/release-17.html ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4063=1 SUSE-2024-4063=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4063=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-4063=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-4063=1 ## Package List: * openSUSE Leap 15.6 (noarch) * postgresql-docs-17-150600.17.6.1 * postgresql-llvmjit-devel-17-150600.17.6.1 * postgresql-contrib-17-150600.17.6.1 * postgresql-server-devel-17-150600.17.6.1 * postgresql-server-17-150600.17.6.1 * postgresql16-docs-16.6-150600.16.10.1 * postgresql-llvmjit-17-150600.17.6.1 * postgresql-17-150600.17.6.1 * postgresql-plpython-17-150600.17.6.1 * postgresql-pltcl-17-150600.17.6.1 * postgresql17-docs-17.2-150600.13.5.1 * postgresql-test-17-150600.17.6.1 * postgresql-devel-17-150600.17.6.1 * postgresql-plperl-17-150600.17.6.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql17-devel-mini-17.2-150600.13.5.1 * postgresql16-plpython-16.6-150600.16.10.1 * postgresql17-debuginfo-17.2-150600.13.5.1 * postgresql17-llvmjit-debuginfo-17.2-150600.13.5.1 * postgresql16-test-16.6-150600.16.10.1 * postgresql16-llvmjit-16.6-150600.16.10.1 * libecpg6-debuginfo-17.2-150600.13.5.1 * postgresql17-plpython-debuginfo-17.2-150600.13.5.1 * postgresql17-17.2-150600.13.5.1 * libecpg6-17.2-150600.13.5.1 * postgresql17-server-devel-debuginfo-17.2-150600.13.5.1 * postgresql16-contrib-16.6-150600.16.10.1 * postgresql17-debugsource-17.2-150600.13.5.1 * postgresql17-devel-debuginfo-17.2-150600.13.5.1 * libpq5-debuginfo-17.2-150600.13.5.1 * postgresql16-server-devel-debuginfo-16.6-150600.16.10.1 * postgresql16-plpython-debuginfo-16.6-150600.16.10.1 * postgresql17-contrib-debuginfo-17.2-150600.13.5.1 * postgresql17-llvmjit-devel-17.2-150600.13.5.1 * postgresql17-server-debuginfo-17.2-150600.13.5.1 * postgresql16-devel-debuginfo-16.6-150600.16.10.1 * postgresql17-pltcl-17.2-150600.13.5.1 * postgresql16-contrib-debuginfo-16.6-150600.16.10.1 * postgresql16-server-debuginfo-16.6-150600.16.10.1 * postgresql16-llvmjit-devel-16.6-150600.16.10.1 * postgresql17-llvmjit-17.2-150600.13.5.1 * postgresql17-plpython-17.2-150600.13.5.1 * postgresql16-llvmjit-debuginfo-16.6-150600.16.10.1 * postgresql16-debugsource-16.6-150600.16.10.1 * postgresql16-16.6-150600.16.10.1 * postgresql17-test-17.2-150600.13.5.1 * postgresql16-plperl-debuginfo-16.6-150600.16.10.1 * postgresql17-server-17.2-150600.13.5.1 * libpq5-17.2-150600.13.5.1 * postgresql17-devel-mini-debuginfo-17.2-150600.13.5.1 * postgresql16-debuginfo-16.6-150600.16.10.1 * postgresql17-pltcl-debuginfo-17.2-150600.13.5.1 * postgresql17-plperl-17.2-150600.13.5.1 * postgresql17-plperl-debuginfo-17.2-150600.13.5.1 * postgresql17-server-devel-17.2-150600.13.5.1 * postgresql16-plperl-16.6-150600.16.10.1 * postgresql16-pltcl-16.6-150600.16.10.1 * postgresql16-server-16.6-150600.16.10.1 * postgresql17-mini-debugsource-17.2-150600.13.5.1 * postgresql16-devel-16.6-150600.16.10.1 * postgresql16-pltcl-debuginfo-16.6-150600.16.10.1 * postgresql17-devel-17.2-150600.13.5.1 * postgresql17-contrib-17.2-150600.13.5.1 * postgresql16-server-devel-16.6-150600.16.10.1 * openSUSE Leap 15.6 (x86_64) * libecpg6-32bit-17.2-150600.13.5.1 * libpq5-32bit-debuginfo-17.2-150600.13.5.1 * libpq5-32bit-17.2-150600.13.5.1 * libecpg6-32bit-debuginfo-17.2-150600.13.5.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libecpg6-64bit-17.2-150600.13.5.1 * libpq5-64bit-debuginfo-17.2-150600.13.5.1 * libecpg6-64bit-debuginfo-17.2-150600.13.5.1 * libpq5-64bit-17.2-150600.13.5.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql17-debugsource-17.2-150600.13.5.1 * postgresql16-debugsource-16.6-150600.16.10.1 * postgresql16-16.6-150600.16.10.1 * postgresql17-debuginfo-17.2-150600.13.5.1 * libpq5-debuginfo-17.2-150600.13.5.1 * libpq5-17.2-150600.13.5.1 * postgresql17-17.2-150600.13.5.1 * postgresql16-debuginfo-16.6-150600.16.10.1 * Basesystem Module 15-SP6 (noarch) * postgresql-17-150600.17.6.1 * Basesystem Module 15-SP6 (x86_64) * libpq5-32bit-debuginfo-17.2-150600.13.5.1 * libpq5-32bit-17.2-150600.13.5.1 * SUSE Package Hub 15 15-SP6 (noarch) * postgresql-docs-17-150600.17.6.1 * postgresql-llvmjit-devel-17-150600.17.6.1 * postgresql-contrib-17-150600.17.6.1 * postgresql-server-devel-17-150600.17.6.1 * postgresql-server-17-150600.17.6.1 * postgresql-llvmjit-17-150600.17.6.1 * postgresql-17-150600.17.6.1 * postgresql-plpython-17-150600.17.6.1 * postgresql-pltcl-17-150600.17.6.1 * postgresql-test-17-150600.17.6.1 * postgresql-devel-17-150600.17.6.1 * postgresql-plperl-17-150600.17.6.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql17-debugsource-17.2-150600.13.5.1 * postgresql16-llvmjit-debuginfo-16.6-150600.16.10.1 * postgresql16-debugsource-16.6-150600.16.10.1 * postgresql17-debuginfo-17.2-150600.13.5.1 * postgresql17-test-17.2-150600.13.5.1 * postgresql17-llvmjit-debuginfo-17.2-150600.13.5.1 * postgresql16-test-16.6-150600.16.10.1 * postgresql16-llvmjit-16.6-150600.16.10.1 * postgresql17-llvmjit-devel-17.2-150600.13.5.1 * postgresql16-debuginfo-16.6-150600.16.10.1 * postgresql17-llvmjit-17.2-150600.13.5.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql17-debuginfo-17.2-150600.13.5.1 * postgresql16-plpython-16.6-150600.16.10.1 * libecpg6-debuginfo-17.2-150600.13.5.1 * postgresql17-plpython-debuginfo-17.2-150600.13.5.1 * libecpg6-17.2-150600.13.5.1 * postgresql17-server-devel-debuginfo-17.2-150600.13.5.1 * postgresql16-contrib-16.6-150600.16.10.1 * postgresql17-debugsource-17.2-150600.13.5.1 * postgresql17-devel-debuginfo-17.2-150600.13.5.1 * postgresql16-server-devel-debuginfo-16.6-150600.16.10.1 * postgresql16-plpython-debuginfo-16.6-150600.16.10.1 * postgresql17-contrib-debuginfo-17.2-150600.13.5.1 * postgresql17-server-debuginfo-17.2-150600.13.5.1 * postgresql16-devel-debuginfo-16.6-150600.16.10.1 * postgresql17-pltcl-17.2-150600.13.5.1 * postgresql16-contrib-debuginfo-16.6-150600.16.10.1 * postgresql16-server-debuginfo-16.6-150600.16.10.1 * postgresql17-plpython-17.2-150600.13.5.1 * postgresql16-debugsource-16.6-150600.16.10.1 * postgresql16-plperl-debuginfo-16.6-150600.16.10.1 * postgresql17-server-17.2-150600.13.5.1 * postgresql16-debuginfo-16.6-150600.16.10.1 * postgresql17-pltcl-debuginfo-17.2-150600.13.5.1 * postgresql17-plperl-17.2-150600.13.5.1 * postgresql17-plperl-debuginfo-17.2-150600.13.5.1 * postgresql17-server-devel-17.2-150600.13.5.1 * postgresql16-plperl-16.6-150600.16.10.1 * postgresql16-pltcl-16.6-150600.16.10.1 * postgresql16-server-16.6-150600.16.10.1 * postgresql16-devel-16.6-150600.16.10.1 * postgresql16-pltcl-debuginfo-16.6-150600.16.10.1 * postgresql17-devel-17.2-150600.13.5.1 * postgresql17-contrib-17.2-150600.13.5.1 * postgresql16-server-devel-16.6-150600.16.10.1 * Server Applications Module 15-SP6 (noarch) * postgresql-docs-17-150600.17.6.1 * postgresql-contrib-17-150600.17.6.1 * postgresql-server-devel-17-150600.17.6.1 * postgresql-server-17-150600.17.6.1 * postgresql-plpython-17-150600.17.6.1 * postgresql-pltcl-17-150600.17.6.1 * postgresql17-docs-17.2-150600.13.5.1 * postgresql16-docs-16.6-150600.16.10.1 * postgresql-devel-17-150600.17.6.1 * postgresql-plperl-17-150600.17.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10976.html * https://www.suse.com/security/cve/CVE-2024-10977.html * https://www.suse.com/security/cve/CVE-2024-10978.html * https://www.suse.com/security/cve/CVE-2024-10979.html * https://bugzilla.suse.com/show_bug.cgi?id=1219340 * https://bugzilla.suse.com/show_bug.cgi?id=1230423 * https://bugzilla.suse.com/show_bug.cgi?id=1233323 * https://bugzilla.suse.com/show_bug.cgi?id=1233325 * https://bugzilla.suse.com/show_bug.cgi?id=1233326 * https://bugzilla.suse.com/show_bug.cgi?id=1233327 * https://jira.suse.com/browse/PED-11514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 27 08:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Nov 2024 08:30:10 -0000 Subject: SUSE-SU-2024:4073-1: important: Security update for xen Message-ID: <173269621058.13579.6590565883129722754@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:4073-1 Release Date: 2024-11-27T07:34:48Z Rating: important References: * bsc#1230366 * bsc#1232542 * bsc#1232622 * bsc#1232624 Cross-References: * CVE-2024-45817 * CVE-2024-45818 * CVE-2024-45819 CVSS scores: * CVE-2024-45817 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-45817 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45818 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-45818 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-45819 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N * CVE-2024-45819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for xen fixes the following issues: Security issues fixed: * CVE-2024-45818: xen: Deadlock in x86 HVM standard VGA handling (bsc#1232622) * CVE-2024-45819: xen: libxl leaks data to PVH guests via ACPI tables (bsc#1232624) * CVE-2024-45817: xen: x86: Deadlock in vlapic_error() (bsc#1230366) Non-security issue fixed: * Removed usage of net-tools-deprecated from supportconfig plugin (bsc#1232542) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4073=1 * SUSE Linux Enterprise Server 15 SP2 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4073=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4073=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS (x86_64) * xen-tools-domU-debuginfo-4.13.5_16-150200.3.99.1 * xen-debugsource-4.13.5_16-150200.3.99.1 * xen-devel-4.13.5_16-150200.3.99.1 * xen-libs-debuginfo-4.13.5_16-150200.3.99.1 * xen-libs-4.13.5_16-150200.3.99.1 * xen-tools-debuginfo-4.13.5_16-150200.3.99.1 * xen-4.13.5_16-150200.3.99.1 * xen-tools-4.13.5_16-150200.3.99.1 * xen-tools-domU-4.13.5_16-150200.3.99.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS (noarch) * xen-tools-xendomains-wait-disk-4.13.5_16-150200.3.99.1 * SUSE Linux Enterprise Server 15 SP2 LTSS (x86_64) * xen-tools-domU-debuginfo-4.13.5_16-150200.3.99.1 * xen-debugsource-4.13.5_16-150200.3.99.1 * xen-devel-4.13.5_16-150200.3.99.1 * xen-libs-debuginfo-4.13.5_16-150200.3.99.1 * xen-libs-4.13.5_16-150200.3.99.1 * xen-tools-debuginfo-4.13.5_16-150200.3.99.1 * xen-4.13.5_16-150200.3.99.1 * xen-tools-4.13.5_16-150200.3.99.1 * xen-tools-domU-4.13.5_16-150200.3.99.1 * SUSE Linux Enterprise Server 15 SP2 LTSS (noarch) * xen-tools-xendomains-wait-disk-4.13.5_16-150200.3.99.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * xen-tools-domU-debuginfo-4.13.5_16-150200.3.99.1 * xen-debugsource-4.13.5_16-150200.3.99.1 * xen-devel-4.13.5_16-150200.3.99.1 * xen-libs-debuginfo-4.13.5_16-150200.3.99.1 * xen-libs-4.13.5_16-150200.3.99.1 * xen-tools-debuginfo-4.13.5_16-150200.3.99.1 * xen-4.13.5_16-150200.3.99.1 * xen-tools-4.13.5_16-150200.3.99.1 * xen-tools-domU-4.13.5_16-150200.3.99.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * xen-tools-xendomains-wait-disk-4.13.5_16-150200.3.99.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45817.html * https://www.suse.com/security/cve/CVE-2024-45818.html * https://www.suse.com/security/cve/CVE-2024-45819.html * https://bugzilla.suse.com/show_bug.cgi?id=1230366 * https://bugzilla.suse.com/show_bug.cgi?id=1232542 * https://bugzilla.suse.com/show_bug.cgi?id=1232622 * https://bugzilla.suse.com/show_bug.cgi?id=1232624 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 27 12:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Nov 2024 12:30:05 -0000 Subject: SUSE-SU-2024:4075-1: critical: Security update for tomcat Message-ID: <173271060513.31395.11976334491535388178@smelt2.prg2.suse.org> # Security update for tomcat Announcement ID: SUSE-SU-2024:4075-1 Release Date: 2024-11-27T08:34:52Z Rating: critical References: * bsc#1233434 Cross-References: * CVE-2024-52316 CVSS scores: * CVE-2024-52316 ( SUSE ): 10.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-52316 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-52316 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for tomcat fixes the following issues: * CVE-2024-52316: Fixed an authentication bypass when using Jakarta Authentication API (bsc#1233434). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2024-4075=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-4075=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * tomcat-admin-webapps-9.0.36-3.133.1 * tomcat-servlet-4_0-api-9.0.36-3.133.1 * tomcat-el-3_0-api-9.0.36-3.133.1 * tomcat-docs-webapp-9.0.36-3.133.1 * tomcat-javadoc-9.0.36-3.133.1 * tomcat-lib-9.0.36-3.133.1 * tomcat-9.0.36-3.133.1 * tomcat-webapps-9.0.36-3.133.1 * tomcat-jsp-2_3-api-9.0.36-3.133.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * tomcat-admin-webapps-9.0.36-3.133.1 * tomcat-servlet-4_0-api-9.0.36-3.133.1 * tomcat-el-3_0-api-9.0.36-3.133.1 * tomcat-docs-webapp-9.0.36-3.133.1 * tomcat-javadoc-9.0.36-3.133.1 * tomcat-lib-9.0.36-3.133.1 * tomcat-9.0.36-3.133.1 * tomcat-webapps-9.0.36-3.133.1 * tomcat-jsp-2_3-api-9.0.36-3.133.1 ## References: * https://www.suse.com/security/cve/CVE-2024-52316.html * https://bugzilla.suse.com/show_bug.cgi?id=1233434 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 27 12:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Nov 2024 12:30:08 -0000 Subject: SUSE-SU-2024:4074-1: important: Security update for MozillaFirefox Message-ID: <173271060878.31395.16392059878430660614@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2024:4074-1 Release Date: 2024-11-27T08:34:27Z Rating: important References: * bsc#1233695 Cross-References: * CVE-2024-11691 * CVE-2024-11692 * CVE-2024-11693 * CVE-2024-11694 * CVE-2024-11695 * CVE-2024-11696 * CVE-2024-11697 * CVE-2024-11698 * CVE-2024-11699 CVSS scores: Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves nine vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 128.5.0 ESR, fixed various security fixes and other quality improvements, MFSA 2024-64 (bsc#1233695): * CVE-2024-11691: Memory corruption in Apple GPU drivers * CVE-2024-11692: Select list elements could be shown over another site * CVE-2024-11693: Download Protections were bypassed by .library-ms files on Windows * CVE-2024-11694: CSP Bypass and XSS Exposure via Web Compatibility Shims * CVE-2024-11695: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters * CVE-2024-11696: Unhandled Exception in Add-on Signature Verification * CVE-2024-11697: Inproper Keypress Handling in Executable File Confirmation Dialog * CVE-2024-11698: Fullscreen Lock-Up When Modal Dialog Interrupts Transition on macOS * CVE-2024-11699: Memory safety bugs fixed in Firefox 133, Firefox ESR 128.5, and Thunderbird 128.5 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-4074=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2024-4074=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * MozillaFirefox-128.5.0-112.237.2 * MozillaFirefox-debugsource-128.5.0-112.237.2 * MozillaFirefox-debuginfo-128.5.0-112.237.2 * MozillaFirefox-translations-common-128.5.0-112.237.2 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * MozillaFirefox-devel-128.5.0-112.237.2 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-128.5.0-112.237.2 * MozillaFirefox-debugsource-128.5.0-112.237.2 * MozillaFirefox-debuginfo-128.5.0-112.237.2 * MozillaFirefox-translations-common-128.5.0-112.237.2 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * MozillaFirefox-devel-128.5.0-112.237.2 ## References: * https://www.suse.com/security/cve/CVE-2024-11691.html * https://www.suse.com/security/cve/CVE-2024-11692.html * https://www.suse.com/security/cve/CVE-2024-11693.html * https://www.suse.com/security/cve/CVE-2024-11694.html * https://www.suse.com/security/cve/CVE-2024-11695.html * https://www.suse.com/security/cve/CVE-2024-11696.html * https://www.suse.com/security/cve/CVE-2024-11697.html * https://www.suse.com/security/cve/CVE-2024-11698.html * https://www.suse.com/security/cve/CVE-2024-11699.html * https://bugzilla.suse.com/show_bug.cgi?id=1233695 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 27 16:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Nov 2024 16:30:07 -0000 Subject: SUSE-SU-2024:4084-1: important: Security update for webkit2gtk3 Message-ID: <173272500733.29122.9325024642207955779@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2024:4084-1 Release Date: 2024-11-27T14:36:51Z Rating: important References: * bsc#1231039 * bsc#1232747 Cross-References: * CVE-2024-40866 * CVE-2024-44185 * CVE-2024-44187 * CVE-2024-44244 * CVE-2024-44296 CVSS scores: * CVE-2024-40866 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-40866 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-44185 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44185 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44187 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-44187 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-44244 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44244 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44244 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-44296 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-44296 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-44296 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-44296 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves five vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.46.3 (bsc#1232747): * CVE-2024-44244: Processing maliciously crafted web content may lead to an unexpected process crash. * CVE-2024-44296: Processing maliciously crafted web content may prevent Content Security Policy from being enforced. * CVE-2024-40866: Visiting a malicious website may lead to address bar spoofing. New references to version 2.46.0 (boo#1231039): * CVE-2024-44187: A cross- origin issue existed with ?iframe? elements. This was addressed with improved tracking of security origins. * CVE-2024-44185: Processing maliciously crafted web content may lead to an unexpected process crash. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-4084=1 openSUSE-SLE-15.6-2024-4084=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4084=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-4084=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-4084=1 ## Package List: * openSUSE Leap 15.6 (noarch) * WebKitGTK-4.1-lang-2.46.3-150600.12.16.1 * WebKitGTK-6.0-lang-2.46.3-150600.12.16.1 * WebKitGTK-4.0-lang-2.46.3-150600.12.16.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libwebkitgtk-6_0-4-2.46.3-150600.12.16.1 * webkit2gtk3-soup2-debugsource-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_0-18-2.46.3-150600.12.16.1 * webkit2gtk4-devel-2.46.3-150600.12.16.1 * webkit-jsc-4.1-2.46.3-150600.12.16.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.46.3-150600.12.16.1 * libwebkit2gtk-4_1-0-2.46.3-150600.12.16.1 * webkitgtk-6_0-injected-bundles-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_1-0-2.46.3-150600.12.16.1 * webkit2gtk4-minibrowser-2.46.3-150600.12.16.1 * webkit2gtk-4_1-injected-bundles-2.46.3-150600.12.16.1 * typelib-1_0-JavaScriptCore-4_1-2.46.3-150600.12.16.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.46.3-150600.12.16.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150600.12.16.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150600.12.16.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150600.12.16.1 * webkit-jsc-4-2.46.3-150600.12.16.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150600.12.16.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150600.12.16.1 * webkit-jsc-4.1-debuginfo-2.46.3-150600.12.16.1 * webkit2gtk3-soup2-devel-2.46.3-150600.12.16.1 * webkit2gtk3-minibrowser-2.46.3-150600.12.16.1 * webkit2gtk4-minibrowser-debuginfo-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150600.12.16.1 * libwebkitgtk-6_0-4-debuginfo-2.46.3-150600.12.16.1 * webkit-jsc-4-debuginfo-2.46.3-150600.12.16.1 * webkit2gtk3-soup2-minibrowser-2.46.3-150600.12.16.1 * typelib-1_0-JavaScriptCore-6_0-2.46.3-150600.12.16.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.3-150600.12.16.1 * typelib-1_0-WebKit2-4_1-2.46.3-150600.12.16.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150600.12.16.1 * webkit2gtk3-debugsource-2.46.3-150600.12.16.1 * webkit-jsc-6.0-debuginfo-2.46.3-150600.12.16.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150600.12.16.1 * libjavascriptcoregtk-6_0-1-2.46.3-150600.12.16.1 * webkit2gtk3-minibrowser-debuginfo-2.46.3-150600.12.16.1 * typelib-1_0-WebKit-6_0-2.46.3-150600.12.16.1 * webkit2gtk4-debugsource-2.46.3-150600.12.16.1 * webkit2gtk3-devel-2.46.3-150600.12.16.1 * typelib-1_0-WebKit2-4_0-2.46.3-150600.12.16.1 * webkit-jsc-6.0-2.46.3-150600.12.16.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150600.12.16.1 * libwebkit2gtk-4_0-37-2.46.3-150600.12.16.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150600.12.16.1 * openSUSE Leap 15.6 (x86_64) * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.3-150600.12.16.1 * libwebkit2gtk-4_1-0-32bit-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_0-18-32bit-2.46.3-150600.12.16.1 * libwebkit2gtk-4_0-37-32bit-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_1-0-32bit-2.46.3-150600.12.16.1 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.3-150600.12.16.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.3-150600.12.16.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_1-0-64bit-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.46.3-150600.12.16.1 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_0-18-64bit-2.46.3-150600.12.16.1 * libwebkit2gtk-4_0-37-64bit-2.46.3-150600.12.16.1 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.46.3-150600.12.16.1 * libwebkit2gtk-4_1-0-64bit-2.46.3-150600.12.16.1 * Basesystem Module 15-SP6 (noarch) * WebKitGTK-6.0-lang-2.46.3-150600.12.16.1 * WebKitGTK-4.0-lang-2.46.3-150600.12.16.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150600.12.16.1 * libwebkitgtk-6_0-4-2.46.3-150600.12.16.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150600.12.16.1 * webkit2gtk3-soup2-debugsource-2.46.3-150600.12.16.1 * libwebkitgtk-6_0-4-debuginfo-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_0-18-2.46.3-150600.12.16.1 * libjavascriptcoregtk-6_0-1-2.46.3-150600.12.16.1 * webkit2gtk4-debugsource-2.46.3-150600.12.16.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.46.3-150600.12.16.1 * typelib-1_0-WebKit2-4_0-2.46.3-150600.12.16.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150600.12.16.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150600.12.16.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150600.12.16.1 * libwebkit2gtk-4_0-37-2.46.3-150600.12.16.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150600.12.16.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150600.12.16.1 * webkit2gtk3-soup2-devel-2.46.3-150600.12.16.1 * webkitgtk-6_0-injected-bundles-2.46.3-150600.12.16.1 * Desktop Applications Module 15-SP6 (noarch) * WebKitGTK-4.1-lang-2.46.3-150600.12.16.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * webkit2gtk3-debugsource-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_1-0-2.46.3-150600.12.16.1 * webkit2gtk-4_1-injected-bundles-2.46.3-150600.12.16.1 * typelib-1_0-JavaScriptCore-4_1-2.46.3-150600.12.16.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.3-150600.12.16.1 * libwebkit2gtk-4_1-0-2.46.3-150600.12.16.1 * webkit2gtk3-devel-2.46.3-150600.12.16.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150600.12.16.1 * typelib-1_0-WebKit2-4_1-2.46.3-150600.12.16.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150600.12.16.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150600.12.16.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * webkit2gtk4-debugsource-2.46.3-150600.12.16.1 * typelib-1_0-JavaScriptCore-6_0-2.46.3-150600.12.16.1 * typelib-1_0-WebKit-6_0-2.46.3-150600.12.16.1 * webkit2gtk4-devel-2.46.3-150600.12.16.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.3-150600.12.16.1 ## References: * https://www.suse.com/security/cve/CVE-2024-40866.html * https://www.suse.com/security/cve/CVE-2024-44185.html * https://www.suse.com/security/cve/CVE-2024-44187.html * https://www.suse.com/security/cve/CVE-2024-44244.html * https://www.suse.com/security/cve/CVE-2024-44296.html * https://bugzilla.suse.com/show_bug.cgi?id=1231039 * https://bugzilla.suse.com/show_bug.cgi?id=1232747 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 27 16:31:39 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Nov 2024 16:31:39 -0000 Subject: SUSE-SU-2024:4082-1: important: Security update for the Linux Kernel Message-ID: <173272509952.29122.3843746307039302777@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:4082-1 Release Date: 2024-11-27T14:23:31Z Rating: important References: * bsc#1204171 * bsc#1205796 * bsc#1206188 * bsc#1206344 * bsc#1209290 * bsc#1210449 * bsc#1210627 * bsc#1213034 * bsc#1216223 * bsc#1216813 * bsc#1218562 * bsc#1223384 * bsc#1223524 * bsc#1223824 * bsc#1225189 * bsc#1225336 * bsc#1225611 * bsc#1226666 * bsc#1228743 * bsc#1229454 * bsc#1229456 * bsc#1229556 * bsc#1230429 * bsc#1230442 * bsc#1230454 * bsc#1230600 * bsc#1230620 * bsc#1230715 * bsc#1230903 * bsc#1231016 * bsc#1231073 * bsc#1231191 * bsc#1231193 * bsc#1231195 * bsc#1231197 * bsc#1231200 * bsc#1231203 * bsc#1231293 * bsc#1231375 * bsc#1231502 * bsc#1231673 * bsc#1231861 * bsc#1231883 * bsc#1231885 * bsc#1231887 * bsc#1231888 * bsc#1231890 * bsc#1231892 * bsc#1231893 * bsc#1231895 * bsc#1231896 * bsc#1231897 * bsc#1231929 * bsc#1231936 * bsc#1231937 * bsc#1231938 * bsc#1231939 * bsc#1231940 * bsc#1231941 * bsc#1231942 * bsc#1231958 * bsc#1231960 * bsc#1231961 * bsc#1231962 * bsc#1231972 * bsc#1231976 * bsc#1231979 * bsc#1231987 * bsc#1231988 * bsc#1231991 * bsc#1231992 * bsc#1231995 * bsc#1231996 * bsc#1231997 * bsc#1232001 * bsc#1232005 * bsc#1232006 * bsc#1232007 * bsc#1232025 * bsc#1232026 * bsc#1232033 * bsc#1232035 * bsc#1232036 * bsc#1232037 * bsc#1232038 * bsc#1232039 * bsc#1232067 * bsc#1232069 * bsc#1232070 * bsc#1232071 * bsc#1232097 * bsc#1232108 * bsc#1232119 * bsc#1232120 * bsc#1232123 * bsc#1232133 * bsc#1232136 * bsc#1232145 * bsc#1232150 * bsc#1232163 * bsc#1232170 * bsc#1232172 * bsc#1232174 * bsc#1232229 * bsc#1232237 * bsc#1232260 * bsc#1232262 * bsc#1232282 * bsc#1232286 * bsc#1232304 * bsc#1232383 * bsc#1232395 * bsc#1232418 * bsc#1232424 * bsc#1232432 * bsc#1232519 Cross-References: * CVE-2021-47416 * CVE-2021-47534 * CVE-2022-3435 * CVE-2022-45934 * CVE-2022-48664 * CVE-2022-48879 * CVE-2022-48946 * CVE-2022-48947 * CVE-2022-48948 * CVE-2022-48949 * CVE-2022-48951 * CVE-2022-48953 * CVE-2022-48954 * CVE-2022-48955 * CVE-2022-48956 * CVE-2022-48959 * CVE-2022-48960 * CVE-2022-48961 * CVE-2022-48962 * CVE-2022-48967 * CVE-2022-48968 * CVE-2022-48969 * CVE-2022-48970 * CVE-2022-48971 * CVE-2022-48972 * CVE-2022-48973 * CVE-2022-48975 * CVE-2022-48977 * CVE-2022-48978 * CVE-2022-48981 * CVE-2022-48985 * CVE-2022-48987 * CVE-2022-48988 * CVE-2022-48991 * CVE-2022-48992 * CVE-2022-48994 * CVE-2022-48995 * CVE-2022-48997 * CVE-2022-48999 * CVE-2022-49000 * CVE-2022-49002 * CVE-2022-49003 * CVE-2022-49005 * CVE-2022-49006 * CVE-2022-49007 * CVE-2022-49010 * CVE-2022-49011 * CVE-2022-49012 * CVE-2022-49014 * CVE-2022-49015 * CVE-2022-49016 * CVE-2022-49019 * CVE-2022-49021 * CVE-2022-49022 * CVE-2022-49023 * CVE-2022-49024 * CVE-2022-49025 * CVE-2022-49026 * CVE-2022-49027 * CVE-2022-49028 * CVE-2022-49029 * CVE-2022-49031 * CVE-2022-49032 * CVE-2023-2166 * CVE-2023-28327 * CVE-2023-52766 * CVE-2023-52800 * CVE-2023-52881 * CVE-2023-52919 * CVE-2023-6270 * CVE-2024-27043 * CVE-2024-42145 * CVE-2024-44947 * CVE-2024-45013 * CVE-2024-45016 * CVE-2024-45026 * CVE-2024-46716 * CVE-2024-46813 * CVE-2024-46814 * CVE-2024-46815 * CVE-2024-46816 * CVE-2024-46817 * CVE-2024-46818 * CVE-2024-46849 * CVE-2024-47668 * CVE-2024-47674 * CVE-2024-47684 * CVE-2024-47706 * CVE-2024-47747 * CVE-2024-47748 * CVE-2024-49860 * CVE-2024-49867 * CVE-2024-49930 * CVE-2024-49936 * CVE-2024-49960 * CVE-2024-49969 * CVE-2024-49974 * CVE-2024-49982 * CVE-2024-49991 * CVE-2024-49995 * CVE-2024-50047 CVSS scores: * CVE-2021-47416 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47534 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47534 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-3435 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-3435 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-45934 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2022-45934 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48879 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48879 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48946 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48946 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48948 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48948 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48949 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48949 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48949 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48951 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48951 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48951 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48953 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48953 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48953 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48954 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48954 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48955 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48955 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48959 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48959 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48959 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48960 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48960 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48960 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48961 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48961 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48961 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48962 ( SUSE ): 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48962 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2022-48962 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48967 ( SUSE ): 7.0 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48967 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-48967 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-48968 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48968 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48968 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48969 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48969 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48970 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48970 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48971 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48971 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48971 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48972 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48972 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48972 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48973 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48973 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2022-48973 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48975 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48975 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48977 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48977 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48978 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48978 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2022-48978 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48981 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48981 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2022-48981 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48985 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48985 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48987 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48987 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48987 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48988 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48988 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48988 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48991 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48991 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48992 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48992 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48992 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48994 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2022-48994 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-48994 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48995 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48995 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48995 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48997 ( SUSE ): 1.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48997 ( SUSE ): 2.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2022-48997 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48999 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48999 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-49000 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49000 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49000 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49002 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49002 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49002 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49003 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49003 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49003 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49005 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2022-49005 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2022-49005 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49006 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49006 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49006 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49007 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49007 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49010 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49010 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49010 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49011 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49012 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49012 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49014 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49014 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49015 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49015 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49019 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49019 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49021 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49022 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49022 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49023 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49023 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49024 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49024 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49025 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49025 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49026 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49026 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49027 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49027 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-49028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49028 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49029 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49029 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49031 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49031 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-49032 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49032 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-2166 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2166 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28327 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28327 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52800 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52800 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52881 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-45013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45013 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45016 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45026 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45026 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46716 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-46813 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46813 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46813 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46814 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46814 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46814 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46815 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46816 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46816 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46816 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46817 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46817 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46849 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46849 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47668 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-47668 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-47668 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47674 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47674 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47674 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47684 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47684 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47706 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47706 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47706 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47747 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47747 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47747 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47748 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47748 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47748 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49860 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49860 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49860 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49867 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49867 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49867 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49930 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49936 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49936 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49960 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49960 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49960 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49969 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49969 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49969 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49974 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49974 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49974 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49982 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49991 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49995 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49995 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-49995 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50047 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50047 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves 101 vulnerabilities and has 15 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-48879: efi: fix NULL-deref in init error path (bsc#1229556). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1231893). * CVE-2022-48959: net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions() (bsc#1231976). * CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (bsc#1231979). * CVE-2022-48962: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() (bsc#1232286). * CVE-2022-48991: mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma (bsc#1232070). * CVE-2022-49015: net: hsr: Fix potential use-after-free (bsc#1231938). * CVE-2024-45013: nvme: move stopping keep-alive into nvme_uninit_ctrl() (bsc#1230442). * CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429). * CVE-2024-45026: s390/dasd: fix error recovery leading to data corruption on ESE devices (bsc#1230454). * CVE-2024-46716: dmaengine: altera-msgdma: properly free descriptor in msgdma_free_descriptor (bsc#1230715). * CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191). * CVE-2024-46814: drm/amd/display: Check msg_id before processing transcation (bsc#1231193). * CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231195). * CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197). * CVE-2024-46817: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (bsc#1231200). * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231203). * CVE-2024-46849: ASoC: meson: axg-card: fix 'use-after-free' (bsc#1231073). * CVE-2024-47668: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (bsc#1231502). * CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673). * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987). * CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942). * CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145). * CVE-2024-47748: vhost_vdpa: assign irq bypass producer token correctly (bsc#1232174). * CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861). * CVE-2024-49930: wifi: ath11k: fix array out-of-bound access in SoC stats (bsc#1232260). * CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424). * CVE-2024-49960: ext4: fix timer use-after-free on failed mount (bsc#1232395). * CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519). * CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383). * CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282). * CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432). * CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418). The following non-security bugs were fixed: * NFSv3: only use NFS timeout for MOUNT when protocols are compatible (bsc#1231016). * PKCS#7: Check codeSigning EKU of certificates in PKCS#7 (bsc#1226666). * RDMA/mana_ib: use the correct page size for mapping user-mode doorbell page (bsc#1232036). * bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation (bsc#1231375). * dn_route: set rt neigh to blackhole_netdev instead of loopback_dev in ifdown (bsc#1216813). * ipv6: blackhole_netdev needs snmp6 counters (bsc#1216813). * ipv6: give an IPv6 dev to blackhole_netdev (bsc#1216813). * net: mana: Fix the extra HZ in mana_hwc_send_request (bsc#1232033). * xfrm: set dst dev to blackhole_netdev instead of loopback_dev in ifdown (bsc#1216813). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4082=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4082=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4082=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4082=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.100.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.100.1 * kernel-rt-debuginfo-5.14.21-150400.15.100.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.100.1 * SUSE Linux Enterprise Micro 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.100.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.100.1 * kernel-rt-debuginfo-5.14.21-150400.15.100.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.100.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.100.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.100.1 * kernel-rt-debuginfo-5.14.21-150400.15.100.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.100.1 * SUSE Linux Enterprise Micro 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.100.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.100.1 * kernel-rt-debuginfo-5.14.21-150400.15.100.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.100.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47416.html * https://www.suse.com/security/cve/CVE-2021-47534.html * https://www.suse.com/security/cve/CVE-2022-3435.html * https://www.suse.com/security/cve/CVE-2022-45934.html * https://www.suse.com/security/cve/CVE-2022-48664.html * https://www.suse.com/security/cve/CVE-2022-48879.html * https://www.suse.com/security/cve/CVE-2022-48946.html * https://www.suse.com/security/cve/CVE-2022-48947.html * https://www.suse.com/security/cve/CVE-2022-48948.html * https://www.suse.com/security/cve/CVE-2022-48949.html * https://www.suse.com/security/cve/CVE-2022-48951.html * https://www.suse.com/security/cve/CVE-2022-48953.html * https://www.suse.com/security/cve/CVE-2022-48954.html * https://www.suse.com/security/cve/CVE-2022-48955.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2022-48959.html * https://www.suse.com/security/cve/CVE-2022-48960.html * https://www.suse.com/security/cve/CVE-2022-48961.html * https://www.suse.com/security/cve/CVE-2022-48962.html * https://www.suse.com/security/cve/CVE-2022-48967.html * https://www.suse.com/security/cve/CVE-2022-48968.html * https://www.suse.com/security/cve/CVE-2022-48969.html * https://www.suse.com/security/cve/CVE-2022-48970.html * https://www.suse.com/security/cve/CVE-2022-48971.html * https://www.suse.com/security/cve/CVE-2022-48972.html * https://www.suse.com/security/cve/CVE-2022-48973.html * https://www.suse.com/security/cve/CVE-2022-48975.html * https://www.suse.com/security/cve/CVE-2022-48977.html * https://www.suse.com/security/cve/CVE-2022-48978.html * https://www.suse.com/security/cve/CVE-2022-48981.html * https://www.suse.com/security/cve/CVE-2022-48985.html * https://www.suse.com/security/cve/CVE-2022-48987.html * https://www.suse.com/security/cve/CVE-2022-48988.html * https://www.suse.com/security/cve/CVE-2022-48991.html * https://www.suse.com/security/cve/CVE-2022-48992.html * https://www.suse.com/security/cve/CVE-2022-48994.html * https://www.suse.com/security/cve/CVE-2022-48995.html * https://www.suse.com/security/cve/CVE-2022-48997.html * https://www.suse.com/security/cve/CVE-2022-48999.html * https://www.suse.com/security/cve/CVE-2022-49000.html * https://www.suse.com/security/cve/CVE-2022-49002.html * https://www.suse.com/security/cve/CVE-2022-49003.html * https://www.suse.com/security/cve/CVE-2022-49005.html * https://www.suse.com/security/cve/CVE-2022-49006.html * https://www.suse.com/security/cve/CVE-2022-49007.html * https://www.suse.com/security/cve/CVE-2022-49010.html * https://www.suse.com/security/cve/CVE-2022-49011.html * https://www.suse.com/security/cve/CVE-2022-49012.html * https://www.suse.com/security/cve/CVE-2022-49014.html * https://www.suse.com/security/cve/CVE-2022-49015.html * https://www.suse.com/security/cve/CVE-2022-49016.html * https://www.suse.com/security/cve/CVE-2022-49019.html * https://www.suse.com/security/cve/CVE-2022-49021.html * https://www.suse.com/security/cve/CVE-2022-49022.html * https://www.suse.com/security/cve/CVE-2022-49023.html * https://www.suse.com/security/cve/CVE-2022-49024.html * https://www.suse.com/security/cve/CVE-2022-49025.html * https://www.suse.com/security/cve/CVE-2022-49026.html * https://www.suse.com/security/cve/CVE-2022-49027.html * https://www.suse.com/security/cve/CVE-2022-49028.html * https://www.suse.com/security/cve/CVE-2022-49029.html * https://www.suse.com/security/cve/CVE-2022-49031.html * https://www.suse.com/security/cve/CVE-2022-49032.html * https://www.suse.com/security/cve/CVE-2023-2166.html * https://www.suse.com/security/cve/CVE-2023-28327.html * https://www.suse.com/security/cve/CVE-2023-52766.html * https://www.suse.com/security/cve/CVE-2023-52800.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2023-52919.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-42145.html * https://www.suse.com/security/cve/CVE-2024-44947.html * https://www.suse.com/security/cve/CVE-2024-45013.html * https://www.suse.com/security/cve/CVE-2024-45016.html * https://www.suse.com/security/cve/CVE-2024-45026.html * https://www.suse.com/security/cve/CVE-2024-46716.html * https://www.suse.com/security/cve/CVE-2024-46813.html * https://www.suse.com/security/cve/CVE-2024-46814.html * https://www.suse.com/security/cve/CVE-2024-46815.html * https://www.suse.com/security/cve/CVE-2024-46816.html * https://www.suse.com/security/cve/CVE-2024-46817.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-46849.html * https://www.suse.com/security/cve/CVE-2024-47668.html * https://www.suse.com/security/cve/CVE-2024-47674.html * https://www.suse.com/security/cve/CVE-2024-47684.html * https://www.suse.com/security/cve/CVE-2024-47706.html * https://www.suse.com/security/cve/CVE-2024-47747.html * https://www.suse.com/security/cve/CVE-2024-47748.html * https://www.suse.com/security/cve/CVE-2024-49860.html * https://www.suse.com/security/cve/CVE-2024-49867.html * https://www.suse.com/security/cve/CVE-2024-49930.html * https://www.suse.com/security/cve/CVE-2024-49936.html * https://www.suse.com/security/cve/CVE-2024-49960.html * https://www.suse.com/security/cve/CVE-2024-49969.html * https://www.suse.com/security/cve/CVE-2024-49974.html * https://www.suse.com/security/cve/CVE-2024-49982.html * https://www.suse.com/security/cve/CVE-2024-49991.html * https://www.suse.com/security/cve/CVE-2024-49995.html * https://www.suse.com/security/cve/CVE-2024-50047.html * https://bugzilla.suse.com/show_bug.cgi?id=1204171 * https://bugzilla.suse.com/show_bug.cgi?id=1205796 * https://bugzilla.suse.com/show_bug.cgi?id=1206188 * https://bugzilla.suse.com/show_bug.cgi?id=1206344 * https://bugzilla.suse.com/show_bug.cgi?id=1209290 * https://bugzilla.suse.com/show_bug.cgi?id=1210449 * https://bugzilla.suse.com/show_bug.cgi?id=1210627 * https://bugzilla.suse.com/show_bug.cgi?id=1213034 * https://bugzilla.suse.com/show_bug.cgi?id=1216223 * https://bugzilla.suse.com/show_bug.cgi?id=1216813 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1223524 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1225189 * https://bugzilla.suse.com/show_bug.cgi?id=1225336 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1226666 * https://bugzilla.suse.com/show_bug.cgi?id=1228743 * https://bugzilla.suse.com/show_bug.cgi?id=1229454 * https://bugzilla.suse.com/show_bug.cgi?id=1229456 * https://bugzilla.suse.com/show_bug.cgi?id=1229556 * https://bugzilla.suse.com/show_bug.cgi?id=1230429 * https://bugzilla.suse.com/show_bug.cgi?id=1230442 * https://bugzilla.suse.com/show_bug.cgi?id=1230454 * https://bugzilla.suse.com/show_bug.cgi?id=1230600 * https://bugzilla.suse.com/show_bug.cgi?id=1230620 * https://bugzilla.suse.com/show_bug.cgi?id=1230715 * https://bugzilla.suse.com/show_bug.cgi?id=1230903 * https://bugzilla.suse.com/show_bug.cgi?id=1231016 * https://bugzilla.suse.com/show_bug.cgi?id=1231073 * https://bugzilla.suse.com/show_bug.cgi?id=1231191 * https://bugzilla.suse.com/show_bug.cgi?id=1231193 * https://bugzilla.suse.com/show_bug.cgi?id=1231195 * https://bugzilla.suse.com/show_bug.cgi?id=1231197 * https://bugzilla.suse.com/show_bug.cgi?id=1231200 * https://bugzilla.suse.com/show_bug.cgi?id=1231203 * https://bugzilla.suse.com/show_bug.cgi?id=1231293 * https://bugzilla.suse.com/show_bug.cgi?id=1231375 * https://bugzilla.suse.com/show_bug.cgi?id=1231502 * https://bugzilla.suse.com/show_bug.cgi?id=1231673 * https://bugzilla.suse.com/show_bug.cgi?id=1231861 * https://bugzilla.suse.com/show_bug.cgi?id=1231883 * https://bugzilla.suse.com/show_bug.cgi?id=1231885 * https://bugzilla.suse.com/show_bug.cgi?id=1231887 * https://bugzilla.suse.com/show_bug.cgi?id=1231888 * https://bugzilla.suse.com/show_bug.cgi?id=1231890 * https://bugzilla.suse.com/show_bug.cgi?id=1231892 * https://bugzilla.suse.com/show_bug.cgi?id=1231893 * https://bugzilla.suse.com/show_bug.cgi?id=1231895 * https://bugzilla.suse.com/show_bug.cgi?id=1231896 * https://bugzilla.suse.com/show_bug.cgi?id=1231897 * https://bugzilla.suse.com/show_bug.cgi?id=1231929 * https://bugzilla.suse.com/show_bug.cgi?id=1231936 * https://bugzilla.suse.com/show_bug.cgi?id=1231937 * https://bugzilla.suse.com/show_bug.cgi?id=1231938 * https://bugzilla.suse.com/show_bug.cgi?id=1231939 * https://bugzilla.suse.com/show_bug.cgi?id=1231940 * https://bugzilla.suse.com/show_bug.cgi?id=1231941 * https://bugzilla.suse.com/show_bug.cgi?id=1231942 * https://bugzilla.suse.com/show_bug.cgi?id=1231958 * https://bugzilla.suse.com/show_bug.cgi?id=1231960 * https://bugzilla.suse.com/show_bug.cgi?id=1231961 * https://bugzilla.suse.com/show_bug.cgi?id=1231962 * https://bugzilla.suse.com/show_bug.cgi?id=1231972 * https://bugzilla.suse.com/show_bug.cgi?id=1231976 * https://bugzilla.suse.com/show_bug.cgi?id=1231979 * https://bugzilla.suse.com/show_bug.cgi?id=1231987 * https://bugzilla.suse.com/show_bug.cgi?id=1231988 * https://bugzilla.suse.com/show_bug.cgi?id=1231991 * https://bugzilla.suse.com/show_bug.cgi?id=1231992 * https://bugzilla.suse.com/show_bug.cgi?id=1231995 * https://bugzilla.suse.com/show_bug.cgi?id=1231996 * https://bugzilla.suse.com/show_bug.cgi?id=1231997 * https://bugzilla.suse.com/show_bug.cgi?id=1232001 * https://bugzilla.suse.com/show_bug.cgi?id=1232005 * https://bugzilla.suse.com/show_bug.cgi?id=1232006 * https://bugzilla.suse.com/show_bug.cgi?id=1232007 * https://bugzilla.suse.com/show_bug.cgi?id=1232025 * https://bugzilla.suse.com/show_bug.cgi?id=1232026 * https://bugzilla.suse.com/show_bug.cgi?id=1232033 * https://bugzilla.suse.com/show_bug.cgi?id=1232035 * https://bugzilla.suse.com/show_bug.cgi?id=1232036 * https://bugzilla.suse.com/show_bug.cgi?id=1232037 * https://bugzilla.suse.com/show_bug.cgi?id=1232038 * https://bugzilla.suse.com/show_bug.cgi?id=1232039 * https://bugzilla.suse.com/show_bug.cgi?id=1232067 * https://bugzilla.suse.com/show_bug.cgi?id=1232069 * https://bugzilla.suse.com/show_bug.cgi?id=1232070 * https://bugzilla.suse.com/show_bug.cgi?id=1232071 * https://bugzilla.suse.com/show_bug.cgi?id=1232097 * https://bugzilla.suse.com/show_bug.cgi?id=1232108 * https://bugzilla.suse.com/show_bug.cgi?id=1232119 * https://bugzilla.suse.com/show_bug.cgi?id=1232120 * https://bugzilla.suse.com/show_bug.cgi?id=1232123 * https://bugzilla.suse.com/show_bug.cgi?id=1232133 * https://bugzilla.suse.com/show_bug.cgi?id=1232136 * https://bugzilla.suse.com/show_bug.cgi?id=1232145 * https://bugzilla.suse.com/show_bug.cgi?id=1232150 * https://bugzilla.suse.com/show_bug.cgi?id=1232163 * https://bugzilla.suse.com/show_bug.cgi?id=1232170 * https://bugzilla.suse.com/show_bug.cgi?id=1232172 * https://bugzilla.suse.com/show_bug.cgi?id=1232174 * https://bugzilla.suse.com/show_bug.cgi?id=1232229 * https://bugzilla.suse.com/show_bug.cgi?id=1232237 * https://bugzilla.suse.com/show_bug.cgi?id=1232260 * https://bugzilla.suse.com/show_bug.cgi?id=1232262 * https://bugzilla.suse.com/show_bug.cgi?id=1232282 * https://bugzilla.suse.com/show_bug.cgi?id=1232286 * https://bugzilla.suse.com/show_bug.cgi?id=1232304 * https://bugzilla.suse.com/show_bug.cgi?id=1232383 * https://bugzilla.suse.com/show_bug.cgi?id=1232395 * https://bugzilla.suse.com/show_bug.cgi?id=1232418 * https://bugzilla.suse.com/show_bug.cgi?id=1232424 * https://bugzilla.suse.com/show_bug.cgi?id=1232432 * https://bugzilla.suse.com/show_bug.cgi?id=1232519 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 27 16:32:27 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Nov 2024 16:32:27 -0000 Subject: SUSE-SU-2024:4081-1: important: Security update for the Linux Kernel Message-ID: <173272514725.29122.13364901729405034975@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:4081-1 Release Date: 2024-11-27T14:22:35Z Rating: important References: * bsc#1195775 * bsc#1204171 * bsc#1205796 * bsc#1209290 * bsc#1216223 * bsc#1218562 * bsc#1219125 * bsc#1223384 * bsc#1223524 * bsc#1223824 * bsc#1225189 * bsc#1225336 * bsc#1225611 * bsc#1226145 * bsc#1226211 * bsc#1226212 * bsc#1228743 * bsc#1229042 * bsc#1229454 * bsc#1229456 * bsc#1230429 * bsc#1230454 * bsc#1231073 * bsc#1231191 * bsc#1231193 * bsc#1231195 * bsc#1231197 * bsc#1231200 * bsc#1231203 * bsc#1231293 * bsc#1231375 * bsc#1231502 * bsc#1231673 * bsc#1231861 * bsc#1231887 * bsc#1231890 * bsc#1231893 * bsc#1231895 * bsc#1231936 * bsc#1231938 * bsc#1231942 * bsc#1231960 * bsc#1231961 * bsc#1231979 * bsc#1231987 * bsc#1231988 * bsc#1232033 * bsc#1232069 * bsc#1232070 * bsc#1232097 * bsc#1232136 * bsc#1232145 * bsc#1232262 * bsc#1232282 * bsc#1232286 * bsc#1232304 * bsc#1232383 * bsc#1232418 * bsc#1232424 * bsc#1232432 * bsc#1232519 Cross-References: * CVE-2021-47416 * CVE-2022-3435 * CVE-2022-45934 * CVE-2022-48664 * CVE-2022-48947 * CVE-2022-48956 * CVE-2022-48960 * CVE-2022-48962 * CVE-2022-48967 * CVE-2022-48970 * CVE-2022-48988 * CVE-2022-48991 * CVE-2022-48999 * CVE-2022-49003 * CVE-2022-49014 * CVE-2022-49015 * CVE-2022-49023 * CVE-2022-49025 * CVE-2023-28327 * CVE-2023-46343 * CVE-2023-52881 * CVE-2023-52919 * CVE-2023-6270 * CVE-2024-27043 * CVE-2024-36971 * CVE-2024-42145 * CVE-2024-44947 * CVE-2024-45016 * CVE-2024-45026 * CVE-2024-46813 * CVE-2024-46814 * CVE-2024-46815 * CVE-2024-46816 * CVE-2024-46817 * CVE-2024-46818 * CVE-2024-46849 * CVE-2024-47668 * CVE-2024-47674 * CVE-2024-47684 * CVE-2024-47706 * CVE-2024-47747 * CVE-2024-49860 * CVE-2024-49867 * CVE-2024-49936 * CVE-2024-49969 * CVE-2024-49974 * CVE-2024-49982 * CVE-2024-49991 * CVE-2024-49995 * CVE-2024-50047 CVSS scores: * CVE-2021-47416 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-3435 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-3435 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-45934 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2022-45934 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48960 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48960 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48960 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48962 ( SUSE ): 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48962 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2022-48962 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48967 ( SUSE ): 7.0 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48967 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-48967 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-48970 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48970 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48988 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48988 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48988 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48991 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48991 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48999 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48999 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-49003 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49003 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49003 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49014 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49014 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49015 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49015 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49023 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49023 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49025 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49025 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-28327 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28327 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46343 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52881 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36971 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-45016 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45026 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45026 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46813 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46813 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46813 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46814 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46814 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46814 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46815 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46815 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46816 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46816 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46816 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46817 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46817 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46849 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46849 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47668 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-47668 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-47668 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47674 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47674 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47674 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47684 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47684 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47706 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47706 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47706 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47747 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47747 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47747 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49860 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49860 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49860 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49867 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49867 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49867 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49936 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49936 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49969 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49969 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49969 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49974 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49974 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49974 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49982 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49991 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49995 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49995 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-49995 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50047 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50047 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves 50 vulnerabilities and has 11 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1231893). * CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (bsc#1231979). * CVE-2022-48962: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() (bsc#1232286). * CVE-2022-48967: NFC: nci: Bounds check struct nfc_target arrays (bsc#1232304). * CVE-2022-48988: memcg: Fix possible use-after-free in memcg_write_event_control() (bsc#1232069). * CVE-2022-48991: mm/khugepaged: fix collapse_pte_mapped_thp() to allow anon_vma (bsc#1232070). * CVE-2022-49003: nvme: fix SRCU protection of nvme_ns_head list (bsc#1232136). * CVE-2022-49014: net: tun: Fix use-after-free in tun_detach() (bsc#1231890). * CVE-2022-49015: net: hsr: Fix potential use-after-free (bsc#1231938). * CVE-2022-49023: wifi: cfg80211: fix buffer overflow in elem comparison (bsc#1231961). * CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table (bsc#1231960). * CVE-2024-36971: Fixed __dst_negative_advice() race (bsc#1226145). * CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429). * CVE-2024-45026: s390/dasd: fix error recovery leading to data corruption on ESE devices (bsc#1230454). * CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191). * CVE-2024-46814: drm/amd/display: Check msg_id before processing transcation (bsc#1231193). * CVE-2024-46815: drm/amd/display: Check num_valid_sets before accessing reader_wm_sets (bsc#1231195). * CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197). * CVE-2024-46817: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (bsc#1231200). * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231203). * CVE-2024-46849: ASoC: meson: axg-card: fix 'use-after-free' (bsc#1231073). * CVE-2024-47668: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (bsc#1231502). * CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673). * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987). * CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942). * CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145). * CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861). * CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424). * CVE-2024-49969: drm/amd/display: Fix index out of bounds in DCN30 color transformation (bsc#1232519). * CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383). * CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282). * CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432). * CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418). The following non-security bugs were fixed: * kernel-binary: generate and install compile_commands.json (bsc#1228971) * kernel-binary: vdso: Own module_dir * bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation (bsc#1231375). * mkspec-dtb: add toplevel symlinks also on arm * net: mana: Fix the extra HZ in mana_hwc_send_request (bsc#1232033). * scsi: ibmvfc: Add max_sectors module parameter (bsc#1216223). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-4081=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-4081=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-4081=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (nosrc x86_64) * kernel-rt-5.3.18-150300.191.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * kernel-rt-debuginfo-5.3.18-150300.191.1 * kernel-rt-debugsource-5.3.18-150300.191.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * kernel-source-rt-5.3.18-150300.191.1 * SUSE Linux Enterprise Micro 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.191.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * kernel-rt-debuginfo-5.3.18-150300.191.1 * kernel-rt-debugsource-5.3.18-150300.191.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * kernel-source-rt-5.3.18-150300.191.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.191.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * kernel-rt-debuginfo-5.3.18-150300.191.1 * kernel-rt-debugsource-5.3.18-150300.191.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * kernel-source-rt-5.3.18-150300.191.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47416.html * https://www.suse.com/security/cve/CVE-2022-3435.html * https://www.suse.com/security/cve/CVE-2022-45934.html * https://www.suse.com/security/cve/CVE-2022-48664.html * https://www.suse.com/security/cve/CVE-2022-48947.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2022-48960.html * https://www.suse.com/security/cve/CVE-2022-48962.html * https://www.suse.com/security/cve/CVE-2022-48967.html * https://www.suse.com/security/cve/CVE-2022-48970.html * https://www.suse.com/security/cve/CVE-2022-48988.html * https://www.suse.com/security/cve/CVE-2022-48991.html * https://www.suse.com/security/cve/CVE-2022-48999.html * https://www.suse.com/security/cve/CVE-2022-49003.html * https://www.suse.com/security/cve/CVE-2022-49014.html * https://www.suse.com/security/cve/CVE-2022-49015.html * https://www.suse.com/security/cve/CVE-2022-49023.html * https://www.suse.com/security/cve/CVE-2022-49025.html * https://www.suse.com/security/cve/CVE-2023-28327.html * https://www.suse.com/security/cve/CVE-2023-46343.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2023-52919.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-36971.html * https://www.suse.com/security/cve/CVE-2024-42145.html * https://www.suse.com/security/cve/CVE-2024-44947.html * https://www.suse.com/security/cve/CVE-2024-45016.html * https://www.suse.com/security/cve/CVE-2024-45026.html * https://www.suse.com/security/cve/CVE-2024-46813.html * https://www.suse.com/security/cve/CVE-2024-46814.html * https://www.suse.com/security/cve/CVE-2024-46815.html * https://www.suse.com/security/cve/CVE-2024-46816.html * https://www.suse.com/security/cve/CVE-2024-46817.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-46849.html * https://www.suse.com/security/cve/CVE-2024-47668.html * https://www.suse.com/security/cve/CVE-2024-47674.html * https://www.suse.com/security/cve/CVE-2024-47684.html * https://www.suse.com/security/cve/CVE-2024-47706.html * https://www.suse.com/security/cve/CVE-2024-47747.html * https://www.suse.com/security/cve/CVE-2024-49860.html * https://www.suse.com/security/cve/CVE-2024-49867.html * https://www.suse.com/security/cve/CVE-2024-49936.html * https://www.suse.com/security/cve/CVE-2024-49969.html * https://www.suse.com/security/cve/CVE-2024-49974.html * https://www.suse.com/security/cve/CVE-2024-49982.html * https://www.suse.com/security/cve/CVE-2024-49991.html * https://www.suse.com/security/cve/CVE-2024-49995.html * https://www.suse.com/security/cve/CVE-2024-50047.html * https://bugzilla.suse.com/show_bug.cgi?id=1195775 * https://bugzilla.suse.com/show_bug.cgi?id=1204171 * https://bugzilla.suse.com/show_bug.cgi?id=1205796 * https://bugzilla.suse.com/show_bug.cgi?id=1209290 * https://bugzilla.suse.com/show_bug.cgi?id=1216223 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1219125 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1223524 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1225189 * https://bugzilla.suse.com/show_bug.cgi?id=1225336 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1226145 * https://bugzilla.suse.com/show_bug.cgi?id=1226211 * https://bugzilla.suse.com/show_bug.cgi?id=1226212 * https://bugzilla.suse.com/show_bug.cgi?id=1228743 * https://bugzilla.suse.com/show_bug.cgi?id=1229042 * https://bugzilla.suse.com/show_bug.cgi?id=1229454 * https://bugzilla.suse.com/show_bug.cgi?id=1229456 * https://bugzilla.suse.com/show_bug.cgi?id=1230429 * https://bugzilla.suse.com/show_bug.cgi?id=1230454 * https://bugzilla.suse.com/show_bug.cgi?id=1231073 * https://bugzilla.suse.com/show_bug.cgi?id=1231191 * https://bugzilla.suse.com/show_bug.cgi?id=1231193 * https://bugzilla.suse.com/show_bug.cgi?id=1231195 * https://bugzilla.suse.com/show_bug.cgi?id=1231197 * https://bugzilla.suse.com/show_bug.cgi?id=1231200 * https://bugzilla.suse.com/show_bug.cgi?id=1231203 * https://bugzilla.suse.com/show_bug.cgi?id=1231293 * https://bugzilla.suse.com/show_bug.cgi?id=1231375 * https://bugzilla.suse.com/show_bug.cgi?id=1231502 * https://bugzilla.suse.com/show_bug.cgi?id=1231673 * https://bugzilla.suse.com/show_bug.cgi?id=1231861 * https://bugzilla.suse.com/show_bug.cgi?id=1231887 * https://bugzilla.suse.com/show_bug.cgi?id=1231890 * https://bugzilla.suse.com/show_bug.cgi?id=1231893 * https://bugzilla.suse.com/show_bug.cgi?id=1231895 * https://bugzilla.suse.com/show_bug.cgi?id=1231936 * https://bugzilla.suse.com/show_bug.cgi?id=1231938 * https://bugzilla.suse.com/show_bug.cgi?id=1231942 * https://bugzilla.suse.com/show_bug.cgi?id=1231960 * https://bugzilla.suse.com/show_bug.cgi?id=1231961 * https://bugzilla.suse.com/show_bug.cgi?id=1231979 * https://bugzilla.suse.com/show_bug.cgi?id=1231987 * https://bugzilla.suse.com/show_bug.cgi?id=1231988 * https://bugzilla.suse.com/show_bug.cgi?id=1232033 * https://bugzilla.suse.com/show_bug.cgi?id=1232069 * https://bugzilla.suse.com/show_bug.cgi?id=1232070 * https://bugzilla.suse.com/show_bug.cgi?id=1232097 * https://bugzilla.suse.com/show_bug.cgi?id=1232136 * https://bugzilla.suse.com/show_bug.cgi?id=1232145 * https://bugzilla.suse.com/show_bug.cgi?id=1232262 * https://bugzilla.suse.com/show_bug.cgi?id=1232282 * https://bugzilla.suse.com/show_bug.cgi?id=1232286 * https://bugzilla.suse.com/show_bug.cgi?id=1232304 * https://bugzilla.suse.com/show_bug.cgi?id=1232383 * https://bugzilla.suse.com/show_bug.cgi?id=1232418 * https://bugzilla.suse.com/show_bug.cgi?id=1232424 * https://bugzilla.suse.com/show_bug.cgi?id=1232432 * https://bugzilla.suse.com/show_bug.cgi?id=1232519 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 27 16:32:33 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Nov 2024 16:32:33 -0000 Subject: SUSE-SU-2024:4079-1: important: Security update for webkit2gtk3 Message-ID: <173272515315.29122.597992001929999022@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2024:4079-1 Release Date: 2024-11-27T12:53:58Z Rating: important References: * bsc#1231039 * bsc#1232747 Cross-References: * CVE-2024-44296 * CVE-2024-46185 * CVE-2044-44244 CVSS scores: * CVE-2024-44296 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-44296 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-44296 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-44296 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.46.3 (bsc#1232747): * CVE-2024-44244: Processing maliciously crafted web content may lead to an unexpected process crash. * CVE-2024-44296: Processing maliciously crafted web content may prevent Content Security Policy from being enforced. New references to version 2.46.0 (boo#1231039): * CVE-2024-44185: Processing maliciously crafted web content may lead to an unexpected process crash. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-4079=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-4.18.2 * typelib-1_0-JavaScriptCore-4_0-2.46.3-4.18.2 * libwebkit2gtk-4_0-37-2.46.3-4.18.2 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-4.18.2 * typelib-1_0-WebKit2-4_0-2.46.3-4.18.2 * libjavascriptcoregtk-4_0-18-2.46.3-4.18.2 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-4.18.2 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-4.18.2 * webkit2gtk3-debugsource-2.46.3-4.18.2 * webkit2gtk-4_0-injected-bundles-2.46.3-4.18.2 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * libwebkit2gtk3-lang-2.46.3-4.18.2 ## References: * https://www.suse.com/security/cve/CVE-2024-44296.html * https://www.suse.com/security/cve/CVE-2024-46185.html * https://www.suse.com/security/cve/CVE-2044-44244.html * https://bugzilla.suse.com/show_bug.cgi?id=1231039 * https://bugzilla.suse.com/show_bug.cgi?id=1232747 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 27 16:32:35 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Nov 2024 16:32:35 -0000 Subject: SUSE-SU-2024:4078-1: important: Security update for glib2 Message-ID: <173272515577.29122.6956358843108256512@smelt2.prg2.suse.org> # Security update for glib2 Announcement ID: SUSE-SU-2024:4078-1 Release Date: 2024-11-27T12:53:48Z Rating: important References: * bsc#1233282 Cross-References: * CVE-2024-52533 CVSS scores: * CVE-2024-52533 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-52533 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H * CVE-2024-52533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for glib2 fixes the following issues: * CVE-2024-52533: Fixed a single byte buffer overflow (bsc#1233282). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4078=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-4078=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4078=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4078=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4078=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4078=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4078=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-4078=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4078=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4078=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4078=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4078=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4078=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4078=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4078=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4078=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4078=1 ## Package List: * openSUSE Leap 15.4 (noarch) * glib2-lang-2.70.5-150400.3.17.1 * gio-branding-upstream-2.70.5-150400.3.17.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * glib2-tests-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * glib2-doc-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * glib2-tests-devel-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * glib2-devel-static-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * openSUSE Leap 15.4 (x86_64) * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-32bit-2.70.5-150400.3.17.1 * glib2-devel-32bit-2.70.5-150400.3.17.1 * glib2-devel-32bit-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * glib2-tools-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * glib2-tools-32bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libgmodule-2_0-0-64bit-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-64bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-64bit-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-64bit-2.70.5-150400.3.17.1 * libgio-2_0-0-64bit-debuginfo-2.70.5-150400.3.17.1 * glib2-devel-64bit-2.70.5-150400.3.17.1 * glib2-devel-64bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-64bit-2.70.5-150400.3.17.1 * libgobject-2_0-0-64bit-2.70.5-150400.3.17.1 * glib2-tools-64bit-debuginfo-2.70.5-150400.3.17.1 * glib2-tools-64bit-2.70.5-150400.3.17.1 * libgio-2_0-0-64bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-64bit-2.70.5-150400.3.17.1 * libglib-2_0-0-64bit-debuginfo-2.70.5-150400.3.17.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * openSUSE Leap 15.5 (noarch) * glib2-lang-2.70.5-150400.3.17.1 * gio-branding-upstream-2.70.5-150400.3.17.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * glib2-tests-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * glib2-doc-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * glib2-tests-devel-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * glib2-devel-static-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * openSUSE Leap 15.5 (x86_64) * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-32bit-2.70.5-150400.3.17.1 * glib2-devel-32bit-2.70.5-150400.3.17.1 * glib2-devel-32bit-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * glib2-tools-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * glib2-tools-32bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * Basesystem Module 15-SP5 (noarch) * glib2-lang-2.70.5-150400.3.17.1 * Basesystem Module 15-SP5 (x86_64) * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * glib2-lang-2.70.5-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * glib2-lang-2.70.5-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * glib2-debugsource-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * glib2-lang-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * glib2-lang-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * glib2-lang-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * SUSE Manager Proxy 4.3 (x86_64) * glib2-debugsource-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * SUSE Manager Proxy 4.3 (noarch) * glib2-lang-2.70.5-150400.3.17.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * glib2-debugsource-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * glib2-lang-2.70.5-150400.3.17.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * SUSE Manager Server 4.3 (noarch) * glib2-lang-2.70.5-150400.3.17.1 * SUSE Manager Server 4.3 (x86_64) * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2024-52533.html * https://bugzilla.suse.com/show_bug.cgi?id=1233282 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 27 16:32:38 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Nov 2024 16:32:38 -0000 Subject: SUSE-SU-2024:4077-1: moderate: Security update for python-aiohttp Message-ID: <173272515875.29122.11722718697377390422@smelt2.prg2.suse.org> # Security update for python-aiohttp Announcement ID: SUSE-SU-2024:4077-1 Release Date: 2024-11-27T12:52:27Z Rating: moderate References: * bsc#1233447 Cross-References: * CVE-2024-52304 CVSS scores: * CVE-2024-52304 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-52304 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-52304 ( NVD ): 0.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP5 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-aiohttp fixes the following issues: * CVE-2024-52304: Fixed request smuggling due to incorrect parsing of chunk extensions (bsc#1233447) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4077=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4077=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4077=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-4077=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-4077=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-4077=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python-aiohttp-debugsource-3.9.3-150400.10.27.1 * python311-aiohttp-debuginfo-3.9.3-150400.10.27.1 * python311-aiohttp-3.9.3-150400.10.27.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python-aiohttp-debugsource-3.9.3-150400.10.27.1 * python311-aiohttp-debuginfo-3.9.3-150400.10.27.1 * python311-aiohttp-3.9.3-150400.10.27.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python-aiohttp-debugsource-3.9.3-150400.10.27.1 * python311-aiohttp-debuginfo-3.9.3-150400.10.27.1 * python311-aiohttp-3.9.3-150400.10.27.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * python311-aiohttp-3.9.3-150400.10.27.1 * Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python-aiohttp-debugsource-3.9.3-150400.10.27.1 * python311-aiohttp-debuginfo-3.9.3-150400.10.27.1 * python311-aiohttp-3.9.3-150400.10.27.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python-aiohttp-debugsource-3.9.3-150400.10.27.1 * python311-aiohttp-debuginfo-3.9.3-150400.10.27.1 * python311-aiohttp-3.9.3-150400.10.27.1 ## References: * https://www.suse.com/security/cve/CVE-2024-52304.html * https://bugzilla.suse.com/show_bug.cgi?id=1233447 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 27 16:32:41 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 27 Nov 2024 16:32:41 -0000 Subject: SUSE-SU-2024:4076-1: low: Security update for hplip Message-ID: <173272516129.29122.7033170231046675486@smelt2.prg2.suse.org> # Security update for hplip Announcement ID: SUSE-SU-2024:4076-1 Release Date: 2024-11-27T12:51:58Z Rating: low References: * bsc#1209401 Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one security fix can now be installed. ## Description: This update for hplip fixes the following issues: * hpmud: sanitize printer serial number (bsc#1209401) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4076=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4076=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4076=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-4076=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * hplip-devel-3.21.10-150400.3.14.1 * hplip-debuginfo-3.21.10-150400.3.14.1 * hplip-sane-3.21.10-150400.3.14.1 * hplip-scan-utils-debuginfo-3.21.10-150400.3.14.1 * hplip-scan-utils-3.21.10-150400.3.14.1 * hplip-sane-debuginfo-3.21.10-150400.3.14.1 * hplip-hpijs-3.21.10-150400.3.14.1 * hplip-hpijs-debuginfo-3.21.10-150400.3.14.1 * hplip-debugsource-3.21.10-150400.3.14.1 * hplip-3.21.10-150400.3.14.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * hplip-devel-3.21.10-150400.3.14.1 * hplip-debuginfo-3.21.10-150400.3.14.1 * hplip-sane-3.21.10-150400.3.14.1 * hplip-scan-utils-debuginfo-3.21.10-150400.3.14.1 * hplip-scan-utils-3.21.10-150400.3.14.1 * hplip-sane-debuginfo-3.21.10-150400.3.14.1 * hplip-hpijs-3.21.10-150400.3.14.1 * hplip-hpijs-debuginfo-3.21.10-150400.3.14.1 * hplip-debugsource-3.21.10-150400.3.14.1 * hplip-3.21.10-150400.3.14.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * hplip-devel-3.21.10-150400.3.14.1 * hplip-debuginfo-3.21.10-150400.3.14.1 * hplip-sane-3.21.10-150400.3.14.1 * hplip-sane-debuginfo-3.21.10-150400.3.14.1 * hplip-hpijs-3.21.10-150400.3.14.1 * hplip-hpijs-debuginfo-3.21.10-150400.3.14.1 * hplip-debugsource-3.21.10-150400.3.14.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * hplip-debuginfo-3.21.10-150400.3.14.1 * hplip-debugsource-3.21.10-150400.3.14.1 * hplip-3.21.10-150400.3.14.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1209401 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 28 08:30:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Nov 2024 08:30:02 -0000 Subject: SUSE-SU-2024:4090-1: important: Security update for frr Message-ID: <173278260270.13380.10626233360073156608@smelt2.prg2.suse.org> # Security update for frr Announcement ID: SUSE-SU-2024:4090-1 Release Date: 2024-11-28T07:58:02Z Rating: important References: * jsc#PED-11092 Cross-References: * CVE-2023-31489 * CVE-2023-31490 * CVE-2023-3748 * CVE-2023-38406 * CVE-2023-38407 * CVE-2023-38802 * CVE-2023-41358 * CVE-2023-41360 * CVE-2023-41909 * CVE-2023-46752 * CVE-2023-46753 * CVE-2023-47234 * CVE-2023-47235 * CVE-2024-27913 * CVE-2024-31948 * CVE-2024-31950 * CVE-2024-31951 * CVE-2024-34088 * CVE-2024-44070 CVSS scores: * CVE-2023-31489 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-31489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-31490 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-31490 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-3748 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-3748 ( NVD ): 3.5 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-38406 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38406 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-38407 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38407 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38802 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38802 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-41358 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-41358 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-41360 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2023-41360 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2023-41360 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2023-41909 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-41909 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46752 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46752 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46753 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46753 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-47234 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-47234 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-47235 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-47235 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27913 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-31948 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-31950 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-31951 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-31951 ( NVD ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34088 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34088 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44070 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44070 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44070 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Server Applications Module 15-SP5 * Server Applications Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 19 vulnerabilities and contains one feature can now be installed. ## Description: This update for frr fixes the following issues: Update to frr 8.5.6 (jsc#PED-PED-11092) including fixes for: * CVE-2024-44070,CVE-2024-34088,CVE-2024-31951,CVE-2024-31950, CVE-2024-31948,CVE-2024-27913,CVE-2023-47235,CVE-2023-47234, CVE-2023-46753,CVE-2023-46752,CVE-2023-41909,CVE-2023-41360, CVE-2023-41358,CVE-2023-38802,CVE-2023-38407,CVE-2023-38406, CVE-2023-3748,CVE-2023-31490,CVE-2023-31489 and other bugfixes. See https://frrouting.org/release/8.5.6/ for details. The most recent frr 8.x series provides several new features, improvements and bug fixes for various protocols and daemons, especially for PIM/PIMv6/BGP and VRF support. See https://frrouting.org/release/8.5/ for details and links. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-4090=1 openSUSE-SLE-15.5-2024-4090=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4090=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-4090=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-4090=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libfrrzmq0-debuginfo-8.5.6-150500.4.30.1 * libfrrospfapiclient0-8.5.6-150500.4.30.1 * libfrrsnmp0-8.5.6-150500.4.30.1 * libfrrzmq0-8.5.6-150500.4.30.1 * libfrrfpm_pb0-8.5.6-150500.4.30.1 * libfrrcares0-8.5.6-150500.4.30.1 * libfrrsnmp0-debuginfo-8.5.6-150500.4.30.1 * libfrr0-8.5.6-150500.4.30.1 * frr-devel-8.5.6-150500.4.30.1 * libfrrospfapiclient0-debuginfo-8.5.6-150500.4.30.1 * libfrrfpm_pb0-debuginfo-8.5.6-150500.4.30.1 * libfrr0-debuginfo-8.5.6-150500.4.30.1 * libfrr_pb0-8.5.6-150500.4.30.1 * frr-8.5.6-150500.4.30.1 * libmlag_pb0-debuginfo-8.5.6-150500.4.30.1 * libfrrcares0-debuginfo-8.5.6-150500.4.30.1 * frr-debugsource-8.5.6-150500.4.30.1 * frr-debuginfo-8.5.6-150500.4.30.1 * libmlag_pb0-8.5.6-150500.4.30.1 * libfrr_pb0-debuginfo-8.5.6-150500.4.30.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libfrrzmq0-debuginfo-8.5.6-150500.4.30.1 * libfrrospfapiclient0-8.5.6-150500.4.30.1 * libfrrsnmp0-8.5.6-150500.4.30.1 * libfrrzmq0-8.5.6-150500.4.30.1 * libfrrfpm_pb0-8.5.6-150500.4.30.1 * libfrrcares0-8.5.6-150500.4.30.1 * libfrrsnmp0-debuginfo-8.5.6-150500.4.30.1 * libfrr0-8.5.6-150500.4.30.1 * frr-devel-8.5.6-150500.4.30.1 * libfrrospfapiclient0-debuginfo-8.5.6-150500.4.30.1 * libfrrfpm_pb0-debuginfo-8.5.6-150500.4.30.1 * libfrr0-debuginfo-8.5.6-150500.4.30.1 * libfrr_pb0-8.5.6-150500.4.30.1 * frr-8.5.6-150500.4.30.1 * libmlag_pb0-debuginfo-8.5.6-150500.4.30.1 * libfrrcares0-debuginfo-8.5.6-150500.4.30.1 * frr-debugsource-8.5.6-150500.4.30.1 * frr-debuginfo-8.5.6-150500.4.30.1 * libmlag_pb0-8.5.6-150500.4.30.1 * libfrr_pb0-debuginfo-8.5.6-150500.4.30.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libfrrzmq0-debuginfo-8.5.6-150500.4.30.1 * libfrrospfapiclient0-8.5.6-150500.4.30.1 * libfrrsnmp0-8.5.6-150500.4.30.1 * libfrrzmq0-8.5.6-150500.4.30.1 * libfrrfpm_pb0-8.5.6-150500.4.30.1 * libfrrcares0-8.5.6-150500.4.30.1 * libfrrsnmp0-debuginfo-8.5.6-150500.4.30.1 * libfrr0-8.5.6-150500.4.30.1 * frr-devel-8.5.6-150500.4.30.1 * libfrrospfapiclient0-debuginfo-8.5.6-150500.4.30.1 * libfrrfpm_pb0-debuginfo-8.5.6-150500.4.30.1 * libfrr0-debuginfo-8.5.6-150500.4.30.1 * libfrr_pb0-8.5.6-150500.4.30.1 * frr-8.5.6-150500.4.30.1 * libmlag_pb0-debuginfo-8.5.6-150500.4.30.1 * libfrrcares0-debuginfo-8.5.6-150500.4.30.1 * frr-debugsource-8.5.6-150500.4.30.1 * frr-debuginfo-8.5.6-150500.4.30.1 * libmlag_pb0-8.5.6-150500.4.30.1 * libfrr_pb0-debuginfo-8.5.6-150500.4.30.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libfrrzmq0-debuginfo-8.5.6-150500.4.30.1 * libfrrospfapiclient0-8.5.6-150500.4.30.1 * libfrrsnmp0-8.5.6-150500.4.30.1 * libfrrzmq0-8.5.6-150500.4.30.1 * libfrrfpm_pb0-8.5.6-150500.4.30.1 * libfrrcares0-8.5.6-150500.4.30.1 * libfrrsnmp0-debuginfo-8.5.6-150500.4.30.1 * libfrr0-8.5.6-150500.4.30.1 * frr-devel-8.5.6-150500.4.30.1 * libfrrospfapiclient0-debuginfo-8.5.6-150500.4.30.1 * libfrrfpm_pb0-debuginfo-8.5.6-150500.4.30.1 * libfrr0-debuginfo-8.5.6-150500.4.30.1 * libfrr_pb0-8.5.6-150500.4.30.1 * frr-8.5.6-150500.4.30.1 * libmlag_pb0-debuginfo-8.5.6-150500.4.30.1 * libfrrcares0-debuginfo-8.5.6-150500.4.30.1 * frr-debugsource-8.5.6-150500.4.30.1 * frr-debuginfo-8.5.6-150500.4.30.1 * libmlag_pb0-8.5.6-150500.4.30.1 * libfrr_pb0-debuginfo-8.5.6-150500.4.30.1 ## References: * https://www.suse.com/security/cve/CVE-2023-31489.html * https://www.suse.com/security/cve/CVE-2023-31490.html * https://www.suse.com/security/cve/CVE-2023-3748.html * https://www.suse.com/security/cve/CVE-2023-38406.html * https://www.suse.com/security/cve/CVE-2023-38407.html * https://www.suse.com/security/cve/CVE-2023-38802.html * https://www.suse.com/security/cve/CVE-2023-41358.html * https://www.suse.com/security/cve/CVE-2023-41360.html * https://www.suse.com/security/cve/CVE-2023-41909.html * https://www.suse.com/security/cve/CVE-2023-46752.html * https://www.suse.com/security/cve/CVE-2023-46753.html * https://www.suse.com/security/cve/CVE-2023-47234.html * https://www.suse.com/security/cve/CVE-2023-47235.html * https://www.suse.com/security/cve/CVE-2024-27913.html * https://www.suse.com/security/cve/CVE-2024-31948.html * https://www.suse.com/security/cve/CVE-2024-31950.html * https://www.suse.com/security/cve/CVE-2024-31951.html * https://www.suse.com/security/cve/CVE-2024-34088.html * https://www.suse.com/security/cve/CVE-2024-44070.html * https://jira.suse.com/browse/PED-11092 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 28 08:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Nov 2024 08:30:10 -0000 Subject: SUSE-SU-2024:4089-1: low: Security update for hplip Message-ID: <173278261041.13380.4458184152899172481@smelt2.prg2.suse.org> # Security update for hplip Announcement ID: SUSE-SU-2024:4089-1 Release Date: 2024-11-28T07:57:43Z Rating: low References: * bsc#1209401 Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one security fix can now be installed. ## Description: This update for hplip fixes the following issues: * hpmud: sanitize printer serial number (bsc#1209401) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-4089=1 openSUSE-SLE-15.6-2024-4089=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4089=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-4089=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * hplip-sane-3.23.8-150600.4.3.1 * hplip-3.23.8-150600.4.3.1 * hplip-scan-utils-3.23.8-150600.4.3.1 * hplip-debuginfo-3.23.8-150600.4.3.1 * hplip-scan-utils-debuginfo-3.23.8-150600.4.3.1 * hplip-sane-debuginfo-3.23.8-150600.4.3.1 * hplip-hpijs-debuginfo-3.23.8-150600.4.3.1 * hplip-devel-3.23.8-150600.4.3.1 * hplip-debugsource-3.23.8-150600.4.3.1 * hplip-udev-rules-3.23.8-150600.4.3.1 * hplip-hpijs-3.23.8-150600.4.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * hplip-sane-3.23.8-150600.4.3.1 * hplip-debuginfo-3.23.8-150600.4.3.1 * hplip-sane-debuginfo-3.23.8-150600.4.3.1 * hplip-hpijs-debuginfo-3.23.8-150600.4.3.1 * hplip-devel-3.23.8-150600.4.3.1 * hplip-debugsource-3.23.8-150600.4.3.1 * hplip-udev-rules-3.23.8-150600.4.3.1 * hplip-hpijs-3.23.8-150600.4.3.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * hplip-debuginfo-3.23.8-150600.4.3.1 * hplip-debugsource-3.23.8-150600.4.3.1 * hplip-3.23.8-150600.4.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1209401 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 28 08:30:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Nov 2024 08:30:13 -0000 Subject: SUSE-SU-2024:4088-1: moderate: Security update for ovmf Message-ID: <173278261316.13380.17472392400263543627@smelt2.prg2.suse.org> # Security update for ovmf Announcement ID: SUSE-SU-2024:4088-1 Release Date: 2024-11-28T07:57:20Z Rating: moderate References: * bsc#1225889 Cross-References: * CVE-2024-1298 CVSS scores: * CVE-2024-1298 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for ovmf fixes the following issues: * CVE-2024-1298: Fixed potential UINT32 overflow in S3 ResumeCount (bsc#1225889). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-4088=1 openSUSE-SLE-15.5-2024-4088=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-4088=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-4088=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-4088=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-4088=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64) * ovmf-tools-202208-150500.6.3.1 * ovmf-202208-150500.6.3.1 * openSUSE Leap 15.5 (noarch) * qemu-ovmf-x86_64-202208-150500.6.3.1 * qemu-ovmf-ia32-202208-150500.6.3.1 * qemu-uefi-aarch64-202208-150500.6.3.1 * qemu-uefi-aarch32-202208-150500.6.3.1 * openSUSE Leap 15.5 (x86_64) * qemu-ovmf-x86_64-debug-202208-150500.6.3.1 * openSUSE Leap Micro 5.5 (noarch) * qemu-ovmf-x86_64-202208-150500.6.3.1 * qemu-uefi-aarch64-202208-150500.6.3.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * qemu-ovmf-x86_64-202208-150500.6.3.1 * qemu-uefi-aarch64-202208-150500.6.3.1 * SUSE Package Hub 15 15-SP5 (noarch) * qemu-ovmf-x86_64-202208-150500.6.3.1 * qemu-uefi-aarch32-202208-150500.6.3.1 * qemu-uefi-aarch64-202208-150500.6.3.1 * SUSE Package Hub 15 15-SP5 (x86_64) * qemu-ovmf-x86_64-debug-202208-150500.6.3.1 * Server Applications Module 15-SP5 (aarch64 x86_64) * ovmf-tools-202208-150500.6.3.1 * ovmf-202208-150500.6.3.1 * Server Applications Module 15-SP5 (noarch) * qemu-ovmf-x86_64-202208-150500.6.3.1 * qemu-uefi-aarch64-202208-150500.6.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1298.html * https://bugzilla.suse.com/show_bug.cgi?id=1225889 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 28 08:30:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Nov 2024 08:30:20 -0000 Subject: SUSE-SU-2024:4086-1: important: Security update for MozillaFirefox Message-ID: <173278262014.13380.16657075877462651432@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2024:4086-1 Release Date: 2024-11-28T06:37:36Z Rating: important References: * bsc#1233695 Cross-References: * CVE-2024-11691 * CVE-2024-11692 * CVE-2024-11693 * CVE-2024-11694 * CVE-2024-11695 * CVE-2024-11696 * CVE-2024-11697 * CVE-2024-11698 * CVE-2024-11699 CVSS scores: * CVE-2024-11691 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-11692 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-11693 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-11694 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-11695 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-11697 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-11698 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-11699 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP5 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves nine vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 128.5.0 ESR, fixed various security fixes and other quality improvements, MFSA 2024-64 (bsc#1233695): * CVE-2024-11691: Memory corruption in Apple GPU drivers * CVE-2024-11692: Select list elements could be shown over another site * CVE-2024-11693: Download Protections were bypassed by .library-ms files on Windows * CVE-2024-11694: CSP Bypass and XSS Exposure via Web Compatibility Shims * CVE-2024-11695: URL Bar Spoofing via Manipulated Punycode and Whitespace Characters * CVE-2024-11696: Unhandled Exception in Add-on Signature Verification * CVE-2024-11697: Inproper Keypress Handling in Executable File Confirmation Dialog * CVE-2024-11698: Fullscreen Lock-Up When Modal Dialog Interrupts Transition on macOS * CVE-2024-11699: Memory safety bugs fixed in Firefox 133, Firefox ESR 128.5, and Thunderbird 128.5 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4086=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-4086=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4086=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4086=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-4086=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-4086=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4086=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-4086=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4086=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4086=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4086=1 * SUSE Linux Enterprise Server 15 SP2 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4086=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-4086=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4086=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4086=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-4086=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * MozillaFirefox-debuginfo-128.5.0-150200.152.161.1 * MozillaFirefox-translations-other-128.5.0-150200.152.161.1 * MozillaFirefox-translations-common-128.5.0-150200.152.161.1 * MozillaFirefox-128.5.0-150200.152.161.1 * MozillaFirefox-debugsource-128.5.0-150200.152.161.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * MozillaFirefox-devel-128.5.0-150200.152.161.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.5.0-150200.152.161.1 * MozillaFirefox-translations-other-128.5.0-150200.152.161.1 * MozillaFirefox-translations-common-128.5.0-150200.152.161.1 * MozillaFirefox-128.5.0-150200.152.161.1 * MozillaFirefox-debugsource-128.5.0-150200.152.161.1 * SUSE Enterprise Storage 7.1 (noarch) * MozillaFirefox-devel-128.5.0-150200.152.161.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.5.0-150200.152.161.1 * MozillaFirefox-translations-other-128.5.0-150200.152.161.1 * MozillaFirefox-translations-common-128.5.0-150200.152.161.1 * MozillaFirefox-128.5.0-150200.152.161.1 * MozillaFirefox-debugsource-128.5.0-150200.152.161.1 * MozillaFirefox-branding-upstream-128.5.0-150200.152.161.1 * openSUSE Leap 15.5 (noarch) * MozillaFirefox-devel-128.5.0-150200.152.161.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.5.0-150200.152.161.1 * MozillaFirefox-translations-other-128.5.0-150200.152.161.1 * MozillaFirefox-translations-common-128.5.0-150200.152.161.1 * MozillaFirefox-128.5.0-150200.152.161.1 * MozillaFirefox-debugsource-128.5.0-150200.152.161.1 * MozillaFirefox-branding-upstream-128.5.0-150200.152.161.1 * openSUSE Leap 15.6 (noarch) * MozillaFirefox-devel-128.5.0-150200.152.161.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.5.0-150200.152.161.1 * MozillaFirefox-translations-other-128.5.0-150200.152.161.1 * MozillaFirefox-translations-common-128.5.0-150200.152.161.1 * MozillaFirefox-128.5.0-150200.152.161.1 * MozillaFirefox-debugsource-128.5.0-150200.152.161.1 * Desktop Applications Module 15-SP5 (noarch) * MozillaFirefox-devel-128.5.0-150200.152.161.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.5.0-150200.152.161.1 * MozillaFirefox-translations-other-128.5.0-150200.152.161.1 * MozillaFirefox-translations-common-128.5.0-150200.152.161.1 * MozillaFirefox-128.5.0-150200.152.161.1 * MozillaFirefox-debugsource-128.5.0-150200.152.161.1 * Desktop Applications Module 15-SP6 (noarch) * MozillaFirefox-devel-128.5.0-150200.152.161.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS (aarch64 x86_64) * MozillaFirefox-debuginfo-128.5.0-150200.152.161.1 * MozillaFirefox-translations-other-128.5.0-150200.152.161.1 * MozillaFirefox-translations-common-128.5.0-150200.152.161.1 * MozillaFirefox-128.5.0-150200.152.161.1 * MozillaFirefox-debugsource-128.5.0-150200.152.161.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS (noarch) * MozillaFirefox-devel-128.5.0-150200.152.161.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.5.0-150200.152.161.1 * MozillaFirefox-translations-other-128.5.0-150200.152.161.1 * MozillaFirefox-translations-common-128.5.0-150200.152.161.1 * MozillaFirefox-128.5.0-150200.152.161.1 * MozillaFirefox-debugsource-128.5.0-150200.152.161.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * MozillaFirefox-devel-128.5.0-150200.152.161.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.5.0-150200.152.161.1 * MozillaFirefox-translations-other-128.5.0-150200.152.161.1 * MozillaFirefox-translations-common-128.5.0-150200.152.161.1 * MozillaFirefox-128.5.0-150200.152.161.1 * MozillaFirefox-debugsource-128.5.0-150200.152.161.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * MozillaFirefox-devel-128.5.0-150200.152.161.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.5.0-150200.152.161.1 * MozillaFirefox-translations-other-128.5.0-150200.152.161.1 * MozillaFirefox-translations-common-128.5.0-150200.152.161.1 * MozillaFirefox-128.5.0-150200.152.161.1 * MozillaFirefox-debugsource-128.5.0-150200.152.161.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * MozillaFirefox-devel-128.5.0-150200.152.161.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * MozillaFirefox-debuginfo-128.5.0-150200.152.161.1 * MozillaFirefox-translations-other-128.5.0-150200.152.161.1 * MozillaFirefox-translations-common-128.5.0-150200.152.161.1 * MozillaFirefox-128.5.0-150200.152.161.1 * MozillaFirefox-debugsource-128.5.0-150200.152.161.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * MozillaFirefox-devel-128.5.0-150200.152.161.1 * SUSE Linux Enterprise Server 15 SP2 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.5.0-150200.152.161.1 * MozillaFirefox-translations-other-128.5.0-150200.152.161.1 * MozillaFirefox-translations-common-128.5.0-150200.152.161.1 * MozillaFirefox-128.5.0-150200.152.161.1 * MozillaFirefox-debugsource-128.5.0-150200.152.161.1 * SUSE Linux Enterprise Server 15 SP2 LTSS (noarch) * MozillaFirefox-devel-128.5.0-150200.152.161.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.5.0-150200.152.161.1 * MozillaFirefox-translations-other-128.5.0-150200.152.161.1 * MozillaFirefox-translations-common-128.5.0-150200.152.161.1 * MozillaFirefox-128.5.0-150200.152.161.1 * MozillaFirefox-debugsource-128.5.0-150200.152.161.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * MozillaFirefox-devel-128.5.0-150200.152.161.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.5.0-150200.152.161.1 * MozillaFirefox-translations-other-128.5.0-150200.152.161.1 * MozillaFirefox-translations-common-128.5.0-150200.152.161.1 * MozillaFirefox-128.5.0-150200.152.161.1 * MozillaFirefox-debugsource-128.5.0-150200.152.161.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * MozillaFirefox-devel-128.5.0-150200.152.161.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * MozillaFirefox-debuginfo-128.5.0-150200.152.161.1 * MozillaFirefox-translations-other-128.5.0-150200.152.161.1 * MozillaFirefox-translations-common-128.5.0-150200.152.161.1 * MozillaFirefox-128.5.0-150200.152.161.1 * MozillaFirefox-debugsource-128.5.0-150200.152.161.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * MozillaFirefox-devel-128.5.0-150200.152.161.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * MozillaFirefox-debuginfo-128.5.0-150200.152.161.1 * MozillaFirefox-translations-other-128.5.0-150200.152.161.1 * MozillaFirefox-translations-common-128.5.0-150200.152.161.1 * MozillaFirefox-128.5.0-150200.152.161.1 * MozillaFirefox-debugsource-128.5.0-150200.152.161.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * MozillaFirefox-devel-128.5.0-150200.152.161.1 ## References: * https://www.suse.com/security/cve/CVE-2024-11691.html * https://www.suse.com/security/cve/CVE-2024-11692.html * https://www.suse.com/security/cve/CVE-2024-11693.html * https://www.suse.com/security/cve/CVE-2024-11694.html * https://www.suse.com/security/cve/CVE-2024-11695.html * https://www.suse.com/security/cve/CVE-2024-11696.html * https://www.suse.com/security/cve/CVE-2024-11697.html * https://www.suse.com/security/cve/CVE-2024-11698.html * https://www.suse.com/security/cve/CVE-2024-11699.html * https://bugzilla.suse.com/show_bug.cgi?id=1233695 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 28 12:30:15 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Nov 2024 12:30:15 -0000 Subject: SUSE-SU-2024:4094-1: important: Security update for qemu Message-ID: <173279701519.8417.4445336597429019836@smelt2.prg2.suse.org> # Security update for qemu Announcement ID: SUSE-SU-2024:4094-1 Release Date: 2024-11-28T11:57:02Z Rating: important References: * bsc#1224132 * bsc#1229007 * bsc#1229929 * bsc#1230140 * bsc#1230834 * bsc#1230915 * bsc#1231519 Cross-References: * CVE-2024-4693 * CVE-2024-7409 * CVE-2024-8354 * CVE-2024-8612 CVSS scores: * CVE-2024-4693 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7409 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-7409 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7409 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8354 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8354 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8354 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8354 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8612 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-8612 ( SUSE ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-8612 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves four vulnerabilities and has three security fixes can now be installed. ## Description: This update for qemu fixes the following issues: Security fixes: * CVE-2024-8354: Fixed assertion failure in usb_ep_get() (bsc#1230834) * CVE-2024-8612: Fixed information leak in virtio devices (bsc#1230915) Update version to 8.2.7: Security fixes: * CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure (bsc#1229007) * CVE-2024-4693: Fixed improper release of configure vector in virtio-pci that lead to guest triggerable crash (bsc#1224132) Other fixes: * added missing fix for ppc64 emulation that caused corruption in userspace (bsc#1230140) * target/ppc: Fix lxvx/stxvx facility check (bsc#1229929) * accel/kvm: check for KVM_CAP_READONLY_MEM on VM (bsc#1231519) Full changelog here: https://lore.kernel.org/qemu- devel/d9ff276f-f1ba-4e90-8343-a7a0dc2bf305 at tls.msk.ru/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-4094=1 openSUSE-SLE-15.6-2024-4094=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4094=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-4094=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-4094=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * qemu-ui-spice-core-debuginfo-8.2.7-150600.3.20.1 * qemu-pr-helper-8.2.7-150600.3.20.1 * qemu-ui-curses-8.2.7-150600.3.20.1 * qemu-extra-debuginfo-8.2.7-150600.3.20.1 * qemu-chardev-spice-debuginfo-8.2.7-150600.3.20.1 * qemu-audio-dbus-8.2.7-150600.3.20.1 * qemu-audio-oss-8.2.7-150600.3.20.1 * qemu-hw-display-virtio-gpu-pci-8.2.7-150600.3.20.1 * qemu-audio-pipewire-debuginfo-8.2.7-150600.3.20.1 * qemu-block-ssh-debuginfo-8.2.7-150600.3.20.1 * qemu-block-curl-debuginfo-8.2.7-150600.3.20.1 * qemu-hw-usb-smartcard-8.2.7-150600.3.20.1 * qemu-block-nfs-8.2.7-150600.3.20.1 * qemu-hw-display-virtio-gpu-8.2.7-150600.3.20.1 * qemu-audio-jack-8.2.7-150600.3.20.1 * qemu-x86-8.2.7-150600.3.20.1 * qemu-ui-spice-app-debuginfo-8.2.7-150600.3.20.1 * qemu-accel-tcg-x86-8.2.7-150600.3.20.1 * qemu-hw-display-qxl-8.2.7-150600.3.20.1 * qemu-hw-usb-smartcard-debuginfo-8.2.7-150600.3.20.1 * qemu-ui-dbus-8.2.7-150600.3.20.1 * qemu-ui-opengl-debuginfo-8.2.7-150600.3.20.1 * qemu-block-gluster-8.2.7-150600.3.20.1 * qemu-extra-8.2.7-150600.3.20.1 * qemu-hw-s390x-virtio-gpu-ccw-8.2.7-150600.3.20.1 * qemu-hw-display-virtio-vga-debuginfo-8.2.7-150600.3.20.1 * qemu-ui-opengl-8.2.7-150600.3.20.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-8.2.7-150600.3.20.1 * qemu-ui-dbus-debuginfo-8.2.7-150600.3.20.1 * qemu-guest-agent-8.2.7-150600.3.20.1 * qemu-accel-tcg-x86-debuginfo-8.2.7-150600.3.20.1 * qemu-ui-spice-app-8.2.7-150600.3.20.1 * qemu-ivshmem-tools-8.2.7-150600.3.20.1 * qemu-audio-pipewire-8.2.7-150600.3.20.1 * qemu-ppc-8.2.7-150600.3.20.1 * qemu-block-iscsi-debuginfo-8.2.7-150600.3.20.1 * qemu-accel-qtest-debuginfo-8.2.7-150600.3.20.1 * qemu-chardev-baum-debuginfo-8.2.7-150600.3.20.1 * qemu-debugsource-8.2.7-150600.3.20.1 * qemu-ppc-debuginfo-8.2.7-150600.3.20.1 * qemu-hw-usb-redirect-8.2.7-150600.3.20.1 * qemu-audio-jack-debuginfo-8.2.7-150600.3.20.1 * qemu-block-ssh-8.2.7-150600.3.20.1 * qemu-audio-pa-debuginfo-8.2.7-150600.3.20.1 * qemu-8.2.7-150600.3.20.1 * qemu-img-8.2.7-150600.3.20.1 * qemu-block-dmg-debuginfo-8.2.7-150600.3.20.1 * qemu-chardev-baum-8.2.7-150600.3.20.1 * qemu-block-curl-8.2.7-150600.3.20.1 * qemu-chardev-spice-8.2.7-150600.3.20.1 * qemu-hw-usb-host-8.2.7-150600.3.20.1 * qemu-arm-debuginfo-8.2.7-150600.3.20.1 * qemu-hw-usb-redirect-debuginfo-8.2.7-150600.3.20.1 * qemu-headless-8.2.7-150600.3.20.1 * qemu-audio-alsa-debuginfo-8.2.7-150600.3.20.1 * qemu-block-iscsi-8.2.7-150600.3.20.1 * qemu-vhost-user-gpu-debuginfo-8.2.7-150600.3.20.1 * qemu-ksm-8.2.7-150600.3.20.1 * qemu-block-nfs-debuginfo-8.2.7-150600.3.20.1 * qemu-audio-spice-debuginfo-8.2.7-150600.3.20.1 * qemu-ivshmem-tools-debuginfo-8.2.7-150600.3.20.1 * qemu-ui-gtk-8.2.7-150600.3.20.1 * qemu-x86-debuginfo-8.2.7-150600.3.20.1 * qemu-linux-user-8.2.7-150600.3.20.1 * qemu-tools-debuginfo-8.2.7-150600.3.20.1 * qemu-ui-spice-core-8.2.7-150600.3.20.1 * qemu-ui-gtk-debuginfo-8.2.7-150600.3.20.1 * qemu-vhost-user-gpu-8.2.7-150600.3.20.1 * qemu-block-dmg-8.2.7-150600.3.20.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-8.2.7-150600.3.20.1 * qemu-ui-curses-debuginfo-8.2.7-150600.3.20.1 * qemu-s390x-debuginfo-8.2.7-150600.3.20.1 * qemu-hw-display-virtio-gpu-debuginfo-8.2.7-150600.3.20.1 * qemu-hw-display-qxl-debuginfo-8.2.7-150600.3.20.1 * qemu-linux-user-debugsource-8.2.7-150600.3.20.1 * qemu-audio-oss-debuginfo-8.2.7-150600.3.20.1 * qemu-hw-display-virtio-vga-8.2.7-150600.3.20.1 * qemu-block-gluster-debuginfo-8.2.7-150600.3.20.1 * qemu-img-debuginfo-8.2.7-150600.3.20.1 * qemu-s390x-8.2.7-150600.3.20.1 * qemu-audio-pa-8.2.7-150600.3.20.1 * qemu-audio-alsa-8.2.7-150600.3.20.1 * qemu-audio-spice-8.2.7-150600.3.20.1 * qemu-tools-8.2.7-150600.3.20.1 * qemu-arm-8.2.7-150600.3.20.1 * qemu-hw-usb-host-debuginfo-8.2.7-150600.3.20.1 * qemu-accel-qtest-8.2.7-150600.3.20.1 * qemu-pr-helper-debuginfo-8.2.7-150600.3.20.1 * qemu-debuginfo-8.2.7-150600.3.20.1 * qemu-linux-user-debuginfo-8.2.7-150600.3.20.1 * qemu-lang-8.2.7-150600.3.20.1 * qemu-spice-8.2.7-150600.3.20.1 * qemu-guest-agent-debuginfo-8.2.7-150600.3.20.1 * qemu-audio-dbus-debuginfo-8.2.7-150600.3.20.1 * openSUSE Leap 15.6 (noarch) * qemu-ipxe-8.2.7-150600.3.20.1 * qemu-doc-8.2.7-150600.3.20.1 * qemu-SLOF-8.2.7-150600.3.20.1 * qemu-seabios-8.2.71.16.3_3_ga95067eb-150600.3.20.1 * qemu-skiboot-8.2.7-150600.3.20.1 * qemu-microvm-8.2.7-150600.3.20.1 * qemu-vgabios-8.2.71.16.3_3_ga95067eb-150600.3.20.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * qemu-block-rbd-8.2.7-150600.3.20.1 * qemu-block-rbd-debuginfo-8.2.7-150600.3.20.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * qemu-tools-8.2.7-150600.3.20.1 * qemu-pr-helper-8.2.7-150600.3.20.1 * qemu-tools-debuginfo-8.2.7-150600.3.20.1 * qemu-img-debuginfo-8.2.7-150600.3.20.1 * qemu-pr-helper-debuginfo-8.2.7-150600.3.20.1 * qemu-debuginfo-8.2.7-150600.3.20.1 * qemu-debugsource-8.2.7-150600.3.20.1 * qemu-img-8.2.7-150600.3.20.1 * SUSE Package Hub 15 15-SP6 (noarch) * qemu-SLOF-8.2.7-150600.3.20.1 * qemu-seabios-8.2.71.16.3_3_ga95067eb-150600.3.20.1 * qemu-skiboot-8.2.7-150600.3.20.1 * qemu-microvm-8.2.7-150600.3.20.1 * qemu-vgabios-8.2.71.16.3_3_ga95067eb-150600.3.20.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * qemu-ui-spice-app-debuginfo-8.2.7-150600.3.20.1 * qemu-accel-tcg-x86-8.2.7-150600.3.20.1 * qemu-audio-pa-debuginfo-8.2.7-150600.3.20.1 * qemu-s390x-debuginfo-8.2.7-150600.3.20.1 * qemu-hw-display-qxl-8.2.7-150600.3.20.1 * qemu-hw-usb-smartcard-debuginfo-8.2.7-150600.3.20.1 * qemu-ui-opengl-debuginfo-8.2.7-150600.3.20.1 * qemu-ui-spice-core-debuginfo-8.2.7-150600.3.20.1 * qemu-block-gluster-8.2.7-150600.3.20.1 * qemu-extra-8.2.7-150600.3.20.1 * qemu-hw-display-virtio-gpu-debuginfo-8.2.7-150600.3.20.1 * qemu-extra-debuginfo-8.2.7-150600.3.20.1 * qemu-hw-display-qxl-debuginfo-8.2.7-150600.3.20.1 * qemu-block-dmg-debuginfo-8.2.7-150600.3.20.1 * qemu-chardev-spice-8.2.7-150600.3.20.1 * qemu-chardev-spice-debuginfo-8.2.7-150600.3.20.1 * qemu-audio-oss-debuginfo-8.2.7-150600.3.20.1 * qemu-hw-s390x-virtio-gpu-ccw-8.2.7-150600.3.20.1 * qemu-hw-display-virtio-vga-debuginfo-8.2.7-150600.3.20.1 * qemu-linux-user-debugsource-8.2.7-150600.3.20.1 * qemu-audio-oss-8.2.7-150600.3.20.1 * qemu-hw-display-virtio-vga-8.2.7-150600.3.20.1 * qemu-block-gluster-debuginfo-8.2.7-150600.3.20.1 * qemu-ui-opengl-8.2.7-150600.3.20.1 * qemu-s390x-8.2.7-150600.3.20.1 * qemu-audio-pa-8.2.7-150600.3.20.1 * qemu-audio-alsa-8.2.7-150600.3.20.1 * qemu-arm-debuginfo-8.2.7-150600.3.20.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-8.2.7-150600.3.20.1 * qemu-hw-usb-redirect-debuginfo-8.2.7-150600.3.20.1 * qemu-accel-tcg-x86-debuginfo-8.2.7-150600.3.20.1 * qemu-ui-spice-app-8.2.7-150600.3.20.1 * qemu-audio-alsa-debuginfo-8.2.7-150600.3.20.1 * qemu-hw-display-virtio-gpu-pci-8.2.7-150600.3.20.1 * qemu-audio-spice-8.2.7-150600.3.20.1 * qemu-x86-8.2.7-150600.3.20.1 * qemu-arm-8.2.7-150600.3.20.1 * qemu-accel-qtest-8.2.7-150600.3.20.1 * qemu-ivshmem-tools-8.2.7-150600.3.20.1 * qemu-vhost-user-gpu-debuginfo-8.2.7-150600.3.20.1 * qemu-ppc-8.2.7-150600.3.20.1 * qemu-block-nfs-debuginfo-8.2.7-150600.3.20.1 * qemu-audio-spice-debuginfo-8.2.7-150600.3.20.1 * qemu-debuginfo-8.2.7-150600.3.20.1 * qemu-ivshmem-tools-debuginfo-8.2.7-150600.3.20.1 * qemu-linux-user-debuginfo-8.2.7-150600.3.20.1 * qemu-ui-gtk-8.2.7-150600.3.20.1 * qemu-hw-usb-smartcard-8.2.7-150600.3.20.1 * qemu-accel-qtest-debuginfo-8.2.7-150600.3.20.1 * qemu-debugsource-8.2.7-150600.3.20.1 * qemu-block-nfs-8.2.7-150600.3.20.1 * qemu-x86-debuginfo-8.2.7-150600.3.20.1 * qemu-hw-display-virtio-gpu-8.2.7-150600.3.20.1 * qemu-ppc-debuginfo-8.2.7-150600.3.20.1 * qemu-hw-usb-redirect-8.2.7-150600.3.20.1 * qemu-linux-user-8.2.7-150600.3.20.1 * qemu-audio-jack-debuginfo-8.2.7-150600.3.20.1 * qemu-ui-spice-core-8.2.7-150600.3.20.1 * qemu-ui-gtk-debuginfo-8.2.7-150600.3.20.1 * qemu-vhost-user-gpu-8.2.7-150600.3.20.1 * qemu-block-dmg-8.2.7-150600.3.20.1 * qemu-audio-jack-8.2.7-150600.3.20.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-8.2.7-150600.3.20.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * qemu-ui-curses-debuginfo-8.2.7-150600.3.20.1 * qemu-block-ssh-8.2.7-150600.3.20.1 * qemu-hw-display-qxl-8.2.7-150600.3.20.1 * qemu-ui-spice-core-debuginfo-8.2.7-150600.3.20.1 * qemu-ui-dbus-8.2.7-150600.3.20.1 * qemu-ui-opengl-debuginfo-8.2.7-150600.3.20.1 * qemu-8.2.7-150600.3.20.1 * qemu-ui-curses-8.2.7-150600.3.20.1 * qemu-hw-display-qxl-debuginfo-8.2.7-150600.3.20.1 * qemu-chardev-baum-8.2.7-150600.3.20.1 * qemu-chardev-spice-8.2.7-150600.3.20.1 * qemu-block-curl-8.2.7-150600.3.20.1 * qemu-chardev-spice-debuginfo-8.2.7-150600.3.20.1 * qemu-audio-dbus-8.2.7-150600.3.20.1 * qemu-hw-display-virtio-vga-debuginfo-8.2.7-150600.3.20.1 * qemu-hw-display-virtio-vga-8.2.7-150600.3.20.1 * qemu-ui-opengl-8.2.7-150600.3.20.1 * qemu-hw-usb-host-8.2.7-150600.3.20.1 * qemu-ui-dbus-debuginfo-8.2.7-150600.3.20.1 * qemu-guest-agent-8.2.7-150600.3.20.1 * qemu-hw-usb-redirect-debuginfo-8.2.7-150600.3.20.1 * qemu-headless-8.2.7-150600.3.20.1 * qemu-audio-spice-8.2.7-150600.3.20.1 * qemu-hw-usb-host-debuginfo-8.2.7-150600.3.20.1 * qemu-block-rbd-8.2.7-150600.3.20.1 * qemu-audio-pipewire-debuginfo-8.2.7-150600.3.20.1 * qemu-block-iscsi-8.2.7-150600.3.20.1 * qemu-audio-pipewire-8.2.7-150600.3.20.1 * qemu-block-ssh-debuginfo-8.2.7-150600.3.20.1 * qemu-block-nfs-debuginfo-8.2.7-150600.3.20.1 * qemu-audio-spice-debuginfo-8.2.7-150600.3.20.1 * qemu-debuginfo-8.2.7-150600.3.20.1 * qemu-ksm-8.2.7-150600.3.20.1 * qemu-block-iscsi-debuginfo-8.2.7-150600.3.20.1 * qemu-block-curl-debuginfo-8.2.7-150600.3.20.1 * qemu-chardev-baum-debuginfo-8.2.7-150600.3.20.1 * qemu-block-rbd-debuginfo-8.2.7-150600.3.20.1 * qemu-debugsource-8.2.7-150600.3.20.1 * qemu-block-nfs-8.2.7-150600.3.20.1 * qemu-lang-8.2.7-150600.3.20.1 * qemu-spice-8.2.7-150600.3.20.1 * qemu-guest-agent-debuginfo-8.2.7-150600.3.20.1 * qemu-hw-usb-redirect-8.2.7-150600.3.20.1 * qemu-ui-spice-core-8.2.7-150600.3.20.1 * qemu-audio-dbus-debuginfo-8.2.7-150600.3.20.1 * Server Applications Module 15-SP6 (aarch64) * qemu-arm-debuginfo-8.2.7-150600.3.20.1 * qemu-arm-8.2.7-150600.3.20.1 * Server Applications Module 15-SP6 (noarch) * qemu-ipxe-8.2.7-150600.3.20.1 * qemu-seabios-8.2.71.16.3_3_ga95067eb-150600.3.20.1 * qemu-SLOF-8.2.7-150600.3.20.1 * qemu-skiboot-8.2.7-150600.3.20.1 * qemu-vgabios-8.2.71.16.3_3_ga95067eb-150600.3.20.1 * Server Applications Module 15-SP6 (aarch64 ppc64le x86_64) * qemu-ui-spice-app-8.2.7-150600.3.20.1 * qemu-ui-gtk-8.2.7-150600.3.20.1 * qemu-ui-gtk-debuginfo-8.2.7-150600.3.20.1 * qemu-ui-spice-app-debuginfo-8.2.7-150600.3.20.1 * Server Applications Module 15-SP6 (ppc64le) * qemu-ppc-debuginfo-8.2.7-150600.3.20.1 * qemu-ppc-8.2.7-150600.3.20.1 * Server Applications Module 15-SP6 (s390x x86_64) * qemu-hw-display-virtio-gpu-8.2.7-150600.3.20.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-8.2.7-150600.3.20.1 * qemu-hw-display-virtio-gpu-pci-8.2.7-150600.3.20.1 * qemu-hw-display-virtio-gpu-debuginfo-8.2.7-150600.3.20.1 * Server Applications Module 15-SP6 (s390x) * qemu-hw-s390x-virtio-gpu-ccw-8.2.7-150600.3.20.1 * qemu-s390x-8.2.7-150600.3.20.1 * qemu-s390x-debuginfo-8.2.7-150600.3.20.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-8.2.7-150600.3.20.1 * Server Applications Module 15-SP6 (x86_64) * qemu-accel-tcg-x86-debuginfo-8.2.7-150600.3.20.1 * qemu-accel-tcg-x86-8.2.7-150600.3.20.1 * qemu-audio-pa-debuginfo-8.2.7-150600.3.20.1 * qemu-audio-alsa-debuginfo-8.2.7-150600.3.20.1 * qemu-x86-debuginfo-8.2.7-150600.3.20.1 * qemu-audio-pa-8.2.7-150600.3.20.1 * qemu-audio-alsa-8.2.7-150600.3.20.1 * qemu-x86-8.2.7-150600.3.20.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4693.html * https://www.suse.com/security/cve/CVE-2024-7409.html * https://www.suse.com/security/cve/CVE-2024-8354.html * https://www.suse.com/security/cve/CVE-2024-8612.html * https://bugzilla.suse.com/show_bug.cgi?id=1224132 * https://bugzilla.suse.com/show_bug.cgi?id=1229007 * https://bugzilla.suse.com/show_bug.cgi?id=1229929 * https://bugzilla.suse.com/show_bug.cgi?id=1230140 * https://bugzilla.suse.com/show_bug.cgi?id=1230834 * https://bugzilla.suse.com/show_bug.cgi?id=1230915 * https://bugzilla.suse.com/show_bug.cgi?id=1231519 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 28 12:30:18 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Nov 2024 12:30:18 -0000 Subject: SUSE-SU-2024:4093-1: important: Security update for python-virtualenv Message-ID: <173279701814.8417.11910823318963888272@smelt2.prg2.suse.org> # Security update for python-virtualenv Announcement ID: SUSE-SU-2024:4093-1 Release Date: 2024-11-28T10:57:24Z Rating: important References: * bsc#1233706 Cross-References: * CVE-2024-53899 CVSS scores: * CVE-2024-53899 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53899 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-53899 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53899 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Python 3 Module 15-SP5 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-virtualenv fixes the following issues: * CVE-2024-53899: Fixed a command injection through activation scripts (bsc#1233706) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4093=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4093=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4093=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-4093=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-4093=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4093=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4093=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4093=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4093=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4093=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-virtualenv-20.22.0-150400.9.6.1 * openSUSE Leap 15.5 (noarch) * python311-virtualenv-20.22.0-150400.9.6.1 * openSUSE Leap 15.6 (noarch) * python311-virtualenv-20.22.0-150400.9.6.1 * Python 3 Module 15-SP5 (noarch) * python311-virtualenv-20.22.0-150400.9.6.1 * Python 3 Module 15-SP6 (noarch) * python311-virtualenv-20.22.0-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python311-virtualenv-20.22.0-150400.9.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python311-virtualenv-20.22.0-150400.9.6.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * python311-virtualenv-20.22.0-150400.9.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * python311-virtualenv-20.22.0-150400.9.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python311-virtualenv-20.22.0-150400.9.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-53899.html * https://bugzilla.suse.com/show_bug.cgi?id=1233706 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 28 16:30:53 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Nov 2024 16:30:53 -0000 Subject: SUSE-SU-2024:4103-1: important: Security update for the Linux Kernel Message-ID: <173281145388.13386.16436175471058067662@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:4103-1 Release Date: 2024-11-28T14:16:29Z Rating: important References: * bsc#1195775 * bsc#1204171 * bsc#1205796 * bsc#1206344 * bsc#1209290 * bsc#1218562 * bsc#1219125 * bsc#1223384 * bsc#1223524 * bsc#1223824 * bsc#1225336 * bsc#1225611 * bsc#1226211 * bsc#1226212 * bsc#1226557 * bsc#1228743 * bsc#1229042 * bsc#1229454 * bsc#1229456 * bsc#1230429 * bsc#1231073 * bsc#1231191 * bsc#1231197 * bsc#1231200 * bsc#1231203 * bsc#1231293 * bsc#1231375 * bsc#1231502 * bsc#1231673 * bsc#1231861 * bsc#1231887 * bsc#1231890 * bsc#1231893 * bsc#1231895 * bsc#1231936 * bsc#1231938 * bsc#1231942 * bsc#1231960 * bsc#1231961 * bsc#1231979 * bsc#1231987 * bsc#1231988 * bsc#1232033 * bsc#1232069 * bsc#1232070 * bsc#1232097 * bsc#1232136 * bsc#1232145 * bsc#1232262 * bsc#1232282 * bsc#1232286 * bsc#1232304 * bsc#1232383 * bsc#1232418 * bsc#1232424 * bsc#1232432 Cross-References: * CVE-2021-47416 * CVE-2021-47589 * CVE-2022-3435 * CVE-2022-45934 * CVE-2022-48664 * CVE-2022-48947 * CVE-2022-48956 * CVE-2022-48960 * CVE-2022-48962 * CVE-2022-48967 * CVE-2022-48970 * CVE-2022-48988 * CVE-2022-48991 * CVE-2022-48999 * CVE-2022-49003 * CVE-2022-49014 * CVE-2022-49015 * CVE-2022-49023 * CVE-2022-49025 * CVE-2023-28327 * CVE-2023-46343 * CVE-2023-52881 * CVE-2023-52919 * CVE-2023-6270 * CVE-2024-27043 * CVE-2024-42145 * CVE-2024-44947 * CVE-2024-45016 * CVE-2024-46813 * CVE-2024-46816 * CVE-2024-46817 * CVE-2024-46818 * CVE-2024-46849 * CVE-2024-47668 * CVE-2024-47674 * CVE-2024-47684 * CVE-2024-47706 * CVE-2024-47747 * CVE-2024-49860 * CVE-2024-49867 * CVE-2024-49936 * CVE-2024-49974 * CVE-2024-49982 * CVE-2024-49991 * CVE-2024-49995 * CVE-2024-50047 CVSS scores: * CVE-2021-47416 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47589 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47589 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-3435 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-3435 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-45934 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2022-45934 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48664 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48960 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48960 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48960 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48962 ( SUSE ): 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48962 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2022-48962 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48967 ( SUSE ): 7.0 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48967 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-48967 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-48970 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48970 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48988 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48988 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48988 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48991 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48991 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48999 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48999 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-49003 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49003 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49003 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49014 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49014 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49015 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49015 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49023 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49023 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49025 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49025 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-28327 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-28327 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46343 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52881 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-45016 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46813 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46813 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46813 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46816 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46816 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46816 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46817 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46817 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46849 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46849 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47668 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-47668 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-47668 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47674 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47674 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47674 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47684 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47684 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47706 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47706 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47706 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47747 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47747 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47747 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49860 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49860 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49860 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49867 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49867 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49867 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49936 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49936 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49974 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49974 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49974 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49982 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49991 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49995 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49995 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-49995 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50047 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50047 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Availability Extension 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 Business Critical Linux * SUSE Linux Enterprise Server 15 SP2 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Manager Proxy 4.1 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Server 4.1 An update that solves 46 vulnerabilities and has 10 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP2 LTSS kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47589: igbvf: fix double free in `igbvf_probe` (bsc#1226557). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1231893). * CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (bsc#1231979). * CVE-2022-48962: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() (bsc#1232286). * CVE-2022-48967: NFC: nci: Bounds check struct nfc_target arrays (bsc#1232304). * CVE-2022-48988: memcg: Fix possible use-after-free in memcg_write_event_control() (bsc#1206344 bsc#1232069). * CVE-2022-48991: khugepaged: retract_page_tables() remember to test exit (bsc#1232070). * CVE-2022-49003: nvme: fix SRCU protection of nvme_ns_head list (bsc#1232136). * CVE-2022-49014: net: tun: Fix use-after-free in tun_detach() (bsc#1231890). * CVE-2022-49015: net: hsr: Fix potential use-after-free (bsc#1231938). * CVE-2022-49023: wifi: cfg80211: fix buffer overflow in elem comparison (bsc#1231961). * CVE-2022-49025: net/mlx5e: Fix use-after-free when reverting termination table (bsc#1231960). * CVE-2024-45016: netem: fix return value if duplicate enqueue fails (bsc#1230429). * CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191). * CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197). * CVE-2024-46817: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 (bsc#1231200). * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231203). * CVE-2024-46849: ASoC: meson: axg-card: fix 'use-after-free' (bsc#1231073). * CVE-2024-47668: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() (bsc#1231502). * CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673). * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987). * CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942). * CVE-2024-47747: net: seeq: Fix use after free vulnerability in ether3 Driver Due to Race Condition (bsc#1232145). * CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861). * CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424). * CVE-2024-49974: NFSD: Force all NFSv4.2 COPY requests to be synchronous (bsc#1232383). * CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282). * CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432). * CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418). The following non-security bugs were fixed: * initrd: Revert "build initrd without systemd" (bsc#1195775). * bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation (bsc#1231375). * kernel-binary.spec.in: Enable klp_symbols on openSUSE Tumbleweed (boo#1229042). * kernel-binary: generate and install compile_commands.json (bsc#1228971). * net: mana: Fix the extra HZ in mana_hwc_send_request (bsc#1232033). * rpm/check-for-config-changes: Exclude ARCH_USING_PATCHABLE_FUNCTION_ENTRY gcc version dependent, at least on ppc * rpm/check-for-config-changes: add HAVE_RUST and RUSTC_SUPPORTS_ to IGNORED_CONFIGS_RE They depend on SHADOW_CALL_STACK. * rpm/kernel-binary.spec.in: Fix build regression The previous fix forgot to take over grep -c option that broke the conditional expression. * rpm/kernel-binary.spec.in: fix klp_symbols macro The commit below removed openSUSE filter from %ifs of the klp_symbols definition (boo#1229042). * rpm/kernel-obs-build.spec.in: Some builds do not just create an iso9660 image, but also mount it during build (bsc#1226212). * rpm/kernel-obs-build.spec.in: Add networking modules for docker (bsc#1226211). * rpm/release-projects: Add SLFO projects (bsc#1231293). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-4103=1 * SUSE Linux Enterprise High Availability Extension 15 SP2 zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2024-4103=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4103=1 * SUSE Linux Enterprise Server 15 SP2 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4103=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4103=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (nosrc) * kernel-default-5.3.18-150200.24.209.1 * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-5.3.18-150200.24.209.1 * kernel-livepatch-5_3_18-150200_24_209-default-1-150200.5.3.1 * kernel-default-livepatch-5.3.18-150200.24.209.1 * kernel-livepatch-5_3_18-150200_24_209-default-debuginfo-1-150200.5.3.1 * kernel-livepatch-SLE15-SP2_Update_54-debugsource-1-150200.5.3.1 * kernel-default-debuginfo-5.3.18-150200.24.209.1 * kernel-default-debugsource-5.3.18-150200.24.209.1 * SUSE Linux Enterprise High Availability Extension 15 SP2 (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-5.3.18-150200.24.209.1 * cluster-md-kmp-default-debuginfo-5.3.18-150200.24.209.1 * ocfs2-kmp-default-5.3.18-150200.24.209.1 * ocfs2-kmp-default-debuginfo-5.3.18-150200.24.209.1 * gfs2-kmp-default-5.3.18-150200.24.209.1 * kernel-default-debugsource-5.3.18-150200.24.209.1 * dlm-kmp-default-debuginfo-5.3.18-150200.24.209.1 * gfs2-kmp-default-debuginfo-5.3.18-150200.24.209.1 * kernel-default-debuginfo-5.3.18-150200.24.209.1 * dlm-kmp-default-5.3.18-150200.24.209.1 * SUSE Linux Enterprise High Availability Extension 15 SP2 (nosrc) * kernel-default-5.3.18-150200.24.209.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS (aarch64 nosrc x86_64) * kernel-default-5.3.18-150200.24.209.1 * kernel-preempt-5.3.18-150200.24.209.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS (aarch64 x86_64) * kernel-default-base-5.3.18-150200.24.209.1.150200.9.109.1 * kernel-obs-build-debugsource-5.3.18-150200.24.209.1 * kernel-preempt-debugsource-5.3.18-150200.24.209.1 * kernel-preempt-devel-5.3.18-150200.24.209.1 * kernel-preempt-debuginfo-5.3.18-150200.24.209.1 * kernel-syms-5.3.18-150200.24.209.1 * kernel-preempt-devel-debuginfo-5.3.18-150200.24.209.1 * kernel-default-devel-debuginfo-5.3.18-150200.24.209.1 * kernel-default-devel-5.3.18-150200.24.209.1 * kernel-default-debuginfo-5.3.18-150200.24.209.1 * kernel-obs-build-5.3.18-150200.24.209.1 * kernel-default-debugsource-5.3.18-150200.24.209.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS (noarch) * kernel-source-5.3.18-150200.24.209.1 * kernel-devel-5.3.18-150200.24.209.1 * kernel-macros-5.3.18-150200.24.209.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS (noarch nosrc) * kernel-docs-5.3.18-150200.24.209.2 * SUSE Linux Enterprise Server 15 SP2 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150200.24.209.1 * SUSE Linux Enterprise Server 15 SP2 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-base-5.3.18-150200.24.209.1.150200.9.109.1 * kernel-obs-build-debugsource-5.3.18-150200.24.209.1 * reiserfs-kmp-default-debuginfo-5.3.18-150200.24.209.1 * kernel-syms-5.3.18-150200.24.209.1 * kernel-default-devel-debuginfo-5.3.18-150200.24.209.1 * reiserfs-kmp-default-5.3.18-150200.24.209.1 * kernel-default-devel-5.3.18-150200.24.209.1 * kernel-default-debuginfo-5.3.18-150200.24.209.1 * kernel-obs-build-5.3.18-150200.24.209.1 * kernel-default-debugsource-5.3.18-150200.24.209.1 * SUSE Linux Enterprise Server 15 SP2 LTSS (noarch) * kernel-source-5.3.18-150200.24.209.1 * kernel-devel-5.3.18-150200.24.209.1 * kernel-macros-5.3.18-150200.24.209.1 * SUSE Linux Enterprise Server 15 SP2 LTSS (noarch nosrc) * kernel-docs-5.3.18-150200.24.209.2 * SUSE Linux Enterprise Server 15 SP2 LTSS (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150200.24.209.1 * SUSE Linux Enterprise Server 15 SP2 LTSS (aarch64 x86_64) * kernel-preempt-devel-5.3.18-150200.24.209.1 * kernel-preempt-debugsource-5.3.18-150200.24.209.1 * kernel-preempt-debuginfo-5.3.18-150200.24.209.1 * kernel-preempt-devel-debuginfo-5.3.18-150200.24.209.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (nosrc ppc64le x86_64) * kernel-default-5.3.18-150200.24.209.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * kernel-default-base-5.3.18-150200.24.209.1.150200.9.109.1 * kernel-obs-build-debugsource-5.3.18-150200.24.209.1 * reiserfs-kmp-default-debuginfo-5.3.18-150200.24.209.1 * kernel-syms-5.3.18-150200.24.209.1 * kernel-default-devel-debuginfo-5.3.18-150200.24.209.1 * reiserfs-kmp-default-5.3.18-150200.24.209.1 * kernel-default-devel-5.3.18-150200.24.209.1 * kernel-default-debuginfo-5.3.18-150200.24.209.1 * kernel-obs-build-5.3.18-150200.24.209.1 * kernel-default-debugsource-5.3.18-150200.24.209.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * kernel-source-5.3.18-150200.24.209.1 * kernel-devel-5.3.18-150200.24.209.1 * kernel-macros-5.3.18-150200.24.209.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch nosrc) * kernel-docs-5.3.18-150200.24.209.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (nosrc x86_64) * kernel-preempt-5.3.18-150200.24.209.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * kernel-preempt-devel-5.3.18-150200.24.209.1 * kernel-preempt-debugsource-5.3.18-150200.24.209.1 * kernel-preempt-debuginfo-5.3.18-150200.24.209.1 * kernel-preempt-devel-debuginfo-5.3.18-150200.24.209.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47416.html * https://www.suse.com/security/cve/CVE-2021-47589.html * https://www.suse.com/security/cve/CVE-2022-3435.html * https://www.suse.com/security/cve/CVE-2022-45934.html * https://www.suse.com/security/cve/CVE-2022-48664.html * https://www.suse.com/security/cve/CVE-2022-48947.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2022-48960.html * https://www.suse.com/security/cve/CVE-2022-48962.html * https://www.suse.com/security/cve/CVE-2022-48967.html * https://www.suse.com/security/cve/CVE-2022-48970.html * https://www.suse.com/security/cve/CVE-2022-48988.html * https://www.suse.com/security/cve/CVE-2022-48991.html * https://www.suse.com/security/cve/CVE-2022-48999.html * https://www.suse.com/security/cve/CVE-2022-49003.html * https://www.suse.com/security/cve/CVE-2022-49014.html * https://www.suse.com/security/cve/CVE-2022-49015.html * https://www.suse.com/security/cve/CVE-2022-49023.html * https://www.suse.com/security/cve/CVE-2022-49025.html * https://www.suse.com/security/cve/CVE-2023-28327.html * https://www.suse.com/security/cve/CVE-2023-46343.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2023-52919.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-42145.html * https://www.suse.com/security/cve/CVE-2024-44947.html * https://www.suse.com/security/cve/CVE-2024-45016.html * https://www.suse.com/security/cve/CVE-2024-46813.html * https://www.suse.com/security/cve/CVE-2024-46816.html * https://www.suse.com/security/cve/CVE-2024-46817.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-46849.html * https://www.suse.com/security/cve/CVE-2024-47668.html * https://www.suse.com/security/cve/CVE-2024-47674.html * https://www.suse.com/security/cve/CVE-2024-47684.html * https://www.suse.com/security/cve/CVE-2024-47706.html * https://www.suse.com/security/cve/CVE-2024-47747.html * https://www.suse.com/security/cve/CVE-2024-49860.html * https://www.suse.com/security/cve/CVE-2024-49867.html * https://www.suse.com/security/cve/CVE-2024-49936.html * https://www.suse.com/security/cve/CVE-2024-49974.html * https://www.suse.com/security/cve/CVE-2024-49982.html * https://www.suse.com/security/cve/CVE-2024-49991.html * https://www.suse.com/security/cve/CVE-2024-49995.html * https://www.suse.com/security/cve/CVE-2024-50047.html * https://bugzilla.suse.com/show_bug.cgi?id=1195775 * https://bugzilla.suse.com/show_bug.cgi?id=1204171 * https://bugzilla.suse.com/show_bug.cgi?id=1205796 * https://bugzilla.suse.com/show_bug.cgi?id=1206344 * https://bugzilla.suse.com/show_bug.cgi?id=1209290 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1219125 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1223524 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1225336 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1226211 * https://bugzilla.suse.com/show_bug.cgi?id=1226212 * https://bugzilla.suse.com/show_bug.cgi?id=1226557 * https://bugzilla.suse.com/show_bug.cgi?id=1228743 * https://bugzilla.suse.com/show_bug.cgi?id=1229042 * https://bugzilla.suse.com/show_bug.cgi?id=1229454 * https://bugzilla.suse.com/show_bug.cgi?id=1229456 * https://bugzilla.suse.com/show_bug.cgi?id=1230429 * https://bugzilla.suse.com/show_bug.cgi?id=1231073 * https://bugzilla.suse.com/show_bug.cgi?id=1231191 * https://bugzilla.suse.com/show_bug.cgi?id=1231197 * https://bugzilla.suse.com/show_bug.cgi?id=1231200 * https://bugzilla.suse.com/show_bug.cgi?id=1231203 * https://bugzilla.suse.com/show_bug.cgi?id=1231293 * https://bugzilla.suse.com/show_bug.cgi?id=1231375 * https://bugzilla.suse.com/show_bug.cgi?id=1231502 * https://bugzilla.suse.com/show_bug.cgi?id=1231673 * https://bugzilla.suse.com/show_bug.cgi?id=1231861 * https://bugzilla.suse.com/show_bug.cgi?id=1231887 * https://bugzilla.suse.com/show_bug.cgi?id=1231890 * https://bugzilla.suse.com/show_bug.cgi?id=1231893 * https://bugzilla.suse.com/show_bug.cgi?id=1231895 * https://bugzilla.suse.com/show_bug.cgi?id=1231936 * https://bugzilla.suse.com/show_bug.cgi?id=1231938 * https://bugzilla.suse.com/show_bug.cgi?id=1231942 * https://bugzilla.suse.com/show_bug.cgi?id=1231960 * https://bugzilla.suse.com/show_bug.cgi?id=1231961 * https://bugzilla.suse.com/show_bug.cgi?id=1231979 * https://bugzilla.suse.com/show_bug.cgi?id=1231987 * https://bugzilla.suse.com/show_bug.cgi?id=1231988 * https://bugzilla.suse.com/show_bug.cgi?id=1232033 * https://bugzilla.suse.com/show_bug.cgi?id=1232069 * https://bugzilla.suse.com/show_bug.cgi?id=1232070 * https://bugzilla.suse.com/show_bug.cgi?id=1232097 * https://bugzilla.suse.com/show_bug.cgi?id=1232136 * https://bugzilla.suse.com/show_bug.cgi?id=1232145 * https://bugzilla.suse.com/show_bug.cgi?id=1232262 * https://bugzilla.suse.com/show_bug.cgi?id=1232282 * https://bugzilla.suse.com/show_bug.cgi?id=1232286 * https://bugzilla.suse.com/show_bug.cgi?id=1232304 * https://bugzilla.suse.com/show_bug.cgi?id=1232383 * https://bugzilla.suse.com/show_bug.cgi?id=1232418 * https://bugzilla.suse.com/show_bug.cgi?id=1232424 * https://bugzilla.suse.com/show_bug.cgi?id=1232432 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 28 16:32:38 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Nov 2024 16:32:38 -0000 Subject: SUSE-SU-2024:4100-1: important: Security update for the Linux Kernel Message-ID: <173281155829.13386.1924041919705012710@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:4100-1 Release Date: 2024-11-28T12:42:18Z Rating: important References: * bsc#1082555 * bsc#1176081 * bsc#1206344 * bsc#1213034 * bsc#1218562 * bsc#1219125 * bsc#1220439 * bsc#1221980 * bsc#1222629 * bsc#1223384 * bsc#1223824 * bsc#1225189 * bsc#1225336 * bsc#1225611 * bsc#1226585 * bsc#1226606 * bsc#1227437 * bsc#1227885 * bsc#1227941 * bsc#1227947 * bsc#1227952 * bsc#1228000 * bsc#1228410 * bsc#1228564 * bsc#1228620 * bsc#1228743 * bsc#1229005 * bsc#1229042 * bsc#1229154 * bsc#1229568 * bsc#1229769 * bsc#1229837 * bsc#1230179 * bsc#1230405 * bsc#1230725 * bsc#1230802 * bsc#1231072 * bsc#1231094 * bsc#1231096 * bsc#1231105 * bsc#1231111 * bsc#1231115 * bsc#1231148 * bsc#1231191 * bsc#1231197 * bsc#1231203 * bsc#1231293 * bsc#1231375 * bsc#1231537 * bsc#1231539 * bsc#1231540 * bsc#1231673 * bsc#1231858 * bsc#1231859 * bsc#1231861 * bsc#1231864 * bsc#1231888 * bsc#1231889 * bsc#1231890 * bsc#1231893 * bsc#1231897 * bsc#1231903 * bsc#1231914 * bsc#1231929 * bsc#1231935 * bsc#1231938 * bsc#1231939 * bsc#1231942 * bsc#1231954 * bsc#1231958 * bsc#1231979 * bsc#1231987 * bsc#1231988 * bsc#1231995 * bsc#1231996 * bsc#1231997 * bsc#1231998 * bsc#1232006 * bsc#1232007 * bsc#1232016 * bsc#1232025 * bsc#1232026 * bsc#1232035 * bsc#1232037 * bsc#1232038 * bsc#1232039 * bsc#1232047 * bsc#1232056 * bsc#1232069 * bsc#1232070 * bsc#1232071 * bsc#1232089 * bsc#1232097 * bsc#1232111 * bsc#1232123 * bsc#1232126 * bsc#1232133 * bsc#1232134 * bsc#1232135 * bsc#1232140 * bsc#1232141 * bsc#1232142 * bsc#1232149 * bsc#1232151 * bsc#1232152 * bsc#1232160 * bsc#1232172 * bsc#1232175 * bsc#1232180 * bsc#1232191 * bsc#1232199 * bsc#1232200 * bsc#1232201 * bsc#1232217 * bsc#1232218 * bsc#1232221 * bsc#1232236 * bsc#1232253 * bsc#1232282 * bsc#1232285 * bsc#1232286 * bsc#1232304 * bsc#1232305 * bsc#1232313 * bsc#1232314 * bsc#1232339 * bsc#1232354 * bsc#1232392 * bsc#1232394 * bsc#1232418 * bsc#1232424 * bsc#1232432 * bsc#1232442 Cross-References: * CVE-2021-46936 * CVE-2021-47163 * CVE-2021-47416 * CVE-2021-47612 * CVE-2022-48788 * CVE-2022-48789 * CVE-2022-48790 * CVE-2022-48809 * CVE-2022-48946 * CVE-2022-48949 * CVE-2022-48951 * CVE-2022-48956 * CVE-2022-48958 * CVE-2022-48960 * CVE-2022-48962 * CVE-2022-48966 * CVE-2022-48967 * CVE-2022-48969 * CVE-2022-48971 * CVE-2022-48972 * CVE-2022-48973 * CVE-2022-48978 * CVE-2022-48985 * CVE-2022-48988 * CVE-2022-48991 * CVE-2022-48992 * CVE-2022-48997 * CVE-2022-49000 * CVE-2022-49002 * CVE-2022-49010 * CVE-2022-49011 * CVE-2022-49014 * CVE-2022-49015 * CVE-2022-49020 * CVE-2022-49021 * CVE-2022-49026 * CVE-2022-49027 * CVE-2022-49028 * CVE-2022-49029 * CVE-2023-46343 * CVE-2023-52881 * CVE-2023-52898 * CVE-2023-52918 * CVE-2023-52919 * CVE-2023-6270 * CVE-2024-26804 * CVE-2024-27043 * CVE-2024-38538 * CVE-2024-39476 * CVE-2024-40965 * CVE-2024-41016 * CVE-2024-41082 * CVE-2024-42114 * CVE-2024-42145 * CVE-2024-42253 * CVE-2024-44931 * CVE-2024-44958 * CVE-2024-46724 * CVE-2024-46755 * CVE-2024-46802 * CVE-2024-46809 * CVE-2024-46813 * CVE-2024-46816 * CVE-2024-46818 * CVE-2024-46826 * CVE-2024-46834 * CVE-2024-46840 * CVE-2024-46841 * CVE-2024-46848 * CVE-2024-47670 * CVE-2024-47672 * CVE-2024-47673 * CVE-2024-47674 * CVE-2024-47684 * CVE-2024-47685 * CVE-2024-47696 * CVE-2024-47697 * CVE-2024-47698 * CVE-2024-47706 * CVE-2024-47707 * CVE-2024-47713 * CVE-2024-47735 * CVE-2024-47737 * CVE-2024-47742 * CVE-2024-47745 * CVE-2024-47749 * CVE-2024-49851 * CVE-2024-49860 * CVE-2024-49877 * CVE-2024-49881 * CVE-2024-49882 * CVE-2024-49883 * CVE-2024-49890 * CVE-2024-49891 * CVE-2024-49894 * CVE-2024-49896 * CVE-2024-49901 * CVE-2024-49920 * CVE-2024-49929 * CVE-2024-49936 * CVE-2024-49949 * CVE-2024-49957 * CVE-2024-49958 * CVE-2024-49959 * CVE-2024-49962 * CVE-2024-49965 * CVE-2024-49966 * CVE-2024-49967 * CVE-2024-49982 * CVE-2024-49991 * CVE-2024-49995 * CVE-2024-49996 * CVE-2024-50006 * CVE-2024-50007 * CVE-2024-50024 * CVE-2024-50033 * CVE-2024-50035 * CVE-2024-50045 * CVE-2024-50047 * CVE-2024-50058 CVSS scores: * CVE-2021-46936 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47163 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47416 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47612 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47612 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48788 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48788 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48789 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48789 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48790 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48790 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48809 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48809 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48946 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48946 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48949 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48949 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48949 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48951 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48951 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48951 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48958 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48960 ( SUSE ): 9.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48960 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48960 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48962 ( SUSE ): 7.2 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48962 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2022-48962 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48966 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48966 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48966 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48967 ( SUSE ): 7.0 CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48967 ( SUSE ): 7.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-48967 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2022-48969 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48969 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48971 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48971 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48971 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48972 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48972 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48972 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48973 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48973 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2022-48973 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48978 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2022-48978 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2022-48978 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48985 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48985 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48988 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48988 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48988 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48991 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48991 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48992 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48992 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48992 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48997 ( SUSE ): 1.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48997 ( SUSE ): 2.2 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2022-48997 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49000 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49000 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49000 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49002 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49002 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49002 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49010 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-49010 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49010 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49011 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49014 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49014 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49015 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49015 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49020 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-49020 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-49020 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49021 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49021 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49026 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49026 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49027 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49027 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-49028 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49028 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49029 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49029 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-46343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46343 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52881 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52898 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52898 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52898 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52918 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52918 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52918 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52919 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26804 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26804 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38538 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-38538 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-39476 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39476 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40965 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40965 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-41082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42114 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42114 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42253 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-42253 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-42253 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44931 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-44931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44958 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46724 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-46724 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-46724 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-46755 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46755 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46755 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46802 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46802 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46802 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46809 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-46809 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46809 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46813 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46813 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46813 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46816 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46816 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46816 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46818 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46818 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46818 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46826 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46826 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46834 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46834 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46840 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46840 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46841 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46841 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46848 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-46848 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47670 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47670 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47670 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47672 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47672 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47673 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47673 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47674 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47674 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47674 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47684 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47684 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47684 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47685 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-47685 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-47685 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47696 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47696 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47696 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47697 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-47697 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-47697 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47698 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-47698 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-47698 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47706 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47706 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47706 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47707 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47707 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47707 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47713 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47713 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47735 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47735 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47737 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-47737 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47737 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47742 ( SUSE ): 8.3 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-47742 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2024-47742 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47745 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-47745 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47745 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47749 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47749 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47749 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49851 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49851 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49860 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49860 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49860 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-49877 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49877 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49877 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49881 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49881 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49882 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49882 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49883 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49883 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49890 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49890 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49890 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49891 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49891 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49891 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49894 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-49894 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-49894 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49896 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49896 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49901 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49920 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49929 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49929 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49936 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49936 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49936 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49949 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49949 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49957 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49957 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49958 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49959 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49959 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49962 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49962 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49962 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49965 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49965 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49966 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49966 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49967 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49967 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49982 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-49991 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49991 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49995 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-49995 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-49995 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49996 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49996 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50006 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50006 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50006 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50007 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50007 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50007 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50024 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50024 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50033 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50033 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50035 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-50035 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-50035 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-50045 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50045 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50047 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50047 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50058 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-50058 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Availability Extension 12 SP5 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 120 vulnerabilities and has 13 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The Linux Enterprise 12 SP5 kernel turned LTSS (Extended Security) The following security bugs were fixed: * CVE-2021-46936: Fixed use-after-free in tw_timer_handler() (bsc#1220439). * CVE-2021-47163: kABI fix for tipc: wait and exit until all work queues are done (bsc#1221980). * CVE-2021-47612: nfc: fix segfault in nfc_genl_dump_devices_done (bsc#1226585). * CVE-2022-48809: net: fix a memleak when uncloning an skb dst and its metadata (bsc#1227947). * CVE-2022-48951: ASoC: ops: Correct bounds check for second channel on SX controls (bsc#1231929). * CVE-2022-48956: ipv6: avoid use-after-free in ip6_fragment() (bsc#1231893). * CVE-2022-48958: ethernet: aeroflex: fix potential skb leak in greth_init_rings() (bsc#1231889). * CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() (bsc#1231979). * CVE-2022-48962: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() (bsc#1232286). * CVE-2022-48966: net: mvneta: Fix an out of bounds check (bsc#1232191). * CVE-2022-48967: NFC: nci: Bounds check struct nfc_target arrays (bsc#1232304). * CVE-2022-48971: Bluetooth: Fix not cleanup led when bt_init fails (bsc#1232037). * CVE-2022-48972: mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add() (bsc#1232025). * CVE-2022-48973: gpio: amd8111: Fix PCI device reference count leak (bsc#1232039). * CVE-2022-48978: HID: core: fix shift-out-of-bounds in hid_report_raw_event (bsc#1232038). * CVE-2022-48991: mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths (bsc#1232070). * CVE-2022-48992: ASoC: soc-pcm: Add NULL check in BE reparenting (bsc#1232071). * CVE-2022-49000: iommu/vt-d: Fix PCI device refcount leak in has_external_pci() (bsc#1232123). * CVE-2022-49002: iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init() (bsc#1232133). * CVE-2022-49010: hwmon: (coretemp) Check for null before removing sysfs attrs (bsc#1232172). * CVE-2022-49011: hwmon: (coretemp) fix pci device refcount leak in nv1a_ram_new() (bsc#1232006). * CVE-2022-49014: net: tun: Fix use-after-free in tun_detach() (bsc#1231890). * CVE-2022-49015: net: hsr: Fix potential use-after-free (bsc#1231938). * CVE-2022-49020: net/9p: Fix a potential socket leak in p9_socket_open (bsc#1232175). * CVE-2022-49021: net: phy: fix null-ptr-deref while probe() failed (bsc#1231939). * CVE-2022-49026: e100: Fix possible use after free in e100_xmit_prepare (bsc#1231997). * CVE-2022-49027: iavf: Fix error handling in iavf_init_module() (bsc#1232007). * CVE-2022-49028: ixgbevf: Fix resource leak in ixgbevf_init_module() (bsc#1231996). * CVE-2022-49029: hwmon: (ibmpex) Fix possible UAF when ibmpex_register_bmc() fails (bsc#1231995). * CVE-2023-52898: xhci: Fix null pointer dereference when host dies (bsc#1229568). * CVE-2023-52918: media: pci: cx23885: check cx23885_vdev_init() return (bsc#1232047). * CVE-2024-26804: net: ip_tunnel: prevent perpetual headroom growth (bsc#1222629). * CVE-2024-38538: net: bridge: xmit: make sure we have at least eth header len bytes (bsc#1226606). * CVE-2024-39476: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (bsc#1227437). * CVE-2024-40965: i2c: lpi2c: Avoid calling clk_get_rate during transfer (bsc#1227885). * CVE-2024-41082: nvme-fabrics: use reserved tag for reg read/write command (bsc#1228620). * CVE-2024-42114: netlink: extend policy range validation (bsc#1228564 prerequisite). * CVE-2024-42253: gpio: pca953x: fix pca953x_irq_bus_sync_unlock race (bsc#1229005 stable-fixes). * CVE-2024-44931: gpio: prevent potential speculation leaks in gpio_device_get_desc() (bsc#1229837 stable-fixes). * CVE-2024-44958: sched/smt: Fix unbalance sched_smt_present dec/inc (bsc#1230179). * CVE-2024-46724: drm/amdgpu: Fix out-of-bounds read of df_v1_7_channel_number (bsc#1230725). * CVE-2024-46755: wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() (bsc#1230802). * CVE-2024-46802: drm/amd/display: added NULL check at start of dc_validate_stream (bsc#1231111). * CVE-2024-46809: drm/amd/display: Check BIOS images before it is used (bsc#1231148). * CVE-2024-46813: drm/amd/display: Check link_index before accessing dc->links (bsc#1231191). * CVE-2024-46816: drm/amd/display: Stop amdgpu_dm initialize when link nums greater than max_links (bsc#1231197). * CVE-2024-46818: drm/amd/display: Check gpio_id before used as array index (bsc#1231203). * CVE-2024-46826: ELF: fix kernel.randomize_va_space double read (bsc#1231115). * CVE-2024-46834: ethtool: fail closed if we can't get max channel used in indirection tables (bsc#1231096). * CVE-2024-46840: btrfs: clean up our handling of refs == 0 in snapshot delete (bsc#1231105). * CVE-2024-46841: btrfs: do not BUG_ON on ENOMEM from btrfs_lookup_extent_info() in walk_down_proc() (bsc#1231094). * CVE-2024-46848: perf/x86/intel: Limit the period on Haswell (bsc#1231072). * CVE-2024-47672: wifi: iwlwifi: mvm: do not wait for tx queues if firmware is dead (bsc#1231540). * CVE-2024-47673: wifi: iwlwifi: mvm: pause TCM when the firmware is stopped (bsc#1231539). * CVE-2024-47674: mm: avoid leaving partial pfn mappings around in error case (bsc#1231673). * CVE-2024-47684: tcp: check skb is non-NULL in tcp_rto_delta_us() (bsc#1231987). * CVE-2024-47685: netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put() (bsc#1231998). * CVE-2024-47697: drivers: media: dvb-frontends/rtl2830: fix an out-of-bounds write error (bsc#1231858). * CVE-2024-47698: drivers: media: dvb-frontends/rtl2832: fix an out-of-bounds write error (bsc#1231859). * CVE-2024-47706: block, bfq: fix possible UAF for bfqq->bic with merge chain (bsc#1231942). * CVE-2024-47707: ipv6: avoid possible NULL deref in rt6_uncached_list_flush_dev() (bsc#1231935). * CVE-2024-47713: wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop() (bsc#1232016). * CVE-2024-47735: RDMA/hns: Fix spin_unlock_irqrestore() called with IRQs enabled (bsc#1232111). * CVE-2024-47737: nfsd: call cache_put if xdr_reserve_space returns NULL (bsc#1232056). * CVE-2024-47742: firmware_loader: Block path traversal (bsc#1232126). * CVE-2024-47745: mm: split critical region in remap_file_pages() and invoke LSMs in between (bsc#1232135). * CVE-2024-49851: tpm: Clean up TPM space after command failure (bsc#1232134). * CVE-2024-49860: ACPI: sysfs: validate return type of _STR method (bsc#1231861). * CVE-2024-49881: ext4: update orig_path in ext4_find_extent() (bsc#1232201). * CVE-2024-49882: ext4: fix double brelse() the buffer of the extents path (bsc#1232200). * CVE-2024-49883: ext4: aovid use-after-free in ext4_ext_insert_extent() (bsc#1232199). * CVE-2024-49890: drm/amd/pm: ensure the fw_info is not null before using it (bsc#1232217). * CVE-2024-49891: scsi: lpfc: Validate hdwq pointers before dereferencing in reset/errata paths (bsc#1232218). * CVE-2024-49894: drm/amd/display: Fix index out of bounds in degamma hardware format translation (bsc#1232354). * CVE-2024-49896: drm/amd/display: Check stream before comparing them (bsc#1232221). * CVE-2024-49901: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs (bsc#1232305). * CVE-2024-49920: drm/amd/display: Check null pointers before multiple uses (bsc#1232313). * CVE-2024-49929: wifi: iwlwifi: mvm: avoid NULL pointer dereference (bsc#1232253). * CVE-2024-49936: net/xen-netback: prevent UAF in xenvif_flush_hash() (bsc#1232424). * CVE-2024-49949: net: avoid potential underflow in qdisc_pkt_len_init() with UFO (bsc#1232160). * CVE-2024-49958: ocfs2: reserve space for inline xattr before attaching reflink tree (bsc#1232151). * CVE-2024-49959: jbd2: stop waiting for space when jbd2_cleanup_journal_tail() returns error (bsc#1232149). * CVE-2024-49962: ACPICA: check null return of ACPI_ALLOCATE_ZEROED() in acpi_db_convert_to_package() (bsc#1232314). * CVE-2024-49966: ocfs2: cancel dqi_sync_work before freeing oinfo (bsc#1232141). * CVE-2024-49967: ext4: no need to continue when the number of entries is 1 (bsc#1232140). * CVE-2024-49991: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer (bsc#1232282). * CVE-2024-49995: tipc: guard against string buffer overrun (bsc#1232432). * CVE-2024-49996: cifs: Fix buffer overflow when parsing NFS reparse points (bsc#1232089). * CVE-2024-50006: ext4: fix i_data_sem unlock order in ext4_ind_migrate() (bsc#1232442). * CVE-2024-50007: ALSA: asihpi: Fix potential OOB array access (bsc#1232394). * CVE-2024-50024: net: Fix an unsafe loop on the list (bsc#1231954). * CVE-2024-50033: slip: make slhc_remember() more robust against malicious packets (bsc#1231914). * CVE-2024-50035: ppp: fix ppp_async_encode() illegal access (bsc#1232392). * CVE-2024-50045: netfilter: br_netfilter: fix panic with metadata_dst skb (bsc#1231903). * CVE-2024-50047: smb: client: fix UAF in async decryption (bsc#1232418). * CVE-2024-50058: serial: protect uart_port_dtr_rts() in uart_shutdown() too (bsc#1232285). The following non-security bugs were fixed: * arm64: esr: Define ESR_ELx_EC_* constants as UL (git-fixes) * arm64: probes: Fix simulate_ldr*_literal() (git-fixes) * arm64: probes: Fix uprobes for big-endian kernels (git-fixes) * arm64: probes: Remove broken LDR (literal) uprobe support (git-fixes) * bpf: Fix pointer-leak due to insufficient speculative store bypass mitigation (bsc#1231375). * drbd: Add NULL check for net_conf to prevent dereference in state validation (git-fixes). * drbd: Fix atomicity violation in drbd_uuid_set_bm() (git-fixes). * ext4: fix slab-use-after-free in ext4_split_extent_at() (bsc#1232201) * kernel-binary: generate and install compile_commands.json (bsc#1228971) * net: usb: usbnet: fix name regression (get-fixes). * nfs: fix memory leak in error path of nfs4_do_reclaim (git-fixes). * nfsd: fix delegation_blocked() to block correctly for at least 30 seconds (git-fixes). * x86/kaslr: Expose and use the end of the physical memory address space (bsc#1230405). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2024-4100=1 * SUSE Linux Enterprise High Availability Extension 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2024-4100=1 * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-4100=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2024-4100=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-4100=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * gfs2-kmp-default-4.12.14-122.234.1 * kernel-default-debugsource-4.12.14-122.234.1 * cluster-md-kmp-default-4.12.14-122.234.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.234.1 * gfs2-kmp-default-debuginfo-4.12.14-122.234.1 * dlm-kmp-default-debuginfo-4.12.14-122.234.1 * dlm-kmp-default-4.12.14-122.234.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.234.1 * kernel-default-debuginfo-4.12.14-122.234.1 * ocfs2-kmp-default-4.12.14-122.234.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc) * kernel-default-4.12.14-122.234.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (ppc64le s390x x86_64) * gfs2-kmp-default-4.12.14-122.234.1 * kernel-default-debugsource-4.12.14-122.234.1 * cluster-md-kmp-default-4.12.14-122.234.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.234.1 * gfs2-kmp-default-debuginfo-4.12.14-122.234.1 * dlm-kmp-default-debuginfo-4.12.14-122.234.1 * dlm-kmp-default-4.12.14-122.234.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.234.1 * kernel-default-debuginfo-4.12.14-122.234.1 * ocfs2-kmp-default-4.12.14-122.234.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (nosrc) * kernel-default-4.12.14-122.234.1 * SUSE Linux Enterprise Live Patching 12-SP5 (nosrc) * kernel-default-4.12.14-122.234.1 * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kernel-default-debugsource-4.12.14-122.234.1 * kernel-default-kgraft-4.12.14-122.234.1 * kernel-default-kgraft-devel-4.12.14-122.234.1 * kernel-default-debuginfo-4.12.14-122.234.1 * kgraft-patch-4_12_14-122_234-default-1-8.3.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-4.12.14-122.234.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-base-debuginfo-4.12.14-122.234.1 * kernel-default-debugsource-4.12.14-122.234.1 * kernel-default-devel-4.12.14-122.234.1 * kernel-default-debuginfo-4.12.14-122.234.1 * kernel-syms-4.12.14-122.234.1 * kernel-default-base-4.12.14-122.234.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * kernel-devel-4.12.14-122.234.1 * kernel-macros-4.12.14-122.234.1 * kernel-source-4.12.14-122.234.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (s390x) * kernel-default-man-4.12.14-122.234.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.234.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (nosrc x86_64) * kernel-default-4.12.14-122.234.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * kernel-default-base-debuginfo-4.12.14-122.234.1 * kernel-default-debugsource-4.12.14-122.234.1 * kernel-default-devel-4.12.14-122.234.1 * kernel-default-devel-debuginfo-4.12.14-122.234.1 * kernel-default-debuginfo-4.12.14-122.234.1 * kernel-syms-4.12.14-122.234.1 * kernel-default-base-4.12.14-122.234.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * kernel-devel-4.12.14-122.234.1 * kernel-macros-4.12.14-122.234.1 * kernel-source-4.12.14-122.234.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46936.html * https://www.suse.com/security/cve/CVE-2021-47163.html * https://www.suse.com/security/cve/CVE-2021-47416.html * https://www.suse.com/security/cve/CVE-2021-47612.html * https://www.suse.com/security/cve/CVE-2022-48788.html * https://www.suse.com/security/cve/CVE-2022-48789.html * https://www.suse.com/security/cve/CVE-2022-48790.html * https://www.suse.com/security/cve/CVE-2022-48809.html * https://www.suse.com/security/cve/CVE-2022-48946.html * https://www.suse.com/security/cve/CVE-2022-48949.html * https://www.suse.com/security/cve/CVE-2022-48951.html * https://www.suse.com/security/cve/CVE-2022-48956.html * https://www.suse.com/security/cve/CVE-2022-48958.html * https://www.suse.com/security/cve/CVE-2022-48960.html * https://www.suse.com/security/cve/CVE-2022-48962.html * https://www.suse.com/security/cve/CVE-2022-48966.html * https://www.suse.com/security/cve/CVE-2022-48967.html * https://www.suse.com/security/cve/CVE-2022-48969.html * https://www.suse.com/security/cve/CVE-2022-48971.html * https://www.suse.com/security/cve/CVE-2022-48972.html * https://www.suse.com/security/cve/CVE-2022-48973.html * https://www.suse.com/security/cve/CVE-2022-48978.html * https://www.suse.com/security/cve/CVE-2022-48985.html * https://www.suse.com/security/cve/CVE-2022-48988.html * https://www.suse.com/security/cve/CVE-2022-48991.html * https://www.suse.com/security/cve/CVE-2022-48992.html * https://www.suse.com/security/cve/CVE-2022-48997.html * https://www.suse.com/security/cve/CVE-2022-49000.html * https://www.suse.com/security/cve/CVE-2022-49002.html * https://www.suse.com/security/cve/CVE-2022-49010.html * https://www.suse.com/security/cve/CVE-2022-49011.html * https://www.suse.com/security/cve/CVE-2022-49014.html * https://www.suse.com/security/cve/CVE-2022-49015.html * https://www.suse.com/security/cve/CVE-2022-49020.html * https://www.suse.com/security/cve/CVE-2022-49021.html * https://www.suse.com/security/cve/CVE-2022-49026.html * https://www.suse.com/security/cve/CVE-2022-49027.html * https://www.suse.com/security/cve/CVE-2022-49028.html * https://www.suse.com/security/cve/CVE-2022-49029.html * https://www.suse.com/security/cve/CVE-2023-46343.html * https://www.suse.com/security/cve/CVE-2023-52881.html * https://www.suse.com/security/cve/CVE-2023-52898.html * https://www.suse.com/security/cve/CVE-2023-52918.html * https://www.suse.com/security/cve/CVE-2023-52919.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2024-26804.html * https://www.suse.com/security/cve/CVE-2024-27043.html * https://www.suse.com/security/cve/CVE-2024-38538.html * https://www.suse.com/security/cve/CVE-2024-39476.html * https://www.suse.com/security/cve/CVE-2024-40965.html * https://www.suse.com/security/cve/CVE-2024-41016.html * https://www.suse.com/security/cve/CVE-2024-41082.html * https://www.suse.com/security/cve/CVE-2024-42114.html * https://www.suse.com/security/cve/CVE-2024-42145.html * https://www.suse.com/security/cve/CVE-2024-42253.html * https://www.suse.com/security/cve/CVE-2024-44931.html * https://www.suse.com/security/cve/CVE-2024-44958.html * https://www.suse.com/security/cve/CVE-2024-46724.html * https://www.suse.com/security/cve/CVE-2024-46755.html * https://www.suse.com/security/cve/CVE-2024-46802.html * https://www.suse.com/security/cve/CVE-2024-46809.html * https://www.suse.com/security/cve/CVE-2024-46813.html * https://www.suse.com/security/cve/CVE-2024-46816.html * https://www.suse.com/security/cve/CVE-2024-46818.html * https://www.suse.com/security/cve/CVE-2024-46826.html * https://www.suse.com/security/cve/CVE-2024-46834.html * https://www.suse.com/security/cve/CVE-2024-46840.html * https://www.suse.com/security/cve/CVE-2024-46841.html * https://www.suse.com/security/cve/CVE-2024-46848.html * https://www.suse.com/security/cve/CVE-2024-47670.html * https://www.suse.com/security/cve/CVE-2024-47672.html * https://www.suse.com/security/cve/CVE-2024-47673.html * https://www.suse.com/security/cve/CVE-2024-47674.html * https://www.suse.com/security/cve/CVE-2024-47684.html * https://www.suse.com/security/cve/CVE-2024-47685.html * https://www.suse.com/security/cve/CVE-2024-47696.html * https://www.suse.com/security/cve/CVE-2024-47697.html * https://www.suse.com/security/cve/CVE-2024-47698.html * https://www.suse.com/security/cve/CVE-2024-47706.html * https://www.suse.com/security/cve/CVE-2024-47707.html * https://www.suse.com/security/cve/CVE-2024-47713.html * https://www.suse.com/security/cve/CVE-2024-47735.html * https://www.suse.com/security/cve/CVE-2024-47737.html * https://www.suse.com/security/cve/CVE-2024-47742.html * https://www.suse.com/security/cve/CVE-2024-47745.html * https://www.suse.com/security/cve/CVE-2024-47749.html * https://www.suse.com/security/cve/CVE-2024-49851.html * https://www.suse.com/security/cve/CVE-2024-49860.html * https://www.suse.com/security/cve/CVE-2024-49877.html * https://www.suse.com/security/cve/CVE-2024-49881.html * https://www.suse.com/security/cve/CVE-2024-49882.html * https://www.suse.com/security/cve/CVE-2024-49883.html * https://www.suse.com/security/cve/CVE-2024-49890.html * https://www.suse.com/security/cve/CVE-2024-49891.html * https://www.suse.com/security/cve/CVE-2024-49894.html * https://www.suse.com/security/cve/CVE-2024-49896.html * https://www.suse.com/security/cve/CVE-2024-49901.html * https://www.suse.com/security/cve/CVE-2024-49920.html * https://www.suse.com/security/cve/CVE-2024-49929.html * https://www.suse.com/security/cve/CVE-2024-49936.html * https://www.suse.com/security/cve/CVE-2024-49949.html * https://www.suse.com/security/cve/CVE-2024-49957.html * https://www.suse.com/security/cve/CVE-2024-49958.html * https://www.suse.com/security/cve/CVE-2024-49959.html * https://www.suse.com/security/cve/CVE-2024-49962.html * https://www.suse.com/security/cve/CVE-2024-49965.html * https://www.suse.com/security/cve/CVE-2024-49966.html * https://www.suse.com/security/cve/CVE-2024-49967.html * https://www.suse.com/security/cve/CVE-2024-49982.html * https://www.suse.com/security/cve/CVE-2024-49991.html * https://www.suse.com/security/cve/CVE-2024-49995.html * https://www.suse.com/security/cve/CVE-2024-49996.html * https://www.suse.com/security/cve/CVE-2024-50006.html * https://www.suse.com/security/cve/CVE-2024-50007.html * https://www.suse.com/security/cve/CVE-2024-50024.html * https://www.suse.com/security/cve/CVE-2024-50033.html * https://www.suse.com/security/cve/CVE-2024-50035.html * https://www.suse.com/security/cve/CVE-2024-50045.html * https://www.suse.com/security/cve/CVE-2024-50047.html * https://www.suse.com/security/cve/CVE-2024-50058.html * https://bugzilla.suse.com/show_bug.cgi?id=1082555 * https://bugzilla.suse.com/show_bug.cgi?id=1176081 * https://bugzilla.suse.com/show_bug.cgi?id=1206344 * https://bugzilla.suse.com/show_bug.cgi?id=1213034 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1219125 * https://bugzilla.suse.com/show_bug.cgi?id=1220439 * https://bugzilla.suse.com/show_bug.cgi?id=1221980 * https://bugzilla.suse.com/show_bug.cgi?id=1222629 * https://bugzilla.suse.com/show_bug.cgi?id=1223384 * https://bugzilla.suse.com/show_bug.cgi?id=1223824 * https://bugzilla.suse.com/show_bug.cgi?id=1225189 * https://bugzilla.suse.com/show_bug.cgi?id=1225336 * https://bugzilla.suse.com/show_bug.cgi?id=1225611 * https://bugzilla.suse.com/show_bug.cgi?id=1226585 * https://bugzilla.suse.com/show_bug.cgi?id=1226606 * https://bugzilla.suse.com/show_bug.cgi?id=1227437 * https://bugzilla.suse.com/show_bug.cgi?id=1227885 * https://bugzilla.suse.com/show_bug.cgi?id=1227941 * https://bugzilla.suse.com/show_bug.cgi?id=1227947 * https://bugzilla.suse.com/show_bug.cgi?id=1227952 * https://bugzilla.suse.com/show_bug.cgi?id=1228000 * https://bugzilla.suse.com/show_bug.cgi?id=1228410 * https://bugzilla.suse.com/show_bug.cgi?id=1228564 * https://bugzilla.suse.com/show_bug.cgi?id=1228620 * https://bugzilla.suse.com/show_bug.cgi?id=1228743 * https://bugzilla.suse.com/show_bug.cgi?id=1229005 * https://bugzilla.suse.com/show_bug.cgi?id=1229042 * https://bugzilla.suse.com/show_bug.cgi?id=1229154 * https://bugzilla.suse.com/show_bug.cgi?id=1229568 * https://bugzilla.suse.com/show_bug.cgi?id=1229769 * https://bugzilla.suse.com/show_bug.cgi?id=1229837 * https://bugzilla.suse.com/show_bug.cgi?id=1230179 * https://bugzilla.suse.com/show_bug.cgi?id=1230405 * https://bugzilla.suse.com/show_bug.cgi?id=1230725 * https://bugzilla.suse.com/show_bug.cgi?id=1230802 * https://bugzilla.suse.com/show_bug.cgi?id=1231072 * https://bugzilla.suse.com/show_bug.cgi?id=1231094 * https://bugzilla.suse.com/show_bug.cgi?id=1231096 * https://bugzilla.suse.com/show_bug.cgi?id=1231105 * https://bugzilla.suse.com/show_bug.cgi?id=1231111 * https://bugzilla.suse.com/show_bug.cgi?id=1231115 * https://bugzilla.suse.com/show_bug.cgi?id=1231148 * https://bugzilla.suse.com/show_bug.cgi?id=1231191 * https://bugzilla.suse.com/show_bug.cgi?id=1231197 * https://bugzilla.suse.com/show_bug.cgi?id=1231203 * https://bugzilla.suse.com/show_bug.cgi?id=1231293 * https://bugzilla.suse.com/show_bug.cgi?id=1231375 * https://bugzilla.suse.com/show_bug.cgi?id=1231537 * https://bugzilla.suse.com/show_bug.cgi?id=1231539 * https://bugzilla.suse.com/show_bug.cgi?id=1231540 * https://bugzilla.suse.com/show_bug.cgi?id=1231673 * https://bugzilla.suse.com/show_bug.cgi?id=1231858 * https://bugzilla.suse.com/show_bug.cgi?id=1231859 * https://bugzilla.suse.com/show_bug.cgi?id=1231861 * https://bugzilla.suse.com/show_bug.cgi?id=1231864 * https://bugzilla.suse.com/show_bug.cgi?id=1231888 * https://bugzilla.suse.com/show_bug.cgi?id=1231889 * https://bugzilla.suse.com/show_bug.cgi?id=1231890 * https://bugzilla.suse.com/show_bug.cgi?id=1231893 * https://bugzilla.suse.com/show_bug.cgi?id=1231897 * https://bugzilla.suse.com/show_bug.cgi?id=1231903 * https://bugzilla.suse.com/show_bug.cgi?id=1231914 * https://bugzilla.suse.com/show_bug.cgi?id=1231929 * https://bugzilla.suse.com/show_bug.cgi?id=1231935 * https://bugzilla.suse.com/show_bug.cgi?id=1231938 * https://bugzilla.suse.com/show_bug.cgi?id=1231939 * https://bugzilla.suse.com/show_bug.cgi?id=1231942 * https://bugzilla.suse.com/show_bug.cgi?id=1231954 * https://bugzilla.suse.com/show_bug.cgi?id=1231958 * https://bugzilla.suse.com/show_bug.cgi?id=1231979 * https://bugzilla.suse.com/show_bug.cgi?id=1231987 * https://bugzilla.suse.com/show_bug.cgi?id=1231988 * https://bugzilla.suse.com/show_bug.cgi?id=1231995 * https://bugzilla.suse.com/show_bug.cgi?id=1231996 * https://bugzilla.suse.com/show_bug.cgi?id=1231997 * https://bugzilla.suse.com/show_bug.cgi?id=1231998 * https://bugzilla.suse.com/show_bug.cgi?id=1232006 * https://bugzilla.suse.com/show_bug.cgi?id=1232007 * https://bugzilla.suse.com/show_bug.cgi?id=1232016 * https://bugzilla.suse.com/show_bug.cgi?id=1232025 * https://bugzilla.suse.com/show_bug.cgi?id=1232026 * https://bugzilla.suse.com/show_bug.cgi?id=1232035 * https://bugzilla.suse.com/show_bug.cgi?id=1232037 * https://bugzilla.suse.com/show_bug.cgi?id=1232038 * https://bugzilla.suse.com/show_bug.cgi?id=1232039 * https://bugzilla.suse.com/show_bug.cgi?id=1232047 * https://bugzilla.suse.com/show_bug.cgi?id=1232056 * https://bugzilla.suse.com/show_bug.cgi?id=1232069 * https://bugzilla.suse.com/show_bug.cgi?id=1232070 * https://bugzilla.suse.com/show_bug.cgi?id=1232071 * https://bugzilla.suse.com/show_bug.cgi?id=1232089 * https://bugzilla.suse.com/show_bug.cgi?id=1232097 * https://bugzilla.suse.com/show_bug.cgi?id=1232111 * https://bugzilla.suse.com/show_bug.cgi?id=1232123 * https://bugzilla.suse.com/show_bug.cgi?id=1232126 * https://bugzilla.suse.com/show_bug.cgi?id=1232133 * https://bugzilla.suse.com/show_bug.cgi?id=1232134 * https://bugzilla.suse.com/show_bug.cgi?id=1232135 * https://bugzilla.suse.com/show_bug.cgi?id=1232140 * https://bugzilla.suse.com/show_bug.cgi?id=1232141 * https://bugzilla.suse.com/show_bug.cgi?id=1232142 * https://bugzilla.suse.com/show_bug.cgi?id=1232149 * https://bugzilla.suse.com/show_bug.cgi?id=1232151 * https://bugzilla.suse.com/show_bug.cgi?id=1232152 * https://bugzilla.suse.com/show_bug.cgi?id=1232160 * https://bugzilla.suse.com/show_bug.cgi?id=1232172 * https://bugzilla.suse.com/show_bug.cgi?id=1232175 * https://bugzilla.suse.com/show_bug.cgi?id=1232180 * https://bugzilla.suse.com/show_bug.cgi?id=1232191 * https://bugzilla.suse.com/show_bug.cgi?id=1232199 * https://bugzilla.suse.com/show_bug.cgi?id=1232200 * https://bugzilla.suse.com/show_bug.cgi?id=1232201 * https://bugzilla.suse.com/show_bug.cgi?id=1232217 * https://bugzilla.suse.com/show_bug.cgi?id=1232218 * https://bugzilla.suse.com/show_bug.cgi?id=1232221 * https://bugzilla.suse.com/show_bug.cgi?id=1232236 * https://bugzilla.suse.com/show_bug.cgi?id=1232253 * https://bugzilla.suse.com/show_bug.cgi?id=1232282 * https://bugzilla.suse.com/show_bug.cgi?id=1232285 * https://bugzilla.suse.com/show_bug.cgi?id=1232286 * https://bugzilla.suse.com/show_bug.cgi?id=1232304 * https://bugzilla.suse.com/show_bug.cgi?id=1232305 * https://bugzilla.suse.com/show_bug.cgi?id=1232313 * https://bugzilla.suse.com/show_bug.cgi?id=1232314 * https://bugzilla.suse.com/show_bug.cgi?id=1232339 * https://bugzilla.suse.com/show_bug.cgi?id=1232354 * https://bugzilla.suse.com/show_bug.cgi?id=1232392 * https://bugzilla.suse.com/show_bug.cgi?id=1232394 * https://bugzilla.suse.com/show_bug.cgi?id=1232418 * https://bugzilla.suse.com/show_bug.cgi?id=1232424 * https://bugzilla.suse.com/show_bug.cgi?id=1232432 * https://bugzilla.suse.com/show_bug.cgi?id=1232442 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 28 16:32:42 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Nov 2024 16:32:42 -0000 Subject: SUSE-SU-2024:4107-1: important: Security update for python-waitress Message-ID: <173281156264.13386.3592389444808281989@smelt2.prg2.suse.org> # Security update for python-waitress Announcement ID: SUSE-SU-2024:4107-1 Release Date: 2024-11-28T15:13:29Z Rating: important References: * bsc#1232554 Cross-References: * CVE-2024-49769 CVSS scores: * CVE-2024-49769 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49769 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49769 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49769 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-waitress fixes the following issues: * CVE-2024-49769: Fixed a denial of service caused by incorrect connection clean up (bsc#1232554) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-4107=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4107=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4107=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4107=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-4107=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-4107=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4107=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-4107=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4107=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4107=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4107=1 * SUSE Linux Enterprise Server 15 SP2 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4107=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-4107=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4107=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4107=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-4107=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4107=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4107=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4107=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4107=1 ## Package List: * SUSE Enterprise Storage 7.1 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * openSUSE Leap 15.5 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * Basesystem Module 15-SP5 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * Basesystem Module 15-SP6 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Package Hub 15 15-SP5 (noarch) * python2-waitress-1.4.3-150000.3.9.1 * SUSE Package Hub 15 15-SP6 (noarch) * python2-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise Server 15 SP2 LTSS (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Manager Proxy 4.3 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Manager Server 4.3 (noarch) * python3-waitress-1.4.3-150000.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-49769.html * https://bugzilla.suse.com/show_bug.cgi?id=1232554 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 28 16:32:46 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Nov 2024 16:32:46 -0000 Subject: SUSE-SU-2024:4106-1: critical: Security update for tomcat Message-ID: <173281156620.13386.2750447056646719735@smelt2.prg2.suse.org> # Security update for tomcat Announcement ID: SUSE-SU-2024:4106-1 Release Date: 2024-11-28T15:11:06Z Rating: critical References: * bsc#1233434 Cross-References: * CVE-2024-52316 CVSS scores: * CVE-2024-52316 ( SUSE ): 10.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-52316 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-52316 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Server 4.3 * Web and Scripting Module 15-SP5 * Web and Scripting Module 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for tomcat fixes the following issues: * Update to Tomcat 9.0.97 * Fixed CVEs: * CVE-2024-52316: If the Jakarta Authentication fails with an exception, set a 500 status (bsc#1233434) * Catalina * Add: Add support for the new Servlet API method HttpServletResponse.sendEarlyHints(). (markt) * Add: 55470: Add debug logging that reports the class path when a ClassNotFoundException occurs in the digester or the web application class loader. Based on a patch by Ralf Hauser. (markt) * Update: 69374: Properly separate between table header and body in DefaultServlet's listing. (michaelo) * Update: 69373: Make DefaultServlet's HTML listing file last modified rendering better (flexible). (michaelo) * Update: Improve HTML output of DefaultServlet. (michaelo) * Code: Refactor RateLimitFilter to use FilterBase as the base class. The primary advantage for doing this is less code to process init-param values. (markt) * Update: 69370: DefaultServlet's HTML listing uses incorrect labels. (michaelo) * Fix: Avoid NPE in CrawlerSessionManagerValve for partially mapped requests. (remm) * Fix: Add missing WebDAV Lock-Token header in the response when locking a folder. (remm) * Fix: Invalid WebDAV lock requests should be rejected with 400. (remm) * Fix: Fix regression in WebDAV when attempting to unlock a collection. (remm) * Fix: Verify that destination is not locked for a WebDAV copy operation. (remm) * Fix: Send 415 response to WebDAV MKCOL operations that include a request body since this is optional and unsupported. (remm) * Fix: Enforce DAV: namespace on WebDAV XML elements. (remm) * Fix: Do not allow a new WebDAV lock on a child resource if a parent collection is locked (RFC 4918 section 6.1). (remm) * Fix: WebDAV Delete should remove any existing lock on successfully deleted resources. (remm) * Update: Remove WebDAV lock null support in accordance with RFC 4918 section 7.3 and annex D. Instead, a lock on a non-existing resource will create an empty file locked with a regular lock. (remm) * Update: Rewrite implementation of WebDAV shared locks to comply with RFC 4918. (remm) * Update: Implement WebDAV If header using code from the Apache Jackrabbit project. (remm) * Add: Add PropertyStore interface in the WebDAV Servlet, to allow implementation of dead properties storage. The store used can be configured using the 'propertyStore' init parameter of the WebDAV servlet. A simple non-persistent implementation is used if no custom store is configured. (remm) * Update: Implement WebDAV PROPPATCH method using the newly added PropertyStore. (remm) * Fix: Cache not found results when searching for web application class loader resources. This addresses performance problems caused by components such as java.sql.DriverManager which, in some circumstances, will search for the same class repeatedly. In a large web application this can cause performance problems. The size of the cache can be controlled via the new notFoundClassResourceCacheSize on the StandardContext. (markt) * Fix: Stop after INITIALIZED state should be a noop since it is possible for subcomponents to be in FAILED after init. (remm) * Fix: Fix incorrect web resource cache size calculations when there are concurrent PUT and DELETE requests for the same resource. (markt) * Add: Add debug logging for the web resource cache so the current size can be tracked as resources are added and removed. (markt) * Update: Replace legacy WebDAV opaquelocktoken: scheme for lock tokens with urn:uuid: as recommended by RFC 4918, and remove secret init parameter. (remm) * Fix: Concurrent reads and writes (e.g. GET and PUT / DELETE) for the same path caused corruption of the FileResource where some of the fields were set as if the file exists and some as set as if it does not. This resulted in inconsistent metadata. (markt) * Fix: 69415: Ensure that the ExpiresFilter only sets cache headers on GET and HEAD requests. Also skip requests where the application has set Cache-Control: no-store. (markt) * Fix: 69419: Improve the performance of ServletRequest.getAttribute() when there are multiple levels of nested includes. Based on a patch provided by John Engebretson. (markt) * Add: All applications to send an early hints informational response by calling HttpServletResponse.sendError() with a status code of 103. (schultz) * Fix: Ensure that the Jakarta Authentication CallbackHandler only creates one GenericPrincipal in the Subject. (markt) * Fix: If the Jakarta Authentication process fails with an Exception, explicitly set the HTTP response status to 500 as the ServerAuthContext may not have set it. (markt) * Fix: When persisting the Jakarta Authentication provider configuration, create any necessary parent directories that don't already exist. (markt) * Fix: Correct the logic used to detect errors when deleting temporary files associated with persisting the Jakarta Authentication provider configuration. (markt) * Fix: When processing Jakarta Authentication callbacks, don't overwrite a Principal obtained from the PasswordValidationCallback with null if the CallerPrincipalCallback does not provide a Principal. (markt) * Fix: Avoid store config backup loss when storing one configuration more than once per second. (remm) * Fix: 69359: WebdavServlet duplicates getRelativePath() method from super class with incorrect Javadoc. (michaelo) * Fix: 69360: Inconsistent DELETE behavior between WebdavServlet and DefaultServlet. (michaelo) * Fix: Make WebdavServlet properly return the Allow header when deletion of a resource is not allowed. (michaelo) * Fix: Add log warning if non wildcard mappings are used with the WebdavServlet. (remm) * Fix: 69361: Ensure that the order of entries in a multi-status response to a WebDAV is consistent with the order in which resources were processed. (markt) * Fix: 69362: Provide a better multi-status response when deleting a collection via WebDAV fails. Empty directories that cannot be deleted will now be included in the response. (markt) * Fix: 69363: Use getPathPrefix() consistently in the WebDAV servlet to ensure that the correct path is used when the WebDAV servlet is mounted at a sub-path within the web application. (markt) * Fix: Improve performance of ApplicationHttpRequest.parseParameters(). Based on sample code and test cases provided by John Engebretson. (markt) * Add: Add support for RFC 8297 (Early Hints). Applications can use this feature by casting the HttpServletResponse to org.apache.catalina.connector.Reponse and then calling the method void sendEarlyHints(). This method will be added to the Servlet API (removing the need for the cast) in Servlet 6.2 onwards. (markt) * Fix: 69214: Do not reject a CORS request that uses POST but does not include a content-type header. Tomcat now correctly processes this as a simple CORS request. Based on a patch suggested by thebluemountain. (markt) * Fix: Refactor SpnegoAuthenticator so it uses Subject.callAs() rather than Subject.doAs() when available. (markt) * Coyote * Fix: Return null SSL session id on zero length byte array returned from the SSL implementation. (remm) * Fix: Skip OpenSSLConf with BoringSSL since it is unsupported. (remm) * Fix: Create the HttpParser in Http11Processor if it is not present on the AbstractHttp11Protocol to provide better lifecycle robustness for regular HTTP/1.1. The new behavior was introduced on a previous refactoring to improve HTTP/2 performance. (remm) * Fix: OpenSSLContext will now throw a KeyManagementException if something is known to have gone wrong in the init method, which is the behavior documented by javax.net.ssl.SSLContext.init. This makes error handling more consistent. (remm) * Fix: 69316: Ensure that FastHttpDateFormat#getCurrentDate() (used to generate Date headers for HTTP responses) generates the correct string for the given input. Prior to this change, the output may have been wrong by one second in some cases. Pull request #751 provided by Chenjp. (markt) * Add: Add server and serverRemoveAppProvidedValues to the list of attributes the HTTP/2 protocol will inherit from the HTTP/1.1 connector it is nested within. (markt) * Fix: Avoid possible crashes when using Apache Tomcat Native, caused by destroying SSLContext objects through GC after APR has been terminated. (remm) * Fix: Improve HTTP/2 handling of trailer fields for requests. Trailer fields no longer need to be received before the headers of the subsequent stream nor are trailer fields for an in-progress stream swallowed if the Connector is paused before the trailer fields are received. (markt) * Fix: Ensure the request and response are not recycled too soon for an HTTP/2 stream when a stream level error is detected during the processing of incoming HTTP/2 frames. This could lead to incorrect processing times appearing in the access log. (markt) * Fix: Fix 69320, a regression in the fix for 69302 that meant the HTTP/2 processing was likely to be broken for all clients once any client sent an HTTP/2 reset frame. (markt) * Fix: Correct a regression in the fix for non-blocking reads of chunked request bodies that caused InputStream.available() to return a non-zero value when there was no data to read. In some circumstances this could cause a blocking read to block waiting for more data rather than return the data it had already received. (markt) * Add: Add a new attribute cookiesWithoutEquals to the Rfc6265CookieProcessor. The default behaviour is unchanged. (markt) * Fix: Ensure that Tomcat sends a TLS close_notify message after receiving one from the client when using the OpenSSLImplementation. (markt) * Fix: 69301: Fix trailer headers replacing non-trailer headers when writing response headers to the access log. Based on a patch and test case provided by hypnoce. (markt) * Fix: 69302: If an HTTP/2 client resets a stream before the request body is fully written, ensure that any ReadListener is notified via a call to ReadListener.onErrror(). (markt) * Fix: Correct regressions in the refactoring that added recycling of the coyote request and response to the HTTP/2 processing. (markt) * Add: Add OpenSSL integration using the FFM API rather than Tomcat Native. OpenSSL support may be enabled by adding the org.apache.catalina.core.OpenSSLLifecycleListener listener on the Server element when using Java 22 or later. (remm) * Fix: Ensure that HTTP/2 stream input buffers are only created when there is a request body to be read. (markt) * Code: Refactor creation of HttpParser instances from the Processor level to the Protocol level since the parser configuration depends on the protocol and the parser is, otherwise, stateless. (markt) * Add: Align HTTP/2 with HTTP/1.1 and recycle the container internal request and response processing objects by default. This behaviour can be controlled via the new discardRequestsAndResponses attribute on the HTTP/2 upgrade protocol. (markt) * Jasper * Fix: Add back tag release method as deprecated in the runtime for compatibility with old generated code. (remm) * Fix: 69399: Fix regression caused by the improvement 69333 which caused the tag release to be called when using tag pooling, and to be skipped when not using it. Patch submitted by Michal Sobkiewicz. (remm) * Fix: 69381: Improve method lookup performance in expression language. When the required method has no arguments there is no need to consider casting or coercion and the method lookup process can be simplified. Based on pull request #770 by John Engebretson. * Fix: 69382: Improve the performance of the JSP include action by re-using results of relatively expensive method calls in the generated code rather than repeating them. Patch provided by John Engebretson. (markt) * Fix: 69398: Avoid unnecessary object allocation in PageContextImpl. Based on a suggestion by John Engebretson. (markt) * Fix: 69406: When using StringInterpreterEnum, do not throw an IllegalArgumentException when an invalid Enum is encountered. Instead, resolve the value at runtime. Patch provided by John Engebretson. (markt) * Fix: 69429: Optimise EL evaluation of method parameters for methods that do not accept any parameters. Patch provided by John Engebretson. (markt) * Fix: 69333: Remove unnecessary code from generated JSPs. (markt) * Fix: 69338: Improve the performance of processing expressions that include AND or OR operations with more than two operands and expressions that use not empty. (markt) * Fix: 69348: Reduce memory consumption in ELContext by using lazy initialization for the data structure used to track lambda arguments. (markt) * Fix: Switch the TldScanner back to logging detailed scan results at debug level rather than trace level. (markt) * Web applications * Fix: The manager webapp will now be able to access certificates again when OpenSSL is used. (remm) * Fix: Documentation. Align the logging configuration documentation with the current defaults. (markt) * WebSocket * Fix: If a blocking message write exceeds the timeout, don't attempt the write again before throwing the exception. (markt) * Fix: An EncodeException being thrown during a message write should not automatically cause the connection to close. The application should handle the exception and make the decision whether or not to close the connection. (markt) * jdbc-pool * Fix: 69255: Correct a regression in the fix for 69206 that meant exceptions executing statements were wrapped in a java.lang.reflect.UndeclaredThrowableException rather than the application seeing the original SQLException. Fixed by pull request #744 provided by Michael Clarke. (markt) * Fix: 69279: Correct a regression in the fix for 69206 that meant that methods that previously returned a null ResultSet were returning a proxy with a null delegate. Fixed by pull request #745 provided by Huub de Beer. (markt) * Fix: 69206: Ensure statements returned from Statement methods executeQuery(), getResultSet() and getGeneratedKeys() are correctly wrapped before being returned to the caller. Based on pull request #742 provided by Michael Clarke. * Other * Update: Switch from DigiCert ONE to ssl.com eSigner for code signing. (markt) * Update: Update Byte Buddy to 1.15.10. (markt) * Update: Update CheckStyle to 10.20.0. (markt) * Add: Improvements to German translations. (remm) * Add: Improvements to French translations. (remm) * Add: Improvements to Japanese translations by tak7iji. (markt) * Add: Improvements to Chinese translations by Ch_jp. (markt) * Add: Exclude the tomcat-coyote-ffm.jar from JAR scanning by default. (markt) * Fix: Change the default log handler level to ALL so log messages are not dropped by default if a logger is configured to use trace (FINEST) level logging. (markt) * Update: Update Hamcrest to 3.0. (markt) * Update: Update EasyMock to 5.4.0. (markt) * Update: Update Byte Buddy to 1.15.0. (markt) * Update: Update CheckStyle to 10.18.0. (markt) * Update: Update the internal fork of Apache Commons BCEL to 6.10.0. (markt) * Add: Improvements to Spanish translations by Fernando. (markt) * Add: Improvements to French translations. (remm) * Add: Improvements to Japanese translations by tak7iji. (markt) * Fix: Fix packaging regression with missing osgi information following addition of the test-only build target. (remm) * Update: Update Tomcat Native to 1.3.1. (markt) * Update: Update Byte Buddy to 1.14.18. (markt) * Add: Improvements to French translations. (remm) * Add: Improvements to Japanese translations by tak7iji. (markt) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2024-4106=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4106=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-4106=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4106=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4106=1 * SUSE Linux Enterprise Server 15 SP2 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4106=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-4106=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4106=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4106=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-4106=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4106=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4106=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-4106=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4106=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4106=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-4106=1 ## Package List: * Web and Scripting Module 15-SP6 (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Linux Enterprise Server 15 SP2 LTSS (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Manager Server 4.3 (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Enterprise Storage 7.1 (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * openSUSE Leap 15.5 (noarch) * tomcat-javadoc-9.0.97-150200.71.1 * tomcat-jsvc-9.0.97-150200.71.1 * tomcat-docs-webapp-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-webapps-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-embed-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * openSUSE Leap 15.6 (noarch) * tomcat-javadoc-9.0.97-150200.71.1 * tomcat-jsvc-9.0.97-150200.71.1 * tomcat-docs-webapp-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-webapps-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-embed-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * Web and Scripting Module 15-SP5 (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 ## References: * https://www.suse.com/security/cve/CVE-2024-52316.html * https://bugzilla.suse.com/show_bug.cgi?id=1233434 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 28 16:32:49 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Nov 2024 16:32:49 -0000 Subject: SUSE-SU-2024:4105-1: critical: Security update for tomcat10 Message-ID: <173281156941.13386.13438437563676900843@smelt2.prg2.suse.org> # Security update for tomcat10 Announcement ID: SUSE-SU-2024:4105-1 Release Date: 2024-11-28T15:09:20Z Rating: critical References: * bsc#1233434 Cross-References: * CVE-2024-52316 CVSS scores: * CVE-2024-52316 ( SUSE ): 10.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-52316 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-52316 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * Web and Scripting Module 15-SP5 * Web and Scripting Module 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for tomcat10 fixes the following issues: * Update to Tomcat 10.1.33 * Fixed CVEs: * CVE-2024-52316: If the Jakarta Authentication fails with an exception, set a 500 status (bsc#1233434) * Catalina * Add: Add support for the new Servlet API method HttpServletResponse.sendEarlyHints(). (markt) * Add: 55470: Add debug logging that reports the class path when a ClassNotFoundException occurs in the digester or the web application class loader. Based on a patch by Ralf Hauser. (markt) * Update: 69374: Properly separate between table header and body in DefaultServlet's listing. (michaelo) * Update: 69373: Make DefaultServlet's HTML listing file last modified rendering better (flexible). (michaelo) * Update: Improve HTML output of DefaultServlet. (michaelo) * Code: Refactor RateLimitFilter to use FilterBase as the base class. The primary advantage is less code to process init-param values. (markt) * Update: 69370: DefaultServlet's HTML listing uses incorrect labels. (michaelo) * Fix: Avoid NPE in CrawlerSessionManagerValve for partially mapped requests. (remm) * Fix: Add missing WebDAV Lock-Token header in the response when locking a folder. (remm) * Fix: Invalid WebDAV lock requests should be rejected with 400. (remm) * Fix: Fix regression in WebDAV when attempting to unlock a collection. (remm) * Fix: Verify that destination is not locked for a WebDAV copy operation. (remm) * Fix: Send 415 response to WebDAV MKCOL operations that include a request body since this is optional and unsupported. (remm) * Fix: Enforce DAV: namespace on WebDAV XML elements. (remm) * Fix: Do not allow a new WebDAV lock on a child resource if a parent collection is locked (RFC 4918 section 6.1). (remm) * Fix: WebDAV DELETE should remove any existing lock on successfully deleted resources. (remm) * Update: Remove WebDAV lock null support in accordance with RFC 4918 section 7.3 and annex D. Instead, a lock on a non-existing resource will create an empty file locked with a regular lock. (remm) * Update: Rewrite implementation of WebDAV shared locks to comply with RFC 4918. (remm) * Update: Implement WebDAV If header using code from the Apache Jackrabbit project. (remm) * Add: Add PropertyStore interface in the WebDAV Servlet, to allow implementation of dead properties storage. The store used can be configured using the propertyStore init parameter of the WebDAV servlet by specifying the class name of the store. A simple non-persistent implementation is used if no custom store is configured. (remm) * Update: Implement WebDAV PROPPATCH method using the newly added PropertyStore, and update PROPFIND to support it. (remm) * Fix: Cache not found results when searching for web application class loader resources. This addresses performance problems caused by components such as java.sql.DriverManager, which in some circumstances will search for the same class repeatedly. The size of the cache can be controlled via the new notFoundClassResourceCacheSize on the StandardContext. (markt) * Fix: Stop after INITIALIZED state should be a noop since it is possible for subcomponents to be in FAILED after init. (remm) * Fix: Fix incorrect web resource cache size calculations when there are concurrent PUT and DELETE requests for the same resource. (markt) * Add: Add debug logging for the web resource cache so the current size can be tracked as resources are added and removed. (markt) * Update: Replace legacy WebDAV opaquelocktoken: scheme for lock tokens with urn:uuid: as recommended by RFC 4918, and remove secret init parameter. (remm) * Fix: Concurrent reads and writes (e.g. GET and PUT / DELETE) for the same path caused corruption of the FileResource where some of the fields were set as if the file exists and some as set as if it does not. This resulted in inconsistent metadata. (markt) * Fix: 69415: Ensure that the ExpiresFilter only sets cache headers on GET and HEAD requests. Also, skip requests where the application has set Cache-Control: no-store. (markt) * Fix: 69419: Improve the performance of ServletRequest.getAttribute() when there are multiple levels of nested includes. Based on a patch provided by John Engebretson. (markt) * Add: All applications to send an early hints informational response by calling HttpServletResponse.sendError() with a status code of 103. (schultz) * Fix: Ensure that ServerAuthModule.initialize() is called when a Jakarta Authentication module is configured via registerServerAuthModule(). (markt) * Fix: Ensure that the Jakarta Authentication CallbackHandler only creates one GenericPrincipal in the Subject. (markt) * Fix: If the Jakarta Authentication process fails with an Exception, explicitly set the HTTP response status to 500 as the ServerAuthContext may not have set it. (markt) * Fix: When persisting the Jakarta Authentication provider configuration, create any necessary parent directories that don't already exist. (markt) * Fix: Correct the logic used to detect errors when deleting temporary files associated with persisting the Jakarta Authentication provider configuration. (markt) * Fix: When processing Jakarta Authentication callbacks, don't overwrite a Principal obtained from the PasswordValidationCallback with null if the CallerPrincipalCallback does not provide a Principal. (markt) * Fix: Avoid store config backup loss when storing one configuration more than once per second. (remm) * Fix: 69359: WebdavServlet duplicates getRelativePath() method from super class with incorrect Javadoc. (michaelo) * Fix: 69360: Inconsistent DELETE behavior between WebdavServlet and DefaultServlet. (michaelo) * Fix: Make WebdavServlet properly return the Allow header when deletion of a resource is not allowed. (michaelo) * Fix: Add log warning if non-wildcard mappings are used with the WebdavServlet. (remm) * Fix: 69361: Ensure that the order of entries in a multi-status response to a WebDAV is consistent with the order in which resources were processed. (markt) * Fix: 69362: Provide a better multi-status response when deleting a collection via WebDAV fails. Empty directories that cannot be deleted will now be included in the response. (markt) * Fix: 69363: Use getPathPrefix() consistently in the WebDAV servlet to ensure that the correct path is used when the WebDAV servlet is mounted at a sub-path within the web application. (markt) * Fix 69320, a regression in the fix for 69302 that meant the HTTP/2 processing was likely to be broken for all clients once any client sent an HTTP/2 reset frame. (markt) * Fix: Improve performance of ApplicationHttpRequest.parseParameters(). Based on sample code and test cases provided by John Engebretson. (markt) * Fix: Correct regressions in the refactoring that added recycling of the coyote request and response to the HTTP/2 processing. (markt) * Add: Add support for RFC 8297 (Early Hints). Applications can use this feature by casting the HttpServletResponse to org.apache.catalina.connector. Response and then calling the method void sendEarlyHints(). This method will be added to the Servlet API (removing the need for the cast) in Servlet 6.2 onwards. (markt) * Fix: 69214: Do not reject a CORS request that uses POST but does not include a content-type header. Tomcat now correctly processes this as a simple CORS request. Based on a patch suggested by thebluemountain. (markt) * Fix: Refactor SpnegoAuthenticator so it uses Subject.callAs() rather than Subject.doAs() when available. (markt) * Fix: Allow JAASRealm to use the configuration source to load a configured configFile, for easier use with testing. (remm) * Fix: Add missing algorithm callback to the JAASCallbackHandler. (remm) * Fix: Add the OpenSSL version number on the APR and OpenSSL status classes. (remm) * Fix: 69131: Expand the implementation of the filter value of the Authenticator attribute allowCorsPreflight, so that it applies to all requests that match the configured URL patterns for the CORS filter, rather than only applying if the CORS filter is mapped to /*. (markt) * Fix: Using the OpenSSLListener will now cause the connector to use OpenSSL if available. (remm) * Coyote * Fix: Return null SSL session id on zero-length byte array returned from the SSL implementation. (remm) * Fix: Skip OpenSSLConf with BoringSSL since it is unsupported. (remm) * Fix: Create the HttpParser in Http11Processor if it is not present on the AbstractHttp11Protocol to provide better lifecycle robustness for regular HTTP/1.1. The new behavior was introduced in a previous refactoring to improve HTTP/2 performance. (remm) * Fix: OpenSSLContext will now throw a KeyManagementException if something is known to have gone wrong in the init method, which is the behavior documented by javax.net.ssl.SSLContext.init. This makes error handling more consistent. (remm) * Fix: 69379: The default HEAD response no longer includes the payload HTTP header fields as per section 9.3.2 of RFC 9110. (markt) * Fix: 69316: Ensure that FastHttpDateFormat#getCurrentDate() (used to generate Date headers for HTTP responses) generates the correct string for the given input. Prior to this change, the output may have been wrong by one second in some cases. Pull request #751 provided by Chenjp. (markt) * Fix: Request start time may not have been accurately recorded for HTTP/1.1 requests preceded by a large number of blank lines. (markt) * Add: Add server and serverRemoveAppProvidedValues to the list of attributes the HTTP/2 protocol will inherit from the HTTP/1.1 connector it is nested within. (markt) * Fix: Avoid possible crashes when using Apache Tomcat Native, caused by destroying SSLContext objects through GC after APR has been terminated. (remm) * Fix: Improve HTTP/2 handling of trailer fields for requests. Trailer fields no longer need to be received before the headers of the subsequent stream, nor are trailer fields for an in-progress stream swallowed if the Connector is paused before the trailer fields are received. (markt) * Fix: Ensure the request and response are not recycled too soon for an HTTP/2 stream when a stream-level error is detected during the processing of incoming HTTP/2 frames. This could lead to incorrect processing times appearing in the access log. (markt) * Fix: Correct a regression in the fix for non-blocking reads of chunked request bodies that caused InputStream.available() to return a non-zero value when there was no data to read. In some circumstances this could cause a blocking read to block waiting for more data rather than return the data it had already received. (markt) * Add: Add a new attribute cookiesWithoutEquals to the Rfc6265CookieProcessor. The default behaviour is unchanged. (markt) * Fix: Ensure that Tomcat sends a TLS close_notify message after receiving one from the client when using the OpenSSLImplementation. (markt) * Fix: 69301: Fix trailer headers replacing non-trailer headers when writing response headers to the access log. Based on a patch and test case provided by hypnoce. (markt) * Fix: 69302: If an HTTP/2 client resets a stream before the request body is fully written, ensure that any ReadListener is notified via a call to ReadListener.onError(). (markt) * Fix: Ensure that HTTP/2 stream input buffers are only created when there is a request body to be read. (markt) * Code: Refactor creation of HttpParser instances from the Processor level to the Protocol level since the parser configuration depends on the protocol and the parser is, otherwise, stateless. (markt) * Add: Align HTTP/2 with HTTP/1.1 and recycle the container internal request and response processing objects by default. This behaviour can be controlled via the new discardRequestsAndResponses attribute on the HTTP/2 upgrade protocol. (markt) * Fix: Clean and log OpenSSL errors before processing of OpenSSL conf commands in the FFM code. (remm) * Fix: 69121: Ensure that the onComplete() event is triggered if AsyncListener. onError() dispatches to a target that throws an exception. (markt) * Fix: Following the trailer header field refactoring, -1 is no longer an allowed value for maxTrailerSize. Adjust documentation accordingly. (remm) * Update: Move OpenSSL support using FFM to a separate JAR named tomcat-coyote-ffm. jar that advertises Java 22 in its manifest. (remm) * Fix: Fix search for OpenSSL library for FFM on Mac OS so that java.library.path is searched. (markt) * Update: Add FFM compatibility methods for LibreSSL support. Renegotiation is not supported at the moment. (remm) * Update: Add org.apache.tomcat.util.openssl.LIBRARY_NAME (specifies the name of the library to load) and org.apache.tomcat.util.openssl.USE_SYSTEM_LOAD_LIBRARY (set to true to use System.loadLibrary rather than the FFM library loading code) to configure the OpenSSL library loading using FFM. (remm) * Update: Add FFM compatibility methods for BoringSSL support. Renegotiation is not supported in many cases. (remm) * Jasper * Fix: Add back tag release method as deprecated in the runtime for compatibility with old generated code. (remm) * Fix: 69399: Fix regression caused by improvement 69333, which caused the tag release to be called when using tag pooling, and to be skipped when not using it. Patch submitted by Michal Sobkiewicz. (remm) * Fix: 69381: Improve method lookup performance in expression language. When the required method has no arguments, there is no need to consider casting or coercion, and the method lookup process can be simplified. Based on a pull request by John Engebretson. (markt) * Fix: 69382: Improve the performance of the JSP include action by re-using results of relatively expensive method calls in the generated code rather than repeating them. Patch provided by John Engebretson. (markt) * Fix: 69398: Avoid unnecessary object allocation in PageContextImpl. Based on a suggestion by John Engebretson. (markt) * Fix: 69406: When using StringInterpreterEnum, do not throw an IllegalArgumentException when an invalid Enum is encountered. Instead, resolve the value at runtime. Patch provided by John Engebretson. (markt) * Fix: 69429: Optimize EL evaluation of method parameters for methods that do not accept any parameters. Patch provided by John Engebretson. (markt) * Fix: Further optimize EL evaluation of method parameters. Patch provided by Paolo B. (markt) * Fix: 69333: Remove unnecessary code from generated JSPs. (markt) * Fix: 69338: Improve the performance of processing expressions that include AND or OR operations with more than two operands and expressions that use not empty. (markt) * Fix: 69348: Reduce memory consumption in ELContext by using lazy initialization for the data structure used to track lambda arguments. (markt) * Fix: Switch the TldScanner back to logging detailed scan results at debug level rather than trace level. (markt) * Fix: Update the optimisation in jakarta.el.ImportHandler so it is aware of new classes added to the java.lang package in Java 23. (markt) * Fix: Ensure that an exception in toString() still results in an ELException when an object is coerced to a String using ExpressionFactory.coerceToType(). (markt) * Add: Add support for specifying Java 24 (with the value 24) as the compiler source and/or compiler target for JSP compilation. If used with an Eclipse JDT compiler version that does not support these values, a warning will be logged and the default will be used. (markt) * Fix: 69135: When using include directives in a tag file packaged in a JAR file, ensure that context relative includes are processed correctly. (markt) * Fix: 69135: When using include directives in a tag file packaged in a JAR file, ensure that file relative includes are processed correctly. (markt) * Fix: 69135: When using include directives in a tag file packaged in a JAR file, ensure that file relative includes are not permitted to access files outside of the /META_INF/tags/ directory nor outside of the JAR file. (markt) * WebSocket * Fix: If a blocking message write exceeds the timeout, don't attempt the write again before throwing the exception. (markt) * Fix: An EncodeException being thrown during a message write should not automatically cause the connection to close. The application should handle the exception and make the decision whether or not to close the connection. (markt) * Web applications * Fix: The manager webapp will now be able to access certificates again when OpenSSL is used. (remm) * Fix: Documentation. Align the logging configuration documentation with the current defaults. (markt) * Fix: Fix status servlet detailed view of the connectors when using automatic port. (remm) * jdbc-pool * Fix: 69255: Correct a regression in the fix for 69206 that meant exceptions executing statements were wrapped in a java.lang.reflect.UndeclaredThrowableException rather than the application seeing the original SQLException. Fixed by pull request #744 provided by Michael Clarke. (markt) * Fix: 69279: Correct a regression in the fix for 69206 that meant that methods that previously returned a null ResultSet were returning a proxy with a null delegate. Fixed by pull request #745 provided by Huub de Beer. (markt) * Fix: 69206: Ensure statements returned from Statement methods executeQuery(), getResultSet() and getGeneratedKeys() are correctly wrapped before being returned to the caller. Based on pull request #742 provided by Michael Clarke. (markt) * Other * Update: Switch from DigiCert ONE to ssl.com eSigner for code signing. (markt) * Update: Update Byte Buddy to 1.15.10. (markt) * Update: Update CheckStyle to 10.20.0. (markt) * Add: Improvements to German translations. (remm) * Update: Update Byte Buddy to 1.15.3. (markt) * Update: Update CheckStyle to 10.18.2. (markt) * Add: Improvements to French translations. (remm) * Add: Improvements to Japanese translations by tak7iji. (markt) * Add: Improvements to Chinese translations by Ch_jp. (markt) * Add: Exclude the tomcat-coyote-ffm.jar from JAR scanning by default. (markt) * Fix: Change the default log handler level to ALL so log messages are not dropped by default if a logger is configured to use trace (FINEST) level logging. (markt) * Update: Update Hamcrest to 3.0. (markt) * Update: Update EasyMock to 5.4.0. (markt) * Update: Update Byte Buddy to 1.15.0. (markt) * Update: Update CheckStyle to 10.18.0. (markt) * Update: Update the internal fork of Apache Commons BCEL to 6.10.0. (markt) * Add: Improvements to Spanish translations by Fernando. (markt) * Add: Improvements to French translations. (remm) * Add: Improvements to Japanese translations by tak7iji. (markt) * Fix: Fix packaging regression with missing osgi information following addition of the test-only build target. (remm) * Update: Update Tomcat Native to 2.0.8. (markt) * Update: Update Byte Buddy to 1.14.18. (markt) * Add: Improvements to French translations. (remm) * Add: Improvements to Japanese translations by tak7iji. (markt) * Update: Add test-only build target to allow running only the testsuite, supporting Java versions down to the minimum supported to run Tomcat. (rjung) * Update: Update UnboundID to 7.0.1. (markt) * Update: Update to SpotBugs 4.8.6. (markt) * Update: Remove cglib dependency as it is not required by the version of EasyMock used by the unit tests. (markt) * Update: Update EasyMock to 5.3.0. This adds a test dependency on Byte-Buddy 1.14.17. (markt) * Add: Improvements to Czech translations by Vladim?r Chlup. (markt) * Add: Improvements to French translations. (remm) * Add: Improvements to Japanese translations by tak7iji. (markt) * Add: Improvements to Chinese translations by fangzheng. (markt) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4105=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4105=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-4105=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2024-4105=1 ## Package List: * openSUSE Leap 15.5 (noarch) * tomcat10-docs-webapp-10.1.33-150200.5.28.1 * tomcat10-lib-10.1.33-150200.5.28.1 * tomcat10-jsvc-10.1.33-150200.5.28.1 * tomcat10-jsp-3_1-api-10.1.33-150200.5.28.1 * tomcat10-el-5_0-api-10.1.33-150200.5.28.1 * tomcat10-servlet-6_0-api-10.1.33-150200.5.28.1 * tomcat10-10.1.33-150200.5.28.1 * tomcat10-webapps-10.1.33-150200.5.28.1 * tomcat10-admin-webapps-10.1.33-150200.5.28.1 * tomcat10-embed-10.1.33-150200.5.28.1 * openSUSE Leap 15.6 (noarch) * tomcat10-docs-webapp-10.1.33-150200.5.28.1 * tomcat10-lib-10.1.33-150200.5.28.1 * tomcat10-doc-10.1.33-150200.5.28.1 * tomcat10-jsvc-10.1.33-150200.5.28.1 * tomcat10-jsp-3_1-api-10.1.33-150200.5.28.1 * tomcat10-el-5_0-api-10.1.33-150200.5.28.1 * tomcat10-servlet-6_0-api-10.1.33-150200.5.28.1 * tomcat10-10.1.33-150200.5.28.1 * tomcat10-webapps-10.1.33-150200.5.28.1 * tomcat10-admin-webapps-10.1.33-150200.5.28.1 * tomcat10-embed-10.1.33-150200.5.28.1 * Web and Scripting Module 15-SP5 (noarch) * tomcat10-lib-10.1.33-150200.5.28.1 * tomcat10-jsp-3_1-api-10.1.33-150200.5.28.1 * tomcat10-el-5_0-api-10.1.33-150200.5.28.1 * tomcat10-servlet-6_0-api-10.1.33-150200.5.28.1 * tomcat10-10.1.33-150200.5.28.1 * tomcat10-webapps-10.1.33-150200.5.28.1 * tomcat10-admin-webapps-10.1.33-150200.5.28.1 * Web and Scripting Module 15-SP6 (noarch) * tomcat10-lib-10.1.33-150200.5.28.1 * tomcat10-jsp-3_1-api-10.1.33-150200.5.28.1 * tomcat10-el-5_0-api-10.1.33-150200.5.28.1 * tomcat10-servlet-6_0-api-10.1.33-150200.5.28.1 * tomcat10-10.1.33-150200.5.28.1 * tomcat10-webapps-10.1.33-150200.5.28.1 * tomcat10-admin-webapps-10.1.33-150200.5.28.1 ## References: * https://www.suse.com/security/cve/CVE-2024-52316.html * https://bugzilla.suse.com/show_bug.cgi?id=1233434 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 28 16:33:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Nov 2024 16:33:02 -0000 Subject: SUSE-SU-2024:4099-1: important: Security update for postgresql12 Message-ID: <173281158203.13386.6124568821174637593@smelt2.prg2.suse.org> # Security update for postgresql12 Announcement ID: SUSE-SU-2024:4099-1 Release Date: 2024-11-28T12:25:29Z Rating: important References: * bsc#1233323 * bsc#1233325 * bsc#1233326 * bsc#1233327 Cross-References: * CVE-2024-10976 * CVE-2024-10977 * CVE-2024-10978 * CVE-2024-10979 CVSS scores: * CVE-2024-10976 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10976 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10977 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10977 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10978 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10978 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10979 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-10979 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves four vulnerabilities can now be installed. ## Description: This update for postgresql12 fixes the following issues: * CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference (bsc#1233323). * CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol negotiation (bsc#1233325). * CVE-2024-10978: Fix unintended interactions between SET SESSION AUTHORIZATION and SET ROLE (bsc#1233326). * CVE-2024-10979: Prevent trusted PL/Perl code from changing environment variables (bsc#1233327). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4099=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-4099=1 * SUSE Linux Enterprise Server 15 SP2 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4099=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-4099=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4099=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-4099=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-4099=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4099=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4099=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS (aarch64 x86_64) * postgresql12-plpython-12.22-150200.8.66.1 * postgresql12-debuginfo-12.22-150200.8.66.1 * postgresql12-devel-12.22-150200.8.66.1 * postgresql12-contrib-12.22-150200.8.66.1 * postgresql12-plperl-debuginfo-12.22-150200.8.66.1 * postgresql12-plpython-debuginfo-12.22-150200.8.66.1 * postgresql12-12.22-150200.8.66.1 * postgresql12-server-12.22-150200.8.66.1 * postgresql12-plperl-12.22-150200.8.66.1 * postgresql12-server-devel-debuginfo-12.22-150200.8.66.1 * postgresql12-pltcl-debuginfo-12.22-150200.8.66.1 * postgresql12-devel-debuginfo-12.22-150200.8.66.1 * postgresql12-server-devel-12.22-150200.8.66.1 * postgresql12-debugsource-12.22-150200.8.66.1 * postgresql12-contrib-debuginfo-12.22-150200.8.66.1 * postgresql12-server-debuginfo-12.22-150200.8.66.1 * postgresql12-pltcl-12.22-150200.8.66.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS (noarch) * postgresql12-docs-12.22-150200.8.66.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * postgresql12-plpython-12.22-150200.8.66.1 * postgresql12-debuginfo-12.22-150200.8.66.1 * postgresql12-devel-12.22-150200.8.66.1 * postgresql12-contrib-12.22-150200.8.66.1 * postgresql12-plperl-debuginfo-12.22-150200.8.66.1 * postgresql12-plpython-debuginfo-12.22-150200.8.66.1 * postgresql12-12.22-150200.8.66.1 * postgresql12-server-12.22-150200.8.66.1 * postgresql12-plperl-12.22-150200.8.66.1 * postgresql12-server-devel-debuginfo-12.22-150200.8.66.1 * postgresql12-pltcl-debuginfo-12.22-150200.8.66.1 * postgresql12-devel-debuginfo-12.22-150200.8.66.1 * postgresql12-server-devel-12.22-150200.8.66.1 * postgresql12-debugsource-12.22-150200.8.66.1 * postgresql12-contrib-debuginfo-12.22-150200.8.66.1 * postgresql12-server-debuginfo-12.22-150200.8.66.1 * postgresql12-pltcl-12.22-150200.8.66.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * postgresql12-docs-12.22-150200.8.66.1 * SUSE Linux Enterprise Server 15 SP2 LTSS (aarch64 ppc64le s390x x86_64) * postgresql12-plpython-12.22-150200.8.66.1 * postgresql12-debuginfo-12.22-150200.8.66.1 * postgresql12-devel-12.22-150200.8.66.1 * postgresql12-contrib-12.22-150200.8.66.1 * postgresql12-plperl-debuginfo-12.22-150200.8.66.1 * postgresql12-plpython-debuginfo-12.22-150200.8.66.1 * postgresql12-12.22-150200.8.66.1 * postgresql12-server-12.22-150200.8.66.1 * postgresql12-plperl-12.22-150200.8.66.1 * postgresql12-server-devel-debuginfo-12.22-150200.8.66.1 * postgresql12-pltcl-debuginfo-12.22-150200.8.66.1 * postgresql12-devel-debuginfo-12.22-150200.8.66.1 * postgresql12-server-devel-12.22-150200.8.66.1 * postgresql12-debugsource-12.22-150200.8.66.1 * postgresql12-contrib-debuginfo-12.22-150200.8.66.1 * postgresql12-server-debuginfo-12.22-150200.8.66.1 * postgresql12-pltcl-12.22-150200.8.66.1 * SUSE Linux Enterprise Server 15 SP2 LTSS (noarch) * postgresql12-docs-12.22-150200.8.66.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * postgresql12-plpython-12.22-150200.8.66.1 * postgresql12-debuginfo-12.22-150200.8.66.1 * postgresql12-devel-12.22-150200.8.66.1 * postgresql12-contrib-12.22-150200.8.66.1 * postgresql12-plperl-debuginfo-12.22-150200.8.66.1 * postgresql12-plpython-debuginfo-12.22-150200.8.66.1 * postgresql12-12.22-150200.8.66.1 * postgresql12-server-12.22-150200.8.66.1 * postgresql12-plperl-12.22-150200.8.66.1 * postgresql12-server-devel-debuginfo-12.22-150200.8.66.1 * postgresql12-pltcl-debuginfo-12.22-150200.8.66.1 * postgresql12-devel-debuginfo-12.22-150200.8.66.1 * postgresql12-server-devel-12.22-150200.8.66.1 * postgresql12-debugsource-12.22-150200.8.66.1 * postgresql12-contrib-debuginfo-12.22-150200.8.66.1 * postgresql12-server-debuginfo-12.22-150200.8.66.1 * postgresql12-pltcl-12.22-150200.8.66.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * postgresql12-docs-12.22-150200.8.66.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * postgresql12-plpython-12.22-150200.8.66.1 * postgresql12-debuginfo-12.22-150200.8.66.1 * postgresql12-devel-12.22-150200.8.66.1 * postgresql12-contrib-12.22-150200.8.66.1 * postgresql12-plperl-debuginfo-12.22-150200.8.66.1 * postgresql12-plpython-debuginfo-12.22-150200.8.66.1 * postgresql12-12.22-150200.8.66.1 * postgresql12-server-12.22-150200.8.66.1 * postgresql12-plperl-12.22-150200.8.66.1 * postgresql12-server-devel-debuginfo-12.22-150200.8.66.1 * postgresql12-pltcl-debuginfo-12.22-150200.8.66.1 * postgresql12-devel-debuginfo-12.22-150200.8.66.1 * postgresql12-server-devel-12.22-150200.8.66.1 * postgresql12-debugsource-12.22-150200.8.66.1 * postgresql12-contrib-debuginfo-12.22-150200.8.66.1 * postgresql12-server-debuginfo-12.22-150200.8.66.1 * postgresql12-pltcl-12.22-150200.8.66.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * postgresql12-docs-12.22-150200.8.66.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * postgresql12-plpython-12.22-150200.8.66.1 * postgresql12-debuginfo-12.22-150200.8.66.1 * postgresql12-devel-12.22-150200.8.66.1 * postgresql12-contrib-12.22-150200.8.66.1 * postgresql12-plperl-debuginfo-12.22-150200.8.66.1 * postgresql12-plpython-debuginfo-12.22-150200.8.66.1 * postgresql12-12.22-150200.8.66.1 * postgresql12-server-12.22-150200.8.66.1 * postgresql12-plperl-12.22-150200.8.66.1 * postgresql12-server-devel-debuginfo-12.22-150200.8.66.1 * postgresql12-pltcl-debuginfo-12.22-150200.8.66.1 * postgresql12-devel-debuginfo-12.22-150200.8.66.1 * postgresql12-server-devel-12.22-150200.8.66.1 * postgresql12-debugsource-12.22-150200.8.66.1 * postgresql12-contrib-debuginfo-12.22-150200.8.66.1 * postgresql12-server-debuginfo-12.22-150200.8.66.1 * postgresql12-pltcl-12.22-150200.8.66.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * postgresql12-docs-12.22-150200.8.66.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * postgresql12-plpython-12.22-150200.8.66.1 * postgresql12-debuginfo-12.22-150200.8.66.1 * postgresql12-devel-12.22-150200.8.66.1 * postgresql12-contrib-12.22-150200.8.66.1 * postgresql12-plperl-debuginfo-12.22-150200.8.66.1 * postgresql12-plpython-debuginfo-12.22-150200.8.66.1 * postgresql12-12.22-150200.8.66.1 * postgresql12-server-12.22-150200.8.66.1 * postgresql12-plperl-12.22-150200.8.66.1 * postgresql12-server-devel-debuginfo-12.22-150200.8.66.1 * postgresql12-pltcl-debuginfo-12.22-150200.8.66.1 * postgresql12-devel-debuginfo-12.22-150200.8.66.1 * postgresql12-server-devel-12.22-150200.8.66.1 * postgresql12-debugsource-12.22-150200.8.66.1 * postgresql12-contrib-debuginfo-12.22-150200.8.66.1 * postgresql12-server-debuginfo-12.22-150200.8.66.1 * postgresql12-pltcl-12.22-150200.8.66.1 * SUSE Enterprise Storage 7.1 (noarch) * postgresql12-docs-12.22-150200.8.66.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * postgresql12-plpython-12.22-150200.8.66.1 * postgresql12-pltcl-debuginfo-12.22-150200.8.66.1 * postgresql12-server-devel-12.22-150200.8.66.1 * postgresql12-server-debuginfo-12.22-150200.8.66.1 * postgresql12-debuginfo-12.22-150200.8.66.1 * postgresql12-devel-12.22-150200.8.66.1 * postgresql12-plperl-debuginfo-12.22-150200.8.66.1 * postgresql12-server-12.22-150200.8.66.1 * postgresql12-llvmjit-debuginfo-12.22-150200.8.66.1 * postgresql12-contrib-debuginfo-12.22-150200.8.66.1 * postgresql12-pltcl-12.22-150200.8.66.1 * postgresql12-contrib-12.22-150200.8.66.1 * postgresql12-llvmjit-devel-12.22-150200.8.66.1 * postgresql12-plpython-debuginfo-12.22-150200.8.66.1 * postgresql12-12.22-150200.8.66.1 * postgresql12-plperl-12.22-150200.8.66.1 * postgresql12-llvmjit-12.22-150200.8.66.1 * postgresql12-devel-debuginfo-12.22-150200.8.66.1 * postgresql12-debugsource-12.22-150200.8.66.1 * postgresql12-test-12.22-150200.8.66.1 * postgresql12-server-devel-debuginfo-12.22-150200.8.66.1 * openSUSE Leap 15.5 (noarch) * postgresql12-docs-12.22-150200.8.66.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * postgresql12-plpython-12.22-150200.8.66.1 * postgresql12-pltcl-debuginfo-12.22-150200.8.66.1 * postgresql12-server-devel-12.22-150200.8.66.1 * postgresql12-server-debuginfo-12.22-150200.8.66.1 * postgresql12-debuginfo-12.22-150200.8.66.1 * postgresql12-devel-12.22-150200.8.66.1 * postgresql12-plperl-debuginfo-12.22-150200.8.66.1 * postgresql12-server-12.22-150200.8.66.1 * postgresql12-llvmjit-debuginfo-12.22-150200.8.66.1 * postgresql12-contrib-debuginfo-12.22-150200.8.66.1 * postgresql12-pltcl-12.22-150200.8.66.1 * postgresql12-contrib-12.22-150200.8.66.1 * postgresql12-llvmjit-devel-12.22-150200.8.66.1 * postgresql12-plpython-debuginfo-12.22-150200.8.66.1 * postgresql12-12.22-150200.8.66.1 * postgresql12-plperl-12.22-150200.8.66.1 * postgresql12-llvmjit-12.22-150200.8.66.1 * postgresql12-devel-debuginfo-12.22-150200.8.66.1 * postgresql12-debugsource-12.22-150200.8.66.1 * postgresql12-test-12.22-150200.8.66.1 * postgresql12-server-devel-debuginfo-12.22-150200.8.66.1 * openSUSE Leap 15.6 (noarch) * postgresql12-docs-12.22-150200.8.66.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10976.html * https://www.suse.com/security/cve/CVE-2024-10977.html * https://www.suse.com/security/cve/CVE-2024-10978.html * https://www.suse.com/security/cve/CVE-2024-10979.html * https://bugzilla.suse.com/show_bug.cgi?id=1233323 * https://bugzilla.suse.com/show_bug.cgi?id=1233325 * https://bugzilla.suse.com/show_bug.cgi?id=1233326 * https://bugzilla.suse.com/show_bug.cgi?id=1233327 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 28 16:33:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Nov 2024 16:33:08 -0000 Subject: SUSE-SU-2024:4098-1: important: Security update for postgresql15 Message-ID: <173281158835.13386.5453565789596027611@smelt2.prg2.suse.org> # Security update for postgresql15 Announcement ID: SUSE-SU-2024:4098-1 Release Date: 2024-11-28T12:24:37Z Rating: important References: * bsc#1233323 * bsc#1233325 * bsc#1233326 * bsc#1233327 Cross-References: * CVE-2024-10976 * CVE-2024-10977 * CVE-2024-10978 * CVE-2024-10979 CVSS scores: * CVE-2024-10976 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10976 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10977 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10977 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10978 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10978 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10979 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-10979 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for postgresql15 fixes the following issues: * CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference (bsc#1233323). * CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol negotiation (bsc#1233325). * CVE-2024-10978: Fix unintended interactions between SET SESSION AUTHORIZATION and SET ROLE (bsc#1233326). * CVE-2024-10979: Prevent trusted PL/Perl code from changing environment variables (bsc#1233327). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-4098=1 openSUSE-SLE-15.6-2024-4098=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-4098=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql15-debuginfo-15.10-150600.16.9.1 * postgresql15-llvmjit-debuginfo-15.10-150600.16.9.1 * postgresql15-plpython-debuginfo-15.10-150600.16.9.1 * postgresql15-plperl-15.10-150600.16.9.1 * postgresql15-server-devel-15.10-150600.16.9.1 * postgresql15-15.10-150600.16.9.1 * postgresql15-contrib-debuginfo-15.10-150600.16.9.1 * postgresql15-devel-15.10-150600.16.9.1 * postgresql15-llvmjit-15.10-150600.16.9.1 * postgresql15-plperl-debuginfo-15.10-150600.16.9.1 * postgresql15-server-devel-debuginfo-15.10-150600.16.9.1 * postgresql15-contrib-15.10-150600.16.9.1 * postgresql15-pltcl-debuginfo-15.10-150600.16.9.1 * postgresql15-plpython-15.10-150600.16.9.1 * postgresql15-server-15.10-150600.16.9.1 * postgresql15-debugsource-15.10-150600.16.9.1 * postgresql15-pltcl-15.10-150600.16.9.1 * postgresql15-llvmjit-devel-15.10-150600.16.9.1 * postgresql15-test-15.10-150600.16.9.1 * postgresql15-devel-debuginfo-15.10-150600.16.9.1 * postgresql15-server-debuginfo-15.10-150600.16.9.1 * openSUSE Leap 15.6 (noarch) * postgresql15-docs-15.10-150600.16.9.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql15-debuginfo-15.10-150600.16.9.1 * postgresql15-plperl-debuginfo-15.10-150600.16.9.1 * postgresql15-server-devel-15.10-150600.16.9.1 * postgresql15-devel-15.10-150600.16.9.1 * postgresql15-devel-debuginfo-15.10-150600.16.9.1 * postgresql15-server-devel-debuginfo-15.10-150600.16.9.1 * postgresql15-contrib-15.10-150600.16.9.1 * postgresql15-plperl-15.10-150600.16.9.1 * postgresql15-server-debuginfo-15.10-150600.16.9.1 * postgresql15-15.10-150600.16.9.1 * postgresql15-plpython-debuginfo-15.10-150600.16.9.1 * postgresql15-pltcl-debuginfo-15.10-150600.16.9.1 * postgresql15-plpython-15.10-150600.16.9.1 * postgresql15-server-15.10-150600.16.9.1 * postgresql15-contrib-debuginfo-15.10-150600.16.9.1 * postgresql15-debugsource-15.10-150600.16.9.1 * postgresql15-pltcl-15.10-150600.16.9.1 * Legacy Module 15-SP6 (noarch) * postgresql15-docs-15.10-150600.16.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10976.html * https://www.suse.com/security/cve/CVE-2024-10977.html * https://www.suse.com/security/cve/CVE-2024-10978.html * https://www.suse.com/security/cve/CVE-2024-10979.html * https://bugzilla.suse.com/show_bug.cgi?id=1233323 * https://bugzilla.suse.com/show_bug.cgi?id=1233325 * https://bugzilla.suse.com/show_bug.cgi?id=1233326 * https://bugzilla.suse.com/show_bug.cgi?id=1233327 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 28 16:33:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Nov 2024 16:33:13 -0000 Subject: SUSE-SU-2024:4097-1: important: Security update for postgresql12 Message-ID: <173281159324.13386.2208954707769382441@smelt2.prg2.suse.org> # Security update for postgresql12 Announcement ID: SUSE-SU-2024:4097-1 Release Date: 2024-11-28T12:24:21Z Rating: important References: * bsc#1233323 * bsc#1233325 * bsc#1233326 * bsc#1233327 Cross-References: * CVE-2024-10976 * CVE-2024-10977 * CVE-2024-10978 * CVE-2024-10979 CVSS scores: * CVE-2024-10976 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10976 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10977 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10977 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10978 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10978 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10979 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-10979 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for postgresql12 fixes the following issues: * CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference (bsc#1233323). * CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol negotiation (bsc#1233325). * CVE-2024-10978: Fix unintended interactions between SET SESSION AUTHORIZATION and SET ROLE (bsc#1233326). * CVE-2024-10979: Prevent trusted PL/Perl code from changing environment variables (bsc#1233327). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2024-4097=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-4097=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql12-debuginfo-12.22-3.63.1 * postgresql12-pltcl-12.22-3.63.1 * postgresql12-pltcl-debuginfo-12.22-3.63.1 * postgresql12-plperl-12.22-3.63.1 * postgresql12-contrib-debuginfo-12.22-3.63.1 * postgresql12-plpython-debuginfo-12.22-3.63.1 * postgresql12-server-12.22-3.63.1 * postgresql12-plperl-debuginfo-12.22-3.63.1 * postgresql12-debugsource-12.22-3.63.1 * postgresql12-12.22-3.63.1 * postgresql12-plpython-12.22-3.63.1 * postgresql12-contrib-12.22-3.63.1 * postgresql12-server-debuginfo-12.22-3.63.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * postgresql12-docs-12.22-3.63.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * postgresql12-debuginfo-12.22-3.63.1 * postgresql12-pltcl-12.22-3.63.1 * postgresql12-pltcl-debuginfo-12.22-3.63.1 * postgresql12-plperl-12.22-3.63.1 * postgresql12-contrib-debuginfo-12.22-3.63.1 * postgresql12-plpython-debuginfo-12.22-3.63.1 * postgresql12-server-12.22-3.63.1 * postgresql12-plperl-debuginfo-12.22-3.63.1 * postgresql12-debugsource-12.22-3.63.1 * postgresql12-12.22-3.63.1 * postgresql12-plpython-12.22-3.63.1 * postgresql12-contrib-12.22-3.63.1 * postgresql12-server-debuginfo-12.22-3.63.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * postgresql12-docs-12.22-3.63.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10976.html * https://www.suse.com/security/cve/CVE-2024-10977.html * https://www.suse.com/security/cve/CVE-2024-10978.html * https://www.suse.com/security/cve/CVE-2024-10979.html * https://bugzilla.suse.com/show_bug.cgi?id=1233323 * https://bugzilla.suse.com/show_bug.cgi?id=1233325 * https://bugzilla.suse.com/show_bug.cgi?id=1233326 * https://bugzilla.suse.com/show_bug.cgi?id=1233327 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 28 16:33:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Nov 2024 16:33:17 -0000 Subject: SUSE-SU-2024:4096-1: important: Security update for postgresql14 Message-ID: <173281159721.13386.6474230925981439832@smelt2.prg2.suse.org> # Security update for postgresql14 Announcement ID: SUSE-SU-2024:4096-1 Release Date: 2024-11-28T12:24:11Z Rating: important References: * bsc#1233323 * bsc#1233325 * bsc#1233326 * bsc#1233327 Cross-References: * CVE-2024-10976 * CVE-2024-10977 * CVE-2024-10978 * CVE-2024-10979 CVSS scores: * CVE-2024-10976 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10976 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10977 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10977 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10978 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10978 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10979 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-10979 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for postgresql14 fixes the following issues: * CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference (bsc#1233323). * CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol negotiation (bsc#1233325). * CVE-2024-10978: Fix unintended interactions between SET SESSION AUTHORIZATION and SET ROLE (bsc#1233326). * CVE-2024-10979: Prevent trusted PL/Perl code from changing environment variables (bsc#1233327). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-4096=1 * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2024-4096=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * postgresql14-pltcl-14.15-3.49.1 * postgresql14-debuginfo-14.15-3.49.1 * postgresql14-14.15-3.49.1 * postgresql14-debugsource-14.15-3.49.1 * postgresql14-server-debuginfo-14.15-3.49.1 * postgresql14-plpython-14.15-3.49.1 * postgresql14-plperl-debuginfo-14.15-3.49.1 * postgresql14-pltcl-debuginfo-14.15-3.49.1 * postgresql14-contrib-debuginfo-14.15-3.49.1 * postgresql14-plpython-debuginfo-14.15-3.49.1 * postgresql14-contrib-14.15-3.49.1 * postgresql14-plperl-14.15-3.49.1 * postgresql14-server-14.15-3.49.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * postgresql14-docs-14.15-3.49.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql14-pltcl-14.15-3.49.1 * postgresql14-debuginfo-14.15-3.49.1 * postgresql14-14.15-3.49.1 * postgresql14-debugsource-14.15-3.49.1 * postgresql14-server-debuginfo-14.15-3.49.1 * postgresql14-plpython-14.15-3.49.1 * postgresql14-plperl-debuginfo-14.15-3.49.1 * postgresql14-pltcl-debuginfo-14.15-3.49.1 * postgresql14-contrib-debuginfo-14.15-3.49.1 * postgresql14-plpython-debuginfo-14.15-3.49.1 * postgresql14-contrib-14.15-3.49.1 * postgresql14-plperl-14.15-3.49.1 * postgresql14-server-14.15-3.49.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * postgresql14-docs-14.15-3.49.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10976.html * https://www.suse.com/security/cve/CVE-2024-10977.html * https://www.suse.com/security/cve/CVE-2024-10978.html * https://www.suse.com/security/cve/CVE-2024-10979.html * https://bugzilla.suse.com/show_bug.cgi?id=1233323 * https://bugzilla.suse.com/show_bug.cgi?id=1233325 * https://bugzilla.suse.com/show_bug.cgi?id=1233326 * https://bugzilla.suse.com/show_bug.cgi?id=1233327 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 28 16:33:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Nov 2024 16:33:20 -0000 Subject: SUSE-SU-2024:4095-1: important: Security update for postgresql15 Message-ID: <173281160098.13386.1612104408494366006@smelt2.prg2.suse.org> # Security update for postgresql15 Announcement ID: SUSE-SU-2024:4095-1 Release Date: 2024-11-28T12:24:01Z Rating: important References: * bsc#1233323 * bsc#1233325 * bsc#1233326 * bsc#1233327 Cross-References: * CVE-2024-10976 * CVE-2024-10977 * CVE-2024-10978 * CVE-2024-10979 CVSS scores: * CVE-2024-10976 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10976 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10977 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10977 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10978 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10978 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10979 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-10979 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for postgresql15 fixes the following issues: * CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference (bsc#1233323). * CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol negotiation (bsc#1233325). * CVE-2024-10978: Fix unintended interactions between SET SESSION AUTHORIZATION and SET ROLE (bsc#1233326). * CVE-2024-10979: Prevent trusted PL/Perl code from changing environment variables (bsc#1233327). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2024-4095=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-4095=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql15-pltcl-debuginfo-15.10-3.33.1 * postgresql15-plpython-15.10-3.33.1 * postgresql15-debuginfo-15.10-3.33.1 * postgresql15-server-15.10-3.33.1 * postgresql15-pltcl-15.10-3.33.1 * postgresql15-contrib-15.10-3.33.1 * postgresql15-plperl-15.10-3.33.1 * postgresql15-plperl-debuginfo-15.10-3.33.1 * postgresql15-15.10-3.33.1 * postgresql15-plpython-debuginfo-15.10-3.33.1 * postgresql15-server-debuginfo-15.10-3.33.1 * postgresql15-contrib-debuginfo-15.10-3.33.1 * postgresql15-debugsource-15.10-3.33.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * postgresql15-docs-15.10-3.33.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * postgresql15-pltcl-debuginfo-15.10-3.33.1 * postgresql15-plpython-15.10-3.33.1 * postgresql15-debuginfo-15.10-3.33.1 * postgresql15-server-15.10-3.33.1 * postgresql15-pltcl-15.10-3.33.1 * postgresql15-contrib-15.10-3.33.1 * postgresql15-plperl-15.10-3.33.1 * postgresql15-plperl-debuginfo-15.10-3.33.1 * postgresql15-15.10-3.33.1 * postgresql15-plpython-debuginfo-15.10-3.33.1 * postgresql15-server-debuginfo-15.10-3.33.1 * postgresql15-contrib-debuginfo-15.10-3.33.1 * postgresql15-debugsource-15.10-3.33.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * postgresql15-docs-15.10-3.33.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10976.html * https://www.suse.com/security/cve/CVE-2024-10977.html * https://www.suse.com/security/cve/CVE-2024-10978.html * https://www.suse.com/security/cve/CVE-2024-10979.html * https://bugzilla.suse.com/show_bug.cgi?id=1233323 * https://bugzilla.suse.com/show_bug.cgi?id=1233325 * https://bugzilla.suse.com/show_bug.cgi?id=1233326 * https://bugzilla.suse.com/show_bug.cgi?id=1233327 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 28 20:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 28 Nov 2024 20:30:05 -0000 Subject: SUSE-SU-2024:4109-1: moderate: Security update for libuv Message-ID: <173282580552.13380.3972595112609048965@smelt2.prg2.suse.org> # Security update for libuv Announcement ID: SUSE-SU-2024:4109-1 Release Date: 2024-11-28T16:15:50Z Rating: moderate References: * bsc#1219724 Cross-References: * CVE-2024-24806 CVSS scores: * CVE-2024-24806 ( SUSE ): 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N * CVE-2024-24806 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for libuv fixes the following issues: * CVE-2024-24806: Fixed improper Domain Lookup that potentially leads to SSRF attacks (bsc#1219724) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-4109=1 openSUSE-SLE-15.5-2024-4109=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4109=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-4109=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4109=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4109=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libuv1-debuginfo-1.44.2-150500.3.5.1 * libuv1-1.44.2-150500.3.5.1 * libuv-debugsource-1.44.2-150500.3.5.1 * libuv-devel-1.44.2-150500.3.5.1 * openSUSE Leap 15.5 (x86_64) * libuv1-32bit-1.44.2-150500.3.5.1 * libuv1-32bit-debuginfo-1.44.2-150500.3.5.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libuv1-64bit-debuginfo-1.44.2-150500.3.5.1 * libuv1-64bit-1.44.2-150500.3.5.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libuv1-debuginfo-1.44.2-150500.3.5.1 * libuv1-1.44.2-150500.3.5.1 * libuv-debugsource-1.44.2-150500.3.5.1 * libuv-devel-1.44.2-150500.3.5.1 * openSUSE Leap 15.6 (x86_64) * libuv1-32bit-1.44.2-150500.3.5.1 * libuv1-32bit-debuginfo-1.44.2-150500.3.5.1 * SUSE Linux Enterprise Micro 5.5 (aarch64) * libuv-debugsource-1.44.2-150500.3.5.1 * libuv-devel-1.44.2-150500.3.5.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libuv1-debuginfo-1.44.2-150500.3.5.1 * libuv1-1.44.2-150500.3.5.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libuv1-debuginfo-1.44.2-150500.3.5.1 * libuv1-1.44.2-150500.3.5.1 * libuv-debugsource-1.44.2-150500.3.5.1 * libuv-devel-1.44.2-150500.3.5.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libuv1-debuginfo-1.44.2-150500.3.5.1 * libuv1-1.44.2-150500.3.5.1 * libuv-debugsource-1.44.2-150500.3.5.1 * libuv-devel-1.44.2-150500.3.5.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24806.html * https://bugzilla.suse.com/show_bug.cgi?id=1219724 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 29 12:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Nov 2024 12:30:10 -0000 Subject: SUSE-SU-2024:4114-1: important: Security update for postgresql13 Message-ID: <173288341034.13579.13257149605988718860@smelt2.prg2.suse.org> # Security update for postgresql13 Announcement ID: SUSE-SU-2024:4114-1 Release Date: 2024-11-29T09:26:36Z Rating: important References: * bsc#1233323 * bsc#1233325 * bsc#1233326 * bsc#1233327 Cross-References: * CVE-2024-10976 * CVE-2024-10977 * CVE-2024-10978 * CVE-2024-10979 CVSS scores: * CVE-2024-10976 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10976 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10977 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10977 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10978 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10978 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10979 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-10979 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for postgresql13 fixes the following issues: * CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference (bsc#1233323). * CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol negotiation (bsc#1233325). * CVE-2024-10978: Fix unintended interactions between SET SESSION AUTHORIZATION and SET ROLE (bsc#1233326). * CVE-2024-10979: Prevent trusted PL/Perl code from changing environment variables (bsc#1233327). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2024-4114=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-4114=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS (aarch64 ppc64le s390x x86_64) * postgresql13-pltcl-debuginfo-13.18-3.55.2 * postgresql13-pltcl-13.18-3.55.2 * postgresql13-plpython-debuginfo-13.18-3.55.2 * postgresql13-13.18-3.55.2 * postgresql13-debuginfo-13.18-3.55.2 * postgresql13-contrib-13.18-3.55.2 * postgresql13-plperl-debuginfo-13.18-3.55.2 * postgresql13-debugsource-13.18-3.55.2 * postgresql13-server-debuginfo-13.18-3.55.2 * postgresql13-plperl-13.18-3.55.2 * postgresql13-plpython-13.18-3.55.2 * postgresql13-contrib-debuginfo-13.18-3.55.2 * postgresql13-server-13.18-3.55.2 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * postgresql13-docs-13.18-3.55.2 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * postgresql13-pltcl-debuginfo-13.18-3.55.2 * postgresql13-pltcl-13.18-3.55.2 * postgresql13-plpython-debuginfo-13.18-3.55.2 * postgresql13-13.18-3.55.2 * postgresql13-debuginfo-13.18-3.55.2 * postgresql13-contrib-13.18-3.55.2 * postgresql13-plperl-debuginfo-13.18-3.55.2 * postgresql13-debugsource-13.18-3.55.2 * postgresql13-server-debuginfo-13.18-3.55.2 * postgresql13-plperl-13.18-3.55.2 * postgresql13-plpython-13.18-3.55.2 * postgresql13-contrib-debuginfo-13.18-3.55.2 * postgresql13-server-13.18-3.55.2 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * postgresql13-docs-13.18-3.55.2 ## References: * https://www.suse.com/security/cve/CVE-2024-10976.html * https://www.suse.com/security/cve/CVE-2024-10977.html * https://www.suse.com/security/cve/CVE-2024-10978.html * https://www.suse.com/security/cve/CVE-2024-10979.html * https://bugzilla.suse.com/show_bug.cgi?id=1233323 * https://bugzilla.suse.com/show_bug.cgi?id=1233325 * https://bugzilla.suse.com/show_bug.cgi?id=1233326 * https://bugzilla.suse.com/show_bug.cgi?id=1233327 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 29 12:30:26 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Nov 2024 12:30:26 -0000 Subject: SUSE-SU-2024:4110-1: moderate: Security update for python-aiohttp Message-ID: <173288342623.13579.13084530652849992745@smelt2.prg2.suse.org> # Security update for python-aiohttp Announcement ID: SUSE-SU-2024:4110-1 Release Date: 2024-11-29T08:06:37Z Rating: moderate References: * bsc#1233447 Cross-References: * CVE-2024-52304 CVSS scores: * CVE-2024-52304 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-52304 ( NVD ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-52304 ( NVD ): 0.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N Affected Products: * openSUSE Leap 15.5 * Public Cloud Module 15-SP2 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.1 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.1 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-aiohttp fixes the following issues: * CVE-2024-52304: Fixed request smuggling due to incorrect parsing of chunk extensions (bsc#1233447) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4110=1 * Public Cloud Module 15-SP2 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2024-4110=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2024-4110=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-4110=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-4110=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-4110=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python-aiohttp-debugsource-3.6.0-150100.3.18.1 * python3-aiohttp-debuginfo-3.6.0-150100.3.18.1 * python-aiohttp-doc-3.6.0-150100.3.18.1 * python3-aiohttp-3.6.0-150100.3.18.1 * Public Cloud Module 15-SP2 (aarch64 ppc64le s390x x86_64) * python-aiohttp-debugsource-3.6.0-150100.3.18.1 * python3-aiohttp-debuginfo-3.6.0-150100.3.18.1 * python-aiohttp-doc-3.6.0-150100.3.18.1 * python3-aiohttp-3.6.0-150100.3.18.1 * Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64) * python-aiohttp-debugsource-3.6.0-150100.3.18.1 * python3-aiohttp-debuginfo-3.6.0-150100.3.18.1 * python3-aiohttp-3.6.0-150100.3.18.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * python-aiohttp-debugsource-3.6.0-150100.3.18.1 * python3-aiohttp-debuginfo-3.6.0-150100.3.18.1 * python3-aiohttp-3.6.0-150100.3.18.1 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python-aiohttp-debugsource-3.6.0-150100.3.18.1 * python3-aiohttp-debuginfo-3.6.0-150100.3.18.1 * python3-aiohttp-3.6.0-150100.3.18.1 * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python-aiohttp-debugsource-3.6.0-150100.3.18.1 * python3-aiohttp-debuginfo-3.6.0-150100.3.18.1 * python3-aiohttp-3.6.0-150100.3.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-52304.html * https://bugzilla.suse.com/show_bug.cgi?id=1233447 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 29 20:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Nov 2024 20:30:08 -0000 Subject: SUSE-SU-2024:4118-1: important: Security update for postgresql14 Message-ID: <173291220888.13380.9000368915244227519@smelt2.prg2.suse.org> # Security update for postgresql14 Announcement ID: SUSE-SU-2024:4118-1 Release Date: 2024-11-29T16:24:08Z Rating: important References: * bsc#1233323 * bsc#1233325 * bsc#1233326 * bsc#1233327 Cross-References: * CVE-2024-10976 * CVE-2024-10977 * CVE-2024-10978 * CVE-2024-10979 CVSS scores: * CVE-2024-10976 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10976 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10977 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10977 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10978 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10978 ( NVD ): 4.2 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-10979 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-10979 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for postgresql14 fixes the following issues: * CVE-2024-10976: Ensure cached plans are marked as dependent on the calling role when RLS applies to a non-top-level table reference (bsc#1233323). * CVE-2024-10977: Make libpq discard error messages received during SSL or GSS protocol negotiation (bsc#1233325). * CVE-2024-10978: Fix unintended interactions between SET SESSION AUTHORIZATION and SET ROLE (bsc#1233326). * CVE-2024-10979: Prevent trusted PL/Perl code from changing environment variables (bsc#1233327). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-4118=1 openSUSE-SLE-15.6-2024-4118=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-4118=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-4118=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql14-plpython-14.15-150600.16.9.1 * postgresql14-test-14.15-150600.16.9.1 * postgresql14-debugsource-14.15-150600.16.9.1 * postgresql14-contrib-debuginfo-14.15-150600.16.9.1 * postgresql14-contrib-14.15-150600.16.9.1 * postgresql14-plperl-debuginfo-14.15-150600.16.9.1 * postgresql14-debuginfo-14.15-150600.16.9.1 * postgresql14-plpython-debuginfo-14.15-150600.16.9.1 * postgresql14-devel-debuginfo-14.15-150600.16.9.1 * postgresql14-14.15-150600.16.9.1 * postgresql14-plperl-14.15-150600.16.9.1 * postgresql14-llvmjit-debuginfo-14.15-150600.16.9.1 * postgresql14-devel-14.15-150600.16.9.1 * postgresql14-server-devel-debuginfo-14.15-150600.16.9.1 * postgresql14-llvmjit-14.15-150600.16.9.1 * postgresql14-llvmjit-devel-14.15-150600.16.9.1 * postgresql14-pltcl-debuginfo-14.15-150600.16.9.1 * postgresql14-server-devel-14.15-150600.16.9.1 * postgresql14-pltcl-14.15-150600.16.9.1 * postgresql14-server-14.15-150600.16.9.1 * postgresql14-server-debuginfo-14.15-150600.16.9.1 * openSUSE Leap 15.6 (noarch) * postgresql14-docs-14.15-150600.16.9.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql14-debuginfo-14.15-150600.16.9.1 * postgresql14-pltcl-debuginfo-14.15-150600.16.9.1 * postgresql14-contrib-debuginfo-14.15-150600.16.9.1 * postgresql14-devel-debuginfo-14.15-150600.16.9.1 * postgresql14-plpython-debuginfo-14.15-150600.16.9.1 * postgresql14-server-devel-14.15-150600.16.9.1 * postgresql14-plpython-14.15-150600.16.9.1 * postgresql14-14.15-150600.16.9.1 * postgresql14-plperl-14.15-150600.16.9.1 * postgresql14-pltcl-14.15-150600.16.9.1 * postgresql14-server-14.15-150600.16.9.1 * postgresql14-debugsource-14.15-150600.16.9.1 * postgresql14-devel-14.15-150600.16.9.1 * postgresql14-server-devel-debuginfo-14.15-150600.16.9.1 * postgresql14-contrib-14.15-150600.16.9.1 * postgresql14-server-debuginfo-14.15-150600.16.9.1 * postgresql14-plperl-debuginfo-14.15-150600.16.9.1 * Legacy Module 15-SP6 (noarch) * postgresql14-docs-14.15-150600.16.9.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql14-debuginfo-14.15-150600.16.9.1 * postgresql14-test-14.15-150600.16.9.1 * postgresql14-debugsource-14.15-150600.16.9.1 * postgresql14-llvmjit-debuginfo-14.15-150600.16.9.1 * postgresql14-llvmjit-14.15-150600.16.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10976.html * https://www.suse.com/security/cve/CVE-2024-10977.html * https://www.suse.com/security/cve/CVE-2024-10978.html * https://www.suse.com/security/cve/CVE-2024-10979.html * https://bugzilla.suse.com/show_bug.cgi?id=1233323 * https://bugzilla.suse.com/show_bug.cgi?id=1233325 * https://bugzilla.suse.com/show_bug.cgi?id=1233326 * https://bugzilla.suse.com/show_bug.cgi?id=1233327 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 29 20:30:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Nov 2024 20:30:13 -0000 Subject: SUSE-SU-2024:4117-1: important: Security update for webkit2gtk3 Message-ID: <173291221329.13380.6061500845337150017@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2024:4117-1 Release Date: 2024-11-29T16:23:46Z Rating: important References: * bsc#1232747 * bsc#1233631 * bsc#1233632 Cross-References: * CVE-2024-44185 * CVE-2024-44296 * CVE-2024-44308 * CVE-2024-44309 * CVE-2044-44244 CVSS scores: * CVE-2024-44185 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44185 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44296 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-44296 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-44296 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-44296 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-44308 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-44308 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-44308 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-44309 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-44309 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-44309 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * Development Tools Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.46.3 (bsc#1232747), including fixes for: * CVE-2024-44308: Fixed arbitrary code execution by not allocating DFG register after a slow path (bsc#1233631). * CVE-2024-44309: Fixed a data isolation bypass vulnerability (bsc#1233632). * CVE-2024-44244: Processing maliciously crafted web content may lead to an unexpected process crash. * CVE-2024-44296: Processing maliciously crafted web content may prevent Content Security Policy from being enforced. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4117=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4117=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4117=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4117=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-4117=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-4117=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4117=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4117=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4117=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4117=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4117=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4117=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4117=1 ## Package List: * SUSE Manager Server 4.3 (noarch) * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 * openSUSE Leap 15.4 (noarch) * WebKitGTK-6.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.1-lang-2.46.3-150400.4.97.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * webkit2gtk3-minibrowser-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-debugsource-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-2.46.3-150400.4.97.1 * webkit2gtk4-debugsource-2.46.3-150400.4.97.1 * webkit2gtk4-minibrowser-2.46.3-150400.4.97.1 * webkit2gtk4-devel-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk4-minibrowser-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-6_0-2.46.3-150400.4.97.1 * webkit2gtk3-minibrowser-debuginfo-2.46.3-150400.4.97.1 * webkit-jsc-4.1-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-minibrowser-2.46.3-150400.4.97.1 * webkit2gtk3-devel-2.46.3-150400.4.97.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-2.46.3-150400.4.97.1 * typelib-1_0-WebKit-6_0-2.46.3-150400.4.97.1 * webkitgtk-6_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_1-2.46.3-150400.4.97.1 * webkit-jsc-4-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_1-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 * webkit-jsc-4-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * webkit-jsc-4.1-debuginfo-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-2.46.3-150400.4.97.1 * webkit-jsc-6.0-2.46.3-150400.4.97.1 * webkit-jsc-6.0-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * openSUSE Leap 15.4 (x86_64) * libwebkit2gtk-4_1-0-32bit-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-32bit-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-32bit-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-32bit-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.3-150400.4.97.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-64bit-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-64bit-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-64bit-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-64bit-2.46.3-150400.4.97.1 * openSUSE Leap 15.5 (noarch) * WebKitGTK-6.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.1-lang-2.46.3-150400.4.97.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * webkit2gtk3-minibrowser-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-debugsource-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-2.46.3-150400.4.97.1 * webkit2gtk4-debugsource-2.46.3-150400.4.97.1 * webkit2gtk4-minibrowser-2.46.3-150400.4.97.1 * webkit2gtk4-devel-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk4-minibrowser-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-6_0-2.46.3-150400.4.97.1 * webkit2gtk3-minibrowser-debuginfo-2.46.3-150400.4.97.1 * webkit-jsc-4.1-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-minibrowser-2.46.3-150400.4.97.1 * webkit2gtk3-devel-2.46.3-150400.4.97.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-2.46.3-150400.4.97.1 * typelib-1_0-WebKit-6_0-2.46.3-150400.4.97.1 * webkitgtk-6_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_1-2.46.3-150400.4.97.1 * webkit-jsc-4-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_1-2.46.3-150400.4.97.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 * webkit-jsc-4-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-2.46.3-150400.4.97.1 * webkit-jsc-4.1-debuginfo-2.46.3-150400.4.97.1 * webkit-jsc-6.0-2.46.3-150400.4.97.1 * webkit-jsc-6.0-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * openSUSE Leap 15.5 (x86_64) * libwebkit2gtk-4_1-0-32bit-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-32bit-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-32bit-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-32bit-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.3-150400.4.97.1 * Basesystem Module 15-SP5 (noarch) * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 * Desktop Applications Module 15-SP5 (noarch) * WebKitGTK-4.1-lang-2.46.3-150400.4.97.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libwebkit2gtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_1-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk3-debugsource-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_1-2.46.3-150400.4.97.1 * webkit2gtk3-devel-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-2.46.3-150400.4.97.1 * Development Tools Module 15-SP5 (noarch) * WebKitGTK-6.0-lang-2.46.3-150400.4.97.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * webkitgtk-6_0-injected-bundles-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk4-debugsource-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-debuginfo-2.46.3-150400.4.97.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * WebKitGTK-6.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.1-lang-2.46.3-150400.4.97.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-debugsource-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-2.46.3-150400.4.97.1 * webkit2gtk4-debugsource-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk3-devel-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-2.46.3-150400.4.97.1 * webkitgtk-6_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_1-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_1-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * WebKitGTK-6.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.1-lang-2.46.3-150400.4.97.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-debugsource-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-2.46.3-150400.4.97.1 * webkit2gtk4-debugsource-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk3-devel-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-2.46.3-150400.4.97.1 * webkitgtk-6_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_1-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_1-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * WebKitGTK-6.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.1-lang-2.46.3-150400.4.97.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-debugsource-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-2.46.3-150400.4.97.1 * webkit2gtk4-debugsource-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk3-devel-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-2.46.3-150400.4.97.1 * webkitgtk-6_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_1-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_1-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * WebKitGTK-6.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.1-lang-2.46.3-150400.4.97.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-debugsource-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-2.46.3-150400.4.97.1 * webkit2gtk4-debugsource-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk3-devel-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-2.46.3-150400.4.97.1 * webkitgtk-6_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_1-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_1-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * WebKitGTK-6.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.1-lang-2.46.3-150400.4.97.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-debugsource-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-2.46.3-150400.4.97.1 * webkit2gtk4-debugsource-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk3-devel-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-2.46.3-150400.4.97.1 * webkitgtk-6_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_1-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_1-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * SUSE Manager Proxy 4.3 (noarch) * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * SUSE Manager Proxy 4.3 (x86_64) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 ## References: * https://www.suse.com/security/cve/CVE-2024-44185.html * https://www.suse.com/security/cve/CVE-2024-44296.html * https://www.suse.com/security/cve/CVE-2024-44308.html * https://www.suse.com/security/cve/CVE-2024-44309.html * https://www.suse.com/security/cve/CVE-2044-44244.html * https://bugzilla.suse.com/show_bug.cgi?id=1232747 * https://bugzilla.suse.com/show_bug.cgi?id=1233631 * https://bugzilla.suse.com/show_bug.cgi?id=1233632 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 29 20:30:19 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 29 Nov 2024 20:30:19 -0000 Subject: SUSE-SU-2024:4116-1: important: Security update for xen Message-ID: <173291221956.13380.16933667486405571395@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:4116-1 Release Date: 2024-11-29T16:06:18Z Rating: important References: * bsc#1232542 * bsc#1232622 * bsc#1232624 Cross-References: * CVE-2024-45818 * CVE-2024-45819 CVSS scores: * CVE-2024-45818 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-45818 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-45819 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N * CVE-2024-45819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2024-45818: Fixed deadlock in x86 HVM standard VGA handling (XSA-463) (bsc#1232622). * CVE-2024-45819: Fixed libxl data leaks to PVH guests via ACPI tables (XSA-464) (bsc#1232624). Bug fixes: * Remove usage of net-tools-deprecated from supportconfig plugin (bsc#1232542). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4116=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4116=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4116=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4116=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4116=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4116=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4116=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4116=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4116=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4116=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4116=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4116=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4116=1 ## Package List: * openSUSE Leap 15.4 (aarch64 x86_64 i586) * xen-tools-domU-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-devel-4.16.6_06-150400.4.65.1 * xen-libs-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * openSUSE Leap 15.4 (x86_64) * xen-libs-32bit-debuginfo-4.16.6_06-150400.4.65.1 * xen-libs-32bit-4.16.6_06-150400.4.65.1 * openSUSE Leap 15.4 (aarch64 x86_64) * xen-tools-4.16.6_06-150400.4.65.1 * xen-4.16.6_06-150400.4.65.1 * xen-tools-debuginfo-4.16.6_06-150400.4.65.1 * xen-doc-html-4.16.6_06-150400.4.65.1 * openSUSE Leap 15.4 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_06-150400.4.65.1 * openSUSE Leap 15.4 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.16.6_06-150400.4.65.1 * xen-libs-64bit-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * xen-libs-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * xen-libs-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * xen-libs-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * xen-libs-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * xen-tools-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-devel-4.16.6_06-150400.4.65.1 * xen-4.16.6_06-150400.4.65.1 * xen-libs-4.16.6_06-150400.4.65.1 * xen-tools-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * xen-tools-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-devel-4.16.6_06-150400.4.65.1 * xen-4.16.6_06-150400.4.65.1 * xen-libs-4.16.6_06-150400.4.65.1 * xen-tools-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * xen-tools-domU-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-libs-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * xen-tools-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-devel-4.16.6_06-150400.4.65.1 * xen-4.16.6_06-150400.4.65.1 * xen-libs-4.16.6_06-150400.4.65.1 * xen-tools-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * xen-tools-xendomains-wait-disk-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * xen-tools-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-devel-4.16.6_06-150400.4.65.1 * xen-4.16.6_06-150400.4.65.1 * xen-libs-4.16.6_06-150400.4.65.1 * xen-tools-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_06-150400.4.65.1 * SUSE Manager Proxy 4.3 (x86_64) * xen-tools-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-devel-4.16.6_06-150400.4.65.1 * xen-4.16.6_06-150400.4.65.1 * xen-libs-4.16.6_06-150400.4.65.1 * xen-tools-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Manager Proxy 4.3 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_06-150400.4.65.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * xen-tools-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-devel-4.16.6_06-150400.4.65.1 * xen-4.16.6_06-150400.4.65.1 * xen-libs-4.16.6_06-150400.4.65.1 * xen-tools-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_06-150400.4.65.1 * SUSE Manager Server 4.3 (x86_64) * xen-tools-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-devel-4.16.6_06-150400.4.65.1 * xen-4.16.6_06-150400.4.65.1 * xen-libs-4.16.6_06-150400.4.65.1 * xen-tools-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Manager Server 4.3 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_06-150400.4.65.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45818.html * https://www.suse.com/security/cve/CVE-2024-45819.html * https://bugzilla.suse.com/show_bug.cgi?id=1232542 * https://bugzilla.suse.com/show_bug.cgi?id=1232622 * https://bugzilla.suse.com/show_bug.cgi?id=1232624 -------------- next part -------------- An HTML attachment was scrubbed... URL: