From null at suse.de Mon Sep 2 16:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Sep 2024 16:30:08 -0000 Subject: SUSE-SU-2024:3083-1: moderate: Security update for zziplib Message-ID: <172529460813.19318.3574306430516737696@smelt2.prg2.suse.org> # Security update for zziplib Announcement ID: SUSE-SU-2024:3083-1 Rating: moderate References: * bsc#1227178 Cross-References: * CVE-2024-39134 CVSS scores: * CVE-2024-39134 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for zziplib fixes the following issues: * CVE-2024-39134: Fixed a stack buffer overflow via the __zzip_fetch_disk_trailer() (bsc#1227178) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3083=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3083=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * zziplib-devel-debuginfo-0.13.69-150000.3.20.1 * zziplib-devel-0.13.69-150000.3.20.1 * libzzip-0-13-debuginfo-0.13.69-150000.3.20.1 * libzzip-0-13-0.13.69-150000.3.20.1 * zziplib-debugsource-0.13.69-150000.3.20.1 * openSUSE Leap 15.5 (x86_64) * libzzip-0-13-32bit-debuginfo-0.13.69-150000.3.20.1 * zziplib-devel-32bit-debuginfo-0.13.69-150000.3.20.1 * zziplib-devel-32bit-0.13.69-150000.3.20.1 * libzzip-0-13-32bit-0.13.69-150000.3.20.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * zziplib-devel-debuginfo-0.13.69-150000.3.20.1 * zziplib-devel-0.13.69-150000.3.20.1 * libzzip-0-13-debuginfo-0.13.69-150000.3.20.1 * libzzip-0-13-0.13.69-150000.3.20.1 * zziplib-debugsource-0.13.69-150000.3.20.1 ## References: * https://www.suse.com/security/cve/CVE-2024-39134.html * https://bugzilla.suse.com/show_bug.cgi?id=1227178 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 2 16:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Sep 2024 16:30:14 -0000 Subject: SUSE-SU-2024:3082-1: important: Security update for 389-ds Message-ID: <172529461403.19318.13582300876011061766@smelt2.prg2.suse.org> # Security update for 389-ds Announcement ID: SUSE-SU-2024:3082-1 Rating: important References: * bsc#1225507 * bsc#1225512 * bsc#1226277 * bsc#1228912 Cross-References: * CVE-2024-2199 * CVE-2024-3657 * CVE-2024-5953 CVSS scores: * CVE-2024-2199 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3657 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-5953 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for 389-ds fixes the following issues: Security issues fixed: * CVE-2024-3657: Fixed potential denial of service via specially crafted kerberos AS-REQ request (bsc#1225512) * CVE-2024-5953: Fixed a denial of service caused by malformed userPassword hashes (bsc#1226277) * CVE-2024-2199: Fixed a crash caused by malformed userPassword in do_modify() (bsc#1225507) Non-security issues fixed: * crash when user does change password using iso-8859-1 encoding (bsc#1228912) * Update to version 2.2.10~git2.345056d3: * Issue 2324 - Add a CI test (#6289) * Issue 6284 - BUG - freelist ordering causes high wtime * Update to version 2.2.10~git0.4d7218b7: * Bump version to 2.2.10 * Issue 5327 - Fix test metadata * Issue 5853 - Update Cargo.lock * Issue 5962 - Rearrange includes for 32-bit support logic * Issue 5973 - Fix fedora cop RawHide builds (#5974) * Bump braces from 3.0.2 to 3.0.3 in /src/cockpit/389-console * Issue 6254 - Enabling replication for a sub suffix crashes browser (#6255) * Issue 6224 - d2entry - Could not open id2entry err 0 - at startup when having sub-suffixes (#6225) * Issue 6183 - Slow ldif2db import on a newly created BDB backend (#6208) * Issue 6170 - audit log buffering doesn't handle large updates * Issue 6193 - Test failure: test_tls_command_returns_error_text * Issue 6189 - CI tests fail with `[Errno 2] No such file or directory: '/var/cache/dnf/metadata_lock.pid'` * Issue 6172 - RFE: improve the performance of evaluation of filter component when tested against a large valueset (like group members) (#6173) * Issue 6092 - passwordHistory is not updated with a pre-hashed password (#6093) * Issue 6080 - ns-slapd crash in referint_get_config (#6081) * Issue 6117 - Fix the UTC offset print (#6118) * Issue 5305 - OpenLDAP version autodetection doesn't work * Issue 6112 - RFE - add new operation note for MFA authentications * Issue 5842 - Add log buffering to audit log * Issue 6103 - New connection timeout error breaks errormap (#6104) * Issue 6067 - Improve dsidm CLI No Such Entry handling (#6079) * Issue 6096 - Improve connection timeout error logging (#6097) * Issue 6067 - Add hidden -v and -j options to each CLI subcommand (#6088) * Issue 5487 - Fix various isses with logconv.pl (#6085) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3082=1 openSUSE-SLE-15.5-2024-3082=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3082=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * 389-ds-2.2.10~git2.345056d3-150500.3.21.1 * 389-ds-debugsource-2.2.10~git2.345056d3-150500.3.21.1 * libsvrcore0-2.2.10~git2.345056d3-150500.3.21.1 * 389-ds-snmp-2.2.10~git2.345056d3-150500.3.21.1 * 389-ds-snmp-debuginfo-2.2.10~git2.345056d3-150500.3.21.1 * 389-ds-debuginfo-2.2.10~git2.345056d3-150500.3.21.1 * libsvrcore0-debuginfo-2.2.10~git2.345056d3-150500.3.21.1 * 389-ds-devel-2.2.10~git2.345056d3-150500.3.21.1 * lib389-2.2.10~git2.345056d3-150500.3.21.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * 389-ds-2.2.10~git2.345056d3-150500.3.21.1 * 389-ds-debugsource-2.2.10~git2.345056d3-150500.3.21.1 * libsvrcore0-2.2.10~git2.345056d3-150500.3.21.1 * 389-ds-debuginfo-2.2.10~git2.345056d3-150500.3.21.1 * libsvrcore0-debuginfo-2.2.10~git2.345056d3-150500.3.21.1 * 389-ds-devel-2.2.10~git2.345056d3-150500.3.21.1 * lib389-2.2.10~git2.345056d3-150500.3.21.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2199.html * https://www.suse.com/security/cve/CVE-2024-3657.html * https://www.suse.com/security/cve/CVE-2024-5953.html * https://bugzilla.suse.com/show_bug.cgi?id=1225507 * https://bugzilla.suse.com/show_bug.cgi?id=1225512 * https://bugzilla.suse.com/show_bug.cgi?id=1226277 * https://bugzilla.suse.com/show_bug.cgi?id=1228912 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 2 16:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Sep 2024 16:30:17 -0000 Subject: SUSE-SU-2024:3081-1: important: Security update for kernel-firmware Message-ID: <172529461728.19318.2967579710407007597@smelt2.prg2.suse.org> # Security update for kernel-firmware Announcement ID: SUSE-SU-2024:3081-1 Rating: important References: * bsc#1229069 Cross-References: * CVE-2023-31315 CVSS scores: * CVE-2023-31315 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for kernel-firmware fixes the following issues: * CVE-2023-31315: Fixed validation in a model specific register (MSR) that lead to modification of SMM configuration by malicious program with ring0 access (bsc#1229069) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3081=1 openSUSE-SLE-15.5-2024-3081=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3081=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3081=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3081=1 ## Package List: * openSUSE Leap 15.5 (noarch) * kernel-firmware-liquidio-20230724-150500.3.12.1 * kernel-firmware-nfp-20230724-150500.3.12.1 * kernel-firmware-brcm-20230724-150500.3.12.1 * kernel-firmware-mwifiex-20230724-150500.3.12.1 * kernel-firmware-chelsio-20230724-150500.3.12.1 * kernel-firmware-intel-20230724-150500.3.12.1 * kernel-firmware-ueagle-20230724-150500.3.12.1 * kernel-firmware-bluetooth-20230724-150500.3.12.1 * kernel-firmware-bnx2-20230724-150500.3.12.1 * kernel-firmware-sound-20230724-150500.3.12.1 * kernel-firmware-ath11k-20230724-150500.3.12.1 * kernel-firmware-mellanox-20230724-150500.3.12.1 * kernel-firmware-network-20230724-150500.3.12.1 * kernel-firmware-iwlwifi-20230724-150500.3.12.1 * kernel-firmware-atheros-20230724-150500.3.12.1 * kernel-firmware-mediatek-20230724-150500.3.12.1 * kernel-firmware-20230724-150500.3.12.1 * kernel-firmware-ti-20230724-150500.3.12.1 * kernel-firmware-i915-20230724-150500.3.12.1 * kernel-firmware-media-20230724-150500.3.12.1 * kernel-firmware-ath10k-20230724-150500.3.12.1 * kernel-firmware-qcom-20230724-150500.3.12.1 * kernel-firmware-marvell-20230724-150500.3.12.1 * kernel-firmware-qlogic-20230724-150500.3.12.1 * kernel-firmware-platform-20230724-150500.3.12.1 * kernel-firmware-prestera-20230724-150500.3.12.1 * kernel-firmware-dpaa2-20230724-150500.3.12.1 * kernel-firmware-realtek-20230724-150500.3.12.1 * kernel-firmware-usb-network-20230724-150500.3.12.1 * kernel-firmware-all-20230724-150500.3.12.1 * ucode-amd-20230724-150500.3.12.1 * kernel-firmware-radeon-20230724-150500.3.12.1 * kernel-firmware-serial-20230724-150500.3.12.1 * kernel-firmware-nvidia-20230724-150500.3.12.1 * kernel-firmware-amdgpu-20230724-150500.3.12.1 * openSUSE Leap Micro 5.5 (noarch) * kernel-firmware-liquidio-20230724-150500.3.12.1 * kernel-firmware-nfp-20230724-150500.3.12.1 * kernel-firmware-brcm-20230724-150500.3.12.1 * kernel-firmware-mwifiex-20230724-150500.3.12.1 * kernel-firmware-chelsio-20230724-150500.3.12.1 * kernel-firmware-intel-20230724-150500.3.12.1 * kernel-firmware-ueagle-20230724-150500.3.12.1 * kernel-firmware-bluetooth-20230724-150500.3.12.1 * kernel-firmware-bnx2-20230724-150500.3.12.1 * kernel-firmware-sound-20230724-150500.3.12.1 * kernel-firmware-ath11k-20230724-150500.3.12.1 * kernel-firmware-mellanox-20230724-150500.3.12.1 * kernel-firmware-network-20230724-150500.3.12.1 * kernel-firmware-iwlwifi-20230724-150500.3.12.1 * kernel-firmware-atheros-20230724-150500.3.12.1 * kernel-firmware-mediatek-20230724-150500.3.12.1 * kernel-firmware-ti-20230724-150500.3.12.1 * kernel-firmware-i915-20230724-150500.3.12.1 * kernel-firmware-media-20230724-150500.3.12.1 * kernel-firmware-ath10k-20230724-150500.3.12.1 * kernel-firmware-qcom-20230724-150500.3.12.1 * kernel-firmware-marvell-20230724-150500.3.12.1 * kernel-firmware-qlogic-20230724-150500.3.12.1 * kernel-firmware-platform-20230724-150500.3.12.1 * kernel-firmware-prestera-20230724-150500.3.12.1 * kernel-firmware-dpaa2-20230724-150500.3.12.1 * kernel-firmware-realtek-20230724-150500.3.12.1 * kernel-firmware-usb-network-20230724-150500.3.12.1 * kernel-firmware-all-20230724-150500.3.12.1 * ucode-amd-20230724-150500.3.12.1 * kernel-firmware-radeon-20230724-150500.3.12.1 * kernel-firmware-serial-20230724-150500.3.12.1 * kernel-firmware-nvidia-20230724-150500.3.12.1 * kernel-firmware-amdgpu-20230724-150500.3.12.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-firmware-liquidio-20230724-150500.3.12.1 * kernel-firmware-nfp-20230724-150500.3.12.1 * kernel-firmware-brcm-20230724-150500.3.12.1 * kernel-firmware-mwifiex-20230724-150500.3.12.1 * kernel-firmware-chelsio-20230724-150500.3.12.1 * kernel-firmware-intel-20230724-150500.3.12.1 * kernel-firmware-ueagle-20230724-150500.3.12.1 * kernel-firmware-bluetooth-20230724-150500.3.12.1 * kernel-firmware-bnx2-20230724-150500.3.12.1 * kernel-firmware-sound-20230724-150500.3.12.1 * kernel-firmware-ath11k-20230724-150500.3.12.1 * kernel-firmware-mellanox-20230724-150500.3.12.1 * kernel-firmware-network-20230724-150500.3.12.1 * kernel-firmware-iwlwifi-20230724-150500.3.12.1 * kernel-firmware-atheros-20230724-150500.3.12.1 * kernel-firmware-mediatek-20230724-150500.3.12.1 * kernel-firmware-ti-20230724-150500.3.12.1 * kernel-firmware-i915-20230724-150500.3.12.1 * kernel-firmware-media-20230724-150500.3.12.1 * kernel-firmware-ath10k-20230724-150500.3.12.1 * kernel-firmware-qcom-20230724-150500.3.12.1 * kernel-firmware-marvell-20230724-150500.3.12.1 * kernel-firmware-qlogic-20230724-150500.3.12.1 * kernel-firmware-platform-20230724-150500.3.12.1 * kernel-firmware-prestera-20230724-150500.3.12.1 * kernel-firmware-dpaa2-20230724-150500.3.12.1 * kernel-firmware-realtek-20230724-150500.3.12.1 * kernel-firmware-usb-network-20230724-150500.3.12.1 * kernel-firmware-all-20230724-150500.3.12.1 * ucode-amd-20230724-150500.3.12.1 * kernel-firmware-radeon-20230724-150500.3.12.1 * kernel-firmware-serial-20230724-150500.3.12.1 * kernel-firmware-nvidia-20230724-150500.3.12.1 * kernel-firmware-amdgpu-20230724-150500.3.12.1 * Basesystem Module 15-SP5 (noarch) * kernel-firmware-liquidio-20230724-150500.3.12.1 * kernel-firmware-nfp-20230724-150500.3.12.1 * kernel-firmware-brcm-20230724-150500.3.12.1 * kernel-firmware-mwifiex-20230724-150500.3.12.1 * kernel-firmware-chelsio-20230724-150500.3.12.1 * kernel-firmware-intel-20230724-150500.3.12.1 * kernel-firmware-ueagle-20230724-150500.3.12.1 * kernel-firmware-bluetooth-20230724-150500.3.12.1 * kernel-firmware-bnx2-20230724-150500.3.12.1 * kernel-firmware-sound-20230724-150500.3.12.1 * kernel-firmware-ath11k-20230724-150500.3.12.1 * kernel-firmware-mellanox-20230724-150500.3.12.1 * kernel-firmware-network-20230724-150500.3.12.1 * kernel-firmware-iwlwifi-20230724-150500.3.12.1 * kernel-firmware-atheros-20230724-150500.3.12.1 * kernel-firmware-mediatek-20230724-150500.3.12.1 * kernel-firmware-ti-20230724-150500.3.12.1 * kernel-firmware-i915-20230724-150500.3.12.1 * kernel-firmware-media-20230724-150500.3.12.1 * kernel-firmware-ath10k-20230724-150500.3.12.1 * kernel-firmware-qcom-20230724-150500.3.12.1 * kernel-firmware-marvell-20230724-150500.3.12.1 * kernel-firmware-qlogic-20230724-150500.3.12.1 * kernel-firmware-platform-20230724-150500.3.12.1 * kernel-firmware-prestera-20230724-150500.3.12.1 * kernel-firmware-dpaa2-20230724-150500.3.12.1 * kernel-firmware-realtek-20230724-150500.3.12.1 * kernel-firmware-usb-network-20230724-150500.3.12.1 * kernel-firmware-all-20230724-150500.3.12.1 * ucode-amd-20230724-150500.3.12.1 * kernel-firmware-radeon-20230724-150500.3.12.1 * kernel-firmware-serial-20230724-150500.3.12.1 * kernel-firmware-nvidia-20230724-150500.3.12.1 * kernel-firmware-amdgpu-20230724-150500.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2023-31315.html * https://bugzilla.suse.com/show_bug.cgi?id=1229069 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 2 16:30:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Sep 2024 16:30:20 -0000 Subject: SUSE-SU-2024:3080-1: moderate: Security update for curl Message-ID: <172529462055.19318.2211016096125567791@smelt2.prg2.suse.org> # Security update for curl Announcement ID: SUSE-SU-2024:3080-1 Rating: moderate References: * bsc#1228535 Cross-References: * CVE-2024-7264 CVSS scores: * CVE-2024-7264 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2024-7264 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for curl fixes the following issues: * CVE-2024-7264: Fixed out-of-bounds read in ASN.1 date parser GTime2str() (bsc#1228535) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3080=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3080=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3080=1 * SUSE Linux Enterprise High Performance Computing 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3080=1 * SUSE Linux Enterprise Server 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3080=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3080=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3080=1 * SUSE Linux Enterprise Desktop 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3080=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3080=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3080=1 * SUSE Linux Enterprise High Performance Computing 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3080=1 * SUSE Linux Enterprise Server 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3080=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3080=1 * SUSE Linux Enterprise Desktop 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3080=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3080=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3080=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3080=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3080=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3080=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3080=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libcurl-devel-8.0.1-150400.5.47.1 * libcurl4-debuginfo-8.0.1-150400.5.47.1 * curl-debugsource-8.0.1-150400.5.47.1 * curl-debuginfo-8.0.1-150400.5.47.1 * libcurl4-8.0.1-150400.5.47.1 * curl-8.0.1-150400.5.47.1 * openSUSE Leap 15.4 (x86_64) * libcurl-devel-32bit-8.0.1-150400.5.47.1 * libcurl4-32bit-8.0.1-150400.5.47.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.47.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libcurl-devel-64bit-8.0.1-150400.5.47.1 * libcurl4-64bit-8.0.1-150400.5.47.1 * libcurl4-64bit-debuginfo-8.0.1-150400.5.47.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * libcurl4-debuginfo-8.0.1-150400.5.47.1 * curl-debugsource-8.0.1-150400.5.47.1 * curl-debuginfo-8.0.1-150400.5.47.1 * libcurl4-8.0.1-150400.5.47.1 * curl-8.0.1-150400.5.47.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libcurl-devel-8.0.1-150400.5.47.1 * libcurl4-debuginfo-8.0.1-150400.5.47.1 * curl-debugsource-8.0.1-150400.5.47.1 * curl-debuginfo-8.0.1-150400.5.47.1 * libcurl4-8.0.1-150400.5.47.1 * curl-8.0.1-150400.5.47.1 * openSUSE Leap 15.5 (x86_64) * libcurl-devel-32bit-8.0.1-150400.5.47.1 * libcurl4-32bit-8.0.1-150400.5.47.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.47.1 * SUSE Linux Enterprise High Performance Computing 15 SP4 (aarch64 x86_64) * libcurl4-8.0.1-150400.5.47.1 * SUSE Linux Enterprise Server 15 SP4 (aarch64 ppc64le s390x x86_64) * libcurl4-8.0.1-150400.5.47.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libcurl4-8.0.1-150400.5.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libcurl4-8.0.1-150400.5.47.1 * SUSE Linux Enterprise Desktop 15 SP4 (x86_64) * libcurl4-8.0.1-150400.5.47.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libcurl4-8.0.1-150400.5.47.1 * SUSE Manager Proxy 4.3 (x86_64) * libcurl4-8.0.1-150400.5.47.1 * SUSE Linux Enterprise High Performance Computing 15 SP5 (aarch64 x86_64) * libcurl4-8.0.1-150400.5.47.1 * SUSE Linux Enterprise Server 15 SP5 (aarch64 ppc64le s390x x86_64) * libcurl4-8.0.1-150400.5.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libcurl4-8.0.1-150400.5.47.1 * SUSE Linux Enterprise Desktop 15 SP5 (x86_64) * libcurl4-8.0.1-150400.5.47.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libcurl4-debuginfo-8.0.1-150400.5.47.1 * curl-debugsource-8.0.1-150400.5.47.1 * curl-debuginfo-8.0.1-150400.5.47.1 * libcurl4-8.0.1-150400.5.47.1 * curl-8.0.1-150400.5.47.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libcurl4-debuginfo-8.0.1-150400.5.47.1 * curl-debugsource-8.0.1-150400.5.47.1 * curl-debuginfo-8.0.1-150400.5.47.1 * libcurl4-8.0.1-150400.5.47.1 * curl-8.0.1-150400.5.47.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libcurl4-debuginfo-8.0.1-150400.5.47.1 * curl-debugsource-8.0.1-150400.5.47.1 * curl-debuginfo-8.0.1-150400.5.47.1 * libcurl4-8.0.1-150400.5.47.1 * curl-8.0.1-150400.5.47.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libcurl4-debuginfo-8.0.1-150400.5.47.1 * curl-debugsource-8.0.1-150400.5.47.1 * curl-debuginfo-8.0.1-150400.5.47.1 * libcurl4-8.0.1-150400.5.47.1 * curl-8.0.1-150400.5.47.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libcurl4-debuginfo-8.0.1-150400.5.47.1 * curl-debugsource-8.0.1-150400.5.47.1 * curl-debuginfo-8.0.1-150400.5.47.1 * libcurl4-8.0.1-150400.5.47.1 * curl-8.0.1-150400.5.47.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libcurl-devel-8.0.1-150400.5.47.1 * libcurl4-debuginfo-8.0.1-150400.5.47.1 * curl-debugsource-8.0.1-150400.5.47.1 * curl-debuginfo-8.0.1-150400.5.47.1 * libcurl4-8.0.1-150400.5.47.1 * curl-8.0.1-150400.5.47.1 * Basesystem Module 15-SP5 (x86_64) * libcurl4-32bit-debuginfo-8.0.1-150400.5.47.1 * libcurl4-32bit-8.0.1-150400.5.47.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7264.html * https://bugzilla.suse.com/show_bug.cgi?id=1228535 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 2 16:30:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Sep 2024 16:30:25 -0000 Subject: SUSE-SU-2024:3079-1: important: Security update for libqt5-qt3d Message-ID: <172529462549.19318.5461867151205183991@smelt2.prg2.suse.org> # Security update for libqt5-qt3d Announcement ID: SUSE-SU-2024:3079-1 Rating: important References: * bsc#1228204 Cross-References: * CVE-2024-40724 CVSS scores: * CVE-2024-40724 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40724 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libqt5-qt3d fixes the following issues: * CVE-2024-40724: Fixed heap-based buffer overflow in the PLY importer class in assimp (bsc#1228204) Other fixes: \- Check for a nullptr returned from the shader manager \- Fill image with transparency by default to avoid having junk if it's not filled properly before the first paint call \- Fix QTextureAtlas parenting that could lead to crashes due to being used after free'd. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3079=1 openSUSE-SLE-15.5-2024-3079=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-3079=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libQt53DQuickScene2D5-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DQuickAnimation-devel-5.15.8+kde0-150500.3.3.1 * libqt5-qt3d-examples-5.15.8+kde0-150500.3.3.1 * libQt53DLogic5-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DCore5-5.15.8+kde0-150500.3.3.1 * libQt53DQuickInput5-5.15.8+kde0-150500.3.3.1 * libQt53DRender-devel-5.15.8+kde0-150500.3.3.1 * libQt53DAnimation-devel-5.15.8+kde0-150500.3.3.1 * libQt53DInput-devel-5.15.8+kde0-150500.3.3.1 * libqt5-qt3d-devel-5.15.8+kde0-150500.3.3.1 * libQt53DRender5-5.15.8+kde0-150500.3.3.1 * libqt5-qt3d-examples-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DAnimation5-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DExtras5-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DAnimation5-5.15.8+kde0-150500.3.3.1 * libQt53DQuickInput5-debuginfo-5.15.8+kde0-150500.3.3.1 * libqt5-qt3d-tools-5.15.8+kde0-150500.3.3.1 * libQt53DQuick-devel-5.15.8+kde0-150500.3.3.1 * libQt53DQuickAnimation5-5.15.8+kde0-150500.3.3.1 * libQt53DInput5-5.15.8+kde0-150500.3.3.1 * libQt53DExtras-devel-5.15.8+kde0-150500.3.3.1 * libQt53DQuickExtras5-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DQuickScene2D5-5.15.8+kde0-150500.3.3.1 * libQt53DQuickRender5-5.15.8+kde0-150500.3.3.1 * libQt53DQuick5-debuginfo-5.15.8+kde0-150500.3.3.1 * libqt5-qt3d-imports-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DQuickInput-devel-5.15.8+kde0-150500.3.3.1 * libQt53DQuickExtras-devel-5.15.8+kde0-150500.3.3.1 * libQt53DQuickRender-devel-5.15.8+kde0-150500.3.3.1 * libqt5-qt3d-imports-5.15.8+kde0-150500.3.3.1 * libQt53DQuick5-5.15.8+kde0-150500.3.3.1 * libQt53DExtras5-5.15.8+kde0-150500.3.3.1 * libQt53DQuickScene2D-devel-5.15.8+kde0-150500.3.3.1 * libqt5-qt3d-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DCore-devel-5.15.8+kde0-150500.3.3.1 * libQt53DCore5-debuginfo-5.15.8+kde0-150500.3.3.1 * libqt5-qt3d-debugsource-5.15.8+kde0-150500.3.3.1 * libQt53DInput5-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DQuickExtras5-5.15.8+kde0-150500.3.3.1 * libQt53DQuickRender5-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DLogic-devel-5.15.8+kde0-150500.3.3.1 * libQt53DLogic5-5.15.8+kde0-150500.3.3.1 * libQt53DQuickAnimation5-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DRender5-debuginfo-5.15.8+kde0-150500.3.3.1 * openSUSE Leap 15.5 (noarch) * libqt5-qt3d-private-headers-devel-5.15.8+kde0-150500.3.3.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libQt53DQuickScene2D5-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DQuickAnimation-devel-5.15.8+kde0-150500.3.3.1 * libQt53DLogic5-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DCore5-5.15.8+kde0-150500.3.3.1 * libQt53DQuickInput5-5.15.8+kde0-150500.3.3.1 * libQt53DRender-devel-5.15.8+kde0-150500.3.3.1 * libQt53DAnimation-devel-5.15.8+kde0-150500.3.3.1 * libQt53DInput-devel-5.15.8+kde0-150500.3.3.1 * libqt5-qt3d-devel-5.15.8+kde0-150500.3.3.1 * libQt53DRender5-5.15.8+kde0-150500.3.3.1 * libQt53DAnimation5-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DExtras5-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DAnimation5-5.15.8+kde0-150500.3.3.1 * libQt53DQuickInput5-debuginfo-5.15.8+kde0-150500.3.3.1 * libqt5-qt3d-tools-5.15.8+kde0-150500.3.3.1 * libQt53DQuick-devel-5.15.8+kde0-150500.3.3.1 * libQt53DQuickAnimation5-5.15.8+kde0-150500.3.3.1 * libQt53DInput5-5.15.8+kde0-150500.3.3.1 * libQt53DExtras-devel-5.15.8+kde0-150500.3.3.1 * libQt53DQuickExtras5-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DQuickScene2D5-5.15.8+kde0-150500.3.3.1 * libQt53DQuickRender5-5.15.8+kde0-150500.3.3.1 * libQt53DQuick5-debuginfo-5.15.8+kde0-150500.3.3.1 * libqt5-qt3d-imports-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DQuickInput-devel-5.15.8+kde0-150500.3.3.1 * libQt53DQuickExtras-devel-5.15.8+kde0-150500.3.3.1 * libQt53DQuickRender-devel-5.15.8+kde0-150500.3.3.1 * libqt5-qt3d-imports-5.15.8+kde0-150500.3.3.1 * libQt53DQuick5-5.15.8+kde0-150500.3.3.1 * libQt53DExtras5-5.15.8+kde0-150500.3.3.1 * libQt53DQuickScene2D-devel-5.15.8+kde0-150500.3.3.1 * libqt5-qt3d-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DCore-devel-5.15.8+kde0-150500.3.3.1 * libQt53DCore5-debuginfo-5.15.8+kde0-150500.3.3.1 * libqt5-qt3d-debugsource-5.15.8+kde0-150500.3.3.1 * libQt53DInput5-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DQuickExtras5-5.15.8+kde0-150500.3.3.1 * libQt53DQuickRender5-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DLogic-devel-5.15.8+kde0-150500.3.3.1 * libQt53DLogic5-5.15.8+kde0-150500.3.3.1 * libQt53DQuickAnimation5-debuginfo-5.15.8+kde0-150500.3.3.1 * libQt53DRender5-debuginfo-5.15.8+kde0-150500.3.3.1 * Desktop Applications Module 15-SP5 (noarch) * libqt5-qt3d-private-headers-devel-5.15.8+kde0-150500.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-40724.html * https://bugzilla.suse.com/show_bug.cgi?id=1228204 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 2 16:30:27 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Sep 2024 16:30:27 -0000 Subject: SUSE-SU-2024:3078-1: important: Security update for libqt5-qtquick3d Message-ID: <172529462787.19318.5811710825176736099@smelt2.prg2.suse.org> # Security update for libqt5-qtquick3d Announcement ID: SUSE-SU-2024:3078-1 Rating: important References: * bsc#1228199 Cross-References: * CVE-2024-40724 CVSS scores: * CVE-2024-40724 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40724 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for libqt5-qtquick3d fixes the following issues: * CVE-2024-40724: Fixed heap-based buffer overflow in the PLY importer class in assimp (bsc#1228199) Other fixes: \- Fix progressive anti-aliasing, which doesn't work if any object in the scene used a PrincipledMaterial \- Skip processing unknown uniforms, such as those that are vendor specific: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3078=1 openSUSE-SLE-15.5-2024-3078=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3078=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libQt5Quick3D5-debuginfo-5.15.8+kde1-150500.3.3.1 * libqt5-qtquick3d-devel-5.15.8+kde1-150500.3.3.1 * libqt5-qtquick3d-debuginfo-5.15.8+kde1-150500.3.3.1 * libqt5-qtquick3d-examples-5.15.8+kde1-150500.3.3.1 * libqt5-qtquick3d-imports-5.15.8+kde1-150500.3.3.1 * libQt5Quick3D5-5.15.8+kde1-150500.3.3.1 * libQt5Quick3DAssetImport5-5.15.8+kde1-150500.3.3.1 * libqt5-qtquick3d-examples-debuginfo-5.15.8+kde1-150500.3.3.1 * libqt5-qtquick3d-private-headers-devel-5.15.8+kde1-150500.3.3.1 * libqt5-qtquick3d-tools-5.15.8+kde1-150500.3.3.1 * libqt5-qtquick3d-imports-debuginfo-5.15.8+kde1-150500.3.3.1 * libqt5-qtquick3d-tools-debuginfo-5.15.8+kde1-150500.3.3.1 * libQt5Quick3DAssetImport5-debuginfo-5.15.8+kde1-150500.3.3.1 * libqt5-qtquick3d-debugsource-5.15.8+kde1-150500.3.3.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * libQt5Quick3D5-debuginfo-5.15.8+kde1-150500.3.3.1 * libqt5-qtquick3d-debuginfo-5.15.8+kde1-150500.3.3.1 * libQt5Quick3D5-5.15.8+kde1-150500.3.3.1 * libQt5Quick3DAssetImport5-5.15.8+kde1-150500.3.3.1 * libQt5Quick3DAssetImport5-debuginfo-5.15.8+kde1-150500.3.3.1 * libqt5-qtquick3d-debugsource-5.15.8+kde1-150500.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-40724.html * https://bugzilla.suse.com/show_bug.cgi?id=1228199 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 2 16:30:31 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Sep 2024 16:30:31 -0000 Subject: SUSE-SU-2024:3077-1: important: Security update for qemu Message-ID: <172529463123.19318.4960551815870282718@smelt2.prg2.suse.org> # Security update for qemu Announcement ID: SUSE-SU-2024:3077-1 Rating: important References: * bsc#1227322 Cross-References: * CVE-2024-4467 CVSS scores: * CVE-2024-4467 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for qemu fixes the following issues: * CVE-2024-4467: Fixed denial of service and file read/write via qemu-img info command (bsc#1227322) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3077=1 openSUSE-SLE-15.5-2024-3077=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3077=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3077=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3077=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3077=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3077=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * qemu-block-ssh-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-usb-host-7.1.0-150500.49.18.1 * qemu-ui-opengl-7.1.0-150500.49.18.1 * qemu-audio-jack-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.18.1 * qemu-accel-qtest-7.1.0-150500.49.18.1 * qemu-hw-display-qxl-7.1.0-150500.49.18.1 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.18.1 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.18.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.18.1 * qemu-audio-jack-7.1.0-150500.49.18.1 * qemu-extra-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.18.1 * qemu-arm-7.1.0-150500.49.18.1 * qemu-audio-oss-debuginfo-7.1.0-150500.49.18.1 * qemu-accel-tcg-x86-7.1.0-150500.49.18.1 * qemu-ui-curses-debuginfo-7.1.0-150500.49.18.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.18.1 * qemu-block-ssh-7.1.0-150500.49.18.1 * qemu-tools-debuginfo-7.1.0-150500.49.18.1 * qemu-s390x-7.1.0-150500.49.18.1 * qemu-ivshmem-tools-7.1.0-150500.49.18.1 * qemu-ui-spice-core-7.1.0-150500.49.18.1 * qemu-7.1.0-150500.49.18.1 * qemu-headless-7.1.0-150500.49.18.1 * qemu-ksm-7.1.0-150500.49.18.1 * qemu-linux-user-7.1.0-150500.49.18.1 * qemu-block-nfs-debuginfo-7.1.0-150500.49.18.1 * qemu-block-iscsi-debuginfo-7.1.0-150500.49.18.1 * qemu-audio-pa-debuginfo-7.1.0-150500.49.18.1 * qemu-ui-gtk-7.1.0-150500.49.18.1 * qemu-ui-dbus-7.1.0-150500.49.18.1 * qemu-ui-spice-app-7.1.0-150500.49.18.1 * qemu-audio-dbus-debuginfo-7.1.0-150500.49.18.1 * qemu-ui-dbus-debuginfo-7.1.0-150500.49.18.1 * qemu-block-curl-7.1.0-150500.49.18.1 * qemu-extra-debuginfo-7.1.0-150500.49.18.1 * qemu-chardev-baum-7.1.0-150500.49.18.1 * qemu-ui-curses-7.1.0-150500.49.18.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.18.1 * qemu-chardev-baum-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.18.1 * qemu-block-dmg-debuginfo-7.1.0-150500.49.18.1 * qemu-s390x-debuginfo-7.1.0-150500.49.18.1 * qemu-x86-7.1.0-150500.49.18.1 * qemu-hw-usb-smartcard-7.1.0-150500.49.18.1 * qemu-audio-pa-7.1.0-150500.49.18.1 * qemu-linux-user-debuginfo-7.1.0-150500.49.18.1 * qemu-audio-spice-7.1.0-150500.49.18.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.18.1 * qemu-lang-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.18.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.18.1 * qemu-guest-agent-7.1.0-150500.49.18.1 * qemu-audio-alsa-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.18.1 * qemu-debugsource-7.1.0-150500.49.18.1 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.18.1 * qemu-block-dmg-7.1.0-150500.49.18.1 * qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.18.1 * qemu-block-gluster-debuginfo-7.1.0-150500.49.18.1 * qemu-block-nfs-7.1.0-150500.49.18.1 * qemu-hw-usb-redirect-7.1.0-150500.49.18.1 * qemu-debuginfo-7.1.0-150500.49.18.1 * qemu-audio-dbus-7.1.0-150500.49.18.1 * qemu-x86-debuginfo-7.1.0-150500.49.18.1 * qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.18.1 * qemu-audio-alsa-7.1.0-150500.49.18.1 * qemu-block-iscsi-7.1.0-150500.49.18.1 * qemu-ppc-debuginfo-7.1.0-150500.49.18.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.18.1 * qemu-block-gluster-7.1.0-150500.49.18.1 * qemu-hw-usb-host-debuginfo-7.1.0-150500.49.18.1 * qemu-ppc-7.1.0-150500.49.18.1 * qemu-audio-oss-7.1.0-150500.49.18.1 * qemu-tools-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.18.1 * qemu-chardev-spice-7.1.0-150500.49.18.1 * qemu-vhost-user-gpu-7.1.0-150500.49.18.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.18.1 * qemu-accel-qtest-debuginfo-7.1.0-150500.49.18.1 * qemu-arm-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.18.1 * qemu-linux-user-debugsource-7.1.0-150500.49.18.1 * openSUSE Leap 15.5 (s390x x86_64 i586) * qemu-kvm-7.1.0-150500.49.18.1 * openSUSE Leap 15.5 (noarch) * qemu-sgabios-8-150500.49.18.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.18.1 * qemu-skiboot-7.1.0-150500.49.18.1 * qemu-ipxe-1.0.0+-150500.49.18.1 * qemu-SLOF-7.1.0-150500.49.18.1 * qemu-microvm-7.1.0-150500.49.18.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.18.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * qemu-block-rbd-7.1.0-150500.49.18.1 * qemu-block-rbd-debuginfo-7.1.0-150500.49.18.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * qemu-ui-opengl-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.18.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.18.1 * qemu-audio-spice-7.1.0-150500.49.18.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-display-qxl-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.18.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.18.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.18.1 * qemu-block-curl-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.18.1 * qemu-guest-agent-7.1.0-150500.49.18.1 * qemu-debugsource-7.1.0-150500.49.18.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.18.1 * qemu-tools-7.1.0-150500.49.18.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.18.1 * qemu-chardev-spice-7.1.0-150500.49.18.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-usb-redirect-7.1.0-150500.49.18.1 * qemu-debuginfo-7.1.0-150500.49.18.1 * qemu-tools-debuginfo-7.1.0-150500.49.18.1 * qemu-ui-spice-core-7.1.0-150500.49.18.1 * qemu-7.1.0-150500.49.18.1 * openSUSE Leap Micro 5.5 (x86_64) * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.18.1 * qemu-x86-debuginfo-7.1.0-150500.49.18.1 * qemu-x86-7.1.0-150500.49.18.1 * qemu-accel-tcg-x86-7.1.0-150500.49.18.1 * openSUSE Leap Micro 5.5 (noarch) * qemu-seabios-1.16.0_0_gd239552-150500.49.18.1 * qemu-ipxe-1.0.0+-150500.49.18.1 * qemu-sgabios-8-150500.49.18.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.18.1 * openSUSE Leap Micro 5.5 (s390x) * qemu-s390x-7.1.0-150500.49.18.1 * qemu-s390x-debuginfo-7.1.0-150500.49.18.1 * openSUSE Leap Micro 5.5 (aarch64) * qemu-arm-debuginfo-7.1.0-150500.49.18.1 * qemu-arm-7.1.0-150500.49.18.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * qemu-ui-opengl-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.18.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.18.1 * qemu-audio-spice-7.1.0-150500.49.18.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-display-qxl-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.18.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.18.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.18.1 * qemu-block-curl-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.18.1 * qemu-guest-agent-7.1.0-150500.49.18.1 * qemu-debugsource-7.1.0-150500.49.18.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.18.1 * qemu-tools-7.1.0-150500.49.18.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.18.1 * qemu-chardev-spice-7.1.0-150500.49.18.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-usb-redirect-7.1.0-150500.49.18.1 * qemu-debuginfo-7.1.0-150500.49.18.1 * qemu-tools-debuginfo-7.1.0-150500.49.18.1 * qemu-ui-spice-core-7.1.0-150500.49.18.1 * qemu-7.1.0-150500.49.18.1 * SUSE Linux Enterprise Micro 5.5 (aarch64) * qemu-arm-debuginfo-7.1.0-150500.49.18.1 * qemu-arm-7.1.0-150500.49.18.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * qemu-sgabios-8-150500.49.18.1 * qemu-ipxe-1.0.0+-150500.49.18.1 * qemu-SLOF-7.1.0-150500.49.18.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.18.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.18.1 * SUSE Linux Enterprise Micro 5.5 (ppc64le) * qemu-ppc-debuginfo-7.1.0-150500.49.18.1 * qemu-ppc-7.1.0-150500.49.18.1 * SUSE Linux Enterprise Micro 5.5 (s390x) * qemu-s390x-7.1.0-150500.49.18.1 * qemu-s390x-debuginfo-7.1.0-150500.49.18.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.18.1 * qemu-x86-debuginfo-7.1.0-150500.49.18.1 * qemu-x86-7.1.0-150500.49.18.1 * qemu-accel-tcg-x86-7.1.0-150500.49.18.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * qemu-debugsource-7.1.0-150500.49.18.1 * qemu-tools-7.1.0-150500.49.18.1 * qemu-debuginfo-7.1.0-150500.49.18.1 * qemu-tools-debuginfo-7.1.0-150500.49.18.1 * SUSE Package Hub 15 15-SP5 (noarch) * qemu-sgabios-8-150500.49.18.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.18.1 * qemu-skiboot-7.1.0-150500.49.18.1 * qemu-SLOF-7.1.0-150500.49.18.1 * qemu-microvm-7.1.0-150500.49.18.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.18.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * qemu-block-nfs-debuginfo-7.1.0-150500.49.18.1 * qemu-audio-jack-debuginfo-7.1.0-150500.49.18.1 * qemu-accel-qtest-7.1.0-150500.49.18.1 * qemu-block-gluster-7.1.0-150500.49.18.1 * qemu-audio-jack-7.1.0-150500.49.18.1 * qemu-extra-7.1.0-150500.49.18.1 * qemu-extra-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.18.1 * qemu-debugsource-7.1.0-150500.49.18.1 * qemu-audio-oss-7.1.0-150500.49.18.1 * qemu-audio-oss-debuginfo-7.1.0-150500.49.18.1 * qemu-block-dmg-7.1.0-150500.49.18.1 * qemu-block-dmg-debuginfo-7.1.0-150500.49.18.1 * qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.18.1 * qemu-block-gluster-debuginfo-7.1.0-150500.49.18.1 * qemu-block-nfs-7.1.0-150500.49.18.1 * qemu-vhost-user-gpu-7.1.0-150500.49.18.1 * qemu-accel-qtest-debuginfo-7.1.0-150500.49.18.1 * qemu-debuginfo-7.1.0-150500.49.18.1 * qemu-ivshmem-tools-7.1.0-150500.49.18.1 * qemu-hw-usb-smartcard-7.1.0-150500.49.18.1 * qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.18.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x) * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.18.1 * qemu-audio-alsa-7.1.0-150500.49.18.1 * qemu-audio-pa-debuginfo-7.1.0-150500.49.18.1 * qemu-x86-7.1.0-150500.49.18.1 * qemu-accel-tcg-x86-7.1.0-150500.49.18.1 * qemu-audio-alsa-debuginfo-7.1.0-150500.49.18.1 * qemu-x86-debuginfo-7.1.0-150500.49.18.1 * qemu-audio-pa-7.1.0-150500.49.18.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le) * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.18.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le x86_64) * qemu-s390x-7.1.0-150500.49.18.1 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.18.1 * qemu-s390x-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.18.1 * SUSE Package Hub 15 15-SP5 (aarch64 s390x x86_64) * qemu-ppc-debuginfo-7.1.0-150500.49.18.1 * qemu-ppc-7.1.0-150500.49.18.1 * SUSE Package Hub 15 15-SP5 (ppc64le s390x x86_64) * qemu-arm-debuginfo-7.1.0-150500.49.18.1 * qemu-arm-7.1.0-150500.49.18.1 * SUSE Package Hub 15 15-SP5 (s390x) * qemu-chardev-spice-7.1.0-150500.49.18.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.18.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.18.1 * qemu-ui-spice-app-7.1.0-150500.49.18.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-usb-redirect-7.1.0-150500.49.18.1 * qemu-ui-gtk-7.1.0-150500.49.18.1 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.18.1 * qemu-ui-opengl-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.18.1 * qemu-ui-spice-core-7.1.0-150500.49.18.1 * qemu-audio-spice-7.1.0-150500.49.18.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.18.1 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-display-qxl-7.1.0-150500.49.18.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.18.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * qemu-block-ssh-debuginfo-7.1.0-150500.49.18.1 * qemu-ksm-7.1.0-150500.49.18.1 * qemu-hw-usb-host-7.1.0-150500.49.18.1 * qemu-block-iscsi-debuginfo-7.1.0-150500.49.18.1 * qemu-block-iscsi-7.1.0-150500.49.18.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.18.1 * qemu-ui-dbus-7.1.0-150500.49.18.1 * qemu-hw-usb-host-debuginfo-7.1.0-150500.49.18.1 * qemu-lang-7.1.0-150500.49.18.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.18.1 * qemu-audio-dbus-debuginfo-7.1.0-150500.49.18.1 * qemu-block-rbd-debuginfo-7.1.0-150500.49.18.1 * qemu-ui-dbus-debuginfo-7.1.0-150500.49.18.1 * qemu-block-curl-7.1.0-150500.49.18.1 * qemu-chardev-baum-7.1.0-150500.49.18.1 * qemu-guest-agent-7.1.0-150500.49.18.1 * qemu-block-rbd-7.1.0-150500.49.18.1 * qemu-debugsource-7.1.0-150500.49.18.1 * qemu-ui-curses-7.1.0-150500.49.18.1 * qemu-chardev-baum-debuginfo-7.1.0-150500.49.18.1 * qemu-ui-curses-debuginfo-7.1.0-150500.49.18.1 * qemu-debuginfo-7.1.0-150500.49.18.1 * qemu-block-ssh-7.1.0-150500.49.18.1 * qemu-audio-dbus-7.1.0-150500.49.18.1 * qemu-7.1.0-150500.49.18.1 * Server Applications Module 15-SP5 (aarch64) * qemu-arm-debuginfo-7.1.0-150500.49.18.1 * qemu-arm-7.1.0-150500.49.18.1 * Server Applications Module 15-SP5 (aarch64 ppc64le x86_64) * qemu-chardev-spice-7.1.0-150500.49.18.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.18.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.18.1 * qemu-ui-spice-app-7.1.0-150500.49.18.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-usb-redirect-7.1.0-150500.49.18.1 * qemu-ui-gtk-7.1.0-150500.49.18.1 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.18.1 * qemu-ui-opengl-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.18.1 * qemu-ui-spice-core-7.1.0-150500.49.18.1 * qemu-audio-spice-7.1.0-150500.49.18.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.18.1 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-display-qxl-7.1.0-150500.49.18.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.18.1 * Server Applications Module 15-SP5 (noarch) * qemu-sgabios-8-150500.49.18.1 * qemu-skiboot-7.1.0-150500.49.18.1 * qemu-ipxe-1.0.0+-150500.49.18.1 * qemu-SLOF-7.1.0-150500.49.18.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.18.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.18.1 * Server Applications Module 15-SP5 (ppc64le) * qemu-ppc-debuginfo-7.1.0-150500.49.18.1 * qemu-ppc-7.1.0-150500.49.18.1 * Server Applications Module 15-SP5 (s390x x86_64) * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.18.1 * qemu-kvm-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.18.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.18.1 * Server Applications Module 15-SP5 (s390x) * qemu-s390x-7.1.0-150500.49.18.1 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.18.1 * qemu-s390x-debuginfo-7.1.0-150500.49.18.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.18.1 * Server Applications Module 15-SP5 (x86_64) * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.18.1 * qemu-audio-alsa-7.1.0-150500.49.18.1 * qemu-audio-pa-debuginfo-7.1.0-150500.49.18.1 * qemu-x86-7.1.0-150500.49.18.1 * qemu-accel-tcg-x86-7.1.0-150500.49.18.1 * qemu-audio-alsa-debuginfo-7.1.0-150500.49.18.1 * qemu-x86-debuginfo-7.1.0-150500.49.18.1 * qemu-audio-pa-7.1.0-150500.49.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4467.html * https://bugzilla.suse.com/show_bug.cgi?id=1227322 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 2 16:30:37 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Sep 2024 16:30:37 -0000 Subject: SUSE-SU-2024:3076-1: important: Security update for python39 Message-ID: <172529463763.19318.2953769802588803838@smelt2.prg2.suse.org> # Security update for python39 Announcement ID: SUSE-SU-2024:3076-1 Rating: important References: * bsc#1227233 * bsc#1227378 * bsc#1227999 * bsc#1228780 Cross-References: * CVE-2024-5642 * CVE-2024-6923 CVSS scores: * CVE-2024-5642 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * Legacy Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities and has two security fixes can now be installed. ## Description: This update for python39 fixes the following issues: Security issues fixed: * CVE-2024-6923: Fixed email header injection due to unquoted newlines (bsc#1228780) * CVE-2024-5642: Removed support for anything but OpenSSL 1.1.1 or newer (bsc#1227233) Non-security issues fixed: * Fixed executable bits for /usr/bin/idle* (bsc#1227378). * Improve python reproducible builds (bsc#1227999) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3076=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3076=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3076=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3076=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3076=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-3076=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3076=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3076=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * python39-3.9.19-150300.4.49.1 * python39-tk-3.9.19-150300.4.49.1 * python39-base-debuginfo-3.9.19-150300.4.49.1 * python39-curses-debuginfo-3.9.19-150300.4.49.1 * python39-curses-3.9.19-150300.4.49.1 * python39-debugsource-3.9.19-150300.4.49.1 * python39-idle-3.9.19-150300.4.49.1 * libpython3_9-1_0-3.9.19-150300.4.49.1 * python39-base-3.9.19-150300.4.49.1 * python39-core-debugsource-3.9.19-150300.4.49.1 * python39-tk-debuginfo-3.9.19-150300.4.49.1 * python39-debuginfo-3.9.19-150300.4.49.1 * python39-devel-3.9.19-150300.4.49.1 * python39-tools-3.9.19-150300.4.49.1 * python39-dbm-3.9.19-150300.4.49.1 * libpython3_9-1_0-debuginfo-3.9.19-150300.4.49.1 * python39-dbm-debuginfo-3.9.19-150300.4.49.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * python39-3.9.19-150300.4.49.1 * python39-tk-3.9.19-150300.4.49.1 * python39-base-debuginfo-3.9.19-150300.4.49.1 * python39-curses-debuginfo-3.9.19-150300.4.49.1 * python39-curses-3.9.19-150300.4.49.1 * python39-debugsource-3.9.19-150300.4.49.1 * python39-idle-3.9.19-150300.4.49.1 * libpython3_9-1_0-3.9.19-150300.4.49.1 * python39-base-3.9.19-150300.4.49.1 * python39-core-debugsource-3.9.19-150300.4.49.1 * python39-tk-debuginfo-3.9.19-150300.4.49.1 * python39-debuginfo-3.9.19-150300.4.49.1 * python39-devel-3.9.19-150300.4.49.1 * python39-tools-3.9.19-150300.4.49.1 * python39-dbm-3.9.19-150300.4.49.1 * libpython3_9-1_0-debuginfo-3.9.19-150300.4.49.1 * python39-dbm-debuginfo-3.9.19-150300.4.49.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python39-3.9.19-150300.4.49.1 * python39-tk-3.9.19-150300.4.49.1 * python39-curses-debuginfo-3.9.19-150300.4.49.1 * libpython3_9-1_0-3.9.19-150300.4.49.1 * python39-dbm-3.9.19-150300.4.49.1 * python39-testsuite-debuginfo-3.9.19-150300.4.49.1 * python39-doc-devhelp-3.9.19-150300.4.49.1 * python39-base-debuginfo-3.9.19-150300.4.49.1 * python39-base-3.9.19-150300.4.49.1 * python39-tk-debuginfo-3.9.19-150300.4.49.1 * python39-curses-3.9.19-150300.4.49.1 * python39-idle-3.9.19-150300.4.49.1 * python39-core-debugsource-3.9.19-150300.4.49.1 * python39-devel-3.9.19-150300.4.49.1 * python39-testsuite-3.9.19-150300.4.49.1 * libpython3_9-1_0-debuginfo-3.9.19-150300.4.49.1 * python39-debugsource-3.9.19-150300.4.49.1 * python39-doc-3.9.19-150300.4.49.1 * python39-debuginfo-3.9.19-150300.4.49.1 * python39-tools-3.9.19-150300.4.49.1 * python39-dbm-debuginfo-3.9.19-150300.4.49.1 * openSUSE Leap 15.3 (x86_64) * libpython3_9-1_0-32bit-3.9.19-150300.4.49.1 * libpython3_9-1_0-32bit-debuginfo-3.9.19-150300.4.49.1 * python39-base-32bit-3.9.19-150300.4.49.1 * python39-base-32bit-debuginfo-3.9.19-150300.4.49.1 * python39-32bit-debuginfo-3.9.19-150300.4.49.1 * python39-32bit-3.9.19-150300.4.49.1 * openSUSE Leap 15.3 (aarch64_ilp32) * libpython3_9-1_0-64bit-debuginfo-3.9.19-150300.4.49.1 * python39-64bit-3.9.19-150300.4.49.1 * libpython3_9-1_0-64bit-3.9.19-150300.4.49.1 * python39-base-64bit-3.9.19-150300.4.49.1 * python39-64bit-debuginfo-3.9.19-150300.4.49.1 * python39-base-64bit-debuginfo-3.9.19-150300.4.49.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python39-3.9.19-150300.4.49.1 * python39-tk-3.9.19-150300.4.49.1 * python39-curses-debuginfo-3.9.19-150300.4.49.1 * libpython3_9-1_0-3.9.19-150300.4.49.1 * python39-dbm-3.9.19-150300.4.49.1 * python39-testsuite-debuginfo-3.9.19-150300.4.49.1 * python39-doc-devhelp-3.9.19-150300.4.49.1 * python39-base-debuginfo-3.9.19-150300.4.49.1 * python39-base-3.9.19-150300.4.49.1 * python39-tk-debuginfo-3.9.19-150300.4.49.1 * python39-curses-3.9.19-150300.4.49.1 * python39-idle-3.9.19-150300.4.49.1 * python39-core-debugsource-3.9.19-150300.4.49.1 * python39-devel-3.9.19-150300.4.49.1 * python39-testsuite-3.9.19-150300.4.49.1 * libpython3_9-1_0-debuginfo-3.9.19-150300.4.49.1 * python39-debugsource-3.9.19-150300.4.49.1 * python39-doc-3.9.19-150300.4.49.1 * python39-debuginfo-3.9.19-150300.4.49.1 * python39-tools-3.9.19-150300.4.49.1 * python39-dbm-debuginfo-3.9.19-150300.4.49.1 * openSUSE Leap 15.5 (x86_64) * libpython3_9-1_0-32bit-3.9.19-150300.4.49.1 * libpython3_9-1_0-32bit-debuginfo-3.9.19-150300.4.49.1 * python39-base-32bit-3.9.19-150300.4.49.1 * python39-base-32bit-debuginfo-3.9.19-150300.4.49.1 * python39-32bit-debuginfo-3.9.19-150300.4.49.1 * python39-32bit-3.9.19-150300.4.49.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python39-3.9.19-150300.4.49.1 * python39-tk-3.9.19-150300.4.49.1 * python39-curses-debuginfo-3.9.19-150300.4.49.1 * libpython3_9-1_0-3.9.19-150300.4.49.1 * python39-dbm-3.9.19-150300.4.49.1 * python39-testsuite-debuginfo-3.9.19-150300.4.49.1 * python39-doc-devhelp-3.9.19-150300.4.49.1 * python39-base-debuginfo-3.9.19-150300.4.49.1 * python39-base-3.9.19-150300.4.49.1 * python39-tk-debuginfo-3.9.19-150300.4.49.1 * python39-curses-3.9.19-150300.4.49.1 * python39-idle-3.9.19-150300.4.49.1 * python39-core-debugsource-3.9.19-150300.4.49.1 * python39-devel-3.9.19-150300.4.49.1 * python39-testsuite-3.9.19-150300.4.49.1 * libpython3_9-1_0-debuginfo-3.9.19-150300.4.49.1 * python39-debugsource-3.9.19-150300.4.49.1 * python39-doc-3.9.19-150300.4.49.1 * python39-debuginfo-3.9.19-150300.4.49.1 * python39-tools-3.9.19-150300.4.49.1 * python39-dbm-debuginfo-3.9.19-150300.4.49.1 * openSUSE Leap 15.6 (x86_64) * libpython3_9-1_0-32bit-3.9.19-150300.4.49.1 * libpython3_9-1_0-32bit-debuginfo-3.9.19-150300.4.49.1 * python39-base-32bit-3.9.19-150300.4.49.1 * python39-base-32bit-debuginfo-3.9.19-150300.4.49.1 * python39-32bit-debuginfo-3.9.19-150300.4.49.1 * python39-32bit-3.9.19-150300.4.49.1 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python39-3.9.19-150300.4.49.1 * python39-curses-3.9.19-150300.4.49.1 * libpython3_9-1_0-3.9.19-150300.4.49.1 * python39-base-3.9.19-150300.4.49.1 * python39-dbm-3.9.19-150300.4.49.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * python39-3.9.19-150300.4.49.1 * python39-tk-3.9.19-150300.4.49.1 * python39-base-debuginfo-3.9.19-150300.4.49.1 * python39-curses-debuginfo-3.9.19-150300.4.49.1 * python39-curses-3.9.19-150300.4.49.1 * python39-debugsource-3.9.19-150300.4.49.1 * python39-idle-3.9.19-150300.4.49.1 * libpython3_9-1_0-3.9.19-150300.4.49.1 * python39-base-3.9.19-150300.4.49.1 * python39-core-debugsource-3.9.19-150300.4.49.1 * python39-tk-debuginfo-3.9.19-150300.4.49.1 * python39-debuginfo-3.9.19-150300.4.49.1 * python39-devel-3.9.19-150300.4.49.1 * python39-tools-3.9.19-150300.4.49.1 * python39-dbm-3.9.19-150300.4.49.1 * libpython3_9-1_0-debuginfo-3.9.19-150300.4.49.1 * python39-dbm-debuginfo-3.9.19-150300.4.49.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * python39-3.9.19-150300.4.49.1 * python39-tk-3.9.19-150300.4.49.1 * python39-base-debuginfo-3.9.19-150300.4.49.1 * python39-curses-debuginfo-3.9.19-150300.4.49.1 * python39-curses-3.9.19-150300.4.49.1 * python39-debugsource-3.9.19-150300.4.49.1 * python39-idle-3.9.19-150300.4.49.1 * libpython3_9-1_0-3.9.19-150300.4.49.1 * python39-base-3.9.19-150300.4.49.1 * python39-core-debugsource-3.9.19-150300.4.49.1 * python39-tk-debuginfo-3.9.19-150300.4.49.1 * python39-debuginfo-3.9.19-150300.4.49.1 * python39-devel-3.9.19-150300.4.49.1 * python39-tools-3.9.19-150300.4.49.1 * python39-dbm-3.9.19-150300.4.49.1 * libpython3_9-1_0-debuginfo-3.9.19-150300.4.49.1 * python39-dbm-debuginfo-3.9.19-150300.4.49.1 ## References: * https://www.suse.com/security/cve/CVE-2024-5642.html * https://www.suse.com/security/cve/CVE-2024-6923.html * https://bugzilla.suse.com/show_bug.cgi?id=1227233 * https://bugzilla.suse.com/show_bug.cgi?id=1227378 * https://bugzilla.suse.com/show_bug.cgi?id=1227999 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 2 16:30:43 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Sep 2024 16:30:43 -0000 Subject: SUSE-SU-2024:3075-1: important: Security update for xen Message-ID: <172529464325.19318.11587321064033595030@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:3075-1 Rating: important References: * bsc#1027519 * bsc#1228574 * bsc#1228575 Cross-References: * CVE-2024-31145 * CVE-2024-31146 CVSS scores: * CVE-2024-31145 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2024-31146 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping (XSA-460, bsc#1228574) * CVE-2024-31146: Fixed PCI device pass-through with shared resources (XSA-461, bsc#1228575) Other fixes: \- Update to Xen 4.17.5 security bug fix release (bsc#1027519) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3075=1 openSUSE-SLE-15.5-2024-3075=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3075=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3075=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3075=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3075=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64 i586) * xen-libs-debuginfo-4.17.5_02-150500.3.36.1 * xen-libs-4.17.5_02-150500.3.36.1 * xen-tools-domU-4.17.5_02-150500.3.36.1 * xen-debugsource-4.17.5_02-150500.3.36.1 * xen-devel-4.17.5_02-150500.3.36.1 * xen-tools-domU-debuginfo-4.17.5_02-150500.3.36.1 * openSUSE Leap 15.5 (x86_64) * xen-libs-32bit-debuginfo-4.17.5_02-150500.3.36.1 * xen-libs-32bit-4.17.5_02-150500.3.36.1 * openSUSE Leap 15.5 (aarch64 x86_64) * xen-4.17.5_02-150500.3.36.1 * xen-tools-4.17.5_02-150500.3.36.1 * xen-tools-debuginfo-4.17.5_02-150500.3.36.1 * xen-doc-html-4.17.5_02-150500.3.36.1 * openSUSE Leap 15.5 (noarch) * xen-tools-xendomains-wait-disk-4.17.5_02-150500.3.36.1 * openSUSE Leap 15.5 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.17.5_02-150500.3.36.1 * xen-libs-64bit-4.17.5_02-150500.3.36.1 * openSUSE Leap Micro 5.5 (x86_64) * xen-libs-debuginfo-4.17.5_02-150500.3.36.1 * xen-debugsource-4.17.5_02-150500.3.36.1 * xen-libs-4.17.5_02-150500.3.36.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * xen-libs-debuginfo-4.17.5_02-150500.3.36.1 * xen-debugsource-4.17.5_02-150500.3.36.1 * xen-libs-4.17.5_02-150500.3.36.1 * Basesystem Module 15-SP5 (x86_64) * xen-libs-debuginfo-4.17.5_02-150500.3.36.1 * xen-libs-4.17.5_02-150500.3.36.1 * xen-tools-domU-4.17.5_02-150500.3.36.1 * xen-debugsource-4.17.5_02-150500.3.36.1 * xen-tools-domU-debuginfo-4.17.5_02-150500.3.36.1 * Server Applications Module 15-SP5 (x86_64) * xen-tools-4.17.5_02-150500.3.36.1 * xen-debugsource-4.17.5_02-150500.3.36.1 * xen-tools-debuginfo-4.17.5_02-150500.3.36.1 * xen-devel-4.17.5_02-150500.3.36.1 * xen-4.17.5_02-150500.3.36.1 * Server Applications Module 15-SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.5_02-150500.3.36.1 ## References: * https://www.suse.com/security/cve/CVE-2024-31145.html * https://www.suse.com/security/cve/CVE-2024-31146.html * https://bugzilla.suse.com/show_bug.cgi?id=1027519 * https://bugzilla.suse.com/show_bug.cgi?id=1228574 * https://bugzilla.suse.com/show_bug.cgi?id=1228575 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 2 16:30:45 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Sep 2024 16:30:45 -0000 Subject: SUSE-SU-2024:3074-1: low: Security update for unbound Message-ID: <172529464556.19318.17958100116412231062@smelt2.prg2.suse.org> # Security update for unbound Announcement ID: SUSE-SU-2024:3074-1 Rating: low References: * bsc#1229068 Cross-References: * CVE-2024-43167 CVSS scores: * CVE-2024-43167 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-43167 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for unbound fixes the following issues: * CVE-2024-43167: Fix null pointer dereference issue in function ub_ctx_set_fwd (bsc#1229068) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3074=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3074=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3074=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3074=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * unbound-devel-1.20.0-150100.10.16.1 * unbound-anchor-1.20.0-150100.10.16.1 * unbound-debuginfo-1.20.0-150100.10.16.1 * unbound-python-1.20.0-150100.10.16.1 * unbound-python-debuginfo-1.20.0-150100.10.16.1 * unbound-debugsource-1.20.0-150100.10.16.1 * libunbound8-debuginfo-1.20.0-150100.10.16.1 * libunbound8-1.20.0-150100.10.16.1 * unbound-1.20.0-150100.10.16.1 * unbound-anchor-debuginfo-1.20.0-150100.10.16.1 * openSUSE Leap 15.5 (noarch) * unbound-munin-1.20.0-150100.10.16.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * unbound-debuginfo-1.20.0-150100.10.16.1 * unbound-anchor-1.20.0-150100.10.16.1 * unbound-debugsource-1.20.0-150100.10.16.1 * libunbound8-debuginfo-1.20.0-150100.10.16.1 * libunbound8-1.20.0-150100.10.16.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * unbound-devel-1.20.0-150100.10.16.1 * unbound-debuginfo-1.20.0-150100.10.16.1 * unbound-anchor-1.20.0-150100.10.16.1 * unbound-debugsource-1.20.0-150100.10.16.1 * libunbound8-debuginfo-1.20.0-150100.10.16.1 * libunbound8-1.20.0-150100.10.16.1 * unbound-anchor-debuginfo-1.20.0-150100.10.16.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * unbound-python-1.20.0-150100.10.16.1 * unbound-debuginfo-1.20.0-150100.10.16.1 * unbound-debugsource-1.20.0-150100.10.16.1 * unbound-python-debuginfo-1.20.0-150100.10.16.1 * unbound-1.20.0-150100.10.16.1 ## References: * https://www.suse.com/security/cve/CVE-2024-43167.html * https://bugzilla.suse.com/show_bug.cgi?id=1229068 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 2 16:30:48 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 02 Sep 2024 16:30:48 -0000 Subject: SUSE-SU-2024:3073-1: important: Security update for bubblewrap and flatpak Message-ID: <172529464868.19318.174575220522106364@smelt2.prg2.suse.org> # Security update for bubblewrap and flatpak Announcement ID: SUSE-SU-2024:3073-1 Rating: important References: * bsc#1229157 Cross-References: * CVE-2024-42472 CVSS scores: * CVE-2024-42472 ( SUSE ): 9.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N * CVE-2024-42472 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for bubblewrap and flatpak fixes the following issues: * CVE-2024-42472: Fixed access to files outside sandbox for apps using persistent (bsc#1229157) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3073=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3073=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3073=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * bubblewrap-debugsource-0.3.3-3.3.1 * flatpak-1.4.2-3.9.1 * bubblewrap-debuginfo-0.3.3-3.3.1 * flatpak-debugsource-1.4.2-3.9.1 * libflatpak0-debuginfo-1.4.2-3.9.1 * bubblewrap-0.3.3-3.3.1 * libflatpak0-1.4.2-3.9.1 * typelib-1_0-Flatpak-1_0-1.4.2-3.9.1 * flatpak-debuginfo-1.4.2-3.9.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * bubblewrap-debugsource-0.3.3-3.3.1 * flatpak-1.4.2-3.9.1 * bubblewrap-debuginfo-0.3.3-3.3.1 * flatpak-debugsource-1.4.2-3.9.1 * libflatpak0-debuginfo-1.4.2-3.9.1 * bubblewrap-0.3.3-3.3.1 * libflatpak0-1.4.2-3.9.1 * typelib-1_0-Flatpak-1_0-1.4.2-3.9.1 * flatpak-debuginfo-1.4.2-3.9.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * bubblewrap-debugsource-0.3.3-3.3.1 * flatpak-1.4.2-3.9.1 * bubblewrap-debuginfo-0.3.3-3.3.1 * flatpak-debugsource-1.4.2-3.9.1 * libflatpak0-debuginfo-1.4.2-3.9.1 * bubblewrap-0.3.3-3.3.1 * libflatpak0-1.4.2-3.9.1 * typelib-1_0-Flatpak-1_0-1.4.2-3.9.1 * flatpak-debuginfo-1.4.2-3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-42472.html * https://bugzilla.suse.com/show_bug.cgi?id=1229157 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 08:30:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 08:30:03 -0000 Subject: SUSE-SU-2024:3086-1: low: Security update for glib2 Message-ID: <172535220340.18977.6253400838933887855@smelt2.prg2.suse.org> # Security update for glib2 Announcement ID: SUSE-SU-2024:3086-1 Rating: low References: * bsc#1224044 Cross-References: * CVE-2024-34397 CVSS scores: * CVE-2024-34397 ( SUSE ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for glib2 fixes the following issues: * Fixed a possible use after free regression introduced by CVE-2024-34397 patch (bsc#1224044). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3086=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3086=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3086=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3086=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3086=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3086=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3086=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3086=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3086=1 ## Package List: * openSUSE Leap 15.4 (noarch) * gio-branding-upstream-2.70.5-150400.3.14.1 * glib2-lang-2.70.5-150400.3.14.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * glib2-tools-2.70.5-150400.3.14.1 * glib2-tests-devel-2.70.5-150400.3.14.1 * libgthread-2_0-0-2.70.5-150400.3.14.1 * libglib-2_0-0-2.70.5-150400.3.14.1 * libgio-2_0-0-2.70.5-150400.3.14.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgobject-2_0-0-2.70.5-150400.3.14.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-2.70.5-150400.3.14.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.14.1 * glib2-debugsource-2.70.5-150400.3.14.1 * glib2-devel-2.70.5-150400.3.14.1 * glib2-doc-2.70.5-150400.3.14.1 * glib2-tools-debuginfo-2.70.5-150400.3.14.1 * glib2-devel-static-2.70.5-150400.3.14.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.14.1 * glib2-devel-debuginfo-2.70.5-150400.3.14.1 * glib2-tests-devel-debuginfo-2.70.5-150400.3.14.1 * openSUSE Leap 15.4 (x86_64) * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.14.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.14.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.14.1 * libglib-2_0-0-32bit-2.70.5-150400.3.14.1 * glib2-devel-32bit-debuginfo-2.70.5-150400.3.14.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.14.1 * glib2-tools-32bit-debuginfo-2.70.5-150400.3.14.1 * libgthread-2_0-0-32bit-2.70.5-150400.3.14.1 * libgthread-2_0-0-32bit-debuginfo-2.70.5-150400.3.14.1 * glib2-tools-32bit-2.70.5-150400.3.14.1 * libgio-2_0-0-32bit-2.70.5-150400.3.14.1 * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.14.1 * glib2-devel-32bit-2.70.5-150400.3.14.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libglib-2_0-0-64bit-2.70.5-150400.3.14.1 * libgmodule-2_0-0-64bit-2.70.5-150400.3.14.1 * glib2-tools-64bit-debuginfo-2.70.5-150400.3.14.1 * libgobject-2_0-0-64bit-2.70.5-150400.3.14.1 * libgobject-2_0-0-64bit-debuginfo-2.70.5-150400.3.14.1 * libgthread-2_0-0-64bit-2.70.5-150400.3.14.1 * libgio-2_0-0-64bit-debuginfo-2.70.5-150400.3.14.1 * glib2-devel-64bit-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-64bit-debuginfo-2.70.5-150400.3.14.1 * libglib-2_0-0-64bit-debuginfo-2.70.5-150400.3.14.1 * glib2-tools-64bit-2.70.5-150400.3.14.1 * libgthread-2_0-0-64bit-debuginfo-2.70.5-150400.3.14.1 * glib2-devel-64bit-2.70.5-150400.3.14.1 * libgio-2_0-0-64bit-2.70.5-150400.3.14.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * glib2-tools-2.70.5-150400.3.14.1 * libglib-2_0-0-2.70.5-150400.3.14.1 * libgio-2_0-0-2.70.5-150400.3.14.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgobject-2_0-0-2.70.5-150400.3.14.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-2.70.5-150400.3.14.1 * glib2-debugsource-2.70.5-150400.3.14.1 * glib2-tools-debuginfo-2.70.5-150400.3.14.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.14.1 * openSUSE Leap 15.5 (noarch) * gio-branding-upstream-2.70.5-150400.3.14.1 * glib2-lang-2.70.5-150400.3.14.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * glib2-tools-2.70.5-150400.3.14.1 * glib2-tests-devel-2.70.5-150400.3.14.1 * libgthread-2_0-0-2.70.5-150400.3.14.1 * libglib-2_0-0-2.70.5-150400.3.14.1 * libgio-2_0-0-2.70.5-150400.3.14.1 * glib2-tools-debuginfo-2.70.5-150400.3.14.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgobject-2_0-0-2.70.5-150400.3.14.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-2.70.5-150400.3.14.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.14.1 * glib2-debugsource-2.70.5-150400.3.14.1 * glib2-devel-2.70.5-150400.3.14.1 * glib2-doc-2.70.5-150400.3.14.1 * glib2-devel-static-2.70.5-150400.3.14.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.14.1 * glib2-devel-debuginfo-2.70.5-150400.3.14.1 * glib2-tests-devel-debuginfo-2.70.5-150400.3.14.1 * openSUSE Leap 15.5 (x86_64) * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.14.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.14.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.14.1 * libglib-2_0-0-32bit-2.70.5-150400.3.14.1 * glib2-devel-32bit-debuginfo-2.70.5-150400.3.14.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.14.1 * glib2-tools-32bit-debuginfo-2.70.5-150400.3.14.1 * libgthread-2_0-0-32bit-2.70.5-150400.3.14.1 * libgthread-2_0-0-32bit-debuginfo-2.70.5-150400.3.14.1 * glib2-tools-32bit-2.70.5-150400.3.14.1 * libgio-2_0-0-32bit-2.70.5-150400.3.14.1 * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.14.1 * glib2-devel-32bit-2.70.5-150400.3.14.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * glib2-tools-2.70.5-150400.3.14.1 * libglib-2_0-0-2.70.5-150400.3.14.1 * libgio-2_0-0-2.70.5-150400.3.14.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgobject-2_0-0-2.70.5-150400.3.14.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-2.70.5-150400.3.14.1 * glib2-debugsource-2.70.5-150400.3.14.1 * glib2-tools-debuginfo-2.70.5-150400.3.14.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.14.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * glib2-tools-2.70.5-150400.3.14.1 * libglib-2_0-0-2.70.5-150400.3.14.1 * libgio-2_0-0-2.70.5-150400.3.14.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgobject-2_0-0-2.70.5-150400.3.14.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-2.70.5-150400.3.14.1 * glib2-debugsource-2.70.5-150400.3.14.1 * glib2-tools-debuginfo-2.70.5-150400.3.14.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.14.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * glib2-tools-2.70.5-150400.3.14.1 * libglib-2_0-0-2.70.5-150400.3.14.1 * libgio-2_0-0-2.70.5-150400.3.14.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgobject-2_0-0-2.70.5-150400.3.14.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-2.70.5-150400.3.14.1 * glib2-debugsource-2.70.5-150400.3.14.1 * glib2-tools-debuginfo-2.70.5-150400.3.14.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.14.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * glib2-tools-2.70.5-150400.3.14.1 * libglib-2_0-0-2.70.5-150400.3.14.1 * libgio-2_0-0-2.70.5-150400.3.14.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgobject-2_0-0-2.70.5-150400.3.14.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-2.70.5-150400.3.14.1 * glib2-debugsource-2.70.5-150400.3.14.1 * glib2-tools-debuginfo-2.70.5-150400.3.14.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.14.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * glib2-tools-2.70.5-150400.3.14.1 * libglib-2_0-0-2.70.5-150400.3.14.1 * libgio-2_0-0-2.70.5-150400.3.14.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgobject-2_0-0-2.70.5-150400.3.14.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-2.70.5-150400.3.14.1 * glib2-debugsource-2.70.5-150400.3.14.1 * glib2-tools-debuginfo-2.70.5-150400.3.14.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.14.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * glib2-tools-2.70.5-150400.3.14.1 * libgthread-2_0-0-2.70.5-150400.3.14.1 * libglib-2_0-0-2.70.5-150400.3.14.1 * libgio-2_0-0-2.70.5-150400.3.14.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgobject-2_0-0-2.70.5-150400.3.14.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-2.70.5-150400.3.14.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.14.1 * glib2-debugsource-2.70.5-150400.3.14.1 * glib2-devel-2.70.5-150400.3.14.1 * glib2-tools-debuginfo-2.70.5-150400.3.14.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.14.1 * glib2-devel-debuginfo-2.70.5-150400.3.14.1 * Basesystem Module 15-SP5 (noarch) * glib2-lang-2.70.5-150400.3.14.1 * Basesystem Module 15-SP5 (x86_64) * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.14.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.14.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.14.1 * libglib-2_0-0-32bit-2.70.5-150400.3.14.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.14.1 * libgio-2_0-0-32bit-2.70.5-150400.3.14.1 * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.14.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.14.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34397.html * https://bugzilla.suse.com/show_bug.cgi?id=1224044 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:30:49 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:30:49 -0000 Subject: SUSE-SU-2024:3120-1: critical: Security update for buildah, docker Message-ID: <172538104994.2742.4687073818208912582@smelt2.prg2.suse.org> # Security update for buildah, docker Announcement ID: SUSE-SU-2024:3120-1 Rating: critical References: * bsc#1214855 * bsc#1219267 * bsc#1219268 * bsc#1219438 * bsc#1221243 * bsc#1221677 * bsc#1221916 * bsc#1223409 * bsc#1224117 * bsc#1228324 Cross-References: * CVE-2024-1753 * CVE-2024-23651 * CVE-2024-23652 * CVE-2024-23653 * CVE-2024-24786 * CVE-2024-28180 * CVE-2024-3727 * CVE-2024-41110 CVSS scores: * CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-23651 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23651 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2024-23652 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2024-23652 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2024-23653 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23653 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-24786 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3727 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-41110 ( SUSE ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H Affected Products: * Containers Module 15-SP5 * Containers Module 15-SP6 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves eight vulnerabilities and has two security fixes can now be installed. ## Description: This update for buildah, docker fixes the following issues: Changes in docker: \- CVE-2024-23651: Fixed arbitrary files write due to race condition on mounts (bsc#1219267) \- CVE-2024-23652: Fixed insufficient validation of parent directory on mount (bsc#1219268) \- CVE-2024-23653: Fixed insufficient validation on entitlement on container creation via buildkit (bsc#1219438) \- CVE-2024-41110: A Authz zero length regression that could lead to authentication bypass was fixed (bsc#1228324) Other fixes: * Update to Docker 25.0.6-ce. See upstream changelog online at * Update to Docker 25.0.5-ce (bsc#1223409) * Fix BuildKit's symlink resolution logic to correctly handle non-lexical symlinks. (bsc#1221916) * Write volume options atomically so sudden system crashes won't result in future Docker starts failing due to empty files. (bsc#1214855) Changes in buildah: \- Update to version 1.35.4: * [release-1.35] Bump to Buildah v1.35.4 * [release-1.35] CVE-2024-3727 updates (bsc#1224117) * integration test: handle new labels in "bud and test --unsetlabel" * [release-1.35] Bump go-jose CVE-2024-28180 * [release-1.35] Bump ocicrypt and go-jose CVE-2024-28180 * Update to version 1.35.3: * [release-1.35] Bump to Buildah v1.35.3 * [release-1.35] correctly configure /etc/hosts and resolv.conf * [release-1.35] buildah: refactor resolv/hosts setup. * [release-1.35] rename the hostFile var to reflect * [release-1.35] Bump c/common to v0.58.1 * [release-1.35] Bump Buildah to v1.35.2 * [release-1.35] CVE-2024-24786 protobuf to 1.33 * [release-1.35] Bump to v1.35.2-dev * Update to version 1.35.1: * [release-1.35] Bump to v1.35.1 * [release-1.35] CVE-2024-1753 container escape fix (bsc#1221677) * Buildah dropped cni support, require netavark instead (bsc#1221243) * Remove obsolete requires libcontainers-image & libcontainers-storage * Require passt for rootless networking (poo#156955) Buildah moved to passt/pasta for rootless networking from slirp4netns (https://github.com/containers/common/pull/1846) * Update to version 1.35.0: * Bump v1.35.0 * Bump c/common v0.58.0, c/image v5.30.0, c/storage v1.53.0 * conformance tests: don't break on trailing zeroes in layer blobs * Add a conformance test for copying to a mounted prior stage * fix(deps): update module github.com/stretchr/testify to v1.9.0 * cgroups: reuse version check from c/common * Update vendor of containers/(common,image) * fix(deps): update github.com/containers/storage digest to eadc620 * fix(deps): update github.com/containers/luksy digest to ceb12d4 * fix(deps): update github.com/containers/image/v5 digest to cdc6802 * manifest add: complain if we get artifact flags without --artifact * Use retry logic from containers/common * Vendor in containers/(storage,image,common) * Update module golang.org/x/crypto to v0.20.0 * Add comment re: Total Success task name * tests: skip_if_no_unshare(): check for --setuid * Properly handle build --pull=false * [skip-ci] Update tim-actions/get-pr-commits action to v1.3.1 * Update module go.etcd.io/bbolt to v1.3.9 * Revert "Reduce official image size" * Update module github.com/opencontainers/image-spec to v1.1.0 * Reduce official image size * Build with CNI support on FreeBSD * build --all-platforms: skip some base "image" platforms * Bump main to v1.35.0-dev * Vendor in latest containers/(storage,image,common) * Split up error messages for missing --sbom related flags * `buildah manifest`: add artifact-related options * cmd/buildah/manifest.go: lock lists before adding/annotating/pushing * cmd/buildah/manifest.go: don't make struct declarations aliases * Use golang.org/x/exp/slices.Contains * Disable loong64 again * Fix a couple of typos in one-line comments * egrep is obsolescent; use grep -E * Try Cirrus with a newer VM version * Set CONTAINERS_CONF in the chroot-mount-flags integration test * Update to match dependency API update * Update github.com/openshift/imagebuilder and containers/common * docs: correct default authfile path * fix(deps): update module github.com/containerd/containerd to v1.7.13 * tests: retrofit test for heredoc summary * build, heredoc: show heredoc summary in build output * manifest, push: add support for --retry and --retry-delay * fix(deps): update github.com/openshift/imagebuilder digest to b767bc3 * imagebuildah: fix crash with empty RUN * fix(deps): update github.com/containers/luksy digest to b62d551 * fix(deps): update module github.com/opencontainers/runc to v1.1.12 [security] * fix(deps): update module github.com/moby/buildkit to v0.12.5 [security] * Make buildah match podman for handling of ulimits * docs: move footnotes to where they're applicable * Allow users to specify no-dereference * Run codespell on code * Fix FreeBSD version parsing * Fix a build break on FreeBSD * Remove a bad FROM line * fix(deps): update module github.com/onsi/gomega to v1.31.1 * fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc6 * docs: use reversed logo for dark theme in README * build,commit: add --sbom to scan and produce SBOMs when committing * commit: force omitHistory if the parent has layers but no history * docs: fix a couple of typos * internal/mkcw.Archive(): handle extra image content * stage_executor,heredoc: honor interpreter in heredoc * stage_executor,layers: burst cache if heredoc content is changed * fix(deps): update module golang.org/x/crypto to v0.18.0 * Replace map[K]bool with map[K]struct{} where it makes sense * fix(deps): update module golang.org/x/sync to v0.6.0 * fix(deps): update module golang.org/x/term to v0.16.0 * Bump CI VMs * Replace strings.SplitN with strings.Cut * fix(deps): update github.com/containers/storage digest to ef81e9b * fix(deps): update github.com/containers/image/v5 digest to 1b221d4 * fix(deps): update module github.com/fsouza/go-dockerclient to v1.10.1 * Document use of containers-transports values in buildah * fix(deps): update module golang.org/x/crypto to v0.17.0 [security] * chore(deps): update dependency containers/automation_images to v20231208 * manifest: addCompression use default from containers.conf * commit: add a --add-file flag * mkcw: populate the rootfs using an overlay * chore(deps): update dependency containers/automation_images to v20230517 * [skip-ci] Update actions/stale action to v9 * fix(deps): update module github.com/containernetworking/plugins to v1.4.0 * fix(deps): update github.com/containers/image/v5 digest to 7a40fee * Bump to v1.34.1-dev * Ignore errors if label.Relabel returns ENOSUP ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3120=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3120=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3120=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3120=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3120=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3120=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3120=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3120=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3120=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3120=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-3120=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3120=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3120=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3120=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3120=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3120=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3120=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3120=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3120=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3120=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3120=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3120=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3120=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3120=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3120=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * buildah-1.35.4-150300.8.25.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * docker-25.0.6_ce-150000.207.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * docker-25.0.6_ce-150000.207.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * openSUSE Leap 15.5 (noarch) * docker-rootless-extras-25.0.6_ce-150000.207.1 * docker-zsh-completion-25.0.6_ce-150000.207.1 * docker-bash-completion-25.0.6_ce-150000.207.1 * docker-fish-completion-25.0.6_ce-150000.207.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * docker-25.0.6_ce-150000.207.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * openSUSE Leap 15.6 (noarch) * docker-rootless-extras-25.0.6_ce-150000.207.1 * docker-zsh-completion-25.0.6_ce-150000.207.1 * docker-bash-completion-25.0.6_ce-150000.207.1 * docker-fish-completion-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * docker-25.0.6_ce-150000.207.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * docker-25.0.6_ce-150000.207.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * docker-25.0.6_ce-150000.207.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * docker-25.0.6_ce-150000.207.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * docker-25.0.6_ce-150000.207.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * docker-25.0.6_ce-150000.207.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * Containers Module 15-SP5 (noarch) * docker-rootless-extras-25.0.6_ce-150000.207.1 * docker-bash-completion-25.0.6_ce-150000.207.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * docker-25.0.6_ce-150000.207.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * Containers Module 15-SP6 (noarch) * docker-rootless-extras-25.0.6_ce-150000.207.1 * docker-bash-completion-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * docker-25.0.6_ce-150000.207.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * docker-bash-completion-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * docker-25.0.6_ce-150000.207.1 * buildah-1.35.4-150300.8.25.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * docker-bash-completion-25.0.6_ce-150000.207.1 * docker-fish-completion-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * docker-25.0.6_ce-150000.207.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * docker-rootless-extras-25.0.6_ce-150000.207.1 * docker-bash-completion-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * docker-25.0.6_ce-150000.207.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * docker-rootless-extras-25.0.6_ce-150000.207.1 * docker-bash-completion-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * docker-25.0.6_ce-150000.207.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * docker-bash-completion-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * docker-25.0.6_ce-150000.207.1 * buildah-1.35.4-150300.8.25.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * docker-bash-completion-25.0.6_ce-150000.207.1 * docker-fish-completion-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * docker-25.0.6_ce-150000.207.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * docker-rootless-extras-25.0.6_ce-150000.207.1 * docker-bash-completion-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * docker-25.0.6_ce-150000.207.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * docker-bash-completion-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * docker-25.0.6_ce-150000.207.1 * buildah-1.35.4-150300.8.25.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * docker-bash-completion-25.0.6_ce-150000.207.1 * docker-fish-completion-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * docker-25.0.6_ce-150000.207.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * docker-rootless-extras-25.0.6_ce-150000.207.1 * docker-bash-completion-25.0.6_ce-150000.207.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * docker-25.0.6_ce-150000.207.1 * buildah-1.35.4-150300.8.25.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * SUSE Enterprise Storage 7.1 (noarch) * docker-bash-completion-25.0.6_ce-150000.207.1 * docker-fish-completion-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * docker-25.0.6_ce-150000.207.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * docker-25.0.6_ce-150000.207.1 * docker-debuginfo-25.0.6_ce-150000.207.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * docker-25.0.6_ce-150000.207.1 * docker-debuginfo-25.0.6_ce-150000.207.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1753.html * https://www.suse.com/security/cve/CVE-2024-23651.html * https://www.suse.com/security/cve/CVE-2024-23652.html * https://www.suse.com/security/cve/CVE-2024-23653.html * https://www.suse.com/security/cve/CVE-2024-24786.html * https://www.suse.com/security/cve/CVE-2024-28180.html * https://www.suse.com/security/cve/CVE-2024-3727.html * https://www.suse.com/security/cve/CVE-2024-41110.html * https://bugzilla.suse.com/show_bug.cgi?id=1214855 * https://bugzilla.suse.com/show_bug.cgi?id=1219267 * https://bugzilla.suse.com/show_bug.cgi?id=1219268 * https://bugzilla.suse.com/show_bug.cgi?id=1219438 * https://bugzilla.suse.com/show_bug.cgi?id=1221243 * https://bugzilla.suse.com/show_bug.cgi?id=1221677 * https://bugzilla.suse.com/show_bug.cgi?id=1221916 * https://bugzilla.suse.com/show_bug.cgi?id=1223409 * https://bugzilla.suse.com/show_bug.cgi?id=1224117 * https://bugzilla.suse.com/show_bug.cgi?id=1228324 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:30:53 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:30:53 -0000 Subject: SUSE-SU-2024:3119-1: moderate: Security update for openssl-1_0_0 Message-ID: <172538105356.2742.18234298601995753748@smelt2.prg2.suse.org> # Security update for openssl-1_0_0 Announcement ID: SUSE-SU-2024:3119-1 Rating: moderate References: * bsc#1227138 * bsc#1227227 Cross-References: * CVE-2024-5535 CVSS scores: * CVE-2024-5535 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Legacy Module 15-SP5 * Legacy Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for openssl-1_0_0 fixes the following issues: * CVE-2024-5535: Fixed a buffer overread in function SSL_select_next_proto() with an empty supported client protocols buffer (bsc#1227138, bsc#1227227) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3119=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3119=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3119=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3119=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3119=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3119=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-3119=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-3119=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3119=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3119=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3119=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3119=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3119=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3119=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * openssl-1_0_0-1.0.2p-150000.3.94.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.94.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.94.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.94.1 * libopenssl1_0_0-1.0.2p-150000.3.94.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * openssl-1_0_0-1.0.2p-150000.3.94.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl10-1.0.2p-150000.3.94.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.94.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.94.1 * libopenssl10-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-1.0.2p-150000.3.94.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * openssl-1_0_0-1.0.2p-150000.3.94.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-hmac-1.0.2p-150000.3.94.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl10-1.0.2p-150000.3.94.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.94.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.94.1 * libopenssl10-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-1.0.2p-150000.3.94.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * openssl-1_0_0-1.0.2p-150000.3.94.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl10-1.0.2p-150000.3.94.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.94.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.94.1 * libopenssl10-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-1.0.2p-150000.3.94.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * openssl-1_0_0-1.0.2p-150000.3.94.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-hmac-1.0.2p-150000.3.94.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl10-1.0.2p-150000.3.94.1 * libopenssl1_0_0-steam-1.0.2p-150000.3.94.1 * openssl-1_0_0-cavs-1.0.2p-150000.3.94.1 * openssl-1_0_0-cavs-debuginfo-1.0.2p-150000.3.94.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.94.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.94.1 * libopenssl1_0_0-steam-debuginfo-1.0.2p-150000.3.94.1 * libopenssl10-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-1.0.2p-150000.3.94.1 * openSUSE Leap 15.5 (x86_64) * libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.94.1 * libopenssl1_0_0-steam-32bit-debuginfo-1.0.2p-150000.3.94.1 * libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.94.1 * libopenssl1_0_0-32bit-1.0.2p-150000.3.94.1 * libopenssl1_0_0-32bit-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.94.1 * openSUSE Leap 15.5 (noarch) * openssl-1_0_0-doc-1.0.2p-150000.3.94.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * openssl-1_0_0-1.0.2p-150000.3.94.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-hmac-1.0.2p-150000.3.94.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl10-1.0.2p-150000.3.94.1 * libopenssl1_0_0-steam-1.0.2p-150000.3.94.1 * openssl-1_0_0-cavs-1.0.2p-150000.3.94.1 * openssl-1_0_0-cavs-debuginfo-1.0.2p-150000.3.94.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.94.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.94.1 * libopenssl1_0_0-steam-debuginfo-1.0.2p-150000.3.94.1 * libopenssl10-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-1.0.2p-150000.3.94.1 * openSUSE Leap 15.6 (x86_64) * libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.94.1 * libopenssl1_0_0-steam-32bit-debuginfo-1.0.2p-150000.3.94.1 * libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.94.1 * libopenssl1_0_0-32bit-1.0.2p-150000.3.94.1 * libopenssl1_0_0-32bit-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.94.1 * openSUSE Leap 15.6 (noarch) * openssl-1_0_0-doc-1.0.2p-150000.3.94.1 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * openssl-1_0_0-1.0.2p-150000.3.94.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-hmac-1.0.2p-150000.3.94.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl10-1.0.2p-150000.3.94.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.94.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.94.1 * libopenssl10-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-1.0.2p-150000.3.94.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openssl-1_0_0-1.0.2p-150000.3.94.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-hmac-1.0.2p-150000.3.94.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl10-1.0.2p-150000.3.94.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.94.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.94.1 * libopenssl10-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-1.0.2p-150000.3.94.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * openssl-1_0_0-1.0.2p-150000.3.94.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl10-1.0.2p-150000.3.94.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.94.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.94.1 * libopenssl10-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-1.0.2p-150000.3.94.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * openssl-1_0_0-1.0.2p-150000.3.94.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-hmac-1.0.2p-150000.3.94.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl10-1.0.2p-150000.3.94.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.94.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.94.1 * libopenssl10-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-1.0.2p-150000.3.94.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * openssl-1_0_0-1.0.2p-150000.3.94.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-hmac-1.0.2p-150000.3.94.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl10-1.0.2p-150000.3.94.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.94.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.94.1 * libopenssl10-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-1.0.2p-150000.3.94.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * openssl-1_0_0-1.0.2p-150000.3.94.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.94.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.94.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.94.1 * libopenssl1_0_0-1.0.2p-150000.3.94.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * openssl-1_0_0-1.0.2p-150000.3.94.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl10-1.0.2p-150000.3.94.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.94.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.94.1 * libopenssl10-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-1.0.2p-150000.3.94.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * openssl-1_0_0-1.0.2p-150000.3.94.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-hmac-1.0.2p-150000.3.94.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.94.1 * libopenssl10-1.0.2p-150000.3.94.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.94.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.94.1 * libopenssl10-debuginfo-1.0.2p-150000.3.94.1 * libopenssl1_0_0-1.0.2p-150000.3.94.1 ## References: * https://www.suse.com/security/cve/CVE-2024-5535.html * https://bugzilla.suse.com/show_bug.cgi?id=1227138 * https://bugzilla.suse.com/show_bug.cgi?id=1227227 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:30:57 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:30:57 -0000 Subject: SUSE-SU-2024:3118-1: important: Security update for dovecot23 Message-ID: <172538105798.2742.12736631869875340258@smelt2.prg2.suse.org> # Security update for dovecot23 Announcement ID: SUSE-SU-2024:3118-1 Rating: important References: * bsc#1229183 * bsc#1229184 Cross-References: * CVE-2024-23184 * CVE-2024-23185 CVSS scores: * CVE-2024-23184 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L * CVE-2024-23184 ( SUSE ): 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L * CVE-2024-23185 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-23185 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Server Applications Module 15-SP5 * Server Applications Module 15-SP6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for dovecot23 fixes the following issues: * CVE-2024-23185: Fixed a denial of service with large headers (bsc#1229183) * CVE-2024-23184: Fixed a denial of service parsing messages containing many address headers (bsc#1229184) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3118=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3118=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3118=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-3118=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3118=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3118=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3118=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3118=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3118=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3118=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3118=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3118=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3118=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3118=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3118=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3118=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3118=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3118=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * dovecot23-fts-squat-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-solr-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-pgsql-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-2.3.15-150200.65.1 * dovecot23-backend-mysql-debuginfo-2.3.15-150200.65.1 * dovecot23-devel-2.3.15-150200.65.1 * dovecot23-debuginfo-2.3.15-150200.65.1 * dovecot23-debugsource-2.3.15-150200.65.1 * dovecot23-backend-mysql-2.3.15-150200.65.1 * dovecot23-fts-squat-2.3.15-150200.65.1 * dovecot23-fts-solr-2.3.15-150200.65.1 * dovecot23-backend-sqlite-debuginfo-2.3.15-150200.65.1 * dovecot23-2.3.15-150200.65.1 * dovecot23-fts-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-sqlite-2.3.15-150200.65.1 * dovecot23-backend-pgsql-2.3.15-150200.65.1 * dovecot23-fts-2.3.15-150200.65.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * dovecot23-fts-squat-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-solr-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-pgsql-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-2.3.15-150200.65.1 * dovecot23-backend-mysql-debuginfo-2.3.15-150200.65.1 * dovecot23-devel-2.3.15-150200.65.1 * dovecot23-debuginfo-2.3.15-150200.65.1 * dovecot23-debugsource-2.3.15-150200.65.1 * dovecot23-backend-mysql-2.3.15-150200.65.1 * dovecot23-fts-squat-2.3.15-150200.65.1 * dovecot23-fts-solr-2.3.15-150200.65.1 * dovecot23-backend-sqlite-debuginfo-2.3.15-150200.65.1 * dovecot23-2.3.15-150200.65.1 * dovecot23-fts-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-sqlite-2.3.15-150200.65.1 * dovecot23-backend-pgsql-2.3.15-150200.65.1 * dovecot23-fts-2.3.15-150200.65.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * dovecot23-fts-squat-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-solr-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-pgsql-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-2.3.15-150200.65.1 * dovecot23-backend-mysql-debuginfo-2.3.15-150200.65.1 * dovecot23-devel-2.3.15-150200.65.1 * dovecot23-debuginfo-2.3.15-150200.65.1 * dovecot23-debugsource-2.3.15-150200.65.1 * dovecot23-backend-mysql-2.3.15-150200.65.1 * dovecot23-fts-squat-2.3.15-150200.65.1 * dovecot23-fts-solr-2.3.15-150200.65.1 * dovecot23-backend-sqlite-debuginfo-2.3.15-150200.65.1 * dovecot23-2.3.15-150200.65.1 * dovecot23-fts-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-sqlite-2.3.15-150200.65.1 * dovecot23-backend-pgsql-2.3.15-150200.65.1 * dovecot23-fts-2.3.15-150200.65.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * dovecot23-fts-squat-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-solr-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-pgsql-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-2.3.15-150200.65.1 * dovecot23-backend-mysql-debuginfo-2.3.15-150200.65.1 * dovecot23-devel-2.3.15-150200.65.1 * dovecot23-debuginfo-2.3.15-150200.65.1 * dovecot23-debugsource-2.3.15-150200.65.1 * dovecot23-backend-mysql-2.3.15-150200.65.1 * dovecot23-fts-squat-2.3.15-150200.65.1 * dovecot23-fts-solr-2.3.15-150200.65.1 * dovecot23-backend-sqlite-debuginfo-2.3.15-150200.65.1 * dovecot23-2.3.15-150200.65.1 * dovecot23-fts-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-sqlite-2.3.15-150200.65.1 * dovecot23-backend-pgsql-2.3.15-150200.65.1 * dovecot23-fts-2.3.15-150200.65.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * dovecot23-fts-squat-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-solr-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-pgsql-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-2.3.15-150200.65.1 * dovecot23-backend-mysql-debuginfo-2.3.15-150200.65.1 * dovecot23-devel-2.3.15-150200.65.1 * dovecot23-debuginfo-2.3.15-150200.65.1 * dovecot23-debugsource-2.3.15-150200.65.1 * dovecot23-backend-mysql-2.3.15-150200.65.1 * dovecot23-fts-squat-2.3.15-150200.65.1 * dovecot23-fts-solr-2.3.15-150200.65.1 * dovecot23-backend-sqlite-debuginfo-2.3.15-150200.65.1 * dovecot23-2.3.15-150200.65.1 * dovecot23-fts-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-sqlite-2.3.15-150200.65.1 * dovecot23-backend-pgsql-2.3.15-150200.65.1 * dovecot23-fts-2.3.15-150200.65.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * dovecot23-fts-squat-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-solr-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-pgsql-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-2.3.15-150200.65.1 * dovecot23-backend-mysql-debuginfo-2.3.15-150200.65.1 * dovecot23-devel-2.3.15-150200.65.1 * dovecot23-debuginfo-2.3.15-150200.65.1 * dovecot23-debugsource-2.3.15-150200.65.1 * dovecot23-backend-mysql-2.3.15-150200.65.1 * dovecot23-fts-squat-2.3.15-150200.65.1 * dovecot23-fts-solr-2.3.15-150200.65.1 * dovecot23-backend-sqlite-debuginfo-2.3.15-150200.65.1 * dovecot23-2.3.15-150200.65.1 * dovecot23-fts-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-sqlite-2.3.15-150200.65.1 * dovecot23-backend-pgsql-2.3.15-150200.65.1 * dovecot23-fts-2.3.15-150200.65.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * dovecot23-fts-squat-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-solr-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-pgsql-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-2.3.15-150200.65.1 * dovecot23-backend-mysql-debuginfo-2.3.15-150200.65.1 * dovecot23-devel-2.3.15-150200.65.1 * dovecot23-debuginfo-2.3.15-150200.65.1 * dovecot23-debugsource-2.3.15-150200.65.1 * dovecot23-backend-mysql-2.3.15-150200.65.1 * dovecot23-fts-squat-2.3.15-150200.65.1 * dovecot23-fts-solr-2.3.15-150200.65.1 * dovecot23-backend-sqlite-debuginfo-2.3.15-150200.65.1 * dovecot23-2.3.15-150200.65.1 * dovecot23-fts-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-sqlite-2.3.15-150200.65.1 * dovecot23-backend-pgsql-2.3.15-150200.65.1 * dovecot23-fts-2.3.15-150200.65.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * dovecot23-fts-squat-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-solr-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-pgsql-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-2.3.15-150200.65.1 * dovecot23-backend-mysql-debuginfo-2.3.15-150200.65.1 * dovecot23-devel-2.3.15-150200.65.1 * dovecot23-debuginfo-2.3.15-150200.65.1 * dovecot23-debugsource-2.3.15-150200.65.1 * dovecot23-backend-mysql-2.3.15-150200.65.1 * dovecot23-fts-squat-2.3.15-150200.65.1 * dovecot23-fts-solr-2.3.15-150200.65.1 * dovecot23-backend-sqlite-debuginfo-2.3.15-150200.65.1 * dovecot23-2.3.15-150200.65.1 * dovecot23-fts-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-sqlite-2.3.15-150200.65.1 * dovecot23-backend-pgsql-2.3.15-150200.65.1 * dovecot23-fts-2.3.15-150200.65.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * dovecot23-fts-squat-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-solr-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-pgsql-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-2.3.15-150200.65.1 * dovecot23-backend-mysql-debuginfo-2.3.15-150200.65.1 * dovecot23-devel-2.3.15-150200.65.1 * dovecot23-debuginfo-2.3.15-150200.65.1 * dovecot23-debugsource-2.3.15-150200.65.1 * dovecot23-backend-mysql-2.3.15-150200.65.1 * dovecot23-fts-squat-2.3.15-150200.65.1 * dovecot23-fts-solr-2.3.15-150200.65.1 * dovecot23-backend-sqlite-debuginfo-2.3.15-150200.65.1 * dovecot23-2.3.15-150200.65.1 * dovecot23-fts-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-sqlite-2.3.15-150200.65.1 * dovecot23-backend-pgsql-2.3.15-150200.65.1 * dovecot23-fts-2.3.15-150200.65.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * dovecot23-fts-squat-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-solr-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-pgsql-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-2.3.15-150200.65.1 * dovecot23-backend-mysql-debuginfo-2.3.15-150200.65.1 * dovecot23-devel-2.3.15-150200.65.1 * dovecot23-debuginfo-2.3.15-150200.65.1 * dovecot23-debugsource-2.3.15-150200.65.1 * dovecot23-backend-mysql-2.3.15-150200.65.1 * dovecot23-fts-squat-2.3.15-150200.65.1 * dovecot23-fts-solr-2.3.15-150200.65.1 * dovecot23-backend-sqlite-debuginfo-2.3.15-150200.65.1 * dovecot23-2.3.15-150200.65.1 * dovecot23-fts-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-sqlite-2.3.15-150200.65.1 * dovecot23-backend-pgsql-2.3.15-150200.65.1 * dovecot23-fts-2.3.15-150200.65.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * dovecot23-fts-squat-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-solr-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-pgsql-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-2.3.15-150200.65.1 * dovecot23-backend-mysql-debuginfo-2.3.15-150200.65.1 * dovecot23-devel-2.3.15-150200.65.1 * dovecot23-debuginfo-2.3.15-150200.65.1 * dovecot23-debugsource-2.3.15-150200.65.1 * dovecot23-backend-mysql-2.3.15-150200.65.1 * dovecot23-fts-squat-2.3.15-150200.65.1 * dovecot23-fts-solr-2.3.15-150200.65.1 * dovecot23-backend-sqlite-debuginfo-2.3.15-150200.65.1 * dovecot23-2.3.15-150200.65.1 * dovecot23-fts-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-sqlite-2.3.15-150200.65.1 * dovecot23-backend-pgsql-2.3.15-150200.65.1 * dovecot23-fts-2.3.15-150200.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * dovecot23-fts-squat-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-solr-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-pgsql-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-2.3.15-150200.65.1 * dovecot23-backend-mysql-debuginfo-2.3.15-150200.65.1 * dovecot23-devel-2.3.15-150200.65.1 * dovecot23-debuginfo-2.3.15-150200.65.1 * dovecot23-debugsource-2.3.15-150200.65.1 * dovecot23-backend-mysql-2.3.15-150200.65.1 * dovecot23-fts-squat-2.3.15-150200.65.1 * dovecot23-fts-solr-2.3.15-150200.65.1 * dovecot23-backend-sqlite-debuginfo-2.3.15-150200.65.1 * dovecot23-2.3.15-150200.65.1 * dovecot23-fts-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-sqlite-2.3.15-150200.65.1 * dovecot23-backend-pgsql-2.3.15-150200.65.1 * dovecot23-fts-2.3.15-150200.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * dovecot23-fts-squat-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-solr-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-pgsql-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-2.3.15-150200.65.1 * dovecot23-backend-mysql-debuginfo-2.3.15-150200.65.1 * dovecot23-devel-2.3.15-150200.65.1 * dovecot23-debuginfo-2.3.15-150200.65.1 * dovecot23-debugsource-2.3.15-150200.65.1 * dovecot23-backend-mysql-2.3.15-150200.65.1 * dovecot23-fts-squat-2.3.15-150200.65.1 * dovecot23-fts-solr-2.3.15-150200.65.1 * dovecot23-backend-sqlite-debuginfo-2.3.15-150200.65.1 * dovecot23-2.3.15-150200.65.1 * dovecot23-fts-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-sqlite-2.3.15-150200.65.1 * dovecot23-backend-pgsql-2.3.15-150200.65.1 * dovecot23-fts-2.3.15-150200.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * dovecot23-fts-squat-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-solr-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-pgsql-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-2.3.15-150200.65.1 * dovecot23-backend-mysql-debuginfo-2.3.15-150200.65.1 * dovecot23-devel-2.3.15-150200.65.1 * dovecot23-debuginfo-2.3.15-150200.65.1 * dovecot23-debugsource-2.3.15-150200.65.1 * dovecot23-backend-mysql-2.3.15-150200.65.1 * dovecot23-fts-squat-2.3.15-150200.65.1 * dovecot23-fts-solr-2.3.15-150200.65.1 * dovecot23-backend-sqlite-debuginfo-2.3.15-150200.65.1 * dovecot23-2.3.15-150200.65.1 * dovecot23-fts-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-sqlite-2.3.15-150200.65.1 * dovecot23-backend-pgsql-2.3.15-150200.65.1 * dovecot23-fts-2.3.15-150200.65.1 * SUSE Manager Proxy 4.3 (x86_64) * dovecot23-fts-squat-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-solr-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-pgsql-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-2.3.15-150200.65.1 * dovecot23-backend-mysql-debuginfo-2.3.15-150200.65.1 * dovecot23-devel-2.3.15-150200.65.1 * dovecot23-debuginfo-2.3.15-150200.65.1 * dovecot23-debugsource-2.3.15-150200.65.1 * dovecot23-backend-mysql-2.3.15-150200.65.1 * dovecot23-fts-squat-2.3.15-150200.65.1 * dovecot23-fts-solr-2.3.15-150200.65.1 * dovecot23-backend-sqlite-debuginfo-2.3.15-150200.65.1 * dovecot23-2.3.15-150200.65.1 * dovecot23-fts-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-sqlite-2.3.15-150200.65.1 * dovecot23-backend-pgsql-2.3.15-150200.65.1 * dovecot23-fts-2.3.15-150200.65.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * dovecot23-fts-squat-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-solr-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-pgsql-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-2.3.15-150200.65.1 * dovecot23-backend-mysql-debuginfo-2.3.15-150200.65.1 * dovecot23-devel-2.3.15-150200.65.1 * dovecot23-debuginfo-2.3.15-150200.65.1 * dovecot23-debugsource-2.3.15-150200.65.1 * dovecot23-backend-mysql-2.3.15-150200.65.1 * dovecot23-fts-squat-2.3.15-150200.65.1 * dovecot23-fts-solr-2.3.15-150200.65.1 * dovecot23-backend-sqlite-debuginfo-2.3.15-150200.65.1 * dovecot23-2.3.15-150200.65.1 * dovecot23-fts-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-sqlite-2.3.15-150200.65.1 * dovecot23-backend-pgsql-2.3.15-150200.65.1 * dovecot23-fts-2.3.15-150200.65.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * dovecot23-fts-squat-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-solr-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-pgsql-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-2.3.15-150200.65.1 * dovecot23-backend-mysql-debuginfo-2.3.15-150200.65.1 * dovecot23-devel-2.3.15-150200.65.1 * dovecot23-debuginfo-2.3.15-150200.65.1 * dovecot23-debugsource-2.3.15-150200.65.1 * dovecot23-backend-mysql-2.3.15-150200.65.1 * dovecot23-fts-squat-2.3.15-150200.65.1 * dovecot23-fts-solr-2.3.15-150200.65.1 * dovecot23-backend-sqlite-debuginfo-2.3.15-150200.65.1 * dovecot23-2.3.15-150200.65.1 * dovecot23-fts-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-sqlite-2.3.15-150200.65.1 * dovecot23-backend-pgsql-2.3.15-150200.65.1 * dovecot23-fts-2.3.15-150200.65.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * dovecot23-fts-squat-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-solr-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-pgsql-debuginfo-2.3.15-150200.65.1 * dovecot23-fts-lucene-2.3.15-150200.65.1 * dovecot23-backend-mysql-debuginfo-2.3.15-150200.65.1 * dovecot23-devel-2.3.15-150200.65.1 * dovecot23-debuginfo-2.3.15-150200.65.1 * dovecot23-debugsource-2.3.15-150200.65.1 * dovecot23-backend-mysql-2.3.15-150200.65.1 * dovecot23-fts-squat-2.3.15-150200.65.1 * dovecot23-fts-solr-2.3.15-150200.65.1 * dovecot23-backend-sqlite-debuginfo-2.3.15-150200.65.1 * dovecot23-2.3.15-150200.65.1 * dovecot23-fts-debuginfo-2.3.15-150200.65.1 * dovecot23-backend-sqlite-2.3.15-150200.65.1 * dovecot23-backend-pgsql-2.3.15-150200.65.1 * dovecot23-fts-2.3.15-150200.65.1 ## References: * https://www.suse.com/security/cve/CVE-2024-23184.html * https://www.suse.com/security/cve/CVE-2024-23185.html * https://bugzilla.suse.com/show_bug.cgi?id=1229183 * https://bugzilla.suse.com/show_bug.cgi?id=1229184 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:31:01 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:31:01 -0000 Subject: SUSE-SU-2024:3117-1: moderate: Security update for tiff Message-ID: <172538106179.2742.8116339524014383587@smelt2.prg2.suse.org> # Security update for tiff Announcement ID: SUSE-SU-2024:3117-1 Rating: moderate References: * bsc#1228924 Cross-References: * CVE-2024-7006 CVSS scores: * CVE-2024-7006 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-7006 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7006 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for tiff fixes the following issues: * CVE-2024-7006: Fixed null pointer dereference in tif_dirinfo.c (bsc#1228924) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3117=1 openSUSE-SLE-15.6-2024-3117=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3117=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3117=1 ## Package List: * openSUSE Leap 15.6 (x86_64) * libtiff-devel-32bit-4.6.0-150600.3.3.1 * libtiff6-32bit-4.6.0-150600.3.3.1 * libtiff6-32bit-debuginfo-4.6.0-150600.3.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libtiff-devel-4.6.0-150600.3.3.1 * libtiff6-4.6.0-150600.3.3.1 * tiff-4.6.0-150600.3.3.1 * tiff-debuginfo-4.6.0-150600.3.3.1 * libtiff6-debuginfo-4.6.0-150600.3.3.1 * tiff-debugsource-4.6.0-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libtiff-devel-64bit-4.6.0-150600.3.3.1 * libtiff6-64bit-4.6.0-150600.3.3.1 * libtiff6-64bit-debuginfo-4.6.0-150600.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libtiff-devel-4.6.0-150600.3.3.1 * libtiff6-4.6.0-150600.3.3.1 * tiff-debuginfo-4.6.0-150600.3.3.1 * libtiff6-debuginfo-4.6.0-150600.3.3.1 * tiff-debugsource-4.6.0-150600.3.3.1 * Basesystem Module 15-SP6 (x86_64) * libtiff6-32bit-4.6.0-150600.3.3.1 * libtiff6-32bit-debuginfo-4.6.0-150600.3.3.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * tiff-debugsource-4.6.0-150600.3.3.1 * tiff-4.6.0-150600.3.3.1 * tiff-debuginfo-4.6.0-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7006.html * https://bugzilla.suse.com/show_bug.cgi?id=1228924 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:31:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:31:04 -0000 Subject: SUSE-SU-2024:3116-1: moderate: Security update for python-WebOb Message-ID: <172538106405.2742.5410616705899382372@smelt2.prg2.suse.org> # Security update for python-WebOb Announcement ID: SUSE-SU-2024:3116-1 Rating: moderate References: * bsc#1229221 Cross-References: * CVE-2024-42353 CVSS scores: * CVE-2024-42353 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-42353 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-WebOb fixes the following issues: * CVE-2024-42353: Fixed open redirect via WebOb's Response object in Location header (bsc#1229221) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3116=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3116=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3116=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3116=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3116=1 ## Package List: * openSUSE Leap 15.5 (noarch) * python-WebOb-doc-1.7.4-150000.3.3.1 * python3-WebOb-1.7.4-150000.3.3.1 * Basesystem Module 15-SP5 (noarch) * python3-WebOb-1.7.4-150000.3.3.1 * Basesystem Module 15-SP6 (noarch) * python3-WebOb-1.7.4-150000.3.3.1 * SUSE Package Hub 15 15-SP5 (noarch) * python2-WebOb-1.7.4-150000.3.3.1 * SUSE Package Hub 15 15-SP6 (noarch) * python2-WebOb-1.7.4-150000.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-42353.html * https://bugzilla.suse.com/show_bug.cgi?id=1229221 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:31:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:31:06 -0000 Subject: SUSE-SU-2024:3115-1: moderate: Security update for tiff Message-ID: <172538106643.2742.8632931643981908208@smelt2.prg2.suse.org> # Security update for tiff Announcement ID: SUSE-SU-2024:3115-1 Rating: moderate References: * bsc#1228924 Cross-References: * CVE-2024-7006 CVSS scores: * CVE-2024-7006 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-7006 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7006 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for tiff fixes the following issues: * CVE-2024-7006: Fixed null pointer dereference in tif_dirinfo.c (bsc#1228924) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3115=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3115=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3115=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3115=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3115=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3115=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3115=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3115=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3115=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3115=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3115=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3115=1 ## Package List: * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * tiff-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * libtiff5-debuginfo-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 * openSUSE Leap 15.5 (x86_64) * libtiff-devel-32bit-4.0.9-150000.45.47.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.47.1 * libtiff5-32bit-4.0.9-150000.45.47.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libtiff5-debuginfo-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * tiff-debuginfo-4.0.9-150000.45.47.1 * libtiff-devel-4.0.9-150000.45.47.1 * tiff-4.0.9-150000.45.47.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * tiff-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * libtiff5-debuginfo-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * tiff-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * libtiff5-debuginfo-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * tiff-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * libtiff5-debuginfo-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * tiff-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * libtiff5-debuginfo-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * tiff-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * libtiff5-debuginfo-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libtiff5-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 * tiff-debuginfo-4.0.9-150000.45.47.1 * libtiff-devel-4.0.9-150000.45.47.1 * Basesystem Module 15-SP5 (x86_64) * libtiff5-32bit-debuginfo-4.0.9-150000.45.47.1 * libtiff5-32bit-4.0.9-150000.45.47.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * tiff-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * libtiff5-debuginfo-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 * Basesystem Module 15-SP6 (x86_64) * libtiff5-32bit-debuginfo-4.0.9-150000.45.47.1 * libtiff5-32bit-4.0.9-150000.45.47.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * tiff-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * tiff-4.0.9-150000.45.47.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * tiff-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * libtiff5-debuginfo-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * tiff-debuginfo-4.0.9-150000.45.47.1 * tiff-debugsource-4.0.9-150000.45.47.1 * libtiff5-debuginfo-4.0.9-150000.45.47.1 * libtiff5-4.0.9-150000.45.47.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7006.html * https://bugzilla.suse.com/show_bug.cgi?id=1228924 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:31:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:31:10 -0000 Subject: SUSE-SU-2024:3114-1: moderate: Security update for ffmpeg Message-ID: <172538107019.2742.13254892595471372916@smelt2.prg2.suse.org> # Security update for ffmpeg Announcement ID: SUSE-SU-2024:3114-1 Rating: moderate References: * bsc#1186607 * bsc#1189428 * bsc#1223304 Cross-References: * CVE-2020-22027 * CVE-2021-38291 * CVE-2023-51798 CVSS scores: * CVE-2020-22027 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2020-22027 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2021-38291 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2021-38291 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-51798 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Desktop Applications Module 15-SP5 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for ffmpeg fixes the following issues: * CVE-2020-22027: Fixed heap-based Buffer Overflow vulnerability exits in deflate16 at libavfilter/vf_neighbor.c (bsc#1186607) * CVE-2021-38291: Fixed an assertion failure at src/libavutil/mathematics.c (bsc#1189428) * CVE-2023-51798: Fixed floating point exception(FPE) via the interpolate function (bsc#1223304) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3114=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3114=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-3114=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-3114=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3114=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3114=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-3114=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-3114=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libavcodec57-3.4.2-150200.11.57.1 * libswscale-devel-3.4.2-150200.11.57.1 * libavformat-devel-3.4.2-150200.11.57.1 * libavcodec-devel-3.4.2-150200.11.57.1 * ffmpeg-private-devel-3.4.2-150200.11.57.1 * libswresample2-debuginfo-3.4.2-150200.11.57.1 * libpostproc54-3.4.2-150200.11.57.1 * libavresample3-3.4.2-150200.11.57.1 * libavformat57-debuginfo-3.4.2-150200.11.57.1 * libavformat57-3.4.2-150200.11.57.1 * libavfilter6-3.4.2-150200.11.57.1 * libswresample2-3.4.2-150200.11.57.1 * ffmpeg-debugsource-3.4.2-150200.11.57.1 * libavutil-devel-3.4.2-150200.11.57.1 * libavcodec57-debuginfo-3.4.2-150200.11.57.1 * libavdevice57-debuginfo-3.4.2-150200.11.57.1 * libavresample-devel-3.4.2-150200.11.57.1 * libpostproc54-debuginfo-3.4.2-150200.11.57.1 * libavdevice57-3.4.2-150200.11.57.1 * libavresample3-debuginfo-3.4.2-150200.11.57.1 * libpostproc-devel-3.4.2-150200.11.57.1 * libswresample-devel-3.4.2-150200.11.57.1 * libavdevice-devel-3.4.2-150200.11.57.1 * libavutil55-debuginfo-3.4.2-150200.11.57.1 * libswscale4-3.4.2-150200.11.57.1 * libavfilter-devel-3.4.2-150200.11.57.1 * ffmpeg-debuginfo-3.4.2-150200.11.57.1 * ffmpeg-3.4.2-150200.11.57.1 * libavfilter6-debuginfo-3.4.2-150200.11.57.1 * libavutil55-3.4.2-150200.11.57.1 * libswscale4-debuginfo-3.4.2-150200.11.57.1 * openSUSE Leap 15.5 (x86_64) * libavformat57-32bit-debuginfo-3.4.2-150200.11.57.1 * libavresample3-32bit-debuginfo-3.4.2-150200.11.57.1 * libswscale4-32bit-3.4.2-150200.11.57.1 * libpostproc54-32bit-3.4.2-150200.11.57.1 * libavcodec57-32bit-debuginfo-3.4.2-150200.11.57.1 * libavfilter6-32bit-debuginfo-3.4.2-150200.11.57.1 * libswresample2-32bit-debuginfo-3.4.2-150200.11.57.1 * libavutil55-32bit-debuginfo-3.4.2-150200.11.57.1 * libswresample2-32bit-3.4.2-150200.11.57.1 * libpostproc54-32bit-debuginfo-3.4.2-150200.11.57.1 * libavdevice57-32bit-3.4.2-150200.11.57.1 * libavutil55-32bit-3.4.2-150200.11.57.1 * libavcodec57-32bit-3.4.2-150200.11.57.1 * libavresample3-32bit-3.4.2-150200.11.57.1 * libavfilter6-32bit-3.4.2-150200.11.57.1 * libavdevice57-32bit-debuginfo-3.4.2-150200.11.57.1 * libavformat57-32bit-3.4.2-150200.11.57.1 * libswscale4-32bit-debuginfo-3.4.2-150200.11.57.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libavcodec57-3.4.2-150200.11.57.1 * libswscale-devel-3.4.2-150200.11.57.1 * libavformat-devel-3.4.2-150200.11.57.1 * libavcodec-devel-3.4.2-150200.11.57.1 * ffmpeg-private-devel-3.4.2-150200.11.57.1 * libswresample2-debuginfo-3.4.2-150200.11.57.1 * libpostproc54-3.4.2-150200.11.57.1 * libavresample3-3.4.2-150200.11.57.1 * libavformat57-debuginfo-3.4.2-150200.11.57.1 * libavformat57-3.4.2-150200.11.57.1 * libavfilter6-3.4.2-150200.11.57.1 * libswresample2-3.4.2-150200.11.57.1 * ffmpeg-debugsource-3.4.2-150200.11.57.1 * libavutil-devel-3.4.2-150200.11.57.1 * libavcodec57-debuginfo-3.4.2-150200.11.57.1 * libavdevice57-debuginfo-3.4.2-150200.11.57.1 * libavresample-devel-3.4.2-150200.11.57.1 * libpostproc54-debuginfo-3.4.2-150200.11.57.1 * libavdevice57-3.4.2-150200.11.57.1 * libavresample3-debuginfo-3.4.2-150200.11.57.1 * libpostproc-devel-3.4.2-150200.11.57.1 * libswresample-devel-3.4.2-150200.11.57.1 * libavdevice-devel-3.4.2-150200.11.57.1 * libavutil55-debuginfo-3.4.2-150200.11.57.1 * libswscale4-3.4.2-150200.11.57.1 * libavfilter-devel-3.4.2-150200.11.57.1 * ffmpeg-debuginfo-3.4.2-150200.11.57.1 * ffmpeg-3.4.2-150200.11.57.1 * libavfilter6-debuginfo-3.4.2-150200.11.57.1 * libavutil55-3.4.2-150200.11.57.1 * libswscale4-debuginfo-3.4.2-150200.11.57.1 * openSUSE Leap 15.6 (x86_64) * libavformat57-32bit-debuginfo-3.4.2-150200.11.57.1 * libavresample3-32bit-debuginfo-3.4.2-150200.11.57.1 * libswscale4-32bit-3.4.2-150200.11.57.1 * libpostproc54-32bit-3.4.2-150200.11.57.1 * libavcodec57-32bit-debuginfo-3.4.2-150200.11.57.1 * libavfilter6-32bit-debuginfo-3.4.2-150200.11.57.1 * libswresample2-32bit-debuginfo-3.4.2-150200.11.57.1 * libavutil55-32bit-debuginfo-3.4.2-150200.11.57.1 * libswresample2-32bit-3.4.2-150200.11.57.1 * libpostproc54-32bit-debuginfo-3.4.2-150200.11.57.1 * libavdevice57-32bit-3.4.2-150200.11.57.1 * libavutil55-32bit-3.4.2-150200.11.57.1 * libavcodec57-32bit-3.4.2-150200.11.57.1 * libavresample3-32bit-3.4.2-150200.11.57.1 * libavfilter6-32bit-3.4.2-150200.11.57.1 * libavdevice57-32bit-debuginfo-3.4.2-150200.11.57.1 * libavformat57-32bit-3.4.2-150200.11.57.1 * libswscale4-32bit-debuginfo-3.4.2-150200.11.57.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libavcodec57-3.4.2-150200.11.57.1 * libavcodec57-debuginfo-3.4.2-150200.11.57.1 * libswscale-devel-3.4.2-150200.11.57.1 * libavutil55-debuginfo-3.4.2-150200.11.57.1 * libswscale4-debuginfo-3.4.2-150200.11.57.1 * libswresample2-3.4.2-150200.11.57.1 * libswscale4-3.4.2-150200.11.57.1 * libpostproc54-debuginfo-3.4.2-150200.11.57.1 * ffmpeg-debuginfo-3.4.2-150200.11.57.1 * libswresample2-debuginfo-3.4.2-150200.11.57.1 * libpostproc-devel-3.4.2-150200.11.57.1 * libpostproc54-3.4.2-150200.11.57.1 * libavutil55-3.4.2-150200.11.57.1 * ffmpeg-debugsource-3.4.2-150200.11.57.1 * libavutil-devel-3.4.2-150200.11.57.1 * libswresample-devel-3.4.2-150200.11.57.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libavcodec57-3.4.2-150200.11.57.1 * libavcodec57-debuginfo-3.4.2-150200.11.57.1 * libswscale-devel-3.4.2-150200.11.57.1 * libavutil55-debuginfo-3.4.2-150200.11.57.1 * libswscale4-debuginfo-3.4.2-150200.11.57.1 * libswresample2-3.4.2-150200.11.57.1 * libswscale4-3.4.2-150200.11.57.1 * libpostproc54-debuginfo-3.4.2-150200.11.57.1 * ffmpeg-debuginfo-3.4.2-150200.11.57.1 * libswresample2-debuginfo-3.4.2-150200.11.57.1 * libpostproc-devel-3.4.2-150200.11.57.1 * libpostproc54-3.4.2-150200.11.57.1 * libavutil55-3.4.2-150200.11.57.1 * ffmpeg-debugsource-3.4.2-150200.11.57.1 * libavutil-devel-3.4.2-150200.11.57.1 * libswresample-devel-3.4.2-150200.11.57.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * libavformat57-debuginfo-3.4.2-150200.11.57.1 * libavformat57-3.4.2-150200.11.57.1 * libavfilter6-3.4.2-150200.11.57.1 * libavdevice57-debuginfo-3.4.2-150200.11.57.1 * ffmpeg-debuginfo-3.4.2-150200.11.57.1 * ffmpeg-3.4.2-150200.11.57.1 * libavdevice57-3.4.2-150200.11.57.1 * libavresample3-debuginfo-3.4.2-150200.11.57.1 * libavfilter6-debuginfo-3.4.2-150200.11.57.1 * libavresample3-3.4.2-150200.11.57.1 * ffmpeg-debugsource-3.4.2-150200.11.57.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * libavformat57-debuginfo-3.4.2-150200.11.57.1 * libavformat57-3.4.2-150200.11.57.1 * libavfilter6-3.4.2-150200.11.57.1 * libavdevice57-debuginfo-3.4.2-150200.11.57.1 * ffmpeg-debuginfo-3.4.2-150200.11.57.1 * ffmpeg-3.4.2-150200.11.57.1 * libavdevice57-3.4.2-150200.11.57.1 * libavresample3-debuginfo-3.4.2-150200.11.57.1 * libavfilter6-debuginfo-3.4.2-150200.11.57.1 * libavresample3-3.4.2-150200.11.57.1 * ffmpeg-debugsource-3.4.2-150200.11.57.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * libavformat57-debuginfo-3.4.2-150200.11.57.1 * libavformat57-3.4.2-150200.11.57.1 * libavformat-devel-3.4.2-150200.11.57.1 * libavresample-devel-3.4.2-150200.11.57.1 * libavcodec-devel-3.4.2-150200.11.57.1 * ffmpeg-debuginfo-3.4.2-150200.11.57.1 * libavresample3-debuginfo-3.4.2-150200.11.57.1 * libavresample3-3.4.2-150200.11.57.1 * ffmpeg-debugsource-3.4.2-150200.11.57.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * libavformat57-debuginfo-3.4.2-150200.11.57.1 * libavformat57-3.4.2-150200.11.57.1 * libavformat-devel-3.4.2-150200.11.57.1 * libavresample-devel-3.4.2-150200.11.57.1 * libavcodec-devel-3.4.2-150200.11.57.1 * ffmpeg-debuginfo-3.4.2-150200.11.57.1 * libavresample3-debuginfo-3.4.2-150200.11.57.1 * libavresample3-3.4.2-150200.11.57.1 * ffmpeg-debugsource-3.4.2-150200.11.57.1 ## References: * https://www.suse.com/security/cve/CVE-2020-22027.html * https://www.suse.com/security/cve/CVE-2021-38291.html * https://www.suse.com/security/cve/CVE-2023-51798.html * https://bugzilla.suse.com/show_bug.cgi?id=1186607 * https://bugzilla.suse.com/show_bug.cgi?id=1189428 * https://bugzilla.suse.com/show_bug.cgi?id=1223304 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:31:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:31:14 -0000 Subject: SUSE-SU-2024:3113-1: important: Security update for xen Message-ID: <172538107455.2742.10376548891165424699@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:3113-1 Rating: important References: * bsc#1027519 * bsc#1228574 * bsc#1228575 Cross-References: * CVE-2024-31145 * CVE-2024-31146 CVSS scores: * CVE-2024-31145 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2024-31146 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping (XSA-460, bsc#1228574) * CVE-2024-31146: Fixed PCI device pass-through with shared resources (XSA-461, bsc#1228575) Other fixes: \- Update to Xen 4.18.3 security bug fix release (bsc#1027519) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3113=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-3113=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3113=1 openSUSE-SLE-15.6-2024-3113=1 ## Package List: * Basesystem Module 15-SP6 (x86_64) * xen-tools-domU-4.18.3_02-150600.3.6.1 * xen-libs-debuginfo-4.18.3_02-150600.3.6.1 * xen-libs-4.18.3_02-150600.3.6.1 * xen-tools-domU-debuginfo-4.18.3_02-150600.3.6.1 * xen-debugsource-4.18.3_02-150600.3.6.1 * Server Applications Module 15-SP6 (x86_64) * xen-4.18.3_02-150600.3.6.1 * xen-tools-debuginfo-4.18.3_02-150600.3.6.1 * xen-tools-4.18.3_02-150600.3.6.1 * xen-devel-4.18.3_02-150600.3.6.1 * xen-debugsource-4.18.3_02-150600.3.6.1 * Server Applications Module 15-SP6 (noarch) * xen-tools-xendomains-wait-disk-4.18.3_02-150600.3.6.1 * openSUSE Leap 15.6 (aarch64 x86_64 i586) * xen-tools-domU-4.18.3_02-150600.3.6.1 * xen-libs-debuginfo-4.18.3_02-150600.3.6.1 * xen-libs-4.18.3_02-150600.3.6.1 * xen-tools-domU-debuginfo-4.18.3_02-150600.3.6.1 * xen-devel-4.18.3_02-150600.3.6.1 * xen-debugsource-4.18.3_02-150600.3.6.1 * openSUSE Leap 15.6 (x86_64) * xen-libs-32bit-debuginfo-4.18.3_02-150600.3.6.1 * xen-libs-32bit-4.18.3_02-150600.3.6.1 * openSUSE Leap 15.6 (aarch64 x86_64) * xen-4.18.3_02-150600.3.6.1 * xen-tools-debuginfo-4.18.3_02-150600.3.6.1 * xen-tools-4.18.3_02-150600.3.6.1 * xen-doc-html-4.18.3_02-150600.3.6.1 * openSUSE Leap 15.6 (noarch) * xen-tools-xendomains-wait-disk-4.18.3_02-150600.3.6.1 * openSUSE Leap 15.6 (aarch64_ilp32) * xen-libs-64bit-4.18.3_02-150600.3.6.1 * xen-libs-64bit-debuginfo-4.18.3_02-150600.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-31145.html * https://www.suse.com/security/cve/CVE-2024-31146.html * https://bugzilla.suse.com/show_bug.cgi?id=1027519 * https://bugzilla.suse.com/show_bug.cgi?id=1228574 * https://bugzilla.suse.com/show_bug.cgi?id=1228575 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:31:16 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:31:16 -0000 Subject: SUSE-SU-2024:3112-1: important: Security update for MozillaThunderbird Message-ID: <172538107686.2742.15996768316734796771@smelt2.prg2.suse.org> # Security update for MozillaThunderbird Announcement ID: SUSE-SU-2024:3112-1 Rating: important References: * bsc#1228648 Cross-References: * CVE-2024-7519 * CVE-2024-7521 * CVE-2024-7522 * CVE-2024-7525 * CVE-2024-7526 * CVE-2024-7527 * CVE-2024-7529 CVSS scores: * CVE-2024-7519 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-7519 ( NVD ): 9.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-7521 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-7521 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-7522 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L * CVE-2024-7522 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-7525 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-7525 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2024-7526 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L * CVE-2024-7526 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-7527 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-7527 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-7529 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2024-7529 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves seven vulnerabilities can now be installed. ## Description: This update for MozillaThunderbird fixes the following issues: * Mozilla Thunderbird 115.14 * fixed: When using an external installation of GnuPG, Thunderbird occassionally sent/received corrupted messages * fixed: Users of external GnuPG were unable to decrypt incorrectly encoded messages (bmo#1906903) * fixed: Flatpak install of 128.0esr was incorrectly downgraded to 115.13.0esr (bmo#1908299) * fixed: Security fixes MFSA 2024-38 (bsc#1228648) * CVE-2024-7519: Out of bounds memory access in graphics shared memory handling * CVE-2024-7521: Incomplete WebAssembly exception handing * CVE-2024-7522: Out of bounds read in editor component * CVE-2024-7525: Missing permission check when creating a StreamFilter * CVE-2024-7526: Uninitialized memory used by WebGL * CVE-2024-7527: Use-after-free in JavaScript garbage collection * CVE-2024-7529: Document content could partially obscure security prompts ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3112=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3112=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3112=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3112=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-3112=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-3112=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3112=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaThunderbird-115.14.0-150200.8.174.1 * MozillaThunderbird-translations-other-115.14.0-150200.8.174.1 * MozillaThunderbird-translations-common-115.14.0-150200.8.174.1 * MozillaThunderbird-debugsource-115.14.0-150200.8.174.1 * MozillaThunderbird-debuginfo-115.14.0-150200.8.174.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x) * MozillaThunderbird-115.14.0-150200.8.174.1 * MozillaThunderbird-translations-other-115.14.0-150200.8.174.1 * MozillaThunderbird-translations-common-115.14.0-150200.8.174.1 * MozillaThunderbird-debugsource-115.14.0-150200.8.174.1 * MozillaThunderbird-debuginfo-115.14.0-150200.8.174.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x) * MozillaThunderbird-115.14.0-150200.8.174.1 * MozillaThunderbird-translations-other-115.14.0-150200.8.174.1 * MozillaThunderbird-translations-common-115.14.0-150200.8.174.1 * MozillaThunderbird-debugsource-115.14.0-150200.8.174.1 * MozillaThunderbird-debuginfo-115.14.0-150200.8.174.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * MozillaThunderbird-115.14.0-150200.8.174.1 * MozillaThunderbird-translations-other-115.14.0-150200.8.174.1 * MozillaThunderbird-translations-common-115.14.0-150200.8.174.1 * MozillaThunderbird-debugsource-115.14.0-150200.8.174.1 * MozillaThunderbird-debuginfo-115.14.0-150200.8.174.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * MozillaThunderbird-115.14.0-150200.8.174.1 * MozillaThunderbird-translations-other-115.14.0-150200.8.174.1 * MozillaThunderbird-translations-common-115.14.0-150200.8.174.1 * MozillaThunderbird-debugsource-115.14.0-150200.8.174.1 * MozillaThunderbird-debuginfo-115.14.0-150200.8.174.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * MozillaThunderbird-115.14.0-150200.8.174.1 * MozillaThunderbird-translations-other-115.14.0-150200.8.174.1 * MozillaThunderbird-translations-common-115.14.0-150200.8.174.1 * MozillaThunderbird-debugsource-115.14.0-150200.8.174.1 * MozillaThunderbird-debuginfo-115.14.0-150200.8.174.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * MozillaThunderbird-115.14.0-150200.8.174.1 * MozillaThunderbird-translations-other-115.14.0-150200.8.174.1 * MozillaThunderbird-translations-common-115.14.0-150200.8.174.1 * MozillaThunderbird-debugsource-115.14.0-150200.8.174.1 * MozillaThunderbird-debuginfo-115.14.0-150200.8.174.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7519.html * https://www.suse.com/security/cve/CVE-2024-7521.html * https://www.suse.com/security/cve/CVE-2024-7522.html * https://www.suse.com/security/cve/CVE-2024-7525.html * https://www.suse.com/security/cve/CVE-2024-7526.html * https://www.suse.com/security/cve/CVE-2024-7527.html * https://www.suse.com/security/cve/CVE-2024-7529.html * https://bugzilla.suse.com/show_bug.cgi?id=1228648 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:31:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:31:25 -0000 Subject: SUSE-SU-2024:3110-1: moderate: Security update for python-aiohttp Message-ID: <172538108579.2742.1784149441501413737@smelt2.prg2.suse.org> # Security update for python-aiohttp Announcement ID: SUSE-SU-2024:3110-1 Rating: moderate References: * bsc#1229226 Cross-References: * CVE-2024-42367 CVSS scores: * CVE-2024-42367 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-42367 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP5 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-aiohttp fixes the following issues: * CVE-2024-42367: Fixed path traversal outside the root directory when requests involve compressed files as symbolic links (bsc#1229226) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3110=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3110=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3110=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-3110=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-3110=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-3110=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python-aiohttp-debugsource-3.9.3-150400.10.24.1 * python311-aiohttp-3.9.3-150400.10.24.1 * python311-aiohttp-debuginfo-3.9.3-150400.10.24.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python-aiohttp-debugsource-3.9.3-150400.10.24.1 * python311-aiohttp-3.9.3-150400.10.24.1 * python311-aiohttp-debuginfo-3.9.3-150400.10.24.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python-aiohttp-debugsource-3.9.3-150400.10.24.1 * python311-aiohttp-3.9.3-150400.10.24.1 * python311-aiohttp-debuginfo-3.9.3-150400.10.24.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * python311-aiohttp-3.9.3-150400.10.24.1 * Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python-aiohttp-debugsource-3.9.3-150400.10.24.1 * python311-aiohttp-3.9.3-150400.10.24.1 * python311-aiohttp-debuginfo-3.9.3-150400.10.24.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python-aiohttp-debugsource-3.9.3-150400.10.24.1 * python311-aiohttp-3.9.3-150400.10.24.1 * python311-aiohttp-debuginfo-3.9.3-150400.10.24.1 ## References: * https://www.suse.com/security/cve/CVE-2024-42367.html * https://bugzilla.suse.com/show_bug.cgi?id=1229226 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:31:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:31:20 -0000 Subject: SUSE-SU-2024:1351-2: low: Security update for graphviz Message-ID: <172538108019.2742.9991416682279110089@smelt2.prg2.suse.org> # Security update for graphviz Announcement ID: SUSE-SU-2024:1351-2 Rating: low References: * bsc#1219491 Cross-References: * CVE-2023-46045 CVSS scores: * CVE-2023-46045 ( SUSE ): 3.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:L * CVE-2023-46045 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP5 * Desktop Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for graphviz fixes the following issues: * CVE-2023-46045: Fixed out-of-bounds read via a crafted config6a file (bsc#1219491) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1351=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-1351=1 ## Package List: * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * graphviz-gd-2.48.0-150400.3.3.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * graphviz-gd-2.48.0-150400.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46045.html * https://bugzilla.suse.com/show_bug.cgi?id=1219491 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:31:22 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:31:22 -0000 Subject: SUSE-SU-2024:3111-1: low: Security update for unbound Message-ID: <172538108219.2742.16933690460635229536@smelt2.prg2.suse.org> # Security update for unbound Announcement ID: SUSE-SU-2024:3111-1 Rating: low References: * bsc#1229068 Cross-References: * CVE-2024-43167 CVSS scores: * CVE-2024-43167 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-43167 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for unbound fixes the following issues: * CVE-2024-43167: Fix null pointer dereference issue in function ub_ctx_set_fwd (bsc#1229068) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3111=1 openSUSE-SLE-15.6-2024-3111=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3111=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3111=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libunbound8-debuginfo-1.20.0-150600.23.6.1 * libunbound-devel-mini-debugsource-1.20.0-150600.23.6.1 * unbound-python-debuginfo-1.20.0-150600.23.6.1 * libunbound8-1.20.0-150600.23.6.1 * unbound-anchor-debuginfo-1.20.0-150600.23.6.1 * unbound-python-1.20.0-150600.23.6.1 * libunbound-devel-mini-debuginfo-1.20.0-150600.23.6.1 * unbound-debuginfo-1.20.0-150600.23.6.1 * unbound-devel-1.20.0-150600.23.6.1 * unbound-anchor-1.20.0-150600.23.6.1 * unbound-1.20.0-150600.23.6.1 * libunbound-devel-mini-1.20.0-150600.23.6.1 * unbound-debugsource-1.20.0-150600.23.6.1 * openSUSE Leap 15.6 (noarch) * unbound-munin-1.20.0-150600.23.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libunbound8-debuginfo-1.20.0-150600.23.6.1 * unbound-anchor-debuginfo-1.20.0-150600.23.6.1 * libunbound8-1.20.0-150600.23.6.1 * unbound-debuginfo-1.20.0-150600.23.6.1 * unbound-devel-1.20.0-150600.23.6.1 * unbound-anchor-1.20.0-150600.23.6.1 * unbound-debugsource-1.20.0-150600.23.6.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * unbound-python-debuginfo-1.20.0-150600.23.6.1 * unbound-python-1.20.0-150600.23.6.1 * unbound-debuginfo-1.20.0-150600.23.6.1 * unbound-1.20.0-150600.23.6.1 * unbound-debugsource-1.20.0-150600.23.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-43167.html * https://bugzilla.suse.com/show_bug.cgi?id=1229068 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:31:30 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:31:30 -0000 Subject: SUSE-SU-2024:3109-1: important: Security update for webkit2gtk3 Message-ID: <172538109027.2742.14271870081968078213@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2024:3109-1 Rating: important References: * bsc#1228696 * bsc#1228697 * bsc#1228698 Cross-References: * CVE-2024-40776 * CVE-2024-40779 * CVE-2024-40780 * CVE-2024-40782 * CVE-2024-40785 * CVE-2024-40789 * CVE-2024-40794 * CVE-2024-4558 CVSS scores: * CVE-2024-40776 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-40776 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H * CVE-2024-40776 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-40779 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40779 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-40780 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40780 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-40782 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40785 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40785 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-40789 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40789 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-40794 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40794 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves eight vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.44.3 (bsc#1228696 bsc#1228697 bsc#1228698): * Fix web process cache suspend/resume when sandbox is enabled. * Fix accelerated images dissapearing after scrolling. * Fix video flickering with DMA-BUF sink. * Fix pointer lock on X11. * Fix movement delta on mouse events in GTK3. * Undeprecate console message API and make it available in 2022 API. * Fix several crashes and rendering issues. * Security fixes: CVE-2024-40776, CVE-2024-40779, CVE-2024-40780, CVE-2024-40782, CVE-2024-40785, CVE-2024-40789, CVE-2024-40794, CVE-2024-4558. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3109=1 openSUSE-SLE-15.6-2024-3109=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3109=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-3109=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3109=1 ## Package List: * openSUSE Leap 15.6 (noarch) * WebKitGTK-6.0-lang-2.44.3-150600.12.9.1 * WebKitGTK-4.0-lang-2.44.3-150600.12.9.1 * WebKitGTK-4.1-lang-2.44.3-150600.12.9.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * typelib-1_0-WebKit2-4_0-2.44.3-150600.12.9.1 * libjavascriptcoregtk-4_1-0-2.44.3-150600.12.9.1 * webkit2gtk4-minibrowser-debuginfo-2.44.3-150600.12.9.1 * webkit2gtk-4_0-injected-bundles-2.44.3-150600.12.9.1 * libjavascriptcoregtk-4_0-18-2.44.3-150600.12.9.1 * webkit2gtk3-soup2-devel-2.44.3-150600.12.9.1 * webkit2gtk-4_1-injected-bundles-2.44.3-150600.12.9.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.44.3-150600.12.9.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.44.3-150600.12.9.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.44.3-150600.12.9.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.3-150600.12.9.1 * webkit2gtk3-soup2-debugsource-2.44.3-150600.12.9.1 * libwebkit2gtk-4_0-37-2.44.3-150600.12.9.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.3-150600.12.9.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.3-150600.12.9.1 * typelib-1_0-JavaScriptCore-4_0-2.44.3-150600.12.9.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.3-150600.12.9.1 * webkit2gtk4-devel-2.44.3-150600.12.9.1 * webkitgtk-6_0-injected-bundles-2.44.3-150600.12.9.1 * webkit2gtk3-soup2-minibrowser-2.44.3-150600.12.9.1 * typelib-1_0-WebKit-6_0-2.44.3-150600.12.9.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.3-150600.12.9.1 * webkit-jsc-6.0-debuginfo-2.44.3-150600.12.9.1 * webkit2gtk4-debugsource-2.44.3-150600.12.9.1 * libwebkitgtk-6_0-4-debuginfo-2.44.3-150600.12.9.1 * webkit2gtk3-debugsource-2.44.3-150600.12.9.1 * webkit2gtk3-minibrowser-2.44.3-150600.12.9.1 * typelib-1_0-JavaScriptCore-4_1-2.44.3-150600.12.9.1 * webkit2gtk3-devel-2.44.3-150600.12.9.1 * libwebkit2gtk-4_1-0-2.44.3-150600.12.9.1 * webkit2gtk4-minibrowser-2.44.3-150600.12.9.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.3-150600.12.9.1 * webkit-jsc-4-debuginfo-2.44.3-150600.12.9.1 * typelib-1_0-WebKit2-4_1-2.44.3-150600.12.9.1 * libwebkitgtk-6_0-4-2.44.3-150600.12.9.1 * libjavascriptcoregtk-6_0-1-2.44.3-150600.12.9.1 * webkit-jsc-4.1-debuginfo-2.44.3-150600.12.9.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.44.3-150600.12.9.1 * typelib-1_0-JavaScriptCore-6_0-2.44.3-150600.12.9.1 * webkit-jsc-6.0-2.44.3-150600.12.9.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.3-150600.12.9.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.3-150600.12.9.1 * webkit-jsc-4.1-2.44.3-150600.12.9.1 * webkit2gtk3-minibrowser-debuginfo-2.44.3-150600.12.9.1 * webkit-jsc-4-2.44.3-150600.12.9.1 * openSUSE Leap 15.6 (x86_64) * libjavascriptcoregtk-4_1-0-32bit-2.44.3-150600.12.9.1 * libwebkit2gtk-4_1-0-32bit-2.44.3-150600.12.9.1 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.44.3-150600.12.9.1 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.44.3-150600.12.9.1 * libwebkit2gtk-4_0-37-32bit-2.44.3-150600.12.9.1 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.44.3-150600.12.9.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.44.3-150600.12.9.1 * libjavascriptcoregtk-4_0-18-32bit-2.44.3-150600.12.9.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.44.3-150600.12.9.1 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.44.3-150600.12.9.1 * libjavascriptcoregtk-4_1-0-64bit-2.44.3-150600.12.9.1 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.44.3-150600.12.9.1 * libwebkit2gtk-4_1-0-64bit-2.44.3-150600.12.9.1 * libwebkit2gtk-4_0-37-64bit-2.44.3-150600.12.9.1 * libjavascriptcoregtk-4_0-18-64bit-2.44.3-150600.12.9.1 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.44.3-150600.12.9.1 * Basesystem Module 15-SP6 (noarch) * WebKitGTK-6.0-lang-2.44.3-150600.12.9.1 * WebKitGTK-4.0-lang-2.44.3-150600.12.9.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-6_0-1-2.44.3-150600.12.9.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.44.3-150600.12.9.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.3-150600.12.9.1 * typelib-1_0-WebKit2-4_0-2.44.3-150600.12.9.1 * webkit2gtk4-debugsource-2.44.3-150600.12.9.1 * libwebkitgtk-6_0-4-debuginfo-2.44.3-150600.12.9.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.44.3-150600.12.9.1 * libwebkitgtk-6_0-4-2.44.3-150600.12.9.1 * webkit2gtk-4_0-injected-bundles-2.44.3-150600.12.9.1 * webkit2gtk3-soup2-debugsource-2.44.3-150600.12.9.1 * libwebkit2gtk-4_0-37-2.44.3-150600.12.9.1 * webkit2gtk3-soup2-devel-2.44.3-150600.12.9.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.3-150600.12.9.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.3-150600.12.9.1 * typelib-1_0-JavaScriptCore-4_0-2.44.3-150600.12.9.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.3-150600.12.9.1 * webkitgtk-6_0-injected-bundles-2.44.3-150600.12.9.1 * libjavascriptcoregtk-4_0-18-2.44.3-150600.12.9.1 * Desktop Applications Module 15-SP6 (noarch) * WebKitGTK-4.1-lang-2.44.3-150600.12.9.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-4_1-0-2.44.3-150600.12.9.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.3-150600.12.9.1 * webkit2gtk3-debugsource-2.44.3-150600.12.9.1 * typelib-1_0-JavaScriptCore-4_1-2.44.3-150600.12.9.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.3-150600.12.9.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.3-150600.12.9.1 * libwebkit2gtk-4_1-0-2.44.3-150600.12.9.1 * webkit2gtk3-devel-2.44.3-150600.12.9.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.3-150600.12.9.1 * webkit2gtk-4_1-injected-bundles-2.44.3-150600.12.9.1 * typelib-1_0-WebKit2-4_1-2.44.3-150600.12.9.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * typelib-1_0-WebKit-6_0-2.44.3-150600.12.9.1 * webkit2gtk4-debugsource-2.44.3-150600.12.9.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.44.3-150600.12.9.1 * typelib-1_0-JavaScriptCore-6_0-2.44.3-150600.12.9.1 * webkit2gtk4-devel-2.44.3-150600.12.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-40776.html * https://www.suse.com/security/cve/CVE-2024-40779.html * https://www.suse.com/security/cve/CVE-2024-40780.html * https://www.suse.com/security/cve/CVE-2024-40782.html * https://www.suse.com/security/cve/CVE-2024-40785.html * https://www.suse.com/security/cve/CVE-2024-40789.html * https://www.suse.com/security/cve/CVE-2024-40794.html * https://www.suse.com/security/cve/CVE-2024-4558.html * https://bugzilla.suse.com/show_bug.cgi?id=1228696 * https://bugzilla.suse.com/show_bug.cgi?id=1228697 * https://bugzilla.suse.com/show_bug.cgi?id=1228698 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:31:34 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:31:34 -0000 Subject: SUSE-SU-2024:3108-1: important: Security update for frr Message-ID: <172538109431.2742.5497787618041638738@smelt2.prg2.suse.org> # Security update for frr Announcement ID: SUSE-SU-2024:3108-1 Rating: important References: * bsc#1229438 Cross-References: * CVE-2024-44070 CVSS scores: * CVE-2024-44070 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44070 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44070 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Server Applications Module 15-SP5 * Server Applications Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for frr fixes the following issues: * CVE-2024-44070: Fixed missing stream length check before TLV value is taken in bgp_attr_encap (bsc#1229438) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3108=1 openSUSE-SLE-15.5-2024-3108=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3108=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3108=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-3108=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libfrrfpm_pb0-debuginfo-8.4-150500.4.26.1 * libfrrzmq0-8.4-150500.4.26.1 * libfrrfpm_pb0-8.4-150500.4.26.1 * libmlag_pb0-8.4-150500.4.26.1 * frr-8.4-150500.4.26.1 * libfrrospfapiclient0-debuginfo-8.4-150500.4.26.1 * libfrr0-debuginfo-8.4-150500.4.26.1 * frr-devel-8.4-150500.4.26.1 * libfrrzmq0-debuginfo-8.4-150500.4.26.1 * libfrr_pb0-debuginfo-8.4-150500.4.26.1 * libfrrcares0-debuginfo-8.4-150500.4.26.1 * libmlag_pb0-debuginfo-8.4-150500.4.26.1 * libfrrsnmp0-debuginfo-8.4-150500.4.26.1 * libfrr0-8.4-150500.4.26.1 * libfrrsnmp0-8.4-150500.4.26.1 * libfrr_pb0-8.4-150500.4.26.1 * libfrrcares0-8.4-150500.4.26.1 * frr-debuginfo-8.4-150500.4.26.1 * libfrrospfapiclient0-8.4-150500.4.26.1 * frr-debugsource-8.4-150500.4.26.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libfrrfpm_pb0-debuginfo-8.4-150500.4.26.1 * libfrrzmq0-8.4-150500.4.26.1 * libfrrfpm_pb0-8.4-150500.4.26.1 * libmlag_pb0-8.4-150500.4.26.1 * frr-8.4-150500.4.26.1 * libfrrospfapiclient0-debuginfo-8.4-150500.4.26.1 * libfrr0-debuginfo-8.4-150500.4.26.1 * frr-devel-8.4-150500.4.26.1 * libfrrzmq0-debuginfo-8.4-150500.4.26.1 * libfrr_pb0-debuginfo-8.4-150500.4.26.1 * libfrrcares0-debuginfo-8.4-150500.4.26.1 * libmlag_pb0-debuginfo-8.4-150500.4.26.1 * libfrrsnmp0-debuginfo-8.4-150500.4.26.1 * libfrr0-8.4-150500.4.26.1 * libfrrsnmp0-8.4-150500.4.26.1 * libfrr_pb0-8.4-150500.4.26.1 * libfrrcares0-8.4-150500.4.26.1 * frr-debuginfo-8.4-150500.4.26.1 * libfrrospfapiclient0-8.4-150500.4.26.1 * frr-debugsource-8.4-150500.4.26.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libfrrfpm_pb0-debuginfo-8.4-150500.4.26.1 * libfrrzmq0-8.4-150500.4.26.1 * libfrrfpm_pb0-8.4-150500.4.26.1 * libmlag_pb0-8.4-150500.4.26.1 * frr-8.4-150500.4.26.1 * libfrrospfapiclient0-debuginfo-8.4-150500.4.26.1 * libfrr0-debuginfo-8.4-150500.4.26.1 * frr-devel-8.4-150500.4.26.1 * libfrrzmq0-debuginfo-8.4-150500.4.26.1 * libfrr_pb0-debuginfo-8.4-150500.4.26.1 * libfrrcares0-debuginfo-8.4-150500.4.26.1 * libmlag_pb0-debuginfo-8.4-150500.4.26.1 * libfrrsnmp0-debuginfo-8.4-150500.4.26.1 * libfrr0-8.4-150500.4.26.1 * libfrrsnmp0-8.4-150500.4.26.1 * libfrr_pb0-8.4-150500.4.26.1 * libfrrcares0-8.4-150500.4.26.1 * frr-debuginfo-8.4-150500.4.26.1 * libfrrospfapiclient0-8.4-150500.4.26.1 * frr-debugsource-8.4-150500.4.26.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libfrrfpm_pb0-debuginfo-8.4-150500.4.26.1 * libfrrzmq0-8.4-150500.4.26.1 * libfrrfpm_pb0-8.4-150500.4.26.1 * libmlag_pb0-8.4-150500.4.26.1 * frr-8.4-150500.4.26.1 * libfrrospfapiclient0-debuginfo-8.4-150500.4.26.1 * libfrr0-debuginfo-8.4-150500.4.26.1 * frr-devel-8.4-150500.4.26.1 * libfrrzmq0-debuginfo-8.4-150500.4.26.1 * libfrr_pb0-debuginfo-8.4-150500.4.26.1 * libfrrcares0-debuginfo-8.4-150500.4.26.1 * libmlag_pb0-debuginfo-8.4-150500.4.26.1 * libfrrsnmp0-debuginfo-8.4-150500.4.26.1 * libfrr0-8.4-150500.4.26.1 * libfrrsnmp0-8.4-150500.4.26.1 * libfrr_pb0-8.4-150500.4.26.1 * libfrrcares0-8.4-150500.4.26.1 * frr-debuginfo-8.4-150500.4.26.1 * libfrrospfapiclient0-8.4-150500.4.26.1 * frr-debugsource-8.4-150500.4.26.1 ## References: * https://www.suse.com/security/cve/CVE-2024-44070.html * https://bugzilla.suse.com/show_bug.cgi?id=1229438 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:31:36 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:31:36 -0000 Subject: SUSE-SU-2024:3107-1: moderate: Security update for openssl-3 Message-ID: <172538109667.2742.5564982775905403905@smelt2.prg2.suse.org> # Security update for openssl-3 Announcement ID: SUSE-SU-2024:3107-1 Rating: moderate References: * bsc#1229465 Cross-References: * CVE-2024-6119 CVSS scores: * CVE-2024-6119 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-6119 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-3 fixes the following issues: * CVE-2024-6119: Fixed denial of service in X.509 name checks (bsc#1229465) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3107=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3107=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3107=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3107=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3107=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3107=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3107=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3107=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3107=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3107=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3107=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3107=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3107=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * openssl-3-debugsource-3.0.8-150400.4.63.1 * libopenssl3-debuginfo-3.0.8-150400.4.63.1 * libopenssl3-3.0.8-150400.4.63.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * openssl-3-debugsource-3.0.8-150400.4.63.1 * libopenssl3-debuginfo-3.0.8-150400.4.63.1 * libopenssl3-3.0.8-150400.4.63.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * openssl-3-3.0.8-150400.4.63.1 * libopenssl-3-devel-3.0.8-150400.4.63.1 * libopenssl3-debuginfo-3.0.8-150400.4.63.1 * libopenssl3-3.0.8-150400.4.63.1 * openssl-3-debugsource-3.0.8-150400.4.63.1 * openssl-3-debuginfo-3.0.8-150400.4.63.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * openssl-3-3.0.8-150400.4.63.1 * libopenssl-3-devel-3.0.8-150400.4.63.1 * libopenssl3-debuginfo-3.0.8-150400.4.63.1 * libopenssl3-3.0.8-150400.4.63.1 * openssl-3-debugsource-3.0.8-150400.4.63.1 * openssl-3-debuginfo-3.0.8-150400.4.63.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * openssl-3-3.0.8-150400.4.63.1 * libopenssl-3-devel-3.0.8-150400.4.63.1 * libopenssl3-debuginfo-3.0.8-150400.4.63.1 * libopenssl3-3.0.8-150400.4.63.1 * openssl-3-debugsource-3.0.8-150400.4.63.1 * openssl-3-debuginfo-3.0.8-150400.4.63.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * openssl-3-3.0.8-150400.4.63.1 * libopenssl-3-devel-3.0.8-150400.4.63.1 * libopenssl3-debuginfo-3.0.8-150400.4.63.1 * libopenssl3-3.0.8-150400.4.63.1 * openssl-3-debugsource-3.0.8-150400.4.63.1 * openssl-3-debuginfo-3.0.8-150400.4.63.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * openssl-3-3.0.8-150400.4.63.1 * libopenssl-3-devel-3.0.8-150400.4.63.1 * libopenssl3-debuginfo-3.0.8-150400.4.63.1 * libopenssl3-3.0.8-150400.4.63.1 * openssl-3-debugsource-3.0.8-150400.4.63.1 * openssl-3-debuginfo-3.0.8-150400.4.63.1 * SUSE Manager Proxy 4.3 (x86_64) * openssl-3-3.0.8-150400.4.63.1 * libopenssl-3-devel-3.0.8-150400.4.63.1 * libopenssl3-debuginfo-3.0.8-150400.4.63.1 * libopenssl3-3.0.8-150400.4.63.1 * openssl-3-debugsource-3.0.8-150400.4.63.1 * openssl-3-debuginfo-3.0.8-150400.4.63.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * openssl-3-3.0.8-150400.4.63.1 * libopenssl-3-devel-3.0.8-150400.4.63.1 * libopenssl3-debuginfo-3.0.8-150400.4.63.1 * libopenssl3-3.0.8-150400.4.63.1 * openssl-3-debugsource-3.0.8-150400.4.63.1 * openssl-3-debuginfo-3.0.8-150400.4.63.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * openssl-3-3.0.8-150400.4.63.1 * libopenssl-3-devel-3.0.8-150400.4.63.1 * libopenssl3-debuginfo-3.0.8-150400.4.63.1 * libopenssl3-3.0.8-150400.4.63.1 * openssl-3-debugsource-3.0.8-150400.4.63.1 * openssl-3-debuginfo-3.0.8-150400.4.63.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * openssl-3-3.0.8-150400.4.63.1 * libopenssl-3-devel-3.0.8-150400.4.63.1 * libopenssl3-debuginfo-3.0.8-150400.4.63.1 * libopenssl3-3.0.8-150400.4.63.1 * openssl-3-debugsource-3.0.8-150400.4.63.1 * openssl-3-debuginfo-3.0.8-150400.4.63.1 * openSUSE Leap 15.4 (x86_64) * libopenssl-3-devel-32bit-3.0.8-150400.4.63.1 * libopenssl3-32bit-3.0.8-150400.4.63.1 * libopenssl3-32bit-debuginfo-3.0.8-150400.4.63.1 * openSUSE Leap 15.4 (noarch) * openssl-3-doc-3.0.8-150400.4.63.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libopenssl3-64bit-3.0.8-150400.4.63.1 * libopenssl3-64bit-debuginfo-3.0.8-150400.4.63.1 * libopenssl-3-devel-64bit-3.0.8-150400.4.63.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * openssl-3-debugsource-3.0.8-150400.4.63.1 * libopenssl3-debuginfo-3.0.8-150400.4.63.1 * libopenssl3-3.0.8-150400.4.63.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * openssl-3-debugsource-3.0.8-150400.4.63.1 * libopenssl3-debuginfo-3.0.8-150400.4.63.1 * libopenssl3-3.0.8-150400.4.63.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6119.html * https://bugzilla.suse.com/show_bug.cgi?id=1229465 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:31:49 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:31:49 -0000 Subject: SUSE-SU-2024:3106-1: moderate: Security update for openssl-3 Message-ID: <172538110963.2742.14638859228088854634@smelt2.prg2.suse.org> # Security update for openssl-3 Announcement ID: SUSE-SU-2024:3106-1 Rating: moderate References: * bsc#1220523 * bsc#1220690 * bsc#1220693 * bsc#1220696 * bsc#1221365 * bsc#1221751 * bsc#1221752 * bsc#1221753 * bsc#1221760 * bsc#1221786 * bsc#1221787 * bsc#1221821 * bsc#1221822 * bsc#1221824 * bsc#1221827 * bsc#1229465 Cross-References: * CVE-2024-6119 CVSS scores: * CVE-2024-6119 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-6119 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has 15 security fixes can now be installed. ## Description: This update for openssl-3 fixes the following issues: * CVE-2024-6119: Fixed denial of service in X.509 name checks (bsc#1229465) Other fixes: * FIPS: Deny SHA-1 signature verification in FIPS provider (bsc#1221365). * FIPS: RSA keygen PCT requirements. * FIPS: Check that the fips provider is available before setting it as the default provider in FIPS mode (bsc#1220523). * FIPS: Port openssl to use jitterentropy (bsc#1220523). * FIPS: Block non-Approved Elliptic Curves (bsc#1221786). * FIPS: Service Level Indicator (bsc#1221365). * FIPS: Output the FIPS-validation name and module version which uniquely identify the FIPS validated module (bsc#1221751). * FIPS: Add required selftests: (bsc#1221760). * FIPS: DH: Disable FIPS 186-4 Domain Parameters (bsc#1221821). * FIPS: Recommendation for Password-Based Key Derivation (bsc#1221827). * FIPS: Zero initialization required (bsc#1221752). * FIPS: Reseed DRBG (bsc#1220690, bsc#1220693, bsc#1220696). * FIPS: NIST SP 800-56Brev2 (bsc#1221824). * FIPS: Approved Modulus Sizes for RSA Digital Signature for FIPS 186-4 (bsc#1221787). * FIPS: Port openssl to use jitterentropy (bsc#1220523). * FIPS: NIST SP 800-56Arev3 (bsc#1221822). * FIPS: Error state has to be enforced (bsc#1221753). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3106=1 openSUSE-SLE-15.6-2024-3106=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3106=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libopenssl-3-devel-3.1.4-150600.5.15.1 * libopenssl3-debuginfo-3.1.4-150600.5.15.1 * openssl-3-debugsource-3.1.4-150600.5.15.1 * openssl-3-debuginfo-3.1.4-150600.5.15.1 * libopenssl-3-fips-provider-3.1.4-150600.5.15.1 * libopenssl-3-fips-provider-debuginfo-3.1.4-150600.5.15.1 * libopenssl3-3.1.4-150600.5.15.1 * openssl-3-3.1.4-150600.5.15.1 * openSUSE Leap 15.6 (x86_64) * libopenssl-3-fips-provider-32bit-debuginfo-3.1.4-150600.5.15.1 * libopenssl-3-fips-provider-32bit-3.1.4-150600.5.15.1 * libopenssl3-32bit-debuginfo-3.1.4-150600.5.15.1 * libopenssl-3-devel-32bit-3.1.4-150600.5.15.1 * libopenssl3-32bit-3.1.4-150600.5.15.1 * openSUSE Leap 15.6 (noarch) * openssl-3-doc-3.1.4-150600.5.15.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libopenssl-3-fips-provider-64bit-3.1.4-150600.5.15.1 * libopenssl-3-fips-provider-64bit-debuginfo-3.1.4-150600.5.15.1 * libopenssl3-64bit-3.1.4-150600.5.15.1 * libopenssl3-64bit-debuginfo-3.1.4-150600.5.15.1 * libopenssl-3-devel-64bit-3.1.4-150600.5.15.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libopenssl-3-devel-3.1.4-150600.5.15.1 * libopenssl3-debuginfo-3.1.4-150600.5.15.1 * openssl-3-debugsource-3.1.4-150600.5.15.1 * openssl-3-debuginfo-3.1.4-150600.5.15.1 * libopenssl-3-fips-provider-3.1.4-150600.5.15.1 * libopenssl-3-fips-provider-debuginfo-3.1.4-150600.5.15.1 * libopenssl3-3.1.4-150600.5.15.1 * openssl-3-3.1.4-150600.5.15.1 * Basesystem Module 15-SP6 (x86_64) * libopenssl3-32bit-3.1.4-150600.5.15.1 * libopenssl3-32bit-debuginfo-3.1.4-150600.5.15.1 * libopenssl-3-fips-provider-32bit-debuginfo-3.1.4-150600.5.15.1 * libopenssl-3-fips-provider-32bit-3.1.4-150600.5.15.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6119.html * https://bugzilla.suse.com/show_bug.cgi?id=1220523 * https://bugzilla.suse.com/show_bug.cgi?id=1220690 * https://bugzilla.suse.com/show_bug.cgi?id=1220693 * https://bugzilla.suse.com/show_bug.cgi?id=1220696 * https://bugzilla.suse.com/show_bug.cgi?id=1221365 * https://bugzilla.suse.com/show_bug.cgi?id=1221751 * https://bugzilla.suse.com/show_bug.cgi?id=1221752 * https://bugzilla.suse.com/show_bug.cgi?id=1221753 * https://bugzilla.suse.com/show_bug.cgi?id=1221760 * https://bugzilla.suse.com/show_bug.cgi?id=1221786 * https://bugzilla.suse.com/show_bug.cgi?id=1221787 * https://bugzilla.suse.com/show_bug.cgi?id=1221821 * https://bugzilla.suse.com/show_bug.cgi?id=1221822 * https://bugzilla.suse.com/show_bug.cgi?id=1221824 * https://bugzilla.suse.com/show_bug.cgi?id=1221827 * https://bugzilla.suse.com/show_bug.cgi?id=1229465 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:31:53 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:31:53 -0000 Subject: SUSE-SU-2024:3105-1: moderate: Security update for openssl-3 Message-ID: <172538111325.2742.1121439130040748396@smelt2.prg2.suse.org> # Security update for openssl-3 Announcement ID: SUSE-SU-2024:3105-1 Rating: moderate References: * bsc#1229465 Cross-References: * CVE-2024-6119 CVSS scores: * CVE-2024-6119 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-6119 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-3 fixes the following issues: * CVE-2024-6119: Fixed denial of service in X.509 name checks (bsc#1229465) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3105=1 openSUSE-SLE-15.5-2024-3105=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3105=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * libopenssl-3-devel-3.0.8-150500.5.42.1 * openssl-3-3.0.8-150500.5.42.1 * openssl-3-debugsource-3.0.8-150500.5.42.1 * openssl-3-debuginfo-3.0.8-150500.5.42.1 * libopenssl3-debuginfo-3.0.8-150500.5.42.1 * libopenssl3-3.0.8-150500.5.42.1 * openSUSE Leap 15.5 (x86_64) * libopenssl3-32bit-3.0.8-150500.5.42.1 * libopenssl3-32bit-debuginfo-3.0.8-150500.5.42.1 * libopenssl-3-devel-32bit-3.0.8-150500.5.42.1 * openSUSE Leap 15.5 (noarch) * openssl-3-doc-3.0.8-150500.5.42.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libopenssl3-64bit-3.0.8-150500.5.42.1 * libopenssl-3-devel-64bit-3.0.8-150500.5.42.1 * libopenssl3-64bit-debuginfo-3.0.8-150500.5.42.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libopenssl-3-devel-3.0.8-150500.5.42.1 * openssl-3-3.0.8-150500.5.42.1 * openssl-3-debugsource-3.0.8-150500.5.42.1 * openssl-3-debuginfo-3.0.8-150500.5.42.1 * libopenssl3-debuginfo-3.0.8-150500.5.42.1 * libopenssl3-3.0.8-150500.5.42.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6119.html * https://bugzilla.suse.com/show_bug.cgi?id=1229465 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:31:55 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:31:55 -0000 Subject: SUSE-SU-2024:3104-1: important: Security update for bubblewrap and flatpak Message-ID: <172538111568.2742.10242316003939447346@smelt2.prg2.suse.org> # Security update for bubblewrap and flatpak Announcement ID: SUSE-SU-2024:3104-1 Rating: important References: * bsc#1229157 Cross-References: * CVE-2024-42472 CVSS scores: * CVE-2024-42472 ( SUSE ): 9.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N * CVE-2024-42472 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP5 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for bubblewrap and flatpak fixes the following issues: * CVE-2024-42472: Fixed access to files outside sandbox for apps using persistent (bsc#1229157) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3104=1 openSUSE-SLE-15.5-2024-3104=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3104=1 openSUSE-SLE-15.6-2024-3104=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3104=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3104=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-3104=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-3104=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * flatpak-1.14.5-150500.3.12.1 * flatpak-debuginfo-1.14.5-150500.3.12.1 * bubblewrap-0.8.0-150500.3.6.1 * bubblewrap-zsh-completion-0.8.0-150500.3.6.1 * flatpak-debugsource-1.14.5-150500.3.12.1 * bubblewrap-debugsource-0.8.0-150500.3.6.1 * libflatpak0-debuginfo-1.14.5-150500.3.12.1 * flatpak-devel-1.14.5-150500.3.12.1 * typelib-1_0-Flatpak-1_0-1.14.5-150500.3.12.1 * bubblewrap-debuginfo-0.8.0-150500.3.6.1 * libflatpak0-1.14.5-150500.3.12.1 * openSUSE Leap 15.5 (noarch) * system-user-flatpak-1.14.5-150500.3.12.1 * flatpak-remote-flathub-1.14.5-150500.3.12.1 * flatpak-zsh-completion-1.14.5-150500.3.12.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * flatpak-devel-1.14.6-150600.3.3.1 * typelib-1_0-Flatpak-1_0-1.14.6-150600.3.3.1 * flatpak-1.14.6-150600.3.3.1 * libflatpak0-debuginfo-1.14.6-150600.3.3.1 * flatpak-debuginfo-1.14.6-150600.3.3.1 * libflatpak0-1.14.6-150600.3.3.1 * flatpak-debugsource-1.14.6-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * flatpak-zsh-completion-1.14.6-150600.3.3.1 * flatpak-remote-flathub-1.14.6-150600.3.3.1 * system-user-flatpak-1.14.6-150600.3.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * bubblewrap-debugsource-0.8.0-150500.3.6.1 * bubblewrap-0.8.0-150500.3.6.1 * bubblewrap-debuginfo-0.8.0-150500.3.6.1 * bubblewrap-zsh-completion-0.8.0-150500.3.6.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * bubblewrap-debugsource-0.8.0-150500.3.6.1 * bubblewrap-0.8.0-150500.3.6.1 * bubblewrap-debuginfo-0.8.0-150500.3.6.1 * bubblewrap-zsh-completion-0.8.0-150500.3.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * bubblewrap-debugsource-0.8.0-150500.3.6.1 * bubblewrap-0.8.0-150500.3.6.1 * bubblewrap-debuginfo-0.8.0-150500.3.6.1 * bubblewrap-zsh-completion-0.8.0-150500.3.6.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * flatpak-1.14.5-150500.3.12.1 * flatpak-debuginfo-1.14.5-150500.3.12.1 * flatpak-debugsource-1.14.5-150500.3.12.1 * libflatpak0-debuginfo-1.14.5-150500.3.12.1 * flatpak-devel-1.14.5-150500.3.12.1 * typelib-1_0-Flatpak-1_0-1.14.5-150500.3.12.1 * libflatpak0-1.14.5-150500.3.12.1 * Desktop Applications Module 15-SP5 (noarch) * system-user-flatpak-1.14.5-150500.3.12.1 * flatpak-remote-flathub-1.14.5-150500.3.12.1 * flatpak-zsh-completion-1.14.5-150500.3.12.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * flatpak-devel-1.14.6-150600.3.3.1 * typelib-1_0-Flatpak-1_0-1.14.6-150600.3.3.1 * flatpak-1.14.6-150600.3.3.1 * libflatpak0-debuginfo-1.14.6-150600.3.3.1 * flatpak-debuginfo-1.14.6-150600.3.3.1 * libflatpak0-1.14.6-150600.3.3.1 * flatpak-debugsource-1.14.6-150600.3.3.1 * Desktop Applications Module 15-SP6 (noarch) * flatpak-zsh-completion-1.14.6-150600.3.3.1 * flatpak-remote-flathub-1.14.6-150600.3.3.1 * system-user-flatpak-1.14.6-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-42472.html * https://bugzilla.suse.com/show_bug.cgi?id=1229157 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:32:16 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:32:16 -0000 Subject: SUSE-SU-2024:3098-1: important: Security update for kubernetes1.27 Message-ID: <172538113605.2742.14980056517501492762@smelt2.prg2.suse.org> # Security update for kubernetes1.27 Announcement ID: SUSE-SU-2024:3098-1 Rating: important References: * bsc#1229858 * bsc#1229867 * bsc#1229869 Cross-References: * CVE-2023-39325 * CVE-2023-44487 * CVE-2023-45288 * CVE-2024-24786 CVSS scores: * CVE-2023-39325 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-39325 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24786 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Containers Module 15-SP5 * Containers Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for kubernetes1.27 fixes the following issues: Update kubernetes to version 1.27.16 \- CVE-2024-24786: Fixed infinite loop in protojson.Unmarshal in golang-protobuf (bsc#1229867) \- CVE-2023-39325: Fixed a flaw that can lead to a DoS due to a rapid stream resets causing excessive work. This is also known as CVE-2023-44487. (bsc#1229869) \- CVE-2023-45288: Fixed denial of service due to close connections when receiving too many headers in net/http and x/net/http2 (bsc#1229869) \- CVE-2023-44487: Fixed HTTP/2 Rapid Reset attack in net/http (bsc#1229869) Other fixes: \- Update go to version v1.22.5 (bsc#1229858) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3098=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3098=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3098=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3098=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-3098=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3098=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3098=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3098=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3098=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kubernetes1.27-kubelet-1.27.16-150400.9.10.1 * kubernetes1.27-apiserver-1.27.16-150400.9.10.1 * kubernetes1.27-kubeadm-1.27.16-150400.9.10.1 * kubernetes1.27-client-1.27.16-150400.9.10.1 * kubernetes1.27-scheduler-1.27.16-150400.9.10.1 * kubernetes1.27-kubelet-common-1.27.16-150400.9.10.1 * kubernetes1.27-controller-manager-1.27.16-150400.9.10.1 * kubernetes1.27-proxy-1.27.16-150400.9.10.1 * kubernetes1.27-client-common-1.27.16-150400.9.10.1 * openSUSE Leap 15.4 (noarch) * kubernetes1.27-client-fish-completion-1.27.16-150400.9.10.1 * kubernetes1.27-client-bash-completion-1.27.16-150400.9.10.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.27-client-1.27.16-150400.9.10.1 * kubernetes1.27-client-common-1.27.16-150400.9.10.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kubernetes1.27-kubelet-1.27.16-150400.9.10.1 * kubernetes1.27-apiserver-1.27.16-150400.9.10.1 * kubernetes1.27-kubeadm-1.27.16-150400.9.10.1 * kubernetes1.27-client-1.27.16-150400.9.10.1 * kubernetes1.27-scheduler-1.27.16-150400.9.10.1 * kubernetes1.27-kubelet-common-1.27.16-150400.9.10.1 * kubernetes1.27-controller-manager-1.27.16-150400.9.10.1 * kubernetes1.27-proxy-1.27.16-150400.9.10.1 * kubernetes1.27-client-common-1.27.16-150400.9.10.1 * openSUSE Leap 15.6 (noarch) * kubernetes1.27-client-fish-completion-1.27.16-150400.9.10.1 * kubernetes1.27-client-bash-completion-1.27.16-150400.9.10.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.27-client-1.27.16-150400.9.10.1 * kubernetes1.27-client-common-1.27.16-150400.9.10.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kubernetes1.27-client-1.27.16-150400.9.10.1 * kubernetes1.27-client-common-1.27.16-150400.9.10.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.27-client-1.27.16-150400.9.10.1 * kubernetes1.27-client-common-1.27.16-150400.9.10.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.27-client-1.27.16-150400.9.10.1 * kubernetes1.27-client-common-1.27.16-150400.9.10.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * kubernetes1.27-client-1.27.16-150400.9.10.1 * kubernetes1.27-client-common-1.27.16-150400.9.10.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.27-client-1.27.16-150400.9.10.1 * kubernetes1.27-client-common-1.27.16-150400.9.10.1 ## References: * https://www.suse.com/security/cve/CVE-2023-39325.html * https://www.suse.com/security/cve/CVE-2023-44487.html * https://www.suse.com/security/cve/CVE-2023-45288.html * https://www.suse.com/security/cve/CVE-2024-24786.html * https://bugzilla.suse.com/show_bug.cgi?id=1229858 * https://bugzilla.suse.com/show_bug.cgi?id=1229867 * https://bugzilla.suse.com/show_bug.cgi?id=1229869 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:32:19 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:32:19 -0000 Subject: SUSE-SU-2024:3097-1: important: Security update for kubernetes1.28 Message-ID: <172538113987.2742.14063290359022692711@smelt2.prg2.suse.org> # Security update for kubernetes1.28 Announcement ID: SUSE-SU-2024:3097-1 Rating: important References: * bsc#1229858 * bsc#1229867 * bsc#1229869 Cross-References: * CVE-2023-39325 * CVE-2023-44487 * CVE-2023-45288 * CVE-2024-24786 CVSS scores: * CVE-2023-39325 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-39325 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24786 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Containers Module 15-SP5 * Containers Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for kubernetes1.28 fixes the following issues: Update kubernetes to version 1.28.13: \- CVE-2024-24786: Fixed infinite loop in protojson.Unmarshal in golang-protobuf (bsc#1229867) \- CVE-2023-39325: Fixed a flaw that can lead to a DoS due to a rapid stream resets causing excessive work. This is also known as CVE-2023-44487. (bsc#1229869) \- CVE-2023-45288: Fixed denial of service due to close connections when receiving too many headers in net/http and x/net/http2 (bsc#1229869) \- CVE-2023-44487: Fixed HTTP/2 Rapid Reset attack in net/http (bsc#1229869) Other fixes: \- Update go to version v1.22.5 (bsc#1229858) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3097=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3097=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3097=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3097=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-3097=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3097=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3097=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3097=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3097=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kubernetes1.28-proxy-1.28.13-150400.9.8.1 * kubernetes1.28-controller-manager-1.28.13-150400.9.8.1 * kubernetes1.28-scheduler-1.28.13-150400.9.8.1 * kubernetes1.28-client-common-1.28.13-150400.9.8.1 * kubernetes1.28-client-1.28.13-150400.9.8.1 * kubernetes1.28-kubelet-common-1.28.13-150400.9.8.1 * kubernetes1.28-apiserver-1.28.13-150400.9.8.1 * kubernetes1.28-kubeadm-1.28.13-150400.9.8.1 * kubernetes1.28-kubelet-1.28.13-150400.9.8.1 * openSUSE Leap 15.4 (noarch) * kubernetes1.28-client-bash-completion-1.28.13-150400.9.8.1 * kubernetes1.28-client-fish-completion-1.28.13-150400.9.8.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.8.1 * kubernetes1.28-client-1.28.13-150400.9.8.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kubernetes1.28-proxy-1.28.13-150400.9.8.1 * kubernetes1.28-controller-manager-1.28.13-150400.9.8.1 * kubernetes1.28-scheduler-1.28.13-150400.9.8.1 * kubernetes1.28-client-common-1.28.13-150400.9.8.1 * kubernetes1.28-client-1.28.13-150400.9.8.1 * kubernetes1.28-kubelet-common-1.28.13-150400.9.8.1 * kubernetes1.28-apiserver-1.28.13-150400.9.8.1 * kubernetes1.28-kubeadm-1.28.13-150400.9.8.1 * kubernetes1.28-kubelet-1.28.13-150400.9.8.1 * openSUSE Leap 15.6 (noarch) * kubernetes1.28-client-bash-completion-1.28.13-150400.9.8.1 * kubernetes1.28-client-fish-completion-1.28.13-150400.9.8.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.8.1 * kubernetes1.28-client-1.28.13-150400.9.8.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.8.1 * kubernetes1.28-client-1.28.13-150400.9.8.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.8.1 * kubernetes1.28-client-1.28.13-150400.9.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.8.1 * kubernetes1.28-client-1.28.13-150400.9.8.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.8.1 * kubernetes1.28-client-1.28.13-150400.9.8.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.8.1 * kubernetes1.28-client-1.28.13-150400.9.8.1 ## References: * https://www.suse.com/security/cve/CVE-2023-39325.html * https://www.suse.com/security/cve/CVE-2023-44487.html * https://www.suse.com/security/cve/CVE-2023-45288.html * https://www.suse.com/security/cve/CVE-2024-24786.html * https://bugzilla.suse.com/show_bug.cgi?id=1229858 * https://bugzilla.suse.com/show_bug.cgi?id=1229867 * https://bugzilla.suse.com/show_bug.cgi?id=1229869 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:32:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:32:25 -0000 Subject: SUSE-SU-2024:3095-1: important: Security update for ucode-intel Message-ID: <172538114526.2742.7462595207128413286@smelt2.prg2.suse.org> # Security update for ucode-intel Announcement ID: SUSE-SU-2024:3095-1 Rating: important References: * bsc#1229129 Cross-References: * CVE-2023-42667 * CVE-2023-49141 * CVE-2024-24853 * CVE-2024-24980 * CVE-2024-25939 CVSS scores: * CVE-2023-42667 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-42667 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2023-49141 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2023-49141 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-24853 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-24853 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H * CVE-2024-24980 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:H/VA:N/SC:L/SI:H/SA:N * CVE-2024-24980 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N * CVE-2024-25939 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-25939 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities can now be installed. ## Description: This update for ucode-intel fixes the following issues: * Intel CPU Microcode was updated to the 20240813 release (bsc#1229129) * CVE-2024-24853: Security updates for INTEL-SA-01083 * CVE-2024-25939: Security updates for INTEL-SA-01118 * CVE-2024-24980: Security updates for INTEL-SA-01100 * CVE-2023-42667: Security updates for INTEL-SA-01038 * CVE-2023-49141: Security updates for INTEL-SA-01046 Other issues fixed: * Update for functional issues. Refer to Intel Core Ultra Processor for details. * Update for functional issues. Refer to 3rd Generation Intel Xeon Processor Scalable Family Specification Update for details. * Update for functional issues. Refer to 3rd Generation Intel Xeon Scalable Processors Specification Update for details. * Update for functional issues. Refer to 2nd Generation Intel Xeon Processor Scalable Family Specification Update for details * Update for functional issues. Refer to Intel Xeon D-2700 Processor Specification Update for details. * Update for functional issues. Refer to Intel Xeon E-2300 Processor Specification Update for details. * Update for functional issues. Refer to 13th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 12th Generation Intel Core Processor Family for details. * Update for functional issues. Refer to 11th Gen Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 10th Gen Intel Core Processor Families Specification Update for details. * Update for functional issues. Refer to 10th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to 8th and 9th Generation Intel Core Processor Family Spec Update for details. * Update for functional issues. Refer to 8th Generation Intel Core Processor Families Specification Update for details. * Update for functional issues. Refer to 7th and 8th Generation Intel Core Processor Specification Update for details. * Update for functional issues. Refer to Intel Processors and Intel Core i3 N-Series for details. * Update for functional issues. Refer to Intel Atom x6000E Series, and Intel Pentium and Celeron N and J Series Processors for Internet of Things (IoT) Applications for details. Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | AML-Y22 | H0 | 06-8e-09/10 | 000000f4 | 000000f6 | Core Gen8 Mobile | AML-Y42 | V0 | 06-8e-0c/94 | 000000fa | 000000fc | Core Gen10 Mobile | CFL-H | R0 | 06-9e-0d/22 | 000000fc | 00000100 | Core Gen9 Mobile | CFL-H/S | P0 | 06-9e-0c/22 | 000000f6 | 000000f8 | Core Gen9 | CFL-H/S/E3 | U0 | 06-9e-0a/22 | 000000f6 | 000000f8 | Core Gen8 Desktop, Mobile, Xeon E | CFL-S | B0 | 06-9e-0b/02 | 000000f4 | 000000f6 | Core Gen8 | CFL-S | P0 | 06-9e-0c/22 | 000000f6 | 000000f8 | Core Gen9 Desktop | CFL-U43e | D0 | 06-8e-0a/c0 | 000000f4 | 000000f6 | Core Gen8 Mobile | CLX-SP | B1 | 06-55-07/bf | 05003605 | 05003707 | Xeon Scalable Gen2 | CML-H | R1 | 06-a5-02/20 | 000000fa | 000000fc | Core Gen10 Mobile | CML-S102 | Q0 | 06-a5-05/22 | 000000fa | 000000fc | Core Gen10 | CML-S62 | G1 | 06-a5-03/22 | 000000fa | 000000fc | Core Gen10 | CML-U42 | V0 | 06-8e-0c/94 | 000000fa | 000000fc | Core Gen10 Mobile | CML-U62 V1 | A0 | 06-a6-00/80 | 000000fa | 000000fe | Core Gen10 Mobile | CML-U62 V2 | K1 | 06-a6-01/80 | 000000fa | 000000fc | Core Gen10 Mobile | CML-Y42 | V0 | 06-8e-0c/94 | 000000fa | 000000fc | Core Gen10 Mobile | CPX-SP | A1 | 06-55-0b/bf | 07002802 | 07002904 | Xeon Scalable Gen3 | EHL | B1 | 06-96-01/01 | 00000019 | 0000001a | Pentium J6426/N6415, Celeron J6412/J6413/N6210/N6211, Atom x6000E | ICL-D | B0 | 06-6c-01/10 | 01000290 | 010002b0 | Xeon D-17xx, D-27xx | ICL-U/Y | D1 | 06-7e-05/80 | 000000c4 | 000000c6 | Core Gen10 Mobile | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003d1 | 0d0003e7 | Xeon Scalable Gen3 | KBL-R U | Y0 | 06-8e-0a/c0 | 000000f4 | 000000f6 | Core Gen8 Mobile | KBL-U23e | J1 | 06-8e-09/c0 | 000000f4 | 000000f6 | Core Gen7 Mobile | KBL-U/Y | H0 | 06-8e-09/c0 | 000000f4 | 000000f6 | Core Gen7 Mobile | MTL | C-0 | 06-aa-04/e6 | 0000001c | 0000001e | Core Ultra Processor | RKL-S | B0 | 06-a7-01/02 | 0000005e | 00000062 | Core Gen11 | TGL | B0/B1 | 06-8c-01/80 | 000000b6 | 000000b8 | Core Gen11 Mobile | TGL-H | R0 | 06-8d-01/c2 | 00000050 | 00000052 | Core Gen11 Mobile | TGL-R | C0 | 06-8c-02/c2 | 00000036 | 00000038 | Core Gen11 Mobile | WHL-U | V0 | 06-8e-0c/94 | 000000fa | 000000fc | Core Gen8 Mobile | WHL-U | W0 | 06-8e-0b/d0 | 000000f4 | 000000f6 | Core Gen8 Mobile * update to 20240531: * Update for functional issues. Refer to Intel Pentium Silver and Intel Celeron Processor Specification Update * Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | GLK | B0 | 06-7a-01/01 | 00000040 | 00000042 | Pentium Silver N/J5xxx, Celeron N/J4xxx ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3095=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3095=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3095=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3095=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3095=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3095=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3095=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3095=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3095=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3095=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3095=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3095=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3095=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3095=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3095=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3095=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3095=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3095=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3095=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3095=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3095=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3095=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3095=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3095=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3095=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3095=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3095=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3095=1 ## Package List: * openSUSE Leap Micro 5.5 (x86_64) * ucode-intel-20240813-150200.44.1 * openSUSE Leap 15.5 (x86_64) * ucode-intel-20240813-150200.44.1 * openSUSE Leap 15.6 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * ucode-intel-20240813-150200.44.1 * Basesystem Module 15-SP5 (x86_64) * ucode-intel-20240813-150200.44.1 * Basesystem Module 15-SP6 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Manager Proxy 4.3 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Manager Server 4.3 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Enterprise Storage 7.1 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * ucode-intel-20240813-150200.44.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * ucode-intel-20240813-150200.44.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42667.html * https://www.suse.com/security/cve/CVE-2023-49141.html * https://www.suse.com/security/cve/CVE-2024-24853.html * https://www.suse.com/security/cve/CVE-2024-24980.html * https://www.suse.com/security/cve/CVE-2024-25939.html * https://bugzilla.suse.com/show_bug.cgi?id=1229129 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:32:31 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:32:31 -0000 Subject: SUSE-SU-2024:3094-1: important: Security update for kubernetes1.26 Message-ID: <172538115133.2742.17004762953657350719@smelt2.prg2.suse.org> # Security update for kubernetes1.26 Announcement ID: SUSE-SU-2024:3094-1 Rating: important References: * bsc#1062303 * bsc#1229008 * bsc#1229858 * bsc#1229867 * bsc#1229869 Cross-References: * CVE-2023-39325 * CVE-2023-44487 * CVE-2024-24786 CVSS scores: * CVE-2023-39325 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-39325 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24786 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Containers Module 15-SP5 * Containers Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities and has two security fixes can now be installed. ## Description: This update for kubernetes1.26 fixes the following issues: Update kubernetes to version 1.26.15: \- CVE-2024-24786: Fixed infinite loop in protojson.Unmarshal in golang-protobuf (bsc#1229867) \- CVE-2023-39325: Fixed a flaw that can lead to a DoS due to a rapid stream resets causing excessive work. This is also known as CVE-2023-44487. (bsc#1229869) \- CVE-2023-44487: Fixed HTTP/2 Rapid Reset attack in net/http (bsc#1229869) Other fixes: \- Fixed packages required by kubernetes1.26-client installation (bsc#1229008) \- Update go to version v1.22.5 (bsc#1229858) \- Add upstream patch for reproducible builds (bsc#1062303) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3094=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-3094=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3094=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3094=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3094=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3094=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3094=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3094=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3094=1 ## Package List: * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-client-1.26.15-150400.9.11.1 * kubernetes1.26-client-common-1.26.15-150400.9.11.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-client-1.26.15-150400.9.11.1 * kubernetes1.26-client-common-1.26.15-150400.9.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.26-client-1.26.15-150400.9.11.1 * kubernetes1.26-client-common-1.26.15-150400.9.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.26-client-1.26.15-150400.9.11.1 * kubernetes1.26-client-common-1.26.15-150400.9.11.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-client-1.26.15-150400.9.11.1 * kubernetes1.26-client-common-1.26.15-150400.9.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.26-client-1.26.15-150400.9.11.1 * kubernetes1.26-client-common-1.26.15-150400.9.11.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-kubelet-1.26.15-150400.9.11.1 * kubernetes1.26-kubeadm-1.26.15-150400.9.11.1 * kubernetes1.26-apiserver-1.26.15-150400.9.11.1 * kubernetes1.26-client-1.26.15-150400.9.11.1 * kubernetes1.26-client-common-1.26.15-150400.9.11.1 * kubernetes1.26-controller-manager-1.26.15-150400.9.11.1 * kubernetes1.26-proxy-1.26.15-150400.9.11.1 * kubernetes1.26-kubelet-common-1.26.15-150400.9.11.1 * kubernetes1.26-scheduler-1.26.15-150400.9.11.1 * openSUSE Leap 15.4 (noarch) * kubernetes1.26-client-bash-completion-1.26.15-150400.9.11.1 * kubernetes1.26-client-fish-completion-1.26.15-150400.9.11.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-client-1.26.15-150400.9.11.1 * kubernetes1.26-client-common-1.26.15-150400.9.11.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-kubelet-1.26.15-150400.9.11.1 * kubernetes1.26-kubeadm-1.26.15-150400.9.11.1 * kubernetes1.26-apiserver-1.26.15-150400.9.11.1 * kubernetes1.26-client-1.26.15-150400.9.11.1 * kubernetes1.26-client-common-1.26.15-150400.9.11.1 * kubernetes1.26-controller-manager-1.26.15-150400.9.11.1 * kubernetes1.26-proxy-1.26.15-150400.9.11.1 * kubernetes1.26-kubelet-common-1.26.15-150400.9.11.1 * kubernetes1.26-scheduler-1.26.15-150400.9.11.1 * openSUSE Leap 15.6 (noarch) * kubernetes1.26-client-bash-completion-1.26.15-150400.9.11.1 * kubernetes1.26-client-fish-completion-1.26.15-150400.9.11.1 ## References: * https://www.suse.com/security/cve/CVE-2023-39325.html * https://www.suse.com/security/cve/CVE-2023-44487.html * https://www.suse.com/security/cve/CVE-2024-24786.html * https://bugzilla.suse.com/show_bug.cgi?id=1062303 * https://bugzilla.suse.com/show_bug.cgi?id=1229008 * https://bugzilla.suse.com/show_bug.cgi?id=1229858 * https://bugzilla.suse.com/show_bug.cgi?id=1229867 * https://bugzilla.suse.com/show_bug.cgi?id=1229869 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:32:44 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:32:44 -0000 Subject: SUSE-SU-2024:3091-1: important: Security update for webkit2gtk3 Message-ID: <172538116460.2742.14583092319019583041@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2024:3091-1 Rating: important References: * bsc#1228613 * bsc#1228693 * bsc#1228694 * bsc#1228695 * bsc#1228696 * bsc#1228697 * bsc#1228698 Cross-References: * CVE-2024-40776 * CVE-2024-40779 * CVE-2024-40780 * CVE-2024-40782 * CVE-2024-40785 * CVE-2024-40789 * CVE-2024-40794 * CVE-2024-4558 CVSS scores: * CVE-2024-40776 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-40776 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H * CVE-2024-40776 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-40779 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40779 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-40780 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40780 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-40782 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40785 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40785 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-40789 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40789 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-40794 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40794 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * Development Tools Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves eight vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.44.3 (bsc#1228696 bsc#1228697 bsc#1228698): * Fix web process cache suspend/resume when sandbox is enabled. * Fix accelerated images dissapearing after scrolling. * Fix video flickering with DMA-BUF sink. * Fix pointer lock on X11. * Fix movement delta on mouse events in GTK3. * Undeprecate console message API and make it available in 2022 API. * Fix several crashes and rendering issues. * Security fixes: CVE-2024-40776, CVE-2024-40779, CVE-2024-40780, CVE-2024-40782, CVE-2024-40785, CVE-2024-40789, CVE-2024-40794, CVE-2024-4558. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3091=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3091=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3091=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-3091=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-3091=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3091=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3091=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3091=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3091=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3091=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3091=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3091=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3091=1 ## Package List: * openSUSE Leap 15.4 (noarch) * WebKitGTK-6.0-lang-2.44.3-150400.4.88.1 * WebKitGTK-4.1-lang-2.44.3-150400.4.88.1 * WebKitGTK-4.0-lang-2.44.3-150400.4.88.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * webkit-jsc-4-2.44.3-150400.4.88.1 * typelib-1_0-JavaScriptCore-6_0-2.44.3-150400.4.88.1 * webkit2gtk-4_0-injected-bundles-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-WebKit-6_0-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.3-150400.4.88.1 * webkit-jsc-6.0-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk4-minibrowser-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.3-150400.4.88.1 * libjavascriptcoregtk-6_0-1-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk3-devel-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2-4_0-2.44.3-150400.4.88.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * webkit-jsc-4.1-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-minibrowser-2.44.3-150400.4.88.1 * libwebkitgtk-6_0-4-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * webkit-jsc-4.1-2.44.3-150400.4.88.1 * webkit-jsc-4-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk3-minibrowser-2.44.3-150400.4.88.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.44.3-150400.4.88.1 * libwebkitgtk-6_0-4-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.3-150400.4.88.1 * webkit2gtk3-minibrowser-debuginfo-2.44.3-150400.4.88.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk-4_1-injected-bundles-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-2.44.3-150400.4.88.1 * typelib-1_0-JavaScriptCore-4_0-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-debugsource-2.44.3-150400.4.88.1 * webkit2gtk4-minibrowser-2.44.3-150400.4.88.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-JavaScriptCore-4_1-2.44.3-150400.4.88.1 * webkit2gtk3-debugsource-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-devel-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2-4_1-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-2.44.3-150400.4.88.1 * webkit-jsc-6.0-2.44.3-150400.4.88.1 * webkitgtk-6_0-injected-bundles-2.44.3-150400.4.88.1 * webkit2gtk4-devel-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk4-debugsource-2.44.3-150400.4.88.1 * openSUSE Leap 15.4 (x86_64) * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-32bit-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-32bit-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-32bit-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-32bit-2.44.3-150400.4.88.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-64bit-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-64bit-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-64bit-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-64bit-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.44.3-150400.4.88.1 * openSUSE Leap 15.5 (noarch) * WebKitGTK-6.0-lang-2.44.3-150400.4.88.1 * WebKitGTK-4.1-lang-2.44.3-150400.4.88.1 * WebKitGTK-4.0-lang-2.44.3-150400.4.88.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * typelib-1_0-JavaScriptCore-6_0-2.44.3-150400.4.88.1 * webkit-jsc-4-2.44.3-150400.4.88.1 * webkit2gtk-4_0-injected-bundles-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-WebKit-6_0-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.3-150400.4.88.1 * webkit-jsc-6.0-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk4-minibrowser-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.3-150400.4.88.1 * libjavascriptcoregtk-6_0-1-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk3-devel-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2-4_0-2.44.3-150400.4.88.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * webkit-jsc-4.1-debuginfo-2.44.3-150400.4.88.1 * libwebkitgtk-6_0-4-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-minibrowser-2.44.3-150400.4.88.1 * webkit-jsc-4.1-2.44.3-150400.4.88.1 * webkit-jsc-4-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk3-minibrowser-2.44.3-150400.4.88.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.44.3-150400.4.88.1 * libwebkitgtk-6_0-4-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.3-150400.4.88.1 * webkit2gtk3-minibrowser-debuginfo-2.44.3-150400.4.88.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-JavaScriptCore-4_0-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-2.44.3-150400.4.88.1 * webkit2gtk-4_1-injected-bundles-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-debugsource-2.44.3-150400.4.88.1 * webkit2gtk4-minibrowser-2.44.3-150400.4.88.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-JavaScriptCore-4_1-2.44.3-150400.4.88.1 * webkit2gtk3-debugsource-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-devel-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2-4_1-2.44.3-150400.4.88.1 * webkit-jsc-6.0-2.44.3-150400.4.88.1 * webkitgtk-6_0-injected-bundles-2.44.3-150400.4.88.1 * webkit2gtk4-devel-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk4-debugsource-2.44.3-150400.4.88.1 * openSUSE Leap 15.5 (x86_64) * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-32bit-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-32bit-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-32bit-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-32bit-2.44.3-150400.4.88.1 * Basesystem Module 15-SP5 (noarch) * WebKitGTK-4.0-lang-2.44.3-150400.4.88.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libwebkit2gtk-4_0-37-2.44.3-150400.4.88.1 * webkit2gtk-4_0-injected-bundles-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-devel-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2-4_0-2.44.3-150400.4.88.1 * typelib-1_0-JavaScriptCore-4_0-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-2.44.3-150400.4.88.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-debugsource-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.3-150400.4.88.1 * Desktop Applications Module 15-SP5 (noarch) * WebKitGTK-4.1-lang-2.44.3-150400.4.88.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libwebkit2gtk-4_1-0-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-JavaScriptCore-4_1-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.3-150400.4.88.1 * webkit2gtk3-debugsource-2.44.3-150400.4.88.1 * webkit2gtk-4_1-injected-bundles-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2-4_1-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-2.44.3-150400.4.88.1 * webkit2gtk3-devel-2.44.3-150400.4.88.1 * Development Tools Module 15-SP5 (noarch) * WebKitGTK-6.0-lang-2.44.3-150400.4.88.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-6_0-1-debuginfo-2.44.3-150400.4.88.1 * libwebkitgtk-6_0-4-2.44.3-150400.4.88.1 * webkitgtk-6_0-injected-bundles-2.44.3-150400.4.88.1 * libwebkitgtk-6_0-4-debuginfo-2.44.3-150400.4.88.1 * libjavascriptcoregtk-6_0-1-2.44.3-150400.4.88.1 * webkit2gtk4-debugsource-2.44.3-150400.4.88.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * WebKitGTK-6.0-lang-2.44.3-150400.4.88.1 * WebKitGTK-4.1-lang-2.44.3-150400.4.88.1 * WebKitGTK-4.0-lang-2.44.3-150400.4.88.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * webkit2gtk-4_0-injected-bundles-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.3-150400.4.88.1 * libjavascriptcoregtk-6_0-1-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk3-devel-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2-4_0-2.44.3-150400.4.88.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * libwebkitgtk-6_0-4-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.44.3-150400.4.88.1 * libwebkitgtk-6_0-4-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.3-150400.4.88.1 * typelib-1_0-JavaScriptCore-4_0-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-2.44.3-150400.4.88.1 * webkit2gtk-4_1-injected-bundles-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-debugsource-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-JavaScriptCore-4_1-2.44.3-150400.4.88.1 * webkit2gtk3-debugsource-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-devel-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2-4_1-2.44.3-150400.4.88.1 * webkitgtk-6_0-injected-bundles-2.44.3-150400.4.88.1 * webkit2gtk4-debugsource-2.44.3-150400.4.88.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * WebKitGTK-6.0-lang-2.44.3-150400.4.88.1 * WebKitGTK-4.1-lang-2.44.3-150400.4.88.1 * WebKitGTK-4.0-lang-2.44.3-150400.4.88.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * webkit2gtk-4_0-injected-bundles-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.3-150400.4.88.1 * libjavascriptcoregtk-6_0-1-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk3-devel-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2-4_0-2.44.3-150400.4.88.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * libwebkitgtk-6_0-4-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.44.3-150400.4.88.1 * libwebkitgtk-6_0-4-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.3-150400.4.88.1 * typelib-1_0-JavaScriptCore-4_0-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-2.44.3-150400.4.88.1 * webkit2gtk-4_1-injected-bundles-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-debugsource-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-JavaScriptCore-4_1-2.44.3-150400.4.88.1 * webkit2gtk3-debugsource-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-devel-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2-4_1-2.44.3-150400.4.88.1 * webkitgtk-6_0-injected-bundles-2.44.3-150400.4.88.1 * webkit2gtk4-debugsource-2.44.3-150400.4.88.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * WebKitGTK-6.0-lang-2.44.3-150400.4.88.1 * WebKitGTK-4.1-lang-2.44.3-150400.4.88.1 * WebKitGTK-4.0-lang-2.44.3-150400.4.88.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * webkit2gtk-4_0-injected-bundles-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.3-150400.4.88.1 * libjavascriptcoregtk-6_0-1-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk3-devel-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2-4_0-2.44.3-150400.4.88.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * libwebkitgtk-6_0-4-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.44.3-150400.4.88.1 * libwebkitgtk-6_0-4-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.3-150400.4.88.1 * typelib-1_0-JavaScriptCore-4_0-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-2.44.3-150400.4.88.1 * webkit2gtk-4_1-injected-bundles-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-debugsource-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-JavaScriptCore-4_1-2.44.3-150400.4.88.1 * webkit2gtk3-debugsource-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-devel-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2-4_1-2.44.3-150400.4.88.1 * webkitgtk-6_0-injected-bundles-2.44.3-150400.4.88.1 * webkit2gtk4-debugsource-2.44.3-150400.4.88.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * WebKitGTK-6.0-lang-2.44.3-150400.4.88.1 * WebKitGTK-4.1-lang-2.44.3-150400.4.88.1 * WebKitGTK-4.0-lang-2.44.3-150400.4.88.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * webkit2gtk-4_0-injected-bundles-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.3-150400.4.88.1 * libjavascriptcoregtk-6_0-1-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk3-devel-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2-4_0-2.44.3-150400.4.88.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * libwebkitgtk-6_0-4-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.44.3-150400.4.88.1 * libwebkitgtk-6_0-4-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.3-150400.4.88.1 * typelib-1_0-JavaScriptCore-4_0-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-2.44.3-150400.4.88.1 * webkit2gtk-4_1-injected-bundles-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-debugsource-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-JavaScriptCore-4_1-2.44.3-150400.4.88.1 * webkit2gtk3-debugsource-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-devel-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2-4_1-2.44.3-150400.4.88.1 * webkitgtk-6_0-injected-bundles-2.44.3-150400.4.88.1 * webkit2gtk4-debugsource-2.44.3-150400.4.88.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * WebKitGTK-6.0-lang-2.44.3-150400.4.88.1 * WebKitGTK-4.1-lang-2.44.3-150400.4.88.1 * WebKitGTK-4.0-lang-2.44.3-150400.4.88.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * webkit2gtk-4_0-injected-bundles-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.3-150400.4.88.1 * libjavascriptcoregtk-6_0-1-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk3-devel-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2-4_0-2.44.3-150400.4.88.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * libwebkitgtk-6_0-4-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.44.3-150400.4.88.1 * libwebkitgtk-6_0-4-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2WebExtension-4_1-2.44.3-150400.4.88.1 * typelib-1_0-JavaScriptCore-4_0-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-2.44.3-150400.4.88.1 * webkit2gtk-4_1-injected-bundles-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-debugsource-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_1-0-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-2.44.3-150400.4.88.1 * libwebkit2gtk-4_1-0-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-JavaScriptCore-4_1-2.44.3-150400.4.88.1 * webkit2gtk3-debugsource-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-devel-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2-4_1-2.44.3-150400.4.88.1 * webkitgtk-6_0-injected-bundles-2.44.3-150400.4.88.1 * webkit2gtk4-debugsource-2.44.3-150400.4.88.1 * SUSE Manager Proxy 4.3 (noarch) * WebKitGTK-4.0-lang-2.44.3-150400.4.88.1 * SUSE Manager Proxy 4.3 (x86_64) * libwebkit2gtk-4_0-37-2.44.3-150400.4.88.1 * webkit2gtk-4_0-injected-bundles-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-devel-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2-4_0-2.44.3-150400.4.88.1 * typelib-1_0-JavaScriptCore-4_0-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-2.44.3-150400.4.88.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-debugsource-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.3-150400.4.88.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * WebKitGTK-4.0-lang-2.44.3-150400.4.88.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libwebkit2gtk-4_0-37-2.44.3-150400.4.88.1 * webkit2gtk-4_0-injected-bundles-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-devel-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2-4_0-2.44.3-150400.4.88.1 * typelib-1_0-JavaScriptCore-4_0-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-2.44.3-150400.4.88.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-debugsource-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.3-150400.4.88.1 * SUSE Manager Server 4.3 (noarch) * WebKitGTK-4.0-lang-2.44.3-150400.4.88.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libwebkit2gtk-4_0-37-2.44.3-150400.4.88.1 * webkit2gtk-4_0-injected-bundles-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-devel-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2-4_0-2.44.3-150400.4.88.1 * typelib-1_0-JavaScriptCore-4_0-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-2.44.3-150400.4.88.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.44.3-150400.4.88.1 * webkit2gtk3-soup2-debugsource-2.44.3-150400.4.88.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.44.3-150400.4.88.1 * typelib-1_0-WebKit2WebExtension-4_0-2.44.3-150400.4.88.1 * libwebkit2gtk-4_0-37-debuginfo-2.44.3-150400.4.88.1 ## References: * https://www.suse.com/security/cve/CVE-2024-40776.html * https://www.suse.com/security/cve/CVE-2024-40779.html * https://www.suse.com/security/cve/CVE-2024-40780.html * https://www.suse.com/security/cve/CVE-2024-40782.html * https://www.suse.com/security/cve/CVE-2024-40785.html * https://www.suse.com/security/cve/CVE-2024-40789.html * https://www.suse.com/security/cve/CVE-2024-40794.html * https://www.suse.com/security/cve/CVE-2024-4558.html * https://bugzilla.suse.com/show_bug.cgi?id=1228613 * https://bugzilla.suse.com/show_bug.cgi?id=1228693 * https://bugzilla.suse.com/show_bug.cgi?id=1228694 * https://bugzilla.suse.com/show_bug.cgi?id=1228695 * https://bugzilla.suse.com/show_bug.cgi?id=1228696 * https://bugzilla.suse.com/show_bug.cgi?id=1228697 * https://bugzilla.suse.com/show_bug.cgi?id=1228698 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:32:48 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:32:48 -0000 Subject: SUSE-SU-2024:3090-1: important: Security update for frr Message-ID: <172538116803.2742.14193872466988071197@smelt2.prg2.suse.org> # Security update for frr Announcement ID: SUSE-SU-2024:3090-1 Rating: important References: * bsc#1229438 Cross-References: * CVE-2024-44070 CVSS scores: * CVE-2024-44070 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44070 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44070 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for frr fixes the following issues: * CVE-2024-44070: Fixed missing stream length check before TLV value is taken in bgp_attr_encap (bsc#1229438) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3090=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3090=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3090=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3090=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3090=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3090=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3090=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3090=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3090=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3090=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3090=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3090=1 ## Package List: * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libfrr0-7.4-150300.4.29.1 * libfrrospfapiclient0-7.4-150300.4.29.1 * frr-devel-7.4-150300.4.29.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.29.1 * libfrrsnmp0-debuginfo-7.4-150300.4.29.1 * libfrrzmq0-7.4-150300.4.29.1 * libfrrsnmp0-7.4-150300.4.29.1 * libmlag_pb0-7.4-150300.4.29.1 * libfrr_pb0-debuginfo-7.4-150300.4.29.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-7.4-150300.4.29.1 * libfrr_pb0-7.4-150300.4.29.1 * frr-debugsource-7.4-150300.4.29.1 * libfrrzmq0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-debuginfo-7.4-150300.4.29.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.29.1 * libfrr0-debuginfo-7.4-150300.4.29.1 * frr-debuginfo-7.4-150300.4.29.1 * frr-7.4-150300.4.29.1 * libmlag_pb0-debuginfo-7.4-150300.4.29.1 * libfrrfpm_pb0-7.4-150300.4.29.1 * libfrrgrpc_pb0-7.4-150300.4.29.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libfrr0-7.4-150300.4.29.1 * libfrrospfapiclient0-7.4-150300.4.29.1 * frr-devel-7.4-150300.4.29.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.29.1 * libfrrsnmp0-debuginfo-7.4-150300.4.29.1 * libfrrzmq0-7.4-150300.4.29.1 * libfrrsnmp0-7.4-150300.4.29.1 * libmlag_pb0-7.4-150300.4.29.1 * libfrr_pb0-debuginfo-7.4-150300.4.29.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-7.4-150300.4.29.1 * libfrr_pb0-7.4-150300.4.29.1 * frr-debugsource-7.4-150300.4.29.1 * libfrrzmq0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-debuginfo-7.4-150300.4.29.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.29.1 * libfrr0-debuginfo-7.4-150300.4.29.1 * frr-debuginfo-7.4-150300.4.29.1 * frr-7.4-150300.4.29.1 * libmlag_pb0-debuginfo-7.4-150300.4.29.1 * libfrrfpm_pb0-7.4-150300.4.29.1 * libfrrgrpc_pb0-7.4-150300.4.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libfrr0-7.4-150300.4.29.1 * libfrrospfapiclient0-7.4-150300.4.29.1 * frr-devel-7.4-150300.4.29.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.29.1 * libfrrsnmp0-debuginfo-7.4-150300.4.29.1 * libfrrzmq0-7.4-150300.4.29.1 * libfrrsnmp0-7.4-150300.4.29.1 * libmlag_pb0-7.4-150300.4.29.1 * libfrr_pb0-debuginfo-7.4-150300.4.29.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-7.4-150300.4.29.1 * libfrr_pb0-7.4-150300.4.29.1 * frr-debugsource-7.4-150300.4.29.1 * libfrrzmq0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-debuginfo-7.4-150300.4.29.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.29.1 * libfrr0-debuginfo-7.4-150300.4.29.1 * frr-debuginfo-7.4-150300.4.29.1 * frr-7.4-150300.4.29.1 * libmlag_pb0-debuginfo-7.4-150300.4.29.1 * libfrrfpm_pb0-7.4-150300.4.29.1 * libfrrgrpc_pb0-7.4-150300.4.29.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libfrr0-7.4-150300.4.29.1 * libfrrospfapiclient0-7.4-150300.4.29.1 * frr-devel-7.4-150300.4.29.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.29.1 * libfrrsnmp0-debuginfo-7.4-150300.4.29.1 * libfrrzmq0-7.4-150300.4.29.1 * libfrrsnmp0-7.4-150300.4.29.1 * libmlag_pb0-7.4-150300.4.29.1 * libfrr_pb0-debuginfo-7.4-150300.4.29.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-7.4-150300.4.29.1 * libfrr_pb0-7.4-150300.4.29.1 * frr-debugsource-7.4-150300.4.29.1 * libfrrzmq0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-debuginfo-7.4-150300.4.29.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.29.1 * libfrr0-debuginfo-7.4-150300.4.29.1 * frr-debuginfo-7.4-150300.4.29.1 * frr-7.4-150300.4.29.1 * libmlag_pb0-debuginfo-7.4-150300.4.29.1 * libfrrfpm_pb0-7.4-150300.4.29.1 * libfrrgrpc_pb0-7.4-150300.4.29.1 * SUSE Manager Proxy 4.3 (x86_64) * libfrr0-7.4-150300.4.29.1 * libfrrospfapiclient0-7.4-150300.4.29.1 * frr-devel-7.4-150300.4.29.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.29.1 * libfrrsnmp0-debuginfo-7.4-150300.4.29.1 * libfrrzmq0-7.4-150300.4.29.1 * libfrrsnmp0-7.4-150300.4.29.1 * libmlag_pb0-7.4-150300.4.29.1 * libfrr_pb0-debuginfo-7.4-150300.4.29.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-7.4-150300.4.29.1 * libfrr_pb0-7.4-150300.4.29.1 * frr-debugsource-7.4-150300.4.29.1 * libfrrzmq0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-debuginfo-7.4-150300.4.29.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.29.1 * libfrr0-debuginfo-7.4-150300.4.29.1 * frr-debuginfo-7.4-150300.4.29.1 * frr-7.4-150300.4.29.1 * libmlag_pb0-debuginfo-7.4-150300.4.29.1 * libfrrfpm_pb0-7.4-150300.4.29.1 * libfrrgrpc_pb0-7.4-150300.4.29.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libfrr0-7.4-150300.4.29.1 * libfrrospfapiclient0-7.4-150300.4.29.1 * frr-devel-7.4-150300.4.29.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.29.1 * libfrrsnmp0-debuginfo-7.4-150300.4.29.1 * libfrrzmq0-7.4-150300.4.29.1 * libfrrsnmp0-7.4-150300.4.29.1 * libmlag_pb0-7.4-150300.4.29.1 * libfrr_pb0-debuginfo-7.4-150300.4.29.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-7.4-150300.4.29.1 * libfrr_pb0-7.4-150300.4.29.1 * frr-debugsource-7.4-150300.4.29.1 * libfrrzmq0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-debuginfo-7.4-150300.4.29.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.29.1 * libfrr0-debuginfo-7.4-150300.4.29.1 * frr-debuginfo-7.4-150300.4.29.1 * frr-7.4-150300.4.29.1 * libmlag_pb0-debuginfo-7.4-150300.4.29.1 * libfrrfpm_pb0-7.4-150300.4.29.1 * libfrrgrpc_pb0-7.4-150300.4.29.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libfrr0-7.4-150300.4.29.1 * libfrrospfapiclient0-7.4-150300.4.29.1 * frr-devel-7.4-150300.4.29.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.29.1 * libfrrsnmp0-debuginfo-7.4-150300.4.29.1 * libfrrzmq0-7.4-150300.4.29.1 * libfrrsnmp0-7.4-150300.4.29.1 * libmlag_pb0-7.4-150300.4.29.1 * libfrr_pb0-debuginfo-7.4-150300.4.29.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-7.4-150300.4.29.1 * libfrr_pb0-7.4-150300.4.29.1 * frr-debugsource-7.4-150300.4.29.1 * libfrrzmq0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-debuginfo-7.4-150300.4.29.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.29.1 * libfrr0-debuginfo-7.4-150300.4.29.1 * frr-debuginfo-7.4-150300.4.29.1 * frr-7.4-150300.4.29.1 * libmlag_pb0-debuginfo-7.4-150300.4.29.1 * libfrrfpm_pb0-7.4-150300.4.29.1 * libfrrgrpc_pb0-7.4-150300.4.29.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libfrr0-7.4-150300.4.29.1 * libfrrospfapiclient0-7.4-150300.4.29.1 * frr-devel-7.4-150300.4.29.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.29.1 * libfrrsnmp0-debuginfo-7.4-150300.4.29.1 * libfrrzmq0-7.4-150300.4.29.1 * libfrrsnmp0-7.4-150300.4.29.1 * libmlag_pb0-7.4-150300.4.29.1 * libfrr_pb0-debuginfo-7.4-150300.4.29.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-7.4-150300.4.29.1 * libfrr_pb0-7.4-150300.4.29.1 * frr-debugsource-7.4-150300.4.29.1 * libfrrzmq0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-debuginfo-7.4-150300.4.29.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.29.1 * libfrr0-debuginfo-7.4-150300.4.29.1 * frr-debuginfo-7.4-150300.4.29.1 * frr-7.4-150300.4.29.1 * libmlag_pb0-debuginfo-7.4-150300.4.29.1 * libfrrfpm_pb0-7.4-150300.4.29.1 * libfrrgrpc_pb0-7.4-150300.4.29.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * libfrr0-7.4-150300.4.29.1 * libfrrospfapiclient0-7.4-150300.4.29.1 * frr-devel-7.4-150300.4.29.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.29.1 * libfrrsnmp0-debuginfo-7.4-150300.4.29.1 * libfrrzmq0-7.4-150300.4.29.1 * libfrrsnmp0-7.4-150300.4.29.1 * libmlag_pb0-7.4-150300.4.29.1 * libfrr_pb0-debuginfo-7.4-150300.4.29.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-7.4-150300.4.29.1 * libfrr_pb0-7.4-150300.4.29.1 * frr-debugsource-7.4-150300.4.29.1 * libfrrzmq0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-debuginfo-7.4-150300.4.29.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.29.1 * libfrr0-debuginfo-7.4-150300.4.29.1 * frr-debuginfo-7.4-150300.4.29.1 * frr-7.4-150300.4.29.1 * libmlag_pb0-debuginfo-7.4-150300.4.29.1 * libfrrfpm_pb0-7.4-150300.4.29.1 * libfrrgrpc_pb0-7.4-150300.4.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libfrr0-7.4-150300.4.29.1 * libfrrospfapiclient0-7.4-150300.4.29.1 * frr-devel-7.4-150300.4.29.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.29.1 * libfrrsnmp0-debuginfo-7.4-150300.4.29.1 * libfrrzmq0-7.4-150300.4.29.1 * libfrrsnmp0-7.4-150300.4.29.1 * libmlag_pb0-7.4-150300.4.29.1 * libfrr_pb0-debuginfo-7.4-150300.4.29.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-7.4-150300.4.29.1 * libfrr_pb0-7.4-150300.4.29.1 * frr-debugsource-7.4-150300.4.29.1 * libfrrzmq0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-debuginfo-7.4-150300.4.29.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.29.1 * libfrr0-debuginfo-7.4-150300.4.29.1 * frr-debuginfo-7.4-150300.4.29.1 * frr-7.4-150300.4.29.1 * libmlag_pb0-debuginfo-7.4-150300.4.29.1 * libfrrfpm_pb0-7.4-150300.4.29.1 * libfrrgrpc_pb0-7.4-150300.4.29.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libfrr0-7.4-150300.4.29.1 * libfrrospfapiclient0-7.4-150300.4.29.1 * frr-devel-7.4-150300.4.29.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.29.1 * libfrrsnmp0-debuginfo-7.4-150300.4.29.1 * libfrrzmq0-7.4-150300.4.29.1 * libfrrsnmp0-7.4-150300.4.29.1 * libmlag_pb0-7.4-150300.4.29.1 * libfrr_pb0-debuginfo-7.4-150300.4.29.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-7.4-150300.4.29.1 * libfrr_pb0-7.4-150300.4.29.1 * frr-debugsource-7.4-150300.4.29.1 * libfrrzmq0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-debuginfo-7.4-150300.4.29.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.29.1 * libfrr0-debuginfo-7.4-150300.4.29.1 * frr-debuginfo-7.4-150300.4.29.1 * frr-7.4-150300.4.29.1 * libmlag_pb0-debuginfo-7.4-150300.4.29.1 * libfrrfpm_pb0-7.4-150300.4.29.1 * libfrrgrpc_pb0-7.4-150300.4.29.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libfrr0-7.4-150300.4.29.1 * libfrrospfapiclient0-7.4-150300.4.29.1 * frr-devel-7.4-150300.4.29.1 * libfrrfpm_pb0-debuginfo-7.4-150300.4.29.1 * libfrrsnmp0-debuginfo-7.4-150300.4.29.1 * libfrrzmq0-7.4-150300.4.29.1 * libfrrsnmp0-7.4-150300.4.29.1 * libmlag_pb0-7.4-150300.4.29.1 * libfrr_pb0-debuginfo-7.4-150300.4.29.1 * libfrrospfapiclient0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-7.4-150300.4.29.1 * libfrr_pb0-7.4-150300.4.29.1 * frr-debugsource-7.4-150300.4.29.1 * libfrrzmq0-debuginfo-7.4-150300.4.29.1 * libfrrcares0-debuginfo-7.4-150300.4.29.1 * libfrrgrpc_pb0-debuginfo-7.4-150300.4.29.1 * libfrr0-debuginfo-7.4-150300.4.29.1 * frr-debuginfo-7.4-150300.4.29.1 * frr-7.4-150300.4.29.1 * libmlag_pb0-debuginfo-7.4-150300.4.29.1 * libfrrfpm_pb0-7.4-150300.4.29.1 * libfrrgrpc_pb0-7.4-150300.4.29.1 ## References: * https://www.suse.com/security/cve/CVE-2024-44070.html * https://bugzilla.suse.com/show_bug.cgi?id=1229438 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 3 16:32:57 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 03 Sep 2024 16:32:57 -0000 Subject: SUSE-SU-2024:3089-1: important: Security update for go1.21-openssl Message-ID: <172538117737.2742.12819209168071829991@smelt2.prg2.suse.org> # Security update for go1.21-openssl Announcement ID: SUSE-SU-2024:3089-1 Rating: important References: * bsc#1212475 * bsc#1219988 * bsc#1220999 * bsc#1221000 * bsc#1221001 * bsc#1221002 * bsc#1221003 * bsc#1221400 * bsc#1224017 * bsc#1225973 * bsc#1225974 * bsc#1227314 * jsc#PED-1962 * jsc#SLE-18320 Cross-References: * CVE-2023-45288 * CVE-2023-45289 * CVE-2023-45290 * CVE-2024-24783 * CVE-2024-24784 * CVE-2024-24785 * CVE-2024-24787 * CVE-2024-24789 * CVE-2024-24790 * CVE-2024-24791 CVSS scores: * CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45289 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-45290 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24783 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24784 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-24785 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-24787 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-24789 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-24789 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-24790 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L * CVE-2024-24790 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-24791 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 10 vulnerabilities, contains two features and has two security fixes can now be installed. ## Description: This update for go1.21-openssl fixes the following issues: * CVE-2024-24791: Fixed denial of service due to improper 100-continue handling (bsc#1227314) * CVE-2024-24789: Fixed mishandling of corrupt central directory record in archive/zip (bsc#1225973) * CVE-2024-24790: Fixed unexpected behavior from Is methods for IPv4-mapped IPv6 addresses in net/netip (bsc#1225974) * CVE-2024-24787: Fixed arbitrary code execution during build on darwin in cmd/go (bsc#1224017) * CVE-2023-45288: Fixed denial of service due to close connections when receiving too many headers in net/http and x/net/http2 (bsc#1221400) * CVE-2023-45289: Fixed incorrect forwarding of sensitive headers and cookies on HTTP redirect in net/http and net/http/cookiejar (bsc#1221000) * CVE-2023-45290: Fixed memory exhaustion in Request.ParseMultipartForm in net/http (bsc#1221001) * CVE-2024-24783: Fixed denial of service on certificates with an unknown public key algorithm in crypto/x509 (bsc#1220999) * CVE-2024-24784: Fixed comments in display names are incorrectly handled in net/mail (bsc#1221002) * CVE-2024-24785: Fixed errors returned from MarshalJSON methods may break template escaping in html/template (bsc#1221003) Other fixes: \- Update to version 1.21.13.1 cut from the go1.21-fips-release (jsc#SLE-18320) \- Update to version 1.21.13 (bsc#1212475) \- Remove subpackage go1.x-openssl-libstd for compiled shared object libstd.so. (jsc#PED-1962) \- Ensure VERSION file is present in GOROOT as required by go tool dist and go tool distpack (bsc#1219988) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3089=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-3089=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3089=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3089=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3089=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3089=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3089=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * go1.21-openssl-1.21.13.1-150000.1.11.1 * go1.21-openssl-race-1.21.13.1-150000.1.11.1 * go1.21-openssl-doc-1.21.13.1-150000.1.11.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * go1.21-openssl-1.21.13.1-150000.1.11.1 * go1.21-openssl-race-1.21.13.1-150000.1.11.1 * go1.21-openssl-doc-1.21.13.1-150000.1.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.21-openssl-1.21.13.1-150000.1.11.1 * go1.21-openssl-race-1.21.13.1-150000.1.11.1 * go1.21-openssl-doc-1.21.13.1-150000.1.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.21-openssl-1.21.13.1-150000.1.11.1 * go1.21-openssl-race-1.21.13.1-150000.1.11.1 * go1.21-openssl-doc-1.21.13.1-150000.1.11.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * go1.21-openssl-1.21.13.1-150000.1.11.1 * go1.21-openssl-race-1.21.13.1-150000.1.11.1 * go1.21-openssl-doc-1.21.13.1-150000.1.11.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * go1.21-openssl-1.21.13.1-150000.1.11.1 * go1.21-openssl-race-1.21.13.1-150000.1.11.1 * go1.21-openssl-doc-1.21.13.1-150000.1.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.21-openssl-1.21.13.1-150000.1.11.1 * go1.21-openssl-race-1.21.13.1-150000.1.11.1 * go1.21-openssl-doc-1.21.13.1-150000.1.11.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45288.html * https://www.suse.com/security/cve/CVE-2023-45289.html * https://www.suse.com/security/cve/CVE-2023-45290.html * https://www.suse.com/security/cve/CVE-2024-24783.html * https://www.suse.com/security/cve/CVE-2024-24784.html * https://www.suse.com/security/cve/CVE-2024-24785.html * https://www.suse.com/security/cve/CVE-2024-24787.html * https://www.suse.com/security/cve/CVE-2024-24789.html * https://www.suse.com/security/cve/CVE-2024-24790.html * https://www.suse.com/security/cve/CVE-2024-24791.html * https://bugzilla.suse.com/show_bug.cgi?id=1212475 * https://bugzilla.suse.com/show_bug.cgi?id=1219988 * https://bugzilla.suse.com/show_bug.cgi?id=1220999 * https://bugzilla.suse.com/show_bug.cgi?id=1221000 * https://bugzilla.suse.com/show_bug.cgi?id=1221001 * https://bugzilla.suse.com/show_bug.cgi?id=1221002 * https://bugzilla.suse.com/show_bug.cgi?id=1221003 * https://bugzilla.suse.com/show_bug.cgi?id=1221400 * https://bugzilla.suse.com/show_bug.cgi?id=1224017 * https://bugzilla.suse.com/show_bug.cgi?id=1225973 * https://bugzilla.suse.com/show_bug.cgi?id=1225974 * https://bugzilla.suse.com/show_bug.cgi?id=1227314 * https://jira.suse.com/browse/PED-1962 * https://jira.suse.com/browse/SLE-18320 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 4 08:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Sep 2024 08:30:06 -0000 Subject: SUSE-SU-2024:3136-1: moderate: Security update for perl-DBI Message-ID: <172543860605.28013.6345134077122336238@smelt2.prg2.suse.org> # Security update for perl-DBI Announcement ID: SUSE-SU-2024:3136-1 Rating: moderate References: * bsc#1176492 Cross-References: * CVE-2014-10401 * CVE-2014-10402 CVSS scores: * CVE-2014-10401 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2014-10401 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L * CVE-2014-10402 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2014-10402 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for perl-DBI fixes the following issues: * CVE-2014-10401: Fixed incorrect permission on opening files via DBD::File drivers (bsc#1176492) * CVE-2014-10402: Fixed incorrect permission on opening files via DBD::File drivers (bsc#1176492) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3136=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3136=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3136=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * perl-DBI-debuginfo-1.628-5.9.1 * perl-DBI-1.628-5.9.1 * perl-DBI-debugsource-1.628-5.9.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * perl-DBI-debuginfo-1.628-5.9.1 * perl-DBI-1.628-5.9.1 * perl-DBI-debugsource-1.628-5.9.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * perl-DBI-debuginfo-1.628-5.9.1 * perl-DBI-1.628-5.9.1 * perl-DBI-debugsource-1.628-5.9.1 ## References: * https://www.suse.com/security/cve/CVE-2014-10401.html * https://www.suse.com/security/cve/CVE-2014-10402.html * https://bugzilla.suse.com/show_bug.cgi?id=1176492 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 4 12:30:13 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Sep 2024 12:30:13 -0000 Subject: SUSE-SU-2024:3140-1: important: Security update for java-1_8_0-openj9 Message-ID: <172545301397.28013.847787997163150514@smelt2.prg2.suse.org> # Security update for java-1_8_0-openj9 Announcement ID: SUSE-SU-2024:3140-1 Rating: important References: * bsc#1228046 * bsc#1228047 * bsc#1228048 * bsc#1228050 * bsc#1228051 * bsc#1228052 Cross-References: * CVE-2024-21131 * CVE-2024-21138 * CVE-2024-21140 * CVE-2024-21144 * CVE-2024-21145 * CVE-2024-21147 CVSS scores: * CVE-2024-21131 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21138 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21140 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21144 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21145 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21147 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves six vulnerabilities can now be installed. ## Description: This update for java-1_8_0-openj9 fixes the following issues: * Update to OpenJDK 8u422 build 05 with OpenJ9 0.46.0 virtual machine * CVE-2024-21147: Fixed an array index overflow in RangeCheckElimination. (bsc#1228052) * CVE-2024-21145: Fixed an out-of-bounds access in 2D image handling. (bsc#1228051) * CVE-2024-21140: Fixed a range check elimination pre-loop limit overflow. (bsc#1228048) * CVE-2024-21144: Pack200 increase loading time due to improper header validation. (bsc#1228050) * CVE-2024-21138: Fixed an issue where excessive symbol length can lead to infinite loop. (bsc#1228047) * CVE-2024-21131: Fixed a potential UTF8 size overflow. (bsc#1228046) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3140=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3140=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3140=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3140=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openj9-headless-debuginfo-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-accessibility-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-demo-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-debuginfo-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-devel-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-headless-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-src-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-devel-debuginfo-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-debugsource-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-demo-debuginfo-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-1.8.0.422-150200.3.48.2 * openSUSE Leap 15.6 (noarch) * java-1_8_0-openj9-javadoc-1.8.0.422-150200.3.48.2 * SUSE Package Hub 15 15-SP5 (ppc64le s390x) * java-1_8_0-openj9-headless-debuginfo-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-accessibility-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-demo-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-debuginfo-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-devel-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-headless-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-src-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-devel-debuginfo-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-debugsource-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-demo-debuginfo-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-1.8.0.422-150200.3.48.2 * SUSE Package Hub 15 15-SP6 (ppc64le s390x) * java-1_8_0-openj9-headless-debuginfo-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-accessibility-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-demo-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-debuginfo-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-devel-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-headless-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-src-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-devel-debuginfo-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-debugsource-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-demo-debuginfo-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-1.8.0.422-150200.3.48.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openj9-headless-debuginfo-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-accessibility-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-demo-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-debuginfo-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-devel-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-headless-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-src-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-devel-debuginfo-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-debugsource-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-demo-debuginfo-1.8.0.422-150200.3.48.2 * java-1_8_0-openj9-1.8.0.422-150200.3.48.2 * openSUSE Leap 15.5 (noarch) * java-1_8_0-openj9-javadoc-1.8.0.422-150200.3.48.2 ## References: * https://www.suse.com/security/cve/CVE-2024-21131.html * https://www.suse.com/security/cve/CVE-2024-21138.html * https://www.suse.com/security/cve/CVE-2024-21140.html * https://www.suse.com/security/cve/CVE-2024-21144.html * https://www.suse.com/security/cve/CVE-2024-21145.html * https://www.suse.com/security/cve/CVE-2024-21147.html * https://bugzilla.suse.com/show_bug.cgi?id=1228046 * https://bugzilla.suse.com/show_bug.cgi?id=1228047 * https://bugzilla.suse.com/show_bug.cgi?id=1228048 * https://bugzilla.suse.com/show_bug.cgi?id=1228050 * https://bugzilla.suse.com/show_bug.cgi?id=1228051 * https://bugzilla.suse.com/show_bug.cgi?id=1228052 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 4 12:30:16 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 04 Sep 2024 12:30:16 -0000 Subject: SUSE-SU-2024:3139-1: important: Security update for python-Django Message-ID: <172545301681.28013.10935045682690245067@smelt2.prg2.suse.org> # Security update for python-Django Announcement ID: SUSE-SU-2024:3139-1 Rating: important References: * bsc#1229823 * bsc#1229824 Cross-References: * CVE-2024-45230 * CVE-2024-45231 CVSS scores: * CVE-2024-45230 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45231 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.5 An update that solves two vulnerabilities can now be installed. ## Description: This update for python-Django fixes the following issues: * CVE-2024-45230: Fixed potential denial-of-service vulnerability in django.utils.html.urlize(). (bsc#1229823) * CVE-2024-45231: Fixed potential user email enumeration via response status on password reset. (bsc#1229824) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3139=1 ## Package List: * openSUSE Leap 15.5 (noarch) * python3-Django-2.0.7-150000.1.33.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45230.html * https://www.suse.com/security/cve/CVE-2024-45231.html * https://bugzilla.suse.com/show_bug.cgi?id=1229823 * https://bugzilla.suse.com/show_bug.cgi?id=1229824 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 5 08:30:26 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Sep 2024 08:30:26 -0000 Subject: SUSE-SU-2024:3144-1: important: Security update for hdf5, netcdf, trilinos Message-ID: <172552502637.28290.6287567788507999786@smelt2.prg2.suse.org> # Security update for hdf5, netcdf, trilinos Announcement ID: SUSE-SU-2024:3144-1 Rating: important References: * bsc#1011205 * bsc#1093641 * bsc#1125882 * bsc#1133222 * bsc#1167400 * bsc#1207973 * bsc#1209548 * bsc#1210049 * bsc#1224158 Cross-References: * CVE-2016-4332 * CVE-2017-17507 * CVE-2018-11202 * CVE-2018-11205 * CVE-2019-8396 * CVE-2020-10812 * CVE-2021-37501 * CVE-2024-29158 * CVE-2024-29161 * CVE-2024-29166 * CVE-2024-32608 * CVE-2024-32610 * CVE-2024-32614 * CVE-2024-32619 * CVE-2024-32620 * CVE-2024-33873 * CVE-2024-33874 * CVE-2024-33875 CVSS scores: * CVE-2016-4332 ( NVD ): 8.6 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2017-17507 ( SUSE ): 4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L * CVE-2017-17507 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2018-11202 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2018-11202 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2018-11205 ( SUSE ): 5.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2018-11205 ( NVD ): 8.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2019-8396 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2019-8396 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2020-10812 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2020-10812 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2021-37501 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H * CVE-2021-37501 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-29158 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2024-29161 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2024-29166 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2024-32608 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2024-32610 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2024-32614 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2024-32619 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2024-32620 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2024-33873 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2024-33874 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H * CVE-2024-33875 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 An update that solves 18 vulnerabilities can now be installed. ## Description: This update for hdf5, netcdf, trilinos fixes the following issues: hdf5 was updated from version 1.10.8 to 1.10.11: * Security issues fixed: * CVE-2019-8396: Fixed problems with malformed HDF5 files where content does not match expected size. (bsc#1125882) * CVE-2018-11202: Fixed that a malformed file could result in chunk index memory leaks. (bsc#1093641) * CVE-2016-4332: Fixed an assertion in a previous fix for this issue (bsc#1011205). * CVE-2020-10812: Fixed a segfault on file close in h5debug which fails with a core dump on a file that has an illegal file size in its cache image.Fixes HDFFV-11052, (bsc#1167400). * CVE-2021-37501: Fixed buffer overflow in hdf5-h5dump (bsc#1207973) * Other security issues fixed (bsc#1224158): * CVE-2024-29158, CVE-2024-29161, CVE-2024-29166, CVE-2024-32608, * CVE-2024-32610, CVE-2024-32614, CVE-2024-32619, CVE-2024-32620, * CVE-2024-33873, CVE-2024-33874, CVE-2024-33875 * Additionally, these fixes resolve crashes triggered by the reproducers for CVE-2017-17507, CVE-2018-11205. These crashes appear to be unrelated to the original problems * Other issues fixed: * Remove timestamp/buildhost/kernel version from libhdf5.settings (bsc#1209548) * Changed the error handling for a not found path in the find plugin process. * Fixed a file space allocation bug in the parallel library for chunked datasets. * Fixed an assertion failure in Parallel HDF5 when a file can't be created due to an invalid library version bounds setting. * Fixed memory leaks that could occur when reading a dataset from a malformed file. * Fixed a bug in H5Ocopy that could generate invalid HDF5 files * Fixed potential heap buffer overflow in decoding of link info message. * Fixed potential buffer overrun issues in some object header decode routines. * Fixed a heap buffer overflow that occurs when reading from a dataset with a compact layout within a malformed HDF5 file. * Fixed memory leak when running h5dump with proof of vulnerability file. * Added option --no-compact-subset to h5diff * Several improvements to parallel compression feature, including: * Improved support for collective I/O (for both writes and reads). * Reduction of copying of application data buffers passed to H5Dwrite. * Addition of support for incremental file space allocation for filtered datasets created in parallel. * Addition of support for HDF5's "don't filter partial edge chunks" flag * Addition of proper support for HDF5 fill values with the feature. * Addition of 'H5_HAVE_PARALLEL_FILTERED_WRITES' macro toH5pubconf.h so HDF5 applications can determine at compile-time whether the feature is available. * Addition of simple examples * h5repack added an optional verbose value for reporting R/W timing. * Fixed a metadata cache bug when resizing a pinned/protected cache entry. * Fixed a problem with the H5_VERS_RELEASE check in the H5check_version function. * Unified handling of collective metadata reads to correctly fix old bugs. * Fixed several potential MPI deadlocks in library failure conditions. * Fixed an issue with collective metadata reads being permanently disabled after a dataset chunk lookup operation. netcdf was updated to fix: * rebuild against new hdf5 library version. trilinos was updated to fix: * Rebuild against new hdf5 library version. * Fix dependency in module file for MPI version of Trilinos to depend on the correct version of netcdf (bsc#1210049). This prevents the error message: "Lmod has detected the following error: These module(s) or extension(s) exist but cannot be loaded as requested: "trilinos" ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3144=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3144=1 ## Package List: * openSUSE Leap 15.3 (noarch) * hdf5-gnu-mpich-hpc-1.10.11-150300.4.16.15 * hdf5-gnu-openmpi3-hpc-devel-1.10.11-150300.4.16.15 * hdf5-gnu-hpc-1.10.11-150300.4.16.15 * netcdf-gnu-openmpi3-hpc-devel-4.7.4-150300.4.7.17 * hdf5-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * hdf5-gnu-openmpi4-hpc-devel-1.10.11-150300.4.16.15 * netcdf-gnu-mpich-hpc-devel-4.7.4-150300.4.7.19 * netcdf-gnu-openmpi2-hpc-4.7.4-150300.4.7.10 * hdf5-hpc-examples-1.10.11-150300.4.16.15 * adios-gnu-mvapich2-hpc-devel-static-1.13.1-150300.12.4.2 * hdf5-gnu-mvapich2-hpc-devel-1.10.11-150300.4.16.15 * netcdf-gnu-hpc-4.7.4-150300.4.7.19 * netcdf-gnu-mvapich2-hpc-devel-4.7.4-150300.4.7.20 * trilinos-gnu-openmpi4-hpc-devel-13.2.0-150300.3.12.18 * adios-gnu-mpich-hpc-devel-static-1.13.1-150300.12.4.2 * netcdf-gnu-hpc-devel-4.7.4-150300.4.7.19 * netcdf-gnu-openmpi3-hpc-4.7.4-150300.4.7.17 * adios-gnu-mpich-hpc-devel-1.13.1-150300.12.4.2 * hdf5-gnu-hpc-devel-1.10.11-150300.4.16.15 * adios-gnu-openmpi3-hpc-1.13.1-150300.12.4.2 * adios-gnu-openmpi2-hpc-devel-static-1.13.1-150300.12.4.1 * adios-gnu-openmpi4-hpc-devel-static-1.13.1-150300.12.4.2 * adios-gnu-mvapich2-hpc-devel-1.13.1-150300.12.4.2 * adios-gnu-openmpi2-hpc-1.13.1-150300.12.4.1 * petsc-doc-3.14.5-150300.3.4.3 * trilinos-gnu-openmpi2-hpc-devel-13.2.0-150300.3.12.9 * adios-gnu-mvapich2-hpc-1.13.1-150300.12.4.2 * netcdf-gnu-mvapich2-hpc-4.7.4-150300.4.7.20 * netcdf-gnu-openmpi4-hpc-devel-4.7.4-150300.4.7.21 * trilinos-hpc-doc-13.2.0-150300.3.12.9 * trilinos-gnu-mpich-hpc-devel-13.2.0-150300.3.12.18 * adios-gnu-mpich-hpc-1.13.1-150300.12.4.2 * trilinos-gnu-mvapich2-hpc-devel-13.2.0-150300.3.12.18 * netcdf-gnu-mpich-hpc-4.7.4-150300.4.7.19 * adios-gnu-openmpi4-hpc-1.13.1-150300.12.4.2 * hdf5-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * hdf5-gnu-mpich-hpc-devel-1.10.11-150300.4.16.15 * adios-gnu-openmpi2-hpc-devel-1.13.1-150300.12.4.1 * netcdf-gnu-openmpi2-hpc-devel-4.7.4-150300.4.7.10 * trilinos-gnu-openmpi3-hpc-devel-13.2.0-150300.3.12.16 * adios-gnu-openmpi3-hpc-devel-static-1.13.1-150300.12.4.2 * netcdf-gnu-openmpi4-hpc-4.7.4-150300.4.7.21 * trilinos_13_2_0-hpc-doc-13.2.0-150300.3.12.9 * hdf5-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * adios-gnu-openmpi4-hpc-devel-1.13.1-150300.12.4.2 * adios-gnu-openmpi3-hpc-devel-1.13.1-150300.12.4.2 * openSUSE Leap 15.3 (aarch64 ppc64le x86_64 i586) * petsc_3_14_5-gnu-mpich-hpc-debugsource-3.14.5-150300.3.4.4 * adios_1_13_1-gnu-openmpi2-hpc-debuginfo-1.13.1-150300.12.4.1 * adios_1_13_1-gnu-openmpi3-hpc-1.13.1-150300.12.4.2 * libpetsc_3_14_5-gnu-openmpi4-hpc-3.14.5-150300.3.4.4 * petsc_3_14_5-gnu-openmpi4-hpc-debugsource-3.14.5-150300.3.4.4 * libpetsc_3_14_5-gnu-openmpi2-hpc-debuginfo-3.14.5-150300.3.4.4 * petsc-gnu-openmpi4-hpc-devel-3.14.5-150300.3.4.4 * adios_1_13_1-gnu-openmpi3-hpc-devel-1.13.1-150300.12.4.2 * petsc-gnu-mvapich2-hpc-devel-3.14.5-150300.3.4.4 * petsc_3_14_5-gnu-mpich-hpc-devel-3.14.5-150300.3.4.4 * petsc-gnu-mpich-hpc-devel-3.14.5-150300.3.4.4 * adios_1_13_1-gnu-openmpi4-hpc-debugsource-1.13.1-150300.12.4.2 * libpetsc_3_14_5-gnu-mvapich2-hpc-3.14.5-150300.3.4.4 * libpetsc_3_14_5-gnu-openmpi3-hpc-3.14.5-150300.3.4.4 * adios_1_13_1-gnu-openmpi4-hpc-devel-static-1.13.1-150300.12.4.2 * adios_1_13_1-gnu-openmpi4-hpc-1.13.1-150300.12.4.2 * adios_1_13_1-gnu-mvapich2-hpc-devel-1.13.1-150300.12.4.2 * petsc_3_14_5-gnu-openmpi2-hpc-devel-3.14.5-150300.3.4.4 * petsc_3_14_5-gnu-openmpi3-hpc-debugsource-3.14.5-150300.3.4.4 * adios_1_13_1-gnu-openmpi4-hpc-devel-1.13.1-150300.12.4.2 * petsc_3_14_5-gnu-openmpi3-hpc-devel-3.14.5-150300.3.4.4 * adios_1_13_1-gnu-mvapich2-hpc-1.13.1-150300.12.4.2 * libpetsc-gnu-mpich-hpc-3.14.5-150300.3.4.4 * libpetsc_3_14_5-gnu-mpich-hpc-3.14.5-150300.3.4.4 * libpetsc_3_14_5-gnu-openmpi3-hpc-debuginfo-3.14.5-150300.3.4.4 * petsc_3_14_5-gnu-openmpi3-hpc-saws-3.14.5-150300.3.4.4 * adios_1_13_1-gnu-openmpi3-hpc-debuginfo-1.13.1-150300.12.4.2 * adios_1_13_1-gnu-mpich-hpc-devel-1.13.1-150300.12.4.2 * adios_1_13_1-gnu-mpich-hpc-debugsource-1.13.1-150300.12.4.2 * libpetsc-gnu-openmpi3-hpc-3.14.5-150300.3.4.4 * petsc-gnu-openmpi2-hpc-devel-3.14.5-150300.3.4.4 * adios_1_13_1-gnu-openmpi2-hpc-debugsource-1.13.1-150300.12.4.1 * petsc_3_14_5-gnu-openmpi4-hpc-devel-3.14.5-150300.3.4.4 * petsc_3_14_5-gnu-mvapich2-hpc-debugsource-3.14.5-150300.3.4.4 * libpetsc-gnu-openmpi4-hpc-3.14.5-150300.3.4.4 * adios_1_13_1-gnu-mvapich2-hpc-debuginfo-1.13.1-150300.12.4.2 * adios_1_13_1-gnu-mpich-hpc-devel-static-1.13.1-150300.12.4.2 * petsc_3_14_5-gnu-openmpi2-hpc-saws-3.14.5-150300.3.4.4 * petsc-gnu-openmpi3-hpc-devel-3.14.5-150300.3.4.4 * libpetsc_3_14_5-gnu-mpich-hpc-debuginfo-3.14.5-150300.3.4.4 * libpetsc_3_14_5-gnu-openmpi2-hpc-3.14.5-150300.3.4.4 * adios_1_13_1-gnu-openmpi2-hpc-devel-1.13.1-150300.12.4.1 * adios_1_13_1-gnu-mpich-hpc-debuginfo-1.13.1-150300.12.4.2 * libpetsc_3_14_5-gnu-mvapich2-hpc-debuginfo-3.14.5-150300.3.4.4 * adios_1_13_1-gnu-openmpi4-hpc-debuginfo-1.13.1-150300.12.4.2 * adios_1_13_1-gnu-openmpi3-hpc-debugsource-1.13.1-150300.12.4.2 * adios_1_13_1-gnu-mpich-hpc-1.13.1-150300.12.4.2 * petsc_3_14_5-gnu-mvapich2-hpc-saws-3.14.5-150300.3.4.4 * libpetsc-gnu-openmpi2-hpc-3.14.5-150300.3.4.4 * libpetsc-gnu-mvapich2-hpc-3.14.5-150300.3.4.4 * adios_1_13_1-gnu-openmpi2-hpc-devel-static-1.13.1-150300.12.4.1 * adios_1_13_1-gnu-openmpi3-hpc-devel-static-1.13.1-150300.12.4.2 * adios_1_13_1-gnu-mvapich2-hpc-devel-static-1.13.1-150300.12.4.2 * adios_1_13_1-gnu-mvapich2-hpc-debugsource-1.13.1-150300.12.4.2 * petsc_3_14_5-gnu-openmpi4-hpc-saws-3.14.5-150300.3.4.4 * libpetsc_3_14_5-gnu-openmpi4-hpc-debuginfo-3.14.5-150300.3.4.4 * petsc_3_14_5-gnu-mvapich2-hpc-devel-3.14.5-150300.3.4.4 * adios_1_13_1-gnu-openmpi2-hpc-1.13.1-150300.12.4.1 * petsc_3_14_5-gnu-mpich-hpc-saws-3.14.5-150300.3.4.4 * petsc_3_14_5-gnu-openmpi2-hpc-debugsource-3.14.5-150300.3.4.4 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * libnetcdf_4_7_4-gnu-openmpi4-hpc-debuginfo-4.7.4-150300.4.7.21 * netcdf-debuginfo-4.7.4-150300.4.7.9 * libnetcdf18-4.7.4-150300.4.7.9 * netcdf-openmpi3-devel-static-4.7.4-150300.4.7.9 * libnetcdf-gnu-openmpi4-hpc-4.7.4-150300.4.7.21 * netcdf_4_7_4-gnu-openmpi3-hpc-debugsource-4.7.4-150300.4.7.17 * netcdf_4_7_4-gnu-hpc-4.7.4-150300.4.7.19 * netcdf_4_7_4-gnu-openmpi4-hpc-debugsource-4.7.4-150300.4.7.21 * netcdf-openmpi4-4.7.4-150300.4.7.9 * netcdf-openmpi2-4.7.4-150300.4.7.9 * netcdf-devel-data-4.7.4-150300.4.7.9 * libnetcdf_4_7_4-gnu-mpich-hpc-debuginfo-4.7.4-150300.4.7.19 * netcdf-openmpi4-debuginfo-4.7.4-150300.4.7.9 * libnetcdf_4_7_4-gnu-mvapich2-hpc-debuginfo-4.7.4-150300.4.7.20 * libnetcdf-gnu-hpc-4.7.4-150300.4.7.19 * netcdf-openmpi3-debuginfo-4.7.4-150300.4.7.9 * netcdf_4_7_4-gnu-openmpi3-hpc-debuginfo-4.7.4-150300.4.7.17 * netcdf_4_7_4-gnu-openmpi4-hpc-debuginfo-4.7.4-150300.4.7.21 * netcdf-openmpi3-devel-4.7.4-150300.4.7.9 * libnetcdf18-openmpi4-debuginfo-4.7.4-150300.4.7.9 * netcdf_4_7_4-gnu-openmpi2-hpc-devel-static-4.7.4-150300.4.7.10 * libnetcdf18-openmpi4-4.7.4-150300.4.7.9 * netcdf_4_7_4-gnu-openmpi2-hpc-debugsource-4.7.4-150300.4.7.10 * libnetcdf_4_7_4-gnu-openmpi3-hpc-4.7.4-150300.4.7.17 * netcdf_4_7_4-gnu-openmpi3-hpc-4.7.4-150300.4.7.17 * netcdf_4_7_4-gnu-openmpi3-hpc-devel-4.7.4-150300.4.7.17 * netcdf_4_7_4-gnu-openmpi4-hpc-devel-static-4.7.4-150300.4.7.21 * netcdf_4_7_4-gnu-mpich-hpc-devel-debuginfo-4.7.4-150300.4.7.19 * netcdf_4_7_4-gnu-openmpi4-hpc-devel-debuginfo-4.7.4-150300.4.7.21 * libnetcdf18-openmpi3-4.7.4-150300.4.7.9 * libnetcdf-gnu-mpich-hpc-4.7.4-150300.4.7.19 * libnetcdf_4_7_4-gnu-hpc-debuginfo-4.7.4-150300.4.7.19 * netcdf_4_7_4-gnu-hpc-debuginfo-4.7.4-150300.4.7.19 * libnetcdf-gnu-openmpi3-hpc-4.7.4-150300.4.7.17 * netcdf_4_7_4-gnu-mvapich2-hpc-devel-static-4.7.4-150300.4.7.20 * netcdf-openmpi2-debuginfo-4.7.4-150300.4.7.9 * netcdf_4_7_4-gnu-openmpi2-hpc-4.7.4-150300.4.7.10 * netcdf-openmpi4-devel-debuginfo-4.7.4-150300.4.7.9 * libnetcdf_4_7_4-gnu-openmpi2-hpc-4.7.4-150300.4.7.10 * libnetcdf_4_7_4-gnu-openmpi2-hpc-debuginfo-4.7.4-150300.4.7.10 * netcdf_4_7_4-gnu-openmpi2-hpc-devel-4.7.4-150300.4.7.10 * netcdf_4_7_4-gnu-mpich-hpc-devel-4.7.4-150300.4.7.19 * netcdf_4_7_4-gnu-openmpi2-hpc-debuginfo-4.7.4-150300.4.7.10 * netcdf_4_7_4-gnu-mpich-hpc-devel-static-4.7.4-150300.4.7.19 * netcdf_4_7_4-gnu-mvapich2-hpc-4.7.4-150300.4.7.20 * netcdf-openmpi4-devel-static-4.7.4-150300.4.7.9 * netcdf_4_7_4-gnu-mpich-hpc-debugsource-4.7.4-150300.4.7.19 * netcdf-openmpi3-4.7.4-150300.4.7.9 * netcdf-openmpi3-devel-debuginfo-4.7.4-150300.4.7.9 * libnetcdf18-openmpi3-debuginfo-4.7.4-150300.4.7.9 * netcdf-openmpi2-devel-debuginfo-4.7.4-150300.4.7.9 * netcdf_4_7_4-gnu-hpc-devel-static-4.7.4-150300.4.7.19 * libnetcdf18-openmpi2-debuginfo-4.7.4-150300.4.7.9 * netcdf-openmpi3-debugsource-4.7.4-150300.4.7.9 * netcdf_4_7_4-gnu-openmpi3-hpc-devel-debuginfo-4.7.4-150300.4.7.17 * netcdf-devel-4.7.4-150300.4.7.9 * netcdf_4_7_4-gnu-mvapich2-hpc-debuginfo-4.7.4-150300.4.7.20 * netcdf-devel-debuginfo-4.7.4-150300.4.7.9 * netcdf_4_7_4-gnu-hpc-devel-4.7.4-150300.4.7.19 * netcdf_4_7_4-gnu-openmpi4-hpc-4.7.4-150300.4.7.21 * netcdf-openmpi2-debugsource-4.7.4-150300.4.7.9 * libnetcdf_4_7_4-gnu-hpc-4.7.4-150300.4.7.19 * netcdf_4_7_4-gnu-mvapich2-hpc-devel-debuginfo-4.7.4-150300.4.7.20 * libnetcdf-gnu-openmpi2-hpc-4.7.4-150300.4.7.10 * netcdf-openmpi4-devel-4.7.4-150300.4.7.9 * netcdf_4_7_4-gnu-mpich-hpc-debuginfo-4.7.4-150300.4.7.19 * libnetcdf-gnu-mvapich2-hpc-4.7.4-150300.4.7.20 * libnetcdf18-openmpi2-4.7.4-150300.4.7.9 * netcdf_4_7_4-gnu-openmpi3-hpc-devel-static-4.7.4-150300.4.7.17 * netcdf-devel-static-4.7.4-150300.4.7.9 * netcdf_4_7_4-gnu-openmpi2-hpc-devel-debuginfo-4.7.4-150300.4.7.10 * libnetcdf_4_7_4-gnu-mvapich2-hpc-4.7.4-150300.4.7.20 * netcdf_4_7_4-gnu-hpc-devel-debuginfo-4.7.4-150300.4.7.19 * libnetcdf_4_7_4-gnu-mpich-hpc-4.7.4-150300.4.7.19 * netcdf_4_7_4-gnu-mpich-hpc-4.7.4-150300.4.7.19 * netcdf-openmpi2-devel-4.7.4-150300.4.7.9 * netcdf-openmpi2-devel-static-4.7.4-150300.4.7.9 * netcdf_4_7_4-gnu-hpc-debugsource-4.7.4-150300.4.7.19 * netcdf-4.7.4-150300.4.7.9 * netcdf-debugsource-4.7.4-150300.4.7.9 * libnetcdf_4_7_4-gnu-openmpi4-hpc-4.7.4-150300.4.7.21 * netcdf_4_7_4-gnu-mvapich2-hpc-debugsource-4.7.4-150300.4.7.20 * netcdf_4_7_4-gnu-mvapich2-hpc-devel-4.7.4-150300.4.7.20 * netcdf-openmpi4-debugsource-4.7.4-150300.4.7.9 * netcdf_4_7_4-gnu-openmpi4-hpc-devel-4.7.4-150300.4.7.21 * libnetcdf18-debuginfo-4.7.4-150300.4.7.9 * libnetcdf_4_7_4-gnu-openmpi3-hpc-debuginfo-4.7.4-150300.4.7.17 * openSUSE Leap 15.3 (x86_64) * libnetcdf18-openmpi3-32bit-4.7.4-150300.4.7.9 * libnetcdf18-32bit-4.7.4-150300.4.7.9 * libnetcdf18-32bit-debuginfo-4.7.4-150300.4.7.9 * libnetcdf18-openmpi2-32bit-4.7.4-150300.4.7.9 * libnetcdf18-openmpi4-32bit-4.7.4-150300.4.7.9 * libnetcdf18-openmpi4-32bit-debuginfo-4.7.4-150300.4.7.9 * libnetcdf18-openmpi2-32bit-debuginfo-4.7.4-150300.4.7.9 * libnetcdf18-openmpi3-32bit-debuginfo-4.7.4-150300.4.7.9 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * hdf5_1_10_11-gnu-openmpi4-hpc-debugsource-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-openmpi4-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_1_10_11-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * libhdf5hl_fortran_1_10_11-gnu-mvapich2-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_cpp-gnu-hpc-1.10.11-150300.4.16.15 * libhdf5_hl_cpp_1_10_11-gnu-mpich-hpc-debuginfo-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-mpich-hpc-devel-static-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-openmpi4-hpc-devel-static-1.10.11-150300.4.16.15 * libhdf5_1_10_11-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * libhdf5_1_10_11-gnu-mpich-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5hl_fortran_1_10_11-gnu-openmpi4-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_1_10_11-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * libhdf5_cpp-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5_fortran_1_10_11-gnu-openmpi4-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_cpp_1_10_11-gnu-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_cpp_1_10_11-gnu-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_1_10_11-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-mvapich2-hpc-devel-1.10.11-150300.4.16.15 * libhdf5_fortran_1_10_11-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * libhdf5_hl_cpp-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5_hl_cpp_1_10_11-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5_hl-gnu-hpc-1.10.11-150300.4.16.15 * libhdf5_hl_fortran-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * libhdf5_hl_1_10_11-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5_cpp-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * libhdf5_1_10_11-gnu-hpc-1.10.11-150300.4.16.15 * libhdf5_hl_fortran-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5hl_fortran_1_10_11-gnu-hpc-1.10.11-150300.4.16.15 * libhdf5_1_10_11-gnu-mvapich2-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_cpp_1_10_11-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * libhdf5_fortran-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * libhdf5_1_10_11-gnu-openmpi4-hpc-debuginfo-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-hpc-debuginfo-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-mpich-hpc-module-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-mvapich2-hpc-debugsource-1.10.11-150300.4.16.15 * libhdf5_cpp_1_10_11-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5_cpp_1_10_11-gnu-mpich-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5-gnu-mpich-hpc-1.10.11-150300.4.16.15 * libhdf5_hl-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * libhdf5_cpp_1_10_11-gnu-openmpi3-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_cpp_1_10_11-gnu-mpich-hpc-1.10.11-150300.4.16.15 * libhdf5_hl-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * libhdf5-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5_cpp-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * libhdf5_fortran_1_10_11-gnu-mpich-hpc-1.10.11-150300.4.16.15 * libhdf5hl_fortran_1_10_11-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * libhdf5_cpp_1_10_11-gnu-hpc-1.10.11-150300.4.16.15 * libhdf5_fortran_1_10_11-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * libhdf5-gnu-hpc-1.10.11-150300.4.16.15 * libhdf5_1_10_11-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * libhdf5hl_fortran_1_10_11-gnu-openmpi3-hpc-debuginfo-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-hpc-debugsource-1.10.11-150300.4.16.15 * libhdf5hl_fortran_1_10_11-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * libhdf5_hl_cpp_1_10_11-gnu-openmpi3-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_fortran-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5_hl_fortran-gnu-mpich-hpc-1.10.11-150300.4.16.15 * libhdf5_hl-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5_hl_cpp_1_10_11-gnu-openmpi4-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_cpp_1_10_11-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-mpich-hpc-debugsource-1.10.11-150300.4.16.15 * libhdf5_fortran_1_10_11-gnu-mvapich2-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_cpp-gnu-hpc-1.10.11-150300.4.16.15 * libhdf5_fortran-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5_1_10_11-gnu-openmpi3-hpc-debuginfo-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-openmpi3-hpc-debugsource-1.10.11-150300.4.16.15 * libhdf5_cpp_1_10_11-gnu-mvapich2-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_1_10_11-gnu-openmpi4-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_cpp-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * libhdf5_hl_1_10_11-gnu-mpich-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-hpc-examples-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-mvapich2-hpc-module-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-mpich-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_cpp_1_10_11-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * libhdf5_hl_cpp-gnu-mpich-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-openmpi4-hpc-devel-1.10.11-150300.4.16.15 * libhdf5_hl_cpp-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-mvapich2-hpc-devel-static-1.10.11-150300.4.16.15 * libhdf5_hl_1_10_11-gnu-mpich-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_cpp_1_10_11-gnu-mpich-hpc-1.10.11-150300.4.16.15 * libhdf5_fortran-gnu-hpc-1.10.11-150300.4.16.15 * libhdf5hl_fortran_1_10_11-gnu-mpich-hpc-debuginfo-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-openmpi3-hpc-devel-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-hpc-devel-static-1.10.11-150300.4.16.15 * libhdf5_fortran-gnu-mpich-hpc-1.10.11-150300.4.16.15 * libhdf5-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * libhdf5_1_10_11-gnu-hpc-debuginfo-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-mpich-hpc-devel-1.10.11-150300.4.16.15 * libhdf5_fortran_1_10_11-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5_hl_cpp_1_10_11-gnu-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-mpich-hpc-1.10.11-150300.4.16.15 * libhdf5_hl_fortran-gnu-hpc-1.10.11-150300.4.16.15 * libhdf5_cpp_1_10_11-gnu-openmpi4-hpc-debuginfo-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-openmpi3-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5hl_fortran_1_10_11-gnu-hpc-debuginfo-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-mvapich2-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_cpp_1_10_11-gnu-mvapich2-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_1_10_11-gnu-mpich-hpc-1.10.11-150300.4.16.15 * libhdf5hl_fortran_1_10_11-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5_fortran_1_10_11-gnu-hpc-1.10.11-150300.4.16.15 * libhdf5_hl-gnu-mpich-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-hpc-module-1.10.11-150300.4.16.15 * libhdf5_hl_1_10_11-gnu-hpc-1.10.11-150300.4.16.15 * libhdf5_hl_fortran-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * libhdf5hl_fortran_1_10_11-gnu-mpich-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-hpc-devel-1.10.11-150300.4.16.15 * libhdf5_cpp_1_10_11-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * libhdf5_fortran_1_10_11-gnu-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_1_10_11-gnu-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_cpp-gnu-mpich-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-openmpi4-hpc-module-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-openmpi3-hpc-module-1.10.11-150300.4.16.15 * libhdf5_hl_1_10_11-gnu-openmpi3-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_1_10_11-gnu-mvapich2-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_fortran_1_10_11-gnu-openmpi3-hpc-debuginfo-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-openmpi3-hpc-devel-static-1.10.11-150300.4.16.15 * libhdf5_fortran_1_10_11-gnu-mpich-hpc-debuginfo-1.10.11-150300.4.16.15 * openSUSE Leap 15.3 (aarch64 ppc64le x86_64) * libtrilinos-gnu-openmpi2-hpc-13.2.0-150300.3.12.9 * libtrilinos_13_2_0-gnu-openmpi3-hpc-debuginfo-13.2.0-150300.3.12.16 * libtrilinos_13_2_0-gnu-mpich-hpc-debuginfo-13.2.0-150300.3.12.18 * libtrilinos_13_2_0-gnu-mpich-hpc-13.2.0-150300.3.12.18 * trilinos_13_2_0-gnu-mpich-hpc-devel-13.2.0-150300.3.12.18 * trilinos_13_2_0-gnu-mvapich2-hpc-debugsource-13.2.0-150300.3.12.18 * libtrilinos_13_2_0-gnu-openmpi4-hpc-13.2.0-150300.3.12.18 * trilinos_13_2_0-gnu-openmpi3-hpc-debugsource-13.2.0-150300.3.12.16 * libtrilinos_13_2_0-gnu-openmpi2-hpc-debuginfo-13.2.0-150300.3.12.9 * libtrilinos_13_2_0-gnu-openmpi3-hpc-13.2.0-150300.3.12.16 * libtrilinos_13_2_0-gnu-openmpi2-hpc-13.2.0-150300.3.12.9 * libtrilinos_13_2_0-gnu-mvapich2-hpc-13.2.0-150300.3.12.18 * trilinos_13_2_0-gnu-mvapich2-hpc-devel-13.2.0-150300.3.12.18 * libtrilinos-gnu-mvapich2-hpc-13.2.0-150300.3.12.18 * trilinos_13_2_0-gnu-mpich-hpc-debugsource-13.2.0-150300.3.12.18 * trilinos_13_2_0-gnu-openmpi2-hpc-debugsource-13.2.0-150300.3.12.9 * libtrilinos_13_2_0-gnu-openmpi4-hpc-debuginfo-13.2.0-150300.3.12.18 * libtrilinos_13_2_0-gnu-mvapich2-hpc-debuginfo-13.2.0-150300.3.12.18 * libtrilinos-gnu-openmpi4-hpc-13.2.0-150300.3.12.18 * libtrilinos-gnu-openmpi3-hpc-13.2.0-150300.3.12.16 * trilinos_13_2_0-gnu-openmpi4-hpc-debugsource-13.2.0-150300.3.12.18 * libtrilinos-gnu-mpich-hpc-13.2.0-150300.3.12.18 * trilinos_13_2_0-gnu-openmpi2-hpc-devel-13.2.0-150300.3.12.9 * trilinos_13_2_0-gnu-openmpi3-hpc-devel-13.2.0-150300.3.12.16 * trilinos_13_2_0-gnu-openmpi4-hpc-devel-13.2.0-150300.3.12.18 * trilinos_13_2_0-hpc-debugsource-13.2.0-150300.3.12.9 * openSUSE Leap 15.3 (aarch64_ilp32) * libnetcdf18-64bit-4.7.4-150300.4.7.9 * libnetcdf18-openmpi2-64bit-4.7.4-150300.4.7.9 * libnetcdf18-openmpi2-64bit-debuginfo-4.7.4-150300.4.7.9 * libnetcdf18-64bit-debuginfo-4.7.4-150300.4.7.9 * libnetcdf18-openmpi4-64bit-debuginfo-4.7.4-150300.4.7.9 * libnetcdf18-openmpi3-64bit-debuginfo-4.7.4-150300.4.7.9 * libnetcdf18-openmpi3-64bit-4.7.4-150300.4.7.9 * libnetcdf18-openmpi4-64bit-4.7.4-150300.4.7.9 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * hdf5-gnu-mpich-hpc-1.10.11-150300.4.16.15 * hdf5-gnu-openmpi3-hpc-devel-1.10.11-150300.4.16.15 * hdf5-gnu-hpc-1.10.11-150300.4.16.15 * hdf5-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * netcdf-gnu-openmpi3-hpc-devel-4.7.4-150300.4.7.17 * hdf5-gnu-openmpi4-hpc-devel-1.10.11-150300.4.16.15 * netcdf-gnu-mpich-hpc-devel-4.7.4-150300.4.7.19 * hdf5-hpc-examples-1.10.11-150300.4.16.15 * hdf5-gnu-mvapich2-hpc-devel-1.10.11-150300.4.16.15 * adios-gnu-mvapich2-hpc-devel-static-1.13.1-150300.12.4.2 * netcdf-gnu-hpc-4.7.4-150300.4.7.19 * netcdf-gnu-mvapich2-hpc-devel-4.7.4-150300.4.7.20 * trilinos-gnu-openmpi4-hpc-devel-13.2.0-150300.3.12.18 * adios-gnu-mpich-hpc-devel-static-1.13.1-150300.12.4.2 * netcdf-gnu-hpc-devel-4.7.4-150300.4.7.19 * netcdf-gnu-openmpi3-hpc-4.7.4-150300.4.7.17 * adios-gnu-mpich-hpc-devel-1.13.1-150300.12.4.2 * hdf5-gnu-hpc-devel-1.10.11-150300.4.16.15 * adios-gnu-openmpi3-hpc-1.13.1-150300.12.4.2 * adios-gnu-openmpi4-hpc-devel-static-1.13.1-150300.12.4.2 * adios-gnu-mvapich2-hpc-devel-1.13.1-150300.12.4.2 * petsc-doc-3.14.5-150300.3.4.3 * adios-gnu-mvapich2-hpc-1.13.1-150300.12.4.2 * netcdf-gnu-mvapich2-hpc-4.7.4-150300.4.7.20 * netcdf-gnu-openmpi4-hpc-devel-4.7.4-150300.4.7.21 * trilinos-hpc-doc-13.2.0-150300.3.12.9 * trilinos-gnu-mpich-hpc-devel-13.2.0-150300.3.12.18 * adios-gnu-mpich-hpc-1.13.1-150300.12.4.2 * trilinos-gnu-mvapich2-hpc-devel-13.2.0-150300.3.12.18 * netcdf-gnu-mpich-hpc-4.7.4-150300.4.7.19 * adios-gnu-openmpi4-hpc-1.13.1-150300.12.4.2 * hdf5-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * hdf5-gnu-mpich-hpc-devel-1.10.11-150300.4.16.15 * trilinos-gnu-openmpi3-hpc-devel-13.2.0-150300.3.12.16 * adios-gnu-openmpi3-hpc-devel-static-1.13.1-150300.12.4.2 * netcdf-gnu-openmpi4-hpc-4.7.4-150300.4.7.21 * trilinos_13_2_0-hpc-doc-13.2.0-150300.3.12.9 * hdf5-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * adios-gnu-openmpi4-hpc-devel-1.13.1-150300.12.4.2 * adios-gnu-openmpi3-hpc-devel-1.13.1-150300.12.4.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * hdf5_1_10_11-gnu-openmpi4-hpc-debugsource-1.10.11-150300.4.16.15 * libnetcdf_4_7_4-gnu-openmpi4-hpc-debuginfo-4.7.4-150300.4.7.21 * hdf5_1_10_11-gnu-openmpi4-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_1_10_11-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-openmpi3-hpc-devel-static-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * libhdf5hl_fortran_1_10_11-gnu-mvapich2-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_cpp-gnu-hpc-1.10.11-150300.4.16.15 * petsc_3_14_5-gnu-openmpi4-hpc-debugsource-3.14.5-150300.3.4.4 * libtrilinos_13_2_0-gnu-mpich-hpc-13.2.0-150300.3.12.18 * libhdf5_hl_cpp_1_10_11-gnu-mpich-hpc-debuginfo-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-mpich-hpc-devel-static-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-openmpi4-hpc-devel-static-1.10.11-150300.4.16.15 * libhdf5_1_10_11-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * libpetsc_3_14_5-gnu-openmpi3-hpc-3.14.5-150300.3.4.4 * hdf5_1_10_11-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * libnetcdf-gnu-openmpi4-hpc-4.7.4-150300.4.7.21 * libhdf5_1_10_11-gnu-mpich-hpc-debuginfo-1.10.11-150300.4.16.15 * adios_1_13_1-gnu-openmpi4-hpc-devel-1.13.1-150300.12.4.2 * netcdf_4_7_4-gnu-hpc-4.7.4-150300.4.7.19 * libhdf5hl_fortran_1_10_11-gnu-openmpi4-hpc-debuginfo-1.10.11-150300.4.16.15 * netcdf_4_7_4-gnu-openmpi3-hpc-debugsource-4.7.4-150300.4.7.17 * netcdf_4_7_4-gnu-openmpi4-hpc-debugsource-4.7.4-150300.4.7.21 * libhdf5_hl_1_10_11-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * libhdf5_cpp-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5_fortran_1_10_11-gnu-openmpi4-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_cpp_1_10_11-gnu-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_cpp_1_10_11-gnu-hpc-debuginfo-1.10.11-150300.4.16.15 * libnetcdf_4_7_4-gnu-mpich-hpc-debuginfo-4.7.4-150300.4.7.19 * libhdf5_hl_1_10_11-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * petsc_3_14_5-gnu-openmpi4-hpc-devel-3.14.5-150300.3.4.4 * hdf5_1_10_11-gnu-mvapich2-hpc-devel-1.10.11-150300.4.16.15 * libnetcdf-gnu-hpc-4.7.4-150300.4.7.19 * libnetcdf_4_7_4-gnu-mvapich2-hpc-debuginfo-4.7.4-150300.4.7.20 * netcdf_4_7_4-gnu-openmpi3-hpc-debuginfo-4.7.4-150300.4.7.17 * netcdf_4_7_4-gnu-openmpi4-hpc-debuginfo-4.7.4-150300.4.7.21 * libhdf5_fortran_1_10_11-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * libtrilinos_13_2_0-gnu-openmpi4-hpc-debuginfo-13.2.0-150300.3.12.18 * libpetsc_3_14_5-gnu-mvapich2-hpc-debuginfo-3.14.5-150300.3.4.4 * adios_1_13_1-gnu-openmpi4-hpc-debuginfo-1.13.1-150300.12.4.2 * libhdf5_hl_cpp-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libnetcdf_4_7_4-gnu-openmpi3-hpc-4.7.4-150300.4.7.17 * netcdf_4_7_4-gnu-openmpi3-hpc-4.7.4-150300.4.7.17 * netcdf_4_7_4-gnu-openmpi3-hpc-devel-4.7.4-150300.4.7.17 * adios_1_13_1-gnu-openmpi3-hpc-devel-static-1.13.1-150300.12.4.2 * libhdf5_hl_cpp_1_10_11-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * adios_1_13_1-gnu-mvapich2-hpc-debugsource-1.13.1-150300.12.4.2 * petsc_3_14_5-gnu-mvapich2-hpc-devel-3.14.5-150300.3.4.4 * libhdf5_hl-gnu-hpc-1.10.11-150300.4.16.15 * netcdf_4_7_4-gnu-openmpi4-hpc-devel-static-4.7.4-150300.4.7.21 * netcdf_4_7_4-gnu-mpich-hpc-devel-debuginfo-4.7.4-150300.4.7.19 * libhdf5_hl_fortran-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * netcdf_4_7_4-gnu-openmpi4-hpc-devel-debuginfo-4.7.4-150300.4.7.21 * libhdf5_hl_1_10_11-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5_cpp-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * libnetcdf-gnu-mpich-hpc-4.7.4-150300.4.7.19 * libnetcdf_4_7_4-gnu-hpc-debuginfo-4.7.4-150300.4.7.19 * libtrilinos_13_2_0-gnu-openmpi4-hpc-13.2.0-150300.3.12.18 * libhdf5_1_10_11-gnu-hpc-1.10.11-150300.4.16.15 * trilinos_13_2_0-gnu-openmpi3-hpc-debugsource-13.2.0-150300.3.12.16 * libhdf5_hl_fortran-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libtrilinos_13_2_0-gnu-openmpi3-hpc-13.2.0-150300.3.12.16 * netcdf_4_7_4-gnu-hpc-debuginfo-4.7.4-150300.4.7.19 * libhdf5_1_10_11-gnu-mvapich2-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5hl_fortran_1_10_11-gnu-hpc-1.10.11-150300.4.16.15 * libhdf5_hl_cpp_1_10_11-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * libnetcdf-gnu-openmpi3-hpc-4.7.4-150300.4.7.17 * libhdf5_1_10_11-gnu-openmpi4-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_fortran-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * adios_1_13_1-gnu-openmpi4-hpc-devel-static-1.13.1-150300.12.4.2 * adios_1_13_1-gnu-mvapich2-hpc-devel-1.13.1-150300.12.4.2 * netcdf_4_7_4-gnu-mvapich2-hpc-devel-static-4.7.4-150300.4.7.20 * hdf5_1_10_11-gnu-hpc-debuginfo-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-mpich-hpc-module-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-mvapich2-hpc-debugsource-1.10.11-150300.4.16.15 * libpetsc-gnu-mpich-hpc-3.14.5-150300.3.4.4 * libpetsc_3_14_5-gnu-mpich-hpc-3.14.5-150300.3.4.4 * libhdf5_cpp_1_10_11-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5_cpp_1_10_11-gnu-mpich-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5-gnu-mpich-hpc-1.10.11-150300.4.16.15 * libhdf5_hl-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * libtrilinos_13_2_0-gnu-mvapich2-hpc-13.2.0-150300.3.12.18 * netcdf_4_7_4-gnu-mpich-hpc-devel-4.7.4-150300.4.7.19 * trilinos_13_2_0-gnu-mvapich2-hpc-devel-13.2.0-150300.3.12.18 * libhdf5_cpp_1_10_11-gnu-openmpi3-hpc-debuginfo-1.10.11-150300.4.16.15 * libpetsc-gnu-openmpi4-hpc-3.14.5-150300.3.4.4 * libhdf5_cpp_1_10_11-gnu-mpich-hpc-1.10.11-150300.4.16.15 * libhdf5_hl-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * libhdf5-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5_cpp-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * libpetsc_3_14_5-gnu-mpich-hpc-debuginfo-3.14.5-150300.3.4.4 * libhdf5_fortran_1_10_11-gnu-mpich-hpc-1.10.11-150300.4.16.15 * libhdf5hl_fortran_1_10_11-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * netcdf_4_7_4-gnu-mpich-hpc-devel-static-4.7.4-150300.4.7.19 * netcdf_4_7_4-gnu-mvapich2-hpc-4.7.4-150300.4.7.20 * libhdf5_cpp_1_10_11-gnu-hpc-1.10.11-150300.4.16.15 * libtrilinos_13_2_0-gnu-mvapich2-hpc-debuginfo-13.2.0-150300.3.12.18 * libhdf5_fortran_1_10_11-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * netcdf_4_7_4-gnu-mpich-hpc-debugsource-4.7.4-150300.4.7.19 * libhdf5-gnu-hpc-1.10.11-150300.4.16.15 * libtrilinos-gnu-mpich-hpc-13.2.0-150300.3.12.18 * libhdf5-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * libhdf5hl_fortran_1_10_11-gnu-openmpi3-hpc-debuginfo-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-hpc-debugsource-1.10.11-150300.4.16.15 * netcdf_4_7_4-gnu-hpc-devel-static-4.7.4-150300.4.7.19 * petsc_3_14_5-gnu-mpich-hpc-debugsource-3.14.5-150300.3.4.4 * libhdf5hl_fortran_1_10_11-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * adios_1_13_1-gnu-openmpi3-hpc-1.13.1-150300.12.4.2 * libpetsc_3_14_5-gnu-openmpi4-hpc-3.14.5-150300.3.4.4 * libhdf5_hl_cpp_1_10_11-gnu-openmpi3-hpc-debuginfo-1.10.11-150300.4.16.15 * libtrilinos_13_2_0-gnu-openmpi3-hpc-debuginfo-13.2.0-150300.3.12.16 * petsc-gnu-openmpi4-hpc-devel-3.14.5-150300.3.4.4 * adios_1_13_1-gnu-openmpi3-hpc-devel-1.13.1-150300.12.4.2 * trilinos_13_2_0-gnu-mpich-hpc-devel-13.2.0-150300.3.12.18 * hdf5_1_10_11-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5_fortran-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * netcdf_4_7_4-gnu-openmpi3-hpc-devel-debuginfo-4.7.4-150300.4.7.17 * petsc-gnu-mvapich2-hpc-devel-3.14.5-150300.3.4.4 * trilinos_13_2_0-gnu-mvapich2-hpc-debugsource-13.2.0-150300.3.12.18 * libhdf5_hl-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5_hl_cpp_1_10_11-gnu-openmpi4-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_fortran-gnu-mpich-hpc-1.10.11-150300.4.16.15 * netcdf_4_7_4-gnu-mvapich2-hpc-debuginfo-4.7.4-150300.4.7.20 * libhdf5_cpp_1_10_11-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-mpich-hpc-debugsource-1.10.11-150300.4.16.15 * libhdf5_fortran_1_10_11-gnu-mvapich2-hpc-debuginfo-1.10.11-150300.4.16.15 * petsc_3_14_5-gnu-openmpi3-hpc-debugsource-3.14.5-150300.3.4.4 * libhdf5_cpp-gnu-hpc-1.10.11-150300.4.16.15 * libhdf5_fortran-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * petsc_3_14_5-gnu-openmpi3-hpc-devel-3.14.5-150300.3.4.4 * libhdf5_1_10_11-gnu-openmpi3-hpc-debuginfo-1.10.11-150300.4.16.15 * libpetsc_3_14_5-gnu-openmpi3-hpc-debuginfo-3.14.5-150300.3.4.4 * adios_1_13_1-gnu-openmpi3-hpc-debuginfo-1.13.1-150300.12.4.2 * adios_1_13_1-gnu-mpich-hpc-devel-1.13.1-150300.12.4.2 * netcdf_4_7_4-gnu-hpc-devel-4.7.4-150300.4.7.19 * hdf5_1_10_11-gnu-openmpi3-hpc-debugsource-1.10.11-150300.4.16.15 * adios_1_13_1-gnu-mpich-hpc-debugsource-1.13.1-150300.12.4.2 * netcdf_4_7_4-gnu-openmpi4-hpc-4.7.4-150300.4.7.21 * libhdf5_cpp_1_10_11-gnu-mvapich2-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_1_10_11-gnu-openmpi4-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_cpp-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * libpetsc-gnu-openmpi3-hpc-3.14.5-150300.3.4.4 * libhdf5_hl_1_10_11-gnu-mpich-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-hpc-1.10.11-150300.4.16.15 * libnetcdf_4_7_4-gnu-hpc-4.7.4-150300.4.7.19 * adios_1_13_1-gnu-mvapich2-hpc-debuginfo-1.13.1-150300.12.4.2 * hdf5_1_10_11-gnu-mvapich2-hpc-module-1.10.11-150300.4.16.15 * hdf5_1_10_11-hpc-examples-1.10.11-150300.4.16.15 * libtrilinos-gnu-mvapich2-hpc-13.2.0-150300.3.12.18 * trilinos_13_2_0-gnu-mpich-hpc-debugsource-13.2.0-150300.3.12.18 * netcdf_4_7_4-gnu-mvapich2-hpc-devel-debuginfo-4.7.4-150300.4.7.20 * hdf5_1_10_11-gnu-mpich-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_cpp_1_10_11-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * petsc-gnu-openmpi3-hpc-devel-3.14.5-150300.3.4.4 * netcdf_4_7_4-gnu-mpich-hpc-debuginfo-4.7.4-150300.4.7.19 * libhdf5_hl_cpp-gnu-mpich-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-openmpi4-hpc-devel-1.10.11-150300.4.16.15 * adios_1_13_1-gnu-mpich-hpc-debuginfo-1.13.1-150300.12.4.2 * libhdf5_hl_cpp-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-mvapich2-hpc-devel-static-1.10.11-150300.4.16.15 * libnetcdf-gnu-mvapich2-hpc-4.7.4-150300.4.7.20 * netcdf_4_7_4-gnu-openmpi3-hpc-devel-static-4.7.4-150300.4.7.17 * trilinos_13_2_0-gnu-openmpi3-hpc-devel-13.2.0-150300.3.12.16 * libhdf5_hl_1_10_11-gnu-mpich-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_fortran-gnu-hpc-1.10.11-150300.4.16.15 * libhdf5_hl_cpp_1_10_11-gnu-mpich-hpc-1.10.11-150300.4.16.15 * trilinos_13_2_0-gnu-openmpi4-hpc-devel-13.2.0-150300.3.12.18 * libhdf5hl_fortran_1_10_11-gnu-mpich-hpc-debuginfo-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-openmpi3-hpc-devel-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-hpc-devel-static-1.10.11-150300.4.16.15 * libhdf5_fortran-gnu-mpich-hpc-1.10.11-150300.4.16.15 * libtrilinos_13_2_0-gnu-mpich-hpc-debuginfo-13.2.0-150300.3.12.18 * libhdf5-gnu-mvapich2-hpc-1.10.11-150300.4.16.15 * petsc_3_14_5-gnu-mpich-hpc-devel-3.14.5-150300.3.4.4 * hdf5_1_10_11-gnu-mpich-hpc-devel-1.10.11-150300.4.16.15 * libhdf5_1_10_11-gnu-hpc-debuginfo-1.10.11-150300.4.16.15 * libnetcdf_4_7_4-gnu-mvapich2-hpc-4.7.4-150300.4.7.20 * petsc-gnu-mpich-hpc-devel-3.14.5-150300.3.4.4 * adios_1_13_1-gnu-openmpi4-hpc-debugsource-1.13.1-150300.12.4.2 * libpetsc_3_14_5-gnu-mvapich2-hpc-3.14.5-150300.3.4.4 * libhdf5_fortran_1_10_11-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5_hl_cpp_1_10_11-gnu-hpc-1.10.11-150300.4.16.15 * netcdf_4_7_4-gnu-hpc-devel-debuginfo-4.7.4-150300.4.7.19 * hdf5_1_10_11-gnu-mpich-hpc-1.10.11-150300.4.16.15 * libhdf5_hl_fortran-gnu-hpc-1.10.11-150300.4.16.15 * libhdf5_cpp_1_10_11-gnu-openmpi4-hpc-debuginfo-1.10.11-150300.4.16.15 * adios_1_13_1-gnu-openmpi4-hpc-1.13.1-150300.12.4.2 * hdf5_1_10_11-gnu-openmpi3-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5hl_fortran_1_10_11-gnu-hpc-debuginfo-1.10.11-150300.4.16.15 * libnetcdf_4_7_4-gnu-mpich-hpc-4.7.4-150300.4.7.19 * hdf5_1_10_11-gnu-mvapich2-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_cpp_1_10_11-gnu-mvapich2-hpc-debuginfo-1.10.11-150300.4.16.15 * adios_1_13_1-gnu-mvapich2-hpc-1.13.1-150300.12.4.2 * libpetsc_3_14_5-gnu-openmpi4-hpc-debuginfo-3.14.5-150300.3.4.4 * libhdf5_1_10_11-gnu-mpich-hpc-1.10.11-150300.4.16.15 * libhdf5hl_fortran_1_10_11-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5_fortran_1_10_11-gnu-hpc-1.10.11-150300.4.16.15 * netcdf_4_7_4-gnu-mpich-hpc-4.7.4-150300.4.7.19 * libhdf5_hl-gnu-mpich-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-hpc-module-1.10.11-150300.4.16.15 * petsc_3_14_5-gnu-mvapich2-hpc-debugsource-3.14.5-150300.3.4.4 * libhdf5_hl_1_10_11-gnu-hpc-1.10.11-150300.4.16.15 * adios_1_13_1-gnu-mpich-hpc-devel-static-1.13.1-150300.12.4.2 * libhdf5_hl_fortran-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * netcdf_4_7_4-gnu-hpc-debugsource-4.7.4-150300.4.7.19 * libhdf5hl_fortran_1_10_11-gnu-mpich-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-hpc-devel-1.10.11-150300.4.16.15 * libhdf5_cpp_1_10_11-gnu-openmpi3-hpc-1.10.11-150300.4.16.15 * libhdf5_fortran_1_10_11-gnu-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_1_10_11-gnu-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_cpp-gnu-mpich-hpc-1.10.11-150300.4.16.15 * hdf5_1_10_11-gnu-openmpi4-hpc-module-1.10.11-150300.4.16.15 * libnetcdf_4_7_4-gnu-openmpi4-hpc-4.7.4-150300.4.7.21 * hdf5_1_10_11-gnu-openmpi3-hpc-module-1.10.11-150300.4.16.15 * adios_1_13_1-gnu-openmpi3-hpc-debugsource-1.13.1-150300.12.4.2 * adios_1_13_1-gnu-mpich-hpc-1.13.1-150300.12.4.2 * libhdf5_hl_1_10_11-gnu-openmpi3-hpc-debuginfo-1.10.11-150300.4.16.15 * libhdf5_hl_1_10_11-gnu-mvapich2-hpc-debuginfo-1.10.11-150300.4.16.15 * netcdf_4_7_4-gnu-mvapich2-hpc-debugsource-4.7.4-150300.4.7.20 * libpetsc-gnu-mvapich2-hpc-3.14.5-150300.3.4.4 * libtrilinos-gnu-openmpi4-hpc-13.2.0-150300.3.12.18 * libtrilinos-gnu-openmpi3-hpc-13.2.0-150300.3.12.16 * netcdf_4_7_4-gnu-mvapich2-hpc-devel-4.7.4-150300.4.7.20 * adios_1_13_1-gnu-mvapich2-hpc-devel-static-1.13.1-150300.12.4.2 * libhdf5_fortran_1_10_11-gnu-openmpi3-hpc-debuginfo-1.10.11-150300.4.16.15 * netcdf_4_7_4-gnu-openmpi4-hpc-devel-4.7.4-150300.4.7.21 * trilinos_13_2_0-gnu-openmpi4-hpc-debugsource-13.2.0-150300.3.12.18 * libhdf5_1_10_11-gnu-openmpi4-hpc-1.10.11-150300.4.16.15 * libhdf5_fortran_1_10_11-gnu-mpich-hpc-debuginfo-1.10.11-150300.4.16.15 * trilinos_13_2_0-hpc-debugsource-13.2.0-150300.3.12.9 * libnetcdf_4_7_4-gnu-openmpi3-hpc-debuginfo-4.7.4-150300.4.7.17 ## References: * https://www.suse.com/security/cve/CVE-2016-4332.html * https://www.suse.com/security/cve/CVE-2017-17507.html * https://www.suse.com/security/cve/CVE-2018-11202.html * https://www.suse.com/security/cve/CVE-2018-11205.html * https://www.suse.com/security/cve/CVE-2019-8396.html * https://www.suse.com/security/cve/CVE-2020-10812.html * https://www.suse.com/security/cve/CVE-2021-37501.html * https://www.suse.com/security/cve/CVE-2024-29158.html * https://www.suse.com/security/cve/CVE-2024-29161.html * https://www.suse.com/security/cve/CVE-2024-29166.html * https://www.suse.com/security/cve/CVE-2024-32608.html * https://www.suse.com/security/cve/CVE-2024-32610.html * https://www.suse.com/security/cve/CVE-2024-32614.html * https://www.suse.com/security/cve/CVE-2024-32619.html * https://www.suse.com/security/cve/CVE-2024-32620.html * https://www.suse.com/security/cve/CVE-2024-33873.html * https://www.suse.com/security/cve/CVE-2024-33874.html * https://www.suse.com/security/cve/CVE-2024-33875.html * https://bugzilla.suse.com/show_bug.cgi?id=1011205 * https://bugzilla.suse.com/show_bug.cgi?id=1093641 * https://bugzilla.suse.com/show_bug.cgi?id=1125882 * https://bugzilla.suse.com/show_bug.cgi?id=1133222 * https://bugzilla.suse.com/show_bug.cgi?id=1167400 * https://bugzilla.suse.com/show_bug.cgi?id=1207973 * https://bugzilla.suse.com/show_bug.cgi?id=1209548 * https://bugzilla.suse.com/show_bug.cgi?id=1210049 * https://bugzilla.suse.com/show_bug.cgi?id=1224158 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 5 16:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 05 Sep 2024 16:30:07 -0000 Subject: SUSE-SU-2024:3149-1: moderate: Security update for systemd Message-ID: <172555380798.2093.7347219958874818948@smelt2.prg2.suse.org> # Security update for systemd Announcement ID: SUSE-SU-2024:3149-1 Rating: moderate References: * bsc#1218297 * bsc#1221479 * bsc#1226414 * bsc#1228091 Cross-References: * CVE-2023-7008 CVSS scores: * CVE-2023-7008 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2023-7008 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability and has three security fixes can now be installed. ## Description: This update for systemd fixes the following issues: * CVE-2023-7008: Fixed man-in-the-middle due to unsigned name response in signed zone not refused when DNSSEC=yes (bsc#1218297) Other fixes: \- Unit: drop ProtectClock=yes from systemd-udevd.service (bsc#1226414) \- Don't mention any rpm macros inside comments, even if escaped (bsc#1228091) \- Skip redundant dependencies specified the LSB description that references the file name of the service itself for early boot scripts (bsc#1221479). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3149=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3149=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3149=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3149=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3149=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3149=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3149=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3149=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3149=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3149=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * systemd-portable-debuginfo-249.17-150400.8.43.1 * udev-debuginfo-249.17-150400.8.43.1 * systemd-mini-debuginfo-249.17-150400.8.43.1 * systemd-mini-doc-249.17-150400.8.43.1 * nss-systemd-debuginfo-249.17-150400.8.43.1 * systemd-sysvinit-249.17-150400.8.43.1 * systemd-249.17-150400.8.43.1 * systemd-network-debuginfo-249.17-150400.8.43.1 * systemd-mini-249.17-150400.8.43.1 * nss-myhostname-debuginfo-249.17-150400.8.43.1 * systemd-container-debuginfo-249.17-150400.8.43.1 * systemd-devel-249.17-150400.8.43.1 * systemd-mini-sysvinit-249.17-150400.8.43.1 * libudev1-249.17-150400.8.43.1 * systemd-doc-249.17-150400.8.43.1 * systemd-mini-container-debuginfo-249.17-150400.8.43.1 * nss-myhostname-249.17-150400.8.43.1 * systemd-testsuite-debuginfo-249.17-150400.8.43.1 * libsystemd0-debuginfo-249.17-150400.8.43.1 * udev-mini-debuginfo-249.17-150400.8.43.1 * systemd-network-249.17-150400.8.43.1 * libsystemd0-mini-249.17-150400.8.43.1 * udev-mini-249.17-150400.8.43.1 * systemd-mini-devel-249.17-150400.8.43.1 * systemd-journal-remote-249.17-150400.8.43.1 * systemd-testsuite-249.17-150400.8.43.1 * libudev-mini1-249.17-150400.8.43.1 * systemd-coredump-249.17-150400.8.43.1 * systemd-debuginfo-249.17-150400.8.43.1 * systemd-debugsource-249.17-150400.8.43.1 * udev-249.17-150400.8.43.1 * libsystemd0-mini-debuginfo-249.17-150400.8.43.1 * systemd-mini-container-249.17-150400.8.43.1 * systemd-mini-debugsource-249.17-150400.8.43.1 * systemd-experimental-debuginfo-249.17-150400.8.43.1 * libsystemd0-249.17-150400.8.43.1 * libudev-mini1-debuginfo-249.17-150400.8.43.1 * systemd-experimental-249.17-150400.8.43.1 * systemd-portable-249.17-150400.8.43.1 * systemd-coredump-debuginfo-249.17-150400.8.43.1 * nss-systemd-249.17-150400.8.43.1 * systemd-container-249.17-150400.8.43.1 * libudev1-debuginfo-249.17-150400.8.43.1 * systemd-journal-remote-debuginfo-249.17-150400.8.43.1 * openSUSE Leap 15.4 (x86_64) * nss-myhostname-32bit-debuginfo-249.17-150400.8.43.1 * libsystemd0-32bit-249.17-150400.8.43.1 * systemd-32bit-249.17-150400.8.43.1 * systemd-32bit-debuginfo-249.17-150400.8.43.1 * libudev1-32bit-249.17-150400.8.43.1 * libsystemd0-32bit-debuginfo-249.17-150400.8.43.1 * libudev1-32bit-debuginfo-249.17-150400.8.43.1 * nss-myhostname-32bit-249.17-150400.8.43.1 * openSUSE Leap 15.4 (noarch) * systemd-lang-249.17-150400.8.43.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libudev1-64bit-249.17-150400.8.43.1 * libudev1-64bit-debuginfo-249.17-150400.8.43.1 * systemd-64bit-debuginfo-249.17-150400.8.43.1 * libsystemd0-64bit-249.17-150400.8.43.1 * nss-myhostname-64bit-249.17-150400.8.43.1 * nss-myhostname-64bit-debuginfo-249.17-150400.8.43.1 * systemd-64bit-249.17-150400.8.43.1 * libsystemd0-64bit-debuginfo-249.17-150400.8.43.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * systemd-debugsource-249.17-150400.8.43.1 * systemd-container-debuginfo-249.17-150400.8.43.1 * udev-249.17-150400.8.43.1 * udev-debuginfo-249.17-150400.8.43.1 * libsystemd0-249.17-150400.8.43.1 * libudev1-249.17-150400.8.43.1 * systemd-journal-remote-249.17-150400.8.43.1 * systemd-sysvinit-249.17-150400.8.43.1 * systemd-249.17-150400.8.43.1 * systemd-journal-remote-debuginfo-249.17-150400.8.43.1 * libsystemd0-debuginfo-249.17-150400.8.43.1 * systemd-container-249.17-150400.8.43.1 * libudev1-debuginfo-249.17-150400.8.43.1 * systemd-debuginfo-249.17-150400.8.43.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * systemd-portable-debuginfo-249.17-150400.8.43.1 * udev-debuginfo-249.17-150400.8.43.1 * nss-systemd-debuginfo-249.17-150400.8.43.1 * systemd-sysvinit-249.17-150400.8.43.1 * systemd-249.17-150400.8.43.1 * systemd-network-debuginfo-249.17-150400.8.43.1 * nss-myhostname-debuginfo-249.17-150400.8.43.1 * systemd-container-debuginfo-249.17-150400.8.43.1 * systemd-devel-249.17-150400.8.43.1 * libudev1-249.17-150400.8.43.1 * systemd-doc-249.17-150400.8.43.1 * nss-myhostname-249.17-150400.8.43.1 * systemd-testsuite-debuginfo-249.17-150400.8.43.1 * libsystemd0-debuginfo-249.17-150400.8.43.1 * systemd-network-249.17-150400.8.43.1 * systemd-journal-remote-249.17-150400.8.43.1 * systemd-testsuite-249.17-150400.8.43.1 * systemd-coredump-249.17-150400.8.43.1 * systemd-debuginfo-249.17-150400.8.43.1 * systemd-debugsource-249.17-150400.8.43.1 * udev-249.17-150400.8.43.1 * systemd-experimental-debuginfo-249.17-150400.8.43.1 * libsystemd0-249.17-150400.8.43.1 * systemd-experimental-249.17-150400.8.43.1 * systemd-portable-249.17-150400.8.43.1 * systemd-coredump-debuginfo-249.17-150400.8.43.1 * nss-systemd-249.17-150400.8.43.1 * systemd-container-249.17-150400.8.43.1 * libudev1-debuginfo-249.17-150400.8.43.1 * systemd-journal-remote-debuginfo-249.17-150400.8.43.1 * openSUSE Leap 15.5 (x86_64) * nss-myhostname-32bit-debuginfo-249.17-150400.8.43.1 * libsystemd0-32bit-249.17-150400.8.43.1 * systemd-32bit-249.17-150400.8.43.1 * systemd-32bit-debuginfo-249.17-150400.8.43.1 * libudev1-32bit-249.17-150400.8.43.1 * libsystemd0-32bit-debuginfo-249.17-150400.8.43.1 * libudev1-32bit-debuginfo-249.17-150400.8.43.1 * nss-myhostname-32bit-249.17-150400.8.43.1 * openSUSE Leap 15.5 (noarch) * systemd-lang-249.17-150400.8.43.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * systemd-debugsource-249.17-150400.8.43.1 * systemd-container-debuginfo-249.17-150400.8.43.1 * udev-249.17-150400.8.43.1 * udev-debuginfo-249.17-150400.8.43.1 * libsystemd0-249.17-150400.8.43.1 * libudev1-249.17-150400.8.43.1 * systemd-journal-remote-249.17-150400.8.43.1 * systemd-sysvinit-249.17-150400.8.43.1 * systemd-249.17-150400.8.43.1 * systemd-journal-remote-debuginfo-249.17-150400.8.43.1 * libsystemd0-debuginfo-249.17-150400.8.43.1 * systemd-container-249.17-150400.8.43.1 * libudev1-debuginfo-249.17-150400.8.43.1 * systemd-debuginfo-249.17-150400.8.43.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * systemd-debugsource-249.17-150400.8.43.1 * systemd-container-debuginfo-249.17-150400.8.43.1 * udev-249.17-150400.8.43.1 * udev-debuginfo-249.17-150400.8.43.1 * libsystemd0-249.17-150400.8.43.1 * libudev1-249.17-150400.8.43.1 * systemd-journal-remote-249.17-150400.8.43.1 * systemd-sysvinit-249.17-150400.8.43.1 * systemd-249.17-150400.8.43.1 * systemd-journal-remote-debuginfo-249.17-150400.8.43.1 * libsystemd0-debuginfo-249.17-150400.8.43.1 * systemd-container-249.17-150400.8.43.1 * libudev1-debuginfo-249.17-150400.8.43.1 * systemd-debuginfo-249.17-150400.8.43.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * systemd-debugsource-249.17-150400.8.43.1 * systemd-container-debuginfo-249.17-150400.8.43.1 * udev-249.17-150400.8.43.1 * udev-debuginfo-249.17-150400.8.43.1 * libsystemd0-249.17-150400.8.43.1 * libudev1-249.17-150400.8.43.1 * systemd-journal-remote-249.17-150400.8.43.1 * systemd-sysvinit-249.17-150400.8.43.1 * systemd-249.17-150400.8.43.1 * systemd-journal-remote-debuginfo-249.17-150400.8.43.1 * libsystemd0-debuginfo-249.17-150400.8.43.1 * systemd-container-249.17-150400.8.43.1 * libudev1-debuginfo-249.17-150400.8.43.1 * systemd-debuginfo-249.17-150400.8.43.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * systemd-debugsource-249.17-150400.8.43.1 * systemd-container-debuginfo-249.17-150400.8.43.1 * udev-249.17-150400.8.43.1 * udev-debuginfo-249.17-150400.8.43.1 * libsystemd0-249.17-150400.8.43.1 * libudev1-249.17-150400.8.43.1 * systemd-journal-remote-249.17-150400.8.43.1 * systemd-sysvinit-249.17-150400.8.43.1 * systemd-249.17-150400.8.43.1 * systemd-journal-remote-debuginfo-249.17-150400.8.43.1 * libsystemd0-debuginfo-249.17-150400.8.43.1 * systemd-container-249.17-150400.8.43.1 * libudev1-debuginfo-249.17-150400.8.43.1 * systemd-debuginfo-249.17-150400.8.43.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * systemd-debugsource-249.17-150400.8.43.1 * systemd-container-debuginfo-249.17-150400.8.43.1 * udev-249.17-150400.8.43.1 * udev-debuginfo-249.17-150400.8.43.1 * libsystemd0-249.17-150400.8.43.1 * libudev1-249.17-150400.8.43.1 * systemd-journal-remote-249.17-150400.8.43.1 * systemd-sysvinit-249.17-150400.8.43.1 * systemd-249.17-150400.8.43.1 * systemd-journal-remote-debuginfo-249.17-150400.8.43.1 * libsystemd0-debuginfo-249.17-150400.8.43.1 * systemd-container-249.17-150400.8.43.1 * libudev1-debuginfo-249.17-150400.8.43.1 * systemd-debuginfo-249.17-150400.8.43.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * systemd-debugsource-249.17-150400.8.43.1 * systemd-container-debuginfo-249.17-150400.8.43.1 * udev-249.17-150400.8.43.1 * systemd-devel-249.17-150400.8.43.1 * udev-debuginfo-249.17-150400.8.43.1 * libsystemd0-249.17-150400.8.43.1 * libudev1-249.17-150400.8.43.1 * systemd-doc-249.17-150400.8.43.1 * systemd-sysvinit-249.17-150400.8.43.1 * systemd-249.17-150400.8.43.1 * systemd-coredump-debuginfo-249.17-150400.8.43.1 * libsystemd0-debuginfo-249.17-150400.8.43.1 * systemd-container-249.17-150400.8.43.1 * libudev1-debuginfo-249.17-150400.8.43.1 * systemd-coredump-249.17-150400.8.43.1 * systemd-debuginfo-249.17-150400.8.43.1 * Basesystem Module 15-SP5 (noarch) * systemd-lang-249.17-150400.8.43.1 * Basesystem Module 15-SP5 (x86_64) * systemd-32bit-249.17-150400.8.43.1 * libsystemd0-32bit-249.17-150400.8.43.1 * libudev1-32bit-249.17-150400.8.43.1 * libsystemd0-32bit-debuginfo-249.17-150400.8.43.1 * libudev1-32bit-debuginfo-249.17-150400.8.43.1 * systemd-32bit-debuginfo-249.17-150400.8.43.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * systemd-debugsource-249.17-150400.8.43.1 * systemd-network-249.17-150400.8.43.1 * systemd-debuginfo-249.17-150400.8.43.1 * systemd-network-debuginfo-249.17-150400.8.43.1 ## References: * https://www.suse.com/security/cve/CVE-2023-7008.html * https://bugzilla.suse.com/show_bug.cgi?id=1218297 * https://bugzilla.suse.com/show_bug.cgi?id=1221479 * https://bugzilla.suse.com/show_bug.cgi?id=1226414 * https://bugzilla.suse.com/show_bug.cgi?id=1228091 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 6 12:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 06 Sep 2024 12:30:05 -0000 Subject: SUSE-SU-2024:3163-1: moderate: Security update for gradle Message-ID: <172562580564.18273.17286176829844744083@smelt2.prg2.suse.org> # Security update for gradle Announcement ID: SUSE-SU-2024:3163-1 Rating: moderate References: * bsc#1212930 Cross-References: * CVE-2023-35946 CVSS scores: * CVE-2023-35946 ( SUSE ): 6.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:L * CVE-2023-35946 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for gradle fixes the following issues: * CVE-2023-35946: Fixed a dependency issue leading the cache to write files into an unintended location. (bsc#1212930) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3163=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-3163=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3163=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3163=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.24.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.24.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.24.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.24.1 ## References: * https://www.suse.com/security/cve/CVE-2023-35946.html * https://bugzilla.suse.com/show_bug.cgi?id=1212930 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 6 12:30:16 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 06 Sep 2024 12:30:16 -0000 Subject: SUSE-SU-2024:3162-1: important: Security update for java-1_8_0-ibm Message-ID: <172562581669.18273.18065389106144239287@smelt2.prg2.suse.org> # Security update for java-1_8_0-ibm Announcement ID: SUSE-SU-2024:3162-1 Rating: important References: * bsc#1228046 * bsc#1228047 * bsc#1228048 * bsc#1228050 * bsc#1228051 * bsc#1228052 * bsc#1228346 * bsc#1229224 Cross-References: * CVE-2024-21131 * CVE-2024-21138 * CVE-2024-21140 * CVE-2024-21144 * CVE-2024-21145 * CVE-2024-21147 * CVE-2024-27267 CVSS scores: * CVE-2024-21131 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21138 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21140 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21144 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21145 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21147 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2024-27267 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Legacy Module 15-SP5 * Legacy Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves seven vulnerabilities and has one security fix can now be installed. ## Description: This update for java-1_8_0-ibm fixes the following issues: * Update to Java 8.0 Service Refresh 8 Fix Pack 30 (bsc#1228346) * CVE-2024-21147: Fixed an array index overflow in RangeCheckElimination. (bsc#1228052) * CVE-2024-21145: Fixed an out-of-bounds access in 2D image handling. (bsc#1228051) * CVE-2024-21140: Fixed a range check elimination pre-loop limit overflow. (bsc#1228048) * CVE-2024-21144: Pack200 increase loading time due to improper header validation. (bsc#1228050) * CVE-2024-21138: Fixed an issue where excessive symbol length can lead to infinite loop. (bsc#1228047) * CVE-2024-21131: Fixed a potential UTF8 size overflow. (bsc#1228046) * CVE-2024-27267: Fixed an Object Request Broker (ORB) remote denial of service. (bsc#1229224) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3162=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3162=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-3162=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-3162=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3162=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3162=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3162=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3162=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3162=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3162=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3162=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3162=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3162=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3162=1 ## Package List: * openSUSE Leap 15.5 (nosrc ppc64le s390x x86_64) * java-1_8_0-ibm-1.8.0_sr8.30-150000.3.92.1 * openSUSE Leap 15.5 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-32bit-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-devel-32bit-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.30-150000.3.92.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * java-1_8_0-ibm-demo-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-devel-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-src-1.8.0_sr8.30-150000.3.92.1 * openSUSE Leap 15.6 (nosrc ppc64le s390x x86_64) * java-1_8_0-ibm-1.8.0_sr8.30-150000.3.92.1 * openSUSE Leap 15.6 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-32bit-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-devel-32bit-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.30-150000.3.92.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * java-1_8_0-ibm-demo-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-devel-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-src-1.8.0_sr8.30-150000.3.92.1 * Legacy Module 15-SP5 (nosrc ppc64le s390x x86_64) * java-1_8_0-ibm-1.8.0_sr8.30-150000.3.92.1 * Legacy Module 15-SP5 (ppc64le s390x x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.30-150000.3.92.1 * Legacy Module 15-SP5 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.30-150000.3.92.1 * Legacy Module 15-SP6 (nosrc ppc64le s390x x86_64) * java-1_8_0-ibm-1.8.0_sr8.30-150000.3.92.1 * Legacy Module 15-SP6 (ppc64le s390x x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.30-150000.3.92.1 * Legacy Module 15-SP6 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (nosrc x86_64) * java-1_8_0-ibm-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-devel-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (nosrc x86_64) * java-1_8_0-ibm-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-devel-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (nosrc x86_64) * java-1_8_0-ibm-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-devel-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (nosrc ppc64le s390x x86_64) * java-1_8_0-ibm-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (ppc64le s390x x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (nosrc ppc64le s390x x86_64) * java-1_8_0-ibm-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (ppc64le s390x x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (nosrc ppc64le s390x x86_64) * java-1_8_0-ibm-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (ppc64le s390x x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (nosrc ppc64le x86_64) * java-1_8_0-ibm-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le x86_64) * java-1_8_0-ibm-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le x86_64) * java-1_8_0-ibm-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.30-150000.3.92.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.30-150000.3.92.1 * SUSE Enterprise Storage 7.1 (nosrc x86_64) * java-1_8_0-ibm-1.8.0_sr8.30-150000.3.92.1 * SUSE Enterprise Storage 7.1 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-devel-1.8.0_sr8.30-150000.3.92.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.30-150000.3.92.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21131.html * https://www.suse.com/security/cve/CVE-2024-21138.html * https://www.suse.com/security/cve/CVE-2024-21140.html * https://www.suse.com/security/cve/CVE-2024-21144.html * https://www.suse.com/security/cve/CVE-2024-21145.html * https://www.suse.com/security/cve/CVE-2024-21147.html * https://www.suse.com/security/cve/CVE-2024-27267.html * https://bugzilla.suse.com/show_bug.cgi?id=1228046 * https://bugzilla.suse.com/show_bug.cgi?id=1228047 * https://bugzilla.suse.com/show_bug.cgi?id=1228048 * https://bugzilla.suse.com/show_bug.cgi?id=1228050 * https://bugzilla.suse.com/show_bug.cgi?id=1228051 * https://bugzilla.suse.com/show_bug.cgi?id=1228052 * https://bugzilla.suse.com/show_bug.cgi?id=1228346 * https://bugzilla.suse.com/show_bug.cgi?id=1229224 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 6 12:30:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 06 Sep 2024 12:30:20 -0000 Subject: SUSE-SU-2024:3161-1: important: Security update for python-Django Message-ID: <172562582055.18273.17159239563165686940@smelt2.prg2.suse.org> # Security update for python-Django Announcement ID: SUSE-SU-2024:3161-1 Rating: important References: * bsc#1229823 * bsc#1229824 Cross-References: * CVE-2024-45230 * CVE-2024-45231 CVSS scores: * CVE-2024-45230 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45231 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for python-Django fixes the following issues: * CVE-2024-45230: Fixed potential denial-of-service vulnerability in django.utils.html.urlize(). (bsc#1229823) * CVE-2024-45231: Fixed potential user email enumeration via response status on password reset. (bsc#1229824) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3161=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3161=1 openSUSE-SLE-15.6-2024-3161=1 ## Package List: * SUSE Package Hub 15 15-SP6 (noarch) * python311-Django-4.2.11-150600.3.9.1 * openSUSE Leap 15.6 (noarch) * python311-Django-4.2.11-150600.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45230.html * https://www.suse.com/security/cve/CVE-2024-45231.html * https://bugzilla.suse.com/show_bug.cgi?id=1229823 * https://bugzilla.suse.com/show_bug.cgi?id=1229824 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 6 12:30:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 06 Sep 2024 12:30:25 -0000 Subject: SUSE-SU-2024:3160-1: important: Security update for postgresql16 Message-ID: <172562582506.18273.9212745050144991908@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2024:3160-1 Rating: important References: * bsc#1229013 Cross-References: * CVE-2024-7348 CVSS scores: * CVE-2024-7348 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-7348 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-7348 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql16 fixes the following issues: * Upgrade to 14.13 (bsc#1229013) * CVE-2024-7348: PostgreSQL relation replacement during pg_dump executes arbitrary SQL. (bsc#1229013) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3160=1 openSUSE-SLE-15.6-2024-3160=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-3160=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3160=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql14-devel-debuginfo-14.13-150600.16.6.1 * postgresql14-plpython-14.13-150600.16.6.1 * postgresql14-plperl-debuginfo-14.13-150600.16.6.1 * postgresql14-14.13-150600.16.6.1 * postgresql14-pltcl-14.13-150600.16.6.1 * postgresql14-contrib-14.13-150600.16.6.1 * postgresql14-llvmjit-14.13-150600.16.6.1 * postgresql14-pltcl-debuginfo-14.13-150600.16.6.1 * postgresql14-server-devel-14.13-150600.16.6.1 * postgresql14-server-devel-debuginfo-14.13-150600.16.6.1 * postgresql14-plpython-debuginfo-14.13-150600.16.6.1 * postgresql14-test-14.13-150600.16.6.1 * postgresql14-llvmjit-devel-14.13-150600.16.6.1 * postgresql14-devel-14.13-150600.16.6.1 * postgresql14-server-14.13-150600.16.6.1 * postgresql14-debuginfo-14.13-150600.16.6.1 * postgresql14-debugsource-14.13-150600.16.6.1 * postgresql14-server-debuginfo-14.13-150600.16.6.1 * postgresql14-plperl-14.13-150600.16.6.1 * postgresql14-contrib-debuginfo-14.13-150600.16.6.1 * postgresql14-llvmjit-debuginfo-14.13-150600.16.6.1 * openSUSE Leap 15.6 (noarch) * postgresql14-docs-14.13-150600.16.6.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql14-devel-debuginfo-14.13-150600.16.6.1 * postgresql14-devel-14.13-150600.16.6.1 * postgresql14-plpython-14.13-150600.16.6.1 * postgresql14-pltcl-14.13-150600.16.6.1 * postgresql14-server-14.13-150600.16.6.1 * postgresql14-debuginfo-14.13-150600.16.6.1 * postgresql14-contrib-14.13-150600.16.6.1 * postgresql14-debugsource-14.13-150600.16.6.1 * postgresql14-pltcl-debuginfo-14.13-150600.16.6.1 * postgresql14-plpython-debuginfo-14.13-150600.16.6.1 * postgresql14-server-devel-14.13-150600.16.6.1 * postgresql14-server-devel-debuginfo-14.13-150600.16.6.1 * postgresql14-server-debuginfo-14.13-150600.16.6.1 * postgresql14-plperl-debuginfo-14.13-150600.16.6.1 * postgresql14-plperl-14.13-150600.16.6.1 * postgresql14-contrib-debuginfo-14.13-150600.16.6.1 * postgresql14-14.13-150600.16.6.1 * Legacy Module 15-SP6 (noarch) * postgresql14-docs-14.13-150600.16.6.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql14-debuginfo-14.13-150600.16.6.1 * postgresql14-llvmjit-14.13-150600.16.6.1 * postgresql14-debugsource-14.13-150600.16.6.1 * postgresql14-llvmjit-debuginfo-14.13-150600.16.6.1 * postgresql14-test-14.13-150600.16.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7348.html * https://bugzilla.suse.com/show_bug.cgi?id=1229013 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 6 12:30:29 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 06 Sep 2024 12:30:29 -0000 Subject: SUSE-SU-2024:3159-1: important: Security update for postgresql16 Message-ID: <172562582991.18273.18286671712844460240@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2024:3159-1 Rating: important References: * bsc#1224038 * bsc#1224051 * bsc#1229013 Cross-References: * CVE-2024-4317 * CVE-2024-7348 CVSS scores: * CVE-2024-4317 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-7348 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-7348 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-7348 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for postgresql16 fixes the following issues: * Upgrade to 16.4 (bsc#1229013) * CVE-2024-7348: PostgreSQL relation replacement during pg_dump executes arbitrary SQL. (bsc#1229013) * CVE-2024-4317: Restrict visibility of pg_stats_ext and pg_stats_ext_exprs entries to the table owner. See the release notes for the steps that have to be taken to fix existing PostgreSQL instances. (bsc#1224038) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3159=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-3159=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3159=1 openSUSE-SLE-15.6-2024-3159=1 ## Package List: * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql16-16.4-150600.16.5.1 * libpq5-debuginfo-16.4-150600.16.5.1 * postgresql16-debugsource-16.4-150600.16.5.1 * postgresql16-debuginfo-16.4-150600.16.5.1 * libpq5-16.4-150600.16.5.1 * Basesystem Module 15-SP6 (x86_64) * libpq5-32bit-debuginfo-16.4-150600.16.5.1 * libpq5-32bit-16.4-150600.16.5.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql16-devel-16.4-150600.16.5.1 * postgresql16-server-16.4-150600.16.5.1 * postgresql16-server-devel-debuginfo-16.4-150600.16.5.1 * libecpg6-16.4-150600.16.5.1 * postgresql16-plperl-debuginfo-16.4-150600.16.5.1 * postgresql16-server-debuginfo-16.4-150600.16.5.1 * postgresql16-plpython-16.4-150600.16.5.1 * postgresql16-plpython-debuginfo-16.4-150600.16.5.1 * postgresql16-contrib-debuginfo-16.4-150600.16.5.1 * postgresql16-pltcl-debuginfo-16.4-150600.16.5.1 * postgresql16-debugsource-16.4-150600.16.5.1 * postgresql16-debuginfo-16.4-150600.16.5.1 * postgresql16-server-devel-16.4-150600.16.5.1 * libecpg6-debuginfo-16.4-150600.16.5.1 * postgresql16-devel-debuginfo-16.4-150600.16.5.1 * postgresql16-contrib-16.4-150600.16.5.1 * postgresql16-plperl-16.4-150600.16.5.1 * postgresql16-pltcl-16.4-150600.16.5.1 * Server Applications Module 15-SP6 (noarch) * postgresql16-docs-16.4-150600.16.5.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql16-16.4-150600.16.5.1 * postgresql16-test-16.4-150600.16.5.1 * libpq5-debuginfo-16.4-150600.16.5.1 * postgresql16-plpython-debuginfo-16.4-150600.16.5.1 * postgresql16-llvmjit-devel-16.4-150600.16.5.1 * postgresql16-debugsource-16.4-150600.16.5.1 * postgresql16-debuginfo-16.4-150600.16.5.1 * postgresql16-plperl-16.4-150600.16.5.1 * postgresql16-devel-debuginfo-16.4-150600.16.5.1 * postgresql16-llvmjit-16.4-150600.16.5.1 * postgresql16-server-16.4-150600.16.5.1 * postgresql16-server-debuginfo-16.4-150600.16.5.1 * postgresql16-contrib-debuginfo-16.4-150600.16.5.1 * postgresql16-devel-mini-16.4-150600.16.5.1 * libecpg6-debuginfo-16.4-150600.16.5.1 * libpq5-16.4-150600.16.5.1 * postgresql16-contrib-16.4-150600.16.5.1 * postgresql16-mini-debugsource-16.4-150600.16.5.1 * postgresql16-plperl-debuginfo-16.4-150600.16.5.1 * postgresql16-plpython-16.4-150600.16.5.1 * postgresql16-llvmjit-debuginfo-16.4-150600.16.5.1 * postgresql16-server-devel-16.4-150600.16.5.1 * postgresql16-server-devel-debuginfo-16.4-150600.16.5.1 * postgresql16-pltcl-debuginfo-16.4-150600.16.5.1 * postgresql16-pltcl-16.4-150600.16.5.1 * postgresql16-devel-16.4-150600.16.5.1 * libecpg6-16.4-150600.16.5.1 * postgresql16-devel-mini-debuginfo-16.4-150600.16.5.1 * openSUSE Leap 15.6 (x86_64) * libpq5-32bit-debuginfo-16.4-150600.16.5.1 * libecpg6-32bit-16.4-150600.16.5.1 * libpq5-32bit-16.4-150600.16.5.1 * libecpg6-32bit-debuginfo-16.4-150600.16.5.1 * openSUSE Leap 15.6 (noarch) * postgresql16-docs-16.4-150600.16.5.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libecpg6-64bit-debuginfo-16.4-150600.16.5.1 * libpq5-64bit-16.4-150600.16.5.1 * libpq5-64bit-debuginfo-16.4-150600.16.5.1 * libecpg6-64bit-16.4-150600.16.5.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4317.html * https://www.suse.com/security/cve/CVE-2024-7348.html * https://bugzilla.suse.com/show_bug.cgi?id=1224038 * https://bugzilla.suse.com/show_bug.cgi?id=1224051 * https://bugzilla.suse.com/show_bug.cgi?id=1229013 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 6 12:30:33 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 06 Sep 2024 12:30:33 -0000 Subject: SUSE-SU-2024:3158-1: important: Security update for postgresql16 Message-ID: <172562583367.18273.1474439123833288391@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2024:3158-1 Rating: important References: * bsc#1229013 Cross-References: * CVE-2024-7348 CVSS scores: * CVE-2024-7348 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-7348 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-7348 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql16 fixes the following issues: * Upgrade to 15.8 (bsc#1229013) * CVE-2024-7348: PostgreSQL relation replacement during pg_dump executes arbitrary SQL. (bsc#1229013) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3158=1 openSUSE-SLE-15.6-2024-3158=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-3158=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * postgresql15-llvmjit-15.8-150600.16.6.1 * postgresql15-plperl-debuginfo-15.8-150600.16.6.1 * postgresql15-test-15.8-150600.16.6.1 * postgresql15-devel-debuginfo-15.8-150600.16.6.1 * postgresql15-contrib-15.8-150600.16.6.1 * postgresql15-debuginfo-15.8-150600.16.6.1 * postgresql15-15.8-150600.16.6.1 * postgresql15-llvmjit-devel-15.8-150600.16.6.1 * postgresql15-debugsource-15.8-150600.16.6.1 * postgresql15-plpython-15.8-150600.16.6.1 * postgresql15-server-devel-15.8-150600.16.6.1 * postgresql15-llvmjit-debuginfo-15.8-150600.16.6.1 * postgresql15-server-debuginfo-15.8-150600.16.6.1 * postgresql15-server-devel-debuginfo-15.8-150600.16.6.1 * postgresql15-devel-15.8-150600.16.6.1 * postgresql15-server-15.8-150600.16.6.1 * postgresql15-pltcl-15.8-150600.16.6.1 * postgresql15-contrib-debuginfo-15.8-150600.16.6.1 * postgresql15-pltcl-debuginfo-15.8-150600.16.6.1 * postgresql15-plpython-debuginfo-15.8-150600.16.6.1 * postgresql15-plperl-15.8-150600.16.6.1 * openSUSE Leap 15.6 (noarch) * postgresql15-docs-15.8-150600.16.6.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql15-debuginfo-15.8-150600.16.6.1 * postgresql15-contrib-debuginfo-15.8-150600.16.6.1 * postgresql15-server-debuginfo-15.8-150600.16.6.1 * postgresql15-15.8-150600.16.6.1 * postgresql15-debugsource-15.8-150600.16.6.1 * postgresql15-server-15.8-150600.16.6.1 * postgresql15-contrib-15.8-150600.16.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7348.html * https://bugzilla.suse.com/show_bug.cgi?id=1229013 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 6 12:30:38 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 06 Sep 2024 12:30:38 -0000 Subject: SUSE-SU-2024:3157-1: important: Security update for MozillaFirefox Message-ID: <172562583869.18273.6934767657278100530@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2024:3157-1 Rating: important References: * bsc#1229821 Cross-References: * CVE-2024-8381 * CVE-2024-8382 * CVE-2024-8383 * CVE-2024-8384 * CVE-2024-8385 * CVE-2024-8386 * CVE-2024-8387 CVSS scores: * CVE-2024-8381 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-8381 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8382 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-8382 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-8383 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-8383 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-8384 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-8384 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8385 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-8385 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8386 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-8386 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-8387 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-8387 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP5 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves seven vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: * Update to Firefox Extended Support Release 128.2.0 ESR (bsc#1229821) * CVE-2024-8381: Type confusion when looking up a property name in a 'with' block * CVE-2024-8382: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran * CVE-2024-8383: Firefox did not ask before openings news: links in an external application * CVE-2024-8384: Garbage collection could mis-color cross-compartment objects in OOM conditions * CVE-2024-8385: WASM type confusion involving ArrayTypes * CVE-2024-8386: SelectElements could be shown over another site if popups are allowed * CVE-2024-8387: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3157=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3157=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-3157=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-3157=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3157=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3157=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3157=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3157=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3157=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3157=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3157=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3157=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3157=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3157=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3157=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3157=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.2.0-150200.152.149.1 * MozillaFirefox-translations-other-128.2.0-150200.152.149.1 * MozillaFirefox-branding-upstream-128.2.0-150200.152.149.1 * MozillaFirefox-128.2.0-150200.152.149.1 * MozillaFirefox-debugsource-128.2.0-150200.152.149.1 * MozillaFirefox-translations-common-128.2.0-150200.152.149.1 * openSUSE Leap 15.5 (noarch) * MozillaFirefox-devel-128.2.0-150200.152.149.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.2.0-150200.152.149.1 * MozillaFirefox-translations-other-128.2.0-150200.152.149.1 * MozillaFirefox-branding-upstream-128.2.0-150200.152.149.1 * MozillaFirefox-128.2.0-150200.152.149.1 * MozillaFirefox-debugsource-128.2.0-150200.152.149.1 * MozillaFirefox-translations-common-128.2.0-150200.152.149.1 * openSUSE Leap 15.6 (noarch) * MozillaFirefox-devel-128.2.0-150200.152.149.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.2.0-150200.152.149.1 * MozillaFirefox-translations-other-128.2.0-150200.152.149.1 * MozillaFirefox-128.2.0-150200.152.149.1 * MozillaFirefox-debugsource-128.2.0-150200.152.149.1 * MozillaFirefox-translations-common-128.2.0-150200.152.149.1 * Desktop Applications Module 15-SP5 (noarch) * MozillaFirefox-devel-128.2.0-150200.152.149.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.2.0-150200.152.149.1 * MozillaFirefox-translations-other-128.2.0-150200.152.149.1 * MozillaFirefox-128.2.0-150200.152.149.1 * MozillaFirefox-debugsource-128.2.0-150200.152.149.1 * MozillaFirefox-translations-common-128.2.0-150200.152.149.1 * Desktop Applications Module 15-SP6 (noarch) * MozillaFirefox-devel-128.2.0-150200.152.149.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.2.0-150200.152.149.1 * MozillaFirefox-translations-other-128.2.0-150200.152.149.1 * MozillaFirefox-128.2.0-150200.152.149.1 * MozillaFirefox-debugsource-128.2.0-150200.152.149.1 * MozillaFirefox-translations-common-128.2.0-150200.152.149.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * MozillaFirefox-devel-128.2.0-150200.152.149.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.2.0-150200.152.149.1 * MozillaFirefox-translations-other-128.2.0-150200.152.149.1 * MozillaFirefox-128.2.0-150200.152.149.1 * MozillaFirefox-debugsource-128.2.0-150200.152.149.1 * MozillaFirefox-translations-common-128.2.0-150200.152.149.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * MozillaFirefox-devel-128.2.0-150200.152.149.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.2.0-150200.152.149.1 * MozillaFirefox-translations-other-128.2.0-150200.152.149.1 * MozillaFirefox-128.2.0-150200.152.149.1 * MozillaFirefox-debugsource-128.2.0-150200.152.149.1 * MozillaFirefox-translations-common-128.2.0-150200.152.149.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * MozillaFirefox-devel-128.2.0-150200.152.149.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.2.0-150200.152.149.1 * MozillaFirefox-translations-other-128.2.0-150200.152.149.1 * MozillaFirefox-128.2.0-150200.152.149.1 * MozillaFirefox-debugsource-128.2.0-150200.152.149.1 * MozillaFirefox-translations-common-128.2.0-150200.152.149.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * MozillaFirefox-devel-128.2.0-150200.152.149.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * MozillaFirefox-debuginfo-128.2.0-150200.152.149.1 * MozillaFirefox-translations-other-128.2.0-150200.152.149.1 * MozillaFirefox-128.2.0-150200.152.149.1 * MozillaFirefox-debugsource-128.2.0-150200.152.149.1 * MozillaFirefox-translations-common-128.2.0-150200.152.149.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * MozillaFirefox-devel-128.2.0-150200.152.149.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.2.0-150200.152.149.1 * MozillaFirefox-translations-other-128.2.0-150200.152.149.1 * MozillaFirefox-128.2.0-150200.152.149.1 * MozillaFirefox-debugsource-128.2.0-150200.152.149.1 * MozillaFirefox-translations-common-128.2.0-150200.152.149.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * MozillaFirefox-devel-128.2.0-150200.152.149.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.2.0-150200.152.149.1 * MozillaFirefox-translations-other-128.2.0-150200.152.149.1 * MozillaFirefox-128.2.0-150200.152.149.1 * MozillaFirefox-debugsource-128.2.0-150200.152.149.1 * MozillaFirefox-translations-common-128.2.0-150200.152.149.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * MozillaFirefox-devel-128.2.0-150200.152.149.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.2.0-150200.152.149.1 * MozillaFirefox-translations-other-128.2.0-150200.152.149.1 * MozillaFirefox-128.2.0-150200.152.149.1 * MozillaFirefox-debugsource-128.2.0-150200.152.149.1 * MozillaFirefox-translations-common-128.2.0-150200.152.149.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * MozillaFirefox-devel-128.2.0-150200.152.149.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * MozillaFirefox-debuginfo-128.2.0-150200.152.149.1 * MozillaFirefox-translations-other-128.2.0-150200.152.149.1 * MozillaFirefox-128.2.0-150200.152.149.1 * MozillaFirefox-debugsource-128.2.0-150200.152.149.1 * MozillaFirefox-translations-common-128.2.0-150200.152.149.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * MozillaFirefox-devel-128.2.0-150200.152.149.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * MozillaFirefox-debuginfo-128.2.0-150200.152.149.1 * MozillaFirefox-translations-other-128.2.0-150200.152.149.1 * MozillaFirefox-128.2.0-150200.152.149.1 * MozillaFirefox-debugsource-128.2.0-150200.152.149.1 * MozillaFirefox-translations-common-128.2.0-150200.152.149.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * MozillaFirefox-devel-128.2.0-150200.152.149.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * MozillaFirefox-debuginfo-128.2.0-150200.152.149.1 * MozillaFirefox-translations-other-128.2.0-150200.152.149.1 * MozillaFirefox-128.2.0-150200.152.149.1 * MozillaFirefox-debugsource-128.2.0-150200.152.149.1 * MozillaFirefox-translations-common-128.2.0-150200.152.149.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * MozillaFirefox-devel-128.2.0-150200.152.149.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.2.0-150200.152.149.1 * MozillaFirefox-translations-other-128.2.0-150200.152.149.1 * MozillaFirefox-128.2.0-150200.152.149.1 * MozillaFirefox-debugsource-128.2.0-150200.152.149.1 * MozillaFirefox-translations-common-128.2.0-150200.152.149.1 * SUSE Enterprise Storage 7.1 (noarch) * MozillaFirefox-devel-128.2.0-150200.152.149.1 ## References: * https://www.suse.com/security/cve/CVE-2024-8381.html * https://www.suse.com/security/cve/CVE-2024-8382.html * https://www.suse.com/security/cve/CVE-2024-8383.html * https://www.suse.com/security/cve/CVE-2024-8384.html * https://www.suse.com/security/cve/CVE-2024-8385.html * https://www.suse.com/security/cve/CVE-2024-8386.html * https://www.suse.com/security/cve/CVE-2024-8387.html * https://bugzilla.suse.com/show_bug.cgi?id=1229821 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 6 12:30:42 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 06 Sep 2024 12:30:42 -0000 Subject: SUSE-SU-2024:3156-1: low: Security update for python312-pip Message-ID: <172562584220.18273.13588827621502792562@smelt2.prg2.suse.org> # Security update for python312-pip Announcement ID: SUSE-SU-2024:3156-1 Rating: low References: * bsc#1217353 Cross-References: * CVE-2023-5752 CVSS scores: * CVE-2023-5752 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2023-5752 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python312-pip fixes the following issues: * CVE-2023-5752: Avoiding injection of arbitrary configuration through Mercurial parameter. (bsc#1217353) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3156=1 openSUSE-SLE-15.6-2024-3156=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-3156=1 ## Package List: * openSUSE Leap 15.6 (noarch) * python312-pip-23.2.1-150600.3.3.1 * Python 3 Module 15-SP6 (noarch) * python312-pip-23.2.1-150600.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5752.html * https://bugzilla.suse.com/show_bug.cgi?id=1217353 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 6 12:30:46 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 06 Sep 2024 12:30:46 -0000 Subject: SUSE-SU-2024:3155-1: important: Security update for kubernetes1.26 Message-ID: <172562584681.18273.550655234550379017@smelt2.prg2.suse.org> # Security update for kubernetes1.26 Announcement ID: SUSE-SU-2024:3155-1 Rating: important References: * bsc#1229869 Cross-References: * CVE-2023-45288 CVSS scores: * CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Containers Module 15-SP5 * Containers Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for kubernetes1.26 fixes the following issues: * CVE-2023-45288: Close connections when receiving too many headers. (bsc#1229869) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3155=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3155=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3155=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3155=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-3155=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3155=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3155=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3155=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3155=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-scheduler-1.26.15-150400.9.14.1 * kubernetes1.26-apiserver-1.26.15-150400.9.14.1 * kubernetes1.26-kubelet-1.26.15-150400.9.14.1 * kubernetes1.26-kubelet-common-1.26.15-150400.9.14.1 * kubernetes1.26-kubeadm-1.26.15-150400.9.14.1 * kubernetes1.26-controller-manager-1.26.15-150400.9.14.1 * kubernetes1.26-client-common-1.26.15-150400.9.14.1 * kubernetes1.26-client-1.26.15-150400.9.14.1 * kubernetes1.26-proxy-1.26.15-150400.9.14.1 * openSUSE Leap 15.4 (noarch) * kubernetes1.26-client-fish-completion-1.26.15-150400.9.14.1 * kubernetes1.26-client-bash-completion-1.26.15-150400.9.14.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-client-common-1.26.15-150400.9.14.1 * kubernetes1.26-client-1.26.15-150400.9.14.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-scheduler-1.26.15-150400.9.14.1 * kubernetes1.26-apiserver-1.26.15-150400.9.14.1 * kubernetes1.26-kubelet-1.26.15-150400.9.14.1 * kubernetes1.26-kubelet-common-1.26.15-150400.9.14.1 * kubernetes1.26-kubeadm-1.26.15-150400.9.14.1 * kubernetes1.26-controller-manager-1.26.15-150400.9.14.1 * kubernetes1.26-client-common-1.26.15-150400.9.14.1 * kubernetes1.26-client-1.26.15-150400.9.14.1 * kubernetes1.26-proxy-1.26.15-150400.9.14.1 * openSUSE Leap 15.6 (noarch) * kubernetes1.26-client-fish-completion-1.26.15-150400.9.14.1 * kubernetes1.26-client-bash-completion-1.26.15-150400.9.14.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-client-common-1.26.15-150400.9.14.1 * kubernetes1.26-client-1.26.15-150400.9.14.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-client-common-1.26.15-150400.9.14.1 * kubernetes1.26-client-1.26.15-150400.9.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.26-client-common-1.26.15-150400.9.14.1 * kubernetes1.26-client-1.26.15-150400.9.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.26-client-common-1.26.15-150400.9.14.1 * kubernetes1.26-client-1.26.15-150400.9.14.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-client-common-1.26.15-150400.9.14.1 * kubernetes1.26-client-1.26.15-150400.9.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.26-client-common-1.26.15-150400.9.14.1 * kubernetes1.26-client-1.26.15-150400.9.14.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45288.html * https://bugzilla.suse.com/show_bug.cgi?id=1229869 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 6 12:30:51 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 06 Sep 2024 12:30:51 -0000 Subject: SUSE-SU-2024:3154-1: important: Security update for postgresql16 Message-ID: <172562585156.18273.12390708453922765463@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2024:3154-1 Rating: important References: * bsc#1229013 Cross-References: * CVE-2024-7348 CVSS scores: * CVE-2024-7348 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-7348 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-7348 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql16 fixes the following issues: * Upgrade to 14.13 (bsc#1229013) * CVE-2024-7348: PostgreSQL relation replacement during pg_dump executes arbitrary SQL. (bsc#1229013) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3154=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3154=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3154=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3154=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * postgresql14-devel-14.13-3.44.1 * postgresql14-devel-debuginfo-14.13-3.44.1 * postgresql14-debugsource-14.13-3.44.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (ppc64le s390x x86_64) * postgresql14-server-devel-14.13-3.44.1 * postgresql14-server-devel-debuginfo-14.13-3.44.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * postgresql14-plpython-14.13-3.44.1 * postgresql14-contrib-debuginfo-14.13-3.44.1 * postgresql14-plpython-debuginfo-14.13-3.44.1 * postgresql14-plperl-debuginfo-14.13-3.44.1 * postgresql14-plperl-14.13-3.44.1 * postgresql14-pltcl-debuginfo-14.13-3.44.1 * postgresql14-server-14.13-3.44.1 * postgresql14-pltcl-14.13-3.44.1 * postgresql14-server-debuginfo-14.13-3.44.1 * postgresql14-contrib-14.13-3.44.1 * postgresql14-debugsource-14.13-3.44.1 * postgresql14-14.13-3.44.1 * postgresql14-debuginfo-14.13-3.44.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * postgresql14-docs-14.13-3.44.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * postgresql14-plpython-14.13-3.44.1 * postgresql14-contrib-debuginfo-14.13-3.44.1 * postgresql14-plpython-debuginfo-14.13-3.44.1 * postgresql14-plperl-debuginfo-14.13-3.44.1 * postgresql14-plperl-14.13-3.44.1 * postgresql14-pltcl-debuginfo-14.13-3.44.1 * postgresql14-server-14.13-3.44.1 * postgresql14-pltcl-14.13-3.44.1 * postgresql14-server-debuginfo-14.13-3.44.1 * postgresql14-contrib-14.13-3.44.1 * postgresql14-debugsource-14.13-3.44.1 * postgresql14-14.13-3.44.1 * postgresql14-debuginfo-14.13-3.44.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * postgresql14-docs-14.13-3.44.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * postgresql14-plpython-14.13-3.44.1 * postgresql14-contrib-debuginfo-14.13-3.44.1 * postgresql14-plpython-debuginfo-14.13-3.44.1 * postgresql14-plperl-debuginfo-14.13-3.44.1 * postgresql14-plperl-14.13-3.44.1 * postgresql14-pltcl-debuginfo-14.13-3.44.1 * postgresql14-server-14.13-3.44.1 * postgresql14-pltcl-14.13-3.44.1 * postgresql14-server-debuginfo-14.13-3.44.1 * postgresql14-contrib-14.13-3.44.1 * postgresql14-debugsource-14.13-3.44.1 * postgresql14-14.13-3.44.1 * postgresql14-debuginfo-14.13-3.44.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * postgresql14-docs-14.13-3.44.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7348.html * https://bugzilla.suse.com/show_bug.cgi?id=1229013 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 6 12:30:56 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 06 Sep 2024 12:30:56 -0000 Subject: SUSE-SU-2024:3153-1: important: Security update for postgresql16 Message-ID: <172562585675.18273.15283631263752434270@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2024:3153-1 Rating: important References: * bsc#1229013 Cross-References: * CVE-2024-7348 CVSS scores: * CVE-2024-7348 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-7348 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-7348 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql16 fixes the following issues: * Upgrade to 12.20 (bsc#1229013) * CVE-2024-7348: PostgreSQL relation replacement during pg_dump executes arbitrary SQL. (bsc#1229013) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3153=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3153=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3153=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3153=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3153=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3153=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3153=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3153=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3153=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * postgresql12-debugsource-12.20-150200.8.63.1 * postgresql12-plpython-debuginfo-12.20-150200.8.63.1 * postgresql12-plpython-12.20-150200.8.63.1 * postgresql12-server-debuginfo-12.20-150200.8.63.1 * postgresql12-contrib-debuginfo-12.20-150200.8.63.1 * postgresql12-contrib-12.20-150200.8.63.1 * postgresql12-server-devel-debuginfo-12.20-150200.8.63.1 * postgresql12-test-12.20-150200.8.63.1 * postgresql12-pltcl-debuginfo-12.20-150200.8.63.1 * postgresql12-server-12.20-150200.8.63.1 * postgresql12-llvmjit-debuginfo-12.20-150200.8.63.1 * postgresql12-12.20-150200.8.63.1 * postgresql12-llvmjit-12.20-150200.8.63.1 * postgresql12-llvmjit-devel-12.20-150200.8.63.1 * postgresql12-server-devel-12.20-150200.8.63.1 * postgresql12-pltcl-12.20-150200.8.63.1 * postgresql12-devel-12.20-150200.8.63.1 * postgresql12-debuginfo-12.20-150200.8.63.1 * postgresql12-plperl-12.20-150200.8.63.1 * postgresql12-devel-debuginfo-12.20-150200.8.63.1 * postgresql12-plperl-debuginfo-12.20-150200.8.63.1 * openSUSE Leap 15.5 (noarch) * postgresql12-docs-12.20-150200.8.63.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * postgresql12-debugsource-12.20-150200.8.63.1 * postgresql12-plpython-debuginfo-12.20-150200.8.63.1 * postgresql12-plpython-12.20-150200.8.63.1 * postgresql12-server-debuginfo-12.20-150200.8.63.1 * postgresql12-contrib-debuginfo-12.20-150200.8.63.1 * postgresql12-contrib-12.20-150200.8.63.1 * postgresql12-server-devel-debuginfo-12.20-150200.8.63.1 * postgresql12-test-12.20-150200.8.63.1 * postgresql12-pltcl-debuginfo-12.20-150200.8.63.1 * postgresql12-server-12.20-150200.8.63.1 * postgresql12-llvmjit-debuginfo-12.20-150200.8.63.1 * postgresql12-12.20-150200.8.63.1 * postgresql12-llvmjit-12.20-150200.8.63.1 * postgresql12-llvmjit-devel-12.20-150200.8.63.1 * postgresql12-server-devel-12.20-150200.8.63.1 * postgresql12-pltcl-12.20-150200.8.63.1 * postgresql12-devel-12.20-150200.8.63.1 * postgresql12-debuginfo-12.20-150200.8.63.1 * postgresql12-plperl-12.20-150200.8.63.1 * postgresql12-devel-debuginfo-12.20-150200.8.63.1 * postgresql12-plperl-debuginfo-12.20-150200.8.63.1 * openSUSE Leap 15.6 (noarch) * postgresql12-docs-12.20-150200.8.63.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * postgresql12-plperl-12.20-150200.8.63.1 * postgresql12-contrib-debuginfo-12.20-150200.8.63.1 * postgresql12-contrib-12.20-150200.8.63.1 * postgresql12-server-devel-debuginfo-12.20-150200.8.63.1 * postgresql12-debugsource-12.20-150200.8.63.1 * postgresql12-devel-debuginfo-12.20-150200.8.63.1 * postgresql12-debuginfo-12.20-150200.8.63.1 * postgresql12-plperl-debuginfo-12.20-150200.8.63.1 * postgresql12-pltcl-debuginfo-12.20-150200.8.63.1 * postgresql12-plpython-debuginfo-12.20-150200.8.63.1 * postgresql12-plpython-12.20-150200.8.63.1 * postgresql12-12.20-150200.8.63.1 * postgresql12-server-12.20-150200.8.63.1 * postgresql12-server-debuginfo-12.20-150200.8.63.1 * postgresql12-server-devel-12.20-150200.8.63.1 * postgresql12-pltcl-12.20-150200.8.63.1 * postgresql12-devel-12.20-150200.8.63.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * postgresql12-docs-12.20-150200.8.63.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * postgresql12-plperl-12.20-150200.8.63.1 * postgresql12-contrib-debuginfo-12.20-150200.8.63.1 * postgresql12-contrib-12.20-150200.8.63.1 * postgresql12-server-devel-debuginfo-12.20-150200.8.63.1 * postgresql12-debugsource-12.20-150200.8.63.1 * postgresql12-devel-debuginfo-12.20-150200.8.63.1 * postgresql12-debuginfo-12.20-150200.8.63.1 * postgresql12-plperl-debuginfo-12.20-150200.8.63.1 * postgresql12-pltcl-debuginfo-12.20-150200.8.63.1 * postgresql12-plpython-debuginfo-12.20-150200.8.63.1 * postgresql12-plpython-12.20-150200.8.63.1 * postgresql12-12.20-150200.8.63.1 * postgresql12-server-12.20-150200.8.63.1 * postgresql12-server-debuginfo-12.20-150200.8.63.1 * postgresql12-server-devel-12.20-150200.8.63.1 * postgresql12-pltcl-12.20-150200.8.63.1 * postgresql12-devel-12.20-150200.8.63.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * postgresql12-docs-12.20-150200.8.63.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * postgresql12-plperl-12.20-150200.8.63.1 * postgresql12-contrib-debuginfo-12.20-150200.8.63.1 * postgresql12-contrib-12.20-150200.8.63.1 * postgresql12-server-devel-debuginfo-12.20-150200.8.63.1 * postgresql12-debugsource-12.20-150200.8.63.1 * postgresql12-devel-debuginfo-12.20-150200.8.63.1 * postgresql12-debuginfo-12.20-150200.8.63.1 * postgresql12-plperl-debuginfo-12.20-150200.8.63.1 * postgresql12-pltcl-debuginfo-12.20-150200.8.63.1 * postgresql12-plpython-debuginfo-12.20-150200.8.63.1 * postgresql12-plpython-12.20-150200.8.63.1 * postgresql12-12.20-150200.8.63.1 * postgresql12-server-12.20-150200.8.63.1 * postgresql12-server-debuginfo-12.20-150200.8.63.1 * postgresql12-server-devel-12.20-150200.8.63.1 * postgresql12-pltcl-12.20-150200.8.63.1 * postgresql12-devel-12.20-150200.8.63.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * postgresql12-docs-12.20-150200.8.63.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * postgresql12-plperl-12.20-150200.8.63.1 * postgresql12-contrib-debuginfo-12.20-150200.8.63.1 * postgresql12-contrib-12.20-150200.8.63.1 * postgresql12-server-devel-debuginfo-12.20-150200.8.63.1 * postgresql12-debugsource-12.20-150200.8.63.1 * postgresql12-devel-debuginfo-12.20-150200.8.63.1 * postgresql12-debuginfo-12.20-150200.8.63.1 * postgresql12-plperl-debuginfo-12.20-150200.8.63.1 * postgresql12-pltcl-debuginfo-12.20-150200.8.63.1 * postgresql12-plpython-debuginfo-12.20-150200.8.63.1 * postgresql12-plpython-12.20-150200.8.63.1 * postgresql12-12.20-150200.8.63.1 * postgresql12-server-12.20-150200.8.63.1 * postgresql12-server-debuginfo-12.20-150200.8.63.1 * postgresql12-server-devel-12.20-150200.8.63.1 * postgresql12-pltcl-12.20-150200.8.63.1 * postgresql12-devel-12.20-150200.8.63.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * postgresql12-docs-12.20-150200.8.63.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * postgresql12-plperl-12.20-150200.8.63.1 * postgresql12-contrib-debuginfo-12.20-150200.8.63.1 * postgresql12-contrib-12.20-150200.8.63.1 * postgresql12-server-devel-debuginfo-12.20-150200.8.63.1 * postgresql12-debugsource-12.20-150200.8.63.1 * postgresql12-devel-debuginfo-12.20-150200.8.63.1 * postgresql12-debuginfo-12.20-150200.8.63.1 * postgresql12-plperl-debuginfo-12.20-150200.8.63.1 * postgresql12-pltcl-debuginfo-12.20-150200.8.63.1 * postgresql12-plpython-debuginfo-12.20-150200.8.63.1 * postgresql12-plpython-12.20-150200.8.63.1 * postgresql12-12.20-150200.8.63.1 * postgresql12-server-12.20-150200.8.63.1 * postgresql12-server-debuginfo-12.20-150200.8.63.1 * postgresql12-server-devel-12.20-150200.8.63.1 * postgresql12-pltcl-12.20-150200.8.63.1 * postgresql12-devel-12.20-150200.8.63.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * postgresql12-docs-12.20-150200.8.63.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * postgresql12-plperl-12.20-150200.8.63.1 * postgresql12-contrib-debuginfo-12.20-150200.8.63.1 * postgresql12-contrib-12.20-150200.8.63.1 * postgresql12-server-devel-debuginfo-12.20-150200.8.63.1 * postgresql12-debugsource-12.20-150200.8.63.1 * postgresql12-devel-debuginfo-12.20-150200.8.63.1 * postgresql12-debuginfo-12.20-150200.8.63.1 * postgresql12-plperl-debuginfo-12.20-150200.8.63.1 * postgresql12-pltcl-debuginfo-12.20-150200.8.63.1 * postgresql12-plpython-debuginfo-12.20-150200.8.63.1 * postgresql12-plpython-12.20-150200.8.63.1 * postgresql12-12.20-150200.8.63.1 * postgresql12-server-12.20-150200.8.63.1 * postgresql12-server-debuginfo-12.20-150200.8.63.1 * postgresql12-server-devel-12.20-150200.8.63.1 * postgresql12-pltcl-12.20-150200.8.63.1 * postgresql12-devel-12.20-150200.8.63.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * postgresql12-docs-12.20-150200.8.63.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * postgresql12-plperl-12.20-150200.8.63.1 * postgresql12-contrib-debuginfo-12.20-150200.8.63.1 * postgresql12-contrib-12.20-150200.8.63.1 * postgresql12-server-devel-debuginfo-12.20-150200.8.63.1 * postgresql12-debugsource-12.20-150200.8.63.1 * postgresql12-devel-debuginfo-12.20-150200.8.63.1 * postgresql12-debuginfo-12.20-150200.8.63.1 * postgresql12-plperl-debuginfo-12.20-150200.8.63.1 * postgresql12-pltcl-debuginfo-12.20-150200.8.63.1 * postgresql12-plpython-debuginfo-12.20-150200.8.63.1 * postgresql12-plpython-12.20-150200.8.63.1 * postgresql12-12.20-150200.8.63.1 * postgresql12-server-12.20-150200.8.63.1 * postgresql12-server-debuginfo-12.20-150200.8.63.1 * postgresql12-server-devel-12.20-150200.8.63.1 * postgresql12-pltcl-12.20-150200.8.63.1 * postgresql12-devel-12.20-150200.8.63.1 * SUSE Enterprise Storage 7.1 (noarch) * postgresql12-docs-12.20-150200.8.63.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7348.html * https://bugzilla.suse.com/show_bug.cgi?id=1229013 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 6 12:31:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 06 Sep 2024 12:31:02 -0000 Subject: SUSE-SU-2024:3152-1: important: Security update for MozillaFirefox Message-ID: <172562586274.18273.16841709081948262562@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2024:3152-1 Rating: important References: * bsc#1229821 Cross-References: * CVE-2024-8381 * CVE-2024-8382 * CVE-2024-8383 * CVE-2024-8384 * CVE-2024-8385 * CVE-2024-8386 * CVE-2024-8387 CVSS scores: * CVE-2024-8381 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-8381 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8382 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-8382 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-8383 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-8383 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-8384 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-8384 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8385 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-8385 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8386 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-8386 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-8387 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-8387 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves seven vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: * Update to Firefox Extended Support Release 128.2.0 ESR (bsc#1229821) * CVE-2024-8381: Type confusion when looking up a property name in a 'with' block * CVE-2024-8382: Internal event interfaces were exposed to web content when browser EventHandler listener callbacks ran * CVE-2024-8383: Firefox did not ask before openings news: links in an external application * CVE-2024-8384: Garbage collection could mis-color cross-compartment objects in OOM conditions * CVE-2024-8385: WASM type confusion involving ArrayTypes * CVE-2024-8386: SelectElements could be shown over another site if popups are allowed * CVE-2024-8387: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3152=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3152=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3152=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3152=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-128.2.0-112.225.1 * MozillaFirefox-debuginfo-128.2.0-112.225.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch) * MozillaFirefox-devel-128.2.0-112.225.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * MozillaFirefox-debugsource-128.2.0-112.225.1 * MozillaFirefox-128.2.0-112.225.1 * MozillaFirefox-translations-common-128.2.0-112.225.1 * MozillaFirefox-debuginfo-128.2.0-112.225.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * MozillaFirefox-devel-128.2.0-112.225.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-128.2.0-112.225.1 * MozillaFirefox-128.2.0-112.225.1 * MozillaFirefox-translations-common-128.2.0-112.225.1 * MozillaFirefox-debuginfo-128.2.0-112.225.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * MozillaFirefox-devel-128.2.0-112.225.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * MozillaFirefox-debugsource-128.2.0-112.225.1 * MozillaFirefox-128.2.0-112.225.1 * MozillaFirefox-translations-common-128.2.0-112.225.1 * MozillaFirefox-debuginfo-128.2.0-112.225.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * MozillaFirefox-devel-128.2.0-112.225.1 ## References: * https://www.suse.com/security/cve/CVE-2024-8381.html * https://www.suse.com/security/cve/CVE-2024-8382.html * https://www.suse.com/security/cve/CVE-2024-8383.html * https://www.suse.com/security/cve/CVE-2024-8384.html * https://www.suse.com/security/cve/CVE-2024-8385.html * https://www.suse.com/security/cve/CVE-2024-8386.html * https://www.suse.com/security/cve/CVE-2024-8387.html * https://bugzilla.suse.com/show_bug.cgi?id=1229821 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 6 12:31:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 06 Sep 2024 12:31:08 -0000 Subject: SUSE-SU-2024:3151-1: important: Security update for buildah Message-ID: <172562586821.18273.17991026584466618846@smelt2.prg2.suse.org> # Security update for buildah Announcement ID: SUSE-SU-2024:3151-1 Rating: important References: * bsc#1221243 * bsc#1221677 * bsc#1224117 Cross-References: * CVE-2024-1753 * CVE-2024-24786 * CVE-2024-28180 * CVE-2024-3727 CVSS scores: * CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-24786 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3727 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * Containers Module 15-SP5 * Containers Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for buildah fixes the following issues: Update to version 1.35.4: * Bump to Buildah v1.35.4 * CVE-2024-3727 updates (bsc#1224117) * integration test: handle new labels in "bud and test --unsetlabel" * Bump go-jose CVE-2024-28180 * Bump ocicrypt and go-jose CVE-2024-28180 Update to version 1.35.3: * correctly configure /etc/hosts and resolv.conf * buildah: refactor resolv/hosts setup. * CVE-2024-24786 protobuf to 1.33 Update to version 1.35.1: * CVE-2024-1753 container escape fix (bsc#1221677) * Buildah dropped cni support, require netavark instead (bsc#1221243) * Remove obsolete requires libcontainers-image & libcontainers-storage * Require passt for rootless networking (poo#156955) Buildah moved to passt/pasta for rootless networking from slirp4netns (https://github.com/containers/common/pull/1846) Update to version 1.35.0: * Bump c/common v0.58.0, c/image v5.30.0, c/storage v1.53.0 * conformance tests: don't break on trailing zeroes in layer blobs * Add a conformance test for copying to a mounted prior stage * cgroups: reuse version check from c/common * Update vendor of containers/(common,image) * manifest add: complain if we get artifact flags without --artifact * Use retry logic from containers/common * Vendor in containers/(storage,image,common) * Update module golang.org/x/crypto to v0.20.0 * Add comment re: Total Success task name * tests: skip_if_no_unshare(): check for --setuid * Properly handle build --pull=false * [skip-ci] Update tim-actions/get-pr-commits action to v1.3.1 * Update module go.etcd.io/bbolt to v1.3.9 * Revert "Reduce official image size" * Update module github.com/opencontainers/image-spec to v1.1.0 * Reduce official image size * Build with CNI support on FreeBSD * build --all-platforms: skip some base "image" platforms * Bump main to v1.35.0-dev * Vendor in latest containers/(storage,image,common) * Split up error messages for missing --sbom related flags * `buildah manifest`: add artifact-related options * cmd/buildah/manifest.go: lock lists before adding/annotating/pushing * cmd/buildah/manifest.go: don't make struct declarations aliases * Use golang.org/x/exp/slices.Contains * Disable loong64 again * Fix a couple of typos in one-line comments * egrep is obsolescent; use grep -E * Try Cirrus with a newer VM version * Set CONTAINERS_CONF in the chroot-mount-flags integration test * Update to match dependency API update * Update github.com/openshift/imagebuilder and containers/common * docs: correct default authfile path * tests: retrofit test for heredoc summary * build, heredoc: show heredoc summary in build output * manifest, push: add support for --retry and --retry-delay * imagebuildah: fix crash with empty RUN * Make buildah match podman for handling of ulimits * docs: move footnotes to where they're applicable * Allow users to specify no-dereference * docs: use reversed logo for dark theme in README * build,commit: add --sbom to scan and produce SBOMs when committing * commit: force omitHistory if the parent has layers but no history * docs: fix a couple of typos * internal/mkcw.Archive(): handle extra image content * stage_executor,heredoc: honor interpreter in heredoc * stage_executor,layers: burst cache if heredoc content is changed * Replace map[K]bool with map[K]struct{} where it makes sense * Replace strings.SplitN with strings.Cut * Document use of containers-transports values in buildah * manifest: addCompression use default from containers.conf * commit: add a --add-file flag * mkcw: populate the rootfs using an overlay * Ignore errors if label.Relabel returns ENOSUP ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3151=1 openSUSE-SLE-15.5-2024-3151=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3151=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3151=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-3151=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * buildah-1.35.4-150500.3.10.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * buildah-1.35.4-150500.3.10.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * buildah-1.35.4-150500.3.10.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * buildah-1.35.4-150500.3.10.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1753.html * https://www.suse.com/security/cve/CVE-2024-24786.html * https://www.suse.com/security/cve/CVE-2024-28180.html * https://www.suse.com/security/cve/CVE-2024-3727.html * https://bugzilla.suse.com/show_bug.cgi?id=1221243 * https://bugzilla.suse.com/show_bug.cgi?id=1221677 * https://bugzilla.suse.com/show_bug.cgi?id=1224117 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 9 12:30:16 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 09 Sep 2024 12:30:16 -0000 Subject: SUSE-SU-2024:3174-1: important: Security update for bubblewrap and flatpak Message-ID: <172588501632.16789.12330923632770443311@smelt2.prg2.suse.org> # Security update for bubblewrap and flatpak Announcement ID: SUSE-SU-2024:3174-1 Rating: important References: * bsc#1229157 Cross-References: * CVE-2024-42472 CVSS scores: * CVE-2024-42472 ( SUSE ): 9.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N * CVE-2024-42472 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for bubblewrap and flatpak fixes the following issues: * CVE-2024-42472: Fixed access to files outside sandbox for apps using persistent (bsc#1229157) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3174=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3174=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3174=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3174=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3174=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3174=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3174=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3174=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3174=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3174=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3174=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3174=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3174=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3174=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3174=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3174=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * flatpak-debugsource-1.12.8-150400.3.9.1 * libflatpak0-debuginfo-1.12.8-150400.3.9.1 * flatpak-zsh-completion-1.12.8-150400.3.9.1 * flatpak-devel-1.12.8-150400.3.9.1 * flatpak-debuginfo-1.12.8-150400.3.9.1 * system-user-flatpak-1.12.8-150400.3.9.1 * typelib-1_0-Flatpak-1_0-1.12.8-150400.3.9.1 * flatpak-1.12.8-150400.3.9.1 * libflatpak0-1.12.8-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * flatpak-debuginfo-1.10.8-150200.4.21.1 * bubblewrap-debugsource-0.4.1-150200.3.3.1 * bubblewrap-0.4.1-150200.3.3.1 * bubblewrap-debuginfo-0.4.1-150200.3.3.1 * flatpak-debugsource-1.10.8-150200.4.21.1 * flatpak-1.10.8-150200.4.21.1 * libflatpak0-1.10.8-150200.4.21.1 * flatpak-zsh-completion-1.10.8-150200.4.21.1 * typelib-1_0-Flatpak-1_0-1.10.8-150200.4.21.1 * system-user-flatpak-1.10.8-150200.4.21.1 * libflatpak0-debuginfo-1.10.8-150200.4.21.1 * flatpak-devel-1.10.8-150200.4.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * flatpak-debuginfo-1.10.8-150200.4.21.1 * bubblewrap-debugsource-0.4.1-150200.3.3.1 * bubblewrap-0.4.1-150200.3.3.1 * bubblewrap-debuginfo-0.4.1-150200.3.3.1 * flatpak-debugsource-1.10.8-150200.4.21.1 * flatpak-1.10.8-150200.4.21.1 * libflatpak0-1.10.8-150200.4.21.1 * flatpak-zsh-completion-1.10.8-150200.4.21.1 * typelib-1_0-Flatpak-1_0-1.10.8-150200.4.21.1 * system-user-flatpak-1.10.8-150200.4.21.1 * libflatpak0-debuginfo-1.10.8-150200.4.21.1 * flatpak-devel-1.10.8-150200.4.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * flatpak-debugsource-1.12.8-150400.3.9.1 * bubblewrap-debugsource-0.4.1-150200.3.3.1 * bubblewrap-0.4.1-150200.3.3.1 * bubblewrap-debuginfo-0.4.1-150200.3.3.1 * libflatpak0-debuginfo-1.12.8-150400.3.9.1 * flatpak-zsh-completion-1.12.8-150400.3.9.1 * flatpak-devel-1.12.8-150400.3.9.1 * flatpak-debuginfo-1.12.8-150400.3.9.1 * system-user-flatpak-1.12.8-150400.3.9.1 * typelib-1_0-Flatpak-1_0-1.12.8-150400.3.9.1 * flatpak-1.12.8-150400.3.9.1 * libflatpak0-1.12.8-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * flatpak-debugsource-1.12.8-150400.3.9.1 * bubblewrap-debugsource-0.4.1-150200.3.3.1 * bubblewrap-0.4.1-150200.3.3.1 * bubblewrap-debuginfo-0.4.1-150200.3.3.1 * libflatpak0-debuginfo-1.12.8-150400.3.9.1 * flatpak-zsh-completion-1.12.8-150400.3.9.1 * flatpak-devel-1.12.8-150400.3.9.1 * flatpak-debuginfo-1.12.8-150400.3.9.1 * system-user-flatpak-1.12.8-150400.3.9.1 * typelib-1_0-Flatpak-1_0-1.12.8-150400.3.9.1 * flatpak-1.12.8-150400.3.9.1 * libflatpak0-1.12.8-150400.3.9.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * flatpak-debugsource-1.12.8-150400.3.9.1 * bubblewrap-debugsource-0.4.1-150200.3.3.1 * bubblewrap-0.4.1-150200.3.3.1 * bubblewrap-debuginfo-0.4.1-150200.3.3.1 * libflatpak0-debuginfo-1.12.8-150400.3.9.1 * flatpak-zsh-completion-1.12.8-150400.3.9.1 * flatpak-devel-1.12.8-150400.3.9.1 * flatpak-debuginfo-1.12.8-150400.3.9.1 * system-user-flatpak-1.12.8-150400.3.9.1 * typelib-1_0-Flatpak-1_0-1.12.8-150400.3.9.1 * flatpak-1.12.8-150400.3.9.1 * libflatpak0-1.12.8-150400.3.9.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * flatpak-debuginfo-1.10.8-150200.4.21.1 * bubblewrap-debugsource-0.4.1-150200.3.3.1 * bubblewrap-0.4.1-150200.3.3.1 * bubblewrap-debuginfo-0.4.1-150200.3.3.1 * flatpak-debugsource-1.10.8-150200.4.21.1 * flatpak-1.10.8-150200.4.21.1 * libflatpak0-1.10.8-150200.4.21.1 * flatpak-zsh-completion-1.10.8-150200.4.21.1 * typelib-1_0-Flatpak-1_0-1.10.8-150200.4.21.1 * system-user-flatpak-1.10.8-150200.4.21.1 * libflatpak0-debuginfo-1.10.8-150200.4.21.1 * flatpak-devel-1.10.8-150200.4.21.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * flatpak-debuginfo-1.10.8-150200.4.21.1 * bubblewrap-debugsource-0.4.1-150200.3.3.1 * bubblewrap-0.4.1-150200.3.3.1 * bubblewrap-debuginfo-0.4.1-150200.3.3.1 * flatpak-debugsource-1.10.8-150200.4.21.1 * flatpak-1.10.8-150200.4.21.1 * libflatpak0-1.10.8-150200.4.21.1 * flatpak-zsh-completion-1.10.8-150200.4.21.1 * typelib-1_0-Flatpak-1_0-1.10.8-150200.4.21.1 * system-user-flatpak-1.10.8-150200.4.21.1 * libflatpak0-debuginfo-1.10.8-150200.4.21.1 * flatpak-devel-1.10.8-150200.4.21.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * flatpak-debugsource-1.12.8-150400.3.9.1 * bubblewrap-debugsource-0.4.1-150200.3.3.1 * bubblewrap-0.4.1-150200.3.3.1 * bubblewrap-debuginfo-0.4.1-150200.3.3.1 * libflatpak0-debuginfo-1.12.8-150400.3.9.1 * flatpak-zsh-completion-1.12.8-150400.3.9.1 * flatpak-devel-1.12.8-150400.3.9.1 * flatpak-debuginfo-1.12.8-150400.3.9.1 * system-user-flatpak-1.12.8-150400.3.9.1 * typelib-1_0-Flatpak-1_0-1.12.8-150400.3.9.1 * flatpak-1.12.8-150400.3.9.1 * libflatpak0-1.12.8-150400.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * flatpak-debuginfo-1.10.8-150200.4.21.1 * bubblewrap-debugsource-0.4.1-150200.3.3.1 * bubblewrap-0.4.1-150200.3.3.1 * bubblewrap-debuginfo-0.4.1-150200.3.3.1 * flatpak-debugsource-1.10.8-150200.4.21.1 * flatpak-1.10.8-150200.4.21.1 * libflatpak0-1.10.8-150200.4.21.1 * flatpak-zsh-completion-1.10.8-150200.4.21.1 * typelib-1_0-Flatpak-1_0-1.10.8-150200.4.21.1 * system-user-flatpak-1.10.8-150200.4.21.1 * libflatpak0-debuginfo-1.10.8-150200.4.21.1 * flatpak-devel-1.10.8-150200.4.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * flatpak-debuginfo-1.10.8-150200.4.21.1 * bubblewrap-debugsource-0.4.1-150200.3.3.1 * bubblewrap-0.4.1-150200.3.3.1 * bubblewrap-debuginfo-0.4.1-150200.3.3.1 * flatpak-debugsource-1.10.8-150200.4.21.1 * flatpak-1.10.8-150200.4.21.1 * libflatpak0-1.10.8-150200.4.21.1 * flatpak-zsh-completion-1.10.8-150200.4.21.1 * typelib-1_0-Flatpak-1_0-1.10.8-150200.4.21.1 * system-user-flatpak-1.10.8-150200.4.21.1 * libflatpak0-debuginfo-1.10.8-150200.4.21.1 * flatpak-devel-1.10.8-150200.4.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * flatpak-debugsource-1.12.8-150400.3.9.1 * bubblewrap-debugsource-0.4.1-150200.3.3.1 * bubblewrap-0.4.1-150200.3.3.1 * bubblewrap-debuginfo-0.4.1-150200.3.3.1 * libflatpak0-debuginfo-1.12.8-150400.3.9.1 * flatpak-zsh-completion-1.12.8-150400.3.9.1 * flatpak-devel-1.12.8-150400.3.9.1 * flatpak-debuginfo-1.12.8-150400.3.9.1 * system-user-flatpak-1.12.8-150400.3.9.1 * typelib-1_0-Flatpak-1_0-1.12.8-150400.3.9.1 * flatpak-1.12.8-150400.3.9.1 * libflatpak0-1.12.8-150400.3.9.1 * SUSE Manager Proxy 4.3 (x86_64) * bubblewrap-debugsource-0.4.1-150200.3.3.1 * bubblewrap-0.4.1-150200.3.3.1 * bubblewrap-debuginfo-0.4.1-150200.3.3.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * bubblewrap-debugsource-0.4.1-150200.3.3.1 * bubblewrap-0.4.1-150200.3.3.1 * bubblewrap-debuginfo-0.4.1-150200.3.3.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * bubblewrap-debugsource-0.4.1-150200.3.3.1 * bubblewrap-0.4.1-150200.3.3.1 * bubblewrap-debuginfo-0.4.1-150200.3.3.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * flatpak-debuginfo-1.10.8-150200.4.21.1 * bubblewrap-debugsource-0.4.1-150200.3.3.1 * bubblewrap-0.4.1-150200.3.3.1 * bubblewrap-debuginfo-0.4.1-150200.3.3.1 * flatpak-debugsource-1.10.8-150200.4.21.1 * flatpak-1.10.8-150200.4.21.1 * libflatpak0-1.10.8-150200.4.21.1 * flatpak-zsh-completion-1.10.8-150200.4.21.1 * typelib-1_0-Flatpak-1_0-1.10.8-150200.4.21.1 * system-user-flatpak-1.10.8-150200.4.21.1 * libflatpak0-debuginfo-1.10.8-150200.4.21.1 * flatpak-devel-1.10.8-150200.4.21.1 ## References: * https://www.suse.com/security/cve/CVE-2024-42472.html * https://bugzilla.suse.com/show_bug.cgi?id=1229157 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 9 12:30:23 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 09 Sep 2024 12:30:23 -0000 Subject: SUSE-SU-2024:3173-1: important: Security update for apache2 Message-ID: <172588502319.16789.17311864416550821046@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2024:3173-1 Rating: important References: * bsc#1227276 * bsc#1227278 * bsc#1227353 Cross-References: * CVE-2024-38473 * CVE-2024-38474 * CVE-2024-39884 CVSS scores: * CVE-2024-38473 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-38474 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2024-38474 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-39884 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2024-38474: Fixed substitution encoding issue in mod_rewrite (bsc#1227278) * CVE-2024-38473: Fixed encoding problem in mod_proxy (bsc#1227276) * CVE-2024-39884: Fixed source code disclosure with handlers configured via AddType (bsc#1227353) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3173=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-3173=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3173=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3173=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3173=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3173=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3173=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3173=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3173=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3173=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3173=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3173=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3173=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3173=1 ## Package List: * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.34.1 * apache2-devel-2.4.51-150400.6.34.1 * apache2-debugsource-2.4.51-150400.6.34.1 * apache2-debuginfo-2.4.51-150400.6.34.1 * apache2-worker-2.4.51-150400.6.34.1 * Server Applications Module 15-SP5 (noarch) * apache2-doc-2.4.51-150400.6.34.1 * Server Applications Module 15-SP6 (noarch) * apache2-doc-2.4.51-150400.6.34.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.34.1 * apache2-2.4.51-150400.6.34.1 * apache2-devel-2.4.51-150400.6.34.1 * apache2-debugsource-2.4.51-150400.6.34.1 * apache2-debuginfo-2.4.51-150400.6.34.1 * apache2-prefork-debuginfo-2.4.51-150400.6.34.1 * apache2-utils-2.4.51-150400.6.34.1 * apache2-worker-2.4.51-150400.6.34.1 * apache2-prefork-2.4.51-150400.6.34.1 * apache2-utils-debuginfo-2.4.51-150400.6.34.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.34.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.34.1 * apache2-2.4.51-150400.6.34.1 * apache2-devel-2.4.51-150400.6.34.1 * apache2-debugsource-2.4.51-150400.6.34.1 * apache2-debuginfo-2.4.51-150400.6.34.1 * apache2-prefork-debuginfo-2.4.51-150400.6.34.1 * apache2-utils-2.4.51-150400.6.34.1 * apache2-worker-2.4.51-150400.6.34.1 * apache2-prefork-2.4.51-150400.6.34.1 * apache2-utils-debuginfo-2.4.51-150400.6.34.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.34.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * apache2-2.4.51-150400.6.34.1 * apache2-debugsource-2.4.51-150400.6.34.1 * apache2-debuginfo-2.4.51-150400.6.34.1 * apache2-prefork-debuginfo-2.4.51-150400.6.34.1 * apache2-utils-2.4.51-150400.6.34.1 * apache2-prefork-2.4.51-150400.6.34.1 * apache2-utils-debuginfo-2.4.51-150400.6.34.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.34.1 * apache2-2.4.51-150400.6.34.1 * apache2-devel-2.4.51-150400.6.34.1 * apache2-debugsource-2.4.51-150400.6.34.1 * apache2-debuginfo-2.4.51-150400.6.34.1 * apache2-prefork-debuginfo-2.4.51-150400.6.34.1 * apache2-utils-2.4.51-150400.6.34.1 * apache2-worker-2.4.51-150400.6.34.1 * apache2-prefork-2.4.51-150400.6.34.1 * apache2-utils-debuginfo-2.4.51-150400.6.34.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * apache2-doc-2.4.51-150400.6.34.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.34.1 * apache2-2.4.51-150400.6.34.1 * apache2-devel-2.4.51-150400.6.34.1 * apache2-debugsource-2.4.51-150400.6.34.1 * apache2-debuginfo-2.4.51-150400.6.34.1 * apache2-prefork-debuginfo-2.4.51-150400.6.34.1 * apache2-utils-2.4.51-150400.6.34.1 * apache2-worker-2.4.51-150400.6.34.1 * apache2-prefork-2.4.51-150400.6.34.1 * apache2-utils-debuginfo-2.4.51-150400.6.34.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.34.1 * SUSE Manager Proxy 4.3 (x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.34.1 * apache2-2.4.51-150400.6.34.1 * apache2-devel-2.4.51-150400.6.34.1 * apache2-debugsource-2.4.51-150400.6.34.1 * apache2-debuginfo-2.4.51-150400.6.34.1 * apache2-prefork-debuginfo-2.4.51-150400.6.34.1 * apache2-utils-2.4.51-150400.6.34.1 * apache2-worker-2.4.51-150400.6.34.1 * apache2-prefork-2.4.51-150400.6.34.1 * apache2-utils-debuginfo-2.4.51-150400.6.34.1 * SUSE Manager Proxy 4.3 (noarch) * apache2-doc-2.4.51-150400.6.34.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.34.1 * apache2-2.4.51-150400.6.34.1 * apache2-devel-2.4.51-150400.6.34.1 * apache2-debugsource-2.4.51-150400.6.34.1 * apache2-debuginfo-2.4.51-150400.6.34.1 * apache2-prefork-debuginfo-2.4.51-150400.6.34.1 * apache2-utils-2.4.51-150400.6.34.1 * apache2-worker-2.4.51-150400.6.34.1 * apache2-prefork-2.4.51-150400.6.34.1 * apache2-utils-debuginfo-2.4.51-150400.6.34.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.34.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.34.1 * apache2-2.4.51-150400.6.34.1 * apache2-devel-2.4.51-150400.6.34.1 * apache2-debugsource-2.4.51-150400.6.34.1 * apache2-debuginfo-2.4.51-150400.6.34.1 * apache2-prefork-debuginfo-2.4.51-150400.6.34.1 * apache2-utils-2.4.51-150400.6.34.1 * apache2-worker-2.4.51-150400.6.34.1 * apache2-prefork-2.4.51-150400.6.34.1 * apache2-utils-debuginfo-2.4.51-150400.6.34.1 * SUSE Manager Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.34.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * apache2-event-2.4.51-150400.6.34.1 * apache2-worker-debuginfo-2.4.51-150400.6.34.1 * apache2-2.4.51-150400.6.34.1 * apache2-devel-2.4.51-150400.6.34.1 * apache2-debugsource-2.4.51-150400.6.34.1 * apache2-debuginfo-2.4.51-150400.6.34.1 * apache2-prefork-debuginfo-2.4.51-150400.6.34.1 * apache2-utils-debuginfo-2.4.51-150400.6.34.1 * apache2-utils-2.4.51-150400.6.34.1 * apache2-worker-2.4.51-150400.6.34.1 * apache2-prefork-2.4.51-150400.6.34.1 * apache2-event-debuginfo-2.4.51-150400.6.34.1 * apache2-example-pages-2.4.51-150400.6.34.1 * openSUSE Leap 15.4 (noarch) * apache2-doc-2.4.51-150400.6.34.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * apache2-event-2.4.51-150400.6.34.1 * apache2-worker-debuginfo-2.4.51-150400.6.34.1 * apache2-2.4.51-150400.6.34.1 * apache2-devel-2.4.51-150400.6.34.1 * apache2-debugsource-2.4.51-150400.6.34.1 * apache2-debuginfo-2.4.51-150400.6.34.1 * apache2-prefork-debuginfo-2.4.51-150400.6.34.1 * apache2-utils-debuginfo-2.4.51-150400.6.34.1 * apache2-utils-2.4.51-150400.6.34.1 * apache2-worker-2.4.51-150400.6.34.1 * apache2-prefork-2.4.51-150400.6.34.1 * apache2-event-debuginfo-2.4.51-150400.6.34.1 * apache2-example-pages-2.4.51-150400.6.34.1 * openSUSE Leap 15.5 (noarch) * apache2-doc-2.4.51-150400.6.34.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-2.4.51-150400.6.34.1 * apache2-debugsource-2.4.51-150400.6.34.1 * apache2-debuginfo-2.4.51-150400.6.34.1 * apache2-prefork-debuginfo-2.4.51-150400.6.34.1 * apache2-utils-2.4.51-150400.6.34.1 * apache2-prefork-2.4.51-150400.6.34.1 * apache2-utils-debuginfo-2.4.51-150400.6.34.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-event-2.4.51-150400.6.34.1 * apache2-event-debuginfo-2.4.51-150400.6.34.1 * apache2-debugsource-2.4.51-150400.6.34.1 * apache2-debuginfo-2.4.51-150400.6.34.1 ## References: * https://www.suse.com/security/cve/CVE-2024-38473.html * https://www.suse.com/security/cve/CVE-2024-38474.html * https://www.suse.com/security/cve/CVE-2024-39884.html * https://bugzilla.suse.com/show_bug.cgi?id=1227276 * https://bugzilla.suse.com/show_bug.cgi?id=1227278 * https://bugzilla.suse.com/show_bug.cgi?id=1227353 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 9 12:30:28 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 09 Sep 2024 12:30:28 -0000 Subject: SUSE-SU-2024:3172-1: important: Security update for apache2 Message-ID: <172588502861.16789.8480873608341650413@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2024:3172-1 Rating: important References: * bsc#1227276 * bsc#1227278 * bsc#1227353 Cross-References: * CVE-2024-38473 * CVE-2024-38474 * CVE-2024-39884 CVSS scores: * CVE-2024-38473 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-38474 ( SUSE ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2024-38474 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-39884 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2024-38474: Fixed substitution encoding issue in mod_rewrite (bsc#1227278) * CVE-2024-38473: Fixed encoding problem in mod_proxy (bsc#1227276) * CVE-2024-39884: Fixed source code disclosure with handlers configured via AddType (bsc#1227353) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3172=1 SUSE-2024-3172=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3172=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3172=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-3172=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * apache2-devel-2.4.58-150600.5.23.1 * apache2-worker-debugsource-2.4.58-150600.5.23.1 * apache2-worker-2.4.58-150600.5.23.1 * apache2-prefork-debuginfo-2.4.58-150600.5.23.1 * apache2-debuginfo-2.4.58-150600.5.23.1 * apache2-prefork-debugsource-2.4.58-150600.5.23.1 * apache2-2.4.58-150600.5.23.1 * apache2-debugsource-2.4.58-150600.5.23.1 * apache2-utils-2.4.58-150600.5.23.1 * apache2-worker-debuginfo-2.4.58-150600.5.23.1 * apache2-prefork-2.4.58-150600.5.23.1 * apache2-event-debuginfo-2.4.58-150600.5.23.1 * apache2-utils-debugsource-2.4.58-150600.5.23.1 * apache2-event-debugsource-2.4.58-150600.5.23.1 * apache2-event-2.4.58-150600.5.23.1 * apache2-utils-debuginfo-2.4.58-150600.5.23.1 * openSUSE Leap 15.6 (noarch) * apache2-manual-2.4.58-150600.5.23.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-prefork-debuginfo-2.4.58-150600.5.23.1 * apache2-debuginfo-2.4.58-150600.5.23.1 * apache2-prefork-debugsource-2.4.58-150600.5.23.1 * apache2-2.4.58-150600.5.23.1 * apache2-debugsource-2.4.58-150600.5.23.1 * apache2-prefork-2.4.58-150600.5.23.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-debuginfo-2.4.58-150600.5.23.1 * apache2-debugsource-2.4.58-150600.5.23.1 * apache2-event-debuginfo-2.4.58-150600.5.23.1 * apache2-event-debugsource-2.4.58-150600.5.23.1 * apache2-event-2.4.58-150600.5.23.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * apache2-devel-2.4.58-150600.5.23.1 * apache2-worker-debugsource-2.4.58-150600.5.23.1 * apache2-utils-2.4.58-150600.5.23.1 * apache2-worker-debuginfo-2.4.58-150600.5.23.1 * apache2-utils-debugsource-2.4.58-150600.5.23.1 * apache2-worker-2.4.58-150600.5.23.1 * apache2-utils-debuginfo-2.4.58-150600.5.23.1 ## References: * https://www.suse.com/security/cve/CVE-2024-38473.html * https://www.suse.com/security/cve/CVE-2024-38474.html * https://www.suse.com/security/cve/CVE-2024-39884.html * https://bugzilla.suse.com/show_bug.cgi?id=1227276 * https://bugzilla.suse.com/show_bug.cgi?id=1227278 * https://bugzilla.suse.com/show_bug.cgi?id=1227353 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 9 12:30:31 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 09 Sep 2024 12:30:31 -0000 Subject: SUSE-SU-2024:3171-1: important: Security update for postgresql16 Message-ID: <172588503169.16789.4416023661154788655@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2024:3171-1 Rating: important References: * bsc#1229013 Cross-References: * CVE-2024-7348 CVSS scores: * CVE-2024-7348 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-7348 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-7348 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Galera for Ericsson 15 SP5 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql16 fixes the following issues: * Upgrade to 13.16 (bsc#1229013) * CVE-2024-7348: PostgreSQL relation replacement during pg_dump executes arbitrary SQL. (bsc#1229013) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3171=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3171=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3171=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3171=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3171=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3171=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3171=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3171=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3171=1 * Galera for Ericsson 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-ERICSSON-2024-3171=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3171=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3171=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3171=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3171=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * postgresql13-llvmjit-devel-13.16-150200.5.61.1 * postgresql13-server-debuginfo-13.16-150200.5.61.1 * postgresql13-13.16-150200.5.61.1 * postgresql13-server-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-contrib-13.16-150200.5.61.1 * postgresql13-test-13.16-150200.5.61.1 * postgresql13-plpython-13.16-150200.5.61.1 * postgresql13-devel-13.16-150200.5.61.1 * postgresql13-debuginfo-13.16-150200.5.61.1 * postgresql13-llvmjit-13.16-150200.5.61.1 * postgresql13-debugsource-13.16-150200.5.61.1 * postgresql13-plperl-13.16-150200.5.61.1 * postgresql13-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-pltcl-13.16-150200.5.61.1 * postgresql13-llvmjit-debuginfo-13.16-150200.5.61.1 * postgresql13-server-13.16-150200.5.61.1 * postgresql13-server-devel-13.16-150200.5.61.1 * postgresql13-contrib-debuginfo-13.16-150200.5.61.1 * postgresql13-plperl-debuginfo-13.16-150200.5.61.1 * postgresql13-pltcl-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-debuginfo-13.16-150200.5.61.1 * openSUSE Leap 15.5 (noarch) * postgresql13-docs-13.16-150200.5.61.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * postgresql13-llvmjit-devel-13.16-150200.5.61.1 * postgresql13-server-debuginfo-13.16-150200.5.61.1 * postgresql13-13.16-150200.5.61.1 * postgresql13-server-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-contrib-13.16-150200.5.61.1 * postgresql13-test-13.16-150200.5.61.1 * postgresql13-plpython-13.16-150200.5.61.1 * postgresql13-devel-13.16-150200.5.61.1 * postgresql13-debuginfo-13.16-150200.5.61.1 * postgresql13-llvmjit-13.16-150200.5.61.1 * postgresql13-debugsource-13.16-150200.5.61.1 * postgresql13-plperl-13.16-150200.5.61.1 * postgresql13-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-pltcl-13.16-150200.5.61.1 * postgresql13-llvmjit-debuginfo-13.16-150200.5.61.1 * postgresql13-server-13.16-150200.5.61.1 * postgresql13-server-devel-13.16-150200.5.61.1 * postgresql13-contrib-debuginfo-13.16-150200.5.61.1 * postgresql13-plperl-debuginfo-13.16-150200.5.61.1 * postgresql13-pltcl-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-debuginfo-13.16-150200.5.61.1 * openSUSE Leap 15.6 (noarch) * postgresql13-docs-13.16-150200.5.61.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * postgresql13-13.16-150200.5.61.1 * postgresql13-pltcl-debuginfo-13.16-150200.5.61.1 * postgresql13-server-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-debugsource-13.16-150200.5.61.1 * postgresql13-server-13.16-150200.5.61.1 * postgresql13-contrib-13.16-150200.5.61.1 * postgresql13-plperl-13.16-150200.5.61.1 * postgresql13-server-devel-13.16-150200.5.61.1 * postgresql13-contrib-debuginfo-13.16-150200.5.61.1 * postgresql13-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-plperl-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-debuginfo-13.16-150200.5.61.1 * postgresql13-server-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-13.16-150200.5.61.1 * postgresql13-devel-13.16-150200.5.61.1 * postgresql13-pltcl-13.16-150200.5.61.1 * postgresql13-debuginfo-13.16-150200.5.61.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * postgresql13-docs-13.16-150200.5.61.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * postgresql13-13.16-150200.5.61.1 * postgresql13-pltcl-debuginfo-13.16-150200.5.61.1 * postgresql13-server-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-debugsource-13.16-150200.5.61.1 * postgresql13-server-13.16-150200.5.61.1 * postgresql13-contrib-13.16-150200.5.61.1 * postgresql13-plperl-13.16-150200.5.61.1 * postgresql13-server-devel-13.16-150200.5.61.1 * postgresql13-contrib-debuginfo-13.16-150200.5.61.1 * postgresql13-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-plperl-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-debuginfo-13.16-150200.5.61.1 * postgresql13-server-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-13.16-150200.5.61.1 * postgresql13-devel-13.16-150200.5.61.1 * postgresql13-pltcl-13.16-150200.5.61.1 * postgresql13-debuginfo-13.16-150200.5.61.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * postgresql13-docs-13.16-150200.5.61.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql13-13.16-150200.5.61.1 * postgresql13-llvmjit-debuginfo-13.16-150200.5.61.1 * postgresql13-pltcl-debuginfo-13.16-150200.5.61.1 * postgresql13-debugsource-13.16-150200.5.61.1 * postgresql13-server-13.16-150200.5.61.1 * postgresql13-server-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-contrib-13.16-150200.5.61.1 * postgresql13-plperl-13.16-150200.5.61.1 * postgresql13-server-devel-13.16-150200.5.61.1 * postgresql13-llvmjit-devel-13.16-150200.5.61.1 * postgresql13-contrib-debuginfo-13.16-150200.5.61.1 * postgresql13-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-plperl-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-debuginfo-13.16-150200.5.61.1 * postgresql13-server-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-13.16-150200.5.61.1 * postgresql13-devel-13.16-150200.5.61.1 * postgresql13-pltcl-13.16-150200.5.61.1 * postgresql13-debuginfo-13.16-150200.5.61.1 * postgresql13-llvmjit-13.16-150200.5.61.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * postgresql13-docs-13.16-150200.5.61.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql13-13.16-150200.5.61.1 * postgresql13-llvmjit-debuginfo-13.16-150200.5.61.1 * postgresql13-pltcl-debuginfo-13.16-150200.5.61.1 * postgresql13-debugsource-13.16-150200.5.61.1 * postgresql13-server-13.16-150200.5.61.1 * postgresql13-server-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-contrib-13.16-150200.5.61.1 * postgresql13-plperl-13.16-150200.5.61.1 * postgresql13-server-devel-13.16-150200.5.61.1 * postgresql13-llvmjit-devel-13.16-150200.5.61.1 * postgresql13-contrib-debuginfo-13.16-150200.5.61.1 * postgresql13-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-plperl-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-debuginfo-13.16-150200.5.61.1 * postgresql13-server-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-13.16-150200.5.61.1 * postgresql13-devel-13.16-150200.5.61.1 * postgresql13-pltcl-13.16-150200.5.61.1 * postgresql13-debuginfo-13.16-150200.5.61.1 * postgresql13-llvmjit-13.16-150200.5.61.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * postgresql13-docs-13.16-150200.5.61.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * postgresql13-13.16-150200.5.61.1 * postgresql13-pltcl-debuginfo-13.16-150200.5.61.1 * postgresql13-server-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-debugsource-13.16-150200.5.61.1 * postgresql13-server-13.16-150200.5.61.1 * postgresql13-contrib-13.16-150200.5.61.1 * postgresql13-plperl-13.16-150200.5.61.1 * postgresql13-server-devel-13.16-150200.5.61.1 * postgresql13-contrib-debuginfo-13.16-150200.5.61.1 * postgresql13-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-plperl-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-debuginfo-13.16-150200.5.61.1 * postgresql13-server-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-13.16-150200.5.61.1 * postgresql13-devel-13.16-150200.5.61.1 * postgresql13-pltcl-13.16-150200.5.61.1 * postgresql13-debuginfo-13.16-150200.5.61.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * postgresql13-docs-13.16-150200.5.61.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * postgresql13-13.16-150200.5.61.1 * postgresql13-pltcl-debuginfo-13.16-150200.5.61.1 * postgresql13-server-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-debugsource-13.16-150200.5.61.1 * postgresql13-server-13.16-150200.5.61.1 * postgresql13-contrib-13.16-150200.5.61.1 * postgresql13-plperl-13.16-150200.5.61.1 * postgresql13-server-devel-13.16-150200.5.61.1 * postgresql13-contrib-debuginfo-13.16-150200.5.61.1 * postgresql13-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-plperl-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-debuginfo-13.16-150200.5.61.1 * postgresql13-server-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-13.16-150200.5.61.1 * postgresql13-devel-13.16-150200.5.61.1 * postgresql13-pltcl-13.16-150200.5.61.1 * postgresql13-debuginfo-13.16-150200.5.61.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * postgresql13-docs-13.16-150200.5.61.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * postgresql13-13.16-150200.5.61.1 * postgresql13-llvmjit-debuginfo-13.16-150200.5.61.1 * postgresql13-pltcl-debuginfo-13.16-150200.5.61.1 * postgresql13-debugsource-13.16-150200.5.61.1 * postgresql13-server-13.16-150200.5.61.1 * postgresql13-server-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-contrib-13.16-150200.5.61.1 * postgresql13-plperl-13.16-150200.5.61.1 * postgresql13-server-devel-13.16-150200.5.61.1 * postgresql13-llvmjit-devel-13.16-150200.5.61.1 * postgresql13-contrib-debuginfo-13.16-150200.5.61.1 * postgresql13-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-plperl-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-debuginfo-13.16-150200.5.61.1 * postgresql13-server-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-13.16-150200.5.61.1 * postgresql13-devel-13.16-150200.5.61.1 * postgresql13-pltcl-13.16-150200.5.61.1 * postgresql13-debuginfo-13.16-150200.5.61.1 * postgresql13-llvmjit-13.16-150200.5.61.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * postgresql13-docs-13.16-150200.5.61.1 * Galera for Ericsson 15 SP5 (x86_64) * postgresql13-13.16-150200.5.61.1 * postgresql13-pltcl-debuginfo-13.16-150200.5.61.1 * postgresql13-server-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-debugsource-13.16-150200.5.61.1 * postgresql13-server-13.16-150200.5.61.1 * postgresql13-contrib-13.16-150200.5.61.1 * postgresql13-plperl-13.16-150200.5.61.1 * postgresql13-server-devel-13.16-150200.5.61.1 * postgresql13-contrib-debuginfo-13.16-150200.5.61.1 * postgresql13-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-plperl-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-debuginfo-13.16-150200.5.61.1 * postgresql13-server-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-13.16-150200.5.61.1 * postgresql13-devel-13.16-150200.5.61.1 * postgresql13-pltcl-13.16-150200.5.61.1 * postgresql13-debuginfo-13.16-150200.5.61.1 * Galera for Ericsson 15 SP5 (noarch) * postgresql13-docs-13.16-150200.5.61.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * postgresql13-13.16-150200.5.61.1 * postgresql13-pltcl-debuginfo-13.16-150200.5.61.1 * postgresql13-server-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-debugsource-13.16-150200.5.61.1 * postgresql13-server-13.16-150200.5.61.1 * postgresql13-contrib-13.16-150200.5.61.1 * postgresql13-plperl-13.16-150200.5.61.1 * postgresql13-server-devel-13.16-150200.5.61.1 * postgresql13-contrib-debuginfo-13.16-150200.5.61.1 * postgresql13-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-plperl-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-debuginfo-13.16-150200.5.61.1 * postgresql13-server-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-13.16-150200.5.61.1 * postgresql13-devel-13.16-150200.5.61.1 * postgresql13-pltcl-13.16-150200.5.61.1 * postgresql13-debuginfo-13.16-150200.5.61.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * postgresql13-docs-13.16-150200.5.61.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * postgresql13-13.16-150200.5.61.1 * postgresql13-pltcl-debuginfo-13.16-150200.5.61.1 * postgresql13-server-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-debugsource-13.16-150200.5.61.1 * postgresql13-server-13.16-150200.5.61.1 * postgresql13-contrib-13.16-150200.5.61.1 * postgresql13-plperl-13.16-150200.5.61.1 * postgresql13-server-devel-13.16-150200.5.61.1 * postgresql13-contrib-debuginfo-13.16-150200.5.61.1 * postgresql13-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-plperl-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-debuginfo-13.16-150200.5.61.1 * postgresql13-server-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-13.16-150200.5.61.1 * postgresql13-devel-13.16-150200.5.61.1 * postgresql13-pltcl-13.16-150200.5.61.1 * postgresql13-debuginfo-13.16-150200.5.61.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * postgresql13-docs-13.16-150200.5.61.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * postgresql13-13.16-150200.5.61.1 * postgresql13-llvmjit-debuginfo-13.16-150200.5.61.1 * postgresql13-pltcl-debuginfo-13.16-150200.5.61.1 * postgresql13-debugsource-13.16-150200.5.61.1 * postgresql13-server-13.16-150200.5.61.1 * postgresql13-server-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-contrib-13.16-150200.5.61.1 * postgresql13-plperl-13.16-150200.5.61.1 * postgresql13-server-devel-13.16-150200.5.61.1 * postgresql13-llvmjit-devel-13.16-150200.5.61.1 * postgresql13-contrib-debuginfo-13.16-150200.5.61.1 * postgresql13-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-plperl-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-debuginfo-13.16-150200.5.61.1 * postgresql13-server-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-13.16-150200.5.61.1 * postgresql13-devel-13.16-150200.5.61.1 * postgresql13-pltcl-13.16-150200.5.61.1 * postgresql13-debuginfo-13.16-150200.5.61.1 * postgresql13-llvmjit-13.16-150200.5.61.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * postgresql13-docs-13.16-150200.5.61.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * postgresql13-13.16-150200.5.61.1 * postgresql13-pltcl-debuginfo-13.16-150200.5.61.1 * postgresql13-server-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-debugsource-13.16-150200.5.61.1 * postgresql13-server-13.16-150200.5.61.1 * postgresql13-contrib-13.16-150200.5.61.1 * postgresql13-plperl-13.16-150200.5.61.1 * postgresql13-server-devel-13.16-150200.5.61.1 * postgresql13-contrib-debuginfo-13.16-150200.5.61.1 * postgresql13-devel-debuginfo-13.16-150200.5.61.1 * postgresql13-plperl-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-debuginfo-13.16-150200.5.61.1 * postgresql13-server-debuginfo-13.16-150200.5.61.1 * postgresql13-plpython-13.16-150200.5.61.1 * postgresql13-devel-13.16-150200.5.61.1 * postgresql13-pltcl-13.16-150200.5.61.1 * postgresql13-debuginfo-13.16-150200.5.61.1 * SUSE Enterprise Storage 7.1 (noarch) * postgresql13-docs-13.16-150200.5.61.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7348.html * https://bugzilla.suse.com/show_bug.cgi?id=1229013 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 9 12:30:34 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 09 Sep 2024 12:30:34 -0000 Subject: SUSE-SU-2024:3170-1: important: Security update for postgresql16 Message-ID: <172588503459.16789.3280837565636986586@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2024:3170-1 Rating: important References: * bsc#1229013 Cross-References: * CVE-2024-7348 CVSS scores: * CVE-2024-7348 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-7348 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-7348 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql16 fixes the following issues: * Upgrade to 16.4 (bsc#1229013) * CVE-2024-7348: PostgreSQL relation replacement during pg_dump executes arbitrary SQL. (bsc#1229013) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3170=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3170=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3170=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3170=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3170=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3170=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3170=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3170=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3170=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3170=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3170=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3170=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3170=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3170=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3170=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3170=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3170=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3170=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3170=1 ## Package List: * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libecpg6-16.4-150200.5.16.1 * postgresql16-debuginfo-16.4-150200.5.16.1 * libecpg6-debuginfo-16.4-150200.5.16.1 * libpq5-debuginfo-16.4-150200.5.16.1 * postgresql16-debugsource-16.4-150200.5.16.1 * libpq5-16.4-150200.5.16.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * postgresql16-plperl-debuginfo-16.4-150200.5.16.1 * postgresql16-debuginfo-16.4-150200.5.16.1 * postgresql16-16.4-150200.5.16.1 * postgresql16-pltcl-16.4-150200.5.16.1 * postgresql16-devel-debuginfo-16.4-150200.5.16.1 * postgresql16-server-devel-16.4-150200.5.16.1 * libecpg6-debuginfo-16.4-150200.5.16.1 * postgresql16-plpython-16.4-150200.5.16.1 * postgresql16-plpython-debuginfo-16.4-150200.5.16.1 * libecpg6-16.4-150200.5.16.1 * postgresql16-pltcl-debuginfo-16.4-150200.5.16.1 * postgresql16-plperl-16.4-150200.5.16.1 * libpq5-debuginfo-16.4-150200.5.16.1 * postgresql16-contrib-debuginfo-16.4-150200.5.16.1 * libpq5-16.4-150200.5.16.1 * postgresql16-contrib-16.4-150200.5.16.1 * postgresql16-server-devel-debuginfo-16.4-150200.5.16.1 * postgresql16-server-debuginfo-16.4-150200.5.16.1 * postgresql16-devel-16.4-150200.5.16.1 * postgresql16-debugsource-16.4-150200.5.16.1 * postgresql16-server-16.4-150200.5.16.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * postgresql16-docs-16.4-150200.5.16.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * libpq5-32bit-debuginfo-16.4-150200.5.16.1 * libpq5-32bit-16.4-150200.5.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libecpg6-16.4-150200.5.16.1 * libpq5-16.4-150200.5.16.1 * libecpg6-debuginfo-16.4-150200.5.16.1 * libpq5-debuginfo-16.4-150200.5.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * libpq5-32bit-debuginfo-16.4-150200.5.16.1 * libpq5-32bit-16.4-150200.5.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libecpg6-16.4-150200.5.16.1 * postgresql16-debuginfo-16.4-150200.5.16.1 * libecpg6-debuginfo-16.4-150200.5.16.1 * libpq5-debuginfo-16.4-150200.5.16.1 * postgresql16-debugsource-16.4-150200.5.16.1 * libpq5-16.4-150200.5.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * postgresql16-plperl-debuginfo-16.4-150200.5.16.1 * postgresql16-debuginfo-16.4-150200.5.16.1 * postgresql16-16.4-150200.5.16.1 * postgresql16-pltcl-16.4-150200.5.16.1 * postgresql16-devel-debuginfo-16.4-150200.5.16.1 * postgresql16-server-devel-16.4-150200.5.16.1 * libecpg6-debuginfo-16.4-150200.5.16.1 * postgresql16-plpython-16.4-150200.5.16.1 * postgresql16-plpython-debuginfo-16.4-150200.5.16.1 * libecpg6-16.4-150200.5.16.1 * postgresql16-pltcl-debuginfo-16.4-150200.5.16.1 * postgresql16-plperl-16.4-150200.5.16.1 * libpq5-debuginfo-16.4-150200.5.16.1 * postgresql16-contrib-debuginfo-16.4-150200.5.16.1 * libpq5-16.4-150200.5.16.1 * postgresql16-contrib-16.4-150200.5.16.1 * postgresql16-server-devel-debuginfo-16.4-150200.5.16.1 * postgresql16-server-debuginfo-16.4-150200.5.16.1 * postgresql16-devel-16.4-150200.5.16.1 * postgresql16-debugsource-16.4-150200.5.16.1 * postgresql16-server-16.4-150200.5.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * postgresql16-docs-16.4-150200.5.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libpq5-32bit-debuginfo-16.4-150200.5.16.1 * libpq5-32bit-16.4-150200.5.16.1 * SUSE Manager Proxy 4.3 (x86_64) * postgresql16-plperl-debuginfo-16.4-150200.5.16.1 * postgresql16-debuginfo-16.4-150200.5.16.1 * libpq5-32bit-debuginfo-16.4-150200.5.16.1 * postgresql16-16.4-150200.5.16.1 * postgresql16-pltcl-16.4-150200.5.16.1 * postgresql16-devel-debuginfo-16.4-150200.5.16.1 * postgresql16-server-devel-16.4-150200.5.16.1 * libecpg6-debuginfo-16.4-150200.5.16.1 * postgresql16-plpython-16.4-150200.5.16.1 * postgresql16-plpython-debuginfo-16.4-150200.5.16.1 * libecpg6-16.4-150200.5.16.1 * postgresql16-pltcl-debuginfo-16.4-150200.5.16.1 * postgresql16-plperl-16.4-150200.5.16.1 * libpq5-debuginfo-16.4-150200.5.16.1 * postgresql16-contrib-debuginfo-16.4-150200.5.16.1 * libpq5-16.4-150200.5.16.1 * libpq5-32bit-16.4-150200.5.16.1 * postgresql16-contrib-16.4-150200.5.16.1 * postgresql16-server-devel-debuginfo-16.4-150200.5.16.1 * postgresql16-server-debuginfo-16.4-150200.5.16.1 * postgresql16-devel-16.4-150200.5.16.1 * postgresql16-debugsource-16.4-150200.5.16.1 * postgresql16-server-16.4-150200.5.16.1 * SUSE Manager Proxy 4.3 (noarch) * postgresql16-docs-16.4-150200.5.16.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * postgresql16-plperl-debuginfo-16.4-150200.5.16.1 * postgresql16-debuginfo-16.4-150200.5.16.1 * libpq5-32bit-debuginfo-16.4-150200.5.16.1 * postgresql16-16.4-150200.5.16.1 * postgresql16-pltcl-16.4-150200.5.16.1 * postgresql16-devel-debuginfo-16.4-150200.5.16.1 * postgresql16-server-devel-16.4-150200.5.16.1 * libecpg6-debuginfo-16.4-150200.5.16.1 * postgresql16-plpython-16.4-150200.5.16.1 * postgresql16-plpython-debuginfo-16.4-150200.5.16.1 * libecpg6-16.4-150200.5.16.1 * postgresql16-pltcl-debuginfo-16.4-150200.5.16.1 * postgresql16-plperl-16.4-150200.5.16.1 * libpq5-debuginfo-16.4-150200.5.16.1 * postgresql16-contrib-debuginfo-16.4-150200.5.16.1 * libpq5-16.4-150200.5.16.1 * libpq5-32bit-16.4-150200.5.16.1 * postgresql16-contrib-16.4-150200.5.16.1 * postgresql16-server-devel-debuginfo-16.4-150200.5.16.1 * postgresql16-server-debuginfo-16.4-150200.5.16.1 * postgresql16-devel-16.4-150200.5.16.1 * postgresql16-debugsource-16.4-150200.5.16.1 * postgresql16-server-16.4-150200.5.16.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * postgresql16-docs-16.4-150200.5.16.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * postgresql16-plperl-debuginfo-16.4-150200.5.16.1 * postgresql16-debuginfo-16.4-150200.5.16.1 * postgresql16-16.4-150200.5.16.1 * postgresql16-pltcl-16.4-150200.5.16.1 * postgresql16-devel-debuginfo-16.4-150200.5.16.1 * postgresql16-server-devel-16.4-150200.5.16.1 * libecpg6-debuginfo-16.4-150200.5.16.1 * postgresql16-plpython-16.4-150200.5.16.1 * postgresql16-plpython-debuginfo-16.4-150200.5.16.1 * libecpg6-16.4-150200.5.16.1 * postgresql16-pltcl-debuginfo-16.4-150200.5.16.1 * postgresql16-plperl-16.4-150200.5.16.1 * libpq5-debuginfo-16.4-150200.5.16.1 * postgresql16-contrib-debuginfo-16.4-150200.5.16.1 * libpq5-16.4-150200.5.16.1 * postgresql16-contrib-16.4-150200.5.16.1 * postgresql16-server-devel-debuginfo-16.4-150200.5.16.1 * postgresql16-server-debuginfo-16.4-150200.5.16.1 * postgresql16-devel-16.4-150200.5.16.1 * postgresql16-debugsource-16.4-150200.5.16.1 * postgresql16-server-16.4-150200.5.16.1 * SUSE Manager Server 4.3 (noarch) * postgresql16-docs-16.4-150200.5.16.1 * SUSE Manager Server 4.3 (x86_64) * libpq5-32bit-debuginfo-16.4-150200.5.16.1 * libpq5-32bit-16.4-150200.5.16.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libecpg6-16.4-150200.5.16.1 * postgresql16-debuginfo-16.4-150200.5.16.1 * libecpg6-debuginfo-16.4-150200.5.16.1 * libpq5-debuginfo-16.4-150200.5.16.1 * postgresql16-debugsource-16.4-150200.5.16.1 * libpq5-16.4-150200.5.16.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * postgresql16-plperl-debuginfo-16.4-150200.5.16.1 * postgresql16-devel-mini-16.4-150200.5.16.1 * postgresql16-debuginfo-16.4-150200.5.16.1 * postgresql16-16.4-150200.5.16.1 * postgresql16-llvmjit-devel-16.4-150200.5.16.1 * postgresql16-pltcl-16.4-150200.5.16.1 * postgresql16-devel-debuginfo-16.4-150200.5.16.1 * postgresql16-server-devel-16.4-150200.5.16.1 * postgresql16-llvmjit-debuginfo-16.4-150200.5.16.1 * libecpg6-debuginfo-16.4-150200.5.16.1 * postgresql16-test-16.4-150200.5.16.1 * postgresql16-plpython-16.4-150200.5.16.1 * postgresql16-plpython-debuginfo-16.4-150200.5.16.1 * libecpg6-16.4-150200.5.16.1 * postgresql16-pltcl-debuginfo-16.4-150200.5.16.1 * postgresql16-plperl-16.4-150200.5.16.1 * libpq5-debuginfo-16.4-150200.5.16.1 * postgresql16-contrib-debuginfo-16.4-150200.5.16.1 * postgresql16-devel-mini-debuginfo-16.4-150200.5.16.1 * libpq5-16.4-150200.5.16.1 * postgresql16-contrib-16.4-150200.5.16.1 * postgresql16-server-devel-debuginfo-16.4-150200.5.16.1 * postgresql16-mini-debugsource-16.4-150200.5.16.1 * postgresql16-server-debuginfo-16.4-150200.5.16.1 * postgresql16-devel-16.4-150200.5.16.1 * postgresql16-debugsource-16.4-150200.5.16.1 * postgresql16-server-16.4-150200.5.16.1 * postgresql16-llvmjit-16.4-150200.5.16.1 * openSUSE Leap 15.5 (x86_64) * libpq5-32bit-debuginfo-16.4-150200.5.16.1 * libecpg6-32bit-16.4-150200.5.16.1 * libecpg6-32bit-debuginfo-16.4-150200.5.16.1 * libpq5-32bit-16.4-150200.5.16.1 * openSUSE Leap 15.5 (noarch) * postgresql16-docs-16.4-150200.5.16.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * postgresql16-debuginfo-16.4-150200.5.16.1 * libpq5-debuginfo-16.4-150200.5.16.1 * postgresql16-debugsource-16.4-150200.5.16.1 * postgresql16-16.4-150200.5.16.1 * libpq5-16.4-150200.5.16.1 * Basesystem Module 15-SP5 (x86_64) * libpq5-32bit-debuginfo-16.4-150200.5.16.1 * libpq5-32bit-16.4-150200.5.16.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * postgresql16-test-16.4-150200.5.16.1 * postgresql16-llvmjit-debuginfo-16.4-150200.5.16.1 * postgresql16-llvmjit-16.4-150200.5.16.1 * postgresql16-llvmjit-devel-16.4-150200.5.16.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libecpg6-16.4-150200.5.16.1 * postgresql16-devel-debuginfo-16.4-150200.5.16.1 * postgresql16-plperl-debuginfo-16.4-150200.5.16.1 * postgresql16-server-debuginfo-16.4-150200.5.16.1 * postgresql16-pltcl-debuginfo-16.4-150200.5.16.1 * postgresql16-debuginfo-16.4-150200.5.16.1 * postgresql16-plperl-16.4-150200.5.16.1 * postgresql16-server-devel-16.4-150200.5.16.1 * postgresql16-server-devel-debuginfo-16.4-150200.5.16.1 * libecpg6-debuginfo-16.4-150200.5.16.1 * postgresql16-contrib-debuginfo-16.4-150200.5.16.1 * postgresql16-devel-16.4-150200.5.16.1 * postgresql16-debugsource-16.4-150200.5.16.1 * postgresql16-plpython-16.4-150200.5.16.1 * postgresql16-plpython-debuginfo-16.4-150200.5.16.1 * postgresql16-pltcl-16.4-150200.5.16.1 * postgresql16-server-16.4-150200.5.16.1 * postgresql16-contrib-16.4-150200.5.16.1 * Server Applications Module 15-SP5 (noarch) * postgresql16-docs-16.4-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libecpg6-16.4-150200.5.16.1 * libpq5-16.4-150200.5.16.1 * libecpg6-debuginfo-16.4-150200.5.16.1 * libpq5-debuginfo-16.4-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * libpq5-32bit-debuginfo-16.4-150200.5.16.1 * libpq5-32bit-16.4-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libecpg6-16.4-150200.5.16.1 * postgresql16-debuginfo-16.4-150200.5.16.1 * libecpg6-debuginfo-16.4-150200.5.16.1 * libpq5-debuginfo-16.4-150200.5.16.1 * postgresql16-debugsource-16.4-150200.5.16.1 * libpq5-16.4-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql16-plperl-debuginfo-16.4-150200.5.16.1 * postgresql16-debuginfo-16.4-150200.5.16.1 * postgresql16-16.4-150200.5.16.1 * postgresql16-pltcl-16.4-150200.5.16.1 * postgresql16-devel-debuginfo-16.4-150200.5.16.1 * postgresql16-server-devel-16.4-150200.5.16.1 * libecpg6-debuginfo-16.4-150200.5.16.1 * postgresql16-plpython-16.4-150200.5.16.1 * postgresql16-plpython-debuginfo-16.4-150200.5.16.1 * libecpg6-16.4-150200.5.16.1 * postgresql16-pltcl-debuginfo-16.4-150200.5.16.1 * postgresql16-plperl-16.4-150200.5.16.1 * libpq5-debuginfo-16.4-150200.5.16.1 * postgresql16-contrib-debuginfo-16.4-150200.5.16.1 * libpq5-16.4-150200.5.16.1 * postgresql16-contrib-16.4-150200.5.16.1 * postgresql16-server-devel-debuginfo-16.4-150200.5.16.1 * postgresql16-server-debuginfo-16.4-150200.5.16.1 * postgresql16-devel-16.4-150200.5.16.1 * postgresql16-debugsource-16.4-150200.5.16.1 * postgresql16-server-16.4-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * postgresql16-docs-16.4-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libpq5-32bit-debuginfo-16.4-150200.5.16.1 * libpq5-32bit-16.4-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql16-plperl-debuginfo-16.4-150200.5.16.1 * postgresql16-debuginfo-16.4-150200.5.16.1 * postgresql16-16.4-150200.5.16.1 * postgresql16-pltcl-16.4-150200.5.16.1 * postgresql16-devel-debuginfo-16.4-150200.5.16.1 * postgresql16-server-devel-16.4-150200.5.16.1 * libecpg6-debuginfo-16.4-150200.5.16.1 * postgresql16-plpython-16.4-150200.5.16.1 * postgresql16-plpython-debuginfo-16.4-150200.5.16.1 * libecpg6-16.4-150200.5.16.1 * postgresql16-pltcl-debuginfo-16.4-150200.5.16.1 * postgresql16-plperl-16.4-150200.5.16.1 * libpq5-debuginfo-16.4-150200.5.16.1 * postgresql16-contrib-debuginfo-16.4-150200.5.16.1 * libpq5-16.4-150200.5.16.1 * postgresql16-contrib-16.4-150200.5.16.1 * postgresql16-server-devel-debuginfo-16.4-150200.5.16.1 * postgresql16-server-debuginfo-16.4-150200.5.16.1 * postgresql16-devel-16.4-150200.5.16.1 * postgresql16-debugsource-16.4-150200.5.16.1 * postgresql16-server-16.4-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * postgresql16-docs-16.4-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libpq5-32bit-debuginfo-16.4-150200.5.16.1 * libpq5-32bit-16.4-150200.5.16.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * postgresql16-debuginfo-16.4-150200.5.16.1 * libpq5-debuginfo-16.4-150200.5.16.1 * libpq5-32bit-debuginfo-16.4-150200.5.16.1 * postgresql16-16.4-150200.5.16.1 * postgresql16-debugsource-16.4-150200.5.16.1 * libpq5-16.4-150200.5.16.1 * libpq5-32bit-16.4-150200.5.16.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libecpg6-16.4-150200.5.16.1 * libpq5-16.4-150200.5.16.1 * libecpg6-debuginfo-16.4-150200.5.16.1 * libpq5-debuginfo-16.4-150200.5.16.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * libpq5-32bit-debuginfo-16.4-150200.5.16.1 * libpq5-32bit-16.4-150200.5.16.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7348.html * https://bugzilla.suse.com/show_bug.cgi?id=1229013 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 9 12:30:38 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 09 Sep 2024 12:30:38 -0000 Subject: SUSE-SU-2024:3169-1: important: Security update for postgresql16 Message-ID: <172588503874.16789.9820545782352291010@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2024:3169-1 Rating: important References: * bsc#1229013 Cross-References: * CVE-2024-7348 CVSS scores: * CVE-2024-7348 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-7348 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-7348 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Legacy Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql16 fixes the following issues: * Upgrade to 14.13 (bsc#1229013) * CVE-2024-7348: PostgreSQL relation replacement during pg_dump executes arbitrary SQL. (bsc#1229013) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3169=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-3169=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3169=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3169=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3169=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3169=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3169=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3169=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3169=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3169=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3169=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3169=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3169=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3169=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3169=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3169=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3169=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3169=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * postgresql14-server-devel-14.13-150200.5.47.1 * postgresql14-plperl-debuginfo-14.13-150200.5.47.1 * postgresql14-debugsource-14.13-150200.5.47.1 * postgresql14-server-debuginfo-14.13-150200.5.47.1 * postgresql14-test-14.13-150200.5.47.1 * postgresql14-14.13-150200.5.47.1 * postgresql14-llvmjit-devel-14.13-150200.5.47.1 * postgresql14-server-14.13-150200.5.47.1 * postgresql14-devel-14.13-150200.5.47.1 * postgresql14-pltcl-debuginfo-14.13-150200.5.47.1 * postgresql14-pltcl-14.13-150200.5.47.1 * postgresql14-contrib-14.13-150200.5.47.1 * postgresql14-llvmjit-14.13-150200.5.47.1 * postgresql14-plpython-14.13-150200.5.47.1 * postgresql14-contrib-debuginfo-14.13-150200.5.47.1 * postgresql14-plperl-14.13-150200.5.47.1 * postgresql14-plpython-debuginfo-14.13-150200.5.47.1 * postgresql14-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-server-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-debuginfo-14.13-150200.5.47.1 * postgresql14-llvmjit-debuginfo-14.13-150200.5.47.1 * openSUSE Leap 15.5 (noarch) * postgresql14-docs-14.13-150200.5.47.1 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * postgresql14-14.13-150200.5.47.1 * postgresql14-llvmjit-devel-14.13-150200.5.47.1 * postgresql14-server-devel-14.13-150200.5.47.1 * postgresql14-server-14.13-150200.5.47.1 * postgresql14-llvmjit-14.13-150200.5.47.1 * postgresql14-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-14.13-150200.5.47.1 * postgresql14-devel-14.13-150200.5.47.1 * postgresql14-server-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-debuginfo-14.13-150200.5.47.1 * postgresql14-plperl-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-14.13-150200.5.47.1 * postgresql14-debuginfo-14.13-150200.5.47.1 * postgresql14-debugsource-14.13-150200.5.47.1 * postgresql14-plperl-14.13-150200.5.47.1 * postgresql14-pltcl-14.13-150200.5.47.1 * postgresql14-llvmjit-debuginfo-14.13-150200.5.47.1 * postgresql14-pltcl-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-debuginfo-14.13-150200.5.47.1 * postgresql14-server-debuginfo-14.13-150200.5.47.1 * Legacy Module 15-SP5 (noarch) * postgresql14-docs-14.13-150200.5.47.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * postgresql14-llvmjit-14.13-150200.5.47.1 * postgresql14-debugsource-14.13-150200.5.47.1 * postgresql14-debuginfo-14.13-150200.5.47.1 * postgresql14-llvmjit-debuginfo-14.13-150200.5.47.1 * postgresql14-test-14.13-150200.5.47.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * postgresql14-14.13-150200.5.47.1 * postgresql14-server-devel-14.13-150200.5.47.1 * postgresql14-server-14.13-150200.5.47.1 * postgresql14-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-14.13-150200.5.47.1 * postgresql14-devel-14.13-150200.5.47.1 * postgresql14-server-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-debuginfo-14.13-150200.5.47.1 * postgresql14-plperl-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-14.13-150200.5.47.1 * postgresql14-debuginfo-14.13-150200.5.47.1 * postgresql14-debugsource-14.13-150200.5.47.1 * postgresql14-plperl-14.13-150200.5.47.1 * postgresql14-pltcl-14.13-150200.5.47.1 * postgresql14-pltcl-debuginfo-14.13-150200.5.47.1 * postgresql14-server-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-debuginfo-14.13-150200.5.47.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * postgresql14-docs-14.13-150200.5.47.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * postgresql14-14.13-150200.5.47.1 * postgresql14-server-devel-14.13-150200.5.47.1 * postgresql14-server-14.13-150200.5.47.1 * postgresql14-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-14.13-150200.5.47.1 * postgresql14-devel-14.13-150200.5.47.1 * postgresql14-server-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-debuginfo-14.13-150200.5.47.1 * postgresql14-plperl-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-14.13-150200.5.47.1 * postgresql14-debuginfo-14.13-150200.5.47.1 * postgresql14-debugsource-14.13-150200.5.47.1 * postgresql14-plperl-14.13-150200.5.47.1 * postgresql14-pltcl-14.13-150200.5.47.1 * postgresql14-pltcl-debuginfo-14.13-150200.5.47.1 * postgresql14-server-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-debuginfo-14.13-150200.5.47.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * postgresql14-docs-14.13-150200.5.47.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql14-14.13-150200.5.47.1 * postgresql14-server-devel-14.13-150200.5.47.1 * postgresql14-server-14.13-150200.5.47.1 * postgresql14-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-14.13-150200.5.47.1 * postgresql14-devel-14.13-150200.5.47.1 * postgresql14-server-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-debuginfo-14.13-150200.5.47.1 * postgresql14-plperl-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-14.13-150200.5.47.1 * postgresql14-debuginfo-14.13-150200.5.47.1 * postgresql14-debugsource-14.13-150200.5.47.1 * postgresql14-plperl-14.13-150200.5.47.1 * postgresql14-pltcl-14.13-150200.5.47.1 * postgresql14-pltcl-debuginfo-14.13-150200.5.47.1 * postgresql14-server-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-debuginfo-14.13-150200.5.47.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * postgresql14-docs-14.13-150200.5.47.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql14-14.13-150200.5.47.1 * postgresql14-server-devel-14.13-150200.5.47.1 * postgresql14-server-14.13-150200.5.47.1 * postgresql14-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-14.13-150200.5.47.1 * postgresql14-devel-14.13-150200.5.47.1 * postgresql14-server-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-debuginfo-14.13-150200.5.47.1 * postgresql14-plperl-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-14.13-150200.5.47.1 * postgresql14-debuginfo-14.13-150200.5.47.1 * postgresql14-debugsource-14.13-150200.5.47.1 * postgresql14-plperl-14.13-150200.5.47.1 * postgresql14-pltcl-14.13-150200.5.47.1 * postgresql14-pltcl-debuginfo-14.13-150200.5.47.1 * postgresql14-server-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-debuginfo-14.13-150200.5.47.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * postgresql14-docs-14.13-150200.5.47.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * postgresql14-14.13-150200.5.47.1 * postgresql14-debugsource-14.13-150200.5.47.1 * postgresql14-debuginfo-14.13-150200.5.47.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * postgresql14-14.13-150200.5.47.1 * postgresql14-server-devel-14.13-150200.5.47.1 * postgresql14-server-14.13-150200.5.47.1 * postgresql14-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-14.13-150200.5.47.1 * postgresql14-devel-14.13-150200.5.47.1 * postgresql14-server-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-debuginfo-14.13-150200.5.47.1 * postgresql14-plperl-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-14.13-150200.5.47.1 * postgresql14-debuginfo-14.13-150200.5.47.1 * postgresql14-debugsource-14.13-150200.5.47.1 * postgresql14-plperl-14.13-150200.5.47.1 * postgresql14-pltcl-14.13-150200.5.47.1 * postgresql14-pltcl-debuginfo-14.13-150200.5.47.1 * postgresql14-server-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-debuginfo-14.13-150200.5.47.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * postgresql14-docs-14.13-150200.5.47.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * postgresql14-14.13-150200.5.47.1 * postgresql14-server-devel-14.13-150200.5.47.1 * postgresql14-server-14.13-150200.5.47.1 * postgresql14-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-14.13-150200.5.47.1 * postgresql14-devel-14.13-150200.5.47.1 * postgresql14-server-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-debuginfo-14.13-150200.5.47.1 * postgresql14-plperl-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-14.13-150200.5.47.1 * postgresql14-debuginfo-14.13-150200.5.47.1 * postgresql14-debugsource-14.13-150200.5.47.1 * postgresql14-plperl-14.13-150200.5.47.1 * postgresql14-pltcl-14.13-150200.5.47.1 * postgresql14-pltcl-debuginfo-14.13-150200.5.47.1 * postgresql14-server-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-debuginfo-14.13-150200.5.47.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * postgresql14-docs-14.13-150200.5.47.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * postgresql14-14.13-150200.5.47.1 * postgresql14-server-devel-14.13-150200.5.47.1 * postgresql14-server-14.13-150200.5.47.1 * postgresql14-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-14.13-150200.5.47.1 * postgresql14-devel-14.13-150200.5.47.1 * postgresql14-server-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-debuginfo-14.13-150200.5.47.1 * postgresql14-plperl-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-14.13-150200.5.47.1 * postgresql14-debuginfo-14.13-150200.5.47.1 * postgresql14-debugsource-14.13-150200.5.47.1 * postgresql14-plperl-14.13-150200.5.47.1 * postgresql14-pltcl-14.13-150200.5.47.1 * postgresql14-pltcl-debuginfo-14.13-150200.5.47.1 * postgresql14-server-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-debuginfo-14.13-150200.5.47.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * postgresql14-docs-14.13-150200.5.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * postgresql14-14.13-150200.5.47.1 * postgresql14-server-devel-14.13-150200.5.47.1 * postgresql14-server-14.13-150200.5.47.1 * postgresql14-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-14.13-150200.5.47.1 * postgresql14-devel-14.13-150200.5.47.1 * postgresql14-server-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-debuginfo-14.13-150200.5.47.1 * postgresql14-plperl-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-14.13-150200.5.47.1 * postgresql14-debuginfo-14.13-150200.5.47.1 * postgresql14-debugsource-14.13-150200.5.47.1 * postgresql14-plperl-14.13-150200.5.47.1 * postgresql14-pltcl-14.13-150200.5.47.1 * postgresql14-pltcl-debuginfo-14.13-150200.5.47.1 * postgresql14-server-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-debuginfo-14.13-150200.5.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * postgresql14-docs-14.13-150200.5.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * postgresql14-14.13-150200.5.47.1 * postgresql14-server-devel-14.13-150200.5.47.1 * postgresql14-server-14.13-150200.5.47.1 * postgresql14-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-14.13-150200.5.47.1 * postgresql14-devel-14.13-150200.5.47.1 * postgresql14-server-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-debuginfo-14.13-150200.5.47.1 * postgresql14-plperl-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-14.13-150200.5.47.1 * postgresql14-debuginfo-14.13-150200.5.47.1 * postgresql14-debugsource-14.13-150200.5.47.1 * postgresql14-plperl-14.13-150200.5.47.1 * postgresql14-pltcl-14.13-150200.5.47.1 * postgresql14-pltcl-debuginfo-14.13-150200.5.47.1 * postgresql14-server-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-debuginfo-14.13-150200.5.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * postgresql14-docs-14.13-150200.5.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * postgresql14-14.13-150200.5.47.1 * postgresql14-server-devel-14.13-150200.5.47.1 * postgresql14-server-14.13-150200.5.47.1 * postgresql14-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-14.13-150200.5.47.1 * postgresql14-devel-14.13-150200.5.47.1 * postgresql14-server-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-debuginfo-14.13-150200.5.47.1 * postgresql14-plperl-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-14.13-150200.5.47.1 * postgresql14-debuginfo-14.13-150200.5.47.1 * postgresql14-debugsource-14.13-150200.5.47.1 * postgresql14-plperl-14.13-150200.5.47.1 * postgresql14-pltcl-14.13-150200.5.47.1 * postgresql14-pltcl-debuginfo-14.13-150200.5.47.1 * postgresql14-server-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-debuginfo-14.13-150200.5.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * postgresql14-docs-14.13-150200.5.47.1 * SUSE Manager Proxy 4.3 (x86_64) * postgresql14-14.13-150200.5.47.1 * postgresql14-server-devel-14.13-150200.5.47.1 * postgresql14-server-14.13-150200.5.47.1 * postgresql14-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-14.13-150200.5.47.1 * postgresql14-devel-14.13-150200.5.47.1 * postgresql14-server-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-debuginfo-14.13-150200.5.47.1 * postgresql14-plperl-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-14.13-150200.5.47.1 * postgresql14-debuginfo-14.13-150200.5.47.1 * postgresql14-debugsource-14.13-150200.5.47.1 * postgresql14-plperl-14.13-150200.5.47.1 * postgresql14-pltcl-14.13-150200.5.47.1 * postgresql14-pltcl-debuginfo-14.13-150200.5.47.1 * postgresql14-server-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-debuginfo-14.13-150200.5.47.1 * SUSE Manager Proxy 4.3 (noarch) * postgresql14-docs-14.13-150200.5.47.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * postgresql14-14.13-150200.5.47.1 * postgresql14-server-devel-14.13-150200.5.47.1 * postgresql14-server-14.13-150200.5.47.1 * postgresql14-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-14.13-150200.5.47.1 * postgresql14-devel-14.13-150200.5.47.1 * postgresql14-server-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-debuginfo-14.13-150200.5.47.1 * postgresql14-plperl-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-14.13-150200.5.47.1 * postgresql14-debuginfo-14.13-150200.5.47.1 * postgresql14-debugsource-14.13-150200.5.47.1 * postgresql14-plperl-14.13-150200.5.47.1 * postgresql14-pltcl-14.13-150200.5.47.1 * postgresql14-pltcl-debuginfo-14.13-150200.5.47.1 * postgresql14-server-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-debuginfo-14.13-150200.5.47.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * postgresql14-docs-14.13-150200.5.47.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * postgresql14-14.13-150200.5.47.1 * postgresql14-server-devel-14.13-150200.5.47.1 * postgresql14-server-14.13-150200.5.47.1 * postgresql14-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-14.13-150200.5.47.1 * postgresql14-devel-14.13-150200.5.47.1 * postgresql14-server-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-debuginfo-14.13-150200.5.47.1 * postgresql14-plperl-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-14.13-150200.5.47.1 * postgresql14-debuginfo-14.13-150200.5.47.1 * postgresql14-debugsource-14.13-150200.5.47.1 * postgresql14-plperl-14.13-150200.5.47.1 * postgresql14-pltcl-14.13-150200.5.47.1 * postgresql14-pltcl-debuginfo-14.13-150200.5.47.1 * postgresql14-server-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-debuginfo-14.13-150200.5.47.1 * SUSE Manager Server 4.3 (noarch) * postgresql14-docs-14.13-150200.5.47.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * postgresql14-14.13-150200.5.47.1 * postgresql14-server-devel-14.13-150200.5.47.1 * postgresql14-server-14.13-150200.5.47.1 * postgresql14-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-14.13-150200.5.47.1 * postgresql14-devel-14.13-150200.5.47.1 * postgresql14-server-devel-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-debuginfo-14.13-150200.5.47.1 * postgresql14-plperl-debuginfo-14.13-150200.5.47.1 * postgresql14-contrib-14.13-150200.5.47.1 * postgresql14-debuginfo-14.13-150200.5.47.1 * postgresql14-debugsource-14.13-150200.5.47.1 * postgresql14-plperl-14.13-150200.5.47.1 * postgresql14-pltcl-14.13-150200.5.47.1 * postgresql14-pltcl-debuginfo-14.13-150200.5.47.1 * postgresql14-server-debuginfo-14.13-150200.5.47.1 * postgresql14-plpython-debuginfo-14.13-150200.5.47.1 * SUSE Enterprise Storage 7.1 (noarch) * postgresql14-docs-14.13-150200.5.47.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7348.html * https://bugzilla.suse.com/show_bug.cgi?id=1229013 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 9 12:30:42 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 09 Sep 2024 12:30:42 -0000 Subject: SUSE-SU-2024:3168-1: important: Security update for postgresql16 Message-ID: <172588504233.16789.4859403829080400103@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2024:3168-1 Rating: important References: * bsc#1229013 Cross-References: * CVE-2024-7348 CVSS scores: * CVE-2024-7348 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-7348 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-7348 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql16 fixes the following issues: * Upgrade to 15.8 (bsc#1229013) * CVE-2024-7348: PostgreSQL relation replacement during pg_dump executes arbitrary SQL. (bsc#1229013) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3168=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3168=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3168=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3168=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3168=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3168=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3168=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3168=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3168=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3168=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3168=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3168=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3168=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3168=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3168=1 ## Package List: * SUSE Manager Proxy 4.3 (x86_64) * postgresql15-plperl-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-15.8-150200.5.30.1 * postgresql15-server-debuginfo-15.8-150200.5.30.1 * postgresql15-devel-15.8-150200.5.30.1 * postgresql15-contrib-15.8-150200.5.30.1 * postgresql15-pltcl-debuginfo-15.8-150200.5.30.1 * postgresql15-debugsource-15.8-150200.5.30.1 * postgresql15-15.8-150200.5.30.1 * postgresql15-devel-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-debuginfo-15.8-150200.5.30.1 * postgresql15-contrib-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-15.8-150200.5.30.1 * postgresql15-plperl-15.8-150200.5.30.1 * postgresql15-server-15.8-150200.5.30.1 * postgresql15-pltcl-15.8-150200.5.30.1 * postgresql15-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-debuginfo-15.8-150200.5.30.1 * SUSE Manager Proxy 4.3 (noarch) * postgresql15-docs-15.8-150200.5.30.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * postgresql15-plperl-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-15.8-150200.5.30.1 * postgresql15-server-debuginfo-15.8-150200.5.30.1 * postgresql15-devel-15.8-150200.5.30.1 * postgresql15-contrib-15.8-150200.5.30.1 * postgresql15-pltcl-debuginfo-15.8-150200.5.30.1 * postgresql15-debugsource-15.8-150200.5.30.1 * postgresql15-15.8-150200.5.30.1 * postgresql15-devel-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-debuginfo-15.8-150200.5.30.1 * postgresql15-contrib-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-15.8-150200.5.30.1 * postgresql15-plperl-15.8-150200.5.30.1 * postgresql15-server-15.8-150200.5.30.1 * postgresql15-pltcl-15.8-150200.5.30.1 * postgresql15-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-debuginfo-15.8-150200.5.30.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * postgresql15-docs-15.8-150200.5.30.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * postgresql15-plperl-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-15.8-150200.5.30.1 * postgresql15-server-debuginfo-15.8-150200.5.30.1 * postgresql15-devel-15.8-150200.5.30.1 * postgresql15-contrib-15.8-150200.5.30.1 * postgresql15-pltcl-debuginfo-15.8-150200.5.30.1 * postgresql15-debugsource-15.8-150200.5.30.1 * postgresql15-15.8-150200.5.30.1 * postgresql15-devel-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-debuginfo-15.8-150200.5.30.1 * postgresql15-contrib-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-15.8-150200.5.30.1 * postgresql15-plperl-15.8-150200.5.30.1 * postgresql15-server-15.8-150200.5.30.1 * postgresql15-pltcl-15.8-150200.5.30.1 * postgresql15-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-debuginfo-15.8-150200.5.30.1 * SUSE Manager Server 4.3 (noarch) * postgresql15-docs-15.8-150200.5.30.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * postgresql15-plperl-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-15.8-150200.5.30.1 * postgresql15-server-debuginfo-15.8-150200.5.30.1 * postgresql15-devel-15.8-150200.5.30.1 * postgresql15-contrib-15.8-150200.5.30.1 * postgresql15-pltcl-debuginfo-15.8-150200.5.30.1 * postgresql15-debugsource-15.8-150200.5.30.1 * postgresql15-15.8-150200.5.30.1 * postgresql15-devel-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-debuginfo-15.8-150200.5.30.1 * postgresql15-contrib-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-15.8-150200.5.30.1 * postgresql15-plperl-15.8-150200.5.30.1 * postgresql15-server-15.8-150200.5.30.1 * postgresql15-pltcl-15.8-150200.5.30.1 * postgresql15-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-debuginfo-15.8-150200.5.30.1 * SUSE Enterprise Storage 7.1 (noarch) * postgresql15-docs-15.8-150200.5.30.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * postgresql15-plperl-debuginfo-15.8-150200.5.30.1 * postgresql15-server-debuginfo-15.8-150200.5.30.1 * postgresql15-test-15.8-150200.5.30.1 * postgresql15-llvmjit-15.8-150200.5.30.1 * postgresql15-pltcl-debuginfo-15.8-150200.5.30.1 * postgresql15-contrib-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-15.8-150200.5.30.1 * postgresql15-server-15.8-150200.5.30.1 * postgresql15-pltcl-15.8-150200.5.30.1 * postgresql15-llvmjit-devel-15.8-150200.5.30.1 * postgresql15-contrib-15.8-150200.5.30.1 * postgresql15-15.8-150200.5.30.1 * postgresql15-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-debuginfo-15.8-150200.5.30.1 * postgresql15-devel-debuginfo-15.8-150200.5.30.1 * postgresql15-plperl-15.8-150200.5.30.1 * postgresql15-plpython-15.8-150200.5.30.1 * postgresql15-devel-15.8-150200.5.30.1 * postgresql15-llvmjit-debuginfo-15.8-150200.5.30.1 * postgresql15-debugsource-15.8-150200.5.30.1 * openSUSE Leap 15.5 (noarch) * postgresql15-docs-15.8-150200.5.30.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * postgresql15-debugsource-15.8-150200.5.30.1 * postgresql15-15.8-150200.5.30.1 * postgresql15-debuginfo-15.8-150200.5.30.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * postgresql15-plperl-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-15.8-150200.5.30.1 * postgresql15-server-debuginfo-15.8-150200.5.30.1 * postgresql15-devel-15.8-150200.5.30.1 * postgresql15-contrib-15.8-150200.5.30.1 * postgresql15-pltcl-debuginfo-15.8-150200.5.30.1 * postgresql15-debugsource-15.8-150200.5.30.1 * postgresql15-plpython-debuginfo-15.8-150200.5.30.1 * postgresql15-devel-debuginfo-15.8-150200.5.30.1 * postgresql15-contrib-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-15.8-150200.5.30.1 * postgresql15-plperl-15.8-150200.5.30.1 * postgresql15-server-15.8-150200.5.30.1 * postgresql15-pltcl-15.8-150200.5.30.1 * postgresql15-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-debuginfo-15.8-150200.5.30.1 * Server Applications Module 15-SP5 (noarch) * postgresql15-docs-15.8-150200.5.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * postgresql15-plperl-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-15.8-150200.5.30.1 * postgresql15-server-debuginfo-15.8-150200.5.30.1 * postgresql15-devel-15.8-150200.5.30.1 * postgresql15-contrib-15.8-150200.5.30.1 * postgresql15-pltcl-debuginfo-15.8-150200.5.30.1 * postgresql15-debugsource-15.8-150200.5.30.1 * postgresql15-15.8-150200.5.30.1 * postgresql15-devel-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-debuginfo-15.8-150200.5.30.1 * postgresql15-contrib-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-15.8-150200.5.30.1 * postgresql15-plperl-15.8-150200.5.30.1 * postgresql15-server-15.8-150200.5.30.1 * postgresql15-pltcl-15.8-150200.5.30.1 * postgresql15-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-debuginfo-15.8-150200.5.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * postgresql15-docs-15.8-150200.5.30.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql15-plperl-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-15.8-150200.5.30.1 * postgresql15-server-debuginfo-15.8-150200.5.30.1 * postgresql15-devel-15.8-150200.5.30.1 * postgresql15-contrib-15.8-150200.5.30.1 * postgresql15-pltcl-debuginfo-15.8-150200.5.30.1 * postgresql15-debugsource-15.8-150200.5.30.1 * postgresql15-15.8-150200.5.30.1 * postgresql15-devel-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-debuginfo-15.8-150200.5.30.1 * postgresql15-contrib-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-15.8-150200.5.30.1 * postgresql15-plperl-15.8-150200.5.30.1 * postgresql15-server-15.8-150200.5.30.1 * postgresql15-pltcl-15.8-150200.5.30.1 * postgresql15-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-debuginfo-15.8-150200.5.30.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * postgresql15-docs-15.8-150200.5.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql15-plperl-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-15.8-150200.5.30.1 * postgresql15-server-debuginfo-15.8-150200.5.30.1 * postgresql15-devel-15.8-150200.5.30.1 * postgresql15-contrib-15.8-150200.5.30.1 * postgresql15-pltcl-debuginfo-15.8-150200.5.30.1 * postgresql15-debugsource-15.8-150200.5.30.1 * postgresql15-15.8-150200.5.30.1 * postgresql15-devel-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-debuginfo-15.8-150200.5.30.1 * postgresql15-contrib-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-15.8-150200.5.30.1 * postgresql15-plperl-15.8-150200.5.30.1 * postgresql15-server-15.8-150200.5.30.1 * postgresql15-pltcl-15.8-150200.5.30.1 * postgresql15-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-debuginfo-15.8-150200.5.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * postgresql15-docs-15.8-150200.5.30.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * postgresql15-debugsource-15.8-150200.5.30.1 * postgresql15-15.8-150200.5.30.1 * postgresql15-debuginfo-15.8-150200.5.30.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * postgresql15-plperl-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-15.8-150200.5.30.1 * postgresql15-server-debuginfo-15.8-150200.5.30.1 * postgresql15-devel-15.8-150200.5.30.1 * postgresql15-contrib-15.8-150200.5.30.1 * postgresql15-pltcl-debuginfo-15.8-150200.5.30.1 * postgresql15-debugsource-15.8-150200.5.30.1 * postgresql15-15.8-150200.5.30.1 * postgresql15-devel-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-debuginfo-15.8-150200.5.30.1 * postgresql15-contrib-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-15.8-150200.5.30.1 * postgresql15-plperl-15.8-150200.5.30.1 * postgresql15-server-15.8-150200.5.30.1 * postgresql15-pltcl-15.8-150200.5.30.1 * postgresql15-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-debuginfo-15.8-150200.5.30.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * postgresql15-docs-15.8-150200.5.30.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * postgresql15-plperl-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-15.8-150200.5.30.1 * postgresql15-server-debuginfo-15.8-150200.5.30.1 * postgresql15-devel-15.8-150200.5.30.1 * postgresql15-contrib-15.8-150200.5.30.1 * postgresql15-pltcl-debuginfo-15.8-150200.5.30.1 * postgresql15-debugsource-15.8-150200.5.30.1 * postgresql15-15.8-150200.5.30.1 * postgresql15-devel-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-debuginfo-15.8-150200.5.30.1 * postgresql15-contrib-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-15.8-150200.5.30.1 * postgresql15-plperl-15.8-150200.5.30.1 * postgresql15-server-15.8-150200.5.30.1 * postgresql15-pltcl-15.8-150200.5.30.1 * postgresql15-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-debuginfo-15.8-150200.5.30.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * postgresql15-docs-15.8-150200.5.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * postgresql15-plperl-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-15.8-150200.5.30.1 * postgresql15-server-debuginfo-15.8-150200.5.30.1 * postgresql15-devel-15.8-150200.5.30.1 * postgresql15-contrib-15.8-150200.5.30.1 * postgresql15-pltcl-debuginfo-15.8-150200.5.30.1 * postgresql15-debugsource-15.8-150200.5.30.1 * postgresql15-15.8-150200.5.30.1 * postgresql15-devel-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-debuginfo-15.8-150200.5.30.1 * postgresql15-contrib-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-15.8-150200.5.30.1 * postgresql15-plperl-15.8-150200.5.30.1 * postgresql15-server-15.8-150200.5.30.1 * postgresql15-pltcl-15.8-150200.5.30.1 * postgresql15-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-debuginfo-15.8-150200.5.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * postgresql15-docs-15.8-150200.5.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * postgresql15-plperl-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-15.8-150200.5.30.1 * postgresql15-server-debuginfo-15.8-150200.5.30.1 * postgresql15-devel-15.8-150200.5.30.1 * postgresql15-contrib-15.8-150200.5.30.1 * postgresql15-pltcl-debuginfo-15.8-150200.5.30.1 * postgresql15-debugsource-15.8-150200.5.30.1 * postgresql15-15.8-150200.5.30.1 * postgresql15-devel-debuginfo-15.8-150200.5.30.1 * postgresql15-plpython-debuginfo-15.8-150200.5.30.1 * postgresql15-contrib-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-15.8-150200.5.30.1 * postgresql15-plperl-15.8-150200.5.30.1 * postgresql15-server-15.8-150200.5.30.1 * postgresql15-pltcl-15.8-150200.5.30.1 * postgresql15-debuginfo-15.8-150200.5.30.1 * postgresql15-server-devel-debuginfo-15.8-150200.5.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * postgresql15-docs-15.8-150200.5.30.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7348.html * https://bugzilla.suse.com/show_bug.cgi?id=1229013 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 9 12:31:01 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 09 Sep 2024 12:31:01 -0000 Subject: SUSE-SU-2024:3165-1: important: Security update for wireshark Message-ID: <172588506119.16789.11735545629429967165@smelt2.prg2.suse.org> # Security update for wireshark Announcement ID: SUSE-SU-2024:3165-1 Rating: important References: * bsc#1207666 * bsc#1211708 * bsc#1211709 * bsc#1213318 * bsc#1215959 * bsc#1217247 * bsc#1217272 * bsc#1218503 * bsc#1218506 * bsc#1218507 * bsc#1222030 * jsc#PED-8517 Cross-References: * CVE-2023-0414 * CVE-2023-0666 * CVE-2023-2854 * CVE-2023-3649 * CVE-2023-5371 * CVE-2023-6174 * CVE-2023-6175 * CVE-2024-0207 * CVE-2024-0210 * CVE-2024-0211 * CVE-2024-2955 CVSS scores: * CVE-2023-0414 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-0414 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-0666 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-0666 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-2854 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-2854 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-3649 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-3649 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2023-5371 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-5371 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-6174 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-6174 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-6175 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-0207 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-0207 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0210 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-0210 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0211 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-0211 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-2955 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 11 vulnerabilities and contains one feature can now be installed. ## Description: This update for wireshark fixes the following issues: wireshark was updated from version 3.6.23 to version 4.2.6 (jsc#PED-8517): * Security issues fixed with this update: * CVE-2024-0207: HTTP3 dissector crash (bsc#1218503) * CVE-2024-0210: Zigbee TLV dissector crash (bsc#1218506) * CVE-2024-0211: DOCSIS dissector crash (bsc#1218507) * CVE-2023-6174: Fixed SSH dissector crash (bsc#1217247) * CVE-2023-6175: NetScreen file parser crash (bsc#1217272) * CVE-2023-5371: RTPS dissector memory leak (bsc#1215959) * CVE-2023-3649: iSCSI dissector crash (bsc#1213318) * CVE-2023-2854: BLF file parser crash (bsc#1211708) * CVE-2023-0666: RTPS dissector crash (bsc#1211709) * CVE-2023-0414: EAP dissector crash (bsc#1207666) * Major changes introduced with versions 4.2.0 and 4.0.0: * Version 4.2.0 https://www.wireshark.org/docs/relnotes/wireshark-4.2.0.html * Version 4.0.0 https://www.wireshark.org/docs/relnotes/wireshark-4.0.0.html * Added an aditional desktopfile to start wireshark which asks for the super user password. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3165=1 SUSE-2024-3165=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3165=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-3165=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * wireshark-devel-4.2.6-150600.18.6.1 * wireshark-debuginfo-4.2.6-150600.18.6.1 * libwiretap14-4.2.6-150600.18.6.1 * wireshark-4.2.6-150600.18.6.1 * wireshark-ui-qt-4.2.6-150600.18.6.1 * libwireshark17-4.2.6-150600.18.6.1 * libwsutil15-debuginfo-4.2.6-150600.18.6.1 * libwsutil15-4.2.6-150600.18.6.1 * libwireshark17-debuginfo-4.2.6-150600.18.6.1 * libwiretap14-debuginfo-4.2.6-150600.18.6.1 * wireshark-debugsource-4.2.6-150600.18.6.1 * wireshark-ui-qt-debuginfo-4.2.6-150600.18.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * wireshark-debuginfo-4.2.6-150600.18.6.1 * libwiretap14-4.2.6-150600.18.6.1 * wireshark-4.2.6-150600.18.6.1 * libwireshark17-4.2.6-150600.18.6.1 * libwsutil15-debuginfo-4.2.6-150600.18.6.1 * libwsutil15-4.2.6-150600.18.6.1 * libwireshark17-debuginfo-4.2.6-150600.18.6.1 * libwiretap14-debuginfo-4.2.6-150600.18.6.1 * wireshark-debugsource-4.2.6-150600.18.6.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * wireshark-devel-4.2.6-150600.18.6.1 * wireshark-debuginfo-4.2.6-150600.18.6.1 * wireshark-ui-qt-4.2.6-150600.18.6.1 * wireshark-ui-qt-debuginfo-4.2.6-150600.18.6.1 * wireshark-debugsource-4.2.6-150600.18.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-0414.html * https://www.suse.com/security/cve/CVE-2023-0666.html * https://www.suse.com/security/cve/CVE-2023-2854.html * https://www.suse.com/security/cve/CVE-2023-3649.html * https://www.suse.com/security/cve/CVE-2023-5371.html * https://www.suse.com/security/cve/CVE-2023-6174.html * https://www.suse.com/security/cve/CVE-2023-6175.html * https://www.suse.com/security/cve/CVE-2024-0207.html * https://www.suse.com/security/cve/CVE-2024-0210.html * https://www.suse.com/security/cve/CVE-2024-0211.html * https://www.suse.com/security/cve/CVE-2024-2955.html * https://bugzilla.suse.com/show_bug.cgi?id=1207666 * https://bugzilla.suse.com/show_bug.cgi?id=1211708 * https://bugzilla.suse.com/show_bug.cgi?id=1211709 * https://bugzilla.suse.com/show_bug.cgi?id=1213318 * https://bugzilla.suse.com/show_bug.cgi?id=1215959 * https://bugzilla.suse.com/show_bug.cgi?id=1217247 * https://bugzilla.suse.com/show_bug.cgi?id=1217272 * https://bugzilla.suse.com/show_bug.cgi?id=1218503 * https://bugzilla.suse.com/show_bug.cgi?id=1218506 * https://bugzilla.suse.com/show_bug.cgi?id=1218507 * https://bugzilla.suse.com/show_bug.cgi?id=1222030 * https://jira.suse.com/browse/PED-8517 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 9 16:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 09 Sep 2024 16:30:08 -0000 Subject: SUSE-SU-2024:3182-1: moderate: Security update for expat Message-ID: <172589940824.18220.287294946418489811@smelt2.prg2.suse.org> # Security update for expat Announcement ID: SUSE-SU-2024:3182-1 Rating: moderate References: * bsc#1229930 * bsc#1229931 * bsc#1229932 Cross-References: * CVE-2024-45490 * CVE-2024-45491 * CVE-2024-45492 CVSS scores: * CVE-2024-45490 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-45490 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45490 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45491 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-45491 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45491 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45492 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-45492 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45492 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for expat fixes the following issues: * CVE-2024-45492: Detect integer overflow in function nextScaffoldPart. (bsc#1229932) * CVE-2024-45491: Detect integer overflow in dtdCopy. (bsc#1229931) * CVE-2024-45490: Reject negative len for XML_ParseBuffer. (bsc#1229930) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3182=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3182=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3182=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3182=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * expat-debugsource-2.1.0-21.37.1 * libexpat-devel-2.1.0-21.37.1 * expat-debuginfo-2.1.0-21.37.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * expat-2.1.0-21.37.1 * libexpat1-debuginfo-2.1.0-21.37.1 * libexpat1-2.1.0-21.37.1 * expat-debugsource-2.1.0-21.37.1 * expat-debuginfo-2.1.0-21.37.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libexpat1-debuginfo-32bit-2.1.0-21.37.1 * libexpat1-32bit-2.1.0-21.37.1 * expat-debuginfo-32bit-2.1.0-21.37.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * expat-2.1.0-21.37.1 * libexpat1-debuginfo-2.1.0-21.37.1 * libexpat1-2.1.0-21.37.1 * expat-debugsource-2.1.0-21.37.1 * expat-debuginfo-2.1.0-21.37.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libexpat1-debuginfo-32bit-2.1.0-21.37.1 * libexpat1-32bit-2.1.0-21.37.1 * expat-debuginfo-32bit-2.1.0-21.37.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * expat-2.1.0-21.37.1 * libexpat1-debuginfo-2.1.0-21.37.1 * libexpat1-2.1.0-21.37.1 * expat-debugsource-2.1.0-21.37.1 * expat-debuginfo-2.1.0-21.37.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libexpat1-debuginfo-32bit-2.1.0-21.37.1 * libexpat1-32bit-2.1.0-21.37.1 * expat-debuginfo-32bit-2.1.0-21.37.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45490.html * https://www.suse.com/security/cve/CVE-2024-45491.html * https://www.suse.com/security/cve/CVE-2024-45492.html * https://bugzilla.suse.com/show_bug.cgi?id=1229930 * https://bugzilla.suse.com/show_bug.cgi?id=1229931 * https://bugzilla.suse.com/show_bug.cgi?id=1229932 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 9 16:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 09 Sep 2024 16:30:10 -0000 Subject: SUSE-SU-2024:3181-1: important: Security update for postgresql16 Message-ID: <172589941053.18220.17162185718820116106@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2024:3181-1 Rating: important References: * bsc#1229013 Cross-References: * CVE-2024-7348 CVSS scores: * CVE-2024-7348 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-7348 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-7348 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql16 fixes the following issues: * Upgrade to 16.4 (bsc#1229013) * CVE-2024-7348: PostgreSQL relation replacement during pg_dump executes arbitrary SQL. (bsc#1229013) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3181=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3181=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3181=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3181=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * postgresql16-server-devel-debuginfo-16.4-3.16.1 * postgresql16-devel-debuginfo-16.4-3.16.1 * postgresql16-server-devel-16.4-3.16.1 * postgresql16-devel-16.4-3.16.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * postgresql16-server-debuginfo-16.4-3.16.1 * postgresql16-plperl-16.4-3.16.1 * postgresql16-plpython-debuginfo-16.4-3.16.1 * postgresql16-debugsource-16.4-3.16.1 * postgresql16-plperl-debuginfo-16.4-3.16.1 * postgresql16-plpython-16.4-3.16.1 * postgresql16-contrib-16.4-3.16.1 * postgresql16-16.4-3.16.1 * postgresql16-debuginfo-16.4-3.16.1 * libecpg6-debuginfo-16.4-3.16.1 * postgresql16-pltcl-16.4-3.16.1 * postgresql16-pltcl-debuginfo-16.4-3.16.1 * libpq5-debuginfo-16.4-3.16.1 * postgresql16-contrib-debuginfo-16.4-3.16.1 * libecpg6-16.4-3.16.1 * postgresql16-server-16.4-3.16.1 * libpq5-16.4-3.16.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * postgresql16-docs-16.4-3.16.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libpq5-32bit-16.4-3.16.1 * libecpg6-debuginfo-32bit-16.4-3.16.1 * libpq5-debuginfo-32bit-16.4-3.16.1 * libecpg6-32bit-16.4-3.16.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * postgresql16-server-debuginfo-16.4-3.16.1 * postgresql16-plperl-16.4-3.16.1 * postgresql16-plpython-debuginfo-16.4-3.16.1 * postgresql16-debugsource-16.4-3.16.1 * postgresql16-plperl-debuginfo-16.4-3.16.1 * postgresql16-plpython-16.4-3.16.1 * postgresql16-contrib-16.4-3.16.1 * postgresql16-16.4-3.16.1 * postgresql16-debuginfo-16.4-3.16.1 * libecpg6-debuginfo-16.4-3.16.1 * postgresql16-pltcl-16.4-3.16.1 * postgresql16-pltcl-debuginfo-16.4-3.16.1 * libpq5-debuginfo-16.4-3.16.1 * postgresql16-contrib-debuginfo-16.4-3.16.1 * libecpg6-16.4-3.16.1 * postgresql16-server-16.4-3.16.1 * libpq5-16.4-3.16.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * postgresql16-docs-16.4-3.16.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libpq5-32bit-16.4-3.16.1 * libecpg6-debuginfo-32bit-16.4-3.16.1 * libpq5-debuginfo-32bit-16.4-3.16.1 * libecpg6-32bit-16.4-3.16.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * postgresql16-server-debuginfo-16.4-3.16.1 * postgresql16-plperl-16.4-3.16.1 * postgresql16-plpython-debuginfo-16.4-3.16.1 * postgresql16-debugsource-16.4-3.16.1 * postgresql16-plperl-debuginfo-16.4-3.16.1 * postgresql16-plpython-16.4-3.16.1 * postgresql16-contrib-16.4-3.16.1 * postgresql16-16.4-3.16.1 * postgresql16-debuginfo-16.4-3.16.1 * libecpg6-debuginfo-16.4-3.16.1 * postgresql16-pltcl-16.4-3.16.1 * postgresql16-pltcl-debuginfo-16.4-3.16.1 * libpq5-debuginfo-16.4-3.16.1 * postgresql16-contrib-debuginfo-16.4-3.16.1 * libecpg6-16.4-3.16.1 * postgresql16-server-16.4-3.16.1 * libpq5-16.4-3.16.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * postgresql16-docs-16.4-3.16.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libpq5-32bit-16.4-3.16.1 * libecpg6-debuginfo-32bit-16.4-3.16.1 * libpq5-debuginfo-32bit-16.4-3.16.1 * libecpg6-32bit-16.4-3.16.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7348.html * https://bugzilla.suse.com/show_bug.cgi?id=1229013 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 10 08:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 10 Sep 2024 08:30:09 -0000 Subject: SUSE-SU-2024:3186-1: important: Security update for buildah Message-ID: <172595700917.27756.12325644425646537128@smelt2.prg2.suse.org> # Security update for buildah Announcement ID: SUSE-SU-2024:3186-1 Rating: important References: * bsc#1221243 * bsc#1221677 * bsc#1224117 Cross-References: * CVE-2024-1753 * CVE-2024-24786 * CVE-2024-28180 * CVE-2024-3727 CVSS scores: * CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-24786 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3727 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves four vulnerabilities can now be installed. ## Description: This update for buildah fixes the following issues: Update to version 1.35.4: * CVE-2024-3727 updates (bsc#1224117) * Bump go-jose CVE-2024-28180 * Bump ocicrypt and go-jose CVE-2024-28180 Update to version 1.35.3: * correctly configure /etc/hosts and resolv.conf * buildah: refactor resolv/hosts setup. * rename the hostFile var to reflect * CVE-2024-24786 protobuf to 1.33 Update to version 1.35.1: * CVE-2024-1753 container escape fix (bsc#1221677) * Buildah dropped cni support, require netavark instead (bsc#1221243) * Remove obsolete requires libcontainers-image & libcontainers-storage * Require passt for rootless networking (poo#156955) Buildah moved to passt/pasta for rootless networking from slirp4netns (https://github.com/containers/common/pull/1846) Update to version 1.35.0: * Bump c/common v0.58.0, c/image v5.30.0, c/storage v1.53.0 * conformance tests: don't break on trailing zeroes in layer blobs * Add a conformance test for copying to a mounted prior stage * cgroups: reuse version check from c/common * Update vendor of containers/(common,image) * manifest add: complain if we get artifact flags without --artifact * Use retry logic from containers/common * Vendor in containers/(storage,image,common) * Update module golang.org/x/crypto to v0.20.0 * Add comment re: Total Success task name * tests: skip_if_no_unshare(): check for --setuid * Properly handle build --pull=false * Update module go.etcd.io/bbolt to v1.3.9 * Update module github.com/opencontainers/image-spec to v1.1.0 * build --all-platforms: skip some base "image" platforms * Bump main to v1.35.0-dev * Vendor in latest containers/(storage,image,common) * Split up error messages for missing --sbom related flags * `buildah manifest`: add artifact-related options * cmd/buildah/manifest.go: lock lists before adding/annotating/pushing * cmd/buildah/manifest.go: don't make struct declarations aliases * Use golang.org/x/exp/slices.Contains * Try Cirrus with a newer VM version * Set CONTAINERS_CONF in the chroot-mount-flags integration test * Update to match dependency API update * Update github.com/openshift/imagebuilder and containers/common * docs: correct default authfile path * tests: retrofit test for heredoc summary * build, heredoc: show heredoc summary in build output * manifest, push: add support for --retry and --retry-delay * imagebuildah: fix crash with empty RUN * Make buildah match podman for handling of ulimits * docs: move footnotes to where they're applicable * Allow users to specify no-dereference * docs: use reversed logo for dark theme in README * build,commit: add --sbom to scan and produce SBOMs when committing * commit: force omitHistory if the parent has layers but no history * docs: fix a couple of typos * internal/mkcw.Archive(): handle extra image content * stage_executor,heredoc: honor interpreter in heredoc * stage_executor,layers: burst cache if heredoc content is changed * Replace map[K]bool with map[K]struct{} where it makes sense * Bump CI VMs * Replace strings.SplitN with strings.Cut * Document use of containers-transports values in buildah * manifest: addCompression use default from containers.conf * commit: add a --add-file flag * mkcw: populate the rootfs using an overlay * [skip-ci] Update actions/stale action to v9 * Ignore errors if label.Relabel returns ENOSUP ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3186=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3186=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3186=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3186=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3186=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * buildah-1.35.4-150400.3.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * buildah-1.35.4-150400.3.30.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * buildah-1.35.4-150400.3.30.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * buildah-1.35.4-150400.3.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * buildah-1.35.4-150400.3.30.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1753.html * https://www.suse.com/security/cve/CVE-2024-24786.html * https://www.suse.com/security/cve/CVE-2024-28180.html * https://www.suse.com/security/cve/CVE-2024-3727.html * https://bugzilla.suse.com/show_bug.cgi?id=1221243 * https://bugzilla.suse.com/show_bug.cgi?id=1221677 * https://bugzilla.suse.com/show_bug.cgi?id=1224117 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 10 08:30:24 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 10 Sep 2024 08:30:24 -0000 Subject: SUSE-SU-2024:3183-1: important: Security update for java-1_8_0-ibm Message-ID: <172595702490.27756.8413553000702757588@smelt2.prg2.suse.org> # Security update for java-1_8_0-ibm Announcement ID: SUSE-SU-2024:3183-1 Rating: important References: * bsc#1228046 * bsc#1228047 * bsc#1228048 * bsc#1228050 * bsc#1228051 * bsc#1228052 * bsc#1228346 * bsc#1229224 Cross-References: * CVE-2024-21131 * CVE-2024-21138 * CVE-2024-21140 * CVE-2024-21144 * CVE-2024-21145 * CVE-2024-21147 * CVE-2024-27267 CVSS scores: * CVE-2024-21131 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21138 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21140 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21144 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21145 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21147 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2024-27267 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves seven vulnerabilities and has one security fix can now be installed. ## Description: This update for java-1_8_0-ibm fixes the following issues: * Update to Java 8.0 Service Refresh 8 Fix Pack 30 (bsc#1228346) * CVE-2024-21147: Fixed an array index overflow in RangeCheckElimination. (bsc#1228052) * CVE-2024-21145: Fixed an out-of-bounds access in 2D image handling. (bsc#1228051) * CVE-2024-21140: Fixed a range check elimination pre-loop limit overflow. (bsc#1228048) * CVE-2024-21144: Pack200 increase loading time due to improper header validation. (bsc#1228050) * CVE-2024-21138: Fixed an issue where excessive symbol length can lead to infinite loop. (bsc#1228047) * CVE-2024-21131: Fixed a potential UTF8 size overflow. (bsc#1228046) * CVE-2024-27267: Fixed an Object Request Broker (ORB) remote denial of service. (bsc#1229224) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3183=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3183=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3183=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3183=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (nosrc) * java-1_8_0-ibm-1.8.0_sr8.30-30.126.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (ppc64le s390x x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.30-30.126.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc ppc64le x86_64) * java-1_8_0-ibm-1.8.0_sr8.30-30.126.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.30-30.126.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.30-30.126.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.30-30.126.1 * SUSE Linux Enterprise Server 12 SP5 (nosrc ppc64le s390x x86_64) * java-1_8_0-ibm-1.8.0_sr8.30-30.126.1 * SUSE Linux Enterprise Server 12 SP5 (ppc64le s390x x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.30-30.126.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * java-1_8_0-ibm-plugin-1.8.0_sr8.30-30.126.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.30-30.126.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (nosrc x86_64) * java-1_8_0-ibm-1.8.0_sr8.30-30.126.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * java-1_8_0-ibm-devel-1.8.0_sr8.30-30.126.1 * java-1_8_0-ibm-plugin-1.8.0_sr8.30-30.126.1 * java-1_8_0-ibm-alsa-1.8.0_sr8.30-30.126.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21131.html * https://www.suse.com/security/cve/CVE-2024-21138.html * https://www.suse.com/security/cve/CVE-2024-21140.html * https://www.suse.com/security/cve/CVE-2024-21144.html * https://www.suse.com/security/cve/CVE-2024-21145.html * https://www.suse.com/security/cve/CVE-2024-21147.html * https://www.suse.com/security/cve/CVE-2024-27267.html * https://bugzilla.suse.com/show_bug.cgi?id=1228046 * https://bugzilla.suse.com/show_bug.cgi?id=1228047 * https://bugzilla.suse.com/show_bug.cgi?id=1228048 * https://bugzilla.suse.com/show_bug.cgi?id=1228050 * https://bugzilla.suse.com/show_bug.cgi?id=1228051 * https://bugzilla.suse.com/show_bug.cgi?id=1228052 * https://bugzilla.suse.com/show_bug.cgi?id=1228346 * https://bugzilla.suse.com/show_bug.cgi?id=1229224 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 10 12:35:44 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 10 Sep 2024 12:35:44 -0000 Subject: SUSE-SU-2024:3194-1: important: Security update for the Linux Kernel Message-ID: <172597174410.27756.2422630339153694426@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3194-1 Rating: important References: * bsc#1012628 * bsc#1193454 * bsc#1194869 * bsc#1205462 * bsc#1208783 * bsc#1213123 * bsc#1214285 * bsc#1215199 * bsc#1220066 * bsc#1220252 * bsc#1220877 * bsc#1221326 * bsc#1221630 * bsc#1221645 * bsc#1221652 * bsc#1221857 * bsc#1222254 * bsc#1222335 * bsc#1222350 * bsc#1222364 * bsc#1222372 * bsc#1222387 * bsc#1222433 * bsc#1222434 * bsc#1222463 * bsc#1222625 * bsc#1222633 * bsc#1222634 * bsc#1222808 * bsc#1222967 * bsc#1222973 * bsc#1223053 * bsc#1223074 * bsc#1223191 * bsc#1223395 * bsc#1223635 * bsc#1223720 * bsc#1223731 * bsc#1223742 * bsc#1223763 * bsc#1223767 * bsc#1223777 * bsc#1223803 * bsc#1224105 * bsc#1224415 * bsc#1224485 * bsc#1224496 * bsc#1224510 * bsc#1224535 * bsc#1224631 * bsc#1224636 * bsc#1224690 * bsc#1224694 * bsc#1224700 * bsc#1224711 * bsc#1225475 * bsc#1225582 * bsc#1225607 * bsc#1225717 * bsc#1225718 * bsc#1225744 * bsc#1225745 * bsc#1225751 * bsc#1225814 * bsc#1225832 * bsc#1225838 * bsc#1225903 * bsc#1226031 * bsc#1226127 * bsc#1226502 * bsc#1226530 * bsc#1226588 * bsc#1226604 * bsc#1226743 * bsc#1226751 * bsc#1226765 * bsc#1226798 * bsc#1226801 * bsc#1226834 * bsc#1226874 * bsc#1226885 * bsc#1226920 * bsc#1227149 * bsc#1227182 * bsc#1227383 * bsc#1227437 * bsc#1227492 * bsc#1227493 * bsc#1227494 * bsc#1227618 * bsc#1227620 * bsc#1227623 * bsc#1227627 * bsc#1227634 * bsc#1227706 * bsc#1227722 * bsc#1227724 * bsc#1227725 * bsc#1227728 * bsc#1227729 * bsc#1227732 * bsc#1227733 * bsc#1227734 * bsc#1227747 * bsc#1227750 * bsc#1227754 * bsc#1227758 * bsc#1227760 * bsc#1227761 * bsc#1227764 * bsc#1227766 * bsc#1227770 * bsc#1227771 * bsc#1227772 * bsc#1227774 * bsc#1227781 * bsc#1227784 * bsc#1227785 * bsc#1227787 * bsc#1227790 * bsc#1227791 * bsc#1227792 * bsc#1227796 * bsc#1227798 * bsc#1227799 * bsc#1227802 * bsc#1227808 * bsc#1227810 * bsc#1227811 * bsc#1227812 * bsc#1227815 * bsc#1227816 * bsc#1227818 * bsc#1227820 * bsc#1227823 * bsc#1227824 * bsc#1227826 * bsc#1227828 * bsc#1227829 * bsc#1227830 * bsc#1227832 * bsc#1227833 * bsc#1227834 * bsc#1227839 * bsc#1227840 * bsc#1227846 * bsc#1227849 * bsc#1227851 * bsc#1227853 * bsc#1227863 * bsc#1227864 * bsc#1227865 * bsc#1227867 * bsc#1227869 * bsc#1227870 * bsc#1227883 * bsc#1227884 * bsc#1227891 * bsc#1227893 * bsc#1227929 * bsc#1227950 * bsc#1227957 * bsc#1227981 * bsc#1228020 * bsc#1228021 * bsc#1228114 * bsc#1228192 * bsc#1228195 * bsc#1228202 * bsc#1228235 * bsc#1228236 * bsc#1228237 * bsc#1228247 * bsc#1228321 * bsc#1228409 * bsc#1228410 * bsc#1228426 * bsc#1228427 * bsc#1228429 * bsc#1228446 * bsc#1228447 * bsc#1228449 * bsc#1228450 * bsc#1228452 * bsc#1228456 * bsc#1228457 * bsc#1228458 * bsc#1228459 * bsc#1228460 * bsc#1228462 * bsc#1228463 * bsc#1228466 * bsc#1228467 * bsc#1228468 * bsc#1228469 * bsc#1228470 * bsc#1228472 * bsc#1228479 * bsc#1228480 * bsc#1228481 * bsc#1228482 * bsc#1228483 * bsc#1228484 * bsc#1228485 * bsc#1228486 * bsc#1228487 * bsc#1228489 * bsc#1228491 * bsc#1228492 * bsc#1228493 * bsc#1228494 * bsc#1228495 * bsc#1228496 * bsc#1228499 * bsc#1228500 * bsc#1228501 * bsc#1228502 * bsc#1228503 * bsc#1228505 * bsc#1228508 * bsc#1228509 * bsc#1228510 * bsc#1228511 * bsc#1228513 * bsc#1228515 * bsc#1228516 * bsc#1228518 * bsc#1228520 * bsc#1228525 * bsc#1228527 * bsc#1228530 * bsc#1228531 * bsc#1228539 * bsc#1228561 * bsc#1228563 * bsc#1228564 * bsc#1228565 * bsc#1228567 * bsc#1228568 * bsc#1228572 * bsc#1228576 * bsc#1228579 * bsc#1228580 * bsc#1228581 * bsc#1228582 * bsc#1228584 * bsc#1228586 * bsc#1228588 * bsc#1228590 * bsc#1228591 * bsc#1228599 * bsc#1228615 * bsc#1228616 * bsc#1228617 * bsc#1228625 * bsc#1228626 * bsc#1228633 * bsc#1228635 * bsc#1228636 * bsc#1228640 * bsc#1228643 * bsc#1228644 * bsc#1228646 * bsc#1228649 * bsc#1228650 * bsc#1228654 * bsc#1228655 * bsc#1228656 * bsc#1228658 * bsc#1228660 * bsc#1228662 * bsc#1228665 * bsc#1228666 * bsc#1228667 * bsc#1228672 * bsc#1228673 * bsc#1228674 * bsc#1228677 * bsc#1228680 * bsc#1228687 * bsc#1228705 * bsc#1228706 * bsc#1228707 * bsc#1228708 * bsc#1228709 * bsc#1228710 * bsc#1228718 * bsc#1228720 * bsc#1228721 * bsc#1228722 * bsc#1228723 * bsc#1228724 * bsc#1228726 * bsc#1228727 * bsc#1228733 * bsc#1228737 * bsc#1228743 * bsc#1228748 * bsc#1228754 * bsc#1228756 * bsc#1228757 * bsc#1228758 * bsc#1228764 * bsc#1228766 * bsc#1228779 * bsc#1228801 * bsc#1228849 * bsc#1228850 * bsc#1228857 * bsc#1228959 * bsc#1228964 * bsc#1228966 * bsc#1228967 * bsc#1228973 * bsc#1228977 * bsc#1228978 * bsc#1228979 * bsc#1228986 * bsc#1228988 * bsc#1228989 * bsc#1228991 * bsc#1228992 * bsc#1229005 * bsc#1229024 * bsc#1229042 * bsc#1229045 * bsc#1229046 * bsc#1229054 * bsc#1229056 * bsc#1229086 * bsc#1229134 * bsc#1229136 * bsc#1229154 * bsc#1229156 * bsc#1229160 * bsc#1229167 * bsc#1229168 * bsc#1229169 * bsc#1229170 * bsc#1229171 * bsc#1229172 * bsc#1229173 * bsc#1229174 * bsc#1229239 * bsc#1229240 * bsc#1229241 * bsc#1229243 * bsc#1229244 * bsc#1229245 * bsc#1229246 * bsc#1229247 * bsc#1229248 * bsc#1229249 * bsc#1229250 * bsc#1229251 * bsc#1229252 * bsc#1229253 * bsc#1229254 * bsc#1229255 * bsc#1229256 * bsc#1229287 * bsc#1229290 * bsc#1229291 * bsc#1229292 * bsc#1229294 * bsc#1229296 * bsc#1229297 * bsc#1229298 * bsc#1229299 * bsc#1229301 * bsc#1229303 * bsc#1229304 * bsc#1229305 * bsc#1229307 * bsc#1229309 * bsc#1229312 * bsc#1229313 * bsc#1229314 * bsc#1229315 * bsc#1229316 * bsc#1229317 * bsc#1229318 * bsc#1229319 * bsc#1229320 * bsc#1229327 * bsc#1229341 * bsc#1229342 * bsc#1229344 * bsc#1229345 * bsc#1229346 * bsc#1229347 * bsc#1229349 * bsc#1229350 * bsc#1229351 * bsc#1229353 * bsc#1229354 * bsc#1229355 * bsc#1229356 * bsc#1229357 * bsc#1229358 * bsc#1229359 * bsc#1229360 * bsc#1229365 * bsc#1229366 * bsc#1229369 * bsc#1229370 * bsc#1229373 * bsc#1229374 * bsc#1229379 * bsc#1229381 * bsc#1229382 * bsc#1229383 * bsc#1229386 * bsc#1229388 * bsc#1229390 * bsc#1229391 * bsc#1229392 * bsc#1229395 * bsc#1229398 * bsc#1229399 * bsc#1229400 * bsc#1229402 * bsc#1229403 * bsc#1229404 * bsc#1229407 * bsc#1229409 * bsc#1229410 * bsc#1229411 * bsc#1229413 * bsc#1229414 * bsc#1229417 * bsc#1229444 * bsc#1229451 * bsc#1229452 * bsc#1229455 * bsc#1229456 * bsc#1229480 * bsc#1229481 * bsc#1229482 * bsc#1229484 * bsc#1229485 * bsc#1229486 * bsc#1229487 * bsc#1229488 * bsc#1229489 * bsc#1229490 * bsc#1229493 * bsc#1229495 * bsc#1229496 * bsc#1229497 * bsc#1229500 * bsc#1229503 * bsc#1229707 * bsc#1229739 * bsc#1229743 * bsc#1229746 * bsc#1229747 * bsc#1229752 * bsc#1229754 * bsc#1229755 * bsc#1229756 * bsc#1229759 * bsc#1229761 * bsc#1229767 * bsc#1229781 * bsc#1229784 * bsc#1229785 * bsc#1229787 * bsc#1229788 * bsc#1229789 * bsc#1229792 * bsc#1229820 * bsc#1229827 * bsc#1229830 * bsc#1229837 * bsc#1229940 * bsc#1230056 * jsc#PED-10029 * jsc#PED-10045 * jsc#PED-10055 * jsc#PED-10105 * jsc#PED-10108 * jsc#PED-8491 * jsc#PED-8779 * jsc#PED-8954 Cross-References: * CVE-2023-52489 * CVE-2023-52581 * CVE-2023-52668 * CVE-2023-52688 * CVE-2023-52735 * CVE-2023-52859 * CVE-2023-52885 * CVE-2023-52886 * CVE-2023-52887 * CVE-2023-52889 * CVE-2024-26590 * CVE-2024-26631 * CVE-2024-26637 * CVE-2024-26668 * CVE-2024-26669 * CVE-2024-26677 * CVE-2024-26682 * CVE-2024-26683 * CVE-2024-26691 * CVE-2024-26735 * CVE-2024-26808 * CVE-2024-26809 * CVE-2024-26812 * CVE-2024-26835 * CVE-2024-26837 * CVE-2024-26849 * CVE-2024-26851 * CVE-2024-26889 * CVE-2024-26920 * CVE-2024-26944 * CVE-2024-26976 * CVE-2024-27010 * CVE-2024-27011 * CVE-2024-27024 * CVE-2024-27049 * CVE-2024-27050 * CVE-2024-27079 * CVE-2024-27403 * CVE-2024-27433 * CVE-2024-27437 * CVE-2024-31076 * CVE-2024-35854 * CVE-2024-35855 * CVE-2024-35897 * CVE-2024-35902 * CVE-2024-35913 * CVE-2024-35939 * CVE-2024-35949 * CVE-2024-36270 * CVE-2024-36286 * CVE-2024-36288 * CVE-2024-36489 * CVE-2024-36881 * CVE-2024-36907 * CVE-2024-36909 * CVE-2024-36910 * CVE-2024-36911 * CVE-2024-36929 * CVE-2024-36933 * CVE-2024-36939 * CVE-2024-36970 * CVE-2024-36979 * CVE-2024-38548 * CVE-2024-38563 * CVE-2024-38609 * CVE-2024-38662 * CVE-2024-39476 * CVE-2024-39483 * CVE-2024-39484 * CVE-2024-39486 * CVE-2024-39488 * CVE-2024-39489 * CVE-2024-39491 * CVE-2024-39493 * CVE-2024-39497 * CVE-2024-39499 * CVE-2024-39500 * CVE-2024-39501 * CVE-2024-39505 * CVE-2024-39506 * CVE-2024-39508 * CVE-2024-39509 * CVE-2024-39510 * CVE-2024-40899 * CVE-2024-40900 * CVE-2024-40902 * CVE-2024-40903 * CVE-2024-40904 * CVE-2024-40905 * CVE-2024-40909 * CVE-2024-40910 * CVE-2024-40911 * CVE-2024-40912 * CVE-2024-40913 * CVE-2024-40916 * CVE-2024-40920 * CVE-2024-40921 * CVE-2024-40922 * CVE-2024-40924 * CVE-2024-40926 * CVE-2024-40927 * CVE-2024-40929 * CVE-2024-40930 * CVE-2024-40932 * CVE-2024-40934 * CVE-2024-40936 * CVE-2024-40938 * CVE-2024-40939 * CVE-2024-40941 * CVE-2024-40942 * CVE-2024-40943 * CVE-2024-40944 * CVE-2024-40945 * CVE-2024-40954 * CVE-2024-40956 * CVE-2024-40957 * CVE-2024-40958 * CVE-2024-40959 * CVE-2024-40962 * CVE-2024-40964 * CVE-2024-40967 * CVE-2024-40976 * CVE-2024-40977 * CVE-2024-40978 * CVE-2024-40981 * CVE-2024-40982 * CVE-2024-40984 * CVE-2024-40987 * CVE-2024-40988 * CVE-2024-40989 * CVE-2024-40990 * CVE-2024-40992 * CVE-2024-40994 * CVE-2024-40995 * CVE-2024-40997 * CVE-2024-41000 * CVE-2024-41001 * CVE-2024-41002 * CVE-2024-41004 * CVE-2024-41007 * CVE-2024-41009 * CVE-2024-41010 * CVE-2024-41011 * CVE-2024-41012 * CVE-2024-41015 * CVE-2024-41016 * CVE-2024-41020 * CVE-2024-41022 * CVE-2024-41024 * CVE-2024-41025 * CVE-2024-41028 * CVE-2024-41032 * CVE-2024-41035 * CVE-2024-41036 * CVE-2024-41037 * CVE-2024-41038 * CVE-2024-41039 * CVE-2024-41040 * CVE-2024-41041 * CVE-2024-41044 * CVE-2024-41045 * CVE-2024-41048 * CVE-2024-41049 * CVE-2024-41050 * CVE-2024-41051 * CVE-2024-41056 * CVE-2024-41057 * CVE-2024-41058 * CVE-2024-41059 * CVE-2024-41060 * CVE-2024-41061 * CVE-2024-41062 * CVE-2024-41063 * CVE-2024-41064 * CVE-2024-41065 * CVE-2024-41066 * CVE-2024-41068 * CVE-2024-41069 * CVE-2024-41070 * CVE-2024-41071 * CVE-2024-41072 * CVE-2024-41073 * CVE-2024-41074 * CVE-2024-41075 * CVE-2024-41076 * CVE-2024-41078 * CVE-2024-41079 * CVE-2024-41080 * CVE-2024-41081 * CVE-2024-41084 * CVE-2024-41087 * CVE-2024-41088 * CVE-2024-41089 * CVE-2024-41092 * CVE-2024-41093 * CVE-2024-41094 * CVE-2024-41095 * CVE-2024-41096 * CVE-2024-41097 * CVE-2024-41098 * CVE-2024-42064 * CVE-2024-42069 * CVE-2024-42070 * CVE-2024-42073 * CVE-2024-42074 * CVE-2024-42076 * CVE-2024-42077 * CVE-2024-42079 * CVE-2024-42080 * CVE-2024-42082 * CVE-2024-42085 * CVE-2024-42086 * CVE-2024-42087 * CVE-2024-42089 * CVE-2024-42090 * CVE-2024-42092 * CVE-2024-42093 * CVE-2024-42095 * CVE-2024-42096 * CVE-2024-42097 * CVE-2024-42098 * CVE-2024-42101 * CVE-2024-42104 * CVE-2024-42105 * CVE-2024-42106 * CVE-2024-42107 * CVE-2024-42109 * CVE-2024-42110 * CVE-2024-42113 * CVE-2024-42114 * CVE-2024-42115 * CVE-2024-42117 * CVE-2024-42119 * CVE-2024-42120 * CVE-2024-42121 * CVE-2024-42122 * CVE-2024-42124 * CVE-2024-42125 * CVE-2024-42126 * CVE-2024-42127 * CVE-2024-42130 * CVE-2024-42131 * CVE-2024-42132 * CVE-2024-42133 * CVE-2024-42136 * CVE-2024-42137 * CVE-2024-42138 * CVE-2024-42139 * CVE-2024-42141 * CVE-2024-42142 * CVE-2024-42143 * CVE-2024-42144 * CVE-2024-42145 * CVE-2024-42147 * CVE-2024-42148 * CVE-2024-42152 * CVE-2024-42153 * CVE-2024-42155 * CVE-2024-42156 * CVE-2024-42157 * CVE-2024-42158 * CVE-2024-42159 * CVE-2024-42161 * CVE-2024-42162 * CVE-2024-42223 * CVE-2024-42224 * CVE-2024-42225 * CVE-2024-42226 * CVE-2024-42227 * CVE-2024-42228 * CVE-2024-42229 * CVE-2024-42230 * CVE-2024-42232 * CVE-2024-42236 * CVE-2024-42237 * CVE-2024-42238 * CVE-2024-42239 * CVE-2024-42240 * CVE-2024-42241 * CVE-2024-42244 * CVE-2024-42245 * CVE-2024-42246 * CVE-2024-42247 * CVE-2024-42250 * CVE-2024-42253 * CVE-2024-42259 * CVE-2024-42268 * CVE-2024-42269 * CVE-2024-42270 * CVE-2024-42271 * CVE-2024-42274 * CVE-2024-42276 * CVE-2024-42277 * CVE-2024-42278 * CVE-2024-42279 * CVE-2024-42280 * CVE-2024-42281 * CVE-2024-42283 * CVE-2024-42284 * CVE-2024-42285 * CVE-2024-42286 * CVE-2024-42287 * CVE-2024-42288 * CVE-2024-42289 * CVE-2024-42290 * CVE-2024-42291 * CVE-2024-42292 * CVE-2024-42295 * CVE-2024-42298 * CVE-2024-42301 * CVE-2024-42302 * CVE-2024-42303 * CVE-2024-42308 * CVE-2024-42309 * CVE-2024-42310 * CVE-2024-42311 * CVE-2024-42312 * CVE-2024-42313 * CVE-2024-42314 * CVE-2024-42315 * CVE-2024-42316 * CVE-2024-42318 * CVE-2024-42319 * CVE-2024-42320 * CVE-2024-42322 * CVE-2024-43816 * CVE-2024-43817 * CVE-2024-43818 * CVE-2024-43819 * CVE-2024-43821 * CVE-2024-43823 * CVE-2024-43824 * CVE-2024-43825 * CVE-2024-43826 * CVE-2024-43829 * CVE-2024-43830 * CVE-2024-43831 * CVE-2024-43833 * CVE-2024-43834 * CVE-2024-43837 * CVE-2024-43839 * CVE-2024-43840 * CVE-2024-43841 * CVE-2024-43842 * CVE-2024-43846 * CVE-2024-43847 * CVE-2024-43849 * CVE-2024-43850 * CVE-2024-43851 * CVE-2024-43853 * CVE-2024-43854 * CVE-2024-43855 * CVE-2024-43856 * CVE-2024-43858 * CVE-2024-43860 * CVE-2024-43861 * CVE-2024-43863 * CVE-2024-43864 * CVE-2024-43866 * CVE-2024-43867 * CVE-2024-43871 * CVE-2024-43872 * CVE-2024-43873 * CVE-2024-43874 * CVE-2024-43875 * CVE-2024-43876 * CVE-2024-43877 * CVE-2024-43879 * CVE-2024-43880 * CVE-2024-43881 * CVE-2024-43882 * CVE-2024-43883 * CVE-2024-43884 * CVE-2024-43885 * CVE-2024-43889 * CVE-2024-43892 * CVE-2024-43893 * CVE-2024-43894 * CVE-2024-43895 * CVE-2024-43897 * CVE-2024-43899 * CVE-2024-43900 * CVE-2024-43902 * CVE-2024-43903 * CVE-2024-43905 * CVE-2024-43906 * CVE-2024-43907 * CVE-2024-43908 * CVE-2024-43909 * CVE-2024-43911 * CVE-2024-43912 * CVE-2024-44931 * CVE-2024-44938 * CVE-2024-44939 CVSS scores: * CVE-2023-52489 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52581 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52735 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52859 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52885 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52885 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52886 ( NVD ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52887 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2023-52887 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2023-52889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52889 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26590 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26590 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26669 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26677 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26682 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26683 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26691 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26735 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26808 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26809 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26812 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26835 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-26837 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2024-26849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26944 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26976 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27010 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27024 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-27049 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27050 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27079 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27403 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27433 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27437 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-31076 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35897 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-35949 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36270 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36286 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-36288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36288 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36489 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36881 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2024-36907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36909 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-36910 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-36929 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36933 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-36939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36970 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36979 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36979 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38548 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38563 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38563 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38609 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38662 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38662 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-39476 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39476 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39483 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-39483 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39484 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39484 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39486 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-39488 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39489 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-39489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39491 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L * CVE-2024-39493 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-39493 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39497 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39499 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-39500 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39501 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39505 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-39506 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39506 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39508 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-39509 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39510 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-39510 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40899 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40899 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40900 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40902 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-40902 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40903 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40903 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40910 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40910 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40912 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40912 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40913 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40916 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40921 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40922 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-40924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40926 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40927 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40929 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40932 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-40932 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40934 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-40934 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40936 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-40938 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40942 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40943 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40944 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40945 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40956 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40957 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40957 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40958 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40959 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40959 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40962 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40964 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40964 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40967 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40967 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40976 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40977 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40977 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40978 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40981 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-40981 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40982 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40984 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40987 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2024-40988 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40989 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40992 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40994 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40994 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40995 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40995 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40997 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40997 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41000 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41000 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41001 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-41001 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41002 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-41002 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41004 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2024-41007 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41007 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41009 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41010 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41010 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41011 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41011 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41012 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41015 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2024-41016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-41020 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41020 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41022 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41022 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41024 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41024 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41025 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-41028 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41032 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41035 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41036 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41037 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41037 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41038 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2024-41038 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41039 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2024-41040 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41041 ( SUSE ): 0.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N * CVE-2024-41044 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-41045 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41048 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41049 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41049 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41050 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41057 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41057 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41058 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41058 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-41058 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41060 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41061 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-41061 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41063 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41063 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41064 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41064 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41065 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41065 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41066 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41066 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-41068 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41069 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41069 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41070 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41070 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41071 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-41071 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41072 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-41073 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41075 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41075 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41076 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41076 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41078 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41079 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41080 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41081 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41084 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41084 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41087 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41088 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41088 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41089 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41089 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41092 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41092 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41093 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41093 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41094 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41094 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41094 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41095 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41096 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41096 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41097 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41097 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41098 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42064 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42064 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42069 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42069 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42070 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-42070 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42073 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42073 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42074 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42076 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42076 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42079 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42079 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42080 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42082 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42085 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42085 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42086 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42086 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-42087 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-42089 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42092 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42093 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L * CVE-2024-42093 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42096 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42096 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-42097 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-42097 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-42098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42101 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42101 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42104 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42104 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-42104 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42105 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-42105 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-42106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42107 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42109 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42109 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42114 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42114 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42115 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42115 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42117 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-42119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42121 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42124 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42125 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42125 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42126 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42127 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42130 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42130 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42132 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42132 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42133 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42133 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42136 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-42136 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2024-42137 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42138 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42139 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42141 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42141 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42142 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42143 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42143 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2024-42144 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42144 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42147 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42148 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42152 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42152 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42153 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42153 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42155 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42155 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42155 ( NVD ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N * CVE-2024-42156 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42156 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42157 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42158 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42158 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42159 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42159 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42159 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42161 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42161 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42161 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42162 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42223 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42223 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42224 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42224 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42225 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42225 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42226 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42226 ( NVD ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42227 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42227 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42228 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42228 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42229 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42229 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42230 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42230 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42230 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42236 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-42236 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-42236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42237 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42238 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42238 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42239 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42239 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42240 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42241 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42241 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42244 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42244 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42244 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42245 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42245 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42246 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42247 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42247 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42250 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42250 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42253 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-42253 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-42253 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42259 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42259 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-42268 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-42268 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42269 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42269 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42270 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42271 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42271 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42274 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42274 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42276 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42276 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42277 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42277 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42278 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42278 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42279 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42281 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42283 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42283 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42284 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42284 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42285 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42285 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42286 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42288 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42289 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42290 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42291 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42292 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42295 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42298 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42301 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42301 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42302 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42303 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42308 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42309 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42309 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42310 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42310 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42311 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-42311 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42312 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42313 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42314 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42314 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42315 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42316 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42316 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42320 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42322 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43817 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43818 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43818 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43819 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43821 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43821 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43823 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43823 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43824 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43824 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43825 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43826 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43829 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43830 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43831 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43833 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43833 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43834 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43837 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43837 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43840 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43841 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43842 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43846 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43847 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43850 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43855 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43856 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43858 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43858 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43860 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43860 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43863 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43864 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43866 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43867 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43871 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43872 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43873 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43873 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43874 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43874 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43875 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43876 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43877 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43880 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43881 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-43881 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43883 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43883 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43884 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43884 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43885 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43889 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43889 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43889 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43892 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43892 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43892 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43893 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43894 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43894 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43895 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43895 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43897 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43897 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43899 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43900 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43900 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43902 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43902 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43902 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43903 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43905 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43906 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43906 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43907 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43908 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43908 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43908 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43909 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43909 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43911 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43912 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-43912 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-43912 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44931 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-44931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44938 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-44938 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44939 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 394 vulnerabilities, contains eight features and has 83 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-41062: Sync sock recv cb and release (bsc#1228576). * CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326). * CVE-2024-43821: Fix a possible null pointer dereference (bsc#1229315). * CVE-2024-43911: Fix NULL dereference at band check in starting tx ba session (bsc#1229827). * CVE-2024-42277: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409). * CVE-2024-43880: Put back removed metod in struct objagg_ops (bsc#1229481). * CVE-2024-43899: Fix null pointer deref in dcn20_resource.c (bsc#1229754). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) * CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495). * CVE-2024-26812: Struct virqfd kABI workaround (bsc#1222808). * CVE-2024-27010: Fix mirred deadlock on device recursion (bsc#1223720). * CVE-2024-36270: Fix reference in patches.suse/netfilter-tproxy-bail-out-if- IP-has-been-disabled-on.patch (bsc#1226798) * CVE-2024-36881: Reset ptes when close() for wr-protected ones (bsc#1225718). * CVE-2024-42316: Fix div-by-zero in vmpressure_calc_level() (bsc#1229353). * CVE-2024-43855: Fix deadlock between mddev_suspend and flush bio (bsc#1229342,). * CVE-2024-43864: Fix CT entry update leaks of modify header context (bsc#1229496) * CVE-2024-26631: Fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630). * CVE-2024-42109: Unconditionally flush pending work before notifier (bsc#1228505) * CVE-2024-41084: Avoid null pointer dereference in region lookup (bsc#1228472) * CVE-2024-40905: Fix possible race in __fib6_drop_pcpu_from() (bsc#1227761) * CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623) * CVE-2024-36489: Fix missing memory barrier in tls_init (bsc#1226874) * CVE-2024-27079: Add kABI workaround patch (bsc#1223742). * CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427). * CVE-2024-35897: Discard table flag update with pending basechain deletion (bsc#1224510). * CVE-2024-27403: Restore const specifier in flow_offload_route_init() (bsc#1224415). * CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803). * CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335). * CVE-2024-26835: Set dormant flag on hook register failure (bsc#1222967). * CVE-2024-26808: Handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634). * CVE-2024-26809: Release elements in clone only from destroy path (bsc#1222633). * CVE-2023-52581: Fix memleak when more than 255 elements expired (bsc#1220877). * CVE-2024-43837: Fix updating attached freplace prog in prog_array map (bsc#1229297). * CVE-2024-35939: Fixed leak pages on dma_set_decrypted() failure (bsc#1224535). * CVE-2024-42291: Add a per-VF limit on number of FDIR filters (bsc#1229374). * CVE-2024-42268: Fix missing lock on sync reset reload (bsc#1229391). * CVE-2024-43834: Fix invalid wait context of page_pool_destroy() (bsc#1229314) * CVE-2024-27433: Fix an error handling path in clk_mt8135_apmixed_probe() (bsc#1224711). * CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801) * CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074) * CVE-2024-40920: Fix suspicious rcu usage in br_mst_set_state (bsc#1227781). * CVE-2024-40921: Pass vlan group directly to br_mst_vlan_set_state (bsc#1227784). * CVE-2024-36979: Fix vlan use-after-free (bsc#1226604). * CVE-2024-26590: Fix inconsistent per-file compression format (bsc#1220252,). * CVE-2023-52859: Fix use-after-free when register pmu fails (bsc#1225582). * CVE-2024-42270: Fix null-ptr-deref in iptable_nat_table_init() (bsc#1229404) * CVE-2024-42269: Fix potential null-ptr-deref in ip6table_nat_table_init() (bsc#1229402) * CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382) * CVE-2024-42283: Initialize all fields in dumped nexthops (bsc#1229383) * CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357) * CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345) * CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347) * CVE-2024-42308: Update DRM patch reference (bsc#1229411) * CVE-2024-42301: Update parport patch reference (bsc#1229407) * CVE-2024-42290: Handle runtime power management correctly (bsc#1229379). * CVE-2024-42318: Do not lose track of restrictions on cred_transfer (bsc#1229351). * CVE-2023-52889: Fix null pointer deref when receiving skb during sock creation (bsc#1229287,). * CVE-2024-42295: Handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370). * CVE-2024-43850: Fix refcount imbalance seen during bwmon_remove (bsc#1229316). * CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309). * CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301). * CVE-2024-41007: Use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863). * CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386). * CVE-2024-26669: kABI fix for --Fix chain template offload (bsc#1222350). * CVE-2024-26677: kABI fix for -Fix delayed ACKs to not set the reference serial number (bsc#1222387). * CVE-2024-41050: Cyclic allocation of msg_id to avoid reuse (bsc#1228499). * CVE-2024-41051: Wait for ondemand_object_worker to finish when dropping object (bsc#1228468). * CVE-2024-41074: Set object to close if ondemand_id > 0 in copen (bsc#1228643). * CVE-2024-41075: Add consistency check for copen/cread (bsc#1228646). * CVE-2024-41012: Remove locks reliably when fcntl/close race is detected (bsc#1228247). * CVE-2024-41080: Fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616). * CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989). * CVE-2024-42159: Use proper format specifier in mpi3mr_sas_port_add() (bsc#1228754 CVE-2024-42159 git-fixes). * CVE-2024-42241: Disable PMD-sized page cache if needed (bsc#1228986). * CVE-2024-42245: Revert "Make sure to try to detach at least one movable task" (bsc#1228978). * CVE-2024-26735: Fix possible use-after-free and null-ptr-deref (bsc#1222372). * CVE-2024-26837: Skip MDB replays of deferred events on offload (bsc#1222973). * CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733). * CVE-2024-42156: Wipe copies of clear-key structures on failure (bsc#1228722). * CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727). * CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720). * CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885). * CVE-2024-36911: Do not free decrypted memory (bsc#1225745). * CVE-2024-36910: Do not free decrypted memory (bsc#1225717). * CVE-2024-36909: Do not free ring buffers that couldn't be re-encrypted (bsc#1225744). * CVE-2024-40938: Fix d_parent walk (bsc#1227840). * CVE-2024-42247: Avoid unaligned 64-bit memory accesses (bsc#1228988). * CVE-2024-41010: Add netlink helper library (bsc#1228021). * CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493). * CVE-2024-42095: Fix Errata i2310 with RX FIFO level check (bsc#1228446). * CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579). * CVE-2024-42138: Fix double memory deallocation in case of invalid INI file (bsc#1228500). * CVE-2024-42107: Do not process extts if PTP is disabled (bsc#1228494). * CVE-2024-42139: Fix improper extts handling (bsc#1228503). * CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501). * CVE-2024-42113: Initialize num_q_vectors for MSI/INTx interrupts (bsc#1228568). * CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487). * CVE-2024-42142: E-switch, Create ingress ACL when needed (bsc#1228491). * CVE-2024-42073: Fix memory corruptions on Spectrum-4 systems (bsc#1228457). * CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706). * CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482). * CVE-2024-40978: Fix crash while reading debugfs attribute (bsc#1227929). * CVE-2024-41000: Prefer different overflow check (bsc#1227867). * CVE-2024-40995: Fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830). * CVE-2024-42161: Avoid uninitialized value in BPF_CORE_READ_BITFIELD (bsc#1228756). * CVE-2024-41069: Fix route memory corruption (bsc#1228644). * CVE-2024-39506: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet (bsc#1227729). * CVE-2024-42145: Implement a limit on UMAD receive List (bsc#1228743). * CVE-2024-40994: Fix integer overflow in max_vclocks_store (bsc#1227829). * CVE-2024-42124: Make qedf_execute_tmf() non-preemptible (bsc#1228705). * CVE-2024-42096: Stop playing stack games in profile_pc() (bsc#1228633). * CVE-2024-42224: Correct check for empty list (bsc#1228723). * CVE-2024-41048: Skip zero length skb in sk_msg_recvmsg (bsc#1228565). * CVE-2024-40958: Make get_net_ns() handle zero refcount net (bsc#1227812). * CVE-2024-40939: Fix tainted pointer delete is case of region creation fail (bsc#1227799). * CVE-2024-36933: Restore skb->{protocol,data,mac_header} for outer header in nsh_gso_segment() (bsc#1225832). * CVE-2024-36929: Reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814). * CVE-2024-41044: Reject claimed-as-LCP but actually malformed packets (bsc#1228530). * CVE-2024-41066: Add tx check to prevent skb leak (bsc#1228640). * CVE-2024-42093: Avoid explicit cpumask var allocation on stack (bsc#1228680). * CVE-2024-42122: Add NULL pointer check for kzalloc (bsc#1228591). * CVE-2024-41078: Fix quota root leak after quota disable failure (bsc#1228655). * CVE-2024-40989: Disassociate vcpus from redistributor region on teardown (bsc#1227823). * CVE-2024-41064: Avoid possible crash when edev->pdev changes (bsc#1228599). * CVE-2024-41036: Fix deadlock with the SPI chip variant (bsc#1228496) * CVE-2024-41040: Fix UAF when resolving a clash (bsc#1228518). * CVE-2024-35949: Make sure that WRITTEN is set on all metadata blocks (bsc#1224700). * CVE-2024-41081: Block BH in ila_output() (bsc#1228617). * CVE-2024-41076: Fix memory leak in nfs4_set_security_label (bsc#1228649). * CVE-2024-42079: Fix NULL pointer dereference in gfs2_log_flush (bsc#1228672). * CVE-2024-41057: Fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1228462). * CVE-2024-41058: Fix slab-use-after-free in fscache_withdraw_volume() (bsc#1228459). * CVE-2024-41015: Add bounds checking to ocfs2_check_dir_entry() (bsc#1228409). * CVE-2024-40956: Fix possible Use-After-Free in irq_process_work_list (bsc#1227810). * CVE-2024-27437: Disable auto-enable of exclusive INTx IRQ (bsc#1222625). * CVE-2024-41032: Check if a hash-index is in cpu_possible_mask (bsc#1228460) * CVE-2024-40957: Fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors (bsc#1227811) * CVE-2024-41041: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (bsc#1228520). * CVE-2024-40954: Do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-42070: Fully validate NFT_DATA_VALUE on store to data registers (bsc#1228470). * CVE-2024-41070: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (bsc#1228581). * CVE-2024-40959: Check ip6_dst_idev() return value in xfrm6_get_saddr() (bsc#1227884). * CVE-2024-41009: Fix overrunning reservations in ringbuf (bsc#1228020). * CVE-2024-40909: Fix a potential use-after-free in bpf_link_free() (bsc#1227798). * CVE-2024-27024: Fix WARNING in rds_conn_connect_if_down (bsc#1223777). The following non-security bugs were fixed: * ACPI: battery: create alarm sysfs attribute atomically (stable-fixes). * ACPI: processor_idle: use raw_safe_halt() in acpi_idle_play_dead() (git- fixes). * ACPI: SBS: manage alarm sysfs attribute through psy core (stable-fixes). * ACPI/NUMA: Apply SRAT proximity domain to entire CFMWS window (git-fixes). * afs: fix __afs_break_callback() / afs_drop_open_mmap() race (git-fixes). * ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable- fixes). * ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable- fixes). * ALSA: hda: Conditionally use snooping for AMD HDMI (git-fixes). * ALSA: hda: conexant: Fix headset auto detect fail in the polling mode (git- fixes). * ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes). * ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes). * ALSA: hda/realtek - Fixed ALC256 headphone no sound (stable-fixes). * ALSA: hda/realtek - FIxed ALC285 headphone no sound (stable-fixes). * ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes). * ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes). * ALSA: hda/realtek: Add quirk for Acer Aspire E5-574G (stable-fixes). * ALSA: hda/realtek: Add support for new HP G12 laptops (stable-fixes). * ALSA: hda/realtek: Enable mute/micmute LEDs on HP Laptop 14-ey0xxx (stable- fixes). * ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (git- fixes). * ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book3 Ultra (stable-fixes). * ALSA: hda/realtek: Implement sound init sequence for Samsung Galaxy Book3 Pro 360 (stable-fixes). * ALSA: hda/realtek: support HP Pavilion Aero 13-bg0xxx Mute LED (stable- fixes). * ALSA: hda/tas2781: fix wrong calibrated data order (git-fixes). * ALSA: hda/tas2781: Use correct endian conversion (git-fixes). * ALSA: line6: Fix racy access to midibuf (stable-fixes). * ALSA: line6: Fix racy access to midibuf (stable-fixes). * ALSA: seq: Skip event type filtering for UMP events (git-fixes). * ALSA: seq: ump: Explicitly reset RPN with Null RPN (stable-fixes). * ALSA: seq: ump: Optimize conversions from SysEx to UMP (git-fixes). * ALSA: seq: ump: Transmit RPN/NRPN message at each MSB/LSB data reception (stable-fixes). * ALSA: seq: ump: Use the common RPN/bank conversion context (stable-fixes). * ALSA: timer: Relax start tick time check for slave timer elements (git- fixes). * ALSA: ump: Explicitly reset RPN with Null RPN (stable-fixes). * ALSA: ump: Transmit RPN/NRPN message at each MSB/LSB data reception (stable- fixes). * ALSA: usb-audio: Add delay quirk for VIVO USB-C-XE710 HEADSET (stable- fixes). * ALSA: usb-audio: Correct surround channels in UAC1 channel map (git-fixes). * ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes). * ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes). * ALSA: usb-audio: Support Yamaha P-125 quirk entry (stable-fixes). * ALSA: usb: Fix UBSAN warning in parse_audio_unit() (stable-fixes). * apparmor: unpack transition table if dfa is not present (bsc#1226031). * arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git- fixes) * arm64: Add Neoverse-V2 part (git-fixes) * arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git- fixes) * arm64: barrier: Restore spec_bar() macro (git-fixes) * arm64: cputype: Add Cortex-A720 definitions (git-fixes) * arm64: cputype: Add Cortex-A725 definitions (git-fixes) * arm64: cputype: Add Cortex-X1C definitions (git-fixes) * arm64: cputype: Add Cortex-X3 definitions (git-fixes) * arm64: cputype: Add Cortex-X4 definitions (git-fixes) * arm64: cputype: Add Cortex-X925 definitions (git-fixes) * arm64: cputype: Add Neoverse-V3 definitions (git-fixes) * arm64: dts: imx8mp: add HDMI power-domains (git-fixes) * arm64: dts: imx8mp: Add NPU Node (git-fixes) * arm64: dts: imx8mp: Fix pgc vpu locations (git-fixes) * arm64: dts: imx8mp: Fix pgc_mlmix location (git-fixes) * arm64: errata: Expand speculative SSBS workaround (again) (git-fixes) * arm64: errata: Expand speculative SSBS workaround (git-fixes) * arm64: errata: Unify speculative SSBS errata logic (git-fixes). Update config files. * arm64: Fix KASAN random tag seed initialization (git-fixes) * arm64: jump_label: Ensure patched jump_labels are visible to all CPUs (git- fixes) * ASoC: allow module autoloading for table board_ids (stable-fixes). * ASoC: allow module autoloading for table db1200_pids (stable-fixes). * ASoC: amd: acp: fix module autoloading (git-fixes). * ASoC: amd: yc: Add quirk entry for OMEN by HP Gaming Laptop 16-n0xxx (bsc#1227182). * ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes). * ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes). * ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes). * ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes). * ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes). * ASoC: cs35l45: Checks index of cs35l45_irqs[] (stable-fixes). * ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes). * ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes). * ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable- fixes). * ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable- fixes). * ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes). * ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes). * ASoC: mediatek: mt8188: Mark AFE_DAC_CON0 register as volatile (stable- fixes). * ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes). * ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes). * ASoC: nau8822: Lower debug print priority (stable-fixes). * ASoC: nau8822: Lower debug print priority (stable-fixes). * ASoC: SOF: amd: Fix for acp init sequence (git-fixes). * ASoC: SOF: Intel: hda-dsp: Make sure that no irq handler is pending before suspend (stable-fixes). * ASoC: SOF: ipc4: check return value of snd_sof_ipc_msg_data (stable-fixes). * ASoC: SOF: mediatek: Add missing board compatible (stable-fixes). * ASoC: SOF: Remove libraries from topology lookups (git-fixes). * ASoC: SOF: Remove libraries from topology lookups (git-fixes). * ata: libata-scsi: Do not overwrite valid sense data when CK_COND=1 (stable- fixes). * ata: libata-scsi: Honor the D_SENSE bit for CK_COND=1 and no error (stable- fixes). * Bluetooth: Add device 13d3:3572 IMC Networks Bluetooth Radio (stable-fixes). * Bluetooth: bnep: Fix out-of-bound access (stable-fixes). * Bluetooth: btintel: Fail setup on error (git-fixes). * Bluetooth: btnxpuart: Shutdown timer and prevent rearming when driver unloading (stable-fixes). * Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x13d3:0x3591 (stable- fixes). * Bluetooth: btusb: Add RTL8852BE device 0489:e125 to device tables (stable- fixes). * Bluetooth: Fix usage of __hci_cmd_sync_status (git-fixes). * Bluetooth: hci_conn: Check non NULL function before calling for HFP offload (stable-fixes). * Bluetooth: hci_core: Fix LE quote calculation (git-fixes). * Bluetooth: hci_core: Fix not handling hibernation actions (git-fixes). * Bluetooth: hci_sync: avoid dup filtering when passive scanning with adv monitor (git-fixes). * Bluetooth: hci_sync: Fix suspending with wrong filter policy (git-fixes). * Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() (git- fixes). * Bluetooth: L2CAP: Fix deadlock (git-fixes). * Bluetooth: MGMT: Add error handling to pair_device() (git-fixes). * Bluetooth: SMP: Fix assumption of Central always being Initiator (git- fixes). * bnxt_re: Fix imm_data endianness (git-fixes) * bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG (git-fixes) * bpf, lpm: Fix check prefixlen before walking trie (git-fixes). * bpf: Add crosstask check to __bpf_get_stack (git-fixes). * bpf: Detect IP == ksym.end as part of BPF program (git-fixes). * bpf: do not infer PTR_TO_CTX for programs with unnamed context type (git- fixes). * bpf: enforce precision of R0 on callback return (git-fixes). * bpf: Ensure proper register state printing for cond jumps (git-fixes). * bpf: extract bpf_ctx_convert_map logic and make it more reusable (git- fixes). * bpf: Fix a few selftest failures due to llvm18 change (git-fixes). * bpf: Fix a kernel verifier crash in stacksafe() (bsc#1225903). * bpf: Fix check_stack_write_fixed_off() to correctly spill imm (git-fixes). * bpf: fix control-flow graph checking in privileged mode (git-fixes). * bpf: Fix kfunc callback register type handling (git-fixes). * bpf: Fix prog_array_map_poke_run map poke update (git-fixes). * bpf: Fix unnecessary -EBUSY from htab_lock_bucket (git-fixes). * bpf: handle bpf_user_pt_regs_t typedef explicitly for PTR_TO_CTX global arg (git-fixes). * bpf: hardcode BPF_PROG_PACK_SIZE to 2MB * num_possible_nodes() (git-fixes). * bpf: kprobe: remove unused declaring of bpf_kprobe_override (git-fixes). * bpf: Mark bpf_spin_{lock,unlock}() helpers with notrace correctly (git- fixes). * bpf: Remove unnecessary wait from bpf_map_copy_value() (git-fixes). * bpf: Set uattr->batch.count as zero before batched update or deletion (git- fixes). * bpf: simplify btf_get_prog_ctx_type() into btf_is_prog_ctx_type() (git- fixes). * bpf/tests: Remove duplicate JSGT tests (git-fixes). * bpftool: Align output skeleton ELF code (git-fixes). * bpftool: Fix -Wcast-qual warning (git-fixes). * bpftool: mark orphaned programs during prog show (git-fixes). * bpftool: Silence build warning about calloc() (git-fixes). * btrfs: add a btrfs_finish_ordered_extent helper (git-fixes). * btrfs: add a is_data_bbio helper (git-fixes). * btrfs: add an ordered_extent pointer to struct btrfs_bio (git-fixes). * btrfs: copy dir permission and time when creating a stub subvolume (bsc#1228321). * btrfs: ensure fast fsync waits for ordered extents after a write failure (git-fixes). * btrfs: factor out a btrfs_queue_ordered_fn helper (git-fixes). * btrfs: factor out a can_finish_ordered_extent helper (git-fixes). * btrfs: fix corruption after buffer fault in during direct IO append write (git-fixes). * btrfs: fix double inode unlock for direct IO sync writes (git-fixes). * btrfs: fix extent map use-after-free when adding pages to compressed bio (git-fixes). * btrfs: fix leak of qgroup extent records after transaction abort (git- fixes). * btrfs: fix ordered extent split error handling in btrfs_dio_submit_io (git- fixes). * btrfs: limit write bios to a single ordered extent (git-fixes). * btrfs: make btrfs_finish_ordered_extent() return void (git-fixes). * btrfs: merge the two calls to btrfs_add_ordered_extent in run_delalloc_nocow (git-fixes). * btrfs: open code btrfs_bio_end_io in btrfs_dio_submit_io (git-fixes). * btrfs: open code end_extent_writepage in end_bio_extent_writepage (git- fixes). * btrfs: pass a btrfs_inode to btrfs_fdatawrite_range() (git-fixes). * btrfs: pass a btrfs_inode to btrfs_wait_ordered_range() (git-fixes). * btrfs: pass an ordered_extent to btrfs_reloc_clone_csums (git-fixes). * btrfs: pass an ordered_extent to btrfs_submit_compressed_write (git-fixes). * btrfs: remove btrfs_add_ordered_extent (git-fixes). * btrfs: rename err to ret in btrfs_direct_write() (git-fixes). * btrfs: uninline some static inline helpers from tree-log.h (git-fixes). * btrfs: use a btrfs_inode in the log context (struct btrfs_log_ctx) (git- fixes). * btrfs: use a btrfs_inode local variable at btrfs_sync_file() (git-fixes). * btrfs: use bbio->ordered in btrfs_csum_one_bio (git-fixes). * btrfs: use btrfs_finish_ordered_extent to complete buffered writes (git- fixes). * btrfs: use btrfs_finish_ordered_extent to complete compressed writes (git- fixes). * btrfs: use btrfs_finish_ordered_extent to complete direct writes (git- fixes). * btrfs: use irq safe locking when running and adding delayed iputs (git- fixes). * cachefiles, erofs: Fix NULL deref in when cachefiles is not doing ondemand- mode (bsc#1229245). * cachefiles: add missing lock protection when polling (bsc#1229256). * cachefiles: add restore command to recover inflight ondemand read requests (bsc#1229244). * cachefiles: add spin_lock for cachefiles_ondemand_info (bsc#1229249). * cachefiles: cancel all requests for the object that is being dropped (bsc#1229255). * cachefiles: defer exposing anon_fd until after copy_to_user() succeeds (bsc#1229251). * cachefiles: extract ondemand info field from cachefiles_object (bsc#1229240). * cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read() (bsc#1229247). * cachefiles: fix slab-use-after-free in cachefiles_ondemand_get_fd() (bsc#1229246). * cachefiles: introduce object ondemand state (bsc#1229239). * cachefiles: make on-demand read killable (bsc#1229252). * cachefiles: narrow the scope of triggering EPOLLIN events in ondemand mode (bsc#1229243). * cachefiles: never get a new anonymous fd if ondemand_id is valid (bsc#1229250). * cachefiles: propagate errors from vfs_getxattr() to avoid infinite loop (bsc#1229253). * cachefiles: remove err_put_fd label in cachefiles_ondemand_daemon_read() (bsc#1229248). * cachefiles: resend an open request if the read request's object is closed (bsc#1229241). * cachefiles: stop sending new request when dropping object (bsc#1229254). * can: mcp251xfd: tef: prepare to workaround broken TEF FIFO tail index erratum (stable-fixes). * can: mcp251xfd: tef: update workaround for erratum DS80000789E 6 of mcp2518fd (stable-fixes). * ceph: periodically flush the cap releases (bsc#1230056). * cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254). * cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254). * cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254). * cgroup: preserve KABI of cgroup_root (bsc#1222254). * cgroup: Remove unnecessary list_empty() (bsc#1222254). * cgroup/cpuset: Prevent UAF in proc_cpuset_show() (bsc#1228801). * char: xillybus: Check USB endpoints when probing device (git-fixes). * char: xillybus: Do not destroy workqueue from work item running on it (stable-fixes). * char: xillybus: Refine workqueue handling (git-fixes). * clk: en7523: fix rate divider for slic and spi clocks (git-fixes). * clk: qcom: camcc-sc7280: Add parent dependency to all camera GDSCs (git- fixes). * clk: qcom: gcc-sa8775p: Update the GDSC wait_val fields and flags (git- fixes). * clk: qcom: gcc-sc7280: Update force mem core bit for UFS ICE clock (git- fixes). * clk: qcom: gpucc-sa8775p: Park RCG's clk source at XO during disable (git- fixes). * clk: qcom: gpucc-sa8775p: Remove the CLK_IS_CRITICAL and ALWAYS_ON flags (git-fixes). * clk: qcom: gpucc-sa8775p: Update wait_val fields for GPU GDSC's (git-fixes). * clk: qcom: gpucc-sm8350: Park RCG's clk source at XO during disable (git- fixes). * clk: qcom: kpss-xcc: Return of_clk_add_hw_provider to transfer the error (git-fixes). * clk: qcom: Park shared RCGs upon registration (git-fixes). * clk: visconti: Add bounds-checking coverage for struct visconti_pll_provider (stable-fixes). * clocksource/drivers/sh_cmt: Address race condition for clock events (stable- fixes). * cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). * cxl/region: Move cxl_dpa_to_region() work to the region driver (bsc#1228472) * dev/parport: fix the array out-of-bounds risk (stable-fixes). * device property: Add cleanup.h based fwnode_handle_put() scope based cleanup (stable-fixes). * dmaengine: dw: Add memory bus width verification (git-fixes). * dmaengine: dw: Add peripheral bus width verification (git-fixes). * docs: KVM: Fix register ID of SPSR_FIQ (git-fixes). * driver core: Fix uevent_show() vs driver detach race (git-fixes). * drm/admgpu: fix dereferencing null pointer context (stable-fixes). * drm/amd/display: Add delay to improve LTTPR UHBR interop (stable-fixes). * drm/amd/display: Add NULL check for 'afb' before dereferencing in amdgpu_dm_plane_handle_cursor_update (stable-fixes). * drm/amd/display: Add null checker before passing variables (stable-fixes). * drm/amd/display: Adjust cursor position (git-fixes). * drm/amd/display: avoid using null object of framebuffer (git-fixes). * drm/amd/display: Check for NULL pointer (stable-fixes). * drm/amd/display: fix cursor offset on rotation 180 (git-fixes). * drm/amd/display: fix s2idle entry for DCN3.5+ (stable-fixes). * drm/amd/display: Skip Recompute DSC Params if no Stream on Link (stable- fixes). * drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr (stable- fixes). * drm/amdgpu: Actually check flags for all context ops (stable-fixes). * drm/amdgpu: Add lock around VF RLCG interface (stable-fixes). * drm/amdgpu: fix dereference null return value for the function amdgpu_vm_pt_parent (stable-fixes). * drm/amdgpu: fix potential resource leak warning (stable-fixes). * drm/amdgpu: Fix the null pointer dereference to ras_manager (stable-fixes). * drm/amdgpu: Forward soft recovery errors to userspace (stable-fixes). * drm/amdgpu: reset vm state machine after gpu reset(vram lost) (stable- fixes). * drm/amdgpu: Validate TA binary size (stable-fixes). * drm/amdgpu/jpeg2: properly set atomics vmid field (stable-fixes). * drm/amdgpu/jpeg4: properly set atomics vmid field (stable-fixes). * drm/amdgpu/pm: Fix the null pointer dereference for smu7 (stable-fixes). * drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules (stable-fixes). * drm/amdgpu/pm: Fix the param type of set_power_profile_mode (stable-fixes). * drm/amdgpu/sdma5.2: limit wptr workaround to sdma 5.2.1 (git-fixes). * drm/amdgpu/sdma5.2: Update wptr registers as well as doorbell (stable- fixes). * drm/bridge: analogix_dp: properly handle zero sized AUX transactions (stable-fixes). * drm/client: fix null pointer dereference in drm_client_modeset_probe (git- fixes). * drm/dp_mst: Skip CSN if topology probing is not done yet (stable-fixes). * drm/etnaviv: do not block scheduler when GPU is still active (stable-fixes). * drm/i915: Fix possible int overflow in skl_ddi_calculate_wrpll() (git- fixes). * drm/i915/dsi: Make Lenovo Yoga Tab 3 X90F DMI match less strict (git-fixes). * drm/i915/gem: Adjust vma offset for framebuffer mmap offset (stable-fixes). * drm/i915/gem: Fix Virtual Memory mapping boundaries calculation (git-fixes). * drm/i915/hdcp: Fix HDCP2_STREAM_STATUS macro (git-fixes). * drm/lima: set gp bus_stop bit before hard reset (stable-fixes). * drm/mediatek/dp: Fix spurious kfree() (git-fixes). * drm/msm: Reduce fallout of fence signaling vs reclaim hangs (stable-fixes). * drm/msm/dp: fix the max supported bpp logic (git-fixes). * drm/msm/dp: reset the link phy params before link training (git-fixes). * drm/msm/dpu: capture snapshot on the first commit_done timeout (stable- fixes). * drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (git-fixes). * drm/msm/dpu: do not play tricks with debug macros (git-fixes). * drm/msm/dpu: drop MSM_ENC_VBLANK support (stable-fixes). * drm/msm/dpu: move dpu_encoder's connector assignment to atomic_enable() (git-fixes). * drm/msm/dpu: split dpu_encoder_wait_for_event into two functions (stable- fixes). * drm/msm/dpu: take plane rotation into account for wide planes (git-fixes). * drm/msm/dpu: try multirect based on mdp clock limits (stable-fixes). * drm/msm/dpu: use drmm-managed allocation for dpu_encoder_phys (stable- fixes). * drm/msm/mdss: Rename path references to mdp_path (stable-fixes). * drm/msm/mdss: switch mdss to use devm_of_icc_get() (stable-fixes). * drm/nouveau: prime: fix refcount underflow (git-fixes). * drm/panel: nt36523: Set 120Hz fps for xiaomi,elish panels (stable-fixes). * drm/radeon: Remove __counted_by from StateArray.states[] (git-fixes). * drm/radeon/evergreen_cs: Clean up errors in evergreen_cs.c (bsc#1229024). * drm/rockchip: vop2: clear afbc en and transform bit for cluster window at linear mode (stable-fixes). * drm/virtio: Fix type of dma-fence context variable (git-fixes). * drm/vmwgfx: Fix a deadlock in dma buf fence polling (git-fixes). * drm/vmwgfx: Fix overlay when using Screen Targets (git-fixes). * drm/vmwgfx: Fix prime with external buffers (git-fixes). * efi/libstub: Zero initialize heap allocated struct screen_info (git-fixes). * evm: do not copy up 'security.evm' xattr (git-fixes). * firmware: cirrus: cs_dsp: Initialize debugfs_root to invalid (stable-fixes). * fs/netfs/fscache_cookie: add missing "n_accesses" check (bsc#1229455). * fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229456). * genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (git- fixes). * genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (git- fixes). * genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() (git- fixes). * gfs2: setattr_chown: Add missing initialization (git-fixes). * gpio: mlxbf3: Support shutdown() function (git-fixes). * gpio: prevent potential speculation leaks in gpio_device_get_desc() (stable- fixes). * gpio: sysfs: extend the critical section for unregistering sysfs devices (stable-fixes). * gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git- fixes). * hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (git-fixes). * HID: wacom: Defer calculation of resolution until resolution_code is known (git-fixes). * hwmon: (ltc2992) Avoid division by zero (stable-fixes). * hwmon: (ltc2992) Fix memory leak in ltc2992_parse_dt() (git-fixes). * hwmon: (pc87360) Bounds check data->innr usage (stable-fixes). * i2c: Fix conditional for substituting empty ACPI functions (stable-fixes). * i2c: qcom-geni: Add missing clk_disable_unprepare in geni_i2c_runtime_resume (git-fixes). * i2c: qcom-geni: Add missing geni_icc_disable in geni_i2c_runtime_resume (git-fixes). * i2c: qcom-geni: Add missing geni_icc_disable in geni_i2c_runtime_resume (git-fixes). * i2c: riic: avoid potential division by zero (stable-fixes). * i2c: smbus: Improve handling of stuck alerts (git-fixes). * i2c: smbus: Send alert notifications to all devices if source not found (git-fixes). * i2c: stm32f7: Add atomic_xfer method to driver (stable-fixes). * i2c: Use IS_REACHABLE() for substituting empty ACPI functions (git-fixes). * i3c: mipi-i3c-hci: Do not unmap region not mapped for transfer (stable- fixes). * i3c: mipi-i3c-hci: Remove BUG() when Ring Abort request times out (stable- fixes). * i915/perf: Remove code to update PWR_CLK_STATE for gen12 (git-fixes). * ice: Fix NULL pointer access, if PF does not support SRIOV_LAG (bsc#1228737). * Input: i8042 - add forcenorestore quirk to leave controller untouched even on s3 (stable-fixes). * Input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table (bsc#1229056). * Input: i8042 - use new forcenorestore quirk to replace old buggy quirk combination (stable-fixes). * Input: MT - limit max slots (stable-fixes). * io_uring: Drop per-ctx dummy_ubuf (git-fixes). * io_uring: fix io_match_task must_hold (git-fixes). * io_uring: Fix probe of disabled operations (git-fixes). * io_uring: tighten task exit cancellations (git-fixes). * io_uring/advise: support 64-bit lengths (git-fixes). * iommu/amd: Convert comma to semicolon (git-fixes). * iommu/vt-d: Fix identity map bounds in si_domain_init() (git-fixes). * iommufd/device: Fix hwpt at err_unresv in iommufd_device_do_replace() (git- fixes). * ip6_tunnel: Fix broken GRO (bsc#1229444). * ipv6: sr: fix incorrect unregister order (git-fixes). * irqdomain: Fixed unbalanced fwnode get and put (git-fixes). * jfs: define xtree root and page independently (git-fixes). * jfs: fix null ptr deref in dtInsertEntry (git-fixes). * jfs: Fix shift-out-of-bounds in dbDiscardAG (git-fixes). * jump_label: Clarify condition in static_key_fast_inc_not_disabled() (git- fixes). * jump_label: Fix concurrency issues in static_key_slow_dec() (git-fixes). * jump_label: Fix the fix, brown paper bags galore (git-fixes). * jump_label: Simplify and clarify static_key_fast_inc_cpus_locked() (git- fixes). * kabi fix for KVM: s390: fix LPSWEY handling (bsc#1227634 git-fixes). * kabi fix for SUNRPC: add a missing rpc_stat for TCP TLS (git-fixes). * kABI fix of: virtio-crypto: handle config changed by work queue (git-fixes). * kABI workaround for sound core UMP conversion (stable-fixes). * kabi/severities: ignore kABI for FireWire sound local symbols (bsc#1208783) * kabi/severity: add nvme common code The nvme common code is also allowed to change the data structures, there are only internal users. * kcov: properly check for softirq context (git-fixes). * kernfs: Convert kernfs_path_from_node_locked() from strlcpy() to strscpy() (bsc#1229134). * kernfs: fix false-positive WARN(nr_mmapped) in kernfs_drain_open_files (git- fixes). * kprobes: Fix to check symbol prefixes correctly (git-fixes). * kprobes: Prohibit probing on CFI preamble symbol (git-fixes). * KVM: Always flush async #PF workqueue when vCPU is being destroyed (git- fixes). * KVM: arm64: AArch32: Fix spurious trapping of conditional instructions (git- fixes). * KVM: arm64: Add missing memory barriers when switching to pKVM's hyp pgd (git-fixes). * KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode (git- fixes). * KVM: arm64: Fix __pkvm_init_switch_pgd call ABI (git-fixes). * KVM: arm64: Fix AArch32 register narrowing on userspace write (git-fixes). * KVM: arm64: Fix clobbered ELR in sync abort/SError (git-fixes) * KVM: arm64: GICv4: Do not perform a map to a mapped vLPI (git-fixes). * KVM: arm64: timers: Correctly handle TGE flip with CNTPOFF_EL2 (git-fixes). * KVM: arm64: timers: Fix resource leaks in kvm_timer_hyp_init() (git-fixes). * KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() (git-fixes). * KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler (git-fixes). * KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id (git-fixes). * KVM: arm64: vgic-v4: Restore pending state on host userspace write (git- fixes). * KVM: arm64: vgic: Add a non-locking primitive for kvm_vgic_vcpu_destroy() (git-fixes). * KVM: arm64: vgic: Force vcpu vgic teardown on vcpu destroy (git-fixes). * KVM: arm64: vgic: Simplify kvm_vgic_destroy() (git-fixes). * KVM: fix kvm_mmu_memory_cache allocation warning (git-fixes). * KVM: Make KVM_MEM_GUEST_MEMFD mutually exclusive with KVM_MEM_READONLY (git- fixes). * KVM: nVMX: Add a helper to get highest pending from Posted Interrupt vector (git-fixes). * KVM: nVMX: Check for pending posted interrupts when looking for nested events (git-fixes). * KVM: nVMX: Request immediate exit iff pending nested event needs injection (git-fixes). * KVM: PPC: Book3S HV: Fix the set_one_reg for MMCR3 (bsc#1194869). * KVM: PPC: Book3S HV: Handle pending exceptions on guest entry with MSR_EE (bsc#1215199). * KVM: Protect vcpu->pid dereference via debugfs with RCU (git-fixes). * KVM: Reject overly excessive IDs in KVM_CREATE_VCPU (git-fixes). * KVM: s390: fix LPSWEY handling (bsc#1227634 git-fixes). * KVM: s390: fix validity interception issue when gisa is switched off (git- fixes bsc#1229167). * kvm: s390: Reject memory region operations for ucontrol VMs (git-fixes bsc#1229168). * KVM: Stop processing _all_ memslots when "null" mmu_notifier handler is found (git-fixes). * KVM: VMX: Move posted interrupt descriptor out of VMX code (git-fixes). * KVM: VMX: Split out the non-virtualization part of vmx_interrupt_blocked() (git-fixes). * KVM: VMX: Switch __vmx_exit() and kvm_x86_vendor_exit() in vmx_exit() (git- fixes). * KVM: x86: Limit check IDs for KVM_SET_BOOT_CPU_ID (git-fixes). * KVM: x86/mmu: Bug the VM if KVM tries to split a !hugepage SPTE (git-fixes). * libbpf: Add missing LIBBPF_API annotation to libbpf_set_memlock_rlim API (git-fixes). * libbpf: Apply map_set_def_max_entries() for inner_maps on creation (git- fixes). * libbpf: Fix faccessat() usage on Android (git-fixes). * libbpf: Use OPTS_SET() macro in bpf_xdp_query() (git-fixes). * md-cluster: fix hanging issue while a new disk adding (bsc#1223395). * md-cluster: fix hanging issue while a new disk adding (bsc#1223395). * md-cluster: fix no recovery job when adding/re-adding a disk (bsc#1223395). * md-cluster: fix no recovery job when adding/re-adding a disk (bsc#1223395). * md-cluster: keeping kabi compatibility for upstream commit 35a0a409fa26 (bsc#1223395). * md: add a mddev_add_trace_msg helper (git-fixes). * md: add check for sleepers in md_wakeup_thread() (git-fixes). * md: change the return value type of md_write_start to void (git-fixes). * md: do not account sync_io if iostats of the disk is disabled (git-fixes). * md: do not delete safemode_timer in mddev_suspend (git-fixes). * md: Do not wait for MD_RECOVERY_NEEDED for HOT_REMOVE_DISK ioctl (git- fixes). * md: factor out a helper exceed_read_errors() to check read_errors (git- fixes). * md: fix a suspicious RCU usage warning (git-fixes). * md/md-bitmap: fix writing non bitmap pages (git-fixes). * md/raid1: set max_sectors during early return from choose_slow_rdev() (git- fixes). * md/raid1: support read error check (git-fixes). * md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (git-fixes). * md/raid5: fix spares errors about rcu usage (git-fixes). * md/raid5: recheck if reshape has finished with device_lock held (git-fixes). * media: amphion: Remove lock in s_ctrl callback (stable-fixes). * media: drivers/media/dvb-core: copy user arrays safely (stable-fixes). * media: pci: cx23885: check cx23885_vdev_init() return (stable-fixes). * media: Revert "media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()" (git-fixes). * media: uvcvideo: Add quirk for invalid dev_sof in Logitech C920 (git-fixes). * media: uvcvideo: Disable autosuspend for Insta360 Link (stable-fixes). * media: uvcvideo: Fix the bandwdith quirk on USB 3.x (stable-fixes). * media: uvcvideo: Ignore empty TS packets (stable-fixes). * media: uvcvideo: Quirk for invalid dev_sof in Logitech C922 (stable-fixes). * media: xc2028: avoid use-after-free in load_firmware_cb() (stable-fixes). * memcg: protect concurrent access to mem_cgroup_idr (git-fixes). * memory: stm32-fmc2-ebi: check regmap_read return value (stable-fixes). * memory: tegra: Skip SID programming if SID registers are not set (stable- fixes). * minmax: add a few more MIN_T/MAX_T users (bsc#1229024). * minmax: avoid overly complicated constant expressions in VM code (bsc#1229024). * minmax: do not use max() in situations that want a C constant expression (bsc#1229024). * minmax: fix up min3() and max3() too (bsc#1229024). * minmax: improve macro expansion and type checking (bsc#1229024). * minmax: make generic MIN() and MAX() macros available everywhere (bsc#1229024). * minmax: simplify and clarify min_t()/max_t() implementation (bsc#1229024). * minmax: simplify min()/max()/clamp() implementation (bsc#1229024). * mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes). * mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes). * mmc: dw_mmc: allow biu and ciu clocks to defer (git-fixes). * mmc: mmc_test: Fix NULL dereference on allocation failure (git-fixes). * mmc: mtk-sd: receive cmd8 data when hs400 tuning fail (git-fixes). * net: drop bad gso csum_start and offset in virtio_net_hdr (git-fixes). * net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb() (git-fixes). * net: fix sk_memory_allocated_{add|sub} vs softirqs (bsc#1228757). * net: mana: Add support for page sizes other than 4KB on ARM64 (jsc#PED-8491 bsc#1226530). * net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154). * net: mana: Fix race of mana_hwc_post_rx_wqe and new hwc response (git- fixes). * net: mana: Fix RX buf alloc_size alignment and atomic op panic (bsc#1229086). * net: missing check virtio (git-fixes). * net: phy: micrel: Fix the KSZ9131 MDI-X status issue (git-fixes). * net: phy: realtek: add support for RTL8366S Gigabit PHY (git-fixes). * net: usb: qmi_wwan: fix memory leak for not ip packets (git-fixes). * net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (git- fixes). * net/iucv: fix the allocation size of iucv_path_table array (git-fixes bsc#1229451). * net/iucv: fix use after free in iucv_sock_close() (bsc#1228973). * net/rds: fix possible cp null dereference (git-fixes). * net/sched: initialize noop_qdisc owner (git-fixes). * netfs, fscache: export fscache_put_volume() and add fscache_try_get_volume() (bsc#1228459 bsc#1228462). * nfc: pn533: Add poll mod list filling check (git-fixes). * nfs: do not invalidate dentries on transient errors (git-fixes). * nfs: expose /proc/net/sunrpc/nfs in net namespaces (git-fixes). * nfs: make the rpc_stat per net namespace (git-fixes). * nfs: pass explicit offset/count to trace events (git-fixes). * nfs: propagate readlink errors in nfs_symlink_filler (git-fixes). * NFSD: Support write delegations in LAYOUTGET (git-fixes). * NFSv4.1 another fix for EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). * nouveau/firmware: use dma non-coherent allocator (git-fixes). * nvme_core: scan namespaces asynchronously (bsc#1224105). * nvme-multipath: find NUMA path only for online numa-node (git-fixes). * nvme-multipath: implement "queue-depth" iopolicy (bsc#1227706). * nvme-multipath: prepare for "queue-depth" iopolicy (bsc#1227706). * nvme-pci: add missing condition check for existence of mapped data (git- fixes). * nvme-pci: do not directly handle subsys reset fallout (bsc#1220066). * nvme-pci: Fix the instructions for disabling power management (git-fixes). * nvme-sysfs: add 'tls_configured_key' sysfs attribute (bsc#1221857). * nvme-sysfs: add 'tls_keyring' attribute (bsc#1221857). * nvme-tcp: check for invalidated or revoked key (bsc#1221857). * nvme-tcp: sanitize TLS key handling (bsc#1221857). * nvme: add a newline to the 'tls_key' sysfs attribute (bsc#1221857). * nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset (git-fixes). * nvme: avoid double free special payload (git-fixes). * nvme: fix NVME_NS_DEAC may incorrectly identifying the disk as EXT_LBA (git- fixes). * nvme: fixup comment for nvme RDMA Provider Type (git-fixes). * nvme: split off TLS sysfs attributes into a separate group (bsc#1221857). * nvme: tcp: remove unnecessary goto statement (bsc#1221857). * nvmet-auth: fix nvmet_auth hash error handling (git-fixes). * nvmet: always initialize cqe.result (git-fixes). * nvmet: do not return 'reserved' for empty TSAS values (git-fixes). * nvmet: fix a possible leak when destroy a ctrl during qp establishment (git- fixes). * nvmet: make 'tsas' attribute idempotent for RDMA (git-fixes). * ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() (bsc#1228410). * padata: Fix possible divide-by-0 panic in padata_mt_helper() (git-fixes). * PCI: Add Edimax Vendor ID to pci_ids.h (stable-fixes). * PCI: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (git- fixes). * PCI: loongson: Enable MSI in LS7A Root Complex (stable-fixes). * perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09 (git- fixes). * pinctrl: mediatek: common-v2: Fix broken bias-disable for PULL_PU_PD_RSEL_TYPE (git-fixes). * pinctrl: rockchip: correct RK3328 iomux width flag for GPIO2-B pins (git- fixes). * pinctrl: single: fix potential NULL dereference in pcs_get_function() (git- fixes). * pinctrl: starfive: jh7110: Correct the level trigger configuration of iev register (git-fixes). * platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git- fixes). * platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git- fixes). * platform/surface: aggregator: Fix warning when controller is destroyed in probe (git-fixes). * platform/x86: lg-laptop: fix %s null argument warning (stable-fixes). * platform/x86/amd/hsmp: Add support for ACPI based probing (jsc#PED-8779). * platform/x86/amd/hsmp: Cache pci_dev in struct hsmp_socket (jsc#PED-8779). * platform/x86/amd/hsmp: Change devm_kzalloc() to devm_kcalloc() (jsc#PED-8779). * platform/x86/amd/hsmp: Check HSMP support on AMD family of processors (jsc#PED-8779). * platform/x86/amd/hsmp: Check num_sockets against MAX_AMD_SOCKETS (jsc#PED-8779). * platform/x86/amd/hsmp: Create static func to handle platdev (jsc#PED-8779). * platform/x86/amd/hsmp: Define a struct to hold mailbox regs (jsc#PED-8779). * platform/x86/amd/hsmp: Move dev from platdev to hsmp_socket (jsc#PED-8779). * platform/x86/amd/hsmp: Move hsmp_test to probe (jsc#PED-8779). * platform/x86/amd/hsmp: Non-ACPI support for AMD F1A_M00~0Fh (jsc#PED-8779). * platform/x86/amd/hsmp: Remove extra parenthesis and add a space (jsc#PED-8779). * platform/x86/amd/hsmp: Restructure sysfs group creation (jsc#PED-8779). * platform/x86/amd/hsmp: switch to use device_add_groups() (jsc#PED-8779). * platform/x86/intel/ifs: Initialize union ifs_status to zero (git-fixes). * power: supply: axp288_charger: Fix constant_charge_voltage writes (git- fixes). * power: supply: axp288_charger: Round constant_charge_voltage writes down (git-fixes). * power: supply: qcom_battmgr: return EAGAIN when firmware service is not up (git-fixes). * powerpc: fix a file leak in kvm_vcpu_ioctl_enable_cap() (bsc#1194869). * powerpc: xor_vmx: Add '-mhard-float' to CFLAGS (bsc#1194869). * powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (bsc#1194869). * powerpc/io: Avoid clang null pointer arithmetic warnings (bsc#1194869). * powerpc/kexec_file: fix cpus node update to FDT (bsc#1194869). * powerpc/kexec: make the update_cpus_node() function public (bsc#1194869). * powerpc/kexec: split CONFIG_KEXEC_FILE and CONFIG_CRASH_DUMP (bsc#1194869). * powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp (bsc#1194869). * powerpc/pseries: Whitelist dtl slub object for copying to userspace (bsc#1194869). * powerpc/radix: Move some functions into #ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE (bsc#1194869). * powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). * powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#" (bsc#1194869). * printk/panic: Allow cpu backtraces to be written into ringbuffer during panic (bsc#1225607). * RDMA: Fix netdev tracker in ib_device_set_netdev (git-fixes) * RDMA/cache: Release GID table even if leak is detected (git-fixes) * RDMA/device: Return error earlier if port in not valid (git-fixes) * RDMA/hns: Check atomic wr length (git-fixes) * RDMA/hns: Fix insufficient extend DB for VFs. (git-fixes) * RDMA/hns: Fix mbx timing out before CMD execution is completed (git-fixes) * RDMA/hns: Fix missing pagesize and alignment check in FRMR (git-fixes) * RDMA/hns: Fix shift-out-bounds when max_inline_data is 0 (git-fixes) * RDMA/hns: Fix soft lockup under heavy CEQE load (git-fixes) * RDMA/hns: Fix undifined behavior caused by invalid max_sge (git-fixes) * RDMA/hns: Fix unmatch exception handling when init eq table fails (git- fixes) * RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (git-fixes) * RDMA/mana_ib: Use virtual address in dma regions for MRs (git-fixes). * RDMA/mlx4: Fix truncated output warning in alias_GUID.c (git-fixes) * RDMA/mlx4: Fix truncated output warning in mad.c (git-fixes) * RDMA/mlx5: Set mkeys for dmabuf at PAGE_SIZE (git-fixes) * RDMA/rxe: Do not set BTH_ACK_MASK for UC or UD QPs (git-fixes) * reiserfs: fix uninit-value in comp_keys (git-fixes). * rtc: nct3018y: fix possible NULL dereference (stable-fixes). * s390/cpum_cf: Fix endless loop in CF_DIAG event stop (git-fixes bsc#1229171). * s390/dasd: fix error checks in dasd_copy_pair_store() (git-fixes bsc#1229173). * s390/dasd: fix error recovery leading to data corruption on ESE devices (git-fixes bsc#1229452). * s390/pci: Add missing virt_to_phys() for directed DIBV (git-fixes bsc#1229174). * s390/pci: Allow allocation of more than 1 MSI interrupt (git-fixes bsc#1229172). * s390/pci: Refactor arch_setup_msi_irqs() (git-fixes bsc#1229172). * s390/pkey: harmonize pkey s390 debug feature calls (bsc#1228720). * s390/pkey: introduce dynamic debugging for pkey (bsc#1228720). * s390/sclp: Prevent release of buffer in I/O (git-fixes bsc#1229169). * s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229170). * samples/bpf: syscall_tp_user: Fix array out-of-bound access (git-fixes). * samples/bpf: syscall_tp_user: Rename num_progs into nr_tests (git-fixes). * sbitmap: use READ_ONCE to access map->word (stable-fixes). * scsi: lpfc: Allow DEVICE_RECOVERY mode after RSCN receipt if in PRLI_ISSUE state (bsc#1228857). * scsi: lpfc: Cancel ELS WQE instead of issuing abort when SLI port is inactive (bsc#1228857). * scsi: lpfc: Fix handling of fully recovered fabric node in dev_loss callbk (bsc#1228857). * scsi: lpfc: Fix incorrect request len mbox field when setting trunking via sysfs (bsc#1228857). * scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (bsc#1228857). * scsi: lpfc: Relax PRLI issue conditions after GID_FT response (bsc#1228857). * scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages (bsc#1228857). * scsi: lpfc: Update lpfc version to 14.4.0.3 (bsc#1228857). * scsi: qla2xxx: Avoid possible run-time warning with long model_num (bsc#1228850). * scsi: qla2xxx: Complete command early within lock (bsc#1228850). * scsi: qla2xxx: Convert comma to semicolon (bsc#1228850). * scsi: qla2xxx: Drop driver owner assignment (bsc#1228850). * scsi: qla2xxx: During vport delete send async logout explicitly (bsc#1228850). * scsi: qla2xxx: Fix debugfs output for fw_resource_count (bsc#1228850). * scsi: qla2xxx: Fix flash read failure (bsc#1228850). * scsi: qla2xxx: Fix for possible memory corruption (bsc#1228850). * scsi: qla2xxx: Fix optrom version displayed in FDMI (bsc#1228850). * scsi: qla2xxx: Indent help text (bsc#1228850). * scsi: qla2xxx: Reduce fabric scan duplicate code (bsc#1228850). * scsi: qla2xxx: Remove unused struct 'scsi_dif_tuple' (bsc#1228850). * scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (bsc#1228850). * scsi: qla2xxx: Unable to act on RSCN for port online (bsc#1228850). * scsi: qla2xxx: Update version to 10.02.09.300-k (bsc#1228850). * scsi: qla2xxx: Use QP lock to search for bsg (bsc#1228850). * scsi: qla2xxx: validate nvme_local_port correctly (bsc#1228850). * selftest/bpf: Add map_in_maps with BPF_MAP_TYPE_PERF_EVENT_ARRAY values (git-fixes). * selftests/bpf: Add a test to verify previous stacksafe() fix (bsc#1225903). * selftests/bpf: Add assert for user stacks in test_task_stack (git-fixes). * selftests/bpf: Add netkit to tc_redirect selftest (git-fixes). * selftests/bpf: De-veth-ize the tc_redirect test case (git-fixes). * selftests/bpf: Disable IPv6 for lwt_redirect test (git-fixes). * selftests/bpf: fix bpf_loop_bench for new callback verification scheme (git- fixes). * selftests/bpf: fix compiler warnings in RELEASE=1 mode (git-fixes). * selftests/bpf: Fix erroneous bitmask operation (git-fixes). * selftests/bpf: Fix issues in setup_classid_environment() (git-fixes). * selftests/bpf: Fix potential premature unload in bpf_testmod (git-fixes). * selftests/bpf: Fix pyperf180 compilation failure with clang18 (git-fixes). * selftests/bpf: fix RELEASE=1 build for tc_opts (git-fixes). * selftests/bpf: Fix the flaky tc_redirect_dtime test (git-fixes). * selftests/bpf: Fix up xdp bonding test wrt feature flags (git-fixes). * selftests/bpf: Make linked_list failure test more robust (git-fixes). * selftests/bpf: Relax time_tai test for equal timestamps in tai_forward (git- fixes). * selftests/bpf: satisfy compiler by having explicit return in btf test (git- fixes). * selftests/bpf: Skip module_fentry_shadow test when bpf_testmod is not available (git-fixes). * selftests/bpf: Wait for the netstamp_needed_key static key to be turned on (git-fixes). * serial: core: check uartclk for zero to avoid divide by zero (stable-fixes). * soc: qcom: cmd-db: Map shared memory as WC, not WB (git-fixes). * soc: qcom: pmic_glink: Actually communicate when remote goes down (git- fixes). * soundwire: stream: fix programming slave ports for non-continous port maps (git-fixes). * spi: Add empty versions of ACPI functions (stable-fixes). * spi: microchip-core: fix init function not setting the master and motorola modes (git-fixes). * spi: microchip-core: switch to use modern name (stable-fixes). * spi: spi-fsl-lpspi: Fix scldiv calculation (git-fixes). * spi: spidev: Add missing spi_device_id for bh2228fv (git-fixes). * Squashfs: fix variable overflow triggered by sysbot (git-fixes). * squashfs: squashfs_read_data need to check if the length is 0 (git-fixes). * ssb: Fix division by zero issue in ssb_calc_clock_rate (stable-fixes). * staging: iio: resolver: ad2s1210: fix use before initialization (stable- fixes). * staging: ks7010: disable bh on tx_dev_lock (stable-fixes). * string.h: Introduce memtostr() and memtostr_pad() (bsc#1228849). * SUNRPC: add a missing rpc_stat for TCP TLS (git-fixes). * sunrpc: add a struct rpc_stats arg to rpc_create_args (git-fixes). * SUNRPC: Fix a race to wake a sync task (git-fixes). * swiotlb: do not set total_used to 0 in swiotlb_create_debugfs_files() (git- fixes). * swiotlb: fix swiotlb_bounce() to do partial sync's correctly (git-fixes). * syscalls: fix compat_sys_io_pgetevents_time64 usage (git-fixes). * thermal: bcm2835: Convert to platform remove callback returning void (stable-fixes). * thermal/drivers/broadcom: Fix race between removal and clock disable (git- fixes). * thunderbolt: Mark XDomain as unplugged when router is removed (stable- fixes). * tools/perf: Fix perf bench epoll to enable the run when some CPU's are offline (bsc#1227747). * tools/perf: Fix perf bench futex to enable the run when some CPU's are offline (bsc#1227747). * tools/perf: Fix timing issue with parallel threads in perf bench wake-up- parallel (bsc#1227747). * tools/resolve_btfids: fix build with musl libc (git-fixes). * tools/resolve_btfids: Fix comparison of distinct pointer types warning in resolve_btfids (git-fixes). * tools/resolve_btfids: Fix cross-compilation to non-host endianness (git- fixes). * tools/resolve_btfids: Refactor set sorting with types from btf_ids.h (git- fixes). * trace/pid_list: Change gfp flags in pid_list_fill_irq() (git-fixes). * tracing: Return from tracing_buffers_read() if the file has been closed (bsc#1229136 git-fixes). * tty: atmel_serial: use the correct RTS flag (git-fixes). * tty: serial: fsl_lpuart: mark last busy before uart_add_one_port (git- fixes). * usb: cdnsp: fix for Link TRB with TC (git-fixes). * usb: cdnsp: fix incorrect index in cdnsp_get_hw_deq function (git-fixes). * usb: core: sysfs: Unmerge @usb3_hardware_lpm_attr_group in remove_power_attributes() (git-fixes). * usb: dwc3: core: Skip setting event buffers for host only controllers (stable-fixes). * usb: dwc3: omap: add missing depopulate in probe error path (git-fixes). * usb: dwc3: st: add missing depopulate in probe error path (git-fixes). * usb: dwc3: st: fix probed platform device ref count on probe error path (git-fixes). * usb: gadget: core: Check for unset descriptor (git-fixes). * usb: gadget: fsl: Increase size of name buffer for endpoints (stable-fixes). * usb: gadget: u_audio: Check return codes from usb_ep_enable and config_ep_by_speed (git-fixes). * usb: gadget: u_serial: Set start_delayed during suspend (git-fixes). * usb: gadget: uvc: cleanup request when not in correct state (stable-fixes). * USB: serial: debug: do not echo input by default (stable-fixes). * usb: typec: fsa4480: add support for Audio Accessory Mode (git-fixes). * usb: typec: fsa4480: Add support to swap SBU orientation (git-fixes). * usb: typec: fsa4480: Check if the chip is really there (git-fixes). * usb: typec: fsa4480: Relax CHIP_ID check (git-fixes). * usb: typec: fsa4480: rework mux & switch setup to handle more states (git- fixes). * usb: vhci-hcd: Do not drop references before new references are gained (stable-fixes). * vfio/pci: fix potential memory leak in vfio_intx_enable() (git-fixes). * vhost-scsi: Handle vhost_vq_work_queue failures for events (git-fixes). * vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler (git-fixes). * vhost: Release worker mutex during flushes (git-fixes). * vhost: Use virtqueue mutex for swapping worker (git-fixes). * vhost/vsock: always initialize seqpacket_allow (git-fixes). * virt: guest_memfd: fix reference leak on hwpoisoned page (git-fixes). * virtio_net: use u64_stats_t infra to avoid data-races (git-fixes). * virtio-crypto: handle config changed by work queue (git-fixes). * virtio: reenable config if freezing device failed (git-fixes). * virtiofs: forbid newlines in tags (bsc#1229940). * wifi: ath12k: fix memory leak in ath12k_dp_rx_peer_frag_setup() (stable- fixes). * wifi: ath12k: fix soft lockup on suspend (git-fixes). * wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion (git-fixes). * wifi: cfg80211: fix reporting failed MLO links status with cfg80211_connect_done (git-fixes). * wifi: iwlwifi: fw: fix wgds rev 3 exact size (git-fixes). * wifi: mac80211: use monitor sdata with driver only if desired (git-fixes). * wifi: mwifiex: duplicate static structs used in driver instances (git- fixes). * wifi: nl80211: disallow setting special AP channel widths (stable-fixes). * wifi: nl80211: do not give key data to userspace (stable-fixes). * wifi: rtw88: usb: Fix disconnection after beacon loss (stable-fixes). * wifi: wfx: repair open network AP mode (git-fixes). * workqueue: Improve scalability of workqueue watchdog touch (bsc#1193454). * workqueue: wq_watchdog_touch is always called with valid CPU (bsc#1193454). * x86/asm: Use %c/%n instead of %P operand modifier in asm templates (git- fixes). * x86/entry/64: Remove obsolete comment on tracing vs. SYSRET (git-fixes). * x86/mm: Fix pti_clone_entry_text() for i386 (git-fixes). * x86/mm: Fix pti_clone_pgtable() alignment assumption (git-fixes). * x86/mtrr: Check if fixed MTRRs exist before saving them (git-fixes). * x86/numa: Fix SRAT lookup of CFMWS ranges with numa_fill_memblks() (git- fixes). * x86/numa: Fix the address overlap check in numa_fill_memblks() (git-fixes). * x86/numa: Fix the sort compare func used in numa_fill_memblks() (git-fixes). * x86/numa: Introduce numa_fill_memblks() (git-fixes). * x86/pci: Skip early E820 check for ECAM region (git-fixes). * x86/xen: Convert comma to semicolon (git-fixes). * xfs: allow cross-linking special files without project quota (git-fixes). * xfs: allow symlinks with short remote targets (bsc#1229160). * xfs: allow unlinked symlinks and dirs with zero size (git-fixes). * xfs: attr forks require attr, not attr2 (git-fixes). * xfs: convert comma to semicolon (git-fixes). * xfs: do not use current->journal_info (git-fixes). * xfs: Fix missing interval for missing_owner in xfs fsmap (git-fixes). * xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes). * xfs: fix unlink vs cluster buffer instantiation race (git-fixes). * xfs: honor init_xattrs in xfs_init_new_inode for !ATTR fs (git-fixes). * xfs: journal geometry is not properly bounds checked (git-fixes). * xfs: match lock mode in xfs_buffered_write_iomap_begin() (git-fixes). * xfs: require XFS_SB_FEAT_INCOMPAT_LOG_XATTRS for attr log intent item recovery (git-fixes). * xfs: upgrade the extent counters in xfs_reflink_end_cow_extent later (git- fixes). * xfs: use consistent uid/gid when grabbing dquots for inodes (git-fixes). * xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code (git-fixes). * xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration (git-fixes). * xprtrdma: Fix rpcrdma_reqs_reset() (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3194=1 openSUSE-SLE-15.6-2024-3194=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-3194=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64) * ocfs2-kmp-azure-debuginfo-6.4.0-150600.8.11.1 * kernel-azure-devel-debuginfo-6.4.0-150600.8.11.1 * kernel-azure-debuginfo-6.4.0-150600.8.11.1 * kernel-azure-optional-debuginfo-6.4.0-150600.8.11.1 * dlm-kmp-azure-6.4.0-150600.8.11.1 * ocfs2-kmp-azure-6.4.0-150600.8.11.1 * kernel-azure-devel-6.4.0-150600.8.11.1 * reiserfs-kmp-azure-debuginfo-6.4.0-150600.8.11.1 * gfs2-kmp-azure-debuginfo-6.4.0-150600.8.11.1 * dlm-kmp-azure-debuginfo-6.4.0-150600.8.11.1 * kernel-azure-livepatch-devel-6.4.0-150600.8.11.1 * kernel-azure-debugsource-6.4.0-150600.8.11.1 * kernel-azure-extra-debuginfo-6.4.0-150600.8.11.1 * gfs2-kmp-azure-6.4.0-150600.8.11.1 * kselftests-kmp-azure-debuginfo-6.4.0-150600.8.11.1 * cluster-md-kmp-azure-6.4.0-150600.8.11.1 * kernel-azure-extra-6.4.0-150600.8.11.1 * kernel-azure-optional-6.4.0-150600.8.11.1 * kernel-syms-azure-6.4.0-150600.8.11.1 * reiserfs-kmp-azure-6.4.0-150600.8.11.1 * kselftests-kmp-azure-6.4.0-150600.8.11.1 * cluster-md-kmp-azure-debuginfo-6.4.0-150600.8.11.1 * openSUSE Leap 15.6 (aarch64 nosrc x86_64) * kernel-azure-6.4.0-150600.8.11.1 * openSUSE Leap 15.6 (x86_64) * kernel-azure-vdso-6.4.0-150600.8.11.1 * kernel-azure-vdso-debuginfo-6.4.0-150600.8.11.1 * openSUSE Leap 15.6 (noarch) * kernel-source-azure-6.4.0-150600.8.11.1 * kernel-devel-azure-6.4.0-150600.8.11.1 * Public Cloud Module 15-SP6 (aarch64 nosrc x86_64) * kernel-azure-6.4.0-150600.8.11.1 * Public Cloud Module 15-SP6 (aarch64 x86_64) * kernel-azure-debugsource-6.4.0-150600.8.11.1 * kernel-azure-devel-debuginfo-6.4.0-150600.8.11.1 * kernel-azure-devel-6.4.0-150600.8.11.1 * kernel-azure-debuginfo-6.4.0-150600.8.11.1 * kernel-syms-azure-6.4.0-150600.8.11.1 * Public Cloud Module 15-SP6 (noarch) * kernel-source-azure-6.4.0-150600.8.11.1 * kernel-devel-azure-6.4.0-150600.8.11.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52489.html * https://www.suse.com/security/cve/CVE-2023-52581.html * https://www.suse.com/security/cve/CVE-2023-52668.html * https://www.suse.com/security/cve/CVE-2023-52688.html * https://www.suse.com/security/cve/CVE-2023-52735.html * https://www.suse.com/security/cve/CVE-2023-52859.html * https://www.suse.com/security/cve/CVE-2023-52885.html * https://www.suse.com/security/cve/CVE-2023-52886.html * https://www.suse.com/security/cve/CVE-2023-52887.html * https://www.suse.com/security/cve/CVE-2023-52889.html * https://www.suse.com/security/cve/CVE-2024-26590.html * https://www.suse.com/security/cve/CVE-2024-26631.html * https://www.suse.com/security/cve/CVE-2024-26637.html * https://www.suse.com/security/cve/CVE-2024-26668.html * https://www.suse.com/security/cve/CVE-2024-26669.html * https://www.suse.com/security/cve/CVE-2024-26677.html * https://www.suse.com/security/cve/CVE-2024-26682.html * https://www.suse.com/security/cve/CVE-2024-26683.html * https://www.suse.com/security/cve/CVE-2024-26691.html * https://www.suse.com/security/cve/CVE-2024-26735.html * https://www.suse.com/security/cve/CVE-2024-26808.html * https://www.suse.com/security/cve/CVE-2024-26809.html * https://www.suse.com/security/cve/CVE-2024-26812.html * https://www.suse.com/security/cve/CVE-2024-26835.html * https://www.suse.com/security/cve/CVE-2024-26837.html * https://www.suse.com/security/cve/CVE-2024-26849.html * https://www.suse.com/security/cve/CVE-2024-26851.html * https://www.suse.com/security/cve/CVE-2024-26889.html * https://www.suse.com/security/cve/CVE-2024-26920.html * https://www.suse.com/security/cve/CVE-2024-26944.html * https://www.suse.com/security/cve/CVE-2024-26976.html * https://www.suse.com/security/cve/CVE-2024-27010.html * https://www.suse.com/security/cve/CVE-2024-27011.html * https://www.suse.com/security/cve/CVE-2024-27024.html * https://www.suse.com/security/cve/CVE-2024-27049.html * https://www.suse.com/security/cve/CVE-2024-27050.html * https://www.suse.com/security/cve/CVE-2024-27079.html * https://www.suse.com/security/cve/CVE-2024-27403.html * https://www.suse.com/security/cve/CVE-2024-27433.html * https://www.suse.com/security/cve/CVE-2024-27437.html * https://www.suse.com/security/cve/CVE-2024-31076.html * https://www.suse.com/security/cve/CVE-2024-35854.html * https://www.suse.com/security/cve/CVE-2024-35855.html * https://www.suse.com/security/cve/CVE-2024-35897.html * https://www.suse.com/security/cve/CVE-2024-35902.html * https://www.suse.com/security/cve/CVE-2024-35913.html * https://www.suse.com/security/cve/CVE-2024-35939.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-36270.html * https://www.suse.com/security/cve/CVE-2024-36286.html * https://www.suse.com/security/cve/CVE-2024-36288.html * https://www.suse.com/security/cve/CVE-2024-36489.html * https://www.suse.com/security/cve/CVE-2024-36881.html * https://www.suse.com/security/cve/CVE-2024-36907.html * https://www.suse.com/security/cve/CVE-2024-36909.html * https://www.suse.com/security/cve/CVE-2024-36910.html * https://www.suse.com/security/cve/CVE-2024-36911.html * https://www.suse.com/security/cve/CVE-2024-36929.html * https://www.suse.com/security/cve/CVE-2024-36933.html * https://www.suse.com/security/cve/CVE-2024-36939.html * https://www.suse.com/security/cve/CVE-2024-36970.html * https://www.suse.com/security/cve/CVE-2024-36979.html * https://www.suse.com/security/cve/CVE-2024-38548.html * https://www.suse.com/security/cve/CVE-2024-38563.html * https://www.suse.com/security/cve/CVE-2024-38609.html * https://www.suse.com/security/cve/CVE-2024-38662.html * https://www.suse.com/security/cve/CVE-2024-39476.html * https://www.suse.com/security/cve/CVE-2024-39483.html * https://www.suse.com/security/cve/CVE-2024-39484.html * https://www.suse.com/security/cve/CVE-2024-39486.html * https://www.suse.com/security/cve/CVE-2024-39488.html * https://www.suse.com/security/cve/CVE-2024-39489.html * https://www.suse.com/security/cve/CVE-2024-39491.html * https://www.suse.com/security/cve/CVE-2024-39493.html * https://www.suse.com/security/cve/CVE-2024-39497.html * https://www.suse.com/security/cve/CVE-2024-39499.html * https://www.suse.com/security/cve/CVE-2024-39500.html * https://www.suse.com/security/cve/CVE-2024-39501.html * https://www.suse.com/security/cve/CVE-2024-39505.html * https://www.suse.com/security/cve/CVE-2024-39506.html * https://www.suse.com/security/cve/CVE-2024-39508.html * https://www.suse.com/security/cve/CVE-2024-39509.html * https://www.suse.com/security/cve/CVE-2024-39510.html * https://www.suse.com/security/cve/CVE-2024-40899.html * https://www.suse.com/security/cve/CVE-2024-40900.html * https://www.suse.com/security/cve/CVE-2024-40902.html * https://www.suse.com/security/cve/CVE-2024-40903.html * https://www.suse.com/security/cve/CVE-2024-40904.html * https://www.suse.com/security/cve/CVE-2024-40905.html * https://www.suse.com/security/cve/CVE-2024-40909.html * https://www.suse.com/security/cve/CVE-2024-40910.html * https://www.suse.com/security/cve/CVE-2024-40911.html * https://www.suse.com/security/cve/CVE-2024-40912.html * https://www.suse.com/security/cve/CVE-2024-40913.html * https://www.suse.com/security/cve/CVE-2024-40916.html * https://www.suse.com/security/cve/CVE-2024-40920.html * https://www.suse.com/security/cve/CVE-2024-40921.html * https://www.suse.com/security/cve/CVE-2024-40922.html * https://www.suse.com/security/cve/CVE-2024-40924.html * https://www.suse.com/security/cve/CVE-2024-40926.html * https://www.suse.com/security/cve/CVE-2024-40927.html * https://www.suse.com/security/cve/CVE-2024-40929.html * https://www.suse.com/security/cve/CVE-2024-40930.html * https://www.suse.com/security/cve/CVE-2024-40932.html * https://www.suse.com/security/cve/CVE-2024-40934.html * https://www.suse.com/security/cve/CVE-2024-40936.html * https://www.suse.com/security/cve/CVE-2024-40938.html * https://www.suse.com/security/cve/CVE-2024-40939.html * https://www.suse.com/security/cve/CVE-2024-40941.html * https://www.suse.com/security/cve/CVE-2024-40942.html * https://www.suse.com/security/cve/CVE-2024-40943.html * https://www.suse.com/security/cve/CVE-2024-40944.html * https://www.suse.com/security/cve/CVE-2024-40945.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-40956.html * https://www.suse.com/security/cve/CVE-2024-40957.html * https://www.suse.com/security/cve/CVE-2024-40958.html * https://www.suse.com/security/cve/CVE-2024-40959.html * https://www.suse.com/security/cve/CVE-2024-40962.html * https://www.suse.com/security/cve/CVE-2024-40964.html * https://www.suse.com/security/cve/CVE-2024-40967.html * https://www.suse.com/security/cve/CVE-2024-40976.html * https://www.suse.com/security/cve/CVE-2024-40977.html * https://www.suse.com/security/cve/CVE-2024-40978.html * https://www.suse.com/security/cve/CVE-2024-40981.html * https://www.suse.com/security/cve/CVE-2024-40982.html * https://www.suse.com/security/cve/CVE-2024-40984.html * https://www.suse.com/security/cve/CVE-2024-40987.html * https://www.suse.com/security/cve/CVE-2024-40988.html * https://www.suse.com/security/cve/CVE-2024-40989.html * https://www.suse.com/security/cve/CVE-2024-40990.html * https://www.suse.com/security/cve/CVE-2024-40992.html * https://www.suse.com/security/cve/CVE-2024-40994.html * https://www.suse.com/security/cve/CVE-2024-40995.html * https://www.suse.com/security/cve/CVE-2024-40997.html * https://www.suse.com/security/cve/CVE-2024-41000.html * https://www.suse.com/security/cve/CVE-2024-41001.html * https://www.suse.com/security/cve/CVE-2024-41002.html * https://www.suse.com/security/cve/CVE-2024-41004.html * https://www.suse.com/security/cve/CVE-2024-41007.html * https://www.suse.com/security/cve/CVE-2024-41009.html * https://www.suse.com/security/cve/CVE-2024-41010.html * https://www.suse.com/security/cve/CVE-2024-41011.html * https://www.suse.com/security/cve/CVE-2024-41012.html * https://www.suse.com/security/cve/CVE-2024-41015.html * https://www.suse.com/security/cve/CVE-2024-41016.html * https://www.suse.com/security/cve/CVE-2024-41020.html * https://www.suse.com/security/cve/CVE-2024-41022.html * https://www.suse.com/security/cve/CVE-2024-41024.html * https://www.suse.com/security/cve/CVE-2024-41025.html * https://www.suse.com/security/cve/CVE-2024-41028.html * https://www.suse.com/security/cve/CVE-2024-41032.html * https://www.suse.com/security/cve/CVE-2024-41035.html * https://www.suse.com/security/cve/CVE-2024-41036.html * https://www.suse.com/security/cve/CVE-2024-41037.html * https://www.suse.com/security/cve/CVE-2024-41038.html * https://www.suse.com/security/cve/CVE-2024-41039.html * https://www.suse.com/security/cve/CVE-2024-41040.html * https://www.suse.com/security/cve/CVE-2024-41041.html * https://www.suse.com/security/cve/CVE-2024-41044.html * https://www.suse.com/security/cve/CVE-2024-41045.html * https://www.suse.com/security/cve/CVE-2024-41048.html * https://www.suse.com/security/cve/CVE-2024-41049.html * https://www.suse.com/security/cve/CVE-2024-41050.html * https://www.suse.com/security/cve/CVE-2024-41051.html * https://www.suse.com/security/cve/CVE-2024-41056.html * https://www.suse.com/security/cve/CVE-2024-41057.html * https://www.suse.com/security/cve/CVE-2024-41058.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-41060.html * https://www.suse.com/security/cve/CVE-2024-41061.html * https://www.suse.com/security/cve/CVE-2024-41062.html * https://www.suse.com/security/cve/CVE-2024-41063.html * https://www.suse.com/security/cve/CVE-2024-41064.html * https://www.suse.com/security/cve/CVE-2024-41065.html * https://www.suse.com/security/cve/CVE-2024-41066.html * https://www.suse.com/security/cve/CVE-2024-41068.html * https://www.suse.com/security/cve/CVE-2024-41069.html * https://www.suse.com/security/cve/CVE-2024-41070.html * https://www.suse.com/security/cve/CVE-2024-41071.html * https://www.suse.com/security/cve/CVE-2024-41072.html * https://www.suse.com/security/cve/CVE-2024-41073.html * https://www.suse.com/security/cve/CVE-2024-41074.html * https://www.suse.com/security/cve/CVE-2024-41075.html * https://www.suse.com/security/cve/CVE-2024-41076.html * https://www.suse.com/security/cve/CVE-2024-41078.html * https://www.suse.com/security/cve/CVE-2024-41079.html * https://www.suse.com/security/cve/CVE-2024-41080.html * https://www.suse.com/security/cve/CVE-2024-41081.html * https://www.suse.com/security/cve/CVE-2024-41084.html * https://www.suse.com/security/cve/CVE-2024-41087.html * https://www.suse.com/security/cve/CVE-2024-41088.html * https://www.suse.com/security/cve/CVE-2024-41089.html * https://www.suse.com/security/cve/CVE-2024-41092.html * https://www.suse.com/security/cve/CVE-2024-41093.html * https://www.suse.com/security/cve/CVE-2024-41094.html * https://www.suse.com/security/cve/CVE-2024-41095.html * https://www.suse.com/security/cve/CVE-2024-41096.html * https://www.suse.com/security/cve/CVE-2024-41097.html * https://www.suse.com/security/cve/CVE-2024-41098.html * https://www.suse.com/security/cve/CVE-2024-42064.html * https://www.suse.com/security/cve/CVE-2024-42069.html * https://www.suse.com/security/cve/CVE-2024-42070.html * https://www.suse.com/security/cve/CVE-2024-42073.html * https://www.suse.com/security/cve/CVE-2024-42074.html * https://www.suse.com/security/cve/CVE-2024-42076.html * https://www.suse.com/security/cve/CVE-2024-42077.html * https://www.suse.com/security/cve/CVE-2024-42079.html * https://www.suse.com/security/cve/CVE-2024-42080.html * https://www.suse.com/security/cve/CVE-2024-42082.html * https://www.suse.com/security/cve/CVE-2024-42085.html * https://www.suse.com/security/cve/CVE-2024-42086.html * https://www.suse.com/security/cve/CVE-2024-42087.html * https://www.suse.com/security/cve/CVE-2024-42089.html * https://www.suse.com/security/cve/CVE-2024-42090.html * https://www.suse.com/security/cve/CVE-2024-42092.html * https://www.suse.com/security/cve/CVE-2024-42093.html * https://www.suse.com/security/cve/CVE-2024-42095.html * https://www.suse.com/security/cve/CVE-2024-42096.html * https://www.suse.com/security/cve/CVE-2024-42097.html * https://www.suse.com/security/cve/CVE-2024-42098.html * https://www.suse.com/security/cve/CVE-2024-42101.html * https://www.suse.com/security/cve/CVE-2024-42104.html * https://www.suse.com/security/cve/CVE-2024-42105.html * https://www.suse.com/security/cve/CVE-2024-42106.html * https://www.suse.com/security/cve/CVE-2024-42107.html * https://www.suse.com/security/cve/CVE-2024-42109.html * https://www.suse.com/security/cve/CVE-2024-42110.html * https://www.suse.com/security/cve/CVE-2024-42113.html * https://www.suse.com/security/cve/CVE-2024-42114.html * https://www.suse.com/security/cve/CVE-2024-42115.html * https://www.suse.com/security/cve/CVE-2024-42117.html * https://www.suse.com/security/cve/CVE-2024-42119.html * https://www.suse.com/security/cve/CVE-2024-42120.html * https://www.suse.com/security/cve/CVE-2024-42121.html * https://www.suse.com/security/cve/CVE-2024-42122.html * https://www.suse.com/security/cve/CVE-2024-42124.html * https://www.suse.com/security/cve/CVE-2024-42125.html * https://www.suse.com/security/cve/CVE-2024-42126.html * https://www.suse.com/security/cve/CVE-2024-42127.html * https://www.suse.com/security/cve/CVE-2024-42130.html * https://www.suse.com/security/cve/CVE-2024-42131.html * https://www.suse.com/security/cve/CVE-2024-42132.html * https://www.suse.com/security/cve/CVE-2024-42133.html * https://www.suse.com/security/cve/CVE-2024-42136.html * https://www.suse.com/security/cve/CVE-2024-42137.html * https://www.suse.com/security/cve/CVE-2024-42138.html * https://www.suse.com/security/cve/CVE-2024-42139.html * https://www.suse.com/security/cve/CVE-2024-42141.html * https://www.suse.com/security/cve/CVE-2024-42142.html * https://www.suse.com/security/cve/CVE-2024-42143.html * https://www.suse.com/security/cve/CVE-2024-42144.html * https://www.suse.com/security/cve/CVE-2024-42145.html * https://www.suse.com/security/cve/CVE-2024-42147.html * https://www.suse.com/security/cve/CVE-2024-42148.html * https://www.suse.com/security/cve/CVE-2024-42152.html * https://www.suse.com/security/cve/CVE-2024-42153.html * https://www.suse.com/security/cve/CVE-2024-42155.html * https://www.suse.com/security/cve/CVE-2024-42156.html * https://www.suse.com/security/cve/CVE-2024-42157.html * https://www.suse.com/security/cve/CVE-2024-42158.html * https://www.suse.com/security/cve/CVE-2024-42159.html * https://www.suse.com/security/cve/CVE-2024-42161.html * https://www.suse.com/security/cve/CVE-2024-42162.html * https://www.suse.com/security/cve/CVE-2024-42223.html * https://www.suse.com/security/cve/CVE-2024-42224.html * https://www.suse.com/security/cve/CVE-2024-42225.html * https://www.suse.com/security/cve/CVE-2024-42226.html * https://www.suse.com/security/cve/CVE-2024-42227.html * https://www.suse.com/security/cve/CVE-2024-42228.html * https://www.suse.com/security/cve/CVE-2024-42229.html * https://www.suse.com/security/cve/CVE-2024-42230.html * https://www.suse.com/security/cve/CVE-2024-42232.html * https://www.suse.com/security/cve/CVE-2024-42236.html * https://www.suse.com/security/cve/CVE-2024-42237.html * https://www.suse.com/security/cve/CVE-2024-42238.html * https://www.suse.com/security/cve/CVE-2024-42239.html * https://www.suse.com/security/cve/CVE-2024-42240.html * https://www.suse.com/security/cve/CVE-2024-42241.html * https://www.suse.com/security/cve/CVE-2024-42244.html * https://www.suse.com/security/cve/CVE-2024-42245.html * https://www.suse.com/security/cve/CVE-2024-42246.html * https://www.suse.com/security/cve/CVE-2024-42247.html * https://www.suse.com/security/cve/CVE-2024-42250.html * https://www.suse.com/security/cve/CVE-2024-42253.html * https://www.suse.com/security/cve/CVE-2024-42259.html * https://www.suse.com/security/cve/CVE-2024-42268.html * https://www.suse.com/security/cve/CVE-2024-42269.html * https://www.suse.com/security/cve/CVE-2024-42270.html * https://www.suse.com/security/cve/CVE-2024-42271.html * https://www.suse.com/security/cve/CVE-2024-42274.html * https://www.suse.com/security/cve/CVE-2024-42276.html * https://www.suse.com/security/cve/CVE-2024-42277.html * https://www.suse.com/security/cve/CVE-2024-42278.html * https://www.suse.com/security/cve/CVE-2024-42279.html * https://www.suse.com/security/cve/CVE-2024-42280.html * https://www.suse.com/security/cve/CVE-2024-42281.html * https://www.suse.com/security/cve/CVE-2024-42283.html * https://www.suse.com/security/cve/CVE-2024-42284.html * https://www.suse.com/security/cve/CVE-2024-42285.html * https://www.suse.com/security/cve/CVE-2024-42286.html * https://www.suse.com/security/cve/CVE-2024-42287.html * https://www.suse.com/security/cve/CVE-2024-42288.html * https://www.suse.com/security/cve/CVE-2024-42289.html * https://www.suse.com/security/cve/CVE-2024-42290.html * https://www.suse.com/security/cve/CVE-2024-42291.html * https://www.suse.com/security/cve/CVE-2024-42292.html * https://www.suse.com/security/cve/CVE-2024-42295.html * https://www.suse.com/security/cve/CVE-2024-42298.html * https://www.suse.com/security/cve/CVE-2024-42301.html * https://www.suse.com/security/cve/CVE-2024-42302.html * https://www.suse.com/security/cve/CVE-2024-42303.html * https://www.suse.com/security/cve/CVE-2024-42308.html * https://www.suse.com/security/cve/CVE-2024-42309.html * https://www.suse.com/security/cve/CVE-2024-42310.html * https://www.suse.com/security/cve/CVE-2024-42311.html * https://www.suse.com/security/cve/CVE-2024-42312.html * https://www.suse.com/security/cve/CVE-2024-42313.html * https://www.suse.com/security/cve/CVE-2024-42314.html * https://www.suse.com/security/cve/CVE-2024-42315.html * https://www.suse.com/security/cve/CVE-2024-42316.html * https://www.suse.com/security/cve/CVE-2024-42318.html * https://www.suse.com/security/cve/CVE-2024-42319.html * https://www.suse.com/security/cve/CVE-2024-42320.html * https://www.suse.com/security/cve/CVE-2024-42322.html * https://www.suse.com/security/cve/CVE-2024-43816.html * https://www.suse.com/security/cve/CVE-2024-43817.html * https://www.suse.com/security/cve/CVE-2024-43818.html * https://www.suse.com/security/cve/CVE-2024-43819.html * https://www.suse.com/security/cve/CVE-2024-43821.html * https://www.suse.com/security/cve/CVE-2024-43823.html * https://www.suse.com/security/cve/CVE-2024-43824.html * https://www.suse.com/security/cve/CVE-2024-43825.html * https://www.suse.com/security/cve/CVE-2024-43826.html * https://www.suse.com/security/cve/CVE-2024-43829.html * https://www.suse.com/security/cve/CVE-2024-43830.html * https://www.suse.com/security/cve/CVE-2024-43831.html * https://www.suse.com/security/cve/CVE-2024-43833.html * https://www.suse.com/security/cve/CVE-2024-43834.html * https://www.suse.com/security/cve/CVE-2024-43837.html * https://www.suse.com/security/cve/CVE-2024-43839.html * https://www.suse.com/security/cve/CVE-2024-43840.html * https://www.suse.com/security/cve/CVE-2024-43841.html * https://www.suse.com/security/cve/CVE-2024-43842.html * https://www.suse.com/security/cve/CVE-2024-43846.html * https://www.suse.com/security/cve/CVE-2024-43847.html * https://www.suse.com/security/cve/CVE-2024-43849.html * https://www.suse.com/security/cve/CVE-2024-43850.html * https://www.suse.com/security/cve/CVE-2024-43851.html * https://www.suse.com/security/cve/CVE-2024-43853.html * https://www.suse.com/security/cve/CVE-2024-43854.html * https://www.suse.com/security/cve/CVE-2024-43855.html * https://www.suse.com/security/cve/CVE-2024-43856.html * https://www.suse.com/security/cve/CVE-2024-43858.html * https://www.suse.com/security/cve/CVE-2024-43860.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-43863.html * https://www.suse.com/security/cve/CVE-2024-43864.html * https://www.suse.com/security/cve/CVE-2024-43866.html * https://www.suse.com/security/cve/CVE-2024-43867.html * https://www.suse.com/security/cve/CVE-2024-43871.html * https://www.suse.com/security/cve/CVE-2024-43872.html * https://www.suse.com/security/cve/CVE-2024-43873.html * https://www.suse.com/security/cve/CVE-2024-43874.html * https://www.suse.com/security/cve/CVE-2024-43875.html * https://www.suse.com/security/cve/CVE-2024-43876.html * https://www.suse.com/security/cve/CVE-2024-43877.html * https://www.suse.com/security/cve/CVE-2024-43879.html * https://www.suse.com/security/cve/CVE-2024-43880.html * https://www.suse.com/security/cve/CVE-2024-43881.html * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-43883.html * https://www.suse.com/security/cve/CVE-2024-43884.html * https://www.suse.com/security/cve/CVE-2024-43885.html * https://www.suse.com/security/cve/CVE-2024-43889.html * https://www.suse.com/security/cve/CVE-2024-43892.html * https://www.suse.com/security/cve/CVE-2024-43893.html * https://www.suse.com/security/cve/CVE-2024-43894.html * https://www.suse.com/security/cve/CVE-2024-43895.html * https://www.suse.com/security/cve/CVE-2024-43897.html * https://www.suse.com/security/cve/CVE-2024-43899.html * https://www.suse.com/security/cve/CVE-2024-43900.html * https://www.suse.com/security/cve/CVE-2024-43902.html * https://www.suse.com/security/cve/CVE-2024-43903.html * https://www.suse.com/security/cve/CVE-2024-43905.html * https://www.suse.com/security/cve/CVE-2024-43906.html * https://www.suse.com/security/cve/CVE-2024-43907.html * https://www.suse.com/security/cve/CVE-2024-43908.html * https://www.suse.com/security/cve/CVE-2024-43909.html * https://www.suse.com/security/cve/CVE-2024-43911.html * https://www.suse.com/security/cve/CVE-2024-43912.html * https://www.suse.com/security/cve/CVE-2024-44931.html * https://www.suse.com/security/cve/CVE-2024-44938.html * https://www.suse.com/security/cve/CVE-2024-44939.html * https://bugzilla.suse.com/show_bug.cgi?id=1012628 * https://bugzilla.suse.com/show_bug.cgi?id=1193454 * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1205462 * https://bugzilla.suse.com/show_bug.cgi?id=1208783 * https://bugzilla.suse.com/show_bug.cgi?id=1213123 * https://bugzilla.suse.com/show_bug.cgi?id=1214285 * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1220066 * https://bugzilla.suse.com/show_bug.cgi?id=1220252 * https://bugzilla.suse.com/show_bug.cgi?id=1220877 * https://bugzilla.suse.com/show_bug.cgi?id=1221326 * https://bugzilla.suse.com/show_bug.cgi?id=1221630 * https://bugzilla.suse.com/show_bug.cgi?id=1221645 * https://bugzilla.suse.com/show_bug.cgi?id=1221652 * https://bugzilla.suse.com/show_bug.cgi?id=1221857 * https://bugzilla.suse.com/show_bug.cgi?id=1222254 * https://bugzilla.suse.com/show_bug.cgi?id=1222335 * https://bugzilla.suse.com/show_bug.cgi?id=1222350 * https://bugzilla.suse.com/show_bug.cgi?id=1222364 * https://bugzilla.suse.com/show_bug.cgi?id=1222372 * https://bugzilla.suse.com/show_bug.cgi?id=1222387 * https://bugzilla.suse.com/show_bug.cgi?id=1222433 * https://bugzilla.suse.com/show_bug.cgi?id=1222434 * https://bugzilla.suse.com/show_bug.cgi?id=1222463 * https://bugzilla.suse.com/show_bug.cgi?id=1222625 * https://bugzilla.suse.com/show_bug.cgi?id=1222633 * https://bugzilla.suse.com/show_bug.cgi?id=1222634 * https://bugzilla.suse.com/show_bug.cgi?id=1222808 * https://bugzilla.suse.com/show_bug.cgi?id=1222967 * https://bugzilla.suse.com/show_bug.cgi?id=1222973 * https://bugzilla.suse.com/show_bug.cgi?id=1223053 * https://bugzilla.suse.com/show_bug.cgi?id=1223074 * https://bugzilla.suse.com/show_bug.cgi?id=1223191 * https://bugzilla.suse.com/show_bug.cgi?id=1223395 * https://bugzilla.suse.com/show_bug.cgi?id=1223635 * https://bugzilla.suse.com/show_bug.cgi?id=1223720 * https://bugzilla.suse.com/show_bug.cgi?id=1223731 * https://bugzilla.suse.com/show_bug.cgi?id=1223742 * https://bugzilla.suse.com/show_bug.cgi?id=1223763 * https://bugzilla.suse.com/show_bug.cgi?id=1223767 * https://bugzilla.suse.com/show_bug.cgi?id=1223777 * https://bugzilla.suse.com/show_bug.cgi?id=1223803 * https://bugzilla.suse.com/show_bug.cgi?id=1224105 * https://bugzilla.suse.com/show_bug.cgi?id=1224415 * https://bugzilla.suse.com/show_bug.cgi?id=1224485 * https://bugzilla.suse.com/show_bug.cgi?id=1224496 * https://bugzilla.suse.com/show_bug.cgi?id=1224510 * https://bugzilla.suse.com/show_bug.cgi?id=1224535 * https://bugzilla.suse.com/show_bug.cgi?id=1224631 * https://bugzilla.suse.com/show_bug.cgi?id=1224636 * https://bugzilla.suse.com/show_bug.cgi?id=1224690 * https://bugzilla.suse.com/show_bug.cgi?id=1224694 * https://bugzilla.suse.com/show_bug.cgi?id=1224700 * https://bugzilla.suse.com/show_bug.cgi?id=1224711 * https://bugzilla.suse.com/show_bug.cgi?id=1225475 * https://bugzilla.suse.com/show_bug.cgi?id=1225582 * https://bugzilla.suse.com/show_bug.cgi?id=1225607 * https://bugzilla.suse.com/show_bug.cgi?id=1225717 * https://bugzilla.suse.com/show_bug.cgi?id=1225718 * https://bugzilla.suse.com/show_bug.cgi?id=1225744 * https://bugzilla.suse.com/show_bug.cgi?id=1225745 * https://bugzilla.suse.com/show_bug.cgi?id=1225751 * https://bugzilla.suse.com/show_bug.cgi?id=1225814 * https://bugzilla.suse.com/show_bug.cgi?id=1225832 * https://bugzilla.suse.com/show_bug.cgi?id=1225838 * https://bugzilla.suse.com/show_bug.cgi?id=1225903 * https://bugzilla.suse.com/show_bug.cgi?id=1226031 * https://bugzilla.suse.com/show_bug.cgi?id=1226127 * https://bugzilla.suse.com/show_bug.cgi?id=1226502 * https://bugzilla.suse.com/show_bug.cgi?id=1226530 * https://bugzilla.suse.com/show_bug.cgi?id=1226588 * https://bugzilla.suse.com/show_bug.cgi?id=1226604 * https://bugzilla.suse.com/show_bug.cgi?id=1226743 * https://bugzilla.suse.com/show_bug.cgi?id=1226751 * https://bugzilla.suse.com/show_bug.cgi?id=1226765 * https://bugzilla.suse.com/show_bug.cgi?id=1226798 * https://bugzilla.suse.com/show_bug.cgi?id=1226801 * https://bugzilla.suse.com/show_bug.cgi?id=1226834 * https://bugzilla.suse.com/show_bug.cgi?id=1226874 * https://bugzilla.suse.com/show_bug.cgi?id=1226885 * https://bugzilla.suse.com/show_bug.cgi?id=1226920 * https://bugzilla.suse.com/show_bug.cgi?id=1227149 * https://bugzilla.suse.com/show_bug.cgi?id=1227182 * https://bugzilla.suse.com/show_bug.cgi?id=1227383 * https://bugzilla.suse.com/show_bug.cgi?id=1227437 * https://bugzilla.suse.com/show_bug.cgi?id=1227492 * https://bugzilla.suse.com/show_bug.cgi?id=1227493 * https://bugzilla.suse.com/show_bug.cgi?id=1227494 * https://bugzilla.suse.com/show_bug.cgi?id=1227618 * https://bugzilla.suse.com/show_bug.cgi?id=1227620 * https://bugzilla.suse.com/show_bug.cgi?id=1227623 * https://bugzilla.suse.com/show_bug.cgi?id=1227627 * https://bugzilla.suse.com/show_bug.cgi?id=1227634 * https://bugzilla.suse.com/show_bug.cgi?id=1227706 * https://bugzilla.suse.com/show_bug.cgi?id=1227722 * https://bugzilla.suse.com/show_bug.cgi?id=1227724 * https://bugzilla.suse.com/show_bug.cgi?id=1227725 * https://bugzilla.suse.com/show_bug.cgi?id=1227728 * https://bugzilla.suse.com/show_bug.cgi?id=1227729 * https://bugzilla.suse.com/show_bug.cgi?id=1227732 * https://bugzilla.suse.com/show_bug.cgi?id=1227733 * https://bugzilla.suse.com/show_bug.cgi?id=1227734 * https://bugzilla.suse.com/show_bug.cgi?id=1227747 * https://bugzilla.suse.com/show_bug.cgi?id=1227750 * https://bugzilla.suse.com/show_bug.cgi?id=1227754 * https://bugzilla.suse.com/show_bug.cgi?id=1227758 * https://bugzilla.suse.com/show_bug.cgi?id=1227760 * https://bugzilla.suse.com/show_bug.cgi?id=1227761 * https://bugzilla.suse.com/show_bug.cgi?id=1227764 * https://bugzilla.suse.com/show_bug.cgi?id=1227766 * https://bugzilla.suse.com/show_bug.cgi?id=1227770 * https://bugzilla.suse.com/show_bug.cgi?id=1227771 * https://bugzilla.suse.com/show_bug.cgi?id=1227772 * https://bugzilla.suse.com/show_bug.cgi?id=1227774 * https://bugzilla.suse.com/show_bug.cgi?id=1227781 * https://bugzilla.suse.com/show_bug.cgi?id=1227784 * https://bugzilla.suse.com/show_bug.cgi?id=1227785 * https://bugzilla.suse.com/show_bug.cgi?id=1227787 * https://bugzilla.suse.com/show_bug.cgi?id=1227790 * https://bugzilla.suse.com/show_bug.cgi?id=1227791 * https://bugzilla.suse.com/show_bug.cgi?id=1227792 * https://bugzilla.suse.com/show_bug.cgi?id=1227796 * https://bugzilla.suse.com/show_bug.cgi?id=1227798 * https://bugzilla.suse.com/show_bug.cgi?id=1227799 * https://bugzilla.suse.com/show_bug.cgi?id=1227802 * https://bugzilla.suse.com/show_bug.cgi?id=1227808 * https://bugzilla.suse.com/show_bug.cgi?id=1227810 * https://bugzilla.suse.com/show_bug.cgi?id=1227811 * https://bugzilla.suse.com/show_bug.cgi?id=1227812 * https://bugzilla.suse.com/show_bug.cgi?id=1227815 * https://bugzilla.suse.com/show_bug.cgi?id=1227816 * https://bugzilla.suse.com/show_bug.cgi?id=1227818 * https://bugzilla.suse.com/show_bug.cgi?id=1227820 * https://bugzilla.suse.com/show_bug.cgi?id=1227823 * https://bugzilla.suse.com/show_bug.cgi?id=1227824 * https://bugzilla.suse.com/show_bug.cgi?id=1227826 * https://bugzilla.suse.com/show_bug.cgi?id=1227828 * https://bugzilla.suse.com/show_bug.cgi?id=1227829 * https://bugzilla.suse.com/show_bug.cgi?id=1227830 * https://bugzilla.suse.com/show_bug.cgi?id=1227832 * https://bugzilla.suse.com/show_bug.cgi?id=1227833 * https://bugzilla.suse.com/show_bug.cgi?id=1227834 * https://bugzilla.suse.com/show_bug.cgi?id=1227839 * https://bugzilla.suse.com/show_bug.cgi?id=1227840 * https://bugzilla.suse.com/show_bug.cgi?id=1227846 * https://bugzilla.suse.com/show_bug.cgi?id=1227849 * https://bugzilla.suse.com/show_bug.cgi?id=1227851 * https://bugzilla.suse.com/show_bug.cgi?id=1227853 * https://bugzilla.suse.com/show_bug.cgi?id=1227863 * https://bugzilla.suse.com/show_bug.cgi?id=1227864 * https://bugzilla.suse.com/show_bug.cgi?id=1227865 * https://bugzilla.suse.com/show_bug.cgi?id=1227867 * https://bugzilla.suse.com/show_bug.cgi?id=1227869 * https://bugzilla.suse.com/show_bug.cgi?id=1227870 * https://bugzilla.suse.com/show_bug.cgi?id=1227883 * https://bugzilla.suse.com/show_bug.cgi?id=1227884 * https://bugzilla.suse.com/show_bug.cgi?id=1227891 * https://bugzilla.suse.com/show_bug.cgi?id=1227893 * https://bugzilla.suse.com/show_bug.cgi?id=1227929 * https://bugzilla.suse.com/show_bug.cgi?id=1227950 * https://bugzilla.suse.com/show_bug.cgi?id=1227957 * https://bugzilla.suse.com/show_bug.cgi?id=1227981 * https://bugzilla.suse.com/show_bug.cgi?id=1228020 * https://bugzilla.suse.com/show_bug.cgi?id=1228021 * https://bugzilla.suse.com/show_bug.cgi?id=1228114 * https://bugzilla.suse.com/show_bug.cgi?id=1228192 * https://bugzilla.suse.com/show_bug.cgi?id=1228195 * https://bugzilla.suse.com/show_bug.cgi?id=1228202 * https://bugzilla.suse.com/show_bug.cgi?id=1228235 * https://bugzilla.suse.com/show_bug.cgi?id=1228236 * https://bugzilla.suse.com/show_bug.cgi?id=1228237 * https://bugzilla.suse.com/show_bug.cgi?id=1228247 * https://bugzilla.suse.com/show_bug.cgi?id=1228321 * https://bugzilla.suse.com/show_bug.cgi?id=1228409 * https://bugzilla.suse.com/show_bug.cgi?id=1228410 * https://bugzilla.suse.com/show_bug.cgi?id=1228426 * https://bugzilla.suse.com/show_bug.cgi?id=1228427 * https://bugzilla.suse.com/show_bug.cgi?id=1228429 * https://bugzilla.suse.com/show_bug.cgi?id=1228446 * https://bugzilla.suse.com/show_bug.cgi?id=1228447 * https://bugzilla.suse.com/show_bug.cgi?id=1228449 * https://bugzilla.suse.com/show_bug.cgi?id=1228450 * https://bugzilla.suse.com/show_bug.cgi?id=1228452 * https://bugzilla.suse.com/show_bug.cgi?id=1228456 * https://bugzilla.suse.com/show_bug.cgi?id=1228457 * https://bugzilla.suse.com/show_bug.cgi?id=1228458 * https://bugzilla.suse.com/show_bug.cgi?id=1228459 * https://bugzilla.suse.com/show_bug.cgi?id=1228460 * https://bugzilla.suse.com/show_bug.cgi?id=1228462 * https://bugzilla.suse.com/show_bug.cgi?id=1228463 * https://bugzilla.suse.com/show_bug.cgi?id=1228466 * https://bugzilla.suse.com/show_bug.cgi?id=1228467 * https://bugzilla.suse.com/show_bug.cgi?id=1228468 * https://bugzilla.suse.com/show_bug.cgi?id=1228469 * https://bugzilla.suse.com/show_bug.cgi?id=1228470 * https://bugzilla.suse.com/show_bug.cgi?id=1228472 * https://bugzilla.suse.com/show_bug.cgi?id=1228479 * https://bugzilla.suse.com/show_bug.cgi?id=1228480 * https://bugzilla.suse.com/show_bug.cgi?id=1228481 * https://bugzilla.suse.com/show_bug.cgi?id=1228482 * https://bugzilla.suse.com/show_bug.cgi?id=1228483 * https://bugzilla.suse.com/show_bug.cgi?id=1228484 * https://bugzilla.suse.com/show_bug.cgi?id=1228485 * https://bugzilla.suse.com/show_bug.cgi?id=1228486 * https://bugzilla.suse.com/show_bug.cgi?id=1228487 * https://bugzilla.suse.com/show_bug.cgi?id=1228489 * https://bugzilla.suse.com/show_bug.cgi?id=1228491 * https://bugzilla.suse.com/show_bug.cgi?id=1228492 * https://bugzilla.suse.com/show_bug.cgi?id=1228493 * https://bugzilla.suse.com/show_bug.cgi?id=1228494 * https://bugzilla.suse.com/show_bug.cgi?id=1228495 * https://bugzilla.suse.com/show_bug.cgi?id=1228496 * https://bugzilla.suse.com/show_bug.cgi?id=1228499 * https://bugzilla.suse.com/show_bug.cgi?id=1228500 * https://bugzilla.suse.com/show_bug.cgi?id=1228501 * https://bugzilla.suse.com/show_bug.cgi?id=1228502 * https://bugzilla.suse.com/show_bug.cgi?id=1228503 * https://bugzilla.suse.com/show_bug.cgi?id=1228505 * https://bugzilla.suse.com/show_bug.cgi?id=1228508 * https://bugzilla.suse.com/show_bug.cgi?id=1228509 * https://bugzilla.suse.com/show_bug.cgi?id=1228510 * https://bugzilla.suse.com/show_bug.cgi?id=1228511 * https://bugzilla.suse.com/show_bug.cgi?id=1228513 * https://bugzilla.suse.com/show_bug.cgi?id=1228515 * https://bugzilla.suse.com/show_bug.cgi?id=1228516 * https://bugzilla.suse.com/show_bug.cgi?id=1228518 * https://bugzilla.suse.com/show_bug.cgi?id=1228520 * https://bugzilla.suse.com/show_bug.cgi?id=1228525 * https://bugzilla.suse.com/show_bug.cgi?id=1228527 * https://bugzilla.suse.com/show_bug.cgi?id=1228530 * https://bugzilla.suse.com/show_bug.cgi?id=1228531 * https://bugzilla.suse.com/show_bug.cgi?id=1228539 * https://bugzilla.suse.com/show_bug.cgi?id=1228561 * https://bugzilla.suse.com/show_bug.cgi?id=1228563 * https://bugzilla.suse.com/show_bug.cgi?id=1228564 * https://bugzilla.suse.com/show_bug.cgi?id=1228565 * https://bugzilla.suse.com/show_bug.cgi?id=1228567 * https://bugzilla.suse.com/show_bug.cgi?id=1228568 * https://bugzilla.suse.com/show_bug.cgi?id=1228572 * https://bugzilla.suse.com/show_bug.cgi?id=1228576 * https://bugzilla.suse.com/show_bug.cgi?id=1228579 * https://bugzilla.suse.com/show_bug.cgi?id=1228580 * https://bugzilla.suse.com/show_bug.cgi?id=1228581 * https://bugzilla.suse.com/show_bug.cgi?id=1228582 * https://bugzilla.suse.com/show_bug.cgi?id=1228584 * https://bugzilla.suse.com/show_bug.cgi?id=1228586 * https://bugzilla.suse.com/show_bug.cgi?id=1228588 * https://bugzilla.suse.com/show_bug.cgi?id=1228590 * https://bugzilla.suse.com/show_bug.cgi?id=1228591 * https://bugzilla.suse.com/show_bug.cgi?id=1228599 * https://bugzilla.suse.com/show_bug.cgi?id=1228615 * https://bugzilla.suse.com/show_bug.cgi?id=1228616 * https://bugzilla.suse.com/show_bug.cgi?id=1228617 * https://bugzilla.suse.com/show_bug.cgi?id=1228625 * https://bugzilla.suse.com/show_bug.cgi?id=1228626 * https://bugzilla.suse.com/show_bug.cgi?id=1228633 * https://bugzilla.suse.com/show_bug.cgi?id=1228635 * https://bugzilla.suse.com/show_bug.cgi?id=1228636 * https://bugzilla.suse.com/show_bug.cgi?id=1228640 * https://bugzilla.suse.com/show_bug.cgi?id=1228643 * https://bugzilla.suse.com/show_bug.cgi?id=1228644 * https://bugzilla.suse.com/show_bug.cgi?id=1228646 * https://bugzilla.suse.com/show_bug.cgi?id=1228649 * https://bugzilla.suse.com/show_bug.cgi?id=1228650 * https://bugzilla.suse.com/show_bug.cgi?id=1228654 * https://bugzilla.suse.com/show_bug.cgi?id=1228655 * https://bugzilla.suse.com/show_bug.cgi?id=1228656 * https://bugzilla.suse.com/show_bug.cgi?id=1228658 * https://bugzilla.suse.com/show_bug.cgi?id=1228660 * https://bugzilla.suse.com/show_bug.cgi?id=1228662 * https://bugzilla.suse.com/show_bug.cgi?id=1228665 * https://bugzilla.suse.com/show_bug.cgi?id=1228666 * https://bugzilla.suse.com/show_bug.cgi?id=1228667 * https://bugzilla.suse.com/show_bug.cgi?id=1228672 * https://bugzilla.suse.com/show_bug.cgi?id=1228673 * https://bugzilla.suse.com/show_bug.cgi?id=1228674 * https://bugzilla.suse.com/show_bug.cgi?id=1228677 * https://bugzilla.suse.com/show_bug.cgi?id=1228680 * https://bugzilla.suse.com/show_bug.cgi?id=1228687 * https://bugzilla.suse.com/show_bug.cgi?id=1228705 * https://bugzilla.suse.com/show_bug.cgi?id=1228706 * https://bugzilla.suse.com/show_bug.cgi?id=1228707 * https://bugzilla.suse.com/show_bug.cgi?id=1228708 * https://bugzilla.suse.com/show_bug.cgi?id=1228709 * https://bugzilla.suse.com/show_bug.cgi?id=1228710 * https://bugzilla.suse.com/show_bug.cgi?id=1228718 * https://bugzilla.suse.com/show_bug.cgi?id=1228720 * https://bugzilla.suse.com/show_bug.cgi?id=1228721 * https://bugzilla.suse.com/show_bug.cgi?id=1228722 * https://bugzilla.suse.com/show_bug.cgi?id=1228723 * https://bugzilla.suse.com/show_bug.cgi?id=1228724 * https://bugzilla.suse.com/show_bug.cgi?id=1228726 * https://bugzilla.suse.com/show_bug.cgi?id=1228727 * https://bugzilla.suse.com/show_bug.cgi?id=1228733 * https://bugzilla.suse.com/show_bug.cgi?id=1228737 * https://bugzilla.suse.com/show_bug.cgi?id=1228743 * https://bugzilla.suse.com/show_bug.cgi?id=1228748 * https://bugzilla.suse.com/show_bug.cgi?id=1228754 * https://bugzilla.suse.com/show_bug.cgi?id=1228756 * https://bugzilla.suse.com/show_bug.cgi?id=1228757 * https://bugzilla.suse.com/show_bug.cgi?id=1228758 * https://bugzilla.suse.com/show_bug.cgi?id=1228764 * https://bugzilla.suse.com/show_bug.cgi?id=1228766 * https://bugzilla.suse.com/show_bug.cgi?id=1228779 * https://bugzilla.suse.com/show_bug.cgi?id=1228801 * https://bugzilla.suse.com/show_bug.cgi?id=1228849 * https://bugzilla.suse.com/show_bug.cgi?id=1228850 * https://bugzilla.suse.com/show_bug.cgi?id=1228857 * https://bugzilla.suse.com/show_bug.cgi?id=1228959 * https://bugzilla.suse.com/show_bug.cgi?id=1228964 * https://bugzilla.suse.com/show_bug.cgi?id=1228966 * https://bugzilla.suse.com/show_bug.cgi?id=1228967 * https://bugzilla.suse.com/show_bug.cgi?id=1228973 * https://bugzilla.suse.com/show_bug.cgi?id=1228977 * https://bugzilla.suse.com/show_bug.cgi?id=1228978 * https://bugzilla.suse.com/show_bug.cgi?id=1228979 * https://bugzilla.suse.com/show_bug.cgi?id=1228986 * https://bugzilla.suse.com/show_bug.cgi?id=1228988 * https://bugzilla.suse.com/show_bug.cgi?id=1228989 * https://bugzilla.suse.com/show_bug.cgi?id=1228991 * https://bugzilla.suse.com/show_bug.cgi?id=1228992 * https://bugzilla.suse.com/show_bug.cgi?id=1229005 * https://bugzilla.suse.com/show_bug.cgi?id=1229024 * https://bugzilla.suse.com/show_bug.cgi?id=1229042 * https://bugzilla.suse.com/show_bug.cgi?id=1229045 * https://bugzilla.suse.com/show_bug.cgi?id=1229046 * https://bugzilla.suse.com/show_bug.cgi?id=1229054 * https://bugzilla.suse.com/show_bug.cgi?id=1229056 * https://bugzilla.suse.com/show_bug.cgi?id=1229086 * https://bugzilla.suse.com/show_bug.cgi?id=1229134 * https://bugzilla.suse.com/show_bug.cgi?id=1229136 * https://bugzilla.suse.com/show_bug.cgi?id=1229154 * https://bugzilla.suse.com/show_bug.cgi?id=1229156 * https://bugzilla.suse.com/show_bug.cgi?id=1229160 * https://bugzilla.suse.com/show_bug.cgi?id=1229167 * https://bugzilla.suse.com/show_bug.cgi?id=1229168 * https://bugzilla.suse.com/show_bug.cgi?id=1229169 * https://bugzilla.suse.com/show_bug.cgi?id=1229170 * https://bugzilla.suse.com/show_bug.cgi?id=1229171 * https://bugzilla.suse.com/show_bug.cgi?id=1229172 * https://bugzilla.suse.com/show_bug.cgi?id=1229173 * https://bugzilla.suse.com/show_bug.cgi?id=1229174 * https://bugzilla.suse.com/show_bug.cgi?id=1229239 * https://bugzilla.suse.com/show_bug.cgi?id=1229240 * https://bugzilla.suse.com/show_bug.cgi?id=1229241 * https://bugzilla.suse.com/show_bug.cgi?id=1229243 * https://bugzilla.suse.com/show_bug.cgi?id=1229244 * https://bugzilla.suse.com/show_bug.cgi?id=1229245 * https://bugzilla.suse.com/show_bug.cgi?id=1229246 * https://bugzilla.suse.com/show_bug.cgi?id=1229247 * https://bugzilla.suse.com/show_bug.cgi?id=1229248 * https://bugzilla.suse.com/show_bug.cgi?id=1229249 * https://bugzilla.suse.com/show_bug.cgi?id=1229250 * https://bugzilla.suse.com/show_bug.cgi?id=1229251 * https://bugzilla.suse.com/show_bug.cgi?id=1229252 * https://bugzilla.suse.com/show_bug.cgi?id=1229253 * https://bugzilla.suse.com/show_bug.cgi?id=1229254 * https://bugzilla.suse.com/show_bug.cgi?id=1229255 * https://bugzilla.suse.com/show_bug.cgi?id=1229256 * https://bugzilla.suse.com/show_bug.cgi?id=1229287 * https://bugzilla.suse.com/show_bug.cgi?id=1229290 * https://bugzilla.suse.com/show_bug.cgi?id=1229291 * https://bugzilla.suse.com/show_bug.cgi?id=1229292 * https://bugzilla.suse.com/show_bug.cgi?id=1229294 * https://bugzilla.suse.com/show_bug.cgi?id=1229296 * https://bugzilla.suse.com/show_bug.cgi?id=1229297 * https://bugzilla.suse.com/show_bug.cgi?id=1229298 * https://bugzilla.suse.com/show_bug.cgi?id=1229299 * https://bugzilla.suse.com/show_bug.cgi?id=1229301 * https://bugzilla.suse.com/show_bug.cgi?id=1229303 * https://bugzilla.suse.com/show_bug.cgi?id=1229304 * https://bugzilla.suse.com/show_bug.cgi?id=1229305 * https://bugzilla.suse.com/show_bug.cgi?id=1229307 * https://bugzilla.suse.com/show_bug.cgi?id=1229309 * https://bugzilla.suse.com/show_bug.cgi?id=1229312 * https://bugzilla.suse.com/show_bug.cgi?id=1229313 * https://bugzilla.suse.com/show_bug.cgi?id=1229314 * https://bugzilla.suse.com/show_bug.cgi?id=1229315 * https://bugzilla.suse.com/show_bug.cgi?id=1229316 * https://bugzilla.suse.com/show_bug.cgi?id=1229317 * https://bugzilla.suse.com/show_bug.cgi?id=1229318 * https://bugzilla.suse.com/show_bug.cgi?id=1229319 * https://bugzilla.suse.com/show_bug.cgi?id=1229320 * https://bugzilla.suse.com/show_bug.cgi?id=1229327 * https://bugzilla.suse.com/show_bug.cgi?id=1229341 * https://bugzilla.suse.com/show_bug.cgi?id=1229342 * https://bugzilla.suse.com/show_bug.cgi?id=1229344 * https://bugzilla.suse.com/show_bug.cgi?id=1229345 * https://bugzilla.suse.com/show_bug.cgi?id=1229346 * https://bugzilla.suse.com/show_bug.cgi?id=1229347 * https://bugzilla.suse.com/show_bug.cgi?id=1229349 * https://bugzilla.suse.com/show_bug.cgi?id=1229350 * https://bugzilla.suse.com/show_bug.cgi?id=1229351 * https://bugzilla.suse.com/show_bug.cgi?id=1229353 * https://bugzilla.suse.com/show_bug.cgi?id=1229354 * https://bugzilla.suse.com/show_bug.cgi?id=1229355 * https://bugzilla.suse.com/show_bug.cgi?id=1229356 * https://bugzilla.suse.com/show_bug.cgi?id=1229357 * https://bugzilla.suse.com/show_bug.cgi?id=1229358 * https://bugzilla.suse.com/show_bug.cgi?id=1229359 * https://bugzilla.suse.com/show_bug.cgi?id=1229360 * https://bugzilla.suse.com/show_bug.cgi?id=1229365 * https://bugzilla.suse.com/show_bug.cgi?id=1229366 * https://bugzilla.suse.com/show_bug.cgi?id=1229369 * https://bugzilla.suse.com/show_bug.cgi?id=1229370 * https://bugzilla.suse.com/show_bug.cgi?id=1229373 * https://bugzilla.suse.com/show_bug.cgi?id=1229374 * https://bugzilla.suse.com/show_bug.cgi?id=1229379 * https://bugzilla.suse.com/show_bug.cgi?id=1229381 * https://bugzilla.suse.com/show_bug.cgi?id=1229382 * https://bugzilla.suse.com/show_bug.cgi?id=1229383 * https://bugzilla.suse.com/show_bug.cgi?id=1229386 * https://bugzilla.suse.com/show_bug.cgi?id=1229388 * https://bugzilla.suse.com/show_bug.cgi?id=1229390 * https://bugzilla.suse.com/show_bug.cgi?id=1229391 * https://bugzilla.suse.com/show_bug.cgi?id=1229392 * https://bugzilla.suse.com/show_bug.cgi?id=1229395 * https://bugzilla.suse.com/show_bug.cgi?id=1229398 * https://bugzilla.suse.com/show_bug.cgi?id=1229399 * https://bugzilla.suse.com/show_bug.cgi?id=1229400 * https://bugzilla.suse.com/show_bug.cgi?id=1229402 * https://bugzilla.suse.com/show_bug.cgi?id=1229403 * https://bugzilla.suse.com/show_bug.cgi?id=1229404 * https://bugzilla.suse.com/show_bug.cgi?id=1229407 * https://bugzilla.suse.com/show_bug.cgi?id=1229409 * https://bugzilla.suse.com/show_bug.cgi?id=1229410 * https://bugzilla.suse.com/show_bug.cgi?id=1229411 * https://bugzilla.suse.com/show_bug.cgi?id=1229413 * https://bugzilla.suse.com/show_bug.cgi?id=1229414 * https://bugzilla.suse.com/show_bug.cgi?id=1229417 * https://bugzilla.suse.com/show_bug.cgi?id=1229444 * https://bugzilla.suse.com/show_bug.cgi?id=1229451 * https://bugzilla.suse.com/show_bug.cgi?id=1229452 * https://bugzilla.suse.com/show_bug.cgi?id=1229455 * https://bugzilla.suse.com/show_bug.cgi?id=1229456 * https://bugzilla.suse.com/show_bug.cgi?id=1229480 * https://bugzilla.suse.com/show_bug.cgi?id=1229481 * https://bugzilla.suse.com/show_bug.cgi?id=1229482 * https://bugzilla.suse.com/show_bug.cgi?id=1229484 * https://bugzilla.suse.com/show_bug.cgi?id=1229485 * https://bugzilla.suse.com/show_bug.cgi?id=1229486 * https://bugzilla.suse.com/show_bug.cgi?id=1229487 * https://bugzilla.suse.com/show_bug.cgi?id=1229488 * https://bugzilla.suse.com/show_bug.cgi?id=1229489 * https://bugzilla.suse.com/show_bug.cgi?id=1229490 * https://bugzilla.suse.com/show_bug.cgi?id=1229493 * https://bugzilla.suse.com/show_bug.cgi?id=1229495 * https://bugzilla.suse.com/show_bug.cgi?id=1229496 * https://bugzilla.suse.com/show_bug.cgi?id=1229497 * https://bugzilla.suse.com/show_bug.cgi?id=1229500 * https://bugzilla.suse.com/show_bug.cgi?id=1229503 * https://bugzilla.suse.com/show_bug.cgi?id=1229707 * https://bugzilla.suse.com/show_bug.cgi?id=1229739 * https://bugzilla.suse.com/show_bug.cgi?id=1229743 * https://bugzilla.suse.com/show_bug.cgi?id=1229746 * https://bugzilla.suse.com/show_bug.cgi?id=1229747 * https://bugzilla.suse.com/show_bug.cgi?id=1229752 * https://bugzilla.suse.com/show_bug.cgi?id=1229754 * https://bugzilla.suse.com/show_bug.cgi?id=1229755 * https://bugzilla.suse.com/show_bug.cgi?id=1229756 * https://bugzilla.suse.com/show_bug.cgi?id=1229759 * https://bugzilla.suse.com/show_bug.cgi?id=1229761 * https://bugzilla.suse.com/show_bug.cgi?id=1229767 * https://bugzilla.suse.com/show_bug.cgi?id=1229781 * https://bugzilla.suse.com/show_bug.cgi?id=1229784 * https://bugzilla.suse.com/show_bug.cgi?id=1229785 * https://bugzilla.suse.com/show_bug.cgi?id=1229787 * https://bugzilla.suse.com/show_bug.cgi?id=1229788 * https://bugzilla.suse.com/show_bug.cgi?id=1229789 * https://bugzilla.suse.com/show_bug.cgi?id=1229792 * https://bugzilla.suse.com/show_bug.cgi?id=1229820 * https://bugzilla.suse.com/show_bug.cgi?id=1229827 * https://bugzilla.suse.com/show_bug.cgi?id=1229830 * https://bugzilla.suse.com/show_bug.cgi?id=1229837 * https://bugzilla.suse.com/show_bug.cgi?id=1229940 * https://bugzilla.suse.com/show_bug.cgi?id=1230056 * https://jira.suse.com/browse/PED-10029 * https://jira.suse.com/browse/PED-10045 * https://jira.suse.com/browse/PED-10055 * https://jira.suse.com/browse/PED-10105 * https://jira.suse.com/browse/PED-10108 * https://jira.suse.com/browse/PED-8491 * https://jira.suse.com/browse/PED-8779 * https://jira.suse.com/browse/PED-8954 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 10 12:35:48 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 10 Sep 2024 12:35:48 -0000 Subject: SUSE-SU-2024:3192-1: important: Security update for postgresql16 Message-ID: <172597174877.27756.10746650027502743576@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2024:3192-1 Rating: important References: * bsc#1229013 Cross-References: * CVE-2024-7348 CVSS scores: * CVE-2024-7348 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-7348 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-7348 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql16 fixes the following issues: * Upgrade to 13.16 (bsc#1229013) * CVE-2024-7348: PostgreSQL relation replacement during pg_dump executes arbitrary SQL. (bsc#1229013) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3192=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3192=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3192=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3192=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * postgresql13-devel-debuginfo-13.16-3.52.1 * postgresql13-devel-13.16-3.52.1 * postgresql13-debugsource-13.16-3.52.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (ppc64le s390x x86_64) * postgresql13-server-devel-13.16-3.52.1 * postgresql13-server-devel-debuginfo-13.16-3.52.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * postgresql13-pltcl-13.16-3.52.1 * postgresql13-plperl-debuginfo-13.16-3.52.1 * postgresql13-debugsource-13.16-3.52.1 * postgresql13-pltcl-debuginfo-13.16-3.52.1 * postgresql13-server-debuginfo-13.16-3.52.1 * postgresql13-plpython-debuginfo-13.16-3.52.1 * postgresql13-plpython-13.16-3.52.1 * postgresql13-contrib-debuginfo-13.16-3.52.1 * postgresql13-plperl-13.16-3.52.1 * postgresql13-contrib-13.16-3.52.1 * postgresql13-13.16-3.52.1 * postgresql13-server-13.16-3.52.1 * postgresql13-debuginfo-13.16-3.52.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * postgresql13-docs-13.16-3.52.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * postgresql13-pltcl-13.16-3.52.1 * postgresql13-plperl-debuginfo-13.16-3.52.1 * postgresql13-debugsource-13.16-3.52.1 * postgresql13-pltcl-debuginfo-13.16-3.52.1 * postgresql13-server-debuginfo-13.16-3.52.1 * postgresql13-plpython-debuginfo-13.16-3.52.1 * postgresql13-plpython-13.16-3.52.1 * postgresql13-contrib-debuginfo-13.16-3.52.1 * postgresql13-plperl-13.16-3.52.1 * postgresql13-contrib-13.16-3.52.1 * postgresql13-13.16-3.52.1 * postgresql13-server-13.16-3.52.1 * postgresql13-debuginfo-13.16-3.52.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * postgresql13-docs-13.16-3.52.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * postgresql13-pltcl-13.16-3.52.1 * postgresql13-plperl-debuginfo-13.16-3.52.1 * postgresql13-debugsource-13.16-3.52.1 * postgresql13-pltcl-debuginfo-13.16-3.52.1 * postgresql13-server-debuginfo-13.16-3.52.1 * postgresql13-plpython-debuginfo-13.16-3.52.1 * postgresql13-plpython-13.16-3.52.1 * postgresql13-contrib-debuginfo-13.16-3.52.1 * postgresql13-plperl-13.16-3.52.1 * postgresql13-contrib-13.16-3.52.1 * postgresql13-13.16-3.52.1 * postgresql13-server-13.16-3.52.1 * postgresql13-debuginfo-13.16-3.52.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * postgresql13-docs-13.16-3.52.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7348.html * https://bugzilla.suse.com/show_bug.cgi?id=1229013 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 10 12:35:51 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 10 Sep 2024 12:35:51 -0000 Subject: SUSE-SU-2024:3191-1: important: Security update for postgresql16 Message-ID: <172597175195.27756.1503135773018478999@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2024:3191-1 Rating: important References: * bsc#1229013 Cross-References: * CVE-2024-7348 CVSS scores: * CVE-2024-7348 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-7348 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-7348 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql16 fixes the following issues: * Upgrade to 12.20 (bsc#1229013) * CVE-2024-7348: PostgreSQL relation replacement during pg_dump executes arbitrary SQL. (bsc#1229013) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3191=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3191=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3191=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3191=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * postgresql12-debugsource-12.20-3.58.1 * postgresql12-devel-debuginfo-12.20-3.58.1 * postgresql12-devel-12.20-3.58.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (ppc64le s390x x86_64) * postgresql12-server-devel-debuginfo-12.20-3.58.1 * postgresql12-server-devel-12.20-3.58.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * postgresql12-contrib-12.20-3.58.1 * postgresql12-pltcl-debuginfo-12.20-3.58.1 * postgresql12-debuginfo-12.20-3.58.1 * postgresql12-debugsource-12.20-3.58.1 * postgresql12-plperl-12.20-3.58.1 * postgresql12-12.20-3.58.1 * postgresql12-plpython-12.20-3.58.1 * postgresql12-plpython-debuginfo-12.20-3.58.1 * postgresql12-pltcl-12.20-3.58.1 * postgresql12-server-12.20-3.58.1 * postgresql12-plperl-debuginfo-12.20-3.58.1 * postgresql12-server-debuginfo-12.20-3.58.1 * postgresql12-contrib-debuginfo-12.20-3.58.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * postgresql12-docs-12.20-3.58.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * postgresql12-contrib-12.20-3.58.1 * postgresql12-pltcl-debuginfo-12.20-3.58.1 * postgresql12-debuginfo-12.20-3.58.1 * postgresql12-debugsource-12.20-3.58.1 * postgresql12-plperl-12.20-3.58.1 * postgresql12-12.20-3.58.1 * postgresql12-plpython-12.20-3.58.1 * postgresql12-plpython-debuginfo-12.20-3.58.1 * postgresql12-pltcl-12.20-3.58.1 * postgresql12-server-12.20-3.58.1 * postgresql12-plperl-debuginfo-12.20-3.58.1 * postgresql12-server-debuginfo-12.20-3.58.1 * postgresql12-contrib-debuginfo-12.20-3.58.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * postgresql12-docs-12.20-3.58.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * postgresql12-contrib-12.20-3.58.1 * postgresql12-pltcl-debuginfo-12.20-3.58.1 * postgresql12-debuginfo-12.20-3.58.1 * postgresql12-debugsource-12.20-3.58.1 * postgresql12-plperl-12.20-3.58.1 * postgresql12-12.20-3.58.1 * postgresql12-plpython-12.20-3.58.1 * postgresql12-plpython-debuginfo-12.20-3.58.1 * postgresql12-pltcl-12.20-3.58.1 * postgresql12-server-12.20-3.58.1 * postgresql12-plperl-debuginfo-12.20-3.58.1 * postgresql12-server-debuginfo-12.20-3.58.1 * postgresql12-contrib-debuginfo-12.20-3.58.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * postgresql12-docs-12.20-3.58.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7348.html * https://bugzilla.suse.com/show_bug.cgi?id=1229013 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 10 12:40:24 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 10 Sep 2024 12:40:24 -0000 Subject: SUSE-SU-2024:3190-1: important: Security update for the Linux Kernel Message-ID: <172597202442.27756.17664962321723780726@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3190-1 Rating: important References: * bsc#1193629 * bsc#1194111 * bsc#1194765 * bsc#1194869 * bsc#1196261 * bsc#1196516 * bsc#1196894 * bsc#1198017 * bsc#1203329 * bsc#1203330 * bsc#1203360 * bsc#1205462 * bsc#1206006 * bsc#1206258 * bsc#1206843 * bsc#1207158 * bsc#1208783 * bsc#1210644 * bsc#1213580 * bsc#1213632 * bsc#1214285 * bsc#1216834 * bsc#1220428 * bsc#1220877 * bsc#1220962 * bsc#1221269 * bsc#1221326 * bsc#1221630 * bsc#1221645 * bsc#1222335 * bsc#1222350 * bsc#1222372 * bsc#1222387 * bsc#1222634 * bsc#1222808 * bsc#1222967 * bsc#1223074 * bsc#1223191 * bsc#1223508 * bsc#1223720 * bsc#1223742 * bsc#1223777 * bsc#1223803 * bsc#1223807 * bsc#1224105 * bsc#1224415 * bsc#1224496 * bsc#1224510 * bsc#1224542 * bsc#1224578 * bsc#1224639 * bsc#1225162 * bsc#1225352 * bsc#1225428 * bsc#1225524 * bsc#1225578 * bsc#1225582 * bsc#1225773 * bsc#1225814 * bsc#1225827 * bsc#1225832 * bsc#1225903 * bsc#1226168 * bsc#1226530 * bsc#1226613 * bsc#1226742 * bsc#1226765 * bsc#1226798 * bsc#1226801 * bsc#1226874 * bsc#1226885 * bsc#1227079 * bsc#1227623 * bsc#1227761 * bsc#1227830 * bsc#1227863 * bsc#1227867 * bsc#1227929 * bsc#1227937 * bsc#1227958 * bsc#1228020 * bsc#1228065 * bsc#1228114 * bsc#1228410 * bsc#1228426 * bsc#1228427 * bsc#1228429 * bsc#1228446 * bsc#1228447 * bsc#1228449 * bsc#1228450 * bsc#1228452 * bsc#1228456 * bsc#1228463 * bsc#1228466 * bsc#1228467 * bsc#1228469 * bsc#1228480 * bsc#1228481 * bsc#1228482 * bsc#1228483 * bsc#1228484 * bsc#1228485 * bsc#1228487 * bsc#1228489 * bsc#1228491 * bsc#1228493 * bsc#1228494 * bsc#1228495 * bsc#1228496 * bsc#1228501 * bsc#1228503 * bsc#1228509 * bsc#1228513 * bsc#1228515 * bsc#1228516 * bsc#1228526 * bsc#1228531 * bsc#1228563 * bsc#1228564 * bsc#1228567 * bsc#1228576 * bsc#1228579 * bsc#1228584 * bsc#1228588 * bsc#1228590 * bsc#1228615 * bsc#1228616 * bsc#1228635 * bsc#1228636 * bsc#1228654 * bsc#1228656 * bsc#1228658 * bsc#1228660 * bsc#1228662 * bsc#1228667 * bsc#1228673 * bsc#1228677 * bsc#1228687 * bsc#1228706 * bsc#1228708 * bsc#1228710 * bsc#1228718 * bsc#1228720 * bsc#1228721 * bsc#1228722 * bsc#1228724 * bsc#1228726 * bsc#1228727 * bsc#1228733 * bsc#1228748 * bsc#1228766 * bsc#1228779 * bsc#1228801 * bsc#1228850 * bsc#1228857 * bsc#1228959 * bsc#1228964 * bsc#1228966 * bsc#1228967 * bsc#1228979 * bsc#1228988 * bsc#1228989 * bsc#1228991 * bsc#1228992 * bsc#1229042 * bsc#1229054 * bsc#1229086 * bsc#1229136 * bsc#1229154 * bsc#1229187 * bsc#1229188 * bsc#1229190 * bsc#1229287 * bsc#1229290 * bsc#1229292 * bsc#1229296 * bsc#1229297 * bsc#1229301 * bsc#1229303 * bsc#1229304 * bsc#1229305 * bsc#1229307 * bsc#1229309 * bsc#1229312 * bsc#1229314 * bsc#1229315 * bsc#1229317 * bsc#1229318 * bsc#1229319 * bsc#1229327 * bsc#1229341 * bsc#1229345 * bsc#1229346 * bsc#1229347 * bsc#1229349 * bsc#1229350 * bsc#1229351 * bsc#1229354 * bsc#1229356 * bsc#1229357 * bsc#1229358 * bsc#1229359 * bsc#1229360 * bsc#1229366 * bsc#1229370 * bsc#1229373 * bsc#1229374 * bsc#1229381 * bsc#1229382 * bsc#1229383 * bsc#1229386 * bsc#1229388 * bsc#1229391 * bsc#1229392 * bsc#1229395 * bsc#1229398 * bsc#1229399 * bsc#1229400 * bsc#1229407 * bsc#1229409 * bsc#1229410 * bsc#1229411 * bsc#1229413 * bsc#1229414 * bsc#1229417 * bsc#1229418 * bsc#1229444 * bsc#1229453 * bsc#1229454 * bsc#1229481 * bsc#1229482 * bsc#1229488 * bsc#1229489 * bsc#1229490 * bsc#1229493 * bsc#1229495 * bsc#1229497 * bsc#1229500 * bsc#1229503 * bsc#1229506 * bsc#1229507 * bsc#1229508 * bsc#1229509 * bsc#1229510 * bsc#1229512 * bsc#1229516 * bsc#1229521 * bsc#1229522 * bsc#1229523 * bsc#1229524 * bsc#1229525 * bsc#1229526 * bsc#1229527 * bsc#1229528 * bsc#1229529 * bsc#1229531 * bsc#1229533 * bsc#1229535 * bsc#1229536 * bsc#1229537 * bsc#1229540 * bsc#1229544 * bsc#1229545 * bsc#1229546 * bsc#1229547 * bsc#1229548 * bsc#1229554 * bsc#1229557 * bsc#1229558 * bsc#1229559 * bsc#1229560 * bsc#1229562 * bsc#1229564 * bsc#1229565 * bsc#1229566 * bsc#1229568 * bsc#1229569 * bsc#1229572 * bsc#1229573 * bsc#1229576 * bsc#1229581 * bsc#1229588 * bsc#1229598 * bsc#1229603 * bsc#1229604 * bsc#1229605 * bsc#1229608 * bsc#1229611 * bsc#1229612 * bsc#1229613 * bsc#1229614 * bsc#1229615 * bsc#1229616 * bsc#1229617 * bsc#1229620 * bsc#1229622 * bsc#1229623 * bsc#1229624 * bsc#1229625 * bsc#1229626 * bsc#1229628 * bsc#1229629 * bsc#1229630 * bsc#1229631 * bsc#1229632 * bsc#1229635 * bsc#1229636 * bsc#1229637 * bsc#1229638 * bsc#1229639 * bsc#1229641 * bsc#1229642 * bsc#1229643 * bsc#1229645 * bsc#1229657 * bsc#1229658 * bsc#1229662 * bsc#1229664 * bsc#1229707 * bsc#1229739 * bsc#1229743 * bsc#1229746 * bsc#1229754 * bsc#1229755 * bsc#1229756 * bsc#1229759 * bsc#1229761 * bsc#1229767 * bsc#1229768 * bsc#1229781 * bsc#1229784 * bsc#1229787 * bsc#1229788 * bsc#1229789 * bsc#1229792 * bsc#1229820 * jsc#PED-8491 * jsc#PED-8779 Cross-References: * CVE-2021-4441 * CVE-2021-47106 * CVE-2021-47517 * CVE-2021-47546 * CVE-2022-38457 * CVE-2022-40133 * CVE-2022-48645 * CVE-2022-48706 * CVE-2022-48808 * CVE-2022-48865 * CVE-2022-48868 * CVE-2022-48869 * CVE-2022-48870 * CVE-2022-48871 * CVE-2022-48872 * CVE-2022-48873 * CVE-2022-48875 * CVE-2022-48878 * CVE-2022-48880 * CVE-2022-48881 * CVE-2022-48882 * CVE-2022-48883 * CVE-2022-48884 * CVE-2022-48885 * CVE-2022-48886 * CVE-2022-48887 * CVE-2022-48888 * CVE-2022-48889 * CVE-2022-48890 * CVE-2022-48891 * CVE-2022-48893 * CVE-2022-48896 * CVE-2022-48898 * CVE-2022-48899 * CVE-2022-48903 * CVE-2022-48904 * CVE-2022-48905 * CVE-2022-48906 * CVE-2022-48907 * CVE-2022-48909 * CVE-2022-48910 * CVE-2022-48912 * CVE-2022-48913 * CVE-2022-48914 * CVE-2022-48915 * CVE-2022-48916 * CVE-2022-48917 * CVE-2022-48918 * CVE-2022-48919 * CVE-2022-48920 * CVE-2022-48921 * CVE-2022-48923 * CVE-2022-48924 * CVE-2022-48925 * CVE-2022-48926 * CVE-2022-48927 * CVE-2022-48928 * CVE-2022-48929 * CVE-2022-48930 * CVE-2022-48931 * CVE-2022-48932 * CVE-2022-48934 * CVE-2022-48937 * CVE-2022-48938 * CVE-2022-48939 * CVE-2022-48940 * CVE-2022-48941 * CVE-2022-48942 * CVE-2022-48943 * CVE-2023-3610 * CVE-2023-52458 * CVE-2023-52489 * CVE-2023-52498 * CVE-2023-52581 * CVE-2023-52859 * CVE-2023-52887 * CVE-2023-52889 * CVE-2023-52893 * CVE-2023-52894 * CVE-2023-52896 * CVE-2023-52898 * CVE-2023-52899 * CVE-2023-52900 * CVE-2023-52901 * CVE-2023-52904 * CVE-2023-52905 * CVE-2023-52906 * CVE-2023-52907 * CVE-2023-52908 * CVE-2023-52909 * CVE-2023-52910 * CVE-2023-52911 * CVE-2023-52912 * CVE-2023-52913 * CVE-2024-26631 * CVE-2024-26668 * CVE-2024-26669 * CVE-2024-26677 * CVE-2024-26735 * CVE-2024-26808 * CVE-2024-26812 * CVE-2024-26835 * CVE-2024-26851 * CVE-2024-27010 * CVE-2024-27011 * CVE-2024-27016 * CVE-2024-27024 * CVE-2024-27079 * CVE-2024-27403 * CVE-2024-31076 * CVE-2024-35897 * CVE-2024-35902 * CVE-2024-35945 * CVE-2024-35971 * CVE-2024-36009 * CVE-2024-36013 * CVE-2024-36270 * CVE-2024-36286 * CVE-2024-36489 * CVE-2024-36929 * CVE-2024-36933 * CVE-2024-36936 * CVE-2024-36962 * CVE-2024-38554 * CVE-2024-38602 * CVE-2024-38662 * CVE-2024-39489 * CVE-2024-40905 * CVE-2024-40978 * CVE-2024-40980 * CVE-2024-40995 * CVE-2024-41000 * CVE-2024-41007 * CVE-2024-41009 * CVE-2024-41011 * CVE-2024-41016 * CVE-2024-41020 * CVE-2024-41022 * CVE-2024-41035 * CVE-2024-41036 * CVE-2024-41038 * CVE-2024-41039 * CVE-2024-41042 * CVE-2024-41045 * CVE-2024-41056 * CVE-2024-41060 * CVE-2024-41062 * CVE-2024-41065 * CVE-2024-41068 * CVE-2024-41073 * CVE-2024-41079 * CVE-2024-41080 * CVE-2024-41087 * CVE-2024-41088 * CVE-2024-41089 * CVE-2024-41092 * CVE-2024-41093 * CVE-2024-41095 * CVE-2024-41097 * CVE-2024-41098 * CVE-2024-42069 * CVE-2024-42074 * CVE-2024-42076 * CVE-2024-42077 * CVE-2024-42080 * CVE-2024-42082 * CVE-2024-42085 * CVE-2024-42086 * CVE-2024-42087 * CVE-2024-42089 * CVE-2024-42090 * CVE-2024-42092 * CVE-2024-42095 * CVE-2024-42097 * CVE-2024-42098 * CVE-2024-42101 * CVE-2024-42104 * CVE-2024-42106 * CVE-2024-42107 * CVE-2024-42110 * CVE-2024-42114 * CVE-2024-42115 * CVE-2024-42119 * CVE-2024-42120 * CVE-2024-42121 * CVE-2024-42126 * CVE-2024-42127 * CVE-2024-42130 * CVE-2024-42137 * CVE-2024-42139 * CVE-2024-42142 * CVE-2024-42143 * CVE-2024-42148 * CVE-2024-42152 * CVE-2024-42155 * CVE-2024-42156 * CVE-2024-42157 * CVE-2024-42158 * CVE-2024-42162 * CVE-2024-42223 * CVE-2024-42225 * CVE-2024-42228 * CVE-2024-42229 * CVE-2024-42230 * CVE-2024-42232 * CVE-2024-42236 * CVE-2024-42237 * CVE-2024-42238 * CVE-2024-42239 * CVE-2024-42240 * CVE-2024-42244 * CVE-2024-42246 * CVE-2024-42247 * CVE-2024-42268 * CVE-2024-42271 * CVE-2024-42274 * CVE-2024-42276 * CVE-2024-42277 * CVE-2024-42280 * CVE-2024-42281 * CVE-2024-42283 * CVE-2024-42284 * CVE-2024-42285 * CVE-2024-42286 * CVE-2024-42287 * CVE-2024-42288 * CVE-2024-42289 * CVE-2024-42291 * CVE-2024-42292 * CVE-2024-42295 * CVE-2024-42301 * CVE-2024-42302 * CVE-2024-42308 * CVE-2024-42309 * CVE-2024-42310 * CVE-2024-42311 * CVE-2024-42312 * CVE-2024-42313 * CVE-2024-42315 * CVE-2024-42318 * CVE-2024-42319 * CVE-2024-42320 * CVE-2024-42322 * CVE-2024-43816 * CVE-2024-43818 * CVE-2024-43819 * CVE-2024-43821 * CVE-2024-43823 * CVE-2024-43829 * CVE-2024-43830 * CVE-2024-43831 * CVE-2024-43834 * CVE-2024-43837 * CVE-2024-43839 * CVE-2024-43841 * CVE-2024-43842 * CVE-2024-43846 * CVE-2024-43849 * CVE-2024-43853 * CVE-2024-43854 * CVE-2024-43856 * CVE-2024-43858 * CVE-2024-43860 * CVE-2024-43861 * CVE-2024-43863 * CVE-2024-43866 * CVE-2024-43867 * CVE-2024-43871 * CVE-2024-43872 * CVE-2024-43873 * CVE-2024-43879 * CVE-2024-43880 * CVE-2024-43882 * CVE-2024-43883 * CVE-2024-43884 * CVE-2024-43889 * CVE-2024-43892 * CVE-2024-43893 * CVE-2024-43894 * CVE-2024-43895 * CVE-2024-43899 * CVE-2024-43900 * CVE-2024-43902 * CVE-2024-43903 * CVE-2024-43904 * CVE-2024-43905 * CVE-2024-43907 * CVE-2024-43908 * CVE-2024-43909 * CVE-2024-44938 * CVE-2024-44939 * CVE-2024-44947 CVSS scores: * CVE-2021-4441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47106 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47546 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47546 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-38457 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-38457 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H * CVE-2022-40133 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-40133 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H * CVE-2022-48645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48706 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48808 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48808 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48865 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48868 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48868 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48869 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48869 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48870 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48870 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2022-48871 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48872 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48872 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48873 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48873 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48875 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48875 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48878 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48878 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48878 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48880 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48880 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48881 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48881 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48881 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48882 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48882 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48882 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48883 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48883 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48884 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48884 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48885 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48885 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48885 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48886 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48887 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48887 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48888 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48888 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48889 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48890 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48890 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48891 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48891 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48904 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48905 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48906 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48907 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48909 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48910 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48912 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48912 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48913 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48914 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48915 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48916 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48918 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48918 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48919 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48919 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48919 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48921 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48923 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48923 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48924 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48926 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48926 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48927 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48927 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48928 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48928 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48929 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48931 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48932 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48932 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48934 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48934 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48937 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48937 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48938 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48938 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48939 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48940 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48940 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48941 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48942 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48942 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48943 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48943 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3610 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52458 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52458 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52489 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52498 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52581 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52859 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52887 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2023-52887 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2023-52889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52889 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52894 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52894 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52898 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52898 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52899 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52900 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52900 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52908 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52909 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52910 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52912 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52912 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26669 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26677 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26735 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26808 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26812 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26835 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-26851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27010 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27024 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-27079 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27403 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-31076 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35897 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35945 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35971 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36270 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36286 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-36489 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36929 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36933 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-36936 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-36962 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38554 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38554 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38602 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38662 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38662 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-39489 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-39489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40978 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40980 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40980 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40995 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40995 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41000 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41000 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41007 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41007 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41009 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41011 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41011 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-41020 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41020 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41022 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41022 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41035 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41036 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41038 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2024-41038 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41039 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2024-41042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41045 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41060 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41065 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41065 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41068 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41073 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41079 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41080 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41087 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41088 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41088 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41089 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41089 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41092 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41092 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41093 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41093 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41095 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41097 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41097 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41098 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42069 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42069 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42074 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42076 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42076 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42080 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42082 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42085 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42085 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42086 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42086 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-42087 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-42089 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42092 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42097 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-42097 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-42098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42101 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42101 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42104 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42104 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-42104 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42107 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42114 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42114 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42115 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42115 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42121 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42126 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42127 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42130 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42130 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42137 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42139 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42142 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42143 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42143 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2024-42148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42148 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42152 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42152 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42155 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42155 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42155 ( NVD ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N * CVE-2024-42156 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42156 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42157 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42158 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42158 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42162 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42223 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42223 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42225 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42225 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42228 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42228 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42229 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42229 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42230 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42230 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42230 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42236 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-42236 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-42236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42237 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42238 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42238 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42239 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42239 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42240 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42244 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42244 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42244 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42246 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42247 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42247 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42268 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-42268 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42271 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42271 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42274 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42274 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42276 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42276 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42277 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42277 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42281 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42283 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42283 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42284 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42284 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42285 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42285 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42286 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42288 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42289 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42291 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42292 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42295 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42301 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42301 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42302 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42308 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42309 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42309 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42310 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42310 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42311 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-42311 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42312 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42313 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42315 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42320 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42322 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43818 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43818 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43819 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43821 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43821 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43823 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43823 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43829 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43830 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43831 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43834 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43837 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43837 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43841 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43842 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43846 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43856 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43858 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43858 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43860 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43860 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43863 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43866 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43867 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43871 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43872 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43873 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43873 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43880 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43883 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43883 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43884 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43884 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43889 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43889 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43889 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43892 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43892 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43892 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43893 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43894 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43894 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43895 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43895 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43899 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43900 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43900 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43902 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43902 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43902 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43903 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43904 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43904 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43905 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43907 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43908 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43908 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43908 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43909 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43909 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44938 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-44938 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44939 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.5 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 292 vulnerabilities, contains two features and has 45 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454). * CVE-2024-36936: Touch soft lockup during memory accept (bsc#1225773). * CVE-2022-48706: Do proper cleanup if IFCVF init fails (bsc#1225524). * CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707). * CVE-2024-41062: Sync sock recv cb and release (bsc#1228576). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500). * CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326). * CVE-2024-43893: Check uartclk for zero to avoid divide by zero (bsc#1229759). * CVE-2024-43821: Fix a possible null pointer dereference (bsc#1229315). * CVE-2024-43900: Avoid use-after-free in load_firmware_cb() (bsc#1229756). * CVE-2024-44938: Fix shift-out-of-bounds in dbDiscardAG (bsc#1229792). * CVE-2024-44939: fix null ptr deref in dtInsertEntry (bsc#1229820). * CVE-2024-41087: Fix double free on error (CVE-2024-41087,bsc#1228466). * CVE-2024-42277: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409). * CVE-2024-43902: Add null checker before passing variables (bsc#1229767). * CVE-2024-43904: Add null checks for 'stream' and 'plane' before dereferencing (bsc#1229768) * CVE-2024-43880: Put back removed metod in struct objagg_ops (bsc#1229481). * CVE-2024-43884: Add error handling to pair_device() (bsc#1229739) * CVE-2024-43899: Fix null pointer deref in dcn20_resource.c (bsc#1229754). * CVE-2022-48920: Get rid of warning on transaction commit when using flushoncommit (bsc#1229658). * CVE-2023-52906: Fix warning during failed attribute validation (bsc#1229527). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) * CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495). * CVE-2024-26812: Struct virqfd kABI workaround (bsc#1222808). * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641) * CVE-2024-27010: Fix mirred deadlock on device recursion (bsc#1223720). * CVE-2022-48906: Correctly set DATA_FIN timeout when number of retransmits is large (bsc#1229605) * CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733). * CVE-2024-42156: Wipe copies of clear-key structures on failure (bsc#1228722). * CVE-2023-52899: Add exception protection processing for vd in axi_chan_handle_err function (bsc#1229569). * CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720). * CVE-2024-26631: Fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630). * CVE-2024-43873: Always initialize seqpacket_allow (bsc#1229488) * CVE-2024-40905: Fix possible race in __fib6_drop_pcpu_from() (bsc#1227761) * CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623) * CVE-2021-47106: Fix use-after-free in nft_set_catchall_destroy() (bsc#1220962) * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225428). * CVE-2024-36489: Fix missing memory barrier in tls_init (bsc#1226874) * CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427). * CVE-2024-27079: Fix NULL domain on device release (bsc#1223742). * CVE-2024-35897: Discard table flag update with pending basechain deletion (bsc#1224510). * CVE-2024-27403: Restore const specifier in flow_offload_route_init() (bsc#1224415). * CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803). * CVE-2024-43819: Reject memory region operations for ucontrol VMs (bsc#1229290 git-fixes). * CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335). * CVE-2024-26835: Set dormant flag on hook register failure (bsc#1222967). * CVE-2024-26808: Handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634). * CVE-2024-27016: Validate pppoe header (bsc#1223807). * CVE-2024-35945: Prevent nullptr exceptions on ISR (bsc#1224639). * CVE-2023-52581: Fix memleak when more than 255 elements expired (bsc#1220877). * CVE-2024-36013: Fix slab-use-after-free in l2cap_connect() (bsc#1225578). * CVE-2024-43837: Fix updating attached freplace prog in prog_array map (bsc#1229297). * CVE-2024-42291: Add a per-VF limit on number of FDIR filters (bsc#1229374). * CVE-2024-42268: Fix missing lock on sync reset reload (bsc#1229391). * CVE-2024-43834: Fix invalid wait context of page_pool_destroy() (bsc#1229314) * CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801) * CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074) * CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727 CVE-2024-42157 git-fixes). * CVE-2024-26677: Blacklist e7870cf13d20 ("rxrpc: Fix delayed ACKs to not set the reference serial number") (bsc#1222387) * CVE-2024-36009: Blacklist 467324bcfe1a ("ax25: Fix netdev refcount issue") (bsc#1224542) * CVE-2023-52859: Fix use-after-free when register pmu fails (bsc#1225582). * CVE-2024-42280: Fix a use after free in hfcmulti_tx() (bsc#1229388) * CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382) * CVE-2024-42283: Initialize all fields in dumped nexthops (bsc#1229383) * CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357) * CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345) * CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347) * CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407). * CVE-2024-42318: Do not lose track of restrictions on cred_transfer (bsc#1229351). * CVE-2024-26669: Fix chain template offload (bsc#1222350). * CVE-2023-52889: Fix null pointer deref when receiving skb during sock creation (bsc#1229287,). * CVE-2022-48645: Move enetc_set_psfp() out of the common enetc_set_features() (bsc#1223508). * CVE-2024-41007: Use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863). * CVE-2024-36933: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832). * CVE-2024-42295: Handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370). * CVE-2024-42319: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (bsc#1229350). * CVE-2024-43860: Skip over memory region when node value is NULL (bsc#1229319). * CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309). * CVE-2024-43849: Protect locator_addr with the main mutex (bsc#1229307). * CVE-2024-43841: Do not use strlen() in const context (bsc#1229304). * CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301). * CVE-2024-41088: Fix infinite loop when xmit fails (bsc#1228469). * CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386). * CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400) * CVE-2024-41080: Fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616). * CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989). * CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959) * CVE-2024-26735: Fix possible use-after-free and null-ptr-deref (bsc#1222372). * CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493). * CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885). * CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501). * CVE-2024-42247: Avoid unaligned 64-bit memory accesses (bsc#1228988). * CVE-2022-48865: Fix kernel panic when enabling bearer (bsc#1228065). * CVE-2023-52498: Fix possible deadlocks in core system-wide PM code (bsc#1221269). * CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579). * CVE-2022-48808: Fix panic when DSA master device unbinds on shutdown (bsc#1227958). * CVE-2024-42095: Fix Errata i2310 with RX FIFO level check (bsc#1228446). * CVE-2024-40978: Fix crash while reading debugfs attribute (bsc#1227929). * CVE-2024-42107: Do not process extts if PTP is disabled (bsc#1228494). * CVE-2024-42139: Fix improper extts handling (bsc#1228503). * CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487). * CVE-2024-42142: E-switch, Create ingress ACL when needed (bsc#1228491). * CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706). * CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482). * CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526). * CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213580). * CVE-2024-42228: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (bsc#1228667). * CVE-2024-40995: Fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830). * CVE-2024-38602: Merge repeat codes in ax25_dev_device_down() (git-fixes CVE-2024-38602 bsc#1226613). * CVE-2024-38554: Fix reference count leak issue of net_device (bsc#1226742). * CVE-2024-36929: Reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814). * CVE-2024-41009: Fix overrunning reservations in ringbuf (bsc#1228020). * CVE-2024-27024: Fix WARNING in rds_conn_connect_if_down (bsc#1223777). The following non-security bugs were fixed: * ACPI: bus: Indicate support for IRQ ResourceSource thru _OSC (git-fixes). * ACPI: bus: Indicate support for the Generic Event Device thru _OSC (git- fixes). * ACPI: bus: Rework system-level device notification handling (git-fixes). * ACPI: thermal: Drop nocrt parameter (git-fixes). * ACPI: x86: s2idle: Post-increment variables when getting constraints (git- fixes). * afs: Do not cross .backup mountpoint from backup volume (git-fixes). * ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable- fixes). * ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes). * ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes). * ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (git- fixes). * ALSA: line6: Fix racy access to midibuf (stable-fixes). * ALSA: timer: Relax start tick time check for slave timer elements (git- fixes). * ALSA: usb-audio: Add delay quirk for VIVO USB-C-XE710 HEADSET (stable- fixes). * ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes). * ALSA: usb-audio: Support Yamaha P-125 quirk entry (stable-fixes). * ALSA: usb: Fix UBSAN warning in parse_audio_unit() (stable-fixes). * arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git- fixes) * arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git- fixes) * arm64: Add Neoverse-V2 part (git-fixes) * arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git- fixes) * arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git- fixes) * arm64: barrier: Restore spec_bar() macro (git-fixes) * arm64: cpufeature: Add missing .field_width for GIC system registers (git- fixes) * arm64: cpufeature: Fix the visibility of compat hwcaps (git-fixes) * arm64: cpufeature: Force HWCAP to be based on the sysreg visible to (git- fixes) * arm64: cputype: Add Cortex-A720 definitions (git-fixes) * arm64: cputype: Add Cortex-A725 definitions (git-fixes) * arm64: cputype: Add Cortex-X1C definitions (git-fixes) * arm64: cputype: Add Cortex-X3 definitions (git-fixes) * arm64: cputype: Add Cortex-X4 definitions (git-fixes) * arm64: cputype: Add Cortex-X925 definitions (git-fixes) * arm64: cputype: Add Neoverse-V3 definitions (git-fixes) * arm64: dts: rockchip: Increase VOP clk rate on RK3328 (git-fixes) * arm64: dts: rockchip: Increase VOP clk rate on RK3328 (git-fixes) * arm64: errata: Add workaround for Arm errata 3194386 and 3312417 (git-fixes) * arm64: errata: Expand speculative SSBS workaround (again) (git-fixes) * arm64: errata: Expand speculative SSBS workaround (git-fixes) * arm64: errata: Unify speculative SSBS errata logic (git-fixes) Also update default configuration. * arm64: Fix KASAN random tag seed initialization (git-fixes) * arm64: Fix KASAN random tag seed initialization (git-fixes) * ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes). * ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes). * async: Introduce async_schedule_dev_nocall() (bsc#1221269). * async: Split async_schedule_node_domain() (bsc#1221269). * Bluetooth: Fix usage of __hci_cmd_sync_status (git-fixes). * Bluetooth: hci_core: Fix not handling hibernation actions (git-fixes). * Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() (git- fixes). * Bluetooth: L2CAP: Fix deadlock (git-fixes). * bpf: Fix a kernel verifier crash in stacksafe() (bsc#1225903). * bpf: kprobe: remove unused declaring of bpf_kprobe_override (git-fixes). * btrfs: fix leak of qgroup extent records after transaction abort (git- fixes). * btrfs: make btrfs_destroy_delayed_refs() return void (git-fixes). * btrfs: remove unnecessary prototype declarations at disk-io.c (git-fixes). * btrfs: sysfs: update fs features directory asynchronously (bsc#1226168). * cachefiles: propagate errors from vfs_getxattr() to avoid infinite loop (bsc#1229418). * ceph: issue a cap release immediately if no cap exists (bsc#1225162). * ceph: periodically flush the cap releases (bsc#1225162). * cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). * cpuidle, ACPI: Evaluate LPI arch_flags for broadcast timer (git-fixes). * docs: KVM: Fix register ID of SPSR_FIQ (git-fixes). * drm: add missing MODULE_DESCRIPTION() macros (stable-fixes). * drm: panel-orientation-quirks: Add labels for both Valve Steam Deck revisions (stable-fixes). * drm: panel-orientation-quirks: Add quirk for Aya Neo KUN (stable-fixes). * drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Tab 3 X90F (stable- fixes). * drm: panel-orientation-quirks: Add quirk for Nanote UMPC-01 (stable-fixes). * drm: panel-orientation-quirks: Add quirk for OrangePi Neo (stable-fixes). * drm/amd/amdgpu/imu_v11_0: Increase buffer size to ensure all possible values can be stored (stable-fixes). * drm/amd/display: Add NULL check for 'afb' before dereferencing in amdgpu_dm_plane_handle_cursor_update (stable-fixes). * drm/amd/display: avoid using null object of framebuffer (git-fixes). * drm/amd/display: Fix && vs || typos (git-fixes). * drm/amd/display: Skip Recompute DSC Params if no Stream on Link (stable- fixes). * drm/amd/display: Validate hw_points_num before using it (stable-fixes). * drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr (stable- fixes). * drm/amdgpu: Actually check flags for all context ops (stable-fixes). * drm/amdgpu: Add lock around VF RLCG interface (stable-fixes). * drm/amdgpu: fix dereference null return value for the function amdgpu_vm_pt_parent (stable-fixes). * drm/amdgpu: Fix the null pointer dereference to ras_manager (stable-fixes). * drm/amdgpu: Validate TA binary size (stable-fixes). * drm/amdgpu/jpeg2: properly set atomics vmid field (stable-fixes). * drm/amdgpu/pm: Fix the null pointer dereference for smu7 (stable-fixes). * drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules (stable-fixes). * drm/amdgpu/pm: Fix the param type of set_power_profile_mode (stable-fixes). * drm/bridge: analogix_dp: properly handle zero sized AUX transactions (stable-fixes). * drm/bridge: tc358768: Attempt to fix DSI horizontal timings (stable-fixes). * drm/client: fix null pointer dereference in drm_client_modeset_probe (git- fixes). * drm/dp_mst: Skip CSN if topology probing is not done yet (stable-fixes). * drm/lima: set gp bus_stop bit before hard reset (stable-fixes). * drm/msm/dp: reset the link phy params before link training (git-fixes). * drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (git-fixes). * drm/msm/dpu: do not play tricks with debug macros (git-fixes). * drm/tegra: Zero-initialize iosys_map (stable-fixes). * exfat: fix inode->i_blocks for non-512 byte sector size device (git-fixes). * exfat: fix potential deadlock on __exfat_get_dentry_set (git-fixes). * exfat: redefine DIR_DELETED as the bad cluster number (git-fixes). * exfat: support dynamic allocate bh for exfat_entry_set_cache (git-fixes). * fs/netfs/fscache_cookie: add missing "n_accesses" check (bsc#1229453). * fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454). * genirq: Add might_sleep() to disable_irq() (git-fixes). * genirq: Always limit the affinity to online CPUs (git-fixes). * genirq: Do not return error on missing optional irq_request_resources() (git-fixes). * genirq: Take the proposed affinity at face value if force==true (git-fixes). * genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (git- fixes). * genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (git- fixes). * genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask() (git- fixes). * genirq/irqdesc: Do not try to remove non-existing sysfs files (git-fixes). * genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() (git- fixes). * genirq/msi: Shutdown managed interrupts with unsatifiable affinities (git- fixes). * gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git- fixes). * hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (git-fixes). * i2c: smbus: Improve handling of stuck alerts (git-fixes). * i2c: smbus: Send alert notifications to all devices if source not found (git-fixes). * iommu/amd: Convert comma to semicolon (git-fixes). * ip6_tunnel: Fix broken GRO (bsc#1229444). * ipv6: sr: fix incorrect unregister order (git-fixes). * irqdomain: Drop bogus fwspec-mapping error handling (git-fixes). * irqdomain: Fix association race (git-fixes). * irqdomain: Fix disassociation race (git-fixes). * irqdomain: Fix domain registration race (git-fixes). * irqdomain: Fix mapping-creation race (git-fixes). * irqdomain: Fixed unbalanced fwnode get and put (git-fixes). * irqdomain: Look for existing mapping only once (git-fixes). * irqdomain: Refactor __irq_domain_alloc_irqs() (git-fixes). * irqdomain: Report irq number for NOMAP domains (git-fixes). * kprobes: Fix to check symbol prefixes correctly (git-fixes). * lockd: move from strlcpy with unused retval to strscpy (git-fixes). * memcg: protect concurrent access to mem_cgroup_idr (git-fixes). * mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes). * mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes). * mmc: dw_mmc: allow biu and ciu clocks to defer (git-fixes). * mmc: mmc_test: Fix NULL dereference on allocation failure (git-fixes). * net: ks8851: Fix another TX stall caused by wrong ISR flag handling (git- fixes). * net: ks8851: Fix deadlock with the SPI chip variant (git-fixes). * net: ks8851: Fix potential TX stall after interface reopen (git-fixes). * net: ks8851: Fix TX stall caused by TX buffer overrun (gix-fixes). * net: mana: Add support for page sizes other than 4KB on ARM64 (jsc#PED-8491 bsc#1226530). * net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154). * net: mana: Fix race of mana_hwc_post_rx_wqe and new hwc response (git- fixes). * net: mana: Fix RX buf alloc_size alignment and atomic op panic (bsc#1229086). * net: remove two BUG() from skb_checksum_help() (bsc#1229312). * net: usb: qmi_wwan: fix memory leak for not ip packets (git-fixes). * net/rds: fix possible cp null dereference (git-fixes). * net/sched: initialize noop_qdisc owner (git-fixes). * nfc: pn533: Add poll mod list filling check (git-fixes). * nfs: expose /proc/net/sunrpc/nfs in net namespaces (git-fixes). * nfs: make the rpc_stat per net namespace (git-fixes). * NFSD: add posix ACLs to struct nfsd_attrs (git-fixes). * NFSD: add security label to struct nfsd_attrs (git-fixes). * NFSD: fix regression with setting ACLs (git-fixes). * NFSD: Fix strncpy() fortify warning (git-fixes). * NFSD: Increase NFSD_MAX_OPS_PER_COMPOUND (git-fixes). * NFSD: introduce struct nfsd_attrs (git-fixes). * NFSD: move from strlcpy with unused retval to strscpy (git-fixes). * NFSD: Optimize DRC bucket pruning (git-fixes). * nfsd: return error if nfs4_setacl fails (git-fixes). * NFSD: set attributes when creating symlinks (git-fixes). * nfsd: use locks_inode_context helper (git-fixes). * nilfs2: Remove check for PageError (git-fixes). * nvme_core: scan namespaces asynchronously (bsc#1224105). * ocfs2: use coarse time for new created files (git-fixes). * padata: Fix possible divide-by-0 panic in padata_mt_helper() (git-fixes). * perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09 (git- fixes). * platform/x86/amd/hsmp: Add support for ACPI based probing (jsc#PED-8779). * platform/x86/amd/hsmp: Cache pci_dev in struct hsmp_socket (jsc#PED-8779). * platform/x86/amd/hsmp: Change devm_kzalloc() to devm_kcalloc() (jsc#PED-8779). * platform/x86/amd/hsmp: Check HSMP support on AMD family of processors (jsc#PED-8779). * platform/x86/amd/hsmp: Check num_sockets against MAX_AMD_SOCKETS (jsc#PED-8779). * platform/x86/amd/hsmp: Create static func to handle platdev (jsc#PED-8779). * platform/x86/amd/hsmp: Define a struct to hold mailbox regs (jsc#PED-8779). * platform/x86/amd/hsmp: Move dev from platdev to hsmp_socket (jsc#PED-8779). * platform/x86/amd/hsmp: Move hsmp_test to probe (jsc#PED-8779). * platform/x86/amd/hsmp: Non-ACPI support for AMD F1A_M00~0Fh (jsc#PED-8779). * platform/x86/amd/hsmp: Remove extra parenthesis and add a space (jsc#PED-8779). * platform/x86/amd/hsmp: Restructure sysfs group creation (jsc#PED-8779). * platform/x86/amd/hsmp: switch to use device_add_groups() (jsc#PED-8779). * power: supply: axp288_charger: Fix constant_charge_voltage writes (git- fixes). * power: supply: axp288_charger: Round constant_charge_voltage writes down (git-fixes). * powerpc: Fail build if using recordmcount with binutils v2.37 (bsc#1194869). * powerpc: Mark .opd section read-only (bsc#1194869). * powerpc: use generic version of arch_is_kernel_initmem_freed() (bsc#1194869). * powerpc: xor_vmx: Add '-mhard-float' to CFLAGS (bsc#1194869). * powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (bsc#1194869). * powerpc/io: Avoid clang null pointer arithmetic warnings (bsc#1194869). * powerpc/kexec_file: fix cpus node update to FDT (bsc#1194869). * powerpc/kexec: make the update_cpus_node() function public (bsc#1194869). * powerpc/kexec: split CONFIG_KEXEC_FILE and CONFIG_CRASH_DUMP (bsc#1194869). * powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp (bsc#1194869). * powerpc/pseries: Whitelist dtl slub object for copying to userspace (bsc#1194869). * powerpc/radix: Move some functions into #ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE (bsc#1194869). * powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). * powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#" (bsc#1194869). * RDMA/mana_ib: Use virtual address in dma regions for MRs (git-fixes). * RDMA/rxe: Fix incomplete state save in rxe_requester (git-fixes) * RDMA/rxe: Fix rxe_modify_srq (git-fixes) * RDMA/rxe: Move work queue code to subroutines (git-fixes) * s390/cpacf: get rid of register asm (git-fixes bsc#1227079 bsc#1229187). * s390/cpacf: Make use of invalid opcode produce a link error (git-fixes bsc#1227079). * s390/cpacf: Split and rework cpacf query functions (git-fixes bsc#1229187). * s390/dasd: fix error checks in dasd_copy_pair_store() (git-fixes bsc#1229190). * s390/dasd: fix error recovery leading to data corruption on ESE devices (git-fixes bsc#1229573). * s390/sclp: Prevent release of buffer in I/O (git-fixes bsc#1229572). * s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229188). * spi: spi-fsl-lpspi: Fix scldiv calculation (git-fixes). * RDMA/rxe: Handle zero length rdma (git-fixes) * sunrpc: add a struct rpc_stats arg to rpc_create_args (git-fixes). * SUNRPC: Fix a race to wake a sync task (git-fixes). * swiotlb: fix swiotlb_bounce() to do partial sync's correctly (git-fixes). * syscalls: fix compat_sys_io_pgetevents_time64 usage (git-fixes). * tracing: Return from tracing_buffers_read() if the file has been closed (bsc#1229136 git-fixes). * ubifs: add check for crypto_shash_tfm_digest (git-fixes). * ubifs: dbg_orphan_check: Fix missed key type checking (git-fixes). * ubifs: Fix adding orphan entry twice for the same inode (git-fixes). * ubifs: Fix unattached xattr inode if powercut happens after deleting (git- fixes). * vfio/pci: fix potential memory leak in vfio_intx_enable() (git-fixes). * wifi: iwlwifi: fw: fix wgds rev 3 exact size (git-fixes). * wifi: mwifiex: duplicate static structs used in driver instances (git- fixes). * x86/APM: drop the duplicate APM_MINOR_DEV macro (git-fixes). * x86/insn: Fix PUSH instruction in x86 instruction decoder opcode map (git- fixes). * x86/mm: Fix pti_clone_entry_text() for i386 (git-fixes). * x86/mtrr: Check if fixed MTRRs exist before saving them (git-fixes). * x86/pm: Work around false positive kmemleak report in msr_build_context() (git-fixes). * xfs: Fix missing interval for missing_owner in xfs fsmap (git-fixes). * xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes). * xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code (git-fixes). * xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration (git-fixes). * xprtrdma: Fix rpcrdma_reqs_reset() (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3190=1 openSUSE-SLE-15.5-2024-3190=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-3190=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64) * dlm-kmp-azure-5.14.21-150500.33.66.1 * kernel-azure-extra-5.14.21-150500.33.66.1 * kernel-azure-optional-5.14.21-150500.33.66.1 * kernel-azure-devel-debuginfo-5.14.21-150500.33.66.1 * kernel-azure-devel-5.14.21-150500.33.66.1 * reiserfs-kmp-azure-5.14.21-150500.33.66.1 * kernel-azure-extra-debuginfo-5.14.21-150500.33.66.1 * cluster-md-kmp-azure-debuginfo-5.14.21-150500.33.66.1 * reiserfs-kmp-azure-debuginfo-5.14.21-150500.33.66.1 * kernel-azure-debuginfo-5.14.21-150500.33.66.1 * kselftests-kmp-azure-5.14.21-150500.33.66.1 * kernel-azure-livepatch-devel-5.14.21-150500.33.66.1 * cluster-md-kmp-azure-5.14.21-150500.33.66.1 * kernel-syms-azure-5.14.21-150500.33.66.1 * gfs2-kmp-azure-debuginfo-5.14.21-150500.33.66.1 * dlm-kmp-azure-debuginfo-5.14.21-150500.33.66.1 * kselftests-kmp-azure-debuginfo-5.14.21-150500.33.66.1 * ocfs2-kmp-azure-5.14.21-150500.33.66.1 * kernel-azure-debugsource-5.14.21-150500.33.66.1 * kernel-azure-optional-debuginfo-5.14.21-150500.33.66.1 * ocfs2-kmp-azure-debuginfo-5.14.21-150500.33.66.1 * gfs2-kmp-azure-5.14.21-150500.33.66.1 * openSUSE Leap 15.5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.66.1 * openSUSE Leap 15.5 (x86_64) * kernel-azure-vdso-5.14.21-150500.33.66.1 * kernel-azure-vdso-debuginfo-5.14.21-150500.33.66.1 * openSUSE Leap 15.5 (noarch) * kernel-source-azure-5.14.21-150500.33.66.1 * kernel-devel-azure-5.14.21-150500.33.66.1 * Public Cloud Module 15-SP5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.66.1 * Public Cloud Module 15-SP5 (aarch64 x86_64) * kernel-azure-debuginfo-5.14.21-150500.33.66.1 * kernel-syms-azure-5.14.21-150500.33.66.1 * kernel-azure-debugsource-5.14.21-150500.33.66.1 * kernel-azure-devel-debuginfo-5.14.21-150500.33.66.1 * kernel-azure-devel-5.14.21-150500.33.66.1 * Public Cloud Module 15-SP5 (noarch) * kernel-source-azure-5.14.21-150500.33.66.1 * kernel-devel-azure-5.14.21-150500.33.66.1 ## References: * https://www.suse.com/security/cve/CVE-2021-4441.html * https://www.suse.com/security/cve/CVE-2021-47106.html * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47546.html * https://www.suse.com/security/cve/CVE-2022-38457.html * https://www.suse.com/security/cve/CVE-2022-40133.html * https://www.suse.com/security/cve/CVE-2022-48645.html * https://www.suse.com/security/cve/CVE-2022-48706.html * https://www.suse.com/security/cve/CVE-2022-48808.html * https://www.suse.com/security/cve/CVE-2022-48865.html * https://www.suse.com/security/cve/CVE-2022-48868.html * https://www.suse.com/security/cve/CVE-2022-48869.html * https://www.suse.com/security/cve/CVE-2022-48870.html * https://www.suse.com/security/cve/CVE-2022-48871.html * https://www.suse.com/security/cve/CVE-2022-48872.html * https://www.suse.com/security/cve/CVE-2022-48873.html * https://www.suse.com/security/cve/CVE-2022-48875.html * https://www.suse.com/security/cve/CVE-2022-48878.html * https://www.suse.com/security/cve/CVE-2022-48880.html * https://www.suse.com/security/cve/CVE-2022-48881.html * https://www.suse.com/security/cve/CVE-2022-48882.html * https://www.suse.com/security/cve/CVE-2022-48883.html * https://www.suse.com/security/cve/CVE-2022-48884.html * https://www.suse.com/security/cve/CVE-2022-48885.html * https://www.suse.com/security/cve/CVE-2022-48886.html * https://www.suse.com/security/cve/CVE-2022-48887.html * https://www.suse.com/security/cve/CVE-2022-48888.html * https://www.suse.com/security/cve/CVE-2022-48889.html * https://www.suse.com/security/cve/CVE-2022-48890.html * https://www.suse.com/security/cve/CVE-2022-48891.html * https://www.suse.com/security/cve/CVE-2022-48893.html * https://www.suse.com/security/cve/CVE-2022-48896.html * https://www.suse.com/security/cve/CVE-2022-48898.html * https://www.suse.com/security/cve/CVE-2022-48899.html * https://www.suse.com/security/cve/CVE-2022-48903.html * https://www.suse.com/security/cve/CVE-2022-48904.html * https://www.suse.com/security/cve/CVE-2022-48905.html * https://www.suse.com/security/cve/CVE-2022-48906.html * https://www.suse.com/security/cve/CVE-2022-48907.html * https://www.suse.com/security/cve/CVE-2022-48909.html * https://www.suse.com/security/cve/CVE-2022-48910.html * https://www.suse.com/security/cve/CVE-2022-48912.html * https://www.suse.com/security/cve/CVE-2022-48913.html * https://www.suse.com/security/cve/CVE-2022-48914.html * https://www.suse.com/security/cve/CVE-2022-48915.html * https://www.suse.com/security/cve/CVE-2022-48916.html * https://www.suse.com/security/cve/CVE-2022-48917.html * https://www.suse.com/security/cve/CVE-2022-48918.html * https://www.suse.com/security/cve/CVE-2022-48919.html * https://www.suse.com/security/cve/CVE-2022-48920.html * https://www.suse.com/security/cve/CVE-2022-48921.html * https://www.suse.com/security/cve/CVE-2022-48923.html * https://www.suse.com/security/cve/CVE-2022-48924.html * https://www.suse.com/security/cve/CVE-2022-48925.html * https://www.suse.com/security/cve/CVE-2022-48926.html * https://www.suse.com/security/cve/CVE-2022-48927.html * https://www.suse.com/security/cve/CVE-2022-48928.html * https://www.suse.com/security/cve/CVE-2022-48929.html * https://www.suse.com/security/cve/CVE-2022-48930.html * https://www.suse.com/security/cve/CVE-2022-48931.html * https://www.suse.com/security/cve/CVE-2022-48932.html * https://www.suse.com/security/cve/CVE-2022-48934.html * https://www.suse.com/security/cve/CVE-2022-48937.html * https://www.suse.com/security/cve/CVE-2022-48938.html * https://www.suse.com/security/cve/CVE-2022-48939.html * https://www.suse.com/security/cve/CVE-2022-48940.html * https://www.suse.com/security/cve/CVE-2022-48941.html * https://www.suse.com/security/cve/CVE-2022-48942.html * https://www.suse.com/security/cve/CVE-2022-48943.html * https://www.suse.com/security/cve/CVE-2023-3610.html * https://www.suse.com/security/cve/CVE-2023-52458.html * https://www.suse.com/security/cve/CVE-2023-52489.html * https://www.suse.com/security/cve/CVE-2023-52498.html * https://www.suse.com/security/cve/CVE-2023-52581.html * https://www.suse.com/security/cve/CVE-2023-52859.html * https://www.suse.com/security/cve/CVE-2023-52887.html * https://www.suse.com/security/cve/CVE-2023-52889.html * https://www.suse.com/security/cve/CVE-2023-52893.html * https://www.suse.com/security/cve/CVE-2023-52894.html * https://www.suse.com/security/cve/CVE-2023-52896.html * https://www.suse.com/security/cve/CVE-2023-52898.html * https://www.suse.com/security/cve/CVE-2023-52899.html * https://www.suse.com/security/cve/CVE-2023-52900.html * https://www.suse.com/security/cve/CVE-2023-52901.html * https://www.suse.com/security/cve/CVE-2023-52904.html * https://www.suse.com/security/cve/CVE-2023-52905.html * https://www.suse.com/security/cve/CVE-2023-52906.html * https://www.suse.com/security/cve/CVE-2023-52907.html * https://www.suse.com/security/cve/CVE-2023-52908.html * https://www.suse.com/security/cve/CVE-2023-52909.html * https://www.suse.com/security/cve/CVE-2023-52910.html * https://www.suse.com/security/cve/CVE-2023-52911.html * https://www.suse.com/security/cve/CVE-2023-52912.html * https://www.suse.com/security/cve/CVE-2023-52913.html * https://www.suse.com/security/cve/CVE-2024-26631.html * https://www.suse.com/security/cve/CVE-2024-26668.html * https://www.suse.com/security/cve/CVE-2024-26669.html * https://www.suse.com/security/cve/CVE-2024-26677.html * https://www.suse.com/security/cve/CVE-2024-26735.html * https://www.suse.com/security/cve/CVE-2024-26808.html * https://www.suse.com/security/cve/CVE-2024-26812.html * https://www.suse.com/security/cve/CVE-2024-26835.html * https://www.suse.com/security/cve/CVE-2024-26851.html * https://www.suse.com/security/cve/CVE-2024-27010.html * https://www.suse.com/security/cve/CVE-2024-27011.html * https://www.suse.com/security/cve/CVE-2024-27016.html * https://www.suse.com/security/cve/CVE-2024-27024.html * https://www.suse.com/security/cve/CVE-2024-27079.html * https://www.suse.com/security/cve/CVE-2024-27403.html * https://www.suse.com/security/cve/CVE-2024-31076.html * https://www.suse.com/security/cve/CVE-2024-35897.html * https://www.suse.com/security/cve/CVE-2024-35902.html * https://www.suse.com/security/cve/CVE-2024-35945.html * https://www.suse.com/security/cve/CVE-2024-35971.html * https://www.suse.com/security/cve/CVE-2024-36009.html * https://www.suse.com/security/cve/CVE-2024-36013.html * https://www.suse.com/security/cve/CVE-2024-36270.html * https://www.suse.com/security/cve/CVE-2024-36286.html * https://www.suse.com/security/cve/CVE-2024-36489.html * https://www.suse.com/security/cve/CVE-2024-36929.html * https://www.suse.com/security/cve/CVE-2024-36933.html * https://www.suse.com/security/cve/CVE-2024-36936.html * https://www.suse.com/security/cve/CVE-2024-36962.html * https://www.suse.com/security/cve/CVE-2024-38554.html * https://www.suse.com/security/cve/CVE-2024-38602.html * https://www.suse.com/security/cve/CVE-2024-38662.html * https://www.suse.com/security/cve/CVE-2024-39489.html * https://www.suse.com/security/cve/CVE-2024-40905.html * https://www.suse.com/security/cve/CVE-2024-40978.html * https://www.suse.com/security/cve/CVE-2024-40980.html * https://www.suse.com/security/cve/CVE-2024-40995.html * https://www.suse.com/security/cve/CVE-2024-41000.html * https://www.suse.com/security/cve/CVE-2024-41007.html * https://www.suse.com/security/cve/CVE-2024-41009.html * https://www.suse.com/security/cve/CVE-2024-41011.html * https://www.suse.com/security/cve/CVE-2024-41016.html * https://www.suse.com/security/cve/CVE-2024-41020.html * https://www.suse.com/security/cve/CVE-2024-41022.html * https://www.suse.com/security/cve/CVE-2024-41035.html * https://www.suse.com/security/cve/CVE-2024-41036.html * https://www.suse.com/security/cve/CVE-2024-41038.html * https://www.suse.com/security/cve/CVE-2024-41039.html * https://www.suse.com/security/cve/CVE-2024-41042.html * https://www.suse.com/security/cve/CVE-2024-41045.html * https://www.suse.com/security/cve/CVE-2024-41056.html * https://www.suse.com/security/cve/CVE-2024-41060.html * https://www.suse.com/security/cve/CVE-2024-41062.html * https://www.suse.com/security/cve/CVE-2024-41065.html * https://www.suse.com/security/cve/CVE-2024-41068.html * https://www.suse.com/security/cve/CVE-2024-41073.html * https://www.suse.com/security/cve/CVE-2024-41079.html * https://www.suse.com/security/cve/CVE-2024-41080.html * https://www.suse.com/security/cve/CVE-2024-41087.html * https://www.suse.com/security/cve/CVE-2024-41088.html * https://www.suse.com/security/cve/CVE-2024-41089.html * https://www.suse.com/security/cve/CVE-2024-41092.html * https://www.suse.com/security/cve/CVE-2024-41093.html * https://www.suse.com/security/cve/CVE-2024-41095.html * https://www.suse.com/security/cve/CVE-2024-41097.html * https://www.suse.com/security/cve/CVE-2024-41098.html * https://www.suse.com/security/cve/CVE-2024-42069.html * https://www.suse.com/security/cve/CVE-2024-42074.html * https://www.suse.com/security/cve/CVE-2024-42076.html * https://www.suse.com/security/cve/CVE-2024-42077.html * https://www.suse.com/security/cve/CVE-2024-42080.html * https://www.suse.com/security/cve/CVE-2024-42082.html * https://www.suse.com/security/cve/CVE-2024-42085.html * https://www.suse.com/security/cve/CVE-2024-42086.html * https://www.suse.com/security/cve/CVE-2024-42087.html * https://www.suse.com/security/cve/CVE-2024-42089.html * https://www.suse.com/security/cve/CVE-2024-42090.html * https://www.suse.com/security/cve/CVE-2024-42092.html * https://www.suse.com/security/cve/CVE-2024-42095.html * https://www.suse.com/security/cve/CVE-2024-42097.html * https://www.suse.com/security/cve/CVE-2024-42098.html * https://www.suse.com/security/cve/CVE-2024-42101.html * https://www.suse.com/security/cve/CVE-2024-42104.html * https://www.suse.com/security/cve/CVE-2024-42106.html * https://www.suse.com/security/cve/CVE-2024-42107.html * https://www.suse.com/security/cve/CVE-2024-42110.html * https://www.suse.com/security/cve/CVE-2024-42114.html * https://www.suse.com/security/cve/CVE-2024-42115.html * https://www.suse.com/security/cve/CVE-2024-42119.html * https://www.suse.com/security/cve/CVE-2024-42120.html * https://www.suse.com/security/cve/CVE-2024-42121.html * https://www.suse.com/security/cve/CVE-2024-42126.html * https://www.suse.com/security/cve/CVE-2024-42127.html * https://www.suse.com/security/cve/CVE-2024-42130.html * https://www.suse.com/security/cve/CVE-2024-42137.html * https://www.suse.com/security/cve/CVE-2024-42139.html * https://www.suse.com/security/cve/CVE-2024-42142.html * https://www.suse.com/security/cve/CVE-2024-42143.html * https://www.suse.com/security/cve/CVE-2024-42148.html * https://www.suse.com/security/cve/CVE-2024-42152.html * https://www.suse.com/security/cve/CVE-2024-42155.html * https://www.suse.com/security/cve/CVE-2024-42156.html * https://www.suse.com/security/cve/CVE-2024-42157.html * https://www.suse.com/security/cve/CVE-2024-42158.html * https://www.suse.com/security/cve/CVE-2024-42162.html * https://www.suse.com/security/cve/CVE-2024-42223.html * https://www.suse.com/security/cve/CVE-2024-42225.html * https://www.suse.com/security/cve/CVE-2024-42228.html * https://www.suse.com/security/cve/CVE-2024-42229.html * https://www.suse.com/security/cve/CVE-2024-42230.html * https://www.suse.com/security/cve/CVE-2024-42232.html * https://www.suse.com/security/cve/CVE-2024-42236.html * https://www.suse.com/security/cve/CVE-2024-42237.html * https://www.suse.com/security/cve/CVE-2024-42238.html * https://www.suse.com/security/cve/CVE-2024-42239.html * https://www.suse.com/security/cve/CVE-2024-42240.html * https://www.suse.com/security/cve/CVE-2024-42244.html * https://www.suse.com/security/cve/CVE-2024-42246.html * https://www.suse.com/security/cve/CVE-2024-42247.html * https://www.suse.com/security/cve/CVE-2024-42268.html * https://www.suse.com/security/cve/CVE-2024-42271.html * https://www.suse.com/security/cve/CVE-2024-42274.html * https://www.suse.com/security/cve/CVE-2024-42276.html * https://www.suse.com/security/cve/CVE-2024-42277.html * https://www.suse.com/security/cve/CVE-2024-42280.html * https://www.suse.com/security/cve/CVE-2024-42281.html * https://www.suse.com/security/cve/CVE-2024-42283.html * https://www.suse.com/security/cve/CVE-2024-42284.html * https://www.suse.com/security/cve/CVE-2024-42285.html * https://www.suse.com/security/cve/CVE-2024-42286.html * https://www.suse.com/security/cve/CVE-2024-42287.html * https://www.suse.com/security/cve/CVE-2024-42288.html * https://www.suse.com/security/cve/CVE-2024-42289.html * https://www.suse.com/security/cve/CVE-2024-42291.html * https://www.suse.com/security/cve/CVE-2024-42292.html * https://www.suse.com/security/cve/CVE-2024-42295.html * https://www.suse.com/security/cve/CVE-2024-42301.html * https://www.suse.com/security/cve/CVE-2024-42302.html * https://www.suse.com/security/cve/CVE-2024-42308.html * https://www.suse.com/security/cve/CVE-2024-42309.html * https://www.suse.com/security/cve/CVE-2024-42310.html * https://www.suse.com/security/cve/CVE-2024-42311.html * https://www.suse.com/security/cve/CVE-2024-42312.html * https://www.suse.com/security/cve/CVE-2024-42313.html * https://www.suse.com/security/cve/CVE-2024-42315.html * https://www.suse.com/security/cve/CVE-2024-42318.html * https://www.suse.com/security/cve/CVE-2024-42319.html * https://www.suse.com/security/cve/CVE-2024-42320.html * https://www.suse.com/security/cve/CVE-2024-42322.html * https://www.suse.com/security/cve/CVE-2024-43816.html * https://www.suse.com/security/cve/CVE-2024-43818.html * https://www.suse.com/security/cve/CVE-2024-43819.html * https://www.suse.com/security/cve/CVE-2024-43821.html * https://www.suse.com/security/cve/CVE-2024-43823.html * https://www.suse.com/security/cve/CVE-2024-43829.html * https://www.suse.com/security/cve/CVE-2024-43830.html * https://www.suse.com/security/cve/CVE-2024-43831.html * https://www.suse.com/security/cve/CVE-2024-43834.html * https://www.suse.com/security/cve/CVE-2024-43837.html * https://www.suse.com/security/cve/CVE-2024-43839.html * https://www.suse.com/security/cve/CVE-2024-43841.html * https://www.suse.com/security/cve/CVE-2024-43842.html * https://www.suse.com/security/cve/CVE-2024-43846.html * https://www.suse.com/security/cve/CVE-2024-43849.html * https://www.suse.com/security/cve/CVE-2024-43853.html * https://www.suse.com/security/cve/CVE-2024-43854.html * https://www.suse.com/security/cve/CVE-2024-43856.html * https://www.suse.com/security/cve/CVE-2024-43858.html * https://www.suse.com/security/cve/CVE-2024-43860.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-43863.html * https://www.suse.com/security/cve/CVE-2024-43866.html * https://www.suse.com/security/cve/CVE-2024-43867.html * https://www.suse.com/security/cve/CVE-2024-43871.html * https://www.suse.com/security/cve/CVE-2024-43872.html * https://www.suse.com/security/cve/CVE-2024-43873.html * https://www.suse.com/security/cve/CVE-2024-43879.html * https://www.suse.com/security/cve/CVE-2024-43880.html * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-43883.html * https://www.suse.com/security/cve/CVE-2024-43884.html * https://www.suse.com/security/cve/CVE-2024-43889.html * https://www.suse.com/security/cve/CVE-2024-43892.html * https://www.suse.com/security/cve/CVE-2024-43893.html * https://www.suse.com/security/cve/CVE-2024-43894.html * https://www.suse.com/security/cve/CVE-2024-43895.html * https://www.suse.com/security/cve/CVE-2024-43899.html * https://www.suse.com/security/cve/CVE-2024-43900.html * https://www.suse.com/security/cve/CVE-2024-43902.html * https://www.suse.com/security/cve/CVE-2024-43903.html * https://www.suse.com/security/cve/CVE-2024-43904.html * https://www.suse.com/security/cve/CVE-2024-43905.html * https://www.suse.com/security/cve/CVE-2024-43907.html * https://www.suse.com/security/cve/CVE-2024-43908.html * https://www.suse.com/security/cve/CVE-2024-43909.html * https://www.suse.com/security/cve/CVE-2024-44938.html * https://www.suse.com/security/cve/CVE-2024-44939.html * https://www.suse.com/security/cve/CVE-2024-44947.html * https://bugzilla.suse.com/show_bug.cgi?id=1193629 * https://bugzilla.suse.com/show_bug.cgi?id=1194111 * https://bugzilla.suse.com/show_bug.cgi?id=1194765 * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1196261 * https://bugzilla.suse.com/show_bug.cgi?id=1196516 * https://bugzilla.suse.com/show_bug.cgi?id=1196894 * https://bugzilla.suse.com/show_bug.cgi?id=1198017 * https://bugzilla.suse.com/show_bug.cgi?id=1203329 * https://bugzilla.suse.com/show_bug.cgi?id=1203330 * https://bugzilla.suse.com/show_bug.cgi?id=1203360 * https://bugzilla.suse.com/show_bug.cgi?id=1205462 * https://bugzilla.suse.com/show_bug.cgi?id=1206006 * https://bugzilla.suse.com/show_bug.cgi?id=1206258 * https://bugzilla.suse.com/show_bug.cgi?id=1206843 * https://bugzilla.suse.com/show_bug.cgi?id=1207158 * https://bugzilla.suse.com/show_bug.cgi?id=1208783 * https://bugzilla.suse.com/show_bug.cgi?id=1210644 * https://bugzilla.suse.com/show_bug.cgi?id=1213580 * https://bugzilla.suse.com/show_bug.cgi?id=1213632 * https://bugzilla.suse.com/show_bug.cgi?id=1214285 * https://bugzilla.suse.com/show_bug.cgi?id=1216834 * https://bugzilla.suse.com/show_bug.cgi?id=1220428 * https://bugzilla.suse.com/show_bug.cgi?id=1220877 * https://bugzilla.suse.com/show_bug.cgi?id=1220962 * https://bugzilla.suse.com/show_bug.cgi?id=1221269 * https://bugzilla.suse.com/show_bug.cgi?id=1221326 * https://bugzilla.suse.com/show_bug.cgi?id=1221630 * https://bugzilla.suse.com/show_bug.cgi?id=1221645 * https://bugzilla.suse.com/show_bug.cgi?id=1222335 * https://bugzilla.suse.com/show_bug.cgi?id=1222350 * https://bugzilla.suse.com/show_bug.cgi?id=1222372 * https://bugzilla.suse.com/show_bug.cgi?id=1222387 * https://bugzilla.suse.com/show_bug.cgi?id=1222634 * https://bugzilla.suse.com/show_bug.cgi?id=1222808 * https://bugzilla.suse.com/show_bug.cgi?id=1222967 * https://bugzilla.suse.com/show_bug.cgi?id=1223074 * https://bugzilla.suse.com/show_bug.cgi?id=1223191 * https://bugzilla.suse.com/show_bug.cgi?id=1223508 * https://bugzilla.suse.com/show_bug.cgi?id=1223720 * https://bugzilla.suse.com/show_bug.cgi?id=1223742 * https://bugzilla.suse.com/show_bug.cgi?id=1223777 * https://bugzilla.suse.com/show_bug.cgi?id=1223803 * https://bugzilla.suse.com/show_bug.cgi?id=1223807 * https://bugzilla.suse.com/show_bug.cgi?id=1224105 * https://bugzilla.suse.com/show_bug.cgi?id=1224415 * https://bugzilla.suse.com/show_bug.cgi?id=1224496 * https://bugzilla.suse.com/show_bug.cgi?id=1224510 * https://bugzilla.suse.com/show_bug.cgi?id=1224542 * https://bugzilla.suse.com/show_bug.cgi?id=1224578 * https://bugzilla.suse.com/show_bug.cgi?id=1224639 * https://bugzilla.suse.com/show_bug.cgi?id=1225162 * https://bugzilla.suse.com/show_bug.cgi?id=1225352 * https://bugzilla.suse.com/show_bug.cgi?id=1225428 * https://bugzilla.suse.com/show_bug.cgi?id=1225524 * https://bugzilla.suse.com/show_bug.cgi?id=1225578 * https://bugzilla.suse.com/show_bug.cgi?id=1225582 * https://bugzilla.suse.com/show_bug.cgi?id=1225773 * https://bugzilla.suse.com/show_bug.cgi?id=1225814 * https://bugzilla.suse.com/show_bug.cgi?id=1225827 * https://bugzilla.suse.com/show_bug.cgi?id=1225832 * https://bugzilla.suse.com/show_bug.cgi?id=1225903 * https://bugzilla.suse.com/show_bug.cgi?id=1226168 * https://bugzilla.suse.com/show_bug.cgi?id=1226530 * https://bugzilla.suse.com/show_bug.cgi?id=1226613 * https://bugzilla.suse.com/show_bug.cgi?id=1226742 * https://bugzilla.suse.com/show_bug.cgi?id=1226765 * https://bugzilla.suse.com/show_bug.cgi?id=1226798 * https://bugzilla.suse.com/show_bug.cgi?id=1226801 * https://bugzilla.suse.com/show_bug.cgi?id=1226874 * https://bugzilla.suse.com/show_bug.cgi?id=1226885 * https://bugzilla.suse.com/show_bug.cgi?id=1227079 * https://bugzilla.suse.com/show_bug.cgi?id=1227623 * https://bugzilla.suse.com/show_bug.cgi?id=1227761 * https://bugzilla.suse.com/show_bug.cgi?id=1227830 * https://bugzilla.suse.com/show_bug.cgi?id=1227863 * https://bugzilla.suse.com/show_bug.cgi?id=1227867 * https://bugzilla.suse.com/show_bug.cgi?id=1227929 * https://bugzilla.suse.com/show_bug.cgi?id=1227937 * https://bugzilla.suse.com/show_bug.cgi?id=1227958 * https://bugzilla.suse.com/show_bug.cgi?id=1228020 * https://bugzilla.suse.com/show_bug.cgi?id=1228065 * https://bugzilla.suse.com/show_bug.cgi?id=1228114 * https://bugzilla.suse.com/show_bug.cgi?id=1228410 * https://bugzilla.suse.com/show_bug.cgi?id=1228426 * https://bugzilla.suse.com/show_bug.cgi?id=1228427 * https://bugzilla.suse.com/show_bug.cgi?id=1228429 * https://bugzilla.suse.com/show_bug.cgi?id=1228446 * https://bugzilla.suse.com/show_bug.cgi?id=1228447 * https://bugzilla.suse.com/show_bug.cgi?id=1228449 * https://bugzilla.suse.com/show_bug.cgi?id=1228450 * https://bugzilla.suse.com/show_bug.cgi?id=1228452 * https://bugzilla.suse.com/show_bug.cgi?id=1228456 * https://bugzilla.suse.com/show_bug.cgi?id=1228463 * https://bugzilla.suse.com/show_bug.cgi?id=1228466 * https://bugzilla.suse.com/show_bug.cgi?id=1228467 * https://bugzilla.suse.com/show_bug.cgi?id=1228469 * https://bugzilla.suse.com/show_bug.cgi?id=1228480 * https://bugzilla.suse.com/show_bug.cgi?id=1228481 * https://bugzilla.suse.com/show_bug.cgi?id=1228482 * https://bugzilla.suse.com/show_bug.cgi?id=1228483 * https://bugzilla.suse.com/show_bug.cgi?id=1228484 * https://bugzilla.suse.com/show_bug.cgi?id=1228485 * https://bugzilla.suse.com/show_bug.cgi?id=1228487 * https://bugzilla.suse.com/show_bug.cgi?id=1228489 * https://bugzilla.suse.com/show_bug.cgi?id=1228491 * https://bugzilla.suse.com/show_bug.cgi?id=1228493 * https://bugzilla.suse.com/show_bug.cgi?id=1228494 * https://bugzilla.suse.com/show_bug.cgi?id=1228495 * https://bugzilla.suse.com/show_bug.cgi?id=1228496 * https://bugzilla.suse.com/show_bug.cgi?id=1228501 * https://bugzilla.suse.com/show_bug.cgi?id=1228503 * https://bugzilla.suse.com/show_bug.cgi?id=1228509 * https://bugzilla.suse.com/show_bug.cgi?id=1228513 * https://bugzilla.suse.com/show_bug.cgi?id=1228515 * https://bugzilla.suse.com/show_bug.cgi?id=1228516 * https://bugzilla.suse.com/show_bug.cgi?id=1228526 * https://bugzilla.suse.com/show_bug.cgi?id=1228531 * https://bugzilla.suse.com/show_bug.cgi?id=1228563 * https://bugzilla.suse.com/show_bug.cgi?id=1228564 * https://bugzilla.suse.com/show_bug.cgi?id=1228567 * https://bugzilla.suse.com/show_bug.cgi?id=1228576 * https://bugzilla.suse.com/show_bug.cgi?id=1228579 * https://bugzilla.suse.com/show_bug.cgi?id=1228584 * https://bugzilla.suse.com/show_bug.cgi?id=1228588 * https://bugzilla.suse.com/show_bug.cgi?id=1228590 * https://bugzilla.suse.com/show_bug.cgi?id=1228615 * https://bugzilla.suse.com/show_bug.cgi?id=1228616 * https://bugzilla.suse.com/show_bug.cgi?id=1228635 * https://bugzilla.suse.com/show_bug.cgi?id=1228636 * https://bugzilla.suse.com/show_bug.cgi?id=1228654 * https://bugzilla.suse.com/show_bug.cgi?id=1228656 * https://bugzilla.suse.com/show_bug.cgi?id=1228658 * https://bugzilla.suse.com/show_bug.cgi?id=1228660 * https://bugzilla.suse.com/show_bug.cgi?id=1228662 * https://bugzilla.suse.com/show_bug.cgi?id=1228667 * https://bugzilla.suse.com/show_bug.cgi?id=1228673 * https://bugzilla.suse.com/show_bug.cgi?id=1228677 * https://bugzilla.suse.com/show_bug.cgi?id=1228687 * https://bugzilla.suse.com/show_bug.cgi?id=1228706 * https://bugzilla.suse.com/show_bug.cgi?id=1228708 * https://bugzilla.suse.com/show_bug.cgi?id=1228710 * https://bugzilla.suse.com/show_bug.cgi?id=1228718 * https://bugzilla.suse.com/show_bug.cgi?id=1228720 * https://bugzilla.suse.com/show_bug.cgi?id=1228721 * https://bugzilla.suse.com/show_bug.cgi?id=1228722 * https://bugzilla.suse.com/show_bug.cgi?id=1228724 * https://bugzilla.suse.com/show_bug.cgi?id=1228726 * https://bugzilla.suse.com/show_bug.cgi?id=1228727 * https://bugzilla.suse.com/show_bug.cgi?id=1228733 * https://bugzilla.suse.com/show_bug.cgi?id=1228748 * https://bugzilla.suse.com/show_bug.cgi?id=1228766 * https://bugzilla.suse.com/show_bug.cgi?id=1228779 * https://bugzilla.suse.com/show_bug.cgi?id=1228801 * https://bugzilla.suse.com/show_bug.cgi?id=1228850 * https://bugzilla.suse.com/show_bug.cgi?id=1228857 * https://bugzilla.suse.com/show_bug.cgi?id=1228959 * https://bugzilla.suse.com/show_bug.cgi?id=1228964 * https://bugzilla.suse.com/show_bug.cgi?id=1228966 * https://bugzilla.suse.com/show_bug.cgi?id=1228967 * https://bugzilla.suse.com/show_bug.cgi?id=1228979 * https://bugzilla.suse.com/show_bug.cgi?id=1228988 * https://bugzilla.suse.com/show_bug.cgi?id=1228989 * https://bugzilla.suse.com/show_bug.cgi?id=1228991 * https://bugzilla.suse.com/show_bug.cgi?id=1228992 * https://bugzilla.suse.com/show_bug.cgi?id=1229042 * https://bugzilla.suse.com/show_bug.cgi?id=1229054 * https://bugzilla.suse.com/show_bug.cgi?id=1229086 * https://bugzilla.suse.com/show_bug.cgi?id=1229136 * https://bugzilla.suse.com/show_bug.cgi?id=1229154 * https://bugzilla.suse.com/show_bug.cgi?id=1229187 * https://bugzilla.suse.com/show_bug.cgi?id=1229188 * https://bugzilla.suse.com/show_bug.cgi?id=1229190 * https://bugzilla.suse.com/show_bug.cgi?id=1229287 * https://bugzilla.suse.com/show_bug.cgi?id=1229290 * https://bugzilla.suse.com/show_bug.cgi?id=1229292 * https://bugzilla.suse.com/show_bug.cgi?id=1229296 * https://bugzilla.suse.com/show_bug.cgi?id=1229297 * https://bugzilla.suse.com/show_bug.cgi?id=1229301 * https://bugzilla.suse.com/show_bug.cgi?id=1229303 * https://bugzilla.suse.com/show_bug.cgi?id=1229304 * https://bugzilla.suse.com/show_bug.cgi?id=1229305 * https://bugzilla.suse.com/show_bug.cgi?id=1229307 * https://bugzilla.suse.com/show_bug.cgi?id=1229309 * https://bugzilla.suse.com/show_bug.cgi?id=1229312 * https://bugzilla.suse.com/show_bug.cgi?id=1229314 * https://bugzilla.suse.com/show_bug.cgi?id=1229315 * https://bugzilla.suse.com/show_bug.cgi?id=1229317 * https://bugzilla.suse.com/show_bug.cgi?id=1229318 * https://bugzilla.suse.com/show_bug.cgi?id=1229319 * https://bugzilla.suse.com/show_bug.cgi?id=1229327 * https://bugzilla.suse.com/show_bug.cgi?id=1229341 * https://bugzilla.suse.com/show_bug.cgi?id=1229345 * https://bugzilla.suse.com/show_bug.cgi?id=1229346 * https://bugzilla.suse.com/show_bug.cgi?id=1229347 * https://bugzilla.suse.com/show_bug.cgi?id=1229349 * https://bugzilla.suse.com/show_bug.cgi?id=1229350 * https://bugzilla.suse.com/show_bug.cgi?id=1229351 * https://bugzilla.suse.com/show_bug.cgi?id=1229354 * https://bugzilla.suse.com/show_bug.cgi?id=1229356 * https://bugzilla.suse.com/show_bug.cgi?id=1229357 * https://bugzilla.suse.com/show_bug.cgi?id=1229358 * https://bugzilla.suse.com/show_bug.cgi?id=1229359 * https://bugzilla.suse.com/show_bug.cgi?id=1229360 * https://bugzilla.suse.com/show_bug.cgi?id=1229366 * https://bugzilla.suse.com/show_bug.cgi?id=1229370 * https://bugzilla.suse.com/show_bug.cgi?id=1229373 * https://bugzilla.suse.com/show_bug.cgi?id=1229374 * https://bugzilla.suse.com/show_bug.cgi?id=1229381 * https://bugzilla.suse.com/show_bug.cgi?id=1229382 * https://bugzilla.suse.com/show_bug.cgi?id=1229383 * https://bugzilla.suse.com/show_bug.cgi?id=1229386 * https://bugzilla.suse.com/show_bug.cgi?id=1229388 * https://bugzilla.suse.com/show_bug.cgi?id=1229391 * https://bugzilla.suse.com/show_bug.cgi?id=1229392 * https://bugzilla.suse.com/show_bug.cgi?id=1229395 * https://bugzilla.suse.com/show_bug.cgi?id=1229398 * https://bugzilla.suse.com/show_bug.cgi?id=1229399 * https://bugzilla.suse.com/show_bug.cgi?id=1229400 * https://bugzilla.suse.com/show_bug.cgi?id=1229407 * https://bugzilla.suse.com/show_bug.cgi?id=1229409 * https://bugzilla.suse.com/show_bug.cgi?id=1229410 * https://bugzilla.suse.com/show_bug.cgi?id=1229411 * https://bugzilla.suse.com/show_bug.cgi?id=1229413 * https://bugzilla.suse.com/show_bug.cgi?id=1229414 * https://bugzilla.suse.com/show_bug.cgi?id=1229417 * https://bugzilla.suse.com/show_bug.cgi?id=1229418 * https://bugzilla.suse.com/show_bug.cgi?id=1229444 * https://bugzilla.suse.com/show_bug.cgi?id=1229453 * https://bugzilla.suse.com/show_bug.cgi?id=1229454 * https://bugzilla.suse.com/show_bug.cgi?id=1229481 * https://bugzilla.suse.com/show_bug.cgi?id=1229482 * https://bugzilla.suse.com/show_bug.cgi?id=1229488 * https://bugzilla.suse.com/show_bug.cgi?id=1229489 * https://bugzilla.suse.com/show_bug.cgi?id=1229490 * https://bugzilla.suse.com/show_bug.cgi?id=1229493 * https://bugzilla.suse.com/show_bug.cgi?id=1229495 * https://bugzilla.suse.com/show_bug.cgi?id=1229497 * https://bugzilla.suse.com/show_bug.cgi?id=1229500 * https://bugzilla.suse.com/show_bug.cgi?id=1229503 * https://bugzilla.suse.com/show_bug.cgi?id=1229506 * https://bugzilla.suse.com/show_bug.cgi?id=1229507 * https://bugzilla.suse.com/show_bug.cgi?id=1229508 * https://bugzilla.suse.com/show_bug.cgi?id=1229509 * https://bugzilla.suse.com/show_bug.cgi?id=1229510 * https://bugzilla.suse.com/show_bug.cgi?id=1229512 * https://bugzilla.suse.com/show_bug.cgi?id=1229516 * https://bugzilla.suse.com/show_bug.cgi?id=1229521 * https://bugzilla.suse.com/show_bug.cgi?id=1229522 * https://bugzilla.suse.com/show_bug.cgi?id=1229523 * https://bugzilla.suse.com/show_bug.cgi?id=1229524 * https://bugzilla.suse.com/show_bug.cgi?id=1229525 * https://bugzilla.suse.com/show_bug.cgi?id=1229526 * https://bugzilla.suse.com/show_bug.cgi?id=1229527 * https://bugzilla.suse.com/show_bug.cgi?id=1229528 * https://bugzilla.suse.com/show_bug.cgi?id=1229529 * https://bugzilla.suse.com/show_bug.cgi?id=1229531 * https://bugzilla.suse.com/show_bug.cgi?id=1229533 * https://bugzilla.suse.com/show_bug.cgi?id=1229535 * https://bugzilla.suse.com/show_bug.cgi?id=1229536 * https://bugzilla.suse.com/show_bug.cgi?id=1229537 * https://bugzilla.suse.com/show_bug.cgi?id=1229540 * https://bugzilla.suse.com/show_bug.cgi?id=1229544 * https://bugzilla.suse.com/show_bug.cgi?id=1229545 * https://bugzilla.suse.com/show_bug.cgi?id=1229546 * https://bugzilla.suse.com/show_bug.cgi?id=1229547 * https://bugzilla.suse.com/show_bug.cgi?id=1229548 * https://bugzilla.suse.com/show_bug.cgi?id=1229554 * https://bugzilla.suse.com/show_bug.cgi?id=1229557 * https://bugzilla.suse.com/show_bug.cgi?id=1229558 * https://bugzilla.suse.com/show_bug.cgi?id=1229559 * https://bugzilla.suse.com/show_bug.cgi?id=1229560 * https://bugzilla.suse.com/show_bug.cgi?id=1229562 * https://bugzilla.suse.com/show_bug.cgi?id=1229564 * https://bugzilla.suse.com/show_bug.cgi?id=1229565 * https://bugzilla.suse.com/show_bug.cgi?id=1229566 * https://bugzilla.suse.com/show_bug.cgi?id=1229568 * https://bugzilla.suse.com/show_bug.cgi?id=1229569 * https://bugzilla.suse.com/show_bug.cgi?id=1229572 * https://bugzilla.suse.com/show_bug.cgi?id=1229573 * https://bugzilla.suse.com/show_bug.cgi?id=1229576 * https://bugzilla.suse.com/show_bug.cgi?id=1229581 * https://bugzilla.suse.com/show_bug.cgi?id=1229588 * https://bugzilla.suse.com/show_bug.cgi?id=1229598 * https://bugzilla.suse.com/show_bug.cgi?id=1229603 * https://bugzilla.suse.com/show_bug.cgi?id=1229604 * https://bugzilla.suse.com/show_bug.cgi?id=1229605 * https://bugzilla.suse.com/show_bug.cgi?id=1229608 * https://bugzilla.suse.com/show_bug.cgi?id=1229611 * https://bugzilla.suse.com/show_bug.cgi?id=1229612 * https://bugzilla.suse.com/show_bug.cgi?id=1229613 * https://bugzilla.suse.com/show_bug.cgi?id=1229614 * https://bugzilla.suse.com/show_bug.cgi?id=1229615 * https://bugzilla.suse.com/show_bug.cgi?id=1229616 * https://bugzilla.suse.com/show_bug.cgi?id=1229617 * https://bugzilla.suse.com/show_bug.cgi?id=1229620 * https://bugzilla.suse.com/show_bug.cgi?id=1229622 * https://bugzilla.suse.com/show_bug.cgi?id=1229623 * https://bugzilla.suse.com/show_bug.cgi?id=1229624 * https://bugzilla.suse.com/show_bug.cgi?id=1229625 * https://bugzilla.suse.com/show_bug.cgi?id=1229626 * https://bugzilla.suse.com/show_bug.cgi?id=1229628 * https://bugzilla.suse.com/show_bug.cgi?id=1229629 * https://bugzilla.suse.com/show_bug.cgi?id=1229630 * https://bugzilla.suse.com/show_bug.cgi?id=1229631 * https://bugzilla.suse.com/show_bug.cgi?id=1229632 * https://bugzilla.suse.com/show_bug.cgi?id=1229635 * https://bugzilla.suse.com/show_bug.cgi?id=1229636 * https://bugzilla.suse.com/show_bug.cgi?id=1229637 * https://bugzilla.suse.com/show_bug.cgi?id=1229638 * https://bugzilla.suse.com/show_bug.cgi?id=1229639 * https://bugzilla.suse.com/show_bug.cgi?id=1229641 * https://bugzilla.suse.com/show_bug.cgi?id=1229642 * https://bugzilla.suse.com/show_bug.cgi?id=1229643 * https://bugzilla.suse.com/show_bug.cgi?id=1229645 * https://bugzilla.suse.com/show_bug.cgi?id=1229657 * https://bugzilla.suse.com/show_bug.cgi?id=1229658 * https://bugzilla.suse.com/show_bug.cgi?id=1229662 * https://bugzilla.suse.com/show_bug.cgi?id=1229664 * https://bugzilla.suse.com/show_bug.cgi?id=1229707 * https://bugzilla.suse.com/show_bug.cgi?id=1229739 * https://bugzilla.suse.com/show_bug.cgi?id=1229743 * https://bugzilla.suse.com/show_bug.cgi?id=1229746 * https://bugzilla.suse.com/show_bug.cgi?id=1229754 * https://bugzilla.suse.com/show_bug.cgi?id=1229755 * https://bugzilla.suse.com/show_bug.cgi?id=1229756 * https://bugzilla.suse.com/show_bug.cgi?id=1229759 * https://bugzilla.suse.com/show_bug.cgi?id=1229761 * https://bugzilla.suse.com/show_bug.cgi?id=1229767 * https://bugzilla.suse.com/show_bug.cgi?id=1229768 * https://bugzilla.suse.com/show_bug.cgi?id=1229781 * https://bugzilla.suse.com/show_bug.cgi?id=1229784 * https://bugzilla.suse.com/show_bug.cgi?id=1229787 * https://bugzilla.suse.com/show_bug.cgi?id=1229788 * https://bugzilla.suse.com/show_bug.cgi?id=1229789 * https://bugzilla.suse.com/show_bug.cgi?id=1229792 * https://bugzilla.suse.com/show_bug.cgi?id=1229820 * https://jira.suse.com/browse/PED-8491 * https://jira.suse.com/browse/PED-8779 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 10 12:42:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 10 Sep 2024 12:42:08 -0000 Subject: SUSE-SU-2024:3189-1: important: Security update for the Linux Kernel Message-ID: <172597212876.27756.4435269170283241681@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3189-1 Rating: important References: * bsc#1082555 * bsc#1190317 * bsc#1196516 * bsc#1205462 * bsc#1210629 * bsc#1214285 * bsc#1216834 * bsc#1221252 * bsc#1222335 * bsc#1222387 * bsc#1222808 * bsc#1223074 * bsc#1223803 * bsc#1224479 * bsc#1224579 * bsc#1224640 * bsc#1224896 * bsc#1224923 * bsc#1224984 * bsc#1225190 * bsc#1225223 * bsc#1225483 * bsc#1225508 * bsc#1225578 * bsc#1226323 * bsc#1226629 * bsc#1226653 * bsc#1226754 * bsc#1226798 * bsc#1226801 * bsc#1226885 * bsc#1227069 * bsc#1227623 * bsc#1227820 * bsc#1227996 * bsc#1228040 * bsc#1228065 * bsc#1228247 * bsc#1228410 * bsc#1228427 * bsc#1228449 * bsc#1228466 * bsc#1228467 * bsc#1228482 * bsc#1228485 * bsc#1228487 * bsc#1228493 * bsc#1228495 * bsc#1228501 * bsc#1228513 * bsc#1228516 * bsc#1228576 * bsc#1228579 * bsc#1228667 * bsc#1228706 * bsc#1228709 * bsc#1228720 * bsc#1228727 * bsc#1228733 * bsc#1228801 * bsc#1228850 * bsc#1228959 * bsc#1228964 * bsc#1228966 * bsc#1228967 * bsc#1228982 * bsc#1228989 * bsc#1229154 * bsc#1229156 * bsc#1229222 * bsc#1229229 * bsc#1229290 * bsc#1229292 * bsc#1229301 * bsc#1229309 * bsc#1229327 * bsc#1229345 * bsc#1229346 * bsc#1229347 * bsc#1229357 * bsc#1229358 * bsc#1229359 * bsc#1229381 * bsc#1229382 * bsc#1229386 * bsc#1229388 * bsc#1229392 * bsc#1229395 * bsc#1229398 * bsc#1229399 * bsc#1229400 * bsc#1229407 * bsc#1229457 * bsc#1229462 * bsc#1229482 * bsc#1229489 * bsc#1229490 * bsc#1229495 * bsc#1229497 * bsc#1229500 * bsc#1229503 * bsc#1229516 * bsc#1229526 * bsc#1229531 * bsc#1229535 * bsc#1229536 * bsc#1229540 * bsc#1229604 * bsc#1229623 * bsc#1229624 * bsc#1229630 * bsc#1229632 * bsc#1229657 * bsc#1229658 * bsc#1229664 * bsc#1229707 * bsc#1229756 * bsc#1229759 * bsc#1229761 * bsc#1229767 * bsc#1229784 * bsc#1229787 * bsc#1229851 Cross-References: * CVE-2021-4440 * CVE-2021-47257 * CVE-2021-47289 * CVE-2021-47341 * CVE-2021-47373 * CVE-2021-47425 * CVE-2021-47549 * CVE-2022-48751 * CVE-2022-48769 * CVE-2022-48786 * CVE-2022-48822 * CVE-2022-48865 * CVE-2022-48875 * CVE-2022-48896 * CVE-2022-48899 * CVE-2022-48905 * CVE-2022-48910 * CVE-2022-48919 * CVE-2022-48920 * CVE-2022-48925 * CVE-2022-48930 * CVE-2022-48931 * CVE-2022-48938 * CVE-2023-52708 * CVE-2023-52893 * CVE-2023-52901 * CVE-2023-52907 * CVE-2024-26668 * CVE-2024-26677 * CVE-2024-26812 * CVE-2024-26851 * CVE-2024-27011 * CVE-2024-35915 * CVE-2024-35933 * CVE-2024-35965 * CVE-2024-36013 * CVE-2024-36270 * CVE-2024-36286 * CVE-2024-38618 * CVE-2024-38662 * CVE-2024-39489 * CVE-2024-40984 * CVE-2024-41012 * CVE-2024-41016 * CVE-2024-41020 * CVE-2024-41035 * CVE-2024-41062 * CVE-2024-41068 * CVE-2024-41087 * CVE-2024-41097 * CVE-2024-41098 * CVE-2024-42077 * CVE-2024-42082 * CVE-2024-42090 * CVE-2024-42101 * CVE-2024-42106 * CVE-2024-42110 * CVE-2024-42148 * CVE-2024-42155 * CVE-2024-42157 * CVE-2024-42158 * CVE-2024-42162 * CVE-2024-42226 * CVE-2024-42228 * CVE-2024-42232 * CVE-2024-42236 * CVE-2024-42240 * CVE-2024-42244 * CVE-2024-42246 * CVE-2024-42259 * CVE-2024-42271 * CVE-2024-42280 * CVE-2024-42281 * CVE-2024-42284 * CVE-2024-42285 * CVE-2024-42286 * CVE-2024-42287 * CVE-2024-42288 * CVE-2024-42289 * CVE-2024-42301 * CVE-2024-42309 * CVE-2024-42310 * CVE-2024-42312 * CVE-2024-42322 * CVE-2024-43819 * CVE-2024-43831 * CVE-2024-43839 * CVE-2024-43853 * CVE-2024-43854 * CVE-2024-43856 * CVE-2024-43861 * CVE-2024-43863 * CVE-2024-43866 * CVE-2024-43871 * CVE-2024-43872 * CVE-2024-43879 * CVE-2024-43882 * CVE-2024-43883 * CVE-2024-43892 * CVE-2024-43893 * CVE-2024-43900 * CVE-2024-43902 * CVE-2024-43905 * CVE-2024-43907 CVSS scores: * CVE-2021-4440 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2021-47257 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47341 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47373 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47549 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48751 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48769 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48786 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2022-48822 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48822 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48865 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48875 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48875 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48905 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48910 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48919 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48919 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48919 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48931 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48938 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48938 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52708 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26677 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26812 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35933 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35965 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36270 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36286 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-38618 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38662 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38662 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-39489 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-39489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40984 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41012 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-41020 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41020 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41035 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41068 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41087 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41097 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41097 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41098 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42082 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42101 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42101 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42148 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42155 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42155 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42155 ( NVD ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N * CVE-2024-42157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42157 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42158 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42158 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42162 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42226 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42226 ( NVD ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42228 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42228 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42236 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-42236 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-42236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42240 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42244 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42244 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42244 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42246 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42259 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42259 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-42271 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42271 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42281 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42284 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42284 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42285 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42285 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42286 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42288 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42289 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42301 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42301 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42309 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42309 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42310 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42310 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42312 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42322 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43819 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43831 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43856 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43863 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43866 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43871 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43872 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43883 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43883 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43892 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43892 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43892 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43893 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43900 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43900 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43902 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43902 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43902 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43905 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43907 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Real Time 12 SP5 * SUSE Linux Enterprise Server 12 SP5 An update that solves 104 vulnerabilities and has 19 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-43907: drm/amdgpu/pm: fix the null pointer dereference in apply_state_adjust_rules (bsc#1229787). * CVE-2024-43905: drm/amd/pm: fix the null pointer dereference for vega10_hwmgr (bsc#1229784). * CVE-2024-43902: Add null checker before passing variables (bsc#1229767). * CVE-2024-43900: Avoid use-after-free in load_firmware_cb() (bsc#1229756). * CVE-2024-43893: Check uartclk for zero to avoid divide by zero (bsc#1229759). * CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) * CVE-2024-43879: wifi: cfg80211: handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (bsc#1229482). * CVE-2024-43872: RDMA/hns: Fix soft lockup under heavy CEQE load (bsc#1229489). * CVE-2024-43871: devres: Fix memory leakage caused by driver API devm_free_percpu() (bsc#1229490). * CVE-2024-43866: net/mlx5: Always drain health in shutdown callback (bsc#1229495). * CVE-2024-43863: drm/vmwgfx: Fix a deadlock in dma buf fence polling (bsc#1229497). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500). * CVE-2024-43856: dma: fix call order in dmam_free_coherent (bsc#1229346). * CVE-2024-43854: block: initialize integrity buffer to zero before writing it to media (bsc#1229345) * CVE-2024-43839: bna: adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301). * CVE-2024-43831: media: mediatek: vcodec: Handle invalid decoder vsi (bsc#1229309). * CVE-2024-43819: Reject memory region operations for ucontrol VMs (bsc#1229290 git-fixes). * CVE-2024-42322: ipvs: properly dereference pe in ip_vs_add_service (bsc#1229347) * CVE-2024-42312: sysctl: always initialize i_uid/i_gid (bsc#1229357) * CVE-2024-42310: drm/gma500: fix null pointer dereference in cdv_intel_lvds_get_modes (bsc#1229358). * CVE-2024-42309: drm/gma500: fix null pointer dereference in psb_intel_lvds_get_modes (bsc#1229359). * CVE-2024-42301: dev/parport: fix the array out-of-bounds risk (bsc#1229407). * CVE-2024-42285: RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (bsc#1229381). * CVE-2024-42284: tipc: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382) * CVE-2024-42281: bpf: Fix a segment issue when downgrading gso_size (bsc#1229386). * CVE-2024-42280: Fix a use after free in hfcmulti_tx() (bsc#1229388) * CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400) * CVE-2024-42259: drm/i915/gem: fix Virtual Memory mapping boundaries calculation (bsc#1229156). * CVE-2024-42246: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989). * CVE-2024-42244: usb: serial: mos7840: fix crash on resume (bsc#1228967). * CVE-2024-42236: usb: gadget: configfs: prevent OOB read/write in usb_string_copy() (bsc#1228964). * CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959) * CVE-2024-42228: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (bsc#1228667). * CVE-2024-42226: usb: xhci: prevent potential failure in handle_tx_event() for Transfer events without TRB (bsc#1228709). * CVE-2024-42162: gve: Account for stopped queues when reading NIC stats (bsc#1228706). * CVE-2024-42158: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720). * CVE-2024-42157: s390/pkey: Wipe sensitive data on failure (bsc#1228727). * CVE-2024-42155: s390/pkey: Wipe copies of protected- and secure-keys (bsc#1228733). * CVE-2024-42148: bnx2x: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487). * CVE-2024-42110: net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501). * CVE-2024-42106: inet_diag: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493). * CVE-2024-42101: drm/nouveau: fix null pointer dereference in nouveau_connector_get_modes (bsc#1228495). * CVE-2024-42090: pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (bsc#1228449). * CVE-2024-42082: xdp: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482). * CVE-2024-41098: ata: libata-core: Fix null pointer dereference on error (bsc#1228467). * CVE-2024-41087: Fix double free on error (CVE-2024-41087,bsc#1228466). * CVE-2024-41068: s390/sclp: Fix sclp_init() cleanup on failure (bsc#1228579). * CVE-2024-41062: bluetooth/l2cap: sync sock recv cb and release (bsc#1228576). * CVE-2024-41035: usb: core: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (bsc#1228485). * CVE-2024-41020: filelock: Fix fcntl/close race recovery compat path (bsc#1228427). * CVE-2024-41012: filelock: Remove locks reliably when fcntl/close race is detected (bsc#1228247). * CVE-2024-40984: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (bsc#1227820). * CVE-2024-39489: ipv6: sr: fix memleak in seg6_hmac_init_algo (bsc#1227623) * CVE-2024-38662: selftests/bpf: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885). * CVE-2024-38618: ALSA: timer: Set lower bound of start tick time (bsc#1226754). * CVE-2024-36286: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801) * CVE-2024-36270: Fix reference in patches.suse/netfilter-tproxy-bail-out-if- IP-has-been-disabled-on.patch (bsc#1226798) * CVE-2024-36013: Fix slab-use-after-free in l2cap_connect() (bsc#1225578). * CVE-2024-35965: Bluetooth: L2CAP: Fix not validating setsockopt user input (bsc#1224579). * CVE-2024-35933: Bluetooth: btintel: Fix null ptr deref in btintel_read_version (bsc#1224640). * CVE-2024-35915: nfc: nci: Fix uninit-value in nci_dev_up and nci_ntf_packet (bsc#1224479). * CVE-2024-27011: netfilter: nf_tables: fix memleak in map from abort path (bsc#1223803). * CVE-2024-26851: netfilter: nf_conntrack_h323: Add protection for bmp length out of range (bsc#1223074) * CVE-2024-26812: kABI: vfio: struct virqfd kABI workaround (bsc#1222808). * CVE-2024-26677: Blacklist e7870cf13d20 (" Fix delayed ACKs to not set the reference serial number") (bsc#1222387) * CVE-2024-26668: netfilter: nft_limit: reject configurations that cause integer overflow (bsc#1222335). * CVE-2023-52907: nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame() (bsc#1229526). * CVE-2023-52893: gsmi: fix null-deref in gsmi_get_variable (bsc#1229535). * CVE-2023-52708: mmc: mmc_spi: fix error handling in mmc_spi_probe() (bsc#1225483). * CVE-2022-48920: Get rid of warning on transaction commit when using flushoncommit (bsc#1229658). * CVE-2022-48910: net: ipv6: ensure we call ipv6_mc_down() at most once (bsc#1229632). * CVE-2022-48875: wifi: mac80211: sdata can be NULL during AMPDU start (bsc#1229516). * CVE-2022-48865: Fix kernel panic when enabling bearer (bsc#1228065). * CVE-2022-48822: usb: f_fs: fix use-after-free for epfile (bsc#1228040). * CVE-2022-48786: vsock: remove vsock from connected table when connect is interrupted by a signal (bsc#1227996). * CVE-2022-48769: efi: runtime: avoid EFIv2 runtime services on Apple x86 machines (bsc#1226629). * CVE-2022-48751: net/smc: transitional solution for clcsock race issue (bsc#1226653). * CVE-2021-47549: sata_fsl: fix UAF in sata_fsl_port_stop when rmmod sata_fsl (bsc#1225508). * CVE-2021-47425: i2c: acpi: fix resource leak in reconfiguration device addition (bsc#1225223). * CVE-2021-47373: irqchip/gic-v3-its: Fix potential VPE leak on error (bsc#1225190). * CVE-2021-47341: KVM: mmio: Fix use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio (bsc#1224923). * CVE-2021-47289: ACPI: fix NULL pointer dereference (bsc#1224984). * CVE-2021-47257: net: ieee802154: fix null deref in parse dev addr (bsc#1224896). * CVE-2021-4440: x86/xen: drop USERGS_SYSRET64 paravirt call (bsc#1227069). The following non-security bugs were fixed: * Bluetooth: L2CAP: Fix deadlock (git-fixes). * KVM: s390: Do not report unusabled IDs via KVM_CAP_MAX_VCPU_ID (git-fixes bsc#1229222). * Revert "irqdomain: Fixed unbalanced fwnode get and put (git-fixes)." (bsc#1229851) * arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git- fixes) * btrfs: Remove unused op_key var from add_delayed_refs (bsc#1228982). * btrfs: fix processing of delayed tree block refs during backref walking (bsc#1228982). * cgroup/cpuset: Prevent UAF in proc_cpuset_show() (bsc#1228801). * char: tpm: Protect tpm_pm_suspend with locks (bsc#1082555). * cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). * fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229457). * genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (git- fixes). * genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask() (git- fixes). * genirq/irqdesc: Do not try to remove non-existing sysfs files (git-fixes). * genirq/irqdomain: Check pointer in irq_domain_alloc_irqs_hierarchy() (git- fixes). * genirq/msi: Activate Multi-MSI early when MSI_FLAG_ACTIVATE_EARLY is set (git-fixes). * genirq/msi: Ensure deactivation on teardown (git-fixes). * genirq/proc: Reject invalid affinity masks (again) (git-fixes). * genirq: Delay deactivation in free_irq() (git-fixes). * genirq: Make sure the initial affinity is not empty (git-fixes). * gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git- fixes). * ip6_tunnel: Fix broken GRO (bsc#1226323). * irqdomain: Drop bogus fwspec-mapping error handling (git-fixes). * irqdomain: Fix association race (git-fixes). * irqdomain: Fix domain registration race (git-fixes). * irqdomain: Fix mapping-creation race (git-fixes). * irqdomain: Fixed unbalanced fwnode get and put (git-fixes). * irqdomain: Look for existing mapping only once (git-fixes). * irqdomain: Refactor __irq_domain_alloc_irqs() (git-fixes). * kABI: Do not rename tpm_getcap (bsc#1082555). * kABI: Hide the new last_cc member in a hole in struct tpm_chip (bsc#1082555). * kABI: Instead of changing the pcr argument type add a local variable of the desired type, and assign it from the actual argument (bsc#1082555). * kABI: do not change return type of tpm_tis_update_timeouts (bsc#1082555). * kABI: do not rename tpm_do_selftest, tpm_pcr_read_dev, and tpm1_getcap (bsc#1082555). * kABI: genirq: Delay deactivation in free_irq() (kabi git-fixes). * kABI: no need to store the tpm long long duration in tpm_chip struct, it is an arbitrary hardcoded value (bsc#1082555). * kABI: re-export tpm2_calc_ordinal_duration (bsc#1082555). * kABI: tpm-interface: Hide new include from genksyms (bsc#1082555). * kABI: tpm2-space: Do not add buf_size to struct tpm_space (bsc#1082555). * kabi/severities: Ignore tpm_transmit_cmd and tpm_tis_core_init (bsc#1082555). * memcg: protect concurrent access to mem_cgroup_idr (git-fixes). * net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154). * net: mana: Fix race on per-CQ variable napi work_done (bsc#1229154). * netfilter: nf_conntrack_h323: restore boundary check correctness (bsc#1223074) * netfilter: nf_ct_h323: Convert CHECK_BOUND macro to function (bsc#1223074) * netfilter: nf_ct_h323: Extend nf_h323_error_boundary to work on bits as well (bsc#1223074) * netfilter: nf_ct_h323: Out Of Bound Read in Netfilter Conntrack (bsc#1223074) * nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git- fixes). * nfc: nci: Fix kcov check in nci_rx_work() (git-fixes). * nfc: nci: Fix uninit-value in nci_rx_work (git-fixes). * powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). * s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229229). * scsi: target: core: Silence the message about unknown VPD pages (bsc#1221252 bsc#1229462). * tpm, tpm: Implement usage counter for locality (bsc#1082555). * tpm, tpm_tis: Avoid cache incoherency in test for interrupts (bsc#1082555). * tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register (bsc#1082555). * tpm, tpm_tis: Claim locality before writing interrupt registers (bsc#1082555). * tpm, tpm_tis: Claim locality when interrupts are reenabled on resume (bsc#1082555). * tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1082555). * tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1082555). * tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed (bsc#1082555). * tpm, tpm_tis: Do not skip reset of original interrupt vector (bsc#1082555). * tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1082555). * tpm, tpm_tis: Only handle supported interrupts (bsc#1082555). * tpm, tpm_tis: Reserve locality in tpm_tis_resume() (bsc#1082555). * tpm, tpm_tis: correct tpm_tis_flags enumeration values (bsc#1082555). * tpm, tpmrm: Mark tpmrm_write as static (bsc#1082555). * tpm/tpm_crb: Fix error message in __crb_relinquish_locality() (bsc#1082555). * tpm1: implement tpm1_pcr_read_dev() using tpm_buf structure (bsc#1082555). * tpm1: reimplement SAVESTATE using tpm_buf (bsc#1082555). * tpm1: reimplement tpm1_continue_selftest() using tpm_buf (bsc#1082555). * tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read() (bsc#1082555). * tpm2: add longer timeouts for creation commands (bsc#1082555). * tpm: Actually fail on TPM errors during "get random" (bsc#1082555). * tpm: Add a flag to indicate TPM power is managed by firmware (bsc#1082555). * tpm: Allow system suspend to continue when TPM suspend fails (bsc#1082555). * tpm: Fix TIS locality timeout problems (bsc#1082555). * tpm: Fix buffer access in tpm2_get_tpm_pt() (bsc#1082555). * tpm: Fix error handling in async work (bsc#1082555). * tpm: Fix null pointer dereference on chip register error path (bsc#1082555). * tpm: Handle negative priv->response_len in tpm_common_read() (bsc#1082555). * tpm: Prevent hwrng from activating during resume (bsc#1082555). * tpm: Remove tpm_dev_wq_lock (bsc#1082555). * tpm: Replace WARN_ONCE() with dev_err_once() in tpm_tis_status() (bsc#1082555). * tpm: Revert "tpm_tis: reserve chip for duration of tpm_tis_core_init" (bsc#1082555). * tpm: Revert "tpm_tis_core: Set TPM_CHIP_FLAG_IRQ before probing for interrupts" (bsc#1082555). * tpm: Revert "tpm_tis_core: Turn on the TPM before probing IRQ's" (bsc#1082555). * tpm: Unify the mismatching TPM space buffer sizes (bsc#1082555). * tpm: Wrap the buffer from the caller to tpm_buf in tpm_send() (bsc#1082555). * tpm: access command header through struct in tpm_try_transmit() (bsc#1082555). * tpm: add ptr to the tpm_space struct to file_priv (bsc#1082555). * tpm: add support for nonblocking operation (bsc#1082555). * tpm: add support for partial reads (bsc#1082555). * tpm: add tpm_auto_startup() into tpm-interface.c (bsc#1082555). * tpm: add tpm_calc_ordinal_duration() wrapper (bsc#1082555). * tpm: clean up tpm_try_transmit() error handling flow (bsc#1082555). * tpm: declare struct tpm_header (bsc#1082555). * tpm: do not return bool from update_timeouts (bsc#1082555). * tpm: encapsulate tpm_dev_transmit() (bsc#1082555). * tpm: factor out tpm 1.x duration calculation to tpm1-cmd.c (bsc#1082555). * tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c (bsc#1082555). * tpm: factor out tpm1_get_random into tpm1-cmd.c (bsc#1082555). * tpm: factor out tpm_get_timeouts() (bsc#1082555). * tpm: factor out tpm_startup function (bsc#1082555). * tpm: fix Atmel TPM crash caused by too frequent queries (bsc#1082555). * tpm: fix NPE on probe for missing device (bsc#1082555). * tpm: fix an invalid condition in tpm_common_poll (bsc#1082555). * tpm: fix buffer type in tpm_transmit_cmd (bsc#1082555). * tpm: fix byte order related arithmetic inconsistency in tpm_getcap() (bsc#1082555). * tpm: fix invalid locking in NONBLOCKING mode (bsc#1082555). * tpm: fix invalid return value in pubek_show() (bsc#1082555). * tpm: introduce tpm_chip_start() and tpm_chip_stop() (bsc#1082555). * tpm: migrate pubek_show to struct tpm_buf (bsc#1082555). * tpm: migrate tpm2_get_random() to use struct tpm_buf (bsc#1082555). * tpm: migrate tpm2_get_tpm_pt() to use struct tpm_buf (bsc#1082555). * tpm: migrate tpm2_probe() to use struct tpm_buf (bsc#1082555). * tpm: migrate tpm2_shutdown() to use struct tpm_buf (bsc#1082555). * tpm: move TPM 1.2 code of tpm_pcr_extend() to tpm1_pcr_extend() (bsc#1082555). * tpm: move TPM space code out of tpm_transmit() (bsc#1082555). * tpm: move tpm 1.x selftest code from tpm-interface.c tpm1-cmd.c (bsc#1082555). * tpm: move tpm1_pcr_extend to tpm1-cmd.c (bsc#1082555). * tpm: move tpm_getcap to tpm1-cmd.c (bsc#1082555). * tpm: move tpm_validate_commmand() to tpm2-space.c (bsc#1082555). * tpm: print tpm2_commit_space() error inside tpm2_commit_space() (bsc#1082555). * tpm: remove @flags from tpm_transmit() (bsc#1082555). * tpm: remove @space from tpm_transmit() (bsc#1082555). * tpm: remove TPM_TRANSMIT_UNLOCKED flag (bsc#1082555). * tpm: remove struct tpm_pcrextend_in (bsc#1082555). * tpm: rename tpm_chip_find_get() to tpm_find_get_ops() (bsc#1082555). * tpm: replace TPM_TRANSMIT_RAW with TPM_TRANSMIT_NESTED (bsc#1082555). * tpm: return 0 from pcrs_show() when tpm1_pcr_read() fails (bsc#1082555). * tpm: take TPM chip power gating out of tpm_transmit() (bsc#1082555). * tpm: tpm1: rewrite tpm1_get_random() using tpm_buf structure (bsc#1082555). * tpm: tpm1_bios_measurements_next should increase position index (bsc#1082555). * tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak (bsc#1082555). * tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak (bsc#1082555). * tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation (bsc#1082555). * tpm: turn on TPM on suspend for TPM 1.x (bsc#1082555). * tpm: use tpm_buf in tpm_transmit_cmd() as the IO parameter (bsc#1082555). * tpm: use tpm_msleep() value as max delay (bsc#1082555). * tpm: use tpm_try_get_ops() in tpm-sysfs.c (bsc#1082555). * tpm: use u32 instead of int for PCR index (bsc#1082555). * tpm: vtpm_proxy: Avoid reading host log when using a virtual device (bsc#1082555). * tpm: vtpm_proxy: Prevent userspace from sending driver command (bsc#1082555). * tpm_tis: Add a check for invalid status (bsc#1082555). * tpm_tis: Explicitly check for error code (bsc#1082555). * tpm_tis: Fix an error handling path in 'tpm_tis_core_init()' (bsc#1082555). * tpm_tis: Resend command to recover from data transfer errors (bsc#1082555). * tpm_tis: Use tpm_chip_{start,stop} decoration inside tpm_tis_resume (bsc#1082555). * tpm_tis: reserve chip for duration of tpm_tis_core_init (bsc#1082555). * tpm_tis_core: Turn on the TPM before probing IRQ's (bsc#1082555). * vfio/pci: fix potential memory leak in vfio_intx_enable() (git-fixes). * xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes). * xfs: fix getfsmap reporting past the last rt extent (git-fixes). * xfs: fix uninitialized variable access (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Real Time 12 SP5 zypper in -t patch SUSE-SLE-RT-12-SP5-2024-3189=1 ## Package List: * SUSE Linux Enterprise Real Time 12 SP5 (x86_64) * cluster-md-kmp-rt-debuginfo-4.12.14-10.200.1 * kernel-rt-debugsource-4.12.14-10.200.1 * gfs2-kmp-rt-4.12.14-10.200.1 * kernel-rt_debug-devel-debuginfo-4.12.14-10.200.1 * kernel-syms-rt-4.12.14-10.200.1 * kernel-rt-base-4.12.14-10.200.1 * gfs2-kmp-rt-debuginfo-4.12.14-10.200.1 * kernel-rt-debuginfo-4.12.14-10.200.1 * kernel-rt_debug-debuginfo-4.12.14-10.200.1 * cluster-md-kmp-rt-4.12.14-10.200.1 * dlm-kmp-rt-4.12.14-10.200.1 * kernel-rt-devel-4.12.14-10.200.1 * kernel-rt-base-debuginfo-4.12.14-10.200.1 * kernel-rt_debug-debugsource-4.12.14-10.200.1 * ocfs2-kmp-rt-4.12.14-10.200.1 * ocfs2-kmp-rt-debuginfo-4.12.14-10.200.1 * kernel-rt_debug-devel-4.12.14-10.200.1 * kernel-rt-devel-debuginfo-4.12.14-10.200.1 * dlm-kmp-rt-debuginfo-4.12.14-10.200.1 * SUSE Linux Enterprise Real Time 12 SP5 (noarch) * kernel-devel-rt-4.12.14-10.200.1 * kernel-source-rt-4.12.14-10.200.1 * SUSE Linux Enterprise Real Time 12 SP5 (nosrc x86_64) * kernel-rt-4.12.14-10.200.1 * kernel-rt_debug-4.12.14-10.200.1 ## References: * https://www.suse.com/security/cve/CVE-2021-4440.html * https://www.suse.com/security/cve/CVE-2021-47257.html * https://www.suse.com/security/cve/CVE-2021-47289.html * https://www.suse.com/security/cve/CVE-2021-47341.html * https://www.suse.com/security/cve/CVE-2021-47373.html * https://www.suse.com/security/cve/CVE-2021-47425.html * https://www.suse.com/security/cve/CVE-2021-47549.html * https://www.suse.com/security/cve/CVE-2022-48751.html * https://www.suse.com/security/cve/CVE-2022-48769.html * https://www.suse.com/security/cve/CVE-2022-48786.html * https://www.suse.com/security/cve/CVE-2022-48822.html * https://www.suse.com/security/cve/CVE-2022-48865.html * https://www.suse.com/security/cve/CVE-2022-48875.html * https://www.suse.com/security/cve/CVE-2022-48896.html * https://www.suse.com/security/cve/CVE-2022-48899.html * https://www.suse.com/security/cve/CVE-2022-48905.html * https://www.suse.com/security/cve/CVE-2022-48910.html * https://www.suse.com/security/cve/CVE-2022-48919.html * https://www.suse.com/security/cve/CVE-2022-48920.html * https://www.suse.com/security/cve/CVE-2022-48925.html * https://www.suse.com/security/cve/CVE-2022-48930.html * https://www.suse.com/security/cve/CVE-2022-48931.html * https://www.suse.com/security/cve/CVE-2022-48938.html * https://www.suse.com/security/cve/CVE-2023-52708.html * https://www.suse.com/security/cve/CVE-2023-52893.html * https://www.suse.com/security/cve/CVE-2023-52901.html * https://www.suse.com/security/cve/CVE-2023-52907.html * https://www.suse.com/security/cve/CVE-2024-26668.html * https://www.suse.com/security/cve/CVE-2024-26677.html * https://www.suse.com/security/cve/CVE-2024-26812.html * https://www.suse.com/security/cve/CVE-2024-26851.html * https://www.suse.com/security/cve/CVE-2024-27011.html * https://www.suse.com/security/cve/CVE-2024-35915.html * https://www.suse.com/security/cve/CVE-2024-35933.html * https://www.suse.com/security/cve/CVE-2024-35965.html * https://www.suse.com/security/cve/CVE-2024-36013.html * https://www.suse.com/security/cve/CVE-2024-36270.html * https://www.suse.com/security/cve/CVE-2024-36286.html * https://www.suse.com/security/cve/CVE-2024-38618.html * https://www.suse.com/security/cve/CVE-2024-38662.html * https://www.suse.com/security/cve/CVE-2024-39489.html * https://www.suse.com/security/cve/CVE-2024-40984.html * https://www.suse.com/security/cve/CVE-2024-41012.html * https://www.suse.com/security/cve/CVE-2024-41016.html * https://www.suse.com/security/cve/CVE-2024-41020.html * https://www.suse.com/security/cve/CVE-2024-41035.html * https://www.suse.com/security/cve/CVE-2024-41062.html * https://www.suse.com/security/cve/CVE-2024-41068.html * https://www.suse.com/security/cve/CVE-2024-41087.html * https://www.suse.com/security/cve/CVE-2024-41097.html * https://www.suse.com/security/cve/CVE-2024-41098.html * https://www.suse.com/security/cve/CVE-2024-42077.html * https://www.suse.com/security/cve/CVE-2024-42082.html * https://www.suse.com/security/cve/CVE-2024-42090.html * https://www.suse.com/security/cve/CVE-2024-42101.html * https://www.suse.com/security/cve/CVE-2024-42106.html * https://www.suse.com/security/cve/CVE-2024-42110.html * https://www.suse.com/security/cve/CVE-2024-42148.html * https://www.suse.com/security/cve/CVE-2024-42155.html * https://www.suse.com/security/cve/CVE-2024-42157.html * https://www.suse.com/security/cve/CVE-2024-42158.html * https://www.suse.com/security/cve/CVE-2024-42162.html * https://www.suse.com/security/cve/CVE-2024-42226.html * https://www.suse.com/security/cve/CVE-2024-42228.html * https://www.suse.com/security/cve/CVE-2024-42232.html * https://www.suse.com/security/cve/CVE-2024-42236.html * https://www.suse.com/security/cve/CVE-2024-42240.html * https://www.suse.com/security/cve/CVE-2024-42244.html * https://www.suse.com/security/cve/CVE-2024-42246.html * https://www.suse.com/security/cve/CVE-2024-42259.html * https://www.suse.com/security/cve/CVE-2024-42271.html * https://www.suse.com/security/cve/CVE-2024-42280.html * https://www.suse.com/security/cve/CVE-2024-42281.html * https://www.suse.com/security/cve/CVE-2024-42284.html * https://www.suse.com/security/cve/CVE-2024-42285.html * https://www.suse.com/security/cve/CVE-2024-42286.html * https://www.suse.com/security/cve/CVE-2024-42287.html * https://www.suse.com/security/cve/CVE-2024-42288.html * https://www.suse.com/security/cve/CVE-2024-42289.html * https://www.suse.com/security/cve/CVE-2024-42301.html * https://www.suse.com/security/cve/CVE-2024-42309.html * https://www.suse.com/security/cve/CVE-2024-42310.html * https://www.suse.com/security/cve/CVE-2024-42312.html * https://www.suse.com/security/cve/CVE-2024-42322.html * https://www.suse.com/security/cve/CVE-2024-43819.html * https://www.suse.com/security/cve/CVE-2024-43831.html * https://www.suse.com/security/cve/CVE-2024-43839.html * https://www.suse.com/security/cve/CVE-2024-43853.html * https://www.suse.com/security/cve/CVE-2024-43854.html * https://www.suse.com/security/cve/CVE-2024-43856.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-43863.html * https://www.suse.com/security/cve/CVE-2024-43866.html * https://www.suse.com/security/cve/CVE-2024-43871.html * https://www.suse.com/security/cve/CVE-2024-43872.html * https://www.suse.com/security/cve/CVE-2024-43879.html * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-43883.html * https://www.suse.com/security/cve/CVE-2024-43892.html * https://www.suse.com/security/cve/CVE-2024-43893.html * https://www.suse.com/security/cve/CVE-2024-43900.html * https://www.suse.com/security/cve/CVE-2024-43902.html * https://www.suse.com/security/cve/CVE-2024-43905.html * https://www.suse.com/security/cve/CVE-2024-43907.html * https://bugzilla.suse.com/show_bug.cgi?id=1082555 * https://bugzilla.suse.com/show_bug.cgi?id=1190317 * https://bugzilla.suse.com/show_bug.cgi?id=1196516 * https://bugzilla.suse.com/show_bug.cgi?id=1205462 * https://bugzilla.suse.com/show_bug.cgi?id=1210629 * https://bugzilla.suse.com/show_bug.cgi?id=1214285 * https://bugzilla.suse.com/show_bug.cgi?id=1216834 * https://bugzilla.suse.com/show_bug.cgi?id=1221252 * https://bugzilla.suse.com/show_bug.cgi?id=1222335 * https://bugzilla.suse.com/show_bug.cgi?id=1222387 * https://bugzilla.suse.com/show_bug.cgi?id=1222808 * https://bugzilla.suse.com/show_bug.cgi?id=1223074 * https://bugzilla.suse.com/show_bug.cgi?id=1223803 * https://bugzilla.suse.com/show_bug.cgi?id=1224479 * https://bugzilla.suse.com/show_bug.cgi?id=1224579 * https://bugzilla.suse.com/show_bug.cgi?id=1224640 * https://bugzilla.suse.com/show_bug.cgi?id=1224896 * https://bugzilla.suse.com/show_bug.cgi?id=1224923 * https://bugzilla.suse.com/show_bug.cgi?id=1224984 * https://bugzilla.suse.com/show_bug.cgi?id=1225190 * https://bugzilla.suse.com/show_bug.cgi?id=1225223 * https://bugzilla.suse.com/show_bug.cgi?id=1225483 * https://bugzilla.suse.com/show_bug.cgi?id=1225508 * https://bugzilla.suse.com/show_bug.cgi?id=1225578 * https://bugzilla.suse.com/show_bug.cgi?id=1226323 * https://bugzilla.suse.com/show_bug.cgi?id=1226629 * https://bugzilla.suse.com/show_bug.cgi?id=1226653 * https://bugzilla.suse.com/show_bug.cgi?id=1226754 * https://bugzilla.suse.com/show_bug.cgi?id=1226798 * https://bugzilla.suse.com/show_bug.cgi?id=1226801 * https://bugzilla.suse.com/show_bug.cgi?id=1226885 * https://bugzilla.suse.com/show_bug.cgi?id=1227069 * https://bugzilla.suse.com/show_bug.cgi?id=1227623 * https://bugzilla.suse.com/show_bug.cgi?id=1227820 * https://bugzilla.suse.com/show_bug.cgi?id=1227996 * https://bugzilla.suse.com/show_bug.cgi?id=1228040 * https://bugzilla.suse.com/show_bug.cgi?id=1228065 * https://bugzilla.suse.com/show_bug.cgi?id=1228247 * https://bugzilla.suse.com/show_bug.cgi?id=1228410 * https://bugzilla.suse.com/show_bug.cgi?id=1228427 * https://bugzilla.suse.com/show_bug.cgi?id=1228449 * https://bugzilla.suse.com/show_bug.cgi?id=1228466 * https://bugzilla.suse.com/show_bug.cgi?id=1228467 * https://bugzilla.suse.com/show_bug.cgi?id=1228482 * https://bugzilla.suse.com/show_bug.cgi?id=1228485 * https://bugzilla.suse.com/show_bug.cgi?id=1228487 * https://bugzilla.suse.com/show_bug.cgi?id=1228493 * https://bugzilla.suse.com/show_bug.cgi?id=1228495 * https://bugzilla.suse.com/show_bug.cgi?id=1228501 * https://bugzilla.suse.com/show_bug.cgi?id=1228513 * https://bugzilla.suse.com/show_bug.cgi?id=1228516 * https://bugzilla.suse.com/show_bug.cgi?id=1228576 * https://bugzilla.suse.com/show_bug.cgi?id=1228579 * https://bugzilla.suse.com/show_bug.cgi?id=1228667 * https://bugzilla.suse.com/show_bug.cgi?id=1228706 * https://bugzilla.suse.com/show_bug.cgi?id=1228709 * https://bugzilla.suse.com/show_bug.cgi?id=1228720 * https://bugzilla.suse.com/show_bug.cgi?id=1228727 * https://bugzilla.suse.com/show_bug.cgi?id=1228733 * https://bugzilla.suse.com/show_bug.cgi?id=1228801 * https://bugzilla.suse.com/show_bug.cgi?id=1228850 * https://bugzilla.suse.com/show_bug.cgi?id=1228959 * https://bugzilla.suse.com/show_bug.cgi?id=1228964 * https://bugzilla.suse.com/show_bug.cgi?id=1228966 * https://bugzilla.suse.com/show_bug.cgi?id=1228967 * https://bugzilla.suse.com/show_bug.cgi?id=1228982 * https://bugzilla.suse.com/show_bug.cgi?id=1228989 * https://bugzilla.suse.com/show_bug.cgi?id=1229154 * https://bugzilla.suse.com/show_bug.cgi?id=1229156 * https://bugzilla.suse.com/show_bug.cgi?id=1229222 * https://bugzilla.suse.com/show_bug.cgi?id=1229229 * https://bugzilla.suse.com/show_bug.cgi?id=1229290 * https://bugzilla.suse.com/show_bug.cgi?id=1229292 * https://bugzilla.suse.com/show_bug.cgi?id=1229301 * https://bugzilla.suse.com/show_bug.cgi?id=1229309 * https://bugzilla.suse.com/show_bug.cgi?id=1229327 * https://bugzilla.suse.com/show_bug.cgi?id=1229345 * https://bugzilla.suse.com/show_bug.cgi?id=1229346 * https://bugzilla.suse.com/show_bug.cgi?id=1229347 * https://bugzilla.suse.com/show_bug.cgi?id=1229357 * https://bugzilla.suse.com/show_bug.cgi?id=1229358 * https://bugzilla.suse.com/show_bug.cgi?id=1229359 * https://bugzilla.suse.com/show_bug.cgi?id=1229381 * https://bugzilla.suse.com/show_bug.cgi?id=1229382 * https://bugzilla.suse.com/show_bug.cgi?id=1229386 * https://bugzilla.suse.com/show_bug.cgi?id=1229388 * https://bugzilla.suse.com/show_bug.cgi?id=1229392 * https://bugzilla.suse.com/show_bug.cgi?id=1229395 * https://bugzilla.suse.com/show_bug.cgi?id=1229398 * https://bugzilla.suse.com/show_bug.cgi?id=1229399 * https://bugzilla.suse.com/show_bug.cgi?id=1229400 * https://bugzilla.suse.com/show_bug.cgi?id=1229407 * https://bugzilla.suse.com/show_bug.cgi?id=1229457 * https://bugzilla.suse.com/show_bug.cgi?id=1229462 * https://bugzilla.suse.com/show_bug.cgi?id=1229482 * https://bugzilla.suse.com/show_bug.cgi?id=1229489 * https://bugzilla.suse.com/show_bug.cgi?id=1229490 * https://bugzilla.suse.com/show_bug.cgi?id=1229495 * https://bugzilla.suse.com/show_bug.cgi?id=1229497 * https://bugzilla.suse.com/show_bug.cgi?id=1229500 * https://bugzilla.suse.com/show_bug.cgi?id=1229503 * https://bugzilla.suse.com/show_bug.cgi?id=1229516 * https://bugzilla.suse.com/show_bug.cgi?id=1229526 * https://bugzilla.suse.com/show_bug.cgi?id=1229531 * https://bugzilla.suse.com/show_bug.cgi?id=1229535 * https://bugzilla.suse.com/show_bug.cgi?id=1229536 * https://bugzilla.suse.com/show_bug.cgi?id=1229540 * https://bugzilla.suse.com/show_bug.cgi?id=1229604 * https://bugzilla.suse.com/show_bug.cgi?id=1229623 * https://bugzilla.suse.com/show_bug.cgi?id=1229624 * https://bugzilla.suse.com/show_bug.cgi?id=1229630 * https://bugzilla.suse.com/show_bug.cgi?id=1229632 * https://bugzilla.suse.com/show_bug.cgi?id=1229657 * https://bugzilla.suse.com/show_bug.cgi?id=1229658 * https://bugzilla.suse.com/show_bug.cgi?id=1229664 * https://bugzilla.suse.com/show_bug.cgi?id=1229707 * https://bugzilla.suse.com/show_bug.cgi?id=1229756 * https://bugzilla.suse.com/show_bug.cgi?id=1229759 * https://bugzilla.suse.com/show_bug.cgi?id=1229761 * https://bugzilla.suse.com/show_bug.cgi?id=1229767 * https://bugzilla.suse.com/show_bug.cgi?id=1229784 * https://bugzilla.suse.com/show_bug.cgi?id=1229787 * https://bugzilla.suse.com/show_bug.cgi?id=1229851 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 10 12:42:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 10 Sep 2024 12:42:14 -0000 Subject: SUSE-SU-2024:3188-1: important: Security update for containerd Message-ID: <172597213469.27756.6477874848159089221@smelt2.prg2.suse.org> # Security update for containerd Announcement ID: SUSE-SU-2024:3188-1 Rating: important References: * bsc#1217070 * bsc#1217952 * bsc#1221400 * bsc#1224323 * bsc#1228553 Cross-References: * CVE-2023-45142 * CVE-2023-45288 * CVE-2023-47108 CVSS scores: * CVE-2023-45142 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45142 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-47108 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-47108 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Containers Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities and has two security fixes can now be installed. ## Description: This update for containerd fixes the following issues: * Update to containerd v1.7.21 * CVE-2023-47108: Fixed DoS vulnerability in otelgrpc (uncontrolled resource consumption) due to unbound cardinality metrics. (bsc#1217070) * CVE-2023-45142: Fixed DoS vulnerability in otelhttp. (bsc#1228553) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Containers Module 12 zypper in -t patch SUSE-SLE-Module-Containers-12-2024-3188=1 ## Package List: * Containers Module 12 (ppc64le s390x x86_64) * containerd-1.7.21-16.94.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45142.html * https://www.suse.com/security/cve/CVE-2023-45288.html * https://www.suse.com/security/cve/CVE-2023-47108.html * https://bugzilla.suse.com/show_bug.cgi?id=1217070 * https://bugzilla.suse.com/show_bug.cgi?id=1217952 * https://bugzilla.suse.com/show_bug.cgi?id=1221400 * https://bugzilla.suse.com/show_bug.cgi?id=1224323 * https://bugzilla.suse.com/show_bug.cgi?id=1228553 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 10 12:42:18 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 10 Sep 2024 12:42:18 -0000 Subject: SUSE-SU-2024:3187-1: important: Security update for python-Django Message-ID: <172597213814.27756.14661532079346601761@smelt2.prg2.suse.org> # Security update for python-Django Announcement ID: SUSE-SU-2024:3187-1 Rating: important References: * bsc#1229823 Cross-References: * CVE-2024-45230 CVSS scores: * CVE-2024-45230 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 An update that solves one vulnerability can now be installed. ## Description: This update for python-Django fixes the following issues: There is an issue with the previous fix for CVE-2024-45230. Please consider the following vulnerability fixed only after the installation of this update. \- CVE-2024-45230: Fixed potential denial-of-service vulnerability in django.utils.html.urlize(). (bsc#1229823) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3187=1 ## Package List: * openSUSE Leap 15.5 (noarch) * python3-Django-2.0.7-150000.1.36.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45230.html * https://bugzilla.suse.com/show_bug.cgi?id=1229823 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 10 16:35:54 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 10 Sep 2024 16:35:54 -0000 Subject: SUSE-SU-2024:3195-1: important: Security update for the Linux Kernel Message-ID: <172598615415.28013.14353408839298732467@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3195-1 Rating: important References: * bsc#1012628 * bsc#1193454 * bsc#1194869 * bsc#1205462 * bsc#1208783 * bsc#1213123 * bsc#1214285 * bsc#1215199 * bsc#1219596 * bsc#1220066 * bsc#1220252 * bsc#1220877 * bsc#1221326 * bsc#1221630 * bsc#1221645 * bsc#1221652 * bsc#1221857 * bsc#1222254 * bsc#1222335 * bsc#1222350 * bsc#1222364 * bsc#1222372 * bsc#1222387 * bsc#1222433 * bsc#1222434 * bsc#1222625 * bsc#1222633 * bsc#1222634 * bsc#1222777 * bsc#1222808 * bsc#1222967 * bsc#1222973 * bsc#1223053 * bsc#1223074 * bsc#1223191 * bsc#1223395 * bsc#1223635 * bsc#1223720 * bsc#1223731 * bsc#1223742 * bsc#1223763 * bsc#1223767 * bsc#1223777 * bsc#1223803 * bsc#1224105 * bsc#1224415 * bsc#1224485 * bsc#1224496 * bsc#1224510 * bsc#1224535 * bsc#1224631 * bsc#1224636 * bsc#1224690 * bsc#1224694 * bsc#1224700 * bsc#1224711 * bsc#1225461 * bsc#1225474 * bsc#1225475 * bsc#1225582 * bsc#1225607 * bsc#1225718 * bsc#1225751 * bsc#1225814 * bsc#1225832 * bsc#1225838 * bsc#1225903 * bsc#1226031 * bsc#1226127 * bsc#1226502 * bsc#1226530 * bsc#1226588 * bsc#1226604 * bsc#1226743 * bsc#1226751 * bsc#1226765 * bsc#1226798 * bsc#1226801 * bsc#1226834 * bsc#1226874 * bsc#1226885 * bsc#1226920 * bsc#1227149 * bsc#1227182 * bsc#1227383 * bsc#1227437 * bsc#1227492 * bsc#1227493 * bsc#1227494 * bsc#1227618 * bsc#1227620 * bsc#1227623 * bsc#1227627 * bsc#1227634 * bsc#1227706 * bsc#1227722 * bsc#1227724 * bsc#1227725 * bsc#1227728 * bsc#1227729 * bsc#1227732 * bsc#1227733 * bsc#1227734 * bsc#1227747 * bsc#1227750 * bsc#1227754 * bsc#1227758 * bsc#1227760 * bsc#1227761 * bsc#1227764 * bsc#1227766 * bsc#1227770 * bsc#1227771 * bsc#1227772 * bsc#1227774 * bsc#1227781 * bsc#1227784 * bsc#1227785 * bsc#1227787 * bsc#1227790 * bsc#1227791 * bsc#1227792 * bsc#1227796 * bsc#1227798 * bsc#1227799 * bsc#1227802 * bsc#1227808 * bsc#1227810 * bsc#1227811 * bsc#1227812 * bsc#1227815 * bsc#1227816 * bsc#1227818 * bsc#1227820 * bsc#1227823 * bsc#1227824 * bsc#1227826 * bsc#1227828 * bsc#1227829 * bsc#1227830 * bsc#1227832 * bsc#1227833 * bsc#1227834 * bsc#1227839 * bsc#1227840 * bsc#1227846 * bsc#1227849 * bsc#1227851 * bsc#1227853 * bsc#1227863 * bsc#1227864 * bsc#1227865 * bsc#1227867 * bsc#1227869 * bsc#1227870 * bsc#1227883 * bsc#1227884 * bsc#1227891 * bsc#1227893 * bsc#1227929 * bsc#1227950 * bsc#1227957 * bsc#1227981 * bsc#1228020 * bsc#1228021 * bsc#1228114 * bsc#1228192 * bsc#1228195 * bsc#1228202 * bsc#1228235 * bsc#1228236 * bsc#1228237 * bsc#1228247 * bsc#1228321 * bsc#1228409 * bsc#1228410 * bsc#1228426 * bsc#1228427 * bsc#1228429 * bsc#1228446 * bsc#1228447 * bsc#1228449 * bsc#1228450 * bsc#1228452 * bsc#1228456 * bsc#1228457 * bsc#1228458 * bsc#1228459 * bsc#1228460 * bsc#1228462 * bsc#1228463 * bsc#1228466 * bsc#1228467 * bsc#1228468 * bsc#1228469 * bsc#1228470 * bsc#1228472 * bsc#1228479 * bsc#1228480 * bsc#1228481 * bsc#1228482 * bsc#1228483 * bsc#1228484 * bsc#1228485 * bsc#1228486 * bsc#1228487 * bsc#1228489 * bsc#1228491 * bsc#1228492 * bsc#1228493 * bsc#1228494 * bsc#1228495 * bsc#1228496 * bsc#1228499 * bsc#1228500 * bsc#1228501 * bsc#1228502 * bsc#1228503 * bsc#1228505 * bsc#1228508 * bsc#1228509 * bsc#1228510 * bsc#1228511 * bsc#1228513 * bsc#1228515 * bsc#1228516 * bsc#1228518 * bsc#1228520 * bsc#1228525 * bsc#1228527 * bsc#1228530 * bsc#1228531 * bsc#1228539 * bsc#1228561 * bsc#1228563 * bsc#1228564 * bsc#1228565 * bsc#1228567 * bsc#1228568 * bsc#1228572 * bsc#1228576 * bsc#1228579 * bsc#1228580 * bsc#1228581 * bsc#1228582 * bsc#1228584 * bsc#1228586 * bsc#1228588 * bsc#1228590 * bsc#1228591 * bsc#1228599 * bsc#1228615 * bsc#1228616 * bsc#1228617 * bsc#1228625 * bsc#1228626 * bsc#1228633 * bsc#1228635 * bsc#1228636 * bsc#1228640 * bsc#1228643 * bsc#1228644 * bsc#1228646 * bsc#1228649 * bsc#1228650 * bsc#1228654 * bsc#1228655 * bsc#1228656 * bsc#1228658 * bsc#1228660 * bsc#1228662 * bsc#1228665 * bsc#1228666 * bsc#1228667 * bsc#1228672 * bsc#1228673 * bsc#1228674 * bsc#1228677 * bsc#1228680 * bsc#1228687 * bsc#1228705 * bsc#1228706 * bsc#1228707 * bsc#1228708 * bsc#1228709 * bsc#1228710 * bsc#1228718 * bsc#1228720 * bsc#1228721 * bsc#1228722 * bsc#1228723 * bsc#1228724 * bsc#1228726 * bsc#1228727 * bsc#1228733 * bsc#1228737 * bsc#1228743 * bsc#1228748 * bsc#1228754 * bsc#1228756 * bsc#1228757 * bsc#1228758 * bsc#1228764 * bsc#1228766 * bsc#1228779 * bsc#1228801 * bsc#1228849 * bsc#1228850 * bsc#1228857 * bsc#1228959 * bsc#1228964 * bsc#1228966 * bsc#1228967 * bsc#1228973 * bsc#1228977 * bsc#1228978 * bsc#1228979 * bsc#1228986 * bsc#1228988 * bsc#1228989 * bsc#1228991 * bsc#1228992 * bsc#1229005 * bsc#1229024 * bsc#1229042 * bsc#1229045 * bsc#1229046 * bsc#1229054 * bsc#1229056 * bsc#1229086 * bsc#1229134 * bsc#1229136 * bsc#1229154 * bsc#1229156 * bsc#1229160 * bsc#1229167 * bsc#1229168 * bsc#1229169 * bsc#1229170 * bsc#1229171 * bsc#1229172 * bsc#1229173 * bsc#1229174 * bsc#1229239 * bsc#1229240 * bsc#1229241 * bsc#1229243 * bsc#1229244 * bsc#1229245 * bsc#1229246 * bsc#1229247 * bsc#1229248 * bsc#1229249 * bsc#1229250 * bsc#1229251 * bsc#1229252 * bsc#1229253 * bsc#1229254 * bsc#1229255 * bsc#1229256 * bsc#1229287 * bsc#1229290 * bsc#1229291 * bsc#1229292 * bsc#1229294 * bsc#1229296 * bsc#1229297 * bsc#1229298 * bsc#1229299 * bsc#1229301 * bsc#1229303 * bsc#1229304 * bsc#1229305 * bsc#1229307 * bsc#1229309 * bsc#1229312 * bsc#1229313 * bsc#1229314 * bsc#1229315 * bsc#1229316 * bsc#1229317 * bsc#1229318 * bsc#1229319 * bsc#1229320 * bsc#1229327 * bsc#1229341 * bsc#1229342 * bsc#1229344 * bsc#1229345 * bsc#1229346 * bsc#1229347 * bsc#1229349 * bsc#1229350 * bsc#1229351 * bsc#1229353 * bsc#1229354 * bsc#1229355 * bsc#1229356 * bsc#1229357 * bsc#1229358 * bsc#1229359 * bsc#1229360 * bsc#1229365 * bsc#1229366 * bsc#1229369 * bsc#1229370 * bsc#1229373 * bsc#1229374 * bsc#1229379 * bsc#1229381 * bsc#1229382 * bsc#1229383 * bsc#1229386 * bsc#1229388 * bsc#1229390 * bsc#1229391 * bsc#1229392 * bsc#1229395 * bsc#1229398 * bsc#1229399 * bsc#1229400 * bsc#1229402 * bsc#1229403 * bsc#1229404 * bsc#1229407 * bsc#1229409 * bsc#1229410 * bsc#1229411 * bsc#1229413 * bsc#1229414 * bsc#1229417 * bsc#1229444 * bsc#1229451 * bsc#1229452 * bsc#1229455 * bsc#1229456 * bsc#1229480 * bsc#1229481 * bsc#1229482 * bsc#1229484 * bsc#1229485 * bsc#1229486 * bsc#1229487 * bsc#1229488 * bsc#1229489 * bsc#1229490 * bsc#1229493 * bsc#1229495 * bsc#1229496 * bsc#1229497 * bsc#1229500 * bsc#1229503 * bsc#1229707 * bsc#1229739 * bsc#1229743 * bsc#1229746 * bsc#1229747 * bsc#1229752 * bsc#1229754 * bsc#1229755 * bsc#1229756 * bsc#1229759 * bsc#1229761 * bsc#1229767 * bsc#1229781 * bsc#1229784 * bsc#1229785 * bsc#1229787 * bsc#1229788 * bsc#1229789 * bsc#1229792 * bsc#1229820 * bsc#1229827 * bsc#1229830 * bsc#1229837 * bsc#1229940 * bsc#1230056 * jsc#PED-10029 * jsc#PED-10045 * jsc#PED-10055 * jsc#PED-10105 * jsc#PED-10108 * jsc#PED-8779 Cross-References: * CVE-2023-52489 * CVE-2023-52581 * CVE-2023-52668 * CVE-2023-52688 * CVE-2023-52756 * CVE-2023-52766 * CVE-2023-52800 * CVE-2023-52802 * CVE-2023-52859 * CVE-2023-52885 * CVE-2023-52886 * CVE-2023-52887 * CVE-2023-52889 * CVE-2024-26590 * CVE-2024-26631 * CVE-2024-26637 * CVE-2024-26668 * CVE-2024-26669 * CVE-2024-26677 * CVE-2024-26682 * CVE-2024-26683 * CVE-2024-26735 * CVE-2024-26758 * CVE-2024-26767 * CVE-2024-26808 * CVE-2024-26809 * CVE-2024-26812 * CVE-2024-26835 * CVE-2024-26837 * CVE-2024-26849 * CVE-2024-26851 * CVE-2024-26889 * CVE-2024-26920 * CVE-2024-26976 * CVE-2024-27010 * CVE-2024-27011 * CVE-2024-27024 * CVE-2024-27049 * CVE-2024-27050 * CVE-2024-27079 * CVE-2024-27403 * CVE-2024-27433 * CVE-2024-27437 * CVE-2024-31076 * CVE-2024-35855 * CVE-2024-35897 * CVE-2024-35902 * CVE-2024-35913 * CVE-2024-35939 * CVE-2024-35949 * CVE-2024-36270 * CVE-2024-36286 * CVE-2024-36288 * CVE-2024-36489 * CVE-2024-36881 * CVE-2024-36907 * CVE-2024-36929 * CVE-2024-36933 * CVE-2024-36939 * CVE-2024-36970 * CVE-2024-36979 * CVE-2024-38548 * CVE-2024-38563 * CVE-2024-38609 * CVE-2024-38662 * CVE-2024-39476 * CVE-2024-39483 * CVE-2024-39484 * CVE-2024-39486 * CVE-2024-39488 * CVE-2024-39489 * CVE-2024-39491 * CVE-2024-39493 * CVE-2024-39497 * CVE-2024-39499 * CVE-2024-39500 * CVE-2024-39501 * CVE-2024-39505 * CVE-2024-39506 * CVE-2024-39508 * CVE-2024-39509 * CVE-2024-39510 * CVE-2024-40899 * CVE-2024-40900 * CVE-2024-40902 * CVE-2024-40903 * CVE-2024-40904 * CVE-2024-40905 * CVE-2024-40909 * CVE-2024-40910 * CVE-2024-40911 * CVE-2024-40912 * CVE-2024-40913 * CVE-2024-40916 * CVE-2024-40920 * CVE-2024-40921 * CVE-2024-40922 * CVE-2024-40924 * CVE-2024-40926 * CVE-2024-40927 * CVE-2024-40929 * CVE-2024-40930 * CVE-2024-40932 * CVE-2024-40934 * CVE-2024-40936 * CVE-2024-40938 * CVE-2024-40939 * CVE-2024-40941 * CVE-2024-40942 * CVE-2024-40943 * CVE-2024-40944 * CVE-2024-40945 * CVE-2024-40954 * CVE-2024-40956 * CVE-2024-40957 * CVE-2024-40958 * CVE-2024-40959 * CVE-2024-40962 * CVE-2024-40964 * CVE-2024-40967 * CVE-2024-40976 * CVE-2024-40977 * CVE-2024-40978 * CVE-2024-40981 * CVE-2024-40982 * CVE-2024-40984 * CVE-2024-40987 * CVE-2024-40988 * CVE-2024-40989 * CVE-2024-40990 * CVE-2024-40992 * CVE-2024-40994 * CVE-2024-40995 * CVE-2024-40997 * CVE-2024-41000 * CVE-2024-41001 * CVE-2024-41002 * CVE-2024-41004 * CVE-2024-41007 * CVE-2024-41009 * CVE-2024-41010 * CVE-2024-41011 * CVE-2024-41012 * CVE-2024-41015 * CVE-2024-41016 * CVE-2024-41020 * CVE-2024-41022 * CVE-2024-41024 * CVE-2024-41025 * CVE-2024-41028 * CVE-2024-41032 * CVE-2024-41035 * CVE-2024-41036 * CVE-2024-41037 * CVE-2024-41038 * CVE-2024-41039 * CVE-2024-41040 * CVE-2024-41041 * CVE-2024-41044 * CVE-2024-41045 * CVE-2024-41048 * CVE-2024-41049 * CVE-2024-41050 * CVE-2024-41051 * CVE-2024-41056 * CVE-2024-41057 * CVE-2024-41058 * CVE-2024-41059 * CVE-2024-41060 * CVE-2024-41061 * CVE-2024-41062 * CVE-2024-41063 * CVE-2024-41064 * CVE-2024-41065 * CVE-2024-41066 * CVE-2024-41068 * CVE-2024-41069 * CVE-2024-41070 * CVE-2024-41071 * CVE-2024-41072 * CVE-2024-41073 * CVE-2024-41074 * CVE-2024-41075 * CVE-2024-41076 * CVE-2024-41078 * CVE-2024-41079 * CVE-2024-41080 * CVE-2024-41081 * CVE-2024-41084 * CVE-2024-41087 * CVE-2024-41088 * CVE-2024-41089 * CVE-2024-41092 * CVE-2024-41093 * CVE-2024-41094 * CVE-2024-41095 * CVE-2024-41096 * CVE-2024-41097 * CVE-2024-41098 * CVE-2024-42064 * CVE-2024-42069 * CVE-2024-42070 * CVE-2024-42073 * CVE-2024-42074 * CVE-2024-42076 * CVE-2024-42077 * CVE-2024-42079 * CVE-2024-42080 * CVE-2024-42082 * CVE-2024-42085 * CVE-2024-42086 * CVE-2024-42087 * CVE-2024-42089 * CVE-2024-42090 * CVE-2024-42092 * CVE-2024-42093 * CVE-2024-42095 * CVE-2024-42096 * CVE-2024-42097 * CVE-2024-42098 * CVE-2024-42101 * CVE-2024-42104 * CVE-2024-42105 * CVE-2024-42106 * CVE-2024-42107 * CVE-2024-42109 * CVE-2024-42110 * CVE-2024-42113 * CVE-2024-42114 * CVE-2024-42115 * CVE-2024-42117 * CVE-2024-42119 * CVE-2024-42120 * CVE-2024-42121 * CVE-2024-42122 * CVE-2024-42124 * CVE-2024-42125 * CVE-2024-42126 * CVE-2024-42127 * CVE-2024-42130 * CVE-2024-42131 * CVE-2024-42132 * CVE-2024-42133 * CVE-2024-42136 * CVE-2024-42137 * CVE-2024-42138 * CVE-2024-42139 * CVE-2024-42141 * CVE-2024-42142 * CVE-2024-42143 * CVE-2024-42144 * CVE-2024-42145 * CVE-2024-42147 * CVE-2024-42148 * CVE-2024-42152 * CVE-2024-42153 * CVE-2024-42155 * CVE-2024-42156 * CVE-2024-42157 * CVE-2024-42158 * CVE-2024-42159 * CVE-2024-42161 * CVE-2024-42162 * CVE-2024-42223 * CVE-2024-42224 * CVE-2024-42225 * CVE-2024-42226 * CVE-2024-42227 * CVE-2024-42228 * CVE-2024-42229 * CVE-2024-42230 * CVE-2024-42232 * CVE-2024-42236 * CVE-2024-42237 * CVE-2024-42238 * CVE-2024-42239 * CVE-2024-42240 * CVE-2024-42241 * CVE-2024-42244 * CVE-2024-42245 * CVE-2024-42246 * CVE-2024-42247 * CVE-2024-42250 * CVE-2024-42253 * CVE-2024-42259 * CVE-2024-42268 * CVE-2024-42269 * CVE-2024-42270 * CVE-2024-42271 * CVE-2024-42274 * CVE-2024-42276 * CVE-2024-42277 * CVE-2024-42278 * CVE-2024-42279 * CVE-2024-42280 * CVE-2024-42281 * CVE-2024-42283 * CVE-2024-42284 * CVE-2024-42285 * CVE-2024-42286 * CVE-2024-42287 * CVE-2024-42288 * CVE-2024-42289 * CVE-2024-42290 * CVE-2024-42291 * CVE-2024-42292 * CVE-2024-42295 * CVE-2024-42298 * CVE-2024-42301 * CVE-2024-42302 * CVE-2024-42303 * CVE-2024-42308 * CVE-2024-42309 * CVE-2024-42310 * CVE-2024-42311 * CVE-2024-42312 * CVE-2024-42313 * CVE-2024-42314 * CVE-2024-42315 * CVE-2024-42316 * CVE-2024-42318 * CVE-2024-42319 * CVE-2024-42320 * CVE-2024-42322 * CVE-2024-43816 * CVE-2024-43817 * CVE-2024-43818 * CVE-2024-43819 * CVE-2024-43821 * CVE-2024-43823 * CVE-2024-43824 * CVE-2024-43825 * CVE-2024-43826 * CVE-2024-43829 * CVE-2024-43830 * CVE-2024-43831 * CVE-2024-43833 * CVE-2024-43834 * CVE-2024-43837 * CVE-2024-43839 * CVE-2024-43840 * CVE-2024-43841 * CVE-2024-43842 * CVE-2024-43846 * CVE-2024-43847 * CVE-2024-43849 * CVE-2024-43850 * CVE-2024-43851 * CVE-2024-43853 * CVE-2024-43854 * CVE-2024-43855 * CVE-2024-43856 * CVE-2024-43858 * CVE-2024-43860 * CVE-2024-43861 * CVE-2024-43863 * CVE-2024-43864 * CVE-2024-43866 * CVE-2024-43867 * CVE-2024-43871 * CVE-2024-43872 * CVE-2024-43873 * CVE-2024-43874 * CVE-2024-43875 * CVE-2024-43876 * CVE-2024-43877 * CVE-2024-43879 * CVE-2024-43880 * CVE-2024-43881 * CVE-2024-43882 * CVE-2024-43883 * CVE-2024-43884 * CVE-2024-43885 * CVE-2024-43889 * CVE-2024-43892 * CVE-2024-43893 * CVE-2024-43894 * CVE-2024-43895 * CVE-2024-43897 * CVE-2024-43899 * CVE-2024-43900 * CVE-2024-43902 * CVE-2024-43903 * CVE-2024-43905 * CVE-2024-43906 * CVE-2024-43907 * CVE-2024-43908 * CVE-2024-43909 * CVE-2024-43911 * CVE-2024-43912 * CVE-2024-44931 * CVE-2024-44938 * CVE-2024-44939 CVSS scores: * CVE-2023-52489 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52581 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52756 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2023-52766 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52800 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52802 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2023-52802 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52859 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52885 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52885 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52886 ( NVD ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52887 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2023-52887 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2023-52889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52889 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26590 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26590 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26669 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26677 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26682 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26683 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26735 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26758 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26767 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26808 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26809 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26812 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26835 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-26837 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2024-26849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26976 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27010 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27024 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-27049 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27050 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27079 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27403 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27433 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27437 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-31076 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35897 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-35949 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36270 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36286 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-36288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36288 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36489 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36881 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2024-36907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36929 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36933 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-36939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36970 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36979 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36979 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38548 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38563 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38563 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38609 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38662 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38662 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-39476 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39476 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39483 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-39483 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39484 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39484 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39486 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-39488 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39489 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-39489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39491 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L * CVE-2024-39493 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-39493 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39497 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39499 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-39500 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39501 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39505 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-39506 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39506 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39508 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-39509 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39510 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-39510 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40899 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40899 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40900 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40902 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-40902 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40903 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40903 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40910 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40910 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40912 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40912 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40913 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40916 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40921 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40922 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-40924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40926 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40927 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40929 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40932 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-40932 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40934 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-40934 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40936 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-40938 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40942 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40943 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40944 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40945 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40956 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40957 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40957 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40958 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40959 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40959 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40962 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40964 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40964 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40967 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40967 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40976 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40977 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40977 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40978 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40981 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-40981 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40982 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40984 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40987 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2024-40988 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40989 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40992 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40994 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40994 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40995 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40995 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40997 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40997 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41000 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41000 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41001 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-41001 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41002 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-41002 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41004 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2024-41007 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41007 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41009 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41010 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41010 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41011 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41011 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41012 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41015 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2024-41016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-41020 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41020 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41022 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41022 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41024 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41024 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41025 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-41028 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41032 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41035 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41036 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41037 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41037 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41038 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2024-41038 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41039 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2024-41040 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41041 ( SUSE ): 0.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N * CVE-2024-41044 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-41045 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41048 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41049 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41049 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41050 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41057 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41057 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41058 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41058 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-41058 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41060 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41061 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-41061 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41063 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41063 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41064 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41064 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41065 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41065 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41066 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41066 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-41068 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41069 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41069 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41070 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41070 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41071 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-41071 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41072 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-41073 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41075 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41075 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41076 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41076 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41078 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41079 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41080 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41081 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41084 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41084 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41087 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41088 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41088 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41089 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41089 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41092 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41092 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41093 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41093 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41094 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41094 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41094 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41095 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41096 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41096 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41097 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41097 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41098 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42064 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42064 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42069 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42069 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42070 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-42070 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42073 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42073 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42074 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42076 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42076 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42079 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42079 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42080 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42082 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42085 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42085 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42086 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42086 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-42087 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-42089 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42092 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42093 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L * CVE-2024-42093 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42096 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42096 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-42097 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-42097 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-42098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42101 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42101 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42104 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42104 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-42104 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42105 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-42105 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-42106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42107 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42109 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42109 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42114 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42114 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42115 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42115 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42117 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-42119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42121 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42124 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42125 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42125 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42126 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42127 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42130 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42130 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42132 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42132 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42133 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42133 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42136 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-42136 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2024-42137 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42138 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42139 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42141 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42141 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42142 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42143 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42143 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2024-42144 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42144 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42147 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42148 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42152 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42152 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42153 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42153 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42155 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42155 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42155 ( NVD ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N * CVE-2024-42156 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42156 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42157 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42158 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42158 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42159 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42159 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42159 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42161 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42161 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42161 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42162 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42223 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42223 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42224 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42224 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42225 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42225 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42226 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42226 ( NVD ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42227 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42227 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42228 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42228 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42229 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42229 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42230 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42230 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42230 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42236 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-42236 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-42236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42237 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42238 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42238 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42239 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42239 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42240 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42241 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42241 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42244 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42244 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42244 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42245 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42245 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42246 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42247 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42247 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42250 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42250 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42253 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-42253 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-42253 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42259 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42259 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-42268 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-42268 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42269 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42269 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42270 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42271 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42271 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42274 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42274 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42276 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42276 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42277 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42277 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42278 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42278 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42279 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42281 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42283 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42283 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42284 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42284 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42285 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42285 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42286 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42288 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42289 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42290 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42291 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42292 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42295 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42298 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42301 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42301 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42302 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42303 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42308 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42309 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42309 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42310 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42310 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42311 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-42311 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42312 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42313 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42314 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42314 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42315 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42316 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42316 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42320 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42322 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43817 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43818 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43818 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43819 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43821 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43821 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43823 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43823 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43824 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43824 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43825 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43826 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43829 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43830 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43831 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43833 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43833 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43834 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43837 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43837 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43840 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43841 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43842 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43846 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43847 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43850 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43855 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43856 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43858 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43858 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43860 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43860 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43863 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43864 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43866 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43867 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43871 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43872 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43873 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43873 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43874 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43874 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43875 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43876 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43877 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43880 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43881 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-43881 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43883 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43883 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43884 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43884 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43885 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43889 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43889 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43889 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43892 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43892 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43892 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43893 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43894 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43894 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43895 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43895 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43897 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43897 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43899 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43900 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43900 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43902 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43902 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43902 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43903 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43905 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43906 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43906 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43907 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43908 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43908 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43908 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43909 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43909 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43911 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43912 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-43912 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-43912 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44931 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-44931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44938 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-44938 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44939 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Real Time Module 15-SP6 An update that solves 393 vulnerabilities, contains six features and has 84 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-41062: Sync sock recv cb and release (bsc#1228576). * CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326). * CVE-2024-43821: Fix a possible null pointer dereference (bsc#1229315). * CVE-2024-43911: Fix NULL dereference at band check in starting tx ba session (bsc#1229827). * CVE-2024-42277: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409). * CVE-2024-43880: Put back removed metod in struct objagg_ops (bsc#1229481). * CVE-2024-43899: Fix null pointer deref in dcn20_resource.c (bsc#1229754). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) * CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495). * CVE-2024-26812: Struct virqfd kABI workaround (bsc#1222808). * CVE-2024-27010: Fix mirred deadlock on device recursion (bsc#1223720). * CVE-2024-36881: Fix reset ptes when close() for wr-protected (bsc#1225718). * CVE-2024-42316: Fix div-by-zero in vmpressure_calc_level() (bsc#1229353). * CVE-2024-43855: Fix deadlock between mddev_suspend and flush bio (bsc#1229342). * CVE-2024-43864: Fix CT entry update leaks of modify header context (bsc#1229496). * CVE-2024-26631: Fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630). * CVE-2024-42109: Unconditionally flush pending work before notifier (bsc#1228505). * CVE-2024-41084: Avoid null pointer dereference in region lookup (bsc#1228472). * CVE-2024-40905: Fix possible race in __fib6_drop_pcpu_from() (bsc#1227761) * CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623) * CVE-2024-36489: Fix missing memory barrier in tls_init (bsc#1226874) * CVE-2024-27079: Fix NULL domain on device release (bsc#1223742). * CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427). * CVE-2024-35897: Discard table flag update with pending basechain deletion (bsc#1224510). * CVE-2024-27403: Restore const specifier in flow_offload_route_init() (bsc#1224415). * CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803). * CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335). * CVE-2024-26835: Set dormant flag on hook register failure (bsc#1222967). * CVE-2024-26808: Handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634). * CVE-2024-26809: Release elements in clone only from destroy path (bsc#1222633). * CVE-2023-52581: Fix memleak when more than 255 elements expired (bsc#1220877). * CVE-2024-43837: Fix updating attached freplace prog in prog_array map (bsc#1229297). * CVE-2024-35939: Fixed leak pages on dma_set_decrypted() failure (bsc#1224535). * CVE-2024-42291: Add a per-VF limit on number of FDIR filters (bsc#1229374). * CVE-2024-42268: Fix missing lock on sync reset reload (bsc#1229391). * CVE-2024-43834: Fix invalid wait context of page_pool_destroy() (bsc#1229314) * CVE-2024-27433: Fix an error handling path in clk_mt8135_apmixed_probe() (bsc#1224711). * CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801) * CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074) * CVE-2024-40920: Fix suspicious rcu usage in br_mst_set_state (bsc#1227781). * CVE-2024-40921: Pass vlan group directly to br_mst_vlan_set_state (bsc#1227784). * CVE-2024-36979: Fix vlan use-after-free (bsc#1226604). * CVE-2024-26590: Fix inconsistent per-file compression format (bsc#1220252). * CVE-2023-52859: Fix use-after-free when register pmu fails (bsc#1225582). * CVE-2024-42270: Fix null-ptr-deref in iptable_nat_table_init() (bsc#1229404). * CVE-2024-42269: Fix potential null-ptr-deref in ip6table_nat_table_init() (bsc#1229402). * CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382) * CVE-2024-42283: Initialize all fields in dumped nexthops (bsc#1229383) * CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357) * CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345) * CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347) * CVE-2024-42290: Handle runtime power management correctly (bsc#1229379). * CVE-2024-42318: Do not lose track of restrictions on cred_transfer (bsc#1229351). * CVE-2023-52889: Fix null pointer deref when receiving skb during sock creation (bsc#1229287). * CVE-2024-42295: Handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370). * CVE-2024-43850: Fix refcount imbalance seen during bwmon_remove (bsc#1229316). * CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309). * CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301). * CVE-2024-41007: Use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863). * CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386). * CVE-2024-26669: Fix chain template offload (bsc#1222350). * CVE-2024-26677: Blacklist e7870cf13d20 (" Fix delayed ACKs to not set the reference serial number") (bsc#1222387) * CVE-2024-41050: Cyclic allocation of msg_id to avoid reuse (bsc#1228499). * CVE-2024-41051: Wait for ondemand_object_worker to finish when dropping object (bsc#1228468). * CVE-2024-41074: Set object to close if ondemand_id < 0 in copen (bsc#1228643). * CVE-2024-41075: Add consistency check for copen/cread (bsc#1228646). * CVE-2024-41012: Remove locks reliably when fcntl/close race is detected (bsc#1228247). * CVE-2024-41080: Fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616). * CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989). * CVE-2024-42159: Fix sanitise num_phys (bsc#1228754). * CVE-2024-42241: Disable PMD-sized page cache if needed (bsc#1228986). * CVE-2024-42245: Revert "sched/fair: Make sure to try to detach at least one movable task" (bsc#1228978). * CVE-2024-26735: Fix possible use-after-free and null-ptr-deref (bsc#1222372). * CVE-2024-26837: Race between creation of new group memberships and generation of the list of MDB events to replay (bsc#1222973). * CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733). * CVE-2024-42156: Wipe copies of clear-key structures on failure (bsc#1228722). * CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727). * CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720). * CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885). * CVE-2024-40938: Fix d_parent walk (bsc#1227840). * CVE-2024-42247: Avoid unaligned 64-bit memory accesses (bsc#1228988). * CVE-2024-41010: Fix too early release of tcx_entry (bsc#1228021). * CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493). * CVE-2024-42095: Fix Errata i2310 with RX FIFO level check (bsc#1228446). * CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579). * CVE-2024-42138: Fix double memory deallocation in case of invalid INI file (bsc#1228500). * CVE-2024-42107: Do not process extts if PTP is disabled (bsc#1228494). * CVE-2024-42139: Fix improper extts handling (bsc#1228503). * CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501). * CVE-2024-42113: Initialize num_q_vectors for MSI/INTx interrupts (bsc#1228568). * CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487). * CVE-2024-42142: E-switch, Create ingress ACL when needed (bsc#1228491). * CVE-2024-42073: Fix memory corruptions on Spectrum-4 systems (bsc#1228457). * CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706). * CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482). * CVE-2024-40978: Fix crash while reading debugfs attribute (bsc#1227929). * CVE-2024-41000: Prefer different overflow check (bsc#1227867). * CVE-2024-40995: Fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830). * CVE-2024-42161: Avoid uninitialized value in BPF_CORE_READ_BITFIELD (bsc#1228756). * CVE-2024-41069: Fix route memory corruption (bsc#1228644). * CVE-2024-39506: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet (bsc#1227729). * CVE-2024-42145: Implement a limit on UMAD receive List (bsc#1228743). * CVE-2024-40994: Fix integer overflow in max_vclocks_store (bsc#1227829). * CVE-2024-42124: Make qedf_execute_tmf() non-preemptible (bsc#1228705). * CVE-2024-42096: Stop playing stack games in profile_pc() (bsc#1228633). * CVE-2024-42224: Correct check for empty list (bsc#1228723). * CVE-2024-41048: Skip zero length skb in sk_msg_recvmsg (bsc#1228565). * CVE-2024-40958: Make get_net_ns() handle zero refcount net (bsc#1227812). * CVE-2024-40939: Fix tainted pointer delete is case of region creation fail (bsc#1227799). * CVE-2024-36933: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832). * CVE-2024-36929: Reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814). * CVE-2024-41044: Reject claimed-as-LCP but actually malformed packets (bsc#1228530). * CVE-2024-41066: Add tx check to prevent skb leak (bsc#1228640). * CVE-2024-42093: Avoid explicit cpumask var allocation on stack (bsc#1228680). * CVE-2024-42122: Add NULL pointer check for kzalloc (bsc#1228591). * CVE-2024-41078: Fix quota root leak after quota disable failure (bsc#1228655). * CVE-2024-40989: Disassociate vcpus from redistributor region on teardown (bsc#1227823). * CVE-2024-41064: Avoid possible crash when edev->pdev changes (bsc#1228599). * CVE-2024-41036: Fix deadlock with the SPI chip variant (bsc#1228496). * CVE-2024-41040: Fix UAF when resolving a clash (bsc#1228518). * CVE-2024-35949: Make sure that WRITTEN is set on all metadata blocks (bsc#1224700). * CVE-2024-41081: Block BH in ila_output() (bsc#1228617). * CVE-2024-41076: Fix memory leak in nfs4_set_security_label (bsc#1228649). * CVE-2024-42079: Fix NULL pointer dereference in gfs2_log_flush (bsc#1228672). * CVE-2024-41057: Fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1228462). * CVE-2024-41058: Fix slab-use-after-free in fscache_withdraw_volume() (bsc#1228459). * CVE-2024-41015: Add bounds checking to ocfs2_check_dir_entry() (bsc#1228409). * CVE-2024-40956: Fix possible Use-After-Free in irq_process_work_list (bsc#1227810). * CVE-2024-27437: Disable auto-enable of exclusive INTx IRQ (bsc#1222625). * CVE-2024-41032: Check if a hash-index is in cpu_possible_mask (bsc#1228460). * CVE-2024-40957: Fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors (bsc#1227811). * CVE-2024-41041: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (bsc#1228520). * CVE-2024-40954: Do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-42070: Fully validate NFT_DATA_VALUE on store to data registers (bsc#1228470). * CVE-2024-41070: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (bsc#1228581). * CVE-2024-40959: Check ip6_dst_idev() return value in xfrm6_get_saddr() (bsc#1227884). * CVE-2024-41009: Fix overrunning reservations in ringbuf (bsc#1228020). * CVE-2024-40909: Fix a potential use-after-free in bpf_link_free() (bsc#1227798). * CVE-2024-27024: Fix WARNING in rds_conn_connect_if_down (bsc#1223777). The following non-security bugs were fixed: * ACPI: battery: create alarm sysfs attribute atomically (stable-fixes). * ACPI: processor_idle: use raw_safe_halt() in acpi_idle_play_dead() (git- fixes). * ACPI: SBS: manage alarm sysfs attribute through psy core (stable-fixes). * ACPI/NUMA: Apply SRAT proximity domain to entire CFMWS window (git-fixes). * afs: fix __afs_break_callback() / afs_drop_open_mmap() race (git-fixes). * ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable- fixes). * ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable- fixes). * ALSA: hda: Conditionally use snooping for AMD HDMI (git-fixes). * ALSA: hda: conexant: Fix headset auto detect fail in the polling mode (git- fixes). * ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes). * ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes). * ALSA: hda/realtek - Fixed ALC256 headphone no sound (stable-fixes). * ALSA: hda/realtek - FIxed ALC285 headphone no sound (stable-fixes). * ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes). * ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes). * ALSA: hda/realtek: Add quirk for Acer Aspire E5-574G (stable-fixes). * ALSA: hda/realtek: Add support for new HP G12 laptops (stable-fixes). * ALSA: hda/realtek: Enable mute/micmute LEDs on HP Laptop 14-ey0xxx (stable- fixes). * ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (git- fixes). * ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book3 Ultra (stable-fixes). * ALSA: hda/realtek: Implement sound init sequence for Samsung Galaxy Book3 Pro 360 (stable-fixes). * ALSA: hda/realtek: support HP Pavilion Aero 13-bg0xxx Mute LED (stable- fixes). * ALSA: hda/tas2781: fix wrong calibrated data order (git-fixes). * ALSA: hda/tas2781: Use correct endian conversion (git-fixes). * ALSA: line6: Fix racy access to midibuf (stable-fixes). * ALSA: line6: Fix racy access to midibuf (stable-fixes). * ALSA: seq: Skip event type filtering for UMP events (git-fixes). * ALSA: seq: ump: Explicitly reset RPN with Null RPN (stable-fixes). * ALSA: seq: ump: Optimize conversions from SysEx to UMP (git-fixes). * ALSA: seq: ump: Transmit RPN/NRPN message at each MSB/LSB data reception (stable-fixes). * ALSA: seq: ump: Use the common RPN/bank conversion context (stable-fixes). * ALSA: timer: Relax start tick time check for slave timer elements (git- fixes). * ALSA: ump: Explicitly reset RPN with Null RPN (stable-fixes). * ALSA: ump: Transmit RPN/NRPN message at each MSB/LSB data reception (stable- fixes). * ALSA: usb-audio: Add delay quirk for VIVO USB-C-XE710 HEADSET (stable- fixes). * ALSA: usb-audio: Correct surround channels in UAC1 channel map (git-fixes). * ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes). * ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes). * ALSA: usb-audio: Support Yamaha P-125 quirk entry (stable-fixes). * ALSA: usb: Fix UBSAN warning in parse_audio_unit() (stable-fixes). * apparmor: unpack transition table if dfa is not present (bsc#1226031). * arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git- fixes) * arm64: Add Neoverse-V2 part (git-fixes) * arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git- fixes) * arm64: barrier: Restore spec_bar() macro (git-fixes) * arm64: cputype: Add Cortex-A720 definitions (git-fixes) * arm64: cputype: Add Cortex-A725 definitions (git-fixes) * arm64: cputype: Add Cortex-X1C definitions (git-fixes) * arm64: cputype: Add Cortex-X3 definitions (git-fixes) * arm64: cputype: Add Cortex-X4 definitions (git-fixes) * arm64: cputype: Add Cortex-X925 definitions (git-fixes) * arm64: cputype: Add Neoverse-V3 definitions (git-fixes) * arm64: dts: imx8mp: add HDMI power-domains (git-fixes) * arm64: dts: imx8mp: Add NPU Node (git-fixes) * arm64: dts: imx8mp: Fix pgc vpu locations (git-fixes) * arm64: dts: imx8mp: Fix pgc_mlmix location (git-fixes) * arm64: errata: Expand speculative SSBS workaround (again) (git-fixes) * arm64: errata: Expand speculative SSBS workaround (git-fixes) * arm64: errata: Unify speculative SSBS errata logic (git-fixes). Update config files. * arm64: Fix KASAN random tag seed initialization (git-fixes) * arm64: jump_label: Ensure patched jump_labels are visible to all CPUs (git- fixes) * ASoC: allow module autoloading for table board_ids (stable-fixes). * ASoC: allow module autoloading for table db1200_pids (stable-fixes). * ASoC: amd: acp: fix module autoloading (git-fixes). * ASoC: amd: yc: Add quirk entry for OMEN by HP Gaming Laptop 16-n0xxx (bsc#1227182). * ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes). * ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes). * ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes). * ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes). * ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes). * ASoC: cs35l45: Checks index of cs35l45_irqs[] (stable-fixes). * ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes). * ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes). * ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable- fixes). * ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable- fixes). * ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes). * ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes). * ASoC: mediatek: mt8188: Mark AFE_DAC_CON0 register as volatile (stable- fixes). * ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes). * ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes). * ASoC: nau8822: Lower debug print priority (stable-fixes). * ASoC: nau8822: Lower debug print priority (stable-fixes). * ASoC: SOF: amd: Fix for acp init sequence (git-fixes). * ASoC: SOF: Intel: hda-dsp: Make sure that no irq handler is pending before suspend (stable-fixes). * ASoC: SOF: ipc4: check return value of snd_sof_ipc_msg_data (stable-fixes). * ASoC: SOF: mediatek: Add missing board compatible (stable-fixes). * ASoC: SOF: Remove libraries from topology lookups (git-fixes). * ASoC: SOF: Remove libraries from topology lookups (git-fixes). * ata: libata-scsi: Do not overwrite valid sense data when CK_COND=1 (stable- fixes). * ata: libata-scsi: Honor the D_SENSE bit for CK_COND=1 and no error (stable- fixes). * Bluetooth: Add device 13d3:3572 IMC Networks Bluetooth Radio (stable-fixes). * Bluetooth: bnep: Fix out-of-bound access (stable-fixes). * Bluetooth: btintel: Fail setup on error (git-fixes). * Bluetooth: btnxpuart: Shutdown timer and prevent rearming when driver unloading (stable-fixes). * Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x13d3:0x3591 (stable- fixes). * Bluetooth: btusb: Add RTL8852BE device 0489:e125 to device tables (stable- fixes). * Bluetooth: Fix usage of __hci_cmd_sync_status (git-fixes). * Bluetooth: hci_conn: Check non NULL function before calling for HFP offload (stable-fixes). * Bluetooth: hci_core: Fix LE quote calculation (git-fixes). * Bluetooth: hci_core: Fix not handling hibernation actions (git-fixes). * Bluetooth: hci_sync: avoid dup filtering when passive scanning with adv monitor (git-fixes). * Bluetooth: hci_sync: Fix suspending with wrong filter policy (git-fixes). * Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() (git- fixes). * Bluetooth: L2CAP: Fix deadlock (git-fixes). * Bluetooth: MGMT: Add error handling to pair_device() (git-fixes). * Bluetooth: SMP: Fix assumption of Central always being Initiator (git- fixes). * bnxt_re: Fix imm_data endianness (git-fixes) * bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG (git-fixes) * bpf, lpm: Fix check prefixlen before walking trie (git-fixes). * bpf: Add crosstask check to __bpf_get_stack (git-fixes). * bpf: Detect IP == ksym.end as part of BPF program (git-fixes). * bpf: do not infer PTR_TO_CTX for programs with unnamed context type (git- fixes). * bpf: enforce precision of R0 on callback return (git-fixes). * bpf: Ensure proper register state printing for cond jumps (git-fixes). * bpf: extract bpf_ctx_convert_map logic and make it more reusable (git- fixes). * bpf: Fix a few selftest failures due to llvm18 change (git-fixes). * bpf: Fix a kernel verifier crash in stacksafe() (bsc#1225903). * bpf: Fix check_stack_write_fixed_off() to correctly spill imm (git-fixes). * bpf: fix control-flow graph checking in privileged mode (git-fixes). * bpf: Fix kfunc callback register type handling (git-fixes). * bpf: Fix prog_array_map_poke_run map poke update (git-fixes). * bpf: Fix unnecessary -EBUSY from htab_lock_bucket (git-fixes). * bpf: handle bpf_user_pt_regs_t typedef explicitly for PTR_TO_CTX global arg (git-fixes). * bpf: hardcode BPF_PROG_PACK_SIZE to 2MB * num_possible_nodes() (git-fixes). * bpf: kprobe: remove unused declaring of bpf_kprobe_override (git-fixes). * bpf: Mark bpf_spin_{lock,unlock}() helpers with notrace correctly (git- fixes). * bpf: Remove unnecessary wait from bpf_map_copy_value() (git-fixes). * bpf: Set uattr->batch.count as zero before batched update or deletion (git- fixes). * bpf: simplify btf_get_prog_ctx_type() into btf_is_prog_ctx_type() (git- fixes). * bpf/tests: Remove duplicate JSGT tests (git-fixes). * bpftool: Align output skeleton ELF code (git-fixes). * bpftool: Fix -Wcast-qual warning (git-fixes). * bpftool: mark orphaned programs during prog show (git-fixes). * bpftool: Silence build warning about calloc() (git-fixes). * btrfs: add a btrfs_finish_ordered_extent helper (git-fixes). * btrfs: add a is_data_bbio helper (git-fixes). * btrfs: add an ordered_extent pointer to struct btrfs_bio (git-fixes). * btrfs: copy dir permission and time when creating a stub subvolume (bsc#1228321). * btrfs: ensure fast fsync waits for ordered extents after a write failure (git-fixes). * btrfs: factor out a btrfs_queue_ordered_fn helper (git-fixes). * btrfs: factor out a can_finish_ordered_extent helper (git-fixes). * btrfs: fix corruption after buffer fault in during direct IO append write (git-fixes). * btrfs: fix double inode unlock for direct IO sync writes (git-fixes). * btrfs: fix extent map use-after-free when adding pages to compressed bio (git-fixes). * btrfs: fix leak of qgroup extent records after transaction abort (git- fixes). * btrfs: fix ordered extent split error handling in btrfs_dio_submit_io (git- fixes). * btrfs: limit write bios to a single ordered extent (git-fixes). * btrfs: make btrfs_finish_ordered_extent() return void (git-fixes). * btrfs: merge the two calls to btrfs_add_ordered_extent in run_delalloc_nocow (git-fixes). * btrfs: open code btrfs_bio_end_io in btrfs_dio_submit_io (git-fixes). * btrfs: open code end_extent_writepage in end_bio_extent_writepage (git- fixes). * btrfs: pass a btrfs_inode to btrfs_fdatawrite_range() (git-fixes). * btrfs: pass a btrfs_inode to btrfs_wait_ordered_range() (git-fixes). * btrfs: pass an ordered_extent to btrfs_reloc_clone_csums (git-fixes). * btrfs: pass an ordered_extent to btrfs_submit_compressed_write (git-fixes). * btrfs: remove btrfs_add_ordered_extent (git-fixes). * btrfs: rename err to ret in btrfs_direct_write() (git-fixes). * btrfs: uninline some static inline helpers from tree-log.h (git-fixes). * btrfs: use a btrfs_inode in the log context (struct btrfs_log_ctx) (git- fixes). * btrfs: use a btrfs_inode local variable at btrfs_sync_file() (git-fixes). * btrfs: use bbio->ordered in btrfs_csum_one_bio (git-fixes). * btrfs: use btrfs_finish_ordered_extent to complete buffered writes (git- fixes). * btrfs: use btrfs_finish_ordered_extent to complete compressed writes (git- fixes). * btrfs: use btrfs_finish_ordered_extent to complete direct writes (git- fixes). * btrfs: use irq safe locking when running and adding delayed iputs (git- fixes). * cachefiles, erofs: Fix NULL deref in when cachefiles is not doing ondemand- mode (bsc#1229245). * cachefiles: add missing lock protection when polling (bsc#1229256). * cachefiles: add restore command to recover inflight ondemand read requests (bsc#1229244). * cachefiles: add spin_lock for cachefiles_ondemand_info (bsc#1229249). * cachefiles: cancel all requests for the object that is being dropped (bsc#1229255). * cachefiles: defer exposing anon_fd until after copy_to_user() succeeds (bsc#1229251). * cachefiles: extract ondemand info field from cachefiles_object (bsc#1229240). * cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read() (bsc#1229247). * cachefiles: fix slab-use-after-free in cachefiles_ondemand_get_fd() (bsc#1229246). * cachefiles: introduce object ondemand state (bsc#1229239). * cachefiles: make on-demand read killable (bsc#1229252). * cachefiles: narrow the scope of triggering EPOLLIN events in ondemand mode (bsc#1229243). * cachefiles: never get a new anonymous fd if ondemand_id is valid (bsc#1229250). * cachefiles: propagate errors from vfs_getxattr() to avoid infinite loop (bsc#1229253). * cachefiles: remove err_put_fd label in cachefiles_ondemand_daemon_read() (bsc#1229248). * cachefiles: resend an open request if the read request's object is closed (bsc#1229241). * cachefiles: stop sending new request when dropping object (bsc#1229254). * can: mcp251xfd: tef: prepare to workaround broken TEF FIFO tail index erratum (stable-fixes). * can: mcp251xfd: tef: update workaround for erratum DS80000789E 6 of mcp2518fd (stable-fixes). * ceph: periodically flush the cap releases (bsc#1230056). * certs: Move RSA self-test data to separate file (bsc#1222777). * cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254). * cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254). * cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254). * cgroup: preserve KABI of cgroup_root (bsc#1222254). * cgroup: Remove unnecessary list_empty() (bsc#1222254). * cgroup/cpuset: Prevent UAF in proc_cpuset_show() (bsc#1228801). * char: xillybus: Check USB endpoints when probing device (git-fixes). * char: xillybus: Do not destroy workqueue from work item running on it (stable-fixes). * char: xillybus: Refine workqueue handling (git-fixes). * clk: en7523: fix rate divider for slic and spi clocks (git-fixes). * clk: qcom: camcc-sc7280: Add parent dependency to all camera GDSCs (git- fixes). * clk: qcom: gcc-sa8775p: Update the GDSC wait_val fields and flags (git- fixes). * clk: qcom: gcc-sc7280: Update force mem core bit for UFS ICE clock (git- fixes). * clk: qcom: gpucc-sa8775p: Park RCG's clk source at XO during disable (git- fixes). * clk: qcom: gpucc-sa8775p: Remove the CLK_IS_CRITICAL and ALWAYS_ON flags (git-fixes). * clk: qcom: gpucc-sa8775p: Update wait_val fields for GPU GDSC's (git-fixes). * clk: qcom: gpucc-sm8350: Park RCG's clk source at XO during disable (git- fixes). * clk: qcom: kpss-xcc: Return of_clk_add_hw_provider to transfer the error (git-fixes). * clk: qcom: Park shared RCGs upon registration (git-fixes). * clk: visconti: Add bounds-checking coverage for struct visconti_pll_provider (stable-fixes). * clocksource/drivers/sh_cmt: Address race condition for clock events (stable- fixes). * cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). * cxl/region: Move cxl_dpa_to_region() work to the region driver (bsc#1228472) * dev/parport: fix the array out-of-bounds risk (stable-fixes). * device property: Add cleanup.h based fwnode_handle_put() scope based cleanup (stable-fixes). * dmaengine: dw: Add memory bus width verification (git-fixes). * dmaengine: dw: Add peripheral bus width verification (git-fixes). * docs: KVM: Fix register ID of SPSR_FIQ (git-fixes). * driver core: Fix uevent_show() vs driver detach race (git-fixes). * drm/admgpu: fix dereferencing null pointer context (stable-fixes). * drm/amd/display: Add delay to improve LTTPR UHBR interop (stable-fixes). * drm/amd/display: Add NULL check for 'afb' before dereferencing in amdgpu_dm_plane_handle_cursor_update (stable-fixes). * drm/amd/display: Add null checker before passing variables (stable-fixes). * drm/amd/display: Adjust cursor position (git-fixes). * drm/amd/display: avoid using null object of framebuffer (git-fixes). * drm/amd/display: Check for NULL pointer (stable-fixes). * drm/amd/display: fix cursor offset on rotation 180 (git-fixes). * drm/amd/display: fix s2idle entry for DCN3.5+ (stable-fixes). * drm/amd/display: Skip Recompute DSC Params if no Stream on Link (stable- fixes). * drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr (stable- fixes). * drm/amdgpu: Actually check flags for all context ops (stable-fixes). * drm/amdgpu: Add lock around VF RLCG interface (stable-fixes). * drm/amdgpu: fix dereference null return value for the function amdgpu_vm_pt_parent (stable-fixes). * drm/amdgpu: fix potential resource leak warning (stable-fixes). * drm/amdgpu: Fix the null pointer dereference to ras_manager (stable-fixes). * drm/amdgpu: Forward soft recovery errors to userspace (stable-fixes). * drm/amdgpu: reset vm state machine after gpu reset(vram lost) (stable- fixes). * drm/amdgpu: Validate TA binary size (stable-fixes). * drm/amdgpu/jpeg2: properly set atomics vmid field (stable-fixes). * drm/amdgpu/jpeg4: properly set atomics vmid field (stable-fixes). * drm/amdgpu/pm: Fix the null pointer dereference for smu7 (stable-fixes). * drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules (stable-fixes). * drm/amdgpu/pm: Fix the param type of set_power_profile_mode (stable-fixes). * drm/amdgpu/sdma5.2: limit wptr workaround to sdma 5.2.1 (git-fixes). * drm/amdgpu/sdma5.2: Update wptr registers as well as doorbell (stable- fixes). * drm/bridge: analogix_dp: properly handle zero sized AUX transactions (stable-fixes). * drm/client: fix null pointer dereference in drm_client_modeset_probe (git- fixes). * drm/dp_mst: Skip CSN if topology probing is not done yet (stable-fixes). * drm/etnaviv: do not block scheduler when GPU is still active (stable-fixes). * drm/i915: Fix possible int overflow in skl_ddi_calculate_wrpll() (git- fixes). * drm/i915/dsi: Make Lenovo Yoga Tab 3 X90F DMI match less strict (git-fixes). * drm/i915/gem: Adjust vma offset for framebuffer mmap offset (stable-fixes). * drm/i915/gem: Fix Virtual Memory mapping boundaries calculation (git-fixes). * drm/i915/hdcp: Fix HDCP2_STREAM_STATUS macro (git-fixes). * drm/lima: set gp bus_stop bit before hard reset (stable-fixes). * drm/mediatek/dp: Fix spurious kfree() (git-fixes). * drm/msm: Reduce fallout of fence signaling vs reclaim hangs (stable-fixes). * drm/msm/dp: fix the max supported bpp logic (git-fixes). * drm/msm/dp: reset the link phy params before link training (git-fixes). * drm/msm/dpu: capture snapshot on the first commit_done timeout (stable- fixes). * drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (git-fixes). * drm/msm/dpu: do not play tricks with debug macros (git-fixes). * drm/msm/dpu: drop MSM_ENC_VBLANK support (stable-fixes). * drm/msm/dpu: move dpu_encoder's connector assignment to atomic_enable() (git-fixes). * drm/msm/dpu: split dpu_encoder_wait_for_event into two functions (stable- fixes). * drm/msm/dpu: take plane rotation into account for wide planes (git-fixes). * drm/msm/dpu: try multirect based on mdp clock limits (stable-fixes). * drm/msm/dpu: use drmm-managed allocation for dpu_encoder_phys (stable- fixes). * drm/msm/mdss: Rename path references to mdp_path (stable-fixes). * drm/msm/mdss: switch mdss to use devm_of_icc_get() (stable-fixes). * drm/nouveau: prime: fix refcount underflow (git-fixes). * drm/panel: nt36523: Set 120Hz fps for xiaomi,elish panels (stable-fixes). * drm/radeon: Remove __counted_by from StateArray.states[] (git-fixes). * drm/radeon/evergreen_cs: Clean up errors in evergreen_cs.c (bsc#1229024). * drm/rockchip: vop2: clear afbc en and transform bit for cluster window at linear mode (stable-fixes). * drm/virtio: Fix type of dma-fence context variable (git-fixes). * drm/vmwgfx: Fix a deadlock in dma buf fence polling (git-fixes). * drm/vmwgfx: Fix overlay when using Screen Targets (git-fixes). * drm/vmwgfx: Fix prime with external buffers (git-fixes). * efi/libstub: Zero initialize heap allocated struct screen_info (git-fixes). * evm: do not copy up 'security.evm' xattr (git-fixes). * firmware: cirrus: cs_dsp: Initialize debugfs_root to invalid (stable-fixes). * fs/netfs/fscache_cookie: add missing "n_accesses" check (bsc#1229455). * fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229456). * genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (git- fixes). * genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (git- fixes). * genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() (git- fixes). * gfs2: setattr_chown: Add missing initialization (git-fixes). * gpio: mlxbf3: Support shutdown() function (git-fixes). * gpio: prevent potential speculation leaks in gpio_device_get_desc() (stable- fixes). * gpio: sysfs: extend the critical section for unregistering sysfs devices (stable-fixes). * gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git- fixes). * hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (git-fixes). * HID: wacom: Defer calculation of resolution until resolution_code is known (git-fixes). * hwmon: (ltc2992) Avoid division by zero (stable-fixes). * hwmon: (ltc2992) Fix memory leak in ltc2992_parse_dt() (git-fixes). * hwmon: (pc87360) Bounds check data->innr usage (stable-fixes). * i2c: Fix conditional for substituting empty ACPI functions (stable-fixes). * i2c: qcom-geni: Add missing clk_disable_unprepare in geni_i2c_runtime_resume (git-fixes). * i2c: qcom-geni: Add missing geni_icc_disable in geni_i2c_runtime_resume (git-fixes). * i2c: qcom-geni: Add missing geni_icc_disable in geni_i2c_runtime_resume (git-fixes). * i2c: riic: avoid potential division by zero (stable-fixes). * i2c: smbus: Improve handling of stuck alerts (git-fixes). * i2c: smbus: Send alert notifications to all devices if source not found (git-fixes). * i2c: stm32f7: Add atomic_xfer method to driver (stable-fixes). * i2c: Use IS_REACHABLE() for substituting empty ACPI functions (git-fixes). * i3c: mipi-i3c-hci: Do not unmap region not mapped for transfer (stable- fixes). * i3c: mipi-i3c-hci: Remove BUG() when Ring Abort request times out (stable- fixes). * i915/perf: Remove code to update PWR_CLK_STATE for gen12 (git-fixes). * ice: Fix NULL pointer access, if PF does not support SRIOV_LAG (bsc#1228737). * Input: i8042 - add forcenorestore quirk to leave controller untouched even on s3 (stable-fixes). * Input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table (bsc#1229056). * Input: i8042 - use new forcenorestore quirk to replace old buggy quirk combination (stable-fixes). * Input: MT - limit max slots (stable-fixes). * io_uring: Drop per-ctx dummy_ubuf (git-fixes). * io_uring: fix io_match_task must_hold (git-fixes). * io_uring: Fix probe of disabled operations (git-fixes). * io_uring: tighten task exit cancellations (git-fixes). * io_uring/advise: support 64-bit lengths (git-fixes). * iommu/amd: Convert comma to semicolon (git-fixes). * iommu/vt-d: Fix identity map bounds in si_domain_init() (git-fixes). * iommufd/device: Fix hwpt at err_unresv in iommufd_device_do_replace() (git- fixes). * ip6_tunnel: Fix broken GRO (bsc#1229444). * ipv6: sr: fix incorrect unregister order (git-fixes). * irqdomain: Fixed unbalanced fwnode get and put (git-fixes). * jfs: define xtree root and page independently (git-fixes). * jfs: fix null ptr deref in dtInsertEntry (git-fixes). * jfs: Fix shift-out-of-bounds in dbDiscardAG (git-fixes). * jump_label: Clarify condition in static_key_fast_inc_not_disabled() (git- fixes). * jump_label: Fix concurrency issues in static_key_slow_dec() (git-fixes). * jump_label: Fix the fix, brown paper bags galore (git-fixes). * jump_label: Simplify and clarify static_key_fast_inc_cpus_locked() (git- fixes). * kabi fix for KVM: s390: fix LPSWEY handling (bsc#1227634 git-fixes). * kabi fix for SUNRPC: add a missing rpc_stat for TCP TLS (git-fixes). * kABI fix of: virtio-crypto: handle config changed by work queue (git-fixes). * kABI workaround for sound core UMP conversion (stable-fixes). * kabi/severities: ignore kABI for FireWire sound local symbols (bsc#1208783) * kabi/severity: add nvme common code The nvme common code is also allowed to change the data structures, there are only internal users. * kcov: properly check for softirq context (git-fixes). * kernfs: Convert kernfs_path_from_node_locked() from strlcpy() to strscpy() (bsc#1229134). * kernfs: fix false-positive WARN(nr_mmapped) in kernfs_drain_open_files (git- fixes). * kprobes: Fix to check symbol prefixes correctly (git-fixes). * kprobes: Prohibit probing on CFI preamble symbol (git-fixes). * KVM: Always flush async #PF workqueue when vCPU is being destroyed (git- fixes). * KVM: arm64: AArch32: Fix spurious trapping of conditional instructions (git- fixes). * KVM: arm64: Add missing memory barriers when switching to pKVM's hyp pgd (git-fixes). * KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode (git- fixes). * KVM: arm64: Fix __pkvm_init_switch_pgd call ABI (git-fixes). * KVM: arm64: Fix AArch32 register narrowing on userspace write (git-fixes). * KVM: arm64: Fix clobbered ELR in sync abort/SError (git-fixes) * KVM: arm64: GICv4: Do not perform a map to a mapped vLPI (git-fixes). * KVM: arm64: timers: Correctly handle TGE flip with CNTPOFF_EL2 (git-fixes). * KVM: arm64: timers: Fix resource leaks in kvm_timer_hyp_init() (git-fixes). * KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() (git-fixes). * KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler (git-fixes). * KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id (git-fixes). * KVM: arm64: vgic-v4: Restore pending state on host userspace write (git- fixes). * KVM: arm64: vgic: Add a non-locking primitive for kvm_vgic_vcpu_destroy() (git-fixes). * KVM: arm64: vgic: Force vcpu vgic teardown on vcpu destroy (git-fixes). * KVM: arm64: vgic: Simplify kvm_vgic_destroy() (git-fixes). * KVM: fix kvm_mmu_memory_cache allocation warning (git-fixes). * KVM: Make KVM_MEM_GUEST_MEMFD mutually exclusive with KVM_MEM_READONLY (git- fixes). * KVM: nVMX: Add a helper to get highest pending from Posted Interrupt vector (git-fixes). * KVM: nVMX: Check for pending posted interrupts when looking for nested events (git-fixes). * KVM: nVMX: Request immediate exit iff pending nested event needs injection (git-fixes). * KVM: PPC: Book3S HV: Fix the set_one_reg for MMCR3 (bsc#1194869). * KVM: PPC: Book3S HV: Handle pending exceptions on guest entry with MSR_EE (bsc#1215199). * KVM: Protect vcpu->pid dereference via debugfs with RCU (git-fixes). * KVM: Reject overly excessive IDs in KVM_CREATE_VCPU (git-fixes). * KVM: s390: fix LPSWEY handling (bsc#1227634 git-fixes). * KVM: s390: fix validity interception issue when gisa is switched off (git- fixes bsc#1229167). * kvm: s390: Reject memory region operations for ucontrol VMs (git-fixes bsc#1229168). * KVM: Stop processing _all_ memslots when "null" mmu_notifier handler is found (git-fixes). * KVM: VMX: Move posted interrupt descriptor out of VMX code (git-fixes). * KVM: VMX: Split out the non-virtualization part of vmx_interrupt_blocked() (git-fixes). * KVM: VMX: Switch __vmx_exit() and kvm_x86_vendor_exit() in vmx_exit() (git- fixes). * KVM: x86: Limit check IDs for KVM_SET_BOOT_CPU_ID (git-fixes). * KVM: x86/mmu: Bug the VM if KVM tries to split a !hugepage SPTE (git-fixes). * libbpf: Add missing LIBBPF_API annotation to libbpf_set_memlock_rlim API (git-fixes). * libbpf: Apply map_set_def_max_entries() for inner_maps on creation (git- fixes). * libbpf: Fix faccessat() usage on Android (git-fixes). * libbpf: Use OPTS_SET() macro in bpf_xdp_query() (git-fixes). * md-cluster: fix hanging issue while a new disk adding (bsc#1223395). * md-cluster: fix hanging issue while a new disk adding (bsc#1223395). * md-cluster: fix no recovery job when adding/re-adding a disk (bsc#1223395). * md-cluster: fix no recovery job when adding/re-adding a disk (bsc#1223395). * md-cluster: keeping kabi compatibility for upstream commit 35a0a409fa26 (bsc#1223395). * md: add a mddev_add_trace_msg helper (git-fixes). * md: add check for sleepers in md_wakeup_thread() (git-fixes). * md: change the return value type of md_write_start to void (git-fixes). * md: do not account sync_io if iostats of the disk is disabled (git-fixes). * md: do not delete safemode_timer in mddev_suspend (git-fixes). * md: Do not wait for MD_RECOVERY_NEEDED for HOT_REMOVE_DISK ioctl (git- fixes). * md: factor out a helper exceed_read_errors() to check read_errors (git- fixes). * md: fix a suspicious RCU usage warning (git-fixes). * md/md-bitmap: fix writing non bitmap pages (git-fixes). * md/raid1: set max_sectors during early return from choose_slow_rdev() (git- fixes). * md/raid1: support read error check (git-fixes). * md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (git-fixes). * md/raid5: fix spares errors about rcu usage (git-fixes). * md/raid5: recheck if reshape has finished with device_lock held (git-fixes). * media: amphion: Remove lock in s_ctrl callback (stable-fixes). * media: drivers/media/dvb-core: copy user arrays safely (stable-fixes). * media: pci: cx23885: check cx23885_vdev_init() return (stable-fixes). * media: Revert "media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()" (git-fixes). * media: uvcvideo: Add quirk for invalid dev_sof in Logitech C920 (git-fixes). * media: uvcvideo: Disable autosuspend for Insta360 Link (stable-fixes). * media: uvcvideo: Fix the bandwdith quirk on USB 3.x (stable-fixes). * media: uvcvideo: Ignore empty TS packets (stable-fixes). * media: uvcvideo: Quirk for invalid dev_sof in Logitech C922 (stable-fixes). * media: xc2028: avoid use-after-free in load_firmware_cb() (stable-fixes). * memcg: protect concurrent access to mem_cgroup_idr (git-fixes). * memory: stm32-fmc2-ebi: check regmap_read return value (stable-fixes). * memory: tegra: Skip SID programming if SID registers are not set (stable- fixes). * minmax: add a few more MIN_T/MAX_T users (bsc#1229024). * minmax: avoid overly complicated constant expressions in VM code (bsc#1229024). * minmax: do not use max() in situations that want a C constant expression (bsc#1229024). * minmax: fix up min3() and max3() too (bsc#1229024). * minmax: improve macro expansion and type checking (bsc#1229024). * minmax: make generic MIN() and MAX() macros available everywhere (bsc#1229024). * minmax: simplify and clarify min_t()/max_t() implementation (bsc#1229024). * minmax: simplify min()/max()/clamp() implementation (bsc#1229024). * mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes). * mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes). * mmc: dw_mmc: allow biu and ciu clocks to defer (git-fixes). * mmc: mmc_test: Fix NULL dereference on allocation failure (git-fixes). * mmc: mtk-sd: receive cmd8 data when hs400 tuning fail (git-fixes). * net: drop bad gso csum_start and offset in virtio_net_hdr (git-fixes). * net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb() (git-fixes). * net: fix sk_memory_allocated_{add|sub} vs softirqs (bsc#1228757). * net: mana: Add support for page sizes other than 4KB on ARM64 (jsc#PED-8491 bsc#1226530). * net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154). * net: mana: Fix race of mana_hwc_post_rx_wqe and new hwc response (git- fixes). * net: mana: Fix RX buf alloc_size alignment and atomic op panic (bsc#1229086). * net: missing check virtio (git-fixes). * net: phy: micrel: Fix the KSZ9131 MDI-X status issue (git-fixes). * net: phy: realtek: add support for RTL8366S Gigabit PHY (git-fixes). * net: usb: qmi_wwan: fix memory leak for not ip packets (git-fixes). * net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (git- fixes). * net/iucv: fix the allocation size of iucv_path_table array (git-fixes bsc#1229451). * net/iucv: fix use after free in iucv_sock_close() (bsc#1228973). * net/rds: fix possible cp null dereference (git-fixes). * net/sched: initialize noop_qdisc owner (git-fixes). * netfs, fscache: export fscache_put_volume() and add fscache_try_get_volume() (bsc#1228459 bsc#1228462). * nfc: pn533: Add poll mod list filling check (git-fixes). * nfs: do not invalidate dentries on transient errors (git-fixes). * nfs: expose /proc/net/sunrpc/nfs in net namespaces (git-fixes). * nfs: make the rpc_stat per net namespace (git-fixes). * nfs: pass explicit offset/count to trace events (git-fixes). * nfs: propagate readlink errors in nfs_symlink_filler (git-fixes). * NFSD: Support write delegations in LAYOUTGET (git-fixes). * NFSv4.1 another fix for EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). * nouveau/firmware: use dma non-coherent allocator (git-fixes). * nvme_core: scan namespaces asynchronously (bsc#1224105). * nvme-multipath: find NUMA path only for online numa-node (git-fixes). * nvme-multipath: implement "queue-depth" iopolicy (bsc#1227706). * nvme-multipath: prepare for "queue-depth" iopolicy (bsc#1227706). * nvme-pci: add missing condition check for existence of mapped data (git- fixes). * nvme-pci: do not directly handle subsys reset fallout (bsc#1220066). * nvme-pci: Fix the instructions for disabling power management (git-fixes). * nvme-sysfs: add 'tls_configured_key' sysfs attribute (bsc#1221857). * nvme-sysfs: add 'tls_keyring' attribute (bsc#1221857). * nvme-tcp: check for invalidated or revoked key (bsc#1221857). * nvme-tcp: sanitize TLS key handling (bsc#1221857). * nvme: add a newline to the 'tls_key' sysfs attribute (bsc#1221857). * nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset (git-fixes). * nvme: avoid double free special payload (git-fixes). * nvme: fix NVME_NS_DEAC may incorrectly identifying the disk as EXT_LBA (git- fixes). * nvme: fixup comment for nvme RDMA Provider Type (git-fixes). * nvme: split off TLS sysfs attributes into a separate group (bsc#1221857). * nvme: tcp: remove unnecessary goto statement (bsc#1221857). * nvmet-auth: fix nvmet_auth hash error handling (git-fixes). * nvmet: always initialize cqe.result (git-fixes). * nvmet: do not return 'reserved' for empty TSAS values (git-fixes). * nvmet: fix a possible leak when destroy a ctrl during qp establishment (git- fixes). * nvmet: make 'tsas' attribute idempotent for RDMA (git-fixes). * ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() (bsc#1228410). * padata: Fix possible divide-by-0 panic in padata_mt_helper() (git-fixes). * PCI: Add Edimax Vendor ID to pci_ids.h (stable-fixes). * PCI: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (git- fixes). * PCI: loongson: Enable MSI in LS7A Root Complex (stable-fixes). * perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09 (git- fixes). * pinctrl: mediatek: common-v2: Fix broken bias-disable for PULL_PU_PD_RSEL_TYPE (git-fixes). * pinctrl: rockchip: correct RK3328 iomux width flag for GPIO2-B pins (git- fixes). * pinctrl: single: fix potential NULL dereference in pcs_get_function() (git- fixes). * pinctrl: starfive: jh7110: Correct the level trigger configuration of iev register (git-fixes). * platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git- fixes). * platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git- fixes). * platform/surface: aggregator: Fix warning when controller is destroyed in probe (git-fixes). * platform/x86: lg-laptop: fix %s null argument warning (stable-fixes). * platform/x86/amd/hsmp: Add support for ACPI based probing (jsc#PED-8779). * platform/x86/amd/hsmp: Cache pci_dev in struct hsmp_socket (jsc#PED-8779). * platform/x86/amd/hsmp: Change devm_kzalloc() to devm_kcalloc() (jsc#PED-8779). * platform/x86/amd/hsmp: Check HSMP support on AMD family of processors (jsc#PED-8779). * platform/x86/amd/hsmp: Check num_sockets against MAX_AMD_SOCKETS (jsc#PED-8779). * platform/x86/amd/hsmp: Create static func to handle platdev (jsc#PED-8779). * platform/x86/amd/hsmp: Define a struct to hold mailbox regs (jsc#PED-8779). * platform/x86/amd/hsmp: Move dev from platdev to hsmp_socket (jsc#PED-8779). * platform/x86/amd/hsmp: Move hsmp_test to probe (jsc#PED-8779). * platform/x86/amd/hsmp: Non-ACPI support for AMD F1A_M00~0Fh (jsc#PED-8779). * platform/x86/amd/hsmp: Remove extra parenthesis and add a space (jsc#PED-8779). * platform/x86/amd/hsmp: Restructure sysfs group creation (jsc#PED-8779). * platform/x86/amd/hsmp: switch to use device_add_groups() (jsc#PED-8779). * platform/x86/intel/ifs: Initialize union ifs_status to zero (git-fixes). * power: supply: axp288_charger: Fix constant_charge_voltage writes (git- fixes). * power: supply: axp288_charger: Round constant_charge_voltage writes down (git-fixes). * power: supply: qcom_battmgr: return EAGAIN when firmware service is not up (git-fixes). * powerpc: fix a file leak in kvm_vcpu_ioctl_enable_cap() (bsc#1194869). * powerpc: xor_vmx: Add '-mhard-float' to CFLAGS (bsc#1194869). * powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (bsc#1194869). * powerpc/io: Avoid clang null pointer arithmetic warnings (bsc#1194869). * powerpc/kexec_file: fix cpus node update to FDT (bsc#1194869). * powerpc/kexec: make the update_cpus_node() function public (bsc#1194869). * powerpc/kexec: split CONFIG_KEXEC_FILE and CONFIG_CRASH_DUMP (bsc#1194869). * powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp (bsc#1194869). * powerpc/pseries: Whitelist dtl slub object for copying to userspace (bsc#1194869). * powerpc/radix: Move some functions into #ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE (bsc#1194869). * powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). * powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#" (bsc#1194869). * printk/panic: Allow cpu backtraces to be written into ringbuffer during panic (bsc#1225607). * RDMA: Fix netdev tracker in ib_device_set_netdev (git-fixes) * RDMA/cache: Release GID table even if leak is detected (git-fixes) * RDMA/device: Return error earlier if port in not valid (git-fixes) * RDMA/hns: Check atomic wr length (git-fixes) * RDMA/hns: Fix insufficient extend DB for VFs. (git-fixes) * RDMA/hns: Fix mbx timing out before CMD execution is completed (git-fixes) * RDMA/hns: Fix missing pagesize and alignment check in FRMR (git-fixes) * RDMA/hns: Fix shift-out-bounds when max_inline_data is 0 (git-fixes) * RDMA/hns: Fix soft lockup under heavy CEQE load (git-fixes) * RDMA/hns: Fix undifined behavior caused by invalid max_sge (git-fixes) * RDMA/hns: Fix unmatch exception handling when init eq table fails (git- fixes) * RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (git-fixes) * RDMA/mana_ib: Use virtual address in dma regions for MRs (git-fixes). * RDMA/mlx4: Fix truncated output warning in alias_GUID.c (git-fixes) * RDMA/mlx4: Fix truncated output warning in mad.c (git-fixes) * RDMA/mlx5: Set mkeys for dmabuf at PAGE_SIZE (git-fixes) * RDMA/rxe: Do not set BTH_ACK_MASK for UC or UD QPs (git-fixes) * reiserfs: fix uninit-value in comp_keys (git-fixes). * rtc: nct3018y: fix possible NULL dereference (stable-fixes). * s390/cpum_cf: Fix endless loop in CF_DIAG event stop (git-fixes bsc#1229171). * s390/dasd: fix error checks in dasd_copy_pair_store() (git-fixes bsc#1229173). * s390/dasd: fix error recovery leading to data corruption on ESE devices (git-fixes bsc#1229452). * s390/pci: Add missing virt_to_phys() for directed DIBV (git-fixes bsc#1229174). * s390/pci: Allow allocation of more than 1 MSI interrupt (git-fixes bsc#1229172). * s390/pci: Refactor arch_setup_msi_irqs() (git-fixes bsc#1229172). * s390/pkey: harmonize pkey s390 debug feature calls (bsc#1228720). * s390/pkey: introduce dynamic debugging for pkey (bsc#1228720). * s390/sclp: Prevent release of buffer in I/O (git-fixes bsc#1229169). * s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229170). * samples/bpf: syscall_tp_user: Fix array out-of-bound access (git-fixes). * samples/bpf: syscall_tp_user: Rename num_progs into nr_tests (git-fixes). * sbitmap: use READ_ONCE to access map->word (stable-fixes). * scsi: lpfc: Allow DEVICE_RECOVERY mode after RSCN receipt if in PRLI_ISSUE state (bsc#1228857). * scsi: lpfc: Cancel ELS WQE instead of issuing abort when SLI port is inactive (bsc#1228857). * scsi: lpfc: Fix handling of fully recovered fabric node in dev_loss callbk (bsc#1228857). * scsi: lpfc: Fix incorrect request len mbox field when setting trunking via sysfs (bsc#1228857). * scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (bsc#1228857). * scsi: lpfc: Relax PRLI issue conditions after GID_FT response (bsc#1228857). * scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages (bsc#1228857). * scsi: lpfc: Update lpfc version to 14.4.0.3 (bsc#1228857). * scsi: qla2xxx: Avoid possible run-time warning with long model_num (bsc#1228850). * scsi: qla2xxx: Complete command early within lock (bsc#1228850). * scsi: qla2xxx: Convert comma to semicolon (bsc#1228850). * scsi: qla2xxx: Drop driver owner assignment (bsc#1228850). * scsi: qla2xxx: During vport delete send async logout explicitly (bsc#1228850). * scsi: qla2xxx: Fix debugfs output for fw_resource_count (bsc#1228850). * scsi: qla2xxx: Fix flash read failure (bsc#1228850). * scsi: qla2xxx: Fix for possible memory corruption (bsc#1228850). * scsi: qla2xxx: Fix optrom version displayed in FDMI (bsc#1228850). * scsi: qla2xxx: Indent help text (bsc#1228850). * scsi: qla2xxx: Reduce fabric scan duplicate code (bsc#1228850). * scsi: qla2xxx: Remove unused struct 'scsi_dif_tuple' (bsc#1228850). * scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (bsc#1228850). * scsi: qla2xxx: Unable to act on RSCN for port online (bsc#1228850). * scsi: qla2xxx: Update version to 10.02.09.300-k (bsc#1228850). * scsi: qla2xxx: Use QP lock to search for bsg (bsc#1228850). * scsi: qla2xxx: validate nvme_local_port correctly (bsc#1228850). * selftest/bpf: Add map_in_maps with BPF_MAP_TYPE_PERF_EVENT_ARRAY values (git-fixes). * selftests/bpf: Add a test to verify previous stacksafe() fix (bsc#1225903). * selftests/bpf: Add assert for user stacks in test_task_stack (git-fixes). * selftests/bpf: Add netkit to tc_redirect selftest (git-fixes). * selftests/bpf: De-veth-ize the tc_redirect test case (git-fixes). * selftests/bpf: Disable IPv6 for lwt_redirect test (git-fixes). * selftests/bpf: fix bpf_loop_bench for new callback verification scheme (git- fixes). * selftests/bpf: fix compiler warnings in RELEASE=1 mode (git-fixes). * selftests/bpf: Fix erroneous bitmask operation (git-fixes). * selftests/bpf: Fix issues in setup_classid_environment() (git-fixes). * selftests/bpf: Fix potential premature unload in bpf_testmod (git-fixes). * selftests/bpf: Fix pyperf180 compilation failure with clang18 (git-fixes). * selftests/bpf: fix RELEASE=1 build for tc_opts (git-fixes). * selftests/bpf: Fix the flaky tc_redirect_dtime test (git-fixes). * selftests/bpf: Fix up xdp bonding test wrt feature flags (git-fixes). * selftests/bpf: Make linked_list failure test more robust (git-fixes). * selftests/bpf: Relax time_tai test for equal timestamps in tai_forward (git- fixes). * selftests/bpf: satisfy compiler by having explicit return in btf test (git- fixes). * selftests/bpf: Skip module_fentry_shadow test when bpf_testmod is not available (git-fixes). * selftests/bpf: Wait for the netstamp_needed_key static key to be turned on (git-fixes). * serial: core: check uartclk for zero to avoid divide by zero (stable-fixes). * soc: qcom: cmd-db: Map shared memory as WC, not WB (git-fixes). * soc: qcom: pmic_glink: Actually communicate when remote goes down (git- fixes). * soundwire: stream: fix programming slave ports for non-continous port maps (git-fixes). * spi: Add empty versions of ACPI functions (stable-fixes). * spi: microchip-core: fix init function not setting the master and motorola modes (git-fixes). * spi: microchip-core: switch to use modern name (stable-fixes). * spi: spi-fsl-lpspi: Fix scldiv calculation (git-fixes). * spi: spidev: Add missing spi_device_id for bh2228fv (git-fixes). * Squashfs: fix variable overflow triggered by sysbot (git-fixes). * squashfs: squashfs_read_data need to check if the length is 0 (git-fixes). * ssb: Fix division by zero issue in ssb_calc_clock_rate (stable-fixes). * staging: iio: resolver: ad2s1210: fix use before initialization (stable- fixes). * staging: ks7010: disable bh on tx_dev_lock (stable-fixes). * string.h: Introduce memtostr() and memtostr_pad() (bsc#1228849). * SUNRPC: add a missing rpc_stat for TCP TLS (git-fixes). * sunrpc: add a struct rpc_stats arg to rpc_create_args (git-fixes). * SUNRPC: Fix a race to wake a sync task (git-fixes). * swiotlb: do not set total_used to 0 in swiotlb_create_debugfs_files() (git- fixes). * swiotlb: fix swiotlb_bounce() to do partial sync's correctly (git-fixes). * syscalls: fix compat_sys_io_pgetevents_time64 usage (git-fixes). * thermal: bcm2835: Convert to platform remove callback returning void (stable-fixes). * thermal/drivers/broadcom: Fix race between removal and clock disable (git- fixes). * thunderbolt: Mark XDomain as unplugged when router is removed (stable- fixes). * tools/perf: Fix perf bench epoll to enable the run when some CPU's are offline (bsc#1227747). * tools/perf: Fix perf bench futex to enable the run when some CPU's are offline (bsc#1227747). * tools/perf: Fix timing issue with parallel threads in perf bench wake-up- parallel (bsc#1227747). * tools/resolve_btfids: fix build with musl libc (git-fixes). * tools/resolve_btfids: Fix comparison of distinct pointer types warning in resolve_btfids (git-fixes). * tools/resolve_btfids: Fix cross-compilation to non-host endianness (git- fixes). * tools/resolve_btfids: Refactor set sorting with types from btf_ids.h (git- fixes). * trace/pid_list: Change gfp flags in pid_list_fill_irq() (git-fixes). * tracing: Return from tracing_buffers_read() if the file has been closed (bsc#1229136 git-fixes). * tty: atmel_serial: use the correct RTS flag (git-fixes). * tty: serial: fsl_lpuart: mark last busy before uart_add_one_port (git- fixes). * usb: cdnsp: fix for Link TRB with TC (git-fixes). * usb: cdnsp: fix incorrect index in cdnsp_get_hw_deq function (git-fixes). * usb: core: sysfs: Unmerge @usb3_hardware_lpm_attr_group in remove_power_attributes() (git-fixes). * usb: dwc3: core: Skip setting event buffers for host only controllers (stable-fixes). * usb: dwc3: omap: add missing depopulate in probe error path (git-fixes). * usb: dwc3: st: add missing depopulate in probe error path (git-fixes). * usb: dwc3: st: fix probed platform device ref count on probe error path (git-fixes). * usb: gadget: core: Check for unset descriptor (git-fixes). * usb: gadget: fsl: Increase size of name buffer for endpoints (stable-fixes). * usb: gadget: u_audio: Check return codes from usb_ep_enable and config_ep_by_speed (git-fixes). * usb: gadget: u_serial: Set start_delayed during suspend (git-fixes). * usb: gadget: uvc: cleanup request when not in correct state (stable-fixes). * USB: serial: debug: do not echo input by default (stable-fixes). * usb: typec: fsa4480: add support for Audio Accessory Mode (git-fixes). * usb: typec: fsa4480: Add support to swap SBU orientation (git-fixes). * usb: typec: fsa4480: Check if the chip is really there (git-fixes). * usb: typec: fsa4480: Relax CHIP_ID check (git-fixes). * usb: typec: fsa4480: rework mux & switch setup to handle more states (git- fixes). * usb: vhci-hcd: Do not drop references before new references are gained (stable-fixes). * vfio/pci: fix potential memory leak in vfio_intx_enable() (git-fixes). * vhost-scsi: Handle vhost_vq_work_queue failures for events (git-fixes). * vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler (git-fixes). * vhost: Release worker mutex during flushes (git-fixes). * vhost: Use virtqueue mutex for swapping worker (git-fixes). * vhost/vsock: always initialize seqpacket_allow (git-fixes). * virt: guest_memfd: fix reference leak on hwpoisoned page (git-fixes). * virtio_net: use u64_stats_t infra to avoid data-races (git-fixes). * virtio-crypto: handle config changed by work queue (git-fixes). * virtio: reenable config if freezing device failed (git-fixes). * virtiofs: forbid newlines in tags (bsc#1229940). * wifi: ath12k: fix memory leak in ath12k_dp_rx_peer_frag_setup() (stable- fixes). * wifi: ath12k: fix soft lockup on suspend (git-fixes). * wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion (git-fixes). * wifi: cfg80211: fix reporting failed MLO links status with cfg80211_connect_done (git-fixes). * wifi: iwlwifi: fw: fix wgds rev 3 exact size (git-fixes). * wifi: mac80211: use monitor sdata with driver only if desired (git-fixes). * wifi: mwifiex: duplicate static structs used in driver instances (git- fixes). * wifi: nl80211: disallow setting special AP channel widths (stable-fixes). * wifi: nl80211: do not give key data to userspace (stable-fixes). * wifi: rtw88: usb: Fix disconnection after beacon loss (stable-fixes). * wifi: wfx: repair open network AP mode (git-fixes). * workqueue: Improve scalability of workqueue watchdog touch (bsc#1193454). * workqueue: wq_watchdog_touch is always called with valid CPU (bsc#1193454). * x86/asm: Use %c/%n instead of %P operand modifier in asm templates (git- fixes). * x86/entry/64: Remove obsolete comment on tracing vs. SYSRET (git-fixes). * x86/mm: Fix pti_clone_entry_text() for i386 (git-fixes). * x86/mm: Fix pti_clone_pgtable() alignment assumption (git-fixes). * x86/mtrr: Check if fixed MTRRs exist before saving them (git-fixes). * x86/numa: Fix SRAT lookup of CFMWS ranges with numa_fill_memblks() (git- fixes). * x86/numa: Fix the address overlap check in numa_fill_memblks() (git-fixes). * x86/numa: Fix the sort compare func used in numa_fill_memblks() (git-fixes). * x86/numa: Introduce numa_fill_memblks() (git-fixes). * x86/pci: Skip early E820 check for ECAM region (git-fixes). * x86/xen: Convert comma to semicolon (git-fixes). * xfs: allow cross-linking special files without project quota (git-fixes). * xfs: allow symlinks with short remote targets (bsc#1229160). * xfs: allow unlinked symlinks and dirs with zero size (git-fixes). * xfs: attr forks require attr, not attr2 (git-fixes). * xfs: convert comma to semicolon (git-fixes). * xfs: do not use current->journal_info (git-fixes). * xfs: Fix missing interval for missing_owner in xfs fsmap (git-fixes). * xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes). * xfs: fix unlink vs cluster buffer instantiation race (git-fixes). * xfs: honor init_xattrs in xfs_init_new_inode for !ATTR fs (git-fixes). * xfs: journal geometry is not properly bounds checked (git-fixes). * xfs: match lock mode in xfs_buffered_write_iomap_begin() (git-fixes). * xfs: require XFS_SB_FEAT_INCOMPAT_LOG_XATTRS for attr log intent item recovery (git-fixes). * xfs: upgrade the extent counters in xfs_reflink_end_cow_extent later (git- fixes). * xfs: use consistent uid/gid when grabbing dquots for inodes (git-fixes). * xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code (git-fixes). * xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration (git-fixes). * xprtrdma: Fix rpcrdma_reqs_reset() (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3195=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2024-3195=1 * SUSE Real Time Module 15-SP6 zypper in -t patch SUSE-SLE-Module-RT-15-SP6-2024-3195=1 ## Package List: * openSUSE Leap 15.6 (x86_64) * kernel-rt_debug-vdso-6.4.0-150600.10.8.3 * kernel-rt-livepatch-devel-6.4.0-150600.10.8.3 * kernel-rt-devel-6.4.0-150600.10.8.3 * kselftests-kmp-rt-6.4.0-150600.10.8.3 * ocfs2-kmp-rt-debuginfo-6.4.0-150600.10.8.3 * kernel-rt_debug-livepatch-devel-6.4.0-150600.10.8.3 * kernel-rt-extra-6.4.0-150600.10.8.3 * gfs2-kmp-rt-6.4.0-150600.10.8.3 * kernel-rt_debug-debugsource-6.4.0-150600.10.8.3 * kernel-rt-vdso-debuginfo-6.4.0-150600.10.8.3 * kernel-rt-debuginfo-6.4.0-150600.10.8.3 * dlm-kmp-rt-6.4.0-150600.10.8.3 * kernel-rt-debugsource-6.4.0-150600.10.8.3 * dlm-kmp-rt-debuginfo-6.4.0-150600.10.8.3 * ocfs2-kmp-rt-6.4.0-150600.10.8.3 * cluster-md-kmp-rt-debuginfo-6.4.0-150600.10.8.3 * kernel-rt-optional-6.4.0-150600.10.8.3 * kernel-rt_debug-vdso-debuginfo-6.4.0-150600.10.8.3 * kernel-syms-rt-6.4.0-150600.10.8.1 * kernel-rt-vdso-6.4.0-150600.10.8.3 * kernel-rt_debug-debuginfo-6.4.0-150600.10.8.3 * cluster-md-kmp-rt-6.4.0-150600.10.8.3 * kernel-rt-optional-debuginfo-6.4.0-150600.10.8.3 * gfs2-kmp-rt-debuginfo-6.4.0-150600.10.8.3 * kernel-rt_debug-devel-debuginfo-6.4.0-150600.10.8.3 * reiserfs-kmp-rt-debuginfo-6.4.0-150600.10.8.3 * kernel-rt-devel-debuginfo-6.4.0-150600.10.8.3 * kernel-rt_debug-devel-6.4.0-150600.10.8.3 * reiserfs-kmp-rt-6.4.0-150600.10.8.3 * kernel-rt-extra-debuginfo-6.4.0-150600.10.8.3 * kselftests-kmp-rt-debuginfo-6.4.0-150600.10.8.3 * openSUSE Leap 15.6 (noarch) * kernel-devel-rt-6.4.0-150600.10.8.3 * kernel-source-rt-6.4.0-150600.10.8.3 * openSUSE Leap 15.6 (nosrc x86_64) * kernel-rt-6.4.0-150600.10.8.3 * kernel-rt_debug-6.4.0-150600.10.8.3 * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-SLE15-SP6-RT_Update_2-debugsource-1-150600.1.3.2 * kernel-livepatch-6_4_0-150600_10_8-rt-debuginfo-1-150600.1.3.2 * kernel-livepatch-6_4_0-150600_10_8-rt-1-150600.1.3.2 * SUSE Real Time Module 15-SP6 (x86_64) * cluster-md-kmp-rt-debuginfo-6.4.0-150600.10.8.3 * gfs2-kmp-rt-debuginfo-6.4.0-150600.10.8.3 * kernel-rt-debuginfo-6.4.0-150600.10.8.3 * kernel-rt_debug-devel-debuginfo-6.4.0-150600.10.8.3 * kernel-syms-rt-6.4.0-150600.10.8.1 * kernel-rt-devel-debuginfo-6.4.0-150600.10.8.3 * gfs2-kmp-rt-6.4.0-150600.10.8.3 * kernel-rt-devel-6.4.0-150600.10.8.3 * kernel-rt_debug-debuginfo-6.4.0-150600.10.8.3 * kernel-rt_debug-devel-6.4.0-150600.10.8.3 * cluster-md-kmp-rt-6.4.0-150600.10.8.3 * kernel-rt_debug-debugsource-6.4.0-150600.10.8.3 * ocfs2-kmp-rt-6.4.0-150600.10.8.3 * dlm-kmp-rt-6.4.0-150600.10.8.3 * kernel-rt-debugsource-6.4.0-150600.10.8.3 * dlm-kmp-rt-debuginfo-6.4.0-150600.10.8.3 * ocfs2-kmp-rt-debuginfo-6.4.0-150600.10.8.3 * SUSE Real Time Module 15-SP6 (noarch) * kernel-devel-rt-6.4.0-150600.10.8.3 * kernel-source-rt-6.4.0-150600.10.8.3 * SUSE Real Time Module 15-SP6 (nosrc x86_64) * kernel-rt-6.4.0-150600.10.8.3 * kernel-rt_debug-6.4.0-150600.10.8.3 ## References: * https://www.suse.com/security/cve/CVE-2023-52489.html * https://www.suse.com/security/cve/CVE-2023-52581.html * https://www.suse.com/security/cve/CVE-2023-52668.html * https://www.suse.com/security/cve/CVE-2023-52688.html * https://www.suse.com/security/cve/CVE-2023-52756.html * https://www.suse.com/security/cve/CVE-2023-52766.html * https://www.suse.com/security/cve/CVE-2023-52800.html * https://www.suse.com/security/cve/CVE-2023-52802.html * https://www.suse.com/security/cve/CVE-2023-52859.html * https://www.suse.com/security/cve/CVE-2023-52885.html * https://www.suse.com/security/cve/CVE-2023-52886.html * https://www.suse.com/security/cve/CVE-2023-52887.html * https://www.suse.com/security/cve/CVE-2023-52889.html * https://www.suse.com/security/cve/CVE-2024-26590.html * https://www.suse.com/security/cve/CVE-2024-26631.html * https://www.suse.com/security/cve/CVE-2024-26637.html * https://www.suse.com/security/cve/CVE-2024-26668.html * https://www.suse.com/security/cve/CVE-2024-26669.html * https://www.suse.com/security/cve/CVE-2024-26677.html * https://www.suse.com/security/cve/CVE-2024-26682.html * https://www.suse.com/security/cve/CVE-2024-26683.html * https://www.suse.com/security/cve/CVE-2024-26735.html * https://www.suse.com/security/cve/CVE-2024-26758.html * https://www.suse.com/security/cve/CVE-2024-26767.html * https://www.suse.com/security/cve/CVE-2024-26808.html * https://www.suse.com/security/cve/CVE-2024-26809.html * https://www.suse.com/security/cve/CVE-2024-26812.html * https://www.suse.com/security/cve/CVE-2024-26835.html * https://www.suse.com/security/cve/CVE-2024-26837.html * https://www.suse.com/security/cve/CVE-2024-26849.html * https://www.suse.com/security/cve/CVE-2024-26851.html * https://www.suse.com/security/cve/CVE-2024-26889.html * https://www.suse.com/security/cve/CVE-2024-26920.html * https://www.suse.com/security/cve/CVE-2024-26976.html * https://www.suse.com/security/cve/CVE-2024-27010.html * https://www.suse.com/security/cve/CVE-2024-27011.html * https://www.suse.com/security/cve/CVE-2024-27024.html * https://www.suse.com/security/cve/CVE-2024-27049.html * https://www.suse.com/security/cve/CVE-2024-27050.html * https://www.suse.com/security/cve/CVE-2024-27079.html * https://www.suse.com/security/cve/CVE-2024-27403.html * https://www.suse.com/security/cve/CVE-2024-27433.html * https://www.suse.com/security/cve/CVE-2024-27437.html * https://www.suse.com/security/cve/CVE-2024-31076.html * https://www.suse.com/security/cve/CVE-2024-35855.html * https://www.suse.com/security/cve/CVE-2024-35897.html * https://www.suse.com/security/cve/CVE-2024-35902.html * https://www.suse.com/security/cve/CVE-2024-35913.html * https://www.suse.com/security/cve/CVE-2024-35939.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-36270.html * https://www.suse.com/security/cve/CVE-2024-36286.html * https://www.suse.com/security/cve/CVE-2024-36288.html * https://www.suse.com/security/cve/CVE-2024-36489.html * https://www.suse.com/security/cve/CVE-2024-36881.html * https://www.suse.com/security/cve/CVE-2024-36907.html * https://www.suse.com/security/cve/CVE-2024-36929.html * https://www.suse.com/security/cve/CVE-2024-36933.html * https://www.suse.com/security/cve/CVE-2024-36939.html * https://www.suse.com/security/cve/CVE-2024-36970.html * https://www.suse.com/security/cve/CVE-2024-36979.html * https://www.suse.com/security/cve/CVE-2024-38548.html * https://www.suse.com/security/cve/CVE-2024-38563.html * https://www.suse.com/security/cve/CVE-2024-38609.html * https://www.suse.com/security/cve/CVE-2024-38662.html * https://www.suse.com/security/cve/CVE-2024-39476.html * https://www.suse.com/security/cve/CVE-2024-39483.html * https://www.suse.com/security/cve/CVE-2024-39484.html * https://www.suse.com/security/cve/CVE-2024-39486.html * https://www.suse.com/security/cve/CVE-2024-39488.html * https://www.suse.com/security/cve/CVE-2024-39489.html * https://www.suse.com/security/cve/CVE-2024-39491.html * https://www.suse.com/security/cve/CVE-2024-39493.html * https://www.suse.com/security/cve/CVE-2024-39497.html * https://www.suse.com/security/cve/CVE-2024-39499.html * https://www.suse.com/security/cve/CVE-2024-39500.html * https://www.suse.com/security/cve/CVE-2024-39501.html * https://www.suse.com/security/cve/CVE-2024-39505.html * https://www.suse.com/security/cve/CVE-2024-39506.html * https://www.suse.com/security/cve/CVE-2024-39508.html * https://www.suse.com/security/cve/CVE-2024-39509.html * https://www.suse.com/security/cve/CVE-2024-39510.html * https://www.suse.com/security/cve/CVE-2024-40899.html * https://www.suse.com/security/cve/CVE-2024-40900.html * https://www.suse.com/security/cve/CVE-2024-40902.html * https://www.suse.com/security/cve/CVE-2024-40903.html * https://www.suse.com/security/cve/CVE-2024-40904.html * https://www.suse.com/security/cve/CVE-2024-40905.html * https://www.suse.com/security/cve/CVE-2024-40909.html * https://www.suse.com/security/cve/CVE-2024-40910.html * https://www.suse.com/security/cve/CVE-2024-40911.html * https://www.suse.com/security/cve/CVE-2024-40912.html * https://www.suse.com/security/cve/CVE-2024-40913.html * https://www.suse.com/security/cve/CVE-2024-40916.html * https://www.suse.com/security/cve/CVE-2024-40920.html * https://www.suse.com/security/cve/CVE-2024-40921.html * https://www.suse.com/security/cve/CVE-2024-40922.html * https://www.suse.com/security/cve/CVE-2024-40924.html * https://www.suse.com/security/cve/CVE-2024-40926.html * https://www.suse.com/security/cve/CVE-2024-40927.html * https://www.suse.com/security/cve/CVE-2024-40929.html * https://www.suse.com/security/cve/CVE-2024-40930.html * https://www.suse.com/security/cve/CVE-2024-40932.html * https://www.suse.com/security/cve/CVE-2024-40934.html * https://www.suse.com/security/cve/CVE-2024-40936.html * https://www.suse.com/security/cve/CVE-2024-40938.html * https://www.suse.com/security/cve/CVE-2024-40939.html * https://www.suse.com/security/cve/CVE-2024-40941.html * https://www.suse.com/security/cve/CVE-2024-40942.html * https://www.suse.com/security/cve/CVE-2024-40943.html * https://www.suse.com/security/cve/CVE-2024-40944.html * https://www.suse.com/security/cve/CVE-2024-40945.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-40956.html * https://www.suse.com/security/cve/CVE-2024-40957.html * https://www.suse.com/security/cve/CVE-2024-40958.html * https://www.suse.com/security/cve/CVE-2024-40959.html * https://www.suse.com/security/cve/CVE-2024-40962.html * https://www.suse.com/security/cve/CVE-2024-40964.html * https://www.suse.com/security/cve/CVE-2024-40967.html * https://www.suse.com/security/cve/CVE-2024-40976.html * https://www.suse.com/security/cve/CVE-2024-40977.html * https://www.suse.com/security/cve/CVE-2024-40978.html * https://www.suse.com/security/cve/CVE-2024-40981.html * https://www.suse.com/security/cve/CVE-2024-40982.html * https://www.suse.com/security/cve/CVE-2024-40984.html * https://www.suse.com/security/cve/CVE-2024-40987.html * https://www.suse.com/security/cve/CVE-2024-40988.html * https://www.suse.com/security/cve/CVE-2024-40989.html * https://www.suse.com/security/cve/CVE-2024-40990.html * https://www.suse.com/security/cve/CVE-2024-40992.html * https://www.suse.com/security/cve/CVE-2024-40994.html * https://www.suse.com/security/cve/CVE-2024-40995.html * https://www.suse.com/security/cve/CVE-2024-40997.html * https://www.suse.com/security/cve/CVE-2024-41000.html * https://www.suse.com/security/cve/CVE-2024-41001.html * https://www.suse.com/security/cve/CVE-2024-41002.html * https://www.suse.com/security/cve/CVE-2024-41004.html * https://www.suse.com/security/cve/CVE-2024-41007.html * https://www.suse.com/security/cve/CVE-2024-41009.html * https://www.suse.com/security/cve/CVE-2024-41010.html * https://www.suse.com/security/cve/CVE-2024-41011.html * https://www.suse.com/security/cve/CVE-2024-41012.html * https://www.suse.com/security/cve/CVE-2024-41015.html * https://www.suse.com/security/cve/CVE-2024-41016.html * https://www.suse.com/security/cve/CVE-2024-41020.html * https://www.suse.com/security/cve/CVE-2024-41022.html * https://www.suse.com/security/cve/CVE-2024-41024.html * https://www.suse.com/security/cve/CVE-2024-41025.html * https://www.suse.com/security/cve/CVE-2024-41028.html * https://www.suse.com/security/cve/CVE-2024-41032.html * https://www.suse.com/security/cve/CVE-2024-41035.html * https://www.suse.com/security/cve/CVE-2024-41036.html * https://www.suse.com/security/cve/CVE-2024-41037.html * https://www.suse.com/security/cve/CVE-2024-41038.html * https://www.suse.com/security/cve/CVE-2024-41039.html * https://www.suse.com/security/cve/CVE-2024-41040.html * https://www.suse.com/security/cve/CVE-2024-41041.html * https://www.suse.com/security/cve/CVE-2024-41044.html * https://www.suse.com/security/cve/CVE-2024-41045.html * https://www.suse.com/security/cve/CVE-2024-41048.html * https://www.suse.com/security/cve/CVE-2024-41049.html * https://www.suse.com/security/cve/CVE-2024-41050.html * https://www.suse.com/security/cve/CVE-2024-41051.html * https://www.suse.com/security/cve/CVE-2024-41056.html * https://www.suse.com/security/cve/CVE-2024-41057.html * https://www.suse.com/security/cve/CVE-2024-41058.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-41060.html * https://www.suse.com/security/cve/CVE-2024-41061.html * https://www.suse.com/security/cve/CVE-2024-41062.html * https://www.suse.com/security/cve/CVE-2024-41063.html * https://www.suse.com/security/cve/CVE-2024-41064.html * https://www.suse.com/security/cve/CVE-2024-41065.html * https://www.suse.com/security/cve/CVE-2024-41066.html * https://www.suse.com/security/cve/CVE-2024-41068.html * https://www.suse.com/security/cve/CVE-2024-41069.html * https://www.suse.com/security/cve/CVE-2024-41070.html * https://www.suse.com/security/cve/CVE-2024-41071.html * https://www.suse.com/security/cve/CVE-2024-41072.html * https://www.suse.com/security/cve/CVE-2024-41073.html * https://www.suse.com/security/cve/CVE-2024-41074.html * https://www.suse.com/security/cve/CVE-2024-41075.html * https://www.suse.com/security/cve/CVE-2024-41076.html * https://www.suse.com/security/cve/CVE-2024-41078.html * https://www.suse.com/security/cve/CVE-2024-41079.html * https://www.suse.com/security/cve/CVE-2024-41080.html * https://www.suse.com/security/cve/CVE-2024-41081.html * https://www.suse.com/security/cve/CVE-2024-41084.html * https://www.suse.com/security/cve/CVE-2024-41087.html * https://www.suse.com/security/cve/CVE-2024-41088.html * https://www.suse.com/security/cve/CVE-2024-41089.html * https://www.suse.com/security/cve/CVE-2024-41092.html * https://www.suse.com/security/cve/CVE-2024-41093.html * https://www.suse.com/security/cve/CVE-2024-41094.html * https://www.suse.com/security/cve/CVE-2024-41095.html * https://www.suse.com/security/cve/CVE-2024-41096.html * https://www.suse.com/security/cve/CVE-2024-41097.html * https://www.suse.com/security/cve/CVE-2024-41098.html * https://www.suse.com/security/cve/CVE-2024-42064.html * https://www.suse.com/security/cve/CVE-2024-42069.html * https://www.suse.com/security/cve/CVE-2024-42070.html * https://www.suse.com/security/cve/CVE-2024-42073.html * https://www.suse.com/security/cve/CVE-2024-42074.html * https://www.suse.com/security/cve/CVE-2024-42076.html * https://www.suse.com/security/cve/CVE-2024-42077.html * https://www.suse.com/security/cve/CVE-2024-42079.html * https://www.suse.com/security/cve/CVE-2024-42080.html * https://www.suse.com/security/cve/CVE-2024-42082.html * https://www.suse.com/security/cve/CVE-2024-42085.html * https://www.suse.com/security/cve/CVE-2024-42086.html * https://www.suse.com/security/cve/CVE-2024-42087.html * https://www.suse.com/security/cve/CVE-2024-42089.html * https://www.suse.com/security/cve/CVE-2024-42090.html * https://www.suse.com/security/cve/CVE-2024-42092.html * https://www.suse.com/security/cve/CVE-2024-42093.html * https://www.suse.com/security/cve/CVE-2024-42095.html * https://www.suse.com/security/cve/CVE-2024-42096.html * https://www.suse.com/security/cve/CVE-2024-42097.html * https://www.suse.com/security/cve/CVE-2024-42098.html * https://www.suse.com/security/cve/CVE-2024-42101.html * https://www.suse.com/security/cve/CVE-2024-42104.html * https://www.suse.com/security/cve/CVE-2024-42105.html * https://www.suse.com/security/cve/CVE-2024-42106.html * https://www.suse.com/security/cve/CVE-2024-42107.html * https://www.suse.com/security/cve/CVE-2024-42109.html * https://www.suse.com/security/cve/CVE-2024-42110.html * https://www.suse.com/security/cve/CVE-2024-42113.html * https://www.suse.com/security/cve/CVE-2024-42114.html * https://www.suse.com/security/cve/CVE-2024-42115.html * https://www.suse.com/security/cve/CVE-2024-42117.html * https://www.suse.com/security/cve/CVE-2024-42119.html * https://www.suse.com/security/cve/CVE-2024-42120.html * https://www.suse.com/security/cve/CVE-2024-42121.html * https://www.suse.com/security/cve/CVE-2024-42122.html * https://www.suse.com/security/cve/CVE-2024-42124.html * https://www.suse.com/security/cve/CVE-2024-42125.html * https://www.suse.com/security/cve/CVE-2024-42126.html * https://www.suse.com/security/cve/CVE-2024-42127.html * https://www.suse.com/security/cve/CVE-2024-42130.html * https://www.suse.com/security/cve/CVE-2024-42131.html * https://www.suse.com/security/cve/CVE-2024-42132.html * https://www.suse.com/security/cve/CVE-2024-42133.html * https://www.suse.com/security/cve/CVE-2024-42136.html * https://www.suse.com/security/cve/CVE-2024-42137.html * https://www.suse.com/security/cve/CVE-2024-42138.html * https://www.suse.com/security/cve/CVE-2024-42139.html * https://www.suse.com/security/cve/CVE-2024-42141.html * https://www.suse.com/security/cve/CVE-2024-42142.html * https://www.suse.com/security/cve/CVE-2024-42143.html * https://www.suse.com/security/cve/CVE-2024-42144.html * https://www.suse.com/security/cve/CVE-2024-42145.html * https://www.suse.com/security/cve/CVE-2024-42147.html * https://www.suse.com/security/cve/CVE-2024-42148.html * https://www.suse.com/security/cve/CVE-2024-42152.html * https://www.suse.com/security/cve/CVE-2024-42153.html * https://www.suse.com/security/cve/CVE-2024-42155.html * https://www.suse.com/security/cve/CVE-2024-42156.html * https://www.suse.com/security/cve/CVE-2024-42157.html * https://www.suse.com/security/cve/CVE-2024-42158.html * https://www.suse.com/security/cve/CVE-2024-42159.html * https://www.suse.com/security/cve/CVE-2024-42161.html * https://www.suse.com/security/cve/CVE-2024-42162.html * https://www.suse.com/security/cve/CVE-2024-42223.html * https://www.suse.com/security/cve/CVE-2024-42224.html * https://www.suse.com/security/cve/CVE-2024-42225.html * https://www.suse.com/security/cve/CVE-2024-42226.html * https://www.suse.com/security/cve/CVE-2024-42227.html * https://www.suse.com/security/cve/CVE-2024-42228.html * https://www.suse.com/security/cve/CVE-2024-42229.html * https://www.suse.com/security/cve/CVE-2024-42230.html * https://www.suse.com/security/cve/CVE-2024-42232.html * https://www.suse.com/security/cve/CVE-2024-42236.html * https://www.suse.com/security/cve/CVE-2024-42237.html * https://www.suse.com/security/cve/CVE-2024-42238.html * https://www.suse.com/security/cve/CVE-2024-42239.html * https://www.suse.com/security/cve/CVE-2024-42240.html * https://www.suse.com/security/cve/CVE-2024-42241.html * https://www.suse.com/security/cve/CVE-2024-42244.html * https://www.suse.com/security/cve/CVE-2024-42245.html * https://www.suse.com/security/cve/CVE-2024-42246.html * https://www.suse.com/security/cve/CVE-2024-42247.html * https://www.suse.com/security/cve/CVE-2024-42250.html * https://www.suse.com/security/cve/CVE-2024-42253.html * https://www.suse.com/security/cve/CVE-2024-42259.html * https://www.suse.com/security/cve/CVE-2024-42268.html * https://www.suse.com/security/cve/CVE-2024-42269.html * https://www.suse.com/security/cve/CVE-2024-42270.html * https://www.suse.com/security/cve/CVE-2024-42271.html * https://www.suse.com/security/cve/CVE-2024-42274.html * https://www.suse.com/security/cve/CVE-2024-42276.html * https://www.suse.com/security/cve/CVE-2024-42277.html * https://www.suse.com/security/cve/CVE-2024-42278.html * https://www.suse.com/security/cve/CVE-2024-42279.html * https://www.suse.com/security/cve/CVE-2024-42280.html * https://www.suse.com/security/cve/CVE-2024-42281.html * https://www.suse.com/security/cve/CVE-2024-42283.html * https://www.suse.com/security/cve/CVE-2024-42284.html * https://www.suse.com/security/cve/CVE-2024-42285.html * https://www.suse.com/security/cve/CVE-2024-42286.html * https://www.suse.com/security/cve/CVE-2024-42287.html * https://www.suse.com/security/cve/CVE-2024-42288.html * https://www.suse.com/security/cve/CVE-2024-42289.html * https://www.suse.com/security/cve/CVE-2024-42290.html * https://www.suse.com/security/cve/CVE-2024-42291.html * https://www.suse.com/security/cve/CVE-2024-42292.html * https://www.suse.com/security/cve/CVE-2024-42295.html * https://www.suse.com/security/cve/CVE-2024-42298.html * https://www.suse.com/security/cve/CVE-2024-42301.html * https://www.suse.com/security/cve/CVE-2024-42302.html * https://www.suse.com/security/cve/CVE-2024-42303.html * https://www.suse.com/security/cve/CVE-2024-42308.html * https://www.suse.com/security/cve/CVE-2024-42309.html * https://www.suse.com/security/cve/CVE-2024-42310.html * https://www.suse.com/security/cve/CVE-2024-42311.html * https://www.suse.com/security/cve/CVE-2024-42312.html * https://www.suse.com/security/cve/CVE-2024-42313.html * https://www.suse.com/security/cve/CVE-2024-42314.html * https://www.suse.com/security/cve/CVE-2024-42315.html * https://www.suse.com/security/cve/CVE-2024-42316.html * https://www.suse.com/security/cve/CVE-2024-42318.html * https://www.suse.com/security/cve/CVE-2024-42319.html * https://www.suse.com/security/cve/CVE-2024-42320.html * https://www.suse.com/security/cve/CVE-2024-42322.html * https://www.suse.com/security/cve/CVE-2024-43816.html * https://www.suse.com/security/cve/CVE-2024-43817.html * https://www.suse.com/security/cve/CVE-2024-43818.html * https://www.suse.com/security/cve/CVE-2024-43819.html * https://www.suse.com/security/cve/CVE-2024-43821.html * https://www.suse.com/security/cve/CVE-2024-43823.html * https://www.suse.com/security/cve/CVE-2024-43824.html * https://www.suse.com/security/cve/CVE-2024-43825.html * https://www.suse.com/security/cve/CVE-2024-43826.html * https://www.suse.com/security/cve/CVE-2024-43829.html * https://www.suse.com/security/cve/CVE-2024-43830.html * https://www.suse.com/security/cve/CVE-2024-43831.html * https://www.suse.com/security/cve/CVE-2024-43833.html * https://www.suse.com/security/cve/CVE-2024-43834.html * https://www.suse.com/security/cve/CVE-2024-43837.html * https://www.suse.com/security/cve/CVE-2024-43839.html * https://www.suse.com/security/cve/CVE-2024-43840.html * https://www.suse.com/security/cve/CVE-2024-43841.html * https://www.suse.com/security/cve/CVE-2024-43842.html * https://www.suse.com/security/cve/CVE-2024-43846.html * https://www.suse.com/security/cve/CVE-2024-43847.html * https://www.suse.com/security/cve/CVE-2024-43849.html * https://www.suse.com/security/cve/CVE-2024-43850.html * https://www.suse.com/security/cve/CVE-2024-43851.html * https://www.suse.com/security/cve/CVE-2024-43853.html * https://www.suse.com/security/cve/CVE-2024-43854.html * https://www.suse.com/security/cve/CVE-2024-43855.html * https://www.suse.com/security/cve/CVE-2024-43856.html * https://www.suse.com/security/cve/CVE-2024-43858.html * https://www.suse.com/security/cve/CVE-2024-43860.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-43863.html * https://www.suse.com/security/cve/CVE-2024-43864.html * https://www.suse.com/security/cve/CVE-2024-43866.html * https://www.suse.com/security/cve/CVE-2024-43867.html * https://www.suse.com/security/cve/CVE-2024-43871.html * https://www.suse.com/security/cve/CVE-2024-43872.html * https://www.suse.com/security/cve/CVE-2024-43873.html * https://www.suse.com/security/cve/CVE-2024-43874.html * https://www.suse.com/security/cve/CVE-2024-43875.html * https://www.suse.com/security/cve/CVE-2024-43876.html * https://www.suse.com/security/cve/CVE-2024-43877.html * https://www.suse.com/security/cve/CVE-2024-43879.html * https://www.suse.com/security/cve/CVE-2024-43880.html * https://www.suse.com/security/cve/CVE-2024-43881.html * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-43883.html * https://www.suse.com/security/cve/CVE-2024-43884.html * https://www.suse.com/security/cve/CVE-2024-43885.html * https://www.suse.com/security/cve/CVE-2024-43889.html * https://www.suse.com/security/cve/CVE-2024-43892.html * https://www.suse.com/security/cve/CVE-2024-43893.html * https://www.suse.com/security/cve/CVE-2024-43894.html * https://www.suse.com/security/cve/CVE-2024-43895.html * https://www.suse.com/security/cve/CVE-2024-43897.html * https://www.suse.com/security/cve/CVE-2024-43899.html * https://www.suse.com/security/cve/CVE-2024-43900.html * https://www.suse.com/security/cve/CVE-2024-43902.html * https://www.suse.com/security/cve/CVE-2024-43903.html * https://www.suse.com/security/cve/CVE-2024-43905.html * https://www.suse.com/security/cve/CVE-2024-43906.html * https://www.suse.com/security/cve/CVE-2024-43907.html * https://www.suse.com/security/cve/CVE-2024-43908.html * https://www.suse.com/security/cve/CVE-2024-43909.html * https://www.suse.com/security/cve/CVE-2024-43911.html * https://www.suse.com/security/cve/CVE-2024-43912.html * https://www.suse.com/security/cve/CVE-2024-44931.html * https://www.suse.com/security/cve/CVE-2024-44938.html * https://www.suse.com/security/cve/CVE-2024-44939.html * https://bugzilla.suse.com/show_bug.cgi?id=1012628 * https://bugzilla.suse.com/show_bug.cgi?id=1193454 * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1205462 * https://bugzilla.suse.com/show_bug.cgi?id=1208783 * https://bugzilla.suse.com/show_bug.cgi?id=1213123 * https://bugzilla.suse.com/show_bug.cgi?id=1214285 * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1219596 * https://bugzilla.suse.com/show_bug.cgi?id=1220066 * https://bugzilla.suse.com/show_bug.cgi?id=1220252 * https://bugzilla.suse.com/show_bug.cgi?id=1220877 * https://bugzilla.suse.com/show_bug.cgi?id=1221326 * https://bugzilla.suse.com/show_bug.cgi?id=1221630 * https://bugzilla.suse.com/show_bug.cgi?id=1221645 * https://bugzilla.suse.com/show_bug.cgi?id=1221652 * https://bugzilla.suse.com/show_bug.cgi?id=1221857 * https://bugzilla.suse.com/show_bug.cgi?id=1222254 * https://bugzilla.suse.com/show_bug.cgi?id=1222335 * https://bugzilla.suse.com/show_bug.cgi?id=1222350 * https://bugzilla.suse.com/show_bug.cgi?id=1222364 * https://bugzilla.suse.com/show_bug.cgi?id=1222372 * https://bugzilla.suse.com/show_bug.cgi?id=1222387 * https://bugzilla.suse.com/show_bug.cgi?id=1222433 * https://bugzilla.suse.com/show_bug.cgi?id=1222434 * https://bugzilla.suse.com/show_bug.cgi?id=1222625 * https://bugzilla.suse.com/show_bug.cgi?id=1222633 * https://bugzilla.suse.com/show_bug.cgi?id=1222634 * https://bugzilla.suse.com/show_bug.cgi?id=1222777 * https://bugzilla.suse.com/show_bug.cgi?id=1222808 * https://bugzilla.suse.com/show_bug.cgi?id=1222967 * https://bugzilla.suse.com/show_bug.cgi?id=1222973 * https://bugzilla.suse.com/show_bug.cgi?id=1223053 * https://bugzilla.suse.com/show_bug.cgi?id=1223074 * https://bugzilla.suse.com/show_bug.cgi?id=1223191 * https://bugzilla.suse.com/show_bug.cgi?id=1223395 * https://bugzilla.suse.com/show_bug.cgi?id=1223635 * https://bugzilla.suse.com/show_bug.cgi?id=1223720 * https://bugzilla.suse.com/show_bug.cgi?id=1223731 * https://bugzilla.suse.com/show_bug.cgi?id=1223742 * https://bugzilla.suse.com/show_bug.cgi?id=1223763 * https://bugzilla.suse.com/show_bug.cgi?id=1223767 * https://bugzilla.suse.com/show_bug.cgi?id=1223777 * https://bugzilla.suse.com/show_bug.cgi?id=1223803 * https://bugzilla.suse.com/show_bug.cgi?id=1224105 * https://bugzilla.suse.com/show_bug.cgi?id=1224415 * https://bugzilla.suse.com/show_bug.cgi?id=1224485 * https://bugzilla.suse.com/show_bug.cgi?id=1224496 * https://bugzilla.suse.com/show_bug.cgi?id=1224510 * https://bugzilla.suse.com/show_bug.cgi?id=1224535 * https://bugzilla.suse.com/show_bug.cgi?id=1224631 * https://bugzilla.suse.com/show_bug.cgi?id=1224636 * https://bugzilla.suse.com/show_bug.cgi?id=1224690 * https://bugzilla.suse.com/show_bug.cgi?id=1224694 * https://bugzilla.suse.com/show_bug.cgi?id=1224700 * https://bugzilla.suse.com/show_bug.cgi?id=1224711 * https://bugzilla.suse.com/show_bug.cgi?id=1225461 * https://bugzilla.suse.com/show_bug.cgi?id=1225474 * https://bugzilla.suse.com/show_bug.cgi?id=1225475 * https://bugzilla.suse.com/show_bug.cgi?id=1225582 * https://bugzilla.suse.com/show_bug.cgi?id=1225607 * https://bugzilla.suse.com/show_bug.cgi?id=1225718 * https://bugzilla.suse.com/show_bug.cgi?id=1225751 * https://bugzilla.suse.com/show_bug.cgi?id=1225814 * https://bugzilla.suse.com/show_bug.cgi?id=1225832 * https://bugzilla.suse.com/show_bug.cgi?id=1225838 * https://bugzilla.suse.com/show_bug.cgi?id=1225903 * https://bugzilla.suse.com/show_bug.cgi?id=1226031 * https://bugzilla.suse.com/show_bug.cgi?id=1226127 * https://bugzilla.suse.com/show_bug.cgi?id=1226502 * https://bugzilla.suse.com/show_bug.cgi?id=1226530 * https://bugzilla.suse.com/show_bug.cgi?id=1226588 * https://bugzilla.suse.com/show_bug.cgi?id=1226604 * https://bugzilla.suse.com/show_bug.cgi?id=1226743 * https://bugzilla.suse.com/show_bug.cgi?id=1226751 * https://bugzilla.suse.com/show_bug.cgi?id=1226765 * https://bugzilla.suse.com/show_bug.cgi?id=1226798 * https://bugzilla.suse.com/show_bug.cgi?id=1226801 * https://bugzilla.suse.com/show_bug.cgi?id=1226834 * https://bugzilla.suse.com/show_bug.cgi?id=1226874 * https://bugzilla.suse.com/show_bug.cgi?id=1226885 * https://bugzilla.suse.com/show_bug.cgi?id=1226920 * https://bugzilla.suse.com/show_bug.cgi?id=1227149 * https://bugzilla.suse.com/show_bug.cgi?id=1227182 * https://bugzilla.suse.com/show_bug.cgi?id=1227383 * https://bugzilla.suse.com/show_bug.cgi?id=1227437 * https://bugzilla.suse.com/show_bug.cgi?id=1227492 * https://bugzilla.suse.com/show_bug.cgi?id=1227493 * https://bugzilla.suse.com/show_bug.cgi?id=1227494 * https://bugzilla.suse.com/show_bug.cgi?id=1227618 * https://bugzilla.suse.com/show_bug.cgi?id=1227620 * https://bugzilla.suse.com/show_bug.cgi?id=1227623 * https://bugzilla.suse.com/show_bug.cgi?id=1227627 * https://bugzilla.suse.com/show_bug.cgi?id=1227634 * https://bugzilla.suse.com/show_bug.cgi?id=1227706 * https://bugzilla.suse.com/show_bug.cgi?id=1227722 * https://bugzilla.suse.com/show_bug.cgi?id=1227724 * https://bugzilla.suse.com/show_bug.cgi?id=1227725 * https://bugzilla.suse.com/show_bug.cgi?id=1227728 * https://bugzilla.suse.com/show_bug.cgi?id=1227729 * https://bugzilla.suse.com/show_bug.cgi?id=1227732 * https://bugzilla.suse.com/show_bug.cgi?id=1227733 * https://bugzilla.suse.com/show_bug.cgi?id=1227734 * https://bugzilla.suse.com/show_bug.cgi?id=1227747 * https://bugzilla.suse.com/show_bug.cgi?id=1227750 * https://bugzilla.suse.com/show_bug.cgi?id=1227754 * https://bugzilla.suse.com/show_bug.cgi?id=1227758 * https://bugzilla.suse.com/show_bug.cgi?id=1227760 * https://bugzilla.suse.com/show_bug.cgi?id=1227761 * https://bugzilla.suse.com/show_bug.cgi?id=1227764 * https://bugzilla.suse.com/show_bug.cgi?id=1227766 * https://bugzilla.suse.com/show_bug.cgi?id=1227770 * https://bugzilla.suse.com/show_bug.cgi?id=1227771 * https://bugzilla.suse.com/show_bug.cgi?id=1227772 * https://bugzilla.suse.com/show_bug.cgi?id=1227774 * https://bugzilla.suse.com/show_bug.cgi?id=1227781 * https://bugzilla.suse.com/show_bug.cgi?id=1227784 * https://bugzilla.suse.com/show_bug.cgi?id=1227785 * https://bugzilla.suse.com/show_bug.cgi?id=1227787 * https://bugzilla.suse.com/show_bug.cgi?id=1227790 * https://bugzilla.suse.com/show_bug.cgi?id=1227791 * https://bugzilla.suse.com/show_bug.cgi?id=1227792 * https://bugzilla.suse.com/show_bug.cgi?id=1227796 * https://bugzilla.suse.com/show_bug.cgi?id=1227798 * https://bugzilla.suse.com/show_bug.cgi?id=1227799 * https://bugzilla.suse.com/show_bug.cgi?id=1227802 * https://bugzilla.suse.com/show_bug.cgi?id=1227808 * https://bugzilla.suse.com/show_bug.cgi?id=1227810 * https://bugzilla.suse.com/show_bug.cgi?id=1227811 * https://bugzilla.suse.com/show_bug.cgi?id=1227812 * https://bugzilla.suse.com/show_bug.cgi?id=1227815 * https://bugzilla.suse.com/show_bug.cgi?id=1227816 * https://bugzilla.suse.com/show_bug.cgi?id=1227818 * https://bugzilla.suse.com/show_bug.cgi?id=1227820 * https://bugzilla.suse.com/show_bug.cgi?id=1227823 * https://bugzilla.suse.com/show_bug.cgi?id=1227824 * https://bugzilla.suse.com/show_bug.cgi?id=1227826 * https://bugzilla.suse.com/show_bug.cgi?id=1227828 * https://bugzilla.suse.com/show_bug.cgi?id=1227829 * https://bugzilla.suse.com/show_bug.cgi?id=1227830 * https://bugzilla.suse.com/show_bug.cgi?id=1227832 * https://bugzilla.suse.com/show_bug.cgi?id=1227833 * https://bugzilla.suse.com/show_bug.cgi?id=1227834 * https://bugzilla.suse.com/show_bug.cgi?id=1227839 * https://bugzilla.suse.com/show_bug.cgi?id=1227840 * https://bugzilla.suse.com/show_bug.cgi?id=1227846 * https://bugzilla.suse.com/show_bug.cgi?id=1227849 * https://bugzilla.suse.com/show_bug.cgi?id=1227851 * https://bugzilla.suse.com/show_bug.cgi?id=1227853 * https://bugzilla.suse.com/show_bug.cgi?id=1227863 * https://bugzilla.suse.com/show_bug.cgi?id=1227864 * https://bugzilla.suse.com/show_bug.cgi?id=1227865 * https://bugzilla.suse.com/show_bug.cgi?id=1227867 * https://bugzilla.suse.com/show_bug.cgi?id=1227869 * https://bugzilla.suse.com/show_bug.cgi?id=1227870 * https://bugzilla.suse.com/show_bug.cgi?id=1227883 * https://bugzilla.suse.com/show_bug.cgi?id=1227884 * https://bugzilla.suse.com/show_bug.cgi?id=1227891 * https://bugzilla.suse.com/show_bug.cgi?id=1227893 * https://bugzilla.suse.com/show_bug.cgi?id=1227929 * https://bugzilla.suse.com/show_bug.cgi?id=1227950 * https://bugzilla.suse.com/show_bug.cgi?id=1227957 * https://bugzilla.suse.com/show_bug.cgi?id=1227981 * https://bugzilla.suse.com/show_bug.cgi?id=1228020 * https://bugzilla.suse.com/show_bug.cgi?id=1228021 * https://bugzilla.suse.com/show_bug.cgi?id=1228114 * https://bugzilla.suse.com/show_bug.cgi?id=1228192 * https://bugzilla.suse.com/show_bug.cgi?id=1228195 * https://bugzilla.suse.com/show_bug.cgi?id=1228202 * https://bugzilla.suse.com/show_bug.cgi?id=1228235 * https://bugzilla.suse.com/show_bug.cgi?id=1228236 * https://bugzilla.suse.com/show_bug.cgi?id=1228237 * https://bugzilla.suse.com/show_bug.cgi?id=1228247 * https://bugzilla.suse.com/show_bug.cgi?id=1228321 * https://bugzilla.suse.com/show_bug.cgi?id=1228409 * https://bugzilla.suse.com/show_bug.cgi?id=1228410 * https://bugzilla.suse.com/show_bug.cgi?id=1228426 * https://bugzilla.suse.com/show_bug.cgi?id=1228427 * https://bugzilla.suse.com/show_bug.cgi?id=1228429 * https://bugzilla.suse.com/show_bug.cgi?id=1228446 * https://bugzilla.suse.com/show_bug.cgi?id=1228447 * https://bugzilla.suse.com/show_bug.cgi?id=1228449 * https://bugzilla.suse.com/show_bug.cgi?id=1228450 * https://bugzilla.suse.com/show_bug.cgi?id=1228452 * https://bugzilla.suse.com/show_bug.cgi?id=1228456 * https://bugzilla.suse.com/show_bug.cgi?id=1228457 * https://bugzilla.suse.com/show_bug.cgi?id=1228458 * https://bugzilla.suse.com/show_bug.cgi?id=1228459 * https://bugzilla.suse.com/show_bug.cgi?id=1228460 * https://bugzilla.suse.com/show_bug.cgi?id=1228462 * https://bugzilla.suse.com/show_bug.cgi?id=1228463 * https://bugzilla.suse.com/show_bug.cgi?id=1228466 * https://bugzilla.suse.com/show_bug.cgi?id=1228467 * https://bugzilla.suse.com/show_bug.cgi?id=1228468 * https://bugzilla.suse.com/show_bug.cgi?id=1228469 * https://bugzilla.suse.com/show_bug.cgi?id=1228470 * https://bugzilla.suse.com/show_bug.cgi?id=1228472 * https://bugzilla.suse.com/show_bug.cgi?id=1228479 * https://bugzilla.suse.com/show_bug.cgi?id=1228480 * https://bugzilla.suse.com/show_bug.cgi?id=1228481 * https://bugzilla.suse.com/show_bug.cgi?id=1228482 * https://bugzilla.suse.com/show_bug.cgi?id=1228483 * https://bugzilla.suse.com/show_bug.cgi?id=1228484 * https://bugzilla.suse.com/show_bug.cgi?id=1228485 * https://bugzilla.suse.com/show_bug.cgi?id=1228486 * https://bugzilla.suse.com/show_bug.cgi?id=1228487 * https://bugzilla.suse.com/show_bug.cgi?id=1228489 * https://bugzilla.suse.com/show_bug.cgi?id=1228491 * https://bugzilla.suse.com/show_bug.cgi?id=1228492 * https://bugzilla.suse.com/show_bug.cgi?id=1228493 * https://bugzilla.suse.com/show_bug.cgi?id=1228494 * https://bugzilla.suse.com/show_bug.cgi?id=1228495 * https://bugzilla.suse.com/show_bug.cgi?id=1228496 * https://bugzilla.suse.com/show_bug.cgi?id=1228499 * https://bugzilla.suse.com/show_bug.cgi?id=1228500 * https://bugzilla.suse.com/show_bug.cgi?id=1228501 * https://bugzilla.suse.com/show_bug.cgi?id=1228502 * https://bugzilla.suse.com/show_bug.cgi?id=1228503 * https://bugzilla.suse.com/show_bug.cgi?id=1228505 * https://bugzilla.suse.com/show_bug.cgi?id=1228508 * https://bugzilla.suse.com/show_bug.cgi?id=1228509 * https://bugzilla.suse.com/show_bug.cgi?id=1228510 * https://bugzilla.suse.com/show_bug.cgi?id=1228511 * https://bugzilla.suse.com/show_bug.cgi?id=1228513 * https://bugzilla.suse.com/show_bug.cgi?id=1228515 * https://bugzilla.suse.com/show_bug.cgi?id=1228516 * https://bugzilla.suse.com/show_bug.cgi?id=1228518 * https://bugzilla.suse.com/show_bug.cgi?id=1228520 * https://bugzilla.suse.com/show_bug.cgi?id=1228525 * https://bugzilla.suse.com/show_bug.cgi?id=1228527 * https://bugzilla.suse.com/show_bug.cgi?id=1228530 * https://bugzilla.suse.com/show_bug.cgi?id=1228531 * https://bugzilla.suse.com/show_bug.cgi?id=1228539 * https://bugzilla.suse.com/show_bug.cgi?id=1228561 * https://bugzilla.suse.com/show_bug.cgi?id=1228563 * https://bugzilla.suse.com/show_bug.cgi?id=1228564 * https://bugzilla.suse.com/show_bug.cgi?id=1228565 * https://bugzilla.suse.com/show_bug.cgi?id=1228567 * https://bugzilla.suse.com/show_bug.cgi?id=1228568 * https://bugzilla.suse.com/show_bug.cgi?id=1228572 * https://bugzilla.suse.com/show_bug.cgi?id=1228576 * https://bugzilla.suse.com/show_bug.cgi?id=1228579 * https://bugzilla.suse.com/show_bug.cgi?id=1228580 * https://bugzilla.suse.com/show_bug.cgi?id=1228581 * https://bugzilla.suse.com/show_bug.cgi?id=1228582 * https://bugzilla.suse.com/show_bug.cgi?id=1228584 * https://bugzilla.suse.com/show_bug.cgi?id=1228586 * https://bugzilla.suse.com/show_bug.cgi?id=1228588 * https://bugzilla.suse.com/show_bug.cgi?id=1228590 * https://bugzilla.suse.com/show_bug.cgi?id=1228591 * https://bugzilla.suse.com/show_bug.cgi?id=1228599 * https://bugzilla.suse.com/show_bug.cgi?id=1228615 * https://bugzilla.suse.com/show_bug.cgi?id=1228616 * https://bugzilla.suse.com/show_bug.cgi?id=1228617 * https://bugzilla.suse.com/show_bug.cgi?id=1228625 * https://bugzilla.suse.com/show_bug.cgi?id=1228626 * https://bugzilla.suse.com/show_bug.cgi?id=1228633 * https://bugzilla.suse.com/show_bug.cgi?id=1228635 * https://bugzilla.suse.com/show_bug.cgi?id=1228636 * https://bugzilla.suse.com/show_bug.cgi?id=1228640 * https://bugzilla.suse.com/show_bug.cgi?id=1228643 * https://bugzilla.suse.com/show_bug.cgi?id=1228644 * https://bugzilla.suse.com/show_bug.cgi?id=1228646 * https://bugzilla.suse.com/show_bug.cgi?id=1228649 * https://bugzilla.suse.com/show_bug.cgi?id=1228650 * https://bugzilla.suse.com/show_bug.cgi?id=1228654 * https://bugzilla.suse.com/show_bug.cgi?id=1228655 * https://bugzilla.suse.com/show_bug.cgi?id=1228656 * https://bugzilla.suse.com/show_bug.cgi?id=1228658 * https://bugzilla.suse.com/show_bug.cgi?id=1228660 * https://bugzilla.suse.com/show_bug.cgi?id=1228662 * https://bugzilla.suse.com/show_bug.cgi?id=1228665 * https://bugzilla.suse.com/show_bug.cgi?id=1228666 * https://bugzilla.suse.com/show_bug.cgi?id=1228667 * https://bugzilla.suse.com/show_bug.cgi?id=1228672 * https://bugzilla.suse.com/show_bug.cgi?id=1228673 * https://bugzilla.suse.com/show_bug.cgi?id=1228674 * https://bugzilla.suse.com/show_bug.cgi?id=1228677 * https://bugzilla.suse.com/show_bug.cgi?id=1228680 * https://bugzilla.suse.com/show_bug.cgi?id=1228687 * https://bugzilla.suse.com/show_bug.cgi?id=1228705 * https://bugzilla.suse.com/show_bug.cgi?id=1228706 * https://bugzilla.suse.com/show_bug.cgi?id=1228707 * https://bugzilla.suse.com/show_bug.cgi?id=1228708 * https://bugzilla.suse.com/show_bug.cgi?id=1228709 * https://bugzilla.suse.com/show_bug.cgi?id=1228710 * https://bugzilla.suse.com/show_bug.cgi?id=1228718 * https://bugzilla.suse.com/show_bug.cgi?id=1228720 * https://bugzilla.suse.com/show_bug.cgi?id=1228721 * https://bugzilla.suse.com/show_bug.cgi?id=1228722 * https://bugzilla.suse.com/show_bug.cgi?id=1228723 * https://bugzilla.suse.com/show_bug.cgi?id=1228724 * https://bugzilla.suse.com/show_bug.cgi?id=1228726 * https://bugzilla.suse.com/show_bug.cgi?id=1228727 * https://bugzilla.suse.com/show_bug.cgi?id=1228733 * https://bugzilla.suse.com/show_bug.cgi?id=1228737 * https://bugzilla.suse.com/show_bug.cgi?id=1228743 * https://bugzilla.suse.com/show_bug.cgi?id=1228748 * https://bugzilla.suse.com/show_bug.cgi?id=1228754 * https://bugzilla.suse.com/show_bug.cgi?id=1228756 * https://bugzilla.suse.com/show_bug.cgi?id=1228757 * https://bugzilla.suse.com/show_bug.cgi?id=1228758 * https://bugzilla.suse.com/show_bug.cgi?id=1228764 * https://bugzilla.suse.com/show_bug.cgi?id=1228766 * https://bugzilla.suse.com/show_bug.cgi?id=1228779 * https://bugzilla.suse.com/show_bug.cgi?id=1228801 * https://bugzilla.suse.com/show_bug.cgi?id=1228849 * https://bugzilla.suse.com/show_bug.cgi?id=1228850 * https://bugzilla.suse.com/show_bug.cgi?id=1228857 * https://bugzilla.suse.com/show_bug.cgi?id=1228959 * https://bugzilla.suse.com/show_bug.cgi?id=1228964 * https://bugzilla.suse.com/show_bug.cgi?id=1228966 * https://bugzilla.suse.com/show_bug.cgi?id=1228967 * https://bugzilla.suse.com/show_bug.cgi?id=1228973 * https://bugzilla.suse.com/show_bug.cgi?id=1228977 * https://bugzilla.suse.com/show_bug.cgi?id=1228978 * https://bugzilla.suse.com/show_bug.cgi?id=1228979 * https://bugzilla.suse.com/show_bug.cgi?id=1228986 * https://bugzilla.suse.com/show_bug.cgi?id=1228988 * https://bugzilla.suse.com/show_bug.cgi?id=1228989 * https://bugzilla.suse.com/show_bug.cgi?id=1228991 * https://bugzilla.suse.com/show_bug.cgi?id=1228992 * https://bugzilla.suse.com/show_bug.cgi?id=1229005 * https://bugzilla.suse.com/show_bug.cgi?id=1229024 * https://bugzilla.suse.com/show_bug.cgi?id=1229042 * https://bugzilla.suse.com/show_bug.cgi?id=1229045 * https://bugzilla.suse.com/show_bug.cgi?id=1229046 * https://bugzilla.suse.com/show_bug.cgi?id=1229054 * https://bugzilla.suse.com/show_bug.cgi?id=1229056 * https://bugzilla.suse.com/show_bug.cgi?id=1229086 * https://bugzilla.suse.com/show_bug.cgi?id=1229134 * https://bugzilla.suse.com/show_bug.cgi?id=1229136 * https://bugzilla.suse.com/show_bug.cgi?id=1229154 * https://bugzilla.suse.com/show_bug.cgi?id=1229156 * https://bugzilla.suse.com/show_bug.cgi?id=1229160 * https://bugzilla.suse.com/show_bug.cgi?id=1229167 * https://bugzilla.suse.com/show_bug.cgi?id=1229168 * https://bugzilla.suse.com/show_bug.cgi?id=1229169 * https://bugzilla.suse.com/show_bug.cgi?id=1229170 * https://bugzilla.suse.com/show_bug.cgi?id=1229171 * https://bugzilla.suse.com/show_bug.cgi?id=1229172 * https://bugzilla.suse.com/show_bug.cgi?id=1229173 * https://bugzilla.suse.com/show_bug.cgi?id=1229174 * https://bugzilla.suse.com/show_bug.cgi?id=1229239 * https://bugzilla.suse.com/show_bug.cgi?id=1229240 * https://bugzilla.suse.com/show_bug.cgi?id=1229241 * https://bugzilla.suse.com/show_bug.cgi?id=1229243 * https://bugzilla.suse.com/show_bug.cgi?id=1229244 * https://bugzilla.suse.com/show_bug.cgi?id=1229245 * https://bugzilla.suse.com/show_bug.cgi?id=1229246 * https://bugzilla.suse.com/show_bug.cgi?id=1229247 * https://bugzilla.suse.com/show_bug.cgi?id=1229248 * https://bugzilla.suse.com/show_bug.cgi?id=1229249 * https://bugzilla.suse.com/show_bug.cgi?id=1229250 * https://bugzilla.suse.com/show_bug.cgi?id=1229251 * https://bugzilla.suse.com/show_bug.cgi?id=1229252 * https://bugzilla.suse.com/show_bug.cgi?id=1229253 * https://bugzilla.suse.com/show_bug.cgi?id=1229254 * https://bugzilla.suse.com/show_bug.cgi?id=1229255 * https://bugzilla.suse.com/show_bug.cgi?id=1229256 * https://bugzilla.suse.com/show_bug.cgi?id=1229287 * https://bugzilla.suse.com/show_bug.cgi?id=1229290 * https://bugzilla.suse.com/show_bug.cgi?id=1229291 * https://bugzilla.suse.com/show_bug.cgi?id=1229292 * https://bugzilla.suse.com/show_bug.cgi?id=1229294 * https://bugzilla.suse.com/show_bug.cgi?id=1229296 * https://bugzilla.suse.com/show_bug.cgi?id=1229297 * https://bugzilla.suse.com/show_bug.cgi?id=1229298 * https://bugzilla.suse.com/show_bug.cgi?id=1229299 * https://bugzilla.suse.com/show_bug.cgi?id=1229301 * https://bugzilla.suse.com/show_bug.cgi?id=1229303 * https://bugzilla.suse.com/show_bug.cgi?id=1229304 * https://bugzilla.suse.com/show_bug.cgi?id=1229305 * https://bugzilla.suse.com/show_bug.cgi?id=1229307 * https://bugzilla.suse.com/show_bug.cgi?id=1229309 * https://bugzilla.suse.com/show_bug.cgi?id=1229312 * https://bugzilla.suse.com/show_bug.cgi?id=1229313 * https://bugzilla.suse.com/show_bug.cgi?id=1229314 * https://bugzilla.suse.com/show_bug.cgi?id=1229315 * https://bugzilla.suse.com/show_bug.cgi?id=1229316 * https://bugzilla.suse.com/show_bug.cgi?id=1229317 * https://bugzilla.suse.com/show_bug.cgi?id=1229318 * https://bugzilla.suse.com/show_bug.cgi?id=1229319 * https://bugzilla.suse.com/show_bug.cgi?id=1229320 * https://bugzilla.suse.com/show_bug.cgi?id=1229327 * https://bugzilla.suse.com/show_bug.cgi?id=1229341 * https://bugzilla.suse.com/show_bug.cgi?id=1229342 * https://bugzilla.suse.com/show_bug.cgi?id=1229344 * https://bugzilla.suse.com/show_bug.cgi?id=1229345 * https://bugzilla.suse.com/show_bug.cgi?id=1229346 * https://bugzilla.suse.com/show_bug.cgi?id=1229347 * https://bugzilla.suse.com/show_bug.cgi?id=1229349 * https://bugzilla.suse.com/show_bug.cgi?id=1229350 * https://bugzilla.suse.com/show_bug.cgi?id=1229351 * https://bugzilla.suse.com/show_bug.cgi?id=1229353 * https://bugzilla.suse.com/show_bug.cgi?id=1229354 * https://bugzilla.suse.com/show_bug.cgi?id=1229355 * https://bugzilla.suse.com/show_bug.cgi?id=1229356 * https://bugzilla.suse.com/show_bug.cgi?id=1229357 * https://bugzilla.suse.com/show_bug.cgi?id=1229358 * https://bugzilla.suse.com/show_bug.cgi?id=1229359 * https://bugzilla.suse.com/show_bug.cgi?id=1229360 * https://bugzilla.suse.com/show_bug.cgi?id=1229365 * https://bugzilla.suse.com/show_bug.cgi?id=1229366 * https://bugzilla.suse.com/show_bug.cgi?id=1229369 * https://bugzilla.suse.com/show_bug.cgi?id=1229370 * https://bugzilla.suse.com/show_bug.cgi?id=1229373 * https://bugzilla.suse.com/show_bug.cgi?id=1229374 * https://bugzilla.suse.com/show_bug.cgi?id=1229379 * https://bugzilla.suse.com/show_bug.cgi?id=1229381 * https://bugzilla.suse.com/show_bug.cgi?id=1229382 * https://bugzilla.suse.com/show_bug.cgi?id=1229383 * https://bugzilla.suse.com/show_bug.cgi?id=1229386 * https://bugzilla.suse.com/show_bug.cgi?id=1229388 * https://bugzilla.suse.com/show_bug.cgi?id=1229390 * https://bugzilla.suse.com/show_bug.cgi?id=1229391 * https://bugzilla.suse.com/show_bug.cgi?id=1229392 * https://bugzilla.suse.com/show_bug.cgi?id=1229395 * https://bugzilla.suse.com/show_bug.cgi?id=1229398 * https://bugzilla.suse.com/show_bug.cgi?id=1229399 * https://bugzilla.suse.com/show_bug.cgi?id=1229400 * https://bugzilla.suse.com/show_bug.cgi?id=1229402 * https://bugzilla.suse.com/show_bug.cgi?id=1229403 * https://bugzilla.suse.com/show_bug.cgi?id=1229404 * https://bugzilla.suse.com/show_bug.cgi?id=1229407 * https://bugzilla.suse.com/show_bug.cgi?id=1229409 * https://bugzilla.suse.com/show_bug.cgi?id=1229410 * https://bugzilla.suse.com/show_bug.cgi?id=1229411 * https://bugzilla.suse.com/show_bug.cgi?id=1229413 * https://bugzilla.suse.com/show_bug.cgi?id=1229414 * https://bugzilla.suse.com/show_bug.cgi?id=1229417 * https://bugzilla.suse.com/show_bug.cgi?id=1229444 * https://bugzilla.suse.com/show_bug.cgi?id=1229451 * https://bugzilla.suse.com/show_bug.cgi?id=1229452 * https://bugzilla.suse.com/show_bug.cgi?id=1229455 * https://bugzilla.suse.com/show_bug.cgi?id=1229456 * https://bugzilla.suse.com/show_bug.cgi?id=1229480 * https://bugzilla.suse.com/show_bug.cgi?id=1229481 * https://bugzilla.suse.com/show_bug.cgi?id=1229482 * https://bugzilla.suse.com/show_bug.cgi?id=1229484 * https://bugzilla.suse.com/show_bug.cgi?id=1229485 * https://bugzilla.suse.com/show_bug.cgi?id=1229486 * https://bugzilla.suse.com/show_bug.cgi?id=1229487 * https://bugzilla.suse.com/show_bug.cgi?id=1229488 * https://bugzilla.suse.com/show_bug.cgi?id=1229489 * https://bugzilla.suse.com/show_bug.cgi?id=1229490 * https://bugzilla.suse.com/show_bug.cgi?id=1229493 * https://bugzilla.suse.com/show_bug.cgi?id=1229495 * https://bugzilla.suse.com/show_bug.cgi?id=1229496 * https://bugzilla.suse.com/show_bug.cgi?id=1229497 * https://bugzilla.suse.com/show_bug.cgi?id=1229500 * https://bugzilla.suse.com/show_bug.cgi?id=1229503 * https://bugzilla.suse.com/show_bug.cgi?id=1229707 * https://bugzilla.suse.com/show_bug.cgi?id=1229739 * https://bugzilla.suse.com/show_bug.cgi?id=1229743 * https://bugzilla.suse.com/show_bug.cgi?id=1229746 * https://bugzilla.suse.com/show_bug.cgi?id=1229747 * https://bugzilla.suse.com/show_bug.cgi?id=1229752 * https://bugzilla.suse.com/show_bug.cgi?id=1229754 * https://bugzilla.suse.com/show_bug.cgi?id=1229755 * https://bugzilla.suse.com/show_bug.cgi?id=1229756 * https://bugzilla.suse.com/show_bug.cgi?id=1229759 * https://bugzilla.suse.com/show_bug.cgi?id=1229761 * https://bugzilla.suse.com/show_bug.cgi?id=1229767 * https://bugzilla.suse.com/show_bug.cgi?id=1229781 * https://bugzilla.suse.com/show_bug.cgi?id=1229784 * https://bugzilla.suse.com/show_bug.cgi?id=1229785 * https://bugzilla.suse.com/show_bug.cgi?id=1229787 * https://bugzilla.suse.com/show_bug.cgi?id=1229788 * https://bugzilla.suse.com/show_bug.cgi?id=1229789 * https://bugzilla.suse.com/show_bug.cgi?id=1229792 * https://bugzilla.suse.com/show_bug.cgi?id=1229820 * https://bugzilla.suse.com/show_bug.cgi?id=1229827 * https://bugzilla.suse.com/show_bug.cgi?id=1229830 * https://bugzilla.suse.com/show_bug.cgi?id=1229837 * https://bugzilla.suse.com/show_bug.cgi?id=1229940 * https://bugzilla.suse.com/show_bug.cgi?id=1230056 * https://jira.suse.com/browse/PED-10029 * https://jira.suse.com/browse/PED-10045 * https://jira.suse.com/browse/PED-10055 * https://jira.suse.com/browse/PED-10105 * https://jira.suse.com/browse/PED-10108 * https://jira.suse.com/browse/PED-8779 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 10 16:36:03 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 10 Sep 2024 16:36:03 -0000 Subject: SUSE-SU-2024:3198-1: important: Security update for gstreamer-plugins-bad Message-ID: <172598616345.28013.11195450108222507905@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-bad Announcement ID: SUSE-SU-2024:3198-1 Rating: important References: * bsc#1219494 * bsc#1226892 * bsc#1226897 * bsc#1226898 * bsc#1226899 * bsc#1226900 * bsc#1226901 * jsc#PED-10024 Cross-References: * CVE-2023-22656 * CVE-2023-45221 * CVE-2023-47169 * CVE-2023-47282 * CVE-2023-48368 CVSS scores: * CVE-2023-22656 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2023-45221 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2023-47169 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-47282 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2023-48368 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves five vulnerabilities, contains one feature and has two security fixes can now be installed. ## Description: This update for gstreamer-plugins-bad fixes the following issues: * Dropped support for libmfx to fix the following CVEs: * libmfx: improper input validation (CVE-2023-48368, bsc#1226897) * libmfx: improper buffer restrictions (CVE-2023-45221, bsc#1226898) * libmfx: out-of-bounds read (CVE-2023-22656, bsc#1226899) * libmfx: out-of-bounds write (CVE-2023-47282, bsc#1226900) * libmfx: improper buffer restrictions (CVE-2023-47169, bsc#1226901) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3198=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3198=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3198=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * typelib-1_0-GstMpegts-1_0-1.16.3-150200.4.22.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150200.4.22.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150200.4.22.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstinsertbin-1_0-0-1.16.3-150200.4.22.1 * libgstwebrtc-1_0-0-1.16.3-150200.4.22.1 * libgstphotography-1_0-0-1.16.3-150200.4.22.1 * libgsturidownloader-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstmpegts-1_0-0-1.16.3-150200.4.22.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150200.4.22.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150200.4.22.1 * libgstsctp-1_0-0-debuginfo-1.16.3-150200.4.22.1 * gstreamer-plugins-bad-debugsource-1.16.3-150200.4.22.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstwayland-1_0-0-1.16.3-150200.4.22.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150200.4.22.1 * gstreamer-plugins-bad-1.16.3-150200.4.22.1 * libgstisoff-1_0-0-1.16.3-150200.4.22.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstplayer-1_0-0-1.16.3-150200.4.22.1 * libgstcodecparsers-1_0-0-1.16.3-150200.4.22.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150200.4.22.1 * libgstadaptivedemux-1_0-0-1.16.3-150200.4.22.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150200.4.22.1 * gstreamer-plugins-bad-devel-1.16.3-150200.4.22.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150200.4.22.1 * libgsturidownloader-1_0-0-1.16.3-150200.4.22.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstbadaudio-1_0-0-1.16.3-150200.4.22.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstsctp-1_0-0-1.16.3-150200.4.22.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150200.4.22.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * typelib-1_0-GstMpegts-1_0-1.16.3-150200.4.22.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150200.4.22.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150200.4.22.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstinsertbin-1_0-0-1.16.3-150200.4.22.1 * libgstwebrtc-1_0-0-1.16.3-150200.4.22.1 * libgstphotography-1_0-0-1.16.3-150200.4.22.1 * libgsturidownloader-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstmpegts-1_0-0-1.16.3-150200.4.22.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150200.4.22.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150200.4.22.1 * libgstsctp-1_0-0-debuginfo-1.16.3-150200.4.22.1 * gstreamer-plugins-bad-debugsource-1.16.3-150200.4.22.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstwayland-1_0-0-1.16.3-150200.4.22.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150200.4.22.1 * gstreamer-plugins-bad-1.16.3-150200.4.22.1 * libgstisoff-1_0-0-1.16.3-150200.4.22.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstplayer-1_0-0-1.16.3-150200.4.22.1 * libgstcodecparsers-1_0-0-1.16.3-150200.4.22.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150200.4.22.1 * libgstadaptivedemux-1_0-0-1.16.3-150200.4.22.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150200.4.22.1 * gstreamer-plugins-bad-devel-1.16.3-150200.4.22.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150200.4.22.1 * libgsturidownloader-1_0-0-1.16.3-150200.4.22.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstbadaudio-1_0-0-1.16.3-150200.4.22.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstsctp-1_0-0-1.16.3-150200.4.22.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150200.4.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * typelib-1_0-GstMpegts-1_0-1.16.3-150200.4.22.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150200.4.22.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150200.4.22.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstinsertbin-1_0-0-1.16.3-150200.4.22.1 * libgstwebrtc-1_0-0-1.16.3-150200.4.22.1 * libgstphotography-1_0-0-1.16.3-150200.4.22.1 * libgsturidownloader-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstmpegts-1_0-0-1.16.3-150200.4.22.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150200.4.22.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150200.4.22.1 * libgstsctp-1_0-0-debuginfo-1.16.3-150200.4.22.1 * gstreamer-plugins-bad-debugsource-1.16.3-150200.4.22.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstwayland-1_0-0-1.16.3-150200.4.22.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150200.4.22.1 * gstreamer-plugins-bad-1.16.3-150200.4.22.1 * libgstisoff-1_0-0-1.16.3-150200.4.22.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstplayer-1_0-0-1.16.3-150200.4.22.1 * libgstcodecparsers-1_0-0-1.16.3-150200.4.22.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150200.4.22.1 * libgstadaptivedemux-1_0-0-1.16.3-150200.4.22.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150200.4.22.1 * gstreamer-plugins-bad-devel-1.16.3-150200.4.22.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150200.4.22.1 * libgsturidownloader-1_0-0-1.16.3-150200.4.22.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstbadaudio-1_0-0-1.16.3-150200.4.22.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150200.4.22.1 * libgstsctp-1_0-0-1.16.3-150200.4.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150200.4.22.1 ## References: * https://www.suse.com/security/cve/CVE-2023-22656.html * https://www.suse.com/security/cve/CVE-2023-45221.html * https://www.suse.com/security/cve/CVE-2023-47169.html * https://www.suse.com/security/cve/CVE-2023-47282.html * https://www.suse.com/security/cve/CVE-2023-48368.html * https://bugzilla.suse.com/show_bug.cgi?id=1219494 * https://bugzilla.suse.com/show_bug.cgi?id=1226892 * https://bugzilla.suse.com/show_bug.cgi?id=1226897 * https://bugzilla.suse.com/show_bug.cgi?id=1226898 * https://bugzilla.suse.com/show_bug.cgi?id=1226899 * https://bugzilla.suse.com/show_bug.cgi?id=1226900 * https://bugzilla.suse.com/show_bug.cgi?id=1226901 * https://jira.suse.com/browse/PED-10024 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 10 16:36:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 10 Sep 2024 16:36:07 -0000 Subject: SUSE-SU-2024:3197-1: moderate: Security update for go1.23 Message-ID: <172598616718.28013.18143341645388344841@smelt2.prg2.suse.org> # Security update for go1.23 Announcement ID: SUSE-SU-2024:3197-1 Rating: moderate References: * bsc#1229122 * bsc#1230252 * bsc#1230253 * bsc#1230254 Cross-References: * CVE-2024-34155 * CVE-2024-34156 * CVE-2024-34158 CVSS scores: * CVE-2024-34155 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34156 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34156 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34158 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34158 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for go1.23 fixes the following issues: * Update go v1.23.1 * CVE-2024-34155: Fixed stack exhaustion in all Parse* functions. (bsc#1230252) * CVE-2024-34156: Fixed stack exhaustion in Decoder.Decode. (bsc#1230253) * CVE-2024-34158: Fixed stack exhaustion in Parse. (bsc#1230254) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3197=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * go1.23-doc-1.23.1-1.6.1 * go1.23-1.23.1-1.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34155.html * https://www.suse.com/security/cve/CVE-2024-34156.html * https://www.suse.com/security/cve/CVE-2024-34158.html * https://bugzilla.suse.com/show_bug.cgi?id=1229122 * https://bugzilla.suse.com/show_bug.cgi?id=1230252 * https://bugzilla.suse.com/show_bug.cgi?id=1230253 * https://bugzilla.suse.com/show_bug.cgi?id=1230254 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 10 16:36:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 10 Sep 2024 16:36:11 -0000 Subject: SUSE-SU-2024:3196-1: moderate: Security update for go1.22 Message-ID: <172598617125.28013.8422850383682627706@smelt2.prg2.suse.org> # Security update for go1.22 Announcement ID: SUSE-SU-2024:3196-1 Rating: moderate References: * bsc#1218424 * bsc#1230252 * bsc#1230253 * bsc#1230254 Cross-References: * CVE-2024-34155 * CVE-2024-34156 * CVE-2024-34158 CVSS scores: * CVE-2024-34155 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34156 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34156 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34158 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34158 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for go1.22 fixes the following issues: * Update to go v1.22.7 * CVE-2024-34155: Fixed stack exhaustion in all Parse* functions. (bsc#1230252) * CVE-2024-34156: Fixed stack exhaustion in Decoder.Decode. (bsc#1230253) * CVE-2024-34158: Fixed stack exhaustion in Parse. (bsc#1230254) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3196=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * go1.22-doc-1.22.7-1.21.1 * go1.22-1.22.7-1.21.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34155.html * https://www.suse.com/security/cve/CVE-2024-34156.html * https://www.suse.com/security/cve/CVE-2024-34158.html * https://bugzilla.suse.com/show_bug.cgi?id=1218424 * https://bugzilla.suse.com/show_bug.cgi?id=1230252 * https://bugzilla.suse.com/show_bug.cgi?id=1230253 * https://bugzilla.suse.com/show_bug.cgi?id=1230254 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 11 08:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 11 Sep 2024 08:30:12 -0000 Subject: SUSE-SU-2024:3200-1: important: Security update for python311 Message-ID: <172604341258.14127.12361636253154915217@smelt2.prg2.suse.org> # Security update for python311 Announcement ID: SUSE-SU-2024:3200-1 Rating: important References: * bsc#1225660 * bsc#1227378 * bsc#1227999 * bsc#1228780 Cross-References: * CVE-2024-6923 CVSS scores: * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has three security fixes can now be installed. ## Description: This update for python311 fixes the following issues: * CVE-2024-6923: Fixed email header injection due to unquoted newlines (bsc#1228780) Other fixes: \- %{profileopt} variable is set according to the variable %{do_profiling} (bsc#1227999) \- Stop using %%defattr, it seems to be breaking proper executable attributes on /usr/bin/ scripts (bsc#1227378) \- Make pip and modern tools install directly in /usr/local when used by the user (bsc#1225660) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3200=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3200=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3200=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3200=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3200=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-3200=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-3200=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3200=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3200=1 ## Package List: * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libpython3_11-1_0-debuginfo-3.11.9-150400.9.32.3 * python311-curses-3.11.9-150400.9.32.4 * python311-curses-debuginfo-3.11.9-150400.9.32.4 * python311-dbm-3.11.9-150400.9.32.4 * python311-debuginfo-3.11.9-150400.9.32.4 * python311-doc-3.11.9-150400.9.32.1 * python311-3.11.9-150400.9.32.4 * python311-dbm-debuginfo-3.11.9-150400.9.32.4 * python311-debugsource-3.11.9-150400.9.32.4 * python311-core-debugsource-3.11.9-150400.9.32.3 * python311-doc-devhelp-3.11.9-150400.9.32.1 * python311-devel-3.11.9-150400.9.32.3 * python311-tk-debuginfo-3.11.9-150400.9.32.4 * python311-tools-3.11.9-150400.9.32.3 * libpython3_11-1_0-3.11.9-150400.9.32.3 * python311-base-3.11.9-150400.9.32.3 * python311-tk-3.11.9-150400.9.32.4 * python311-base-debuginfo-3.11.9-150400.9.32.3 * python311-idle-3.11.9-150400.9.32.4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libpython3_11-1_0-debuginfo-3.11.9-150400.9.32.3 * python311-curses-3.11.9-150400.9.32.4 * python311-curses-debuginfo-3.11.9-150400.9.32.4 * python311-dbm-3.11.9-150400.9.32.4 * python311-debuginfo-3.11.9-150400.9.32.4 * python311-doc-3.11.9-150400.9.32.1 * python311-3.11.9-150400.9.32.4 * python311-dbm-debuginfo-3.11.9-150400.9.32.4 * python311-debugsource-3.11.9-150400.9.32.4 * python311-core-debugsource-3.11.9-150400.9.32.3 * python311-doc-devhelp-3.11.9-150400.9.32.1 * python311-devel-3.11.9-150400.9.32.3 * python311-tk-debuginfo-3.11.9-150400.9.32.4 * python311-tools-3.11.9-150400.9.32.3 * libpython3_11-1_0-3.11.9-150400.9.32.3 * python311-base-3.11.9-150400.9.32.3 * python311-tk-3.11.9-150400.9.32.4 * python311-base-debuginfo-3.11.9-150400.9.32.3 * python311-idle-3.11.9-150400.9.32.4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libpython3_11-1_0-debuginfo-3.11.9-150400.9.32.3 * python311-curses-3.11.9-150400.9.32.4 * python311-curses-debuginfo-3.11.9-150400.9.32.4 * python311-dbm-3.11.9-150400.9.32.4 * python311-debuginfo-3.11.9-150400.9.32.4 * python311-doc-3.11.9-150400.9.32.1 * python311-3.11.9-150400.9.32.4 * python311-dbm-debuginfo-3.11.9-150400.9.32.4 * python311-debugsource-3.11.9-150400.9.32.4 * python311-core-debugsource-3.11.9-150400.9.32.3 * python311-doc-devhelp-3.11.9-150400.9.32.1 * python311-devel-3.11.9-150400.9.32.3 * python311-tk-debuginfo-3.11.9-150400.9.32.4 * python311-tools-3.11.9-150400.9.32.3 * libpython3_11-1_0-3.11.9-150400.9.32.3 * python311-base-3.11.9-150400.9.32.3 * python311-tk-3.11.9-150400.9.32.4 * python311-base-debuginfo-3.11.9-150400.9.32.3 * python311-idle-3.11.9-150400.9.32.4 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python311-curses-debuginfo-3.11.9-150400.9.32.4 * python311-debuginfo-3.11.9-150400.9.32.4 * python311-tk-3.11.9-150400.9.32.4 * libpython3_11-1_0-3.11.9-150400.9.32.3 * python311-testsuite-debuginfo-3.11.9-150400.9.32.3 * python311-testsuite-3.11.9-150400.9.32.3 * python311-doc-3.11.9-150400.9.32.1 * python311-dbm-debuginfo-3.11.9-150400.9.32.4 * python311-3.11.9-150400.9.32.4 * python311-devel-3.11.9-150400.9.32.3 * python311-base-3.11.9-150400.9.32.3 * python311-idle-3.11.9-150400.9.32.4 * libpython3_11-1_0-debuginfo-3.11.9-150400.9.32.3 * python311-curses-3.11.9-150400.9.32.4 * python311-doc-devhelp-3.11.9-150400.9.32.1 * python311-debugsource-3.11.9-150400.9.32.4 * python311-tk-debuginfo-3.11.9-150400.9.32.4 * python311-tools-3.11.9-150400.9.32.3 * python311-core-debugsource-3.11.9-150400.9.32.3 * python311-dbm-3.11.9-150400.9.32.4 * python311-base-debuginfo-3.11.9-150400.9.32.3 * openSUSE Leap 15.4 (x86_64) * python311-base-32bit-debuginfo-3.11.9-150400.9.32.3 * python311-32bit-3.11.9-150400.9.32.4 * python311-base-32bit-3.11.9-150400.9.32.3 * libpython3_11-1_0-32bit-debuginfo-3.11.9-150400.9.32.3 * libpython3_11-1_0-32bit-3.11.9-150400.9.32.3 * python311-32bit-debuginfo-3.11.9-150400.9.32.4 * openSUSE Leap 15.4 (aarch64_ilp32) * libpython3_11-1_0-64bit-3.11.9-150400.9.32.3 * python311-64bit-debuginfo-3.11.9-150400.9.32.4 * libpython3_11-1_0-64bit-debuginfo-3.11.9-150400.9.32.3 * python311-base-64bit-3.11.9-150400.9.32.3 * python311-64bit-3.11.9-150400.9.32.4 * python311-base-64bit-debuginfo-3.11.9-150400.9.32.3 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python311-curses-debuginfo-3.11.9-150400.9.32.4 * python311-debuginfo-3.11.9-150400.9.32.4 * libpython3_11-1_0-3.11.9-150400.9.32.3 * python311-tk-3.11.9-150400.9.32.4 * python311-testsuite-debuginfo-3.11.9-150400.9.32.3 * python311-testsuite-3.11.9-150400.9.32.3 * python311-doc-3.11.9-150400.9.32.1 * python311-3.11.9-150400.9.32.4 * python311-dbm-debuginfo-3.11.9-150400.9.32.4 * python311-devel-3.11.9-150400.9.32.3 * python311-base-3.11.9-150400.9.32.3 * python311-idle-3.11.9-150400.9.32.4 * libpython3_11-1_0-debuginfo-3.11.9-150400.9.32.3 * python311-curses-3.11.9-150400.9.32.4 * python311-doc-devhelp-3.11.9-150400.9.32.1 * python311-debugsource-3.11.9-150400.9.32.4 * python311-tk-debuginfo-3.11.9-150400.9.32.4 * python311-tools-3.11.9-150400.9.32.3 * python311-core-debugsource-3.11.9-150400.9.32.3 * python311-dbm-3.11.9-150400.9.32.4 * python311-base-debuginfo-3.11.9-150400.9.32.3 * openSUSE Leap 15.5 (x86_64) * python311-base-32bit-debuginfo-3.11.9-150400.9.32.3 * python311-32bit-3.11.9-150400.9.32.4 * python311-base-32bit-3.11.9-150400.9.32.3 * libpython3_11-1_0-32bit-debuginfo-3.11.9-150400.9.32.3 * libpython3_11-1_0-32bit-3.11.9-150400.9.32.3 * python311-32bit-debuginfo-3.11.9-150400.9.32.4 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * python311-3.11.9-150400.9.32.4 * libpython3_11-1_0-3.11.9-150400.9.32.3 * python311-base-3.11.9-150400.9.32.3 * Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libpython3_11-1_0-debuginfo-3.11.9-150400.9.32.3 * python311-curses-3.11.9-150400.9.32.4 * python311-curses-debuginfo-3.11.9-150400.9.32.4 * python311-dbm-3.11.9-150400.9.32.4 * python311-debuginfo-3.11.9-150400.9.32.4 * python311-doc-3.11.9-150400.9.32.1 * python311-3.11.9-150400.9.32.4 * python311-dbm-debuginfo-3.11.9-150400.9.32.4 * python311-debugsource-3.11.9-150400.9.32.4 * python311-core-debugsource-3.11.9-150400.9.32.3 * python311-doc-devhelp-3.11.9-150400.9.32.1 * python311-devel-3.11.9-150400.9.32.3 * python311-tk-debuginfo-3.11.9-150400.9.32.4 * python311-tools-3.11.9-150400.9.32.3 * libpython3_11-1_0-3.11.9-150400.9.32.3 * python311-base-3.11.9-150400.9.32.3 * python311-tk-3.11.9-150400.9.32.4 * python311-base-debuginfo-3.11.9-150400.9.32.3 * python311-idle-3.11.9-150400.9.32.4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libpython3_11-1_0-debuginfo-3.11.9-150400.9.32.3 * python311-curses-3.11.9-150400.9.32.4 * python311-curses-debuginfo-3.11.9-150400.9.32.4 * python311-dbm-3.11.9-150400.9.32.4 * python311-debuginfo-3.11.9-150400.9.32.4 * python311-doc-3.11.9-150400.9.32.1 * python311-3.11.9-150400.9.32.4 * python311-dbm-debuginfo-3.11.9-150400.9.32.4 * python311-debugsource-3.11.9-150400.9.32.4 * python311-core-debugsource-3.11.9-150400.9.32.3 * python311-doc-devhelp-3.11.9-150400.9.32.1 * python311-devel-3.11.9-150400.9.32.3 * python311-tk-debuginfo-3.11.9-150400.9.32.4 * python311-tools-3.11.9-150400.9.32.3 * libpython3_11-1_0-3.11.9-150400.9.32.3 * python311-base-3.11.9-150400.9.32.3 * python311-tk-3.11.9-150400.9.32.4 * python311-base-debuginfo-3.11.9-150400.9.32.3 * python311-idle-3.11.9-150400.9.32.4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libpython3_11-1_0-debuginfo-3.11.9-150400.9.32.3 * python311-curses-3.11.9-150400.9.32.4 * python311-curses-debuginfo-3.11.9-150400.9.32.4 * python311-dbm-3.11.9-150400.9.32.4 * python311-debuginfo-3.11.9-150400.9.32.4 * python311-doc-3.11.9-150400.9.32.1 * python311-3.11.9-150400.9.32.4 * python311-dbm-debuginfo-3.11.9-150400.9.32.4 * python311-debugsource-3.11.9-150400.9.32.4 * python311-core-debugsource-3.11.9-150400.9.32.3 * python311-doc-devhelp-3.11.9-150400.9.32.1 * python311-devel-3.11.9-150400.9.32.3 * python311-tk-debuginfo-3.11.9-150400.9.32.4 * python311-tools-3.11.9-150400.9.32.3 * libpython3_11-1_0-3.11.9-150400.9.32.3 * python311-base-3.11.9-150400.9.32.3 * python311-tk-3.11.9-150400.9.32.4 * python311-base-debuginfo-3.11.9-150400.9.32.3 * python311-idle-3.11.9-150400.9.32.4 ## References: * https://www.suse.com/security/cve/CVE-2024-6923.html * https://bugzilla.suse.com/show_bug.cgi?id=1225660 * https://bugzilla.suse.com/show_bug.cgi?id=1227378 * https://bugzilla.suse.com/show_bug.cgi?id=1227999 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 11 12:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 11 Sep 2024 12:30:08 -0000 Subject: SUSE-SU-2024:3204-1: moderate: Security update for curl Message-ID: <172605780897.28013.10907376632774014282@smelt2.prg2.suse.org> # Security update for curl Announcement ID: SUSE-SU-2024:3204-1 Rating: moderate References: * bsc#1230093 Cross-References: * CVE-2024-8096 CVSS scores: * CVE-2024-8096 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-8096 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for curl fixes the following issues: * CVE-2024-8096: OCSP stapling bypass with GnuTLS. (bsc#1230093) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3204=1 openSUSE-SLE-15.6-2024-3204=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3204=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libcurl4-8.6.0-150600.4.6.1 * libcurl-devel-8.6.0-150600.4.6.1 * libcurl4-debuginfo-8.6.0-150600.4.6.1 * curl-debuginfo-8.6.0-150600.4.6.1 * curl-8.6.0-150600.4.6.1 * curl-debugsource-8.6.0-150600.4.6.1 * openSUSE Leap 15.6 (x86_64) * libcurl4-32bit-debuginfo-8.6.0-150600.4.6.1 * libcurl-devel-32bit-8.6.0-150600.4.6.1 * libcurl4-32bit-8.6.0-150600.4.6.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libcurl-devel-64bit-8.6.0-150600.4.6.1 * libcurl4-64bit-8.6.0-150600.4.6.1 * libcurl4-64bit-debuginfo-8.6.0-150600.4.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libcurl4-8.6.0-150600.4.6.1 * libcurl-devel-8.6.0-150600.4.6.1 * libcurl4-debuginfo-8.6.0-150600.4.6.1 * curl-debuginfo-8.6.0-150600.4.6.1 * curl-8.6.0-150600.4.6.1 * curl-debugsource-8.6.0-150600.4.6.1 * Basesystem Module 15-SP6 (x86_64) * libcurl4-32bit-debuginfo-8.6.0-150600.4.6.1 * libcurl4-32bit-8.6.0-150600.4.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-8096.html * https://bugzilla.suse.com/show_bug.cgi?id=1230093 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 11 12:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 11 Sep 2024 12:30:11 -0000 Subject: SUSE-SU-2024:3203-1: moderate: Security update for curl Message-ID: <172605781147.28013.16772809300555283192@smelt2.prg2.suse.org> # Security update for curl Announcement ID: SUSE-SU-2024:3203-1 Rating: moderate References: * bsc#1230093 Cross-References: * CVE-2024-8096 CVSS scores: * CVE-2024-8096 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-8096 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for curl fixes the following issues: * CVE-2024-8096: OCSP stapling bypass with GnuTLS. (bsc#1230093) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3203=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3203=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3203=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3203=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * curl-debuginfo-8.0.1-11.92.1 * libcurl-devel-8.0.1-11.92.1 * curl-debugsource-8.0.1-11.92.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * curl-debugsource-8.0.1-11.92.1 * libcurl4-8.0.1-11.92.1 * curl-debuginfo-8.0.1-11.92.1 * libcurl4-debuginfo-8.0.1-11.92.1 * curl-8.0.1-11.92.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libcurl4-32bit-8.0.1-11.92.1 * libcurl4-debuginfo-32bit-8.0.1-11.92.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * curl-debugsource-8.0.1-11.92.1 * libcurl4-8.0.1-11.92.1 * curl-debuginfo-8.0.1-11.92.1 * libcurl4-debuginfo-8.0.1-11.92.1 * curl-8.0.1-11.92.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libcurl4-32bit-8.0.1-11.92.1 * libcurl4-debuginfo-32bit-8.0.1-11.92.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * curl-debugsource-8.0.1-11.92.1 * libcurl4-8.0.1-11.92.1 * curl-debuginfo-8.0.1-11.92.1 * libcurl4-debuginfo-8.0.1-11.92.1 * curl-8.0.1-11.92.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libcurl4-32bit-8.0.1-11.92.1 * libcurl4-debuginfo-32bit-8.0.1-11.92.1 ## References: * https://www.suse.com/security/cve/CVE-2024-8096.html * https://bugzilla.suse.com/show_bug.cgi?id=1230093 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 11 12:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 11 Sep 2024 12:30:14 -0000 Subject: SUSE-SU-2024:3202-1: moderate: Security update for curl Message-ID: <172605781464.28013.14763836359797330798@smelt2.prg2.suse.org> # Security update for curl Announcement ID: SUSE-SU-2024:3202-1 Rating: moderate References: * bsc#1228535 * bsc#1230093 Cross-References: * CVE-2024-7264 * CVE-2024-8096 CVSS scores: * CVE-2024-7264 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2024-7264 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-8096 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-8096 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves two vulnerabilities can now be installed. ## Description: This update for curl fixes the following issues: * CVE-2024-8096: OCSP stapling bypass with GnuTLS. (bsc#1230093) * CVE-2024-7264: ASN.1 date parser overread. (bsc#1228535) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3202=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3202=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3202=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * curl-7.66.0-150200.4.78.1 * curl-debuginfo-7.66.0-150200.4.78.1 * libcurl4-debuginfo-7.66.0-150200.4.78.1 * libcurl4-7.66.0-150200.4.78.1 * curl-debugsource-7.66.0-150200.4.78.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * curl-7.66.0-150200.4.78.1 * curl-debuginfo-7.66.0-150200.4.78.1 * libcurl4-debuginfo-7.66.0-150200.4.78.1 * libcurl4-7.66.0-150200.4.78.1 * curl-debugsource-7.66.0-150200.4.78.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * curl-7.66.0-150200.4.78.1 * curl-debuginfo-7.66.0-150200.4.78.1 * libcurl4-debuginfo-7.66.0-150200.4.78.1 * libcurl4-7.66.0-150200.4.78.1 * curl-debugsource-7.66.0-150200.4.78.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7264.html * https://www.suse.com/security/cve/CVE-2024-8096.html * https://bugzilla.suse.com/show_bug.cgi?id=1228535 * https://bugzilla.suse.com/show_bug.cgi?id=1230093 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 11 16:34:15 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 11 Sep 2024 16:34:15 -0000 Subject: SUSE-SU-2024:3209-1: important: Security update for the Linux Kernel Message-ID: <172607245565.28013.17233041008511064819@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3209-1 Rating: important References: * bsc#1193629 * bsc#1194111 * bsc#1194765 * bsc#1194869 * bsc#1196261 * bsc#1196516 * bsc#1196894 * bsc#1198017 * bsc#1203329 * bsc#1203330 * bsc#1203360 * bsc#1205462 * bsc#1206006 * bsc#1206258 * bsc#1206843 * bsc#1207158 * bsc#1208783 * bsc#1210644 * bsc#1213580 * bsc#1213632 * bsc#1214285 * bsc#1216834 * bsc#1220428 * bsc#1220877 * bsc#1220962 * bsc#1221269 * bsc#1221326 * bsc#1221630 * bsc#1221645 * bsc#1222335 * bsc#1222350 * bsc#1222372 * bsc#1222387 * bsc#1222634 * bsc#1222808 * bsc#1222967 * bsc#1223074 * bsc#1223191 * bsc#1223508 * bsc#1223720 * bsc#1223742 * bsc#1223777 * bsc#1223803 * bsc#1223807 * bsc#1224105 * bsc#1224415 * bsc#1224496 * bsc#1224510 * bsc#1224542 * bsc#1224578 * bsc#1224639 * bsc#1225162 * bsc#1225352 * bsc#1225428 * bsc#1225524 * bsc#1225578 * bsc#1225582 * bsc#1225773 * bsc#1225814 * bsc#1225827 * bsc#1225832 * bsc#1225903 * bsc#1226168 * bsc#1226530 * bsc#1226613 * bsc#1226742 * bsc#1226765 * bsc#1226798 * bsc#1226801 * bsc#1226874 * bsc#1226885 * bsc#1227079 * bsc#1227623 * bsc#1227761 * bsc#1227830 * bsc#1227863 * bsc#1227867 * bsc#1227929 * bsc#1227937 * bsc#1227958 * bsc#1228020 * bsc#1228065 * bsc#1228114 * bsc#1228410 * bsc#1228426 * bsc#1228427 * bsc#1228429 * bsc#1228446 * bsc#1228447 * bsc#1228449 * bsc#1228450 * bsc#1228452 * bsc#1228456 * bsc#1228463 * bsc#1228466 * bsc#1228467 * bsc#1228469 * bsc#1228480 * bsc#1228481 * bsc#1228482 * bsc#1228483 * bsc#1228484 * bsc#1228485 * bsc#1228487 * bsc#1228489 * bsc#1228491 * bsc#1228493 * bsc#1228494 * bsc#1228495 * bsc#1228496 * bsc#1228501 * bsc#1228503 * bsc#1228509 * bsc#1228513 * bsc#1228515 * bsc#1228516 * bsc#1228526 * bsc#1228531 * bsc#1228563 * bsc#1228564 * bsc#1228567 * bsc#1228576 * bsc#1228579 * bsc#1228584 * bsc#1228588 * bsc#1228590 * bsc#1228615 * bsc#1228616 * bsc#1228635 * bsc#1228636 * bsc#1228654 * bsc#1228656 * bsc#1228658 * bsc#1228660 * bsc#1228662 * bsc#1228667 * bsc#1228673 * bsc#1228677 * bsc#1228687 * bsc#1228706 * bsc#1228708 * bsc#1228710 * bsc#1228718 * bsc#1228720 * bsc#1228721 * bsc#1228722 * bsc#1228724 * bsc#1228726 * bsc#1228727 * bsc#1228733 * bsc#1228748 * bsc#1228766 * bsc#1228779 * bsc#1228801 * bsc#1228850 * bsc#1228857 * bsc#1228959 * bsc#1228964 * bsc#1228966 * bsc#1228967 * bsc#1228979 * bsc#1228988 * bsc#1228989 * bsc#1228991 * bsc#1228992 * bsc#1229042 * bsc#1229054 * bsc#1229086 * bsc#1229136 * bsc#1229154 * bsc#1229187 * bsc#1229188 * bsc#1229190 * bsc#1229287 * bsc#1229290 * bsc#1229292 * bsc#1229296 * bsc#1229297 * bsc#1229301 * bsc#1229303 * bsc#1229304 * bsc#1229305 * bsc#1229307 * bsc#1229309 * bsc#1229312 * bsc#1229314 * bsc#1229315 * bsc#1229317 * bsc#1229318 * bsc#1229319 * bsc#1229327 * bsc#1229341 * bsc#1229345 * bsc#1229346 * bsc#1229347 * bsc#1229349 * bsc#1229350 * bsc#1229351 * bsc#1229354 * bsc#1229356 * bsc#1229357 * bsc#1229358 * bsc#1229359 * bsc#1229360 * bsc#1229366 * bsc#1229370 * bsc#1229373 * bsc#1229374 * bsc#1229381 * bsc#1229382 * bsc#1229383 * bsc#1229386 * bsc#1229388 * bsc#1229391 * bsc#1229392 * bsc#1229395 * bsc#1229398 * bsc#1229399 * bsc#1229400 * bsc#1229407 * bsc#1229409 * bsc#1229410 * bsc#1229411 * bsc#1229413 * bsc#1229414 * bsc#1229417 * bsc#1229418 * bsc#1229444 * bsc#1229453 * bsc#1229454 * bsc#1229481 * bsc#1229482 * bsc#1229488 * bsc#1229489 * bsc#1229490 * bsc#1229493 * bsc#1229495 * bsc#1229497 * bsc#1229500 * bsc#1229503 * bsc#1229506 * bsc#1229507 * bsc#1229508 * bsc#1229509 * bsc#1229510 * bsc#1229512 * bsc#1229516 * bsc#1229521 * bsc#1229522 * bsc#1229523 * bsc#1229524 * bsc#1229525 * bsc#1229526 * bsc#1229527 * bsc#1229528 * bsc#1229529 * bsc#1229531 * bsc#1229533 * bsc#1229535 * bsc#1229536 * bsc#1229537 * bsc#1229540 * bsc#1229544 * bsc#1229545 * bsc#1229546 * bsc#1229547 * bsc#1229548 * bsc#1229554 * bsc#1229557 * bsc#1229558 * bsc#1229559 * bsc#1229560 * bsc#1229562 * bsc#1229564 * bsc#1229565 * bsc#1229566 * bsc#1229568 * bsc#1229569 * bsc#1229572 * bsc#1229573 * bsc#1229576 * bsc#1229581 * bsc#1229588 * bsc#1229598 * bsc#1229603 * bsc#1229604 * bsc#1229605 * bsc#1229608 * bsc#1229611 * bsc#1229612 * bsc#1229613 * bsc#1229614 * bsc#1229615 * bsc#1229616 * bsc#1229617 * bsc#1229620 * bsc#1229622 * bsc#1229623 * bsc#1229624 * bsc#1229625 * bsc#1229626 * bsc#1229628 * bsc#1229629 * bsc#1229630 * bsc#1229631 * bsc#1229632 * bsc#1229635 * bsc#1229636 * bsc#1229637 * bsc#1229638 * bsc#1229639 * bsc#1229641 * bsc#1229642 * bsc#1229643 * bsc#1229645 * bsc#1229657 * bsc#1229658 * bsc#1229662 * bsc#1229664 * bsc#1229707 * bsc#1229739 * bsc#1229743 * bsc#1229746 * bsc#1229754 * bsc#1229755 * bsc#1229756 * bsc#1229759 * bsc#1229761 * bsc#1229767 * bsc#1229768 * bsc#1229781 * bsc#1229784 * bsc#1229787 * bsc#1229788 * bsc#1229789 * bsc#1229792 * bsc#1229820 * jsc#PED-8491 * jsc#PED-8779 Cross-References: * CVE-2021-4441 * CVE-2021-47106 * CVE-2021-47517 * CVE-2021-47546 * CVE-2022-38457 * CVE-2022-40133 * CVE-2022-48645 * CVE-2022-48706 * CVE-2022-48808 * CVE-2022-48865 * CVE-2022-48868 * CVE-2022-48869 * CVE-2022-48870 * CVE-2022-48871 * CVE-2022-48872 * CVE-2022-48873 * CVE-2022-48875 * CVE-2022-48878 * CVE-2022-48880 * CVE-2022-48881 * CVE-2022-48882 * CVE-2022-48883 * CVE-2022-48884 * CVE-2022-48885 * CVE-2022-48886 * CVE-2022-48887 * CVE-2022-48888 * CVE-2022-48889 * CVE-2022-48890 * CVE-2022-48891 * CVE-2022-48893 * CVE-2022-48896 * CVE-2022-48898 * CVE-2022-48899 * CVE-2022-48903 * CVE-2022-48904 * CVE-2022-48905 * CVE-2022-48906 * CVE-2022-48907 * CVE-2022-48909 * CVE-2022-48910 * CVE-2022-48912 * CVE-2022-48913 * CVE-2022-48914 * CVE-2022-48915 * CVE-2022-48916 * CVE-2022-48917 * CVE-2022-48918 * CVE-2022-48919 * CVE-2022-48920 * CVE-2022-48921 * CVE-2022-48923 * CVE-2022-48924 * CVE-2022-48925 * CVE-2022-48926 * CVE-2022-48927 * CVE-2022-48928 * CVE-2022-48929 * CVE-2022-48930 * CVE-2022-48931 * CVE-2022-48932 * CVE-2022-48934 * CVE-2022-48937 * CVE-2022-48938 * CVE-2022-48939 * CVE-2022-48940 * CVE-2022-48941 * CVE-2022-48942 * CVE-2022-48943 * CVE-2023-3610 * CVE-2023-52458 * CVE-2023-52489 * CVE-2023-52498 * CVE-2023-52581 * CVE-2023-52859 * CVE-2023-52887 * CVE-2023-52889 * CVE-2023-52893 * CVE-2023-52894 * CVE-2023-52896 * CVE-2023-52898 * CVE-2023-52899 * CVE-2023-52900 * CVE-2023-52901 * CVE-2023-52904 * CVE-2023-52905 * CVE-2023-52906 * CVE-2023-52907 * CVE-2023-52908 * CVE-2023-52909 * CVE-2023-52910 * CVE-2023-52911 * CVE-2023-52912 * CVE-2023-52913 * CVE-2024-26631 * CVE-2024-26668 * CVE-2024-26669 * CVE-2024-26677 * CVE-2024-26735 * CVE-2024-26808 * CVE-2024-26812 * CVE-2024-26835 * CVE-2024-26851 * CVE-2024-27010 * CVE-2024-27011 * CVE-2024-27016 * CVE-2024-27024 * CVE-2024-27079 * CVE-2024-27403 * CVE-2024-31076 * CVE-2024-35897 * CVE-2024-35902 * CVE-2024-35945 * CVE-2024-35971 * CVE-2024-36009 * CVE-2024-36013 * CVE-2024-36270 * CVE-2024-36286 * CVE-2024-36489 * CVE-2024-36929 * CVE-2024-36933 * CVE-2024-36936 * CVE-2024-36962 * CVE-2024-38554 * CVE-2024-38602 * CVE-2024-38662 * CVE-2024-39489 * CVE-2024-40905 * CVE-2024-40978 * CVE-2024-40980 * CVE-2024-40995 * CVE-2024-41000 * CVE-2024-41007 * CVE-2024-41009 * CVE-2024-41011 * CVE-2024-41016 * CVE-2024-41020 * CVE-2024-41022 * CVE-2024-41035 * CVE-2024-41036 * CVE-2024-41038 * CVE-2024-41039 * CVE-2024-41042 * CVE-2024-41045 * CVE-2024-41056 * CVE-2024-41060 * CVE-2024-41062 * CVE-2024-41065 * CVE-2024-41068 * CVE-2024-41073 * CVE-2024-41079 * CVE-2024-41080 * CVE-2024-41087 * CVE-2024-41088 * CVE-2024-41089 * CVE-2024-41092 * CVE-2024-41093 * CVE-2024-41095 * CVE-2024-41097 * CVE-2024-41098 * CVE-2024-42069 * CVE-2024-42074 * CVE-2024-42076 * CVE-2024-42077 * CVE-2024-42080 * CVE-2024-42082 * CVE-2024-42085 * CVE-2024-42086 * CVE-2024-42087 * CVE-2024-42089 * CVE-2024-42090 * CVE-2024-42092 * CVE-2024-42095 * CVE-2024-42097 * CVE-2024-42098 * CVE-2024-42101 * CVE-2024-42104 * CVE-2024-42106 * CVE-2024-42107 * CVE-2024-42110 * CVE-2024-42114 * CVE-2024-42115 * CVE-2024-42119 * CVE-2024-42120 * CVE-2024-42121 * CVE-2024-42126 * CVE-2024-42127 * CVE-2024-42130 * CVE-2024-42137 * CVE-2024-42139 * CVE-2024-42142 * CVE-2024-42143 * CVE-2024-42148 * CVE-2024-42152 * CVE-2024-42155 * CVE-2024-42156 * CVE-2024-42157 * CVE-2024-42158 * CVE-2024-42162 * CVE-2024-42223 * CVE-2024-42225 * CVE-2024-42228 * CVE-2024-42229 * CVE-2024-42230 * CVE-2024-42232 * CVE-2024-42236 * CVE-2024-42237 * CVE-2024-42238 * CVE-2024-42239 * CVE-2024-42240 * CVE-2024-42244 * CVE-2024-42246 * CVE-2024-42247 * CVE-2024-42268 * CVE-2024-42271 * CVE-2024-42274 * CVE-2024-42276 * CVE-2024-42277 * CVE-2024-42280 * CVE-2024-42281 * CVE-2024-42283 * CVE-2024-42284 * CVE-2024-42285 * CVE-2024-42286 * CVE-2024-42287 * CVE-2024-42288 * CVE-2024-42289 * CVE-2024-42291 * CVE-2024-42292 * CVE-2024-42295 * CVE-2024-42301 * CVE-2024-42302 * CVE-2024-42308 * CVE-2024-42309 * CVE-2024-42310 * CVE-2024-42311 * CVE-2024-42312 * CVE-2024-42313 * CVE-2024-42315 * CVE-2024-42318 * CVE-2024-42319 * CVE-2024-42320 * CVE-2024-42322 * CVE-2024-43816 * CVE-2024-43818 * CVE-2024-43819 * CVE-2024-43821 * CVE-2024-43823 * CVE-2024-43829 * CVE-2024-43830 * CVE-2024-43831 * CVE-2024-43834 * CVE-2024-43837 * CVE-2024-43839 * CVE-2024-43841 * CVE-2024-43842 * CVE-2024-43846 * CVE-2024-43849 * CVE-2024-43853 * CVE-2024-43854 * CVE-2024-43856 * CVE-2024-43858 * CVE-2024-43860 * CVE-2024-43861 * CVE-2024-43863 * CVE-2024-43866 * CVE-2024-43867 * CVE-2024-43871 * CVE-2024-43872 * CVE-2024-43873 * CVE-2024-43879 * CVE-2024-43880 * CVE-2024-43882 * CVE-2024-43883 * CVE-2024-43884 * CVE-2024-43889 * CVE-2024-43892 * CVE-2024-43893 * CVE-2024-43894 * CVE-2024-43895 * CVE-2024-43899 * CVE-2024-43900 * CVE-2024-43902 * CVE-2024-43903 * CVE-2024-43904 * CVE-2024-43905 * CVE-2024-43907 * CVE-2024-43908 * CVE-2024-43909 * CVE-2024-44938 * CVE-2024-44939 * CVE-2024-44947 CVSS scores: * CVE-2021-4441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47106 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47546 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47546 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-38457 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-38457 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H * CVE-2022-40133 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-40133 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H * CVE-2022-48645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48706 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48808 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48808 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48865 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48868 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48868 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48869 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48869 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48870 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48870 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2022-48871 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48872 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48872 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48873 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48873 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48875 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48875 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48878 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48878 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48878 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48880 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48880 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48881 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48881 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48881 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48882 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48882 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48882 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48883 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48883 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48884 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48884 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48885 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48885 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48885 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48886 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48887 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48887 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48888 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48888 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48889 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48890 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48890 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48891 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48891 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48893 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48904 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48905 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48906 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48907 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48909 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48910 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48912 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48912 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48913 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48914 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48915 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48916 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48918 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48918 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48919 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48919 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48919 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48921 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48923 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48923 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48924 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48926 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48926 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48927 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48927 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48928 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48928 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48929 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48931 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48932 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48932 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48934 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48934 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48937 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48937 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48938 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48938 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48939 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48940 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48940 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48941 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48942 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48942 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48943 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48943 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3610 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52458 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52458 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52489 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52498 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52581 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52859 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52887 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2023-52887 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2023-52889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52889 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52894 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52894 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52898 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52898 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52899 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52900 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52900 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52908 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52909 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52910 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52912 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52912 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26669 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26677 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26735 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26808 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26812 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26835 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-26851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27010 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27024 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-27079 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27403 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-31076 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35897 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35945 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35971 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36270 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36286 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-36489 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36929 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36933 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-36936 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-36962 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38554 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38554 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38602 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38662 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38662 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-39489 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-39489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40978 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40980 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40980 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40995 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40995 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41000 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41000 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41007 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41007 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41009 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41011 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41011 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-41020 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41020 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41022 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41022 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41035 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41036 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41036 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41038 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2024-41038 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41039 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2024-41039 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41045 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41060 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41060 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41065 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41065 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41068 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41073 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41079 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41080 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41087 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41088 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41088 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41089 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41089 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41092 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41092 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41093 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41093 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41095 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41097 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41097 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41098 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42069 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42069 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42074 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42076 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42076 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42080 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42082 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42085 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42085 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42086 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42086 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-42087 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-42089 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42092 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42097 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-42097 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-42098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42101 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42101 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42104 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42104 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-42104 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42107 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42114 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42114 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42115 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42115 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42121 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42126 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42127 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42130 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42130 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42137 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42139 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42142 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42143 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42143 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2024-42148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42148 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42152 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42152 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42155 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42155 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42155 ( NVD ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N * CVE-2024-42156 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42156 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42157 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42158 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42158 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42162 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42223 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42223 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42225 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42225 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42228 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42228 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42229 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42229 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42230 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42230 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42230 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42236 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-42236 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-42236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42237 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42238 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42238 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42239 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42239 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42240 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42244 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42244 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42244 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42246 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42247 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42247 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42268 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-42268 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42271 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42271 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42274 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42274 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42276 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42276 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42277 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42277 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42277 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42280 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42281 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42283 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42283 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42284 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42284 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42285 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42285 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42286 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42286 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42287 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42288 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42289 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42291 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42292 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42295 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42301 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42301 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42302 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42308 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42309 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42309 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42310 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42310 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42311 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-42311 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42312 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42313 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42315 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42320 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42322 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43818 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43818 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43819 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43821 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43821 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43823 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43823 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43829 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43830 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43831 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43834 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43837 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43837 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43841 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43842 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43846 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43856 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43858 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43858 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43860 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43860 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43863 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43866 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43867 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43871 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43872 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43873 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43873 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43880 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43883 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43883 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43884 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43884 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43889 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43889 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43889 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43892 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43892 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43892 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43893 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43893 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43894 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43894 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43894 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43895 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43895 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43895 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43899 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43900 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43900 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43902 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43902 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43902 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43903 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43904 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43904 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43905 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43907 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43908 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43908 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43908 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43909 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43909 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44938 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-44938 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44939 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Real Time Module 15-SP5 An update that solves 292 vulnerabilities, contains two features and has 45 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454). * CVE-2024-36936: Touch soft lockup during memory accept (bsc#1225773). * CVE-2022-48706: Do proper cleanup if IFCVF init fails (bsc#1225524). * CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707). * CVE-2024-41062: Sync sock recv cb and release (bsc#1228576). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500). * CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326). * CVE-2024-43893: Check uartclk for zero to avoid divide by zero (bsc#1229759). * CVE-2024-43821: Fix a possible null pointer dereference (bsc#1229315). * CVE-2024-43900: Avoid use-after-free in load_firmware_cb() (bsc#1229756). * CVE-2024-44938: Fix shift-out-of-bounds in dbDiscardAG (bsc#1229792). * CVE-2024-44939: Fix null ptr deref in dtInsertEntry (bsc#1229820). * CVE-2024-41087: Fix double free on error (bsc#1228466). * CVE-2024-42277: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409). * CVE-2024-43902: Add null checker before passing variables (bsc#1229767). * CVE-2024-43904: Add null checks for 'stream' and 'plane' before dereferencing (bsc#1229768) * CVE-2024-43880: Put back removed metod in struct objagg_ops (bsc#1229481). * CVE-2024-43884: Add error handling to pair_device() (bsc#1229739) * CVE-2024-43899: Fix null pointer deref in dcn20_resource.c (bsc#1229754). * CVE-2022-48920: Get rid of warning on transaction commit when using flushoncommit (bsc#1229658). * CVE-2023-52906: Fix warning during failed attribute validation (bsc#1229527). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) * CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495). * CVE-2024-26812: struct virqfd kABI workaround (bsc#1222808). * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641) * CVE-2024-27010: Fix mirred deadlock on device recursion (bsc#1223720). * CVE-2022-48906: Correctly set DATA_FIN timeout when number of retransmits is large (bsc#1229605) * CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733). * CVE-2024-42156: Wipe copies of clear-key structures on failure (bsc#1228722). * CVE-2023-52899: Add exception protection processing for vd in axi_chan_handle_err function (bsc#1229569). * CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720). * CVE-2024-26631: Fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630). * CVE-2024-43873: Always initialize seqpacket_allow (bsc#1229488) * CVE-2024-40905: Fix possible race in __fib6_drop_pcpu_from() (bsc#1227761) * CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623) * CVE-2021-47106: Fix use-after-free in nft_set_catchall_destroy() (bsc#1220962) * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225428). * CVE-2024-36489: Fix missing memory barrier in tls_init (bsc#1226874) * CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427). * CVE-2024-27079: Fix NULL domain on device release (bsc#1223742). * CVE-2024-35897: Discard table flag update with pending basechain deletion (bsc#1224510). * CVE-2024-27403: Restore const specifier in flow_offload_route_init() (bsc#1224415). * CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803). * CVE-2024-43819: Reject memory region operations for ucontrol VMs (bsc#1229290). * CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335). * CVE-2024-26835: Set dormant flag on hook register failure (bsc#1222967). * CVE-2024-26808: Handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634). * CVE-2024-27016: Validate pppoe header (bsc#1223807). * CVE-2024-35945: Prevent nullptr exceptions on ISR (bsc#1224639). * CVE-2023-52581: Fix memleak when more than 255 elements expired (bsc#1220877). * CVE-2024-36013: Fix slab-use-after-free in l2cap_connect() (bsc#1225578). * CVE-2024-43837: Fix updating attached freplace prog in prog_array map (bsc#1229297). * CVE-2024-42291: Add a per-VF limit on number of FDIR filters (bsc#1229374). * CVE-2024-42268: Fix missing lock on sync reset reload (bsc#1229391). * CVE-2024-43834: Fix invalid wait context of page_pool_destroy() (bsc#1229314) * CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801) * CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074) * CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727). * CVE-2024-26677: Blacklist e7870cf13d20 (" Fix delayed ACKs to not set the reference serial number") (bsc#1222387) * CVE-2024-36009: Blacklist 467324bcfe1a ("ax25: Fix netdev refcount issue") (bsc#1224542) * CVE-2023-52859: Fix use-after-free when register pmu fails (bsc#1225582). * CVE-2024-42280: Fix a use after free in hfcmulti_tx() (bsc#1229388) * CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382) * CVE-2024-42283: Initialize all fields in dumped nexthops (bsc#1229383) * CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357) * CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345) * CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347) * CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407). * CVE-2024-42318: Do not lose track of restrictions on cred_transfer (bsc#1229351). * CVE-2024-26669: Fix chain template offload (bsc#1222350). * CVE-2023-52889: Fix null pointer deref when receiving skb during sock creation (bsc#1229287). * CVE-2022-48645: Move enetc_set_psfp() out of the common enetc_set_features() (bsc#1223508). * CVE-2024-41007: Use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863). * CVE-2024-36933: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832). * CVE-2024-42295: Handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370). * CVE-2024-42319: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (bsc#1229350). * CVE-2024-43860: Skip over memory region when node value is NULL (bsc#1229319). * CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309). * CVE-2024-43849: Protect locator_addr with the main mutex (bsc#1229307). * CVE-2024-43841: Do not use strlen() in const context (bsc#1229304). * CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301). * CVE-2024-41088: Fix infinite loop when xmit fails (bsc#1228469). * CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386). * CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400) * CVE-2024-41080: Fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616). * CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989). * CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959) * CVE-2024-26735: Fix possible use-after-free and null-ptr-deref (bsc#1222372). * CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493). * CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885). * CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501). * CVE-2024-42247: Avoid unaligned 64-bit memory accesses (bsc#1228988). * CVE-2022-48865: Fix kernel panic when enabling bearer (bsc#1228065). * CVE-2023-52498: Fix possible deadlocks in core system-wide PM code (bsc#1221269). * CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579). * CVE-2022-48808: Fix panic when DSA master device unbinds on shutdown (bsc#1227958). * CVE-2024-42095: Fix Errata i2310 with RX FIFO level check (bsc#1228446). * CVE-2024-40978: Fix crash while reading debugfs attribute (bsc#1227929). * CVE-2024-42107: Do not process extts if PTP is disabled (bsc#1228494). * CVE-2024-42139: Fix improper extts handling (bsc#1228503). * CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487). * CVE-2024-42142: E-switch, Create ingress ACL when needed (bsc#1228491). * CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706). * CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482). * CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526). * CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213580). * CVE-2024-42228: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (bsc#1228667). * CVE-2024-40995: Fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830). * CVE-2024-38602: Merge repeat codes in ax25_dev_device_down() (bsc#1226613). * CVE-2024-38554: Fix reference count leak issue of net_device (bsc#1226742). * CVE-2024-36929: Reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814). * CVE-2024-41009: Fix overrunning reservations in ringbuf (bsc#1228020). * CVE-2024-27024: Fix WARNING in rds_conn_connect_if_down (bsc#1223777). The following non-security bugs were fixed: * ACPI: bus: Indicate support for IRQ ResourceSource thru _OSC (git-fixes). * ACPI: bus: Indicate support for the Generic Event Device thru _OSC (git- fixes). * ACPI: bus: Rework system-level device notification handling (git-fixes). * ACPI: thermal: Drop nocrt parameter (git-fixes). * ACPI: x86: s2idle: Post-increment variables when getting constraints (git- fixes). * afs: Do not cross .backup mountpoint from backup volume (git-fixes). * ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable- fixes). * ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes). * ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes). * ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (git- fixes). * ALSA: line6: Fix racy access to midibuf (stable-fixes). * ALSA: timer: Relax start tick time check for slave timer elements (git- fixes). * ALSA: usb-audio: Add delay quirk for VIVO USB-C-XE710 HEADSET (stable- fixes). * ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes). * ALSA: usb-audio: Support Yamaha P-125 quirk entry (stable-fixes). * ALSA: usb: Fix UBSAN warning in parse_audio_unit() (stable-fixes). * arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git- fixes) * arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git- fixes) * arm64: Add Neoverse-V2 part (git-fixes) * arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git- fixes) * arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git- fixes) * arm64: barrier: Restore spec_bar() macro (git-fixes) * arm64: cpufeature: Add missing .field_width for GIC system registers (git- fixes) * arm64: cpufeature: Fix the visibility of compat hwcaps (git-fixes) * arm64: cpufeature: Force HWCAP to be based on the sysreg visible to (git- fixes) * arm64: cputype: Add Cortex-A720 definitions (git-fixes) * arm64: cputype: Add Cortex-A725 definitions (git-fixes) * arm64: cputype: Add Cortex-X1C definitions (git-fixes) * arm64: cputype: Add Cortex-X3 definitions (git-fixes) * arm64: cputype: Add Cortex-X4 definitions (git-fixes) * arm64: cputype: Add Cortex-X925 definitions (git-fixes) * arm64: cputype: Add Neoverse-V3 definitions (git-fixes) * arm64: dts: rockchip: Increase VOP clk rate on RK3328 (git-fixes) * arm64: dts: rockchip: Increase VOP clk rate on RK3328 (git-fixes) * arm64: errata: Expand speculative SSBS workaround (again) (git-fixes) * arm64: errata: Expand speculative SSBS workaround (git-fixes) * arm64: errata: Unify speculative SSBS errata logic (git-fixes) Also update default configuration. * arm64: Fix KASAN random tag seed initialization (git-fixes) * arm64: Fix KASAN random tag seed initialization (git-fixes) * ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes). * ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes). * async: Introduce async_schedule_dev_nocall() (bsc#1221269). * async: Split async_schedule_node_domain() (bsc#1221269). * Bluetooth: Fix usage of __hci_cmd_sync_status (git-fixes). * Bluetooth: hci_core: Fix not handling hibernation actions (git-fixes). * Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() (git- fixes). * Bluetooth: L2CAP: Fix deadlock (git-fixes). * bpf: Fix a kernel verifier crash in stacksafe() (bsc#1225903). * bpf: kprobe: remove unused declaring of bpf_kprobe_override (git-fixes). * btrfs: fix leak of qgroup extent records after transaction abort (git- fixes). * btrfs: make btrfs_destroy_delayed_refs() return void (git-fixes). * btrfs: remove unnecessary prototype declarations at disk-io.c (git-fixes). * btrfs: sysfs: update fs features directory asynchronously (bsc#1226168). * cachefiles: propagate errors from vfs_getxattr() to avoid infinite loop (bsc#1229418). * ceph: issue a cap release immediately if no cap exists (bsc#1225162). * ceph: periodically flush the cap releases (bsc#1225162). * cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). * cpuidle, ACPI: Evaluate LPI arch_flags for broadcast timer (git-fixes). * docs: KVM: Fix register ID of SPSR_FIQ (git-fixes). * drm: add missing MODULE_DESCRIPTION() macros (stable-fixes). * drm: panel-orientation-quirks: Add labels for both Valve Steam Deck revisions (stable-fixes). * drm: panel-orientation-quirks: Add quirk for Aya Neo KUN (stable-fixes). * drm: panel-orientation-quirks: Add quirk for Lenovo Yoga Tab 3 X90F (stable- fixes). * drm: panel-orientation-quirks: Add quirk for Nanote UMPC-01 (stable-fixes). * drm: panel-orientation-quirks: Add quirk for OrangePi Neo (stable-fixes). * drm/amd/amdgpu/imu_v11_0: Increase buffer size to ensure all possible values can be stored (stable-fixes). * drm/amd/display: Add NULL check for 'afb' before dereferencing in amdgpu_dm_plane_handle_cursor_update (stable-fixes). * drm/amd/display: avoid using null object of framebuffer (git-fixes). * drm/amd/display: Fix && vs || typos (git-fixes). * drm/amd/display: Skip Recompute DSC Params if no Stream on Link (stable- fixes). * drm/amd/display: Validate hw_points_num before using it (stable-fixes). * drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr (stable- fixes). * drm/amdgpu: Actually check flags for all context ops (stable-fixes). * drm/amdgpu: Add lock around VF RLCG interface (stable-fixes). * drm/amdgpu: fix dereference null return value for the function amdgpu_vm_pt_parent (stable-fixes). * drm/amdgpu: Fix the null pointer dereference to ras_manager (stable-fixes). * drm/amdgpu: Validate TA binary size (stable-fixes). * drm/amdgpu/jpeg2: properly set atomics vmid field (stable-fixes). * drm/amdgpu/pm: Fix the null pointer dereference for smu7 (stable-fixes). * drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules (stable-fixes). * drm/amdgpu/pm: Fix the param type of set_power_profile_mode (stable-fixes). * drm/bridge: analogix_dp: properly handle zero sized AUX transactions (stable-fixes). * drm/bridge: tc358768: Attempt to fix DSI horizontal timings (stable-fixes). * drm/client: fix null pointer dereference in drm_client_modeset_probe (git- fixes). * drm/dp_mst: Skip CSN if topology probing is not done yet (stable-fixes). * drm/lima: set gp bus_stop bit before hard reset (stable-fixes). * drm/msm/dp: reset the link phy params before link training (git-fixes). * drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (git-fixes). * drm/msm/dpu: do not play tricks with debug macros (git-fixes). * drm/tegra: Zero-initialize iosys_map (stable-fixes). * exfat: fix inode->i_blocks for non-512 byte sector size device (git-fixes). * exfat: fix potential deadlock on __exfat_get_dentry_set (git-fixes). * exfat: redefine DIR_DELETED as the bad cluster number (git-fixes). * exfat: support dynamic allocate bh for exfat_entry_set_cache (git-fixes). * fs/netfs/fscache_cookie: add missing "n_accesses" check (bsc#1229453). * fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454). * genirq: Add might_sleep() to disable_irq() (git-fixes). * genirq: Always limit the affinity to online CPUs (git-fixes). * genirq: Do not return error on missing optional irq_request_resources() (git-fixes). * genirq: Take the proposed affinity at face value if force==true (git-fixes). * genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (git- fixes). * genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (git- fixes). * genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask() (git- fixes). * genirq/irqdesc: Do not try to remove non-existing sysfs files (git-fixes). * genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() (git- fixes). * genirq/msi: Shutdown managed interrupts with unsatifiable affinities (git- fixes). * gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git- fixes). * hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (git-fixes). * i2c: smbus: Improve handling of stuck alerts (git-fixes). * i2c: smbus: Send alert notifications to all devices if source not found (git-fixes). * iommu/amd: Convert comma to semicolon (git-fixes). * ip6_tunnel: Fix broken GRO (bsc#1229444). * ipv6: sr: fix incorrect unregister order (git-fixes). * irqdomain: Drop bogus fwspec-mapping error handling (git-fixes). * irqdomain: Fix association race (git-fixes). * irqdomain: Fix disassociation race (git-fixes). * irqdomain: Fix domain registration race (git-fixes). * irqdomain: Fix mapping-creation race (git-fixes). * irqdomain: Fixed unbalanced fwnode get and put (git-fixes). * irqdomain: Look for existing mapping only once (git-fixes). * irqdomain: Refactor __irq_domain_alloc_irqs() (git-fixes). * irqdomain: Report irq number for NOMAP domains (git-fixes). * kprobes: Fix to check symbol prefixes correctly (git-fixes). * lockd: move from strlcpy with unused retval to strscpy (git-fixes). * memcg: protect concurrent access to mem_cgroup_idr (git-fixes). * mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes). * mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes). * mmc: dw_mmc: allow biu and ciu clocks to defer (git-fixes). * mmc: mmc_test: Fix NULL dereference on allocation failure (git-fixes). * net: ks8851: Fix another TX stall caused by wrong ISR flag handling (git- fixes). * net: ks8851: Fix deadlock with the SPI chip variant (git-fixes). * net: ks8851: Fix potential TX stall after interface reopen (git-fixes). * net: ks8851: Fix TX stall caused by TX buffer overrun (gix-fixes). * net: mana: Add support for page sizes other than 4KB on ARM64 (jsc#PED-8491 bsc#1226530). * net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154). * net: mana: Fix race of mana_hwc_post_rx_wqe and new hwc response (git- fixes). * net: mana: Fix RX buf alloc_size alignment and atomic op panic (bsc#1229086). * net: remove two BUG() from skb_checksum_help() (bsc#1229312). * net: usb: qmi_wwan: fix memory leak for not ip packets (git-fixes). * net/rds: fix possible cp null dereference (git-fixes). * net/sched: initialize noop_qdisc owner (git-fixes). * nfc: pn533: Add poll mod list filling check (git-fixes). * nfs: expose /proc/net/sunrpc/nfs in net namespaces (git-fixes). * nfs: make the rpc_stat per net namespace (git-fixes). * NFSD: add posix ACLs to struct nfsd_attrs (git-fixes). * NFSD: add security label to struct nfsd_attrs (git-fixes). * NFSD: fix regression with setting ACLs (git-fixes). * NFSD: Fix strncpy() fortify warning (git-fixes). * NFSD: Increase NFSD_MAX_OPS_PER_COMPOUND (git-fixes). * NFSD: introduce struct nfsd_attrs (git-fixes). * NFSD: move from strlcpy with unused retval to strscpy (git-fixes). * NFSD: Optimize DRC bucket pruning (git-fixes). * nfsd: return error if nfs4_setacl fails (git-fixes). * NFSD: set attributes when creating symlinks (git-fixes). * nfsd: use locks_inode_context helper (git-fixes). * nilfs2: Remove check for PageError (git-fixes). * nvme_core: scan namespaces asynchronously (bsc#1224105). * ocfs2: use coarse time for new created files (git-fixes). * padata: Fix possible divide-by-0 panic in padata_mt_helper() (git-fixes). * perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09 (git- fixes). * platform/x86/amd/hsmp: Add support for ACPI based probing (jsc#PED-8779). * platform/x86/amd/hsmp: Cache pci_dev in struct hsmp_socket (jsc#PED-8779). * platform/x86/amd/hsmp: Change devm_kzalloc() to devm_kcalloc() (jsc#PED-8779). * platform/x86/amd/hsmp: Check HSMP support on AMD family of processors (jsc#PED-8779). * platform/x86/amd/hsmp: Check num_sockets against MAX_AMD_SOCKETS (jsc#PED-8779). * platform/x86/amd/hsmp: Create static func to handle platdev (jsc#PED-8779). * platform/x86/amd/hsmp: Define a struct to hold mailbox regs (jsc#PED-8779). * platform/x86/amd/hsmp: Move dev from platdev to hsmp_socket (jsc#PED-8779). * platform/x86/amd/hsmp: Move hsmp_test to probe (jsc#PED-8779). * platform/x86/amd/hsmp: Non-ACPI support for AMD F1A_M00~0Fh (jsc#PED-8779). * platform/x86/amd/hsmp: Remove extra parenthesis and add a space (jsc#PED-8779). * platform/x86/amd/hsmp: Restructure sysfs group creation (jsc#PED-8779). * platform/x86/amd/hsmp: switch to use device_add_groups() (jsc#PED-8779). * power: supply: axp288_charger: Fix constant_charge_voltage writes (git- fixes). * power: supply: axp288_charger: Round constant_charge_voltage writes down (git-fixes). * powerpc: Fail build if using recordmcount with binutils v2.37 (bsc#1194869). * powerpc: Mark .opd section read-only (bsc#1194869). * powerpc: use generic version of arch_is_kernel_initmem_freed() (bsc#1194869). * powerpc: xor_vmx: Add '-mhard-float' to CFLAGS (bsc#1194869). * powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (bsc#1194869). * powerpc/io: Avoid clang null pointer arithmetic warnings (bsc#1194869). * powerpc/kexec_file: fix cpus node update to FDT (bsc#1194869). * powerpc/kexec: make the update_cpus_node() function public (bsc#1194869). * powerpc/kexec: split CONFIG_KEXEC_FILE and CONFIG_CRASH_DUMP (bsc#1194869). * powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp (bsc#1194869). * powerpc/pseries: Whitelist dtl slub object for copying to userspace (bsc#1194869). * powerpc/radix: Move some functions into #ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE (bsc#1194869). * powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). * powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#" (bsc#1194869). * RDMA/mana_ib: Use virtual address in dma regions for MRs (git-fixes). * RDMA/rxe: Fix incomplete state save in rxe_requester (git-fixes) * RDMA/rxe: Fix rxe_modify_srq (git-fixes) * RDMA/rxe: Handle zero length rdma (git-fixes) * RDMA/rxe: Move work queue code to subroutines (git-fixes) * s390/cpacf: get rid of register asm (git-fixes bsc#1227079 bsc#1229187). * s390/cpacf: Make use of invalid opcode produce a link error (git-fixes bsc#1227079). * s390/cpacf: Split and rework cpacf query functions (git-fixes bsc#1229187). * s390/dasd: fix error checks in dasd_copy_pair_store() (git-fixes bsc#1229190). * s390/dasd: fix error recovery leading to data corruption on ESE devices (git-fixes bsc#1229573). * s390/sclp: Prevent release of buffer in I/O (git-fixes bsc#1229572). * s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229188). * spi: spi-fsl-lpspi: Fix scldiv calculation (git-fixes). * sunrpc: add a struct rpc_stats arg to rpc_create_args (git-fixes). * SUNRPC: Fix a race to wake a sync task (git-fixes). * swiotlb: fix swiotlb_bounce() to do partial sync's correctly (git-fixes). * syscalls: fix compat_sys_io_pgetevents_time64 usage (git-fixes). * tracing: Return from tracing_buffers_read() if the file has been closed (bsc#1229136 git-fixes). * ubifs: add check for crypto_shash_tfm_digest (git-fixes). * ubifs: dbg_orphan_check: Fix missed key type checking (git-fixes). * ubifs: Fix adding orphan entry twice for the same inode (git-fixes). * ubifs: Fix unattached xattr inode if powercut happens after deleting (git- fixes). * vfio/pci: fix potential memory leak in vfio_intx_enable() (git-fixes). * wifi: iwlwifi: fw: fix wgds rev 3 exact size (git-fixes). * wifi: mwifiex: duplicate static structs used in driver instances (git- fixes). * x86/APM: drop the duplicate APM_MINOR_DEV macro (git-fixes). * x86/insn: Fix PUSH instruction in x86 instruction decoder opcode map (git- fixes). * x86/mm: Fix pti_clone_entry_text() for i386 (git-fixes). * x86/mtrr: Check if fixed MTRRs exist before saving them (git-fixes). * x86/pm: Work around false positive kmemleak report in msr_build_context() (git-fixes). * xfs: Fix missing interval for missing_owner in xfs fsmap (git-fixes). * xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes). * xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code (git-fixes). * xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration (git-fixes). * xprtrdma: Fix rpcrdma_reqs_reset() (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3209=1 * SUSE Real Time Module 15-SP5 zypper in -t patch SUSE-SLE-Module-RT-15-SP5-2024-3209=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3209=1 openSUSE-SLE-15.5-2024-3209=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3209=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3209=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo-1-150500.11.3.2 * kernel-livepatch-5_14_21-150500_13_67-rt-1-150500.11.3.2 * kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource-1-150500.11.3.2 * SUSE Real Time Module 15-SP5 (x86_64) * ocfs2-kmp-rt-5.14.21-150500.13.67.3 * kernel-rt-devel-5.14.21-150500.13.67.3 * gfs2-kmp-rt-5.14.21-150500.13.67.3 * kernel-syms-rt-5.14.21-150500.13.67.1 * kernel-rt-vdso-5.14.21-150500.13.67.3 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.67.3 * kernel-rt_debug-vdso-5.14.21-150500.13.67.3 * kernel-rt-debugsource-5.14.21-150500.13.67.3 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.67.3 * cluster-md-kmp-rt-5.14.21-150500.13.67.3 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.67.3 * dlm-kmp-rt-5.14.21-150500.13.67.3 * kernel-rt_debug-debugsource-5.14.21-150500.13.67.3 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.67.3 * kernel-rt_debug-debuginfo-5.14.21-150500.13.67.3 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.67.3 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.67.3 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.67.3 * kernel-rt-debuginfo-5.14.21-150500.13.67.3 * kernel-rt_debug-devel-5.14.21-150500.13.67.3 * kernel-rt-devel-debuginfo-5.14.21-150500.13.67.3 * SUSE Real Time Module 15-SP5 (noarch) * kernel-devel-rt-5.14.21-150500.13.67.3 * kernel-source-rt-5.14.21-150500.13.67.3 * SUSE Real Time Module 15-SP5 (nosrc x86_64) * kernel-rt_debug-5.14.21-150500.13.67.3 * kernel-rt-5.14.21-150500.13.67.3 * openSUSE Leap 15.5 (noarch) * kernel-devel-rt-5.14.21-150500.13.67.3 * kernel-source-rt-5.14.21-150500.13.67.3 * openSUSE Leap 15.5 (x86_64) * ocfs2-kmp-rt-5.14.21-150500.13.67.3 * kernel-rt-devel-5.14.21-150500.13.67.3 * kernel-rt-extra-debuginfo-5.14.21-150500.13.67.3 * gfs2-kmp-rt-5.14.21-150500.13.67.3 * kernel-livepatch-5_14_21-150500_13_67-rt-debuginfo-1-150500.11.3.2 * kselftests-kmp-rt-5.14.21-150500.13.67.3 * kernel-rt-livepatch-devel-5.14.21-150500.13.67.3 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.67.3 * reiserfs-kmp-rt-5.14.21-150500.13.67.3 * kernel-syms-rt-5.14.21-150500.13.67.1 * kernel-rt-livepatch-5.14.21-150500.13.67.3 * kernel-rt-vdso-5.14.21-150500.13.67.3 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.67.3 * kernel-rt_debug-vdso-5.14.21-150500.13.67.3 * kernel-rt-debugsource-5.14.21-150500.13.67.3 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.67.3 * cluster-md-kmp-rt-5.14.21-150500.13.67.3 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.67.3 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.67.3 * dlm-kmp-rt-5.14.21-150500.13.67.3 * kernel-rt_debug-debugsource-5.14.21-150500.13.67.3 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.67.3 * kernel-livepatch-5_14_21-150500_13_67-rt-1-150500.11.3.2 * kernel-rt_debug-debuginfo-5.14.21-150500.13.67.3 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.67.3 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.67.3 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.67.3 * kernel-rt-debuginfo-5.14.21-150500.13.67.3 * kernel-rt_debug-devel-5.14.21-150500.13.67.3 * kernel-livepatch-SLE15-SP5-RT_Update_19-debugsource-1-150500.11.3.2 * kernel-rt-extra-5.14.21-150500.13.67.3 * kernel-rt-optional-5.14.21-150500.13.67.3 * kernel-rt-optional-debuginfo-5.14.21-150500.13.67.3 * kernel-rt-devel-debuginfo-5.14.21-150500.13.67.3 * kernel-rt_debug-livepatch-devel-5.14.21-150500.13.67.3 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt_debug-5.14.21-150500.13.67.3 * kernel-rt-5.14.21-150500.13.67.3 * openSUSE Leap Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.67.3 * openSUSE Leap Micro 5.5 (x86_64) * kernel-rt-debugsource-5.14.21-150500.13.67.3 * kernel-rt-debuginfo-5.14.21-150500.13.67.3 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.67.3 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debugsource-5.14.21-150500.13.67.3 * kernel-rt-debuginfo-5.14.21-150500.13.67.3 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.67.3 ## References: * https://www.suse.com/security/cve/CVE-2021-4441.html * https://www.suse.com/security/cve/CVE-2021-47106.html * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47546.html * https://www.suse.com/security/cve/CVE-2022-38457.html * https://www.suse.com/security/cve/CVE-2022-40133.html * https://www.suse.com/security/cve/CVE-2022-48645.html * https://www.suse.com/security/cve/CVE-2022-48706.html * https://www.suse.com/security/cve/CVE-2022-48808.html * https://www.suse.com/security/cve/CVE-2022-48865.html * https://www.suse.com/security/cve/CVE-2022-48868.html * https://www.suse.com/security/cve/CVE-2022-48869.html * https://www.suse.com/security/cve/CVE-2022-48870.html * https://www.suse.com/security/cve/CVE-2022-48871.html * https://www.suse.com/security/cve/CVE-2022-48872.html * https://www.suse.com/security/cve/CVE-2022-48873.html * https://www.suse.com/security/cve/CVE-2022-48875.html * https://www.suse.com/security/cve/CVE-2022-48878.html * https://www.suse.com/security/cve/CVE-2022-48880.html * https://www.suse.com/security/cve/CVE-2022-48881.html * https://www.suse.com/security/cve/CVE-2022-48882.html * https://www.suse.com/security/cve/CVE-2022-48883.html * https://www.suse.com/security/cve/CVE-2022-48884.html * https://www.suse.com/security/cve/CVE-2022-48885.html * https://www.suse.com/security/cve/CVE-2022-48886.html * https://www.suse.com/security/cve/CVE-2022-48887.html * https://www.suse.com/security/cve/CVE-2022-48888.html * https://www.suse.com/security/cve/CVE-2022-48889.html * https://www.suse.com/security/cve/CVE-2022-48890.html * https://www.suse.com/security/cve/CVE-2022-48891.html * https://www.suse.com/security/cve/CVE-2022-48893.html * https://www.suse.com/security/cve/CVE-2022-48896.html * https://www.suse.com/security/cve/CVE-2022-48898.html * https://www.suse.com/security/cve/CVE-2022-48899.html * https://www.suse.com/security/cve/CVE-2022-48903.html * https://www.suse.com/security/cve/CVE-2022-48904.html * https://www.suse.com/security/cve/CVE-2022-48905.html * https://www.suse.com/security/cve/CVE-2022-48906.html * https://www.suse.com/security/cve/CVE-2022-48907.html * https://www.suse.com/security/cve/CVE-2022-48909.html * https://www.suse.com/security/cve/CVE-2022-48910.html * https://www.suse.com/security/cve/CVE-2022-48912.html * https://www.suse.com/security/cve/CVE-2022-48913.html * https://www.suse.com/security/cve/CVE-2022-48914.html * https://www.suse.com/security/cve/CVE-2022-48915.html * https://www.suse.com/security/cve/CVE-2022-48916.html * https://www.suse.com/security/cve/CVE-2022-48917.html * https://www.suse.com/security/cve/CVE-2022-48918.html * https://www.suse.com/security/cve/CVE-2022-48919.html * https://www.suse.com/security/cve/CVE-2022-48920.html * https://www.suse.com/security/cve/CVE-2022-48921.html * https://www.suse.com/security/cve/CVE-2022-48923.html * https://www.suse.com/security/cve/CVE-2022-48924.html * https://www.suse.com/security/cve/CVE-2022-48925.html * https://www.suse.com/security/cve/CVE-2022-48926.html * https://www.suse.com/security/cve/CVE-2022-48927.html * https://www.suse.com/security/cve/CVE-2022-48928.html * https://www.suse.com/security/cve/CVE-2022-48929.html * https://www.suse.com/security/cve/CVE-2022-48930.html * https://www.suse.com/security/cve/CVE-2022-48931.html * https://www.suse.com/security/cve/CVE-2022-48932.html * https://www.suse.com/security/cve/CVE-2022-48934.html * https://www.suse.com/security/cve/CVE-2022-48937.html * https://www.suse.com/security/cve/CVE-2022-48938.html * https://www.suse.com/security/cve/CVE-2022-48939.html * https://www.suse.com/security/cve/CVE-2022-48940.html * https://www.suse.com/security/cve/CVE-2022-48941.html * https://www.suse.com/security/cve/CVE-2022-48942.html * https://www.suse.com/security/cve/CVE-2022-48943.html * https://www.suse.com/security/cve/CVE-2023-3610.html * https://www.suse.com/security/cve/CVE-2023-52458.html * https://www.suse.com/security/cve/CVE-2023-52489.html * https://www.suse.com/security/cve/CVE-2023-52498.html * https://www.suse.com/security/cve/CVE-2023-52581.html * https://www.suse.com/security/cve/CVE-2023-52859.html * https://www.suse.com/security/cve/CVE-2023-52887.html * https://www.suse.com/security/cve/CVE-2023-52889.html * https://www.suse.com/security/cve/CVE-2023-52893.html * https://www.suse.com/security/cve/CVE-2023-52894.html * https://www.suse.com/security/cve/CVE-2023-52896.html * https://www.suse.com/security/cve/CVE-2023-52898.html * https://www.suse.com/security/cve/CVE-2023-52899.html * https://www.suse.com/security/cve/CVE-2023-52900.html * https://www.suse.com/security/cve/CVE-2023-52901.html * https://www.suse.com/security/cve/CVE-2023-52904.html * https://www.suse.com/security/cve/CVE-2023-52905.html * https://www.suse.com/security/cve/CVE-2023-52906.html * https://www.suse.com/security/cve/CVE-2023-52907.html * https://www.suse.com/security/cve/CVE-2023-52908.html * https://www.suse.com/security/cve/CVE-2023-52909.html * https://www.suse.com/security/cve/CVE-2023-52910.html * https://www.suse.com/security/cve/CVE-2023-52911.html * https://www.suse.com/security/cve/CVE-2023-52912.html * https://www.suse.com/security/cve/CVE-2023-52913.html * https://www.suse.com/security/cve/CVE-2024-26631.html * https://www.suse.com/security/cve/CVE-2024-26668.html * https://www.suse.com/security/cve/CVE-2024-26669.html * https://www.suse.com/security/cve/CVE-2024-26677.html * https://www.suse.com/security/cve/CVE-2024-26735.html * https://www.suse.com/security/cve/CVE-2024-26808.html * https://www.suse.com/security/cve/CVE-2024-26812.html * https://www.suse.com/security/cve/CVE-2024-26835.html * https://www.suse.com/security/cve/CVE-2024-26851.html * https://www.suse.com/security/cve/CVE-2024-27010.html * https://www.suse.com/security/cve/CVE-2024-27011.html * https://www.suse.com/security/cve/CVE-2024-27016.html * https://www.suse.com/security/cve/CVE-2024-27024.html * https://www.suse.com/security/cve/CVE-2024-27079.html * https://www.suse.com/security/cve/CVE-2024-27403.html * https://www.suse.com/security/cve/CVE-2024-31076.html * https://www.suse.com/security/cve/CVE-2024-35897.html * https://www.suse.com/security/cve/CVE-2024-35902.html * https://www.suse.com/security/cve/CVE-2024-35945.html * https://www.suse.com/security/cve/CVE-2024-35971.html * https://www.suse.com/security/cve/CVE-2024-36009.html * https://www.suse.com/security/cve/CVE-2024-36013.html * https://www.suse.com/security/cve/CVE-2024-36270.html * https://www.suse.com/security/cve/CVE-2024-36286.html * https://www.suse.com/security/cve/CVE-2024-36489.html * https://www.suse.com/security/cve/CVE-2024-36929.html * https://www.suse.com/security/cve/CVE-2024-36933.html * https://www.suse.com/security/cve/CVE-2024-36936.html * https://www.suse.com/security/cve/CVE-2024-36962.html * https://www.suse.com/security/cve/CVE-2024-38554.html * https://www.suse.com/security/cve/CVE-2024-38602.html * https://www.suse.com/security/cve/CVE-2024-38662.html * https://www.suse.com/security/cve/CVE-2024-39489.html * https://www.suse.com/security/cve/CVE-2024-40905.html * https://www.suse.com/security/cve/CVE-2024-40978.html * https://www.suse.com/security/cve/CVE-2024-40980.html * https://www.suse.com/security/cve/CVE-2024-40995.html * https://www.suse.com/security/cve/CVE-2024-41000.html * https://www.suse.com/security/cve/CVE-2024-41007.html * https://www.suse.com/security/cve/CVE-2024-41009.html * https://www.suse.com/security/cve/CVE-2024-41011.html * https://www.suse.com/security/cve/CVE-2024-41016.html * https://www.suse.com/security/cve/CVE-2024-41020.html * https://www.suse.com/security/cve/CVE-2024-41022.html * https://www.suse.com/security/cve/CVE-2024-41035.html * https://www.suse.com/security/cve/CVE-2024-41036.html * https://www.suse.com/security/cve/CVE-2024-41038.html * https://www.suse.com/security/cve/CVE-2024-41039.html * https://www.suse.com/security/cve/CVE-2024-41042.html * https://www.suse.com/security/cve/CVE-2024-41045.html * https://www.suse.com/security/cve/CVE-2024-41056.html * https://www.suse.com/security/cve/CVE-2024-41060.html * https://www.suse.com/security/cve/CVE-2024-41062.html * https://www.suse.com/security/cve/CVE-2024-41065.html * https://www.suse.com/security/cve/CVE-2024-41068.html * https://www.suse.com/security/cve/CVE-2024-41073.html * https://www.suse.com/security/cve/CVE-2024-41079.html * https://www.suse.com/security/cve/CVE-2024-41080.html * https://www.suse.com/security/cve/CVE-2024-41087.html * https://www.suse.com/security/cve/CVE-2024-41088.html * https://www.suse.com/security/cve/CVE-2024-41089.html * https://www.suse.com/security/cve/CVE-2024-41092.html * https://www.suse.com/security/cve/CVE-2024-41093.html * https://www.suse.com/security/cve/CVE-2024-41095.html * https://www.suse.com/security/cve/CVE-2024-41097.html * https://www.suse.com/security/cve/CVE-2024-41098.html * https://www.suse.com/security/cve/CVE-2024-42069.html * https://www.suse.com/security/cve/CVE-2024-42074.html * https://www.suse.com/security/cve/CVE-2024-42076.html * https://www.suse.com/security/cve/CVE-2024-42077.html * https://www.suse.com/security/cve/CVE-2024-42080.html * https://www.suse.com/security/cve/CVE-2024-42082.html * https://www.suse.com/security/cve/CVE-2024-42085.html * https://www.suse.com/security/cve/CVE-2024-42086.html * https://www.suse.com/security/cve/CVE-2024-42087.html * https://www.suse.com/security/cve/CVE-2024-42089.html * https://www.suse.com/security/cve/CVE-2024-42090.html * https://www.suse.com/security/cve/CVE-2024-42092.html * https://www.suse.com/security/cve/CVE-2024-42095.html * https://www.suse.com/security/cve/CVE-2024-42097.html * https://www.suse.com/security/cve/CVE-2024-42098.html * https://www.suse.com/security/cve/CVE-2024-42101.html * https://www.suse.com/security/cve/CVE-2024-42104.html * https://www.suse.com/security/cve/CVE-2024-42106.html * https://www.suse.com/security/cve/CVE-2024-42107.html * https://www.suse.com/security/cve/CVE-2024-42110.html * https://www.suse.com/security/cve/CVE-2024-42114.html * https://www.suse.com/security/cve/CVE-2024-42115.html * https://www.suse.com/security/cve/CVE-2024-42119.html * https://www.suse.com/security/cve/CVE-2024-42120.html * https://www.suse.com/security/cve/CVE-2024-42121.html * https://www.suse.com/security/cve/CVE-2024-42126.html * https://www.suse.com/security/cve/CVE-2024-42127.html * https://www.suse.com/security/cve/CVE-2024-42130.html * https://www.suse.com/security/cve/CVE-2024-42137.html * https://www.suse.com/security/cve/CVE-2024-42139.html * https://www.suse.com/security/cve/CVE-2024-42142.html * https://www.suse.com/security/cve/CVE-2024-42143.html * https://www.suse.com/security/cve/CVE-2024-42148.html * https://www.suse.com/security/cve/CVE-2024-42152.html * https://www.suse.com/security/cve/CVE-2024-42155.html * https://www.suse.com/security/cve/CVE-2024-42156.html * https://www.suse.com/security/cve/CVE-2024-42157.html * https://www.suse.com/security/cve/CVE-2024-42158.html * https://www.suse.com/security/cve/CVE-2024-42162.html * https://www.suse.com/security/cve/CVE-2024-42223.html * https://www.suse.com/security/cve/CVE-2024-42225.html * https://www.suse.com/security/cve/CVE-2024-42228.html * https://www.suse.com/security/cve/CVE-2024-42229.html * https://www.suse.com/security/cve/CVE-2024-42230.html * https://www.suse.com/security/cve/CVE-2024-42232.html * https://www.suse.com/security/cve/CVE-2024-42236.html * https://www.suse.com/security/cve/CVE-2024-42237.html * https://www.suse.com/security/cve/CVE-2024-42238.html * https://www.suse.com/security/cve/CVE-2024-42239.html * https://www.suse.com/security/cve/CVE-2024-42240.html * https://www.suse.com/security/cve/CVE-2024-42244.html * https://www.suse.com/security/cve/CVE-2024-42246.html * https://www.suse.com/security/cve/CVE-2024-42247.html * https://www.suse.com/security/cve/CVE-2024-42268.html * https://www.suse.com/security/cve/CVE-2024-42271.html * https://www.suse.com/security/cve/CVE-2024-42274.html * https://www.suse.com/security/cve/CVE-2024-42276.html * https://www.suse.com/security/cve/CVE-2024-42277.html * https://www.suse.com/security/cve/CVE-2024-42280.html * https://www.suse.com/security/cve/CVE-2024-42281.html * https://www.suse.com/security/cve/CVE-2024-42283.html * https://www.suse.com/security/cve/CVE-2024-42284.html * https://www.suse.com/security/cve/CVE-2024-42285.html * https://www.suse.com/security/cve/CVE-2024-42286.html * https://www.suse.com/security/cve/CVE-2024-42287.html * https://www.suse.com/security/cve/CVE-2024-42288.html * https://www.suse.com/security/cve/CVE-2024-42289.html * https://www.suse.com/security/cve/CVE-2024-42291.html * https://www.suse.com/security/cve/CVE-2024-42292.html * https://www.suse.com/security/cve/CVE-2024-42295.html * https://www.suse.com/security/cve/CVE-2024-42301.html * https://www.suse.com/security/cve/CVE-2024-42302.html * https://www.suse.com/security/cve/CVE-2024-42308.html * https://www.suse.com/security/cve/CVE-2024-42309.html * https://www.suse.com/security/cve/CVE-2024-42310.html * https://www.suse.com/security/cve/CVE-2024-42311.html * https://www.suse.com/security/cve/CVE-2024-42312.html * https://www.suse.com/security/cve/CVE-2024-42313.html * https://www.suse.com/security/cve/CVE-2024-42315.html * https://www.suse.com/security/cve/CVE-2024-42318.html * https://www.suse.com/security/cve/CVE-2024-42319.html * https://www.suse.com/security/cve/CVE-2024-42320.html * https://www.suse.com/security/cve/CVE-2024-42322.html * https://www.suse.com/security/cve/CVE-2024-43816.html * https://www.suse.com/security/cve/CVE-2024-43818.html * https://www.suse.com/security/cve/CVE-2024-43819.html * https://www.suse.com/security/cve/CVE-2024-43821.html * https://www.suse.com/security/cve/CVE-2024-43823.html * https://www.suse.com/security/cve/CVE-2024-43829.html * https://www.suse.com/security/cve/CVE-2024-43830.html * https://www.suse.com/security/cve/CVE-2024-43831.html * https://www.suse.com/security/cve/CVE-2024-43834.html * https://www.suse.com/security/cve/CVE-2024-43837.html * https://www.suse.com/security/cve/CVE-2024-43839.html * https://www.suse.com/security/cve/CVE-2024-43841.html * https://www.suse.com/security/cve/CVE-2024-43842.html * https://www.suse.com/security/cve/CVE-2024-43846.html * https://www.suse.com/security/cve/CVE-2024-43849.html * https://www.suse.com/security/cve/CVE-2024-43853.html * https://www.suse.com/security/cve/CVE-2024-43854.html * https://www.suse.com/security/cve/CVE-2024-43856.html * https://www.suse.com/security/cve/CVE-2024-43858.html * https://www.suse.com/security/cve/CVE-2024-43860.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-43863.html * https://www.suse.com/security/cve/CVE-2024-43866.html * https://www.suse.com/security/cve/CVE-2024-43867.html * https://www.suse.com/security/cve/CVE-2024-43871.html * https://www.suse.com/security/cve/CVE-2024-43872.html * https://www.suse.com/security/cve/CVE-2024-43873.html * https://www.suse.com/security/cve/CVE-2024-43879.html * https://www.suse.com/security/cve/CVE-2024-43880.html * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-43883.html * https://www.suse.com/security/cve/CVE-2024-43884.html * https://www.suse.com/security/cve/CVE-2024-43889.html * https://www.suse.com/security/cve/CVE-2024-43892.html * https://www.suse.com/security/cve/CVE-2024-43893.html * https://www.suse.com/security/cve/CVE-2024-43894.html * https://www.suse.com/security/cve/CVE-2024-43895.html * https://www.suse.com/security/cve/CVE-2024-43899.html * https://www.suse.com/security/cve/CVE-2024-43900.html * https://www.suse.com/security/cve/CVE-2024-43902.html * https://www.suse.com/security/cve/CVE-2024-43903.html * https://www.suse.com/security/cve/CVE-2024-43904.html * https://www.suse.com/security/cve/CVE-2024-43905.html * https://www.suse.com/security/cve/CVE-2024-43907.html * https://www.suse.com/security/cve/CVE-2024-43908.html * https://www.suse.com/security/cve/CVE-2024-43909.html * https://www.suse.com/security/cve/CVE-2024-44938.html * https://www.suse.com/security/cve/CVE-2024-44939.html * https://www.suse.com/security/cve/CVE-2024-44947.html * https://bugzilla.suse.com/show_bug.cgi?id=1193629 * https://bugzilla.suse.com/show_bug.cgi?id=1194111 * https://bugzilla.suse.com/show_bug.cgi?id=1194765 * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1196261 * https://bugzilla.suse.com/show_bug.cgi?id=1196516 * https://bugzilla.suse.com/show_bug.cgi?id=1196894 * https://bugzilla.suse.com/show_bug.cgi?id=1198017 * https://bugzilla.suse.com/show_bug.cgi?id=1203329 * https://bugzilla.suse.com/show_bug.cgi?id=1203330 * https://bugzilla.suse.com/show_bug.cgi?id=1203360 * https://bugzilla.suse.com/show_bug.cgi?id=1205462 * https://bugzilla.suse.com/show_bug.cgi?id=1206006 * https://bugzilla.suse.com/show_bug.cgi?id=1206258 * https://bugzilla.suse.com/show_bug.cgi?id=1206843 * https://bugzilla.suse.com/show_bug.cgi?id=1207158 * https://bugzilla.suse.com/show_bug.cgi?id=1208783 * https://bugzilla.suse.com/show_bug.cgi?id=1210644 * https://bugzilla.suse.com/show_bug.cgi?id=1213580 * https://bugzilla.suse.com/show_bug.cgi?id=1213632 * https://bugzilla.suse.com/show_bug.cgi?id=1214285 * https://bugzilla.suse.com/show_bug.cgi?id=1216834 * https://bugzilla.suse.com/show_bug.cgi?id=1220428 * https://bugzilla.suse.com/show_bug.cgi?id=1220877 * https://bugzilla.suse.com/show_bug.cgi?id=1220962 * https://bugzilla.suse.com/show_bug.cgi?id=1221269 * https://bugzilla.suse.com/show_bug.cgi?id=1221326 * https://bugzilla.suse.com/show_bug.cgi?id=1221630 * https://bugzilla.suse.com/show_bug.cgi?id=1221645 * https://bugzilla.suse.com/show_bug.cgi?id=1222335 * https://bugzilla.suse.com/show_bug.cgi?id=1222350 * https://bugzilla.suse.com/show_bug.cgi?id=1222372 * https://bugzilla.suse.com/show_bug.cgi?id=1222387 * https://bugzilla.suse.com/show_bug.cgi?id=1222634 * https://bugzilla.suse.com/show_bug.cgi?id=1222808 * https://bugzilla.suse.com/show_bug.cgi?id=1222967 * https://bugzilla.suse.com/show_bug.cgi?id=1223074 * https://bugzilla.suse.com/show_bug.cgi?id=1223191 * https://bugzilla.suse.com/show_bug.cgi?id=1223508 * https://bugzilla.suse.com/show_bug.cgi?id=1223720 * https://bugzilla.suse.com/show_bug.cgi?id=1223742 * https://bugzilla.suse.com/show_bug.cgi?id=1223777 * https://bugzilla.suse.com/show_bug.cgi?id=1223803 * https://bugzilla.suse.com/show_bug.cgi?id=1223807 * https://bugzilla.suse.com/show_bug.cgi?id=1224105 * https://bugzilla.suse.com/show_bug.cgi?id=1224415 * https://bugzilla.suse.com/show_bug.cgi?id=1224496 * https://bugzilla.suse.com/show_bug.cgi?id=1224510 * https://bugzilla.suse.com/show_bug.cgi?id=1224542 * https://bugzilla.suse.com/show_bug.cgi?id=1224578 * https://bugzilla.suse.com/show_bug.cgi?id=1224639 * https://bugzilla.suse.com/show_bug.cgi?id=1225162 * https://bugzilla.suse.com/show_bug.cgi?id=1225352 * https://bugzilla.suse.com/show_bug.cgi?id=1225428 * https://bugzilla.suse.com/show_bug.cgi?id=1225524 * https://bugzilla.suse.com/show_bug.cgi?id=1225578 * https://bugzilla.suse.com/show_bug.cgi?id=1225582 * https://bugzilla.suse.com/show_bug.cgi?id=1225773 * https://bugzilla.suse.com/show_bug.cgi?id=1225814 * https://bugzilla.suse.com/show_bug.cgi?id=1225827 * https://bugzilla.suse.com/show_bug.cgi?id=1225832 * https://bugzilla.suse.com/show_bug.cgi?id=1225903 * https://bugzilla.suse.com/show_bug.cgi?id=1226168 * https://bugzilla.suse.com/show_bug.cgi?id=1226530 * https://bugzilla.suse.com/show_bug.cgi?id=1226613 * https://bugzilla.suse.com/show_bug.cgi?id=1226742 * https://bugzilla.suse.com/show_bug.cgi?id=1226765 * https://bugzilla.suse.com/show_bug.cgi?id=1226798 * https://bugzilla.suse.com/show_bug.cgi?id=1226801 * https://bugzilla.suse.com/show_bug.cgi?id=1226874 * https://bugzilla.suse.com/show_bug.cgi?id=1226885 * https://bugzilla.suse.com/show_bug.cgi?id=1227079 * https://bugzilla.suse.com/show_bug.cgi?id=1227623 * https://bugzilla.suse.com/show_bug.cgi?id=1227761 * https://bugzilla.suse.com/show_bug.cgi?id=1227830 * https://bugzilla.suse.com/show_bug.cgi?id=1227863 * https://bugzilla.suse.com/show_bug.cgi?id=1227867 * https://bugzilla.suse.com/show_bug.cgi?id=1227929 * https://bugzilla.suse.com/show_bug.cgi?id=1227937 * https://bugzilla.suse.com/show_bug.cgi?id=1227958 * https://bugzilla.suse.com/show_bug.cgi?id=1228020 * https://bugzilla.suse.com/show_bug.cgi?id=1228065 * https://bugzilla.suse.com/show_bug.cgi?id=1228114 * https://bugzilla.suse.com/show_bug.cgi?id=1228410 * https://bugzilla.suse.com/show_bug.cgi?id=1228426 * https://bugzilla.suse.com/show_bug.cgi?id=1228427 * https://bugzilla.suse.com/show_bug.cgi?id=1228429 * https://bugzilla.suse.com/show_bug.cgi?id=1228446 * https://bugzilla.suse.com/show_bug.cgi?id=1228447 * https://bugzilla.suse.com/show_bug.cgi?id=1228449 * https://bugzilla.suse.com/show_bug.cgi?id=1228450 * https://bugzilla.suse.com/show_bug.cgi?id=1228452 * https://bugzilla.suse.com/show_bug.cgi?id=1228456 * https://bugzilla.suse.com/show_bug.cgi?id=1228463 * https://bugzilla.suse.com/show_bug.cgi?id=1228466 * https://bugzilla.suse.com/show_bug.cgi?id=1228467 * https://bugzilla.suse.com/show_bug.cgi?id=1228469 * https://bugzilla.suse.com/show_bug.cgi?id=1228480 * https://bugzilla.suse.com/show_bug.cgi?id=1228481 * https://bugzilla.suse.com/show_bug.cgi?id=1228482 * https://bugzilla.suse.com/show_bug.cgi?id=1228483 * https://bugzilla.suse.com/show_bug.cgi?id=1228484 * https://bugzilla.suse.com/show_bug.cgi?id=1228485 * https://bugzilla.suse.com/show_bug.cgi?id=1228487 * https://bugzilla.suse.com/show_bug.cgi?id=1228489 * https://bugzilla.suse.com/show_bug.cgi?id=1228491 * https://bugzilla.suse.com/show_bug.cgi?id=1228493 * https://bugzilla.suse.com/show_bug.cgi?id=1228494 * https://bugzilla.suse.com/show_bug.cgi?id=1228495 * https://bugzilla.suse.com/show_bug.cgi?id=1228496 * https://bugzilla.suse.com/show_bug.cgi?id=1228501 * https://bugzilla.suse.com/show_bug.cgi?id=1228503 * https://bugzilla.suse.com/show_bug.cgi?id=1228509 * https://bugzilla.suse.com/show_bug.cgi?id=1228513 * https://bugzilla.suse.com/show_bug.cgi?id=1228515 * https://bugzilla.suse.com/show_bug.cgi?id=1228516 * https://bugzilla.suse.com/show_bug.cgi?id=1228526 * https://bugzilla.suse.com/show_bug.cgi?id=1228531 * https://bugzilla.suse.com/show_bug.cgi?id=1228563 * https://bugzilla.suse.com/show_bug.cgi?id=1228564 * https://bugzilla.suse.com/show_bug.cgi?id=1228567 * https://bugzilla.suse.com/show_bug.cgi?id=1228576 * https://bugzilla.suse.com/show_bug.cgi?id=1228579 * https://bugzilla.suse.com/show_bug.cgi?id=1228584 * https://bugzilla.suse.com/show_bug.cgi?id=1228588 * https://bugzilla.suse.com/show_bug.cgi?id=1228590 * https://bugzilla.suse.com/show_bug.cgi?id=1228615 * https://bugzilla.suse.com/show_bug.cgi?id=1228616 * https://bugzilla.suse.com/show_bug.cgi?id=1228635 * https://bugzilla.suse.com/show_bug.cgi?id=1228636 * https://bugzilla.suse.com/show_bug.cgi?id=1228654 * https://bugzilla.suse.com/show_bug.cgi?id=1228656 * https://bugzilla.suse.com/show_bug.cgi?id=1228658 * https://bugzilla.suse.com/show_bug.cgi?id=1228660 * https://bugzilla.suse.com/show_bug.cgi?id=1228662 * https://bugzilla.suse.com/show_bug.cgi?id=1228667 * https://bugzilla.suse.com/show_bug.cgi?id=1228673 * https://bugzilla.suse.com/show_bug.cgi?id=1228677 * https://bugzilla.suse.com/show_bug.cgi?id=1228687 * https://bugzilla.suse.com/show_bug.cgi?id=1228706 * https://bugzilla.suse.com/show_bug.cgi?id=1228708 * https://bugzilla.suse.com/show_bug.cgi?id=1228710 * https://bugzilla.suse.com/show_bug.cgi?id=1228718 * https://bugzilla.suse.com/show_bug.cgi?id=1228720 * https://bugzilla.suse.com/show_bug.cgi?id=1228721 * https://bugzilla.suse.com/show_bug.cgi?id=1228722 * https://bugzilla.suse.com/show_bug.cgi?id=1228724 * https://bugzilla.suse.com/show_bug.cgi?id=1228726 * https://bugzilla.suse.com/show_bug.cgi?id=1228727 * https://bugzilla.suse.com/show_bug.cgi?id=1228733 * https://bugzilla.suse.com/show_bug.cgi?id=1228748 * https://bugzilla.suse.com/show_bug.cgi?id=1228766 * https://bugzilla.suse.com/show_bug.cgi?id=1228779 * https://bugzilla.suse.com/show_bug.cgi?id=1228801 * https://bugzilla.suse.com/show_bug.cgi?id=1228850 * https://bugzilla.suse.com/show_bug.cgi?id=1228857 * https://bugzilla.suse.com/show_bug.cgi?id=1228959 * https://bugzilla.suse.com/show_bug.cgi?id=1228964 * https://bugzilla.suse.com/show_bug.cgi?id=1228966 * https://bugzilla.suse.com/show_bug.cgi?id=1228967 * https://bugzilla.suse.com/show_bug.cgi?id=1228979 * https://bugzilla.suse.com/show_bug.cgi?id=1228988 * https://bugzilla.suse.com/show_bug.cgi?id=1228989 * https://bugzilla.suse.com/show_bug.cgi?id=1228991 * https://bugzilla.suse.com/show_bug.cgi?id=1228992 * https://bugzilla.suse.com/show_bug.cgi?id=1229042 * https://bugzilla.suse.com/show_bug.cgi?id=1229054 * https://bugzilla.suse.com/show_bug.cgi?id=1229086 * https://bugzilla.suse.com/show_bug.cgi?id=1229136 * https://bugzilla.suse.com/show_bug.cgi?id=1229154 * https://bugzilla.suse.com/show_bug.cgi?id=1229187 * https://bugzilla.suse.com/show_bug.cgi?id=1229188 * https://bugzilla.suse.com/show_bug.cgi?id=1229190 * https://bugzilla.suse.com/show_bug.cgi?id=1229287 * https://bugzilla.suse.com/show_bug.cgi?id=1229290 * https://bugzilla.suse.com/show_bug.cgi?id=1229292 * https://bugzilla.suse.com/show_bug.cgi?id=1229296 * https://bugzilla.suse.com/show_bug.cgi?id=1229297 * https://bugzilla.suse.com/show_bug.cgi?id=1229301 * https://bugzilla.suse.com/show_bug.cgi?id=1229303 * https://bugzilla.suse.com/show_bug.cgi?id=1229304 * https://bugzilla.suse.com/show_bug.cgi?id=1229305 * https://bugzilla.suse.com/show_bug.cgi?id=1229307 * https://bugzilla.suse.com/show_bug.cgi?id=1229309 * https://bugzilla.suse.com/show_bug.cgi?id=1229312 * https://bugzilla.suse.com/show_bug.cgi?id=1229314 * https://bugzilla.suse.com/show_bug.cgi?id=1229315 * https://bugzilla.suse.com/show_bug.cgi?id=1229317 * https://bugzilla.suse.com/show_bug.cgi?id=1229318 * https://bugzilla.suse.com/show_bug.cgi?id=1229319 * https://bugzilla.suse.com/show_bug.cgi?id=1229327 * https://bugzilla.suse.com/show_bug.cgi?id=1229341 * https://bugzilla.suse.com/show_bug.cgi?id=1229345 * https://bugzilla.suse.com/show_bug.cgi?id=1229346 * https://bugzilla.suse.com/show_bug.cgi?id=1229347 * https://bugzilla.suse.com/show_bug.cgi?id=1229349 * https://bugzilla.suse.com/show_bug.cgi?id=1229350 * https://bugzilla.suse.com/show_bug.cgi?id=1229351 * https://bugzilla.suse.com/show_bug.cgi?id=1229354 * https://bugzilla.suse.com/show_bug.cgi?id=1229356 * https://bugzilla.suse.com/show_bug.cgi?id=1229357 * https://bugzilla.suse.com/show_bug.cgi?id=1229358 * https://bugzilla.suse.com/show_bug.cgi?id=1229359 * https://bugzilla.suse.com/show_bug.cgi?id=1229360 * https://bugzilla.suse.com/show_bug.cgi?id=1229366 * https://bugzilla.suse.com/show_bug.cgi?id=1229370 * https://bugzilla.suse.com/show_bug.cgi?id=1229373 * https://bugzilla.suse.com/show_bug.cgi?id=1229374 * https://bugzilla.suse.com/show_bug.cgi?id=1229381 * https://bugzilla.suse.com/show_bug.cgi?id=1229382 * https://bugzilla.suse.com/show_bug.cgi?id=1229383 * https://bugzilla.suse.com/show_bug.cgi?id=1229386 * https://bugzilla.suse.com/show_bug.cgi?id=1229388 * https://bugzilla.suse.com/show_bug.cgi?id=1229391 * https://bugzilla.suse.com/show_bug.cgi?id=1229392 * https://bugzilla.suse.com/show_bug.cgi?id=1229395 * https://bugzilla.suse.com/show_bug.cgi?id=1229398 * https://bugzilla.suse.com/show_bug.cgi?id=1229399 * https://bugzilla.suse.com/show_bug.cgi?id=1229400 * https://bugzilla.suse.com/show_bug.cgi?id=1229407 * https://bugzilla.suse.com/show_bug.cgi?id=1229409 * https://bugzilla.suse.com/show_bug.cgi?id=1229410 * https://bugzilla.suse.com/show_bug.cgi?id=1229411 * https://bugzilla.suse.com/show_bug.cgi?id=1229413 * https://bugzilla.suse.com/show_bug.cgi?id=1229414 * https://bugzilla.suse.com/show_bug.cgi?id=1229417 * https://bugzilla.suse.com/show_bug.cgi?id=1229418 * https://bugzilla.suse.com/show_bug.cgi?id=1229444 * https://bugzilla.suse.com/show_bug.cgi?id=1229453 * https://bugzilla.suse.com/show_bug.cgi?id=1229454 * https://bugzilla.suse.com/show_bug.cgi?id=1229481 * https://bugzilla.suse.com/show_bug.cgi?id=1229482 * https://bugzilla.suse.com/show_bug.cgi?id=1229488 * https://bugzilla.suse.com/show_bug.cgi?id=1229489 * https://bugzilla.suse.com/show_bug.cgi?id=1229490 * https://bugzilla.suse.com/show_bug.cgi?id=1229493 * https://bugzilla.suse.com/show_bug.cgi?id=1229495 * https://bugzilla.suse.com/show_bug.cgi?id=1229497 * https://bugzilla.suse.com/show_bug.cgi?id=1229500 * https://bugzilla.suse.com/show_bug.cgi?id=1229503 * https://bugzilla.suse.com/show_bug.cgi?id=1229506 * https://bugzilla.suse.com/show_bug.cgi?id=1229507 * https://bugzilla.suse.com/show_bug.cgi?id=1229508 * https://bugzilla.suse.com/show_bug.cgi?id=1229509 * https://bugzilla.suse.com/show_bug.cgi?id=1229510 * https://bugzilla.suse.com/show_bug.cgi?id=1229512 * https://bugzilla.suse.com/show_bug.cgi?id=1229516 * https://bugzilla.suse.com/show_bug.cgi?id=1229521 * https://bugzilla.suse.com/show_bug.cgi?id=1229522 * https://bugzilla.suse.com/show_bug.cgi?id=1229523 * https://bugzilla.suse.com/show_bug.cgi?id=1229524 * https://bugzilla.suse.com/show_bug.cgi?id=1229525 * https://bugzilla.suse.com/show_bug.cgi?id=1229526 * https://bugzilla.suse.com/show_bug.cgi?id=1229527 * https://bugzilla.suse.com/show_bug.cgi?id=1229528 * https://bugzilla.suse.com/show_bug.cgi?id=1229529 * https://bugzilla.suse.com/show_bug.cgi?id=1229531 * https://bugzilla.suse.com/show_bug.cgi?id=1229533 * https://bugzilla.suse.com/show_bug.cgi?id=1229535 * https://bugzilla.suse.com/show_bug.cgi?id=1229536 * https://bugzilla.suse.com/show_bug.cgi?id=1229537 * https://bugzilla.suse.com/show_bug.cgi?id=1229540 * https://bugzilla.suse.com/show_bug.cgi?id=1229544 * https://bugzilla.suse.com/show_bug.cgi?id=1229545 * https://bugzilla.suse.com/show_bug.cgi?id=1229546 * https://bugzilla.suse.com/show_bug.cgi?id=1229547 * https://bugzilla.suse.com/show_bug.cgi?id=1229548 * https://bugzilla.suse.com/show_bug.cgi?id=1229554 * https://bugzilla.suse.com/show_bug.cgi?id=1229557 * https://bugzilla.suse.com/show_bug.cgi?id=1229558 * https://bugzilla.suse.com/show_bug.cgi?id=1229559 * https://bugzilla.suse.com/show_bug.cgi?id=1229560 * https://bugzilla.suse.com/show_bug.cgi?id=1229562 * https://bugzilla.suse.com/show_bug.cgi?id=1229564 * https://bugzilla.suse.com/show_bug.cgi?id=1229565 * https://bugzilla.suse.com/show_bug.cgi?id=1229566 * https://bugzilla.suse.com/show_bug.cgi?id=1229568 * https://bugzilla.suse.com/show_bug.cgi?id=1229569 * https://bugzilla.suse.com/show_bug.cgi?id=1229572 * https://bugzilla.suse.com/show_bug.cgi?id=1229573 * https://bugzilla.suse.com/show_bug.cgi?id=1229576 * https://bugzilla.suse.com/show_bug.cgi?id=1229581 * https://bugzilla.suse.com/show_bug.cgi?id=1229588 * https://bugzilla.suse.com/show_bug.cgi?id=1229598 * https://bugzilla.suse.com/show_bug.cgi?id=1229603 * https://bugzilla.suse.com/show_bug.cgi?id=1229604 * https://bugzilla.suse.com/show_bug.cgi?id=1229605 * https://bugzilla.suse.com/show_bug.cgi?id=1229608 * https://bugzilla.suse.com/show_bug.cgi?id=1229611 * https://bugzilla.suse.com/show_bug.cgi?id=1229612 * https://bugzilla.suse.com/show_bug.cgi?id=1229613 * https://bugzilla.suse.com/show_bug.cgi?id=1229614 * https://bugzilla.suse.com/show_bug.cgi?id=1229615 * https://bugzilla.suse.com/show_bug.cgi?id=1229616 * https://bugzilla.suse.com/show_bug.cgi?id=1229617 * https://bugzilla.suse.com/show_bug.cgi?id=1229620 * https://bugzilla.suse.com/show_bug.cgi?id=1229622 * https://bugzilla.suse.com/show_bug.cgi?id=1229623 * https://bugzilla.suse.com/show_bug.cgi?id=1229624 * https://bugzilla.suse.com/show_bug.cgi?id=1229625 * https://bugzilla.suse.com/show_bug.cgi?id=1229626 * https://bugzilla.suse.com/show_bug.cgi?id=1229628 * https://bugzilla.suse.com/show_bug.cgi?id=1229629 * https://bugzilla.suse.com/show_bug.cgi?id=1229630 * https://bugzilla.suse.com/show_bug.cgi?id=1229631 * https://bugzilla.suse.com/show_bug.cgi?id=1229632 * https://bugzilla.suse.com/show_bug.cgi?id=1229635 * https://bugzilla.suse.com/show_bug.cgi?id=1229636 * https://bugzilla.suse.com/show_bug.cgi?id=1229637 * https://bugzilla.suse.com/show_bug.cgi?id=1229638 * https://bugzilla.suse.com/show_bug.cgi?id=1229639 * https://bugzilla.suse.com/show_bug.cgi?id=1229641 * https://bugzilla.suse.com/show_bug.cgi?id=1229642 * https://bugzilla.suse.com/show_bug.cgi?id=1229643 * https://bugzilla.suse.com/show_bug.cgi?id=1229645 * https://bugzilla.suse.com/show_bug.cgi?id=1229657 * https://bugzilla.suse.com/show_bug.cgi?id=1229658 * https://bugzilla.suse.com/show_bug.cgi?id=1229662 * https://bugzilla.suse.com/show_bug.cgi?id=1229664 * https://bugzilla.suse.com/show_bug.cgi?id=1229707 * https://bugzilla.suse.com/show_bug.cgi?id=1229739 * https://bugzilla.suse.com/show_bug.cgi?id=1229743 * https://bugzilla.suse.com/show_bug.cgi?id=1229746 * https://bugzilla.suse.com/show_bug.cgi?id=1229754 * https://bugzilla.suse.com/show_bug.cgi?id=1229755 * https://bugzilla.suse.com/show_bug.cgi?id=1229756 * https://bugzilla.suse.com/show_bug.cgi?id=1229759 * https://bugzilla.suse.com/show_bug.cgi?id=1229761 * https://bugzilla.suse.com/show_bug.cgi?id=1229767 * https://bugzilla.suse.com/show_bug.cgi?id=1229768 * https://bugzilla.suse.com/show_bug.cgi?id=1229781 * https://bugzilla.suse.com/show_bug.cgi?id=1229784 * https://bugzilla.suse.com/show_bug.cgi?id=1229787 * https://bugzilla.suse.com/show_bug.cgi?id=1229788 * https://bugzilla.suse.com/show_bug.cgi?id=1229789 * https://bugzilla.suse.com/show_bug.cgi?id=1229792 * https://bugzilla.suse.com/show_bug.cgi?id=1229820 * https://jira.suse.com/browse/PED-8491 * https://jira.suse.com/browse/PED-8779 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 11 16:34:19 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 11 Sep 2024 16:34:19 -0000 Subject: SUSE-SU-2024:3211-1: moderate: Security update for curl Message-ID: <172607245972.28013.1976523591297546337@smelt2.prg2.suse.org> # Security update for curl Announcement ID: SUSE-SU-2024:3211-1 Rating: moderate References: * bsc#1230093 Cross-References: * CVE-2024-8096 CVSS scores: * CVE-2024-8096 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-8096 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-8096 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for curl fixes the following issues: * CVE-2024-8096: OCSP stapling bypass with GnuTLS. (bsc#1230093) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3211=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3211=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3211=1 * SUSE Linux Enterprise High Performance Computing 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3211=1 * SUSE Linux Enterprise Server 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3211=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3211=1 * SUSE Linux Enterprise Desktop 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3211=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3211=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3211=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3211=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3211=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3211=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3211=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libcurl4-8.0.1-150400.5.50.1 * curl-debugsource-8.0.1-150400.5.50.1 * curl-8.0.1-150400.5.50.1 * curl-debuginfo-8.0.1-150400.5.50.1 * libcurl-devel-8.0.1-150400.5.50.1 * libcurl4-debuginfo-8.0.1-150400.5.50.1 * openSUSE Leap 15.4 (x86_64) * libcurl-devel-32bit-8.0.1-150400.5.50.1 * libcurl4-32bit-8.0.1-150400.5.50.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.50.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libcurl-devel-64bit-8.0.1-150400.5.50.1 * libcurl4-64bit-8.0.1-150400.5.50.1 * libcurl4-64bit-debuginfo-8.0.1-150400.5.50.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * libcurl4-8.0.1-150400.5.50.1 * curl-debugsource-8.0.1-150400.5.50.1 * curl-8.0.1-150400.5.50.1 * curl-debuginfo-8.0.1-150400.5.50.1 * libcurl4-debuginfo-8.0.1-150400.5.50.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libcurl4-8.0.1-150400.5.50.1 * curl-debugsource-8.0.1-150400.5.50.1 * curl-8.0.1-150400.5.50.1 * curl-debuginfo-8.0.1-150400.5.50.1 * libcurl-devel-8.0.1-150400.5.50.1 * libcurl4-debuginfo-8.0.1-150400.5.50.1 * openSUSE Leap 15.5 (x86_64) * libcurl-devel-32bit-8.0.1-150400.5.50.1 * libcurl4-32bit-8.0.1-150400.5.50.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.50.1 * SUSE Linux Enterprise High Performance Computing 15 SP5 (aarch64 x86_64) * libcurl4-8.0.1-150400.5.50.1 * SUSE Linux Enterprise Server 15 SP5 (aarch64 ppc64le s390x x86_64) * libcurl4-8.0.1-150400.5.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libcurl4-8.0.1-150400.5.50.1 * SUSE Linux Enterprise Desktop 15 SP5 (x86_64) * libcurl4-8.0.1-150400.5.50.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libcurl4-8.0.1-150400.5.50.1 * curl-debugsource-8.0.1-150400.5.50.1 * curl-8.0.1-150400.5.50.1 * curl-debuginfo-8.0.1-150400.5.50.1 * libcurl4-debuginfo-8.0.1-150400.5.50.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libcurl4-8.0.1-150400.5.50.1 * curl-debugsource-8.0.1-150400.5.50.1 * curl-8.0.1-150400.5.50.1 * curl-debuginfo-8.0.1-150400.5.50.1 * libcurl4-debuginfo-8.0.1-150400.5.50.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libcurl4-8.0.1-150400.5.50.1 * curl-debugsource-8.0.1-150400.5.50.1 * curl-8.0.1-150400.5.50.1 * curl-debuginfo-8.0.1-150400.5.50.1 * libcurl4-debuginfo-8.0.1-150400.5.50.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libcurl4-8.0.1-150400.5.50.1 * curl-debugsource-8.0.1-150400.5.50.1 * curl-8.0.1-150400.5.50.1 * curl-debuginfo-8.0.1-150400.5.50.1 * libcurl4-debuginfo-8.0.1-150400.5.50.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libcurl4-8.0.1-150400.5.50.1 * curl-debugsource-8.0.1-150400.5.50.1 * curl-8.0.1-150400.5.50.1 * curl-debuginfo-8.0.1-150400.5.50.1 * libcurl4-debuginfo-8.0.1-150400.5.50.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libcurl4-8.0.1-150400.5.50.1 * curl-debugsource-8.0.1-150400.5.50.1 * curl-8.0.1-150400.5.50.1 * curl-debuginfo-8.0.1-150400.5.50.1 * libcurl-devel-8.0.1-150400.5.50.1 * libcurl4-debuginfo-8.0.1-150400.5.50.1 * Basesystem Module 15-SP5 (x86_64) * libcurl4-32bit-8.0.1-150400.5.50.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.50.1 ## References: * https://www.suse.com/security/cve/CVE-2024-8096.html * https://bugzilla.suse.com/show_bug.cgi?id=1230093 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 11 16:34:22 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 11 Sep 2024 16:34:22 -0000 Subject: SUSE-SU-2024:3210-1: moderate: Security update for libpcap Message-ID: <172607246276.28013.11160317669699207126@smelt2.prg2.suse.org> # Security update for libpcap Announcement ID: SUSE-SU-2024:3210-1 Rating: moderate References: * bsc#1230020 * bsc#1230034 Cross-References: * CVE-2023-7256 * CVE-2024-8006 CVSS scores: * CVE-2023-7256 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8006 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for libpcap fixes the following issues: * CVE-2024-8006: NULL pointer dereference in function pcap_findalldevs_ex(). (bsc#1230034) * CVE-2023-7256: double free via struct addrinfo in function sock_initaddress(). (bsc#1230020) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3210=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3210=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3210=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3210=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3210=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3210=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3210=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3210=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3210=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3210=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libpcap-debugsource-1.10.1-150400.3.3.2 * libpcap1-debuginfo-1.10.1-150400.3.3.2 * libpcap-devel-static-1.10.1-150400.3.3.2 * libpcap1-1.10.1-150400.3.3.2 * libpcap-devel-1.10.1-150400.3.3.2 * openSUSE Leap 15.4 (x86_64) * libpcap1-32bit-1.10.1-150400.3.3.2 * libpcap-devel-32bit-1.10.1-150400.3.3.2 * libpcap1-32bit-debuginfo-1.10.1-150400.3.3.2 * openSUSE Leap 15.4 (aarch64_ilp32) * libpcap1-64bit-1.10.1-150400.3.3.2 * libpcap1-64bit-debuginfo-1.10.1-150400.3.3.2 * libpcap-devel-64bit-1.10.1-150400.3.3.2 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * libpcap1-1.10.1-150400.3.3.2 * libpcap1-debuginfo-1.10.1-150400.3.3.2 * libpcap-debugsource-1.10.1-150400.3.3.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libpcap-debugsource-1.10.1-150400.3.3.2 * libpcap1-debuginfo-1.10.1-150400.3.3.2 * libpcap-devel-static-1.10.1-150400.3.3.2 * libpcap1-1.10.1-150400.3.3.2 * libpcap-devel-1.10.1-150400.3.3.2 * openSUSE Leap 15.5 (x86_64) * libpcap1-32bit-1.10.1-150400.3.3.2 * libpcap-devel-32bit-1.10.1-150400.3.3.2 * libpcap1-32bit-debuginfo-1.10.1-150400.3.3.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libpcap1-1.10.1-150400.3.3.2 * libpcap1-debuginfo-1.10.1-150400.3.3.2 * libpcap-debugsource-1.10.1-150400.3.3.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libpcap1-1.10.1-150400.3.3.2 * libpcap1-debuginfo-1.10.1-150400.3.3.2 * libpcap-debugsource-1.10.1-150400.3.3.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libpcap1-1.10.1-150400.3.3.2 * libpcap1-debuginfo-1.10.1-150400.3.3.2 * libpcap-debugsource-1.10.1-150400.3.3.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libpcap1-1.10.1-150400.3.3.2 * libpcap1-debuginfo-1.10.1-150400.3.3.2 * libpcap-debugsource-1.10.1-150400.3.3.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libpcap1-1.10.1-150400.3.3.2 * libpcap1-debuginfo-1.10.1-150400.3.3.2 * libpcap-debugsource-1.10.1-150400.3.3.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libpcap1-1.10.1-150400.3.3.2 * libpcap-devel-1.10.1-150400.3.3.2 * libpcap1-debuginfo-1.10.1-150400.3.3.2 * libpcap-debugsource-1.10.1-150400.3.3.2 * SUSE Package Hub 15 15-SP5 (x86_64) * libpcap1-32bit-1.10.1-150400.3.3.2 * libpcap1-32bit-debuginfo-1.10.1-150400.3.3.2 * libpcap-debugsource-1.10.1-150400.3.3.2 ## References: * https://www.suse.com/security/cve/CVE-2023-7256.html * https://www.suse.com/security/cve/CVE-2024-8006.html * https://bugzilla.suse.com/show_bug.cgi?id=1230020 * https://bugzilla.suse.com/show_bug.cgi?id=1230034 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 11 16:34:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 11 Sep 2024 16:34:25 -0000 Subject: SUSE-SU-2024:3208-1: moderate: Security update for glib2 Message-ID: <172607246525.28013.10886182174518527213@smelt2.prg2.suse.org> # Security update for glib2 Announcement ID: SUSE-SU-2024:3208-1 Rating: moderate References: * bsc#1224044 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that has one security fix can now be installed. ## Description: This update for glib2 fixes the following issues: * Hardening of the patch for the previously fixed CVE-2024-34397. The previous patch introduced a regression which might lead to a use-after-free bug. (bsc#1224044). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3208=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3208=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3208=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3208=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-3208=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * glib2-devel-static-2.48.2-12.40.1 * libgio-fam-debuginfo-2.48.2-12.40.1 * glib2-devel-debuginfo-2.48.2-12.40.1 * libgio-fam-2.48.2-12.40.1 * glib2-devel-2.48.2-12.40.1 * glib2-debugsource-2.48.2-12.40.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * glib2-tools-2.48.2-12.40.1 * libglib-2_0-0-2.48.2-12.40.1 * libgobject-2_0-0-debuginfo-2.48.2-12.40.1 * libglib-2_0-0-debuginfo-2.48.2-12.40.1 * libgthread-2_0-0-2.48.2-12.40.1 * libgio-2_0-0-2.48.2-12.40.1 * glib2-debugsource-2.48.2-12.40.1 * libgmodule-2_0-0-debuginfo-2.48.2-12.40.1 * libgobject-2_0-0-2.48.2-12.40.1 * libgmodule-2_0-0-2.48.2-12.40.1 * libgthread-2_0-0-debuginfo-2.48.2-12.40.1 * glib2-tools-debuginfo-2.48.2-12.40.1 * libgio-2_0-0-debuginfo-2.48.2-12.40.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * glib2-lang-2.48.2-12.40.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libgmodule-2_0-0-debuginfo-32bit-2.48.2-12.40.1 * libglib-2_0-0-32bit-2.48.2-12.40.1 * libgio-2_0-0-debuginfo-32bit-2.48.2-12.40.1 * libgobject-2_0-0-debuginfo-32bit-2.48.2-12.40.1 * libgio-2_0-0-32bit-2.48.2-12.40.1 * libgthread-2_0-0-32bit-2.48.2-12.40.1 * libgthread-2_0-0-debuginfo-32bit-2.48.2-12.40.1 * libglib-2_0-0-debuginfo-32bit-2.48.2-12.40.1 * libgmodule-2_0-0-32bit-2.48.2-12.40.1 * libgobject-2_0-0-32bit-2.48.2-12.40.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * glib2-tools-2.48.2-12.40.1 * libglib-2_0-0-2.48.2-12.40.1 * libgobject-2_0-0-debuginfo-2.48.2-12.40.1 * libglib-2_0-0-debuginfo-2.48.2-12.40.1 * libgthread-2_0-0-2.48.2-12.40.1 * libgio-2_0-0-2.48.2-12.40.1 * glib2-debugsource-2.48.2-12.40.1 * libgmodule-2_0-0-debuginfo-2.48.2-12.40.1 * libgobject-2_0-0-2.48.2-12.40.1 * libgmodule-2_0-0-2.48.2-12.40.1 * libgthread-2_0-0-debuginfo-2.48.2-12.40.1 * glib2-tools-debuginfo-2.48.2-12.40.1 * libgio-2_0-0-debuginfo-2.48.2-12.40.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * glib2-lang-2.48.2-12.40.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libgmodule-2_0-0-debuginfo-32bit-2.48.2-12.40.1 * libglib-2_0-0-32bit-2.48.2-12.40.1 * libgio-2_0-0-debuginfo-32bit-2.48.2-12.40.1 * libgobject-2_0-0-debuginfo-32bit-2.48.2-12.40.1 * libgio-2_0-0-32bit-2.48.2-12.40.1 * libgthread-2_0-0-32bit-2.48.2-12.40.1 * libgthread-2_0-0-debuginfo-32bit-2.48.2-12.40.1 * libglib-2_0-0-debuginfo-32bit-2.48.2-12.40.1 * libgmodule-2_0-0-32bit-2.48.2-12.40.1 * libgobject-2_0-0-32bit-2.48.2-12.40.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * glib2-tools-2.48.2-12.40.1 * libglib-2_0-0-2.48.2-12.40.1 * libgobject-2_0-0-debuginfo-2.48.2-12.40.1 * libglib-2_0-0-debuginfo-2.48.2-12.40.1 * libgthread-2_0-0-2.48.2-12.40.1 * libgio-2_0-0-2.48.2-12.40.1 * glib2-debugsource-2.48.2-12.40.1 * libgmodule-2_0-0-debuginfo-2.48.2-12.40.1 * libgobject-2_0-0-2.48.2-12.40.1 * libgmodule-2_0-0-2.48.2-12.40.1 * libgthread-2_0-0-debuginfo-2.48.2-12.40.1 * glib2-tools-debuginfo-2.48.2-12.40.1 * libgio-2_0-0-debuginfo-2.48.2-12.40.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * glib2-lang-2.48.2-12.40.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libgmodule-2_0-0-debuginfo-32bit-2.48.2-12.40.1 * libglib-2_0-0-32bit-2.48.2-12.40.1 * libgio-2_0-0-debuginfo-32bit-2.48.2-12.40.1 * libgobject-2_0-0-debuginfo-32bit-2.48.2-12.40.1 * libgio-2_0-0-32bit-2.48.2-12.40.1 * libgthread-2_0-0-32bit-2.48.2-12.40.1 * libgthread-2_0-0-debuginfo-32bit-2.48.2-12.40.1 * libglib-2_0-0-debuginfo-32bit-2.48.2-12.40.1 * libgmodule-2_0-0-32bit-2.48.2-12.40.1 * libgobject-2_0-0-32bit-2.48.2-12.40.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * libgio-fam-2.48.2-12.40.1 * libgio-fam-debuginfo-2.48.2-12.40.1 * glib2-debugsource-2.48.2-12.40.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1224044 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 12 12:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 12 Sep 2024 12:30:08 -0000 Subject: SUSE-SU-2024:3222-1: low: Security update for runc Message-ID: <172614420891.28013.16833120972907601915@smelt2.prg2.suse.org> # Security update for runc Announcement ID: SUSE-SU-2024:3222-1 Rating: low References: * bsc#1230092 Cross-References: * CVE-2024-45310 CVSS scores: * CVE-2024-45310 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N Affected Products: * Containers Module 15-SP5 * Containers Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for runc fixes the following issues: * Update to runc v1.1.14 * CVE-2024-45310: Fixed an issue where runc can be tricked into creating empty files/directories on host. (bsc#1230092) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3222=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3222=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3222=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3222=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3222=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3222=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3222=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3222=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3222=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-3222=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3222=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3222=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3222=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3222=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3222=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3222=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3222=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3222=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3222=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3222=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3222=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3222=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3222=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3222=1 ## Package List: * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * runc-debuginfo-1.1.14-150000.70.1 * runc-1.1.14-150000.70.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45310.html * https://bugzilla.suse.com/show_bug.cgi?id=1230092 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 12 12:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 12 Sep 2024 12:30:14 -0000 Subject: SUSE-SU-2024:3221-1: important: Security update for containerd Message-ID: <172614421426.28013.2266583097243104954@smelt2.prg2.suse.org> # Security update for containerd Announcement ID: SUSE-SU-2024:3221-1 Rating: important References: * bsc#1200528 * bsc#1217070 * bsc#1228553 Cross-References: * CVE-2022-1996 * CVE-2023-45142 * CVE-2023-47108 CVSS scores: * CVE-2022-1996 ( SUSE ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2022-1996 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2022-1996 ( NVD ): 9.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N * CVE-2023-45142 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45142 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-47108 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-47108 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Containers Module 15-SP5 * Containers Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for containerd fixes the following issues: * Update to containerd v1.7.21 * CVE-2023-47108: Fixed DoS vulnerability in otelgrpc (uncontrolled resource consumption) due to unbound cardinality metrics. (bsc#1217070) * CVE-2023-45142: Fixed DoS vulnerability in otelhttp. (bsc#1228553) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3221=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3221=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3221=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3221=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3221=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3221=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3221=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3221=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3221=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-3221=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3221=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3221=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3221=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3221=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3221=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3221=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3221=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3221=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3221=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3221=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3221=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3221=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3221=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3221=1 ## Package List: * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * containerd-1.7.21-150000.117.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * containerd-1.7.21-150000.117.1 * containerd-devel-1.7.21-150000.117.1 * containerd-ctr-1.7.21-150000.117.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * containerd-1.7.21-150000.117.1 * containerd-devel-1.7.21-150000.117.1 * containerd-ctr-1.7.21-150000.117.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * containerd-1.7.21-150000.117.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * containerd-1.7.21-150000.117.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * containerd-1.7.21-150000.117.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * containerd-1.7.21-150000.117.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * containerd-1.7.21-150000.117.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * containerd-1.7.21-150000.117.1 * containerd-devel-1.7.21-150000.117.1 * containerd-ctr-1.7.21-150000.117.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * containerd-1.7.21-150000.117.1 * containerd-devel-1.7.21-150000.117.1 * containerd-ctr-1.7.21-150000.117.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * containerd-1.7.21-150000.117.1 * containerd-ctr-1.7.21-150000.117.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * containerd-1.7.21-150000.117.1 * containerd-ctr-1.7.21-150000.117.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * containerd-1.7.21-150000.117.1 * containerd-devel-1.7.21-150000.117.1 * containerd-ctr-1.7.21-150000.117.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * containerd-1.7.21-150000.117.1 * containerd-devel-1.7.21-150000.117.1 * containerd-ctr-1.7.21-150000.117.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * containerd-1.7.21-150000.117.1 * containerd-ctr-1.7.21-150000.117.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * containerd-1.7.21-150000.117.1 * containerd-ctr-1.7.21-150000.117.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * containerd-1.7.21-150000.117.1 * containerd-devel-1.7.21-150000.117.1 * containerd-ctr-1.7.21-150000.117.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * containerd-1.7.21-150000.117.1 * containerd-ctr-1.7.21-150000.117.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * containerd-1.7.21-150000.117.1 * containerd-ctr-1.7.21-150000.117.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * containerd-1.7.21-150000.117.1 * containerd-devel-1.7.21-150000.117.1 * containerd-ctr-1.7.21-150000.117.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * containerd-1.7.21-150000.117.1 * containerd-ctr-1.7.21-150000.117.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * containerd-1.7.21-150000.117.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * containerd-1.7.21-150000.117.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * containerd-1.7.21-150000.117.1 ## References: * https://www.suse.com/security/cve/CVE-2022-1996.html * https://www.suse.com/security/cve/CVE-2023-45142.html * https://www.suse.com/security/cve/CVE-2023-47108.html * https://bugzilla.suse.com/show_bug.cgi?id=1200528 * https://bugzilla.suse.com/show_bug.cgi?id=1217070 * https://bugzilla.suse.com/show_bug.cgi?id=1228553 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 12 12:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 12 Sep 2024 12:30:17 -0000 Subject: SUSE-SU-2024:3219-1: moderate: Security update for colord Message-ID: <172614421733.28013.7637396109615466455@smelt2.prg2.suse.org> # Security update for colord Announcement ID: SUSE-SU-2024:3219-1 Rating: moderate References: * bsc#1208056 Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 An update that has one security fix can now be installed. ## Description: This update for colord fixes the following issues: * Fixed a potential local privilege escalation by removing the script in the specfile which changes the ownership of /var/lib/colord. (bsc#1208056) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3219=1 openSUSE-SLE-15.6-2024-3219=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3219=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-3219=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-3219=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libcolord2-debuginfo-1.4.6-150600.3.3.1 * colord-color-profiles-1.4.6-150600.3.3.1 * libcolorhug2-debuginfo-1.4.6-150600.3.3.1 * colord-1.4.6-150600.3.3.1 * typelib-1_0-Colord-1_0-1.4.6-150600.3.3.1 * typelib-1_0-Colorhug-1_0-1.4.6-150600.3.3.1 * libcolord2-1.4.6-150600.3.3.1 * colord-debuginfo-1.4.6-150600.3.3.1 * libcolord-devel-1.4.6-150600.3.3.1 * libcolorhug2-1.4.6-150600.3.3.1 * colord-debugsource-1.4.6-150600.3.3.1 * openSUSE Leap 15.6 (noarch) * colord-lang-1.4.6-150600.3.3.1 * openSUSE Leap 15.6 (x86_64) * libcolord2-32bit-debuginfo-1.4.6-150600.3.3.1 * libcolord2-32bit-1.4.6-150600.3.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libcolord2-64bit-1.4.6-150600.3.3.1 * libcolord2-64bit-debuginfo-1.4.6-150600.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libcolord2-debuginfo-1.4.6-150600.3.3.1 * colord-debuginfo-1.4.6-150600.3.3.1 * colord-debugsource-1.4.6-150600.3.3.1 * libcolord2-1.4.6-150600.3.3.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * colord-color-profiles-1.4.6-150600.3.3.1 * libcolorhug2-debuginfo-1.4.6-150600.3.3.1 * typelib-1_0-Colord-1_0-1.4.6-150600.3.3.1 * typelib-1_0-Colorhug-1_0-1.4.6-150600.3.3.1 * colord-debuginfo-1.4.6-150600.3.3.1 * libcolord-devel-1.4.6-150600.3.3.1 * libcolorhug2-1.4.6-150600.3.3.1 * colord-debugsource-1.4.6-150600.3.3.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * colord-1.4.6-150600.3.3.1 * colord-debuginfo-1.4.6-150600.3.3.1 * colord-debugsource-1.4.6-150600.3.3.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (noarch) * colord-lang-1.4.6-150600.3.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1208056 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 12 12:30:23 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 12 Sep 2024 12:30:23 -0000 Subject: SUSE-SU-2024:3218-1: important: Security update for 389-ds Message-ID: <172614422371.28013.12558794003358343682@smelt2.prg2.suse.org> # Security update for 389-ds Announcement ID: SUSE-SU-2024:3218-1 Rating: important References: * bsc#1219836 * bsc#1225507 * bsc#1225512 * bsc#1226277 Cross-References: * CVE-2024-1062 * CVE-2024-2199 * CVE-2024-3657 * CVE-2024-5953 CVSS scores: * CVE-2024-1062 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-2199 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3657 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3657 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-5953 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-5953 ( NVD ): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities can now be installed. ## Description: This update for 389-ds fixes the following issues: * Update to version 2.0.20 * CVE-2024-3657: DOS via via specially crafted kerberos AS-REQ request. (bsc#1225512) * CVE-2024-5953: Malformed userPassword hashes may cause a denial of service. (bsc#1226277) * CVE-2024-2199: Malformed userPassword may cause crash at do_modify in slapd/modify.c. (bsc#1225507) * CVE-2024-1062: Fixed a heap overflow leading to denail-of-servce while writing a value larger than 256 chars in log_entry_attr. (bsc#1219836) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3218=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3218=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3218=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3218=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3218=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3218=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3218=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3218=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * 389-ds-debuginfo-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-devel-2.0.20~git9.5e2d637c-150400.3.42.3 * libsvrcore0-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-debugsource-2.0.20~git9.5e2d637c-150400.3.42.3 * lib389-2.0.20~git9.5e2d637c-150400.3.42.3 * libsvrcore0-debuginfo-2.0.20~git9.5e2d637c-150400.3.42.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * 389-ds-debuginfo-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-devel-2.0.20~git9.5e2d637c-150400.3.42.3 * libsvrcore0-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-debugsource-2.0.20~git9.5e2d637c-150400.3.42.3 * lib389-2.0.20~git9.5e2d637c-150400.3.42.3 * libsvrcore0-debuginfo-2.0.20~git9.5e2d637c-150400.3.42.3 * SUSE Manager Proxy 4.3 (x86_64) * 389-ds-debuginfo-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-devel-2.0.20~git9.5e2d637c-150400.3.42.3 * libsvrcore0-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-debugsource-2.0.20~git9.5e2d637c-150400.3.42.3 * lib389-2.0.20~git9.5e2d637c-150400.3.42.3 * libsvrcore0-debuginfo-2.0.20~git9.5e2d637c-150400.3.42.3 * SUSE Manager Retail Branch Server 4.3 (x86_64) * 389-ds-debuginfo-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-devel-2.0.20~git9.5e2d637c-150400.3.42.3 * libsvrcore0-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-debugsource-2.0.20~git9.5e2d637c-150400.3.42.3 * lib389-2.0.20~git9.5e2d637c-150400.3.42.3 * libsvrcore0-debuginfo-2.0.20~git9.5e2d637c-150400.3.42.3 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * 389-ds-debuginfo-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-devel-2.0.20~git9.5e2d637c-150400.3.42.3 * libsvrcore0-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-debugsource-2.0.20~git9.5e2d637c-150400.3.42.3 * lib389-2.0.20~git9.5e2d637c-150400.3.42.3 * libsvrcore0-debuginfo-2.0.20~git9.5e2d637c-150400.3.42.3 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * 389-ds-snmp-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-debuginfo-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-devel-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-snmp-debuginfo-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-debugsource-2.0.20~git9.5e2d637c-150400.3.42.3 * libsvrcore0-2.0.20~git9.5e2d637c-150400.3.42.3 * lib389-2.0.20~git9.5e2d637c-150400.3.42.3 * libsvrcore0-debuginfo-2.0.20~git9.5e2d637c-150400.3.42.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * 389-ds-debuginfo-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-devel-2.0.20~git9.5e2d637c-150400.3.42.3 * libsvrcore0-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-debugsource-2.0.20~git9.5e2d637c-150400.3.42.3 * lib389-2.0.20~git9.5e2d637c-150400.3.42.3 * libsvrcore0-debuginfo-2.0.20~git9.5e2d637c-150400.3.42.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * 389-ds-debuginfo-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-devel-2.0.20~git9.5e2d637c-150400.3.42.3 * libsvrcore0-2.0.20~git9.5e2d637c-150400.3.42.3 * 389-ds-debugsource-2.0.20~git9.5e2d637c-150400.3.42.3 * lib389-2.0.20~git9.5e2d637c-150400.3.42.3 * libsvrcore0-debuginfo-2.0.20~git9.5e2d637c-150400.3.42.3 ## References: * https://www.suse.com/security/cve/CVE-2024-1062.html * https://www.suse.com/security/cve/CVE-2024-2199.html * https://www.suse.com/security/cve/CVE-2024-3657.html * https://www.suse.com/security/cve/CVE-2024-5953.html * https://bugzilla.suse.com/show_bug.cgi?id=1219836 * https://bugzilla.suse.com/show_bug.cgi?id=1225507 * https://bugzilla.suse.com/show_bug.cgi?id=1225512 * https://bugzilla.suse.com/show_bug.cgi?id=1226277 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 12 12:30:26 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 12 Sep 2024 12:30:26 -0000 Subject: SUSE-SU-2024:3217-1: moderate: Security update for libpcap Message-ID: <172614422696.28013.10566694167318275084@smelt2.prg2.suse.org> # Security update for libpcap Announcement ID: SUSE-SU-2024:3217-1 Rating: moderate References: * bsc#1230020 * bsc#1230034 Cross-References: * CVE-2023-7256 * CVE-2024-8006 CVSS scores: * CVE-2023-7256 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8006 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for libpcap fixes the following issues: * CVE-2024-8006: NULL pointer dereference in function pcap_findalldevs_ex(). (bsc#1230034) * CVE-2023-7256: double free via struct addrinfo in function sock_initaddress(). (bsc#1230020) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3217=1 openSUSE-SLE-15.6-2024-3217=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3217=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3217=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libpcap1-debuginfo-1.10.4-150600.3.3.2 * libpcap1-1.10.4-150600.3.3.2 * libpcap-devel-static-1.10.4-150600.3.3.2 * libpcap-debugsource-1.10.4-150600.3.3.2 * libpcap-devel-1.10.4-150600.3.3.2 * openSUSE Leap 15.6 (x86_64) * libpcap1-32bit-debuginfo-1.10.4-150600.3.3.2 * libpcap-devel-32bit-1.10.4-150600.3.3.2 * libpcap1-32bit-1.10.4-150600.3.3.2 * openSUSE Leap 15.6 (aarch64_ilp32) * libpcap-devel-64bit-1.10.4-150600.3.3.2 * libpcap1-64bit-debuginfo-1.10.4-150600.3.3.2 * libpcap1-64bit-1.10.4-150600.3.3.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libpcap-debugsource-1.10.4-150600.3.3.2 * libpcap-devel-1.10.4-150600.3.3.2 * libpcap1-1.10.4-150600.3.3.2 * libpcap1-debuginfo-1.10.4-150600.3.3.2 * SUSE Package Hub 15 15-SP6 (x86_64) * libpcap-debugsource-1.10.4-150600.3.3.2 * libpcap1-32bit-debuginfo-1.10.4-150600.3.3.2 * libpcap1-32bit-1.10.4-150600.3.3.2 ## References: * https://www.suse.com/security/cve/CVE-2023-7256.html * https://www.suse.com/security/cve/CVE-2024-8006.html * https://bugzilla.suse.com/show_bug.cgi?id=1230020 * https://bugzilla.suse.com/show_bug.cgi?id=1230034 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 12 12:30:31 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 12 Sep 2024 12:30:31 -0000 Subject: SUSE-SU-2024:3216-1: moderate: Security update for expat Message-ID: <172614423194.28013.7265950002926472406@smelt2.prg2.suse.org> # Security update for expat Announcement ID: SUSE-SU-2024:3216-1 Rating: moderate References: * bsc#1229930 * bsc#1229931 * bsc#1229932 Cross-References: * CVE-2024-45490 * CVE-2024-45491 * CVE-2024-45492 CVSS scores: * CVE-2024-45490 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-45490 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45490 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45491 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-45491 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45491 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-45492 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-45492 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45492 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for expat fixes the following issues: * CVE-2024-45492: integer overflow in function nextScaffoldPart. (bsc#1229932) * CVE-2024-45491: integer overflow in dtdCopy. (bsc#1229931) * CVE-2024-45490: negative length for XML_ParseBuffer not rejected. (bsc#1229930) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3216=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3216=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3216=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3216=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3216=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3216=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3216=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3216=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3216=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3216=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3216=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * expat-debugsource-2.4.4-150400.3.22.1 * expat-2.4.4-150400.3.22.1 * libexpat1-debuginfo-2.4.4-150400.3.22.1 * libexpat-devel-2.4.4-150400.3.22.1 * libexpat1-2.4.4-150400.3.22.1 * expat-debuginfo-2.4.4-150400.3.22.1 * openSUSE Leap 15.4 (x86_64) * libexpat1-32bit-debuginfo-2.4.4-150400.3.22.1 * libexpat-devel-32bit-2.4.4-150400.3.22.1 * libexpat1-32bit-2.4.4-150400.3.22.1 * expat-32bit-debuginfo-2.4.4-150400.3.22.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libexpat-devel-64bit-2.4.4-150400.3.22.1 * libexpat1-64bit-2.4.4-150400.3.22.1 * expat-64bit-debuginfo-2.4.4-150400.3.22.1 * libexpat1-64bit-debuginfo-2.4.4-150400.3.22.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * expat-debugsource-2.4.4-150400.3.22.1 * libexpat1-2.4.4-150400.3.22.1 * libexpat1-debuginfo-2.4.4-150400.3.22.1 * expat-debuginfo-2.4.4-150400.3.22.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * expat-debugsource-2.4.4-150400.3.22.1 * expat-2.4.4-150400.3.22.1 * libexpat1-debuginfo-2.4.4-150400.3.22.1 * libexpat-devel-2.4.4-150400.3.22.1 * libexpat1-2.4.4-150400.3.22.1 * expat-debuginfo-2.4.4-150400.3.22.1 * openSUSE Leap 15.5 (x86_64) * libexpat1-32bit-debuginfo-2.4.4-150400.3.22.1 * libexpat-devel-32bit-2.4.4-150400.3.22.1 * libexpat1-32bit-2.4.4-150400.3.22.1 * expat-32bit-debuginfo-2.4.4-150400.3.22.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * expat-debugsource-2.4.4-150400.3.22.1 * expat-2.4.4-150400.3.22.1 * libexpat1-debuginfo-2.4.4-150400.3.22.1 * libexpat-devel-2.4.4-150400.3.22.1 * libexpat1-2.4.4-150400.3.22.1 * expat-debuginfo-2.4.4-150400.3.22.1 * openSUSE Leap 15.6 (x86_64) * libexpat1-32bit-debuginfo-2.4.4-150400.3.22.1 * libexpat-devel-32bit-2.4.4-150400.3.22.1 * libexpat1-32bit-2.4.4-150400.3.22.1 * expat-32bit-debuginfo-2.4.4-150400.3.22.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * expat-debugsource-2.4.4-150400.3.22.1 * libexpat1-2.4.4-150400.3.22.1 * libexpat1-debuginfo-2.4.4-150400.3.22.1 * expat-debuginfo-2.4.4-150400.3.22.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * expat-debugsource-2.4.4-150400.3.22.1 * libexpat1-2.4.4-150400.3.22.1 * libexpat1-debuginfo-2.4.4-150400.3.22.1 * expat-debuginfo-2.4.4-150400.3.22.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * expat-debugsource-2.4.4-150400.3.22.1 * libexpat1-2.4.4-150400.3.22.1 * libexpat1-debuginfo-2.4.4-150400.3.22.1 * expat-debuginfo-2.4.4-150400.3.22.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * expat-debugsource-2.4.4-150400.3.22.1 * libexpat1-2.4.4-150400.3.22.1 * libexpat1-debuginfo-2.4.4-150400.3.22.1 * expat-debuginfo-2.4.4-150400.3.22.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * expat-debugsource-2.4.4-150400.3.22.1 * libexpat1-2.4.4-150400.3.22.1 * libexpat1-debuginfo-2.4.4-150400.3.22.1 * expat-debuginfo-2.4.4-150400.3.22.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * expat-debugsource-2.4.4-150400.3.22.1 * expat-2.4.4-150400.3.22.1 * libexpat1-debuginfo-2.4.4-150400.3.22.1 * libexpat-devel-2.4.4-150400.3.22.1 * libexpat1-2.4.4-150400.3.22.1 * expat-debuginfo-2.4.4-150400.3.22.1 * Basesystem Module 15-SP5 (x86_64) * libexpat1-32bit-debuginfo-2.4.4-150400.3.22.1 * libexpat1-32bit-2.4.4-150400.3.22.1 * expat-32bit-debuginfo-2.4.4-150400.3.22.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * expat-debugsource-2.4.4-150400.3.22.1 * expat-2.4.4-150400.3.22.1 * libexpat1-debuginfo-2.4.4-150400.3.22.1 * libexpat-devel-2.4.4-150400.3.22.1 * libexpat1-2.4.4-150400.3.22.1 * expat-debuginfo-2.4.4-150400.3.22.1 * Basesystem Module 15-SP6 (x86_64) * libexpat1-32bit-debuginfo-2.4.4-150400.3.22.1 * libexpat1-32bit-2.4.4-150400.3.22.1 * expat-32bit-debuginfo-2.4.4-150400.3.22.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45490.html * https://www.suse.com/security/cve/CVE-2024-45491.html * https://www.suse.com/security/cve/CVE-2024-45492.html * https://bugzilla.suse.com/show_bug.cgi?id=1229930 * https://bugzilla.suse.com/show_bug.cgi?id=1229931 * https://bugzilla.suse.com/show_bug.cgi?id=1229932 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 12 12:30:39 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 12 Sep 2024 12:30:39 -0000 Subject: SUSE-SU-2024:3214-1: moderate: Security update for go1.23 Message-ID: <172614423926.28013.14603316917179002635@smelt2.prg2.suse.org> # Security update for go1.23 Announcement ID: SUSE-SU-2024:3214-1 Rating: moderate References: * bsc#1229122 * bsc#1230252 * bsc#1230253 * bsc#1230254 Cross-References: * CVE-2024-34155 * CVE-2024-34156 * CVE-2024-34158 CVSS scores: * CVE-2024-34155 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34156 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34156 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34158 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34158 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for go1.23 fixes the following issues: * Update go v1.23.1 * CVE-2024-34155: Fixed stack exhaustion in all Parse* functions. (bsc#1230252) * CVE-2024-34156: Fixed stack exhaustion in Decoder.Decode. (bsc#1230253) * CVE-2024-34158: Fixed stack exhaustion in Parse. (bsc#1230254) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3214=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3214=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-3214=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3214=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * go1.23-race-1.23.1-150000.1.6.1 * go1.23-1.23.1-150000.1.6.1 * go1.23-doc-1.23.1-150000.1.6.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.23-race-1.23.1-150000.1.6.1 * go1.23-1.23.1-150000.1.6.1 * go1.23-doc-1.23.1-150000.1.6.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * go1.23-race-1.23.1-150000.1.6.1 * go1.23-1.23.1-150000.1.6.1 * go1.23-doc-1.23.1-150000.1.6.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.23-race-1.23.1-150000.1.6.1 * go1.23-1.23.1-150000.1.6.1 * go1.23-doc-1.23.1-150000.1.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34155.html * https://www.suse.com/security/cve/CVE-2024-34156.html * https://www.suse.com/security/cve/CVE-2024-34158.html * https://bugzilla.suse.com/show_bug.cgi?id=1229122 * https://bugzilla.suse.com/show_bug.cgi?id=1230252 * https://bugzilla.suse.com/show_bug.cgi?id=1230253 * https://bugzilla.suse.com/show_bug.cgi?id=1230254 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 12 12:30:43 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 12 Sep 2024 12:30:43 -0000 Subject: SUSE-SU-2024:3213-1: moderate: Security update for go1.22 Message-ID: <172614424363.28013.11892172462643788035@smelt2.prg2.suse.org> # Security update for go1.22 Announcement ID: SUSE-SU-2024:3213-1 Rating: moderate References: * bsc#1218424 * bsc#1230252 * bsc#1230253 * bsc#1230254 Cross-References: * CVE-2024-34155 * CVE-2024-34156 * CVE-2024-34158 CVSS scores: * CVE-2024-34155 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34156 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34156 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34158 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34158 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for go1.22 fixes the following issues: * Update go v1.22.7 * CVE-2024-34155: Fixed stack exhaustion in all Parse* functions. (bsc#1230252) * CVE-2024-34156: Fixed stack exhaustion in Decoder.Decode. (bsc#1230253) * CVE-2024-34158: Fixed stack exhaustion in Parse. (bsc#1230254) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3213=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3213=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-3213=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3213=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * go1.22-doc-1.22.7-150000.1.27.1 * go1.22-1.22.7-150000.1.27.1 * go1.22-race-1.22.7-150000.1.27.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.22-doc-1.22.7-150000.1.27.1 * go1.22-1.22.7-150000.1.27.1 * go1.22-race-1.22.7-150000.1.27.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * go1.22-doc-1.22.7-150000.1.27.1 * go1.22-1.22.7-150000.1.27.1 * go1.22-race-1.22.7-150000.1.27.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.22-doc-1.22.7-150000.1.27.1 * go1.22-1.22.7-150000.1.27.1 * go1.22-race-1.22.7-150000.1.27.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34155.html * https://www.suse.com/security/cve/CVE-2024-34156.html * https://www.suse.com/security/cve/CVE-2024-34158.html * https://bugzilla.suse.com/show_bug.cgi?id=1218424 * https://bugzilla.suse.com/show_bug.cgi?id=1230252 * https://bugzilla.suse.com/show_bug.cgi?id=1230253 * https://bugzilla.suse.com/show_bug.cgi?id=1230254 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 12 12:30:49 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 12 Sep 2024 12:30:49 -0000 Subject: SUSE-SU-2024:3158-2: important: Security update for postgresql16 Message-ID: <172614424908.28013.5468697713844237328@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2024:3158-2 Rating: important References: * bsc#1229013 Cross-References: * CVE-2024-7348 CVSS scores: * CVE-2024-7348 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-7348 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-7348 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Legacy Module 15-SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql16 fixes the following issues: * Upgrade to 15.8 (bsc#1229013) * CVE-2024-7348: PostgreSQL relation replacement during pg_dump executes arbitrary SQL. (bsc#1229013) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-3158=1 ## Package List: * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * postgresql15-contrib-15.8-150600.16.6.1 * postgresql15-15.8-150600.16.6.1 * postgresql15-contrib-debuginfo-15.8-150600.16.6.1 * postgresql15-server-debuginfo-15.8-150600.16.6.1 * postgresql15-server-devel-15.8-150600.16.6.1 * postgresql15-debugsource-15.8-150600.16.6.1 * postgresql15-devel-15.8-150600.16.6.1 * postgresql15-debuginfo-15.8-150600.16.6.1 * postgresql15-server-15.8-150600.16.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7348.html * https://bugzilla.suse.com/show_bug.cgi?id=1229013 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 12 16:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 12 Sep 2024 16:30:08 -0000 Subject: SUSE-SU-2024:3229-1: moderate: Security update for qemu Message-ID: <172615860875.27756.3030260771693110507@smelt2.prg2.suse.org> # Security update for qemu Announcement ID: SUSE-SU-2024:3229-1 Rating: moderate References: * bsc#1218484 * bsc#1222845 * bsc#1223955 Cross-References: * CVE-2023-6693 * CVE-2024-3447 CVSS scores: * CVE-2023-6693 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2023-6693 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-3447 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for qemu fixes the following issues: * CVE-2024-3447: Fix heap buffer overflow in sdhci_write_dataport(). (bsc#1218485) * CVE-2023-6693: Fix stack buffer overflow in virtio_net_flush_tx(). (bsc#1218484) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3229=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3229=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3229=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * qemu-debugsource-3.1.1.1-75.1 * qemu-audio-sdl-debuginfo-3.1.1.1-75.1 * qemu-ui-sdl-3.1.1.1-75.1 * qemu-block-curl-3.1.1.1-75.1 * qemu-tools-debuginfo-3.1.1.1-75.1 * qemu-ui-sdl-debuginfo-3.1.1.1-75.1 * qemu-guest-agent-debuginfo-3.1.1.1-75.1 * qemu-ui-gtk-3.1.1.1-75.1 * qemu-block-rbd-3.1.1.1-75.1 * qemu-audio-alsa-debuginfo-3.1.1.1-75.1 * qemu-block-rbd-debuginfo-3.1.1.1-75.1 * qemu-ui-gtk-debuginfo-3.1.1.1-75.1 * qemu-block-iscsi-debuginfo-3.1.1.1-75.1 * qemu-tools-3.1.1.1-75.1 * qemu-block-iscsi-3.1.1.1-75.1 * qemu-lang-3.1.1.1-75.1 * qemu-audio-alsa-3.1.1.1-75.1 * qemu-block-curl-debuginfo-3.1.1.1-75.1 * qemu-audio-oss-debuginfo-3.1.1.1-75.1 * qemu-block-ssh-debuginfo-3.1.1.1-75.1 * qemu-ui-curses-3.1.1.1-75.1 * qemu-block-ssh-3.1.1.1-75.1 * qemu-audio-oss-3.1.1.1-75.1 * qemu-ui-curses-debuginfo-3.1.1.1-75.1 * qemu-guest-agent-3.1.1.1-75.1 * qemu-audio-pa-3.1.1.1-75.1 * qemu-3.1.1.1-75.1 * qemu-audio-pa-debuginfo-3.1.1.1-75.1 * qemu-audio-sdl-3.1.1.1-75.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64) * qemu-arm-debuginfo-3.1.1.1-75.1 * qemu-arm-3.1.1.1-75.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * qemu-ipxe-1.0.0+-75.1 * qemu-seabios-1.12.0_0_ga698c89-75.1 * qemu-sgabios-8-75.1 * qemu-vgabios-1.12.0_0_ga698c89-75.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * qemu-kvm-3.1.1.1-75.1 * qemu-x86-3.1.1.1-75.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * qemu-debugsource-3.1.1.1-75.1 * qemu-audio-sdl-debuginfo-3.1.1.1-75.1 * qemu-ui-sdl-3.1.1.1-75.1 * qemu-block-curl-3.1.1.1-75.1 * qemu-tools-debuginfo-3.1.1.1-75.1 * qemu-ui-sdl-debuginfo-3.1.1.1-75.1 * qemu-guest-agent-debuginfo-3.1.1.1-75.1 * qemu-ui-gtk-3.1.1.1-75.1 * qemu-audio-alsa-debuginfo-3.1.1.1-75.1 * qemu-ui-gtk-debuginfo-3.1.1.1-75.1 * qemu-block-iscsi-debuginfo-3.1.1.1-75.1 * qemu-tools-3.1.1.1-75.1 * qemu-block-iscsi-3.1.1.1-75.1 * qemu-lang-3.1.1.1-75.1 * qemu-audio-alsa-3.1.1.1-75.1 * qemu-block-curl-debuginfo-3.1.1.1-75.1 * qemu-audio-oss-debuginfo-3.1.1.1-75.1 * qemu-block-ssh-debuginfo-3.1.1.1-75.1 * qemu-ui-curses-3.1.1.1-75.1 * qemu-block-ssh-3.1.1.1-75.1 * qemu-audio-oss-3.1.1.1-75.1 * qemu-ui-curses-debuginfo-3.1.1.1-75.1 * qemu-guest-agent-3.1.1.1-75.1 * qemu-audio-pa-3.1.1.1-75.1 * qemu-3.1.1.1-75.1 * qemu-audio-pa-debuginfo-3.1.1.1-75.1 * qemu-audio-sdl-3.1.1.1-75.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64) * qemu-arm-debuginfo-3.1.1.1-75.1 * qemu-arm-3.1.1.1-75.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 x86_64) * qemu-block-rbd-3.1.1.1-75.1 * qemu-block-rbd-debuginfo-3.1.1.1-75.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * qemu-ipxe-1.0.0+-75.1 * qemu-seabios-1.12.0_0_ga698c89-75.1 * qemu-sgabios-8-75.1 * qemu-vgabios-1.12.0_0_ga698c89-75.1 * SUSE Linux Enterprise Server 12 SP5 (ppc64le) * qemu-ppc-debuginfo-3.1.1.1-75.1 * qemu-ppc-3.1.1.1-75.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * qemu-kvm-3.1.1.1-75.1 * SUSE Linux Enterprise Server 12 SP5 (s390x) * qemu-s390-debuginfo-3.1.1.1-75.1 * qemu-s390-3.1.1.1-75.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * qemu-x86-3.1.1.1-75.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * qemu-debugsource-3.1.1.1-75.1 * qemu-audio-sdl-debuginfo-3.1.1.1-75.1 * qemu-ui-sdl-3.1.1.1-75.1 * qemu-block-curl-3.1.1.1-75.1 * qemu-tools-debuginfo-3.1.1.1-75.1 * qemu-ui-sdl-debuginfo-3.1.1.1-75.1 * qemu-guest-agent-debuginfo-3.1.1.1-75.1 * qemu-ui-gtk-3.1.1.1-75.1 * qemu-audio-alsa-debuginfo-3.1.1.1-75.1 * qemu-ui-gtk-debuginfo-3.1.1.1-75.1 * qemu-block-iscsi-debuginfo-3.1.1.1-75.1 * qemu-tools-3.1.1.1-75.1 * qemu-block-iscsi-3.1.1.1-75.1 * qemu-lang-3.1.1.1-75.1 * qemu-audio-alsa-3.1.1.1-75.1 * qemu-block-curl-debuginfo-3.1.1.1-75.1 * qemu-audio-oss-debuginfo-3.1.1.1-75.1 * qemu-block-ssh-debuginfo-3.1.1.1-75.1 * qemu-ui-curses-3.1.1.1-75.1 * qemu-block-ssh-3.1.1.1-75.1 * qemu-audio-oss-3.1.1.1-75.1 * qemu-ui-curses-debuginfo-3.1.1.1-75.1 * qemu-guest-agent-3.1.1.1-75.1 * qemu-audio-pa-3.1.1.1-75.1 * qemu-3.1.1.1-75.1 * qemu-audio-pa-debuginfo-3.1.1.1-75.1 * qemu-audio-sdl-3.1.1.1-75.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * qemu-ipxe-1.0.0+-75.1 * qemu-seabios-1.12.0_0_ga698c89-75.1 * qemu-sgabios-8-75.1 * qemu-vgabios-1.12.0_0_ga698c89-75.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le) * qemu-ppc-debuginfo-3.1.1.1-75.1 * qemu-ppc-3.1.1.1-75.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * qemu-block-rbd-3.1.1.1-75.1 * qemu-kvm-3.1.1.1-75.1 * qemu-x86-3.1.1.1-75.1 * qemu-block-rbd-debuginfo-3.1.1.1-75.1 ## References: * https://www.suse.com/security/cve/CVE-2023-6693.html * https://www.suse.com/security/cve/CVE-2024-3447.html * https://bugzilla.suse.com/show_bug.cgi?id=1218484 * https://bugzilla.suse.com/show_bug.cgi?id=1222845 * https://bugzilla.suse.com/show_bug.cgi?id=1223955 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 12 16:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 12 Sep 2024 16:30:12 -0000 Subject: SUSE-SU-2024:3228-1: important: Security update for clamav Message-ID: <172615861225.27756.899586724136935354@smelt2.prg2.suse.org> # Security update for clamav Announcement ID: SUSE-SU-2024:3228-1 Rating: important References: * bsc#1230161 * bsc#1230162 Cross-References: * CVE-2024-20505 * CVE-2024-20506 CVSS scores: * CVE-2024-20505 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-20505 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-20506 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-20506 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for clamav fixes the following issues: * Update to version 0.103.12 * CVE-2024-20506: Disable symlinks following to prevent an attacker to corrupt system files. (bsc#1230162) * CVE-2024-20505: Fixed possible out-of-bounds read bug in the PDF file parser. (bsc#1230161) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3228=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3228=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3228=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * clamav-0.103.12-3.33.1 * clamav-debugsource-0.103.12-3.33.1 * clamav-debuginfo-0.103.12-3.33.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * clamav-0.103.12-3.33.1 * clamav-debugsource-0.103.12-3.33.1 * clamav-debuginfo-0.103.12-3.33.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * clamav-0.103.12-3.33.1 * clamav-debugsource-0.103.12-3.33.1 * clamav-debuginfo-0.103.12-3.33.1 ## References: * https://www.suse.com/security/cve/CVE-2024-20505.html * https://www.suse.com/security/cve/CVE-2024-20506.html * https://bugzilla.suse.com/show_bug.cgi?id=1230161 * https://bugzilla.suse.com/show_bug.cgi?id=1230162 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 12 16:31:28 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 12 Sep 2024 16:31:28 -0000 Subject: SUSE-SU-2024:3227-1: important: Security update for the Linux Kernel Message-ID: <172615868820.27756.13519000068292710984@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3227-1 Rating: important References: * bsc#1193629 * bsc#1194111 * bsc#1194765 * bsc#1196261 * bsc#1196516 * bsc#1196894 * bsc#1198017 * bsc#1203360 * bsc#1206006 * bsc#1206258 * bsc#1207158 * bsc#1216834 * bsc#1221326 * bsc#1221645 * bsc#1223191 * bsc#1224105 * bsc#1227832 * bsc#1228020 * bsc#1228466 * bsc#1228516 * bsc#1228576 * bsc#1228718 * bsc#1228801 * bsc#1228959 * bsc#1229042 * bsc#1229292 * bsc#1229400 * bsc#1229454 * bsc#1229500 * bsc#1229503 * bsc#1229506 * bsc#1229507 * bsc#1229508 * bsc#1229509 * bsc#1229510 * bsc#1229512 * bsc#1229516 * bsc#1229522 * bsc#1229526 * bsc#1229528 * bsc#1229531 * bsc#1229533 * bsc#1229535 * bsc#1229536 * bsc#1229537 * bsc#1229540 * bsc#1229544 * bsc#1229554 * bsc#1229557 * bsc#1229565 * bsc#1229566 * bsc#1229568 * bsc#1229581 * bsc#1229598 * bsc#1229603 * bsc#1229604 * bsc#1229608 * bsc#1229611 * bsc#1229612 * bsc#1229613 * bsc#1229614 * bsc#1229617 * bsc#1229619 * bsc#1229620 * bsc#1229622 * bsc#1229623 * bsc#1229624 * bsc#1229625 * bsc#1229626 * bsc#1229628 * bsc#1229629 * bsc#1229630 * bsc#1229631 * bsc#1229635 * bsc#1229636 * bsc#1229637 * bsc#1229638 * bsc#1229639 * bsc#1229641 * bsc#1229642 * bsc#1229643 * bsc#1229645 * bsc#1229657 * bsc#1229664 * bsc#1229707 * bsc#1229792 Cross-References: * CVE-2021-4441 * CVE-2022-48868 * CVE-2022-48869 * CVE-2022-48870 * CVE-2022-48871 * CVE-2022-48872 * CVE-2022-48873 * CVE-2022-48875 * CVE-2022-48878 * CVE-2022-48880 * CVE-2022-48890 * CVE-2022-48891 * CVE-2022-48896 * CVE-2022-48898 * CVE-2022-48899 * CVE-2022-48903 * CVE-2022-48904 * CVE-2022-48905 * CVE-2022-48907 * CVE-2022-48909 * CVE-2022-48912 * CVE-2022-48913 * CVE-2022-48914 * CVE-2022-48915 * CVE-2022-48916 * CVE-2022-48917 * CVE-2022-48918 * CVE-2022-48919 * CVE-2022-48921 * CVE-2022-48924 * CVE-2022-48925 * CVE-2022-48926 * CVE-2022-48927 * CVE-2022-48928 * CVE-2022-48929 * CVE-2022-48930 * CVE-2022-48931 * CVE-2022-48932 * CVE-2022-48934 * CVE-2022-48935 * CVE-2022-48937 * CVE-2022-48938 * CVE-2022-48941 * CVE-2022-48942 * CVE-2022-48943 * CVE-2023-52489 * CVE-2023-52893 * CVE-2023-52894 * CVE-2023-52896 * CVE-2023-52898 * CVE-2023-52900 * CVE-2023-52901 * CVE-2023-52905 * CVE-2023-52907 * CVE-2023-52911 * CVE-2024-40910 * CVE-2024-41009 * CVE-2024-41062 * CVE-2024-41087 * CVE-2024-42077 * CVE-2024-42126 * CVE-2024-42232 * CVE-2024-42271 * CVE-2024-43853 * CVE-2024-43861 * CVE-2024-43882 * CVE-2024-43883 * CVE-2024-44938 * CVE-2024-44947 CVSS scores: * CVE-2021-4441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-4441 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48868 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48868 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48869 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48869 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48870 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48870 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2022-48871 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48872 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48872 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48873 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48873 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48875 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48875 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48878 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48878 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48878 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48880 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48880 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48890 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48890 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48891 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48891 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48896 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48898 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48899 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48904 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48904 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48905 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48907 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48909 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48912 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48912 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48913 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48914 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48914 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48915 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48916 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48916 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48917 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48918 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48918 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48919 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48919 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48919 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48921 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48921 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48924 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48926 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48926 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48927 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48927 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48928 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48928 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48929 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48931 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48932 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48932 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48934 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48934 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48935 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48935 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48937 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48937 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48938 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48938 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48941 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48942 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48942 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48943 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48943 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52489 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52893 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52894 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52894 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52894 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52896 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52898 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52898 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52900 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52900 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40910 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40910 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41009 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41087 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42126 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42271 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42271 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43883 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43883 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44938 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-44938 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves 69 vulnerabilities and has 17 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-41062: bluetooth/l2cap: sync sock recv cb and release (bsc#1228576). * CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454). * CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500). * CVE-2023-52489: mm/sparsemem: fix race in accessing memory_section->usage (bsc#1221326). * CVE-2024-44938: Fix shift-out-of-bounds in dbDiscardAG (bsc#1229792). * CVE-2024-41087: Fix double free on error (CVE-2024-41087,bsc#1228466). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) * CVE-2022-48935: Fixed an unregister flowtable hooks on netns exit (bsc#1229619) * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641) * CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400) * CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959) * CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832). * CVE-2024-41009: bpf: Fix overrunning reservations in ringbuf (bsc#1228020). The following non-security bugs were fixed: * Bluetooth: L2CAP: Fix deadlock (git-fixes). * mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes). * mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes). * nvme_core: scan namespaces asynchronously (bsc#1224105). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3227=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3227=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3227=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3227=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.91.3 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.91.3 * kernel-rt-debuginfo-5.14.21-150400.15.91.3 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.91.3 * SUSE Linux Enterprise Micro 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.91.3 * SUSE Linux Enterprise Micro 5.3 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.91.3 * kernel-rt-debuginfo-5.14.21-150400.15.91.3 * SUSE Linux Enterprise Micro 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.91.3 * SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.91.3 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.91.3 * kernel-rt-debuginfo-5.14.21-150400.15.91.3 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.91.3 * SUSE Linux Enterprise Micro 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.91.3 * SUSE Linux Enterprise Micro 5.4 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.91.3 * kernel-rt-debuginfo-5.14.21-150400.15.91.3 * SUSE Linux Enterprise Micro 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.91.3 ## References: * https://www.suse.com/security/cve/CVE-2021-4441.html * https://www.suse.com/security/cve/CVE-2022-48868.html * https://www.suse.com/security/cve/CVE-2022-48869.html * https://www.suse.com/security/cve/CVE-2022-48870.html * https://www.suse.com/security/cve/CVE-2022-48871.html * https://www.suse.com/security/cve/CVE-2022-48872.html * https://www.suse.com/security/cve/CVE-2022-48873.html * https://www.suse.com/security/cve/CVE-2022-48875.html * https://www.suse.com/security/cve/CVE-2022-48878.html * https://www.suse.com/security/cve/CVE-2022-48880.html * https://www.suse.com/security/cve/CVE-2022-48890.html * https://www.suse.com/security/cve/CVE-2022-48891.html * https://www.suse.com/security/cve/CVE-2022-48896.html * https://www.suse.com/security/cve/CVE-2022-48898.html * https://www.suse.com/security/cve/CVE-2022-48899.html * https://www.suse.com/security/cve/CVE-2022-48903.html * https://www.suse.com/security/cve/CVE-2022-48904.html * https://www.suse.com/security/cve/CVE-2022-48905.html * https://www.suse.com/security/cve/CVE-2022-48907.html * https://www.suse.com/security/cve/CVE-2022-48909.html * https://www.suse.com/security/cve/CVE-2022-48912.html * https://www.suse.com/security/cve/CVE-2022-48913.html * https://www.suse.com/security/cve/CVE-2022-48914.html * https://www.suse.com/security/cve/CVE-2022-48915.html * https://www.suse.com/security/cve/CVE-2022-48916.html * https://www.suse.com/security/cve/CVE-2022-48917.html * https://www.suse.com/security/cve/CVE-2022-48918.html * https://www.suse.com/security/cve/CVE-2022-48919.html * https://www.suse.com/security/cve/CVE-2022-48921.html * https://www.suse.com/security/cve/CVE-2022-48924.html * https://www.suse.com/security/cve/CVE-2022-48925.html * https://www.suse.com/security/cve/CVE-2022-48926.html * https://www.suse.com/security/cve/CVE-2022-48927.html * https://www.suse.com/security/cve/CVE-2022-48928.html * https://www.suse.com/security/cve/CVE-2022-48929.html * https://www.suse.com/security/cve/CVE-2022-48930.html * https://www.suse.com/security/cve/CVE-2022-48931.html * https://www.suse.com/security/cve/CVE-2022-48932.html * https://www.suse.com/security/cve/CVE-2022-48934.html * https://www.suse.com/security/cve/CVE-2022-48935.html * https://www.suse.com/security/cve/CVE-2022-48937.html * https://www.suse.com/security/cve/CVE-2022-48938.html * https://www.suse.com/security/cve/CVE-2022-48941.html * https://www.suse.com/security/cve/CVE-2022-48942.html * https://www.suse.com/security/cve/CVE-2022-48943.html * https://www.suse.com/security/cve/CVE-2023-52489.html * https://www.suse.com/security/cve/CVE-2023-52893.html * https://www.suse.com/security/cve/CVE-2023-52894.html * https://www.suse.com/security/cve/CVE-2023-52896.html * https://www.suse.com/security/cve/CVE-2023-52898.html * https://www.suse.com/security/cve/CVE-2023-52900.html * https://www.suse.com/security/cve/CVE-2023-52901.html * https://www.suse.com/security/cve/CVE-2023-52905.html * https://www.suse.com/security/cve/CVE-2023-52907.html * https://www.suse.com/security/cve/CVE-2023-52911.html * https://www.suse.com/security/cve/CVE-2024-40910.html * https://www.suse.com/security/cve/CVE-2024-41009.html * https://www.suse.com/security/cve/CVE-2024-41062.html * https://www.suse.com/security/cve/CVE-2024-41087.html * https://www.suse.com/security/cve/CVE-2024-42077.html * https://www.suse.com/security/cve/CVE-2024-42126.html * https://www.suse.com/security/cve/CVE-2024-42232.html * https://www.suse.com/security/cve/CVE-2024-42271.html * https://www.suse.com/security/cve/CVE-2024-43853.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-43883.html * https://www.suse.com/security/cve/CVE-2024-44938.html * https://www.suse.com/security/cve/CVE-2024-44947.html * https://bugzilla.suse.com/show_bug.cgi?id=1193629 * https://bugzilla.suse.com/show_bug.cgi?id=1194111 * https://bugzilla.suse.com/show_bug.cgi?id=1194765 * https://bugzilla.suse.com/show_bug.cgi?id=1196261 * https://bugzilla.suse.com/show_bug.cgi?id=1196516 * https://bugzilla.suse.com/show_bug.cgi?id=1196894 * https://bugzilla.suse.com/show_bug.cgi?id=1198017 * https://bugzilla.suse.com/show_bug.cgi?id=1203360 * https://bugzilla.suse.com/show_bug.cgi?id=1206006 * https://bugzilla.suse.com/show_bug.cgi?id=1206258 * https://bugzilla.suse.com/show_bug.cgi?id=1207158 * https://bugzilla.suse.com/show_bug.cgi?id=1216834 * https://bugzilla.suse.com/show_bug.cgi?id=1221326 * https://bugzilla.suse.com/show_bug.cgi?id=1221645 * https://bugzilla.suse.com/show_bug.cgi?id=1223191 * https://bugzilla.suse.com/show_bug.cgi?id=1224105 * https://bugzilla.suse.com/show_bug.cgi?id=1227832 * https://bugzilla.suse.com/show_bug.cgi?id=1228020 * https://bugzilla.suse.com/show_bug.cgi?id=1228466 * https://bugzilla.suse.com/show_bug.cgi?id=1228516 * https://bugzilla.suse.com/show_bug.cgi?id=1228576 * https://bugzilla.suse.com/show_bug.cgi?id=1228718 * https://bugzilla.suse.com/show_bug.cgi?id=1228801 * https://bugzilla.suse.com/show_bug.cgi?id=1228959 * https://bugzilla.suse.com/show_bug.cgi?id=1229042 * https://bugzilla.suse.com/show_bug.cgi?id=1229292 * https://bugzilla.suse.com/show_bug.cgi?id=1229400 * https://bugzilla.suse.com/show_bug.cgi?id=1229454 * https://bugzilla.suse.com/show_bug.cgi?id=1229500 * https://bugzilla.suse.com/show_bug.cgi?id=1229503 * https://bugzilla.suse.com/show_bug.cgi?id=1229506 * https://bugzilla.suse.com/show_bug.cgi?id=1229507 * https://bugzilla.suse.com/show_bug.cgi?id=1229508 * https://bugzilla.suse.com/show_bug.cgi?id=1229509 * https://bugzilla.suse.com/show_bug.cgi?id=1229510 * https://bugzilla.suse.com/show_bug.cgi?id=1229512 * https://bugzilla.suse.com/show_bug.cgi?id=1229516 * https://bugzilla.suse.com/show_bug.cgi?id=1229522 * https://bugzilla.suse.com/show_bug.cgi?id=1229526 * https://bugzilla.suse.com/show_bug.cgi?id=1229528 * https://bugzilla.suse.com/show_bug.cgi?id=1229531 * https://bugzilla.suse.com/show_bug.cgi?id=1229533 * https://bugzilla.suse.com/show_bug.cgi?id=1229535 * https://bugzilla.suse.com/show_bug.cgi?id=1229536 * https://bugzilla.suse.com/show_bug.cgi?id=1229537 * https://bugzilla.suse.com/show_bug.cgi?id=1229540 * https://bugzilla.suse.com/show_bug.cgi?id=1229544 * https://bugzilla.suse.com/show_bug.cgi?id=1229554 * https://bugzilla.suse.com/show_bug.cgi?id=1229557 * https://bugzilla.suse.com/show_bug.cgi?id=1229565 * https://bugzilla.suse.com/show_bug.cgi?id=1229566 * https://bugzilla.suse.com/show_bug.cgi?id=1229568 * https://bugzilla.suse.com/show_bug.cgi?id=1229581 * https://bugzilla.suse.com/show_bug.cgi?id=1229598 * https://bugzilla.suse.com/show_bug.cgi?id=1229603 * https://bugzilla.suse.com/show_bug.cgi?id=1229604 * https://bugzilla.suse.com/show_bug.cgi?id=1229608 * https://bugzilla.suse.com/show_bug.cgi?id=1229611 * https://bugzilla.suse.com/show_bug.cgi?id=1229612 * https://bugzilla.suse.com/show_bug.cgi?id=1229613 * https://bugzilla.suse.com/show_bug.cgi?id=1229614 * https://bugzilla.suse.com/show_bug.cgi?id=1229617 * https://bugzilla.suse.com/show_bug.cgi?id=1229619 * https://bugzilla.suse.com/show_bug.cgi?id=1229620 * https://bugzilla.suse.com/show_bug.cgi?id=1229622 * https://bugzilla.suse.com/show_bug.cgi?id=1229623 * https://bugzilla.suse.com/show_bug.cgi?id=1229624 * https://bugzilla.suse.com/show_bug.cgi?id=1229625 * https://bugzilla.suse.com/show_bug.cgi?id=1229626 * https://bugzilla.suse.com/show_bug.cgi?id=1229628 * https://bugzilla.suse.com/show_bug.cgi?id=1229629 * https://bugzilla.suse.com/show_bug.cgi?id=1229630 * https://bugzilla.suse.com/show_bug.cgi?id=1229631 * https://bugzilla.suse.com/show_bug.cgi?id=1229635 * https://bugzilla.suse.com/show_bug.cgi?id=1229636 * https://bugzilla.suse.com/show_bug.cgi?id=1229637 * https://bugzilla.suse.com/show_bug.cgi?id=1229638 * https://bugzilla.suse.com/show_bug.cgi?id=1229639 * https://bugzilla.suse.com/show_bug.cgi?id=1229641 * https://bugzilla.suse.com/show_bug.cgi?id=1229642 * https://bugzilla.suse.com/show_bug.cgi?id=1229643 * https://bugzilla.suse.com/show_bug.cgi?id=1229645 * https://bugzilla.suse.com/show_bug.cgi?id=1229657 * https://bugzilla.suse.com/show_bug.cgi?id=1229664 * https://bugzilla.suse.com/show_bug.cgi?id=1229707 * https://bugzilla.suse.com/show_bug.cgi?id=1229792 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 12 16:31:30 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 12 Sep 2024 16:31:30 -0000 Subject: SUSE-SU-2024:3226-1: moderate: Security update for colord Message-ID: <172615869082.27756.8915307034185913861@smelt2.prg2.suse.org> # Security update for colord Announcement ID: SUSE-SU-2024:3226-1 Rating: moderate References: * bsc#1208056 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that has one security fix can now be installed. ## Description: This update for colord fixes the following issues: * Fixed a potential local privilege escalation by removing the script in the specfile which changes the ownership of /var/lib/colord. (bsc#1208056) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3226=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3226=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3226=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3226=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-3226=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * colord-debugsource-1.3.3-13.6.1 * libcolord-devel-1.3.3-13.6.1 * typelib-1_0-ColorHug-1_0-1.3.3-13.6.1 * typelib-1_0-Colord-1_0-1.3.3-13.6.1 * colord-debuginfo-1.3.3-13.6.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * colord-debugsource-1.3.3-13.6.1 * libcolorhug2-1.3.3-13.6.1 * libcolord2-debuginfo-1.3.3-13.6.1 * libcolorhug2-debuginfo-1.3.3-13.6.1 * libcolord2-1.3.3-13.6.1 * colord-debuginfo-1.3.3-13.6.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libcolord2-32bit-1.3.3-13.6.1 * libcolord2-debuginfo-32bit-1.3.3-13.6.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * colord-debugsource-1.3.3-13.6.1 * libcolorhug2-1.3.3-13.6.1 * libcolord2-debuginfo-1.3.3-13.6.1 * libcolorhug2-debuginfo-1.3.3-13.6.1 * libcolord2-1.3.3-13.6.1 * colord-debuginfo-1.3.3-13.6.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libcolord2-32bit-1.3.3-13.6.1 * libcolord2-debuginfo-32bit-1.3.3-13.6.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * colord-debugsource-1.3.3-13.6.1 * libcolorhug2-1.3.3-13.6.1 * libcolord2-debuginfo-1.3.3-13.6.1 * libcolorhug2-debuginfo-1.3.3-13.6.1 * libcolord2-1.3.3-13.6.1 * colord-debuginfo-1.3.3-13.6.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libcolord2-32bit-1.3.3-13.6.1 * libcolord2-debuginfo-32bit-1.3.3-13.6.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * colord-debuginfo-1.3.3-13.6.1 * colord-debugsource-1.3.3-13.6.1 * colord-1.3.3-13.6.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (noarch) * colord-lang-1.3.3-13.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1208056 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 12 16:32:28 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 12 Sep 2024 16:32:28 -0000 Subject: SUSE-SU-2024:3225-1: important: Security update for the Linux Kernel Message-ID: <172615874814.27756.12487393675288732727@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3225-1 Rating: important References: * bsc#1176447 * bsc#1195668 * bsc#1195928 * bsc#1195957 * bsc#1196018 * bsc#1196516 * bsc#1196823 * bsc#1202346 * bsc#1209636 * bsc#1209799 * bsc#1210629 * bsc#1216834 * bsc#1222251 * bsc#1225109 * bsc#1225584 * bsc#1227832 * bsc#1227924 * bsc#1227928 * bsc#1227932 * bsc#1227935 * bsc#1227941 * bsc#1227942 * bsc#1227945 * bsc#1227952 * bsc#1227964 * bsc#1227969 * bsc#1227985 * bsc#1227987 * bsc#1227988 * bsc#1227989 * bsc#1227997 * bsc#1228000 * bsc#1228004 * bsc#1228005 * bsc#1228006 * bsc#1228015 * bsc#1228020 * bsc#1228037 * bsc#1228045 * bsc#1228060 * bsc#1228062 * bsc#1228066 * bsc#1228466 * bsc#1228516 * bsc#1228576 * bsc#1228959 * bsc#1229400 * bsc#1229454 * bsc#1229500 * bsc#1229503 * bsc#1229510 * bsc#1229512 * bsc#1229598 * bsc#1229604 * bsc#1229607 * bsc#1229620 * bsc#1229621 * bsc#1229624 * bsc#1229626 * bsc#1229629 * bsc#1229630 * bsc#1229637 * bsc#1229641 * bsc#1229657 * bsc#1229707 Cross-References: * CVE-2021-4441 * CVE-2022-48775 * CVE-2022-48778 * CVE-2022-48787 * CVE-2022-48788 * CVE-2022-48789 * CVE-2022-48790 * CVE-2022-48798 * CVE-2022-48802 * CVE-2022-48805 * CVE-2022-48811 * CVE-2022-48823 * CVE-2022-48824 * CVE-2022-48827 * CVE-2022-48834 * CVE-2022-48835 * CVE-2022-48836 * CVE-2022-48837 * CVE-2022-48838 * CVE-2022-48839 * CVE-2022-48843 * CVE-2022-48851 * CVE-2022-48853 * CVE-2022-48856 * CVE-2022-48857 * CVE-2022-48858 * CVE-2022-48872 * CVE-2022-48873 * CVE-2022-48901 * CVE-2022-48905 * CVE-2022-48912 * CVE-2022-48917 * CVE-2022-48919 * CVE-2022-48925 * CVE-2022-48926 * CVE-2022-48928 * CVE-2022-48930 * CVE-2022-48933 * CVE-2022-48934 * CVE-2023-52854 * CVE-2024-40910 * CVE-2024-41009 * CVE-2024-41062 * CVE-2024-41087 * CVE-2024-42077 * CVE-2024-42232 * CVE-2024-42271 * CVE-2024-43861 * CVE-2024-43882 * CVE-2024-43883 * CVE-2024-44947 CVSS scores: * CVE-2021-4441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-4441 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48775 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48775 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48778 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48778 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48787 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48788 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48788 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48789 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48789 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48790 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48790 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48798 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48802 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48805 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48811 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48823 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48824 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48824 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48827 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48834 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-48834 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48835 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48836 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48836 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48837 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48837 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48838 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48838 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48839 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48843 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48843 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48851 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48856 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48857 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48858 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48858 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48872 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48872 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48873 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48873 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48905 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48912 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48912 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48917 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48919 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48919 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48919 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48926 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48926 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48928 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48928 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48933 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48934 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48934 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40910 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40910 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41009 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41087 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42271 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42271 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43883 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43883 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves 51 vulnerabilities and has 14 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454). * CVE-2022-48919: Fix double free race when mount fails in cifs_get_root() (bsc#1229657). * CVE-2023-52854: Fix refcnt handling in padata_free_shell() (bsc#1225584). * CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707). * CVE-2024-41062: bluetooth/l2cap: sync sock recv cb and release (bsc#1228576). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500). * CVE-2024-41087: Fix double free on error (CVE-2024-41087,bsc#1228466). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641) * CVE-2022-48872: Fix use-after-free race condition for maps (bsc#1229510). * CVE-2022-48873: Do not remove map on creater_process and device_release (bsc#1229512). * CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400) * CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959) * CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832). * CVE-2024-41009: bpf: Fix overrunning reservations in ringbuf (bsc#1228020). The following non-security bugs were fixed: * Bluetooth: L2CAP: Fix deadlock (git-fixes). * sched/psi: use kernfs polling functions for PSI trigger polling (bsc#1209799 bsc#1225109). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3225=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3225=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3225=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (nosrc x86_64) * kernel-rt-5.3.18-150300.181.2 * SUSE Linux Enterprise Micro 5.1 (x86_64) * kernel-rt-debuginfo-5.3.18-150300.181.2 * kernel-rt-debugsource-5.3.18-150300.181.2 * SUSE Linux Enterprise Micro 5.1 (noarch) * kernel-source-rt-5.3.18-150300.181.2 * SUSE Linux Enterprise Micro 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.181.2 * SUSE Linux Enterprise Micro 5.2 (x86_64) * kernel-rt-debuginfo-5.3.18-150300.181.2 * kernel-rt-debugsource-5.3.18-150300.181.2 * SUSE Linux Enterprise Micro 5.2 (noarch) * kernel-source-rt-5.3.18-150300.181.2 * SUSE Linux Enterprise Micro for Rancher 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.181.2 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * kernel-rt-debuginfo-5.3.18-150300.181.2 * kernel-rt-debugsource-5.3.18-150300.181.2 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * kernel-source-rt-5.3.18-150300.181.2 ## References: * https://www.suse.com/security/cve/CVE-2021-4441.html * https://www.suse.com/security/cve/CVE-2022-48775.html * https://www.suse.com/security/cve/CVE-2022-48778.html * https://www.suse.com/security/cve/CVE-2022-48787.html * https://www.suse.com/security/cve/CVE-2022-48788.html * https://www.suse.com/security/cve/CVE-2022-48789.html * https://www.suse.com/security/cve/CVE-2022-48790.html * https://www.suse.com/security/cve/CVE-2022-48798.html * https://www.suse.com/security/cve/CVE-2022-48802.html * https://www.suse.com/security/cve/CVE-2022-48805.html * https://www.suse.com/security/cve/CVE-2022-48811.html * https://www.suse.com/security/cve/CVE-2022-48823.html * https://www.suse.com/security/cve/CVE-2022-48824.html * https://www.suse.com/security/cve/CVE-2022-48827.html * https://www.suse.com/security/cve/CVE-2022-48834.html * https://www.suse.com/security/cve/CVE-2022-48835.html * https://www.suse.com/security/cve/CVE-2022-48836.html * https://www.suse.com/security/cve/CVE-2022-48837.html * https://www.suse.com/security/cve/CVE-2022-48838.html * https://www.suse.com/security/cve/CVE-2022-48839.html * https://www.suse.com/security/cve/CVE-2022-48843.html * https://www.suse.com/security/cve/CVE-2022-48851.html * https://www.suse.com/security/cve/CVE-2022-48853.html * https://www.suse.com/security/cve/CVE-2022-48856.html * https://www.suse.com/security/cve/CVE-2022-48857.html * https://www.suse.com/security/cve/CVE-2022-48858.html * https://www.suse.com/security/cve/CVE-2022-48872.html * https://www.suse.com/security/cve/CVE-2022-48873.html * https://www.suse.com/security/cve/CVE-2022-48901.html * https://www.suse.com/security/cve/CVE-2022-48905.html * https://www.suse.com/security/cve/CVE-2022-48912.html * https://www.suse.com/security/cve/CVE-2022-48917.html * https://www.suse.com/security/cve/CVE-2022-48919.html * https://www.suse.com/security/cve/CVE-2022-48925.html * https://www.suse.com/security/cve/CVE-2022-48926.html * https://www.suse.com/security/cve/CVE-2022-48928.html * https://www.suse.com/security/cve/CVE-2022-48930.html * https://www.suse.com/security/cve/CVE-2022-48933.html * https://www.suse.com/security/cve/CVE-2022-48934.html * https://www.suse.com/security/cve/CVE-2023-52854.html * https://www.suse.com/security/cve/CVE-2024-40910.html * https://www.suse.com/security/cve/CVE-2024-41009.html * https://www.suse.com/security/cve/CVE-2024-41062.html * https://www.suse.com/security/cve/CVE-2024-41087.html * https://www.suse.com/security/cve/CVE-2024-42077.html * https://www.suse.com/security/cve/CVE-2024-42232.html * https://www.suse.com/security/cve/CVE-2024-42271.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-43883.html * https://www.suse.com/security/cve/CVE-2024-44947.html * https://bugzilla.suse.com/show_bug.cgi?id=1176447 * https://bugzilla.suse.com/show_bug.cgi?id=1195668 * https://bugzilla.suse.com/show_bug.cgi?id=1195928 * https://bugzilla.suse.com/show_bug.cgi?id=1195957 * https://bugzilla.suse.com/show_bug.cgi?id=1196018 * https://bugzilla.suse.com/show_bug.cgi?id=1196516 * https://bugzilla.suse.com/show_bug.cgi?id=1196823 * https://bugzilla.suse.com/show_bug.cgi?id=1202346 * https://bugzilla.suse.com/show_bug.cgi?id=1209636 * https://bugzilla.suse.com/show_bug.cgi?id=1209799 * https://bugzilla.suse.com/show_bug.cgi?id=1210629 * https://bugzilla.suse.com/show_bug.cgi?id=1216834 * https://bugzilla.suse.com/show_bug.cgi?id=1222251 * https://bugzilla.suse.com/show_bug.cgi?id=1225109 * https://bugzilla.suse.com/show_bug.cgi?id=1225584 * https://bugzilla.suse.com/show_bug.cgi?id=1227832 * https://bugzilla.suse.com/show_bug.cgi?id=1227924 * https://bugzilla.suse.com/show_bug.cgi?id=1227928 * https://bugzilla.suse.com/show_bug.cgi?id=1227932 * https://bugzilla.suse.com/show_bug.cgi?id=1227935 * https://bugzilla.suse.com/show_bug.cgi?id=1227941 * https://bugzilla.suse.com/show_bug.cgi?id=1227942 * https://bugzilla.suse.com/show_bug.cgi?id=1227945 * https://bugzilla.suse.com/show_bug.cgi?id=1227952 * https://bugzilla.suse.com/show_bug.cgi?id=1227964 * https://bugzilla.suse.com/show_bug.cgi?id=1227969 * https://bugzilla.suse.com/show_bug.cgi?id=1227985 * https://bugzilla.suse.com/show_bug.cgi?id=1227987 * https://bugzilla.suse.com/show_bug.cgi?id=1227988 * https://bugzilla.suse.com/show_bug.cgi?id=1227989 * https://bugzilla.suse.com/show_bug.cgi?id=1227997 * https://bugzilla.suse.com/show_bug.cgi?id=1228000 * https://bugzilla.suse.com/show_bug.cgi?id=1228004 * https://bugzilla.suse.com/show_bug.cgi?id=1228005 * https://bugzilla.suse.com/show_bug.cgi?id=1228006 * https://bugzilla.suse.com/show_bug.cgi?id=1228015 * https://bugzilla.suse.com/show_bug.cgi?id=1228020 * https://bugzilla.suse.com/show_bug.cgi?id=1228037 * https://bugzilla.suse.com/show_bug.cgi?id=1228045 * https://bugzilla.suse.com/show_bug.cgi?id=1228060 * https://bugzilla.suse.com/show_bug.cgi?id=1228062 * https://bugzilla.suse.com/show_bug.cgi?id=1228066 * https://bugzilla.suse.com/show_bug.cgi?id=1228466 * https://bugzilla.suse.com/show_bug.cgi?id=1228516 * https://bugzilla.suse.com/show_bug.cgi?id=1228576 * https://bugzilla.suse.com/show_bug.cgi?id=1228959 * https://bugzilla.suse.com/show_bug.cgi?id=1229400 * https://bugzilla.suse.com/show_bug.cgi?id=1229454 * https://bugzilla.suse.com/show_bug.cgi?id=1229500 * https://bugzilla.suse.com/show_bug.cgi?id=1229503 * https://bugzilla.suse.com/show_bug.cgi?id=1229510 * https://bugzilla.suse.com/show_bug.cgi?id=1229512 * https://bugzilla.suse.com/show_bug.cgi?id=1229598 * https://bugzilla.suse.com/show_bug.cgi?id=1229604 * https://bugzilla.suse.com/show_bug.cgi?id=1229607 * https://bugzilla.suse.com/show_bug.cgi?id=1229620 * https://bugzilla.suse.com/show_bug.cgi?id=1229621 * https://bugzilla.suse.com/show_bug.cgi?id=1229624 * https://bugzilla.suse.com/show_bug.cgi?id=1229626 * https://bugzilla.suse.com/show_bug.cgi?id=1229629 * https://bugzilla.suse.com/show_bug.cgi?id=1229630 * https://bugzilla.suse.com/show_bug.cgi?id=1229637 * https://bugzilla.suse.com/show_bug.cgi?id=1229641 * https://bugzilla.suse.com/show_bug.cgi?id=1229657 * https://bugzilla.suse.com/show_bug.cgi?id=1229707 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 12 16:32:30 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 12 Sep 2024 16:32:30 -0000 Subject: SUSE-SU-2024:3224-1: important: Security update for postgresql16 Message-ID: <172615875087.27756.16306329020690980277@smelt2.prg2.suse.org> # Security update for postgresql16 Announcement ID: SUSE-SU-2024:3224-1 Rating: important References: * bsc#1229013 Cross-References: * CVE-2024-7348 CVSS scores: * CVE-2024-7348 ( SUSE ): 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-7348 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-7348 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql16 fixes the following issues: * Upgrade to 15.8 (bsc#1229013) * CVE-2024-7348: PostgreSQL relation replacement during pg_dump executes arbitrary SQL. (bsc#1229013) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3224=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3224=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3224=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3224=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * postgresql15-devel-15.8-3.28.1 * postgresql15-server-devel-15.8-3.28.1 * postgresql15-server-devel-debuginfo-15.8-3.28.1 * postgresql15-devel-debuginfo-15.8-3.28.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * postgresql15-plperl-debuginfo-15.8-3.28.1 * postgresql15-server-15.8-3.28.1 * postgresql15-contrib-15.8-3.28.1 * postgresql15-debugsource-15.8-3.28.1 * postgresql15-plperl-15.8-3.28.1 * postgresql15-debuginfo-15.8-3.28.1 * postgresql15-plpython-debuginfo-15.8-3.28.1 * postgresql15-15.8-3.28.1 * postgresql15-plpython-15.8-3.28.1 * postgresql15-pltcl-15.8-3.28.1 * postgresql15-contrib-debuginfo-15.8-3.28.1 * postgresql15-server-debuginfo-15.8-3.28.1 * postgresql15-pltcl-debuginfo-15.8-3.28.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * postgresql15-docs-15.8-3.28.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * postgresql15-plperl-debuginfo-15.8-3.28.1 * postgresql15-server-15.8-3.28.1 * postgresql15-contrib-15.8-3.28.1 * postgresql15-debugsource-15.8-3.28.1 * postgresql15-plperl-15.8-3.28.1 * postgresql15-debuginfo-15.8-3.28.1 * postgresql15-plpython-debuginfo-15.8-3.28.1 * postgresql15-15.8-3.28.1 * postgresql15-plpython-15.8-3.28.1 * postgresql15-pltcl-15.8-3.28.1 * postgresql15-contrib-debuginfo-15.8-3.28.1 * postgresql15-server-debuginfo-15.8-3.28.1 * postgresql15-pltcl-debuginfo-15.8-3.28.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * postgresql15-docs-15.8-3.28.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * postgresql15-plperl-debuginfo-15.8-3.28.1 * postgresql15-server-15.8-3.28.1 * postgresql15-contrib-15.8-3.28.1 * postgresql15-debugsource-15.8-3.28.1 * postgresql15-plperl-15.8-3.28.1 * postgresql15-debuginfo-15.8-3.28.1 * postgresql15-plpython-debuginfo-15.8-3.28.1 * postgresql15-15.8-3.28.1 * postgresql15-plpython-15.8-3.28.1 * postgresql15-pltcl-15.8-3.28.1 * postgresql15-contrib-debuginfo-15.8-3.28.1 * postgresql15-server-debuginfo-15.8-3.28.1 * postgresql15-pltcl-debuginfo-15.8-3.28.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * postgresql15-docs-15.8-3.28.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7348.html * https://bugzilla.suse.com/show_bug.cgi?id=1229013 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 13 16:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 13 Sep 2024 16:30:11 -0000 Subject: SUSE-SU-2024:3080-2: moderate: Security update for curl Message-ID: <172624501176.27944.11685468283704710891@smelt2.prg2.suse.org> # Security update for curl Announcement ID: SUSE-SU-2024:3080-2 Rating: moderate References: * bsc#1228535 Cross-References: * CVE-2024-7264 CVSS scores: * CVE-2024-7264 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2024-7264 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for curl fixes the following issues: * CVE-2024-7264: Fixed out-of-bounds read in ASN.1 date parser GTime2str() (bsc#1228535) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3080=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3080=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3080=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3080=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3080=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3080=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3080=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3080=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libcurl4-debuginfo-8.0.1-150400.5.47.1 * curl-8.0.1-150400.5.47.1 * libcurl4-8.0.1-150400.5.47.1 * curl-debuginfo-8.0.1-150400.5.47.1 * libcurl-devel-8.0.1-150400.5.47.1 * curl-debugsource-8.0.1-150400.5.47.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.47.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.47.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libcurl4-debuginfo-8.0.1-150400.5.47.1 * curl-8.0.1-150400.5.47.1 * libcurl4-8.0.1-150400.5.47.1 * curl-debuginfo-8.0.1-150400.5.47.1 * libcurl-devel-8.0.1-150400.5.47.1 * curl-debugsource-8.0.1-150400.5.47.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.47.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.47.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libcurl4-debuginfo-8.0.1-150400.5.47.1 * curl-8.0.1-150400.5.47.1 * libcurl4-32bit-8.0.1-150400.5.47.1 * libcurl4-8.0.1-150400.5.47.1 * curl-debuginfo-8.0.1-150400.5.47.1 * libcurl-devel-8.0.1-150400.5.47.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.47.1 * curl-debugsource-8.0.1-150400.5.47.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libcurl4-debuginfo-8.0.1-150400.5.47.1 * curl-8.0.1-150400.5.47.1 * libcurl4-8.0.1-150400.5.47.1 * curl-debuginfo-8.0.1-150400.5.47.1 * libcurl-devel-8.0.1-150400.5.47.1 * curl-debugsource-8.0.1-150400.5.47.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.47.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libcurl4-debuginfo-8.0.1-150400.5.47.1 * curl-8.0.1-150400.5.47.1 * libcurl4-8.0.1-150400.5.47.1 * curl-debuginfo-8.0.1-150400.5.47.1 * libcurl-devel-8.0.1-150400.5.47.1 * curl-debugsource-8.0.1-150400.5.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.47.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.47.1 * SUSE Manager Proxy 4.3 (x86_64) * libcurl4-debuginfo-8.0.1-150400.5.47.1 * curl-8.0.1-150400.5.47.1 * libcurl4-32bit-8.0.1-150400.5.47.1 * libcurl4-8.0.1-150400.5.47.1 * curl-debuginfo-8.0.1-150400.5.47.1 * libcurl-devel-8.0.1-150400.5.47.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.47.1 * curl-debugsource-8.0.1-150400.5.47.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libcurl4-debuginfo-8.0.1-150400.5.47.1 * curl-8.0.1-150400.5.47.1 * libcurl4-32bit-8.0.1-150400.5.47.1 * libcurl4-8.0.1-150400.5.47.1 * curl-debuginfo-8.0.1-150400.5.47.1 * libcurl-devel-8.0.1-150400.5.47.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.47.1 * curl-debugsource-8.0.1-150400.5.47.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libcurl4-debuginfo-8.0.1-150400.5.47.1 * curl-8.0.1-150400.5.47.1 * libcurl4-8.0.1-150400.5.47.1 * curl-debuginfo-8.0.1-150400.5.47.1 * libcurl-devel-8.0.1-150400.5.47.1 * curl-debugsource-8.0.1-150400.5.47.1 * SUSE Manager Server 4.3 (x86_64) * libcurl4-32bit-8.0.1-150400.5.47.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.47.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7264.html * https://bugzilla.suse.com/show_bug.cgi?id=1228535 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 16 12:31:52 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 16 Sep 2024 12:31:52 -0000 Subject: SUSE-SU-2024:3251-1: important: Security update for the Linux Kernel Message-ID: <172648991275.27756.3119854018286241777@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3251-1 Rating: important References: * bsc#1082555 * bsc#1190317 * bsc#1196516 * bsc#1205462 * bsc#1210629 * bsc#1214285 * bsc#1216834 * bsc#1221252 * bsc#1222335 * bsc#1222387 * bsc#1222808 * bsc#1223074 * bsc#1223803 * bsc#1224479 * bsc#1224579 * bsc#1224640 * bsc#1224896 * bsc#1224923 * bsc#1224984 * bsc#1225190 * bsc#1225223 * bsc#1225483 * bsc#1225508 * bsc#1225578 * bsc#1226323 * bsc#1226629 * bsc#1226653 * bsc#1226754 * bsc#1226798 * bsc#1226801 * bsc#1226885 * bsc#1227069 * bsc#1227623 * bsc#1227820 * bsc#1227996 * bsc#1228065 * bsc#1228247 * bsc#1228410 * bsc#1228427 * bsc#1228449 * bsc#1228466 * bsc#1228467 * bsc#1228482 * bsc#1228485 * bsc#1228487 * bsc#1228493 * bsc#1228495 * bsc#1228501 * bsc#1228513 * bsc#1228516 * bsc#1228576 * bsc#1228579 * bsc#1228667 * bsc#1228706 * bsc#1228709 * bsc#1228720 * bsc#1228727 * bsc#1228733 * bsc#1228801 * bsc#1228850 * bsc#1228959 * bsc#1228964 * bsc#1228966 * bsc#1228967 * bsc#1228982 * bsc#1228989 * bsc#1229154 * bsc#1229156 * bsc#1229222 * bsc#1229229 * bsc#1229290 * bsc#1229292 * bsc#1229301 * bsc#1229309 * bsc#1229327 * bsc#1229345 * bsc#1229346 * bsc#1229347 * bsc#1229357 * bsc#1229358 * bsc#1229359 * bsc#1229381 * bsc#1229382 * bsc#1229386 * bsc#1229388 * bsc#1229392 * bsc#1229395 * bsc#1229398 * bsc#1229399 * bsc#1229400 * bsc#1229407 * bsc#1229457 * bsc#1229462 * bsc#1229482 * bsc#1229489 * bsc#1229490 * bsc#1229495 * bsc#1229497 * bsc#1229500 * bsc#1229503 * bsc#1229516 * bsc#1229526 * bsc#1229531 * bsc#1229535 * bsc#1229536 * bsc#1229540 * bsc#1229604 * bsc#1229623 * bsc#1229624 * bsc#1229630 * bsc#1229632 * bsc#1229657 * bsc#1229658 * bsc#1229664 * bsc#1229707 * bsc#1229756 * bsc#1229759 * bsc#1229761 * bsc#1229767 * bsc#1229784 * bsc#1229787 * bsc#1229851 Cross-References: * CVE-2021-4440 * CVE-2021-47257 * CVE-2021-47289 * CVE-2021-47341 * CVE-2021-47373 * CVE-2021-47425 * CVE-2021-47549 * CVE-2022-48751 * CVE-2022-48769 * CVE-2022-48786 * CVE-2022-48822 * CVE-2022-48865 * CVE-2022-48875 * CVE-2022-48896 * CVE-2022-48899 * CVE-2022-48905 * CVE-2022-48910 * CVE-2022-48919 * CVE-2022-48920 * CVE-2022-48925 * CVE-2022-48930 * CVE-2022-48931 * CVE-2022-48938 * CVE-2023-2176 * CVE-2023-52708 * CVE-2023-52893 * CVE-2023-52901 * CVE-2023-52907 * CVE-2024-26668 * CVE-2024-26677 * CVE-2024-26812 * CVE-2024-26851 * CVE-2024-27011 * CVE-2024-35915 * CVE-2024-35933 * CVE-2024-35965 * CVE-2024-36013 * CVE-2024-36270 * CVE-2024-36286 * CVE-2024-38618 * CVE-2024-38662 * CVE-2024-39489 * CVE-2024-40984 * CVE-2024-41012 * CVE-2024-41016 * CVE-2024-41020 * CVE-2024-41035 * CVE-2024-41062 * CVE-2024-41068 * CVE-2024-41087 * CVE-2024-41097 * CVE-2024-41098 * CVE-2024-42077 * CVE-2024-42082 * CVE-2024-42090 * CVE-2024-42101 * CVE-2024-42106 * CVE-2024-42110 * CVE-2024-42148 * CVE-2024-42155 * CVE-2024-42157 * CVE-2024-42158 * CVE-2024-42162 * CVE-2024-42226 * CVE-2024-42228 * CVE-2024-42232 * CVE-2024-42236 * CVE-2024-42240 * CVE-2024-42244 * CVE-2024-42246 * CVE-2024-42259 * CVE-2024-42271 * CVE-2024-42280 * CVE-2024-42281 * CVE-2024-42284 * CVE-2024-42285 * CVE-2024-42286 * CVE-2024-42287 * CVE-2024-42288 * CVE-2024-42289 * CVE-2024-42301 * CVE-2024-42309 * CVE-2024-42310 * CVE-2024-42312 * CVE-2024-42322 * CVE-2024-43819 * CVE-2024-43831 * CVE-2024-43839 * CVE-2024-43853 * CVE-2024-43854 * CVE-2024-43856 * CVE-2024-43861 * CVE-2024-43863 * CVE-2024-43866 * CVE-2024-43871 * CVE-2024-43872 * CVE-2024-43879 * CVE-2024-43882 * CVE-2024-43883 * CVE-2024-43892 * CVE-2024-43893 * CVE-2024-43900 * CVE-2024-43902 * CVE-2024-43905 * CVE-2024-43907 CVSS scores: * CVE-2021-4440 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2021-47257 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47341 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47373 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47549 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48751 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48769 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48786 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2022-48822 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48822 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48865 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48875 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48875 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48896 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48899 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48905 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48910 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48910 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48919 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48919 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48919 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48920 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48931 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48938 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48938 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-2176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52708 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52893 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26677 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26812 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35933 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35965 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36270 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36286 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-38618 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38662 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38662 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-39489 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-39489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40984 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41012 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41012 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-41020 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41020 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41035 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41068 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41087 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41097 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41097 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41098 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42082 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42101 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42101 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42148 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42155 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42155 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42155 ( NVD ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N * CVE-2024-42157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42157 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42158 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42158 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42162 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42226 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42226 ( NVD ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42228 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42228 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42236 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-42236 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-42236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42240 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42244 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42244 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42244 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42246 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42259 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42259 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-42259 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42271 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42271 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42280 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42281 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42284 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42284 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42285 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42285 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42286 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42286 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42287 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42288 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42289 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42301 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42301 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42309 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42309 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42310 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42310 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42312 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42322 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43819 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43831 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43856 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43863 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43866 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43871 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43872 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43883 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43883 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43892 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43892 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43892 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43893 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43893 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43900 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43900 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43902 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43902 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43902 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43905 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43907 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Availability Extension 12 SP5 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves 105 vulnerabilities and has 17 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-35965: Fix not validating setsockopt user input (bsc#1224579). * CVE-2024-35933: Fixed build regression (bsc#1224640). * CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707). * CVE-2024-41062: Sync sock recv cb and release (bsc#1228576). * CVE-2024-42259: Fix Virtual Memory mapping boundaries calculation (bsc#1229156) * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500). * CVE-2024-43863: Fix a deadlock in dma buf fence polling (bsc#1229497) * CVE-2024-41087: Fix double free on error (bsc#1228466). * CVE-2024-43907: Fix the null pointer dereference in apply_state_adjust_rules (bsc#1229787). * CVE-2024-43905: Fix the null pointer dereference for vega10_hwmgr (bsc#1229784). * CVE-2024-43893: Check uartclk for zero to avoid divide by zero (bsc#1229759). * CVE-2024-43900: Avoid use-after-free in load_firmware_cb() (bsc#1229756). * CVE-2024-43902: Add null checker before passing variables (bsc#1229767). * CVE-2022-48920: Get rid of warning on transaction commit when using flushoncommit (bsc#1229658). * CVE-2024-26812: Struct virqfd kABI workaround (bsc#1222808). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) * CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495). * CVE-2022-48910: Ensure we call ipv6_mc_down() at most once (bsc#1229632) * CVE-2023-52893: Fix null-deref in gsmi_get_variable (bsc#1229535) * CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733). * CVE-2022-48875: Initialize struct pn533_out_arg properly (bsc#1229516). * CVE-2023-52907: Wait for out_urb's completion in pn533_usb_send_frame() (bsc#1229526). * CVE-2024-43871: Fix memory leakage caused by driver API devm_free_percpu() (bsc#1229490) * CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720). * CVE-2024-43872: Fix soft lockup under heavy CEQE load (bsc#1229489) * CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623) * CVE-2024-42226: Prevent potential failure in handle_tx_event() for Transfer events without TRB (bsc#1228709). * CVE-2024-42236: Prevent OOB read/write in usb_string_copy() (bsc#1228964). * CVE-2024-42244: Fix crash on resume (bsc#1228967). * CVE-2024-43879: Handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (bsc#1229482). * CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803). * CVE-2024-36013: Fix slab-use-after-free in l2cap_connect() (bsc#1225578). * CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427). * CVE-2024-41012: Remove locks reliably when fcntl/close race is detected (bsc#1228247). * CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335). * CVE-2024-43819: Reject memory region operations for ucontrol VMs (bsc#1229290). * CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727). * CVE-2021-47341: Fix use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio (bsc#1224923). * CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301). * CVE-2022-48769: Avoid EFIv2 runtime services on Apple x86 machines (bsc#1226629). * CVE-2024-43856: Fix call order in dmam_free_coherent (bsc#1229346). * CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801) * CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074) * CVE-2024-40984: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (bsc#1227820). * CVE-2024-26677: Blacklist e7870cf13d20 (" Fix delayed ACKs to not set the reference serial number") (bsc#1222387) * CVE-2024-42280: Fix a use after free in hfcmulti_tx() (bsc#1229388) * CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382) * CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357) * CVE-2024-42310: Fix null pointer dereference in cdv_intel_lvds_get_modes (bsc#1229358) * CVE-2024-42309: Fix null pointer dereference in psb_intel_lvds_get_modes (bsc#1229359) * CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345) * CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347) * CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407). * CVE-2024-42285: Fix a use-after-free related to destroying CM IDs (bsc#1229381) * CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309). * CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386). * CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400) * CVE-2024-38618: Set lower bound of start tick time (bsc#1226754). * CVE-2024-41035: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (bsc#1228485) * CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706). * CVE-2023-52708: Fix error handling in mmc_spi_probe() (bsc#1225483). * CVE-2021-47549: Fix UAF in sata_fsl_port_stop when rmmod sata_fsl (bsc#1225508). * CVE-2021-47373: Fix potential VPE leak on error (bsc#1225190). * CVE-2021-47425: Fix resource leak in reconfiguration device addition (bsc#1225223). * CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989). * CVE-2024-41098: Fix null pointer dereference on error (bsc#1228467). * CVE-2021-4440: Drop USERGS_SYSRET64 paravirt call ( bsc#1227069). * CVE-2022-48786: Remove vsock from connected table when connect is interrupted by a signal (bsc#1227996). * CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959) * CVE-2024-35915: Fix uninit-value in nci_dev_up and nci_ntf_packet (bsc#1224479). * CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885). * CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501). * CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487). * CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493). * CVE-2022-48865: Fix kernel panic when enabling bearer (bsc#1228065). * CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579). * CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482). * CVE-2024-42090: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (bsc#1228449). * CVE-2024-42101: Fix null pointer dereference in nouveau_connector_get_modes (bsc#1228495). * CVE-2024-42228: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (bsc#1228667). * CVE-2021-47257: fix null deref in parse dev addr (bsc#1224896). The following non-security bugs were fixed: * arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git- fixes) * Bluetooth: L2CAP: Fix deadlock (git-fixes). * btrfs: fix processing of delayed tree block refs during backref walking (bsc#1228982). * btrfs: Remove unused op_key var from add_delayed_refs (bsc#1228982). * cgroup/cpuset: Prevent UAF in proc_cpuset_show() (bsc#1228801). * char: tpm: Protect tpm_pm_suspend with locks (bsc#1082555). * cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). * fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229457). * genirq: Delay deactivation in free_irq() (git-fixes). * genirq: Make sure the initial affinity is not empty (git-fixes). * genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (git- fixes). * genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask() (git- fixes). * genirq/irqdesc: Do not try to remove non-existing sysfs files (git-fixes). * genirq/irqdomain: Check pointer in irq_domain_alloc_irqs_hierarchy() (git- fixes). * genirq/msi: Activate Multi-MSI early when MSI_FLAG_ACTIVATE_EARLY is set (git-fixes). * genirq/msi: Ensure deactivation on teardown (git-fixes). * genirq/proc: Reject invalid affinity masks (again) (git-fixes). * gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git- fixes). * ip6_tunnel: Fix broken GRO (bsc#1226323). * irqdomain: Drop bogus fwspec-mapping error handling (git-fixes). * irqdomain: Fix association race (git-fixes). * irqdomain: Fix domain registration race (git-fixes). * irqdomain: Fix mapping-creation race (git-fixes). * irqdomain: Fixed unbalanced fwnode get and put (git-fixes). * irqdomain: Look for existing mapping only once (git-fixes). * irqdomain: Refactor __irq_domain_alloc_irqs() (git-fixes). * kABI: do not change return type of tpm_tis_update_timeouts (bsc#1082555). * kABI: do not rename tpm_do_selftest, tpm_pcr_read_dev, and tpm1_getcap (bsc#1082555). * kABI: Do not rename tpm_getcap (bsc#1082555). * kABI: genirq: Delay deactivation in free_irq() (kabi git-fixes). * kABI: Hide the new last_cc member in a hole in struct tpm_chip (bsc#1082555). * kABI: Instead of changing the pcr argument type add a local variable of the desired type, and assign it from the actual argument (bsc#1082555). * kABI: no need to store the tpm long long duration in tpm_chip struct, it is an arbitrary hardcoded value (bsc#1082555). * kABI: re-export tpm2_calc_ordinal_duration (bsc#1082555). * kABI: tpm-interface: Hide new include from genksyms (bsc#1082555). * kABI: tpm2-space: Do not add buf_size to struct tpm_space (bsc#1082555). * kabi/severities: Ignore tpm_transmit_cmd and tpm_tis_core_init (bsc#1082555). * KVM: s390: Do not report unusabled IDs via KVM_CAP_MAX_VCPU_ID (git-fixes bsc#1229222). * memcg: protect concurrent access to mem_cgroup_idr (git-fixes). * net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154). * net: mana: Fix race on per-CQ variable napi work_done (bsc#1229154). * netfilter: nf_conntrack_h323: restore boundary check correctness (bsc#1223074) * netfilter: nf_ct_h323: Convert CHECK_BOUND macro to function (bsc#1223074) * netfilter: nf_ct_h323: Extend nf_h323_error_boundary to work on bits as well (bsc#1223074) * netfilter: nf_ct_h323: Out Of Bound Read in Netfilter Conntrack (bsc#1223074) * nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git- fixes). * nfc: nci: Fix kcov check in nci_rx_work() (git-fixes). * nfc: nci: Fix uninit-value in nci_rx_work (git-fixes). * powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). * s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229229). * scsi: target: core: Silence the message about unknown VPD pages (bsc#1221252 bsc#1229462). * tpm_tis_core: Turn on the TPM before probing IRQ's (bsc#1082555). * tpm_tis: Add a check for invalid status (bsc#1082555). * tpm_tis: Explicitly check for error code (bsc#1082555). * tpm_tis: Fix an error handling path in 'tpm_tis_core_init()' (bsc#1082555). * tpm_tis: Resend command to recover from data transfer errors (bsc#1082555). * tpm_tis: reserve chip for duration of tpm_tis_core_init (bsc#1082555). * tpm_tis: Use tpm_chip_{start,stop} decoration inside tpm_tis_resume (bsc#1082555). * tpm, tpm_tis: Avoid cache incoherency in test for interrupts (bsc#1082555). * tpm, tpm_tis: Claim locality before writing interrupt registers (bsc#1082555). * tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register (bsc#1082555). * tpm, tpm_tis: Claim locality when interrupts are reenabled on resume (bsc#1082555). * tpm, tpm_tis: correct tpm_tis_flags enumeration values (bsc#1082555). * tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1082555). * tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1082555). * tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed (bsc#1082555). * tpm, tpm_tis: Do not skip reset of original interrupt vector (bsc#1082555). * tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1082555). * tpm, tpm_tis: Only handle supported interrupts (bsc#1082555). * tpm, tpm_tis: Reserve locality in tpm_tis_resume() (bsc#1082555). * tpm, tpm: Implement usage counter for locality (bsc#1082555). * tpm, tpmrm: Mark tpmrm_write as static (bsc#1082555). * tpm: access command header through struct in tpm_try_transmit() (bsc#1082555). * tpm: Actually fail on TPM errors during "get random" (bsc#1082555). * tpm: Add a flag to indicate TPM power is managed by firmware (bsc#1082555). * tpm: add ptr to the tpm_space struct to file_priv (bsc#1082555). * tpm: add support for nonblocking operation (bsc#1082555). * tpm: add support for partial reads (bsc#1082555). * tpm: add tpm_auto_startup() into tpm-interface.c (bsc#1082555). * tpm: add tpm_calc_ordinal_duration() wrapper (bsc#1082555). * tpm: Allow system suspend to continue when TPM suspend fails (bsc#1082555). * tpm: clean up tpm_try_transmit() error handling flow (bsc#1082555). * tpm: declare struct tpm_header (bsc#1082555). * tpm: do not return bool from update_timeouts (bsc#1082555). * tpm: encapsulate tpm_dev_transmit() (bsc#1082555). * tpm: factor out tpm 1.x duration calculation to tpm1-cmd.c (bsc#1082555). * tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c (bsc#1082555). * tpm: factor out tpm_get_timeouts() (bsc#1082555). * tpm: factor out tpm_startup function (bsc#1082555). * tpm: factor out tpm1_get_random into tpm1-cmd.c (bsc#1082555). * tpm: fix an invalid condition in tpm_common_poll (bsc#1082555). * tpm: fix Atmel TPM crash caused by too frequent queries (bsc#1082555). * tpm: Fix buffer access in tpm2_get_tpm_pt() (bsc#1082555). * tpm: fix buffer type in tpm_transmit_cmd (bsc#1082555). * tpm: fix byte order related arithmetic inconsistency in tpm_getcap() (bsc#1082555). * tpm: Fix error handling in async work (bsc#1082555). * tpm: fix invalid locking in NONBLOCKING mode (bsc#1082555). * tpm: fix invalid return value in pubek_show() (bsc#1082555). * tpm: fix NPE on probe for missing device (bsc#1082555). * tpm: Fix null pointer dereference on chip register error path (bsc#1082555). * tpm: Fix TIS locality timeout problems (bsc#1082555). * tpm: Handle negative priv->response_len in tpm_common_read() (bsc#1082555). * tpm: introduce tpm_chip_start() and tpm_chip_stop() (bsc#1082555). * tpm: migrate pubek_show to struct tpm_buf (bsc#1082555). * tpm: migrate tpm2_get_random() to use struct tpm_buf (bsc#1082555). * tpm: migrate tpm2_get_tpm_pt() to use struct tpm_buf (bsc#1082555). * tpm: migrate tpm2_probe() to use struct tpm_buf (bsc#1082555). * tpm: migrate tpm2_shutdown() to use struct tpm_buf (bsc#1082555). * tpm: move TPM 1.2 code of tpm_pcr_extend() to tpm1_pcr_extend() (bsc#1082555). * tpm: move tpm 1.x selftest code from tpm-interface.c tpm1-cmd.c (bsc#1082555). * tpm: move TPM space code out of tpm_transmit() (bsc#1082555). * tpm: move tpm_getcap to tpm1-cmd.c (bsc#1082555). * tpm: move tpm_validate_commmand() to tpm2-space.c (bsc#1082555). * tpm: move tpm1_pcr_extend to tpm1-cmd.c (bsc#1082555). * tpm: Prevent hwrng from activating during resume (bsc#1082555). * tpm: print tpm2_commit_space() error inside tpm2_commit_space() (bsc#1082555). * tpm: remove @flags from tpm_transmit() (bsc#1082555). * tpm: remove @space from tpm_transmit() (bsc#1082555). * tpm: remove struct tpm_pcrextend_in (bsc#1082555). * tpm: Remove tpm_dev_wq_lock (bsc#1082555). * tpm: remove TPM_TRANSMIT_UNLOCKED flag (bsc#1082555). * tpm: rename tpm_chip_find_get() to tpm_find_get_ops() (bsc#1082555). * tpm: replace TPM_TRANSMIT_RAW with TPM_TRANSMIT_NESTED (bsc#1082555). * tpm: Replace WARN_ONCE() with dev_err_once() in tpm_tis_status() (bsc#1082555). * tpm: return 0 from pcrs_show() when tpm1_pcr_read() fails (bsc#1082555). * tpm: Revert "tpm_tis_core: Set TPM_CHIP_FLAG_IRQ before probing for interrupts" (bsc#1082555). * tpm: Revert "tpm_tis_core: Turn on the TPM before probing IRQ's" (bsc#1082555). * tpm: Revert "tpm_tis: reserve chip for duration of tpm_tis_core_init" (bsc#1082555). * tpm: take TPM chip power gating out of tpm_transmit() (bsc#1082555). * tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak (bsc#1082555). * tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak (bsc#1082555). * tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation (bsc#1082555). * tpm: tpm1_bios_measurements_next should increase position index (bsc#1082555). * tpm: tpm1: rewrite tpm1_get_random() using tpm_buf structure (bsc#1082555). * tpm: turn on TPM on suspend for TPM 1.x (bsc#1082555). * tpm: Unify the mismatching TPM space buffer sizes (bsc#1082555). * tpm: use tpm_buf in tpm_transmit_cmd() as the IO parameter (bsc#1082555). * tpm: use tpm_msleep() value as max delay (bsc#1082555). * tpm: use tpm_try_get_ops() in tpm-sysfs.c (bsc#1082555). * tpm: use u32 instead of int for PCR index (bsc#1082555). * tpm: vtpm_proxy: Avoid reading host log when using a virtual device (bsc#1082555). * tpm: vtpm_proxy: Prevent userspace from sending driver command (bsc#1082555). * tpm: Wrap the buffer from the caller to tpm_buf in tpm_send() (bsc#1082555). * tpm/tpm_crb: Fix error message in __crb_relinquish_locality() (bsc#1082555). * tpm1: implement tpm1_pcr_read_dev() using tpm_buf structure (bsc#1082555). * tpm1: reimplement SAVESTATE using tpm_buf (bsc#1082555). * tpm1: reimplement tpm1_continue_selftest() using tpm_buf (bsc#1082555). * tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read() (bsc#1082555). * tpm2: add longer timeouts for creation commands (bsc#1082555). * vfio/pci: fix potential memory leak in vfio_intx_enable() (git-fixes). * vsock: correct removal of socket from the list (bsc#1227996). * xfs: fix getfsmap reporting past the last rt extent (git-fixes). * xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes). * xfs: fix uninitialized variable access (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2024-3251=1 SUSE-SLE- SERVER-12-SP5-2024-3251=1 * SUSE Linux Enterprise High Availability Extension 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2024-3251=1 * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-3251=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3251=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3251=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3251=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-3251=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * kernel-default-devel-4.12.14-122.228.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.228.1 * gfs2-kmp-default-debuginfo-4.12.14-122.228.1 * ocfs2-kmp-default-4.12.14-122.228.1 * kernel-default-debuginfo-4.12.14-122.228.1 * kernel-default-base-4.12.14-122.228.1 * kernel-syms-4.12.14-122.228.1 * kernel-default-debugsource-4.12.14-122.228.1 * dlm-kmp-default-4.12.14-122.228.1 * cluster-md-kmp-default-4.12.14-122.228.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.228.1 * kernel-default-base-debuginfo-4.12.14-122.228.1 * dlm-kmp-default-debuginfo-4.12.14-122.228.1 * gfs2-kmp-default-4.12.14-122.228.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc ppc64le x86_64) * kernel-default-4.12.14-122.228.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * kernel-devel-4.12.14-122.228.1 * kernel-macros-4.12.14-122.228.1 * kernel-source-4.12.14-122.228.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.228.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (ppc64le s390x x86_64) * cluster-md-kmp-default-debuginfo-4.12.14-122.228.1 * gfs2-kmp-default-debuginfo-4.12.14-122.228.1 * ocfs2-kmp-default-4.12.14-122.228.1 * kernel-default-debuginfo-4.12.14-122.228.1 * kernel-default-debugsource-4.12.14-122.228.1 * dlm-kmp-default-4.12.14-122.228.1 * cluster-md-kmp-default-4.12.14-122.228.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.228.1 * dlm-kmp-default-debuginfo-4.12.14-122.228.1 * gfs2-kmp-default-4.12.14-122.228.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (nosrc) * kernel-default-4.12.14-122.228.1 * SUSE Linux Enterprise Live Patching 12-SP5 (nosrc) * kernel-default-4.12.14-122.228.1 * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kernel-default-debugsource-4.12.14-122.228.1 * kernel-default-kgraft-devel-4.12.14-122.228.1 * kernel-default-kgraft-4.12.14-122.228.1 * kernel-default-debuginfo-4.12.14-122.228.1 * kgraft-patch-4_12_14-122_228-default-1-8.3.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch nosrc) * kernel-docs-4.12.14-122.228.2 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-4.12.14-122.228.2 * kernel-obs-build-4.12.14-122.228.2 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 nosrc x86_64) * kernel-default-4.12.14-122.228.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * kernel-default-devel-4.12.14-122.228.1 * kernel-syms-4.12.14-122.228.1 * kernel-default-base-4.12.14-122.228.1 * kernel-default-debugsource-4.12.14-122.228.1 * kernel-default-base-debuginfo-4.12.14-122.228.1 * kernel-default-debuginfo-4.12.14-122.228.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * kernel-devel-4.12.14-122.228.1 * kernel-macros-4.12.14-122.228.1 * kernel-source-4.12.14-122.228.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.228.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-4.12.14-122.228.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-4.12.14-122.228.1 * kernel-syms-4.12.14-122.228.1 * kernel-default-base-4.12.14-122.228.1 * kernel-default-debugsource-4.12.14-122.228.1 * kernel-default-base-debuginfo-4.12.14-122.228.1 * kernel-default-debuginfo-4.12.14-122.228.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * kernel-devel-4.12.14-122.228.1 * kernel-macros-4.12.14-122.228.1 * kernel-source-4.12.14-122.228.1 * SUSE Linux Enterprise Server 12 SP5 (s390x) * kernel-default-man-4.12.14-122.228.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.228.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (nosrc) * kernel-default-4.12.14-122.228.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * kernel-default-extra-4.12.14-122.228.1 * kernel-default-extra-debuginfo-4.12.14-122.228.1 * kernel-default-debugsource-4.12.14-122.228.1 * kernel-default-debuginfo-4.12.14-122.228.1 ## References: * https://www.suse.com/security/cve/CVE-2021-4440.html * https://www.suse.com/security/cve/CVE-2021-47257.html * https://www.suse.com/security/cve/CVE-2021-47289.html * https://www.suse.com/security/cve/CVE-2021-47341.html * https://www.suse.com/security/cve/CVE-2021-47373.html * https://www.suse.com/security/cve/CVE-2021-47425.html * https://www.suse.com/security/cve/CVE-2021-47549.html * https://www.suse.com/security/cve/CVE-2022-48751.html * https://www.suse.com/security/cve/CVE-2022-48769.html * https://www.suse.com/security/cve/CVE-2022-48786.html * https://www.suse.com/security/cve/CVE-2022-48822.html * https://www.suse.com/security/cve/CVE-2022-48865.html * https://www.suse.com/security/cve/CVE-2022-48875.html * https://www.suse.com/security/cve/CVE-2022-48896.html * https://www.suse.com/security/cve/CVE-2022-48899.html * https://www.suse.com/security/cve/CVE-2022-48905.html * https://www.suse.com/security/cve/CVE-2022-48910.html * https://www.suse.com/security/cve/CVE-2022-48919.html * https://www.suse.com/security/cve/CVE-2022-48920.html * https://www.suse.com/security/cve/CVE-2022-48925.html * https://www.suse.com/security/cve/CVE-2022-48930.html * https://www.suse.com/security/cve/CVE-2022-48931.html * https://www.suse.com/security/cve/CVE-2022-48938.html * https://www.suse.com/security/cve/CVE-2023-2176.html * https://www.suse.com/security/cve/CVE-2023-52708.html * https://www.suse.com/security/cve/CVE-2023-52893.html * https://www.suse.com/security/cve/CVE-2023-52901.html * https://www.suse.com/security/cve/CVE-2023-52907.html * https://www.suse.com/security/cve/CVE-2024-26668.html * https://www.suse.com/security/cve/CVE-2024-26677.html * https://www.suse.com/security/cve/CVE-2024-26812.html * https://www.suse.com/security/cve/CVE-2024-26851.html * https://www.suse.com/security/cve/CVE-2024-27011.html * https://www.suse.com/security/cve/CVE-2024-35915.html * https://www.suse.com/security/cve/CVE-2024-35933.html * https://www.suse.com/security/cve/CVE-2024-35965.html * https://www.suse.com/security/cve/CVE-2024-36013.html * https://www.suse.com/security/cve/CVE-2024-36270.html * https://www.suse.com/security/cve/CVE-2024-36286.html * https://www.suse.com/security/cve/CVE-2024-38618.html * https://www.suse.com/security/cve/CVE-2024-38662.html * https://www.suse.com/security/cve/CVE-2024-39489.html * https://www.suse.com/security/cve/CVE-2024-40984.html * https://www.suse.com/security/cve/CVE-2024-41012.html * https://www.suse.com/security/cve/CVE-2024-41016.html * https://www.suse.com/security/cve/CVE-2024-41020.html * https://www.suse.com/security/cve/CVE-2024-41035.html * https://www.suse.com/security/cve/CVE-2024-41062.html * https://www.suse.com/security/cve/CVE-2024-41068.html * https://www.suse.com/security/cve/CVE-2024-41087.html * https://www.suse.com/security/cve/CVE-2024-41097.html * https://www.suse.com/security/cve/CVE-2024-41098.html * https://www.suse.com/security/cve/CVE-2024-42077.html * https://www.suse.com/security/cve/CVE-2024-42082.html * https://www.suse.com/security/cve/CVE-2024-42090.html * https://www.suse.com/security/cve/CVE-2024-42101.html * https://www.suse.com/security/cve/CVE-2024-42106.html * https://www.suse.com/security/cve/CVE-2024-42110.html * https://www.suse.com/security/cve/CVE-2024-42148.html * https://www.suse.com/security/cve/CVE-2024-42155.html * https://www.suse.com/security/cve/CVE-2024-42157.html * https://www.suse.com/security/cve/CVE-2024-42158.html * https://www.suse.com/security/cve/CVE-2024-42162.html * https://www.suse.com/security/cve/CVE-2024-42226.html * https://www.suse.com/security/cve/CVE-2024-42228.html * https://www.suse.com/security/cve/CVE-2024-42232.html * https://www.suse.com/security/cve/CVE-2024-42236.html * https://www.suse.com/security/cve/CVE-2024-42240.html * https://www.suse.com/security/cve/CVE-2024-42244.html * https://www.suse.com/security/cve/CVE-2024-42246.html * https://www.suse.com/security/cve/CVE-2024-42259.html * https://www.suse.com/security/cve/CVE-2024-42271.html * https://www.suse.com/security/cve/CVE-2024-42280.html * https://www.suse.com/security/cve/CVE-2024-42281.html * https://www.suse.com/security/cve/CVE-2024-42284.html * https://www.suse.com/security/cve/CVE-2024-42285.html * https://www.suse.com/security/cve/CVE-2024-42286.html * https://www.suse.com/security/cve/CVE-2024-42287.html * https://www.suse.com/security/cve/CVE-2024-42288.html * https://www.suse.com/security/cve/CVE-2024-42289.html * https://www.suse.com/security/cve/CVE-2024-42301.html * https://www.suse.com/security/cve/CVE-2024-42309.html * https://www.suse.com/security/cve/CVE-2024-42310.html * https://www.suse.com/security/cve/CVE-2024-42312.html * https://www.suse.com/security/cve/CVE-2024-42322.html * https://www.suse.com/security/cve/CVE-2024-43819.html * https://www.suse.com/security/cve/CVE-2024-43831.html * https://www.suse.com/security/cve/CVE-2024-43839.html * https://www.suse.com/security/cve/CVE-2024-43853.html * https://www.suse.com/security/cve/CVE-2024-43854.html * https://www.suse.com/security/cve/CVE-2024-43856.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-43863.html * https://www.suse.com/security/cve/CVE-2024-43866.html * https://www.suse.com/security/cve/CVE-2024-43871.html * https://www.suse.com/security/cve/CVE-2024-43872.html * https://www.suse.com/security/cve/CVE-2024-43879.html * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-43883.html * https://www.suse.com/security/cve/CVE-2024-43892.html * https://www.suse.com/security/cve/CVE-2024-43893.html * https://www.suse.com/security/cve/CVE-2024-43900.html * https://www.suse.com/security/cve/CVE-2024-43902.html * https://www.suse.com/security/cve/CVE-2024-43905.html * https://www.suse.com/security/cve/CVE-2024-43907.html * https://bugzilla.suse.com/show_bug.cgi?id=1082555 * https://bugzilla.suse.com/show_bug.cgi?id=1190317 * https://bugzilla.suse.com/show_bug.cgi?id=1196516 * https://bugzilla.suse.com/show_bug.cgi?id=1205462 * https://bugzilla.suse.com/show_bug.cgi?id=1210629 * https://bugzilla.suse.com/show_bug.cgi?id=1214285 * https://bugzilla.suse.com/show_bug.cgi?id=1216834 * https://bugzilla.suse.com/show_bug.cgi?id=1221252 * https://bugzilla.suse.com/show_bug.cgi?id=1222335 * https://bugzilla.suse.com/show_bug.cgi?id=1222387 * https://bugzilla.suse.com/show_bug.cgi?id=1222808 * https://bugzilla.suse.com/show_bug.cgi?id=1223074 * https://bugzilla.suse.com/show_bug.cgi?id=1223803 * https://bugzilla.suse.com/show_bug.cgi?id=1224479 * https://bugzilla.suse.com/show_bug.cgi?id=1224579 * https://bugzilla.suse.com/show_bug.cgi?id=1224640 * https://bugzilla.suse.com/show_bug.cgi?id=1224896 * https://bugzilla.suse.com/show_bug.cgi?id=1224923 * https://bugzilla.suse.com/show_bug.cgi?id=1224984 * https://bugzilla.suse.com/show_bug.cgi?id=1225190 * https://bugzilla.suse.com/show_bug.cgi?id=1225223 * https://bugzilla.suse.com/show_bug.cgi?id=1225483 * https://bugzilla.suse.com/show_bug.cgi?id=1225508 * https://bugzilla.suse.com/show_bug.cgi?id=1225578 * https://bugzilla.suse.com/show_bug.cgi?id=1226323 * https://bugzilla.suse.com/show_bug.cgi?id=1226629 * https://bugzilla.suse.com/show_bug.cgi?id=1226653 * https://bugzilla.suse.com/show_bug.cgi?id=1226754 * https://bugzilla.suse.com/show_bug.cgi?id=1226798 * https://bugzilla.suse.com/show_bug.cgi?id=1226801 * https://bugzilla.suse.com/show_bug.cgi?id=1226885 * https://bugzilla.suse.com/show_bug.cgi?id=1227069 * https://bugzilla.suse.com/show_bug.cgi?id=1227623 * https://bugzilla.suse.com/show_bug.cgi?id=1227820 * https://bugzilla.suse.com/show_bug.cgi?id=1227996 * https://bugzilla.suse.com/show_bug.cgi?id=1228065 * https://bugzilla.suse.com/show_bug.cgi?id=1228247 * https://bugzilla.suse.com/show_bug.cgi?id=1228410 * https://bugzilla.suse.com/show_bug.cgi?id=1228427 * https://bugzilla.suse.com/show_bug.cgi?id=1228449 * https://bugzilla.suse.com/show_bug.cgi?id=1228466 * https://bugzilla.suse.com/show_bug.cgi?id=1228467 * https://bugzilla.suse.com/show_bug.cgi?id=1228482 * https://bugzilla.suse.com/show_bug.cgi?id=1228485 * https://bugzilla.suse.com/show_bug.cgi?id=1228487 * https://bugzilla.suse.com/show_bug.cgi?id=1228493 * https://bugzilla.suse.com/show_bug.cgi?id=1228495 * https://bugzilla.suse.com/show_bug.cgi?id=1228501 * https://bugzilla.suse.com/show_bug.cgi?id=1228513 * https://bugzilla.suse.com/show_bug.cgi?id=1228516 * https://bugzilla.suse.com/show_bug.cgi?id=1228576 * https://bugzilla.suse.com/show_bug.cgi?id=1228579 * https://bugzilla.suse.com/show_bug.cgi?id=1228667 * https://bugzilla.suse.com/show_bug.cgi?id=1228706 * https://bugzilla.suse.com/show_bug.cgi?id=1228709 * https://bugzilla.suse.com/show_bug.cgi?id=1228720 * https://bugzilla.suse.com/show_bug.cgi?id=1228727 * https://bugzilla.suse.com/show_bug.cgi?id=1228733 * https://bugzilla.suse.com/show_bug.cgi?id=1228801 * https://bugzilla.suse.com/show_bug.cgi?id=1228850 * https://bugzilla.suse.com/show_bug.cgi?id=1228959 * https://bugzilla.suse.com/show_bug.cgi?id=1228964 * https://bugzilla.suse.com/show_bug.cgi?id=1228966 * https://bugzilla.suse.com/show_bug.cgi?id=1228967 * https://bugzilla.suse.com/show_bug.cgi?id=1228982 * https://bugzilla.suse.com/show_bug.cgi?id=1228989 * https://bugzilla.suse.com/show_bug.cgi?id=1229154 * https://bugzilla.suse.com/show_bug.cgi?id=1229156 * https://bugzilla.suse.com/show_bug.cgi?id=1229222 * https://bugzilla.suse.com/show_bug.cgi?id=1229229 * https://bugzilla.suse.com/show_bug.cgi?id=1229290 * https://bugzilla.suse.com/show_bug.cgi?id=1229292 * https://bugzilla.suse.com/show_bug.cgi?id=1229301 * https://bugzilla.suse.com/show_bug.cgi?id=1229309 * https://bugzilla.suse.com/show_bug.cgi?id=1229327 * https://bugzilla.suse.com/show_bug.cgi?id=1229345 * https://bugzilla.suse.com/show_bug.cgi?id=1229346 * https://bugzilla.suse.com/show_bug.cgi?id=1229347 * https://bugzilla.suse.com/show_bug.cgi?id=1229357 * https://bugzilla.suse.com/show_bug.cgi?id=1229358 * https://bugzilla.suse.com/show_bug.cgi?id=1229359 * https://bugzilla.suse.com/show_bug.cgi?id=1229381 * https://bugzilla.suse.com/show_bug.cgi?id=1229382 * https://bugzilla.suse.com/show_bug.cgi?id=1229386 * https://bugzilla.suse.com/show_bug.cgi?id=1229388 * https://bugzilla.suse.com/show_bug.cgi?id=1229392 * https://bugzilla.suse.com/show_bug.cgi?id=1229395 * https://bugzilla.suse.com/show_bug.cgi?id=1229398 * https://bugzilla.suse.com/show_bug.cgi?id=1229399 * https://bugzilla.suse.com/show_bug.cgi?id=1229400 * https://bugzilla.suse.com/show_bug.cgi?id=1229407 * https://bugzilla.suse.com/show_bug.cgi?id=1229457 * https://bugzilla.suse.com/show_bug.cgi?id=1229462 * https://bugzilla.suse.com/show_bug.cgi?id=1229482 * https://bugzilla.suse.com/show_bug.cgi?id=1229489 * https://bugzilla.suse.com/show_bug.cgi?id=1229490 * https://bugzilla.suse.com/show_bug.cgi?id=1229495 * https://bugzilla.suse.com/show_bug.cgi?id=1229497 * https://bugzilla.suse.com/show_bug.cgi?id=1229500 * https://bugzilla.suse.com/show_bug.cgi?id=1229503 * https://bugzilla.suse.com/show_bug.cgi?id=1229516 * https://bugzilla.suse.com/show_bug.cgi?id=1229526 * https://bugzilla.suse.com/show_bug.cgi?id=1229531 * https://bugzilla.suse.com/show_bug.cgi?id=1229535 * https://bugzilla.suse.com/show_bug.cgi?id=1229536 * https://bugzilla.suse.com/show_bug.cgi?id=1229540 * https://bugzilla.suse.com/show_bug.cgi?id=1229604 * https://bugzilla.suse.com/show_bug.cgi?id=1229623 * https://bugzilla.suse.com/show_bug.cgi?id=1229624 * https://bugzilla.suse.com/show_bug.cgi?id=1229630 * https://bugzilla.suse.com/show_bug.cgi?id=1229632 * https://bugzilla.suse.com/show_bug.cgi?id=1229657 * https://bugzilla.suse.com/show_bug.cgi?id=1229658 * https://bugzilla.suse.com/show_bug.cgi?id=1229664 * https://bugzilla.suse.com/show_bug.cgi?id=1229707 * https://bugzilla.suse.com/show_bug.cgi?id=1229756 * https://bugzilla.suse.com/show_bug.cgi?id=1229759 * https://bugzilla.suse.com/show_bug.cgi?id=1229761 * https://bugzilla.suse.com/show_bug.cgi?id=1229767 * https://bugzilla.suse.com/show_bug.cgi?id=1229784 * https://bugzilla.suse.com/show_bug.cgi?id=1229787 * https://bugzilla.suse.com/show_bug.cgi?id=1229851 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 16 12:33:23 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 16 Sep 2024 12:33:23 -0000 Subject: SUSE-SU-2024:3252-1: important: Security update for the Linux Kernel Message-ID: <172649000362.27756.6074222267877506663@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3252-1 Rating: important References: * bsc#1082555 * bsc#1190317 * bsc#1196516 * bsc#1205462 * bsc#1210629 * bsc#1214285 * bsc#1216834 * bsc#1221252 * bsc#1222335 * bsc#1222387 * bsc#1222808 * bsc#1223074 * bsc#1223803 * bsc#1224479 * bsc#1224579 * bsc#1224640 * bsc#1224896 * bsc#1224923 * bsc#1224984 * bsc#1225190 * bsc#1225223 * bsc#1225483 * bsc#1225508 * bsc#1225578 * bsc#1226323 * bsc#1226629 * bsc#1226653 * bsc#1226754 * bsc#1226798 * bsc#1226801 * bsc#1226885 * bsc#1227069 * bsc#1227623 * bsc#1227820 * bsc#1227996 * bsc#1228065 * bsc#1228247 * bsc#1228410 * bsc#1228427 * bsc#1228449 * bsc#1228466 * bsc#1228467 * bsc#1228482 * bsc#1228485 * bsc#1228487 * bsc#1228493 * bsc#1228495 * bsc#1228501 * bsc#1228513 * bsc#1228516 * bsc#1228576 * bsc#1228579 * bsc#1228667 * bsc#1228706 * bsc#1228709 * bsc#1228720 * bsc#1228727 * bsc#1228733 * bsc#1228801 * bsc#1228850 * bsc#1228959 * bsc#1228964 * bsc#1228966 * bsc#1228967 * bsc#1228982 * bsc#1228989 * bsc#1229154 * bsc#1229156 * bsc#1229222 * bsc#1229229 * bsc#1229290 * bsc#1229292 * bsc#1229301 * bsc#1229309 * bsc#1229327 * bsc#1229345 * bsc#1229346 * bsc#1229347 * bsc#1229357 * bsc#1229358 * bsc#1229359 * bsc#1229381 * bsc#1229382 * bsc#1229386 * bsc#1229388 * bsc#1229392 * bsc#1229395 * bsc#1229398 * bsc#1229399 * bsc#1229400 * bsc#1229407 * bsc#1229457 * bsc#1229462 * bsc#1229482 * bsc#1229489 * bsc#1229490 * bsc#1229495 * bsc#1229497 * bsc#1229500 * bsc#1229503 * bsc#1229516 * bsc#1229526 * bsc#1229531 * bsc#1229535 * bsc#1229536 * bsc#1229540 * bsc#1229604 * bsc#1229623 * bsc#1229624 * bsc#1229630 * bsc#1229632 * bsc#1229657 * bsc#1229658 * bsc#1229664 * bsc#1229707 * bsc#1229756 * bsc#1229759 * bsc#1229761 * bsc#1229767 * bsc#1229784 * bsc#1229787 * bsc#1229851 Cross-References: * CVE-2021-4440 * CVE-2021-47257 * CVE-2021-47289 * CVE-2021-47341 * CVE-2021-47373 * CVE-2021-47425 * CVE-2021-47549 * CVE-2022-48751 * CVE-2022-48769 * CVE-2022-48786 * CVE-2022-48822 * CVE-2022-48865 * CVE-2022-48875 * CVE-2022-48896 * CVE-2022-48899 * CVE-2022-48905 * CVE-2022-48910 * CVE-2022-48919 * CVE-2022-48920 * CVE-2022-48925 * CVE-2022-48930 * CVE-2022-48931 * CVE-2022-48938 * CVE-2023-2176 * CVE-2023-52708 * CVE-2023-52893 * CVE-2023-52901 * CVE-2023-52907 * CVE-2024-26668 * CVE-2024-26677 * CVE-2024-26812 * CVE-2024-26851 * CVE-2024-27011 * CVE-2024-35915 * CVE-2024-35933 * CVE-2024-35965 * CVE-2024-36013 * CVE-2024-36270 * CVE-2024-36286 * CVE-2024-38618 * CVE-2024-38662 * CVE-2024-39489 * CVE-2024-40984 * CVE-2024-41012 * CVE-2024-41016 * CVE-2024-41020 * CVE-2024-41035 * CVE-2024-41062 * CVE-2024-41068 * CVE-2024-41087 * CVE-2024-41097 * CVE-2024-41098 * CVE-2024-42077 * CVE-2024-42082 * CVE-2024-42090 * CVE-2024-42101 * CVE-2024-42106 * CVE-2024-42110 * CVE-2024-42148 * CVE-2024-42155 * CVE-2024-42157 * CVE-2024-42158 * CVE-2024-42162 * CVE-2024-42226 * CVE-2024-42228 * CVE-2024-42232 * CVE-2024-42236 * CVE-2024-42240 * CVE-2024-42244 * CVE-2024-42246 * CVE-2024-42259 * CVE-2024-42271 * CVE-2024-42280 * CVE-2024-42281 * CVE-2024-42284 * CVE-2024-42285 * CVE-2024-42286 * CVE-2024-42287 * CVE-2024-42288 * CVE-2024-42289 * CVE-2024-42301 * CVE-2024-42309 * CVE-2024-42310 * CVE-2024-42312 * CVE-2024-42322 * CVE-2024-43819 * CVE-2024-43831 * CVE-2024-43839 * CVE-2024-43853 * CVE-2024-43854 * CVE-2024-43856 * CVE-2024-43861 * CVE-2024-43863 * CVE-2024-43866 * CVE-2024-43871 * CVE-2024-43872 * CVE-2024-43879 * CVE-2024-43882 * CVE-2024-43883 * CVE-2024-43892 * CVE-2024-43893 * CVE-2024-43900 * CVE-2024-43902 * CVE-2024-43905 * CVE-2024-43907 CVSS scores: * CVE-2021-4440 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2021-47257 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47341 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47373 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47549 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48751 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48769 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48786 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2022-48822 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48822 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48865 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48875 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48875 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48896 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48899 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48905 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48910 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48910 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48919 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48919 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48919 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48920 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48931 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48938 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48938 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-2176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52708 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52893 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26677 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26812 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35933 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35965 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36270 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36286 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-38618 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38662 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38662 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-39489 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-39489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40984 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41012 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41012 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-41020 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41020 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41035 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41068 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41087 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41097 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41097 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41098 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42082 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42101 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42101 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42148 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42155 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42155 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42155 ( NVD ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N * CVE-2024-42157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42157 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42158 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42158 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42162 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42226 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42226 ( NVD ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42228 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42228 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42236 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-42236 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-42236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42240 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42244 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42244 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42244 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42246 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42259 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42259 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-42259 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42271 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42271 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42280 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42281 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42284 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42284 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42285 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42285 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42286 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42286 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42287 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42288 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42289 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42301 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42301 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42309 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42309 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42310 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42310 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42312 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42322 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43819 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43831 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43856 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43863 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43866 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43871 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43872 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43883 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43883 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43892 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43892 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43892 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43893 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43893 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43900 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43900 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43902 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43902 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43902 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43905 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43907 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 105 vulnerabilities and has 17 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-35965: Fix not validating setsockopt user input (bsc#1224579). * CVE-2024-35933: Fixed a build regression (bsc#1224640). * CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707). * CVE-2024-41062: Sync sock recv cb and release (bsc#1228576). * CVE-2024-42259: Fix Virtual Memory mapping boundaries calculation (bsc#1229156) * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500). * CVE-2024-43863: Fix a deadlock in dma buf fence polling (bsc#1229497) * CVE-2024-41087: Fix double free on error (CVE-2024-41087,bsc#1228466). * CVE-2024-43907: Fix the null pointer dereference in apply_state_adjust_rules (bsc#1229787). * CVE-2024-43905: Fix the null pointer dereference for vega10_hwmgr (bsc#1229784). * CVE-2024-43893: Check uartclk for zero to avoid divide by zero (bsc#1229759). * CVE-2024-43900: Avoid use-after-free in load_firmware_cb() (bsc#1229756). * CVE-2024-43902: Add null checker before passing variables (bsc#1229767). * CVE-2022-48920: Get rid of warning on transaction commit when using flushoncommit (bsc#1229658). * CVE-2024-26812: Struct virqfd kABI workaround (bsc#1222808). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) * CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495). * CVE-2022-48910: Ensure we call ipv6_mc_down() at most once (bsc#1229632) * CVE-2023-52893: Fix null-deref in gsmi_get_variable (bsc#1229535) * CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733). * CVE-2022-48875: Initialize struct pn533_out_arg properly (bsc#1229516). * CVE-2023-52907: Wait for out_urb's completion in pn533_usb_send_frame() (bsc#1229526). * CVE-2024-43871: Fix memory leakage caused by driver API devm_free_percpu() (bsc#1229490) * CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720). * CVE-2024-43872: Fix soft lockup under heavy CEQE load (bsc#1229489) * CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623) * CVE-2024-42226: Prevent potential failure in handle_tx_event() for Transfer events without TRB (bsc#1228709). * CVE-2024-42236: Prevent OOB read/write in usb_string_copy() (bsc#1228964). * CVE-2024-42244: Fix crash on resume (bsc#1228967). * CVE-2024-43879: Handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (bsc#1229482). * CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803). * CVE-2024-36013: Fix slab-use-after-free in l2cap_connect() (bsc#1225578). * CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427). * CVE-2024-41012: Remove locks reliably when fcntl/close race is detected (bsc#1228247). * CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335). * CVE-2024-43819: Reject memory region operations for ucontrol VMs (bsc#1229290 git-fixes). * CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727 CVE-2024-42157 git-fixes). * CVE-2021-47341: Fix use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio (bsc#1224923). * CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301). * CVE-2022-48769: Avoid EFIv2 runtime services on Apple x86 machines (bsc#1226629). * CVE-2024-43856: Fix call order in dmam_free_coherent (bsc#1229346). * CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801) * CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074) * CVE-2024-40984: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (bsc#1227820). * CVE-2024-26677: Blacklist e7870cf13d20 ("rxrpc: Fix delayed ACKs to not set the reference serial number") (bsc#1222387) * CVE-2024-42280: Fix a use after free in hfcmulti_tx() (bsc#1229388) * CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382) * CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357) * CVE-2024-42310: Fix null pointer dereference in cdv_intel_lvds_get_modes (bsc#1229358) * CVE-2024-42309: Fix null pointer dereference in psb_intel_lvds_get_modes (bsc#1229359) * CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345) * CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347) * CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407). * CVE-2024-42285: Fix a use-after-free related to destroying CM IDs (bsc#1229381) * CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309). * CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386). * CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400) * CVE-2024-38618: Set lower bound of start tick time (bsc#1226754). * CVE-2024-41035: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (bsc#1228485) * CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706). * CVE-2023-52708: Fix error handling in mmc_spi_probe() (bsc#1225483). * CVE-2021-47549: Fix UAF in sata_fsl_port_stop when rmmod sata_fsl (bsc#1225508). * CVE-2021-47373: Fix potential VPE leak on error (bsc#1225190). * CVE-2021-47425: Fix resource leak in reconfiguration device addition (bsc#1225223). * CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989). * CVE-2024-41098: Fix null pointer dereference on error (bsc#1228467). * CVE-2021-4440: Drop USERGS_SYSRET64 paravirt call (bsc#1227069). * CVE-2022-48786: Remove vsock from connected table when connect is interrupted by a signal (bsc#1227996). * CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959) * CVE-2024-35915: Fix uninit-value in nci_dev_up and nci_ntf_packet (git-fixes CVE-2024-35915 bsc#1224479). * CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885). * CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501). * CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487). * CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493). * CVE-2022-48865: Fix kernel panic when enabling bearer (bsc#1228065). * CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579). * CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482). * CVE-2024-42090: Fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (bsc#1228449). * CVE-2024-42101: Fix null pointer dereference in nouveau_connector_get_modes (bsc#1228495). * CVE-2024-42228: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (bsc#1228667). * CVE-2021-47257: Fix null deref in parse dev addr (bsc#1224896). * CVE-2022-48751: Transitional solution for clcsock race issue (bsc#1226653). The following non-security bugs were fixed: * arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git- fixes) * Bluetooth: L2CAP: Fix deadlock (git-fixes). * btrfs: fix processing of delayed tree block refs during backref walking (bsc#1228982). * btrfs: Remove unused op_key var from add_delayed_refs (bsc#1228982). * cgroup/cpuset: Prevent UAF in proc_cpuset_show() (bsc#1228801). * char: tpm: Protect tpm_pm_suspend with locks (bsc#1082555). * cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). * fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229457). * genirq: Delay deactivation in free_irq() (git-fixes). * genirq: Make sure the initial affinity is not empty (git-fixes). * genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (git- fixes). * genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask() (git- fixes). * genirq/irqdesc: Do not try to remove non-existing sysfs files (git-fixes). * genirq/irqdomain: Check pointer in irq_domain_alloc_irqs_hierarchy() (git- fixes). * genirq/msi: Activate Multi-MSI early when MSI_FLAG_ACTIVATE_EARLY is set (git-fixes). * genirq/msi: Ensure deactivation on teardown (git-fixes). * genirq/proc: Reject invalid affinity masks (again) (git-fixes). * gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git- fixes). * ip6_tunnel: Fix broken GRO (bsc#1226323). * irqdomain: Drop bogus fwspec-mapping error handling (git-fixes). * irqdomain: Fix association race (git-fixes). * irqdomain: Fix domain registration race (git-fixes). * irqdomain: Fix mapping-creation race (git-fixes). * irqdomain: Fixed unbalanced fwnode get and put (git-fixes). * irqdomain: Look for existing mapping only once (git-fixes). * irqdomain: Refactor __irq_domain_alloc_irqs() (git-fixes). * kABI: do not change return type of tpm_tis_update_timeouts (bsc#1082555). * kABI: do not rename tpm_do_selftest, tpm_pcr_read_dev, and tpm1_getcap (bsc#1082555). * kABI: Do not rename tpm_getcap (bsc#1082555). * kABI: genirq: Delay deactivation in free_irq() (kabi git-fixes). * kABI: Hide the new last_cc member in a hole in struct tpm_chip (bsc#1082555). * kABI: Instead of changing the pcr argument type add a local variable of the desired type, and assign it from the actual argument (bsc#1082555). * kABI: no need to store the tpm long long duration in tpm_chip struct, it is an arbitrary hardcoded value (bsc#1082555). * kABI: re-export tpm2_calc_ordinal_duration (bsc#1082555). * kABI: tpm-interface: Hide new include from genksyms (bsc#1082555). * kABI: tpm2-space: Do not add buf_size to struct tpm_space (bsc#1082555). * kabi/severities: Ignore tpm_transmit_cmd and tpm_tis_core_init (bsc#1082555). * KVM: s390: Do not report unusabled IDs via KVM_CAP_MAX_VCPU_ID (git-fixes bsc#1229222). * memcg: protect concurrent access to mem_cgroup_idr (git-fixes). * net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154). * net: mana: Fix race on per-CQ variable napi work_done (bsc#1229154). * netfilter: nf_conntrack_h323: restore boundary check correctness (bsc#1223074) * netfilter: nf_ct_h323: Convert CHECK_BOUND macro to function (bsc#1223074) * netfilter: nf_ct_h323: Extend nf_h323_error_boundary to work on bits as well (bsc#1223074) * netfilter: nf_ct_h323: Out Of Bound Read in Netfilter Conntrack (bsc#1223074) * nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git- fixes). * nfc: nci: Fix kcov check in nci_rx_work() (git-fixes). * nfc: nci: Fix uninit-value in nci_rx_work (git-fixes). * powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). * s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229229). * scsi: target: core: Silence the message about unknown VPD pages (bsc#1221252 bsc#1229462). * tpm_tis_core: Turn on the TPM before probing IRQ's (bsc#1082555). * tpm_tis: Add a check for invalid status (bsc#1082555). * tpm_tis: Explicitly check for error code (bsc#1082555). * tpm_tis: Fix an error handling path in 'tpm_tis_core_init()' (bsc#1082555). * tpm_tis: Resend command to recover from data transfer errors (bsc#1082555). * tpm_tis: reserve chip for duration of tpm_tis_core_init (bsc#1082555). * tpm_tis: Use tpm_chip_{start,stop} decoration inside tpm_tis_resume (bsc#1082555). * tpm, tpm_tis: Avoid cache incoherency in test for interrupts (bsc#1082555). * tpm, tpm_tis: Claim locality before writing interrupt registers (bsc#1082555). * tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register (bsc#1082555). * tpm, tpm_tis: Claim locality when interrupts are reenabled on resume (bsc#1082555). * tpm, tpm_tis: correct tpm_tis_flags enumeration values (bsc#1082555). * tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1082555). * tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1082555). * tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed (bsc#1082555). * tpm, tpm_tis: Do not skip reset of original interrupt vector (bsc#1082555). * tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1082555). * tpm, tpm_tis: Only handle supported interrupts (bsc#1082555). * tpm, tpm_tis: Reserve locality in tpm_tis_resume() (bsc#1082555). * tpm, tpm: Implement usage counter for locality (bsc#1082555). * tpm, tpmrm: Mark tpmrm_write as static (bsc#1082555). * tpm: access command header through struct in tpm_try_transmit() (bsc#1082555). * tpm: Actually fail on TPM errors during "get random" (bsc#1082555). * tpm: Add a flag to indicate TPM power is managed by firmware (bsc#1082555). * tpm: add ptr to the tpm_space struct to file_priv (bsc#1082555). * tpm: add support for nonblocking operation (bsc#1082555). * tpm: add support for partial reads (bsc#1082555). * tpm: add tpm_auto_startup() into tpm-interface.c (bsc#1082555). * tpm: add tpm_calc_ordinal_duration() wrapper (bsc#1082555). * tpm: Allow system suspend to continue when TPM suspend fails (bsc#1082555). * tpm: clean up tpm_try_transmit() error handling flow (bsc#1082555). * tpm: declare struct tpm_header (bsc#1082555). * tpm: do not return bool from update_timeouts (bsc#1082555). * tpm: encapsulate tpm_dev_transmit() (bsc#1082555). * tpm: factor out tpm 1.x duration calculation to tpm1-cmd.c (bsc#1082555). * tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c (bsc#1082555). * tpm: factor out tpm_get_timeouts() (bsc#1082555). * tpm: factor out tpm_startup function (bsc#1082555). * tpm: factor out tpm1_get_random into tpm1-cmd.c (bsc#1082555). * tpm: fix an invalid condition in tpm_common_poll (bsc#1082555). * tpm: fix Atmel TPM crash caused by too frequent queries (bsc#1082555). * tpm: Fix buffer access in tpm2_get_tpm_pt() (bsc#1082555). * tpm: fix buffer type in tpm_transmit_cmd (bsc#1082555). * tpm: fix byte order related arithmetic inconsistency in tpm_getcap() (bsc#1082555). * tpm: Fix error handling in async work (bsc#1082555). * tpm: fix invalid locking in NONBLOCKING mode (bsc#1082555). * tpm: fix invalid return value in pubek_show() (bsc#1082555). * tpm: fix NPE on probe for missing device (bsc#1082555). * tpm: Fix null pointer dereference on chip register error path (bsc#1082555). * tpm: Fix TIS locality timeout problems (bsc#1082555). * tpm: Handle negative priv->response_len in tpm_common_read() (bsc#1082555). * tpm: introduce tpm_chip_start() and tpm_chip_stop() (bsc#1082555). * tpm: migrate pubek_show to struct tpm_buf (bsc#1082555). * tpm: migrate tpm2_get_random() to use struct tpm_buf (bsc#1082555). * tpm: migrate tpm2_get_tpm_pt() to use struct tpm_buf (bsc#1082555). * tpm: migrate tpm2_probe() to use struct tpm_buf (bsc#1082555). * tpm: migrate tpm2_shutdown() to use struct tpm_buf (bsc#1082555). * tpm: move TPM 1.2 code of tpm_pcr_extend() to tpm1_pcr_extend() (bsc#1082555). * tpm: move tpm 1.x selftest code from tpm-interface.c tpm1-cmd.c (bsc#1082555). * tpm: move TPM space code out of tpm_transmit() (bsc#1082555). * tpm: move tpm_getcap to tpm1-cmd.c (bsc#1082555). * tpm: move tpm_validate_commmand() to tpm2-space.c (bsc#1082555). * tpm: move tpm1_pcr_extend to tpm1-cmd.c (bsc#1082555). * tpm: Prevent hwrng from activating during resume (bsc#1082555). * tpm: print tpm2_commit_space() error inside tpm2_commit_space() (bsc#1082555). * tpm: remove @flags from tpm_transmit() (bsc#1082555). * tpm: remove @space from tpm_transmit() (bsc#1082555). * tpm: remove struct tpm_pcrextend_in (bsc#1082555). * tpm: Remove tpm_dev_wq_lock (bsc#1082555). * tpm: remove TPM_TRANSMIT_UNLOCKED flag (bsc#1082555). * tpm: rename tpm_chip_find_get() to tpm_find_get_ops() (bsc#1082555). * tpm: replace TPM_TRANSMIT_RAW with TPM_TRANSMIT_NESTED (bsc#1082555). * tpm: Replace WARN_ONCE() with dev_err_once() in tpm_tis_status() (bsc#1082555). * tpm: return 0 from pcrs_show() when tpm1_pcr_read() fails (bsc#1082555). * tpm: Revert "tpm_tis_core: Set TPM_CHIP_FLAG_IRQ before probing for interrupts" (bsc#1082555). * tpm: Revert "tpm_tis_core: Turn on the TPM before probing IRQ's" (bsc#1082555). * tpm: Revert "tpm_tis: reserve chip for duration of tpm_tis_core_init" (bsc#1082555). * tpm: take TPM chip power gating out of tpm_transmit() (bsc#1082555). * tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak (bsc#1082555). * tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak (bsc#1082555). * tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation (bsc#1082555). * tpm: tpm1_bios_measurements_next should increase position index (bsc#1082555). * tpm: tpm1: rewrite tpm1_get_random() using tpm_buf structure (bsc#1082555). * tpm: turn on TPM on suspend for TPM 1.x (bsc#1082555). * tpm: Unify the mismatching TPM space buffer sizes (bsc#1082555). * tpm: use tpm_buf in tpm_transmit_cmd() as the IO parameter (bsc#1082555). * tpm: use tpm_msleep() value as max delay (bsc#1082555). * tpm: use tpm_try_get_ops() in tpm-sysfs.c (bsc#1082555). * tpm: use u32 instead of int for PCR index (bsc#1082555). * tpm: vtpm_proxy: Avoid reading host log when using a virtual device (bsc#1082555). * tpm: vtpm_proxy: Prevent userspace from sending driver command (bsc#1082555). * tpm: Wrap the buffer from the caller to tpm_buf in tpm_send() (bsc#1082555). * tpm/tpm_crb: Fix error message in __crb_relinquish_locality() (bsc#1082555). * tpm1: implement tpm1_pcr_read_dev() using tpm_buf structure (bsc#1082555). * tpm1: reimplement SAVESTATE using tpm_buf (bsc#1082555). * tpm1: reimplement tpm1_continue_selftest() using tpm_buf (bsc#1082555). * tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read() (bsc#1082555). * tpm2: add longer timeouts for creation commands (bsc#1082555). * vfio/pci: fix potential memory leak in vfio_intx_enable() (git-fixes). * vsock: correct removal of socket from the list (bsc#1227996). * xfs: fix getfsmap reporting past the last rt extent (git-fixes). * xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes). * xfs: fix uninitialized variable access (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3252=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3252=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3252=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc x86_64) * kernel-azure-4.12.14-16.197.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * kernel-azure-base-4.12.14-16.197.1 * kernel-azure-devel-4.12.14-16.197.1 * kernel-azure-debuginfo-4.12.14-16.197.1 * kernel-azure-debugsource-4.12.14-16.197.1 * kernel-syms-azure-4.12.14-16.197.1 * kernel-azure-base-debuginfo-4.12.14-16.197.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * kernel-devel-azure-4.12.14-16.197.1 * kernel-source-azure-4.12.14-16.197.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (nosrc x86_64) * kernel-azure-4.12.14-16.197.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * kernel-azure-base-4.12.14-16.197.1 * kernel-azure-devel-4.12.14-16.197.1 * kernel-azure-debuginfo-4.12.14-16.197.1 * kernel-azure-debugsource-4.12.14-16.197.1 * kernel-syms-azure-4.12.14-16.197.1 * kernel-azure-base-debuginfo-4.12.14-16.197.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * kernel-devel-azure-4.12.14-16.197.1 * kernel-source-azure-4.12.14-16.197.1 * SUSE Linux Enterprise Server 12 SP5 (nosrc x86_64) * kernel-azure-4.12.14-16.197.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * kernel-azure-base-4.12.14-16.197.1 * kernel-azure-devel-4.12.14-16.197.1 * kernel-azure-debuginfo-4.12.14-16.197.1 * kernel-azure-debugsource-4.12.14-16.197.1 * kernel-syms-azure-4.12.14-16.197.1 * kernel-azure-base-debuginfo-4.12.14-16.197.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * kernel-devel-azure-4.12.14-16.197.1 * kernel-source-azure-4.12.14-16.197.1 ## References: * https://www.suse.com/security/cve/CVE-2021-4440.html * https://www.suse.com/security/cve/CVE-2021-47257.html * https://www.suse.com/security/cve/CVE-2021-47289.html * https://www.suse.com/security/cve/CVE-2021-47341.html * https://www.suse.com/security/cve/CVE-2021-47373.html * https://www.suse.com/security/cve/CVE-2021-47425.html * https://www.suse.com/security/cve/CVE-2021-47549.html * https://www.suse.com/security/cve/CVE-2022-48751.html * https://www.suse.com/security/cve/CVE-2022-48769.html * https://www.suse.com/security/cve/CVE-2022-48786.html * https://www.suse.com/security/cve/CVE-2022-48822.html * https://www.suse.com/security/cve/CVE-2022-48865.html * https://www.suse.com/security/cve/CVE-2022-48875.html * https://www.suse.com/security/cve/CVE-2022-48896.html * https://www.suse.com/security/cve/CVE-2022-48899.html * https://www.suse.com/security/cve/CVE-2022-48905.html * https://www.suse.com/security/cve/CVE-2022-48910.html * https://www.suse.com/security/cve/CVE-2022-48919.html * https://www.suse.com/security/cve/CVE-2022-48920.html * https://www.suse.com/security/cve/CVE-2022-48925.html * https://www.suse.com/security/cve/CVE-2022-48930.html * https://www.suse.com/security/cve/CVE-2022-48931.html * https://www.suse.com/security/cve/CVE-2022-48938.html * https://www.suse.com/security/cve/CVE-2023-2176.html * https://www.suse.com/security/cve/CVE-2023-52708.html * https://www.suse.com/security/cve/CVE-2023-52893.html * https://www.suse.com/security/cve/CVE-2023-52901.html * https://www.suse.com/security/cve/CVE-2023-52907.html * https://www.suse.com/security/cve/CVE-2024-26668.html * https://www.suse.com/security/cve/CVE-2024-26677.html * https://www.suse.com/security/cve/CVE-2024-26812.html * https://www.suse.com/security/cve/CVE-2024-26851.html * https://www.suse.com/security/cve/CVE-2024-27011.html * https://www.suse.com/security/cve/CVE-2024-35915.html * https://www.suse.com/security/cve/CVE-2024-35933.html * https://www.suse.com/security/cve/CVE-2024-35965.html * https://www.suse.com/security/cve/CVE-2024-36013.html * https://www.suse.com/security/cve/CVE-2024-36270.html * https://www.suse.com/security/cve/CVE-2024-36286.html * https://www.suse.com/security/cve/CVE-2024-38618.html * https://www.suse.com/security/cve/CVE-2024-38662.html * https://www.suse.com/security/cve/CVE-2024-39489.html * https://www.suse.com/security/cve/CVE-2024-40984.html * https://www.suse.com/security/cve/CVE-2024-41012.html * https://www.suse.com/security/cve/CVE-2024-41016.html * https://www.suse.com/security/cve/CVE-2024-41020.html * https://www.suse.com/security/cve/CVE-2024-41035.html * https://www.suse.com/security/cve/CVE-2024-41062.html * https://www.suse.com/security/cve/CVE-2024-41068.html * https://www.suse.com/security/cve/CVE-2024-41087.html * https://www.suse.com/security/cve/CVE-2024-41097.html * https://www.suse.com/security/cve/CVE-2024-41098.html * https://www.suse.com/security/cve/CVE-2024-42077.html * https://www.suse.com/security/cve/CVE-2024-42082.html * https://www.suse.com/security/cve/CVE-2024-42090.html * https://www.suse.com/security/cve/CVE-2024-42101.html * https://www.suse.com/security/cve/CVE-2024-42106.html * https://www.suse.com/security/cve/CVE-2024-42110.html * https://www.suse.com/security/cve/CVE-2024-42148.html * https://www.suse.com/security/cve/CVE-2024-42155.html * https://www.suse.com/security/cve/CVE-2024-42157.html * https://www.suse.com/security/cve/CVE-2024-42158.html * https://www.suse.com/security/cve/CVE-2024-42162.html * https://www.suse.com/security/cve/CVE-2024-42226.html * https://www.suse.com/security/cve/CVE-2024-42228.html * https://www.suse.com/security/cve/CVE-2024-42232.html * https://www.suse.com/security/cve/CVE-2024-42236.html * https://www.suse.com/security/cve/CVE-2024-42240.html * https://www.suse.com/security/cve/CVE-2024-42244.html * https://www.suse.com/security/cve/CVE-2024-42246.html * https://www.suse.com/security/cve/CVE-2024-42259.html * https://www.suse.com/security/cve/CVE-2024-42271.html * https://www.suse.com/security/cve/CVE-2024-42280.html * https://www.suse.com/security/cve/CVE-2024-42281.html * https://www.suse.com/security/cve/CVE-2024-42284.html * https://www.suse.com/security/cve/CVE-2024-42285.html * https://www.suse.com/security/cve/CVE-2024-42286.html * https://www.suse.com/security/cve/CVE-2024-42287.html * https://www.suse.com/security/cve/CVE-2024-42288.html * https://www.suse.com/security/cve/CVE-2024-42289.html * https://www.suse.com/security/cve/CVE-2024-42301.html * https://www.suse.com/security/cve/CVE-2024-42309.html * https://www.suse.com/security/cve/CVE-2024-42310.html * https://www.suse.com/security/cve/CVE-2024-42312.html * https://www.suse.com/security/cve/CVE-2024-42322.html * https://www.suse.com/security/cve/CVE-2024-43819.html * https://www.suse.com/security/cve/CVE-2024-43831.html * https://www.suse.com/security/cve/CVE-2024-43839.html * https://www.suse.com/security/cve/CVE-2024-43853.html * https://www.suse.com/security/cve/CVE-2024-43854.html * https://www.suse.com/security/cve/CVE-2024-43856.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-43863.html * https://www.suse.com/security/cve/CVE-2024-43866.html * https://www.suse.com/security/cve/CVE-2024-43871.html * https://www.suse.com/security/cve/CVE-2024-43872.html * https://www.suse.com/security/cve/CVE-2024-43879.html * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-43883.html * https://www.suse.com/security/cve/CVE-2024-43892.html * https://www.suse.com/security/cve/CVE-2024-43893.html * https://www.suse.com/security/cve/CVE-2024-43900.html * https://www.suse.com/security/cve/CVE-2024-43902.html * https://www.suse.com/security/cve/CVE-2024-43905.html * https://www.suse.com/security/cve/CVE-2024-43907.html * https://bugzilla.suse.com/show_bug.cgi?id=1082555 * https://bugzilla.suse.com/show_bug.cgi?id=1190317 * https://bugzilla.suse.com/show_bug.cgi?id=1196516 * https://bugzilla.suse.com/show_bug.cgi?id=1205462 * https://bugzilla.suse.com/show_bug.cgi?id=1210629 * https://bugzilla.suse.com/show_bug.cgi?id=1214285 * https://bugzilla.suse.com/show_bug.cgi?id=1216834 * https://bugzilla.suse.com/show_bug.cgi?id=1221252 * https://bugzilla.suse.com/show_bug.cgi?id=1222335 * https://bugzilla.suse.com/show_bug.cgi?id=1222387 * https://bugzilla.suse.com/show_bug.cgi?id=1222808 * https://bugzilla.suse.com/show_bug.cgi?id=1223074 * https://bugzilla.suse.com/show_bug.cgi?id=1223803 * https://bugzilla.suse.com/show_bug.cgi?id=1224479 * https://bugzilla.suse.com/show_bug.cgi?id=1224579 * https://bugzilla.suse.com/show_bug.cgi?id=1224640 * https://bugzilla.suse.com/show_bug.cgi?id=1224896 * https://bugzilla.suse.com/show_bug.cgi?id=1224923 * https://bugzilla.suse.com/show_bug.cgi?id=1224984 * https://bugzilla.suse.com/show_bug.cgi?id=1225190 * https://bugzilla.suse.com/show_bug.cgi?id=1225223 * https://bugzilla.suse.com/show_bug.cgi?id=1225483 * https://bugzilla.suse.com/show_bug.cgi?id=1225508 * https://bugzilla.suse.com/show_bug.cgi?id=1225578 * https://bugzilla.suse.com/show_bug.cgi?id=1226323 * https://bugzilla.suse.com/show_bug.cgi?id=1226629 * https://bugzilla.suse.com/show_bug.cgi?id=1226653 * https://bugzilla.suse.com/show_bug.cgi?id=1226754 * https://bugzilla.suse.com/show_bug.cgi?id=1226798 * https://bugzilla.suse.com/show_bug.cgi?id=1226801 * https://bugzilla.suse.com/show_bug.cgi?id=1226885 * https://bugzilla.suse.com/show_bug.cgi?id=1227069 * https://bugzilla.suse.com/show_bug.cgi?id=1227623 * https://bugzilla.suse.com/show_bug.cgi?id=1227820 * https://bugzilla.suse.com/show_bug.cgi?id=1227996 * https://bugzilla.suse.com/show_bug.cgi?id=1228065 * https://bugzilla.suse.com/show_bug.cgi?id=1228247 * https://bugzilla.suse.com/show_bug.cgi?id=1228410 * https://bugzilla.suse.com/show_bug.cgi?id=1228427 * https://bugzilla.suse.com/show_bug.cgi?id=1228449 * https://bugzilla.suse.com/show_bug.cgi?id=1228466 * https://bugzilla.suse.com/show_bug.cgi?id=1228467 * https://bugzilla.suse.com/show_bug.cgi?id=1228482 * https://bugzilla.suse.com/show_bug.cgi?id=1228485 * https://bugzilla.suse.com/show_bug.cgi?id=1228487 * https://bugzilla.suse.com/show_bug.cgi?id=1228493 * https://bugzilla.suse.com/show_bug.cgi?id=1228495 * https://bugzilla.suse.com/show_bug.cgi?id=1228501 * https://bugzilla.suse.com/show_bug.cgi?id=1228513 * https://bugzilla.suse.com/show_bug.cgi?id=1228516 * https://bugzilla.suse.com/show_bug.cgi?id=1228576 * https://bugzilla.suse.com/show_bug.cgi?id=1228579 * https://bugzilla.suse.com/show_bug.cgi?id=1228667 * https://bugzilla.suse.com/show_bug.cgi?id=1228706 * https://bugzilla.suse.com/show_bug.cgi?id=1228709 * https://bugzilla.suse.com/show_bug.cgi?id=1228720 * https://bugzilla.suse.com/show_bug.cgi?id=1228727 * https://bugzilla.suse.com/show_bug.cgi?id=1228733 * https://bugzilla.suse.com/show_bug.cgi?id=1228801 * https://bugzilla.suse.com/show_bug.cgi?id=1228850 * https://bugzilla.suse.com/show_bug.cgi?id=1228959 * https://bugzilla.suse.com/show_bug.cgi?id=1228964 * https://bugzilla.suse.com/show_bug.cgi?id=1228966 * https://bugzilla.suse.com/show_bug.cgi?id=1228967 * https://bugzilla.suse.com/show_bug.cgi?id=1228982 * https://bugzilla.suse.com/show_bug.cgi?id=1228989 * https://bugzilla.suse.com/show_bug.cgi?id=1229154 * https://bugzilla.suse.com/show_bug.cgi?id=1229156 * https://bugzilla.suse.com/show_bug.cgi?id=1229222 * https://bugzilla.suse.com/show_bug.cgi?id=1229229 * https://bugzilla.suse.com/show_bug.cgi?id=1229290 * https://bugzilla.suse.com/show_bug.cgi?id=1229292 * https://bugzilla.suse.com/show_bug.cgi?id=1229301 * https://bugzilla.suse.com/show_bug.cgi?id=1229309 * https://bugzilla.suse.com/show_bug.cgi?id=1229327 * https://bugzilla.suse.com/show_bug.cgi?id=1229345 * https://bugzilla.suse.com/show_bug.cgi?id=1229346 * https://bugzilla.suse.com/show_bug.cgi?id=1229347 * https://bugzilla.suse.com/show_bug.cgi?id=1229357 * https://bugzilla.suse.com/show_bug.cgi?id=1229358 * https://bugzilla.suse.com/show_bug.cgi?id=1229359 * https://bugzilla.suse.com/show_bug.cgi?id=1229381 * https://bugzilla.suse.com/show_bug.cgi?id=1229382 * https://bugzilla.suse.com/show_bug.cgi?id=1229386 * https://bugzilla.suse.com/show_bug.cgi?id=1229388 * https://bugzilla.suse.com/show_bug.cgi?id=1229392 * https://bugzilla.suse.com/show_bug.cgi?id=1229395 * https://bugzilla.suse.com/show_bug.cgi?id=1229398 * https://bugzilla.suse.com/show_bug.cgi?id=1229399 * https://bugzilla.suse.com/show_bug.cgi?id=1229400 * https://bugzilla.suse.com/show_bug.cgi?id=1229407 * https://bugzilla.suse.com/show_bug.cgi?id=1229457 * https://bugzilla.suse.com/show_bug.cgi?id=1229462 * https://bugzilla.suse.com/show_bug.cgi?id=1229482 * https://bugzilla.suse.com/show_bug.cgi?id=1229489 * https://bugzilla.suse.com/show_bug.cgi?id=1229490 * https://bugzilla.suse.com/show_bug.cgi?id=1229495 * https://bugzilla.suse.com/show_bug.cgi?id=1229497 * https://bugzilla.suse.com/show_bug.cgi?id=1229500 * https://bugzilla.suse.com/show_bug.cgi?id=1229503 * https://bugzilla.suse.com/show_bug.cgi?id=1229516 * https://bugzilla.suse.com/show_bug.cgi?id=1229526 * https://bugzilla.suse.com/show_bug.cgi?id=1229531 * https://bugzilla.suse.com/show_bug.cgi?id=1229535 * https://bugzilla.suse.com/show_bug.cgi?id=1229536 * https://bugzilla.suse.com/show_bug.cgi?id=1229540 * https://bugzilla.suse.com/show_bug.cgi?id=1229604 * https://bugzilla.suse.com/show_bug.cgi?id=1229623 * https://bugzilla.suse.com/show_bug.cgi?id=1229624 * https://bugzilla.suse.com/show_bug.cgi?id=1229630 * https://bugzilla.suse.com/show_bug.cgi?id=1229632 * https://bugzilla.suse.com/show_bug.cgi?id=1229657 * https://bugzilla.suse.com/show_bug.cgi?id=1229658 * https://bugzilla.suse.com/show_bug.cgi?id=1229664 * https://bugzilla.suse.com/show_bug.cgi?id=1229707 * https://bugzilla.suse.com/show_bug.cgi?id=1229756 * https://bugzilla.suse.com/show_bug.cgi?id=1229759 * https://bugzilla.suse.com/show_bug.cgi?id=1229761 * https://bugzilla.suse.com/show_bug.cgi?id=1229767 * https://bugzilla.suse.com/show_bug.cgi?id=1229784 * https://bugzilla.suse.com/show_bug.cgi?id=1229787 * https://bugzilla.suse.com/show_bug.cgi?id=1229851 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 16 12:33:26 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 16 Sep 2024 12:33:26 -0000 Subject: SUSE-SU-2024:3250-1: moderate: Security update for wireshark Message-ID: <172649000664.27756.8218623803310598309@smelt2.prg2.suse.org> # Security update for wireshark Announcement ID: SUSE-SU-2024:3250-1 Rating: moderate References: * bsc#1229907 * bsc#1230372 Cross-References: * CVE-2024-8250 * CVE-2024-8645 CVSS scores: * CVE-2024-8250 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-8250 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-8645 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-8645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-8645 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for wireshark fixes the following issues: * CVE-2024-8250: Fixed NTLMSSP dissector crash (bsc#1229907). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3250=1 openSUSE-SLE-15.6-2024-3250=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3250=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-3250=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libwiretap14-debuginfo-4.2.7-150600.18.11.1 * libwireshark17-debuginfo-4.2.7-150600.18.11.1 * libwsutil15-debuginfo-4.2.7-150600.18.11.1 * libwsutil15-4.2.7-150600.18.11.1 * wireshark-debuginfo-4.2.7-150600.18.11.1 * wireshark-debugsource-4.2.7-150600.18.11.1 * libwireshark17-4.2.7-150600.18.11.1 * wireshark-devel-4.2.7-150600.18.11.1 * wireshark-4.2.7-150600.18.11.1 * libwiretap14-4.2.7-150600.18.11.1 * wireshark-ui-qt-debuginfo-4.2.7-150600.18.11.1 * wireshark-ui-qt-4.2.7-150600.18.11.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libwiretap14-debuginfo-4.2.7-150600.18.11.1 * libwireshark17-debuginfo-4.2.7-150600.18.11.1 * libwsutil15-debuginfo-4.2.7-150600.18.11.1 * libwsutil15-4.2.7-150600.18.11.1 * wireshark-debuginfo-4.2.7-150600.18.11.1 * wireshark-debugsource-4.2.7-150600.18.11.1 * libwireshark17-4.2.7-150600.18.11.1 * wireshark-4.2.7-150600.18.11.1 * libwiretap14-4.2.7-150600.18.11.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * wireshark-debuginfo-4.2.7-150600.18.11.1 * wireshark-debugsource-4.2.7-150600.18.11.1 * wireshark-devel-4.2.7-150600.18.11.1 * wireshark-ui-qt-debuginfo-4.2.7-150600.18.11.1 * wireshark-ui-qt-4.2.7-150600.18.11.1 ## References: * https://www.suse.com/security/cve/CVE-2024-8250.html * https://www.suse.com/security/cve/CVE-2024-8645.html * https://bugzilla.suse.com/show_bug.cgi?id=1229907 * https://bugzilla.suse.com/show_bug.cgi?id=1230372 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 16 12:34:24 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 16 Sep 2024 12:34:24 -0000 Subject: SUSE-SU-2024:3249-1: important: Security update for the Linux Kernel Message-ID: <172649006491.27756.10894180789403970876@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3249-1 Rating: important References: * bsc#1176447 * bsc#1195668 * bsc#1195928 * bsc#1195957 * bsc#1196018 * bsc#1196516 * bsc#1196823 * bsc#1202346 * bsc#1209636 * bsc#1209799 * bsc#1210629 * bsc#1216834 * bsc#1220185 * bsc#1220186 * bsc#1222251 * bsc#1222728 * bsc#1223948 * bsc#1225109 * bsc#1225584 * bsc#1227832 * bsc#1227924 * bsc#1227928 * bsc#1227932 * bsc#1227935 * bsc#1227941 * bsc#1227942 * bsc#1227945 * bsc#1227952 * bsc#1227964 * bsc#1227969 * bsc#1227985 * bsc#1227987 * bsc#1227988 * bsc#1227989 * bsc#1227997 * bsc#1228000 * bsc#1228002 * bsc#1228004 * bsc#1228005 * bsc#1228006 * bsc#1228015 * bsc#1228020 * bsc#1228037 * bsc#1228045 * bsc#1228060 * bsc#1228062 * bsc#1228066 * bsc#1228114 * bsc#1228516 * bsc#1228576 * bsc#1228959 * bsc#1229400 * bsc#1229454 * bsc#1229500 * bsc#1229503 * bsc#1229510 * bsc#1229512 * bsc#1229598 * bsc#1229604 * bsc#1229607 * bsc#1229620 * bsc#1229621 * bsc#1229624 * bsc#1229626 * bsc#1229629 * bsc#1229630 * bsc#1229637 * bsc#1229641 * bsc#1229657 * bsc#1229707 Cross-References: * CVE-2021-4441 * CVE-2022-0854 * CVE-2022-20368 * CVE-2022-28748 * CVE-2022-2964 * CVE-2022-48686 * CVE-2022-48775 * CVE-2022-48778 * CVE-2022-48787 * CVE-2022-48788 * CVE-2022-48789 * CVE-2022-48790 * CVE-2022-48791 * CVE-2022-48798 * CVE-2022-48802 * CVE-2022-48805 * CVE-2022-48811 * CVE-2022-48823 * CVE-2022-48824 * CVE-2022-48827 * CVE-2022-48834 * CVE-2022-48835 * CVE-2022-48836 * CVE-2022-48837 * CVE-2022-48838 * CVE-2022-48839 * CVE-2022-48843 * CVE-2022-48851 * CVE-2022-48853 * CVE-2022-48856 * CVE-2022-48857 * CVE-2022-48858 * CVE-2022-48872 * CVE-2022-48873 * CVE-2022-48901 * CVE-2022-48905 * CVE-2022-48912 * CVE-2022-48917 * CVE-2022-48919 * CVE-2022-48925 * CVE-2022-48926 * CVE-2022-48928 * CVE-2022-48930 * CVE-2022-48933 * CVE-2022-48934 * CVE-2023-1582 * CVE-2023-2176 * CVE-2023-52854 * CVE-2024-26583 * CVE-2024-26584 * CVE-2024-26800 * CVE-2024-40910 * CVE-2024-41009 * CVE-2024-41011 * CVE-2024-41062 * CVE-2024-42077 * CVE-2024-42232 * CVE-2024-42271 * CVE-2024-43861 * CVE-2024-43882 * CVE-2024-43883 * CVE-2024-44947 CVSS scores: * CVE-2021-4441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-4441 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-0854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-0854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-20368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-20368 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-28748 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2022-2964 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-2964 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48686 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48686 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48775 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48775 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48778 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2022-48778 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48787 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48788 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48788 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48789 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48789 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48790 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48790 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48791 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48798 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48802 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48805 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48811 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48823 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48824 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48824 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48827 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48834 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2022-48834 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48835 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48836 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48836 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48837 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48837 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48838 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48838 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48839 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48843 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48843 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48851 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48856 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48857 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48858 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48858 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48872 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48872 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48873 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48873 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48905 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48912 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48912 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48917 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48919 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48919 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48919 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48926 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48926 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48928 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48928 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48933 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48933 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48934 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48934 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1582 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1582 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-2176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26583 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26583 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26584 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26584 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26800 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40910 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40910 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41009 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41011 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41011 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42271 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42271 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43883 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43883 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Manager Proxy 4.2 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Server 4.2 An update that solves 62 vulnerabilities and has eight security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454). * CVE-2022-48919: Fix double free race when mount fails in cifs_get_root() (bsc#1229657). * CVE-2023-52854: Fix refcnt handling in padata_free_shell() (bsc#1225584). * CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707). * CVE-2024-41062: Sync sock recv cb and release (bsc#1228576). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641) * CVE-2022-48872: Fix use-after-free race condition for maps (bsc#1229510). * CVE-2022-48873: Do not remove map on creater_process and device_release (bsc#1229512). * CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400) * CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959) * CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832). * CVE-2022-48686: Fixed UAF when detecting digest errors (bsc#1223948). * CVE-2024-41009: bpf: Fix overrunning reservations in ringbuf (bsc#1228020). * CVE-2022-48791: Fix use-after-free for aborted TMF sas_task (bsc#1228002) The following non-security bugs were fixed: * Bluetooth: L2CAP: Fix deadlock (git-fixes). * powerpc: Remove support for PowerPC 601 (Remove unused and malformed assembly causing build error). * sched/psi: use kernfs polling functions for PSI trigger polling (bsc#1209799 bsc#1225109). * scsi: pm80xx: Fix TMF task completion race condition (bsc#1228002). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3249=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-3249=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2024-3249=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3249=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3249=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3249=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3249=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3249=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3249=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3249=1 ## Package List: * openSUSE Leap 15.3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.174.1 * openSUSE Leap 15.3 (noarch) * kernel-source-vanilla-5.3.18-150300.59.174.1 * kernel-docs-html-5.3.18-150300.59.174.1 * kernel-source-5.3.18-150300.59.174.1 * kernel-macros-5.3.18-150300.59.174.1 * kernel-devel-5.3.18-150300.59.174.1 * openSUSE Leap 15.3 (nosrc ppc64le x86_64) * kernel-debug-5.3.18-150300.59.174.1 * kernel-kvmsmall-5.3.18-150300.59.174.1 * openSUSE Leap 15.3 (ppc64le x86_64) * kernel-debug-debugsource-5.3.18-150300.59.174.1 * kernel-debug-devel-debuginfo-5.3.18-150300.59.174.1 * kernel-debug-debuginfo-5.3.18-150300.59.174.1 * kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.174.1 * kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.174.1 * kernel-kvmsmall-debuginfo-5.3.18-150300.59.174.1 * kernel-kvmsmall-devel-5.3.18-150300.59.174.1 * kernel-kvmsmall-debugsource-5.3.18-150300.59.174.1 * kernel-debug-livepatch-devel-5.3.18-150300.59.174.1 * kernel-debug-devel-5.3.18-150300.59.174.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * reiserfs-kmp-default-5.3.18-150300.59.174.1 * kernel-default-livepatch-5.3.18-150300.59.174.1 * kernel-default-extra-debuginfo-5.3.18-150300.59.174.1 * kernel-obs-build-5.3.18-150300.59.174.1 * kernel-default-optional-5.3.18-150300.59.174.1 * kernel-default-base-5.3.18-150300.59.174.1.150300.18.103.1 * kernel-default-livepatch-devel-5.3.18-150300.59.174.1 * gfs2-kmp-default-5.3.18-150300.59.174.1 * kernel-default-debuginfo-5.3.18-150300.59.174.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.174.1 * kernel-obs-qa-5.3.18-150300.59.174.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.174.1 * cluster-md-kmp-default-5.3.18-150300.59.174.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.174.1 * kselftests-kmp-default-debuginfo-5.3.18-150300.59.174.1 * kernel-default-extra-5.3.18-150300.59.174.1 * kernel-default-debugsource-5.3.18-150300.59.174.1 * ocfs2-kmp-default-5.3.18-150300.59.174.1 * kernel-syms-5.3.18-150300.59.174.1 * kernel-default-devel-5.3.18-150300.59.174.1 * kernel-obs-build-debugsource-5.3.18-150300.59.174.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.174.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.174.1 * dlm-kmp-default-5.3.18-150300.59.174.1 * kernel-default-optional-debuginfo-5.3.18-150300.59.174.1 * kselftests-kmp-default-5.3.18-150300.59.174.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.174.1 * kernel-default-base-rebuild-5.3.18-150300.59.174.1.150300.18.103.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.174.1 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_174-default-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_174-default-debuginfo-1-150300.7.3.1 * kernel-livepatch-SLE15-SP3_Update_48-debugsource-1-150300.7.3.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_174-preempt-1-150300.7.3.1 * kernel-livepatch-5_3_18-150300_59_174-preempt-debuginfo-1-150300.7.3.1 * openSUSE Leap 15.3 (aarch64 x86_64) * kernel-preempt-debuginfo-5.3.18-150300.59.174.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.174.1 * gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.174.1 * kernel-preempt-extra-5.3.18-150300.59.174.1 * kernel-preempt-livepatch-devel-5.3.18-150300.59.174.1 * kernel-preempt-optional-5.3.18-150300.59.174.1 * ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.174.1 * kernel-preempt-debugsource-5.3.18-150300.59.174.1 * kernel-preempt-devel-5.3.18-150300.59.174.1 * gfs2-kmp-preempt-5.3.18-150300.59.174.1 * kselftests-kmp-preempt-5.3.18-150300.59.174.1 * reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.174.1 * dlm-kmp-preempt-5.3.18-150300.59.174.1 * ocfs2-kmp-preempt-5.3.18-150300.59.174.1 * kernel-preempt-optional-debuginfo-5.3.18-150300.59.174.1 * cluster-md-kmp-preempt-5.3.18-150300.59.174.1 * kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.174.1 * kernel-preempt-extra-debuginfo-5.3.18-150300.59.174.1 * reiserfs-kmp-preempt-5.3.18-150300.59.174.1 * cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.174.1 * dlm-kmp-preempt-debuginfo-5.3.18-150300.59.174.1 * openSUSE Leap 15.3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.174.1 * openSUSE Leap 15.3 (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.174.1 * openSUSE Leap 15.3 (s390x) * kernel-zfcpdump-debugsource-5.3.18-150300.59.174.1 * kernel-zfcpdump-debuginfo-5.3.18-150300.59.174.1 * openSUSE Leap 15.3 (nosrc) * dtb-aarch64-5.3.18-150300.59.174.1 * openSUSE Leap 15.3 (aarch64) * dtb-socionext-5.3.18-150300.59.174.1 * kernel-64kb-extra-5.3.18-150300.59.174.1 * reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.174.1 * dtb-freescale-5.3.18-150300.59.174.1 * dtb-lg-5.3.18-150300.59.174.1 * kernel-64kb-optional-5.3.18-150300.59.174.1 * dtb-zte-5.3.18-150300.59.174.1 * cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.174.1 * dtb-apm-5.3.18-150300.59.174.1 * dtb-al-5.3.18-150300.59.174.1 * cluster-md-kmp-64kb-5.3.18-150300.59.174.1 * reiserfs-kmp-64kb-5.3.18-150300.59.174.1 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.174.1 * dtb-renesas-5.3.18-150300.59.174.1 * kernel-64kb-optional-debuginfo-5.3.18-150300.59.174.1 * dtb-exynos-5.3.18-150300.59.174.1 * kselftests-kmp-64kb-5.3.18-150300.59.174.1 * dtb-sprd-5.3.18-150300.59.174.1 * kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.174.1 * dtb-allwinner-5.3.18-150300.59.174.1 * dtb-marvell-5.3.18-150300.59.174.1 * dtb-cavium-5.3.18-150300.59.174.1 * ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.174.1 * dtb-rockchip-5.3.18-150300.59.174.1 * dtb-arm-5.3.18-150300.59.174.1 * gfs2-kmp-64kb-5.3.18-150300.59.174.1 * dlm-kmp-64kb-5.3.18-150300.59.174.1 * dtb-xilinx-5.3.18-150300.59.174.1 * dtb-mediatek-5.3.18-150300.59.174.1 * dtb-amd-5.3.18-150300.59.174.1 * kernel-64kb-extra-debuginfo-5.3.18-150300.59.174.1 * ocfs2-kmp-64kb-5.3.18-150300.59.174.1 * gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.174.1 * kernel-64kb-devel-5.3.18-150300.59.174.1 * dtb-altera-5.3.18-150300.59.174.1 * dtb-broadcom-5.3.18-150300.59.174.1 * dtb-nvidia-5.3.18-150300.59.174.1 * dlm-kmp-64kb-debuginfo-5.3.18-150300.59.174.1 * kernel-64kb-livepatch-devel-5.3.18-150300.59.174.1 * dtb-hisilicon-5.3.18-150300.59.174.1 * kernel-64kb-debugsource-5.3.18-150300.59.174.1 * dtb-qcom-5.3.18-150300.59.174.1 * kernel-64kb-debuginfo-5.3.18-150300.59.174.1 * dtb-amlogic-5.3.18-150300.59.174.1 * openSUSE Leap 15.3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Live Patching 15-SP3 (nosrc) * kernel-default-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-default-livepatch-5.3.18-150300.59.174.1 * kernel-default-debuginfo-5.3.18-150300.59.174.1 * kernel-default-debugsource-5.3.18-150300.59.174.1 * kernel-livepatch-5_3_18-150300_59_174-default-1-150300.7.3.1 * kernel-default-livepatch-devel-5.3.18-150300.59.174.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * gfs2-kmp-default-5.3.18-150300.59.174.1 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.174.1 * kernel-default-debuginfo-5.3.18-150300.59.174.1 * dlm-kmp-default-debuginfo-5.3.18-150300.59.174.1 * dlm-kmp-default-5.3.18-150300.59.174.1 * kernel-default-debugsource-5.3.18-150300.59.174.1 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.174.1 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.174.1 * cluster-md-kmp-default-5.3.18-150300.59.174.1 * ocfs2-kmp-default-5.3.18-150300.59.174.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc) * kernel-default-5.3.18-150300.59.174.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.174.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64) * kernel-64kb-devel-debuginfo-5.3.18-150300.59.174.1 * kernel-64kb-debugsource-5.3.18-150300.59.174.1 * kernel-64kb-devel-5.3.18-150300.59.174.1 * kernel-64kb-debuginfo-5.3.18-150300.59.174.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.174.1 * kernel-default-5.3.18-150300.59.174.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * kernel-default-devel-5.3.18-150300.59.174.1 * reiserfs-kmp-default-5.3.18-150300.59.174.1 * kernel-obs-build-debugsource-5.3.18-150300.59.174.1 * kernel-preempt-debuginfo-5.3.18-150300.59.174.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.174.1 * kernel-default-debuginfo-5.3.18-150300.59.174.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.174.1 * kernel-syms-5.3.18-150300.59.174.1 * kernel-default-debugsource-5.3.18-150300.59.174.1 * kernel-obs-build-5.3.18-150300.59.174.1 * kernel-preempt-debugsource-5.3.18-150300.59.174.1 * kernel-preempt-devel-5.3.18-150300.59.174.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.174.1 * kernel-default-base-5.3.18-150300.59.174.1.150300.18.103.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * kernel-source-5.3.18-150300.59.174.1 * kernel-devel-5.3.18-150300.59.174.1 * kernel-macros-5.3.18-150300.59.174.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64) * kernel-64kb-devel-debuginfo-5.3.18-150300.59.174.1 * kernel-64kb-debugsource-5.3.18-150300.59.174.1 * kernel-64kb-devel-5.3.18-150300.59.174.1 * kernel-64kb-debuginfo-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-5.3.18-150300.59.174.1 * reiserfs-kmp-default-5.3.18-150300.59.174.1 * kernel-obs-build-debugsource-5.3.18-150300.59.174.1 * kernel-default-debuginfo-5.3.18-150300.59.174.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.174.1 * kernel-default-debugsource-5.3.18-150300.59.174.1 * kernel-obs-build-5.3.18-150300.59.174.1 * kernel-syms-5.3.18-150300.59.174.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.174.1 * kernel-default-base-5.3.18-150300.59.174.1.150300.18.103.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * kernel-source-5.3.18-150300.59.174.1 * kernel-devel-5.3.18-150300.59.174.1 * kernel-macros-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 x86_64) * kernel-preempt-debugsource-5.3.18-150300.59.174.1 * kernel-preempt-devel-5.3.18-150300.59.174.1 * kernel-preempt-debuginfo-5.3.18-150300.59.174.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (s390x) * kernel-zfcpdump-debugsource-5.3.18-150300.59.174.1 * kernel-zfcpdump-debuginfo-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le x86_64) * kernel-default-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * kernel-default-devel-5.3.18-150300.59.174.1 * reiserfs-kmp-default-5.3.18-150300.59.174.1 * kernel-obs-build-debugsource-5.3.18-150300.59.174.1 * kernel-default-debuginfo-5.3.18-150300.59.174.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.174.1 * kernel-default-debugsource-5.3.18-150300.59.174.1 * kernel-obs-build-5.3.18-150300.59.174.1 * kernel-syms-5.3.18-150300.59.174.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.174.1 * kernel-default-base-5.3.18-150300.59.174.1.150300.18.103.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * kernel-source-5.3.18-150300.59.174.1 * kernel-devel-5.3.18-150300.59.174.1 * kernel-macros-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc x86_64) * kernel-preempt-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * kernel-preempt-debugsource-5.3.18-150300.59.174.1 * kernel-preempt-devel-5.3.18-150300.59.174.1 * kernel-preempt-debuginfo-5.3.18-150300.59.174.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.174.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.174.1 * SUSE Enterprise Storage 7.1 (aarch64) * kernel-64kb-devel-debuginfo-5.3.18-150300.59.174.1 * kernel-64kb-debugsource-5.3.18-150300.59.174.1 * kernel-64kb-devel-5.3.18-150300.59.174.1 * kernel-64kb-debuginfo-5.3.18-150300.59.174.1 * SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.174.1 * kernel-default-5.3.18-150300.59.174.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * kernel-default-devel-5.3.18-150300.59.174.1 * reiserfs-kmp-default-5.3.18-150300.59.174.1 * kernel-obs-build-debugsource-5.3.18-150300.59.174.1 * kernel-preempt-debuginfo-5.3.18-150300.59.174.1 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.174.1 * kernel-default-debuginfo-5.3.18-150300.59.174.1 * kernel-default-devel-debuginfo-5.3.18-150300.59.174.1 * kernel-syms-5.3.18-150300.59.174.1 * kernel-default-debugsource-5.3.18-150300.59.174.1 * kernel-obs-build-5.3.18-150300.59.174.1 * kernel-preempt-debugsource-5.3.18-150300.59.174.1 * kernel-preempt-devel-5.3.18-150300.59.174.1 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.174.1 * kernel-default-base-5.3.18-150300.59.174.1.150300.18.103.1 * SUSE Enterprise Storage 7.1 (noarch) * kernel-source-5.3.18-150300.59.174.1 * kernel-devel-5.3.18-150300.59.174.1 * kernel-macros-5.3.18-150300.59.174.1 * SUSE Enterprise Storage 7.1 (noarch nosrc) * kernel-docs-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.174.1 * kernel-default-base-5.3.18-150300.59.174.1.150300.18.103.1 * kernel-default-debugsource-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.174.1.150300.18.103.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.174.1 * kernel-default-debugsource-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.174.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.174.1.150300.18.103.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.174.1 * kernel-default-debugsource-5.3.18-150300.59.174.1 ## References: * https://www.suse.com/security/cve/CVE-2021-4441.html * https://www.suse.com/security/cve/CVE-2022-0854.html * https://www.suse.com/security/cve/CVE-2022-20368.html * https://www.suse.com/security/cve/CVE-2022-28748.html * https://www.suse.com/security/cve/CVE-2022-2964.html * https://www.suse.com/security/cve/CVE-2022-48686.html * https://www.suse.com/security/cve/CVE-2022-48775.html * https://www.suse.com/security/cve/CVE-2022-48778.html * https://www.suse.com/security/cve/CVE-2022-48787.html * https://www.suse.com/security/cve/CVE-2022-48788.html * https://www.suse.com/security/cve/CVE-2022-48789.html * https://www.suse.com/security/cve/CVE-2022-48790.html * https://www.suse.com/security/cve/CVE-2022-48791.html * https://www.suse.com/security/cve/CVE-2022-48798.html * https://www.suse.com/security/cve/CVE-2022-48802.html * https://www.suse.com/security/cve/CVE-2022-48805.html * https://www.suse.com/security/cve/CVE-2022-48811.html * https://www.suse.com/security/cve/CVE-2022-48823.html * https://www.suse.com/security/cve/CVE-2022-48824.html * https://www.suse.com/security/cve/CVE-2022-48827.html * https://www.suse.com/security/cve/CVE-2022-48834.html * https://www.suse.com/security/cve/CVE-2022-48835.html * https://www.suse.com/security/cve/CVE-2022-48836.html * https://www.suse.com/security/cve/CVE-2022-48837.html * https://www.suse.com/security/cve/CVE-2022-48838.html * https://www.suse.com/security/cve/CVE-2022-48839.html * https://www.suse.com/security/cve/CVE-2022-48843.html * https://www.suse.com/security/cve/CVE-2022-48851.html * https://www.suse.com/security/cve/CVE-2022-48853.html * https://www.suse.com/security/cve/CVE-2022-48856.html * https://www.suse.com/security/cve/CVE-2022-48857.html * https://www.suse.com/security/cve/CVE-2022-48858.html * https://www.suse.com/security/cve/CVE-2022-48872.html * https://www.suse.com/security/cve/CVE-2022-48873.html * https://www.suse.com/security/cve/CVE-2022-48901.html * https://www.suse.com/security/cve/CVE-2022-48905.html * https://www.suse.com/security/cve/CVE-2022-48912.html * https://www.suse.com/security/cve/CVE-2022-48917.html * https://www.suse.com/security/cve/CVE-2022-48919.html * https://www.suse.com/security/cve/CVE-2022-48925.html * https://www.suse.com/security/cve/CVE-2022-48926.html * https://www.suse.com/security/cve/CVE-2022-48928.html * https://www.suse.com/security/cve/CVE-2022-48930.html * https://www.suse.com/security/cve/CVE-2022-48933.html * https://www.suse.com/security/cve/CVE-2022-48934.html * https://www.suse.com/security/cve/CVE-2023-1582.html * https://www.suse.com/security/cve/CVE-2023-2176.html * https://www.suse.com/security/cve/CVE-2023-52854.html * https://www.suse.com/security/cve/CVE-2024-26583.html * https://www.suse.com/security/cve/CVE-2024-26584.html * https://www.suse.com/security/cve/CVE-2024-26800.html * https://www.suse.com/security/cve/CVE-2024-40910.html * https://www.suse.com/security/cve/CVE-2024-41009.html * https://www.suse.com/security/cve/CVE-2024-41011.html * https://www.suse.com/security/cve/CVE-2024-41062.html * https://www.suse.com/security/cve/CVE-2024-42077.html * https://www.suse.com/security/cve/CVE-2024-42232.html * https://www.suse.com/security/cve/CVE-2024-42271.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-43883.html * https://www.suse.com/security/cve/CVE-2024-44947.html * https://bugzilla.suse.com/show_bug.cgi?id=1176447 * https://bugzilla.suse.com/show_bug.cgi?id=1195668 * https://bugzilla.suse.com/show_bug.cgi?id=1195928 * https://bugzilla.suse.com/show_bug.cgi?id=1195957 * https://bugzilla.suse.com/show_bug.cgi?id=1196018 * https://bugzilla.suse.com/show_bug.cgi?id=1196516 * https://bugzilla.suse.com/show_bug.cgi?id=1196823 * https://bugzilla.suse.com/show_bug.cgi?id=1202346 * https://bugzilla.suse.com/show_bug.cgi?id=1209636 * https://bugzilla.suse.com/show_bug.cgi?id=1209799 * https://bugzilla.suse.com/show_bug.cgi?id=1210629 * https://bugzilla.suse.com/show_bug.cgi?id=1216834 * https://bugzilla.suse.com/show_bug.cgi?id=1220185 * https://bugzilla.suse.com/show_bug.cgi?id=1220186 * https://bugzilla.suse.com/show_bug.cgi?id=1222251 * https://bugzilla.suse.com/show_bug.cgi?id=1222728 * https://bugzilla.suse.com/show_bug.cgi?id=1223948 * https://bugzilla.suse.com/show_bug.cgi?id=1225109 * https://bugzilla.suse.com/show_bug.cgi?id=1225584 * https://bugzilla.suse.com/show_bug.cgi?id=1227832 * https://bugzilla.suse.com/show_bug.cgi?id=1227924 * https://bugzilla.suse.com/show_bug.cgi?id=1227928 * https://bugzilla.suse.com/show_bug.cgi?id=1227932 * https://bugzilla.suse.com/show_bug.cgi?id=1227935 * https://bugzilla.suse.com/show_bug.cgi?id=1227941 * https://bugzilla.suse.com/show_bug.cgi?id=1227942 * https://bugzilla.suse.com/show_bug.cgi?id=1227945 * https://bugzilla.suse.com/show_bug.cgi?id=1227952 * https://bugzilla.suse.com/show_bug.cgi?id=1227964 * https://bugzilla.suse.com/show_bug.cgi?id=1227969 * https://bugzilla.suse.com/show_bug.cgi?id=1227985 * https://bugzilla.suse.com/show_bug.cgi?id=1227987 * https://bugzilla.suse.com/show_bug.cgi?id=1227988 * https://bugzilla.suse.com/show_bug.cgi?id=1227989 * https://bugzilla.suse.com/show_bug.cgi?id=1227997 * https://bugzilla.suse.com/show_bug.cgi?id=1228000 * https://bugzilla.suse.com/show_bug.cgi?id=1228002 * https://bugzilla.suse.com/show_bug.cgi?id=1228004 * https://bugzilla.suse.com/show_bug.cgi?id=1228005 * https://bugzilla.suse.com/show_bug.cgi?id=1228006 * https://bugzilla.suse.com/show_bug.cgi?id=1228015 * https://bugzilla.suse.com/show_bug.cgi?id=1228020 * https://bugzilla.suse.com/show_bug.cgi?id=1228037 * https://bugzilla.suse.com/show_bug.cgi?id=1228045 * https://bugzilla.suse.com/show_bug.cgi?id=1228060 * https://bugzilla.suse.com/show_bug.cgi?id=1228062 * https://bugzilla.suse.com/show_bug.cgi?id=1228066 * https://bugzilla.suse.com/show_bug.cgi?id=1228114 * https://bugzilla.suse.com/show_bug.cgi?id=1228516 * https://bugzilla.suse.com/show_bug.cgi?id=1228576 * https://bugzilla.suse.com/show_bug.cgi?id=1228959 * https://bugzilla.suse.com/show_bug.cgi?id=1229400 * https://bugzilla.suse.com/show_bug.cgi?id=1229454 * https://bugzilla.suse.com/show_bug.cgi?id=1229500 * https://bugzilla.suse.com/show_bug.cgi?id=1229503 * https://bugzilla.suse.com/show_bug.cgi?id=1229510 * https://bugzilla.suse.com/show_bug.cgi?id=1229512 * https://bugzilla.suse.com/show_bug.cgi?id=1229598 * https://bugzilla.suse.com/show_bug.cgi?id=1229604 * https://bugzilla.suse.com/show_bug.cgi?id=1229607 * https://bugzilla.suse.com/show_bug.cgi?id=1229620 * https://bugzilla.suse.com/show_bug.cgi?id=1229621 * https://bugzilla.suse.com/show_bug.cgi?id=1229624 * https://bugzilla.suse.com/show_bug.cgi?id=1229626 * https://bugzilla.suse.com/show_bug.cgi?id=1229629 * https://bugzilla.suse.com/show_bug.cgi?id=1229630 * https://bugzilla.suse.com/show_bug.cgi?id=1229637 * https://bugzilla.suse.com/show_bug.cgi?id=1229641 * https://bugzilla.suse.com/show_bug.cgi?id=1229657 * https://bugzilla.suse.com/show_bug.cgi?id=1229707 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 16 16:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 16 Sep 2024 16:30:12 -0000 Subject: SUSE-SU-2024:3257-1: important: Security update for 389-ds Message-ID: <172650421224.17224.9681113156339802329@smelt2.prg2.suse.org> # Security update for 389-ds Announcement ID: SUSE-SU-2024:3257-1 Rating: important References: * bsc#1225507 * bsc#1225512 * bsc#1226277 Cross-References: * CVE-2024-2199 * CVE-2024-3657 * CVE-2024-5953 CVSS scores: * CVE-2024-2199 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3657 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3657 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-5953 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-5953 ( NVD ): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for 389-ds fixes the following issues: * Update to version 1.4.4.20~git3.e7ac6d87: * CVE-2024-3657: DOS via via specially crafted kerberos AS-REQ request. (bsc#1225512) * CVE-2024-5953: Malformed userPassword hashes may cause a denial of service. (bsc#1226277) * CVE-2024-2199: Malformed userPassword may cause crash at do_modify in slapd/modify.c. (bsc#1225507) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3257=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3257=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3257=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3257=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3257=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * libsvrcore0-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-snmp-debuginfo-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * libsvrcore0-debuginfo-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-devel-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-snmp-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-debuginfo-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * lib389-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-debugsource-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libsvrcore0-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * libsvrcore0-debuginfo-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-devel-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-debuginfo-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * lib389-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-debugsource-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libsvrcore0-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * libsvrcore0-debuginfo-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-devel-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-debuginfo-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * lib389-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-debugsource-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libsvrcore0-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * libsvrcore0-debuginfo-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-devel-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-debuginfo-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * lib389-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-debugsource-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libsvrcore0-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * libsvrcore0-debuginfo-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-devel-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-debuginfo-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * lib389-1.4.4.20~git3.e7ac6d87-150300.3.35.1 * 389-ds-debugsource-1.4.4.20~git3.e7ac6d87-150300.3.35.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2199.html * https://www.suse.com/security/cve/CVE-2024-3657.html * https://www.suse.com/security/cve/CVE-2024-5953.html * https://bugzilla.suse.com/show_bug.cgi?id=1225507 * https://bugzilla.suse.com/show_bug.cgi?id=1225512 * https://bugzilla.suse.com/show_bug.cgi?id=1226277 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 17 08:30:09 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 17 Sep 2024 08:30:09 -0000 Subject: SUSE-SU-2024:3288-1: important: Security update for golang-github-prometheus-prometheus Message-ID: <172656180971.28013.6964039595949422150@smelt2.prg2.suse.org> # Security update for golang-github-prometheus-prometheus Announcement ID: SUSE-SU-2024:3288-1 Rating: important References: * bsc#1204023 * bsc#1208298 * bsc#1227038 * bsc#1228556 * jsc#MSQA-848 * jsc#PED-3577 * jsc#PED-5406 Cross-References: * CVE-2022-41715 * CVE-2022-41723 * CVE-2023-45142 * CVE-2024-6104 CVSS scores: * CVE-2022-41715 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-41715 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-41723 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-41723 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45142 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45142 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6104 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-6104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 Module 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves four vulnerabilities and contains three features can now be installed. ## Description: This update for golang-github-prometheus-prometheus fixes the following issues: * Require Go > 1.20 for building * Bump go-retryablehttp to version 0.7.7 (CVE-2024-6104, bsc#1227038) * Migrate from `disabled` to `manual` service mode * Add0003-Bump-go-retryablehttp.patch * Update to 2.45.6 (jsc#PED-3577): * Security fixes in dependencies * Update to 2.45.5: * [BUGFIX] tsdb/agent: ensure that new series get written to WAL on rollback. * [BUGFIX] Remote write: Avoid a race condition when applying configuration. * Update to 2.45.4: * [BUGFIX] Remote read: Release querier resources before encoding the results. * Update to 2.45.3: * Security fixes in dependencies * [BUGFIX] TSDB: Remove double memory snapshot on shutdown. * Update to 2.45.2: * Security fixes in dependencies * [SECURITY] Updated otelhttp to version 0.46.1 (CVE-2023-45142, bsc#1228556) * [BUGFIX] TSDB: Fix PostingsForMatchers race with creating new series. * Update to 2.45.1: * [ENHANCEMENT] Hetzner SD: Support larger ID's that will be used by Hetzner in September. * [BUGFIX] Linode SD: Cast InstanceSpec values to int64 to avoid overflows on 386 architecture. * [BUGFIX] TSDB: Handle TOC parsing failures. * update to 2.45.0 (jsc#PED-5406): * [FEATURE] API: New limit parameter to limit the number of items returned by `/api/v1/status/tsdb` endpoint. * [FEATURE] Config: Add limits to global config. * [FEATURE] Consul SD: Added support for `path_prefix`. * [FEATURE] Native histograms: Add option to scrape both classic and native histograms. * [FEATURE] Native histograms: Added support for two more arithmetic operators `avg_over_time` and `sum_over_time`. * [FEATURE] Promtool: When providing the block id, only one block will be loaded and analyzed. * [FEATURE] Remote-write: New Azure ad configuration to support remote writing directly to Azure Monitor workspace. * [FEATURE] TSDB: Samples per chunk are now configurable with flag `storage.tsdb.samples-per-chunk`. By default set to its former value 120. * [ENHANCEMENT] Native histograms: bucket size can now be limited to avoid scrape fails. * [ENHANCEMENT] TSDB: Dropped series are now deleted from the WAL sooner. * [BUGFIX] Native histograms: ChunkSeries iterator now checks if a new sample can be appended to the open chunk. * [BUGFIX] Native histograms: Fix Histogram Appender `Appendable()` segfault. * [BUGFIX] Native histograms: Fix setting reset header to gauge histograms in seriesToChunkEncoder. * [BUGFIX] TSDB: Tombstone intervals are not modified after Get() call. * [BUGFIX] TSDB: Use path/filepath to set the WAL directory. * update to 2.44.0: * [FEATURE] Remote-read: Handle native histograms. * [FEATURE] Promtool: Health and readiness check of prometheus server in CLI. * [FEATURE] PromQL: Add `query_samples_total` metric, the total number of samples loaded by all queries. * [ENHANCEMENT] Storage: Optimise buffer used to iterate through samples. * [ENHANCEMENT] Scrape: Reduce memory allocations on target labels. * [ENHANCEMENT] PromQL: Use faster heap method for `topk()` / `bottomk()`. * [ENHANCEMENT] Rules API: Allow filtering by rule name. * [ENHANCEMENT] Native Histograms: Various fixes and improvements. * [ENHANCEMENT] UI: Search of scraping pools is now case-insensitive. * [ENHANCEMENT] TSDB: Add an affirmative log message for successful WAL repair. * [BUGFIX] TSDB: Block compaction failed when shutting down. * [BUGFIX] TSDB: Out-of-order chunks could be ignored if the write-behind log was deleted. * rebase patch 0001-Do-not-force-the-pure-Go-name-resolver.patch onto v2.44.0 * update to 2.43.1 * [BUGFIX] Labels: Set() after Del() would be ignored, which broke some relabeling rules. * update to 2.43.0: * [FEATURE] Promtool: Add HTTP client configuration to query commands. * [FEATURE] Scrape: Add `include_scrape_configs` to include scrape configs from different files. * [FEATURE] HTTP client: Add `no_proxy` to exclude URLs from proxied requests. * [FEATURE] HTTP client: Add `proxy_from_enviroment` to read proxies from env variables. * [ENHANCEMENT] API: Add support for setting lookback delta per query via the API. * [ENHANCEMENT] API: Change HTTP status code from 503/422 to 499 if a request is canceled. * [ENHANCEMENT] Scrape: Allow exemplars for all metric types. * [ENHANCEMENT] TSDB: Add metrics for head chunks and WAL folders size. * [ENHANCEMENT] TSDB: Automatically remove incorrect snapshot with index that is ahead of WAL. * [ENHANCEMENT] TSDB: Improve Prometheus parser error outputs to be more comprehensible. * [ENHANCEMENT] UI: Scope `group by` labels to metric in autocompletion. * [BUGFIX] Scrape: Fix `prometheus_target_scrape_pool_target_limit` metric not set before reloading. * [BUGFIX] TSDB: Correctly update `prometheus_tsdb_head_chunks_removed_total` and `prometheus_tsdb_head_chunks` metrics when reading WAL. * [BUGFIX] TSDB: Use the correct unit (seconds) when recording out-of-order append deltas in the `prometheus_tsdb_sample_ooo_delta` metric. * update to 2.42.0: This release comes with a bunch of feature coverage for native histograms and breaking changes. If you are trying native histograms already, we recommend you remove the `wal` directory when upgrading. Because the old WAL record for native histograms is not backward compatible in v2.42.0, this will lead to some data loss for the latest data. Additionally, if you scrape "float histograms" or use recording rules on native histograms in v2.42.0 (which writes float histograms), it is a one-way street since older versions do not support float histograms. * [CHANGE] **breaking** TSDB: Changed WAL record format for the experimental native histograms. * [FEATURE] Add 'keep_firing_for' field to alerting rules. * [FEATURE] Promtool: Add support of selecting timeseries for TSDB dump. * [ENHANCEMENT] Agent: Native histogram support. * [ENHANCEMENT] Rules: Support native histograms in recording rules. * [ENHANCEMENT] SD: Add container ID as a meta label for pod targets for Kubernetes. * [ENHANCEMENT] SD: Add VM size label to azure service discovery. * [ENHANCEMENT] Support native histograms in federation. * [ENHANCEMENT] TSDB: Add gauge histogram support. * [ENHANCEMENT] TSDB/Scrape: Support FloatHistogram that represents buckets as float64 values. * [ENHANCEMENT] UI: Show individual scrape pools on /targets page. * update to 2.41.0: * [FEATURE] Relabeling: Add keepequal and dropequal relabel actions. * [FEATURE] Add support for HTTP proxy headers. * [ENHANCEMENT] Reload private certificates when changed on disk. * [ENHANCEMENT] Add max_version to specify maximum TLS version in tls_config. * [ENHANCEMENT] Add goos and goarch labels to prometheus_build_info. * [ENHANCEMENT] SD: Add proxy support for EC2 and LightSail SDs. * [ENHANCEMENT] SD: Add new metric prometheus_sd_file_watcher_errors_total. * [ENHANCEMENT] Remote Read: Use a pool to speed up marshalling. * [ENHANCEMENT] TSDB: Improve handling of tombstoned chunks in iterators. * [ENHANCEMENT] TSDB: Optimize postings offset table reading. * [BUGFIX] Scrape: Validate the metric name, label names, and label values after relabeling. * [BUGFIX] Remote Write receiver and rule manager: Fix error handling. * update to 2.40.7: * [BUGFIX] TSDB: Fix queries involving negative buckets of native histograms. * update to 2.40.5: * [BUGFIX] TSDB: Fix queries involving native histograms due to improper reset of iterators. * update to 2.40.3: * [BUGFIX] TSDB: Fix compaction after a deletion is called. * update to 2.40.2: * [BUGFIX] UI: Fix black-on-black metric name color in dark mode. * update to 2.40.1: * [BUGFIX] TSDB: Fix alignment for atomic int64 for 32 bit architecture. * [BUGFIX] Scrape: Fix accept headers. * update to 2.40.0: * [FEATURE] Add experimental support for native histograms. Enable with the flag --enable-feature=native-histograms. * [FEATURE] SD: Add service discovery for OVHcloud. * [ENHANCEMENT] Kubernetes SD: Use protobuf encoding. * [ENHANCEMENT] TSDB: Use golang.org/x/exp/slices for improved sorting speed. * [ENHANCEMENT] Consul SD: Add enterprise admin partitions. Adds __meta_consul_partition label. Adds partition config in consul_sd_config. * [BUGFIX] API: Fix API error codes for /api/v1/labels and /api/v1/series. * update to 2.39.1: * [BUGFIX] Rules: Fix notifier relabel changing the labels on active alerts. * update to 2.39.0: * [FEATURE] experimental TSDB: Add support for ingesting out-of-order samples. This is configured via out_of_order_time_window field in the config file; check config file docs for more info. * [ENHANCEMENT] API: /-/healthy and /-/ready API calls now also respond to a HEAD request on top of existing GET support. * [ENHANCEMENT] PuppetDB SD: Add __meta_puppetdb_query label. * [ENHANCEMENT] AWS EC2 SD: Add __meta_ec2_region label. * [ENHANCEMENT] AWS Lightsail SD: Add __meta_lightsail_region label. * [ENHANCEMENT] Scrape: Optimise relabeling by re-using memory. * [ENHANCEMENT] TSDB: Improve WAL replay timings. * [ENHANCEMENT] TSDB: Optimise memory by not storing unnecessary data in the memory. * [ENHANCEMENT] TSDB: Allow overlapping blocks by default. \--storage.tsdb.allow-overlapping-blocks now has no effect. * [ENHANCEMENT] UI: Click to copy label-value pair from query result to clipboard. * [BUGFIX] TSDB: Turn off isolation for Head compaction to fix a memory leak. * [BUGFIX] TSDB: Fix 'invalid magic number 0' error on Prometheus startup. * [BUGFIX] PromQL: Properly close file descriptor when logging unfinished queries. * [BUGFIX] Agent: Fix validation of flag options and prevent WAL from growing more than desired. * update to 2.38.0: * [FEATURE]: Web: Add a /api/v1/format_query HTTP API endpoint that allows pretty-formatting PromQL expressions. * [FEATURE]: UI: Add support for formatting PromQL expressions in the UI. * [FEATURE]: DNS SD: Support MX records for discovering targets. * [FEATURE]: Templates: Add toTime() template function that allows converting sample timestamps to Go time.Time values. * [ENHANCEMENT]: Kubernetes SD: Add __meta_kubernetes_service_port_number meta label indicating the service port number. * [ENHANCEMENT]: Kubernetes SD: Add __meta_kubernetes_pod_container_image meta label indicating the container image. * [ENHANCEMENT]: PromQL: When a query panics, also log the query itself alongside the panic message. * [ENHANCEMENT]: UI: Tweak colors in the dark theme to improve the contrast ratio. * [ENHANCEMENT]: Web: Speed up calls to /api/v1/rules by avoiding locks and using atomic types instead. * [ENHANCEMENT]: Scrape: Add a no-default-scrape-port feature flag, which omits or removes any default HTTP (:80) or HTTPS (:443) ports in the target's scrape address. * [BUGFIX]: TSDB: In the WAL watcher metrics, expose the type="exemplar" label instead of type="unknown" for exemplar records. * [BUGFIX]: TSDB: Fix race condition around allocating series IDs during chunk snapshot loading. * Remove npm_licenses.tar.bz2 during "make clean" * Remove web-ui archives during "make clean". * [SECURITY] CVE-2022-41715: Limit memory used by parsing regexps (bsc#1204023). * Fix uncontrolled resource consumption by updating Go to version 1.20.1 (CVE-2022-41723, bsc#1208298) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3288=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3288=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3288=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3288=1 * SUSE Manager Proxy 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2024-3288=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-prometheus-2.45.6-150100.4.20.1 * firewalld-prometheus-config-0.1-150100.4.20.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-prometheus-2.45.6-150100.4.20.1 * firewalld-prometheus-config-0.1-150100.4.20.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-prometheus-2.45.6-150100.4.20.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-prometheus-2.45.6-150100.4.20.1 * SUSE Manager Proxy 4.3 Module 4.3 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-prometheus-2.45.6-150100.4.20.1 ## References: * https://www.suse.com/security/cve/CVE-2022-41715.html * https://www.suse.com/security/cve/CVE-2022-41723.html * https://www.suse.com/security/cve/CVE-2023-45142.html * https://www.suse.com/security/cve/CVE-2024-6104.html * https://bugzilla.suse.com/show_bug.cgi?id=1204023 * https://bugzilla.suse.com/show_bug.cgi?id=1208298 * https://bugzilla.suse.com/show_bug.cgi?id=1227038 * https://bugzilla.suse.com/show_bug.cgi?id=1228556 * https://jira.suse.com/browse/MSQA-848 * https://jira.suse.com/browse/PED-3577 * https://jira.suse.com/browse/PED-5406 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 17 08:32:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 17 Sep 2024 08:32:12 -0000 Subject: SUSE-SU-2024:3267-1: important: Security update for SUSE Manager Client Tools Message-ID: <172656193280.28013.4777150544120465695@smelt2.prg2.suse.org> # Security update for SUSE Manager Client Tools Announcement ID: SUSE-SU-2024:3267-1 Rating: important References: * bsc#1220136 * bsc#1224349 * bsc#1225349 * bsc#1226191 * bsc#1226284 * bsc#1226437 * bsc#1226759 * bsc#1226793 * bsc#1226847 * bsc#1226914 * bsc#1227038 * bsc#1227195 * bsc#1227244 * bsc#1227245 * bsc#1227505 * bsc#1227584 * bsc#1227586 * bsc#1227588 * bsc#1227718 * bsc#1227951 * bsc#1228026 * bsc#1228183 * bsc#1228198 * bsc#1228556 * jsc#MSQA-848 * jsc#PED-3577 Cross-References: * CVE-2023-45142 * CVE-2024-6104 CVSS scores: * CVE-2023-45142 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45142 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6104 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-6104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.0 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Client Tools for SLE 15 * SUSE Manager Client Tools for SLE Micro 5 An update that solves two vulnerabilities, contains two features and has 22 security fixes can now be installed. ## Description: This update fixes the following issues: golang-github-prometheus-prometheus: * Security issues fixed: * CVE-2024-6104: Update go-retryablehttp to version 0.7.7 (bsc#1227038) * CVE-2023-45142: Updated otelhttp to version 0.46.1 (bsc#1228556) * Require Go > 1.20 for building * Migrate from `disabled` to `manual` service mode * Update to 2.45.6 (jsc#PED-3577): * Security fixes in dependencies * Update to 2.45.5: * [BUGFIX] tsdb/agent: ensure that new series get written to WAL on rollback. * [BUGFIX] Remote write: Avoid a race condition when applying configuration. * Update to 2.45.4: * [BUGFIX] Remote read: Release querier resources before encoding the results. * Update to 2.45.3: * [BUGFIX] TSDB: Remove double memory snapshot on shutdown. * Update to 2.45.2: * [BUGFIX] TSDB: Fix PostingsForMatchers race with creating new series. * Update to 2.45.1: * [ENHANCEMENT] Hetzner SD: Support larger ID's that will be used by Hetzner in September. * [BUGFIX] Linode SD: Cast InstanceSpec values to int64 to avoid overflows on 386 architecture. * [BUGFIX] TSDB: Handle TOC parsing failures. rhnlib: * Version 5.0.4-0 * Add the old TLS code for very old traditional clients still on python 2.7 (bsc#1228198) spacecmd: * Version 5.0.9-0 * Update translation strings uyuni-tools: * Version 0.1.21-0 * mgrpxy: Fix typo on Systemd template * Version 0.1.20-0 * Update the push tag to 5.0.1 * mgrpxy: expose port on IPv6 network (bsc#1227951) * Version 0.1.19-0 * Skip updating Tomcat remote debug if conf file is not present * Version 0.1.18-0 * Setup Confidential Computing container during migration (bsc#1227588) * Add the /etc/uyuni/uyuni-tools.yaml path to the config help * Split systemd config files to not loose configuration at upgrade (bsc#1227718) * Use the same logic for image computation in mgradm and mgrpxy (bsc#1228026) * Allow building with different Helm and container default registry paths (bsc#1226191) * Fix recursion in mgradm upgrade podman list --help * Setup hub xmlrpc API service in migration to Podman (bsc#1227588) * Setup disabled hub xmlrpc API service in all cases (bsc#1227584) * Clean the inspection code to make it faster * Properly detect IPv6 enabled on Podman network (bsc#1224349) * Fix the log file path generation * Write scripts output to uyuni-tools.log file * Add uyuni-hubxml-rpc to the list of values in mgradm scale --help * Use path in mgradm support sql file input (bsc#1227505) * On Ubuntu build with go1.21 instead of go1.20 * Enforce Cobbler setup (bsc#1226847) * Expose port on IPv6 network (bsc#1227951) * show output of podman image search --list-tags command * Implement mgrpxy support config command * During migration, ignore /etc/sysconfig/tomcat and /etc/tomcat/tomcat.conf (bsc#1228183) * During migration, remove java.annotation,com.sun.xml.bind and UseConcMarkSweepGC settings * Disable node exporter port for Kubernetes * Fix start, stop and restart in Kubernetes * Increase start timeout in Kubernetes * Fix traefik query * Fix password entry usability (bsc#1226437) * Add --prepare option to migrate command * Fix random error during installation of CA certificate (bsc#1227245) * Clarify and fix distro name guessing when not provided (bsc#1226284) * Replace not working Fatal error by plain error return (bsc#1220136) * Allow server installation with preexisting storage volumes * Do not report error when purging mounted volume (bsc#1225349) * Preserve PAGER settings from the host for interactive sql usage (bsc#1226914) * Add mgrpxy command to clear the Squid cache * Use local images for Confidential Computing and Hub containers (bsc#1227586) * Version 0.1.17-0 * Allow GPG files to be loaded from the local file (bsc#1227195) * Version 0.1.16-0 * Prefer local images in all migration steps (bsc#1227244) * Version 0.1.15-0 * Define --registry flag behaviour (bsc#1226793) * Version 0.1.14-0 * Do not rely on hardcoded registry, remove any FQDN * Version 0.1.13-0 * Fix mgradm support config tarball creation (bsc#1226759) * Version 0.1.12-0 * Detection of k8s on Proxy was wrongly influenced by Server setting ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3267=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3267=1 * SUSE Manager Client Tools for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-2024-3267=1 * SUSE Manager Client Tools for SLE Micro 5 zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2024-3267=1 ## Package List: * openSUSE Leap 15.5 (noarch) * spacecmd-5.0.9-150000.3.124.1 * openSUSE Leap 15.6 (noarch) * spacecmd-5.0.9-150000.3.124.1 * SUSE Manager Client Tools for SLE 15 (aarch64 ppc64le s390x x86_64) * mgrctl-debuginfo-0.1.21-150000.1.8.2 * mgrctl-0.1.21-150000.1.8.2 * firewalld-prometheus-config-0.1-150000.3.56.1 * golang-github-prometheus-prometheus-2.45.6-150000.3.56.1 * SUSE Manager Client Tools for SLE 15 (noarch) * mgrctl-bash-completion-0.1.21-150000.1.8.2 * python3-rhnlib-5.0.4-150000.3.46.1 * mgrctl-zsh-completion-0.1.21-150000.1.8.2 * mgrctl-lang-0.1.21-150000.1.8.2 * spacecmd-5.0.9-150000.3.124.1 * SUSE Manager Client Tools for SLE Micro 5 (aarch64 s390x x86_64) * mgrctl-debuginfo-0.1.21-150000.1.8.2 * mgrctl-0.1.21-150000.1.8.2 * SUSE Manager Client Tools for SLE Micro 5 (noarch) * mgrctl-bash-completion-0.1.21-150000.1.8.2 * mgrctl-lang-0.1.21-150000.1.8.2 * mgrctl-zsh-completion-0.1.21-150000.1.8.2 ## References: * https://www.suse.com/security/cve/CVE-2023-45142.html * https://www.suse.com/security/cve/CVE-2024-6104.html * https://bugzilla.suse.com/show_bug.cgi?id=1220136 * https://bugzilla.suse.com/show_bug.cgi?id=1224349 * https://bugzilla.suse.com/show_bug.cgi?id=1225349 * https://bugzilla.suse.com/show_bug.cgi?id=1226191 * https://bugzilla.suse.com/show_bug.cgi?id=1226284 * https://bugzilla.suse.com/show_bug.cgi?id=1226437 * https://bugzilla.suse.com/show_bug.cgi?id=1226759 * https://bugzilla.suse.com/show_bug.cgi?id=1226793 * https://bugzilla.suse.com/show_bug.cgi?id=1226847 * https://bugzilla.suse.com/show_bug.cgi?id=1226914 * https://bugzilla.suse.com/show_bug.cgi?id=1227038 * https://bugzilla.suse.com/show_bug.cgi?id=1227195 * https://bugzilla.suse.com/show_bug.cgi?id=1227244 * https://bugzilla.suse.com/show_bug.cgi?id=1227245 * https://bugzilla.suse.com/show_bug.cgi?id=1227505 * https://bugzilla.suse.com/show_bug.cgi?id=1227584 * https://bugzilla.suse.com/show_bug.cgi?id=1227586 * https://bugzilla.suse.com/show_bug.cgi?id=1227588 * https://bugzilla.suse.com/show_bug.cgi?id=1227718 * https://bugzilla.suse.com/show_bug.cgi?id=1227951 * https://bugzilla.suse.com/show_bug.cgi?id=1228026 * https://bugzilla.suse.com/show_bug.cgi?id=1228183 * https://bugzilla.suse.com/show_bug.cgi?id=1228198 * https://bugzilla.suse.com/show_bug.cgi?id=1228556 * https://jira.suse.com/browse/MSQA-848 * https://jira.suse.com/browse/PED-3577 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 17 08:32:34 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 17 Sep 2024 08:32:34 -0000 Subject: SUSE-SU-2024:3266-1: important: Security update for SUSE Manager Client Tools Message-ID: <172656195428.28013.18012507736167358350@smelt2.prg2.suse.org> # Security update for SUSE Manager Client Tools Announcement ID: SUSE-SU-2024:3266-1 Rating: important References: * bsc#1220136 * bsc#1224349 * bsc#1225349 * bsc#1226191 * bsc#1226284 * bsc#1226437 * bsc#1226759 * bsc#1226793 * bsc#1226847 * bsc#1226914 * bsc#1227038 * bsc#1227195 * bsc#1227244 * bsc#1227245 * bsc#1227505 * bsc#1227584 * bsc#1227586 * bsc#1227588 * bsc#1227718 * bsc#1227951 * bsc#1228026 * bsc#1228183 * bsc#1228198 * bsc#1228556 * jsc#MSQA-848 * jsc#PED-3577 Cross-References: * CVE-2023-45142 * CVE-2024-6104 CVSS scores: * CVE-2023-45142 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45142 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6104 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-6104 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Desktop 12 * SUSE Linux Enterprise Desktop 12 SP1 * SUSE Linux Enterprise Desktop 12 SP2 * SUSE Linux Enterprise Desktop 12 SP3 * SUSE Linux Enterprise Desktop 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 * SUSE Manager Client Tools for SLE 12 An update that solves two vulnerabilities, contains two features and has 22 security fixes can now be installed. ## Description: This update fixes the following issues: golang-github-prometheus-prometheus: * Security issues fixed: * CVE-2024-6104: Update go-retryablehttp to version 0.7.7 (bsc#1227038) * CVE-2023-45142: Updated otelhttp to version 0.46.1 (bsc#1228556) * Require Go > 1.20 for building * Migrate from `disabled` to `manual` service mode * Update to 2.45.6 (jsc#PED-3577): * Security fixes in dependencies * Update to 2.45.5: * [BUGFIX] tsdb/agent: ensure that new series get written to WAL on rollback. * [BUGFIX] Remote write: Avoid a race condition when applying configuration. * Update to 2.45.4: * [BUGFIX] Remote read: Release querier resources before encoding the results. * Update to 2.45.3: * [BUGFIX] TSDB: Remove double memory snapshot on shutdown. * Update to 2.45.2: * [BUGFIX] TSDB: Fix PostingsForMatchers race with creating new series. * Update to 2.45.1: * [ENHANCEMENT] Hetzner SD: Support larger ID's that will be used by Hetzner in September. * [BUGFIX] Linode SD: Cast InstanceSpec values to int64 to avoid overflows on 386 architecture. * [BUGFIX] TSDB: Handle TOC parsing failures. rhnlib: * Version 5.0.4-0 * Add the old TLS code for very old traditional clients still on python 2.7 (bsc#1228198) spacecmd: * Version 5.0.9-0 * Update translation strings uyuni-tools: * Version 0.1.21-0 * mgrpxy: Fix typo on Systemd template * Version 0.1.20-0 * Update the push tag to 5.0.1 * mgrpxy: expose port on IPv6 network (bsc#1227951) * Version 0.1.19-0 * Skip updating Tomcat remote debug if conf file is not present * Version 0.1.18-0 * Setup Confidential Computing container during migration (bsc#1227588) * Add the /etc/uyuni/uyuni-tools.yaml path to the config help * Split systemd config files to not loose configuration at upgrade (bsc#1227718) * Use the same logic for image computation in mgradm and mgrpxy (bsc#1228026) * Allow building with different Helm and container default registry paths (bsc#1226191) * Fix recursion in mgradm upgrade podman list --help * Setup hub xmlrpc API service in migration to Podman (bsc#1227588) * Setup disabled hub xmlrpc API service in all cases (bsc#1227584) * Clean the inspection code to make it faster * Properly detect IPv6 enabled on Podman network (bsc#1224349) * Fix the log file path generation * Write scripts output to uyuni-tools.log file * Add uyuni-hubxml-rpc to the list of values in mgradm scale --help * Use path in mgradm support sql file input (bsc#1227505) * On Ubuntu build with go1.21 instead of go1.20 * Enforce Cobbler setup (bsc#1226847) * Expose port on IPv6 network (bsc#1227951) * show output of podman image search --list-tags command * Implement mgrpxy support config command * During migration, ignore /etc/sysconfig/tomcat and /etc/tomcat/tomcat.conf (bsc#1228183) * During migration, remove java.annotation,com.sun.xml.bind and UseConcMarkSweepGC settings * Disable node exporter port for Kubernetes * Fix start, stop and restart in Kubernetes * Increase start timeout in Kubernetes * Fix traefik query * Fix password entry usability (bsc#1226437) * Add --prepare option to migrate command * Fix random error during installation of CA certificate (bsc#1227245) * Clarify and fix distro name guessing when not provided (bsc#1226284) * Replace not working Fatal error by plain error return (bsc#1220136) * Allow server installation with preexisting storage volumes * Do not report error when purging mounted volume (bsc#1225349) * Preserve PAGER settings from the host for interactive sql usage (bsc#1226914) * Add mgrpxy command to clear the Squid cache * Use local images for Confidential Computing and Hub containers (bsc#1227586) * Version 0.1.17-0 * Allow GPG files to be loaded from the local file (bsc#1227195) * Version 0.1.16-0 * Prefer local images in all migration steps (bsc#1227244) * Version 0.1.15-0 * Define --registry flag behaviour (bsc#1226793) * Version 0.1.14-0 * Do not rely on hardcoded registry, remove any FQDN * Version 0.1.13-0 * Fix mgradm support config tarball creation (bsc#1226759) * Version 0.1.12-0 * Detection of k8s on Proxy was wrongly influenced by Server setting ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 12 zypper in -t patch SUSE-SLE-Manager-Tools-12-2024-3266=1 ## Package List: * SUSE Manager Client Tools for SLE 12 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-prometheus-2.45.6-1.53.1 * mgrctl-debuginfo-0.1.21-1.8.1 * mgrctl-0.1.21-1.8.1 * SUSE Manager Client Tools for SLE 12 (noarch) * python2-rhnlib-5.0.4-21.52.1 * mgrctl-bash-completion-0.1.21-1.8.1 * mgrctl-zsh-completion-0.1.21-1.8.1 * spacecmd-5.0.9-38.147.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45142.html * https://www.suse.com/security/cve/CVE-2024-6104.html * https://bugzilla.suse.com/show_bug.cgi?id=1220136 * https://bugzilla.suse.com/show_bug.cgi?id=1224349 * https://bugzilla.suse.com/show_bug.cgi?id=1225349 * https://bugzilla.suse.com/show_bug.cgi?id=1226191 * https://bugzilla.suse.com/show_bug.cgi?id=1226284 * https://bugzilla.suse.com/show_bug.cgi?id=1226437 * https://bugzilla.suse.com/show_bug.cgi?id=1226759 * https://bugzilla.suse.com/show_bug.cgi?id=1226793 * https://bugzilla.suse.com/show_bug.cgi?id=1226847 * https://bugzilla.suse.com/show_bug.cgi?id=1226914 * https://bugzilla.suse.com/show_bug.cgi?id=1227038 * https://bugzilla.suse.com/show_bug.cgi?id=1227195 * https://bugzilla.suse.com/show_bug.cgi?id=1227244 * https://bugzilla.suse.com/show_bug.cgi?id=1227245 * https://bugzilla.suse.com/show_bug.cgi?id=1227505 * https://bugzilla.suse.com/show_bug.cgi?id=1227584 * https://bugzilla.suse.com/show_bug.cgi?id=1227586 * https://bugzilla.suse.com/show_bug.cgi?id=1227588 * https://bugzilla.suse.com/show_bug.cgi?id=1227718 * https://bugzilla.suse.com/show_bug.cgi?id=1227951 * https://bugzilla.suse.com/show_bug.cgi?id=1228026 * https://bugzilla.suse.com/show_bug.cgi?id=1228183 * https://bugzilla.suse.com/show_bug.cgi?id=1228198 * https://bugzilla.suse.com/show_bug.cgi?id=1228556 * https://jira.suse.com/browse/MSQA-848 * https://jira.suse.com/browse/PED-3577 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 17 16:30:16 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 17 Sep 2024 16:30:16 -0000 Subject: SUSE-SU-2024:3289-1: important: Security update for gstreamer-plugins-bad, libvpl Message-ID: <172659061628.28013.14020479403941995972@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-bad, libvpl Announcement ID: SUSE-SU-2024:3289-1 Rating: important References: * bsc#1218534 * bsc#1219494 * bsc#1223263 * bsc#1226892 * bsc#1226897 * bsc#1226898 * bsc#1226899 * bsc#1226900 * bsc#1226901 * jsc#PED-10024 Cross-References: * CVE-2023-22656 * CVE-2023-45221 * CVE-2023-47169 * CVE-2023-47282 * CVE-2023-48368 * CVE-2023-50186 CVSS scores: * CVE-2023-22656 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2023-45221 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2023-47169 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-47282 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2023-48368 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H * CVE-2023-50186 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 An update that solves six vulnerabilities, contains one feature and has three security fixes can now be installed. ## Description: This update for gstreamer-plugins-bad, libvpl fixes the following issues: * Dropped support for libmfx to fix the following CVEs: * libmfx: improper input validation (CVE-2023-48368, bsc#1226897) * libmfx: improper buffer restrictions (CVE-2023-45221, bsc#1226898) * libmfx: out-of-bounds read (CVE-2023-22656, bsc#1226899) * libmfx: out-of-bounds write (CVE-2023-47282, bsc#1226900) * libmfx: improper buffer restrictions (CVE-2023-47169, bsc#1226901) The libmfx dependency is replaced by libvpl. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3289=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3289=1 openSUSE-SLE-15.5-2024-3289=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3289=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-3289=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-3289=1 ## Package List: * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * libgsttranscoder-1_0-0-debuginfo-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-debugsource-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-debuginfo-1.22.0-150500.3.25.2 * libgsttranscoder-1_0-0-1.22.0-150500.3.25.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * gstreamer-plugins-bad-chromaprint-debuginfo-1.22.0-150500.3.25.2 * libgstcodecparsers-1_0-0-1.22.0-150500.3.25.2 * libgstvulkan-1_0-0-debuginfo-1.22.0-150500.3.25.2 * libgstadaptivedemux-1_0-0-1.22.0-150500.3.25.2 * libgsturidownloader-1_0-0-debuginfo-1.22.0-150500.3.25.2 * typelib-1_0-GstVa-1_0-1.22.0-150500.3.25.2 * libgsturidownloader-1_0-0-1.22.0-150500.3.25.2 * libgstwebrtc-1_0-0-debuginfo-1.22.0-150500.3.25.2 * libgstbadaudio-1_0-0-debuginfo-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-chromaprint-1.22.0-150500.3.25.2 * libgstcodecs-1_0-0-1.22.0-150500.3.25.2 * libgstbadaudio-1_0-0-1.22.0-150500.3.25.2 * libgstsctp-1_0-0-debuginfo-1.22.0-150500.3.25.2 * libgstplay-1_0-0-1.22.0-150500.3.25.2 * libgstplay-1_0-0-debuginfo-1.22.0-150500.3.25.2 * typelib-1_0-GstCuda-1_0-1.22.0-150500.3.25.2 * typelib-1_0-GstVulkanWayland-1_0-1.22.0-150500.3.25.2 * libgsttranscoder-1_0-0-debuginfo-1.22.0-150500.3.25.2 * typelib-1_0-GstBadAudio-1_0-1.22.0-150500.3.25.2 * libgstcuda-1_0-0-1.22.0-150500.3.25.2 * libgstmpegts-1_0-0-debuginfo-1.22.0-150500.3.25.2 * libgstinsertbin-1_0-0-1.22.0-150500.3.25.2 * libgstphotography-1_0-0-1.22.0-150500.3.25.2 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.22.0-150500.3.25.2 * typelib-1_0-CudaGst-1_0-1.22.0-150500.3.25.2 * libgstmpegts-1_0-0-1.22.0-150500.3.25.2 * typelib-1_0-GstInsertBin-1_0-1.22.0-150500.3.25.2 * libgstinsertbin-1_0-0-debuginfo-1.22.0-150500.3.25.2 * gstreamer-transcoder-debuginfo-1.22.0-150500.3.25.2 * typelib-1_0-GstPlay-1_0-1.22.0-150500.3.25.2 * typelib-1_0-GstVulkanXCB-1_0-1.22.0-150500.3.25.2 * libgstisoff-1_0-0-debuginfo-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-1.22.0-150500.3.25.2 * gstreamer-transcoder-1.22.0-150500.3.25.2 * libgstplayer-1_0-0-debuginfo-1.22.0-150500.3.25.2 * libgstva-1_0-0-debuginfo-1.22.0-150500.3.25.2 * typelib-1_0-GstCodecs-1_0-1.22.0-150500.3.25.2 * typelib-1_0-GstTranscoder-1_0-1.22.0-150500.3.25.2 * libgstsctp-1_0-0-1.22.0-150500.3.25.2 * typelib-1_0-GstWebRTC-1_0-1.22.0-150500.3.25.2 * libgstcodecs-1_0-0-debuginfo-1.22.0-150500.3.25.2 * libgstphotography-1_0-0-debuginfo-1.22.0-150500.3.25.2 * libgstwebrtcnice-1_0-0-1.22.0-150500.3.25.2 * libgsttranscoder-1_0-0-1.22.0-150500.3.25.2 * typelib-1_0-GstVulkan-1_0-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-debuginfo-1.22.0-150500.3.25.2 * libgstwayland-1_0-0-1.22.0-150500.3.25.2 * libgstadaptivedemux-1_0-0-debuginfo-1.22.0-150500.3.25.2 * libgstisoff-1_0-0-1.22.0-150500.3.25.2 * libgstcodecparsers-1_0-0-debuginfo-1.22.0-150500.3.25.2 * libgstvulkan-1_0-0-1.22.0-150500.3.25.2 * libgstwebrtcnice-1_0-0-debuginfo-1.22.0-150500.3.25.2 * typelib-1_0-GstMpegts-1_0-1.22.0-150500.3.25.2 * libgstwayland-1_0-0-debuginfo-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-debugsource-1.22.0-150500.3.25.2 * libgstwebrtc-1_0-0-1.22.0-150500.3.25.2 * libgstbasecamerabinsrc-1_0-0-1.22.0-150500.3.25.2 * gstreamer-transcoder-devel-1.22.0-150500.3.25.2 * typelib-1_0-GstPlayer-1_0-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-devel-1.22.0-150500.3.25.2 * libgstva-1_0-0-1.22.0-150500.3.25.2 * libgstplayer-1_0-0-1.22.0-150500.3.25.2 * libgstcuda-1_0-0-debuginfo-1.22.0-150500.3.25.2 * openSUSE Leap 15.5 (x86_64) * libgstisoff-1_0-0-32bit-1.22.0-150500.3.25.2 * libgstcodecparsers-1_0-0-32bit-1.22.0-150500.3.25.2 * libgstwebrtc-1_0-0-32bit-debuginfo-1.22.0-150500.3.25.2 * libgstbasecamerabinsrc-1_0-0-32bit-debuginfo-1.22.0-150500.3.25.2 * libgstcodecs-1_0-0-32bit-debuginfo-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-32bit-1.22.0-150500.3.25.2 * libgstwayland-1_0-0-32bit-debuginfo-1.22.0-150500.3.25.2 * libgstwayland-1_0-0-32bit-1.22.0-150500.3.25.2 * libgstinsertbin-1_0-0-32bit-1.22.0-150500.3.25.2 * libvpl-debugsource-2023.0.0-150500.3.2.1 * libgstplayer-1_0-0-32bit-debuginfo-1.22.0-150500.3.25.2 * libgstvulkan-1_0-0-32bit-debuginfo-1.22.0-150500.3.25.2 * libvpl-devel-2023.0.0-150500.3.2.1 * gstreamer-plugins-bad-chromaprint-32bit-1.22.0-150500.3.25.2 * libgstbasecamerabinsrc-1_0-0-32bit-1.22.0-150500.3.25.2 * libgstisoff-1_0-0-32bit-debuginfo-1.22.0-150500.3.25.2 * libgstsctp-1_0-0-32bit-debuginfo-1.22.0-150500.3.25.2 * libgstvulkan-1_0-0-32bit-1.22.0-150500.3.25.2 * libvpl2-debuginfo-2023.0.0-150500.3.2.1 * libgstwebrtcnice-1_0-0-32bit-debuginfo-1.22.0-150500.3.25.2 * libgstwebrtcnice-1_0-0-32bit-1.22.0-150500.3.25.2 * libgstphotography-1_0-0-32bit-1.22.0-150500.3.25.2 * libgstplay-1_0-0-32bit-1.22.0-150500.3.25.2 * libgstadaptivedemux-1_0-0-32bit-1.22.0-150500.3.25.2 * libgstva-1_0-0-32bit-debuginfo-1.22.0-150500.3.25.2 * libgstcuda-1_0-0-32bit-debuginfo-1.22.0-150500.3.25.2 * libgstadaptivedemux-1_0-0-32bit-debuginfo-1.22.0-150500.3.25.2 * libgstcuda-1_0-0-32bit-1.22.0-150500.3.25.2 * libgstsctp-1_0-0-32bit-1.22.0-150500.3.25.2 * libgstbadaudio-1_0-0-32bit-1.22.0-150500.3.25.2 * libgstwebrtc-1_0-0-32bit-1.22.0-150500.3.25.2 * libvpl-2023.0.0-150500.3.2.1 * libvpl2-2023.0.0-150500.3.2.1 * libgstcodecs-1_0-0-32bit-1.22.0-150500.3.25.2 * libgstmpegts-1_0-0-32bit-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-chromaprint-32bit-debuginfo-1.22.0-150500.3.25.2 * libgstplayer-1_0-0-32bit-1.22.0-150500.3.25.2 * libgstcodecparsers-1_0-0-32bit-debuginfo-1.22.0-150500.3.25.2 * libgstva-1_0-0-32bit-1.22.0-150500.3.25.2 * libgstmpegts-1_0-0-32bit-debuginfo-1.22.0-150500.3.25.2 * libgsturidownloader-1_0-0-32bit-1.22.0-150500.3.25.2 * libgstbadaudio-1_0-0-32bit-debuginfo-1.22.0-150500.3.25.2 * libgstphotography-1_0-0-32bit-debuginfo-1.22.0-150500.3.25.2 * libgstplay-1_0-0-32bit-debuginfo-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-32bit-debuginfo-1.22.0-150500.3.25.2 * libgsturidownloader-1_0-0-32bit-debuginfo-1.22.0-150500.3.25.2 * libgstinsertbin-1_0-0-32bit-debuginfo-1.22.0-150500.3.25.2 * openSUSE Leap 15.5 (noarch) * gstreamer-plugins-bad-lang-1.22.0-150500.3.25.2 * openSUSE Leap 15.5 (aarch64_ilp32) * libgstinsertbin-1_0-0-64bit-debuginfo-1.22.0-150500.3.25.2 * libgstplay-1_0-0-64bit-debuginfo-1.22.0-150500.3.25.2 * libgstwayland-1_0-0-64bit-debuginfo-1.22.0-150500.3.25.2 * libgstbadaudio-1_0-0-64bit-1.22.0-150500.3.25.2 * libgstmpegts-1_0-0-64bit-1.22.0-150500.3.25.2 * libgstbasecamerabinsrc-1_0-0-64bit-1.22.0-150500.3.25.2 * libgstphotography-1_0-0-64bit-debuginfo-1.22.0-150500.3.25.2 * libgstplayer-1_0-0-64bit-1.22.0-150500.3.25.2 * libgstcuda-1_0-0-64bit-1.22.0-150500.3.25.2 * libgstbasecamerabinsrc-1_0-0-64bit-debuginfo-1.22.0-150500.3.25.2 * libgstphotography-1_0-0-64bit-1.22.0-150500.3.25.2 * libgstmpegts-1_0-0-64bit-debuginfo-1.22.0-150500.3.25.2 * libgstva-1_0-0-64bit-1.22.0-150500.3.25.2 * libgstadaptivedemux-1_0-0-64bit-debuginfo-1.22.0-150500.3.25.2 * libgstva-1_0-0-64bit-debuginfo-1.22.0-150500.3.25.2 * libgstcodecs-1_0-0-64bit-debuginfo-1.22.0-150500.3.25.2 * libgstsctp-1_0-0-64bit-1.22.0-150500.3.25.2 * libgstisoff-1_0-0-64bit-debuginfo-1.22.0-150500.3.25.2 * libgstplayer-1_0-0-64bit-debuginfo-1.22.0-150500.3.25.2 * libgsturidownloader-1_0-0-64bit-1.22.0-150500.3.25.2 * libgstcodecs-1_0-0-64bit-1.22.0-150500.3.25.2 * libgstwebrtcnice-1_0-0-64bit-1.22.0-150500.3.25.2 * libgstcodecparsers-1_0-0-64bit-debuginfo-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-chromaprint-64bit-1.22.0-150500.3.25.2 * libgstbadaudio-1_0-0-64bit-debuginfo-1.22.0-150500.3.25.2 * libgstvulkan-1_0-0-64bit-debuginfo-1.22.0-150500.3.25.2 * libgsturidownloader-1_0-0-64bit-debuginfo-1.22.0-150500.3.25.2 * libgstisoff-1_0-0-64bit-1.22.0-150500.3.25.2 * libgstsctp-1_0-0-64bit-debuginfo-1.22.0-150500.3.25.2 * libgstwebrtc-1_0-0-64bit-debuginfo-1.22.0-150500.3.25.2 * libgstcodecparsers-1_0-0-64bit-1.22.0-150500.3.25.2 * libgstwayland-1_0-0-64bit-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-64bit-debuginfo-1.22.0-150500.3.25.2 * libgstwebrtc-1_0-0-64bit-1.22.0-150500.3.25.2 * libgstinsertbin-1_0-0-64bit-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-64bit-1.22.0-150500.3.25.2 * libgstplay-1_0-0-64bit-1.22.0-150500.3.25.2 * libgstadaptivedemux-1_0-0-64bit-1.22.0-150500.3.25.2 * libgstcuda-1_0-0-64bit-debuginfo-1.22.0-150500.3.25.2 * libgstvulkan-1_0-0-64bit-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-chromaprint-64bit-debuginfo-1.22.0-150500.3.25.2 * libgstwebrtcnice-1_0-0-64bit-debuginfo-1.22.0-150500.3.25.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libgstplayer-1_0-0-debuginfo-1.22.0-150500.3.25.2 * libgstphotography-1_0-0-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-debugsource-1.22.0-150500.3.25.2 * libgstphotography-1_0-0-debuginfo-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-debuginfo-1.22.0-150500.3.25.2 * libgstplayer-1_0-0-1.22.0-150500.3.25.2 * libgstplay-1_0-0-1.22.0-150500.3.25.2 * libgstplay-1_0-0-debuginfo-1.22.0-150500.3.25.2 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * gstreamer-plugins-bad-chromaprint-debuginfo-1.22.0-150500.3.25.2 * libgstcodecparsers-1_0-0-1.22.0-150500.3.25.2 * libgstvulkan-1_0-0-debuginfo-1.22.0-150500.3.25.2 * libgstadaptivedemux-1_0-0-1.22.0-150500.3.25.2 * libgsturidownloader-1_0-0-debuginfo-1.22.0-150500.3.25.2 * typelib-1_0-GstVa-1_0-1.22.0-150500.3.25.2 * libgsturidownloader-1_0-0-1.22.0-150500.3.25.2 * libgstwebrtc-1_0-0-debuginfo-1.22.0-150500.3.25.2 * libgstbadaudio-1_0-0-debuginfo-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-chromaprint-1.22.0-150500.3.25.2 * libgstcodecs-1_0-0-1.22.0-150500.3.25.2 * libgstbadaudio-1_0-0-1.22.0-150500.3.25.2 * libgstsctp-1_0-0-debuginfo-1.22.0-150500.3.25.2 * typelib-1_0-GstCuda-1_0-1.22.0-150500.3.25.2 * libgsttranscoder-1_0-0-debuginfo-1.22.0-150500.3.25.2 * typelib-1_0-GstBadAudio-1_0-1.22.0-150500.3.25.2 * libgstcuda-1_0-0-1.22.0-150500.3.25.2 * libgstmpegts-1_0-0-debuginfo-1.22.0-150500.3.25.2 * libgstinsertbin-1_0-0-1.22.0-150500.3.25.2 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.22.0-150500.3.25.2 * typelib-1_0-CudaGst-1_0-1.22.0-150500.3.25.2 * libgstmpegts-1_0-0-1.22.0-150500.3.25.2 * typelib-1_0-GstInsertBin-1_0-1.22.0-150500.3.25.2 * libgstinsertbin-1_0-0-debuginfo-1.22.0-150500.3.25.2 * typelib-1_0-GstPlay-1_0-1.22.0-150500.3.25.2 * libgstisoff-1_0-0-debuginfo-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-1.22.0-150500.3.25.2 * libgstva-1_0-0-debuginfo-1.22.0-150500.3.25.2 * typelib-1_0-GstCodecs-1_0-1.22.0-150500.3.25.2 * typelib-1_0-GstWebRTC-1_0-1.22.0-150500.3.25.2 * libgstsctp-1_0-0-1.22.0-150500.3.25.2 * libgstcodecs-1_0-0-debuginfo-1.22.0-150500.3.25.2 * libgstwebrtcnice-1_0-0-1.22.0-150500.3.25.2 * libgsttranscoder-1_0-0-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-debuginfo-1.22.0-150500.3.25.2 * libgstwayland-1_0-0-1.22.0-150500.3.25.2 * libgstisoff-1_0-0-1.22.0-150500.3.25.2 * libgstadaptivedemux-1_0-0-debuginfo-1.22.0-150500.3.25.2 * libgstcodecparsers-1_0-0-debuginfo-1.22.0-150500.3.25.2 * libgstvulkan-1_0-0-1.22.0-150500.3.25.2 * libgstwebrtcnice-1_0-0-debuginfo-1.22.0-150500.3.25.2 * typelib-1_0-GstMpegts-1_0-1.22.0-150500.3.25.2 * libgstwayland-1_0-0-debuginfo-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-debugsource-1.22.0-150500.3.25.2 * libgstwebrtc-1_0-0-1.22.0-150500.3.25.2 * libgstbasecamerabinsrc-1_0-0-1.22.0-150500.3.25.2 * typelib-1_0-GstPlayer-1_0-1.22.0-150500.3.25.2 * gstreamer-plugins-bad-devel-1.22.0-150500.3.25.2 * libgstva-1_0-0-1.22.0-150500.3.25.2 * libgstcuda-1_0-0-debuginfo-1.22.0-150500.3.25.2 * Desktop Applications Module 15-SP5 (noarch) * gstreamer-plugins-bad-lang-1.22.0-150500.3.25.2 * Desktop Applications Module 15-SP5 (x86_64) * libvpl-debugsource-2023.0.0-150500.3.2.1 * libvpl-devel-2023.0.0-150500.3.2.1 * libvpl-2023.0.0-150500.3.2.1 * libvpl2-2023.0.0-150500.3.2.1 * libvpl2-debuginfo-2023.0.0-150500.3.2.1 * Desktop Applications Module 15-SP6 (x86_64) * libvpl-debugsource-2023.0.0-150500.3.2.1 * libvpl-devel-2023.0.0-150500.3.2.1 * libvpl-2023.0.0-150500.3.2.1 * libvpl2-2023.0.0-150500.3.2.1 * libvpl2-debuginfo-2023.0.0-150500.3.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-22656.html * https://www.suse.com/security/cve/CVE-2023-45221.html * https://www.suse.com/security/cve/CVE-2023-47169.html * https://www.suse.com/security/cve/CVE-2023-47282.html * https://www.suse.com/security/cve/CVE-2023-48368.html * https://www.suse.com/security/cve/CVE-2023-50186.html * https://bugzilla.suse.com/show_bug.cgi?id=1218534 * https://bugzilla.suse.com/show_bug.cgi?id=1219494 * https://bugzilla.suse.com/show_bug.cgi?id=1223263 * https://bugzilla.suse.com/show_bug.cgi?id=1226892 * https://bugzilla.suse.com/show_bug.cgi?id=1226897 * https://bugzilla.suse.com/show_bug.cgi?id=1226898 * https://bugzilla.suse.com/show_bug.cgi?id=1226899 * https://bugzilla.suse.com/show_bug.cgi?id=1226900 * https://bugzilla.suse.com/show_bug.cgi?id=1226901 * https://jira.suse.com/browse/PED-10024 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 18 08:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 18 Sep 2024 08:30:11 -0000 Subject: SUSE-SU-2024:3295-1: important: Security update for gstreamer-plugins-bad Message-ID: <172664821183.28013.113734929990410115@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-bad Announcement ID: SUSE-SU-2024:3295-1 Rating: important References: * bsc#1218534 * bsc#1219494 * bsc#1223263 * bsc#1226892 * bsc#1226897 * bsc#1226898 * bsc#1226899 * bsc#1226900 * bsc#1226901 * jsc#PED-10024 Cross-References: * CVE-2023-22656 * CVE-2023-45221 * CVE-2023-47169 * CVE-2023-47282 * CVE-2023-48368 * CVE-2023-50186 CVSS scores: * CVE-2023-22656 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2023-45221 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2023-47169 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-47282 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2023-48368 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H * CVE-2023-50186 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves six vulnerabilities, contains one feature and has three security fixes can now be installed. ## Description: This update for gstreamer-plugins-bad fixes the following issues: * Dropped support for libmfx to fix the following CVEs: * libmfx: improper input validation (CVE-2023-48368, bsc#1226897) * libmfx: improper buffer restrictions (CVE-2023-45221, bsc#1226898) * libmfx: out-of-bounds read (CVE-2023-22656, bsc#1226899) * libmfx: out-of-bounds write (CVE-2023-47282, bsc#1226900) * libmfx: improper buffer restrictions (CVE-2023-47169, bsc#1226901) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3295=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3295=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3295=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3295=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3295=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3295=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3295=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3295=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3295=1 ## Package List: * SUSE Manager Proxy 4.3 (x86_64) * libgstphotography-1_0-0-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-debuginfo-1.20.1-150400.3.23.2 * libgstphotography-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstplay-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-debugsource-1.20.1-150400.3.23.2 * libgstplay-1_0-0-1.20.1-150400.3.23.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libgstphotography-1_0-0-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-debuginfo-1.20.1-150400.3.23.2 * libgstphotography-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstplay-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-debugsource-1.20.1-150400.3.23.2 * libgstplay-1_0-0-1.20.1-150400.3.23.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libgstphotography-1_0-0-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-debuginfo-1.20.1-150400.3.23.2 * libgstphotography-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstplay-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-debugsource-1.20.1-150400.3.23.2 * libgstplay-1_0-0-1.20.1-150400.3.23.2 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libgstcodecs-1_0-0-1.20.1-150400.3.23.2 * libgstbadaudio-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstva-1_0-0-debuginfo-1.20.1-150400.3.23.2 * typelib-1_0-GstTranscoder-1_0-1.20.1-150400.3.23.2 * libgstsctp-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-devel-1.20.1-150400.3.23.2 * typelib-1_0-GstVulkanWayland-1_0-1.20.1-150400.3.23.2 * libgstplay-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-debugsource-1.20.1-150400.3.23.2 * typelib-1_0-GstMpegts-1_0-1.20.1-150400.3.23.2 * typelib-1_0-GstPlay-1_0-1.20.1-150400.3.23.2 * libgstphotography-1_0-0-1.20.1-150400.3.23.2 * libgstwayland-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstmpegts-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-chromaprint-debuginfo-1.20.1-150400.3.23.2 * libgstinsertbin-1_0-0-1.20.1-150400.3.23.2 * libgstwebrtc-1_0-0-1.20.1-150400.3.23.2 * libgstsctp-1_0-0-1.20.1-150400.3.23.2 * typelib-1_0-GstVulkan-1_0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-1.20.1-150400.3.23.2 * libgstadaptivedemux-1_0-0-debuginfo-1.20.1-150400.3.23.2 * typelib-1_0-GstVulkanXCB-1_0-1.20.1-150400.3.23.2 * libgstplay-1_0-0-1.20.1-150400.3.23.2 * libgsttranscoder-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstmpegts-1_0-0-1.20.1-150400.3.23.2 * libgstbasecamerabinsrc-1_0-0-1.20.1-150400.3.23.2 * libgstvulkan-1_0-0-1.20.1-150400.3.23.2 * gstreamer-transcoder-devel-1.20.1-150400.3.23.2 * gstreamer-transcoder-1.20.1-150400.3.23.2 * typelib-1_0-GstPlayer-1_0-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-debuginfo-1.20.1-150400.3.23.2 * libgstinsertbin-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgsttranscoder-1_0-0-1.20.1-150400.3.23.2 * libgstphotography-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-transcoder-debuginfo-1.20.1-150400.3.23.2 * typelib-1_0-GstBadAudio-1_0-1.20.1-150400.3.23.2 * libgstvulkan-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstwebrtc-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.20.1-150400.3.23.2 * typelib-1_0-GstWebRTC-1_0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-chromaprint-1.20.1-150400.3.23.2 * libgstbadaudio-1_0-0-1.20.1-150400.3.23.2 * libgstisoff-1_0-0-1.20.1-150400.3.23.2 * libgstcodecparsers-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstwayland-1_0-0-1.20.1-150400.3.23.2 * libgstva-1_0-0-1.20.1-150400.3.23.2 * libgstcodecs-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgsturidownloader-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstadaptivedemux-1_0-0-1.20.1-150400.3.23.2 * libgstisoff-1_0-0-debuginfo-1.20.1-150400.3.23.2 * typelib-1_0-GstInsertBin-1_0-1.20.1-150400.3.23.2 * libgsturidownloader-1_0-0-1.20.1-150400.3.23.2 * libgstcodecparsers-1_0-0-1.20.1-150400.3.23.2 * typelib-1_0-GstCodecs-1_0-1.20.1-150400.3.23.2 * openSUSE Leap 15.4 (x86_64) * libgstbadaudio-1_0-0-32bit-debuginfo-1.20.1-150400.3.23.2 * libgstcodecs-1_0-0-32bit-1.20.1-150400.3.23.2 * libgstsctp-1_0-0-32bit-debuginfo-1.20.1-150400.3.23.2 * libgstbadaudio-1_0-0-32bit-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-32bit-debuginfo-1.20.1-150400.3.23.2 * libgstwayland-1_0-0-32bit-1.20.1-150400.3.23.2 * libgstvulkan-1_0-0-32bit-1.20.1-150400.3.23.2 * libgstwebrtc-1_0-0-32bit-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-chromaprint-32bit-debuginfo-1.20.1-150400.3.23.2 * libgsturidownloader-1_0-0-32bit-1.20.1-150400.3.23.2 * libgstadaptivedemux-1_0-0-32bit-1.20.1-150400.3.23.2 * libgstsctp-1_0-0-32bit-1.20.1-150400.3.23.2 * libgstinsertbin-1_0-0-32bit-debuginfo-1.20.1-150400.3.23.2 * libgstphotography-1_0-0-32bit-debuginfo-1.20.1-150400.3.23.2 * libgstcodecs-1_0-0-32bit-debuginfo-1.20.1-150400.3.23.2 * libgsturidownloader-1_0-0-32bit-debuginfo-1.20.1-150400.3.23.2 * libgstplay-1_0-0-32bit-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-chromaprint-32bit-1.20.1-150400.3.23.2 * libgstva-1_0-0-32bit-1.20.1-150400.3.23.2 * libgstbasecamerabinsrc-1_0-0-32bit-debuginfo-1.20.1-150400.3.23.2 * libgstbasecamerabinsrc-1_0-0-32bit-1.20.1-150400.3.23.2 * libgstwebrtc-1_0-0-32bit-debuginfo-1.20.1-150400.3.23.2 * libgstadaptivedemux-1_0-0-32bit-debuginfo-1.20.1-150400.3.23.2 * libgstmpegts-1_0-0-32bit-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-32bit-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-32bit-1.20.1-150400.3.23.2 * libgstmpegts-1_0-0-32bit-debuginfo-1.20.1-150400.3.23.2 * libgstisoff-1_0-0-32bit-debuginfo-1.20.1-150400.3.23.2 * libgstplay-1_0-0-32bit-1.20.1-150400.3.23.2 * libgstinsertbin-1_0-0-32bit-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-32bit-1.20.1-150400.3.23.2 * libgstphotography-1_0-0-32bit-1.20.1-150400.3.23.2 * libgstva-1_0-0-32bit-debuginfo-1.20.1-150400.3.23.2 * libgstisoff-1_0-0-32bit-1.20.1-150400.3.23.2 * libgstcodecparsers-1_0-0-32bit-debuginfo-1.20.1-150400.3.23.2 * libgstcodecparsers-1_0-0-32bit-1.20.1-150400.3.23.2 * libgstvulkan-1_0-0-32bit-debuginfo-1.20.1-150400.3.23.2 * libgstwayland-1_0-0-32bit-debuginfo-1.20.1-150400.3.23.2 * openSUSE Leap 15.4 (noarch) * gstreamer-plugins-bad-lang-1.20.1-150400.3.23.2 * openSUSE Leap 15.4 (aarch64_ilp32) * libgstmpegts-1_0-0-64bit-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-64bit-debuginfo-1.20.1-150400.3.23.2 * libgstbasecamerabinsrc-1_0-0-64bit-1.20.1-150400.3.23.2 * libgstvulkan-1_0-0-64bit-debuginfo-1.20.1-150400.3.23.2 * libgstcodecparsers-1_0-0-64bit-1.20.1-150400.3.23.2 * libgstisoff-1_0-0-64bit-debuginfo-1.20.1-150400.3.23.2 * libgstsctp-1_0-0-64bit-debuginfo-1.20.1-150400.3.23.2 * libgstva-1_0-0-64bit-1.20.1-150400.3.23.2 * libgstwebrtc-1_0-0-64bit-debuginfo-1.20.1-150400.3.23.2 * libgstwayland-1_0-0-64bit-1.20.1-150400.3.23.2 * libgstbadaudio-1_0-0-64bit-1.20.1-150400.3.23.2 * libgstadaptivedemux-1_0-0-64bit-1.20.1-150400.3.23.2 * libgstcodecparsers-1_0-0-64bit-debuginfo-1.20.1-150400.3.23.2 * libgstphotography-1_0-0-64bit-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-chromaprint-64bit-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-64bit-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-64bit-1.20.1-150400.3.23.2 * libgstinsertbin-1_0-0-64bit-debuginfo-1.20.1-150400.3.23.2 * libgsturidownloader-1_0-0-64bit-1.20.1-150400.3.23.2 * libgstva-1_0-0-64bit-debuginfo-1.20.1-150400.3.23.2 * libgstcodecs-1_0-0-64bit-debuginfo-1.20.1-150400.3.23.2 * libgstmpegts-1_0-0-64bit-1.20.1-150400.3.23.2 * libgstisoff-1_0-0-64bit-1.20.1-150400.3.23.2 * libgstbasecamerabinsrc-1_0-0-64bit-debuginfo-1.20.1-150400.3.23.2 * libgstplay-1_0-0-64bit-1.20.1-150400.3.23.2 * libgstplay-1_0-0-64bit-debuginfo-1.20.1-150400.3.23.2 * libgstadaptivedemux-1_0-0-64bit-debuginfo-1.20.1-150400.3.23.2 * libgstvulkan-1_0-0-64bit-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-chromaprint-64bit-debuginfo-1.20.1-150400.3.23.2 * libgstsctp-1_0-0-64bit-1.20.1-150400.3.23.2 * libgstphotography-1_0-0-64bit-debuginfo-1.20.1-150400.3.23.2 * libgstbadaudio-1_0-0-64bit-debuginfo-1.20.1-150400.3.23.2 * libgstcodecs-1_0-0-64bit-1.20.1-150400.3.23.2 * libgstinsertbin-1_0-0-64bit-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-64bit-debuginfo-1.20.1-150400.3.23.2 * libgstwayland-1_0-0-64bit-debuginfo-1.20.1-150400.3.23.2 * libgstwebrtc-1_0-0-64bit-1.20.1-150400.3.23.2 * libgsturidownloader-1_0-0-64bit-debuginfo-1.20.1-150400.3.23.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libgstcodecs-1_0-0-1.20.1-150400.3.23.2 * libgstbadaudio-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstva-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstsctp-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-devel-1.20.1-150400.3.23.2 * libgstplay-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-debugsource-1.20.1-150400.3.23.2 * typelib-1_0-GstMpegts-1_0-1.20.1-150400.3.23.2 * typelib-1_0-GstPlay-1_0-1.20.1-150400.3.23.2 * libgstphotography-1_0-0-1.20.1-150400.3.23.2 * libgstwayland-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstmpegts-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-chromaprint-debuginfo-1.20.1-150400.3.23.2 * libgstinsertbin-1_0-0-1.20.1-150400.3.23.2 * libgstwebrtc-1_0-0-1.20.1-150400.3.23.2 * libgstsctp-1_0-0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-1.20.1-150400.3.23.2 * libgstadaptivedemux-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstplay-1_0-0-1.20.1-150400.3.23.2 * libgstmpegts-1_0-0-1.20.1-150400.3.23.2 * libgstbasecamerabinsrc-1_0-0-1.20.1-150400.3.23.2 * libgstvulkan-1_0-0-1.20.1-150400.3.23.2 * typelib-1_0-GstPlayer-1_0-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-debuginfo-1.20.1-150400.3.23.2 * libgstinsertbin-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstphotography-1_0-0-debuginfo-1.20.1-150400.3.23.2 * typelib-1_0-GstBadAudio-1_0-1.20.1-150400.3.23.2 * libgstvulkan-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstwebrtc-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.20.1-150400.3.23.2 * typelib-1_0-GstWebRTC-1_0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-chromaprint-1.20.1-150400.3.23.2 * libgstbadaudio-1_0-0-1.20.1-150400.3.23.2 * libgstisoff-1_0-0-1.20.1-150400.3.23.2 * libgstcodecparsers-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstwayland-1_0-0-1.20.1-150400.3.23.2 * libgstva-1_0-0-1.20.1-150400.3.23.2 * libgstcodecs-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgsturidownloader-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstadaptivedemux-1_0-0-1.20.1-150400.3.23.2 * libgstisoff-1_0-0-debuginfo-1.20.1-150400.3.23.2 * typelib-1_0-GstInsertBin-1_0-1.20.1-150400.3.23.2 * libgsturidownloader-1_0-0-1.20.1-150400.3.23.2 * libgstcodecparsers-1_0-0-1.20.1-150400.3.23.2 * typelib-1_0-GstCodecs-1_0-1.20.1-150400.3.23.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * gstreamer-plugins-bad-lang-1.20.1-150400.3.23.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libgstcodecs-1_0-0-1.20.1-150400.3.23.2 * libgstbadaudio-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstva-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstsctp-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-devel-1.20.1-150400.3.23.2 * libgstplay-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-debugsource-1.20.1-150400.3.23.2 * typelib-1_0-GstMpegts-1_0-1.20.1-150400.3.23.2 * typelib-1_0-GstPlay-1_0-1.20.1-150400.3.23.2 * libgstphotography-1_0-0-1.20.1-150400.3.23.2 * libgstwayland-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstmpegts-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-chromaprint-debuginfo-1.20.1-150400.3.23.2 * libgstinsertbin-1_0-0-1.20.1-150400.3.23.2 * libgstwebrtc-1_0-0-1.20.1-150400.3.23.2 * libgstsctp-1_0-0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-1.20.1-150400.3.23.2 * libgstadaptivedemux-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstplay-1_0-0-1.20.1-150400.3.23.2 * libgstmpegts-1_0-0-1.20.1-150400.3.23.2 * libgstbasecamerabinsrc-1_0-0-1.20.1-150400.3.23.2 * libgstvulkan-1_0-0-1.20.1-150400.3.23.2 * typelib-1_0-GstPlayer-1_0-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-debuginfo-1.20.1-150400.3.23.2 * libgstinsertbin-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstphotography-1_0-0-debuginfo-1.20.1-150400.3.23.2 * typelib-1_0-GstBadAudio-1_0-1.20.1-150400.3.23.2 * libgstvulkan-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstwebrtc-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.20.1-150400.3.23.2 * typelib-1_0-GstWebRTC-1_0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-chromaprint-1.20.1-150400.3.23.2 * libgstbadaudio-1_0-0-1.20.1-150400.3.23.2 * libgstisoff-1_0-0-1.20.1-150400.3.23.2 * libgstcodecparsers-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstwayland-1_0-0-1.20.1-150400.3.23.2 * libgstva-1_0-0-1.20.1-150400.3.23.2 * libgstcodecs-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgsturidownloader-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstadaptivedemux-1_0-0-1.20.1-150400.3.23.2 * libgstisoff-1_0-0-debuginfo-1.20.1-150400.3.23.2 * typelib-1_0-GstInsertBin-1_0-1.20.1-150400.3.23.2 * libgsturidownloader-1_0-0-1.20.1-150400.3.23.2 * libgstcodecparsers-1_0-0-1.20.1-150400.3.23.2 * typelib-1_0-GstCodecs-1_0-1.20.1-150400.3.23.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * gstreamer-plugins-bad-lang-1.20.1-150400.3.23.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libgstcodecs-1_0-0-1.20.1-150400.3.23.2 * libgstbadaudio-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstva-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstsctp-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-devel-1.20.1-150400.3.23.2 * libgstplay-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-debugsource-1.20.1-150400.3.23.2 * typelib-1_0-GstMpegts-1_0-1.20.1-150400.3.23.2 * typelib-1_0-GstPlay-1_0-1.20.1-150400.3.23.2 * libgstphotography-1_0-0-1.20.1-150400.3.23.2 * libgstwayland-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstmpegts-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-chromaprint-debuginfo-1.20.1-150400.3.23.2 * libgstinsertbin-1_0-0-1.20.1-150400.3.23.2 * libgstwebrtc-1_0-0-1.20.1-150400.3.23.2 * libgstsctp-1_0-0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-1.20.1-150400.3.23.2 * libgstadaptivedemux-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstplay-1_0-0-1.20.1-150400.3.23.2 * libgstmpegts-1_0-0-1.20.1-150400.3.23.2 * libgstbasecamerabinsrc-1_0-0-1.20.1-150400.3.23.2 * libgstvulkan-1_0-0-1.20.1-150400.3.23.2 * typelib-1_0-GstPlayer-1_0-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-debuginfo-1.20.1-150400.3.23.2 * libgstinsertbin-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstphotography-1_0-0-debuginfo-1.20.1-150400.3.23.2 * typelib-1_0-GstBadAudio-1_0-1.20.1-150400.3.23.2 * libgstvulkan-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstwebrtc-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.20.1-150400.3.23.2 * typelib-1_0-GstWebRTC-1_0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-chromaprint-1.20.1-150400.3.23.2 * libgstbadaudio-1_0-0-1.20.1-150400.3.23.2 * libgstisoff-1_0-0-1.20.1-150400.3.23.2 * libgstcodecparsers-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstwayland-1_0-0-1.20.1-150400.3.23.2 * libgstva-1_0-0-1.20.1-150400.3.23.2 * libgstcodecs-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgsturidownloader-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstadaptivedemux-1_0-0-1.20.1-150400.3.23.2 * libgstisoff-1_0-0-debuginfo-1.20.1-150400.3.23.2 * typelib-1_0-GstInsertBin-1_0-1.20.1-150400.3.23.2 * libgsturidownloader-1_0-0-1.20.1-150400.3.23.2 * libgstcodecparsers-1_0-0-1.20.1-150400.3.23.2 * typelib-1_0-GstCodecs-1_0-1.20.1-150400.3.23.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * gstreamer-plugins-bad-lang-1.20.1-150400.3.23.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libgstcodecs-1_0-0-1.20.1-150400.3.23.2 * libgstbadaudio-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstva-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstsctp-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-devel-1.20.1-150400.3.23.2 * libgstplay-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-debugsource-1.20.1-150400.3.23.2 * typelib-1_0-GstMpegts-1_0-1.20.1-150400.3.23.2 * typelib-1_0-GstPlay-1_0-1.20.1-150400.3.23.2 * libgstphotography-1_0-0-1.20.1-150400.3.23.2 * libgstwayland-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstmpegts-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-chromaprint-debuginfo-1.20.1-150400.3.23.2 * libgstinsertbin-1_0-0-1.20.1-150400.3.23.2 * libgstwebrtc-1_0-0-1.20.1-150400.3.23.2 * libgstsctp-1_0-0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-1.20.1-150400.3.23.2 * libgstadaptivedemux-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstplay-1_0-0-1.20.1-150400.3.23.2 * libgstmpegts-1_0-0-1.20.1-150400.3.23.2 * libgstbasecamerabinsrc-1_0-0-1.20.1-150400.3.23.2 * libgstvulkan-1_0-0-1.20.1-150400.3.23.2 * typelib-1_0-GstPlayer-1_0-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-debuginfo-1.20.1-150400.3.23.2 * libgstinsertbin-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstphotography-1_0-0-debuginfo-1.20.1-150400.3.23.2 * typelib-1_0-GstBadAudio-1_0-1.20.1-150400.3.23.2 * libgstvulkan-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstwebrtc-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.20.1-150400.3.23.2 * typelib-1_0-GstWebRTC-1_0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-chromaprint-1.20.1-150400.3.23.2 * libgstbadaudio-1_0-0-1.20.1-150400.3.23.2 * libgstisoff-1_0-0-1.20.1-150400.3.23.2 * libgstcodecparsers-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstwayland-1_0-0-1.20.1-150400.3.23.2 * libgstva-1_0-0-1.20.1-150400.3.23.2 * libgstcodecs-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgsturidownloader-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstadaptivedemux-1_0-0-1.20.1-150400.3.23.2 * libgstisoff-1_0-0-debuginfo-1.20.1-150400.3.23.2 * typelib-1_0-GstInsertBin-1_0-1.20.1-150400.3.23.2 * libgsturidownloader-1_0-0-1.20.1-150400.3.23.2 * libgstcodecparsers-1_0-0-1.20.1-150400.3.23.2 * typelib-1_0-GstCodecs-1_0-1.20.1-150400.3.23.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * gstreamer-plugins-bad-lang-1.20.1-150400.3.23.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libgstcodecs-1_0-0-1.20.1-150400.3.23.2 * libgstbadaudio-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstva-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstsctp-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-devel-1.20.1-150400.3.23.2 * libgstplay-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-debugsource-1.20.1-150400.3.23.2 * typelib-1_0-GstMpegts-1_0-1.20.1-150400.3.23.2 * typelib-1_0-GstPlay-1_0-1.20.1-150400.3.23.2 * libgstphotography-1_0-0-1.20.1-150400.3.23.2 * libgstwayland-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstmpegts-1_0-0-debuginfo-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-chromaprint-debuginfo-1.20.1-150400.3.23.2 * libgstinsertbin-1_0-0-1.20.1-150400.3.23.2 * libgstwebrtc-1_0-0-1.20.1-150400.3.23.2 * libgstsctp-1_0-0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-1.20.1-150400.3.23.2 * libgstadaptivedemux-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstplay-1_0-0-1.20.1-150400.3.23.2 * libgstmpegts-1_0-0-1.20.1-150400.3.23.2 * libgstbasecamerabinsrc-1_0-0-1.20.1-150400.3.23.2 * libgstvulkan-1_0-0-1.20.1-150400.3.23.2 * typelib-1_0-GstPlayer-1_0-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-debuginfo-1.20.1-150400.3.23.2 * libgstinsertbin-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstphotography-1_0-0-debuginfo-1.20.1-150400.3.23.2 * typelib-1_0-GstBadAudio-1_0-1.20.1-150400.3.23.2 * libgstvulkan-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstplayer-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstwebrtc-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.20.1-150400.3.23.2 * typelib-1_0-GstWebRTC-1_0-1.20.1-150400.3.23.2 * gstreamer-plugins-bad-chromaprint-1.20.1-150400.3.23.2 * libgstbadaudio-1_0-0-1.20.1-150400.3.23.2 * libgstisoff-1_0-0-1.20.1-150400.3.23.2 * libgstcodecparsers-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstwayland-1_0-0-1.20.1-150400.3.23.2 * libgstva-1_0-0-1.20.1-150400.3.23.2 * libgstcodecs-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgsturidownloader-1_0-0-debuginfo-1.20.1-150400.3.23.2 * libgstadaptivedemux-1_0-0-1.20.1-150400.3.23.2 * libgstisoff-1_0-0-debuginfo-1.20.1-150400.3.23.2 * typelib-1_0-GstInsertBin-1_0-1.20.1-150400.3.23.2 * libgsturidownloader-1_0-0-1.20.1-150400.3.23.2 * libgstcodecparsers-1_0-0-1.20.1-150400.3.23.2 * typelib-1_0-GstCodecs-1_0-1.20.1-150400.3.23.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * gstreamer-plugins-bad-lang-1.20.1-150400.3.23.2 ## References: * https://www.suse.com/security/cve/CVE-2023-22656.html * https://www.suse.com/security/cve/CVE-2023-45221.html * https://www.suse.com/security/cve/CVE-2023-47169.html * https://www.suse.com/security/cve/CVE-2023-47282.html * https://www.suse.com/security/cve/CVE-2023-48368.html * https://www.suse.com/security/cve/CVE-2023-50186.html * https://bugzilla.suse.com/show_bug.cgi?id=1218534 * https://bugzilla.suse.com/show_bug.cgi?id=1219494 * https://bugzilla.suse.com/show_bug.cgi?id=1223263 * https://bugzilla.suse.com/show_bug.cgi?id=1226892 * https://bugzilla.suse.com/show_bug.cgi?id=1226897 * https://bugzilla.suse.com/show_bug.cgi?id=1226898 * https://bugzilla.suse.com/show_bug.cgi?id=1226899 * https://bugzilla.suse.com/show_bug.cgi?id=1226900 * https://bugzilla.suse.com/show_bug.cgi?id=1226901 * https://jira.suse.com/browse/PED-10024 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 18 08:30:15 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 18 Sep 2024 08:30:15 -0000 Subject: SUSE-SU-2024:3294-1: important: Security update for python3 Message-ID: <172664821500.28013.6619356071194935932@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2024:3294-1 Rating: important References: * bsc#1228780 Cross-References: * CVE-2024-6923 CVSS scores: * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * Web and Scripting Module 12 An update that solves one vulnerability can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2024-6923: email header injection due to unquoted newlines. (bsc#1228780) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3294=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3294=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3294=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3294=1 * Web and Scripting Module 12 zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2024-3294=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * python3-devel-3.4.10-25.136.1 * python3-debugsource-3.4.10-25.136.1 * python3-dbm-debuginfo-3.4.10-25.136.1 * python3-base-debuginfo-3.4.10-25.136.1 * python3-base-debugsource-3.4.10-25.136.1 * python3-debuginfo-3.4.10-25.136.1 * python3-dbm-3.4.10-25.136.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (ppc64le s390x x86_64) * python3-devel-debuginfo-3.4.10-25.136.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * python3-devel-3.4.10-25.136.1 * python3-3.4.10-25.136.1 * python3-debugsource-3.4.10-25.136.1 * libpython3_4m1_0-3.4.10-25.136.1 * python3-base-debuginfo-3.4.10-25.136.1 * python3-curses-debuginfo-3.4.10-25.136.1 * python3-base-debugsource-3.4.10-25.136.1 * python3-tk-3.4.10-25.136.1 * python3-tk-debuginfo-3.4.10-25.136.1 * python3-base-3.4.10-25.136.1 * python3-debuginfo-3.4.10-25.136.1 * libpython3_4m1_0-debuginfo-3.4.10-25.136.1 * python3-curses-3.4.10-25.136.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libpython3_4m1_0-debuginfo-32bit-3.4.10-25.136.1 * python3-devel-debuginfo-3.4.10-25.136.1 * libpython3_4m1_0-32bit-3.4.10-25.136.1 * python3-base-debuginfo-32bit-3.4.10-25.136.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * python3-devel-3.4.10-25.136.1 * python3-3.4.10-25.136.1 * python3-debugsource-3.4.10-25.136.1 * libpython3_4m1_0-3.4.10-25.136.1 * python3-base-debuginfo-3.4.10-25.136.1 * python3-curses-debuginfo-3.4.10-25.136.1 * python3-base-debugsource-3.4.10-25.136.1 * python3-tk-3.4.10-25.136.1 * python3-tk-debuginfo-3.4.10-25.136.1 * python3-base-3.4.10-25.136.1 * python3-debuginfo-3.4.10-25.136.1 * libpython3_4m1_0-debuginfo-3.4.10-25.136.1 * python3-curses-3.4.10-25.136.1 * SUSE Linux Enterprise Server 12 SP5 (ppc64le s390x x86_64) * python3-devel-debuginfo-3.4.10-25.136.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libpython3_4m1_0-debuginfo-32bit-3.4.10-25.136.1 * libpython3_4m1_0-32bit-3.4.10-25.136.1 * python3-base-debuginfo-32bit-3.4.10-25.136.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * python3-devel-3.4.10-25.136.1 * python3-3.4.10-25.136.1 * python3-debugsource-3.4.10-25.136.1 * python3-devel-debuginfo-3.4.10-25.136.1 * libpython3_4m1_0-3.4.10-25.136.1 * python3-base-debuginfo-3.4.10-25.136.1 * python3-curses-debuginfo-3.4.10-25.136.1 * python3-base-debugsource-3.4.10-25.136.1 * python3-tk-3.4.10-25.136.1 * python3-tk-debuginfo-3.4.10-25.136.1 * python3-base-3.4.10-25.136.1 * python3-debuginfo-3.4.10-25.136.1 * libpython3_4m1_0-debuginfo-3.4.10-25.136.1 * python3-curses-3.4.10-25.136.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libpython3_4m1_0-debuginfo-32bit-3.4.10-25.136.1 * libpython3_4m1_0-32bit-3.4.10-25.136.1 * python3-base-debuginfo-32bit-3.4.10-25.136.1 * Web and Scripting Module 12 (aarch64 ppc64le s390x x86_64) * python3-3.4.10-25.136.1 * python3-debugsource-3.4.10-25.136.1 * libpython3_4m1_0-3.4.10-25.136.1 * python3-base-debuginfo-3.4.10-25.136.1 * python3-base-debugsource-3.4.10-25.136.1 * python3-base-3.4.10-25.136.1 * python3-debuginfo-3.4.10-25.136.1 * libpython3_4m1_0-debuginfo-3.4.10-25.136.1 * python3-curses-3.4.10-25.136.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6923.html * https://bugzilla.suse.com/show_bug.cgi?id=1228780 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 18 08:30:21 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 18 Sep 2024 08:30:21 -0000 Subject: SUSE-SU-2024:3293-1: important: Security update for python36 Message-ID: <172664822124.28013.9205273895143809752@smelt2.prg2.suse.org> # Security update for python36 Announcement ID: SUSE-SU-2024:3293-1 Rating: important References: * bsc#1227378 * bsc#1227999 * bsc#1228780 * bsc#1229596 Cross-References: * CVE-2024-6923 * CVE-2024-7592 CVSS scores: * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves two vulnerabilities and has two security fixes can now be installed. ## Description: This update for python36 fixes the following issues: * CVE-2024-7592: quadratic complexity when parsing cookies with backslashes. (bsc#1229596) * CVE-2024-6923: email header injection due to unquoted newlines. (bsc#1228780) Bug fixes: * Set variable %{profileopt} according to the variable %{do_profiling}. (bsc#1227999) * Stop using %%defattr, as it seems to be breaking proper executable attributes on /usr/bin/ scripts. (bsc#1227378) * Remove %suse_update_desktop_file macro, as it is not useful any more. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3293=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3293=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3293=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3293=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * python36-devel-3.6.15-61.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * python36-base-debuginfo-3.6.15-61.1 * python36-debugsource-3.6.15-61.1 * python36-3.6.15-61.1 * libpython3_6m1_0-debuginfo-3.6.15-61.1 * python36-base-3.6.15-61.1 * libpython3_6m1_0-3.6.15-61.1 * python36-debuginfo-3.6.15-61.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libpython3_6m1_0-debuginfo-32bit-3.6.15-61.1 * libpython3_6m1_0-32bit-3.6.15-61.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * python36-base-debuginfo-3.6.15-61.1 * python36-debugsource-3.6.15-61.1 * python36-3.6.15-61.1 * libpython3_6m1_0-debuginfo-3.6.15-61.1 * python36-base-3.6.15-61.1 * libpython3_6m1_0-3.6.15-61.1 * python36-debuginfo-3.6.15-61.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libpython3_6m1_0-debuginfo-32bit-3.6.15-61.1 * libpython3_6m1_0-32bit-3.6.15-61.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * python36-base-debuginfo-3.6.15-61.1 * python36-debugsource-3.6.15-61.1 * python36-3.6.15-61.1 * libpython3_6m1_0-debuginfo-3.6.15-61.1 * python36-base-3.6.15-61.1 * libpython3_6m1_0-3.6.15-61.1 * python36-debuginfo-3.6.15-61.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libpython3_6m1_0-debuginfo-32bit-3.6.15-61.1 * libpython3_6m1_0-32bit-3.6.15-61.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6923.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://bugzilla.suse.com/show_bug.cgi?id=1227378 * https://bugzilla.suse.com/show_bug.cgi?id=1227999 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 * https://bugzilla.suse.com/show_bug.cgi?id=1229596 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 18 12:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 18 Sep 2024 12:30:05 -0000 Subject: SUSE-SU-2024:3298-1: moderate: Security update for python-dnspython Message-ID: <172666260567.28013.16553629398387080170@smelt2.prg2.suse.org> # Security update for python-dnspython Announcement ID: SUSE-SU-2024:3298-1 Rating: moderate References: * bsc#1230353 Cross-References: * CVE-2023-29483 CVSS scores: * CVE-2023-29483 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-dnspython fixes the following issue: * Fix CVE-2023-29483 (bsc#1230353). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3298=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3298=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3298=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3298=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3298=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3298=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3298=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3298=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3298=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3298=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3298=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3298=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3298=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3298=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3298=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3298=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3298=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3298=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3298=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3298=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3298=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3298=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3298=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3298=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3298=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3298=1 ## Package List: * openSUSE Leap Micro 5.5 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * openSUSE Leap 15.5 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * SUSE Linux Enterprise Micro 5.3 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * SUSE Linux Enterprise Micro 5.4 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * SUSE Linux Enterprise Micro 5.5 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * Basesystem Module 15-SP5 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * Basesystem Module 15-SP6 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * SUSE Package Hub 15 15-SP5 (noarch) * python2-dnspython-1.15.0-150000.3.10.2 * SUSE Package Hub 15 15-SP6 (noarch) * python2-dnspython-1.15.0-150000.3.10.2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * SUSE Manager Proxy 4.3 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * SUSE Manager Retail Branch Server 4.3 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * SUSE Manager Server 4.3 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 * SUSE Enterprise Storage 7.1 (noarch) * python3-dnspython-1.15.0-150000.3.10.2 ## References: * https://www.suse.com/security/cve/CVE-2023-29483.html * https://bugzilla.suse.com/show_bug.cgi?id=1230353 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 18 12:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 18 Sep 2024 12:30:08 -0000 Subject: SUSE-SU-2024:3297-1: moderate: Security update for python-dnspython Message-ID: <172666260874.28013.16383842178405734246@smelt2.prg2.suse.org> # Security update for python-dnspython Announcement ID: SUSE-SU-2024:3297-1 Rating: moderate References: * bsc#1230353 Cross-References: * CVE-2023-29483 CVSS scores: * CVE-2023-29483 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python-dnspython fixes the following issue: * Fix CVE-2023-29483 (bsc#1230353). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2024-3297=1 ## Package List: * Public Cloud Module 12 (noarch) * python-dnspython-1.12.0-9.16.2 * python3-dnspython-1.12.0-9.16.2 ## References: * https://www.suse.com/security/cve/CVE-2023-29483.html * https://bugzilla.suse.com/show_bug.cgi?id=1230353 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 18 16:30:33 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 18 Sep 2024 16:30:33 -0000 Subject: SUSE-SU-2024:3309-1: moderate: Security update for libmfx Message-ID: <172667703302.22029.6698329510035568583@smelt2.prg2.suse.org> # Security update for libmfx Announcement ID: SUSE-SU-2024:3309-1 Rating: moderate References: * bsc#1219494 * bsc#1226892 * bsc#1226897 * bsc#1226898 * bsc#1226899 * bsc#1226900 * bsc#1226901 * jsc#PED-10024 Cross-References: * CVE-2023-22656 * CVE-2023-45221 * CVE-2023-47169 * CVE-2023-47282 * CVE-2023-48368 CVSS scores: * CVE-2023-22656 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2023-45221 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2023-47169 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-47282 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2023-48368 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves five vulnerabilities, contains one feature and has two security fixes can now be installed. ## Description: This update for libmfx fixes the following issues: * CVE-2023-48368: Fixed an improper input validation. (bsc#1226897) * CVE-2023-45221: Fixed an improper buffer restrictions. (bsc#1226898) * CVE-2023-22656: Fixed an out-of-bounds read. (bsc#1226899) * CVE-2023-47282: Fixed an out-of-bounds write. (bsc#1226900) * CVE-2023-47169: Fixed an improper buffer restrictions. (bsc#1226901) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3309=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3309=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3309=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3309=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (x86_64) * libmfx-debugsource-19.1.0-3.3.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libmfx-19.1.0-3.3.1 * libmfx1-debuginfo-19.1.0-3.3.1 * libmfx1-19.1.0-3.3.1 * libmfx-debugsource-19.1.0-3.3.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libmfx-19.1.0-3.3.1 * libmfx1-debuginfo-19.1.0-3.3.1 * libmfx1-19.1.0-3.3.1 * libmfx-debugsource-19.1.0-3.3.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * libmfx-19.1.0-3.3.1 * libmfx1-debuginfo-19.1.0-3.3.1 * libmfx1-19.1.0-3.3.1 * libmfx-debugsource-19.1.0-3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-22656.html * https://www.suse.com/security/cve/CVE-2023-45221.html * https://www.suse.com/security/cve/CVE-2023-47169.html * https://www.suse.com/security/cve/CVE-2023-47282.html * https://www.suse.com/security/cve/CVE-2023-48368.html * https://bugzilla.suse.com/show_bug.cgi?id=1219494 * https://bugzilla.suse.com/show_bug.cgi?id=1226892 * https://bugzilla.suse.com/show_bug.cgi?id=1226897 * https://bugzilla.suse.com/show_bug.cgi?id=1226898 * https://bugzilla.suse.com/show_bug.cgi?id=1226899 * https://bugzilla.suse.com/show_bug.cgi?id=1226900 * https://bugzilla.suse.com/show_bug.cgi?id=1226901 * https://jira.suse.com/browse/PED-10024 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 18 16:30:35 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 18 Sep 2024 16:30:35 -0000 Subject: SUSE-SU-2024:3307-1: moderate: Security update for ucode-intel Message-ID: <172667703522.22029.2122484566003384489@smelt2.prg2.suse.org> # Security update for ucode-intel Announcement ID: SUSE-SU-2024:3307-1 Rating: moderate References: * bsc#1230400 Cross-References: * CVE-2024-23984 * CVE-2024-24968 CVSS scores: * CVE-2024-23984 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-23984 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-23984 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-23984 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-24968 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-24968 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-24968 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-24968 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for ucode-intel fixes the following issues: * Intel CPU Microcode was updated to the 20240910 release (bsc#1230400) * CVE-2024-23984: Observable discrepancy in RAPL interface for some Intel Processors may allow a privileged user to potentially enable information disclosure via local access. * CVE-2024-24968: Improper finite state machines (FSMs) in hardware logic in some Intel Processors may allow an privileged user to potentially enable a denial of service via local access. ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3307=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3307=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3307=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * ucode-intel-debugsource-20240910-143.1 * ucode-intel-debuginfo-20240910-143.1 * ucode-intel-20240910-143.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * ucode-intel-debugsource-20240910-143.1 * ucode-intel-debuginfo-20240910-143.1 * ucode-intel-20240910-143.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * ucode-intel-debugsource-20240910-143.1 * ucode-intel-debuginfo-20240910-143.1 * ucode-intel-20240910-143.1 ## References: * https://www.suse.com/security/cve/CVE-2024-23984.html * https://www.suse.com/security/cve/CVE-2024-24968.html * https://bugzilla.suse.com/show_bug.cgi?id=1230400 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 18 16:30:38 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 18 Sep 2024 16:30:38 -0000 Subject: SUSE-SU-2024:3306-1: important: Security update for clamav Message-ID: <172667703807.22029.16322978500411938051@smelt2.prg2.suse.org> # Security update for clamav Announcement ID: SUSE-SU-2024:3306-1 Rating: important References: * bsc#1230161 * bsc#1230162 Cross-References: * CVE-2024-20505 * CVE-2024-20506 CVSS scores: * CVE-2024-20505 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-20505 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-20505 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-20505 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-20506 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-20506 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N * CVE-2024-20506 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-20506 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for clamav fixes the following issues: * Update to version 0.103.12 * CVE-2024-20506: Disable symlinks following to prevent an attacker to corrupt system files. (bsc#1230162) * CVE-2024-20505: Fixed possible out-of-bounds read bug in the PDF file parser. (bsc#1230161) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3306=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3306=1 openSUSE-SLE-15.6-2024-3306=1 ## Package List: * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * clamav-devel-0.103.12-150600.18.3.1 * libclamav9-debuginfo-0.103.12-150600.18.3.1 * clamav-0.103.12-150600.18.3.1 * libfreshclam2-0.103.12-150600.18.3.1 * clamav-debugsource-0.103.12-150600.18.3.1 * libclamav9-0.103.12-150600.18.3.1 * clamav-debuginfo-0.103.12-150600.18.3.1 * libfreshclam2-debuginfo-0.103.12-150600.18.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * clamav-devel-0.103.12-150600.18.3.1 * libclamav9-debuginfo-0.103.12-150600.18.3.1 * clamav-0.103.12-150600.18.3.1 * libfreshclam2-0.103.12-150600.18.3.1 * clamav-debugsource-0.103.12-150600.18.3.1 * libclamav9-0.103.12-150600.18.3.1 * clamav-debuginfo-0.103.12-150600.18.3.1 * libfreshclam2-debuginfo-0.103.12-150600.18.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-20505.html * https://www.suse.com/security/cve/CVE-2024-20506.html * https://bugzilla.suse.com/show_bug.cgi?id=1230161 * https://bugzilla.suse.com/show_bug.cgi?id=1230162 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 18 16:30:42 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 18 Sep 2024 16:30:42 -0000 Subject: SUSE-SU-2024:3305-1: important: Security update for clamav Message-ID: <172667704203.22029.13728034321020098567@smelt2.prg2.suse.org> # Security update for clamav Announcement ID: SUSE-SU-2024:3305-1 Rating: important References: * bsc#1230161 * bsc#1230162 Cross-References: * CVE-2024-20505 * CVE-2024-20506 CVSS scores: * CVE-2024-20505 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-20505 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-20505 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-20505 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-20506 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-20506 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N * CVE-2024-20506 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-20506 ( NVD ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for clamav fixes the following issues: * Update to version 0.103.12 * CVE-2024-20506: Disable symlinks following to prevent an attacker to corrupt system files. (bsc#1230162) * CVE-2024-20505: Fixed possible out-of-bounds read bug in the PDF file parser. (bsc#1230161) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3305=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3305=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3305=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3305=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3305=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3305=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3305=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3305=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3305=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3305=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3305=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3305=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3305=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3305=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3305=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3305=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3305=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * clamav-devel-0.103.12-150000.3.53.1 * libfreshclam2-0.103.12-150000.3.53.1 * libclamav9-0.103.12-150000.3.53.1 * clamav-debugsource-0.103.12-150000.3.53.1 * libclamav9-debuginfo-0.103.12-150000.3.53.1 * clamav-debuginfo-0.103.12-150000.3.53.1 * libfreshclam2-debuginfo-0.103.12-150000.3.53.1 * clamav-0.103.12-150000.3.53.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * clamav-devel-0.103.12-150000.3.53.1 * libfreshclam2-0.103.12-150000.3.53.1 * libclamav9-0.103.12-150000.3.53.1 * clamav-debugsource-0.103.12-150000.3.53.1 * libclamav9-debuginfo-0.103.12-150000.3.53.1 * clamav-debuginfo-0.103.12-150000.3.53.1 * libfreshclam2-debuginfo-0.103.12-150000.3.53.1 * clamav-0.103.12-150000.3.53.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * clamav-devel-0.103.12-150000.3.53.1 * libfreshclam2-0.103.12-150000.3.53.1 * libclamav9-0.103.12-150000.3.53.1 * clamav-debugsource-0.103.12-150000.3.53.1 * libclamav9-debuginfo-0.103.12-150000.3.53.1 * clamav-debuginfo-0.103.12-150000.3.53.1 * libfreshclam2-debuginfo-0.103.12-150000.3.53.1 * clamav-0.103.12-150000.3.53.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * clamav-devel-0.103.12-150000.3.53.1 * libfreshclam2-0.103.12-150000.3.53.1 * libclamav9-0.103.12-150000.3.53.1 * clamav-debugsource-0.103.12-150000.3.53.1 * libclamav9-debuginfo-0.103.12-150000.3.53.1 * clamav-debuginfo-0.103.12-150000.3.53.1 * libfreshclam2-debuginfo-0.103.12-150000.3.53.1 * clamav-0.103.12-150000.3.53.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * clamav-devel-0.103.12-150000.3.53.1 * libfreshclam2-0.103.12-150000.3.53.1 * libclamav9-0.103.12-150000.3.53.1 * clamav-debugsource-0.103.12-150000.3.53.1 * libclamav9-debuginfo-0.103.12-150000.3.53.1 * clamav-debuginfo-0.103.12-150000.3.53.1 * libfreshclam2-debuginfo-0.103.12-150000.3.53.1 * clamav-0.103.12-150000.3.53.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * clamav-devel-0.103.12-150000.3.53.1 * libfreshclam2-0.103.12-150000.3.53.1 * libclamav9-0.103.12-150000.3.53.1 * clamav-debugsource-0.103.12-150000.3.53.1 * libclamav9-debuginfo-0.103.12-150000.3.53.1 * clamav-debuginfo-0.103.12-150000.3.53.1 * libfreshclam2-debuginfo-0.103.12-150000.3.53.1 * clamav-0.103.12-150000.3.53.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * clamav-devel-0.103.12-150000.3.53.1 * libfreshclam2-0.103.12-150000.3.53.1 * libclamav9-0.103.12-150000.3.53.1 * clamav-debugsource-0.103.12-150000.3.53.1 * libclamav9-debuginfo-0.103.12-150000.3.53.1 * clamav-debuginfo-0.103.12-150000.3.53.1 * libfreshclam2-debuginfo-0.103.12-150000.3.53.1 * clamav-0.103.12-150000.3.53.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * clamav-devel-0.103.12-150000.3.53.1 * libfreshclam2-0.103.12-150000.3.53.1 * libclamav9-0.103.12-150000.3.53.1 * clamav-debugsource-0.103.12-150000.3.53.1 * libclamav9-debuginfo-0.103.12-150000.3.53.1 * clamav-debuginfo-0.103.12-150000.3.53.1 * libfreshclam2-debuginfo-0.103.12-150000.3.53.1 * clamav-0.103.12-150000.3.53.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * clamav-devel-0.103.12-150000.3.53.1 * libfreshclam2-0.103.12-150000.3.53.1 * libclamav9-0.103.12-150000.3.53.1 * clamav-debugsource-0.103.12-150000.3.53.1 * libclamav9-debuginfo-0.103.12-150000.3.53.1 * clamav-debuginfo-0.103.12-150000.3.53.1 * libfreshclam2-debuginfo-0.103.12-150000.3.53.1 * clamav-0.103.12-150000.3.53.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * clamav-devel-0.103.12-150000.3.53.1 * libfreshclam2-0.103.12-150000.3.53.1 * libclamav9-0.103.12-150000.3.53.1 * clamav-debugsource-0.103.12-150000.3.53.1 * libclamav9-debuginfo-0.103.12-150000.3.53.1 * clamav-debuginfo-0.103.12-150000.3.53.1 * libfreshclam2-debuginfo-0.103.12-150000.3.53.1 * clamav-0.103.12-150000.3.53.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * clamav-devel-0.103.12-150000.3.53.1 * libfreshclam2-0.103.12-150000.3.53.1 * libclamav9-0.103.12-150000.3.53.1 * clamav-debugsource-0.103.12-150000.3.53.1 * libclamav9-debuginfo-0.103.12-150000.3.53.1 * clamav-debuginfo-0.103.12-150000.3.53.1 * libfreshclam2-debuginfo-0.103.12-150000.3.53.1 * clamav-0.103.12-150000.3.53.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * clamav-devel-0.103.12-150000.3.53.1 * libfreshclam2-0.103.12-150000.3.53.1 * libclamav9-0.103.12-150000.3.53.1 * clamav-debugsource-0.103.12-150000.3.53.1 * libclamav9-debuginfo-0.103.12-150000.3.53.1 * clamav-debuginfo-0.103.12-150000.3.53.1 * libfreshclam2-debuginfo-0.103.12-150000.3.53.1 * clamav-0.103.12-150000.3.53.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * clamav-devel-0.103.12-150000.3.53.1 * libfreshclam2-0.103.12-150000.3.53.1 * libclamav9-0.103.12-150000.3.53.1 * clamav-debugsource-0.103.12-150000.3.53.1 * libclamav9-debuginfo-0.103.12-150000.3.53.1 * clamav-debuginfo-0.103.12-150000.3.53.1 * libfreshclam2-debuginfo-0.103.12-150000.3.53.1 * clamav-0.103.12-150000.3.53.1 * SUSE Manager Proxy 4.3 (x86_64) * clamav-devel-0.103.12-150000.3.53.1 * libfreshclam2-0.103.12-150000.3.53.1 * libclamav9-0.103.12-150000.3.53.1 * clamav-debugsource-0.103.12-150000.3.53.1 * libclamav9-debuginfo-0.103.12-150000.3.53.1 * clamav-debuginfo-0.103.12-150000.3.53.1 * libfreshclam2-debuginfo-0.103.12-150000.3.53.1 * clamav-0.103.12-150000.3.53.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * clamav-devel-0.103.12-150000.3.53.1 * libfreshclam2-0.103.12-150000.3.53.1 * libclamav9-0.103.12-150000.3.53.1 * clamav-debugsource-0.103.12-150000.3.53.1 * libclamav9-debuginfo-0.103.12-150000.3.53.1 * clamav-debuginfo-0.103.12-150000.3.53.1 * libfreshclam2-debuginfo-0.103.12-150000.3.53.1 * clamav-0.103.12-150000.3.53.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * clamav-devel-0.103.12-150000.3.53.1 * libfreshclam2-0.103.12-150000.3.53.1 * libclamav9-0.103.12-150000.3.53.1 * clamav-debugsource-0.103.12-150000.3.53.1 * libclamav9-debuginfo-0.103.12-150000.3.53.1 * clamav-debuginfo-0.103.12-150000.3.53.1 * libfreshclam2-debuginfo-0.103.12-150000.3.53.1 * clamav-0.103.12-150000.3.53.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * clamav-devel-0.103.12-150000.3.53.1 * libfreshclam2-0.103.12-150000.3.53.1 * libclamav9-0.103.12-150000.3.53.1 * clamav-debugsource-0.103.12-150000.3.53.1 * libclamav9-debuginfo-0.103.12-150000.3.53.1 * clamav-debuginfo-0.103.12-150000.3.53.1 * libfreshclam2-debuginfo-0.103.12-150000.3.53.1 * clamav-0.103.12-150000.3.53.1 ## References: * https://www.suse.com/security/cve/CVE-2024-20505.html * https://www.suse.com/security/cve/CVE-2024-20506.html * https://bugzilla.suse.com/show_bug.cgi?id=1230161 * https://bugzilla.suse.com/show_bug.cgi?id=1230162 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 18 16:30:46 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 18 Sep 2024 16:30:46 -0000 Subject: SUSE-SU-2024:3304-1: important: Security update for the Linux Kernel Message-ID: <172667704663.22029.10970932965932927175@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3304-1 Rating: important References: * bsc#1228002 Cross-References: * CVE-2022-48791 CVSS scores: * CVE-2022-48791 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-48791: Fix use-after-free for aborted TMF sas_task (bsc#1228002) The following non-security bugs were fixed: * powerpc: Remove support for PowerPC 601 (Remove unused and malformed assembly causing build error). * scsi: pm80xx: Fix TMF task completion race condition (bsc#1228002) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3304=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3304=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3304=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (nosrc x86_64) * kernel-rt-5.3.18-150300.184.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * kernel-rt-debugsource-5.3.18-150300.184.1 * kernel-rt-debuginfo-5.3.18-150300.184.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * kernel-source-rt-5.3.18-150300.184.1 * SUSE Linux Enterprise Micro 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.184.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * kernel-rt-debugsource-5.3.18-150300.184.1 * kernel-rt-debuginfo-5.3.18-150300.184.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * kernel-source-rt-5.3.18-150300.184.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.184.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * kernel-rt-debugsource-5.3.18-150300.184.1 * kernel-rt-debuginfo-5.3.18-150300.184.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * kernel-source-rt-5.3.18-150300.184.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48791.html * https://bugzilla.suse.com/show_bug.cgi?id=1228002 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 18 16:30:52 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 18 Sep 2024 16:30:52 -0000 Subject: SUSE-SU-2024:3303-1: important: Security update for python312 Message-ID: <172667705207.22029.16243419764141149023@smelt2.prg2.suse.org> # Security update for python312 Announcement ID: SUSE-SU-2024:3303-1 Rating: important References: * bsc#1227999 * bsc#1228780 * bsc#1229596 * bsc#1229704 * bsc#1230227 Cross-References: * CVE-2024-6232 * CVE-2024-6923 * CVE-2024-7592 * CVE-2024-8088 CVSS scores: * CVE-2024-6232 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-6232 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6232 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8088 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for python312 fixes the following issues: * Update to 3.12.6 * CVE-2024-6923: Fixed uncontrolled CPU resource consumption when in http.cookies module. (bsc#1228780). * CVE-2024-7592: Fixed Email header injection due to unquoted newlines. (bsc#1229596) * CVE-2024-6232: Fixed ReDos via excessive backtracking while parsing header values. (bsc#1230227) * CVE-2024-8088: Fixed denial of service in zipfile. (bsc#1229704) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3303=1 openSUSE-SLE-15.6-2024-3303=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-3303=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python312-tk-3.12.6-150600.3.6.1 * python312-curses-debuginfo-3.12.6-150600.3.6.1 * python312-idle-3.12.6-150600.3.6.1 * libpython3_12-1_0-3.12.6-150600.3.6.1 * python312-dbm-3.12.6-150600.3.6.1 * python312-doc-3.12.6-150600.3.6.1 * python312-dbm-debuginfo-3.12.6-150600.3.6.1 * python312-base-3.12.6-150600.3.6.1 * python312-3.12.6-150600.3.6.1 * python312-devel-3.12.6-150600.3.6.1 * python312-testsuite-3.12.6-150600.3.6.1 * python312-tk-debuginfo-3.12.6-150600.3.6.1 * python312-curses-3.12.6-150600.3.6.1 * libpython3_12-1_0-debuginfo-3.12.6-150600.3.6.1 * python312-debuginfo-3.12.6-150600.3.6.1 * python312-base-debuginfo-3.12.6-150600.3.6.1 * python312-doc-devhelp-3.12.6-150600.3.6.1 * python312-testsuite-debuginfo-3.12.6-150600.3.6.1 * python312-debugsource-3.12.6-150600.3.6.1 * python312-core-debugsource-3.12.6-150600.3.6.1 * python312-tools-3.12.6-150600.3.6.1 * openSUSE Leap 15.6 (x86_64) * libpython3_12-1_0-32bit-debuginfo-3.12.6-150600.3.6.1 * python312-base-32bit-debuginfo-3.12.6-150600.3.6.1 * libpython3_12-1_0-32bit-3.12.6-150600.3.6.1 * python312-base-32bit-3.12.6-150600.3.6.1 * python312-32bit-debuginfo-3.12.6-150600.3.6.1 * python312-32bit-3.12.6-150600.3.6.1 * openSUSE Leap 15.6 (aarch64_ilp32) * python312-base-64bit-debuginfo-3.12.6-150600.3.6.1 * python312-64bit-debuginfo-3.12.6-150600.3.6.1 * libpython3_12-1_0-64bit-3.12.6-150600.3.6.1 * libpython3_12-1_0-64bit-debuginfo-3.12.6-150600.3.6.1 * python312-base-64bit-3.12.6-150600.3.6.1 * python312-64bit-3.12.6-150600.3.6.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python312-curses-3.12.6-150600.3.6.1 * python312-debugsource-3.12.6-150600.3.6.1 * libpython3_12-1_0-debuginfo-3.12.6-150600.3.6.1 * python312-tk-3.12.6-150600.3.6.1 * python312-debuginfo-3.12.6-150600.3.6.1 * python312-curses-debuginfo-3.12.6-150600.3.6.1 * python312-dbm-debuginfo-3.12.6-150600.3.6.1 * python312-idle-3.12.6-150600.3.6.1 * python312-base-3.12.6-150600.3.6.1 * python312-3.12.6-150600.3.6.1 * python312-base-debuginfo-3.12.6-150600.3.6.1 * python312-devel-3.12.6-150600.3.6.1 * libpython3_12-1_0-3.12.6-150600.3.6.1 * python312-dbm-3.12.6-150600.3.6.1 * python312-core-debugsource-3.12.6-150600.3.6.1 * python312-tk-debuginfo-3.12.6-150600.3.6.1 * python312-tools-3.12.6-150600.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6232.html * https://www.suse.com/security/cve/CVE-2024-6923.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://www.suse.com/security/cve/CVE-2024-8088.html * https://bugzilla.suse.com/show_bug.cgi?id=1227999 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 * https://bugzilla.suse.com/show_bug.cgi?id=1229596 * https://bugzilla.suse.com/show_bug.cgi?id=1229704 * https://bugzilla.suse.com/show_bug.cgi?id=1230227 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 18 16:30:58 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 18 Sep 2024 16:30:58 -0000 Subject: SUSE-SU-2024:3302-1: important: Security update for python3 Message-ID: <172667705841.22029.4654001936619045962@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2024:3302-1 Rating: important References: * bsc#1227378 * bsc#1227999 * bsc#1228780 * bsc#1229596 Cross-References: * CVE-2024-6923 * CVE-2024-7592 CVSS scores: * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves two vulnerabilities and has two security fixes can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2024-6923: Fixed uncontrolled CPU resource consumption when in http.cookies module (bsc#1228780). * CVE-2024-7592: Fixed Email header injection due to unquoted newlines (bsc#1229596) Bug fixes: * %{profileopt} variable is set according to the variable %{do_profiling} (bsc#1227999) * Stop using %%defattr, it seems to be breaking proper executable attributes on /usr/bin/ scripts (bsc#1227378). * Remove %suse_update_desktop_file macro as it is not useful any more. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3302=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3302=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3302=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3302=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * python3-tools-3.6.15-150000.3.155.2 * python3-base-debuginfo-3.6.15-150000.3.155.2 * libpython3_6m1_0-3.6.15-150000.3.155.2 * python3-base-3.6.15-150000.3.155.2 * python3-dbm-3.6.15-150000.3.155.2 * python3-debugsource-3.6.15-150000.3.155.2 * python3-devel-debuginfo-3.6.15-150000.3.155.2 * python3-curses-debuginfo-3.6.15-150000.3.155.2 * python3-devel-3.6.15-150000.3.155.2 * python3-core-debugsource-3.6.15-150000.3.155.2 * libpython3_6m1_0-debuginfo-3.6.15-150000.3.155.2 * python3-idle-3.6.15-150000.3.155.2 * python3-curses-3.6.15-150000.3.155.2 * python3-tk-debuginfo-3.6.15-150000.3.155.2 * python3-dbm-debuginfo-3.6.15-150000.3.155.2 * python3-debuginfo-3.6.15-150000.3.155.2 * python3-3.6.15-150000.3.155.2 * python3-tk-3.6.15-150000.3.155.2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * python3-tools-3.6.15-150000.3.155.2 * python3-base-debuginfo-3.6.15-150000.3.155.2 * libpython3_6m1_0-3.6.15-150000.3.155.2 * python3-base-3.6.15-150000.3.155.2 * python3-dbm-3.6.15-150000.3.155.2 * python3-debugsource-3.6.15-150000.3.155.2 * python3-devel-debuginfo-3.6.15-150000.3.155.2 * python3-curses-debuginfo-3.6.15-150000.3.155.2 * python3-devel-3.6.15-150000.3.155.2 * python3-core-debugsource-3.6.15-150000.3.155.2 * libpython3_6m1_0-debuginfo-3.6.15-150000.3.155.2 * python3-idle-3.6.15-150000.3.155.2 * python3-curses-3.6.15-150000.3.155.2 * python3-tk-debuginfo-3.6.15-150000.3.155.2 * python3-dbm-debuginfo-3.6.15-150000.3.155.2 * python3-debuginfo-3.6.15-150000.3.155.2 * python3-3.6.15-150000.3.155.2 * python3-tk-3.6.15-150000.3.155.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * python3-tools-3.6.15-150000.3.155.2 * python3-base-debuginfo-3.6.15-150000.3.155.2 * libpython3_6m1_0-3.6.15-150000.3.155.2 * python3-base-3.6.15-150000.3.155.2 * python3-dbm-3.6.15-150000.3.155.2 * python3-debugsource-3.6.15-150000.3.155.2 * python3-devel-debuginfo-3.6.15-150000.3.155.2 * python3-curses-debuginfo-3.6.15-150000.3.155.2 * python3-devel-3.6.15-150000.3.155.2 * python3-core-debugsource-3.6.15-150000.3.155.2 * libpython3_6m1_0-debuginfo-3.6.15-150000.3.155.2 * python3-idle-3.6.15-150000.3.155.2 * python3-curses-3.6.15-150000.3.155.2 * python3-tk-debuginfo-3.6.15-150000.3.155.2 * python3-dbm-debuginfo-3.6.15-150000.3.155.2 * python3-debuginfo-3.6.15-150000.3.155.2 * python3-3.6.15-150000.3.155.2 * python3-tk-3.6.15-150000.3.155.2 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * python3-base-debuginfo-3.6.15-150000.3.155.2 * libpython3_6m1_0-3.6.15-150000.3.155.2 * python3-base-3.6.15-150000.3.155.2 * python3-debugsource-3.6.15-150000.3.155.2 * python3-core-debugsource-3.6.15-150000.3.155.2 * libpython3_6m1_0-debuginfo-3.6.15-150000.3.155.2 * python3-debuginfo-3.6.15-150000.3.155.2 * python3-3.6.15-150000.3.155.2 ## References: * https://www.suse.com/security/cve/CVE-2024-6923.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://bugzilla.suse.com/show_bug.cgi?id=1227378 * https://bugzilla.suse.com/show_bug.cgi?id=1227999 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 * https://bugzilla.suse.com/show_bug.cgi?id=1229596 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 18 16:31:00 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 18 Sep 2024 16:31:00 -0000 Subject: SUSE-SU-2024:3301-1: important: Security update for ffmpeg-4 Message-ID: <172667706067.22029.15465994350715379816@smelt2.prg2.suse.org> # Security update for ffmpeg-4 Announcement ID: SUSE-SU-2024:3301-1 Rating: important References: * bsc#1229026 Cross-References: * CVE-2024-7055 CVSS scores: * CVE-2024-7055 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for ffmpeg-4 fixes the following issues: * CVE-2024-7055: Fixed a heap-based buffer overflow in pnmdec. (bsc#1229026) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3301=1 openSUSE-SLE-15.6-2024-3301=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3301=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-3301=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libavresample4_0-4.4-150600.13.13.1 * ffmpeg-4-libswresample-devel-4.4-150600.13.13.1 * libavcodec58_134-4.4-150600.13.13.1 * libavutil56_70-debuginfo-4.4-150600.13.13.1 * ffmpeg-4-4.4-150600.13.13.1 * ffmpeg-4-libavfilter-devel-4.4-150600.13.13.1 * libavdevice58_13-debuginfo-4.4-150600.13.13.1 * libpostproc55_9-4.4-150600.13.13.1 * libavresample4_0-debuginfo-4.4-150600.13.13.1 * libswresample3_9-4.4-150600.13.13.1 * libavfilter7_110-debuginfo-4.4-150600.13.13.1 * ffmpeg-4-debuginfo-4.4-150600.13.13.1 * ffmpeg-4-libpostproc-devel-4.4-150600.13.13.1 * libavcodec58_134-debuginfo-4.4-150600.13.13.1 * ffmpeg-4-libavutil-devel-4.4-150600.13.13.1 * libavformat58_76-4.4-150600.13.13.1 * libswscale5_9-debuginfo-4.4-150600.13.13.1 * ffmpeg-4-libavresample-devel-4.4-150600.13.13.1 * ffmpeg-4-libavdevice-devel-4.4-150600.13.13.1 * ffmpeg-4-libavcodec-devel-4.4-150600.13.13.1 * libavformat58_76-debuginfo-4.4-150600.13.13.1 * libavdevice58_13-4.4-150600.13.13.1 * libavfilter7_110-4.4-150600.13.13.1 * libswresample3_9-debuginfo-4.4-150600.13.13.1 * ffmpeg-4-libswscale-devel-4.4-150600.13.13.1 * ffmpeg-4-debugsource-4.4-150600.13.13.1 * libswscale5_9-4.4-150600.13.13.1 * libavutil56_70-4.4-150600.13.13.1 * ffmpeg-4-libavformat-devel-4.4-150600.13.13.1 * ffmpeg-4-private-devel-4.4-150600.13.13.1 * libpostproc55_9-debuginfo-4.4-150600.13.13.1 * openSUSE Leap 15.6 (x86_64) * libavcodec58_134-32bit-debuginfo-4.4-150600.13.13.1 * libavformat58_76-32bit-debuginfo-4.4-150600.13.13.1 * libavutil56_70-32bit-4.4-150600.13.13.1 * libswscale5_9-32bit-4.4-150600.13.13.1 * libpostproc55_9-32bit-4.4-150600.13.13.1 * libswscale5_9-32bit-debuginfo-4.4-150600.13.13.1 * libpostproc55_9-32bit-debuginfo-4.4-150600.13.13.1 * libavfilter7_110-32bit-4.4-150600.13.13.1 * libavresample4_0-32bit-4.4-150600.13.13.1 * libavdevice58_13-32bit-debuginfo-4.4-150600.13.13.1 * libavcodec58_134-32bit-4.4-150600.13.13.1 * libavutil56_70-32bit-debuginfo-4.4-150600.13.13.1 * libavdevice58_13-32bit-4.4-150600.13.13.1 * libavresample4_0-32bit-debuginfo-4.4-150600.13.13.1 * libswresample3_9-32bit-4.4-150600.13.13.1 * libswresample3_9-32bit-debuginfo-4.4-150600.13.13.1 * libavfilter7_110-32bit-debuginfo-4.4-150600.13.13.1 * libavformat58_76-32bit-4.4-150600.13.13.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libavcodec58_134-64bit-debuginfo-4.4-150600.13.13.1 * libavresample4_0-64bit-debuginfo-4.4-150600.13.13.1 * libpostproc55_9-64bit-debuginfo-4.4-150600.13.13.1 * libswresample3_9-64bit-4.4-150600.13.13.1 * libavutil56_70-64bit-debuginfo-4.4-150600.13.13.1 * libavformat58_76-64bit-4.4-150600.13.13.1 * libswresample3_9-64bit-debuginfo-4.4-150600.13.13.1 * libavdevice58_13-64bit-4.4-150600.13.13.1 * libavresample4_0-64bit-4.4-150600.13.13.1 * libpostproc55_9-64bit-4.4-150600.13.13.1 * libavfilter7_110-64bit-4.4-150600.13.13.1 * libavformat58_76-64bit-debuginfo-4.4-150600.13.13.1 * libavutil56_70-64bit-4.4-150600.13.13.1 * libavdevice58_13-64bit-debuginfo-4.4-150600.13.13.1 * libswscale5_9-64bit-4.4-150600.13.13.1 * libswscale5_9-64bit-debuginfo-4.4-150600.13.13.1 * libavfilter7_110-64bit-debuginfo-4.4-150600.13.13.1 * libavcodec58_134-64bit-4.4-150600.13.13.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * libavresample4_0-4.4-150600.13.13.1 * ffmpeg-4-libswresample-devel-4.4-150600.13.13.1 * libavcodec58_134-4.4-150600.13.13.1 * libavutil56_70-debuginfo-4.4-150600.13.13.1 * ffmpeg-4-4.4-150600.13.13.1 * ffmpeg-4-libavfilter-devel-4.4-150600.13.13.1 * libavdevice58_13-debuginfo-4.4-150600.13.13.1 * libpostproc55_9-4.4-150600.13.13.1 * libavresample4_0-debuginfo-4.4-150600.13.13.1 * libswresample3_9-4.4-150600.13.13.1 * libavfilter7_110-debuginfo-4.4-150600.13.13.1 * ffmpeg-4-debuginfo-4.4-150600.13.13.1 * ffmpeg-4-libpostproc-devel-4.4-150600.13.13.1 * libavcodec58_134-debuginfo-4.4-150600.13.13.1 * ffmpeg-4-libavutil-devel-4.4-150600.13.13.1 * libavformat58_76-4.4-150600.13.13.1 * libswscale5_9-debuginfo-4.4-150600.13.13.1 * ffmpeg-4-libavresample-devel-4.4-150600.13.13.1 * ffmpeg-4-libavdevice-devel-4.4-150600.13.13.1 * ffmpeg-4-libavcodec-devel-4.4-150600.13.13.1 * libavformat58_76-debuginfo-4.4-150600.13.13.1 * libavdevice58_13-4.4-150600.13.13.1 * libavfilter7_110-4.4-150600.13.13.1 * libswresample3_9-debuginfo-4.4-150600.13.13.1 * ffmpeg-4-libswscale-devel-4.4-150600.13.13.1 * ffmpeg-4-debugsource-4.4-150600.13.13.1 * libswscale5_9-4.4-150600.13.13.1 * libavutil56_70-4.4-150600.13.13.1 * ffmpeg-4-libavformat-devel-4.4-150600.13.13.1 * ffmpeg-4-private-devel-4.4-150600.13.13.1 * libpostproc55_9-debuginfo-4.4-150600.13.13.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * ffmpeg-4-debugsource-4.4-150600.13.13.1 * libswscale5_9-4.4-150600.13.13.1 * libavutil56_70-4.4-150600.13.13.1 * ffmpeg-4-debuginfo-4.4-150600.13.13.1 * libavcodec58_134-debuginfo-4.4-150600.13.13.1 * libavformat58_76-4.4-150600.13.13.1 * libavformat58_76-debuginfo-4.4-150600.13.13.1 * libavcodec58_134-4.4-150600.13.13.1 * libavutil56_70-debuginfo-4.4-150600.13.13.1 * libswresample3_9-debuginfo-4.4-150600.13.13.1 * libswscale5_9-debuginfo-4.4-150600.13.13.1 * libswresample3_9-4.4-150600.13.13.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7055.html * https://bugzilla.suse.com/show_bug.cgi?id=1229026 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 08:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 08:30:08 -0000 Subject: SUSE-SU-2024:3322-1: important: Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6) Message-ID: <172673460815.27756.9447110773155755401@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP6) Announcement ID: SUSE-SU-2024:3322-1 Rating: important References: * bsc#1228349 Cross-References: * CVE-2024-40909 CVSS scores: * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_10_5 fixes one issue. The following security issue was fixed: * CVE-2024-40909: Fix a potential use-after-free in bpf_link_free() (bsc#1228349). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2024-3322=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_5-rt-2-150600.1.8.1 * kernel-livepatch-SLE15-SP6-RT_Update_1-debugsource-2-150600.1.8.1 * kernel-livepatch-6_4_0-150600_10_5-rt-debuginfo-2-150600.1.8.1 ## References: * https://www.suse.com/security/cve/CVE-2024-40909.html * https://bugzilla.suse.com/show_bug.cgi?id=1228349 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 08:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 08:30:11 -0000 Subject: SUSE-SU-2024:3321-1: important: Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6) Message-ID: <172673461163.27756.16347574364669638656@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 0 for SLE 15 SP6) Announcement ID: SUSE-SU-2024:3321-1 Rating: important References: * bsc#1225313 Cross-References: * CVE-2024-35817 CVSS scores: * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_8 fixes one issue. The following security issue was fixed: * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2024-3321=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_8-rt-3-150600.3.2 * kernel-livepatch-6_4_0-150600_8-rt-debuginfo-3-150600.3.2 * kernel-livepatch-SLE15-SP6-RT_Update_0-debugsource-3-150600.3.2 ## References: * https://www.suse.com/security/cve/CVE-2024-35817.html * https://bugzilla.suse.com/show_bug.cgi?id=1225313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 08:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 08:30:17 -0000 Subject: SUSE-SU-2024:3320-1: important: Security update for the Linux Kernel RT (Live Patch 15 for SLE 15 SP5) Message-ID: <172673461769.27756.4835238063507683812@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 15 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:3320-1 Rating: important References: * bsc#1223363 * bsc#1223683 * bsc#1225013 * bsc#1225099 Cross-References: * CVE-2023-52846 * CVE-2024-26828 * CVE-2024-26923 * CVE-2024-27398 CVSS scores: * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_55 fixes several issues. The following security issues were fixed: * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3320=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3320=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_55-rt-4-150500.11.6.1 * kernel-livepatch-SLE15-SP5-RT_Update_15-debugsource-4-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_55-rt-debuginfo-4-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_55-rt-4-150500.11.6.1 * kernel-livepatch-SLE15-SP5-RT_Update_15-debugsource-4-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_55-rt-debuginfo-4-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 08:30:23 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 08:30:23 -0000 Subject: SUSE-SU-2024:3319-1: important: Security update for the Linux Kernel RT (Live Patch 16 for SLE 15 SP5) Message-ID: <172673462300.27756.14598445373708929788@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 16 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:3319-1 Rating: important References: * bsc#1223683 * bsc#1225099 * bsc#1228349 Cross-References: * CVE-2023-52846 * CVE-2024-26923 * CVE-2024-40909 CVSS scores: * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_58 fixes several issues. The following security issues were fixed: * CVE-2024-40909: Fix a potential use-after-free in bpf_link_free() (bsc#1228349). * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3319=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3319=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_16-debugsource-3-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_58-rt-debuginfo-3-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_58-rt-3-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_16-debugsource-3-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_58-rt-debuginfo-3-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_58-rt-3-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-40909.html * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1228349 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 08:30:37 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 08:30:37 -0000 Subject: SUSE-SU-2024:3318-1: important: Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP5) Message-ID: <172673463740.27756.11805564471075337045@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 11 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:3318-1 Rating: important References: * bsc#1220145 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223681 * bsc#1223683 * bsc#1225013 * bsc#1225099 * bsc#1225310 * bsc#1225313 Cross-References: * CVE-2022-48651 * CVE-2022-48662 * CVE-2023-52502 * CVE-2023-52846 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35950 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 14 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_38 fixes several issues. The following security issues were fixed: * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2022-48662: Fixed GPF in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3318=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3318=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_11-debugsource-6-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_38-rt-6-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_38-rt-debuginfo-6-150500.11.6.1 * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_11-debugsource-6-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_38-rt-6-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_38-rt-debuginfo-6-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 08:31:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 08:31:02 -0000 Subject: SUSE-SU-2024:3324-1: low: Security update for runc Message-ID: <172673466241.27756.300175094344758152@smelt2.prg2.suse.org> # Security update for runc Announcement ID: SUSE-SU-2024:3324-1 Rating: low References: * bsc#1230092 Cross-References: * CVE-2024-45310 CVSS scores: * CVE-2024-45310 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N Affected Products: * Containers Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for runc fixes the following issues: * Update to runc v1.1.14 * CVE-2024-45310: Fixed an issue where runc can be tricked into creating empty files/directories on host. (bsc#1230092) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Containers Module 12 zypper in -t patch SUSE-SLE-Module-Containers-12-2024-3324=1 ## Package List: * Containers Module 12 (ppc64le s390x x86_64) * runc-debuginfo-1.1.14-16.55.1 * runc-1.1.14-16.55.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45310.html * https://bugzilla.suse.com/show_bug.cgi?id=1230092 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 08:31:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 08:31:05 -0000 Subject: SUSE-SU-2024:3323-1: moderate: Security update for wireshark Message-ID: <172673466566.27756.2409978956372367970@smelt2.prg2.suse.org> # Security update for wireshark Announcement ID: SUSE-SU-2024:3323-1 Rating: moderate References: * bsc#1179933 * bsc#1229907 Cross-References: * CVE-2020-26421 * CVE-2024-8250 CVSS scores: * CVE-2020-26421 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2020-26421 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-8250 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-8250 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for wireshark fixes the following issues: * CVE-2024-8250: Fixed NTLMSSP dissector crash (bsc#1229907). * CVE-2020-26421: Fixed USB HID dissector crash (bsc#1179933). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3323=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3323=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3323=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3323=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * wireshark-debugsource-2.4.16-48.57.1 * wireshark-debuginfo-2.4.16-48.57.1 * wireshark-devel-2.4.16-48.57.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * wireshark-debugsource-2.4.16-48.57.1 * libwscodecs1-2.4.16-48.57.1 * libwscodecs1-debuginfo-2.4.16-48.57.1 * libwireshark9-2.4.16-48.57.1 * libwiretap7-2.4.16-48.57.1 * wireshark-gtk-debuginfo-2.4.16-48.57.1 * wireshark-debuginfo-2.4.16-48.57.1 * libwiretap7-debuginfo-2.4.16-48.57.1 * libwsutil8-2.4.16-48.57.1 * wireshark-2.4.16-48.57.1 * wireshark-gtk-2.4.16-48.57.1 * libwsutil8-debuginfo-2.4.16-48.57.1 * libwireshark9-debuginfo-2.4.16-48.57.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * wireshark-debugsource-2.4.16-48.57.1 * libwscodecs1-2.4.16-48.57.1 * libwscodecs1-debuginfo-2.4.16-48.57.1 * libwireshark9-2.4.16-48.57.1 * libwiretap7-2.4.16-48.57.1 * wireshark-gtk-debuginfo-2.4.16-48.57.1 * wireshark-debuginfo-2.4.16-48.57.1 * libwiretap7-debuginfo-2.4.16-48.57.1 * libwsutil8-2.4.16-48.57.1 * wireshark-2.4.16-48.57.1 * wireshark-gtk-2.4.16-48.57.1 * libwsutil8-debuginfo-2.4.16-48.57.1 * libwireshark9-debuginfo-2.4.16-48.57.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * wireshark-debugsource-2.4.16-48.57.1 * libwscodecs1-2.4.16-48.57.1 * libwscodecs1-debuginfo-2.4.16-48.57.1 * libwireshark9-2.4.16-48.57.1 * libwiretap7-2.4.16-48.57.1 * wireshark-gtk-debuginfo-2.4.16-48.57.1 * wireshark-debuginfo-2.4.16-48.57.1 * libwiretap7-debuginfo-2.4.16-48.57.1 * libwsutil8-2.4.16-48.57.1 * wireshark-2.4.16-48.57.1 * wireshark-gtk-2.4.16-48.57.1 * libwsutil8-debuginfo-2.4.16-48.57.1 * libwireshark9-debuginfo-2.4.16-48.57.1 ## References: * https://www.suse.com/security/cve/CVE-2020-26421.html * https://www.suse.com/security/cve/CVE-2024-8250.html * https://bugzilla.suse.com/show_bug.cgi?id=1179933 * https://bugzilla.suse.com/show_bug.cgi?id=1229907 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 12:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 12:30:07 -0000 Subject: SUSE-SU-2024:3333-1: moderate: Security update for wireshark Message-ID: <172674900732.8392.13261952706087346338@smelt2.prg2.suse.org> # Security update for wireshark Announcement ID: SUSE-SU-2024:3333-1 Rating: moderate References: * bsc#1229907 Cross-References: * CVE-2024-8250 CVSS scores: * CVE-2024-8250 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-8250 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for wireshark fixes the following issues: * Upgraded Wireshark to version 3.6.24. * CVE-2024-8250: Fixed NTLMSSP dissector crash (bsc#1229907). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3333=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3333=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-3333=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libwsutil13-3.6.24-150000.3.118.1 * wireshark-ui-qt-3.6.24-150000.3.118.1 * wireshark-debuginfo-3.6.24-150000.3.118.1 * libwsutil13-debuginfo-3.6.24-150000.3.118.1 * libwireshark15-debuginfo-3.6.24-150000.3.118.1 * libwiretap12-3.6.24-150000.3.118.1 * wireshark-debugsource-3.6.24-150000.3.118.1 * libwireshark15-3.6.24-150000.3.118.1 * libwiretap12-debuginfo-3.6.24-150000.3.118.1 * wireshark-devel-3.6.24-150000.3.118.1 * wireshark-ui-qt-debuginfo-3.6.24-150000.3.118.1 * wireshark-3.6.24-150000.3.118.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libwsutil13-3.6.24-150000.3.118.1 * wireshark-debuginfo-3.6.24-150000.3.118.1 * libwsutil13-debuginfo-3.6.24-150000.3.118.1 * libwireshark15-debuginfo-3.6.24-150000.3.118.1 * libwiretap12-3.6.24-150000.3.118.1 * wireshark-debugsource-3.6.24-150000.3.118.1 * libwireshark15-3.6.24-150000.3.118.1 * libwiretap12-debuginfo-3.6.24-150000.3.118.1 * wireshark-3.6.24-150000.3.118.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * wireshark-ui-qt-3.6.24-150000.3.118.1 * wireshark-debuginfo-3.6.24-150000.3.118.1 * wireshark-debugsource-3.6.24-150000.3.118.1 * wireshark-devel-3.6.24-150000.3.118.1 * wireshark-ui-qt-debuginfo-3.6.24-150000.3.118.1 ## References: * https://www.suse.com/security/cve/CVE-2024-8250.html * https://bugzilla.suse.com/show_bug.cgi?id=1229907 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 12:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 12:30:11 -0000 Subject: SUSE-SU-2024:3332-1: moderate: Security update for ucode-intel Message-ID: <172674901158.8392.10110578583832394349@smelt2.prg2.suse.org> # Security update for ucode-intel Announcement ID: SUSE-SU-2024:3332-1 Rating: moderate References: * bsc#1230400 Cross-References: * CVE-2024-23984 * CVE-2024-24968 CVSS scores: * CVE-2024-23984 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-23984 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-23984 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-23984 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-24968 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-24968 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-24968 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-24968 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for ucode-intel fixes the following issues: * Intel CPU Microcode was updated to the 20240910 release (bsc#1230400) * CVE-2024-23984: Observable discrepancy in RAPL interface for some Intel Processors may allow a privileged user to potentially enable information disclosure via local access. * CVE-2024-24968: Improper finite state machines (FSMs) in hardware logic in some Intel Processors may allow an privileged user to potentially enable a denial of service via local access. ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3332=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3332=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3332=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3332=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3332=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3332=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3332=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3332=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3332=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3332=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3332=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3332=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3332=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3332=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3332=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3332=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3332=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3332=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3332=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3332=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3332=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3332=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3332=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3332=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3332=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3332=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3332=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3332=1 ## Package List: * openSUSE Leap Micro 5.5 (x86_64) * ucode-intel-20240910-150200.47.1 * openSUSE Leap 15.5 (x86_64) * ucode-intel-20240910-150200.47.1 * openSUSE Leap 15.6 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * ucode-intel-20240910-150200.47.1 * Basesystem Module 15-SP5 (x86_64) * ucode-intel-20240910-150200.47.1 * Basesystem Module 15-SP6 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Manager Proxy 4.3 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Manager Server 4.3 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Enterprise Storage 7.1 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * ucode-intel-20240910-150200.47.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * ucode-intel-20240910-150200.47.1 ## References: * https://www.suse.com/security/cve/CVE-2024-23984.html * https://www.suse.com/security/cve/CVE-2024-24968.html * https://bugzilla.suse.com/show_bug.cgi?id=1230400 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 16:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 16:30:04 -0000 Subject: SUSE-SU-2024:3338-1: important: Security update for the Linux Kernel Message-ID: <172676340453.27944.1721655358216938282@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3338-1 Rating: important References: * bsc#1230350 * bsc#1230413 Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Real Time Module 15-SP6 An update that has two security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 RT kernel was updated to receive various security bugfixes. The following non-security bugs were fixed: * Drop soundwire patch that caused a regression (bsc#1230350) * Revert "mm, kmsan: fix infinite recursion due to RCU critical section" (bsc#1230413) * Revert "mm/sparsemem: fix race in accessing memory_section->usage" (bsc#1230413) * Revert "mm: prevent derefencing NULL ptr in pfn_section_valid()" (bsc#1230413) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3338=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2024-3338=1 * SUSE Real Time Module 15-SP6 zypper in -t patch SUSE-SLE-Module-RT-15-SP6-2024-3338=1 ## Package List: * openSUSE Leap 15.6 (x86_64) * kernel-rt-vdso-debuginfo-6.4.0-150600.10.11.2 * ocfs2-kmp-rt-6.4.0-150600.10.11.2 * kernel-rt-optional-6.4.0-150600.10.11.2 * kernel-rt_debug-vdso-6.4.0-150600.10.11.2 * kselftests-kmp-rt-6.4.0-150600.10.11.2 * cluster-md-kmp-rt-6.4.0-150600.10.11.2 * kernel-rt_debug-vdso-debuginfo-6.4.0-150600.10.11.2 * kernel-rt_debug-devel-6.4.0-150600.10.11.2 * kernel-rt_debug-debugsource-6.4.0-150600.10.11.2 * dlm-kmp-rt-6.4.0-150600.10.11.2 * kernel-rt-vdso-6.4.0-150600.10.11.2 * kernel-rt-extra-debuginfo-6.4.0-150600.10.11.2 * dlm-kmp-rt-debuginfo-6.4.0-150600.10.11.2 * cluster-md-kmp-rt-debuginfo-6.4.0-150600.10.11.2 * kernel-rt-optional-debuginfo-6.4.0-150600.10.11.2 * kernel-rt-debugsource-6.4.0-150600.10.11.2 * kernel-rt-extra-6.4.0-150600.10.11.2 * kernel-rt-devel-6.4.0-150600.10.11.2 * kernel-rt-livepatch-devel-6.4.0-150600.10.11.2 * gfs2-kmp-rt-6.4.0-150600.10.11.2 * kernel-rt-debuginfo-6.4.0-150600.10.11.2 * kselftests-kmp-rt-debuginfo-6.4.0-150600.10.11.2 * reiserfs-kmp-rt-6.4.0-150600.10.11.2 * kernel-rt_debug-devel-debuginfo-6.4.0-150600.10.11.2 * gfs2-kmp-rt-debuginfo-6.4.0-150600.10.11.2 * reiserfs-kmp-rt-debuginfo-6.4.0-150600.10.11.2 * kernel-rt-devel-debuginfo-6.4.0-150600.10.11.2 * kernel-syms-rt-6.4.0-150600.10.11.1 * kernel-rt_debug-livepatch-devel-6.4.0-150600.10.11.2 * ocfs2-kmp-rt-debuginfo-6.4.0-150600.10.11.2 * kernel-rt_debug-debuginfo-6.4.0-150600.10.11.2 * openSUSE Leap 15.6 (noarch) * kernel-source-rt-6.4.0-150600.10.11.2 * kernel-devel-rt-6.4.0-150600.10.11.2 * openSUSE Leap 15.6 (nosrc x86_64) * kernel-rt_debug-6.4.0-150600.10.11.2 * kernel-rt-6.4.0-150600.10.11.2 * SUSE Linux Enterprise Live Patching 15-SP6 (x86_64) * kernel-livepatch-6_4_0-150600_10_11-rt-debuginfo-1-150600.1.3.2 * kernel-livepatch-6_4_0-150600_10_11-rt-1-150600.1.3.2 * kernel-livepatch-SLE15-SP6-RT_Update_3-debugsource-1-150600.1.3.2 * SUSE Real Time Module 15-SP6 (x86_64) * cluster-md-kmp-rt-6.4.0-150600.10.11.2 * kernel-rt-devel-debuginfo-6.4.0-150600.10.11.2 * kernel-rt_debug-devel-6.4.0-150600.10.11.2 * kernel-syms-rt-6.4.0-150600.10.11.1 * kernel-rt_debug-debugsource-6.4.0-150600.10.11.2 * dlm-kmp-rt-6.4.0-150600.10.11.2 * kernel-rt-devel-6.4.0-150600.10.11.2 * ocfs2-kmp-rt-6.4.0-150600.10.11.2 * gfs2-kmp-rt-6.4.0-150600.10.11.2 * kernel-rt-debuginfo-6.4.0-150600.10.11.2 * dlm-kmp-rt-debuginfo-6.4.0-150600.10.11.2 * cluster-md-kmp-rt-debuginfo-6.4.0-150600.10.11.2 * kernel-rt-debugsource-6.4.0-150600.10.11.2 * kernel-rt_debug-devel-debuginfo-6.4.0-150600.10.11.2 * ocfs2-kmp-rt-debuginfo-6.4.0-150600.10.11.2 * kernel-rt_debug-debuginfo-6.4.0-150600.10.11.2 * gfs2-kmp-rt-debuginfo-6.4.0-150600.10.11.2 * SUSE Real Time Module 15-SP6 (noarch) * kernel-source-rt-6.4.0-150600.10.11.2 * kernel-devel-rt-6.4.0-150600.10.11.2 * SUSE Real Time Module 15-SP6 (nosrc x86_64) * kernel-rt_debug-6.4.0-150600.10.11.2 * kernel-rt-6.4.0-150600.10.11.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1230350 * https://bugzilla.suse.com/show_bug.cgi?id=1230413 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 16:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 16:30:07 -0000 Subject: SUSE-SU-2024:3337-1: important: Security update for the Linux Kernel Message-ID: <172676340797.27944.17044060414889841735@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3337-1 Rating: important References: * bsc#1230413 Affected Products: * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Real Time Module 15-SP5 An update that has one security fix can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following non-security bugs were fixed: * Revert "mm, kmsan: fix infinite recursion due to RCU critical section" (bsc#1230413) * Revert "mm/sparsemem: fix race in accessing memory_section->usage" (bsc#1230413) * Revert "mm: prevent derefencing NULL ptr in pfn_section_valid()" (bsc#1230413) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3337=1 openSUSE-SLE-15.5-2024-3337=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3337=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3337=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3337=1 * SUSE Real Time Module 15-SP5 zypper in -t patch SUSE-SLE-Module-RT-15-SP5-2024-3337=1 ## Package List: * openSUSE Leap 15.5 (noarch) * kernel-devel-rt-5.14.21-150500.13.70.2 * kernel-source-rt-5.14.21-150500.13.70.2 * openSUSE Leap 15.5 (x86_64) * kernel-rt_debug-debuginfo-5.14.21-150500.13.70.2 * ocfs2-kmp-rt-5.14.21-150500.13.70.2 * kernel-rt-debuginfo-5.14.21-150500.13.70.2 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.70.2 * kselftests-kmp-rt-5.14.21-150500.13.70.2 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.70.2 * kernel-rt-optional-debuginfo-5.14.21-150500.13.70.2 * kernel-rt-extra-debuginfo-5.14.21-150500.13.70.2 * kernel-rt-livepatch-devel-5.14.21-150500.13.70.2 * kernel-rt-vdso-5.14.21-150500.13.70.2 * kernel-rt-devel-debuginfo-5.14.21-150500.13.70.2 * dlm-kmp-rt-5.14.21-150500.13.70.2 * kernel-rt_debug-debugsource-5.14.21-150500.13.70.2 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.70.2 * reiserfs-kmp-rt-5.14.21-150500.13.70.2 * kernel-rt_debug-vdso-5.14.21-150500.13.70.2 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.70.2 * kernel-syms-rt-5.14.21-150500.13.70.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.70.2 * kernel-rt-debugsource-5.14.21-150500.13.70.2 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.70.2 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.70.2 * kernel-rt-devel-5.14.21-150500.13.70.2 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.70.2 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.70.2 * kernel-rt-extra-5.14.21-150500.13.70.2 * kernel-livepatch-SLE15-SP5-RT_Update_20-debugsource-1-150500.11.3.2 * kernel-rt_debug-livepatch-devel-5.14.21-150500.13.70.2 * kernel-livepatch-5_14_21-150500_13_70-rt-debuginfo-1-150500.11.3.2 * gfs2-kmp-rt-5.14.21-150500.13.70.2 * kernel-rt-optional-5.14.21-150500.13.70.2 * cluster-md-kmp-rt-5.14.21-150500.13.70.2 * kernel-rt_debug-devel-5.14.21-150500.13.70.2 * kernel-rt-livepatch-5.14.21-150500.13.70.2 * kernel-livepatch-5_14_21-150500_13_70-rt-1-150500.11.3.2 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt_debug-5.14.21-150500.13.70.2 * kernel-rt-5.14.21-150500.13.70.2 * openSUSE Leap Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.70.2 * openSUSE Leap Micro 5.5 (x86_64) * kernel-rt-debuginfo-5.14.21-150500.13.70.2 * kernel-rt-debugsource-5.14.21-150500.13.70.2 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.70.2 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debuginfo-5.14.21-150500.13.70.2 * kernel-rt-debugsource-5.14.21-150500.13.70.2 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.70.2 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_70-rt-1-150500.11.3.2 * kernel-livepatch-SLE15-SP5-RT_Update_20-debugsource-1-150500.11.3.2 * kernel-livepatch-5_14_21-150500_13_70-rt-debuginfo-1-150500.11.3.2 * SUSE Real Time Module 15-SP5 (x86_64) * kernel-rt_debug-debuginfo-5.14.21-150500.13.70.2 * ocfs2-kmp-rt-5.14.21-150500.13.70.2 * kernel-rt-debuginfo-5.14.21-150500.13.70.2 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.70.2 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.70.2 * kernel-rt-vdso-5.14.21-150500.13.70.2 * kernel-rt-devel-debuginfo-5.14.21-150500.13.70.2 * dlm-kmp-rt-5.14.21-150500.13.70.2 * kernel-rt_debug-debugsource-5.14.21-150500.13.70.2 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.70.2 * kernel-rt_debug-vdso-5.14.21-150500.13.70.2 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.70.2 * kernel-syms-rt-5.14.21-150500.13.70.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.70.2 * kernel-rt-debugsource-5.14.21-150500.13.70.2 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.70.2 * kernel-rt-devel-5.14.21-150500.13.70.2 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.70.2 * gfs2-kmp-rt-5.14.21-150500.13.70.2 * cluster-md-kmp-rt-5.14.21-150500.13.70.2 * kernel-rt_debug-devel-5.14.21-150500.13.70.2 * SUSE Real Time Module 15-SP5 (noarch) * kernel-devel-rt-5.14.21-150500.13.70.2 * kernel-source-rt-5.14.21-150500.13.70.2 * SUSE Real Time Module 15-SP5 (nosrc x86_64) * kernel-rt_debug-5.14.21-150500.13.70.2 * kernel-rt-5.14.21-150500.13.70.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1230413 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 16:30:16 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 16:30:16 -0000 Subject: SUSE-SU-2024:3336-1: important: Security update for the Linux Kernel RT (Live Patch 13 for SLE 15 SP5) Message-ID: <172676341622.27944.7227298805370727534@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 13 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:3336-1 Rating: important References: * bsc#1221302 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223683 * bsc#1225013 * bsc#1225099 * bsc#1225310 Cross-References: * CVE-2022-48651 * CVE-2022-48662 * CVE-2023-52846 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-27398 * CVE-2024-35950 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves nine vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_47 fixes several issues. The following security issues were fixed: * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2022-48662: Fixed GPF in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3336=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3336=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource-6-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_47-rt-6-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo-6-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_13-debugsource-6-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_47-rt-6-150500.11.6.1 * kernel-livepatch-5_14_21-150500_13_47-rt-debuginfo-6-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 16:30:21 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 16:30:21 -0000 Subject: SUSE-SU-2024:3334-1: important: Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5) Message-ID: <172676342101.27944.12218995724249442841@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 14 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:3334-1 Rating: important References: * bsc#1223363 * bsc#1223683 * bsc#1225013 * bsc#1225099 Cross-References: * CVE-2023-52846 * CVE-2024-26828 * CVE-2024-26923 * CVE-2024-27398 CVSS scores: * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_65 fixes several issues. The following security issues were fixed: * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3334=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-3340=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3340=1 SUSE-2024-3334=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo-4-150500.11.8.1 * kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource-4-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_52-rt-4-150500.11.8.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_14-debugsource-4-150500.11.6.2 * kernel-livepatch-5_14_21-150500_55_65-default-4-150500.11.6.2 * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-4-150500.11.6.2 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_14-debugsource-4-150500.11.6.2 * kernel-livepatch-5_14_21-150500_55_65-default-4-150500.11.6.2 * kernel-livepatch-5_14_21-150500_55_65-default-debuginfo-4-150500.11.6.2 * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_52-rt-debuginfo-4-150500.11.8.1 * kernel-livepatch-SLE15-SP5-RT_Update_14-debugsource-4-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_52-rt-4-150500.11.8.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 16:30:27 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 16:30:27 -0000 Subject: SUSE-SU-2024:3345-1: moderate: Security update for python-azure-identity Message-ID: <172676342724.27944.8860938786555516917@smelt2.prg2.suse.org> # Security update for python-azure-identity Announcement ID: SUSE-SU-2024:3345-1 Rating: moderate References: * bsc#1230100 Cross-References: * CVE-2024-35255 CVSS scores: * CVE-2024-35255 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-35255 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-azure-identity fixes the following issues: * CVE-2024-35255: Fixed an Azure identity libraries elevation of privilege vulnerability. (bsc#1230100) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3345=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3345=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3345=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-3345=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-3345=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-3345=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-azure-identity-1.15.0-150400.11.6.1 * openSUSE Leap 15.5 (noarch) * python311-azure-identity-1.15.0-150400.11.6.1 * openSUSE Leap 15.6 (noarch) * python311-azure-identity-1.15.0-150400.11.6.1 * Public Cloud Module 15-SP4 (noarch) * python311-azure-identity-1.15.0-150400.11.6.1 * Public Cloud Module 15-SP5 (noarch) * python311-azure-identity-1.15.0-150400.11.6.1 * Public Cloud Module 15-SP6 (noarch) * python311-azure-identity-1.15.0-150400.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-35255.html * https://bugzilla.suse.com/show_bug.cgi?id=1230100 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 16:30:34 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 16:30:34 -0000 Subject: SUSE-SU-2024:3344-1: important: Security update for kubernetes1.25 Message-ID: <172676343496.27944.12168590805348002895@smelt2.prg2.suse.org> # Security update for kubernetes1.25 Announcement ID: SUSE-SU-2024:3344-1 Rating: important References: * bsc#1216109 * bsc#1216123 * bsc#1221400 * bsc#1226136 * bsc#1229858 * bsc#1229867 * bsc#1229869 * bsc#1230323 Cross-References: * CVE-2023-39325 * CVE-2023-44487 * CVE-2023-45288 * CVE-2024-24786 CVSS scores: * CVE-2023-39325 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-39325 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24786 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Containers Module 15-SP5 * Containers Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities and has four security fixes can now be installed. ## Description: This update for kubernetes1.25 fixes the following issues: * CVE-2023-45288: golang.org/x/net: excessive CPU consumption when processing unlimited sets of headers. (bsc#1229869) * CVE-2023-44487: google.golang.org/grpc, kube-apiserver: HTTP/2 rapid reset vulnerability. (bsc#1229869) * CVE-2024-24786: github.com/golang/protobuf: infinite loop when unmarshaling invalid JSON. (bsc#1229867) Bug fixes: * Update go to version 1.22.5 in build requirements. (bsc#1229858) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3344=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3344=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3344=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3344=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3344=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3344=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-3344=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3344=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3344=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * kubernetes1.25-client-common-1.25.16-150400.9.16.1 * kubernetes1.25-client-1.25.16-150400.9.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.25-client-common-1.25.16-150400.9.16.1 * kubernetes1.25-client-1.25.16-150400.9.16.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kubernetes1.25-client-common-1.25.16-150400.9.16.1 * kubernetes1.25-kubelet-1.25.16-150400.9.16.1 * kubernetes1.25-proxy-1.25.16-150400.9.16.1 * kubernetes1.25-kubelet-common-1.25.16-150400.9.16.1 * kubernetes1.25-client-1.25.16-150400.9.16.1 * kubernetes1.25-kubeadm-1.25.16-150400.9.16.1 * kubernetes1.25-scheduler-1.25.16-150400.9.16.1 * kubernetes1.25-apiserver-1.25.16-150400.9.16.1 * kubernetes1.25-controller-manager-1.25.16-150400.9.16.1 * openSUSE Leap 15.4 (noarch) * kubernetes1.25-client-bash-completion-1.25.16-150400.9.16.1 * kubernetes1.25-client-fish-completion-1.25.16-150400.9.16.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.25-client-common-1.25.16-150400.9.16.1 * kubernetes1.25-client-1.25.16-150400.9.16.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kubernetes1.25-client-common-1.25.16-150400.9.16.1 * kubernetes1.25-kubelet-1.25.16-150400.9.16.1 * kubernetes1.25-proxy-1.25.16-150400.9.16.1 * kubernetes1.25-kubelet-common-1.25.16-150400.9.16.1 * kubernetes1.25-client-1.25.16-150400.9.16.1 * kubernetes1.25-kubeadm-1.25.16-150400.9.16.1 * kubernetes1.25-scheduler-1.25.16-150400.9.16.1 * kubernetes1.25-apiserver-1.25.16-150400.9.16.1 * kubernetes1.25-controller-manager-1.25.16-150400.9.16.1 * openSUSE Leap 15.6 (noarch) * kubernetes1.25-client-bash-completion-1.25.16-150400.9.16.1 * kubernetes1.25-client-fish-completion-1.25.16-150400.9.16.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.25-client-common-1.25.16-150400.9.16.1 * kubernetes1.25-client-1.25.16-150400.9.16.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kubernetes1.25-client-common-1.25.16-150400.9.16.1 * kubernetes1.25-client-1.25.16-150400.9.16.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.25-client-common-1.25.16-150400.9.16.1 * kubernetes1.25-client-1.25.16-150400.9.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.25-client-common-1.25.16-150400.9.16.1 * kubernetes1.25-client-1.25.16-150400.9.16.1 ## References: * https://www.suse.com/security/cve/CVE-2023-39325.html * https://www.suse.com/security/cve/CVE-2023-44487.html * https://www.suse.com/security/cve/CVE-2023-45288.html * https://www.suse.com/security/cve/CVE-2024-24786.html * https://bugzilla.suse.com/show_bug.cgi?id=1216109 * https://bugzilla.suse.com/show_bug.cgi?id=1216123 * https://bugzilla.suse.com/show_bug.cgi?id=1221400 * https://bugzilla.suse.com/show_bug.cgi?id=1226136 * https://bugzilla.suse.com/show_bug.cgi?id=1229858 * https://bugzilla.suse.com/show_bug.cgi?id=1229867 * https://bugzilla.suse.com/show_bug.cgi?id=1229869 * https://bugzilla.suse.com/show_bug.cgi?id=1230323 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 16:30:47 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 16:30:47 -0000 Subject: SUSE-SU-2024:3343-1: important: Security update for kubernetes1.24 Message-ID: <172676344709.27944.6537913490300796678@smelt2.prg2.suse.org> # Security update for kubernetes1.24 Announcement ID: SUSE-SU-2024:3343-1 Rating: important References: * bsc#1062303 * bsc#1194400 * bsc#1211630 * bsc#1211631 * bsc#1214406 * bsc#1216109 * bsc#1216123 * bsc#1219964 * bsc#1221400 * bsc#1222539 * bsc#1226136 * bsc#1229858 * bsc#1229867 * bsc#1229869 * bsc#1230323 Cross-References: * CVE-2021-25743 * CVE-2023-2727 * CVE-2023-2728 * CVE-2023-39325 * CVE-2023-44487 * CVE-2023-45288 * CVE-2024-0793 * CVE-2024-24786 * CVE-2024-3177 CVSS scores: * CVE-2021-25743 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2021-25743 ( NVD ): 3.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N * CVE-2023-2727 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2023-2727 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2023-2728 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2023-2728 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2023-39325 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-39325 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0793 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24786 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3177 ( SUSE ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N * CVE-2024-3177 ( NVD ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves nine vulnerabilities and has six security fixes can now be installed. ## Description: This update for kubernetes1.24 fixes the following issues: * CVE-2021-25743: escape, meta and control sequences in raw data output to terminal not neutralized. (bsc#1194400) * CVE-2023-2727: bypass of policies imposed by the ImagePolicyWebhook admission plugin. (bsc#1211630) * CVE-2023-2728: bypass of the mountable secrets policy enforced by the ServiceAccount admission plugin. (bsc#1211631) * CVE-2023-39325: go1.20: excessive resource consumption when dealing with rapid stream resets. (bsc#1229869) * CVE-2023-44487: google.golang.org/grpc, kube-apiserver: HTTP/2 rapid reset vulnerability. (bsc#1229869) * CVE-2023-45288: golang.org/x/net: excessive CPU consumption when processing unlimited sets of headers. (bsc#1229869) * CVE-2024-0793: kube-controller-manager pod crash when processing malformed HPA v1 manifests. (bsc#1219964) * CVE-2024-3177: bypass of the mountable secrets policy enforced by the ServiceAccount admission plugin. (bsc#1222539) * CVE-2024-24786: github.com/golang/protobuf: infinite loop when unmarshaling invalid JSON. (bsc#1229867) Bug fixes: * Use -trimpath in non-DBG mode for reproducible builds. (bsc#1062303) * Fix multiple issues for successful `kubeadm init` run. (bsc#1214406) * Update go to version 1.22.5 in build requirements. (bsc#1229858) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3343=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3343=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3343=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3343=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3343=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-proxy-1.24.17-150300.7.6.1 * kubernetes1.24-kubeadm-1.24.17-150300.7.6.1 * kubernetes1.24-client-common-1.24.17-150300.7.6.1 * kubernetes1.24-kubelet-common-1.24.17-150300.7.6.1 * kubernetes1.24-scheduler-1.24.17-150300.7.6.1 * kubernetes1.24-client-1.24.17-150300.7.6.1 * kubernetes1.24-kubelet-1.24.17-150300.7.6.1 * kubernetes1.24-controller-manager-1.24.17-150300.7.6.1 * kubernetes1.24-apiserver-1.24.17-150300.7.6.1 * openSUSE Leap 15.3 (noarch) * kubernetes1.24-client-fish-completion-1.24.17-150300.7.6.1 * kubernetes1.24-client-bash-completion-1.24.17-150300.7.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * kubernetes1.24-client-1.24.17-150300.7.6.1 * kubernetes1.24-client-common-1.24.17-150300.7.6.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-client-1.24.17-150300.7.6.1 * kubernetes1.24-client-common-1.24.17-150300.7.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * kubernetes1.24-client-1.24.17-150300.7.6.1 * kubernetes1.24-client-common-1.24.17-150300.7.6.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * kubernetes1.24-client-1.24.17-150300.7.6.1 * kubernetes1.24-client-common-1.24.17-150300.7.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-25743.html * https://www.suse.com/security/cve/CVE-2023-2727.html * https://www.suse.com/security/cve/CVE-2023-2728.html * https://www.suse.com/security/cve/CVE-2023-39325.html * https://www.suse.com/security/cve/CVE-2023-44487.html * https://www.suse.com/security/cve/CVE-2023-45288.html * https://www.suse.com/security/cve/CVE-2024-0793.html * https://www.suse.com/security/cve/CVE-2024-24786.html * https://www.suse.com/security/cve/CVE-2024-3177.html * https://bugzilla.suse.com/show_bug.cgi?id=1062303 * https://bugzilla.suse.com/show_bug.cgi?id=1194400 * https://bugzilla.suse.com/show_bug.cgi?id=1211630 * https://bugzilla.suse.com/show_bug.cgi?id=1211631 * https://bugzilla.suse.com/show_bug.cgi?id=1214406 * https://bugzilla.suse.com/show_bug.cgi?id=1216109 * https://bugzilla.suse.com/show_bug.cgi?id=1216123 * https://bugzilla.suse.com/show_bug.cgi?id=1219964 * https://bugzilla.suse.com/show_bug.cgi?id=1221400 * https://bugzilla.suse.com/show_bug.cgi?id=1222539 * https://bugzilla.suse.com/show_bug.cgi?id=1226136 * https://bugzilla.suse.com/show_bug.cgi?id=1229858 * https://bugzilla.suse.com/show_bug.cgi?id=1229867 * https://bugzilla.suse.com/show_bug.cgi?id=1229869 * https://bugzilla.suse.com/show_bug.cgi?id=1230323 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 16:30:53 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 16:30:53 -0000 Subject: SUSE-SU-2024:3342-1: important: Security update for kubernetes1.24 Message-ID: <172676345315.27944.8957655904265403469@smelt2.prg2.suse.org> # Security update for kubernetes1.24 Announcement ID: SUSE-SU-2024:3342-1 Rating: important References: * bsc#1216109 * bsc#1216123 * bsc#1221400 * bsc#1226136 * bsc#1229858 * bsc#1229867 * bsc#1229869 * bsc#1230323 Cross-References: * CVE-2023-39325 * CVE-2023-44487 * CVE-2023-45288 * CVE-2024-24786 CVSS scores: * CVE-2023-39325 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-39325 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24786 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities and has four security fixes can now be installed. ## Description: This update for kubernetes1.24 fixes the following issues: * CVE-2023-39325: go1.20: excessive resource consumption when dealing with rapid stream resets. (bsc#1229869) * CVE-2023-44487: google.golang.org/grpc, kube-apiserver: HTTP/2 rapid reset vulnerability. (bsc#1229869) * CVE-2023-45288: golang.org/x/net: excessive CPU consumption when processing unlimited sets of headers. (bsc#1229869) * CVE-2024-24786: github.com/golang/protobuf: infinite loop when unmarshaling invalid JSON. (bsc#1229867) Bug fixes: * Update go to version 1.22.5 in build requirements. (bsc#1229858) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3342=1 openSUSE-SLE-15.5-2024-3342=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3342=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3342=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-apiserver-1.24.17-150500.3.22.1 * kubernetes1.24-proxy-1.24.17-150500.3.22.1 * kubernetes1.24-kubelet-1.24.17-150500.3.22.1 * kubernetes1.24-kubelet-common-1.24.17-150500.3.22.1 * kubernetes1.24-client-common-1.24.17-150500.3.22.1 * kubernetes1.24-kubeadm-1.24.17-150500.3.22.1 * kubernetes1.24-scheduler-1.24.17-150500.3.22.1 * kubernetes1.24-client-1.24.17-150500.3.22.1 * kubernetes1.24-controller-manager-1.24.17-150500.3.22.1 * openSUSE Leap 15.5 (noarch) * kubernetes1.24-client-fish-completion-1.24.17-150500.3.22.1 * kubernetes1.24-client-bash-completion-1.24.17-150500.3.22.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-apiserver-1.24.17-150500.3.22.1 * kubernetes1.24-proxy-1.24.17-150500.3.22.1 * kubernetes1.24-kubelet-1.24.17-150500.3.22.1 * kubernetes1.24-kubelet-common-1.24.17-150500.3.22.1 * kubernetes1.24-client-common-1.24.17-150500.3.22.1 * kubernetes1.24-kubeadm-1.24.17-150500.3.22.1 * kubernetes1.24-scheduler-1.24.17-150500.3.22.1 * kubernetes1.24-client-1.24.17-150500.3.22.1 * kubernetes1.24-controller-manager-1.24.17-150500.3.22.1 * openSUSE Leap 15.6 (noarch) * kubernetes1.24-client-fish-completion-1.24.17-150500.3.22.1 * kubernetes1.24-client-bash-completion-1.24.17-150500.3.22.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-client-1.24.17-150500.3.22.1 * kubernetes1.24-client-common-1.24.17-150500.3.22.1 ## References: * https://www.suse.com/security/cve/CVE-2023-39325.html * https://www.suse.com/security/cve/CVE-2023-44487.html * https://www.suse.com/security/cve/CVE-2023-45288.html * https://www.suse.com/security/cve/CVE-2024-24786.html * https://bugzilla.suse.com/show_bug.cgi?id=1216109 * https://bugzilla.suse.com/show_bug.cgi?id=1216123 * https://bugzilla.suse.com/show_bug.cgi?id=1221400 * https://bugzilla.suse.com/show_bug.cgi?id=1226136 * https://bugzilla.suse.com/show_bug.cgi?id=1229858 * https://bugzilla.suse.com/show_bug.cgi?id=1229867 * https://bugzilla.suse.com/show_bug.cgi?id=1229869 * https://bugzilla.suse.com/show_bug.cgi?id=1230323 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 16:31:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 16:31:04 -0000 Subject: SUSE-SU-2024:3341-1: important: Security update for kubernetes1.23 Message-ID: <172676346408.27944.17739822986870279438@smelt2.prg2.suse.org> # Security update for kubernetes1.23 Announcement ID: SUSE-SU-2024:3341-1 Rating: important References: * bsc#1062303 * bsc#1194400 * bsc#1211630 * bsc#1211631 * bsc#1214406 * bsc#1216109 * bsc#1216123 * bsc#1219964 * bsc#1221400 * bsc#1222539 * bsc#1226136 * bsc#1229858 * bsc#1229867 * bsc#1229869 * bsc#1230323 Cross-References: * CVE-2021-25743 * CVE-2023-2727 * CVE-2023-2728 * CVE-2023-39325 * CVE-2023-44487 * CVE-2023-45288 * CVE-2024-0793 * CVE-2024-24786 * CVE-2024-3177 CVSS scores: * CVE-2021-25743 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2021-25743 ( NVD ): 3.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:N/I:L/A:N * CVE-2023-2727 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2023-2727 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2023-2728 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2023-2728 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2023-39325 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-39325 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0793 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24786 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3177 ( SUSE ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N * CVE-2024-3177 ( NVD ): 2.7 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves nine vulnerabilities and has six security fixes can now be installed. ## Description: This update for kubernetes1.23 fixes the following issues: * CVE-2021-25743: escape, meta and control sequences in raw data output to terminal not neutralized. (bsc#1194400) * CVE-2023-2727: bypass of policies imposed by the ImagePolicyWebhook admission plugin. (bsc#1211630) * CVE-2023-2728: bypass of the mountable secrets policy enforced by the ServiceAccount admission plugin. (bsc#1211631) * CVE-2023-39325: go1.20: excessive resource consumption when dealing with rapid stream resets. (bsc#1229869) * CVE-2023-44487: google.golang.org/grpc, kube-apiserver: HTTP/2 rapid reset vulnerability. (bsc#1229869) * CVE-2023-45288: golang.org/x/net: excessive CPU consumption when processing unlimited sets of headers. (bsc#1229869) * CVE-2024-0793: kube-controller-manager pod crash when processing malformed HPA v1 manifests. (bsc#1219964) * CVE-2024-3177: bypass of the mountable secrets policy enforced by the ServiceAccount admission plugin. (bsc#1222539) * CVE-2024-24786: github.com/golang/protobuf: infinite loop when unmarshaling invalid JSON. (bsc#1229867) Bug fixes: * Use -trimpath in non-DBG mode for reproducible builds. (bsc#1062303) * Fix multiple issues for successful `kubeadm init` run. (bsc#1214406) * Update go to version 1.22.5 in build requirements. (bsc#1229858) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3341=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3341=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3341=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3341=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3341=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-kubelet-common-1.24.17-150400.9.16.1 * kubernetes1.24-kubelet-1.24.17-150400.9.16.1 * kubernetes1.24-scheduler-1.24.17-150400.9.16.1 * kubernetes1.24-client-common-1.24.17-150400.9.16.1 * kubernetes1.24-controller-manager-1.24.17-150400.9.16.1 * kubernetes1.24-apiserver-1.24.17-150400.9.16.1 * kubernetes1.24-proxy-1.24.17-150400.9.16.1 * kubernetes1.24-kubeadm-1.24.17-150400.9.16.1 * kubernetes1.24-client-1.24.17-150400.9.16.1 * openSUSE Leap 15.4 (noarch) * kubernetes1.24-client-bash-completion-1.24.17-150400.9.16.1 * kubernetes1.24-client-fish-completion-1.24.17-150400.9.16.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.24-client-common-1.24.17-150400.9.16.1 * kubernetes1.24-client-1.24.17-150400.9.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.24-client-common-1.24.17-150400.9.16.1 * kubernetes1.24-client-1.24.17-150400.9.16.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-client-common-1.24.17-150400.9.16.1 * kubernetes1.24-client-1.24.17-150400.9.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.24-client-common-1.24.17-150400.9.16.1 * kubernetes1.24-client-1.24.17-150400.9.16.1 ## References: * https://www.suse.com/security/cve/CVE-2021-25743.html * https://www.suse.com/security/cve/CVE-2023-2727.html * https://www.suse.com/security/cve/CVE-2023-2728.html * https://www.suse.com/security/cve/CVE-2023-39325.html * https://www.suse.com/security/cve/CVE-2023-44487.html * https://www.suse.com/security/cve/CVE-2023-45288.html * https://www.suse.com/security/cve/CVE-2024-0793.html * https://www.suse.com/security/cve/CVE-2024-24786.html * https://www.suse.com/security/cve/CVE-2024-3177.html * https://bugzilla.suse.com/show_bug.cgi?id=1062303 * https://bugzilla.suse.com/show_bug.cgi?id=1194400 * https://bugzilla.suse.com/show_bug.cgi?id=1211630 * https://bugzilla.suse.com/show_bug.cgi?id=1211631 * https://bugzilla.suse.com/show_bug.cgi?id=1214406 * https://bugzilla.suse.com/show_bug.cgi?id=1216109 * https://bugzilla.suse.com/show_bug.cgi?id=1216123 * https://bugzilla.suse.com/show_bug.cgi?id=1219964 * https://bugzilla.suse.com/show_bug.cgi?id=1221400 * https://bugzilla.suse.com/show_bug.cgi?id=1222539 * https://bugzilla.suse.com/show_bug.cgi?id=1226136 * https://bugzilla.suse.com/show_bug.cgi?id=1229858 * https://bugzilla.suse.com/show_bug.cgi?id=1229867 * https://bugzilla.suse.com/show_bug.cgi?id=1229869 * https://bugzilla.suse.com/show_bug.cgi?id=1230323 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 16:31:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 16:31:10 -0000 Subject: SUSE-SU-2024:3339-1: moderate: Security update for libmfx Message-ID: <172676347065.27944.6680302402540460500@smelt2.prg2.suse.org> # Security update for libmfx Announcement ID: SUSE-SU-2024:3339-1 Rating: moderate References: * bsc#1219494 * bsc#1226892 * bsc#1226897 * bsc#1226898 * bsc#1226899 * bsc#1226900 * bsc#1226901 * jsc#PED-10024 Cross-References: * CVE-2023-22656 * CVE-2023-45221 * CVE-2023-47169 * CVE-2023-47282 * CVE-2023-48368 CVSS scores: * CVE-2023-22656 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2023-45221 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2023-47169 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-47282 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2023-48368 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H Affected Products: * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves five vulnerabilities, contains one feature and has two security fixes can now be installed. ## Description: This update for libmfx fixes the following issues: * CVE-2023-48368: Fixed an improper input validation. (bsc#1226897) * CVE-2023-45221: Fixed an improper buffer restrictions. (bsc#1226898) * CVE-2023-22656: Fixed an out-of-bounds read. (bsc#1226899) * CVE-2023-47282: Fixed an out-of-bounds write. (bsc#1226900) * CVE-2023-47169: Fixed an improper buffer restrictions. (bsc#1226901) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3339=1 SUSE-2024-3339=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-3339=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3339=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * libmfx1-22.6.1-150500.3.5.1 * libmfx-22.6.1-150500.3.5.1 * libmfx-debugsource-22.6.1-150500.3.5.1 * libmfx1-debuginfo-22.6.1-150500.3.5.1 * Desktop Applications Module 15-SP5 (x86_64) * libmfx1-22.6.1-150500.3.5.1 * libmfx-debugsource-22.6.1-150500.3.5.1 * libmfx1-debuginfo-22.6.1-150500.3.5.1 * SUSE Package Hub 15 15-SP5 (x86_64) * libmfx1-22.6.1-150500.3.5.1 ## References: * https://www.suse.com/security/cve/CVE-2023-22656.html * https://www.suse.com/security/cve/CVE-2023-45221.html * https://www.suse.com/security/cve/CVE-2023-47169.html * https://www.suse.com/security/cve/CVE-2023-47282.html * https://www.suse.com/security/cve/CVE-2023-48368.html * https://bugzilla.suse.com/show_bug.cgi?id=1219494 * https://bugzilla.suse.com/show_bug.cgi?id=1226892 * https://bugzilla.suse.com/show_bug.cgi?id=1226897 * https://bugzilla.suse.com/show_bug.cgi?id=1226898 * https://bugzilla.suse.com/show_bug.cgi?id=1226899 * https://bugzilla.suse.com/show_bug.cgi?id=1226900 * https://bugzilla.suse.com/show_bug.cgi?id=1226901 * https://jira.suse.com/browse/PED-10024 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 20:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 20:30:14 -0000 Subject: SUSE-SU-2024:3349-1: important: Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5) Message-ID: <172677781475.27756.5115618394704964904@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 13 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:3349-1 Rating: important References: * bsc#1223363 * bsc#1223683 * bsc#1225013 * bsc#1225099 Cross-References: * CVE-2023-52846 * CVE-2024-26828 * CVE-2024-26923 * CVE-2024-27398 CVSS scores: * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_62 fixes several issues. The following security issues were fixed: * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3349=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3349=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_13-debugsource-4-150500.11.6.2 * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-4-150500.11.6.2 * kernel-livepatch-5_14_21-150500_55_62-default-4-150500.11.6.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_13-debugsource-4-150500.11.6.2 * kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-4-150500.11.6.2 * kernel-livepatch-5_14_21-150500_55_62-default-4-150500.11.6.2 ## References: * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 20:30:23 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 20:30:23 -0000 Subject: SUSE-SU-2024:3348-1: important: Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5) Message-ID: <172677782329.27756.13811599239826737975@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 12 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:3348-1 Rating: important References: * bsc#1221302 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223683 * bsc#1225013 * bsc#1225099 * bsc#1225310 Cross-References: * CVE-2022-48651 * CVE-2022-48662 * CVE-2023-52846 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-27398 * CVE-2024-35950 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves nine vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_59 fixes several issues. The following security issues were fixed: * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2022-48662: Fixed GPF in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3348=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3348=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_59-default-6-150500.11.10.2 * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-6-150500.11.10.2 * kernel-livepatch-SLE15-SP5_Update_12-debugsource-6-150500.11.10.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_59-default-6-150500.11.10.2 * kernel-livepatch-5_14_21-150500_55_59-default-debuginfo-6-150500.11.10.2 * kernel-livepatch-SLE15-SP5_Update_12-debugsource-6-150500.11.10.2 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 19 20:30:34 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 19 Sep 2024 20:30:34 -0000 Subject: SUSE-SU-2024:3347-1: important: Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5) Message-ID: <172677783484.27756.14748829554543418945@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 11 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:3347-1 Rating: important References: * bsc#1220145 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223681 * bsc#1223683 * bsc#1225013 * bsc#1225099 * bsc#1225310 * bsc#1225313 Cross-References: * CVE-2022-48651 * CVE-2022-48662 * CVE-2023-52502 * CVE-2023-52846 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35950 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 14 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_52 fixes several issues. The following security issues were fixed: * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2022-48662: Fixed GPF in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3347=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3347=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-6-150500.11.6.2 * kernel-livepatch-SLE15-SP5_Update_11-debugsource-6-150500.11.6.2 * kernel-livepatch-5_14_21-150500_55_52-default-6-150500.11.6.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-6-150500.11.6.2 * kernel-livepatch-SLE15-SP5_Update_11-debugsource-6-150500.11.6.2 * kernel-livepatch-5_14_21-150500_55_52-default-6-150500.11.6.2 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 20 08:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 20 Sep 2024 08:30:06 -0000 Subject: SUSE-SU-2024:3350-1: important: Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5) Message-ID: <172682100676.26477.7248820707154847004@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:3350-1 Rating: important References: * bsc#1223683 * bsc#1225099 * bsc#1228349 Cross-References: * CVE-2023-52846 * CVE-2024-26923 * CVE-2024-40909 CVSS scores: * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_68 fixes several issues. The following security issues were fixed: * CVE-2024-40909: Fix a potential use-after-free in bpf_link_free() (bsc#1228349). * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3350=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3350=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_15-debugsource-3-150500.11.6.2 * kernel-livepatch-5_14_21-150500_55_68-default-3-150500.11.6.2 * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-3-150500.11.6.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_15-debugsource-3-150500.11.6.2 * kernel-livepatch-5_14_21-150500_55_68-default-3-150500.11.6.2 * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-3-150500.11.6.2 ## References: * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-40909.html * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1228349 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 20 12:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 20 Sep 2024 12:30:04 -0000 Subject: SUSE-SU-2024:3353-1: moderate: Security update for python36 Message-ID: <172683540429.27756.6751734670527549807@smelt2.prg2.suse.org> # Security update for python36 Announcement ID: SUSE-SU-2024:3353-1 Rating: moderate References: * bsc#1227233 Cross-References: * CVE-2024-5642 CVSS scores: * CVE-2024-5642 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python36 fixes the following issues: * CVE-2024-5642: Fixed invalid value sent to underlying OpenSSL API may cause a buffer overread when NPN is used (bsc#1227233) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3353=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3353=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3353=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3353=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * python36-base-3.6.15-64.1 * libpython3_6m1_0-3.6.15-64.1 * python36-debuginfo-3.6.15-64.1 * libpython3_6m1_0-debuginfo-3.6.15-64.1 * python36-debugsource-3.6.15-64.1 * python36-base-debuginfo-3.6.15-64.1 * python36-3.6.15-64.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libpython3_6m1_0-debuginfo-32bit-3.6.15-64.1 * libpython3_6m1_0-32bit-3.6.15-64.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * python36-base-3.6.15-64.1 * libpython3_6m1_0-3.6.15-64.1 * python36-debuginfo-3.6.15-64.1 * libpython3_6m1_0-debuginfo-3.6.15-64.1 * python36-debugsource-3.6.15-64.1 * python36-base-debuginfo-3.6.15-64.1 * python36-3.6.15-64.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libpython3_6m1_0-debuginfo-32bit-3.6.15-64.1 * libpython3_6m1_0-32bit-3.6.15-64.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * python36-base-3.6.15-64.1 * libpython3_6m1_0-3.6.15-64.1 * python36-debuginfo-3.6.15-64.1 * libpython3_6m1_0-debuginfo-3.6.15-64.1 * python36-debugsource-3.6.15-64.1 * python36-base-debuginfo-3.6.15-64.1 * python36-3.6.15-64.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libpython3_6m1_0-debuginfo-32bit-3.6.15-64.1 * libpython3_6m1_0-32bit-3.6.15-64.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * python36-devel-3.6.15-64.1 ## References: * https://www.suse.com/security/cve/CVE-2024-5642.html * https://bugzilla.suse.com/show_bug.cgi?id=1227233 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 20 12:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 20 Sep 2024 12:30:07 -0000 Subject: SUSE-SU-2024:3351-1: moderate: Security update for python3 Message-ID: <172683540737.27756.17633692480174429773@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2024:3351-1 Rating: moderate References: * bsc#1227233 Cross-References: * CVE-2024-5642 CVSS scores: * CVE-2024-5642 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L Affected Products: * SUSE Linux Enterprise Micro 5.1 An update that solves one vulnerability can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2024-5642: buffer overread when NPN is used and invalid values are sent to the OpenSSL API. (bsc#1227233) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3351=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * python3-base-debuginfo-3.6.15-150000.3.158.1 * python3-debugsource-3.6.15-150000.3.158.1 * python3-3.6.15-150000.3.158.1 * python3-core-debugsource-3.6.15-150000.3.158.1 * libpython3_6m1_0-debuginfo-3.6.15-150000.3.158.1 * python3-debuginfo-3.6.15-150000.3.158.1 * libpython3_6m1_0-3.6.15-150000.3.158.1 * python3-base-3.6.15-150000.3.158.1 ## References: * https://www.suse.com/security/cve/CVE-2024-5642.html * https://bugzilla.suse.com/show_bug.cgi?id=1227233 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 20 16:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 20 Sep 2024 16:30:11 -0000 Subject: SUSE-SU-2024:3358-1: important: Security update for ffmpeg-4 Message-ID: <172684981183.28013.138553024187221216@smelt2.prg2.suse.org> # Security update for ffmpeg-4 Announcement ID: SUSE-SU-2024:3358-1 Rating: important References: * bsc#1226892 * bsc#1226897 * bsc#1226898 * bsc#1226899 * bsc#1226900 * bsc#1226901 * bsc#1229026 * jsc#PED-10024 Cross-References: * CVE-2023-22656 * CVE-2023-45221 * CVE-2023-47169 * CVE-2023-47282 * CVE-2023-48368 * CVE-2024-7055 CVSS scores: * CVE-2023-22656 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2023-45221 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2023-47169 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-47282 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2023-48368 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H * CVE-2024-7055 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves six vulnerabilities, contains one feature and has one security fix can now be installed. ## Description: This update for ffmpeg-4 fixes the following issues: * Dropped support for libmfx to fix the following CVEs: * libmfx: improper input validation (CVE-2023-48368, bsc#1226897) * libmfx: improper buffer restrictions (CVE-2023-45221, bsc#1226898) * libmfx: out-of-bounds read (CVE-2023-22656, bsc#1226899) * libmfx: out-of-bounds write (CVE-2023-47282, bsc#1226900) * libmfx: improper buffer restrictions (CVE-2023-47169, bsc#1226901) * CVE-2024-7055: heap-based buffer overflow in pnmdec.c from the libavcodec library. (bsc#1229026) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3358=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3358=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3358=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3358=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3358=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3358=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3358=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3358=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-3358=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libavformat58_76-4.4-150400.3.42.1 * ffmpeg-4-libswscale-devel-4.4-150400.3.42.1 * libavdevice58_13-4.4-150400.3.42.1 * libavutil56_70-debuginfo-4.4-150400.3.42.1 * libpostproc55_9-debuginfo-4.4-150400.3.42.1 * ffmpeg-4-private-devel-4.4-150400.3.42.1 * libavformat58_76-debuginfo-4.4-150400.3.42.1 * libavfilter7_110-4.4-150400.3.42.1 * ffmpeg-4-4.4-150400.3.42.1 * ffmpeg-4-debuginfo-4.4-150400.3.42.1 * libswscale5_9-4.4-150400.3.42.1 * libavcodec58_134-4.4-150400.3.42.1 * libswscale5_9-debuginfo-4.4-150400.3.42.1 * ffmpeg-4-debugsource-4.4-150400.3.42.1 * ffmpeg-4-libavfilter-devel-4.4-150400.3.42.1 * ffmpeg-4-libavcodec-devel-4.4-150400.3.42.1 * libavutil56_70-4.4-150400.3.42.1 * ffmpeg-4-libavformat-devel-4.4-150400.3.42.1 * libavdevice58_13-debuginfo-4.4-150400.3.42.1 * ffmpeg-4-libswresample-devel-4.4-150400.3.42.1 * ffmpeg-4-libpostproc-devel-4.4-150400.3.42.1 * libavcodec58_134-debuginfo-4.4-150400.3.42.1 * libavresample4_0-4.4-150400.3.42.1 * libswresample3_9-4.4-150400.3.42.1 * ffmpeg-4-libavutil-devel-4.4-150400.3.42.1 * ffmpeg-4-libavresample-devel-4.4-150400.3.42.1 * libavfilter7_110-debuginfo-4.4-150400.3.42.1 * libpostproc55_9-4.4-150400.3.42.1 * ffmpeg-4-libavdevice-devel-4.4-150400.3.42.1 * libswresample3_9-debuginfo-4.4-150400.3.42.1 * libavresample4_0-debuginfo-4.4-150400.3.42.1 * openSUSE Leap 15.4 (x86_64) * libavresample4_0-32bit-4.4-150400.3.42.1 * libswresample3_9-32bit-4.4-150400.3.42.1 * libavfilter7_110-32bit-debuginfo-4.4-150400.3.42.1 * libavformat58_76-32bit-4.4-150400.3.42.1 * libpostproc55_9-32bit-4.4-150400.3.42.1 * libswresample3_9-32bit-debuginfo-4.4-150400.3.42.1 * libpostproc55_9-32bit-debuginfo-4.4-150400.3.42.1 * libswscale5_9-32bit-4.4-150400.3.42.1 * libswscale5_9-32bit-debuginfo-4.4-150400.3.42.1 * libavresample4_0-32bit-debuginfo-4.4-150400.3.42.1 * libavutil56_70-32bit-debuginfo-4.4-150400.3.42.1 * libavformat58_76-32bit-debuginfo-4.4-150400.3.42.1 * libavutil56_70-32bit-4.4-150400.3.42.1 * libavdevice58_13-32bit-debuginfo-4.4-150400.3.42.1 * libavdevice58_13-32bit-4.4-150400.3.42.1 * libavfilter7_110-32bit-4.4-150400.3.42.1 * libavcodec58_134-32bit-debuginfo-4.4-150400.3.42.1 * libavcodec58_134-32bit-4.4-150400.3.42.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libswresample3_9-64bit-4.4-150400.3.42.1 * libswscale5_9-64bit-debuginfo-4.4-150400.3.42.1 * libavdevice58_13-64bit-debuginfo-4.4-150400.3.42.1 * libavutil56_70-64bit-debuginfo-4.4-150400.3.42.1 * libavdevice58_13-64bit-4.4-150400.3.42.1 * libavfilter7_110-64bit-4.4-150400.3.42.1 * libavfilter7_110-64bit-debuginfo-4.4-150400.3.42.1 * libavcodec58_134-64bit-debuginfo-4.4-150400.3.42.1 * libpostproc55_9-64bit-4.4-150400.3.42.1 * libavcodec58_134-64bit-4.4-150400.3.42.1 * libpostproc55_9-64bit-debuginfo-4.4-150400.3.42.1 * libavresample4_0-64bit-debuginfo-4.4-150400.3.42.1 * libswresample3_9-64bit-debuginfo-4.4-150400.3.42.1 * libavformat58_76-64bit-4.4-150400.3.42.1 * libavformat58_76-64bit-debuginfo-4.4-150400.3.42.1 * libswscale5_9-64bit-4.4-150400.3.42.1 * libavresample4_0-64bit-4.4-150400.3.42.1 * libavutil56_70-64bit-4.4-150400.3.42.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libavformat58_76-4.4-150400.3.42.1 * ffmpeg-4-libswscale-devel-4.4-150400.3.42.1 * libavdevice58_13-4.4-150400.3.42.1 * libavutil56_70-debuginfo-4.4-150400.3.42.1 * libpostproc55_9-debuginfo-4.4-150400.3.42.1 * ffmpeg-4-private-devel-4.4-150400.3.42.1 * libavformat58_76-debuginfo-4.4-150400.3.42.1 * libavfilter7_110-4.4-150400.3.42.1 * ffmpeg-4-4.4-150400.3.42.1 * ffmpeg-4-debuginfo-4.4-150400.3.42.1 * libswscale5_9-4.4-150400.3.42.1 * libavcodec58_134-4.4-150400.3.42.1 * libswscale5_9-debuginfo-4.4-150400.3.42.1 * ffmpeg-4-debugsource-4.4-150400.3.42.1 * ffmpeg-4-libavfilter-devel-4.4-150400.3.42.1 * ffmpeg-4-libavcodec-devel-4.4-150400.3.42.1 * libavutil56_70-4.4-150400.3.42.1 * ffmpeg-4-libavformat-devel-4.4-150400.3.42.1 * libavdevice58_13-debuginfo-4.4-150400.3.42.1 * ffmpeg-4-libswresample-devel-4.4-150400.3.42.1 * ffmpeg-4-libpostproc-devel-4.4-150400.3.42.1 * libavcodec58_134-debuginfo-4.4-150400.3.42.1 * libavresample4_0-4.4-150400.3.42.1 * libswresample3_9-4.4-150400.3.42.1 * ffmpeg-4-libavutil-devel-4.4-150400.3.42.1 * ffmpeg-4-libavresample-devel-4.4-150400.3.42.1 * libavfilter7_110-debuginfo-4.4-150400.3.42.1 * libpostproc55_9-4.4-150400.3.42.1 * ffmpeg-4-libavdevice-devel-4.4-150400.3.42.1 * libswresample3_9-debuginfo-4.4-150400.3.42.1 * libavresample4_0-debuginfo-4.4-150400.3.42.1 * openSUSE Leap 15.5 (x86_64) * libavresample4_0-32bit-4.4-150400.3.42.1 * libswresample3_9-32bit-4.4-150400.3.42.1 * libavfilter7_110-32bit-debuginfo-4.4-150400.3.42.1 * libavformat58_76-32bit-4.4-150400.3.42.1 * libpostproc55_9-32bit-4.4-150400.3.42.1 * libswresample3_9-32bit-debuginfo-4.4-150400.3.42.1 * libpostproc55_9-32bit-debuginfo-4.4-150400.3.42.1 * libswscale5_9-32bit-4.4-150400.3.42.1 * libswscale5_9-32bit-debuginfo-4.4-150400.3.42.1 * libavresample4_0-32bit-debuginfo-4.4-150400.3.42.1 * libavutil56_70-32bit-debuginfo-4.4-150400.3.42.1 * libavformat58_76-32bit-debuginfo-4.4-150400.3.42.1 * libavutil56_70-32bit-4.4-150400.3.42.1 * libavdevice58_13-32bit-debuginfo-4.4-150400.3.42.1 * libavdevice58_13-32bit-4.4-150400.3.42.1 * libavfilter7_110-32bit-4.4-150400.3.42.1 * libavcodec58_134-32bit-debuginfo-4.4-150400.3.42.1 * libavcodec58_134-32bit-4.4-150400.3.42.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * libavformat58_76-4.4-150400.3.42.1 * ffmpeg-4-libswscale-devel-4.4-150400.3.42.1 * libavdevice58_13-4.4-150400.3.42.1 * libavutil56_70-debuginfo-4.4-150400.3.42.1 * libpostproc55_9-debuginfo-4.4-150400.3.42.1 * ffmpeg-4-private-devel-4.4-150400.3.42.1 * libavformat58_76-debuginfo-4.4-150400.3.42.1 * libavfilter7_110-4.4-150400.3.42.1 * ffmpeg-4-4.4-150400.3.42.1 * ffmpeg-4-debuginfo-4.4-150400.3.42.1 * libswscale5_9-4.4-150400.3.42.1 * libavcodec58_134-4.4-150400.3.42.1 * libswscale5_9-debuginfo-4.4-150400.3.42.1 * ffmpeg-4-debugsource-4.4-150400.3.42.1 * ffmpeg-4-libavfilter-devel-4.4-150400.3.42.1 * ffmpeg-4-libavcodec-devel-4.4-150400.3.42.1 * libavutil56_70-4.4-150400.3.42.1 * ffmpeg-4-libavformat-devel-4.4-150400.3.42.1 * libavdevice58_13-debuginfo-4.4-150400.3.42.1 * ffmpeg-4-libswresample-devel-4.4-150400.3.42.1 * ffmpeg-4-libpostproc-devel-4.4-150400.3.42.1 * libavcodec58_134-debuginfo-4.4-150400.3.42.1 * libavresample4_0-4.4-150400.3.42.1 * libswresample3_9-4.4-150400.3.42.1 * ffmpeg-4-libavutil-devel-4.4-150400.3.42.1 * ffmpeg-4-libavresample-devel-4.4-150400.3.42.1 * libavfilter7_110-debuginfo-4.4-150400.3.42.1 * libpostproc55_9-4.4-150400.3.42.1 * ffmpeg-4-libavdevice-devel-4.4-150400.3.42.1 * libswresample3_9-debuginfo-4.4-150400.3.42.1 * libavresample4_0-debuginfo-4.4-150400.3.42.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libavformat58_76-4.4-150400.3.42.1 * libavutil56_70-debuginfo-4.4-150400.3.42.1 * libpostproc55_9-debuginfo-4.4-150400.3.42.1 * libpostproc55_9-4.4-150400.3.42.1 * libavcodec58_134-4.4-150400.3.42.1 * libavformat58_76-debuginfo-4.4-150400.3.42.1 * libswresample3_9-debuginfo-4.4-150400.3.42.1 * libavcodec58_134-debuginfo-4.4-150400.3.42.1 * ffmpeg-4-debugsource-4.4-150400.3.42.1 * ffmpeg-4-debuginfo-4.4-150400.3.42.1 * libswresample3_9-4.4-150400.3.42.1 * libavutil56_70-4.4-150400.3.42.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libavformat58_76-4.4-150400.3.42.1 * libavutil56_70-debuginfo-4.4-150400.3.42.1 * libpostproc55_9-debuginfo-4.4-150400.3.42.1 * libpostproc55_9-4.4-150400.3.42.1 * libavcodec58_134-4.4-150400.3.42.1 * libavformat58_76-debuginfo-4.4-150400.3.42.1 * libswresample3_9-debuginfo-4.4-150400.3.42.1 * libavcodec58_134-debuginfo-4.4-150400.3.42.1 * ffmpeg-4-debugsource-4.4-150400.3.42.1 * ffmpeg-4-debuginfo-4.4-150400.3.42.1 * libswresample3_9-4.4-150400.3.42.1 * libavutil56_70-4.4-150400.3.42.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libavformat58_76-4.4-150400.3.42.1 * libavutil56_70-debuginfo-4.4-150400.3.42.1 * libpostproc55_9-debuginfo-4.4-150400.3.42.1 * libpostproc55_9-4.4-150400.3.42.1 * libavcodec58_134-4.4-150400.3.42.1 * libavformat58_76-debuginfo-4.4-150400.3.42.1 * libswresample3_9-debuginfo-4.4-150400.3.42.1 * libswscale5_9-debuginfo-4.4-150400.3.42.1 * libavcodec58_134-debuginfo-4.4-150400.3.42.1 * ffmpeg-4-debugsource-4.4-150400.3.42.1 * ffmpeg-4-debuginfo-4.4-150400.3.42.1 * libswresample3_9-4.4-150400.3.42.1 * libavutil56_70-4.4-150400.3.42.1 * libswscale5_9-4.4-150400.3.42.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libavformat58_76-4.4-150400.3.42.1 * libavutil56_70-debuginfo-4.4-150400.3.42.1 * libpostproc55_9-debuginfo-4.4-150400.3.42.1 * libpostproc55_9-4.4-150400.3.42.1 * libavcodec58_134-4.4-150400.3.42.1 * libavformat58_76-debuginfo-4.4-150400.3.42.1 * libswresample3_9-debuginfo-4.4-150400.3.42.1 * libavcodec58_134-debuginfo-4.4-150400.3.42.1 * ffmpeg-4-debugsource-4.4-150400.3.42.1 * ffmpeg-4-debuginfo-4.4-150400.3.42.1 * libswresample3_9-4.4-150400.3.42.1 * libavutil56_70-4.4-150400.3.42.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libavformat58_76-4.4-150400.3.42.1 * libavutil56_70-debuginfo-4.4-150400.3.42.1 * libpostproc55_9-debuginfo-4.4-150400.3.42.1 * libpostproc55_9-4.4-150400.3.42.1 * libavcodec58_134-4.4-150400.3.42.1 * libavformat58_76-debuginfo-4.4-150400.3.42.1 * libswresample3_9-debuginfo-4.4-150400.3.42.1 * libavcodec58_134-debuginfo-4.4-150400.3.42.1 * ffmpeg-4-debugsource-4.4-150400.3.42.1 * ffmpeg-4-debuginfo-4.4-150400.3.42.1 * libswresample3_9-4.4-150400.3.42.1 * libavutil56_70-4.4-150400.3.42.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * libavformat58_76-4.4-150400.3.42.1 * libavutil56_70-debuginfo-4.4-150400.3.42.1 * libavcodec58_134-4.4-150400.3.42.1 * libavformat58_76-debuginfo-4.4-150400.3.42.1 * libswresample3_9-debuginfo-4.4-150400.3.42.1 * libswscale5_9-debuginfo-4.4-150400.3.42.1 * libavcodec58_134-debuginfo-4.4-150400.3.42.1 * ffmpeg-4-debugsource-4.4-150400.3.42.1 * ffmpeg-4-debuginfo-4.4-150400.3.42.1 * libswresample3_9-4.4-150400.3.42.1 * libavutil56_70-4.4-150400.3.42.1 * libswscale5_9-4.4-150400.3.42.1 ## References: * https://www.suse.com/security/cve/CVE-2023-22656.html * https://www.suse.com/security/cve/CVE-2023-45221.html * https://www.suse.com/security/cve/CVE-2023-47169.html * https://www.suse.com/security/cve/CVE-2023-47282.html * https://www.suse.com/security/cve/CVE-2023-48368.html * https://www.suse.com/security/cve/CVE-2024-7055.html * https://bugzilla.suse.com/show_bug.cgi?id=1226892 * https://bugzilla.suse.com/show_bug.cgi?id=1226897 * https://bugzilla.suse.com/show_bug.cgi?id=1226898 * https://bugzilla.suse.com/show_bug.cgi?id=1226899 * https://bugzilla.suse.com/show_bug.cgi?id=1226900 * https://bugzilla.suse.com/show_bug.cgi?id=1226901 * https://bugzilla.suse.com/show_bug.cgi?id=1229026 * https://jira.suse.com/browse/PED-10024 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 20 16:30:16 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 20 Sep 2024 16:30:16 -0000 Subject: SUSE-SU-2024:3357-1: important: Security update for python310 Message-ID: <172684981620.28013.17697977329277823585@smelt2.prg2.suse.org> # Security update for python310 Announcement ID: SUSE-SU-2024:3357-1 Rating: important References: * bsc#1229596 * bsc#1229704 * bsc#1230227 Cross-References: * CVE-2024-6232 * CVE-2024-7592 * CVE-2024-8088 CVSS scores: * CVE-2024-6232 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-6232 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6232 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8088 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities can now be installed. ## Description: This update for python310 fixes the following issues: * Update to version 3.10.15 * CVE-2024-8088: Fixed denial of service in zipfile. (bsc#1229704) * CVE-2024-7592: Fixed uncontrolled CPU resource consumption when in http.cookies module. (bsc#1229596) * CVE-2024-6232: Fixed ReDos via excessive backtracking while parsing header values. (bsc#1230227) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3357=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3357=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3357=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3357=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3357=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3357=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3357=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3357=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * python310-base-3.10.15-150400.4.57.1 * libpython3_10-1_0-debuginfo-3.10.15-150400.4.57.1 * python310-base-debuginfo-3.10.15-150400.4.57.1 * python310-dbm-debuginfo-3.10.15-150400.4.57.1 * libpython3_10-1_0-3.10.15-150400.4.57.1 * python310-dbm-3.10.15-150400.4.57.1 * python310-core-debugsource-3.10.15-150400.4.57.1 * python310-curses-3.10.15-150400.4.57.1 * python310-curses-debuginfo-3.10.15-150400.4.57.1 * python310-devel-3.10.15-150400.4.57.1 * python310-tk-debuginfo-3.10.15-150400.4.57.1 * python310-3.10.15-150400.4.57.1 * python310-idle-3.10.15-150400.4.57.1 * python310-debugsource-3.10.15-150400.4.57.1 * python310-debuginfo-3.10.15-150400.4.57.1 * python310-tools-3.10.15-150400.4.57.1 * python310-tk-3.10.15-150400.4.57.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python310-base-3.10.15-150400.4.57.1 * libpython3_10-1_0-debuginfo-3.10.15-150400.4.57.1 * python310-base-debuginfo-3.10.15-150400.4.57.1 * python310-dbm-debuginfo-3.10.15-150400.4.57.1 * libpython3_10-1_0-3.10.15-150400.4.57.1 * python310-dbm-3.10.15-150400.4.57.1 * python310-core-debugsource-3.10.15-150400.4.57.1 * python310-curses-3.10.15-150400.4.57.1 * python310-curses-debuginfo-3.10.15-150400.4.57.1 * python310-devel-3.10.15-150400.4.57.1 * python310-tk-debuginfo-3.10.15-150400.4.57.1 * python310-3.10.15-150400.4.57.1 * python310-idle-3.10.15-150400.4.57.1 * python310-debugsource-3.10.15-150400.4.57.1 * python310-debuginfo-3.10.15-150400.4.57.1 * python310-tools-3.10.15-150400.4.57.1 * python310-tk-3.10.15-150400.4.57.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python310-doc-3.10.15-150400.4.57.1 * python310-base-3.10.15-150400.4.57.1 * python310-testsuite-debuginfo-3.10.15-150400.4.57.1 * python310-dbm-debuginfo-3.10.15-150400.4.57.1 * python310-core-debugsource-3.10.15-150400.4.57.1 * python310-idle-3.10.15-150400.4.57.1 * python310-debugsource-3.10.15-150400.4.57.1 * python310-testsuite-3.10.15-150400.4.57.1 * python310-dbm-3.10.15-150400.4.57.1 * python310-curses-3.10.15-150400.4.57.1 * python310-devel-3.10.15-150400.4.57.1 * python310-tk-debuginfo-3.10.15-150400.4.57.1 * python310-tk-3.10.15-150400.4.57.1 * libpython3_10-1_0-3.10.15-150400.4.57.1 * python310-curses-debuginfo-3.10.15-150400.4.57.1 * python310-tools-3.10.15-150400.4.57.1 * python310-doc-devhelp-3.10.15-150400.4.57.1 * libpython3_10-1_0-debuginfo-3.10.15-150400.4.57.1 * python310-base-debuginfo-3.10.15-150400.4.57.1 * python310-3.10.15-150400.4.57.1 * python310-debuginfo-3.10.15-150400.4.57.1 * openSUSE Leap 15.4 (x86_64) * libpython3_10-1_0-32bit-3.10.15-150400.4.57.1 * python310-32bit-3.10.15-150400.4.57.1 * python310-base-32bit-debuginfo-3.10.15-150400.4.57.1 * python310-32bit-debuginfo-3.10.15-150400.4.57.1 * libpython3_10-1_0-32bit-debuginfo-3.10.15-150400.4.57.1 * python310-base-32bit-3.10.15-150400.4.57.1 * openSUSE Leap 15.4 (aarch64_ilp32) * python310-64bit-3.10.15-150400.4.57.1 * python310-base-64bit-3.10.15-150400.4.57.1 * libpython3_10-1_0-64bit-debuginfo-3.10.15-150400.4.57.1 * python310-64bit-debuginfo-3.10.15-150400.4.57.1 * python310-base-64bit-debuginfo-3.10.15-150400.4.57.1 * libpython3_10-1_0-64bit-3.10.15-150400.4.57.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python310-doc-3.10.15-150400.4.57.1 * python310-base-3.10.15-150400.4.57.1 * python310-testsuite-debuginfo-3.10.15-150400.4.57.1 * python310-dbm-debuginfo-3.10.15-150400.4.57.1 * python310-core-debugsource-3.10.15-150400.4.57.1 * python310-idle-3.10.15-150400.4.57.1 * python310-debugsource-3.10.15-150400.4.57.1 * python310-testsuite-3.10.15-150400.4.57.1 * python310-dbm-3.10.15-150400.4.57.1 * python310-curses-3.10.15-150400.4.57.1 * python310-devel-3.10.15-150400.4.57.1 * python310-tk-debuginfo-3.10.15-150400.4.57.1 * python310-tk-3.10.15-150400.4.57.1 * libpython3_10-1_0-3.10.15-150400.4.57.1 * python310-curses-debuginfo-3.10.15-150400.4.57.1 * python310-tools-3.10.15-150400.4.57.1 * python310-doc-devhelp-3.10.15-150400.4.57.1 * libpython3_10-1_0-debuginfo-3.10.15-150400.4.57.1 * python310-base-debuginfo-3.10.15-150400.4.57.1 * python310-3.10.15-150400.4.57.1 * python310-debuginfo-3.10.15-150400.4.57.1 * openSUSE Leap 15.5 (x86_64) * libpython3_10-1_0-32bit-3.10.15-150400.4.57.1 * python310-32bit-3.10.15-150400.4.57.1 * python310-base-32bit-debuginfo-3.10.15-150400.4.57.1 * python310-32bit-debuginfo-3.10.15-150400.4.57.1 * libpython3_10-1_0-32bit-debuginfo-3.10.15-150400.4.57.1 * python310-base-32bit-3.10.15-150400.4.57.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python310-doc-3.10.15-150400.4.57.1 * python310-base-3.10.15-150400.4.57.1 * python310-testsuite-debuginfo-3.10.15-150400.4.57.1 * python310-dbm-debuginfo-3.10.15-150400.4.57.1 * python310-core-debugsource-3.10.15-150400.4.57.1 * python310-idle-3.10.15-150400.4.57.1 * python310-debugsource-3.10.15-150400.4.57.1 * python310-testsuite-3.10.15-150400.4.57.1 * python310-dbm-3.10.15-150400.4.57.1 * python310-curses-3.10.15-150400.4.57.1 * python310-devel-3.10.15-150400.4.57.1 * python310-tk-debuginfo-3.10.15-150400.4.57.1 * python310-tk-3.10.15-150400.4.57.1 * libpython3_10-1_0-3.10.15-150400.4.57.1 * python310-curses-debuginfo-3.10.15-150400.4.57.1 * python310-tools-3.10.15-150400.4.57.1 * python310-doc-devhelp-3.10.15-150400.4.57.1 * libpython3_10-1_0-debuginfo-3.10.15-150400.4.57.1 * python310-base-debuginfo-3.10.15-150400.4.57.1 * python310-3.10.15-150400.4.57.1 * python310-debuginfo-3.10.15-150400.4.57.1 * openSUSE Leap 15.6 (x86_64) * libpython3_10-1_0-32bit-3.10.15-150400.4.57.1 * python310-32bit-3.10.15-150400.4.57.1 * python310-base-32bit-debuginfo-3.10.15-150400.4.57.1 * python310-32bit-debuginfo-3.10.15-150400.4.57.1 * libpython3_10-1_0-32bit-debuginfo-3.10.15-150400.4.57.1 * python310-base-32bit-3.10.15-150400.4.57.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python310-base-3.10.15-150400.4.57.1 * libpython3_10-1_0-debuginfo-3.10.15-150400.4.57.1 * python310-base-debuginfo-3.10.15-150400.4.57.1 * python310-dbm-debuginfo-3.10.15-150400.4.57.1 * libpython3_10-1_0-3.10.15-150400.4.57.1 * python310-dbm-3.10.15-150400.4.57.1 * python310-core-debugsource-3.10.15-150400.4.57.1 * python310-curses-3.10.15-150400.4.57.1 * python310-curses-debuginfo-3.10.15-150400.4.57.1 * python310-devel-3.10.15-150400.4.57.1 * python310-tk-debuginfo-3.10.15-150400.4.57.1 * python310-3.10.15-150400.4.57.1 * python310-idle-3.10.15-150400.4.57.1 * python310-debugsource-3.10.15-150400.4.57.1 * python310-debuginfo-3.10.15-150400.4.57.1 * python310-tools-3.10.15-150400.4.57.1 * python310-tk-3.10.15-150400.4.57.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python310-base-3.10.15-150400.4.57.1 * libpython3_10-1_0-debuginfo-3.10.15-150400.4.57.1 * python310-base-debuginfo-3.10.15-150400.4.57.1 * python310-dbm-debuginfo-3.10.15-150400.4.57.1 * libpython3_10-1_0-3.10.15-150400.4.57.1 * python310-dbm-3.10.15-150400.4.57.1 * python310-core-debugsource-3.10.15-150400.4.57.1 * python310-curses-3.10.15-150400.4.57.1 * python310-curses-debuginfo-3.10.15-150400.4.57.1 * python310-devel-3.10.15-150400.4.57.1 * python310-tk-debuginfo-3.10.15-150400.4.57.1 * python310-3.10.15-150400.4.57.1 * python310-idle-3.10.15-150400.4.57.1 * python310-debugsource-3.10.15-150400.4.57.1 * python310-debuginfo-3.10.15-150400.4.57.1 * python310-tools-3.10.15-150400.4.57.1 * python310-tk-3.10.15-150400.4.57.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * python310-base-3.10.15-150400.4.57.1 * libpython3_10-1_0-debuginfo-3.10.15-150400.4.57.1 * python310-base-debuginfo-3.10.15-150400.4.57.1 * python310-dbm-debuginfo-3.10.15-150400.4.57.1 * libpython3_10-1_0-3.10.15-150400.4.57.1 * python310-dbm-3.10.15-150400.4.57.1 * python310-core-debugsource-3.10.15-150400.4.57.1 * python310-curses-3.10.15-150400.4.57.1 * python310-curses-debuginfo-3.10.15-150400.4.57.1 * python310-devel-3.10.15-150400.4.57.1 * python310-tk-debuginfo-3.10.15-150400.4.57.1 * python310-3.10.15-150400.4.57.1 * python310-idle-3.10.15-150400.4.57.1 * python310-debugsource-3.10.15-150400.4.57.1 * python310-debuginfo-3.10.15-150400.4.57.1 * python310-tools-3.10.15-150400.4.57.1 * python310-tk-3.10.15-150400.4.57.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6232.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://www.suse.com/security/cve/CVE-2024-8088.html * https://bugzilla.suse.com/show_bug.cgi?id=1229596 * https://bugzilla.suse.com/show_bug.cgi?id=1229704 * https://bugzilla.suse.com/show_bug.cgi?id=1230227 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 20 16:30:26 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 20 Sep 2024 16:30:26 -0000 Subject: SUSE-SU-2024:3355-1: moderate: Security update for libpcap Message-ID: <172684982658.28013.12586316461593799824@smelt2.prg2.suse.org> # Security update for libpcap Announcement ID: SUSE-SU-2024:3355-1 Rating: moderate References: * bsc#1230020 * bsc#1230034 Cross-References: * CVE-2023-7256 * CVE-2024-8006 CVSS scores: * CVE-2023-7256 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-7256 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-7256 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8006 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H * CVE-2024-8006 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8006 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for libpcap fixes the following issues: * CVE-2024-8006: NULL pointer dereference in function pcap_findalldevs_ex(). (bsc#1230034) * CVE-2023-7256: double free via struct addrinfo in function sock_initaddress(). (bsc#1230020) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3355=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3355=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3355=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3355=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-3355=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libpcap-devel-1.8.1-10.6.1 * libpcap-debugsource-1.8.1-10.6.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libpcap1-debuginfo-1.8.1-10.6.1 * libpcap1-1.8.1-10.6.1 * libpcap-debugsource-1.8.1-10.6.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libpcap1-debuginfo-1.8.1-10.6.1 * libpcap1-1.8.1-10.6.1 * libpcap-debugsource-1.8.1-10.6.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libpcap1-debuginfo-1.8.1-10.6.1 * libpcap1-1.8.1-10.6.1 * libpcap-debugsource-1.8.1-10.6.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * libpcap1-32bit-1.8.1-10.6.1 * libpcap1-debuginfo-32bit-1.8.1-10.6.1 * libpcap-debugsource-1.8.1-10.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-7256.html * https://www.suse.com/security/cve/CVE-2024-8006.html * https://bugzilla.suse.com/show_bug.cgi?id=1230020 * https://bugzilla.suse.com/show_bug.cgi?id=1230034 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 20 16:30:28 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 20 Sep 2024 16:30:28 -0000 Subject: SUSE-SU-2024:3354-1: important: Security update for wpa_supplicant Message-ID: <172684982882.28013.12199272285488947009@smelt2.prg2.suse.org> # Security update for wpa_supplicant Announcement ID: SUSE-SU-2024:3354-1 Rating: important References: * bsc#1219975 Cross-References: * CVE-2023-52160 CVSS scores: * CVE-2023-52160 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52160 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for wpa_supplicant fixes the following issues: * CVE-2023-52160: Bypassing WiFi Authentication (bsc#1219975). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3354=1 openSUSE-SLE-15.6-2024-3354=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3354=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * wpa_supplicant-2.10-150600.7.3.1 * wpa_supplicant-debugsource-2.10-150600.7.3.1 * wpa_supplicant-gui-debuginfo-2.10-150600.7.3.1 * wpa_supplicant-debuginfo-2.10-150600.7.3.1 * wpa_supplicant-gui-2.10-150600.7.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * wpa_supplicant-2.10-150600.7.3.1 * wpa_supplicant-debugsource-2.10-150600.7.3.1 * wpa_supplicant-debuginfo-2.10-150600.7.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52160.html * https://bugzilla.suse.com/show_bug.cgi?id=1219975 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 23 08:30:17 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 23 Sep 2024 08:30:17 -0000 Subject: SUSE-SU-2024:3375-1: important: Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4) Message-ID: <172708021749.27758.7284900014005164440@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 25 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:3375-1 Rating: important References: * bsc#1220145 * bsc#1221302 * bsc#1222882 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223681 * bsc#1223683 * bsc#1225013 * bsc#1225099 * bsc#1225310 * bsc#1225313 Cross-References: * CVE-2022-48651 * CVE-2022-48662 * CVE-2023-52846 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26766 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35950 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves 13 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_116 fixes several issues. The following security issues were fixed: * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-3375=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3375=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_116-default-6-150400.9.8.2 * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-6-150400.9.8.2 * kernel-livepatch-SLE15-SP4_Update_25-debugsource-6-150400.9.8.2 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_116-default-6-150400.9.8.2 * kernel-livepatch-5_14_21-150400_24_116-default-debuginfo-6-150400.9.8.2 * kernel-livepatch-SLE15-SP4_Update_25-debugsource-6-150400.9.8.2 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 23 08:30:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 23 Sep 2024 08:30:25 -0000 Subject: SUSE-SU-2024:3370-1: important: Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6) Message-ID: <172708022590.27758.10736132475049574470@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6) Announcement ID: SUSE-SU-2024:3370-1 Rating: important References: * bsc#1223683 * bsc#1224991 * bsc#1225013 * bsc#1225099 * bsc#1225310 * bsc#1225313 * bsc#1225850 Cross-References: * CVE-2023-52772 * CVE-2023-52846 * CVE-2024-26923 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35950 * CVE-2024-36921 CVSS scores: * CVE-2023-52772 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52772 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36921 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves seven vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_21 fixes several issues. The following security issues were fixed: * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-36921: Guard against invalid STA ID on removal. (bsc#1225769) * CVE-2023-52772: Fixed use-after-free in unix_stream_read_actor() (bsc#1224991). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: Fully protect modes with dev->mode_config.mutex (bsc#1225310). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3370=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2024-3370=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_21-default-debuginfo-4-150600.1.1 * kernel-livepatch-6_4_0-150600_21-default-4-150600.1.1 * kernel-livepatch-SLE15-SP6_Update_0-debugsource-4-150600.1.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_21-default-debuginfo-4-150600.1.1 * kernel-livepatch-6_4_0-150600_21-default-4-150600.1.1 * kernel-livepatch-SLE15-SP6_Update_0-debugsource-4-150600.1.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52772.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36921.html * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1224991 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 * https://bugzilla.suse.com/show_bug.cgi?id=1225850 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 23 08:30:52 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 23 Sep 2024 08:30:52 -0000 Subject: SUSE-SU-2024:3368-1: important: Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4) Message-ID: <172708025222.27758.13315830163813757762@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 24 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:3368-1 Rating: important References: * bsc#1220145 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223681 * bsc#1223683 * bsc#1225013 * bsc#1225099 * bsc#1225310 * bsc#1225313 Cross-References: * CVE-2022-48651 * CVE-2022-48662 * CVE-2023-52502 * CVE-2023-52846 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26610 * CVE-2024-26766 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35950 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves 15 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_111 fixes several issues. The following security issues were fixed: * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3368=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-3368=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_111-default-6-150400.9.6.2 * kernel-livepatch-SLE15-SP4_Update_24-debugsource-6-150400.9.6.2 * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-6-150400.9.6.2 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_111-default-6-150400.9.6.2 * kernel-livepatch-SLE15-SP4_Update_24-debugsource-6-150400.9.6.2 * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-6-150400.9.6.2 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 23 08:31:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 23 Sep 2024 08:31:08 -0000 Subject: SUSE-SU-2024:3379-1: important: Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5) Message-ID: <172708026859.27758.12557147756901813878@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:3379-1 Rating: important References: * bsc#1219296 * bsc#1220145 * bsc#1220211 * bsc#1220828 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223681 * bsc#1223683 * bsc#1225013 * bsc#1225099 * bsc#1225310 * bsc#1225313 Cross-References: * CVE-2022-48651 * CVE-2022-48662 * CVE-2023-52340 * CVE-2023-52502 * CVE-2023-52846 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26622 * CVE-2024-26766 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35950 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52340 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 18 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_49 fixes several issues. The following security issues were fixed: * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2022-48662: Fixed GPF in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220211). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2023-52340: Fixed a denial of service related to ICMPv6 'Packet Too Big' packets (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3379=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-3367=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3367=1 SUSE-2024-3379=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_35-rt-8-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_35-rt-debuginfo-8-150500.11.8.1 * kernel-livepatch-SLE15-SP5-RT_Update_10-debugsource-8-150500.11.8.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_49-default-8-150500.11.8.2 * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-8-150500.11.8.2 * kernel-livepatch-SLE15-SP5_Update_10-debugsource-8-150500.11.8.2 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_49-default-8-150500.11.8.2 * kernel-livepatch-5_14_21-150500_55_49-default-debuginfo-8-150500.11.8.2 * kernel-livepatch-SLE15-SP5_Update_10-debugsource-8-150500.11.8.2 * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_35-rt-8-150500.11.8.1 * kernel-livepatch-5_14_21-150500_13_35-rt-debuginfo-8-150500.11.8.1 * kernel-livepatch-SLE15-SP5-RT_Update_10-debugsource-8-150500.11.8.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 23 08:31:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 23 Sep 2024 08:31:12 -0000 Subject: SUSE-SU-2024:3365-1: important: Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP4) Message-ID: <172708027299.27758.17554309633447759467@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 27 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:3365-1 Rating: important References: * bsc#1223683 * bsc#1225099 * bsc#1225310 Cross-References: * CVE-2023-52846 * CVE-2024-26923 * CVE-2024-35950 CVSS scores: * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_122 fixes several issues. The following security issues were fixed: * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-35950: Fully protect modes with dev->mode_config.mutex (bsc#1225310). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3365=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-3365=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_122-default-debuginfo-3-150400.9.6.2 * kernel-livepatch-5_14_21-150400_24_122-default-3-150400.9.6.2 * kernel-livepatch-SLE15-SP4_Update_27-debugsource-3-150400.9.6.2 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_122-default-debuginfo-3-150400.9.6.2 * kernel-livepatch-5_14_21-150400_24_122-default-3-150400.9.6.2 * kernel-livepatch-SLE15-SP4_Update_27-debugsource-3-150400.9.6.2 ## References: * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 23 08:31:23 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 23 Sep 2024 08:31:23 -0000 Subject: SUSE-SU-2024:3363-1: important: Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4) Message-ID: <172708028300.27758.3949461697854633467@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 26 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:3363-1 Rating: important References: * bsc#1223059 * bsc#1223363 * bsc#1223681 * bsc#1223683 * bsc#1225013 * bsc#1225099 * bsc#1225310 * bsc#1225313 Cross-References: * CVE-2023-52846 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35950 CVSS scores: * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves eight vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_119 fixes several issues. The following security issues were fixed: * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3363=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-3363=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_119-default-5-150400.9.6.2 * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-5-150400.9.6.2 * kernel-livepatch-SLE15-SP4_Update_26-debugsource-5-150400.9.6.2 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_119-default-5-150400.9.6.2 * kernel-livepatch-5_14_21-150400_24_119-default-debuginfo-5-150400.9.6.2 * kernel-livepatch-SLE15-SP4_Update_26-debugsource-5-150400.9.6.2 ## References: * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 23 08:31:28 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 23 Sep 2024 08:31:28 -0000 Subject: SUSE-SU-2024:3361-1: important: Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5) Message-ID: <172708028869.27758.1893471721512766502@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 9 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:3361-1 Rating: important References: * bsc#1223521 * bsc#1225099 * bsc#1225313 Cross-References: * CVE-2022-48662 * CVE-2023-52846 * CVE-2024-35817 CVSS scores: * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_44 fixes several issues. The following security issues were fixed: * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2022-48662: Fixed GPF in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-3362=1 SUSE-SLE- Module-Live-Patching-15-SP4-2024-3381=1 SUSE-SLE-Module-Live- Patching-15-SP4-2024-3382=1 SUSE-SLE-Module-Live-Patching-15-SP4-2024-3361=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3381=1 SUSE-2024-3382=1 SUSE-2024-3361=1 SUSE-2024-3362=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3380=1 SUSE-2024-3364=1 SUSE-2024-3376=1 SUSE-2024-3366=1 SUSE-2024-3377=1 SUSE-2024-3378=1 SUSE-2024-3371=1 SUSE-2024-3372=1 SUSE-2024-3373=1 SUSE-2024-3374=1 SUSE-2024-3369=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3380=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-3364=1 SUSE-SLE-Module-Live- Patching-15-SP5-2024-3376=1 SUSE-SLE-Module-Live-Patching-15-SP5-2024-3366=1 SUSE-SLE-Module-Live-Patching-15-SP5-2024-3377=1 SUSE-SLE-Module-Live- Patching-15-SP5-2024-3378=1 SUSE-SLE-Module-Live-Patching-15-SP5-2024-3371=1 SUSE-SLE-Module-Live-Patching-15-SP5-2024-3372=1 SUSE-SLE-Module-Live- Patching-15-SP5-2024-3373=1 SUSE-SLE-Module-Live-Patching-15-SP5-2024-3374=1 SUSE-SLE-Module-Live-Patching-15-SP5-2024-3369=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_16-debugsource-14-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_21-debugsource-11-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_19-debugsource-12-150400.2.2 * kernel-livepatch-5_14_21-150400_24_100-default-11-150400.2.2 * kernel-livepatch-5_14_21-150400_24_103-default-9-150400.2.2 * kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-9-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_22-debugsource-9-150400.2.2 * kernel-livepatch-5_14_21-150400_24_100-default-debuginfo-11-150400.2.2 * kernel-livepatch-5_14_21-150400_24_81-default-14-150400.2.2 * kernel-livepatch-5_14_21-150400_24_81-default-debuginfo-14-150400.2.2 * kernel-livepatch-5_14_21-150400_24_92-default-12-150400.2.2 * kernel-livepatch-5_14_21-150400_24_92-default-debuginfo-12-150400.2.2 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_16-debugsource-14-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_21-debugsource-11-150400.2.2 * kernel-livepatch-5_14_21-150400_24_103-default-9-150400.2.2 * kernel-livepatch-5_14_21-150400_24_100-default-11-150400.2.2 * kernel-livepatch-5_14_21-150400_24_103-default-debuginfo-9-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_22-debugsource-9-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_19-debugsource-12-150400.2.2 * kernel-livepatch-5_14_21-150400_24_100-default-debuginfo-11-150400.2.2 * kernel-livepatch-5_14_21-150400_24_81-default-14-150400.2.2 * kernel-livepatch-5_14_21-150400_24_81-default-debuginfo-14-150400.2.2 * kernel-livepatch-5_14_21-150400_24_92-default-12-150400.2.2 * kernel-livepatch-5_14_21-150400_24_92-default-debuginfo-12-150400.2.2 * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_30-rt-10-150500.2.1 * kernel-livepatch-5_14_21-150500_13_24-rt-debuginfo-12-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_5-debugsource-13-150500.2.1 * kernel-livepatch-5_14_21-150500_13_11-rt-debuginfo-14-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_6-debugsource-12-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_7-debugsource-12-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_3-debugsource-14-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_9-debugsource-10-150500.2.1 * kernel-livepatch-5_14_21-150500_13_18-rt-debuginfo-13-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_8-debugsource-11-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-11-150500.2.1 * kernel-livepatch-5_14_21-150500_13_18-rt-13-150500.2.1 * kernel-livepatch-5_14_21-150500_13_24-rt-12-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-debuginfo-11-150500.2.1 * kernel-livepatch-5_14_21-150500_13_21-rt-12-150500.2.1 * kernel-livepatch-5_14_21-150500_13_11-rt-14-150500.2.1 * kernel-livepatch-5_14_21-150500_13_30-rt-debuginfo-10-150500.2.1 * kernel-livepatch-5_14_21-150500_13_21-rt-debuginfo-12-150500.2.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_36-default-11-150500.2.2 * kernel-livepatch-5_14_21-150500_55_19-default-14-150500.2.2 * kernel-livepatch-5_14_21-150500_55_28-default-debuginfo-13-150500.2.2 * kernel-livepatch-5_14_21-150500_55_39-default-debuginfo-11-150500.2.2 * kernel-livepatch-5_14_21-150500_55_28-default-13-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_7-debugsource-11-150500.2.2 * kernel-livepatch-5_14_21-150500_55_36-default-debuginfo-11-150500.2.2 * kernel-livepatch-5_14_21-150500_55_39-default-11-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_3-debugsource-14-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_8-debugsource-11-150500.2.2 * kernel-livepatch-5_14_21-150500_55_19-default-debuginfo-14-150500.2.2 * kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-10-150500.2.2 * kernel-livepatch-5_14_21-150500_55_44-default-10-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_5-debugsource-13-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_9-debugsource-10-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_30-rt-10-150500.2.1 * kernel-livepatch-5_14_21-150500_13_24-rt-debuginfo-12-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_5-debugsource-13-150500.2.1 * kernel-livepatch-5_14_21-150500_13_11-rt-debuginfo-14-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_6-debugsource-12-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_7-debugsource-12-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_3-debugsource-14-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_9-debugsource-10-150500.2.1 * kernel-livepatch-5_14_21-150500_13_18-rt-debuginfo-13-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_8-debugsource-11-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-11-150500.2.1 * kernel-livepatch-5_14_21-150500_13_18-rt-13-150500.2.1 * kernel-livepatch-5_14_21-150500_13_24-rt-12-150500.2.1 * kernel-livepatch-5_14_21-150500_13_27-rt-debuginfo-11-150500.2.1 * kernel-livepatch-5_14_21-150500_13_21-rt-12-150500.2.1 * kernel-livepatch-5_14_21-150500_13_11-rt-14-150500.2.1 * kernel-livepatch-5_14_21-150500_13_30-rt-debuginfo-10-150500.2.1 * kernel-livepatch-5_14_21-150500_13_21-rt-debuginfo-12-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_36-default-11-150500.2.2 * kernel-livepatch-5_14_21-150500_55_19-default-14-150500.2.2 * kernel-livepatch-5_14_21-150500_55_28-default-debuginfo-13-150500.2.2 * kernel-livepatch-5_14_21-150500_55_39-default-debuginfo-11-150500.2.2 * kernel-livepatch-5_14_21-150500_55_28-default-13-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_7-debugsource-11-150500.2.2 * kernel-livepatch-5_14_21-150500_55_36-default-debuginfo-11-150500.2.2 * kernel-livepatch-5_14_21-150500_55_39-default-11-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_3-debugsource-14-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_8-debugsource-11-150500.2.2 * kernel-livepatch-5_14_21-150500_55_19-default-debuginfo-14-150500.2.2 * kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-10-150500.2.2 * kernel-livepatch-5_14_21-150500_55_44-default-10-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_5-debugsource-13-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_9-debugsource-10-150500.2.2 ## References: * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 23 08:31:33 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 23 Sep 2024 08:31:33 -0000 Subject: SUSE-SU-2024:3360-1: important: Security update for container-suseconnect Message-ID: <172708029399.27758.9670350886828034544@smelt2.prg2.suse.org> # Security update for container-suseconnect Announcement ID: SUSE-SU-2024:3360-1 Rating: important References: * bsc#1225973 * bsc#1225974 * bsc#1227314 Cross-References: * CVE-2024-24789 * CVE-2024-24790 * CVE-2024-24791 CVSS scores: * CVE-2024-24789 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-24789 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-24790 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L * CVE-2024-24790 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-24791 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Containers Module 15-SP5 * Containers Module 15-SP6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for container-suseconnect rebuilds it against current go1.21.13.1. Security issues fixed: CVE-2024-24789, CVE-2024-24790, CVE-2024-24791 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3360=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-3360=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3360=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3360=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3360=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3360=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3360=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3360=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3360=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3360=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3360=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3360=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3360=1 ## Package List: * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * container-suseconnect-2.5.0-150000.4.55.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * container-suseconnect-2.5.0-150000.4.55.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * container-suseconnect-2.5.0-150000.4.55.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * container-suseconnect-2.5.0-150000.4.55.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * container-suseconnect-2.5.0-150000.4.55.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * container-suseconnect-2.5.0-150000.4.55.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * container-suseconnect-2.5.0-150000.4.55.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * container-suseconnect-2.5.0-150000.4.55.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * container-suseconnect-2.5.0-150000.4.55.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * container-suseconnect-2.5.0-150000.4.55.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * container-suseconnect-2.5.0-150000.4.55.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * container-suseconnect-2.5.0-150000.4.55.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * container-suseconnect-2.5.0-150000.4.55.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24789.html * https://www.suse.com/security/cve/CVE-2024-24790.html * https://www.suse.com/security/cve/CVE-2024-24791.html * https://bugzilla.suse.com/show_bug.cgi?id=1225973 * https://bugzilla.suse.com/show_bug.cgi?id=1225974 * https://bugzilla.suse.com/show_bug.cgi?id=1227314 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 23 12:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 23 Sep 2024 12:30:08 -0000 Subject: SUSE-SU-2024:3395-1: important: Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP4) Message-ID: <172709460834.9453.6982172512319313826@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 20 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:3395-1 Rating: important References: * bsc#1223521 * bsc#1225099 * bsc#1225313 Cross-References: * CVE-2022-48662 * CVE-2023-52846 * CVE-2024-35817 CVSS scores: * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_97 fixes several issues. The following security issues were fixed: * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3395=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-3395=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_97-default-11-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_20-debugsource-11-150400.2.2 * kernel-livepatch-5_14_21-150400_24_97-default-debuginfo-11-150400.2.2 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_97-default-11-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_20-debugsource-11-150400.2.2 * kernel-livepatch-5_14_21-150400_24_97-default-debuginfo-11-150400.2.2 ## References: * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 23 12:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 23 Sep 2024 12:30:12 -0000 Subject: SUSE-SU-2024:3387-1: important: Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6) Message-ID: <172709461218.9453.8654711211465496448@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 3 for SLE 15 SP6) Announcement ID: SUSE-SU-2024:3387-1 Rating: important References: * bsc#1228349 Cross-References: * CVE-2024-40909 CVSS scores: * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_17 fixes one issue. The following security issue was fixed: * CVE-2024-40909: Fix a potential use-after-free in bpf_link_free() (bsc#1228349). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3387=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2024-3387=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_3-debugsource-2-150600.13.6.3 * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-2-150600.13.6.3 * kernel-livepatch-6_4_0-150600_23_17-default-2-150600.13.6.3 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_3-debugsource-2-150600.13.6.3 * kernel-livepatch-6_4_0-150600_23_17-default-debuginfo-2-150600.13.6.3 * kernel-livepatch-6_4_0-150600_23_17-default-2-150600.13.6.3 ## References: * https://www.suse.com/security/cve/CVE-2024-40909.html * https://bugzilla.suse.com/show_bug.cgi?id=1228349 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 23 12:30:48 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 23 Sep 2024 12:30:48 -0000 Subject: SUSE-SU-2024:3384-1: important: Security update for python3 Message-ID: <172709464873.9453.4104344638324230405@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2024:3384-1 Rating: important References: * bsc#1229596 * bsc#1230227 Cross-References: * CVE-2024-6232 * CVE-2024-7592 CVSS scores: * CVE-2024-6232 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-6232 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6232 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * Web and Scripting Module 12 An update that solves two vulnerabilities can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2024-6232: excessive backtracking when parsing tarfile headers leads to ReDoS. (bsc#1230227) * CVE-2024-7592: quadratic algorithm used when parsing cookies leads to excessive resource consumption. (bsc#1229596) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 12 zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2024-3384=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3384=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3384=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3384=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3384=1 ## Package List: * Web and Scripting Module 12 (aarch64 ppc64le s390x x86_64) * libpython3_4m1_0-3.4.10-25.139.1 * python3-base-debuginfo-3.4.10-25.139.1 * python3-curses-3.4.10-25.139.1 * python3-base-3.4.10-25.139.1 * python3-3.4.10-25.139.1 * python3-debuginfo-3.4.10-25.139.1 * python3-debugsource-3.4.10-25.139.1 * python3-base-debugsource-3.4.10-25.139.1 * libpython3_4m1_0-debuginfo-3.4.10-25.139.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * python3-base-debuginfo-3.4.10-25.139.1 * python3-devel-3.4.10-25.139.1 * python3-dbm-debuginfo-3.4.10-25.139.1 * python3-debuginfo-3.4.10-25.139.1 * python3-dbm-3.4.10-25.139.1 * python3-debugsource-3.4.10-25.139.1 * python3-base-debugsource-3.4.10-25.139.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (ppc64le s390x x86_64) * python3-devel-debuginfo-3.4.10-25.139.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libpython3_4m1_0-3.4.10-25.139.1 * python3-base-debuginfo-3.4.10-25.139.1 * python3-devel-3.4.10-25.139.1 * python3-tk-debuginfo-3.4.10-25.139.1 * python3-curses-3.4.10-25.139.1 * python3-curses-debuginfo-3.4.10-25.139.1 * python3-base-3.4.10-25.139.1 * python3-3.4.10-25.139.1 * python3-tk-3.4.10-25.139.1 * python3-debuginfo-3.4.10-25.139.1 * python3-debugsource-3.4.10-25.139.1 * python3-devel-debuginfo-3.4.10-25.139.1 * python3-base-debugsource-3.4.10-25.139.1 * libpython3_4m1_0-debuginfo-3.4.10-25.139.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libpython3_4m1_0-32bit-3.4.10-25.139.1 * libpython3_4m1_0-debuginfo-32bit-3.4.10-25.139.1 * python3-base-debuginfo-32bit-3.4.10-25.139.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libpython3_4m1_0-3.4.10-25.139.1 * python3-base-debuginfo-3.4.10-25.139.1 * python3-devel-3.4.10-25.139.1 * python3-tk-debuginfo-3.4.10-25.139.1 * python3-curses-3.4.10-25.139.1 * python3-curses-debuginfo-3.4.10-25.139.1 * python3-base-3.4.10-25.139.1 * python3-3.4.10-25.139.1 * python3-tk-3.4.10-25.139.1 * python3-debuginfo-3.4.10-25.139.1 * python3-debugsource-3.4.10-25.139.1 * python3-base-debugsource-3.4.10-25.139.1 * libpython3_4m1_0-debuginfo-3.4.10-25.139.1 * SUSE Linux Enterprise Server 12 SP5 (ppc64le s390x x86_64) * python3-devel-debuginfo-3.4.10-25.139.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libpython3_4m1_0-32bit-3.4.10-25.139.1 * libpython3_4m1_0-debuginfo-32bit-3.4.10-25.139.1 * python3-base-debuginfo-32bit-3.4.10-25.139.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libpython3_4m1_0-3.4.10-25.139.1 * python3-base-debuginfo-3.4.10-25.139.1 * python3-devel-3.4.10-25.139.1 * python3-tk-debuginfo-3.4.10-25.139.1 * python3-curses-3.4.10-25.139.1 * python3-curses-debuginfo-3.4.10-25.139.1 * python3-base-3.4.10-25.139.1 * python3-3.4.10-25.139.1 * python3-tk-3.4.10-25.139.1 * python3-debuginfo-3.4.10-25.139.1 * python3-debugsource-3.4.10-25.139.1 * python3-base-debugsource-3.4.10-25.139.1 * libpython3_4m1_0-debuginfo-3.4.10-25.139.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libpython3_4m1_0-32bit-3.4.10-25.139.1 * python3-devel-debuginfo-3.4.10-25.139.1 * libpython3_4m1_0-debuginfo-32bit-3.4.10-25.139.1 * python3-base-debuginfo-32bit-3.4.10-25.139.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6232.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://bugzilla.suse.com/show_bug.cgi?id=1229596 * https://bugzilla.suse.com/show_bug.cgi?id=1230227 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 23 12:37:26 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 23 Sep 2024 12:37:26 -0000 Subject: SUSE-SU-2024:3383-1: important: Security update for the Linux Kernel Message-ID: <172709504647.9453.2176138259042739710@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3383-1 Rating: important References: * bsc#1012628 * bsc#1193454 * bsc#1194869 * bsc#1205462 * bsc#1208783 * bsc#1213123 * bsc#1214285 * bsc#1215199 * bsc#1220066 * bsc#1220252 * bsc#1220877 * bsc#1221326 * bsc#1221630 * bsc#1221645 * bsc#1221652 * bsc#1221857 * bsc#1222254 * bsc#1222335 * bsc#1222350 * bsc#1222364 * bsc#1222372 * bsc#1222387 * bsc#1222433 * bsc#1222434 * bsc#1222463 * bsc#1222625 * bsc#1222633 * bsc#1222634 * bsc#1222808 * bsc#1222967 * bsc#1222973 * bsc#1223053 * bsc#1223074 * bsc#1223191 * bsc#1223395 * bsc#1223635 * bsc#1223720 * bsc#1223731 * bsc#1223742 * bsc#1223763 * bsc#1223767 * bsc#1223777 * bsc#1223803 * bsc#1224105 * bsc#1224415 * bsc#1224485 * bsc#1224496 * bsc#1224510 * bsc#1224535 * bsc#1224631 * bsc#1224636 * bsc#1224690 * bsc#1224694 * bsc#1224700 * bsc#1224711 * bsc#1225475 * bsc#1225582 * bsc#1225607 * bsc#1225717 * bsc#1225718 * bsc#1225744 * bsc#1225745 * bsc#1225751 * bsc#1225814 * bsc#1225832 * bsc#1225838 * bsc#1225903 * bsc#1226031 * bsc#1226127 * bsc#1226502 * bsc#1226530 * bsc#1226588 * bsc#1226604 * bsc#1226743 * bsc#1226751 * bsc#1226765 * bsc#1226798 * bsc#1226801 * bsc#1226834 * bsc#1226874 * bsc#1226885 * bsc#1226920 * bsc#1227149 * bsc#1227182 * bsc#1227383 * bsc#1227437 * bsc#1227492 * bsc#1227493 * bsc#1227494 * bsc#1227618 * bsc#1227620 * bsc#1227623 * bsc#1227627 * bsc#1227634 * bsc#1227706 * bsc#1227722 * bsc#1227724 * bsc#1227725 * bsc#1227728 * bsc#1227729 * bsc#1227732 * bsc#1227733 * bsc#1227734 * bsc#1227747 * bsc#1227750 * bsc#1227754 * bsc#1227758 * bsc#1227760 * bsc#1227761 * bsc#1227764 * bsc#1227766 * bsc#1227770 * bsc#1227771 * bsc#1227772 * bsc#1227774 * bsc#1227781 * bsc#1227784 * bsc#1227785 * bsc#1227787 * bsc#1227790 * bsc#1227791 * bsc#1227792 * bsc#1227796 * bsc#1227798 * bsc#1227799 * bsc#1227802 * bsc#1227808 * bsc#1227810 * bsc#1227811 * bsc#1227812 * bsc#1227815 * bsc#1227816 * bsc#1227818 * bsc#1227820 * bsc#1227823 * bsc#1227824 * bsc#1227826 * bsc#1227828 * bsc#1227829 * bsc#1227830 * bsc#1227832 * bsc#1227833 * bsc#1227834 * bsc#1227839 * bsc#1227840 * bsc#1227846 * bsc#1227849 * bsc#1227851 * bsc#1227853 * bsc#1227863 * bsc#1227864 * bsc#1227865 * bsc#1227867 * bsc#1227869 * bsc#1227870 * bsc#1227883 * bsc#1227884 * bsc#1227891 * bsc#1227893 * bsc#1227929 * bsc#1227950 * bsc#1227957 * bsc#1227981 * bsc#1228020 * bsc#1228021 * bsc#1228114 * bsc#1228192 * bsc#1228195 * bsc#1228202 * bsc#1228235 * bsc#1228236 * bsc#1228237 * bsc#1228247 * bsc#1228321 * bsc#1228409 * bsc#1228410 * bsc#1228426 * bsc#1228427 * bsc#1228429 * bsc#1228446 * bsc#1228447 * bsc#1228449 * bsc#1228450 * bsc#1228452 * bsc#1228456 * bsc#1228457 * bsc#1228458 * bsc#1228459 * bsc#1228460 * bsc#1228462 * bsc#1228463 * bsc#1228466 * bsc#1228467 * bsc#1228468 * bsc#1228469 * bsc#1228470 * bsc#1228472 * bsc#1228479 * bsc#1228480 * bsc#1228481 * bsc#1228482 * bsc#1228483 * bsc#1228484 * bsc#1228485 * bsc#1228486 * bsc#1228487 * bsc#1228489 * bsc#1228491 * bsc#1228492 * bsc#1228493 * bsc#1228494 * bsc#1228495 * bsc#1228496 * bsc#1228499 * bsc#1228500 * bsc#1228501 * bsc#1228502 * bsc#1228503 * bsc#1228505 * bsc#1228508 * bsc#1228509 * bsc#1228510 * bsc#1228511 * bsc#1228513 * bsc#1228515 * bsc#1228516 * bsc#1228518 * bsc#1228520 * bsc#1228525 * bsc#1228527 * bsc#1228530 * bsc#1228531 * bsc#1228539 * bsc#1228561 * bsc#1228563 * bsc#1228564 * bsc#1228565 * bsc#1228567 * bsc#1228568 * bsc#1228572 * bsc#1228576 * bsc#1228579 * bsc#1228580 * bsc#1228581 * bsc#1228582 * bsc#1228584 * bsc#1228586 * bsc#1228588 * bsc#1228590 * bsc#1228591 * bsc#1228599 * bsc#1228615 * bsc#1228616 * bsc#1228617 * bsc#1228625 * bsc#1228626 * bsc#1228633 * bsc#1228635 * bsc#1228636 * bsc#1228640 * bsc#1228643 * bsc#1228644 * bsc#1228646 * bsc#1228649 * bsc#1228650 * bsc#1228654 * bsc#1228655 * bsc#1228656 * bsc#1228658 * bsc#1228660 * bsc#1228662 * bsc#1228665 * bsc#1228666 * bsc#1228667 * bsc#1228672 * bsc#1228673 * bsc#1228674 * bsc#1228677 * bsc#1228680 * bsc#1228687 * bsc#1228705 * bsc#1228706 * bsc#1228707 * bsc#1228708 * bsc#1228709 * bsc#1228710 * bsc#1228718 * bsc#1228720 * bsc#1228721 * bsc#1228722 * bsc#1228723 * bsc#1228724 * bsc#1228726 * bsc#1228727 * bsc#1228733 * bsc#1228737 * bsc#1228743 * bsc#1228748 * bsc#1228754 * bsc#1228756 * bsc#1228757 * bsc#1228758 * bsc#1228764 * bsc#1228766 * bsc#1228779 * bsc#1228801 * bsc#1228849 * bsc#1228850 * bsc#1228857 * bsc#1228959 * bsc#1228964 * bsc#1228966 * bsc#1228967 * bsc#1228973 * bsc#1228977 * bsc#1228978 * bsc#1228979 * bsc#1228986 * bsc#1228988 * bsc#1228989 * bsc#1228991 * bsc#1228992 * bsc#1229005 * bsc#1229024 * bsc#1229042 * bsc#1229045 * bsc#1229046 * bsc#1229054 * bsc#1229056 * bsc#1229086 * bsc#1229134 * bsc#1229136 * bsc#1229154 * bsc#1229156 * bsc#1229160 * bsc#1229167 * bsc#1229168 * bsc#1229169 * bsc#1229170 * bsc#1229171 * bsc#1229172 * bsc#1229173 * bsc#1229174 * bsc#1229239 * bsc#1229240 * bsc#1229241 * bsc#1229243 * bsc#1229244 * bsc#1229245 * bsc#1229246 * bsc#1229247 * bsc#1229248 * bsc#1229249 * bsc#1229250 * bsc#1229251 * bsc#1229252 * bsc#1229253 * bsc#1229254 * bsc#1229255 * bsc#1229256 * bsc#1229287 * bsc#1229290 * bsc#1229291 * bsc#1229292 * bsc#1229294 * bsc#1229296 * bsc#1229297 * bsc#1229298 * bsc#1229299 * bsc#1229301 * bsc#1229303 * bsc#1229304 * bsc#1229305 * bsc#1229307 * bsc#1229309 * bsc#1229312 * bsc#1229313 * bsc#1229314 * bsc#1229315 * bsc#1229316 * bsc#1229317 * bsc#1229318 * bsc#1229319 * bsc#1229320 * bsc#1229327 * bsc#1229341 * bsc#1229342 * bsc#1229344 * bsc#1229345 * bsc#1229346 * bsc#1229347 * bsc#1229349 * bsc#1229350 * bsc#1229351 * bsc#1229353 * bsc#1229354 * bsc#1229355 * bsc#1229356 * bsc#1229357 * bsc#1229358 * bsc#1229359 * bsc#1229360 * bsc#1229365 * bsc#1229366 * bsc#1229369 * bsc#1229370 * bsc#1229373 * bsc#1229374 * bsc#1229379 * bsc#1229381 * bsc#1229382 * bsc#1229383 * bsc#1229386 * bsc#1229388 * bsc#1229390 * bsc#1229391 * bsc#1229392 * bsc#1229395 * bsc#1229398 * bsc#1229399 * bsc#1229400 * bsc#1229402 * bsc#1229403 * bsc#1229404 * bsc#1229407 * bsc#1229409 * bsc#1229410 * bsc#1229411 * bsc#1229413 * bsc#1229414 * bsc#1229417 * bsc#1229444 * bsc#1229451 * bsc#1229452 * bsc#1229455 * bsc#1229456 * bsc#1229480 * bsc#1229481 * bsc#1229482 * bsc#1229484 * bsc#1229485 * bsc#1229486 * bsc#1229487 * bsc#1229488 * bsc#1229489 * bsc#1229490 * bsc#1229493 * bsc#1229495 * bsc#1229496 * bsc#1229497 * bsc#1229500 * bsc#1229503 * bsc#1229707 * bsc#1229739 * bsc#1229743 * bsc#1229746 * bsc#1229747 * bsc#1229752 * bsc#1229754 * bsc#1229755 * bsc#1229756 * bsc#1229759 * bsc#1229761 * bsc#1229767 * bsc#1229781 * bsc#1229784 * bsc#1229785 * bsc#1229787 * bsc#1229788 * bsc#1229789 * bsc#1229792 * bsc#1229820 * bsc#1229827 * bsc#1229830 * bsc#1229837 * bsc#1229940 * bsc#1230056 * bsc#1230350 * bsc#1230413 * jsc#PED-10029 * jsc#PED-10045 * jsc#PED-10055 * jsc#PED-10105 * jsc#PED-10108 * jsc#PED-8491 * jsc#PED-8779 * jsc#PED-8954 Cross-References: * CVE-2023-52489 * CVE-2023-52581 * CVE-2023-52668 * CVE-2023-52688 * CVE-2023-52735 * CVE-2023-52859 * CVE-2023-52885 * CVE-2023-52886 * CVE-2023-52887 * CVE-2023-52889 * CVE-2024-26590 * CVE-2024-26631 * CVE-2024-26637 * CVE-2024-26668 * CVE-2024-26669 * CVE-2024-26677 * CVE-2024-26682 * CVE-2024-26683 * CVE-2024-26691 * CVE-2024-26735 * CVE-2024-26808 * CVE-2024-26809 * CVE-2024-26812 * CVE-2024-26835 * CVE-2024-26837 * CVE-2024-26849 * CVE-2024-26851 * CVE-2024-26889 * CVE-2024-26920 * CVE-2024-26944 * CVE-2024-26976 * CVE-2024-27010 * CVE-2024-27011 * CVE-2024-27024 * CVE-2024-27049 * CVE-2024-27050 * CVE-2024-27079 * CVE-2024-27403 * CVE-2024-27433 * CVE-2024-27437 * CVE-2024-31076 * CVE-2024-35854 * CVE-2024-35855 * CVE-2024-35897 * CVE-2024-35902 * CVE-2024-35913 * CVE-2024-35939 * CVE-2024-35949 * CVE-2024-36270 * CVE-2024-36286 * CVE-2024-36288 * CVE-2024-36489 * CVE-2024-36881 * CVE-2024-36907 * CVE-2024-36909 * CVE-2024-36910 * CVE-2024-36911 * CVE-2024-36929 * CVE-2024-36933 * CVE-2024-36939 * CVE-2024-36970 * CVE-2024-36979 * CVE-2024-38548 * CVE-2024-38563 * CVE-2024-38609 * CVE-2024-38662 * CVE-2024-39476 * CVE-2024-39483 * CVE-2024-39484 * CVE-2024-39486 * CVE-2024-39488 * CVE-2024-39489 * CVE-2024-39491 * CVE-2024-39493 * CVE-2024-39497 * CVE-2024-39499 * CVE-2024-39500 * CVE-2024-39501 * CVE-2024-39505 * CVE-2024-39506 * CVE-2024-39508 * CVE-2024-39509 * CVE-2024-39510 * CVE-2024-40899 * CVE-2024-40900 * CVE-2024-40902 * CVE-2024-40903 * CVE-2024-40904 * CVE-2024-40905 * CVE-2024-40909 * CVE-2024-40910 * CVE-2024-40911 * CVE-2024-40912 * CVE-2024-40913 * CVE-2024-40916 * CVE-2024-40920 * CVE-2024-40921 * CVE-2024-40922 * CVE-2024-40924 * CVE-2024-40926 * CVE-2024-40927 * CVE-2024-40929 * CVE-2024-40930 * CVE-2024-40932 * CVE-2024-40934 * CVE-2024-40936 * CVE-2024-40938 * CVE-2024-40939 * CVE-2024-40941 * CVE-2024-40942 * CVE-2024-40943 * CVE-2024-40944 * CVE-2024-40945 * CVE-2024-40954 * CVE-2024-40956 * CVE-2024-40957 * CVE-2024-40958 * CVE-2024-40959 * CVE-2024-40962 * CVE-2024-40964 * CVE-2024-40967 * CVE-2024-40976 * CVE-2024-40977 * CVE-2024-40978 * CVE-2024-40981 * CVE-2024-40982 * CVE-2024-40984 * CVE-2024-40987 * CVE-2024-40988 * CVE-2024-40989 * CVE-2024-40990 * CVE-2024-40992 * CVE-2024-40994 * CVE-2024-40995 * CVE-2024-40997 * CVE-2024-41000 * CVE-2024-41001 * CVE-2024-41002 * CVE-2024-41004 * CVE-2024-41007 * CVE-2024-41009 * CVE-2024-41010 * CVE-2024-41011 * CVE-2024-41012 * CVE-2024-41015 * CVE-2024-41016 * CVE-2024-41020 * CVE-2024-41022 * CVE-2024-41024 * CVE-2024-41025 * CVE-2024-41028 * CVE-2024-41032 * CVE-2024-41035 * CVE-2024-41036 * CVE-2024-41037 * CVE-2024-41038 * CVE-2024-41039 * CVE-2024-41040 * CVE-2024-41041 * CVE-2024-41044 * CVE-2024-41045 * CVE-2024-41048 * CVE-2024-41049 * CVE-2024-41050 * CVE-2024-41051 * CVE-2024-41056 * CVE-2024-41057 * CVE-2024-41058 * CVE-2024-41059 * CVE-2024-41060 * CVE-2024-41061 * CVE-2024-41062 * CVE-2024-41063 * CVE-2024-41064 * CVE-2024-41065 * CVE-2024-41066 * CVE-2024-41068 * CVE-2024-41069 * CVE-2024-41070 * CVE-2024-41071 * CVE-2024-41072 * CVE-2024-41073 * CVE-2024-41074 * CVE-2024-41075 * CVE-2024-41076 * CVE-2024-41078 * CVE-2024-41079 * CVE-2024-41080 * CVE-2024-41081 * CVE-2024-41084 * CVE-2024-41087 * CVE-2024-41088 * CVE-2024-41089 * CVE-2024-41092 * CVE-2024-41093 * CVE-2024-41094 * CVE-2024-41095 * CVE-2024-41096 * CVE-2024-41097 * CVE-2024-41098 * CVE-2024-42064 * CVE-2024-42069 * CVE-2024-42070 * CVE-2024-42073 * CVE-2024-42074 * CVE-2024-42076 * CVE-2024-42077 * CVE-2024-42079 * CVE-2024-42080 * CVE-2024-42082 * CVE-2024-42085 * CVE-2024-42086 * CVE-2024-42087 * CVE-2024-42089 * CVE-2024-42090 * CVE-2024-42092 * CVE-2024-42093 * CVE-2024-42095 * CVE-2024-42096 * CVE-2024-42097 * CVE-2024-42098 * CVE-2024-42101 * CVE-2024-42104 * CVE-2024-42105 * CVE-2024-42106 * CVE-2024-42107 * CVE-2024-42109 * CVE-2024-42110 * CVE-2024-42113 * CVE-2024-42114 * CVE-2024-42115 * CVE-2024-42117 * CVE-2024-42119 * CVE-2024-42120 * CVE-2024-42121 * CVE-2024-42122 * CVE-2024-42124 * CVE-2024-42125 * CVE-2024-42126 * CVE-2024-42127 * CVE-2024-42130 * CVE-2024-42131 * CVE-2024-42132 * CVE-2024-42133 * CVE-2024-42136 * CVE-2024-42137 * CVE-2024-42138 * CVE-2024-42139 * CVE-2024-42141 * CVE-2024-42142 * CVE-2024-42143 * CVE-2024-42144 * CVE-2024-42145 * CVE-2024-42147 * CVE-2024-42148 * CVE-2024-42152 * CVE-2024-42153 * CVE-2024-42155 * CVE-2024-42156 * CVE-2024-42157 * CVE-2024-42158 * CVE-2024-42159 * CVE-2024-42161 * CVE-2024-42162 * CVE-2024-42223 * CVE-2024-42224 * CVE-2024-42225 * CVE-2024-42226 * CVE-2024-42227 * CVE-2024-42228 * CVE-2024-42229 * CVE-2024-42230 * CVE-2024-42232 * CVE-2024-42236 * CVE-2024-42237 * CVE-2024-42238 * CVE-2024-42239 * CVE-2024-42240 * CVE-2024-42241 * CVE-2024-42244 * CVE-2024-42245 * CVE-2024-42246 * CVE-2024-42247 * CVE-2024-42250 * CVE-2024-42253 * CVE-2024-42259 * CVE-2024-42268 * CVE-2024-42269 * CVE-2024-42270 * CVE-2024-42271 * CVE-2024-42274 * CVE-2024-42276 * CVE-2024-42277 * CVE-2024-42278 * CVE-2024-42279 * CVE-2024-42280 * CVE-2024-42281 * CVE-2024-42283 * CVE-2024-42284 * CVE-2024-42285 * CVE-2024-42286 * CVE-2024-42287 * CVE-2024-42288 * CVE-2024-42289 * CVE-2024-42290 * CVE-2024-42291 * CVE-2024-42292 * CVE-2024-42295 * CVE-2024-42298 * CVE-2024-42301 * CVE-2024-42302 * CVE-2024-42303 * CVE-2024-42308 * CVE-2024-42309 * CVE-2024-42310 * CVE-2024-42311 * CVE-2024-42312 * CVE-2024-42313 * CVE-2024-42314 * CVE-2024-42315 * CVE-2024-42316 * CVE-2024-42318 * CVE-2024-42319 * CVE-2024-42320 * CVE-2024-42322 * CVE-2024-43816 * CVE-2024-43817 * CVE-2024-43818 * CVE-2024-43819 * CVE-2024-43821 * CVE-2024-43823 * CVE-2024-43824 * CVE-2024-43825 * CVE-2024-43826 * CVE-2024-43829 * CVE-2024-43830 * CVE-2024-43831 * CVE-2024-43833 * CVE-2024-43834 * CVE-2024-43837 * CVE-2024-43839 * CVE-2024-43840 * CVE-2024-43841 * CVE-2024-43842 * CVE-2024-43846 * CVE-2024-43847 * CVE-2024-43849 * CVE-2024-43850 * CVE-2024-43851 * CVE-2024-43853 * CVE-2024-43854 * CVE-2024-43855 * CVE-2024-43856 * CVE-2024-43858 * CVE-2024-43860 * CVE-2024-43861 * CVE-2024-43863 * CVE-2024-43864 * CVE-2024-43866 * CVE-2024-43867 * CVE-2024-43871 * CVE-2024-43872 * CVE-2024-43873 * CVE-2024-43874 * CVE-2024-43875 * CVE-2024-43876 * CVE-2024-43877 * CVE-2024-43879 * CVE-2024-43880 * CVE-2024-43881 * CVE-2024-43882 * CVE-2024-43883 * CVE-2024-43884 * CVE-2024-43885 * CVE-2024-43889 * CVE-2024-43892 * CVE-2024-43893 * CVE-2024-43894 * CVE-2024-43895 * CVE-2024-43897 * CVE-2024-43899 * CVE-2024-43900 * CVE-2024-43902 * CVE-2024-43903 * CVE-2024-43905 * CVE-2024-43906 * CVE-2024-43907 * CVE-2024-43908 * CVE-2024-43909 * CVE-2024-43911 * CVE-2024-43912 * CVE-2024-44931 * CVE-2024-44938 * CVE-2024-44939 CVSS scores: * CVE-2023-52489 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52581 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52735 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52859 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52885 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52885 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52886 ( NVD ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52887 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2023-52887 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2023-52889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52889 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26590 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26590 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26669 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26677 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26682 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26683 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26691 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26735 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26808 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26809 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26812 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26835 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-26837 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2024-26849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26944 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26976 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27010 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27024 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-27049 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27050 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27079 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27403 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27433 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27437 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-31076 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35897 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-35949 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36270 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36286 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-36288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36288 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36489 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36881 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2024-36907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36909 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-36910 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-36911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-36929 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36933 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-36939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36970 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36979 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36979 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-38548 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38563 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38563 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38609 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38662 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38662 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-39476 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39476 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39483 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2024-39483 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39484 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39484 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39486 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39486 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-39488 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39489 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-39489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39491 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L * CVE-2024-39493 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-39493 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39497 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39499 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-39500 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39501 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39505 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-39506 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39506 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39508 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-39509 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39510 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-39510 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40899 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40899 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40900 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40902 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-40902 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40903 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40903 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40904 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40905 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40910 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40910 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40912 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40912 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40913 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40916 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40921 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40922 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-40924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40926 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40927 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40929 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40932 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-40932 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40934 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-40934 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40936 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-40938 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40942 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40943 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40944 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40945 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40956 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40956 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40957 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40957 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40958 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40958 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40959 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40959 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40962 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40964 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40964 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40967 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40967 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40976 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40977 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40977 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40978 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40981 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-40981 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40982 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40984 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40987 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2024-40988 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40989 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40990 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40992 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40994 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40994 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40995 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40995 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40997 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40997 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41000 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41000 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41001 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-41001 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41002 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-41002 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41004 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2024-41007 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41007 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41009 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41010 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41010 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41011 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41011 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41012 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41012 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41015 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2024-41016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-41020 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41020 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41022 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41022 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41024 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41024 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41025 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2024-41028 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41032 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41035 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41036 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41036 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41037 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41037 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41038 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2024-41038 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41039 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2024-41039 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41040 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41040 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41041 ( SUSE ): 0.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N * CVE-2024-41044 ( SUSE ): 6.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-41045 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41048 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41049 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41049 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41050 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41057 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41057 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41057 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41058 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41058 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-41058 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41060 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41060 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41061 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-41061 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41063 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41063 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41063 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41064 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41064 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41065 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41065 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41066 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41066 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-41066 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41068 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41069 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41069 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41070 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41070 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41071 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-41071 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41072 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-41073 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41075 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41075 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41076 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41076 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41078 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41079 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41080 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41081 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41084 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41084 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41087 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41088 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41088 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41089 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41089 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41092 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41092 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41093 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41093 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41094 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41094 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41094 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41095 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41096 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41096 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41097 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41097 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41098 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42064 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42064 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42069 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42069 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42070 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-42070 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42073 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42073 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42074 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42076 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42076 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42079 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42079 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42080 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42082 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42085 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42085 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42086 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42086 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-42087 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-42089 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42092 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42093 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L * CVE-2024-42093 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42096 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42096 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-42097 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-42097 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-42098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42101 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42101 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42104 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42104 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-42104 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42105 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-42105 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-42106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42107 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42109 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42109 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42113 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42114 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42114 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42115 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42115 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42117 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-42119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42121 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42122 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42122 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42124 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42125 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42125 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42126 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42127 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42130 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42130 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42131 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42131 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42132 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42132 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42133 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42133 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42136 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-42136 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2024-42136 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42137 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42137 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42138 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42139 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42141 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42141 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42142 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42143 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42143 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2024-42144 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42144 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42144 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42145 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42145 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42147 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42147 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42148 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42152 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42152 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42153 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42153 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42155 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42155 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42155 ( NVD ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N * CVE-2024-42156 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42156 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42157 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42158 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42158 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42159 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42159 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42159 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42161 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42161 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42161 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42162 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42223 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42223 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42224 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42224 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42225 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42225 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42226 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42226 ( NVD ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42227 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42227 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42228 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42228 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42229 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42229 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42230 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42230 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42230 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42236 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-42236 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-42236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42237 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42238 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42238 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42239 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42239 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42240 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42241 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42241 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42244 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42244 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42244 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42245 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42245 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42246 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42247 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42247 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42250 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42250 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42253 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-42253 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2024-42253 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42259 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42259 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-42259 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42268 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-42268 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42269 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42269 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42270 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42271 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42271 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42274 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42274 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42276 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42276 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42277 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42277 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42277 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42278 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42278 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42279 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42280 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42281 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42283 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42283 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42284 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42284 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42285 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42285 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42286 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42286 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42287 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42288 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42289 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42290 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42291 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42292 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42295 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42298 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42298 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42301 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42301 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42302 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42303 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42308 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42309 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42309 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42310 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42310 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42311 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-42311 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42312 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42313 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42314 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42314 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42315 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42316 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42316 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42320 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42322 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43817 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43818 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43818 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43819 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43821 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43821 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43823 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43823 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43824 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43824 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43825 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43826 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43829 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43830 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43831 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43833 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43833 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43834 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43837 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43837 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43840 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43841 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43842 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43846 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43847 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43850 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43855 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43856 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43858 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43858 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43860 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43860 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43863 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43864 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43866 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43867 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43871 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43872 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43873 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43873 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43874 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43874 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43875 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43876 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43877 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43880 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43881 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-43881 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43883 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43883 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43884 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43884 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43885 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43889 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43889 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43889 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43892 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43892 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43892 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43893 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43893 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43894 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43894 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43894 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43895 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43895 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43895 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43897 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43897 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43899 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43900 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43900 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43902 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43902 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43902 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43903 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43905 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43906 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43906 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43907 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43908 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43908 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43908 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43909 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43909 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43911 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43912 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-43912 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-43912 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44931 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-44931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44931 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44938 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-44938 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44939 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44939 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 An update that solves 394 vulnerabilities, contains eight features and has 85 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP6 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-43911: wifi: mac80211: fix NULL dereference at band check in starting tx ba session (bsc#1229827). * CVE-2024-43899: drm/amd/display: Fix null pointer deref in dcn20_resource.c (bsc#1229754). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) * CVE-2024-43880: kabi: lib: objagg: Put back removed metod in struct objagg_ops (bsc#1229481). * CVE-2024-43866: net/mlx5: Always drain health in shutdown callback (bsc#1229495). * CVE-2024-43864: net/mlx5e: Fix CT entry update leaks of modify header context (bsc#1229496). * CVE-2024-43855: md: fix deadlock between mddev_suspend and flush bio (bsc#1229342). * CVE-2024-43854: block: initialize integrity buffer to zero before writing it to media (bsc#1229345) * CVE-2024-43850: soc: qcom: icc-bwmon: Fix refcount imbalance seen during bwmon_remove (bsc#1229316). * CVE-2024-43839: bna: adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301). * CVE-2024-43837: bpf: Fix updating attached freplace prog in prog_array map (bsc#1229297). * CVE-2024-43834: xdp: fix invalid wait context of page_pool_destroy() (bsc#1229314) * CVE-2024-43831: media: mediatek: vcodec: Handle invalid decoder vsi (bsc#1229309). * CVE-2024-43821: scsi: lpfc: Fix a possible null pointer dereference (bsc#1229315). * CVE-2024-42322: ipvs: properly dereference pe in ip_vs_add_service (bsc#1229347) * CVE-2024-42318: landlock: Do not lose track of restrictions on cred_transfer (bsc#1229351). * CVE-2024-42316: mm/mglru: fix div-by-zero in vmpressure_calc_level() (bsc#1229353). * CVE-2024-42312: sysctl: always initialize i_uid/i_gid (bsc#1229357) * CVE-2024-42308: Update DRM patch reference (bsc#1229411) * CVE-2024-42301: dev/parport: fix the array out-of-bounds risk (bsc#1229407). * CVE-2024-42295: nilfs2: handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370). * CVE-2024-42291: ice: Add a per-VF limit on number of FDIR filters (bsc#1229374). * CVE-2024-42290: irqchip/imx-irqsteer: Handle runtime power management correctly (bsc#1229379). * CVE-2024-42284: tipc: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382) * CVE-2024-42283: net: nexthop: Initialize all fields in dumped nexthops (bsc#1229383) * CVE-2024-42281: bpf: Fix a segment issue when downgrading gso_size (bsc#1229386). * CVE-2024-42277: iommu: sprd: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409). * CVE-2024-42270: netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init() (bsc#1229404). * CVE-2024-42269: netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init() (bsc#1229402). * CVE-2024-42268: net/mlx5: Fix missing lock on sync reset reload (bsc#1229391). * CVE-2024-42247: wireguard: allowedips: avoid unaligned 64-bit memory accesses (bsc#1228988). * CVE-2024-42246: net, sunrpc: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989). * CVE-2024-42245: Revert "sched/fair: Make sure to try to detach at least one movable task" (bsc#1228978). * CVE-2024-42241: mm/shmem: disable PMD-sized page cache if needed (bsc#1228986). * CVE-2024-42224: net: dsa: mv88e6xxx: Correct check for empty list (bsc#1228723). * CVE-2024-42162: gve: Account for stopped queues when reading NIC stats (bsc#1228706). * CVE-2024-42161: bpf: avoid uninitialized value in BPF_CORE_READ_BITFIELD (bsc#1228756). * CVE-2024-42159: scsi: mpi3mr: fix sanitise num_phys (bsc#1228754). * CVE-2024-42158: s390/pkey: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720). * CVE-2024-42157: s390/pkey: Wipe sensitive data on failure (bsc#1228727). * CVE-2024-42156: s390/pkey: Wipe copies of clear-key structures on failure (bsc#1228722). * CVE-2024-42155: s390/pkey: Wipe copies of protected- and secure-keys (bsc#1228733). * CVE-2024-42148: bnx2x: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487). * CVE-2024-42145: IB/core: Implement a limit on UMAD receive List (bsc#1228743). * CVE-2024-42142: net/mlx5: E-switch, Create ingress ACL when needed (bsc#1228491). * CVE-2024-42139: ice: Fix improper extts handling (bsc#1228503). * CVE-2024-42138: mlxsw: core_linecards: Fix double memory deallocation in case of invalid INI file (bsc#1228500). * CVE-2024-42124: scsi: qedf: Make qedf_execute_tmf() non-preemptible (bsc#1228705). * CVE-2024-42122: drm/amd/display: Add NULL pointer check for kzalloc (bsc#1228591). * CVE-2024-42113: net: txgbe: initialize num_q_vectors for MSI/INTx interrupts (bsc#1228568). * CVE-2024-42110: net: ntb_netdev: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501). * CVE-2024-42109: netfilter: nf_tables: unconditionally flush pending work before notifier (bsc#1228505). * CVE-2024-42107: ice: Do not process extts if PTP is disabled (bsc#1228494). * CVE-2024-42106: inet_diag: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493). * CVE-2024-42096: x86: stop playing stack games in profile_pc() (bsc#1228633). * CVE-2024-42095: serial: 8250_omap: Fix Errata i2310 with RX FIFO level check (bsc#1228446). * CVE-2024-42093: net/dpaa2: Avoid explicit cpumask var allocation on stack (bsc#1228680). * CVE-2024-42082: xdp: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482). * CVE-2024-42079: gfs2: Fix NULL pointer dereference in gfs2_log_flush (bsc#1228672). * CVE-2024-42073: mlxsw: spectrum_buffers: Fix memory corruptions on Spectrum-4 systems (bsc#1228457). * CVE-2024-42070: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers (bsc#1228470). * CVE-2024-41084: cxl/region: Avoid null pointer dereference in region lookup (bsc#1228472). * CVE-2024-41081: ila: block BH in ila_output() (bsc#1228617). * CVE-2024-41080: io_uring: fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616). * CVE-2024-41078: btrfs: qgroup: fix quota root leak after quota disable failure (bsc#1228655). * CVE-2024-41076: NFSv4: Fix memory leak in nfs4_set_security_label (bsc#1228649). * CVE-2024-41075: cachefiles: add consistency check for copen/cread (bsc#1228646). * CVE-2024-41074: cachefiles: Set object to close if ondemand_id < 0 in copen (bsc#1228643). * CVE-2024-41070: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group() (bsc#1228581). * CVE-2024-41069: ASoC: topology: Fix route memory corruption (bsc#1228644). * CVE-2024-41068: s390/sclp: Fix sclp_init() cleanup on failure (bsc#1228579). * CVE-2024-41066: ibmvnic: add tx check to prevent skb leak (bsc#1228640). * CVE-2024-41064: powerpc/eeh: avoid possible crash when edev->pdev changes (bsc#1228599). * CVE-2024-41062: bluetooth/l2cap: sync sock recv cb and release (bsc#1228576). * CVE-2024-41058: cachefiles: fix slab-use-after-free in fscache_withdraw_volume() (bsc#1228459). * CVE-2024-41057: cachefiles: fix slab-use-after-free in cachefiles_withdraw_cookie() (bsc#1228462). * CVE-2024-41051: cachefiles: wait for ondemand_object_worker to finish when dropping object (bsc#1228468). * CVE-2024-41050: cachefiles: cyclic allocation of msg_id to avoid reuse (bsc#1228499). * CVE-2024-41048: skmsg: Skip zero length skb in sk_msg_recvmsg (bsc#1228565). * CVE-2024-41044: ppp: reject claimed-as-LCP but actually malformed packets (bsc#1228530). * CVE-2024-41041: udp: Set SOCK_RCU_FREE earlier in udp_lib_get_port() (bsc#1228520). * CVE-2024-41040: net/sched: Fix UAF when resolving a clash (bsc#1228518). * CVE-2024-41036: net: ks8851: Fix deadlock with the SPI chip variant (bsc#1228496). * CVE-2024-41032: mm: vmalloc: check if a hash-index is in cpu_possible_mask (bsc#1228460). * CVE-2024-41020: filelock: Fix fcntl/close race recovery compat path (bsc#1228427). * CVE-2024-41015: ocfs2: add bounds checking to ocfs2_check_dir_entry() (bsc#1228409). * CVE-2024-41012: filelock: Remove locks reliably when fcntl/close race is detected (bsc#1228247). * CVE-2024-41010: bpf: Fix too early release of tcx_entry (bsc#1228021). * CVE-2024-41009: bpf: Fix overrunning reservations in ringbuf (bsc#1228020). * CVE-2024-41007: tcp: use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863). * CVE-2024-41000: block/ioctl: prefer different overflow check (bsc#1227867). * CVE-2024-40995: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830). * CVE-2024-40994: ptp: fix integer overflow in max_vclocks_store (bsc#1227829). * CVE-2024-40989: KVM: arm64: Disassociate vcpus from redistributor region on teardown (bsc#1227823). * CVE-2024-40978: scsi: qedi: Fix crash while reading debugfs attribute (bsc#1227929). * CVE-2024-40959: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() (bsc#1227884). * CVE-2024-40958: netns: Make get_net_ns() handle zero refcount net (bsc#1227812). * CVE-2024-40957: seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors (bsc#1227811). * CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list (bsc#1227810). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-40939: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail (bsc#1227799). * CVE-2024-40938: landlock: fix d_parent walk (bsc#1227840). * CVE-2024-40921: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state (bsc#1227784). * CVE-2024-40920: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state (bsc#1227781). * CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1227798). * CVE-2024-40905: ipv6: fix possible race in __fib6_drop_pcpu_from() (bsc#1227761) * CVE-2024-39506: liquidio: adjust a NULL pointer handling path in lio_vf_rep_copy_packet (bsc#1227729). * CVE-2024-39489: ipv6: sr: fix memleak in seg6_hmac_init_algo (bsc#1227623) * CVE-2024-38662: selftests/bpf: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885). * CVE-2024-36979: net: bridge: mst: fix vlan use-after-free (bsc#1226604). * CVE-2024-36933: net: nsh: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832). * CVE-2024-36929: net: core: reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814). * CVE-2024-36911: hv_netvsc: Do not free decrypted memory (bsc#1225745). * CVE-2024-36910: uio_hv_generic: Do not free decrypted memory (bsc#1225717). * CVE-2024-36909: Drivers: hv: vmbus: Do not free ring buffers that couldn't be re-encrypted (bsc#1225744). * CVE-2024-36881: mm/userfaultfd: Fix reset ptes when close() for wr-protected (bsc#1225718). * CVE-2024-36489: tls: fix missing memory barrier in tls_init (bsc#1226874) * CVE-2024-36286: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801) * CVE-2024-36270: Fix reference in patches.suse/netfilter-tproxy-bail-out-if- IP-has-been-disabled-on.patch (bsc#1226798) * CVE-2024-35949: btrfs: make sure that WRITTEN is set on all metadata blocks (bsc#1224700). * CVE-2024-35939: Fixed leak pages on dma_set_decrypted() failure (bsc#1224535). * CVE-2024-35897: netfilter: nf_tables: discard table flag update with pending basechain deletion (bsc#1224510). * CVE-2024-27437: vfio/pci: Disable auto-enable of exclusive INTx IRQ (bsc#1222625). * CVE-2024-27433: clk: mediatek: mt7622-apmixedsys: Fix an error handling path in clk_mt8135_apmixed_probe() (bsc#1224711). * CVE-2024-27403: kabi: restore const specifier in flow_offload_route_init() (bsc#1224415). * CVE-2024-27079: iommu/vt-d: Fix NULL domain on device release (bsc#1223742). * CVE-2024-27024: net/rds: fix WARNING in rds_conn_connect_if_down (bsc#1223777). * CVE-2024-27011: netfilter: nf_tables: fix memleak in map from abort path (bsc#1223803). * CVE-2024-27010: net/sched: Fix mirred deadlock on device recursion (bsc#1223720). * CVE-2024-26851: netfilter: nf_conntrack_h323: Add protection for bmp length out of range (bsc#1223074) * CVE-2024-26837: net: bridge: switchdev: race between creation of new group memberships and generation of the list of MDB events to replay (bsc#1222973). * CVE-2024-26835: netfilter: nf_tables: set dormant flag on hook register failure (bsc#1222967). * CVE-2024-26812: kABI: vfio: struct virqfd kABI workaround (bsc#1222808). * CVE-2024-26809: netfilter: nft_set_pipapo: release elements in clone only from destroy path (bsc#1222633). * CVE-2024-26808: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634). * CVE-2024-26735: ipv6: sr: fix possible use-after-free and null-ptr-deref (bsc#1222372). * CVE-2024-26677: blacklist.conf: Add e7870cf13d20 ("rxrpc: Fix delayed ACKs to not set the reference serial number") (bsc#1222387) * CVE-2024-26669: kABI fix for net/sched: flower: Fix chain template offload (bsc#1222350). * CVE-2024-26668: netfilter: nft_limit: reject configurations that cause integer overflow (bsc#1222335). * CVE-2024-26631: ipv6: mcast: fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630). * CVE-2024-26590: erofs: fix inconsistent per-file compression format (bsc#1220252). * CVE-2023-52889: apparmor: Fix null pointer deref when receiving skb during sock creation (bsc#1229287). * CVE-2023-52859: perf: hisi: Fix use-after-free when register pmu fails (bsc#1225582). * CVE-2023-52581: netfilter: nf_tables: fix memleak when more than 255 elements expired (bsc#1220877). * CVE-2023-52489: mm/sparsemem: fix race in accessing memory_section->usage (bsc#1221326). The following non-security bugs were fixed: * ACPI/NUMA: Apply SRAT proximity domain to entire CFMWS window (git-fixes). * ACPI: SBS: manage alarm sysfs attribute through psy core (stable-fixes). * ACPI: battery: create alarm sysfs attribute atomically (stable-fixes). * ACPI: processor_idle: use raw_safe_halt() in acpi_idle_play_dead() (git- fixes). * ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes). * ALSA: hda/hdmi: Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes). * ALSA: hda/realtek - Fixed ALC256 headphone no sound (stable-fixes). * ALSA: hda/realtek - Fixed ALC285 headphone no sound (stable-fixes). * ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes). * ALSA: hda/realtek: Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes). * ALSA: hda/realtek: Add quirk for Acer Aspire E5-574G (stable-fixes). * ALSA: hda/realtek: Add support for new HP G12 laptops (stable-fixes). * ALSA: hda/realtek: Enable mute/micmute LEDs on HP Laptop 14-ey0xxx (stable- fixes). * ALSA: hda/realtek: Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (git- fixes). * ALSA: hda/realtek: Fix the speaker output on Samsung Galaxy Book3 Ultra (stable-fixes). * ALSA: hda/realtek: Implement sound init sequence for Samsung Galaxy Book3 Pro 360 (stable-fixes). * ALSA: hda/realtek: support HP Pavilion Aero 13-bg0xxx Mute LED (stable- fixes). * ALSA: hda/tas2781: Use correct endian conversion (git-fixes). * ALSA: hda/tas2781: fix wrong calibrated data order (git-fixes). * ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable- fixes). * ALSA: hda: Add HP MP9 G4 Retail System AMS to force connect list (stable- fixes). * ALSA: hda: Conditionally use snooping for AMD HDMI (git-fixes). * ALSA: hda: conexant: Fix headset auto detect fail in the polling mode (git- fixes). * ALSA: line6: Fix racy access to midibuf (stable-fixes). * ALSA: line6: Fix racy access to midibuf (stable-fixes). * ALSA: seq: Skip event type filtering for UMP events (git-fixes). * ALSA: seq: ump: Explicitly reset RPN with Null RPN (stable-fixes). * ALSA: seq: ump: Optimize conversions from SysEx to UMP (git-fixes). * ALSA: seq: ump: Transmit RPN/NRPN message at each MSB/LSB data reception (stable-fixes). * ALSA: seq: ump: Use the common RPN/bank conversion context (stable-fixes). * ALSA: timer: Relax start tick time check for slave timer elements (git- fixes). * ALSA: ump: Explicitly reset RPN with Null RPN (stable-fixes). * ALSA: ump: Transmit RPN/NRPN message at each MSB/LSB data reception (stable- fixes). * ALSA: usb-audio: Add delay quirk for VIVO USB-C-XE710 HEADSET (stable- fixes). * ALSA: usb-audio: Correct surround channels in UAC1 channel map (git-fixes). * ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes). * ALSA: usb-audio: Re-add ScratchAmp quirk entries (git-fixes). * ALSA: usb-audio: Support Yamaha P-125 quirk entry (stable-fixes). * ALSA: usb: Fix UBSAN warning in parse_audio_unit() (stable-fixes). * ASoC: SOF: Intel: hda-dsp: Make sure that no irq handler is pending before suspend (stable-fixes). * ASoC: SOF: Remove libraries from topology lookups (git-fixes). * ASoC: SOF: Remove libraries from topology lookups (git-fixes). * ASoC: SOF: amd: Fix for acp init sequence (git-fixes). * ASoC: SOF: ipc4: check return value of snd_sof_ipc_msg_data (stable-fixes). * ASoC: SOF: mediatek: Add missing board compatible (stable-fixes). * ASoC: allow module autoloading for table board_ids (stable-fixes). * ASoC: allow module autoloading for table db1200_pids (stable-fixes). * ASoC: amd: acp: fix module autoloading (git-fixes). * ASoC: amd: yc: Add quirk entry for OMEN by HP Gaming Laptop 16-n0xxx (bsc#1227182). * ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes). * ASoC: amd: yc: Support mic on HP 14-em0002la (stable-fixes). * ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes). * ASoC: amd: yc: Support mic on Lenovo Thinkpad E14 Gen 6 (stable-fixes). * ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wcd938x-sdw: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa881x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa883x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes). * ASoC: codecs: wsa884x: Correct Soundwire ports mask (git-fixes). * ASoC: cs35l45: Checks index of cs35l45_irqs[] (stable-fixes). * ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes). * ASoC: cs35l56: Handle OTP read latency over SoundWire (stable-fixes). * ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable- fixes). * ASoC: cs35l56: Patch CS35L56_IRQ1_MASK_18 to the default value (stable- fixes). * ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes). * ASoC: fsl_micfil: Expand the range of FIFO watermark mask (stable-fixes). * ASoC: mediatek: mt8188: Mark AFE_DAC_CON0 register as volatile (stable- fixes). * ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes). * ASoC: meson: axg-fifo: fix irq scheduling issue with PREEMPT_RT (git-fixes). * ASoC: nau8822: Lower debug print priority (stable-fixes). * ASoC: nau8822: Lower debug print priority (stable-fixes). * Bluetooth: Add device 13d3:3572 IMC Networks Bluetooth Radio (stable-fixes). * Bluetooth: Fix usage of __hci_cmd_sync_status (git-fixes). * Bluetooth: L2CAP: Fix deadlock (git-fixes). * Bluetooth: MGMT: Add error handling to pair_device() (git-fixes). * Bluetooth: SMP: Fix assumption of Central always being Initiator (git- fixes). * Bluetooth: bnep: Fix out-of-bound access (stable-fixes). * Bluetooth: btintel: Fail setup on error (git-fixes). * Bluetooth: btnxpuart: Shutdown timer and prevent rearming when driver unloading (stable-fixes). * Bluetooth: btusb: Add RTL8852BE device 0489:e125 to device tables (stable- fixes). * Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x13d3:0x3591 (stable- fixes). * Bluetooth: hci_conn: Check non NULL function before calling for HFP offload (stable-fixes). * Bluetooth: hci_core: Fix LE quote calculation (git-fixes). * Bluetooth: hci_core: Fix not handling hibernation actions (git-fixes). * Bluetooth: hci_sync: Fix suspending with wrong filter policy (git-fixes). * Bluetooth: hci_sync: avoid dup filtering when passive scanning with adv monitor (git-fixes). * Bluetooth: l2cap: always unlock channel in l2cap_conless_channel() (git- fixes). * Drop libata patch that caused a regression (bsc#1229054) * HID: wacom: Defer calculation of resolution until resolution_code is known (git-fixes). * Input: i8042 - add Fujitsu Lifebook E756 to i8042 quirk table (bsc#1229056). * Input: i8042 - add forcenorestore quirk to leave controller untouched even on s3 (stable-fixes). * Input: i8042 - use new forcenorestore quirk to replace old buggy quirk combination (stable-fixes). * KVM: Always flush async #PF workqueue when vCPU is being destroyed (git- fixes). * KVM: Make KVM_MEM_GUEST_MEMFD mutually exclusive with KVM_MEM_READONLY (git- fixes). * KVM: PPC: Book3S HV: Fix the set_one_reg for MMCR3 (bsc#1194869). * KVM: PPC: Book3S HV: Handle pending exceptions on guest entry with MSR_EE (bsc#1215199). * KVM: Protect vcpu->pid dereference via debugfs with RCU (git-fixes). * KVM: Reject overly excessive IDs in KVM_CREATE_VCPU (git-fixes). * KVM: Stop processing _all_ memslots when "null" mmu_notifier handler is found (git-fixes). * KVM: VMX: Move posted interrupt descriptor out of VMX code (git-fixes). * KVM: VMX: Split out the non-virtualization part of vmx_interrupt_blocked() (git-fixes). * KVM: VMX: Switch __vmx_exit() and kvm_x86_vendor_exit() in vmx_exit() (git- fixes). * KVM: arm64: AArch32: Fix spurious trapping of conditional instructions (git- fixes). * KVM: arm64: Add missing memory barriers when switching to pKVM's hyp pgd (git-fixes). * KVM: arm64: Allow AArch32 PSTATE.M to be restored as System mode (git- fixes). * KVM: arm64: Fix AArch32 register narrowing on userspace write (git-fixes). * KVM: arm64: Fix __pkvm_init_switch_pgd call ABI (git-fixes). * KVM: arm64: Fix clobbered ELR in sync abort/SError (git-fixes) * KVM: arm64: GICv4: Do not perform a map to a mapped vLPI (git-fixes). * KVM: arm64: timers: Correctly handle TGE flip with CNTPOFF_EL2 (git-fixes). * KVM: arm64: timers: Fix resource leaks in kvm_timer_hyp_init() (git-fixes). * KVM: arm64: vgic-its: Test for valid IRQ in MOVALL handler (git-fixes). * KVM: arm64: vgic-its: Test for valid IRQ in its_sync_lpi_pending_table() (git-fixes). * KVM: arm64: vgic-v2: Use cpuid from userspace as vcpu_id (git-fixes). * KVM: arm64: vgic-v4: Restore pending state on host userspace write (git- fixes). * KVM: arm64: vgic: Add a non-locking primitive for kvm_vgic_vcpu_destroy() (git-fixes). * KVM: arm64: vgic: Force vcpu vgic teardown on vcpu destroy (git-fixes). * KVM: arm64: vgic: Simplify kvm_vgic_destroy() (git-fixes). * KVM: fix kvm_mmu_memory_cache allocation warning (git-fixes). * KVM: nVMX: Add a helper to get highest pending from Posted Interrupt vector (git-fixes). * KVM: nVMX: Check for pending posted interrupts when looking for nested events (git-fixes). * KVM: nVMX: Request immediate exit iff pending nested event needs injection (git-fixes). * KVM: s390: fix LPSWEY handling (bsc#1227634 git-fixes). * KVM: s390: fix validity interception issue when gisa is switched off (git- fixes bsc#1229167). * KVM: x86/mmu: Bug the VM if KVM tries to split a !hugepage SPTE (git-fixes). * KVM: x86: Limit check IDs for KVM_SET_BOOT_CPU_ID (git-fixes). * Move upstreamed powerpc patches into sorted section * Move upstreamed sound patches into sorted section * Moved upstreamed ASoC patch into sorted section * NFSD: Support write delegations in LAYOUTGET (git-fixes). * NFSv4.1 another fix for EXCHGID4_FLAG_USE_PNFS_DS for DS server (git-fixes). * PCI: Add Edimax Vendor ID to pci_ids.h (stable-fixes). * PCI: hv: Return zero, not garbage, when reading PCI_INTERRUPT_PIN (git- fixes). * PCI: loongson: Enable MSI in LS7A Root Complex (stable-fixes). * RDMA/cache: Release GID table even if leak is detected (git-fixes) * RDMA/device: Return error earlier if port in not valid (git-fixes) * RDMA/hns: Check atomic wr length (git-fixes) * RDMA/hns: Fix insufficient extend DB for VFs. (git-fixes) * RDMA/hns: Fix mbx timing out before CMD execution is completed (git-fixes) * RDMA/hns: Fix missing pagesize and alignment check in FRMR (git-fixes) * RDMA/hns: Fix shift-out-bounds when max_inline_data is 0 (git-fixes) * RDMA/hns: Fix soft lockup under heavy CEQE load (git-fixes) * RDMA/hns: Fix undifined behavior caused by invalid max_sge (git-fixes) * RDMA/hns: Fix unmatch exception handling when init eq table fails (git- fixes) * RDMA/iwcm: Fix a use-after-free related to destroying CM IDs (git-fixes) * RDMA/mana_ib: Use virtual address in dma regions for MRs (git-fixes). * RDMA/mlx4: Fix truncated output warning in alias_GUID.c (git-fixes) * RDMA/mlx4: Fix truncated output warning in mad.c (git-fixes) * RDMA/mlx5: Set mkeys for dmabuf at PAGE_SIZE (git-fixes) * RDMA/rxe: Do not set BTH_ACK_MASK for UC or UD QPs (git-fixes) * RDMA: Fix netdev tracker in ib_device_set_netdev (git-fixes) * Revert "ALSA: firewire-lib: obsolete workqueue for period update" (bsc#1208783). * Revert "ALSA: firewire-lib: operate for period elapse event in process context" (bsc#1208783). * Revert "KVM: Prevent module exit until all VMs are freed" (git-fixes). * Revert "Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d"" (git- fixes). * Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d" (git-fixes). * Revert "misc: fastrpc: Restrict untrusted app to attach to privileged PD" (git-fixes). * Revert "mm: prevent derefencing NULL ptr in pfn_section_valid()" (bsc#1230413). * Revert "mm, kmsan: fix infinite recursion due to RCU critical section" (bsc#1230413). * Revert "mm/sparsemem: fix race in accessing memory_section->usage" (bsc#1230413). * Revert "usb: gadget: uvc: cleanup request when not in correct state" (stable-fixes). * Revert "usb: typec: tcpm: clear pd_event queue in PORT_RESET" (git-fixes). * SUNRPC: Fix a race to wake a sync task (git-fixes). * SUNRPC: add a missing rpc_stat for TCP TLS (git-fixes). * Squashfs: fix variable overflow triggered by sysbot (git-fixes). * USB: serial: debug: do not echo input by default (stable-fixes). * Update config files. Disable CONFIG_KFENCE on ppc64le (bsc#1226920) * Update config files. Disable vdpa drivers for Alibaba ENI and SolidNET (jsc#PED-8954, bsc#1227834) * Update patch references for ASoC regression fixes (bsc#1229045, bsc#1229046) * afs: fix __afs_break_callback() / afs_drop_open_mmap() race (git-fixes). * apparmor: unpack transition table if dfa is not present (bsc#1226031). * arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git- fixes) * arm64: Add Neoverse-V2 part (git-fixes) * arm64: Fix KASAN random tag seed initialization (git-fixes) * arm64: armv8_deprecated: Fix warning in isndep cpuhp starting process (git- fixes) * arm64: barrier: Restore spec_bar() macro (git-fixes) * arm64: cputype: Add Cortex-A720 definitions (git-fixes) * arm64: cputype: Add Cortex-A725 definitions (git-fixes) * arm64: cputype: Add Cortex-X1C definitions (git-fixes) * arm64: cputype: Add Cortex-X3 definitions (git-fixes) * arm64: cputype: Add Cortex-X4 definitions (git-fixes) * arm64: cputype: Add Cortex-X925 definitions (git-fixes) * arm64: cputype: Add Neoverse-V3 definitions (git-fixes) * arm64: dts: imx8mp: Add NPU Node (git-fixes) * arm64: dts: imx8mp: Fix pgc vpu locations (git-fixes) * arm64: dts: imx8mp: Fix pgc_mlmix location (git-fixes) * arm64: dts: imx8mp: add HDMI power-domains (git-fixes) * arm64: errata: Expand speculative SSBS workaround (again) (git-fixes) * arm64: errata: Expand speculative SSBS workaround (git-fixes) * arm64: errata: Unify speculative SSBS errata logic (git-fixes). Update config files. * arm64: jump_label: Ensure patched jump_labels are visible to all CPUs (git- fixes) * ata: libata-scsi: Do not overwrite valid sense data when CK_COND=1 (stable- fixes). * ata: libata-scsi: Honor the D_SENSE bit for CK_COND=1 and no error (stable- fixes). * blacklist.conf: Add libata upstream revert entry (bsc#1229054) * bnxt_re: Fix imm_data endianness (git-fixes) * bpf, arm64: Fix trampoline for BPF_TRAMP_F_CALL_ORIG (git-fixes) * bpf, lpm: Fix check prefixlen before walking trie (git-fixes). * bpf/tests: Remove duplicate JSGT tests (git-fixes). * bpf: Add crosstask check to __bpf_get_stack (git-fixes). * bpf: Detect IP == ksym.end as part of BPF program (git-fixes). * bpf: Ensure proper register state printing for cond jumps (git-fixes). * bpf: Fix a few selftest failures due to llvm18 change (git-fixes). * bpf: Fix a kernel verifier crash in stacksafe() (bsc#1225903). * bpf: Fix check_stack_write_fixed_off() to correctly spill imm (git-fixes). * bpf: Fix kfunc callback register type handling (git-fixes). * bpf: Fix prog_array_map_poke_run map poke update (git-fixes). * bpf: Fix unnecessary -EBUSY from htab_lock_bucket (git-fixes). * bpf: Mark bpf_spin_{lock,unlock}() helpers with notrace correctly (git- fixes). * bpf: Remove unnecessary wait from bpf_map_copy_value() (git-fixes). * bpf: Set uattr->batch.count as zero before batched update or deletion (git- fixes). * bpf: do not infer PTR_TO_CTX for programs with unnamed context type (git- fixes). * bpf: enforce precision of R0 on callback return (git-fixes). * bpf: extract bpf_ctx_convert_map logic and make it more reusable (git- fixes). * bpf: fix control-flow graph checking in privileged mode (git-fixes). * bpf: handle bpf_user_pt_regs_t typedef explicitly for PTR_TO_CTX global arg (git-fixes). * bpf: hardcode BPF_PROG_PACK_SIZE to 2MB * num_possible_nodes() (git-fixes). * bpf: kprobe: remove unused declaring of bpf_kprobe_override (git-fixes). * bpf: simplify btf_get_prog_ctx_type() into btf_is_prog_ctx_type() (git- fixes). * bpftool: Align output skeleton ELF code (git-fixes). * bpftool: Fix -Wcast-qual warning (git-fixes). * bpftool: Silence build warning about calloc() (git-fixes). * bpftool: mark orphaned programs during prog show (git-fixes). * btrfs: add a btrfs_finish_ordered_extent helper (git-fixes). * btrfs: add a is_data_bbio helper (git-fixes). * btrfs: add an ordered_extent pointer to struct btrfs_bio (git-fixes). * btrfs: copy dir permission and time when creating a stub subvolume (bsc#1228321). * btrfs: ensure fast fsync waits for ordered extents after a write failure (git-fixes). * btrfs: factor out a btrfs_queue_ordered_fn helper (git-fixes). * btrfs: factor out a can_finish_ordered_extent helper (git-fixes). * btrfs: fix corruption after buffer fault in during direct IO append write (git-fixes). * btrfs: fix double inode unlock for direct IO sync writes (git-fixes). * btrfs: fix extent map use-after-free when adding pages to compressed bio (git-fixes). * btrfs: fix leak of qgroup extent records after transaction abort (git- fixes). * btrfs: fix ordered extent split error handling in btrfs_dio_submit_io (git- fixes). * btrfs: limit write bios to a single ordered extent (git-fixes). * btrfs: make btrfs_finish_ordered_extent() return void (git-fixes). * btrfs: merge the two calls to btrfs_add_ordered_extent in run_delalloc_nocow (git-fixes). * btrfs: open code btrfs_bio_end_io in btrfs_dio_submit_io (git-fixes). * btrfs: open code end_extent_writepage in end_bio_extent_writepage (git- fixes). * btrfs: pass a btrfs_inode to btrfs_fdatawrite_range() (git-fixes). * btrfs: pass a btrfs_inode to btrfs_wait_ordered_range() (git-fixes). * btrfs: pass an ordered_extent to btrfs_reloc_clone_csums (git-fixes). * btrfs: pass an ordered_extent to btrfs_submit_compressed_write (git-fixes). * btrfs: remove btrfs_add_ordered_extent (git-fixes). * btrfs: rename err to ret in btrfs_direct_write() (git-fixes). * btrfs: uninline some static inline helpers from tree-log.h (git-fixes). * btrfs: use a btrfs_inode in the log context (struct btrfs_log_ctx) (git- fixes). * btrfs: use a btrfs_inode local variable at btrfs_sync_file() (git-fixes). * btrfs: use bbio->ordered in btrfs_csum_one_bio (git-fixes). * btrfs: use btrfs_finish_ordered_extent to complete buffered writes (git- fixes). * btrfs: use btrfs_finish_ordered_extent to complete compressed writes (git- fixes). * btrfs: use btrfs_finish_ordered_extent to complete direct writes (git- fixes). * btrfs: use irq safe locking when running and adding delayed iputs (git- fixes). * cachefiles, erofs: Fix NULL deref in when cachefiles is not doing ondemand- mode (bsc#1229245). * cachefiles: add missing lock protection when polling (bsc#1229256). * cachefiles: add restore command to recover inflight ondemand read requests (bsc#1229244). * cachefiles: add spin_lock for cachefiles_ondemand_info (bsc#1229249). * cachefiles: cancel all requests for the object that is being dropped (bsc#1229255). * cachefiles: defer exposing anon_fd until after copy_to_user() succeeds (bsc#1229251). * cachefiles: extract ondemand info field from cachefiles_object (bsc#1229240). * cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read() (bsc#1229247). * cachefiles: fix slab-use-after-free in cachefiles_ondemand_get_fd() (bsc#1229246). * cachefiles: introduce object ondemand state (bsc#1229239). * cachefiles: make on-demand read killable (bsc#1229252). * cachefiles: narrow the scope of triggering EPOLLIN events in ondemand mode (bsc#1229243). * cachefiles: never get a new anonymous fd if ondemand_id is valid (bsc#1229250). * cachefiles: propagate errors from vfs_getxattr() to avoid infinite loop (bsc#1229253). * cachefiles: remove err_put_fd label in cachefiles_ondemand_daemon_read() (bsc#1229248). * cachefiles: resend an open request if the read request's object is closed (bsc#1229241). * cachefiles: stop sending new request when dropping object (bsc#1229254). * can: mcp251xfd: tef: prepare to workaround broken TEF FIFO tail index erratum (stable-fixes). * can: mcp251xfd: tef: update workaround for erratum DS80000789E 6 of mcp2518fd (stable-fixes). * ceph: periodically flush the cap releases (bsc#1230056). * cgroup/cpuset: Prevent UAF in proc_cpuset_show() (bsc#1228801). * cgroup: Add annotation for holding namespace_sem in current_cgns_cgroup_from_root() (bsc#1222254). * cgroup: Eliminate the need for cgroup_mutex in proc_cgroup_show() (bsc#1222254). * cgroup: Make operations on the cgroup root_list RCU safe (bsc#1222254). * cgroup: Remove unnecessary list_empty() (bsc#1222254). * cgroup: preserve KABI of cgroup_root (bsc#1222254). * char: xillybus: Check USB endpoints when probing device (git-fixes). * char: xillybus: Do not destroy workqueue from work item running on it (stable-fixes). * char: xillybus: Refine workqueue handling (git-fixes). * clk: en7523: fix rate divider for slic and spi clocks (git-fixes). * clk: qcom: Park shared RCGs upon registration (git-fixes). * clk: qcom: camcc-sc7280: Add parent dependency to all camera GDSCs (git- fixes). * clk: qcom: gcc-sa8775p: Update the GDSC wait_val fields and flags (git- fixes). * clk: qcom: gcc-sc7280: Update force mem core bit for UFS ICE clock (git- fixes). * clk: qcom: gpucc-sa8775p: Park RCG's clk source at XO during disable (git- fixes). * clk: qcom: gpucc-sa8775p: Remove the CLK_IS_CRITICAL and ALWAYS_ON flags (git-fixes). * clk: qcom: gpucc-sa8775p: Update wait_val fields for GPU GDSC's (git-fixes). * clk: qcom: gpucc-sm8350: Park RCG's clk source at XO during disable (git- fixes). * clk: qcom: kpss-xcc: Return of_clk_add_hw_provider to transfer the error (git-fixes). * clk: visconti: Add bounds-checking coverage for struct visconti_pll_provider (stable-fixes). * clocksource/drivers/sh_cmt: Address race condition for clock events (stable- fixes). * cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). * dev/parport: fix the array out-of-bounds risk (stable-fixes). * device property: Add cleanup.h based fwnode_handle_put() scope based cleanup (stable-fixes). * dmaengine: dw: Add memory bus width verification (git-fixes). * dmaengine: dw: Add peripheral bus width verification (git-fixes). * docs: KVM: Fix register ID of SPSR_FIQ (git-fixes). * driver core: Fix uevent_show() vs driver detach race (git-fixes). * drm/admgpu: fix dereferencing null pointer context (stable-fixes). * drm/amd/display: Add delay to improve LTTPR UHBR interop (stable-fixes). * drm/amd/display: Add null checker before passing variables (stable-fixes). * drm/amd/display: Adjust cursor position (git-fixes). * drm/amd/display: Check for NULL pointer (stable-fixes). * drm/amd/display: Skip Recompute DSC Params if no Stream on Link (stable- fixes). * drm/amd/display: avoid using null object of framebuffer (git-fixes). * drm/amd/display: fix cursor offset on rotation 180 (git-fixes). * drm/amd/display: fix s2idle entry for DCN3.5+ (stable-fixes). * drm/amd/pm: Fix the null pointer dereference for vega10_hwmgr (stable- fixes). * drm/amdgpu/jpeg2: properly set atomics vmid field (stable-fixes). * drm/amdgpu/jpeg4: properly set atomics vmid field (stable-fixes). * drm/amdgpu/pm: Fix the null pointer dereference for smu7 (stable-fixes). * drm/amdgpu/pm: Fix the null pointer dereference in apply_state_adjust_rules (stable-fixes). * drm/amdgpu/pm: Fix the param type of set_power_profile_mode (stable-fixes). * drm/amdgpu/sdma5.2: Update wptr registers as well as doorbell (stable- fixes). * drm/amdgpu/sdma5.2: limit wptr workaround to sdma 5.2.1 (git-fixes). * drm/amdgpu: Actually check flags for all context ops (stable-fixes). * drm/amdgpu: Add lock around VF RLCG interface (stable-fixes). * drm/amdgpu: Fix the null pointer dereference to ras_manager (stable-fixes). * drm/amdgpu: Forward soft recovery errors to userspace (stable-fixes). * drm/amdgpu: Validate TA binary size (stable-fixes). * drm/amdgpu: fix dereference null return value for the function amdgpu_vm_pt_parent (stable-fixes). * drm/amdgpu: fix potential resource leak warning (stable-fixes). * drm/amdgpu: reset vm state machine after gpu reset(vram lost) (stable- fixes). * drm/bridge: analogix_dp: properly handle zero sized AUX transactions (stable-fixes). * drm/client: fix null pointer dereference in drm_client_modeset_probe (git- fixes). * drm/dp_mst: Skip CSN if topology probing is not done yet (stable-fixes). * drm/etnaviv: do not block scheduler when GPU is still active (stable-fixes). * drm/i915/dsi: Make Lenovo Yoga Tab 3 X90F DMI match less strict (git-fixes). * drm/i915/gem: Adjust vma offset for framebuffer mmap offset (stable-fixes). * drm/i915/gem: Fix Virtual Memory mapping boundaries calculation (git-fixes). * drm/i915/hdcp: Fix HDCP2_STREAM_STATUS macro (git-fixes). * drm/i915: Fix possible int overflow in skl_ddi_calculate_wrpll() (git- fixes). * drm/lima: set gp bus_stop bit before hard reset (stable-fixes). * drm/mediatek/dp: Fix spurious kfree() (git-fixes). * drm/msm/dp: fix the max supported bpp logic (git-fixes). * drm/msm/dp: reset the link phy params before link training (git-fixes). * drm/msm/dpu: capture snapshot on the first commit_done timeout (stable- fixes). * drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails (git-fixes). * drm/msm/dpu: do not play tricks with debug macros (git-fixes). * drm/msm/dpu: drop MSM_ENC_VBLANK support (stable-fixes). * drm/msm/dpu: move dpu_encoder's connector assignment to atomic_enable() (git-fixes). * drm/msm/dpu: split dpu_encoder_wait_for_event into two functions (stable- fixes). * drm/msm/dpu: take plane rotation into account for wide planes (git-fixes). * drm/msm/dpu: try multirect based on mdp clock limits (stable-fixes). * drm/msm/dpu: use drmm-managed allocation for dpu_encoder_phys (stable- fixes). * drm/msm/mdss: Rename path references to mdp_path (stable-fixes). * drm/msm/mdss: switch mdss to use devm_of_icc_get() (stable-fixes). * drm/msm: Reduce fallout of fence signaling vs reclaim hangs (stable-fixes). * drm/nouveau: prime: fix refcount underflow (git-fixes). * drm/panel: nt36523: Set 120Hz fps for xiaomi,elish panels (stable-fixes). * drm/radeon/evergreen_cs: Clean up errors in evergreen_cs.c (bsc#1229024). * drm/radeon: Remove __counted_by from StateArray.states[] (git-fixes). * drm/rockchip: vop2: clear afbc en and transform bit for cluster window at linear mode (stable-fixes). * drm/virtio: Fix type of dma-fence context variable (git-fixes). * drm/vmwgfx: Fix a deadlock in dma buf fence polling (git-fixes). * drm/vmwgfx: Fix overlay when using Screen Targets (git-fixes). * drm/vmwgfx: Fix prime with external buffers (git-fixes). * efi/libstub: Zero initialize heap allocated struct screen_info (git-fixes). * evm: do not copy up 'security.evm' xattr (git-fixes). * firmware: cirrus: cs_dsp: Initialize debugfs_root to invalid (stable-fixes). * fs/netfs/fscache_cookie: add missing "n_accesses" check (bsc#1229455). * fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229456). * genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline (git- fixes). * genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (git- fixes). * genirq/matrix: Exclude managed interrupts in irq_matrix_allocated() (git- fixes). * gfs2: setattr_chown: Add missing initialization (git-fixes). * gpio: mlxbf3: Support shutdown() function (git-fixes). * gpio: prevent potential speculation leaks in gpio_device_get_desc() (stable- fixes). * gpio: sysfs: extend the critical section for unregistering sysfs devices (stable-fixes). * gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git- fixes). * hfs: fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (git-fixes). * hwmon: (ltc2992) Avoid division by zero (stable-fixes). * hwmon: (ltc2992) Fix memory leak in ltc2992_parse_dt() (git-fixes). * hwmon: (pc87360) Bounds check data->innr usage (stable-fixes). * i2c: Fix conditional for substituting empty ACPI functions (stable-fixes). * i2c: Use IS_REACHABLE() for substituting empty ACPI functions (git-fixes). * i2c: qcom-geni: Add missing clk_disable_unprepare in geni_i2c_runtime_resume (git-fixes). * i2c: qcom-geni: Add missing geni_icc_disable in geni_i2c_runtime_resume (git-fixes). * i2c: qcom-geni: Add missing geni_icc_disable in geni_i2c_runtime_resume (git-fixes). * i2c: riic: avoid potential division by zero (stable-fixes). * i2c: smbus: Improve handling of stuck alerts (git-fixes). * i2c: smbus: Send alert notifications to all devices if source not found (git-fixes). * i2c: stm32f7: Add atomic_xfer method to driver (stable-fixes). * i3c: mipi-i3c-hci: Do not unmap region not mapped for transfer (stable- fixes). * i3c: mipi-i3c-hci: Remove BUG() when Ring Abort request times out (stable- fixes). * i915/perf: Remove code to update PWR_CLK_STATE for gen12 (git-fixes). * ice: Fix NULL pointer access, if PF does not support SRIOV_LAG (bsc#1228737). * io_uring/advise: support 64-bit lengths (git-fixes). * io_uring: Drop per-ctx dummy_ubuf (git-fixes). * io_uring: Fix probe of disabled operations (git-fixes). * io_uring: fix io_match_task must_hold (git-fixes). * io_uring: tighten task exit cancellations (git-fixes). * iommu/amd: Convert comma to semicolon (git-fixes). * iommu/vt-d: Fix identity map bounds in si_domain_init() (git-fixes). * iommufd/device: Fix hwpt at err_unresv in iommufd_device_do_replace() (git- fixes). * ip6_tunnel: Fix broken GRO (bsc#1229444). * ipv6: sr: fix incorrect unregister order (git-fixes). * irqdomain: Fixed unbalanced fwnode get and put (git-fixes). * jfs: Fix shift-out-of-bounds in dbDiscardAG (git-fixes). * jfs: define xtree root and page independently (git-fixes). * jfs: fix null ptr deref in dtInsertEntry (git-fixes). * jump_label: Clarify condition in static_key_fast_inc_not_disabled() (git- fixes). * jump_label: Fix concurrency issues in static_key_slow_dec() (git-fixes). * jump_label: Fix the fix, brown paper bags galore (git-fixes). * jump_label: Simplify and clarify static_key_fast_inc_cpus_locked() (git- fixes). * kABI fix of: virtio-crypto: handle config changed by work queue (git-fixes). * kABI workaround for sound core UMP conversion (stable-fixes). * kabi fix for KVM: s390: fix LPSWEY handling (bsc#1227634 git-fixes). * kabi fix for SUNRPC: add a missing rpc_stat for TCP TLS (git-fixes). * kabi/severities: ignore kABI for FireWire sound local symbols (bsc#1208783) * kabi: more build fix without patches.kabi (bsc#1226502) * kcov: properly check for softirq context (git-fixes). * kernel-binary.spec.in: Enable klp_symbols on openSUSE Tumbleweed (boo#1229042). * kernel-binary: generate and install compile_commands.json (bsc#1228971). * kernfs: Convert kernfs_path_from_node_locked() from strlcpy() to strscpy() (bsc#1229134). * kernfs: fix false-positive WARN(nr_mmapped) in kernfs_drain_open_files (git- fixes). * kprobes: Fix to check symbol prefixes correctly (git-fixes). * kprobes: Prohibit probing on CFI preamble symbol (git-fixes). * kvm: s390: Reject memory region operations for ucontrol VMs (git-fixes bsc#1229168). * libbpf: Add missing LIBBPF_API annotation to libbpf_set_memlock_rlim API (git-fixes). * libbpf: Apply map_set_def_max_entries() for inner_maps on creation (git- fixes). * libbpf: Fix faccessat() usage on Android (git-fixes). * libbpf: Use OPTS_SET() macro in bpf_xdp_query() (git-fixes). * md-cluster: fix hanging issue while a new disk adding (bsc#1223395). * md-cluster: fix hanging issue while a new disk adding (bsc#1223395). * md-cluster: fix no recovery job when adding/re-adding a disk (bsc#1223395). * md-cluster: fix no recovery job when adding/re-adding a disk (bsc#1223395). * md-cluster: keeping kabi compatibility for upstream commit 35a0a409fa26 (bsc#1223395). * md/md-bitmap: fix writing non bitmap pages (git-fixes). * md/raid1: set max_sectors during early return from choose_slow_rdev() (git- fixes). * md/raid1: support read error check (git-fixes). * md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING (git-fixes). * md/raid5: fix spares errors about rcu usage (git-fixes). * md/raid5: recheck if reshape has finished with device_lock held (git-fixes). * md: Do not wait for MD_RECOVERY_NEEDED for HOT_REMOVE_DISK ioctl (git- fixes). * md: add a mddev_add_trace_msg helper (git-fixes). * md: add check for sleepers in md_wakeup_thread() (git-fixes). * md: change the return value type of md_write_start to void (git-fixes). * md: do not account sync_io if iostats of the disk is disabled (git-fixes). * md: do not delete safemode_timer in mddev_suspend (git-fixes). * md: factor out a helper exceed_read_errors() to check read_errors (git- fixes). * md: fix a suspicious RCU usage warning (git-fixes). * media: Revert "media: dvb-usb: Fix unexpected infinite loop in dvb_usb_read_remote_control()" (git-fixes). * media: amphion: Remove lock in s_ctrl callback (stable-fixes). * media: drivers/media/dvb-core: copy user arrays safely (stable-fixes). * media: pci: cx23885: check cx23885_vdev_init() return (stable-fixes). * media: uvcvideo: Add quirk for invalid dev_sof in Logitech C920 (git-fixes). * media: uvcvideo: Disable autosuspend for Insta360 Link (stable-fixes). * media: uvcvideo: Fix the bandwdith quirk on USB 3.x (stable-fixes). * media: uvcvideo: Ignore empty TS packets (stable-fixes). * media: uvcvideo: Quirk for invalid dev_sof in Logitech C922 (stable-fixes). * media: xc2028: avoid use-after-free in load_firmware_cb() (stable-fixes). * memcg: protect concurrent access to mem_cgroup_idr (git-fixes). * memory: stm32-fmc2-ebi: check regmap_read return value (stable-fixes). * memory: tegra: Skip SID programming if SID registers are not set (stable- fixes). * minmax: add a few more MIN_T/MAX_T users (bsc#1229024). * minmax: avoid overly complicated constant expressions in VM code (bsc#1229024). * minmax: do not use max() in situations that want a C constant expression (bsc#1229024). * minmax: fix up min3() and max3() too (bsc#1229024). * minmax: improve macro expansion and type checking (bsc#1229024). * minmax: make generic MIN() and MAX() macros available everywhere (bsc#1229024). * minmax: simplify and clarify min_t()/max_t() implementation (bsc#1229024). * minmax: simplify min()/max()/clamp() implementation (bsc#1229024). * mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes). * mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes). * mmc: dw_mmc: allow biu and ciu clocks to defer (git-fixes). * mmc: mmc_test: Fix NULL dereference on allocation failure (git-fixes). * mmc: mtk-sd: receive cmd8 data when hs400 tuning fail (git-fixes). * net/iucv: fix the allocation size of iucv_path_table array (git-fixes bsc#1229451). * net/iucv: fix use after free in iucv_sock_close() (bsc#1228973). * net/rds: fix possible cp null dereference (git-fixes). * net/sched: initialize noop_qdisc owner (git-fixes). * net: drop bad gso csum_start and offset in virtio_net_hdr (git-fixes). * net: ethernet: mtk_wed: fix use-after-free panic in mtk_wed_setup_tc_block_cb() (git-fixes). * net: fix sk_memory_allocated_{add|sub} vs softirqs (bsc#1228757). * net: mana: Add support for page sizes other than 4KB on ARM64 (jsc#PED-8491 bsc#1226530). * net: mana: Fix RX buf alloc_size alignment and atomic op panic (bsc#1229086). * net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154). * net: mana: Fix race of mana_hwc_post_rx_wqe and new hwc response (git- fixes). * net: missing check virtio (git-fixes). * net: phy: micrel: Fix the KSZ9131 MDI-X status issue (git-fixes). * net: phy: realtek: add support for RTL8366S Gigabit PHY (git-fixes). * net: usb: qmi_wwan: fix memory leak for not ip packets (git-fixes). * net: usb: sr9700: fix uninitialized variable use in sr_mdio_read (git- fixes). * netfs, fscache: export fscache_put_volume() and add fscache_try_get_volume() (bsc#1228459 bsc#1228462). * nfc: pn533: Add poll mod list filling check (git-fixes). * nfs: do not invalidate dentries on transient errors (git-fixes). * nfs: expose /proc/net/sunrpc/nfs in net namespaces (git-fixes). * nfs: make the rpc_stat per net namespace (git-fixes). * nfs: pass explicit offset/count to trace events (git-fixes). * nfs: propagate readlink errors in nfs_symlink_filler (git-fixes). * nouveau/firmware: use dma non-coherent allocator (git-fixes). * nvme-multipath: find NUMA path only for online numa-node (git-fixes). * nvme-multipath: implement "queue-depth" iopolicy (bsc#1227706). * nvme-multipath: prepare for "queue-depth" iopolicy (bsc#1227706). * nvme-pci: Fix the instructions for disabling power management (git-fixes). * nvme-pci: add missing condition check for existence of mapped data (git- fixes). * nvme-pci: do not directly handle subsys reset fallout (bsc#1220066). * nvme-sysfs: add 'tls_configured_key' sysfs attribute (bsc#1221857). * nvme-sysfs: add 'tls_keyring' attribute (bsc#1221857). * nvme-tcp: check for invalidated or revoked key (bsc#1221857). * nvme-tcp: sanitize TLS key handling (bsc#1221857). * nvme: add a newline to the 'tls_key' sysfs attribute (bsc#1221857). * nvme: adjust multiples of NVME_CTRL_PAGE_SIZE in offset (git-fixes). * nvme: avoid double free special payload (git-fixes). * nvme: fix NVME_NS_DEAC may incorrectly identifying the disk as EXT_LBA (git- fixes). * nvme: fixup comment for nvme RDMA Provider Type (git-fixes). * nvme: split off TLS sysfs attributes into a separate group (bsc#1221857). * nvme: tcp: remove unnecessary goto statement (bsc#1221857). * nvme_core: scan namespaces asynchronously (bsc#1224105). * nvmet-auth: fix nvmet_auth hash error handling (git-fixes). * nvmet: always initialize cqe.result (git-fixes). * nvmet: do not return 'reserved' for empty TSAS values (git-fixes). * nvmet: fix a possible leak when destroy a ctrl during qp establishment (git- fixes). * nvmet: make 'tsas' attribute idempotent for RDMA (git-fixes). * ocfs2: strict bound check before memcmp in ocfs2_xattr_find_entry() (bsc#1228410). * padata: Fix possible divide-by-0 panic in padata_mt_helper() (git-fixes). * perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09 (git- fixes). * pinctrl: mediatek: common-v2: Fix broken bias-disable for PULL_PU_PD_RSEL_TYPE (git-fixes). * pinctrl: rockchip: correct RK3328 iomux width flag for GPIO2-B pins (git- fixes). * pinctrl: single: fix potential NULL dereference in pcs_get_function() (git- fixes). * pinctrl: starfive: jh7110: Correct the level trigger configuration of iev register (git-fixes). * platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git- fixes). * platform/chrome: cros_ec_proto: Lock device when updating MKBP version (git- fixes). * platform/surface: aggregator: Fix warning when controller is destroyed in probe (git-fixes). * platform/x86/amd/hsmp: Add support for ACPI based probing (jsc#PED-8779). * platform/x86/amd/hsmp: Cache pci_dev in struct hsmp_socket (jsc#PED-8779). * platform/x86/amd/hsmp: Change devm_kzalloc() to devm_kcalloc() (jsc#PED-8779). * platform/x86/amd/hsmp: Check HSMP support on AMD family of processors (jsc#PED-8779). * platform/x86/amd/hsmp: Check num_sockets against MAX_AMD_SOCKETS (jsc#PED-8779). * platform/x86/amd/hsmp: Create static func to handle platdev (jsc#PED-8779). * platform/x86/amd/hsmp: Define a struct to hold mailbox regs (jsc#PED-8779). * platform/x86/amd/hsmp: Move dev from platdev to hsmp_socket (jsc#PED-8779). * platform/x86/amd/hsmp: Move hsmp_test to probe (jsc#PED-8779). * platform/x86/amd/hsmp: Non-ACPI support for AMD F1A_M00~0Fh (jsc#PED-8779). * platform/x86/amd/hsmp: Remove extra parenthesis and add a space (jsc#PED-8779). * platform/x86/amd/hsmp: Restructure sysfs group creation (jsc#PED-8779). * platform/x86/amd/hsmp: switch to use device_add_groups() (jsc#PED-8779). * platform/x86/intel/ifs: Initialize union ifs_status to zero (git-fixes). * platform/x86: lg-laptop: fix %s null argument warning (stable-fixes). * power: supply: axp288_charger: Fix constant_charge_voltage writes (git- fixes). * power: supply: axp288_charger: Round constant_charge_voltage writes down (git-fixes). * power: supply: qcom_battmgr: return EAGAIN when firmware service is not up (git-fixes). * powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (bsc#1194869). * powerpc/io: Avoid clang null pointer arithmetic warnings (bsc#1194869). * powerpc/kexec: make the update_cpus_node() function public (bsc#1194869). * powerpc/kexec: split CONFIG_KEXEC_FILE and CONFIG_CRASH_DUMP (bsc#1194869). * powerpc/kexec_file: fix cpus node update to FDT (bsc#1194869). * powerpc/pseries: Add failure related checks for h_get_mpp and h_get_ppp (bsc#1194869). * powerpc/pseries: Whitelist dtl slub object for copying to userspace (bsc#1194869). * powerpc/radix: Move some functions into #ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE (bsc#1194869). * powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). * powerpc/xmon: Check cpu id in commands "c#", "dp#" and "dx#" (bsc#1194869). * powerpc: fix a file leak in kvm_vcpu_ioctl_enable_cap() (bsc#1194869). * powerpc: xor_vmx: Add '-mhard-float' to CFLAGS (bsc#1194869). * printk/panic: Allow cpu backtraces to be written into ringbuffer during panic (bsc#1225607). * reiserfs: fix uninit-value in comp_keys (git-fixes). * rtc: nct3018y: fix possible NULL dereference (stable-fixes). * s390/cpum_cf: Fix endless loop in CF_DIAG event stop (git-fixes bsc#1229171). * s390/dasd: fix error checks in dasd_copy_pair_store() (git-fixes bsc#1229173). * s390/dasd: fix error recovery leading to data corruption on ESE devices (git-fixes bsc#1229452). * s390/pci: Add missing virt_to_phys() for directed DIBV (git-fixes bsc#1229174). * s390/pci: Allow allocation of more than 1 MSI interrupt (git-fixes bsc#1229172). * s390/pci: Refactor arch_setup_msi_irqs() (git-fixes bsc#1229172). * s390/pkey: harmonize pkey s390 debug feature calls (bsc#1228720). * s390/pkey: introduce dynamic debugging for pkey (bsc#1228720). * s390/sclp: Prevent release of buffer in I/O (git-fixes bsc#1229169). * s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229170). * samples/bpf: syscall_tp_user: Fix array out-of-bound access (git-fixes). * samples/bpf: syscall_tp_user: Rename num_progs into nr_tests (git-fixes). * sbitmap: use READ_ONCE to access map->word (stable-fixes). * scsi: lpfc: Allow DEVICE_RECOVERY mode after RSCN receipt if in PRLI_ISSUE state (bsc#1228857). * scsi: lpfc: Cancel ELS WQE instead of issuing abort when SLI port is inactive (bsc#1228857). * scsi: lpfc: Fix handling of fully recovered fabric node in dev_loss callbk (bsc#1228857). * scsi: lpfc: Fix incorrect request len mbox field when setting trunking via sysfs (bsc#1228857). * scsi: lpfc: Handle mailbox timeouts in lpfc_get_sfp_info (bsc#1228857). * scsi: lpfc: Relax PRLI issue conditions after GID_FT response (bsc#1228857). * scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages (bsc#1228857). * scsi: lpfc: Update lpfc version to 14.4.0.3 (bsc#1228857). * scsi: qla2xxx: Avoid possible run-time warning with long model_num (bsc#1228850). * scsi: qla2xxx: Complete command early within lock (bsc#1228850). * scsi: qla2xxx: Convert comma to semicolon (bsc#1228850). * scsi: qla2xxx: Drop driver owner assignment (bsc#1228850). * scsi: qla2xxx: During vport delete send async logout explicitly (bsc#1228850). * scsi: qla2xxx: Fix debugfs output for fw_resource_count (bsc#1228850). * scsi: qla2xxx: Fix flash read failure (bsc#1228850). * scsi: qla2xxx: Fix for possible memory corruption (bsc#1228850). * scsi: qla2xxx: Fix optrom version displayed in FDMI (bsc#1228850). * scsi: qla2xxx: Indent help text (bsc#1228850). * scsi: qla2xxx: Reduce fabric scan duplicate code (bsc#1228850). * scsi: qla2xxx: Remove unused struct 'scsi_dif_tuple' (bsc#1228850). * scsi: qla2xxx: Return ENOBUFS if sg_cnt is more than one for ELS cmds (bsc#1228850). * scsi: qla2xxx: Unable to act on RSCN for port online (bsc#1228850). * scsi: qla2xxx: Update version to 10.02.09.300-k (bsc#1228850). * scsi: qla2xxx: Use QP lock to search for bsg (bsc#1228850). * scsi: qla2xxx: validate nvme_local_port correctly (bsc#1228850). * selftest/bpf: Add map_in_maps with BPF_MAP_TYPE_PERF_EVENT_ARRAY values (git-fixes). * selftests/bpf: Add a test to verify previous stacksafe() fix (bsc#1225903). * selftests/bpf: Add assert for user stacks in test_task_stack (git-fixes). * selftests/bpf: Add netkit to tc_redirect selftest (git-fixes). * selftests/bpf: De-veth-ize the tc_redirect test case (git-fixes). * selftests/bpf: Disable IPv6 for lwt_redirect test (git-fixes). * selftests/bpf: Fix erroneous bitmask operation (git-fixes). * selftests/bpf: Fix issues in setup_classid_environment() (git-fixes). * selftests/bpf: Fix potential premature unload in bpf_testmod (git-fixes). * selftests/bpf: Fix pyperf180 compilation failure with clang18 (git-fixes). * selftests/bpf: Fix the flaky tc_redirect_dtime test (git-fixes). * selftests/bpf: Fix up xdp bonding test wrt feature flags (git-fixes). * selftests/bpf: Make linked_list failure test more robust (git-fixes). * selftests/bpf: Relax time_tai test for equal timestamps in tai_forward (git- fixes). * selftests/bpf: Skip module_fentry_shadow test when bpf_testmod is not available (git-fixes). * selftests/bpf: Wait for the netstamp_needed_key static key to be turned on (git-fixes). * selftests/bpf: fix RELEASE=1 build for tc_opts (git-fixes). * selftests/bpf: fix bpf_loop_bench for new callback verification scheme (git- fixes). * selftests/bpf: fix compiler warnings in RELEASE=1 mode (git-fixes). * selftests/bpf: satisfy compiler by having explicit return in btf test (git- fixes). * serial: core: check uartclk for zero to avoid divide by zero (stable-fixes). * soc: qcom: cmd-db: Map shared memory as WC, not WB (git-fixes). * soc: qcom: pmic_glink: Actually communicate when remote goes down (git- fixes). * soundwire: stream: fix programming slave ports for non-continous port maps (git-fixes). * spi: Add empty versions of ACPI functions (stable-fixes). * spi: microchip-core: fix init function not setting the master and motorola modes (git-fixes). * spi: microchip-core: switch to use modern name (stable-fixes). * spi: spi-fsl-lpspi: Fix scldiv calculation (git-fixes). * spi: spidev: Add missing spi_device_id for bh2228fv (git-fixes). * squashfs: squashfs_read_data need to check if the length is 0 (git-fixes). * ssb: Fix division by zero issue in ssb_calc_clock_rate (stable-fixes). * staging: iio: resolver: ad2s1210: fix use before initialization (stable- fixes). * staging: ks7010: disable bh on tx_dev_lock (stable-fixes). * string.h: Introduce memtostr() and memtostr_pad() (bsc#1228849). * sunrpc: add a struct rpc_stats arg to rpc_create_args (git-fixes). * swiotlb: do not set total_used to 0 in swiotlb_create_debugfs_files() (git- fixes). * swiotlb: fix swiotlb_bounce() to do partial sync's correctly (git-fixes). * syscalls: fix compat_sys_io_pgetevents_time64 usage (git-fixes). * thermal/drivers/broadcom: Fix race between removal and clock disable (git- fixes). * thermal: bcm2835: Convert to platform remove callback returning void (stable-fixes). * thunderbolt: Mark XDomain as unplugged when router is removed (stable- fixes). * tools/perf: Fix perf bench epoll to enable the run when some CPU's are offline (bsc#1227747). * tools/perf: Fix perf bench futex to enable the run when some CPU's are offline (bsc#1227747). * tools/perf: Fix timing issue with parallel threads in perf bench wake-up- parallel (bsc#1227747). * tools/resolve_btfids: Fix comparison of distinct pointer types warning in resolve_btfids (git-fixes). * tools/resolve_btfids: Fix cross-compilation to non-host endianness (git- fixes). * tools/resolve_btfids: Refactor set sorting with types from btf_ids.h (git- fixes). * tools/resolve_btfids: fix build with musl libc (git-fixes). * trace/pid_list: Change gfp flags in pid_list_fill_irq() (git-fixes). * tracing: Return from tracing_buffers_read() if the file has been closed (bsc#1229136 git-fixes). * tty: atmel_serial: use the correct RTS flag (git-fixes). * tty: serial: fsl_lpuart: mark last busy before uart_add_one_port (git- fixes). * usb: cdnsp: fix for Link TRB with TC (git-fixes). * usb: cdnsp: fix incorrect index in cdnsp_get_hw_deq function (git-fixes). * usb: core: sysfs: Unmerge @usb3_hardware_lpm_attr_group in remove_power_attributes() (git-fixes). * usb: dwc3: core: Skip setting event buffers for host only controllers (stable-fixes). * usb: dwc3: omap: add missing depopulate in probe error path (git-fixes). * usb: dwc3: st: add missing depopulate in probe error path (git-fixes). * usb: dwc3: st: fix probed platform device ref count on probe error path (git-fixes). * usb: gadget: core: Check for unset descriptor (git-fixes). * usb: gadget: fsl: Increase size of name buffer for endpoints (stable-fixes). * usb: gadget: u_audio: Check return codes from usb_ep_enable and config_ep_by_speed (git-fixes). * usb: gadget: u_serial: Set start_delayed during suspend (git-fixes). * usb: gadget: uvc: cleanup request when not in correct state (stable-fixes). * usb: typec: fsa4480: Add support to swap SBU orientation (git-fixes). * usb: typec: fsa4480: Check if the chip is really there (git-fixes). * usb: typec: fsa4480: Relax CHIP_ID check (git-fixes). * usb: typec: fsa4480: add support for Audio Accessory Mode (git-fixes). * usb: typec: fsa4480: rework mux & switch setup to handle more states (git- fixes). * usb: vhci-hcd: Do not drop references before new references are gained (stable-fixes). * vfio/pci: fix potential memory leak in vfio_intx_enable() (git-fixes). * vhost-scsi: Handle vhost_vq_work_queue failures for events (git-fixes). * vhost-vdpa: switch to use vmf_insert_pfn() in the fault handler (git-fixes). * vhost/vsock: always initialize seqpacket_allow (git-fixes). * vhost: Release worker mutex during flushes (git-fixes). * vhost: Use virtqueue mutex for swapping worker (git-fixes). * virt: guest_memfd: fix reference leak on hwpoisoned page (git-fixes). * virtio-crypto: handle config changed by work queue (git-fixes). * virtio: reenable config if freezing device failed (git-fixes). * virtio_net: use u64_stats_t infra to avoid data-races (git-fixes). * virtiofs: forbid newlines in tags (bsc#1229940). * wifi: ath12k: fix memory leak in ath12k_dp_rx_peer_frag_setup() (stable- fixes). * wifi: ath12k: fix soft lockup on suspend (git-fixes). * wifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion (git-fixes). * wifi: cfg80211: fix reporting failed MLO links status with cfg80211_connect_done (git-fixes). * wifi: iwlwifi: fw: fix wgds rev 3 exact size (git-fixes). * wifi: mac80211: use monitor sdata with driver only if desired (git-fixes). * wifi: mwifiex: duplicate static structs used in driver instances (git- fixes). * wifi: nl80211: disallow setting special AP channel widths (stable-fixes). * wifi: nl80211: do not give key data to userspace (stable-fixes). * wifi: rtw88: usb: Fix disconnection after beacon loss (stable-fixes). * wifi: wfx: repair open network AP mode (git-fixes). * workqueue: Improve scalability of workqueue watchdog touch (bsc#1193454). * workqueue: wq_watchdog_touch is always called with valid CPU (bsc#1193454). * x86/asm: Use %c/%n instead of %P operand modifier in asm templates (git- fixes). * x86/entry/64: Remove obsolete comment on tracing vs. SYSRET (git-fixes). * x86/mm: Fix pti_clone_entry_text() for i386 (git-fixes). * x86/mm: Fix pti_clone_pgtable() alignment assumption (git-fixes). * x86/mtrr: Check if fixed MTRRs exist before saving them (git-fixes). * x86/numa: Fix SRAT lookup of CFMWS ranges with numa_fill_memblks() (git- fixes). * x86/numa: Fix the address overlap check in numa_fill_memblks() (git-fixes). * x86/numa: Fix the sort compare func used in numa_fill_memblks() (git-fixes). * x86/numa: Introduce numa_fill_memblks() (git-fixes). * x86/pci: Skip early E820 check for ECAM region (git-fixes). * x86/xen: Convert comma to semicolon (git-fixes). * xfs: Fix missing interval for missing_owner in xfs fsmap (git-fixes). * xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes). * xfs: allow cross-linking special files without project quota (git-fixes). * xfs: allow symlinks with short remote targets (bsc#1229160). * xfs: allow unlinked symlinks and dirs with zero size (git-fixes). * xfs: attr forks require attr, not attr2 (git-fixes). * xfs: convert comma to semicolon (git-fixes). * xfs: do not use current->journal_info (git-fixes). * xfs: fix unlink vs cluster buffer instantiation race (git-fixes). * xfs: honor init_xattrs in xfs_init_new_inode for !ATTR fs (git-fixes). * xfs: journal geometry is not properly bounds checked (git-fixes). * xfs: match lock mode in xfs_buffered_write_iomap_begin() (git-fixes). * xfs: require XFS_SB_FEAT_INCOMPAT_LOG_XATTRS for attr log intent item recovery (git-fixes). * xfs: upgrade the extent counters in xfs_reflink_end_cow_extent later (git- fixes). * xfs: use XFS_BUF_DADDR_NULL for daddrs in getfsmap code (git-fixes). * xfs: use consistent uid/gid when grabbing dquots for inodes (git-fixes). * xhci: Fix Panther point NULL pointer deref at full-speed re-enumeration (git-fixes). * xprtrdma: Fix rpcrdma_reqs_reset() (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3383=1 openSUSE-SLE-15.6-2024-3383=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3383=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3383=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-3383=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2024-3383=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2024-3383=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-3383=1 ## Package List: * openSUSE Leap 15.6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.22.1 * openSUSE Leap 15.6 (noarch) * kernel-devel-6.4.0-150600.23.22.1 * kernel-macros-6.4.0-150600.23.22.1 * kernel-docs-html-6.4.0-150600.23.22.1 * kernel-source-6.4.0-150600.23.22.1 * kernel-source-vanilla-6.4.0-150600.23.22.1 * openSUSE Leap 15.6 (nosrc ppc64le x86_64) * kernel-debug-6.4.0-150600.23.22.1 * openSUSE Leap 15.6 (ppc64le x86_64) * kernel-debug-livepatch-devel-6.4.0-150600.23.22.1 * kernel-debug-devel-6.4.0-150600.23.22.1 * kernel-debug-debugsource-6.4.0-150600.23.22.1 * kernel-debug-devel-debuginfo-6.4.0-150600.23.22.1 * kernel-debug-debuginfo-6.4.0-150600.23.22.1 * openSUSE Leap 15.6 (x86_64) * kernel-debug-vdso-debuginfo-6.4.0-150600.23.22.1 * kernel-kvmsmall-vdso-debuginfo-6.4.0-150600.23.22.1 * kernel-debug-vdso-6.4.0-150600.23.22.1 * kernel-default-vdso-6.4.0-150600.23.22.1 * kernel-kvmsmall-vdso-6.4.0-150600.23.22.1 * kernel-default-vdso-debuginfo-6.4.0-150600.23.22.1 * openSUSE Leap 15.6 (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-150600.23.22.1.150600.12.8.3 * kernel-kvmsmall-devel-6.4.0-150600.23.22.1 * kernel-kvmsmall-livepatch-devel-6.4.0-150600.23.22.1 * kernel-kvmsmall-devel-debuginfo-6.4.0-150600.23.22.1 * kernel-kvmsmall-debugsource-6.4.0-150600.23.22.1 * kernel-kvmsmall-debuginfo-6.4.0-150600.23.22.1 * kernel-default-base-rebuild-6.4.0-150600.23.22.1.150600.12.8.3 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kernel-syms-6.4.0-150600.23.22.1 * kernel-default-extra-6.4.0-150600.23.22.1 * cluster-md-kmp-default-6.4.0-150600.23.22.1 * dlm-kmp-default-6.4.0-150600.23.22.1 * kernel-default-optional-6.4.0-150600.23.22.1 * kernel-obs-build-debugsource-6.4.0-150600.23.22.1 * kernel-default-livepatch-6.4.0-150600.23.22.1 * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.22.1 * kernel-default-livepatch-devel-6.4.0-150600.23.22.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.22.1 * kernel-default-debuginfo-6.4.0-150600.23.22.1 * kernel-default-optional-debuginfo-6.4.0-150600.23.22.1 * kselftests-kmp-default-debuginfo-6.4.0-150600.23.22.1 * kernel-default-devel-debuginfo-6.4.0-150600.23.22.1 * kselftests-kmp-default-6.4.0-150600.23.22.1 * ocfs2-kmp-default-6.4.0-150600.23.22.1 * kernel-obs-build-6.4.0-150600.23.22.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.22.1 * kernel-default-extra-debuginfo-6.4.0-150600.23.22.1 * kernel-default-devel-6.4.0-150600.23.22.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.22.1 * gfs2-kmp-default-6.4.0-150600.23.22.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.22.1 * reiserfs-kmp-default-6.4.0-150600.23.22.1 * kernel-obs-qa-6.4.0-150600.23.22.1 * kernel-default-debugsource-6.4.0-150600.23.22.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.22.1 * openSUSE Leap 15.6 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-6.4.0-150600.23.22.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP6_Update_4-debugsource-1-150600.13.3.3 * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-1-150600.13.3.3 * kernel-livepatch-6_4_0-150600_23_22-default-1-150600.13.3.3 * openSUSE Leap 15.6 (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.22.1 * openSUSE Leap 15.6 (s390x) * kernel-zfcpdump-debuginfo-6.4.0-150600.23.22.1 * kernel-zfcpdump-debugsource-6.4.0-150600.23.22.1 * openSUSE Leap 15.6 (nosrc) * dtb-aarch64-6.4.0-150600.23.22.1 * openSUSE Leap 15.6 (aarch64) * kernel-64kb-extra-6.4.0-150600.23.22.1 * kselftests-kmp-64kb-6.4.0-150600.23.22.1 * dtb-apple-6.4.0-150600.23.22.1 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.22.1 * dlm-kmp-64kb-6.4.0-150600.23.22.1 * kernel-64kb-debugsource-6.4.0-150600.23.22.1 * kernel-64kb-debuginfo-6.4.0-150600.23.22.1 * dtb-arm-6.4.0-150600.23.22.1 * kernel-64kb-optional-6.4.0-150600.23.22.1 * kernel-64kb-extra-debuginfo-6.4.0-150600.23.22.1 * dtb-allwinner-6.4.0-150600.23.22.1 * dtb-broadcom-6.4.0-150600.23.22.1 * dtb-qcom-6.4.0-150600.23.22.1 * dtb-amd-6.4.0-150600.23.22.1 * kernel-64kb-livepatch-devel-6.4.0-150600.23.22.1 * ocfs2-kmp-64kb-6.4.0-150600.23.22.1 * dtb-amazon-6.4.0-150600.23.22.1 * kernel-64kb-devel-6.4.0-150600.23.22.1 * dtb-hisilicon-6.4.0-150600.23.22.1 * gfs2-kmp-64kb-6.4.0-150600.23.22.1 * cluster-md-kmp-64kb-debuginfo-6.4.0-150600.23.22.1 * dlm-kmp-64kb-debuginfo-6.4.0-150600.23.22.1 * dtb-renesas-6.4.0-150600.23.22.1 * dtb-sprd-6.4.0-150600.23.22.1 * dtb-nvidia-6.4.0-150600.23.22.1 * dtb-apm-6.4.0-150600.23.22.1 * ocfs2-kmp-64kb-debuginfo-6.4.0-150600.23.22.1 * gfs2-kmp-64kb-debuginfo-6.4.0-150600.23.22.1 * dtb-altera-6.4.0-150600.23.22.1 * dtb-amlogic-6.4.0-150600.23.22.1 * dtb-lg-6.4.0-150600.23.22.1 * dtb-xilinx-6.4.0-150600.23.22.1 * kernel-64kb-optional-debuginfo-6.4.0-150600.23.22.1 * dtb-marvell-6.4.0-150600.23.22.1 * reiserfs-kmp-64kb-debuginfo-6.4.0-150600.23.22.1 * dtb-freescale-6.4.0-150600.23.22.1 * dtb-cavium-6.4.0-150600.23.22.1 * cluster-md-kmp-64kb-6.4.0-150600.23.22.1 * kselftests-kmp-64kb-debuginfo-6.4.0-150600.23.22.1 * dtb-rockchip-6.4.0-150600.23.22.1 * dtb-mediatek-6.4.0-150600.23.22.1 * reiserfs-kmp-64kb-6.4.0-150600.23.22.1 * dtb-exynos-6.4.0-150600.23.22.1 * dtb-socionext-6.4.0-150600.23.22.1 * openSUSE Leap 15.6 (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.22.1 * Basesystem Module 15-SP6 (aarch64 nosrc) * kernel-64kb-6.4.0-150600.23.22.1 * Basesystem Module 15-SP6 (aarch64) * kernel-64kb-debugsource-6.4.0-150600.23.22.1 * kernel-64kb-debuginfo-6.4.0-150600.23.22.1 * kernel-64kb-devel-6.4.0-150600.23.22.1 * kernel-64kb-devel-debuginfo-6.4.0-150600.23.22.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-6.4.0-150600.23.22.1 * Basesystem Module 15-SP6 (aarch64 ppc64le x86_64) * kernel-default-base-6.4.0-150600.23.22.1.150600.12.8.3 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-debuginfo-6.4.0-150600.23.22.1 * kernel-default-debuginfo-6.4.0-150600.23.22.1 * kernel-default-devel-6.4.0-150600.23.22.1 * kernel-default-debugsource-6.4.0-150600.23.22.1 * Basesystem Module 15-SP6 (noarch) * kernel-devel-6.4.0-150600.23.22.1 * kernel-macros-6.4.0-150600.23.22.1 * Basesystem Module 15-SP6 (nosrc s390x) * kernel-zfcpdump-6.4.0-150600.23.22.1 * Basesystem Module 15-SP6 (s390x) * kernel-zfcpdump-debuginfo-6.4.0-150600.23.22.1 * kernel-zfcpdump-debugsource-6.4.0-150600.23.22.1 * Development Tools Module 15-SP6 (noarch nosrc) * kernel-docs-6.4.0-150600.23.22.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-6.4.0-150600.23.22.1 * kernel-syms-6.4.0-150600.23.22.1 * kernel-obs-build-debugsource-6.4.0-150600.23.22.1 * Development Tools Module 15-SP6 (noarch) * kernel-source-6.4.0-150600.23.22.1 * Legacy Module 15-SP6 (nosrc) * kernel-default-6.4.0-150600.23.22.1 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * reiserfs-kmp-default-6.4.0-150600.23.22.1 * kernel-default-debuginfo-6.4.0-150600.23.22.1 * reiserfs-kmp-default-debuginfo-6.4.0-150600.23.22.1 * kernel-default-debugsource-6.4.0-150600.23.22.1 * SUSE Linux Enterprise Live Patching 15-SP6 (nosrc) * kernel-default-6.4.0-150600.23.22.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-default-livepatch-6.4.0-150600.23.22.1 * kernel-default-livepatch-devel-6.4.0-150600.23.22.1 * kernel-livepatch-6_4_0-150600_23_22-default-debuginfo-1-150600.13.3.3 * kernel-default-debuginfo-6.4.0-150600.23.22.1 * kernel-livepatch-SLE15-SP6_Update_4-debugsource-1-150600.13.3.3 * kernel-livepatch-6_4_0-150600_23_22-default-1-150600.13.3.3 * kernel-default-debugsource-6.4.0-150600.23.22.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * ocfs2-kmp-default-debuginfo-6.4.0-150600.23.22.1 * dlm-kmp-default-debuginfo-6.4.0-150600.23.22.1 * gfs2-kmp-default-6.4.0-150600.23.22.1 * gfs2-kmp-default-debuginfo-6.4.0-150600.23.22.1 * cluster-md-kmp-default-debuginfo-6.4.0-150600.23.22.1 * kernel-default-debuginfo-6.4.0-150600.23.22.1 * ocfs2-kmp-default-6.4.0-150600.23.22.1 * cluster-md-kmp-default-6.4.0-150600.23.22.1 * dlm-kmp-default-6.4.0-150600.23.22.1 * kernel-default-debugsource-6.4.0-150600.23.22.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (nosrc) * kernel-default-6.4.0-150600.23.22.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (nosrc) * kernel-default-6.4.0-150600.23.22.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * kernel-default-extra-debuginfo-6.4.0-150600.23.22.1 * kernel-default-debuginfo-6.4.0-150600.23.22.1 * kernel-default-extra-6.4.0-150600.23.22.1 * kernel-default-debugsource-6.4.0-150600.23.22.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52489.html * https://www.suse.com/security/cve/CVE-2023-52581.html * https://www.suse.com/security/cve/CVE-2023-52668.html * https://www.suse.com/security/cve/CVE-2023-52688.html * https://www.suse.com/security/cve/CVE-2023-52735.html * https://www.suse.com/security/cve/CVE-2023-52859.html * https://www.suse.com/security/cve/CVE-2023-52885.html * https://www.suse.com/security/cve/CVE-2023-52886.html * https://www.suse.com/security/cve/CVE-2023-52887.html * https://www.suse.com/security/cve/CVE-2023-52889.html * https://www.suse.com/security/cve/CVE-2024-26590.html * https://www.suse.com/security/cve/CVE-2024-26631.html * https://www.suse.com/security/cve/CVE-2024-26637.html * https://www.suse.com/security/cve/CVE-2024-26668.html * https://www.suse.com/security/cve/CVE-2024-26669.html * https://www.suse.com/security/cve/CVE-2024-26677.html * https://www.suse.com/security/cve/CVE-2024-26682.html * https://www.suse.com/security/cve/CVE-2024-26683.html * https://www.suse.com/security/cve/CVE-2024-26691.html * https://www.suse.com/security/cve/CVE-2024-26735.html * https://www.suse.com/security/cve/CVE-2024-26808.html * https://www.suse.com/security/cve/CVE-2024-26809.html * https://www.suse.com/security/cve/CVE-2024-26812.html * https://www.suse.com/security/cve/CVE-2024-26835.html * https://www.suse.com/security/cve/CVE-2024-26837.html * https://www.suse.com/security/cve/CVE-2024-26849.html * https://www.suse.com/security/cve/CVE-2024-26851.html * https://www.suse.com/security/cve/CVE-2024-26889.html * https://www.suse.com/security/cve/CVE-2024-26920.html * https://www.suse.com/security/cve/CVE-2024-26944.html * https://www.suse.com/security/cve/CVE-2024-26976.html * https://www.suse.com/security/cve/CVE-2024-27010.html * https://www.suse.com/security/cve/CVE-2024-27011.html * https://www.suse.com/security/cve/CVE-2024-27024.html * https://www.suse.com/security/cve/CVE-2024-27049.html * https://www.suse.com/security/cve/CVE-2024-27050.html * https://www.suse.com/security/cve/CVE-2024-27079.html * https://www.suse.com/security/cve/CVE-2024-27403.html * https://www.suse.com/security/cve/CVE-2024-27433.html * https://www.suse.com/security/cve/CVE-2024-27437.html * https://www.suse.com/security/cve/CVE-2024-31076.html * https://www.suse.com/security/cve/CVE-2024-35854.html * https://www.suse.com/security/cve/CVE-2024-35855.html * https://www.suse.com/security/cve/CVE-2024-35897.html * https://www.suse.com/security/cve/CVE-2024-35902.html * https://www.suse.com/security/cve/CVE-2024-35913.html * https://www.suse.com/security/cve/CVE-2024-35939.html * https://www.suse.com/security/cve/CVE-2024-35949.html * https://www.suse.com/security/cve/CVE-2024-36270.html * https://www.suse.com/security/cve/CVE-2024-36286.html * https://www.suse.com/security/cve/CVE-2024-36288.html * https://www.suse.com/security/cve/CVE-2024-36489.html * https://www.suse.com/security/cve/CVE-2024-36881.html * https://www.suse.com/security/cve/CVE-2024-36907.html * https://www.suse.com/security/cve/CVE-2024-36909.html * https://www.suse.com/security/cve/CVE-2024-36910.html * https://www.suse.com/security/cve/CVE-2024-36911.html * https://www.suse.com/security/cve/CVE-2024-36929.html * https://www.suse.com/security/cve/CVE-2024-36933.html * https://www.suse.com/security/cve/CVE-2024-36939.html * https://www.suse.com/security/cve/CVE-2024-36970.html * https://www.suse.com/security/cve/CVE-2024-36979.html * https://www.suse.com/security/cve/CVE-2024-38548.html * https://www.suse.com/security/cve/CVE-2024-38563.html * https://www.suse.com/security/cve/CVE-2024-38609.html * https://www.suse.com/security/cve/CVE-2024-38662.html * https://www.suse.com/security/cve/CVE-2024-39476.html * https://www.suse.com/security/cve/CVE-2024-39483.html * https://www.suse.com/security/cve/CVE-2024-39484.html * https://www.suse.com/security/cve/CVE-2024-39486.html * https://www.suse.com/security/cve/CVE-2024-39488.html * https://www.suse.com/security/cve/CVE-2024-39489.html * https://www.suse.com/security/cve/CVE-2024-39491.html * https://www.suse.com/security/cve/CVE-2024-39493.html * https://www.suse.com/security/cve/CVE-2024-39497.html * https://www.suse.com/security/cve/CVE-2024-39499.html * https://www.suse.com/security/cve/CVE-2024-39500.html * https://www.suse.com/security/cve/CVE-2024-39501.html * https://www.suse.com/security/cve/CVE-2024-39505.html * https://www.suse.com/security/cve/CVE-2024-39506.html * https://www.suse.com/security/cve/CVE-2024-39508.html * https://www.suse.com/security/cve/CVE-2024-39509.html * https://www.suse.com/security/cve/CVE-2024-39510.html * https://www.suse.com/security/cve/CVE-2024-40899.html * https://www.suse.com/security/cve/CVE-2024-40900.html * https://www.suse.com/security/cve/CVE-2024-40902.html * https://www.suse.com/security/cve/CVE-2024-40903.html * https://www.suse.com/security/cve/CVE-2024-40904.html * https://www.suse.com/security/cve/CVE-2024-40905.html * https://www.suse.com/security/cve/CVE-2024-40909.html * https://www.suse.com/security/cve/CVE-2024-40910.html * https://www.suse.com/security/cve/CVE-2024-40911.html * https://www.suse.com/security/cve/CVE-2024-40912.html * https://www.suse.com/security/cve/CVE-2024-40913.html * https://www.suse.com/security/cve/CVE-2024-40916.html * https://www.suse.com/security/cve/CVE-2024-40920.html * https://www.suse.com/security/cve/CVE-2024-40921.html * https://www.suse.com/security/cve/CVE-2024-40922.html * https://www.suse.com/security/cve/CVE-2024-40924.html * https://www.suse.com/security/cve/CVE-2024-40926.html * https://www.suse.com/security/cve/CVE-2024-40927.html * https://www.suse.com/security/cve/CVE-2024-40929.html * https://www.suse.com/security/cve/CVE-2024-40930.html * https://www.suse.com/security/cve/CVE-2024-40932.html * https://www.suse.com/security/cve/CVE-2024-40934.html * https://www.suse.com/security/cve/CVE-2024-40936.html * https://www.suse.com/security/cve/CVE-2024-40938.html * https://www.suse.com/security/cve/CVE-2024-40939.html * https://www.suse.com/security/cve/CVE-2024-40941.html * https://www.suse.com/security/cve/CVE-2024-40942.html * https://www.suse.com/security/cve/CVE-2024-40943.html * https://www.suse.com/security/cve/CVE-2024-40944.html * https://www.suse.com/security/cve/CVE-2024-40945.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-40956.html * https://www.suse.com/security/cve/CVE-2024-40957.html * https://www.suse.com/security/cve/CVE-2024-40958.html * https://www.suse.com/security/cve/CVE-2024-40959.html * https://www.suse.com/security/cve/CVE-2024-40962.html * https://www.suse.com/security/cve/CVE-2024-40964.html * https://www.suse.com/security/cve/CVE-2024-40967.html * https://www.suse.com/security/cve/CVE-2024-40976.html * https://www.suse.com/security/cve/CVE-2024-40977.html * https://www.suse.com/security/cve/CVE-2024-40978.html * https://www.suse.com/security/cve/CVE-2024-40981.html * https://www.suse.com/security/cve/CVE-2024-40982.html * https://www.suse.com/security/cve/CVE-2024-40984.html * https://www.suse.com/security/cve/CVE-2024-40987.html * https://www.suse.com/security/cve/CVE-2024-40988.html * https://www.suse.com/security/cve/CVE-2024-40989.html * https://www.suse.com/security/cve/CVE-2024-40990.html * https://www.suse.com/security/cve/CVE-2024-40992.html * https://www.suse.com/security/cve/CVE-2024-40994.html * https://www.suse.com/security/cve/CVE-2024-40995.html * https://www.suse.com/security/cve/CVE-2024-40997.html * https://www.suse.com/security/cve/CVE-2024-41000.html * https://www.suse.com/security/cve/CVE-2024-41001.html * https://www.suse.com/security/cve/CVE-2024-41002.html * https://www.suse.com/security/cve/CVE-2024-41004.html * https://www.suse.com/security/cve/CVE-2024-41007.html * https://www.suse.com/security/cve/CVE-2024-41009.html * https://www.suse.com/security/cve/CVE-2024-41010.html * https://www.suse.com/security/cve/CVE-2024-41011.html * https://www.suse.com/security/cve/CVE-2024-41012.html * https://www.suse.com/security/cve/CVE-2024-41015.html * https://www.suse.com/security/cve/CVE-2024-41016.html * https://www.suse.com/security/cve/CVE-2024-41020.html * https://www.suse.com/security/cve/CVE-2024-41022.html * https://www.suse.com/security/cve/CVE-2024-41024.html * https://www.suse.com/security/cve/CVE-2024-41025.html * https://www.suse.com/security/cve/CVE-2024-41028.html * https://www.suse.com/security/cve/CVE-2024-41032.html * https://www.suse.com/security/cve/CVE-2024-41035.html * https://www.suse.com/security/cve/CVE-2024-41036.html * https://www.suse.com/security/cve/CVE-2024-41037.html * https://www.suse.com/security/cve/CVE-2024-41038.html * https://www.suse.com/security/cve/CVE-2024-41039.html * https://www.suse.com/security/cve/CVE-2024-41040.html * https://www.suse.com/security/cve/CVE-2024-41041.html * https://www.suse.com/security/cve/CVE-2024-41044.html * https://www.suse.com/security/cve/CVE-2024-41045.html * https://www.suse.com/security/cve/CVE-2024-41048.html * https://www.suse.com/security/cve/CVE-2024-41049.html * https://www.suse.com/security/cve/CVE-2024-41050.html * https://www.suse.com/security/cve/CVE-2024-41051.html * https://www.suse.com/security/cve/CVE-2024-41056.html * https://www.suse.com/security/cve/CVE-2024-41057.html * https://www.suse.com/security/cve/CVE-2024-41058.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://www.suse.com/security/cve/CVE-2024-41060.html * https://www.suse.com/security/cve/CVE-2024-41061.html * https://www.suse.com/security/cve/CVE-2024-41062.html * https://www.suse.com/security/cve/CVE-2024-41063.html * https://www.suse.com/security/cve/CVE-2024-41064.html * https://www.suse.com/security/cve/CVE-2024-41065.html * https://www.suse.com/security/cve/CVE-2024-41066.html * https://www.suse.com/security/cve/CVE-2024-41068.html * https://www.suse.com/security/cve/CVE-2024-41069.html * https://www.suse.com/security/cve/CVE-2024-41070.html * https://www.suse.com/security/cve/CVE-2024-41071.html * https://www.suse.com/security/cve/CVE-2024-41072.html * https://www.suse.com/security/cve/CVE-2024-41073.html * https://www.suse.com/security/cve/CVE-2024-41074.html * https://www.suse.com/security/cve/CVE-2024-41075.html * https://www.suse.com/security/cve/CVE-2024-41076.html * https://www.suse.com/security/cve/CVE-2024-41078.html * https://www.suse.com/security/cve/CVE-2024-41079.html * https://www.suse.com/security/cve/CVE-2024-41080.html * https://www.suse.com/security/cve/CVE-2024-41081.html * https://www.suse.com/security/cve/CVE-2024-41084.html * https://www.suse.com/security/cve/CVE-2024-41087.html * https://www.suse.com/security/cve/CVE-2024-41088.html * https://www.suse.com/security/cve/CVE-2024-41089.html * https://www.suse.com/security/cve/CVE-2024-41092.html * https://www.suse.com/security/cve/CVE-2024-41093.html * https://www.suse.com/security/cve/CVE-2024-41094.html * https://www.suse.com/security/cve/CVE-2024-41095.html * https://www.suse.com/security/cve/CVE-2024-41096.html * https://www.suse.com/security/cve/CVE-2024-41097.html * https://www.suse.com/security/cve/CVE-2024-41098.html * https://www.suse.com/security/cve/CVE-2024-42064.html * https://www.suse.com/security/cve/CVE-2024-42069.html * https://www.suse.com/security/cve/CVE-2024-42070.html * https://www.suse.com/security/cve/CVE-2024-42073.html * https://www.suse.com/security/cve/CVE-2024-42074.html * https://www.suse.com/security/cve/CVE-2024-42076.html * https://www.suse.com/security/cve/CVE-2024-42077.html * https://www.suse.com/security/cve/CVE-2024-42079.html * https://www.suse.com/security/cve/CVE-2024-42080.html * https://www.suse.com/security/cve/CVE-2024-42082.html * https://www.suse.com/security/cve/CVE-2024-42085.html * https://www.suse.com/security/cve/CVE-2024-42086.html * https://www.suse.com/security/cve/CVE-2024-42087.html * https://www.suse.com/security/cve/CVE-2024-42089.html * https://www.suse.com/security/cve/CVE-2024-42090.html * https://www.suse.com/security/cve/CVE-2024-42092.html * https://www.suse.com/security/cve/CVE-2024-42093.html * https://www.suse.com/security/cve/CVE-2024-42095.html * https://www.suse.com/security/cve/CVE-2024-42096.html * https://www.suse.com/security/cve/CVE-2024-42097.html * https://www.suse.com/security/cve/CVE-2024-42098.html * https://www.suse.com/security/cve/CVE-2024-42101.html * https://www.suse.com/security/cve/CVE-2024-42104.html * https://www.suse.com/security/cve/CVE-2024-42105.html * https://www.suse.com/security/cve/CVE-2024-42106.html * https://www.suse.com/security/cve/CVE-2024-42107.html * https://www.suse.com/security/cve/CVE-2024-42109.html * https://www.suse.com/security/cve/CVE-2024-42110.html * https://www.suse.com/security/cve/CVE-2024-42113.html * https://www.suse.com/security/cve/CVE-2024-42114.html * https://www.suse.com/security/cve/CVE-2024-42115.html * https://www.suse.com/security/cve/CVE-2024-42117.html * https://www.suse.com/security/cve/CVE-2024-42119.html * https://www.suse.com/security/cve/CVE-2024-42120.html * https://www.suse.com/security/cve/CVE-2024-42121.html * https://www.suse.com/security/cve/CVE-2024-42122.html * https://www.suse.com/security/cve/CVE-2024-42124.html * https://www.suse.com/security/cve/CVE-2024-42125.html * https://www.suse.com/security/cve/CVE-2024-42126.html * https://www.suse.com/security/cve/CVE-2024-42127.html * https://www.suse.com/security/cve/CVE-2024-42130.html * https://www.suse.com/security/cve/CVE-2024-42131.html * https://www.suse.com/security/cve/CVE-2024-42132.html * https://www.suse.com/security/cve/CVE-2024-42133.html * https://www.suse.com/security/cve/CVE-2024-42136.html * https://www.suse.com/security/cve/CVE-2024-42137.html * https://www.suse.com/security/cve/CVE-2024-42138.html * https://www.suse.com/security/cve/CVE-2024-42139.html * https://www.suse.com/security/cve/CVE-2024-42141.html * https://www.suse.com/security/cve/CVE-2024-42142.html * https://www.suse.com/security/cve/CVE-2024-42143.html * https://www.suse.com/security/cve/CVE-2024-42144.html * https://www.suse.com/security/cve/CVE-2024-42145.html * https://www.suse.com/security/cve/CVE-2024-42147.html * https://www.suse.com/security/cve/CVE-2024-42148.html * https://www.suse.com/security/cve/CVE-2024-42152.html * https://www.suse.com/security/cve/CVE-2024-42153.html * https://www.suse.com/security/cve/CVE-2024-42155.html * https://www.suse.com/security/cve/CVE-2024-42156.html * https://www.suse.com/security/cve/CVE-2024-42157.html * https://www.suse.com/security/cve/CVE-2024-42158.html * https://www.suse.com/security/cve/CVE-2024-42159.html * https://www.suse.com/security/cve/CVE-2024-42161.html * https://www.suse.com/security/cve/CVE-2024-42162.html * https://www.suse.com/security/cve/CVE-2024-42223.html * https://www.suse.com/security/cve/CVE-2024-42224.html * https://www.suse.com/security/cve/CVE-2024-42225.html * https://www.suse.com/security/cve/CVE-2024-42226.html * https://www.suse.com/security/cve/CVE-2024-42227.html * https://www.suse.com/security/cve/CVE-2024-42228.html * https://www.suse.com/security/cve/CVE-2024-42229.html * https://www.suse.com/security/cve/CVE-2024-42230.html * https://www.suse.com/security/cve/CVE-2024-42232.html * https://www.suse.com/security/cve/CVE-2024-42236.html * https://www.suse.com/security/cve/CVE-2024-42237.html * https://www.suse.com/security/cve/CVE-2024-42238.html * https://www.suse.com/security/cve/CVE-2024-42239.html * https://www.suse.com/security/cve/CVE-2024-42240.html * https://www.suse.com/security/cve/CVE-2024-42241.html * https://www.suse.com/security/cve/CVE-2024-42244.html * https://www.suse.com/security/cve/CVE-2024-42245.html * https://www.suse.com/security/cve/CVE-2024-42246.html * https://www.suse.com/security/cve/CVE-2024-42247.html * https://www.suse.com/security/cve/CVE-2024-42250.html * https://www.suse.com/security/cve/CVE-2024-42253.html * https://www.suse.com/security/cve/CVE-2024-42259.html * https://www.suse.com/security/cve/CVE-2024-42268.html * https://www.suse.com/security/cve/CVE-2024-42269.html * https://www.suse.com/security/cve/CVE-2024-42270.html * https://www.suse.com/security/cve/CVE-2024-42271.html * https://www.suse.com/security/cve/CVE-2024-42274.html * https://www.suse.com/security/cve/CVE-2024-42276.html * https://www.suse.com/security/cve/CVE-2024-42277.html * https://www.suse.com/security/cve/CVE-2024-42278.html * https://www.suse.com/security/cve/CVE-2024-42279.html * https://www.suse.com/security/cve/CVE-2024-42280.html * https://www.suse.com/security/cve/CVE-2024-42281.html * https://www.suse.com/security/cve/CVE-2024-42283.html * https://www.suse.com/security/cve/CVE-2024-42284.html * https://www.suse.com/security/cve/CVE-2024-42285.html * https://www.suse.com/security/cve/CVE-2024-42286.html * https://www.suse.com/security/cve/CVE-2024-42287.html * https://www.suse.com/security/cve/CVE-2024-42288.html * https://www.suse.com/security/cve/CVE-2024-42289.html * https://www.suse.com/security/cve/CVE-2024-42290.html * https://www.suse.com/security/cve/CVE-2024-42291.html * https://www.suse.com/security/cve/CVE-2024-42292.html * https://www.suse.com/security/cve/CVE-2024-42295.html * https://www.suse.com/security/cve/CVE-2024-42298.html * https://www.suse.com/security/cve/CVE-2024-42301.html * https://www.suse.com/security/cve/CVE-2024-42302.html * https://www.suse.com/security/cve/CVE-2024-42303.html * https://www.suse.com/security/cve/CVE-2024-42308.html * https://www.suse.com/security/cve/CVE-2024-42309.html * https://www.suse.com/security/cve/CVE-2024-42310.html * https://www.suse.com/security/cve/CVE-2024-42311.html * https://www.suse.com/security/cve/CVE-2024-42312.html * https://www.suse.com/security/cve/CVE-2024-42313.html * https://www.suse.com/security/cve/CVE-2024-42314.html * https://www.suse.com/security/cve/CVE-2024-42315.html * https://www.suse.com/security/cve/CVE-2024-42316.html * https://www.suse.com/security/cve/CVE-2024-42318.html * https://www.suse.com/security/cve/CVE-2024-42319.html * https://www.suse.com/security/cve/CVE-2024-42320.html * https://www.suse.com/security/cve/CVE-2024-42322.html * https://www.suse.com/security/cve/CVE-2024-43816.html * https://www.suse.com/security/cve/CVE-2024-43817.html * https://www.suse.com/security/cve/CVE-2024-43818.html * https://www.suse.com/security/cve/CVE-2024-43819.html * https://www.suse.com/security/cve/CVE-2024-43821.html * https://www.suse.com/security/cve/CVE-2024-43823.html * https://www.suse.com/security/cve/CVE-2024-43824.html * https://www.suse.com/security/cve/CVE-2024-43825.html * https://www.suse.com/security/cve/CVE-2024-43826.html * https://www.suse.com/security/cve/CVE-2024-43829.html * https://www.suse.com/security/cve/CVE-2024-43830.html * https://www.suse.com/security/cve/CVE-2024-43831.html * https://www.suse.com/security/cve/CVE-2024-43833.html * https://www.suse.com/security/cve/CVE-2024-43834.html * https://www.suse.com/security/cve/CVE-2024-43837.html * https://www.suse.com/security/cve/CVE-2024-43839.html * https://www.suse.com/security/cve/CVE-2024-43840.html * https://www.suse.com/security/cve/CVE-2024-43841.html * https://www.suse.com/security/cve/CVE-2024-43842.html * https://www.suse.com/security/cve/CVE-2024-43846.html * https://www.suse.com/security/cve/CVE-2024-43847.html * https://www.suse.com/security/cve/CVE-2024-43849.html * https://www.suse.com/security/cve/CVE-2024-43850.html * https://www.suse.com/security/cve/CVE-2024-43851.html * https://www.suse.com/security/cve/CVE-2024-43853.html * https://www.suse.com/security/cve/CVE-2024-43854.html * https://www.suse.com/security/cve/CVE-2024-43855.html * https://www.suse.com/security/cve/CVE-2024-43856.html * https://www.suse.com/security/cve/CVE-2024-43858.html * https://www.suse.com/security/cve/CVE-2024-43860.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-43863.html * https://www.suse.com/security/cve/CVE-2024-43864.html * https://www.suse.com/security/cve/CVE-2024-43866.html * https://www.suse.com/security/cve/CVE-2024-43867.html * https://www.suse.com/security/cve/CVE-2024-43871.html * https://www.suse.com/security/cve/CVE-2024-43872.html * https://www.suse.com/security/cve/CVE-2024-43873.html * https://www.suse.com/security/cve/CVE-2024-43874.html * https://www.suse.com/security/cve/CVE-2024-43875.html * https://www.suse.com/security/cve/CVE-2024-43876.html * https://www.suse.com/security/cve/CVE-2024-43877.html * https://www.suse.com/security/cve/CVE-2024-43879.html * https://www.suse.com/security/cve/CVE-2024-43880.html * https://www.suse.com/security/cve/CVE-2024-43881.html * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-43883.html * https://www.suse.com/security/cve/CVE-2024-43884.html * https://www.suse.com/security/cve/CVE-2024-43885.html * https://www.suse.com/security/cve/CVE-2024-43889.html * https://www.suse.com/security/cve/CVE-2024-43892.html * https://www.suse.com/security/cve/CVE-2024-43893.html * https://www.suse.com/security/cve/CVE-2024-43894.html * https://www.suse.com/security/cve/CVE-2024-43895.html * https://www.suse.com/security/cve/CVE-2024-43897.html * https://www.suse.com/security/cve/CVE-2024-43899.html * https://www.suse.com/security/cve/CVE-2024-43900.html * https://www.suse.com/security/cve/CVE-2024-43902.html * https://www.suse.com/security/cve/CVE-2024-43903.html * https://www.suse.com/security/cve/CVE-2024-43905.html * https://www.suse.com/security/cve/CVE-2024-43906.html * https://www.suse.com/security/cve/CVE-2024-43907.html * https://www.suse.com/security/cve/CVE-2024-43908.html * https://www.suse.com/security/cve/CVE-2024-43909.html * https://www.suse.com/security/cve/CVE-2024-43911.html * https://www.suse.com/security/cve/CVE-2024-43912.html * https://www.suse.com/security/cve/CVE-2024-44931.html * https://www.suse.com/security/cve/CVE-2024-44938.html * https://www.suse.com/security/cve/CVE-2024-44939.html * https://bugzilla.suse.com/show_bug.cgi?id=1012628 * https://bugzilla.suse.com/show_bug.cgi?id=1193454 * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1205462 * https://bugzilla.suse.com/show_bug.cgi?id=1208783 * https://bugzilla.suse.com/show_bug.cgi?id=1213123 * https://bugzilla.suse.com/show_bug.cgi?id=1214285 * https://bugzilla.suse.com/show_bug.cgi?id=1215199 * https://bugzilla.suse.com/show_bug.cgi?id=1220066 * https://bugzilla.suse.com/show_bug.cgi?id=1220252 * https://bugzilla.suse.com/show_bug.cgi?id=1220877 * https://bugzilla.suse.com/show_bug.cgi?id=1221326 * https://bugzilla.suse.com/show_bug.cgi?id=1221630 * https://bugzilla.suse.com/show_bug.cgi?id=1221645 * https://bugzilla.suse.com/show_bug.cgi?id=1221652 * https://bugzilla.suse.com/show_bug.cgi?id=1221857 * https://bugzilla.suse.com/show_bug.cgi?id=1222254 * https://bugzilla.suse.com/show_bug.cgi?id=1222335 * https://bugzilla.suse.com/show_bug.cgi?id=1222350 * https://bugzilla.suse.com/show_bug.cgi?id=1222364 * https://bugzilla.suse.com/show_bug.cgi?id=1222372 * https://bugzilla.suse.com/show_bug.cgi?id=1222387 * https://bugzilla.suse.com/show_bug.cgi?id=1222433 * https://bugzilla.suse.com/show_bug.cgi?id=1222434 * https://bugzilla.suse.com/show_bug.cgi?id=1222463 * https://bugzilla.suse.com/show_bug.cgi?id=1222625 * https://bugzilla.suse.com/show_bug.cgi?id=1222633 * https://bugzilla.suse.com/show_bug.cgi?id=1222634 * https://bugzilla.suse.com/show_bug.cgi?id=1222808 * https://bugzilla.suse.com/show_bug.cgi?id=1222967 * https://bugzilla.suse.com/show_bug.cgi?id=1222973 * https://bugzilla.suse.com/show_bug.cgi?id=1223053 * https://bugzilla.suse.com/show_bug.cgi?id=1223074 * https://bugzilla.suse.com/show_bug.cgi?id=1223191 * https://bugzilla.suse.com/show_bug.cgi?id=1223395 * https://bugzilla.suse.com/show_bug.cgi?id=1223635 * https://bugzilla.suse.com/show_bug.cgi?id=1223720 * https://bugzilla.suse.com/show_bug.cgi?id=1223731 * https://bugzilla.suse.com/show_bug.cgi?id=1223742 * https://bugzilla.suse.com/show_bug.cgi?id=1223763 * https://bugzilla.suse.com/show_bug.cgi?id=1223767 * https://bugzilla.suse.com/show_bug.cgi?id=1223777 * https://bugzilla.suse.com/show_bug.cgi?id=1223803 * https://bugzilla.suse.com/show_bug.cgi?id=1224105 * https://bugzilla.suse.com/show_bug.cgi?id=1224415 * https://bugzilla.suse.com/show_bug.cgi?id=1224485 * https://bugzilla.suse.com/show_bug.cgi?id=1224496 * https://bugzilla.suse.com/show_bug.cgi?id=1224510 * https://bugzilla.suse.com/show_bug.cgi?id=1224535 * https://bugzilla.suse.com/show_bug.cgi?id=1224631 * https://bugzilla.suse.com/show_bug.cgi?id=1224636 * https://bugzilla.suse.com/show_bug.cgi?id=1224690 * https://bugzilla.suse.com/show_bug.cgi?id=1224694 * https://bugzilla.suse.com/show_bug.cgi?id=1224700 * https://bugzilla.suse.com/show_bug.cgi?id=1224711 * https://bugzilla.suse.com/show_bug.cgi?id=1225475 * https://bugzilla.suse.com/show_bug.cgi?id=1225582 * https://bugzilla.suse.com/show_bug.cgi?id=1225607 * https://bugzilla.suse.com/show_bug.cgi?id=1225717 * https://bugzilla.suse.com/show_bug.cgi?id=1225718 * https://bugzilla.suse.com/show_bug.cgi?id=1225744 * https://bugzilla.suse.com/show_bug.cgi?id=1225745 * https://bugzilla.suse.com/show_bug.cgi?id=1225751 * https://bugzilla.suse.com/show_bug.cgi?id=1225814 * https://bugzilla.suse.com/show_bug.cgi?id=1225832 * https://bugzilla.suse.com/show_bug.cgi?id=1225838 * https://bugzilla.suse.com/show_bug.cgi?id=1225903 * https://bugzilla.suse.com/show_bug.cgi?id=1226031 * https://bugzilla.suse.com/show_bug.cgi?id=1226127 * https://bugzilla.suse.com/show_bug.cgi?id=1226502 * https://bugzilla.suse.com/show_bug.cgi?id=1226530 * https://bugzilla.suse.com/show_bug.cgi?id=1226588 * https://bugzilla.suse.com/show_bug.cgi?id=1226604 * https://bugzilla.suse.com/show_bug.cgi?id=1226743 * https://bugzilla.suse.com/show_bug.cgi?id=1226751 * https://bugzilla.suse.com/show_bug.cgi?id=1226765 * https://bugzilla.suse.com/show_bug.cgi?id=1226798 * https://bugzilla.suse.com/show_bug.cgi?id=1226801 * https://bugzilla.suse.com/show_bug.cgi?id=1226834 * https://bugzilla.suse.com/show_bug.cgi?id=1226874 * https://bugzilla.suse.com/show_bug.cgi?id=1226885 * https://bugzilla.suse.com/show_bug.cgi?id=1226920 * https://bugzilla.suse.com/show_bug.cgi?id=1227149 * https://bugzilla.suse.com/show_bug.cgi?id=1227182 * https://bugzilla.suse.com/show_bug.cgi?id=1227383 * https://bugzilla.suse.com/show_bug.cgi?id=1227437 * https://bugzilla.suse.com/show_bug.cgi?id=1227492 * https://bugzilla.suse.com/show_bug.cgi?id=1227493 * https://bugzilla.suse.com/show_bug.cgi?id=1227494 * https://bugzilla.suse.com/show_bug.cgi?id=1227618 * https://bugzilla.suse.com/show_bug.cgi?id=1227620 * https://bugzilla.suse.com/show_bug.cgi?id=1227623 * https://bugzilla.suse.com/show_bug.cgi?id=1227627 * https://bugzilla.suse.com/show_bug.cgi?id=1227634 * https://bugzilla.suse.com/show_bug.cgi?id=1227706 * https://bugzilla.suse.com/show_bug.cgi?id=1227722 * https://bugzilla.suse.com/show_bug.cgi?id=1227724 * https://bugzilla.suse.com/show_bug.cgi?id=1227725 * https://bugzilla.suse.com/show_bug.cgi?id=1227728 * https://bugzilla.suse.com/show_bug.cgi?id=1227729 * https://bugzilla.suse.com/show_bug.cgi?id=1227732 * https://bugzilla.suse.com/show_bug.cgi?id=1227733 * https://bugzilla.suse.com/show_bug.cgi?id=1227734 * https://bugzilla.suse.com/show_bug.cgi?id=1227747 * https://bugzilla.suse.com/show_bug.cgi?id=1227750 * https://bugzilla.suse.com/show_bug.cgi?id=1227754 * https://bugzilla.suse.com/show_bug.cgi?id=1227758 * https://bugzilla.suse.com/show_bug.cgi?id=1227760 * https://bugzilla.suse.com/show_bug.cgi?id=1227761 * https://bugzilla.suse.com/show_bug.cgi?id=1227764 * https://bugzilla.suse.com/show_bug.cgi?id=1227766 * https://bugzilla.suse.com/show_bug.cgi?id=1227770 * https://bugzilla.suse.com/show_bug.cgi?id=1227771 * https://bugzilla.suse.com/show_bug.cgi?id=1227772 * https://bugzilla.suse.com/show_bug.cgi?id=1227774 * https://bugzilla.suse.com/show_bug.cgi?id=1227781 * https://bugzilla.suse.com/show_bug.cgi?id=1227784 * https://bugzilla.suse.com/show_bug.cgi?id=1227785 * https://bugzilla.suse.com/show_bug.cgi?id=1227787 * https://bugzilla.suse.com/show_bug.cgi?id=1227790 * https://bugzilla.suse.com/show_bug.cgi?id=1227791 * https://bugzilla.suse.com/show_bug.cgi?id=1227792 * https://bugzilla.suse.com/show_bug.cgi?id=1227796 * https://bugzilla.suse.com/show_bug.cgi?id=1227798 * https://bugzilla.suse.com/show_bug.cgi?id=1227799 * https://bugzilla.suse.com/show_bug.cgi?id=1227802 * https://bugzilla.suse.com/show_bug.cgi?id=1227808 * https://bugzilla.suse.com/show_bug.cgi?id=1227810 * https://bugzilla.suse.com/show_bug.cgi?id=1227811 * https://bugzilla.suse.com/show_bug.cgi?id=1227812 * https://bugzilla.suse.com/show_bug.cgi?id=1227815 * https://bugzilla.suse.com/show_bug.cgi?id=1227816 * https://bugzilla.suse.com/show_bug.cgi?id=1227818 * https://bugzilla.suse.com/show_bug.cgi?id=1227820 * https://bugzilla.suse.com/show_bug.cgi?id=1227823 * https://bugzilla.suse.com/show_bug.cgi?id=1227824 * https://bugzilla.suse.com/show_bug.cgi?id=1227826 * https://bugzilla.suse.com/show_bug.cgi?id=1227828 * https://bugzilla.suse.com/show_bug.cgi?id=1227829 * https://bugzilla.suse.com/show_bug.cgi?id=1227830 * https://bugzilla.suse.com/show_bug.cgi?id=1227832 * https://bugzilla.suse.com/show_bug.cgi?id=1227833 * https://bugzilla.suse.com/show_bug.cgi?id=1227834 * https://bugzilla.suse.com/show_bug.cgi?id=1227839 * https://bugzilla.suse.com/show_bug.cgi?id=1227840 * https://bugzilla.suse.com/show_bug.cgi?id=1227846 * https://bugzilla.suse.com/show_bug.cgi?id=1227849 * https://bugzilla.suse.com/show_bug.cgi?id=1227851 * https://bugzilla.suse.com/show_bug.cgi?id=1227853 * https://bugzilla.suse.com/show_bug.cgi?id=1227863 * https://bugzilla.suse.com/show_bug.cgi?id=1227864 * https://bugzilla.suse.com/show_bug.cgi?id=1227865 * https://bugzilla.suse.com/show_bug.cgi?id=1227867 * https://bugzilla.suse.com/show_bug.cgi?id=1227869 * https://bugzilla.suse.com/show_bug.cgi?id=1227870 * https://bugzilla.suse.com/show_bug.cgi?id=1227883 * https://bugzilla.suse.com/show_bug.cgi?id=1227884 * https://bugzilla.suse.com/show_bug.cgi?id=1227891 * https://bugzilla.suse.com/show_bug.cgi?id=1227893 * https://bugzilla.suse.com/show_bug.cgi?id=1227929 * https://bugzilla.suse.com/show_bug.cgi?id=1227950 * https://bugzilla.suse.com/show_bug.cgi?id=1227957 * https://bugzilla.suse.com/show_bug.cgi?id=1227981 * https://bugzilla.suse.com/show_bug.cgi?id=1228020 * https://bugzilla.suse.com/show_bug.cgi?id=1228021 * https://bugzilla.suse.com/show_bug.cgi?id=1228114 * https://bugzilla.suse.com/show_bug.cgi?id=1228192 * https://bugzilla.suse.com/show_bug.cgi?id=1228195 * https://bugzilla.suse.com/show_bug.cgi?id=1228202 * https://bugzilla.suse.com/show_bug.cgi?id=1228235 * https://bugzilla.suse.com/show_bug.cgi?id=1228236 * https://bugzilla.suse.com/show_bug.cgi?id=1228237 * https://bugzilla.suse.com/show_bug.cgi?id=1228247 * https://bugzilla.suse.com/show_bug.cgi?id=1228321 * https://bugzilla.suse.com/show_bug.cgi?id=1228409 * https://bugzilla.suse.com/show_bug.cgi?id=1228410 * https://bugzilla.suse.com/show_bug.cgi?id=1228426 * https://bugzilla.suse.com/show_bug.cgi?id=1228427 * https://bugzilla.suse.com/show_bug.cgi?id=1228429 * https://bugzilla.suse.com/show_bug.cgi?id=1228446 * https://bugzilla.suse.com/show_bug.cgi?id=1228447 * https://bugzilla.suse.com/show_bug.cgi?id=1228449 * https://bugzilla.suse.com/show_bug.cgi?id=1228450 * https://bugzilla.suse.com/show_bug.cgi?id=1228452 * https://bugzilla.suse.com/show_bug.cgi?id=1228456 * https://bugzilla.suse.com/show_bug.cgi?id=1228457 * https://bugzilla.suse.com/show_bug.cgi?id=1228458 * https://bugzilla.suse.com/show_bug.cgi?id=1228459 * https://bugzilla.suse.com/show_bug.cgi?id=1228460 * https://bugzilla.suse.com/show_bug.cgi?id=1228462 * https://bugzilla.suse.com/show_bug.cgi?id=1228463 * https://bugzilla.suse.com/show_bug.cgi?id=1228466 * https://bugzilla.suse.com/show_bug.cgi?id=1228467 * https://bugzilla.suse.com/show_bug.cgi?id=1228468 * https://bugzilla.suse.com/show_bug.cgi?id=1228469 * https://bugzilla.suse.com/show_bug.cgi?id=1228470 * https://bugzilla.suse.com/show_bug.cgi?id=1228472 * https://bugzilla.suse.com/show_bug.cgi?id=1228479 * https://bugzilla.suse.com/show_bug.cgi?id=1228480 * https://bugzilla.suse.com/show_bug.cgi?id=1228481 * https://bugzilla.suse.com/show_bug.cgi?id=1228482 * https://bugzilla.suse.com/show_bug.cgi?id=1228483 * https://bugzilla.suse.com/show_bug.cgi?id=1228484 * https://bugzilla.suse.com/show_bug.cgi?id=1228485 * https://bugzilla.suse.com/show_bug.cgi?id=1228486 * https://bugzilla.suse.com/show_bug.cgi?id=1228487 * https://bugzilla.suse.com/show_bug.cgi?id=1228489 * https://bugzilla.suse.com/show_bug.cgi?id=1228491 * https://bugzilla.suse.com/show_bug.cgi?id=1228492 * https://bugzilla.suse.com/show_bug.cgi?id=1228493 * https://bugzilla.suse.com/show_bug.cgi?id=1228494 * https://bugzilla.suse.com/show_bug.cgi?id=1228495 * https://bugzilla.suse.com/show_bug.cgi?id=1228496 * https://bugzilla.suse.com/show_bug.cgi?id=1228499 * https://bugzilla.suse.com/show_bug.cgi?id=1228500 * https://bugzilla.suse.com/show_bug.cgi?id=1228501 * https://bugzilla.suse.com/show_bug.cgi?id=1228502 * https://bugzilla.suse.com/show_bug.cgi?id=1228503 * https://bugzilla.suse.com/show_bug.cgi?id=1228505 * https://bugzilla.suse.com/show_bug.cgi?id=1228508 * https://bugzilla.suse.com/show_bug.cgi?id=1228509 * https://bugzilla.suse.com/show_bug.cgi?id=1228510 * https://bugzilla.suse.com/show_bug.cgi?id=1228511 * https://bugzilla.suse.com/show_bug.cgi?id=1228513 * https://bugzilla.suse.com/show_bug.cgi?id=1228515 * https://bugzilla.suse.com/show_bug.cgi?id=1228516 * https://bugzilla.suse.com/show_bug.cgi?id=1228518 * https://bugzilla.suse.com/show_bug.cgi?id=1228520 * https://bugzilla.suse.com/show_bug.cgi?id=1228525 * https://bugzilla.suse.com/show_bug.cgi?id=1228527 * https://bugzilla.suse.com/show_bug.cgi?id=1228530 * https://bugzilla.suse.com/show_bug.cgi?id=1228531 * https://bugzilla.suse.com/show_bug.cgi?id=1228539 * https://bugzilla.suse.com/show_bug.cgi?id=1228561 * https://bugzilla.suse.com/show_bug.cgi?id=1228563 * https://bugzilla.suse.com/show_bug.cgi?id=1228564 * https://bugzilla.suse.com/show_bug.cgi?id=1228565 * https://bugzilla.suse.com/show_bug.cgi?id=1228567 * https://bugzilla.suse.com/show_bug.cgi?id=1228568 * https://bugzilla.suse.com/show_bug.cgi?id=1228572 * https://bugzilla.suse.com/show_bug.cgi?id=1228576 * https://bugzilla.suse.com/show_bug.cgi?id=1228579 * https://bugzilla.suse.com/show_bug.cgi?id=1228580 * https://bugzilla.suse.com/show_bug.cgi?id=1228581 * https://bugzilla.suse.com/show_bug.cgi?id=1228582 * https://bugzilla.suse.com/show_bug.cgi?id=1228584 * https://bugzilla.suse.com/show_bug.cgi?id=1228586 * https://bugzilla.suse.com/show_bug.cgi?id=1228588 * https://bugzilla.suse.com/show_bug.cgi?id=1228590 * https://bugzilla.suse.com/show_bug.cgi?id=1228591 * https://bugzilla.suse.com/show_bug.cgi?id=1228599 * https://bugzilla.suse.com/show_bug.cgi?id=1228615 * https://bugzilla.suse.com/show_bug.cgi?id=1228616 * https://bugzilla.suse.com/show_bug.cgi?id=1228617 * https://bugzilla.suse.com/show_bug.cgi?id=1228625 * https://bugzilla.suse.com/show_bug.cgi?id=1228626 * https://bugzilla.suse.com/show_bug.cgi?id=1228633 * https://bugzilla.suse.com/show_bug.cgi?id=1228635 * https://bugzilla.suse.com/show_bug.cgi?id=1228636 * https://bugzilla.suse.com/show_bug.cgi?id=1228640 * https://bugzilla.suse.com/show_bug.cgi?id=1228643 * https://bugzilla.suse.com/show_bug.cgi?id=1228644 * https://bugzilla.suse.com/show_bug.cgi?id=1228646 * https://bugzilla.suse.com/show_bug.cgi?id=1228649 * https://bugzilla.suse.com/show_bug.cgi?id=1228650 * https://bugzilla.suse.com/show_bug.cgi?id=1228654 * https://bugzilla.suse.com/show_bug.cgi?id=1228655 * https://bugzilla.suse.com/show_bug.cgi?id=1228656 * https://bugzilla.suse.com/show_bug.cgi?id=1228658 * https://bugzilla.suse.com/show_bug.cgi?id=1228660 * https://bugzilla.suse.com/show_bug.cgi?id=1228662 * https://bugzilla.suse.com/show_bug.cgi?id=1228665 * https://bugzilla.suse.com/show_bug.cgi?id=1228666 * https://bugzilla.suse.com/show_bug.cgi?id=1228667 * https://bugzilla.suse.com/show_bug.cgi?id=1228672 * https://bugzilla.suse.com/show_bug.cgi?id=1228673 * https://bugzilla.suse.com/show_bug.cgi?id=1228674 * https://bugzilla.suse.com/show_bug.cgi?id=1228677 * https://bugzilla.suse.com/show_bug.cgi?id=1228680 * https://bugzilla.suse.com/show_bug.cgi?id=1228687 * https://bugzilla.suse.com/show_bug.cgi?id=1228705 * https://bugzilla.suse.com/show_bug.cgi?id=1228706 * https://bugzilla.suse.com/show_bug.cgi?id=1228707 * https://bugzilla.suse.com/show_bug.cgi?id=1228708 * https://bugzilla.suse.com/show_bug.cgi?id=1228709 * https://bugzilla.suse.com/show_bug.cgi?id=1228710 * https://bugzilla.suse.com/show_bug.cgi?id=1228718 * https://bugzilla.suse.com/show_bug.cgi?id=1228720 * https://bugzilla.suse.com/show_bug.cgi?id=1228721 * https://bugzilla.suse.com/show_bug.cgi?id=1228722 * https://bugzilla.suse.com/show_bug.cgi?id=1228723 * https://bugzilla.suse.com/show_bug.cgi?id=1228724 * https://bugzilla.suse.com/show_bug.cgi?id=1228726 * https://bugzilla.suse.com/show_bug.cgi?id=1228727 * https://bugzilla.suse.com/show_bug.cgi?id=1228733 * https://bugzilla.suse.com/show_bug.cgi?id=1228737 * https://bugzilla.suse.com/show_bug.cgi?id=1228743 * https://bugzilla.suse.com/show_bug.cgi?id=1228748 * https://bugzilla.suse.com/show_bug.cgi?id=1228754 * https://bugzilla.suse.com/show_bug.cgi?id=1228756 * https://bugzilla.suse.com/show_bug.cgi?id=1228757 * https://bugzilla.suse.com/show_bug.cgi?id=1228758 * https://bugzilla.suse.com/show_bug.cgi?id=1228764 * https://bugzilla.suse.com/show_bug.cgi?id=1228766 * https://bugzilla.suse.com/show_bug.cgi?id=1228779 * https://bugzilla.suse.com/show_bug.cgi?id=1228801 * https://bugzilla.suse.com/show_bug.cgi?id=1228849 * https://bugzilla.suse.com/show_bug.cgi?id=1228850 * https://bugzilla.suse.com/show_bug.cgi?id=1228857 * https://bugzilla.suse.com/show_bug.cgi?id=1228959 * https://bugzilla.suse.com/show_bug.cgi?id=1228964 * https://bugzilla.suse.com/show_bug.cgi?id=1228966 * https://bugzilla.suse.com/show_bug.cgi?id=1228967 * https://bugzilla.suse.com/show_bug.cgi?id=1228973 * https://bugzilla.suse.com/show_bug.cgi?id=1228977 * https://bugzilla.suse.com/show_bug.cgi?id=1228978 * https://bugzilla.suse.com/show_bug.cgi?id=1228979 * https://bugzilla.suse.com/show_bug.cgi?id=1228986 * https://bugzilla.suse.com/show_bug.cgi?id=1228988 * https://bugzilla.suse.com/show_bug.cgi?id=1228989 * https://bugzilla.suse.com/show_bug.cgi?id=1228991 * https://bugzilla.suse.com/show_bug.cgi?id=1228992 * https://bugzilla.suse.com/show_bug.cgi?id=1229005 * https://bugzilla.suse.com/show_bug.cgi?id=1229024 * https://bugzilla.suse.com/show_bug.cgi?id=1229042 * https://bugzilla.suse.com/show_bug.cgi?id=1229045 * https://bugzilla.suse.com/show_bug.cgi?id=1229046 * https://bugzilla.suse.com/show_bug.cgi?id=1229054 * https://bugzilla.suse.com/show_bug.cgi?id=1229056 * https://bugzilla.suse.com/show_bug.cgi?id=1229086 * https://bugzilla.suse.com/show_bug.cgi?id=1229134 * https://bugzilla.suse.com/show_bug.cgi?id=1229136 * https://bugzilla.suse.com/show_bug.cgi?id=1229154 * https://bugzilla.suse.com/show_bug.cgi?id=1229156 * https://bugzilla.suse.com/show_bug.cgi?id=1229160 * https://bugzilla.suse.com/show_bug.cgi?id=1229167 * https://bugzilla.suse.com/show_bug.cgi?id=1229168 * https://bugzilla.suse.com/show_bug.cgi?id=1229169 * https://bugzilla.suse.com/show_bug.cgi?id=1229170 * https://bugzilla.suse.com/show_bug.cgi?id=1229171 * https://bugzilla.suse.com/show_bug.cgi?id=1229172 * https://bugzilla.suse.com/show_bug.cgi?id=1229173 * https://bugzilla.suse.com/show_bug.cgi?id=1229174 * https://bugzilla.suse.com/show_bug.cgi?id=1229239 * https://bugzilla.suse.com/show_bug.cgi?id=1229240 * https://bugzilla.suse.com/show_bug.cgi?id=1229241 * https://bugzilla.suse.com/show_bug.cgi?id=1229243 * https://bugzilla.suse.com/show_bug.cgi?id=1229244 * https://bugzilla.suse.com/show_bug.cgi?id=1229245 * https://bugzilla.suse.com/show_bug.cgi?id=1229246 * https://bugzilla.suse.com/show_bug.cgi?id=1229247 * https://bugzilla.suse.com/show_bug.cgi?id=1229248 * https://bugzilla.suse.com/show_bug.cgi?id=1229249 * https://bugzilla.suse.com/show_bug.cgi?id=1229250 * https://bugzilla.suse.com/show_bug.cgi?id=1229251 * https://bugzilla.suse.com/show_bug.cgi?id=1229252 * https://bugzilla.suse.com/show_bug.cgi?id=1229253 * https://bugzilla.suse.com/show_bug.cgi?id=1229254 * https://bugzilla.suse.com/show_bug.cgi?id=1229255 * https://bugzilla.suse.com/show_bug.cgi?id=1229256 * https://bugzilla.suse.com/show_bug.cgi?id=1229287 * https://bugzilla.suse.com/show_bug.cgi?id=1229290 * https://bugzilla.suse.com/show_bug.cgi?id=1229291 * https://bugzilla.suse.com/show_bug.cgi?id=1229292 * https://bugzilla.suse.com/show_bug.cgi?id=1229294 * https://bugzilla.suse.com/show_bug.cgi?id=1229296 * https://bugzilla.suse.com/show_bug.cgi?id=1229297 * https://bugzilla.suse.com/show_bug.cgi?id=1229298 * https://bugzilla.suse.com/show_bug.cgi?id=1229299 * https://bugzilla.suse.com/show_bug.cgi?id=1229301 * https://bugzilla.suse.com/show_bug.cgi?id=1229303 * https://bugzilla.suse.com/show_bug.cgi?id=1229304 * https://bugzilla.suse.com/show_bug.cgi?id=1229305 * https://bugzilla.suse.com/show_bug.cgi?id=1229307 * https://bugzilla.suse.com/show_bug.cgi?id=1229309 * https://bugzilla.suse.com/show_bug.cgi?id=1229312 * https://bugzilla.suse.com/show_bug.cgi?id=1229313 * https://bugzilla.suse.com/show_bug.cgi?id=1229314 * https://bugzilla.suse.com/show_bug.cgi?id=1229315 * https://bugzilla.suse.com/show_bug.cgi?id=1229316 * https://bugzilla.suse.com/show_bug.cgi?id=1229317 * https://bugzilla.suse.com/show_bug.cgi?id=1229318 * https://bugzilla.suse.com/show_bug.cgi?id=1229319 * https://bugzilla.suse.com/show_bug.cgi?id=1229320 * https://bugzilla.suse.com/show_bug.cgi?id=1229327 * https://bugzilla.suse.com/show_bug.cgi?id=1229341 * https://bugzilla.suse.com/show_bug.cgi?id=1229342 * https://bugzilla.suse.com/show_bug.cgi?id=1229344 * https://bugzilla.suse.com/show_bug.cgi?id=1229345 * https://bugzilla.suse.com/show_bug.cgi?id=1229346 * https://bugzilla.suse.com/show_bug.cgi?id=1229347 * https://bugzilla.suse.com/show_bug.cgi?id=1229349 * https://bugzilla.suse.com/show_bug.cgi?id=1229350 * https://bugzilla.suse.com/show_bug.cgi?id=1229351 * https://bugzilla.suse.com/show_bug.cgi?id=1229353 * https://bugzilla.suse.com/show_bug.cgi?id=1229354 * https://bugzilla.suse.com/show_bug.cgi?id=1229355 * https://bugzilla.suse.com/show_bug.cgi?id=1229356 * https://bugzilla.suse.com/show_bug.cgi?id=1229357 * https://bugzilla.suse.com/show_bug.cgi?id=1229358 * https://bugzilla.suse.com/show_bug.cgi?id=1229359 * https://bugzilla.suse.com/show_bug.cgi?id=1229360 * https://bugzilla.suse.com/show_bug.cgi?id=1229365 * https://bugzilla.suse.com/show_bug.cgi?id=1229366 * https://bugzilla.suse.com/show_bug.cgi?id=1229369 * https://bugzilla.suse.com/show_bug.cgi?id=1229370 * https://bugzilla.suse.com/show_bug.cgi?id=1229373 * https://bugzilla.suse.com/show_bug.cgi?id=1229374 * https://bugzilla.suse.com/show_bug.cgi?id=1229379 * https://bugzilla.suse.com/show_bug.cgi?id=1229381 * https://bugzilla.suse.com/show_bug.cgi?id=1229382 * https://bugzilla.suse.com/show_bug.cgi?id=1229383 * https://bugzilla.suse.com/show_bug.cgi?id=1229386 * https://bugzilla.suse.com/show_bug.cgi?id=1229388 * https://bugzilla.suse.com/show_bug.cgi?id=1229390 * https://bugzilla.suse.com/show_bug.cgi?id=1229391 * https://bugzilla.suse.com/show_bug.cgi?id=1229392 * https://bugzilla.suse.com/show_bug.cgi?id=1229395 * https://bugzilla.suse.com/show_bug.cgi?id=1229398 * https://bugzilla.suse.com/show_bug.cgi?id=1229399 * https://bugzilla.suse.com/show_bug.cgi?id=1229400 * https://bugzilla.suse.com/show_bug.cgi?id=1229402 * https://bugzilla.suse.com/show_bug.cgi?id=1229403 * https://bugzilla.suse.com/show_bug.cgi?id=1229404 * https://bugzilla.suse.com/show_bug.cgi?id=1229407 * https://bugzilla.suse.com/show_bug.cgi?id=1229409 * https://bugzilla.suse.com/show_bug.cgi?id=1229410 * https://bugzilla.suse.com/show_bug.cgi?id=1229411 * https://bugzilla.suse.com/show_bug.cgi?id=1229413 * https://bugzilla.suse.com/show_bug.cgi?id=1229414 * https://bugzilla.suse.com/show_bug.cgi?id=1229417 * https://bugzilla.suse.com/show_bug.cgi?id=1229444 * https://bugzilla.suse.com/show_bug.cgi?id=1229451 * https://bugzilla.suse.com/show_bug.cgi?id=1229452 * https://bugzilla.suse.com/show_bug.cgi?id=1229455 * https://bugzilla.suse.com/show_bug.cgi?id=1229456 * https://bugzilla.suse.com/show_bug.cgi?id=1229480 * https://bugzilla.suse.com/show_bug.cgi?id=1229481 * https://bugzilla.suse.com/show_bug.cgi?id=1229482 * https://bugzilla.suse.com/show_bug.cgi?id=1229484 * https://bugzilla.suse.com/show_bug.cgi?id=1229485 * https://bugzilla.suse.com/show_bug.cgi?id=1229486 * https://bugzilla.suse.com/show_bug.cgi?id=1229487 * https://bugzilla.suse.com/show_bug.cgi?id=1229488 * https://bugzilla.suse.com/show_bug.cgi?id=1229489 * https://bugzilla.suse.com/show_bug.cgi?id=1229490 * https://bugzilla.suse.com/show_bug.cgi?id=1229493 * https://bugzilla.suse.com/show_bug.cgi?id=1229495 * https://bugzilla.suse.com/show_bug.cgi?id=1229496 * https://bugzilla.suse.com/show_bug.cgi?id=1229497 * https://bugzilla.suse.com/show_bug.cgi?id=1229500 * https://bugzilla.suse.com/show_bug.cgi?id=1229503 * https://bugzilla.suse.com/show_bug.cgi?id=1229707 * https://bugzilla.suse.com/show_bug.cgi?id=1229739 * https://bugzilla.suse.com/show_bug.cgi?id=1229743 * https://bugzilla.suse.com/show_bug.cgi?id=1229746 * https://bugzilla.suse.com/show_bug.cgi?id=1229747 * https://bugzilla.suse.com/show_bug.cgi?id=1229752 * https://bugzilla.suse.com/show_bug.cgi?id=1229754 * https://bugzilla.suse.com/show_bug.cgi?id=1229755 * https://bugzilla.suse.com/show_bug.cgi?id=1229756 * https://bugzilla.suse.com/show_bug.cgi?id=1229759 * https://bugzilla.suse.com/show_bug.cgi?id=1229761 * https://bugzilla.suse.com/show_bug.cgi?id=1229767 * https://bugzilla.suse.com/show_bug.cgi?id=1229781 * https://bugzilla.suse.com/show_bug.cgi?id=1229784 * https://bugzilla.suse.com/show_bug.cgi?id=1229785 * https://bugzilla.suse.com/show_bug.cgi?id=1229787 * https://bugzilla.suse.com/show_bug.cgi?id=1229788 * https://bugzilla.suse.com/show_bug.cgi?id=1229789 * https://bugzilla.suse.com/show_bug.cgi?id=1229792 * https://bugzilla.suse.com/show_bug.cgi?id=1229820 * https://bugzilla.suse.com/show_bug.cgi?id=1229827 * https://bugzilla.suse.com/show_bug.cgi?id=1229830 * https://bugzilla.suse.com/show_bug.cgi?id=1229837 * https://bugzilla.suse.com/show_bug.cgi?id=1229940 * https://bugzilla.suse.com/show_bug.cgi?id=1230056 * https://bugzilla.suse.com/show_bug.cgi?id=1230350 * https://bugzilla.suse.com/show_bug.cgi?id=1230413 * https://jira.suse.com/browse/PED-10029 * https://jira.suse.com/browse/PED-10045 * https://jira.suse.com/browse/PED-10055 * https://jira.suse.com/browse/PED-10105 * https://jira.suse.com/browse/PED-10108 * https://jira.suse.com/browse/PED-8491 * https://jira.suse.com/browse/PED-8779 * https://jira.suse.com/browse/PED-8954 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 23 16:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 23 Sep 2024 16:30:07 -0000 Subject: SUSE-SU-2024:3405-1: important: Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP5) Message-ID: <172710900776.2680.15349107888566400315@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:3405-1 Rating: important References: * bsc#1223521 * bsc#1225099 * bsc#1225313 Cross-References: * CVE-2022-48662 * CVE-2023-52846 * CVE-2024-35817 CVSS scores: * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_31 fixes several issues. The following security issues were fixed: * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2022-48662: Fixed GPF in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3405=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3405=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_31-default-12-150500.2.2 * kernel-livepatch-5_14_21-150500_55_31-default-debuginfo-12-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_6-debugsource-12-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_31-default-12-150500.2.2 * kernel-livepatch-5_14_21-150500_55_31-default-debuginfo-12-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_6-debugsource-12-150500.2.2 ## References: * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 23 16:30:26 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 23 Sep 2024 16:30:26 -0000 Subject: SUSE-SU-2024:3399-1: important: Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4) Message-ID: <172710902656.2680.2150834676358195720@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 23 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:3399-1 Rating: important References: * bsc#1219296 * bsc#1220145 * bsc#1220211 * bsc#1220828 * bsc#1220832 * bsc#1221302 * bsc#1222685 * bsc#1222882 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223521 * bsc#1223681 * bsc#1223683 * bsc#1225013 * bsc#1225099 * bsc#1225310 * bsc#1225313 Cross-References: * CVE-2022-48651 * CVE-2022-48662 * CVE-2023-52340 * CVE-2023-52502 * CVE-2023-52846 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26585 * CVE-2024-26610 * CVE-2024-26622 * CVE-2024-26766 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35817 * CVE-2024-35950 CVSS scores: * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52340 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves 18 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_108 fixes several issues. The following security issues were fixed: * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: Fully protect modes with dev->mode_config.mutex (bsc#1225310). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha->vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852: Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221302). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb->mac_header (bsc#1223514). * CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs() (bsc#1222882). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220832). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220211). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220828). * CVE-2023-52340: Fixed a denial of service related to ICMPv6 'Packet Too Big' packets (bsc#1219296). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3399=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-3399=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_23-debugsource-8-150400.9.8.2 * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-8-150400.9.8.2 * kernel-livepatch-5_14_21-150400_24_108-default-8-150400.9.8.2 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_23-debugsource-8-150400.9.8.2 * kernel-livepatch-5_14_21-150400_24_108-default-debuginfo-8-150400.9.8.2 * kernel-livepatch-5_14_21-150400_24_108-default-8-150400.9.8.2 ## References: * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26610.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://www.suse.com/security/cve/CVE-2024-26766.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://bugzilla.suse.com/show_bug.cgi?id=1219296 * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220211 * https://bugzilla.suse.com/show_bug.cgi?id=1220828 * https://bugzilla.suse.com/show_bug.cgi?id=1220832 * https://bugzilla.suse.com/show_bug.cgi?id=1221302 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 * https://bugzilla.suse.com/show_bug.cgi?id=1222882 * https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 23 16:30:29 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 23 Sep 2024 16:30:29 -0000 Subject: SUSE-SU-2024:3398-1: important: Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6) Message-ID: <172710902917.2680.3735180774333972120@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6) Announcement ID: SUSE-SU-2024:3398-1 Rating: important References: * bsc#1228349 Cross-References: * CVE-2024-40909 CVSS scores: * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_14 fixes one issue. The following security issue was fixed: * CVE-2024-40909: Fix a potential use-after-free in bpf_link_free() (bsc#1228349). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3398=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2024-3398=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-2-150600.13.6.3 * kernel-livepatch-SLE15-SP6_Update_2-debugsource-2-150600.13.6.3 * kernel-livepatch-6_4_0-150600_23_14-default-2-150600.13.6.3 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_14-default-debuginfo-2-150600.13.6.3 * kernel-livepatch-SLE15-SP6_Update_2-debugsource-2-150600.13.6.3 * kernel-livepatch-6_4_0-150600_23_14-default-2-150600.13.6.3 ## References: * https://www.suse.com/security/cve/CVE-2024-40909.html * https://bugzilla.suse.com/show_bug.cgi?id=1228349 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 23 16:30:38 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 23 Sep 2024 16:30:38 -0000 Subject: SUSE-SU-2024:3403-1: important: Security update for the Linux Kernel Message-ID: <172710903841.2680.15777108463311324428@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3403-1 Rating: important References: * bsc#1230245 * bsc#1230413 Cross-References: * CVE-2024-45003 CVSS scores: * CVE-2024-45003 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability and has one security fix can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-45003: Don't evict inode under the inode lru traversing context. (bsc#1230245) The following non-security bugs were fixed: * Revert "mm, kmsan: fix infinite recursion due to RCU critical section". (bsc#1230413) * Revert "mm/sparsemem: fix race in accessing memory_section->usage". (bsc#1230413) * Revert "mm: prevent derefencing NULL ptr in pfn_section_valid()". (bsc#1230413) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3403=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3403=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3403=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3403=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.94.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.94.1 * kernel-rt-debuginfo-5.14.21-150400.15.94.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.94.1 * SUSE Linux Enterprise Micro 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.94.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.94.1 * kernel-rt-debuginfo-5.14.21-150400.15.94.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.94.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.94.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.94.1 * kernel-rt-debuginfo-5.14.21-150400.15.94.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.94.1 * SUSE Linux Enterprise Micro 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.94.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.94.1 * kernel-rt-debuginfo-5.14.21-150400.15.94.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.94.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45003.html * https://bugzilla.suse.com/show_bug.cgi?id=1230245 * https://bugzilla.suse.com/show_bug.cgi?id=1230413 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 23 16:30:34 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 23 Sep 2024 16:30:34 -0000 Subject: SUSE-SU-2024:3404-1: moderate: Security update for rage-encryption Message-ID: <172710903435.2680.1946166068829143138@smelt2.prg2.suse.org> # Security update for rage-encryption Announcement ID: SUSE-SU-2024:3404-1 Rating: moderate References: * bsc#1229959 Cross-References: * CVE-2024-43806 CVSS scores: * CVE-2024-43806 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for rage-encryption fixes the following issues: * Update to version 0.10.0 * CVE-2024-43806: Fixed rustix::fs::Dir iterator with the linux_raw backend that can cause memory exhaustion. (bsc#1229959) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3404=1 openSUSE-SLE-15.5-2024-3404=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3404=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3404=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3404=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64) * rage-encryption-0.10.0+0-150500.3.6.1 * openSUSE Leap 15.5 (noarch) * rage-encryption-bash-completion-0.10.0+0-150500.3.6.1 * rage-encryption-fish-completion-0.10.0+0-150500.3.6.1 * rage-encryption-zsh-completion-0.10.0+0-150500.3.6.1 * openSUSE Leap 15.6 (aarch64 x86_64) * rage-encryption-0.10.0+0-150500.3.6.1 * openSUSE Leap 15.6 (noarch) * rage-encryption-bash-completion-0.10.0+0-150500.3.6.1 * rage-encryption-fish-completion-0.10.0+0-150500.3.6.1 * rage-encryption-zsh-completion-0.10.0+0-150500.3.6.1 * Basesystem Module 15-SP5 (aarch64 x86_64) * rage-encryption-0.10.0+0-150500.3.6.1 * Basesystem Module 15-SP5 (noarch) * rage-encryption-bash-completion-0.10.0+0-150500.3.6.1 * Basesystem Module 15-SP6 (aarch64 x86_64) * rage-encryption-0.10.0+0-150500.3.6.1 * Basesystem Module 15-SP6 (noarch) * rage-encryption-bash-completion-0.10.0+0-150500.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-43806.html * https://bugzilla.suse.com/show_bug.cgi?id=1229959 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 23 16:30:56 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 23 Sep 2024 16:30:56 -0000 Subject: SUSE-SU-2024:3397-1: moderate: Security update for libmfx Message-ID: <172710905687.2680.16854127251490785137@smelt2.prg2.suse.org> # Security update for libmfx Announcement ID: SUSE-SU-2024:3397-1 Rating: moderate References: * bsc#1219494 * bsc#1226892 * bsc#1226897 * bsc#1226898 * bsc#1226899 * bsc#1226900 * bsc#1226901 * jsc#PED-10024 Cross-References: * CVE-2023-22656 * CVE-2023-45221 * CVE-2023-47169 * CVE-2023-47282 * CVE-2023-48368 CVSS scores: * CVE-2023-22656 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2023-45221 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2023-47169 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-47282 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2023-48368 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 An update that solves five vulnerabilities, contains one feature and has two security fixes can now be installed. ## Description: This update for libmfx fixes the following issues: * CVE-2023-48368: Fixed an improper input validation. (bsc#1226897) * CVE-2023-45221: Fixed an improper buffer restrictions. (bsc#1226898) * CVE-2023-22656: Fixed an out-of-bounds read. (bsc#1226899) * CVE-2023-47282: Fixed an out-of-bounds write. (bsc#1226900) * CVE-2023-47169: Fixed an improper buffer restrictions. (bsc#1226901) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3397=1 ## Package List: * openSUSE Leap 15.4 (x86_64) * libmfx-debugsource-21.3.4-150400.3.5.1 * libmfx1-debuginfo-21.3.4-150400.3.5.1 * libmfx1-21.3.4-150400.3.5.1 * libmfx-21.3.4-150400.3.5.1 ## References: * https://www.suse.com/security/cve/CVE-2023-22656.html * https://www.suse.com/security/cve/CVE-2023-45221.html * https://www.suse.com/security/cve/CVE-2023-47169.html * https://www.suse.com/security/cve/CVE-2023-47282.html * https://www.suse.com/security/cve/CVE-2023-48368.html * https://bugzilla.suse.com/show_bug.cgi?id=1219494 * https://bugzilla.suse.com/show_bug.cgi?id=1226892 * https://bugzilla.suse.com/show_bug.cgi?id=1226897 * https://bugzilla.suse.com/show_bug.cgi?id=1226898 * https://bugzilla.suse.com/show_bug.cgi?id=1226899 * https://bugzilla.suse.com/show_bug.cgi?id=1226900 * https://bugzilla.suse.com/show_bug.cgi?id=1226901 * https://jira.suse.com/browse/PED-10024 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 23 16:31:02 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 23 Sep 2024 16:31:02 -0000 Subject: SUSE-SU-2024:3396-1: important: Security update for qemu Message-ID: <172710906216.2680.7480821605957904178@smelt2.prg2.suse.org> # Security update for qemu Announcement ID: SUSE-SU-2024:3396-1 Rating: important References: * bsc#1227322 * bsc#1230363 Cross-References: * CVE-2024-4467 CVSS scores: * CVE-2024-4467 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-4467 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for qemu fixes the following issues: * CVE-2024-4467: Fixed denial of service and file read/write via qemu-img info command (bsc#1227322) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3396=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3396=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3396=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3396=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3396=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3396=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3396=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3396=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3396=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3396=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3396=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3396=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3396=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * qemu-s390x-debuginfo-6.2.0-150400.37.34.1 * qemu-block-dmg-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-spice-6.2.0-150400.37.34.1 * qemu-ui-spice-core-6.2.0-150400.37.34.1 * qemu-lang-6.2.0-150400.37.34.1 * qemu-audio-oss-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-accel-tcg-x86-6.2.0-150400.37.34.1 * qemu-s390x-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.34.1 * qemu-ivshmem-tools-6.2.0-150400.37.34.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-gtk-debuginfo-6.2.0-150400.37.34.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-s390x-virtio-gpu-ccw-6.2.0-150400.37.34.1 * qemu-ksm-6.2.0-150400.37.34.1 * qemu-block-dmg-6.2.0-150400.37.34.1 * qemu-ui-curses-6.2.0-150400.37.34.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.34.1 * qemu-debuginfo-6.2.0-150400.37.34.1 * qemu-guest-agent-6.2.0-150400.37.34.1 * qemu-accel-qtest-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-pa-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-6.2.0-150400.37.34.1 * qemu-tools-6.2.0-150400.37.34.1 * qemu-linux-user-debugsource-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.34.1 * qemu-block-curl-6.2.0-150400.37.34.1 * qemu-accel-qtest-6.2.0-150400.37.34.1 * qemu-vhost-user-gpu-debuginfo-6.2.0-150400.37.34.1 * qemu-block-nfs-debuginfo-6.2.0-150400.37.34.1 * qemu-arm-6.2.0-150400.37.34.1 * qemu-block-ssh-debuginfo-6.2.0-150400.37.34.1 * qemu-extra-6.2.0-150400.37.34.1 * qemu-block-nfs-6.2.0-150400.37.34.1 * qemu-extra-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.34.1 * qemu-hw-usb-smartcard-6.2.0-150400.37.34.1 * qemu-block-gluster-6.2.0-150400.37.34.1 * qemu-ui-spice-app-6.2.0-150400.37.34.1 * qemu-audio-alsa-debuginfo-6.2.0-150400.37.34.1 * qemu-linux-user-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-baum-6.2.0-150400.37.34.1 * qemu-audio-jack-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-usb-host-debuginfo-6.2.0-150400.37.34.1 * qemu-block-iscsi-6.2.0-150400.37.34.1 * qemu-ppc-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-oss-6.2.0-150400.37.34.1 * qemu-block-gluster-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.34.1 * qemu-ivshmem-tools-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-6.2.0-150400.37.34.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-6.2.0-150400.37.34.1 * qemu-arm-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-pa-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-spice-6.2.0-150400.37.34.1 * qemu-debugsource-6.2.0-150400.37.34.1 * qemu-hw-usb-host-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.34.1 * qemu-tools-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-opengl-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-6.2.0-150400.37.34.1 * qemu-ui-spice-app-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-usb-smartcard-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-baum-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-opengl-6.2.0-150400.37.34.1 * qemu-vhost-user-gpu-6.2.0-150400.37.34.1 * qemu-ui-gtk-6.2.0-150400.37.34.1 * qemu-block-ssh-6.2.0-150400.37.34.1 * qemu-6.2.0-150400.37.34.1 * qemu-audio-jack-6.2.0-150400.37.34.1 * qemu-ui-curses-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.34.1 * qemu-block-iscsi-debuginfo-6.2.0-150400.37.34.1 * qemu-block-curl-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-alsa-6.2.0-150400.37.34.1 * qemu-ppc-6.2.0-150400.37.34.1 * qemu-linux-user-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-6.2.0-150400.37.34.1 * openSUSE Leap 15.4 (s390x x86_64 i586) * qemu-kvm-6.2.0-150400.37.34.1 * openSUSE Leap 15.4 (noarch) * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-ipxe-1.0.0+-150400.37.34.1 * qemu-sgabios-8-150400.37.34.1 * qemu-skiboot-6.2.0-150400.37.34.1 * qemu-microvm-6.2.0-150400.37.34.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-SLOF-6.2.0-150400.37.34.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * qemu-block-rbd-debuginfo-6.2.0-150400.37.34.1 * qemu-block-rbd-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * qemu-audio-spice-6.2.0-150400.37.34.1 * qemu-ui-spice-core-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.34.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.34.1 * qemu-debuginfo-6.2.0-150400.37.34.1 * qemu-guest-agent-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-6.2.0-150400.37.34.1 * qemu-tools-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-spice-6.2.0-150400.37.34.1 * qemu-debugsource-6.2.0-150400.37.34.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.34.1 * qemu-tools-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-opengl-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-6.2.0-150400.37.34.1 * qemu-ui-opengl-6.2.0-150400.37.34.1 * qemu-6.2.0-150400.37.34.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64) * qemu-arm-debuginfo-6.2.0-150400.37.34.1 * qemu-arm-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * qemu-sgabios-8-150400.37.34.1 * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-ipxe-1.0.0+-150400.37.34.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (s390x) * qemu-s390x-debuginfo-6.2.0-150400.37.34.1 * qemu-s390x-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-6.2.0-150400.37.34.1 * qemu-accel-tcg-x86-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * qemu-audio-spice-6.2.0-150400.37.34.1 * qemu-ui-spice-core-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.34.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.34.1 * qemu-debuginfo-6.2.0-150400.37.34.1 * qemu-guest-agent-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-6.2.0-150400.37.34.1 * qemu-tools-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-spice-6.2.0-150400.37.34.1 * qemu-debugsource-6.2.0-150400.37.34.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.34.1 * qemu-tools-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-opengl-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-6.2.0-150400.37.34.1 * qemu-ui-opengl-6.2.0-150400.37.34.1 * qemu-6.2.0-150400.37.34.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Micro 5.3 (aarch64) * qemu-arm-debuginfo-6.2.0-150400.37.34.1 * qemu-arm-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * qemu-sgabios-8-150400.37.34.1 * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-ipxe-1.0.0+-150400.37.34.1 * SUSE Linux Enterprise Micro 5.3 (s390x) * qemu-s390x-debuginfo-6.2.0-150400.37.34.1 * qemu-s390x-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-6.2.0-150400.37.34.1 * qemu-accel-tcg-x86-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * qemu-audio-spice-6.2.0-150400.37.34.1 * qemu-ui-spice-core-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.34.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.34.1 * qemu-debuginfo-6.2.0-150400.37.34.1 * qemu-guest-agent-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-6.2.0-150400.37.34.1 * qemu-tools-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-spice-6.2.0-150400.37.34.1 * qemu-debugsource-6.2.0-150400.37.34.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.34.1 * qemu-tools-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-opengl-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-6.2.0-150400.37.34.1 * qemu-ui-opengl-6.2.0-150400.37.34.1 * qemu-6.2.0-150400.37.34.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64) * qemu-arm-debuginfo-6.2.0-150400.37.34.1 * qemu-arm-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * qemu-sgabios-8-150400.37.34.1 * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-ipxe-1.0.0+-150400.37.34.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (s390x) * qemu-s390x-debuginfo-6.2.0-150400.37.34.1 * qemu-s390x-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-6.2.0-150400.37.34.1 * qemu-accel-tcg-x86-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * qemu-audio-spice-6.2.0-150400.37.34.1 * qemu-ui-spice-core-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.34.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.34.1 * qemu-debuginfo-6.2.0-150400.37.34.1 * qemu-guest-agent-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-6.2.0-150400.37.34.1 * qemu-tools-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-spice-6.2.0-150400.37.34.1 * qemu-debugsource-6.2.0-150400.37.34.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.34.1 * qemu-tools-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-opengl-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-6.2.0-150400.37.34.1 * qemu-ui-opengl-6.2.0-150400.37.34.1 * qemu-6.2.0-150400.37.34.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Micro 5.4 (aarch64) * qemu-arm-debuginfo-6.2.0-150400.37.34.1 * qemu-arm-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * qemu-sgabios-8-150400.37.34.1 * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-ipxe-1.0.0+-150400.37.34.1 * SUSE Linux Enterprise Micro 5.4 (s390x) * qemu-s390x-debuginfo-6.2.0-150400.37.34.1 * qemu-s390x-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-6.2.0-150400.37.34.1 * qemu-accel-tcg-x86-6.2.0-150400.37.34.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * qemu-audio-spice-6.2.0-150400.37.34.1 * qemu-ui-spice-core-6.2.0-150400.37.34.1 * qemu-lang-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.34.1 * qemu-ui-gtk-debuginfo-6.2.0-150400.37.34.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.34.1 * qemu-ksm-6.2.0-150400.37.34.1 * qemu-block-rbd-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-curses-6.2.0-150400.37.34.1 * qemu-debuginfo-6.2.0-150400.37.34.1 * qemu-guest-agent-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-6.2.0-150400.37.34.1 * qemu-tools-6.2.0-150400.37.34.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.34.1 * qemu-block-curl-6.2.0-150400.37.34.1 * qemu-block-ssh-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-spice-app-6.2.0-150400.37.34.1 * qemu-chardev-baum-6.2.0-150400.37.34.1 * qemu-hw-usb-host-debuginfo-6.2.0-150400.37.34.1 * qemu-block-iscsi-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-spice-6.2.0-150400.37.34.1 * qemu-debugsource-6.2.0-150400.37.34.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.34.1 * qemu-block-rbd-6.2.0-150400.37.34.1 * qemu-hw-usb-host-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.34.1 * qemu-tools-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-opengl-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-6.2.0-150400.37.34.1 * qemu-ui-spice-app-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-baum-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-opengl-6.2.0-150400.37.34.1 * qemu-block-ssh-6.2.0-150400.37.34.1 * qemu-6.2.0-150400.37.34.1 * qemu-ui-curses-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.34.1 * qemu-block-iscsi-debuginfo-6.2.0-150400.37.34.1 * qemu-block-curl-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-gtk-6.2.0-150400.37.34.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * qemu-arm-debuginfo-6.2.0-150400.37.34.1 * qemu-arm-6.2.0-150400.37.34.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * qemu-sgabios-8-150400.37.34.1 * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-ipxe-1.0.0+-150400.37.34.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * qemu-audio-alsa-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-6.2.0-150400.37.34.1 * qemu-audio-pa-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-pa-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-6.2.0-150400.37.34.1 * qemu-accel-tcg-x86-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.34.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-alsa-6.2.0-150400.37.34.1 * qemu-kvm-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-6.2.0-150400.37.34.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * qemu-audio-spice-6.2.0-150400.37.34.1 * qemu-ui-spice-core-6.2.0-150400.37.34.1 * qemu-lang-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.34.1 * qemu-ui-gtk-debuginfo-6.2.0-150400.37.34.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.34.1 * qemu-ksm-6.2.0-150400.37.34.1 * qemu-block-rbd-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-curses-6.2.0-150400.37.34.1 * qemu-debuginfo-6.2.0-150400.37.34.1 * qemu-guest-agent-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-6.2.0-150400.37.34.1 * qemu-tools-6.2.0-150400.37.34.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.34.1 * qemu-block-curl-6.2.0-150400.37.34.1 * qemu-block-ssh-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-spice-app-6.2.0-150400.37.34.1 * qemu-chardev-baum-6.2.0-150400.37.34.1 * qemu-hw-usb-host-debuginfo-6.2.0-150400.37.34.1 * qemu-block-iscsi-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-spice-6.2.0-150400.37.34.1 * qemu-debugsource-6.2.0-150400.37.34.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.34.1 * qemu-block-rbd-6.2.0-150400.37.34.1 * qemu-hw-usb-host-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.34.1 * qemu-tools-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-opengl-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-6.2.0-150400.37.34.1 * qemu-ui-spice-app-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-baum-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-opengl-6.2.0-150400.37.34.1 * qemu-block-ssh-6.2.0-150400.37.34.1 * qemu-6.2.0-150400.37.34.1 * qemu-ui-curses-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.34.1 * qemu-block-iscsi-debuginfo-6.2.0-150400.37.34.1 * qemu-block-curl-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-gtk-6.2.0-150400.37.34.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * qemu-arm-debuginfo-6.2.0-150400.37.34.1 * qemu-arm-6.2.0-150400.37.34.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * qemu-sgabios-8-150400.37.34.1 * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-ipxe-1.0.0+-150400.37.34.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * qemu-audio-alsa-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-6.2.0-150400.37.34.1 * qemu-audio-pa-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-pa-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-6.2.0-150400.37.34.1 * qemu-accel-tcg-x86-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.34.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-alsa-6.2.0-150400.37.34.1 * qemu-kvm-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * qemu-debugsource-6.2.0-150400.37.34.1 * qemu-debuginfo-6.2.0-150400.37.34.1 * qemu-tools-debuginfo-6.2.0-150400.37.34.1 * qemu-tools-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * qemu-lang-6.2.0-150400.37.34.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.34.1 * qemu-ksm-6.2.0-150400.37.34.1 * qemu-block-rbd-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-curses-6.2.0-150400.37.34.1 * qemu-debuginfo-6.2.0-150400.37.34.1 * qemu-guest-agent-6.2.0-150400.37.34.1 * qemu-tools-6.2.0-150400.37.34.1 * qemu-block-curl-6.2.0-150400.37.34.1 * qemu-block-ssh-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-baum-6.2.0-150400.37.34.1 * qemu-hw-usb-host-debuginfo-6.2.0-150400.37.34.1 * qemu-block-iscsi-6.2.0-150400.37.34.1 * qemu-hw-usb-host-6.2.0-150400.37.34.1 * qemu-debugsource-6.2.0-150400.37.34.1 * qemu-tools-debuginfo-6.2.0-150400.37.34.1 * qemu-block-rbd-6.2.0-150400.37.34.1 * qemu-chardev-baum-debuginfo-6.2.0-150400.37.34.1 * qemu-block-ssh-6.2.0-150400.37.34.1 * qemu-6.2.0-150400.37.34.1 * qemu-ui-curses-debuginfo-6.2.0-150400.37.34.1 * qemu-block-iscsi-debuginfo-6.2.0-150400.37.34.1 * qemu-block-curl-debuginfo-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64) * qemu-arm-debuginfo-6.2.0-150400.37.34.1 * qemu-arm-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le x86_64) * qemu-ui-opengl-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-spice-app-6.2.0-150400.37.34.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-6.2.0-150400.37.34.1 * qemu-ui-spice-app-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-spice-6.2.0-150400.37.34.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-opengl-6.2.0-150400.37.34.1 * qemu-ui-spice-core-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-gtk-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.34.1 * qemu-chardev-spice-6.2.0-150400.37.34.1 * qemu-ui-gtk-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-ipxe-1.0.0+-150400.37.34.1 * qemu-sgabios-8-150400.37.34.1 * qemu-skiboot-6.2.0-150400.37.34.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-SLOF-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (ppc64le) * qemu-ppc-6.2.0-150400.37.34.1 * qemu-ppc-debuginfo-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (s390x x86_64) * qemu-hw-display-virtio-gpu-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.34.1 * qemu-kvm-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (s390x) * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-6.2.0-150400.37.34.1 * qemu-s390x-debuginfo-6.2.0-150400.37.34.1 * qemu-s390x-6.2.0-150400.37.34.1 * qemu-hw-s390x-virtio-gpu-ccw-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * qemu-audio-alsa-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-pa-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-pa-6.2.0-150400.37.34.1 * qemu-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-6.2.0-150400.37.34.1 * qemu-accel-tcg-x86-6.2.0-150400.37.34.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-alsa-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * qemu-audio-spice-6.2.0-150400.37.34.1 * qemu-ui-spice-core-6.2.0-150400.37.34.1 * qemu-lang-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.34.1 * qemu-ui-gtk-debuginfo-6.2.0-150400.37.34.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.34.1 * qemu-ksm-6.2.0-150400.37.34.1 * qemu-block-rbd-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-curses-6.2.0-150400.37.34.1 * qemu-debuginfo-6.2.0-150400.37.34.1 * qemu-guest-agent-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-6.2.0-150400.37.34.1 * qemu-tools-6.2.0-150400.37.34.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.34.1 * qemu-block-curl-6.2.0-150400.37.34.1 * qemu-block-ssh-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-spice-app-6.2.0-150400.37.34.1 * qemu-chardev-baum-6.2.0-150400.37.34.1 * qemu-hw-usb-host-debuginfo-6.2.0-150400.37.34.1 * qemu-block-iscsi-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-spice-6.2.0-150400.37.34.1 * qemu-debugsource-6.2.0-150400.37.34.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.34.1 * qemu-block-rbd-6.2.0-150400.37.34.1 * qemu-hw-usb-host-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.34.1 * qemu-tools-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-opengl-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-6.2.0-150400.37.34.1 * qemu-ui-spice-app-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-baum-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-opengl-6.2.0-150400.37.34.1 * qemu-block-ssh-6.2.0-150400.37.34.1 * qemu-6.2.0-150400.37.34.1 * qemu-ui-curses-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.34.1 * qemu-block-iscsi-debuginfo-6.2.0-150400.37.34.1 * qemu-block-curl-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-gtk-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-ipxe-1.0.0+-150400.37.34.1 * qemu-sgabios-8-150400.37.34.1 * qemu-skiboot-6.2.0-150400.37.34.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-SLOF-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le) * qemu-ppc-6.2.0-150400.37.34.1 * qemu-ppc-debuginfo-6.2.0-150400.37.34.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * qemu-audio-alsa-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-6.2.0-150400.37.34.1 * qemu-audio-pa-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-pa-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-6.2.0-150400.37.34.1 * qemu-accel-tcg-x86-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.34.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-alsa-6.2.0-150400.37.34.1 * qemu-kvm-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-6.2.0-150400.37.34.1 * SUSE Manager Proxy 4.3 (x86_64) * qemu-audio-spice-6.2.0-150400.37.34.1 * qemu-ui-spice-core-6.2.0-150400.37.34.1 * qemu-lang-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-accel-tcg-x86-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.34.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-gtk-debuginfo-6.2.0-150400.37.34.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.34.1 * qemu-kvm-6.2.0-150400.37.34.1 * qemu-ksm-6.2.0-150400.37.34.1 * qemu-block-rbd-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-curses-6.2.0-150400.37.34.1 * qemu-debuginfo-6.2.0-150400.37.34.1 * qemu-guest-agent-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-6.2.0-150400.37.34.1 * qemu-audio-pa-6.2.0-150400.37.34.1 * qemu-tools-6.2.0-150400.37.34.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.34.1 * qemu-block-curl-6.2.0-150400.37.34.1 * qemu-block-ssh-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.34.1 * qemu-ui-spice-app-6.2.0-150400.37.34.1 * qemu-audio-alsa-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-baum-6.2.0-150400.37.34.1 * qemu-hw-usb-host-debuginfo-6.2.0-150400.37.34.1 * qemu-block-iscsi-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-6.2.0-150400.37.34.1 * qemu-audio-pa-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-spice-6.2.0-150400.37.34.1 * qemu-block-rbd-6.2.0-150400.37.34.1 * qemu-debugsource-6.2.0-150400.37.34.1 * qemu-hw-usb-host-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.34.1 * qemu-tools-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-opengl-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-6.2.0-150400.37.34.1 * qemu-ui-spice-app-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-baum-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-opengl-6.2.0-150400.37.34.1 * qemu-ui-gtk-6.2.0-150400.37.34.1 * qemu-block-ssh-6.2.0-150400.37.34.1 * qemu-6.2.0-150400.37.34.1 * qemu-ui-curses-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.34.1 * qemu-block-iscsi-debuginfo-6.2.0-150400.37.34.1 * qemu-block-curl-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-alsa-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-6.2.0-150400.37.34.1 * SUSE Manager Proxy 4.3 (noarch) * qemu-sgabios-8-150400.37.34.1 * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-ipxe-1.0.0+-150400.37.34.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * qemu-audio-spice-6.2.0-150400.37.34.1 * qemu-ui-spice-core-6.2.0-150400.37.34.1 * qemu-lang-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-accel-tcg-x86-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.34.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-gtk-debuginfo-6.2.0-150400.37.34.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.34.1 * qemu-kvm-6.2.0-150400.37.34.1 * qemu-ksm-6.2.0-150400.37.34.1 * qemu-block-rbd-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-curses-6.2.0-150400.37.34.1 * qemu-debuginfo-6.2.0-150400.37.34.1 * qemu-guest-agent-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-6.2.0-150400.37.34.1 * qemu-audio-pa-6.2.0-150400.37.34.1 * qemu-tools-6.2.0-150400.37.34.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.34.1 * qemu-block-curl-6.2.0-150400.37.34.1 * qemu-block-ssh-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.34.1 * qemu-ui-spice-app-6.2.0-150400.37.34.1 * qemu-audio-alsa-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-baum-6.2.0-150400.37.34.1 * qemu-hw-usb-host-debuginfo-6.2.0-150400.37.34.1 * qemu-block-iscsi-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-6.2.0-150400.37.34.1 * qemu-audio-pa-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-spice-6.2.0-150400.37.34.1 * qemu-block-rbd-6.2.0-150400.37.34.1 * qemu-debugsource-6.2.0-150400.37.34.1 * qemu-hw-usb-host-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.34.1 * qemu-tools-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-opengl-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-6.2.0-150400.37.34.1 * qemu-ui-spice-app-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-baum-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-opengl-6.2.0-150400.37.34.1 * qemu-ui-gtk-6.2.0-150400.37.34.1 * qemu-block-ssh-6.2.0-150400.37.34.1 * qemu-6.2.0-150400.37.34.1 * qemu-ui-curses-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.34.1 * qemu-block-iscsi-debuginfo-6.2.0-150400.37.34.1 * qemu-block-curl-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-alsa-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-6.2.0-150400.37.34.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * qemu-sgabios-8-150400.37.34.1 * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-ipxe-1.0.0+-150400.37.34.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * qemu-lang-6.2.0-150400.37.34.1 * qemu-guest-agent-debuginfo-6.2.0-150400.37.34.1 * qemu-ksm-6.2.0-150400.37.34.1 * qemu-block-rbd-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-curses-6.2.0-150400.37.34.1 * qemu-debuginfo-6.2.0-150400.37.34.1 * qemu-guest-agent-6.2.0-150400.37.34.1 * qemu-tools-6.2.0-150400.37.34.1 * qemu-block-curl-6.2.0-150400.37.34.1 * qemu-block-ssh-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-baum-6.2.0-150400.37.34.1 * qemu-hw-usb-host-debuginfo-6.2.0-150400.37.34.1 * qemu-block-iscsi-6.2.0-150400.37.34.1 * qemu-hw-usb-host-6.2.0-150400.37.34.1 * qemu-debugsource-6.2.0-150400.37.34.1 * qemu-tools-debuginfo-6.2.0-150400.37.34.1 * qemu-block-rbd-6.2.0-150400.37.34.1 * qemu-chardev-baum-debuginfo-6.2.0-150400.37.34.1 * qemu-block-ssh-6.2.0-150400.37.34.1 * qemu-6.2.0-150400.37.34.1 * qemu-ui-curses-debuginfo-6.2.0-150400.37.34.1 * qemu-block-iscsi-debuginfo-6.2.0-150400.37.34.1 * qemu-block-curl-debuginfo-6.2.0-150400.37.34.1 * SUSE Manager Server 4.3 (noarch) * qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-ipxe-1.0.0+-150400.37.34.1 * qemu-sgabios-8-150400.37.34.1 * qemu-skiboot-6.2.0-150400.37.34.1 * qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.34.1 * qemu-SLOF-6.2.0-150400.37.34.1 * SUSE Manager Server 4.3 (ppc64le x86_64) * qemu-ui-opengl-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-spice-app-6.2.0-150400.37.34.1 * qemu-ui-spice-core-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-6.2.0-150400.37.34.1 * qemu-ui-spice-app-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-spice-6.2.0-150400.37.34.1 * qemu-audio-spice-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-opengl-6.2.0-150400.37.34.1 * qemu-ui-spice-core-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-debuginfo-6.2.0-150400.37.34.1 * qemu-ui-gtk-6.2.0-150400.37.34.1 * qemu-hw-display-qxl-debuginfo-6.2.0-150400.37.34.1 * qemu-chardev-spice-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-vga-6.2.0-150400.37.34.1 * qemu-chardev-spice-6.2.0-150400.37.34.1 * qemu-ui-gtk-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-usb-redirect-debuginfo-6.2.0-150400.37.34.1 * SUSE Manager Server 4.3 (ppc64le) * qemu-ppc-6.2.0-150400.37.34.1 * qemu-ppc-debuginfo-6.2.0-150400.37.34.1 * SUSE Manager Server 4.3 (s390x x86_64) * qemu-hw-display-virtio-gpu-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-debuginfo-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.34.1 * qemu-kvm-6.2.0-150400.37.34.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-6.2.0-150400.37.34.1 * SUSE Manager Server 4.3 (s390x) * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-6.2.0-150400.37.34.1 * qemu-s390x-debuginfo-6.2.0-150400.37.34.1 * qemu-s390x-6.2.0-150400.37.34.1 * qemu-hw-s390x-virtio-gpu-ccw-6.2.0-150400.37.34.1 * SUSE Manager Server 4.3 (x86_64) * qemu-audio-alsa-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-pa-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-pa-6.2.0-150400.37.34.1 * qemu-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-x86-6.2.0-150400.37.34.1 * qemu-accel-tcg-x86-6.2.0-150400.37.34.1 * qemu-accel-tcg-x86-debuginfo-6.2.0-150400.37.34.1 * qemu-audio-alsa-6.2.0-150400.37.34.1 ## References: * https://www.suse.com/security/cve/CVE-2024-4467.html * https://bugzilla.suse.com/show_bug.cgi?id=1227322 * https://bugzilla.suse.com/show_bug.cgi?id=1230363 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 24 08:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 24 Sep 2024 08:30:14 -0000 Subject: SUSE-SU-2024:3411-1: important: Security update for python39 Message-ID: <172716661499.23731.11579400654575039855@smelt2.prg2.suse.org> # Security update for python39 Announcement ID: SUSE-SU-2024:3411-1 Rating: important References: * bsc#1229596 * bsc#1229704 * bsc#1230227 Cross-References: * CVE-2024-6232 * CVE-2024-7592 * CVE-2024-8088 CVSS scores: * CVE-2024-6232 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-6232 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6232 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8088 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Legacy Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for python39 fixes the following issues: * Update to 3.9.20: * CVE-2024-6232: excessive backtracking when parsing tarfile headers leads to ReDoS. (bsc#1230227) * CVE-2024-7592: quadratic algorithm used when parsing cookies leads to excessive resource consumption. (bsc#1229596) * CVE-2024-8088: lack of name validation when extracting a zip archive leads to infinite loops. (bsc#1229704) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3411=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3411=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3411=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-3411=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3411=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3411=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3411=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3411=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python39-core-debugsource-3.9.20-150300.4.52.1 * python39-devel-3.9.20-150300.4.52.1 * python39-base-3.9.20-150300.4.52.1 * python39-tools-3.9.20-150300.4.52.1 * python39-curses-debuginfo-3.9.20-150300.4.52.1 * python39-debugsource-3.9.20-150300.4.52.1 * python39-tk-3.9.20-150300.4.52.1 * python39-base-debuginfo-3.9.20-150300.4.52.1 * python39-doc-devhelp-3.9.20-150300.4.52.1 * python39-dbm-debuginfo-3.9.20-150300.4.52.1 * python39-dbm-3.9.20-150300.4.52.1 * libpython3_9-1_0-3.9.20-150300.4.52.1 * libpython3_9-1_0-debuginfo-3.9.20-150300.4.52.1 * python39-tk-debuginfo-3.9.20-150300.4.52.1 * python39-curses-3.9.20-150300.4.52.1 * python39-testsuite-debuginfo-3.9.20-150300.4.52.1 * python39-debuginfo-3.9.20-150300.4.52.1 * python39-testsuite-3.9.20-150300.4.52.1 * python39-3.9.20-150300.4.52.1 * python39-idle-3.9.20-150300.4.52.1 * python39-doc-3.9.20-150300.4.52.1 * openSUSE Leap 15.3 (x86_64) * python39-32bit-3.9.20-150300.4.52.1 * libpython3_9-1_0-32bit-debuginfo-3.9.20-150300.4.52.1 * python39-base-32bit-debuginfo-3.9.20-150300.4.52.1 * libpython3_9-1_0-32bit-3.9.20-150300.4.52.1 * python39-32bit-debuginfo-3.9.20-150300.4.52.1 * python39-base-32bit-3.9.20-150300.4.52.1 * openSUSE Leap 15.3 (aarch64_ilp32) * python39-64bit-3.9.20-150300.4.52.1 * libpython3_9-1_0-64bit-debuginfo-3.9.20-150300.4.52.1 * python39-base-64bit-debuginfo-3.9.20-150300.4.52.1 * python39-base-64bit-3.9.20-150300.4.52.1 * libpython3_9-1_0-64bit-3.9.20-150300.4.52.1 * python39-64bit-debuginfo-3.9.20-150300.4.52.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python39-core-debugsource-3.9.20-150300.4.52.1 * python39-devel-3.9.20-150300.4.52.1 * python39-base-3.9.20-150300.4.52.1 * python39-tools-3.9.20-150300.4.52.1 * python39-curses-debuginfo-3.9.20-150300.4.52.1 * python39-debugsource-3.9.20-150300.4.52.1 * python39-tk-3.9.20-150300.4.52.1 * python39-base-debuginfo-3.9.20-150300.4.52.1 * python39-doc-devhelp-3.9.20-150300.4.52.1 * python39-dbm-debuginfo-3.9.20-150300.4.52.1 * python39-dbm-3.9.20-150300.4.52.1 * libpython3_9-1_0-3.9.20-150300.4.52.1 * libpython3_9-1_0-debuginfo-3.9.20-150300.4.52.1 * python39-tk-debuginfo-3.9.20-150300.4.52.1 * python39-curses-3.9.20-150300.4.52.1 * python39-testsuite-debuginfo-3.9.20-150300.4.52.1 * python39-debuginfo-3.9.20-150300.4.52.1 * python39-testsuite-3.9.20-150300.4.52.1 * python39-3.9.20-150300.4.52.1 * python39-idle-3.9.20-150300.4.52.1 * python39-doc-3.9.20-150300.4.52.1 * openSUSE Leap 15.5 (x86_64) * python39-32bit-3.9.20-150300.4.52.1 * libpython3_9-1_0-32bit-debuginfo-3.9.20-150300.4.52.1 * python39-base-32bit-debuginfo-3.9.20-150300.4.52.1 * libpython3_9-1_0-32bit-3.9.20-150300.4.52.1 * python39-32bit-debuginfo-3.9.20-150300.4.52.1 * python39-base-32bit-3.9.20-150300.4.52.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python39-core-debugsource-3.9.20-150300.4.52.1 * python39-devel-3.9.20-150300.4.52.1 * python39-base-3.9.20-150300.4.52.1 * python39-tools-3.9.20-150300.4.52.1 * python39-curses-debuginfo-3.9.20-150300.4.52.1 * python39-debugsource-3.9.20-150300.4.52.1 * python39-tk-3.9.20-150300.4.52.1 * python39-base-debuginfo-3.9.20-150300.4.52.1 * python39-doc-devhelp-3.9.20-150300.4.52.1 * python39-dbm-debuginfo-3.9.20-150300.4.52.1 * python39-dbm-3.9.20-150300.4.52.1 * libpython3_9-1_0-3.9.20-150300.4.52.1 * libpython3_9-1_0-debuginfo-3.9.20-150300.4.52.1 * python39-tk-debuginfo-3.9.20-150300.4.52.1 * python39-curses-3.9.20-150300.4.52.1 * python39-testsuite-debuginfo-3.9.20-150300.4.52.1 * python39-debuginfo-3.9.20-150300.4.52.1 * python39-testsuite-3.9.20-150300.4.52.1 * python39-3.9.20-150300.4.52.1 * python39-idle-3.9.20-150300.4.52.1 * python39-doc-3.9.20-150300.4.52.1 * openSUSE Leap 15.6 (x86_64) * python39-32bit-3.9.20-150300.4.52.1 * libpython3_9-1_0-32bit-debuginfo-3.9.20-150300.4.52.1 * python39-base-32bit-debuginfo-3.9.20-150300.4.52.1 * libpython3_9-1_0-32bit-3.9.20-150300.4.52.1 * python39-32bit-debuginfo-3.9.20-150300.4.52.1 * python39-base-32bit-3.9.20-150300.4.52.1 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python39-curses-3.9.20-150300.4.52.1 * python39-base-3.9.20-150300.4.52.1 * python39-dbm-3.9.20-150300.4.52.1 * python39-3.9.20-150300.4.52.1 * libpython3_9-1_0-3.9.20-150300.4.52.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * python39-tk-debuginfo-3.9.20-150300.4.52.1 * python39-curses-3.9.20-150300.4.52.1 * python39-core-debugsource-3.9.20-150300.4.52.1 * python39-devel-3.9.20-150300.4.52.1 * python39-base-3.9.20-150300.4.52.1 * python39-debuginfo-3.9.20-150300.4.52.1 * python39-tools-3.9.20-150300.4.52.1 * python39-dbm-debuginfo-3.9.20-150300.4.52.1 * python39-curses-debuginfo-3.9.20-150300.4.52.1 * python39-debugsource-3.9.20-150300.4.52.1 * python39-tk-3.9.20-150300.4.52.1 * python39-dbm-3.9.20-150300.4.52.1 * python39-3.9.20-150300.4.52.1 * python39-base-debuginfo-3.9.20-150300.4.52.1 * libpython3_9-1_0-3.9.20-150300.4.52.1 * python39-idle-3.9.20-150300.4.52.1 * libpython3_9-1_0-debuginfo-3.9.20-150300.4.52.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * python39-tk-debuginfo-3.9.20-150300.4.52.1 * python39-curses-3.9.20-150300.4.52.1 * python39-core-debugsource-3.9.20-150300.4.52.1 * python39-devel-3.9.20-150300.4.52.1 * python39-base-3.9.20-150300.4.52.1 * python39-debuginfo-3.9.20-150300.4.52.1 * python39-tools-3.9.20-150300.4.52.1 * python39-dbm-debuginfo-3.9.20-150300.4.52.1 * python39-curses-debuginfo-3.9.20-150300.4.52.1 * python39-debugsource-3.9.20-150300.4.52.1 * python39-tk-3.9.20-150300.4.52.1 * python39-dbm-3.9.20-150300.4.52.1 * python39-3.9.20-150300.4.52.1 * python39-base-debuginfo-3.9.20-150300.4.52.1 * libpython3_9-1_0-3.9.20-150300.4.52.1 * python39-idle-3.9.20-150300.4.52.1 * libpython3_9-1_0-debuginfo-3.9.20-150300.4.52.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * python39-tk-debuginfo-3.9.20-150300.4.52.1 * python39-curses-3.9.20-150300.4.52.1 * python39-core-debugsource-3.9.20-150300.4.52.1 * python39-devel-3.9.20-150300.4.52.1 * python39-base-3.9.20-150300.4.52.1 * python39-debuginfo-3.9.20-150300.4.52.1 * python39-tools-3.9.20-150300.4.52.1 * python39-dbm-debuginfo-3.9.20-150300.4.52.1 * python39-curses-debuginfo-3.9.20-150300.4.52.1 * python39-debugsource-3.9.20-150300.4.52.1 * python39-tk-3.9.20-150300.4.52.1 * python39-dbm-3.9.20-150300.4.52.1 * python39-3.9.20-150300.4.52.1 * python39-base-debuginfo-3.9.20-150300.4.52.1 * libpython3_9-1_0-3.9.20-150300.4.52.1 * python39-idle-3.9.20-150300.4.52.1 * libpython3_9-1_0-debuginfo-3.9.20-150300.4.52.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * python39-tk-debuginfo-3.9.20-150300.4.52.1 * python39-curses-3.9.20-150300.4.52.1 * python39-core-debugsource-3.9.20-150300.4.52.1 * python39-devel-3.9.20-150300.4.52.1 * python39-base-3.9.20-150300.4.52.1 * python39-debuginfo-3.9.20-150300.4.52.1 * python39-tools-3.9.20-150300.4.52.1 * python39-dbm-debuginfo-3.9.20-150300.4.52.1 * python39-curses-debuginfo-3.9.20-150300.4.52.1 * python39-debugsource-3.9.20-150300.4.52.1 * python39-tk-3.9.20-150300.4.52.1 * python39-dbm-3.9.20-150300.4.52.1 * python39-3.9.20-150300.4.52.1 * python39-base-debuginfo-3.9.20-150300.4.52.1 * libpython3_9-1_0-3.9.20-150300.4.52.1 * python39-idle-3.9.20-150300.4.52.1 * libpython3_9-1_0-debuginfo-3.9.20-150300.4.52.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6232.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://www.suse.com/security/cve/CVE-2024-8088.html * https://bugzilla.suse.com/show_bug.cgi?id=1229596 * https://bugzilla.suse.com/show_bug.cgi?id=1229704 * https://bugzilla.suse.com/show_bug.cgi?id=1230227 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 24 08:31:40 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 24 Sep 2024 08:31:40 -0000 Subject: SUSE-SU-2024:3408-1: important: Security update for the Linux Kernel Message-ID: <172716670042.23731.11937947979881663715@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3408-1 Rating: important References: * bsc#1193629 * bsc#1194111 * bsc#1194765 * bsc#1194869 * bsc#1196261 * bsc#1196516 * bsc#1196894 * bsc#1198017 * bsc#1203360 * bsc#1206006 * bsc#1206258 * bsc#1207158 * bsc#1216834 * bsc#1221326 * bsc#1221645 * bsc#1223191 * bsc#1224105 * bsc#1227832 * bsc#1228020 * bsc#1228114 * bsc#1228466 * bsc#1228489 * bsc#1228516 * bsc#1228576 * bsc#1228718 * bsc#1228801 * bsc#1228959 * bsc#1229042 * bsc#1229292 * bsc#1229400 * bsc#1229454 * bsc#1229500 * bsc#1229503 * bsc#1229506 * bsc#1229507 * bsc#1229508 * bsc#1229509 * bsc#1229510 * bsc#1229512 * bsc#1229516 * bsc#1229522 * bsc#1229526 * bsc#1229528 * bsc#1229531 * bsc#1229533 * bsc#1229535 * bsc#1229536 * bsc#1229537 * bsc#1229540 * bsc#1229544 * bsc#1229554 * bsc#1229557 * bsc#1229565 * bsc#1229566 * bsc#1229568 * bsc#1229581 * bsc#1229598 * bsc#1229603 * bsc#1229604 * bsc#1229608 * bsc#1229611 * bsc#1229612 * bsc#1229613 * bsc#1229614 * bsc#1229617 * bsc#1229619 * bsc#1229620 * bsc#1229622 * bsc#1229623 * bsc#1229624 * bsc#1229625 * bsc#1229626 * bsc#1229628 * bsc#1229629 * bsc#1229630 * bsc#1229631 * bsc#1229635 * bsc#1229636 * bsc#1229637 * bsc#1229638 * bsc#1229639 * bsc#1229641 * bsc#1229642 * bsc#1229643 * bsc#1229645 * bsc#1229657 * bsc#1229664 * bsc#1229707 * bsc#1229792 * bsc#1230245 * bsc#1230413 Cross-References: * CVE-2021-4441 * CVE-2022-4382 * CVE-2022-48868 * CVE-2022-48869 * CVE-2022-48870 * CVE-2022-48871 * CVE-2022-48872 * CVE-2022-48873 * CVE-2022-48875 * CVE-2022-48878 * CVE-2022-48880 * CVE-2022-48890 * CVE-2022-48891 * CVE-2022-48896 * CVE-2022-48898 * CVE-2022-48899 * CVE-2022-48903 * CVE-2022-48904 * CVE-2022-48905 * CVE-2022-48907 * CVE-2022-48909 * CVE-2022-48912 * CVE-2022-48913 * CVE-2022-48914 * CVE-2022-48915 * CVE-2022-48916 * CVE-2022-48917 * CVE-2022-48918 * CVE-2022-48919 * CVE-2022-48921 * CVE-2022-48924 * CVE-2022-48925 * CVE-2022-48926 * CVE-2022-48927 * CVE-2022-48928 * CVE-2022-48929 * CVE-2022-48930 * CVE-2022-48931 * CVE-2022-48932 * CVE-2022-48934 * CVE-2022-48935 * CVE-2022-48937 * CVE-2022-48938 * CVE-2022-48941 * CVE-2022-48942 * CVE-2022-48943 * CVE-2023-52489 * CVE-2023-52893 * CVE-2023-52894 * CVE-2023-52896 * CVE-2023-52898 * CVE-2023-52900 * CVE-2023-52901 * CVE-2023-52905 * CVE-2023-52907 * CVE-2023-52911 * CVE-2024-40910 * CVE-2024-41009 * CVE-2024-41011 * CVE-2024-41062 * CVE-2024-41087 * CVE-2024-42077 * CVE-2024-42126 * CVE-2024-42230 * CVE-2024-42232 * CVE-2024-42271 * CVE-2024-43853 * CVE-2024-43861 * CVE-2024-43882 * CVE-2024-43883 * CVE-2024-44938 * CVE-2024-44947 * CVE-2024-45003 CVSS scores: * CVE-2021-4441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-4441 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-4382 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-4382 ( NVD ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48868 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48868 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48869 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48869 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48870 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48870 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2022-48871 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48872 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48872 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48873 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48873 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48875 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48875 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48878 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48878 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48878 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48880 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48880 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48890 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48890 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48891 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48891 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48896 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48898 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48899 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48904 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48904 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48905 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48907 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48909 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48912 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48912 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48913 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48914 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48914 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48915 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48916 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48916 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48917 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48918 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48918 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48919 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48919 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48919 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48921 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48921 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48924 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48926 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48926 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48927 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48927 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48928 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48928 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48929 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48931 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48932 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48932 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48934 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48934 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48935 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48935 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48937 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48937 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48938 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48938 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48941 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48942 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48942 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48943 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48943 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52489 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52893 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52894 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52894 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52894 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52896 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52898 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52898 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52898 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52900 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52900 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52900 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40910 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40910 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41009 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41011 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41011 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41087 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42126 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42230 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42230 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42230 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42271 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42271 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43883 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43883 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44938 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-44938 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-45003 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 73 vulnerabilities and has 18 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-41062: Sync sock recv cb and release (bsc#1228576). * CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454). * CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500). * CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326). * CVE-2024-44938: Fix shift-out-of-bounds in dbDiscardAG (bsc#1229792). * CVE-2024-41087: Fix double free on error (CVE-2024-41087,bsc#1228466). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) * CVE-2022-48935: Fixed an unregister flowtable hooks on netns exit (bsc#1229619) * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641) * CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400) * CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959) * CVE-2024-40910: Fix refcount imbalance on inbound connections (bsc#1227832). * CVE-2024-41009: Fix overrunning reservations in ringbuf (bsc#1228020). * CVE-2024-45003: Don't evict inode under the inode lru traversing context (bsc#1230245). The following non-security bugs were fixed: * Bluetooth: L2CAP: Fix deadlock (git-fixes). * mm, kmsan: fix infinite recursion due to RCU critical section (git-fixes). * mm: prevent derefencing NULL ptr in pfn_section_valid() (git-fixes). * Revert "mm: prevent derefencing NULL ptr in pfn_section_valid()" (bsc#1230413). * Revert "mm, kmsan: fix infinite recursion due to RCU critical section" (bsc#1230413). * Revert "mm/sparsemem: fix race in accessing memory_section->usage" (bsc#1230413). * nvme_core: scan namespaces asynchronously (bsc#1224105). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3408=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3408=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3408=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3408=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3408=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-3408=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2024-3408=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3408=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3408=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3408=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3408=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3408=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3408=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3408=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3408=1 ## Package List: * openSUSE Leap 15.4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.133.1 * openSUSE Leap 15.4 (noarch) * kernel-macros-5.14.21-150400.24.133.2 * kernel-source-vanilla-5.14.21-150400.24.133.2 * kernel-devel-5.14.21-150400.24.133.2 * kernel-source-5.14.21-150400.24.133.2 * kernel-docs-html-5.14.21-150400.24.133.1 * openSUSE Leap 15.4 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150400.24.133.2 * openSUSE Leap 15.4 (ppc64le x86_64) * kernel-debug-devel-5.14.21-150400.24.133.2 * kernel-debug-devel-debuginfo-5.14.21-150400.24.133.2 * kernel-debug-debugsource-5.14.21-150400.24.133.2 * kernel-debug-debuginfo-5.14.21-150400.24.133.2 * kernel-debug-livepatch-devel-5.14.21-150400.24.133.2 * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.133.2.150400.24.64.5 * kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.133.2 * kernel-kvmsmall-devel-5.14.21-150400.24.133.2 * kernel-kvmsmall-debugsource-5.14.21-150400.24.133.2 * kernel-kvmsmall-debuginfo-5.14.21-150400.24.133.2 * kernel-default-base-rebuild-5.14.21-150400.24.133.2.150400.24.64.5 * kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.133.2 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kernel-default-optional-5.14.21-150400.24.133.2 * ocfs2-kmp-default-5.14.21-150400.24.133.2 * kselftests-kmp-default-5.14.21-150400.24.133.2 * kernel-obs-build-debugsource-5.14.21-150400.24.133.2 * kernel-obs-qa-5.14.21-150400.24.133.1 * kselftests-kmp-default-debuginfo-5.14.21-150400.24.133.2 * reiserfs-kmp-default-5.14.21-150400.24.133.2 * gfs2-kmp-default-5.14.21-150400.24.133.2 * dlm-kmp-default-5.14.21-150400.24.133.2 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.133.2 * kernel-obs-build-5.14.21-150400.24.133.2 * kernel-default-optional-debuginfo-5.14.21-150400.24.133.2 * kernel-syms-5.14.21-150400.24.133.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.133.2 * kernel-default-debuginfo-5.14.21-150400.24.133.2 * cluster-md-kmp-default-5.14.21-150400.24.133.2 * kernel-default-extra-5.14.21-150400.24.133.2 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.133.2 * kernel-default-livepatch-5.14.21-150400.24.133.2 * dlm-kmp-default-debuginfo-5.14.21-150400.24.133.2 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.133.2 * kernel-default-livepatch-devel-5.14.21-150400.24.133.2 * kernel-default-debugsource-5.14.21-150400.24.133.2 * kernel-default-devel-debuginfo-5.14.21-150400.24.133.2 * kernel-default-devel-5.14.21-150400.24.133.2 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.133.2 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.133.2 * openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150400.24.133.2 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-1-150400.9.3.2 * kernel-livepatch-5_14_21-150400_24_133-default-1-150400.9.3.2 * kernel-livepatch-SLE15-SP4_Update_31-debugsource-1-150400.9.3.2 * openSUSE Leap 15.4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.133.2 * openSUSE Leap 15.4 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150400.24.133.2 * kernel-zfcpdump-debugsource-5.14.21-150400.24.133.2 * openSUSE Leap 15.4 (nosrc) * dtb-aarch64-5.14.21-150400.24.133.1 * openSUSE Leap 15.4 (aarch64) * dtb-amd-5.14.21-150400.24.133.1 * dtb-freescale-5.14.21-150400.24.133.1 * dtb-renesas-5.14.21-150400.24.133.1 * dtb-nvidia-5.14.21-150400.24.133.1 * dtb-xilinx-5.14.21-150400.24.133.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.133.2 * dtb-allwinner-5.14.21-150400.24.133.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.133.2 * kernel-64kb-optional-5.14.21-150400.24.133.2 * kselftests-kmp-64kb-5.14.21-150400.24.133.2 * dlm-kmp-64kb-debuginfo-5.14.21-150400.24.133.2 * dtb-altera-5.14.21-150400.24.133.1 * cluster-md-kmp-64kb-5.14.21-150400.24.133.2 * cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.133.2 * dtb-lg-5.14.21-150400.24.133.1 * kernel-64kb-devel-5.14.21-150400.24.133.2 * dtb-exynos-5.14.21-150400.24.133.1 * dtb-marvell-5.14.21-150400.24.133.1 * ocfs2-kmp-64kb-5.14.21-150400.24.133.2 * kernel-64kb-optional-debuginfo-5.14.21-150400.24.133.2 * reiserfs-kmp-64kb-5.14.21-150400.24.133.2 * kernel-64kb-debuginfo-5.14.21-150400.24.133.2 * dtb-socionext-5.14.21-150400.24.133.1 * dtb-cavium-5.14.21-150400.24.133.1 * kernel-64kb-extra-debuginfo-5.14.21-150400.24.133.2 * dtb-sprd-5.14.21-150400.24.133.1 * dtb-amlogic-5.14.21-150400.24.133.1 * dtb-mediatek-5.14.21-150400.24.133.1 * dtb-hisilicon-5.14.21-150400.24.133.1 * gfs2-kmp-64kb-5.14.21-150400.24.133.2 * dtb-qcom-5.14.21-150400.24.133.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.133.2 * dlm-kmp-64kb-5.14.21-150400.24.133.2 * dtb-apple-5.14.21-150400.24.133.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.133.2 * dtb-apm-5.14.21-150400.24.133.1 * kernel-64kb-debugsource-5.14.21-150400.24.133.2 * dtb-amazon-5.14.21-150400.24.133.1 * kernel-64kb-extra-5.14.21-150400.24.133.2 * kernel-64kb-livepatch-devel-5.14.21-150400.24.133.2 * kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.133.2 * dtb-broadcom-5.14.21-150400.24.133.1 * dtb-rockchip-5.14.21-150400.24.133.1 * dtb-arm-5.14.21-150400.24.133.1 * openSUSE Leap 15.4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.133.2.150400.24.64.5 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.133.2 * kernel-default-debuginfo-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.133.2.150400.24.64.5 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.133.2 * kernel-default-debuginfo-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.133.2.150400.24.64.5 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.133.2 * kernel-default-debuginfo-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.133.2.150400.24.64.5 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.133.2 * kernel-default-debuginfo-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Live Patching 15-SP4 (nosrc) * kernel-default-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_133-default-1-150400.9.3.2 * kernel-default-livepatch-devel-5.14.21-150400.24.133.2 * kernel-default-livepatch-5.14.21-150400.24.133.2 * kernel-default-debugsource-5.14.21-150400.24.133.2 * kernel-livepatch-SLE15-SP4_Update_31-debugsource-1-150400.9.3.2 * kernel-livepatch-5_14_21-150400_24_133-default-debuginfo-1-150400.9.3.2 * kernel-default-debuginfo-5.14.21-150400.24.133.2 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-5.14.21-150400.24.133.2 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.133.2 * ocfs2-kmp-default-5.14.21-150400.24.133.2 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.133.2 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.133.2 * kernel-default-debuginfo-5.14.21-150400.24.133.2 * kernel-default-debugsource-5.14.21-150400.24.133.2 * dlm-kmp-default-debuginfo-5.14.21-150400.24.133.2 * gfs2-kmp-default-5.14.21-150400.24.133.2 * dlm-kmp-default-5.14.21-150400.24.133.2 * SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc) * kernel-default-5.14.21-150400.24.133.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.133.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * kernel-64kb-devel-5.14.21-150400.24.133.2 * kernel-64kb-debugsource-5.14.21-150400.24.133.2 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.133.2 * kernel-64kb-debuginfo-5.14.21-150400.24.133.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.133.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.133.2.150400.24.64.5 * kernel-obs-build-debugsource-5.14.21-150400.24.133.2 * kernel-obs-build-5.14.21-150400.24.133.2 * reiserfs-kmp-default-5.14.21-150400.24.133.2 * kernel-default-debugsource-5.14.21-150400.24.133.2 * kernel-syms-5.14.21-150400.24.133.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.133.2 * kernel-default-devel-5.14.21-150400.24.133.2 * kernel-default-debuginfo-5.14.21-150400.24.133.2 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.133.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * kernel-macros-5.14.21-150400.24.133.2 * kernel-devel-5.14.21-150400.24.133.2 * kernel-source-5.14.21-150400.24.133.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.133.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.133.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * kernel-64kb-devel-5.14.21-150400.24.133.2 * kernel-64kb-debugsource-5.14.21-150400.24.133.2 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.133.2 * kernel-64kb-debuginfo-5.14.21-150400.24.133.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.133.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.133.2.150400.24.64.5 * kernel-obs-build-debugsource-5.14.21-150400.24.133.2 * kernel-obs-build-5.14.21-150400.24.133.2 * reiserfs-kmp-default-5.14.21-150400.24.133.2 * kernel-default-debugsource-5.14.21-150400.24.133.2 * kernel-syms-5.14.21-150400.24.133.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.133.2 * kernel-default-devel-5.14.21-150400.24.133.2 * kernel-default-debuginfo-5.14.21-150400.24.133.2 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.133.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * kernel-macros-5.14.21-150400.24.133.2 * kernel-devel-5.14.21-150400.24.133.2 * kernel-source-5.14.21-150400.24.133.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.133.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (nosrc x86_64) * kernel-default-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * kernel-default-base-5.14.21-150400.24.133.2.150400.24.64.5 * kernel-default-extra-5.14.21-150400.24.133.2 * kernel-obs-build-debugsource-5.14.21-150400.24.133.2 * kernel-obs-build-5.14.21-150400.24.133.2 * kernel-default-debugsource-5.14.21-150400.24.133.2 * kernel-syms-5.14.21-150400.24.133.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.133.2 * kernel-default-extra-debuginfo-5.14.21-150400.24.133.2 * kernel-default-devel-5.14.21-150400.24.133.2 * kernel-default-debuginfo-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * kernel-macros-5.14.21-150400.24.133.2 * kernel-devel-5.14.21-150400.24.133.2 * kernel-source-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.133.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64) * kernel-64kb-devel-5.14.21-150400.24.133.2 * kernel-64kb-debugsource-5.14.21-150400.24.133.2 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.133.2 * kernel-64kb-debuginfo-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.133.2.150400.24.64.5 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-5.14.21-150400.24.133.2 * kernel-obs-build-5.14.21-150400.24.133.2 * reiserfs-kmp-default-5.14.21-150400.24.133.2 * kernel-default-debugsource-5.14.21-150400.24.133.2 * kernel-syms-5.14.21-150400.24.133.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.133.2 * kernel-default-devel-5.14.21-150400.24.133.2 * kernel-default-debuginfo-5.14.21-150400.24.133.2 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * kernel-macros-5.14.21-150400.24.133.2 * kernel-devel-5.14.21-150400.24.133.2 * kernel-source-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.133.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150400.24.133.2 * kernel-zfcpdump-debugsource-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.133.2.150400.24.64.5 * kernel-obs-build-debugsource-5.14.21-150400.24.133.2 * kernel-obs-build-5.14.21-150400.24.133.2 * reiserfs-kmp-default-5.14.21-150400.24.133.2 * kernel-default-debugsource-5.14.21-150400.24.133.2 * kernel-syms-5.14.21-150400.24.133.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.133.2 * kernel-default-devel-5.14.21-150400.24.133.2 * kernel-default-debuginfo-5.14.21-150400.24.133.2 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * kernel-macros-5.14.21-150400.24.133.2 * kernel-devel-5.14.21-150400.24.133.2 * kernel-source-5.14.21-150400.24.133.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.133.1 * SUSE Manager Proxy 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.133.2 * SUSE Manager Proxy 4.3 (x86_64) * kernel-default-base-5.14.21-150400.24.133.2.150400.24.64.5 * kernel-default-debugsource-5.14.21-150400.24.133.2 * kernel-syms-5.14.21-150400.24.133.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.133.2 * kernel-default-devel-5.14.21-150400.24.133.2 * kernel-default-debuginfo-5.14.21-150400.24.133.2 * SUSE Manager Proxy 4.3 (noarch) * kernel-macros-5.14.21-150400.24.133.2 * kernel-devel-5.14.21-150400.24.133.2 * kernel-source-5.14.21-150400.24.133.2 * SUSE Manager Retail Branch Server 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.133.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * kernel-default-base-5.14.21-150400.24.133.2.150400.24.64.5 * kernel-default-debugsource-5.14.21-150400.24.133.2 * kernel-default-devel-debuginfo-5.14.21-150400.24.133.2 * kernel-default-devel-5.14.21-150400.24.133.2 * kernel-default-debuginfo-5.14.21-150400.24.133.2 * SUSE Manager Retail Branch Server 4.3 (noarch) * kernel-macros-5.14.21-150400.24.133.2 * kernel-devel-5.14.21-150400.24.133.2 * SUSE Manager Server 4.3 (nosrc ppc64le s390x x86_64) * kernel-default-5.14.21-150400.24.133.2 * SUSE Manager Server 4.3 (ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.133.2.150400.24.64.5 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.133.2 * kernel-syms-5.14.21-150400.24.133.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.133.2 * kernel-default-devel-5.14.21-150400.24.133.2 * kernel-default-debuginfo-5.14.21-150400.24.133.2 * SUSE Manager Server 4.3 (noarch) * kernel-macros-5.14.21-150400.24.133.2 * kernel-devel-5.14.21-150400.24.133.2 * kernel-source-5.14.21-150400.24.133.2 * SUSE Manager Server 4.3 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.133.2 * SUSE Manager Server 4.3 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150400.24.133.2 * kernel-zfcpdump-debugsource-5.14.21-150400.24.133.2 ## References: * https://www.suse.com/security/cve/CVE-2021-4441.html * https://www.suse.com/security/cve/CVE-2022-4382.html * https://www.suse.com/security/cve/CVE-2022-48868.html * https://www.suse.com/security/cve/CVE-2022-48869.html * https://www.suse.com/security/cve/CVE-2022-48870.html * https://www.suse.com/security/cve/CVE-2022-48871.html * https://www.suse.com/security/cve/CVE-2022-48872.html * https://www.suse.com/security/cve/CVE-2022-48873.html * https://www.suse.com/security/cve/CVE-2022-48875.html * https://www.suse.com/security/cve/CVE-2022-48878.html * https://www.suse.com/security/cve/CVE-2022-48880.html * https://www.suse.com/security/cve/CVE-2022-48890.html * https://www.suse.com/security/cve/CVE-2022-48891.html * https://www.suse.com/security/cve/CVE-2022-48896.html * https://www.suse.com/security/cve/CVE-2022-48898.html * https://www.suse.com/security/cve/CVE-2022-48899.html * https://www.suse.com/security/cve/CVE-2022-48903.html * https://www.suse.com/security/cve/CVE-2022-48904.html * https://www.suse.com/security/cve/CVE-2022-48905.html * https://www.suse.com/security/cve/CVE-2022-48907.html * https://www.suse.com/security/cve/CVE-2022-48909.html * https://www.suse.com/security/cve/CVE-2022-48912.html * https://www.suse.com/security/cve/CVE-2022-48913.html * https://www.suse.com/security/cve/CVE-2022-48914.html * https://www.suse.com/security/cve/CVE-2022-48915.html * https://www.suse.com/security/cve/CVE-2022-48916.html * https://www.suse.com/security/cve/CVE-2022-48917.html * https://www.suse.com/security/cve/CVE-2022-48918.html * https://www.suse.com/security/cve/CVE-2022-48919.html * https://www.suse.com/security/cve/CVE-2022-48921.html * https://www.suse.com/security/cve/CVE-2022-48924.html * https://www.suse.com/security/cve/CVE-2022-48925.html * https://www.suse.com/security/cve/CVE-2022-48926.html * https://www.suse.com/security/cve/CVE-2022-48927.html * https://www.suse.com/security/cve/CVE-2022-48928.html * https://www.suse.com/security/cve/CVE-2022-48929.html * https://www.suse.com/security/cve/CVE-2022-48930.html * https://www.suse.com/security/cve/CVE-2022-48931.html * https://www.suse.com/security/cve/CVE-2022-48932.html * https://www.suse.com/security/cve/CVE-2022-48934.html * https://www.suse.com/security/cve/CVE-2022-48935.html * https://www.suse.com/security/cve/CVE-2022-48937.html * https://www.suse.com/security/cve/CVE-2022-48938.html * https://www.suse.com/security/cve/CVE-2022-48941.html * https://www.suse.com/security/cve/CVE-2022-48942.html * https://www.suse.com/security/cve/CVE-2022-48943.html * https://www.suse.com/security/cve/CVE-2023-52489.html * https://www.suse.com/security/cve/CVE-2023-52893.html * https://www.suse.com/security/cve/CVE-2023-52894.html * https://www.suse.com/security/cve/CVE-2023-52896.html * https://www.suse.com/security/cve/CVE-2023-52898.html * https://www.suse.com/security/cve/CVE-2023-52900.html * https://www.suse.com/security/cve/CVE-2023-52901.html * https://www.suse.com/security/cve/CVE-2023-52905.html * https://www.suse.com/security/cve/CVE-2023-52907.html * https://www.suse.com/security/cve/CVE-2023-52911.html * https://www.suse.com/security/cve/CVE-2024-40910.html * https://www.suse.com/security/cve/CVE-2024-41009.html * https://www.suse.com/security/cve/CVE-2024-41011.html * https://www.suse.com/security/cve/CVE-2024-41062.html * https://www.suse.com/security/cve/CVE-2024-41087.html * https://www.suse.com/security/cve/CVE-2024-42077.html * https://www.suse.com/security/cve/CVE-2024-42126.html * https://www.suse.com/security/cve/CVE-2024-42230.html * https://www.suse.com/security/cve/CVE-2024-42232.html * https://www.suse.com/security/cve/CVE-2024-42271.html * https://www.suse.com/security/cve/CVE-2024-43853.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-43883.html * https://www.suse.com/security/cve/CVE-2024-44938.html * https://www.suse.com/security/cve/CVE-2024-44947.html * https://www.suse.com/security/cve/CVE-2024-45003.html * https://bugzilla.suse.com/show_bug.cgi?id=1193629 * https://bugzilla.suse.com/show_bug.cgi?id=1194111 * https://bugzilla.suse.com/show_bug.cgi?id=1194765 * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1196261 * https://bugzilla.suse.com/show_bug.cgi?id=1196516 * https://bugzilla.suse.com/show_bug.cgi?id=1196894 * https://bugzilla.suse.com/show_bug.cgi?id=1198017 * https://bugzilla.suse.com/show_bug.cgi?id=1203360 * https://bugzilla.suse.com/show_bug.cgi?id=1206006 * https://bugzilla.suse.com/show_bug.cgi?id=1206258 * https://bugzilla.suse.com/show_bug.cgi?id=1207158 * https://bugzilla.suse.com/show_bug.cgi?id=1216834 * https://bugzilla.suse.com/show_bug.cgi?id=1221326 * https://bugzilla.suse.com/show_bug.cgi?id=1221645 * https://bugzilla.suse.com/show_bug.cgi?id=1223191 * https://bugzilla.suse.com/show_bug.cgi?id=1224105 * https://bugzilla.suse.com/show_bug.cgi?id=1227832 * https://bugzilla.suse.com/show_bug.cgi?id=1228020 * https://bugzilla.suse.com/show_bug.cgi?id=1228114 * https://bugzilla.suse.com/show_bug.cgi?id=1228466 * https://bugzilla.suse.com/show_bug.cgi?id=1228489 * https://bugzilla.suse.com/show_bug.cgi?id=1228516 * https://bugzilla.suse.com/show_bug.cgi?id=1228576 * https://bugzilla.suse.com/show_bug.cgi?id=1228718 * https://bugzilla.suse.com/show_bug.cgi?id=1228801 * https://bugzilla.suse.com/show_bug.cgi?id=1228959 * https://bugzilla.suse.com/show_bug.cgi?id=1229042 * https://bugzilla.suse.com/show_bug.cgi?id=1229292 * https://bugzilla.suse.com/show_bug.cgi?id=1229400 * https://bugzilla.suse.com/show_bug.cgi?id=1229454 * https://bugzilla.suse.com/show_bug.cgi?id=1229500 * https://bugzilla.suse.com/show_bug.cgi?id=1229503 * https://bugzilla.suse.com/show_bug.cgi?id=1229506 * https://bugzilla.suse.com/show_bug.cgi?id=1229507 * https://bugzilla.suse.com/show_bug.cgi?id=1229508 * https://bugzilla.suse.com/show_bug.cgi?id=1229509 * https://bugzilla.suse.com/show_bug.cgi?id=1229510 * https://bugzilla.suse.com/show_bug.cgi?id=1229512 * https://bugzilla.suse.com/show_bug.cgi?id=1229516 * https://bugzilla.suse.com/show_bug.cgi?id=1229522 * https://bugzilla.suse.com/show_bug.cgi?id=1229526 * https://bugzilla.suse.com/show_bug.cgi?id=1229528 * https://bugzilla.suse.com/show_bug.cgi?id=1229531 * https://bugzilla.suse.com/show_bug.cgi?id=1229533 * https://bugzilla.suse.com/show_bug.cgi?id=1229535 * https://bugzilla.suse.com/show_bug.cgi?id=1229536 * https://bugzilla.suse.com/show_bug.cgi?id=1229537 * https://bugzilla.suse.com/show_bug.cgi?id=1229540 * https://bugzilla.suse.com/show_bug.cgi?id=1229544 * https://bugzilla.suse.com/show_bug.cgi?id=1229554 * https://bugzilla.suse.com/show_bug.cgi?id=1229557 * https://bugzilla.suse.com/show_bug.cgi?id=1229565 * https://bugzilla.suse.com/show_bug.cgi?id=1229566 * https://bugzilla.suse.com/show_bug.cgi?id=1229568 * https://bugzilla.suse.com/show_bug.cgi?id=1229581 * https://bugzilla.suse.com/show_bug.cgi?id=1229598 * https://bugzilla.suse.com/show_bug.cgi?id=1229603 * https://bugzilla.suse.com/show_bug.cgi?id=1229604 * https://bugzilla.suse.com/show_bug.cgi?id=1229608 * https://bugzilla.suse.com/show_bug.cgi?id=1229611 * https://bugzilla.suse.com/show_bug.cgi?id=1229612 * https://bugzilla.suse.com/show_bug.cgi?id=1229613 * https://bugzilla.suse.com/show_bug.cgi?id=1229614 * https://bugzilla.suse.com/show_bug.cgi?id=1229617 * https://bugzilla.suse.com/show_bug.cgi?id=1229619 * https://bugzilla.suse.com/show_bug.cgi?id=1229620 * https://bugzilla.suse.com/show_bug.cgi?id=1229622 * https://bugzilla.suse.com/show_bug.cgi?id=1229623 * https://bugzilla.suse.com/show_bug.cgi?id=1229624 * https://bugzilla.suse.com/show_bug.cgi?id=1229625 * https://bugzilla.suse.com/show_bug.cgi?id=1229626 * https://bugzilla.suse.com/show_bug.cgi?id=1229628 * https://bugzilla.suse.com/show_bug.cgi?id=1229629 * https://bugzilla.suse.com/show_bug.cgi?id=1229630 * https://bugzilla.suse.com/show_bug.cgi?id=1229631 * https://bugzilla.suse.com/show_bug.cgi?id=1229635 * https://bugzilla.suse.com/show_bug.cgi?id=1229636 * https://bugzilla.suse.com/show_bug.cgi?id=1229637 * https://bugzilla.suse.com/show_bug.cgi?id=1229638 * https://bugzilla.suse.com/show_bug.cgi?id=1229639 * https://bugzilla.suse.com/show_bug.cgi?id=1229641 * https://bugzilla.suse.com/show_bug.cgi?id=1229642 * https://bugzilla.suse.com/show_bug.cgi?id=1229643 * https://bugzilla.suse.com/show_bug.cgi?id=1229645 * https://bugzilla.suse.com/show_bug.cgi?id=1229657 * https://bugzilla.suse.com/show_bug.cgi?id=1229664 * https://bugzilla.suse.com/show_bug.cgi?id=1229707 * https://bugzilla.suse.com/show_bug.cgi?id=1229792 * https://bugzilla.suse.com/show_bug.cgi?id=1230245 * https://bugzilla.suse.com/show_bug.cgi?id=1230413 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 24 16:30:05 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 24 Sep 2024 16:30:05 -0000 Subject: SUSE-SU-2024:3424-1: moderate: Security update for xen Message-ID: <172719540562.15760.1963336971838471432@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:3424-1 Rating: moderate References: * bsc#1230366 Cross-References: * CVE-2024-45817 CVSS scores: * CVE-2024-45817 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-45817 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2024-45817: Fixed a deadlock in vlapic_error. (bsc#1230366, XSA-462) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3424=1 openSUSE-SLE-15.6-2024-3424=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3424=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-3424=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64 i586) * xen-debugsource-4.18.3_04-150600.3.9.1 * xen-devel-4.18.3_04-150600.3.9.1 * xen-tools-domU-4.18.3_04-150600.3.9.1 * xen-tools-domU-debuginfo-4.18.3_04-150600.3.9.1 * xen-libs-debuginfo-4.18.3_04-150600.3.9.1 * xen-libs-4.18.3_04-150600.3.9.1 * openSUSE Leap 15.6 (x86_64) * xen-libs-32bit-4.18.3_04-150600.3.9.1 * xen-libs-32bit-debuginfo-4.18.3_04-150600.3.9.1 * openSUSE Leap 15.6 (aarch64 x86_64) * xen-tools-4.18.3_04-150600.3.9.1 * xen-tools-debuginfo-4.18.3_04-150600.3.9.1 * xen-4.18.3_04-150600.3.9.1 * xen-doc-html-4.18.3_04-150600.3.9.1 * openSUSE Leap 15.6 (noarch) * xen-tools-xendomains-wait-disk-4.18.3_04-150600.3.9.1 * openSUSE Leap 15.6 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.18.3_04-150600.3.9.1 * xen-libs-64bit-4.18.3_04-150600.3.9.1 * Basesystem Module 15-SP6 (x86_64) * xen-debugsource-4.18.3_04-150600.3.9.1 * xen-tools-domU-debuginfo-4.18.3_04-150600.3.9.1 * xen-tools-domU-4.18.3_04-150600.3.9.1 * xen-libs-debuginfo-4.18.3_04-150600.3.9.1 * xen-libs-4.18.3_04-150600.3.9.1 * Server Applications Module 15-SP6 (x86_64) * xen-debugsource-4.18.3_04-150600.3.9.1 * xen-devel-4.18.3_04-150600.3.9.1 * xen-tools-4.18.3_04-150600.3.9.1 * xen-4.18.3_04-150600.3.9.1 * xen-tools-debuginfo-4.18.3_04-150600.3.9.1 * Server Applications Module 15-SP6 (noarch) * xen-tools-xendomains-wait-disk-4.18.3_04-150600.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45817.html * https://bugzilla.suse.com/show_bug.cgi?id=1230366 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 24 16:30:14 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 24 Sep 2024 16:30:14 -0000 Subject: SUSE-SU-2024:3423-1: important: Security update for xen Message-ID: <172719541469.15760.10907356612528485995@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:3423-1 Rating: important References: * bsc#1222453 * bsc#1227355 * bsc#1228574 * bsc#1228575 * bsc#1230366 Cross-References: * CVE-2024-2201 * CVE-2024-31143 * CVE-2024-31145 * CVE-2024-31146 * CVE-2024-45817 CVSS scores: * CVE-2024-2201 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-31143 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-31145 ( SUSE ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2024-31146 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2024-45817 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-45817 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2024-2201: Mitigation for Native Branch History Injection (XSA-456, bsc#1222453) * CVE-2024-31143: Fixed double unlock in x86 guest IRQ handling (XSA-458, bsc#1227355) * CVE-2024-31145: Fixed error handling in x86 IOMMU identity mapping (XSA-460, bsc#1228574) * CVE-2024-31146: Fixed PCI device pass-through with shared resources (XSA-461, bsc#1228575) * CVE-2024-45817: Fixed a deadlock in vlapic_error (XSA-462, bsc#1230366) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3423=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3423=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3423=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3423=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3423=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3423=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3423=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3423=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3423=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3423=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3423=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3423=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3423=1 ## Package List: * openSUSE Leap 15.4 (aarch64 x86_64 i586) * xen-tools-domU-debuginfo-4.16.6_04-150400.4.62.1 * xen-libs-4.16.6_04-150400.4.62.1 * xen-tools-domU-4.16.6_04-150400.4.62.1 * xen-devel-4.16.6_04-150400.4.62.1 * xen-debugsource-4.16.6_04-150400.4.62.1 * xen-libs-debuginfo-4.16.6_04-150400.4.62.1 * openSUSE Leap 15.4 (x86_64) * xen-libs-32bit-debuginfo-4.16.6_04-150400.4.62.1 * xen-libs-32bit-4.16.6_04-150400.4.62.1 * openSUSE Leap 15.4 (aarch64 x86_64) * xen-doc-html-4.16.6_04-150400.4.62.1 * xen-tools-4.16.6_04-150400.4.62.1 * xen-4.16.6_04-150400.4.62.1 * xen-tools-debuginfo-4.16.6_04-150400.4.62.1 * openSUSE Leap 15.4 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_04-150400.4.62.1 * openSUSE Leap 15.4 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.16.6_04-150400.4.62.1 * xen-libs-64bit-4.16.6_04-150400.4.62.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * xen-debugsource-4.16.6_04-150400.4.62.1 * xen-libs-debuginfo-4.16.6_04-150400.4.62.1 * xen-libs-4.16.6_04-150400.4.62.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * xen-debugsource-4.16.6_04-150400.4.62.1 * xen-libs-debuginfo-4.16.6_04-150400.4.62.1 * xen-libs-4.16.6_04-150400.4.62.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * xen-debugsource-4.16.6_04-150400.4.62.1 * xen-libs-debuginfo-4.16.6_04-150400.4.62.1 * xen-libs-4.16.6_04-150400.4.62.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * xen-debugsource-4.16.6_04-150400.4.62.1 * xen-libs-debuginfo-4.16.6_04-150400.4.62.1 * xen-libs-4.16.6_04-150400.4.62.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * xen-tools-domU-debuginfo-4.16.6_04-150400.4.62.1 * xen-libs-4.16.6_04-150400.4.62.1 * xen-4.16.6_04-150400.4.62.1 * xen-tools-debuginfo-4.16.6_04-150400.4.62.1 * xen-devel-4.16.6_04-150400.4.62.1 * xen-tools-domU-4.16.6_04-150400.4.62.1 * xen-debugsource-4.16.6_04-150400.4.62.1 * xen-tools-4.16.6_04-150400.4.62.1 * xen-libs-debuginfo-4.16.6_04-150400.4.62.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_04-150400.4.62.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * xen-tools-domU-debuginfo-4.16.6_04-150400.4.62.1 * xen-libs-4.16.6_04-150400.4.62.1 * xen-4.16.6_04-150400.4.62.1 * xen-tools-debuginfo-4.16.6_04-150400.4.62.1 * xen-devel-4.16.6_04-150400.4.62.1 * xen-tools-domU-4.16.6_04-150400.4.62.1 * xen-debugsource-4.16.6_04-150400.4.62.1 * xen-tools-4.16.6_04-150400.4.62.1 * xen-libs-debuginfo-4.16.6_04-150400.4.62.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_04-150400.4.62.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * xen-tools-domU-debuginfo-4.16.6_04-150400.4.62.1 * xen-libs-4.16.6_04-150400.4.62.1 * xen-tools-domU-4.16.6_04-150400.4.62.1 * xen-debugsource-4.16.6_04-150400.4.62.1 * xen-libs-debuginfo-4.16.6_04-150400.4.62.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * xen-tools-domU-debuginfo-4.16.6_04-150400.4.62.1 * xen-libs-4.16.6_04-150400.4.62.1 * xen-4.16.6_04-150400.4.62.1 * xen-tools-debuginfo-4.16.6_04-150400.4.62.1 * xen-devel-4.16.6_04-150400.4.62.1 * xen-tools-domU-4.16.6_04-150400.4.62.1 * xen-debugsource-4.16.6_04-150400.4.62.1 * xen-tools-4.16.6_04-150400.4.62.1 * xen-libs-debuginfo-4.16.6_04-150400.4.62.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_04-150400.4.62.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * xen-tools-domU-debuginfo-4.16.6_04-150400.4.62.1 * xen-libs-4.16.6_04-150400.4.62.1 * xen-4.16.6_04-150400.4.62.1 * xen-tools-debuginfo-4.16.6_04-150400.4.62.1 * xen-devel-4.16.6_04-150400.4.62.1 * xen-tools-domU-4.16.6_04-150400.4.62.1 * xen-debugsource-4.16.6_04-150400.4.62.1 * xen-tools-4.16.6_04-150400.4.62.1 * xen-libs-debuginfo-4.16.6_04-150400.4.62.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_04-150400.4.62.1 * SUSE Manager Proxy 4.3 (x86_64) * xen-tools-domU-debuginfo-4.16.6_04-150400.4.62.1 * xen-libs-4.16.6_04-150400.4.62.1 * xen-4.16.6_04-150400.4.62.1 * xen-tools-debuginfo-4.16.6_04-150400.4.62.1 * xen-devel-4.16.6_04-150400.4.62.1 * xen-tools-domU-4.16.6_04-150400.4.62.1 * xen-debugsource-4.16.6_04-150400.4.62.1 * xen-tools-4.16.6_04-150400.4.62.1 * xen-libs-debuginfo-4.16.6_04-150400.4.62.1 * SUSE Manager Proxy 4.3 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_04-150400.4.62.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * xen-tools-domU-debuginfo-4.16.6_04-150400.4.62.1 * xen-libs-4.16.6_04-150400.4.62.1 * xen-4.16.6_04-150400.4.62.1 * xen-tools-debuginfo-4.16.6_04-150400.4.62.1 * xen-devel-4.16.6_04-150400.4.62.1 * xen-tools-domU-4.16.6_04-150400.4.62.1 * xen-debugsource-4.16.6_04-150400.4.62.1 * xen-tools-4.16.6_04-150400.4.62.1 * xen-libs-debuginfo-4.16.6_04-150400.4.62.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_04-150400.4.62.1 * SUSE Manager Server 4.3 (x86_64) * xen-tools-domU-debuginfo-4.16.6_04-150400.4.62.1 * xen-libs-4.16.6_04-150400.4.62.1 * xen-4.16.6_04-150400.4.62.1 * xen-tools-debuginfo-4.16.6_04-150400.4.62.1 * xen-devel-4.16.6_04-150400.4.62.1 * xen-tools-domU-4.16.6_04-150400.4.62.1 * xen-debugsource-4.16.6_04-150400.4.62.1 * xen-tools-4.16.6_04-150400.4.62.1 * xen-libs-debuginfo-4.16.6_04-150400.4.62.1 * SUSE Manager Server 4.3 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_04-150400.4.62.1 ## References: * https://www.suse.com/security/cve/CVE-2024-2201.html * https://www.suse.com/security/cve/CVE-2024-31143.html * https://www.suse.com/security/cve/CVE-2024-31145.html * https://www.suse.com/security/cve/CVE-2024-31146.html * https://www.suse.com/security/cve/CVE-2024-45817.html * https://bugzilla.suse.com/show_bug.cgi?id=1222453 * https://bugzilla.suse.com/show_bug.cgi?id=1227355 * https://bugzilla.suse.com/show_bug.cgi?id=1228574 * https://bugzilla.suse.com/show_bug.cgi?id=1228575 * https://bugzilla.suse.com/show_bug.cgi?id=1230366 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 24 16:30:18 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 24 Sep 2024 16:30:18 -0000 Subject: SUSE-SU-2024:3422-1: moderate: Security update for xen Message-ID: <172719541844.15760.15942309029023703097@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:3422-1 Rating: moderate References: * bsc#1230366 Cross-References: * CVE-2024-45817 CVSS scores: * CVE-2024-45817 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-45817 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2024-45817: Fixed a deadlock in vlapic_error (XSA-462, bsc#1230366) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3422=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3422=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3422=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3422=1 ## Package List: * openSUSE Leap 15.3 (aarch64 x86_64 i586) * xen-debugsource-4.14.6_20-150300.3.81.1 * xen-libs-debuginfo-4.14.6_20-150300.3.81.1 * xen-libs-4.14.6_20-150300.3.81.1 * xen-devel-4.14.6_20-150300.3.81.1 * xen-tools-domU-4.14.6_20-150300.3.81.1 * xen-tools-domU-debuginfo-4.14.6_20-150300.3.81.1 * openSUSE Leap 15.3 (x86_64) * xen-libs-32bit-debuginfo-4.14.6_20-150300.3.81.1 * xen-libs-32bit-4.14.6_20-150300.3.81.1 * openSUSE Leap 15.3 (aarch64 x86_64) * xen-doc-html-4.14.6_20-150300.3.81.1 * xen-tools-4.14.6_20-150300.3.81.1 * xen-4.14.6_20-150300.3.81.1 * xen-tools-debuginfo-4.14.6_20-150300.3.81.1 * openSUSE Leap 15.3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_20-150300.3.81.1 * openSUSE Leap 15.3 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.14.6_20-150300.3.81.1 * xen-libs-64bit-4.14.6_20-150300.3.81.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * xen-debugsource-4.14.6_20-150300.3.81.1 * xen-libs-4.14.6_20-150300.3.81.1 * xen-libs-debuginfo-4.14.6_20-150300.3.81.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * xen-debugsource-4.14.6_20-150300.3.81.1 * xen-libs-4.14.6_20-150300.3.81.1 * xen-libs-debuginfo-4.14.6_20-150300.3.81.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * xen-debugsource-4.14.6_20-150300.3.81.1 * xen-libs-4.14.6_20-150300.3.81.1 * xen-libs-debuginfo-4.14.6_20-150300.3.81.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45817.html * https://bugzilla.suse.com/show_bug.cgi?id=1230366 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 24 16:30:21 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 24 Sep 2024 16:30:21 -0000 Subject: SUSE-SU-2024:3421-1: moderate: Security update for xen Message-ID: <172719542120.15760.17224979552662496177@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:3421-1 Rating: moderate References: * bsc#1230366 Cross-References: * CVE-2024-45817 CVSS scores: * CVE-2024-45817 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-45817 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2024-45817: Fixed a deadlock in vlapic_error (XSA-462, bsc#1230366) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3421=1 SUSE-2024-3421=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3421=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3421=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3421=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3421=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64 i586) * xen-tools-domU-debuginfo-4.17.5_04-150500.3.39.1 * xen-tools-domU-4.17.5_04-150500.3.39.1 * xen-debugsource-4.17.5_04-150500.3.39.1 * xen-devel-4.17.5_04-150500.3.39.1 * xen-libs-debuginfo-4.17.5_04-150500.3.39.1 * xen-libs-4.17.5_04-150500.3.39.1 * openSUSE Leap 15.5 (x86_64) * xen-libs-32bit-4.17.5_04-150500.3.39.1 * xen-libs-32bit-debuginfo-4.17.5_04-150500.3.39.1 * openSUSE Leap 15.5 (aarch64 x86_64) * xen-doc-html-4.17.5_04-150500.3.39.1 * xen-tools-debuginfo-4.17.5_04-150500.3.39.1 * xen-tools-4.17.5_04-150500.3.39.1 * xen-4.17.5_04-150500.3.39.1 * openSUSE Leap 15.5 (noarch) * xen-tools-xendomains-wait-disk-4.17.5_04-150500.3.39.1 * openSUSE Leap 15.5 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.17.5_04-150500.3.39.1 * xen-libs-64bit-4.17.5_04-150500.3.39.1 * openSUSE Leap Micro 5.5 (x86_64) * xen-debugsource-4.17.5_04-150500.3.39.1 * xen-libs-debuginfo-4.17.5_04-150500.3.39.1 * xen-libs-4.17.5_04-150500.3.39.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * xen-debugsource-4.17.5_04-150500.3.39.1 * xen-libs-debuginfo-4.17.5_04-150500.3.39.1 * xen-libs-4.17.5_04-150500.3.39.1 * Basesystem Module 15-SP5 (x86_64) * xen-tools-domU-debuginfo-4.17.5_04-150500.3.39.1 * xen-tools-domU-4.17.5_04-150500.3.39.1 * xen-debugsource-4.17.5_04-150500.3.39.1 * xen-libs-debuginfo-4.17.5_04-150500.3.39.1 * xen-libs-4.17.5_04-150500.3.39.1 * Server Applications Module 15-SP5 (x86_64) * xen-tools-4.17.5_04-150500.3.39.1 * xen-4.17.5_04-150500.3.39.1 * xen-debugsource-4.17.5_04-150500.3.39.1 * xen-devel-4.17.5_04-150500.3.39.1 * xen-tools-debuginfo-4.17.5_04-150500.3.39.1 * Server Applications Module 15-SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.5_04-150500.3.39.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45817.html * https://bugzilla.suse.com/show_bug.cgi?id=1230366 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 24 16:30:29 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 24 Sep 2024 16:30:29 -0000 Subject: SUSE-SU-2024:3418-1: important: Security update for python311 Message-ID: <172719542971.15760.10363588604655974278@smelt2.prg2.suse.org> # Security update for python311 Announcement ID: SUSE-SU-2024:3418-1 Rating: important References: * bsc#1229596 * bsc#1229704 * bsc#1230227 Cross-References: * CVE-2024-6232 * CVE-2024-7592 * CVE-2024-8088 CVSS scores: * CVE-2024-6232 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-6232 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6232 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8088 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves three vulnerabilities can now be installed. ## Description: This update for python311 fixes the following issues: * Update python311 to version 3.11.10. * CVE-2024-6232: excessive backtracking when parsing tarfile headers leads to ReDoS. (bsc#1230227) * CVE-2024-7592: quadratic algorithm used when parsing cookies leads to excessive resource consumption. (bsc#1229596) * CVE-2024-8088: lack of name validation when extracting a zip archive leads to infinite loops. (bsc#1229704) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3418=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3418=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-3418=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-3418=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3418=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3418=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3418=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3418=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3418=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python311-debugsource-3.11.10-150400.9.35.1 * libpython3_11-1_0-debuginfo-3.11.10-150400.9.35.1 * python311-doc-3.11.10-150400.9.35.1 * python311-devel-3.11.10-150400.9.35.1 * python311-curses-debuginfo-3.11.10-150400.9.35.1 * python311-curses-3.11.10-150400.9.35.1 * python311-tools-3.11.10-150400.9.35.1 * python311-dbm-debuginfo-3.11.10-150400.9.35.1 * libpython3_11-1_0-3.11.10-150400.9.35.1 * python311-base-debuginfo-3.11.10-150400.9.35.1 * python311-tk-debuginfo-3.11.10-150400.9.35.1 * python311-dbm-3.11.10-150400.9.35.1 * python311-doc-devhelp-3.11.10-150400.9.35.1 * python311-testsuite-3.11.10-150400.9.35.1 * python311-idle-3.11.10-150400.9.35.1 * python311-tk-3.11.10-150400.9.35.1 * python311-debuginfo-3.11.10-150400.9.35.1 * python311-core-debugsource-3.11.10-150400.9.35.1 * python311-base-3.11.10-150400.9.35.1 * python311-3.11.10-150400.9.35.1 * python311-testsuite-debuginfo-3.11.10-150400.9.35.1 * openSUSE Leap 15.4 (x86_64) * python311-32bit-3.11.10-150400.9.35.1 * libpython3_11-1_0-32bit-3.11.10-150400.9.35.1 * libpython3_11-1_0-32bit-debuginfo-3.11.10-150400.9.35.1 * python311-32bit-debuginfo-3.11.10-150400.9.35.1 * python311-base-32bit-3.11.10-150400.9.35.1 * python311-base-32bit-debuginfo-3.11.10-150400.9.35.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libpython3_11-1_0-64bit-debuginfo-3.11.10-150400.9.35.1 * python311-64bit-3.11.10-150400.9.35.1 * libpython3_11-1_0-64bit-3.11.10-150400.9.35.1 * python311-base-64bit-debuginfo-3.11.10-150400.9.35.1 * python311-base-64bit-3.11.10-150400.9.35.1 * python311-64bit-debuginfo-3.11.10-150400.9.35.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python311-debugsource-3.11.10-150400.9.35.1 * libpython3_11-1_0-debuginfo-3.11.10-150400.9.35.1 * python311-doc-3.11.10-150400.9.35.1 * python311-devel-3.11.10-150400.9.35.1 * python311-curses-debuginfo-3.11.10-150400.9.35.1 * python311-curses-3.11.10-150400.9.35.1 * python311-tools-3.11.10-150400.9.35.1 * python311-dbm-debuginfo-3.11.10-150400.9.35.1 * libpython3_11-1_0-3.11.10-150400.9.35.1 * python311-base-debuginfo-3.11.10-150400.9.35.1 * python311-tk-debuginfo-3.11.10-150400.9.35.1 * python311-dbm-3.11.10-150400.9.35.1 * python311-doc-devhelp-3.11.10-150400.9.35.1 * python311-testsuite-3.11.10-150400.9.35.1 * python311-idle-3.11.10-150400.9.35.1 * python311-tk-3.11.10-150400.9.35.1 * python311-debuginfo-3.11.10-150400.9.35.1 * python311-core-debugsource-3.11.10-150400.9.35.1 * python311-base-3.11.10-150400.9.35.1 * python311-3.11.10-150400.9.35.1 * python311-testsuite-debuginfo-3.11.10-150400.9.35.1 * openSUSE Leap 15.5 (x86_64) * python311-32bit-3.11.10-150400.9.35.1 * libpython3_11-1_0-32bit-3.11.10-150400.9.35.1 * libpython3_11-1_0-32bit-debuginfo-3.11.10-150400.9.35.1 * python311-32bit-debuginfo-3.11.10-150400.9.35.1 * python311-base-32bit-3.11.10-150400.9.35.1 * python311-base-32bit-debuginfo-3.11.10-150400.9.35.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * libpython3_11-1_0-3.11.10-150400.9.35.1 * python311-base-3.11.10-150400.9.35.1 * python311-3.11.10-150400.9.35.1 * Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python311-debugsource-3.11.10-150400.9.35.1 * python311-doc-devhelp-3.11.10-150400.9.35.1 * libpython3_11-1_0-debuginfo-3.11.10-150400.9.35.1 * python311-dbm-debuginfo-3.11.10-150400.9.35.1 * libpython3_11-1_0-3.11.10-150400.9.35.1 * python311-base-3.11.10-150400.9.35.1 * python311-base-debuginfo-3.11.10-150400.9.35.1 * python311-3.11.10-150400.9.35.1 * python311-tools-3.11.10-150400.9.35.1 * python311-doc-3.11.10-150400.9.35.1 * python311-idle-3.11.10-150400.9.35.1 * python311-debuginfo-3.11.10-150400.9.35.1 * python311-devel-3.11.10-150400.9.35.1 * python311-tk-3.11.10-150400.9.35.1 * python311-curses-debuginfo-3.11.10-150400.9.35.1 * python311-tk-debuginfo-3.11.10-150400.9.35.1 * python311-core-debugsource-3.11.10-150400.9.35.1 * python311-curses-3.11.10-150400.9.35.1 * python311-dbm-3.11.10-150400.9.35.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python311-debugsource-3.11.10-150400.9.35.1 * python311-doc-devhelp-3.11.10-150400.9.35.1 * libpython3_11-1_0-debuginfo-3.11.10-150400.9.35.1 * python311-dbm-debuginfo-3.11.10-150400.9.35.1 * libpython3_11-1_0-3.11.10-150400.9.35.1 * python311-base-3.11.10-150400.9.35.1 * python311-base-debuginfo-3.11.10-150400.9.35.1 * python311-3.11.10-150400.9.35.1 * python311-tools-3.11.10-150400.9.35.1 * python311-doc-3.11.10-150400.9.35.1 * python311-idle-3.11.10-150400.9.35.1 * python311-debuginfo-3.11.10-150400.9.35.1 * python311-devel-3.11.10-150400.9.35.1 * python311-tk-3.11.10-150400.9.35.1 * python311-curses-debuginfo-3.11.10-150400.9.35.1 * python311-tk-debuginfo-3.11.10-150400.9.35.1 * python311-core-debugsource-3.11.10-150400.9.35.1 * python311-curses-3.11.10-150400.9.35.1 * python311-dbm-3.11.10-150400.9.35.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python311-debugsource-3.11.10-150400.9.35.1 * python311-doc-devhelp-3.11.10-150400.9.35.1 * libpython3_11-1_0-debuginfo-3.11.10-150400.9.35.1 * python311-dbm-debuginfo-3.11.10-150400.9.35.1 * libpython3_11-1_0-3.11.10-150400.9.35.1 * python311-base-3.11.10-150400.9.35.1 * python311-base-debuginfo-3.11.10-150400.9.35.1 * python311-3.11.10-150400.9.35.1 * python311-tools-3.11.10-150400.9.35.1 * python311-doc-3.11.10-150400.9.35.1 * python311-idle-3.11.10-150400.9.35.1 * python311-debuginfo-3.11.10-150400.9.35.1 * python311-devel-3.11.10-150400.9.35.1 * python311-tk-3.11.10-150400.9.35.1 * python311-curses-debuginfo-3.11.10-150400.9.35.1 * python311-tk-debuginfo-3.11.10-150400.9.35.1 * python311-core-debugsource-3.11.10-150400.9.35.1 * python311-curses-3.11.10-150400.9.35.1 * python311-dbm-3.11.10-150400.9.35.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * python311-debugsource-3.11.10-150400.9.35.1 * python311-doc-devhelp-3.11.10-150400.9.35.1 * libpython3_11-1_0-debuginfo-3.11.10-150400.9.35.1 * python311-dbm-debuginfo-3.11.10-150400.9.35.1 * libpython3_11-1_0-3.11.10-150400.9.35.1 * python311-base-3.11.10-150400.9.35.1 * python311-base-debuginfo-3.11.10-150400.9.35.1 * python311-3.11.10-150400.9.35.1 * python311-tools-3.11.10-150400.9.35.1 * python311-doc-3.11.10-150400.9.35.1 * python311-idle-3.11.10-150400.9.35.1 * python311-debuginfo-3.11.10-150400.9.35.1 * python311-devel-3.11.10-150400.9.35.1 * python311-tk-3.11.10-150400.9.35.1 * python311-curses-debuginfo-3.11.10-150400.9.35.1 * python311-tk-debuginfo-3.11.10-150400.9.35.1 * python311-core-debugsource-3.11.10-150400.9.35.1 * python311-curses-3.11.10-150400.9.35.1 * python311-dbm-3.11.10-150400.9.35.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * python311-debugsource-3.11.10-150400.9.35.1 * python311-doc-devhelp-3.11.10-150400.9.35.1 * libpython3_11-1_0-debuginfo-3.11.10-150400.9.35.1 * python311-dbm-debuginfo-3.11.10-150400.9.35.1 * libpython3_11-1_0-3.11.10-150400.9.35.1 * python311-base-3.11.10-150400.9.35.1 * python311-base-debuginfo-3.11.10-150400.9.35.1 * python311-3.11.10-150400.9.35.1 * python311-tools-3.11.10-150400.9.35.1 * python311-doc-3.11.10-150400.9.35.1 * python311-idle-3.11.10-150400.9.35.1 * python311-debuginfo-3.11.10-150400.9.35.1 * python311-devel-3.11.10-150400.9.35.1 * python311-tk-3.11.10-150400.9.35.1 * python311-curses-debuginfo-3.11.10-150400.9.35.1 * python311-tk-debuginfo-3.11.10-150400.9.35.1 * python311-core-debugsource-3.11.10-150400.9.35.1 * python311-curses-3.11.10-150400.9.35.1 * python311-dbm-3.11.10-150400.9.35.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python311-debugsource-3.11.10-150400.9.35.1 * python311-doc-devhelp-3.11.10-150400.9.35.1 * libpython3_11-1_0-debuginfo-3.11.10-150400.9.35.1 * python311-dbm-debuginfo-3.11.10-150400.9.35.1 * libpython3_11-1_0-3.11.10-150400.9.35.1 * python311-base-3.11.10-150400.9.35.1 * python311-base-debuginfo-3.11.10-150400.9.35.1 * python311-3.11.10-150400.9.35.1 * python311-tools-3.11.10-150400.9.35.1 * python311-doc-3.11.10-150400.9.35.1 * python311-idle-3.11.10-150400.9.35.1 * python311-debuginfo-3.11.10-150400.9.35.1 * python311-devel-3.11.10-150400.9.35.1 * python311-tk-3.11.10-150400.9.35.1 * python311-curses-debuginfo-3.11.10-150400.9.35.1 * python311-tk-debuginfo-3.11.10-150400.9.35.1 * python311-core-debugsource-3.11.10-150400.9.35.1 * python311-curses-3.11.10-150400.9.35.1 * python311-dbm-3.11.10-150400.9.35.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6232.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://www.suse.com/security/cve/CVE-2024-8088.html * https://bugzilla.suse.com/show_bug.cgi?id=1229596 * https://bugzilla.suse.com/show_bug.cgi?id=1229704 * https://bugzilla.suse.com/show_bug.cgi?id=1230227 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 24 20:30:07 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 24 Sep 2024 20:30:07 -0000 Subject: SUSE-SU-2024:3425-1: important: Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP4) Message-ID: <172720980737.10157.8271132168164007610@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:3425-1 Rating: important References: * bsc#1223521 * bsc#1225099 * bsc#1225313 Cross-References: * CVE-2022-48662 * CVE-2023-52846 * CVE-2024-35817 CVSS scores: * CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_88 fixes several issues. The following security issues were fixed: * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2022-48662: Fixed a general protection fault (GPF) in i915_perf_open_ioctl (bsc#1223521). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3425=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-3425=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_88-default-debuginfo-13-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_18-debugsource-13-150400.2.2 * kernel-livepatch-5_14_21-150400_24_88-default-13-150400.2.2 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_88-default-debuginfo-13-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_18-debugsource-13-150400.2.2 * kernel-livepatch-5_14_21-150400_24_88-default-13-150400.2.2 ## References: * https://www.suse.com/security/cve/CVE-2022-48662.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://bugzilla.suse.com/show_bug.cgi?id=1223521 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 24 20:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 24 Sep 2024 20:30:10 -0000 Subject: SUSE-SU-2024:3430-1: important: Security update for python36 Message-ID: <172720981020.10157.3761385777578659198@smelt2.prg2.suse.org> # Security update for python36 Announcement ID: SUSE-SU-2024:3430-1 Rating: important References: * bsc#1230227 Cross-References: * CVE-2024-6232 CVSS scores: * CVE-2024-6232 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-6232 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6232 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python36 fixes the following issues: * CVE-2024-6232: excessive backtracking when parsing tarfile headers leads to ReDoS. (bsc#1230227) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3430=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3430=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3430=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3430=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * python36-devel-3.6.15-67.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * python36-3.6.15-67.1 * libpython3_6m1_0-3.6.15-67.1 * python36-debugsource-3.6.15-67.1 * python36-base-3.6.15-67.1 * python36-base-debuginfo-3.6.15-67.1 * python36-debuginfo-3.6.15-67.1 * libpython3_6m1_0-debuginfo-3.6.15-67.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libpython3_6m1_0-debuginfo-32bit-3.6.15-67.1 * libpython3_6m1_0-32bit-3.6.15-67.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * python36-3.6.15-67.1 * libpython3_6m1_0-3.6.15-67.1 * python36-debugsource-3.6.15-67.1 * python36-base-3.6.15-67.1 * python36-base-debuginfo-3.6.15-67.1 * python36-debuginfo-3.6.15-67.1 * libpython3_6m1_0-debuginfo-3.6.15-67.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libpython3_6m1_0-debuginfo-32bit-3.6.15-67.1 * libpython3_6m1_0-32bit-3.6.15-67.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * python36-3.6.15-67.1 * libpython3_6m1_0-3.6.15-67.1 * python36-debugsource-3.6.15-67.1 * python36-base-3.6.15-67.1 * python36-base-debuginfo-3.6.15-67.1 * python36-debuginfo-3.6.15-67.1 * libpython3_6m1_0-debuginfo-3.6.15-67.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libpython3_6m1_0-debuginfo-32bit-3.6.15-67.1 * libpython3_6m1_0-32bit-3.6.15-67.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6232.html * https://bugzilla.suse.com/show_bug.cgi?id=1230227 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 24 20:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 24 Sep 2024 20:30:12 -0000 Subject: SUSE-SU-2024:3429-1: moderate: Security update for apr Message-ID: <172720981259.10157.2975288054673626254@smelt2.prg2.suse.org> # Security update for apr Announcement ID: SUSE-SU-2024:3429-1 Rating: moderate References: * bsc#1229783 Cross-References: * CVE-2023-49582 CVSS scores: * CVE-2023-49582 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2023-49582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-49582 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for apr fixes the following issues: * CVE-2023-49582: Fixed an unexpected lax shared memory permissions. (bsc#1229783) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3429=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3429=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3429=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3429=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libapr1-devel-1.5.1-4.8.1 * libapr1-debuginfo-1.5.1-4.8.1 * libapr1-debugsource-1.5.1-4.8.1 * libapr1-1.5.1-4.8.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libapr1-debuginfo-1.5.1-4.8.1 * libapr1-debugsource-1.5.1-4.8.1 * libapr1-1.5.1-4.8.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libapr1-debuginfo-1.5.1-4.8.1 * libapr1-debugsource-1.5.1-4.8.1 * libapr1-1.5.1-4.8.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libapr1-debuginfo-1.5.1-4.8.1 * libapr1-debugsource-1.5.1-4.8.1 * libapr1-1.5.1-4.8.1 ## References: * https://www.suse.com/security/cve/CVE-2023-49582.html * https://bugzilla.suse.com/show_bug.cgi?id=1229783 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 24 20:30:15 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 24 Sep 2024 20:30:15 -0000 Subject: SUSE-SU-2024:3428-1: moderate: Security update for apr Message-ID: <172720981508.10157.77485524597326038@smelt2.prg2.suse.org> # Security update for apr Announcement ID: SUSE-SU-2024:3428-1 Rating: moderate References: * bsc#1229783 Cross-References: * CVE-2023-49582 CVSS scores: * CVE-2023-49582 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2023-49582 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-49582 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for apr fixes the following issues: * CVE-2023-49582: Fixed an unexpected lax shared memory permissions. (bsc#1229783) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3428=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3428=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3428=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3428=1 ## Package List: * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libapr1-1.6.3-150000.3.6.1 * libapr1-debuginfo-1.6.3-150000.3.6.1 * apr-debugsource-1.6.3-150000.3.6.1 * apr-devel-1.6.3-150000.3.6.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libapr1-1.6.3-150000.3.6.1 * libapr1-debuginfo-1.6.3-150000.3.6.1 * apr-debugsource-1.6.3-150000.3.6.1 * apr-devel-1.6.3-150000.3.6.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libapr1-1.6.3-150000.3.6.1 * libapr1-debuginfo-1.6.3-150000.3.6.1 * apr-debugsource-1.6.3-150000.3.6.1 * apr-devel-1.6.3-150000.3.6.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libapr1-1.6.3-150000.3.6.1 * libapr1-debuginfo-1.6.3-150000.3.6.1 * apr-debugsource-1.6.3-150000.3.6.1 * apr-devel-1.6.3-150000.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-49582.html * https://bugzilla.suse.com/show_bug.cgi?id=1229783 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 24 20:30:22 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 24 Sep 2024 20:30:22 -0000 Subject: SUSE-SU-2024:3427-1: important: Security update for python311 Message-ID: <172720982236.10157.10706282998442946940@smelt2.prg2.suse.org> # Security update for python311 Announcement ID: SUSE-SU-2024:3427-1 Rating: important References: * bsc#1229596 * bsc#1229704 * bsc#1230227 Cross-References: * CVE-2024-6232 * CVE-2024-7592 * CVE-2024-8088 CVSS scores: * CVE-2024-6232 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-6232 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6232 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8088 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for python311 fixes the following issues: Update python311 to version 3.11.10. * CVE-2024-6232: excessive backtracking when parsing tarfile headers leads to ReDoS. (bsc#1230227) * CVE-2024-7592: quadratic algorithm used when parsing cookies leads to excessive resource consumption. (bsc#1229596) * CVE-2024-8088: lack of name validation when extracting a zip archive leads to infinite loops. (bsc#1229704) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3427=1 openSUSE-SLE-15.6-2024-3427=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3427=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-3427=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python311-doc-3.11.10-150600.3.6.1 * python311-tk-debuginfo-3.11.10-150600.3.6.1 * python311-core-debugsource-3.11.10-150600.3.6.1 * libpython3_11-1_0-debuginfo-3.11.10-150600.3.6.1 * python311-base-debuginfo-3.11.10-150600.3.6.1 * python311-testsuite-3.11.10-150600.3.6.1 * python311-base-3.11.10-150600.3.6.1 * python311-curses-3.11.10-150600.3.6.1 * python311-tk-3.11.10-150600.3.6.1 * libpython3_11-1_0-3.11.10-150600.3.6.1 * python311-idle-3.11.10-150600.3.6.1 * python311-debuginfo-3.11.10-150600.3.6.1 * python311-dbm-3.11.10-150600.3.6.1 * python311-testsuite-debuginfo-3.11.10-150600.3.6.1 * python311-3.11.10-150600.3.6.1 * python311-debugsource-3.11.10-150600.3.6.1 * python311-devel-3.11.10-150600.3.6.1 * python311-dbm-debuginfo-3.11.10-150600.3.6.1 * python311-curses-debuginfo-3.11.10-150600.3.6.1 * python311-doc-devhelp-3.11.10-150600.3.6.1 * python311-tools-3.11.10-150600.3.6.1 * openSUSE Leap 15.6 (x86_64) * python311-base-32bit-debuginfo-3.11.10-150600.3.6.1 * libpython3_11-1_0-32bit-3.11.10-150600.3.6.1 * python311-32bit-3.11.10-150600.3.6.1 * libpython3_11-1_0-32bit-debuginfo-3.11.10-150600.3.6.1 * python311-32bit-debuginfo-3.11.10-150600.3.6.1 * python311-base-32bit-3.11.10-150600.3.6.1 * openSUSE Leap 15.6 (aarch64_ilp32) * python311-64bit-3.11.10-150600.3.6.1 * python311-base-64bit-3.11.10-150600.3.6.1 * libpython3_11-1_0-64bit-3.11.10-150600.3.6.1 * python311-64bit-debuginfo-3.11.10-150600.3.6.1 * libpython3_11-1_0-64bit-debuginfo-3.11.10-150600.3.6.1 * python311-base-64bit-debuginfo-3.11.10-150600.3.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python311-base-3.11.10-150600.3.6.1 * python311-core-debugsource-3.11.10-150600.3.6.1 * libpython3_11-1_0-debuginfo-3.11.10-150600.3.6.1 * python311-base-debuginfo-3.11.10-150600.3.6.1 * libpython3_11-1_0-3.11.10-150600.3.6.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python311-idle-3.11.10-150600.3.6.1 * python311-tk-debuginfo-3.11.10-150600.3.6.1 * python311-debuginfo-3.11.10-150600.3.6.1 * python311-tk-3.11.10-150600.3.6.1 * python311-dbm-3.11.10-150600.3.6.1 * python311-3.11.10-150600.3.6.1 * python311-debugsource-3.11.10-150600.3.6.1 * python311-core-debugsource-3.11.10-150600.3.6.1 * python311-devel-3.11.10-150600.3.6.1 * python311-dbm-debuginfo-3.11.10-150600.3.6.1 * python311-curses-3.11.10-150600.3.6.1 * python311-curses-debuginfo-3.11.10-150600.3.6.1 * python311-tools-3.11.10-150600.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6232.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://www.suse.com/security/cve/CVE-2024-8088.html * https://bugzilla.suse.com/show_bug.cgi?id=1229596 * https://bugzilla.suse.com/show_bug.cgi?id=1229704 * https://bugzilla.suse.com/show_bug.cgi?id=1230227 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Sep 24 20:30:31 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Tue, 24 Sep 2024 20:30:31 -0000 Subject: SUSE-SU-2024:3426-1: important: Security update for quagga Message-ID: <172720983137.10157.17819897858306127417@smelt2.prg2.suse.org> # Security update for quagga Announcement ID: SUSE-SU-2024:3426-1 Rating: important References: * bsc#1069468 * bsc#1079798 * bsc#1079799 * bsc#1079800 * bsc#1079801 * bsc#1202023 * bsc#1229438 * bsc#1230866 Cross-References: * CVE-2017-15865 * CVE-2018-5378 * CVE-2018-5379 * CVE-2018-5380 * CVE-2018-5381 * CVE-2022-37032 * CVE-2024-44070 CVSS scores: * CVE-2017-15865 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2017-15865 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2017-15865 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2018-5378 ( NVD ): 5.9 CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2018-5379 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2018-5380 ( NVD ): 4.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2018-5381 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2022-37032 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-37032 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-44070 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44070 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44070 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves seven vulnerabilities and has one security fix can now be installed. ## Description: This update for quagga fixes the following issues: * CVE-2017-15865: sensitive information disclosed when malformed BGP UPDATE packets are processed. (bsc#1230866) * CVE-2024-44070: crash when parsing Tunnel Encap attribute due to no length check. (bsc#1229438) * CVE-2022-37032: out-of-bounds read when parsing a BGP capability message due to incorrect size check. (bsc#1202023) Bug fixes: \- References to /var/adm/fillup-templates replaced with new %_fillupdir macro. (bsc#1069468) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3426=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3426=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3426=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3426=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libfpm_pb0-debuginfo-1.1.1-17.13.1 * libzebra1-1.1.1-17.13.1 * quagga-debugsource-1.1.1-17.13.1 * libfpm_pb0-1.1.1-17.13.1 * libzebra1-debuginfo-1.1.1-17.13.1 * libospfapiclient0-1.1.1-17.13.1 * quagga-debuginfo-1.1.1-17.13.1 * libquagga_pb0-debuginfo-1.1.1-17.13.1 * libospf0-1.1.1-17.13.1 * libospfapiclient0-debuginfo-1.1.1-17.13.1 * libquagga_pb0-1.1.1-17.13.1 * quagga-1.1.1-17.13.1 * libospf0-debuginfo-1.1.1-17.13.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libfpm_pb0-debuginfo-1.1.1-17.13.1 * libzebra1-1.1.1-17.13.1 * quagga-debugsource-1.1.1-17.13.1 * libfpm_pb0-1.1.1-17.13.1 * libzebra1-debuginfo-1.1.1-17.13.1 * libospfapiclient0-1.1.1-17.13.1 * quagga-debuginfo-1.1.1-17.13.1 * libquagga_pb0-debuginfo-1.1.1-17.13.1 * libospf0-1.1.1-17.13.1 * libospfapiclient0-debuginfo-1.1.1-17.13.1 * libquagga_pb0-1.1.1-17.13.1 * quagga-1.1.1-17.13.1 * libospf0-debuginfo-1.1.1-17.13.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libfpm_pb0-debuginfo-1.1.1-17.13.1 * libzebra1-1.1.1-17.13.1 * quagga-debugsource-1.1.1-17.13.1 * libfpm_pb0-1.1.1-17.13.1 * libzebra1-debuginfo-1.1.1-17.13.1 * libospfapiclient0-1.1.1-17.13.1 * quagga-debuginfo-1.1.1-17.13.1 * libquagga_pb0-debuginfo-1.1.1-17.13.1 * libospf0-1.1.1-17.13.1 * libospfapiclient0-debuginfo-1.1.1-17.13.1 * libquagga_pb0-1.1.1-17.13.1 * quagga-1.1.1-17.13.1 * libospf0-debuginfo-1.1.1-17.13.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * quagga-debugsource-1.1.1-17.13.1 * quagga-debuginfo-1.1.1-17.13.1 * quagga-devel-1.1.1-17.13.1 ## References: * https://www.suse.com/security/cve/CVE-2017-15865.html * https://www.suse.com/security/cve/CVE-2018-5378.html * https://www.suse.com/security/cve/CVE-2018-5379.html * https://www.suse.com/security/cve/CVE-2018-5380.html * https://www.suse.com/security/cve/CVE-2018-5381.html * https://www.suse.com/security/cve/CVE-2022-37032.html * https://www.suse.com/security/cve/CVE-2024-44070.html * https://bugzilla.suse.com/show_bug.cgi?id=1069468 * https://bugzilla.suse.com/show_bug.cgi?id=1079798 * https://bugzilla.suse.com/show_bug.cgi?id=1079799 * https://bugzilla.suse.com/show_bug.cgi?id=1079800 * https://bugzilla.suse.com/show_bug.cgi?id=1079801 * https://bugzilla.suse.com/show_bug.cgi?id=1202023 * https://bugzilla.suse.com/show_bug.cgi?id=1229438 * https://bugzilla.suse.com/show_bug.cgi?id=1230866 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 25 12:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 25 Sep 2024 12:30:10 -0000 Subject: SUSE-SU-2024:3433-1: important: Security update for quagga Message-ID: <172726741005.20447.16121674648719338130@smelt2.prg2.suse.org> # Security update for quagga Announcement ID: SUSE-SU-2024:3433-1 Rating: important References: * bsc#1202023 * bsc#1229438 * bsc#1230866 Cross-References: * CVE-2017-15865 * CVE-2022-37032 * CVE-2024-44070 CVSS scores: * CVE-2017-15865 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2017-15865 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2017-15865 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2022-37032 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-37032 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-44070 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44070 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44070 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities can now be installed. ## Description: This update for quagga fixes the following issues: * CVE-2017-15865: sensitive information disclosed when malformed BGP UPDATE packets are processed. (bsc#1230866) * CVE-2024-44070: crash when parsing Tunnel Encap attribute due to no length check. (bsc#1229438) * CVE-2022-37032: out-of-bounds read when parsing a BGP capability message due to incorrect size check. (bsc#1202023) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3433=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3433=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3433=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3433=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3433=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3433=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3433=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libospfapiclient0-debuginfo-1.1.1-150000.4.6.1 * libquagga_pb0-debuginfo-1.1.1-150000.4.6.1 * quagga-devel-1.1.1-150000.4.6.1 * libzebra1-1.1.1-150000.4.6.1 * libzebra1-debuginfo-1.1.1-150000.4.6.1 * quagga-debuginfo-1.1.1-150000.4.6.1 * libospf0-debuginfo-1.1.1-150000.4.6.1 * libfpm_pb0-debuginfo-1.1.1-150000.4.6.1 * libfpm_pb0-1.1.1-150000.4.6.1 * libquagga_pb0-1.1.1-150000.4.6.1 * quagga-1.1.1-150000.4.6.1 * libospf0-1.1.1-150000.4.6.1 * quagga-debugsource-1.1.1-150000.4.6.1 * libospfapiclient0-1.1.1-150000.4.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libospfapiclient0-debuginfo-1.1.1-150000.4.6.1 * libquagga_pb0-debuginfo-1.1.1-150000.4.6.1 * quagga-devel-1.1.1-150000.4.6.1 * libzebra1-1.1.1-150000.4.6.1 * libzebra1-debuginfo-1.1.1-150000.4.6.1 * quagga-debuginfo-1.1.1-150000.4.6.1 * libospf0-debuginfo-1.1.1-150000.4.6.1 * libfpm_pb0-debuginfo-1.1.1-150000.4.6.1 * libfpm_pb0-1.1.1-150000.4.6.1 * libquagga_pb0-1.1.1-150000.4.6.1 * quagga-1.1.1-150000.4.6.1 * libospf0-1.1.1-150000.4.6.1 * quagga-debugsource-1.1.1-150000.4.6.1 * libospfapiclient0-1.1.1-150000.4.6.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libospfapiclient0-debuginfo-1.1.1-150000.4.6.1 * libquagga_pb0-debuginfo-1.1.1-150000.4.6.1 * quagga-devel-1.1.1-150000.4.6.1 * libzebra1-1.1.1-150000.4.6.1 * libzebra1-debuginfo-1.1.1-150000.4.6.1 * quagga-debuginfo-1.1.1-150000.4.6.1 * libospf0-debuginfo-1.1.1-150000.4.6.1 * libfpm_pb0-debuginfo-1.1.1-150000.4.6.1 * libfpm_pb0-1.1.1-150000.4.6.1 * libquagga_pb0-1.1.1-150000.4.6.1 * quagga-1.1.1-150000.4.6.1 * libospf0-1.1.1-150000.4.6.1 * quagga-debugsource-1.1.1-150000.4.6.1 * libospfapiclient0-1.1.1-150000.4.6.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libospfapiclient0-debuginfo-1.1.1-150000.4.6.1 * libquagga_pb0-debuginfo-1.1.1-150000.4.6.1 * quagga-devel-1.1.1-150000.4.6.1 * libzebra1-1.1.1-150000.4.6.1 * libzebra1-debuginfo-1.1.1-150000.4.6.1 * quagga-debuginfo-1.1.1-150000.4.6.1 * libospf0-debuginfo-1.1.1-150000.4.6.1 * libfpm_pb0-debuginfo-1.1.1-150000.4.6.1 * libfpm_pb0-1.1.1-150000.4.6.1 * libquagga_pb0-1.1.1-150000.4.6.1 * quagga-1.1.1-150000.4.6.1 * libospf0-1.1.1-150000.4.6.1 * quagga-debugsource-1.1.1-150000.4.6.1 * libospfapiclient0-1.1.1-150000.4.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libospfapiclient0-debuginfo-1.1.1-150000.4.6.1 * libquagga_pb0-debuginfo-1.1.1-150000.4.6.1 * quagga-devel-1.1.1-150000.4.6.1 * libzebra1-1.1.1-150000.4.6.1 * libzebra1-debuginfo-1.1.1-150000.4.6.1 * quagga-debuginfo-1.1.1-150000.4.6.1 * libospf0-debuginfo-1.1.1-150000.4.6.1 * libfpm_pb0-debuginfo-1.1.1-150000.4.6.1 * libfpm_pb0-1.1.1-150000.4.6.1 * libquagga_pb0-1.1.1-150000.4.6.1 * quagga-1.1.1-150000.4.6.1 * libospf0-1.1.1-150000.4.6.1 * quagga-debugsource-1.1.1-150000.4.6.1 * libospfapiclient0-1.1.1-150000.4.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libospfapiclient0-debuginfo-1.1.1-150000.4.6.1 * libquagga_pb0-debuginfo-1.1.1-150000.4.6.1 * quagga-devel-1.1.1-150000.4.6.1 * libzebra1-1.1.1-150000.4.6.1 * libzebra1-debuginfo-1.1.1-150000.4.6.1 * quagga-debuginfo-1.1.1-150000.4.6.1 * libospf0-debuginfo-1.1.1-150000.4.6.1 * libfpm_pb0-debuginfo-1.1.1-150000.4.6.1 * libfpm_pb0-1.1.1-150000.4.6.1 * libquagga_pb0-1.1.1-150000.4.6.1 * quagga-1.1.1-150000.4.6.1 * libospf0-1.1.1-150000.4.6.1 * quagga-debugsource-1.1.1-150000.4.6.1 * libospfapiclient0-1.1.1-150000.4.6.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libospfapiclient0-debuginfo-1.1.1-150000.4.6.1 * libquagga_pb0-debuginfo-1.1.1-150000.4.6.1 * quagga-devel-1.1.1-150000.4.6.1 * libzebra1-1.1.1-150000.4.6.1 * libzebra1-debuginfo-1.1.1-150000.4.6.1 * quagga-debuginfo-1.1.1-150000.4.6.1 * libospf0-debuginfo-1.1.1-150000.4.6.1 * libfpm_pb0-debuginfo-1.1.1-150000.4.6.1 * libfpm_pb0-1.1.1-150000.4.6.1 * libquagga_pb0-1.1.1-150000.4.6.1 * quagga-1.1.1-150000.4.6.1 * libospf0-1.1.1-150000.4.6.1 * quagga-debugsource-1.1.1-150000.4.6.1 * libospfapiclient0-1.1.1-150000.4.6.1 ## References: * https://www.suse.com/security/cve/CVE-2017-15865.html * https://www.suse.com/security/cve/CVE-2022-37032.html * https://www.suse.com/security/cve/CVE-2024-44070.html * https://bugzilla.suse.com/show_bug.cgi?id=1202023 * https://bugzilla.suse.com/show_bug.cgi?id=1229438 * https://bugzilla.suse.com/show_bug.cgi?id=1230866 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 25 12:30:12 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 25 Sep 2024 12:30:12 -0000 Subject: SUSE-SU-2024:3432-1: moderate: Security update for xen Message-ID: <172726741260.20447.14104404038364941747@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:3432-1 Rating: moderate References: * bsc#1230366 Cross-References: * CVE-2024-45817 CVSS scores: * CVE-2024-45817 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-45817 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2024-45817: Fixed a deadlock in vlapic_error (XSA-462, bsc#1230366) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3432=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3432=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3432=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3432=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 x86_64) * xen-debugsource-4.12.4_54-3.118.1 * xen-devel-4.12.4_54-3.118.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * xen-libs-4.12.4_54-3.118.1 * xen-tools-domU-4.12.4_54-3.118.1 * xen-libs-debuginfo-4.12.4_54-3.118.1 * xen-tools-domU-debuginfo-4.12.4_54-3.118.1 * xen-debugsource-4.12.4_54-3.118.1 * xen-4.12.4_54-3.118.1 * xen-tools-debuginfo-4.12.4_54-3.118.1 * xen-doc-html-4.12.4_54-3.118.1 * xen-libs-debuginfo-32bit-4.12.4_54-3.118.1 * xen-libs-32bit-4.12.4_54-3.118.1 * xen-tools-4.12.4_54-3.118.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * xen-libs-4.12.4_54-3.118.1 * xen-tools-domU-4.12.4_54-3.118.1 * xen-libs-debuginfo-4.12.4_54-3.118.1 * xen-tools-domU-debuginfo-4.12.4_54-3.118.1 * xen-debugsource-4.12.4_54-3.118.1 * xen-4.12.4_54-3.118.1 * xen-tools-debuginfo-4.12.4_54-3.118.1 * xen-doc-html-4.12.4_54-3.118.1 * xen-libs-debuginfo-32bit-4.12.4_54-3.118.1 * xen-libs-32bit-4.12.4_54-3.118.1 * xen-tools-4.12.4_54-3.118.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * xen-libs-4.12.4_54-3.118.1 * xen-tools-domU-4.12.4_54-3.118.1 * xen-libs-debuginfo-4.12.4_54-3.118.1 * xen-tools-domU-debuginfo-4.12.4_54-3.118.1 * xen-debugsource-4.12.4_54-3.118.1 * xen-4.12.4_54-3.118.1 * xen-tools-debuginfo-4.12.4_54-3.118.1 * xen-doc-html-4.12.4_54-3.118.1 * xen-libs-debuginfo-32bit-4.12.4_54-3.118.1 * xen-libs-32bit-4.12.4_54-3.118.1 * xen-tools-4.12.4_54-3.118.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45817.html * https://bugzilla.suse.com/show_bug.cgi?id=1230366 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 25 20:30:10 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 25 Sep 2024 20:30:10 -0000 Subject: SUSE-SU-2024:3445-1: low: Security update for opensc Message-ID: <172729621053.20007.5411554476192737129@smelt2.prg2.suse.org> # Security update for opensc Announcement ID: SUSE-SU-2024:3445-1 Rating: low References: * bsc#1217722 * bsc#1230071 * bsc#1230072 * bsc#1230073 * bsc#1230074 * bsc#1230075 * bsc#1230076 * bsc#1230364 Cross-References: * CVE-2024-45615 * CVE-2024-45616 * CVE-2024-45617 * CVE-2024-45618 * CVE-2024-45619 * CVE-2024-45620 * CVE-2024-8443 CVSS scores: * CVE-2024-45615 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-45615 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45615 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45615 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45616 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-45616 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45616 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45616 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45617 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-45617 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45617 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45617 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45618 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-45618 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45618 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45618 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45619 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-45619 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45619 ( NVD ): 4.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45619 ( NVD ): 4.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45620 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-45620 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45620 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45620 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-8443 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-8443 ( SUSE ): 3.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-8443 ( NVD ): 3.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves seven vulnerabilities and has one security fix can now be installed. ## Description: This update for opensc fixes the following issues: * CVE-2024-45620: Incorrect handling of the length of buffers or files in pkcs15init. (bsc#1230076) * CVE-2024-45619: Incorrect handling length of buffers or files in libopensc. (bsc#1230075) * CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init. (bsc#1230074) * CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc. (bsc#1230073) * CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU response values in libopensc. (bsc#1230072) * CVE-2024-45615: Usage of uninitialized values in libopensc and pkcs15init. (bsc#1230071) * CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key. (bsc#1230364) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3445=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3445=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3445=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3445=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3445=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3445=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3445=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3445=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3445=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * opensc-debuginfo-0.22.0-150400.3.12.1 * opensc-0.22.0-150400.3.12.1 * opensc-debugsource-0.22.0-150400.3.12.1 * openSUSE Leap 15.4 (x86_64) * opensc-32bit-0.22.0-150400.3.12.1 * opensc-32bit-debuginfo-0.22.0-150400.3.12.1 * openSUSE Leap 15.4 (aarch64_ilp32) * opensc-64bit-0.22.0-150400.3.12.1 * opensc-64bit-debuginfo-0.22.0-150400.3.12.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * opensc-debuginfo-0.22.0-150400.3.12.1 * opensc-0.22.0-150400.3.12.1 * opensc-debugsource-0.22.0-150400.3.12.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * opensc-debuginfo-0.22.0-150400.3.12.1 * opensc-0.22.0-150400.3.12.1 * opensc-debugsource-0.22.0-150400.3.12.1 * openSUSE Leap 15.5 (x86_64) * opensc-32bit-0.22.0-150400.3.12.1 * opensc-32bit-debuginfo-0.22.0-150400.3.12.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * opensc-debuginfo-0.22.0-150400.3.12.1 * opensc-0.22.0-150400.3.12.1 * opensc-debugsource-0.22.0-150400.3.12.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * opensc-debuginfo-0.22.0-150400.3.12.1 * opensc-0.22.0-150400.3.12.1 * opensc-debugsource-0.22.0-150400.3.12.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * opensc-debuginfo-0.22.0-150400.3.12.1 * opensc-0.22.0-150400.3.12.1 * opensc-debugsource-0.22.0-150400.3.12.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * opensc-debuginfo-0.22.0-150400.3.12.1 * opensc-0.22.0-150400.3.12.1 * opensc-debugsource-0.22.0-150400.3.12.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * opensc-debuginfo-0.22.0-150400.3.12.1 * opensc-0.22.0-150400.3.12.1 * opensc-debugsource-0.22.0-150400.3.12.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * opensc-debuginfo-0.22.0-150400.3.12.1 * opensc-0.22.0-150400.3.12.1 * opensc-debugsource-0.22.0-150400.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45615.html * https://www.suse.com/security/cve/CVE-2024-45616.html * https://www.suse.com/security/cve/CVE-2024-45617.html * https://www.suse.com/security/cve/CVE-2024-45618.html * https://www.suse.com/security/cve/CVE-2024-45619.html * https://www.suse.com/security/cve/CVE-2024-45620.html * https://www.suse.com/security/cve/CVE-2024-8443.html * https://bugzilla.suse.com/show_bug.cgi?id=1217722 * https://bugzilla.suse.com/show_bug.cgi?id=1230071 * https://bugzilla.suse.com/show_bug.cgi?id=1230072 * https://bugzilla.suse.com/show_bug.cgi?id=1230073 * https://bugzilla.suse.com/show_bug.cgi?id=1230074 * https://bugzilla.suse.com/show_bug.cgi?id=1230075 * https://bugzilla.suse.com/show_bug.cgi?id=1230076 * https://bugzilla.suse.com/show_bug.cgi?id=1230364 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 25 20:30:19 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 25 Sep 2024 20:30:19 -0000 Subject: SUSE-SU-2024:3444-1: low: Security update for opensc Message-ID: <172729621950.20007.13911281850193280121@smelt2.prg2.suse.org> # Security update for opensc Announcement ID: SUSE-SU-2024:3444-1 Rating: low References: * bsc#1217722 * bsc#1230071 * bsc#1230072 * bsc#1230073 * bsc#1230074 * bsc#1230075 * bsc#1230076 * bsc#1230364 Cross-References: * CVE-2024-45615 * CVE-2024-45616 * CVE-2024-45617 * CVE-2024-45618 * CVE-2024-45619 * CVE-2024-45620 * CVE-2024-8443 CVSS scores: * CVE-2024-45615 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-45615 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45615 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45615 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45616 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-45616 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45616 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45616 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45617 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-45617 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45617 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45617 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45618 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-45618 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45618 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45618 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45619 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-45619 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45619 ( NVD ): 4.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45619 ( NVD ): 4.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45620 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-45620 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45620 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45620 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-8443 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-8443 ( SUSE ): 3.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-8443 ( NVD ): 3.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves seven vulnerabilities and has one security fix can now be installed. ## Description: This update for opensc fixes the following issues: * CVE-2024-45620: Incorrect handling of the length of buffers or files in pkcs15init. (bsc#1230076) * CVE-2024-45619: Incorrect handling length of buffers or files in libopensc. (bsc#1230075) * CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init. (bsc#1230074) * CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc. (bsc#1230073) * CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU response values in libopensc. (bsc#1230072) * CVE-2024-45615: Usage of uninitialized values in libopensc and pkcs15init. (bsc#1230071) * CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key. (bsc#1230364) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3444=1 SUSE-2024-3444=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3444=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * opensc-debugsource-0.22.0-150600.11.3.1 * opensc-0.22.0-150600.11.3.1 * opensc-debuginfo-0.22.0-150600.11.3.1 * openSUSE Leap 15.6 (x86_64) * opensc-32bit-debuginfo-0.22.0-150600.11.3.1 * opensc-32bit-0.22.0-150600.11.3.1 * openSUSE Leap 15.6 (aarch64_ilp32) * opensc-64bit-0.22.0-150600.11.3.1 * opensc-64bit-debuginfo-0.22.0-150600.11.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * opensc-debugsource-0.22.0-150600.11.3.1 * opensc-0.22.0-150600.11.3.1 * opensc-debuginfo-0.22.0-150600.11.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45615.html * https://www.suse.com/security/cve/CVE-2024-45616.html * https://www.suse.com/security/cve/CVE-2024-45617.html * https://www.suse.com/security/cve/CVE-2024-45618.html * https://www.suse.com/security/cve/CVE-2024-45619.html * https://www.suse.com/security/cve/CVE-2024-45620.html * https://www.suse.com/security/cve/CVE-2024-8443.html * https://bugzilla.suse.com/show_bug.cgi?id=1217722 * https://bugzilla.suse.com/show_bug.cgi?id=1230071 * https://bugzilla.suse.com/show_bug.cgi?id=1230072 * https://bugzilla.suse.com/show_bug.cgi?id=1230073 * https://bugzilla.suse.com/show_bug.cgi?id=1230074 * https://bugzilla.suse.com/show_bug.cgi?id=1230075 * https://bugzilla.suse.com/show_bug.cgi?id=1230076 * https://bugzilla.suse.com/show_bug.cgi?id=1230364 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Sep 25 20:30:27 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Wed, 25 Sep 2024 20:30:27 -0000 Subject: SUSE-SU-2024:3443-1: low: Security update for opensc Message-ID: <172729622726.20007.12909556591733237533@smelt2.prg2.suse.org> # Security update for opensc Announcement ID: SUSE-SU-2024:3443-1 Rating: low References: * bsc#1217722 * bsc#1230071 * bsc#1230072 * bsc#1230073 * bsc#1230074 * bsc#1230075 * bsc#1230076 * bsc#1230364 Cross-References: * CVE-2024-45615 * CVE-2024-45616 * CVE-2024-45617 * CVE-2024-45618 * CVE-2024-45619 * CVE-2024-45620 * CVE-2024-8443 CVSS scores: * CVE-2024-45615 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-45615 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45615 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45615 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45616 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-45616 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45616 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45616 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45617 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-45617 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45617 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45617 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45618 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-45618 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45618 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45618 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45619 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-45619 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45619 ( NVD ): 4.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45619 ( NVD ): 4.3 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45620 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N * CVE-2024-45620 ( SUSE ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45620 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-45620 ( NVD ): 3.9 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-8443 ( SUSE ): 1.0 CVSS:4.0/AV:P/AC:H/AT:N/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-8443 ( SUSE ): 3.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-8443 ( NVD ): 3.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves seven vulnerabilities and has one security fix can now be installed. ## Description: This update for opensc fixes the following issues: * CVE-2024-45620: Incorrect handling of the length of buffers or files in pkcs15init. (bsc#1230076) * CVE-2024-45619: Incorrect handling length of buffers or files in libopensc. (bsc#1230075) * CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init. (bsc#1230074) * CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc. (bsc#1230073) * CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU response values in libopensc. (bsc#1230072) * CVE-2024-45615: Usage of uninitialized values in libopensc and pkcs15init. (bsc#1230071) * CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key. (bsc#1230364) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3443=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3443=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3443=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * opensc-debugsource-0.13.0-3.31.1 * opensc-0.13.0-3.31.1 * opensc-debuginfo-0.13.0-3.31.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * opensc-debugsource-0.13.0-3.31.1 * opensc-0.13.0-3.31.1 * opensc-debuginfo-0.13.0-3.31.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * opensc-debugsource-0.13.0-3.31.1 * opensc-0.13.0-3.31.1 * opensc-debuginfo-0.13.0-3.31.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45615.html * https://www.suse.com/security/cve/CVE-2024-45616.html * https://www.suse.com/security/cve/CVE-2024-45617.html * https://www.suse.com/security/cve/CVE-2024-45618.html * https://www.suse.com/security/cve/CVE-2024-45619.html * https://www.suse.com/security/cve/CVE-2024-45620.html * https://www.suse.com/security/cve/CVE-2024-8443.html * https://bugzilla.suse.com/show_bug.cgi?id=1217722 * https://bugzilla.suse.com/show_bug.cgi?id=1230071 * https://bugzilla.suse.com/show_bug.cgi?id=1230072 * https://bugzilla.suse.com/show_bug.cgi?id=1230073 * https://bugzilla.suse.com/show_bug.cgi?id=1230074 * https://bugzilla.suse.com/show_bug.cgi?id=1230075 * https://bugzilla.suse.com/show_bug.cgi?id=1230076 * https://bugzilla.suse.com/show_bug.cgi?id=1230364 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 26 08:30:08 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 26 Sep 2024 08:30:08 -0000 Subject: SUSE-SU-2024:3459-1: important: Security update for kubernetes1.24 Message-ID: <172733940881.15730.10307213682369605638@smelt2.prg2.suse.org> # Security update for kubernetes1.24 Announcement ID: SUSE-SU-2024:3459-1 Rating: important References: * bsc#1229122 Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that has one security fix can now be installed. ## Description: This update of kubernetes1.24 fixes the following issues: * rebuild the package with the current go 1.23 security release (bsc#1229122). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3459=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3459=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3459=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3459=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3459=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-controller-manager-1.24.17-150300.7.9.1 * kubernetes1.24-client-1.24.17-150300.7.9.1 * kubernetes1.24-kubeadm-1.24.17-150300.7.9.1 * kubernetes1.24-client-common-1.24.17-150300.7.9.1 * kubernetes1.24-kubelet-1.24.17-150300.7.9.1 * kubernetes1.24-kubelet-common-1.24.17-150300.7.9.1 * kubernetes1.24-apiserver-1.24.17-150300.7.9.1 * kubernetes1.24-scheduler-1.24.17-150300.7.9.1 * kubernetes1.24-proxy-1.24.17-150300.7.9.1 * openSUSE Leap 15.3 (noarch) * kubernetes1.24-client-bash-completion-1.24.17-150300.7.9.1 * kubernetes1.24-client-fish-completion-1.24.17-150300.7.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * kubernetes1.24-client-1.24.17-150300.7.9.1 * kubernetes1.24-client-common-1.24.17-150300.7.9.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-client-1.24.17-150300.7.9.1 * kubernetes1.24-client-common-1.24.17-150300.7.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * kubernetes1.24-client-1.24.17-150300.7.9.1 * kubernetes1.24-client-common-1.24.17-150300.7.9.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * kubernetes1.24-client-1.24.17-150300.7.9.1 * kubernetes1.24-client-common-1.24.17-150300.7.9.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1229122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 26 08:30:11 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 26 Sep 2024 08:30:11 -0000 Subject: SUSE-SU-2024:3458-1: important: Security update for kubernetes1.24 Message-ID: <172733941161.15730.5099917113796553793@smelt2.prg2.suse.org> # Security update for kubernetes1.24 Announcement ID: SUSE-SU-2024:3458-1 Rating: important References: * bsc#1229122 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that has one security fix can now be installed. ## Description: This update of kubernetes1.24 fixes the following issues: * rebuild the package with the current go 1.23 security release (bsc#1229122). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3458=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3458=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3458=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3458=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3458=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-apiserver-1.24.17-150400.9.18.1 * kubernetes1.24-controller-manager-1.24.17-150400.9.18.1 * kubernetes1.24-kubeadm-1.24.17-150400.9.18.1 * kubernetes1.24-client-common-1.24.17-150400.9.18.1 * kubernetes1.24-client-1.24.17-150400.9.18.1 * kubernetes1.24-kubelet-common-1.24.17-150400.9.18.1 * kubernetes1.24-proxy-1.24.17-150400.9.18.1 * kubernetes1.24-scheduler-1.24.17-150400.9.18.1 * kubernetes1.24-kubelet-1.24.17-150400.9.18.1 * openSUSE Leap 15.4 (noarch) * kubernetes1.24-client-fish-completion-1.24.17-150400.9.18.1 * kubernetes1.24-client-bash-completion-1.24.17-150400.9.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.24-client-common-1.24.17-150400.9.18.1 * kubernetes1.24-client-1.24.17-150400.9.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.24-client-common-1.24.17-150400.9.18.1 * kubernetes1.24-client-1.24.17-150400.9.18.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-client-common-1.24.17-150400.9.18.1 * kubernetes1.24-client-1.24.17-150400.9.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.24-client-common-1.24.17-150400.9.18.1 * kubernetes1.24-client-1.24.17-150400.9.18.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1229122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 26 08:30:16 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 26 Sep 2024 08:30:16 -0000 Subject: SUSE-SU-2024:3457-1: important: Security update for kubernetes1.25 Message-ID: <172733941683.15730.12522678884367102935@smelt2.prg2.suse.org> # Security update for kubernetes1.25 Announcement ID: SUSE-SU-2024:3457-1 Rating: important References: * bsc#1229122 Affected Products: * Containers Module 15-SP5 * Containers Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one security fix can now be installed. ## Description: This update of kubernetes1.25 fixes the following issues: * rebuild the package with the current go 1.23 security release (bsc#1229122). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3457=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3457=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3457=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3457=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3457=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3457=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-3457=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3457=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3457=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * kubernetes1.25-client-common-1.25.16-150400.9.18.1 * kubernetes1.25-client-1.25.16-150400.9.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.25-client-common-1.25.16-150400.9.18.1 * kubernetes1.25-client-1.25.16-150400.9.18.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kubernetes1.25-apiserver-1.25.16-150400.9.18.1 * kubernetes1.25-client-common-1.25.16-150400.9.18.1 * kubernetes1.25-controller-manager-1.25.16-150400.9.18.1 * kubernetes1.25-client-1.25.16-150400.9.18.1 * kubernetes1.25-kubeadm-1.25.16-150400.9.18.1 * kubernetes1.25-proxy-1.25.16-150400.9.18.1 * kubernetes1.25-scheduler-1.25.16-150400.9.18.1 * kubernetes1.25-kubelet-common-1.25.16-150400.9.18.1 * kubernetes1.25-kubelet-1.25.16-150400.9.18.1 * openSUSE Leap 15.4 (noarch) * kubernetes1.25-client-fish-completion-1.25.16-150400.9.18.1 * kubernetes1.25-client-bash-completion-1.25.16-150400.9.18.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.25-client-common-1.25.16-150400.9.18.1 * kubernetes1.25-client-1.25.16-150400.9.18.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kubernetes1.25-apiserver-1.25.16-150400.9.18.1 * kubernetes1.25-client-common-1.25.16-150400.9.18.1 * kubernetes1.25-controller-manager-1.25.16-150400.9.18.1 * kubernetes1.25-client-1.25.16-150400.9.18.1 * kubernetes1.25-kubeadm-1.25.16-150400.9.18.1 * kubernetes1.25-proxy-1.25.16-150400.9.18.1 * kubernetes1.25-scheduler-1.25.16-150400.9.18.1 * kubernetes1.25-kubelet-common-1.25.16-150400.9.18.1 * kubernetes1.25-kubelet-1.25.16-150400.9.18.1 * openSUSE Leap 15.6 (noarch) * kubernetes1.25-client-fish-completion-1.25.16-150400.9.18.1 * kubernetes1.25-client-bash-completion-1.25.16-150400.9.18.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.25-client-common-1.25.16-150400.9.18.1 * kubernetes1.25-client-1.25.16-150400.9.18.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kubernetes1.25-client-common-1.25.16-150400.9.18.1 * kubernetes1.25-client-1.25.16-150400.9.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.25-client-common-1.25.16-150400.9.18.1 * kubernetes1.25-client-1.25.16-150400.9.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.25-client-common-1.25.16-150400.9.18.1 * kubernetes1.25-client-1.25.16-150400.9.18.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1229122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 26 08:30:20 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 26 Sep 2024 08:30:20 -0000 Subject: SUSE-SU-2024:3456-1: important: Security update for kubernetes1.26 Message-ID: <172733942022.15730.7159815135907993186@smelt2.prg2.suse.org> # Security update for kubernetes1.26 Announcement ID: SUSE-SU-2024:3456-1 Rating: important References: * bsc#1229122 Affected Products: * Containers Module 15-SP5 * Containers Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one security fix can now be installed. ## Description: This update of kubernetes1.26 fixes the following issues: * rebuild the package with the current go 1.23 security release (bsc#1229122). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3456=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3456=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3456=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3456=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-3456=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3456=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3456=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3456=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3456=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-kubelet-1.26.15-150400.9.16.1 * kubernetes1.26-proxy-1.26.15-150400.9.16.1 * kubernetes1.26-apiserver-1.26.15-150400.9.16.1 * kubernetes1.26-kubelet-common-1.26.15-150400.9.16.1 * kubernetes1.26-kubeadm-1.26.15-150400.9.16.1 * kubernetes1.26-scheduler-1.26.15-150400.9.16.1 * kubernetes1.26-controller-manager-1.26.15-150400.9.16.1 * kubernetes1.26-client-common-1.26.15-150400.9.16.1 * kubernetes1.26-client-1.26.15-150400.9.16.1 * openSUSE Leap 15.4 (noarch) * kubernetes1.26-client-fish-completion-1.26.15-150400.9.16.1 * kubernetes1.26-client-bash-completion-1.26.15-150400.9.16.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-client-common-1.26.15-150400.9.16.1 * kubernetes1.26-client-1.26.15-150400.9.16.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-kubelet-1.26.15-150400.9.16.1 * kubernetes1.26-proxy-1.26.15-150400.9.16.1 * kubernetes1.26-apiserver-1.26.15-150400.9.16.1 * kubernetes1.26-kubelet-common-1.26.15-150400.9.16.1 * kubernetes1.26-kubeadm-1.26.15-150400.9.16.1 * kubernetes1.26-scheduler-1.26.15-150400.9.16.1 * kubernetes1.26-controller-manager-1.26.15-150400.9.16.1 * kubernetes1.26-client-common-1.26.15-150400.9.16.1 * kubernetes1.26-client-1.26.15-150400.9.16.1 * openSUSE Leap 15.6 (noarch) * kubernetes1.26-client-fish-completion-1.26.15-150400.9.16.1 * kubernetes1.26-client-bash-completion-1.26.15-150400.9.16.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-client-common-1.26.15-150400.9.16.1 * kubernetes1.26-client-1.26.15-150400.9.16.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-client-common-1.26.15-150400.9.16.1 * kubernetes1.26-client-1.26.15-150400.9.16.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.26-client-common-1.26.15-150400.9.16.1 * kubernetes1.26-client-1.26.15-150400.9.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.26-client-common-1.26.15-150400.9.16.1 * kubernetes1.26-client-1.26.15-150400.9.16.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * kubernetes1.26-client-common-1.26.15-150400.9.16.1 * kubernetes1.26-client-1.26.15-150400.9.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.26-client-common-1.26.15-150400.9.16.1 * kubernetes1.26-client-1.26.15-150400.9.16.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1229122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 26 08:30:22 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 26 Sep 2024 08:30:22 -0000 Subject: SUSE-SU-2024:3455-1: important: Security update for kubernetes1.27 Message-ID: <172733942279.15730.967100325942271584@smelt2.prg2.suse.org> # Security update for kubernetes1.27 Announcement ID: SUSE-SU-2024:3455-1 Rating: important References: * bsc#1229122 Affected Products: * Containers Module 15-SP5 * Containers Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one security fix can now be installed. ## Description: This update of kubernetes1.27 fixes the following issues: * rebuild the package with the current go 1.23 security release (bsc#1229122). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3455=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3455=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3455=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3455=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-3455=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3455=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3455=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3455=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3455=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kubernetes1.27-kubelet-1.27.16-150400.9.12.1 * kubernetes1.27-scheduler-1.27.16-150400.9.12.1 * kubernetes1.27-kubelet-common-1.27.16-150400.9.12.1 * kubernetes1.27-kubeadm-1.27.16-150400.9.12.1 * kubernetes1.27-client-common-1.27.16-150400.9.12.1 * kubernetes1.27-apiserver-1.27.16-150400.9.12.1 * kubernetes1.27-client-1.27.16-150400.9.12.1 * kubernetes1.27-controller-manager-1.27.16-150400.9.12.1 * kubernetes1.27-proxy-1.27.16-150400.9.12.1 * openSUSE Leap 15.4 (noarch) * kubernetes1.27-client-fish-completion-1.27.16-150400.9.12.1 * kubernetes1.27-client-bash-completion-1.27.16-150400.9.12.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.27-client-1.27.16-150400.9.12.1 * kubernetes1.27-client-common-1.27.16-150400.9.12.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kubernetes1.27-kubelet-1.27.16-150400.9.12.1 * kubernetes1.27-scheduler-1.27.16-150400.9.12.1 * kubernetes1.27-kubelet-common-1.27.16-150400.9.12.1 * kubernetes1.27-kubeadm-1.27.16-150400.9.12.1 * kubernetes1.27-client-common-1.27.16-150400.9.12.1 * kubernetes1.27-apiserver-1.27.16-150400.9.12.1 * kubernetes1.27-client-1.27.16-150400.9.12.1 * kubernetes1.27-controller-manager-1.27.16-150400.9.12.1 * kubernetes1.27-proxy-1.27.16-150400.9.12.1 * openSUSE Leap 15.6 (noarch) * kubernetes1.27-client-fish-completion-1.27.16-150400.9.12.1 * kubernetes1.27-client-bash-completion-1.27.16-150400.9.12.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.27-client-1.27.16-150400.9.12.1 * kubernetes1.27-client-common-1.27.16-150400.9.12.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kubernetes1.27-client-1.27.16-150400.9.12.1 * kubernetes1.27-client-common-1.27.16-150400.9.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.27-client-1.27.16-150400.9.12.1 * kubernetes1.27-client-common-1.27.16-150400.9.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.27-client-1.27.16-150400.9.12.1 * kubernetes1.27-client-common-1.27.16-150400.9.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * kubernetes1.27-client-1.27.16-150400.9.12.1 * kubernetes1.27-client-common-1.27.16-150400.9.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.27-client-1.27.16-150400.9.12.1 * kubernetes1.27-client-common-1.27.16-150400.9.12.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1229122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 26 08:30:25 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 26 Sep 2024 08:30:25 -0000 Subject: SUSE-SU-2024:3454-1: important: Security update for kubernetes1.28 Message-ID: <172733942514.15730.894329889460942322@smelt2.prg2.suse.org> # Security update for kubernetes1.28 Announcement ID: SUSE-SU-2024:3454-1 Rating: important References: * bsc#1229122 Affected Products: * Containers Module 15-SP5 * Containers Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one security fix can now be installed. ## Description: This update of kubernetes1.28 fixes the following issues: * rebuild the package with the current go 1.23 security release (bsc#1229122). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3454=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3454=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-3454=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3454=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3454=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3454=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3454=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3454=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3454=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kubernetes1.28-controller-manager-1.28.13-150400.9.10.1 * kubernetes1.28-kubelet-common-1.28.13-150400.9.10.1 * kubernetes1.28-scheduler-1.28.13-150400.9.10.1 * kubernetes1.28-apiserver-1.28.13-150400.9.10.1 * kubernetes1.28-client-common-1.28.13-150400.9.10.1 * kubernetes1.28-kubeadm-1.28.13-150400.9.10.1 * kubernetes1.28-proxy-1.28.13-150400.9.10.1 * kubernetes1.28-client-1.28.13-150400.9.10.1 * kubernetes1.28-kubelet-1.28.13-150400.9.10.1 * openSUSE Leap 15.6 (noarch) * kubernetes1.28-client-bash-completion-1.28.13-150400.9.10.1 * kubernetes1.28-client-fish-completion-1.28.13-150400.9.10.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.10.1 * kubernetes1.28-client-1.28.13-150400.9.10.1 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.10.1 * kubernetes1.28-client-1.28.13-150400.9.10.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.10.1 * kubernetes1.28-client-1.28.13-150400.9.10.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.10.1 * kubernetes1.28-client-1.28.13-150400.9.10.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.10.1 * kubernetes1.28-client-1.28.13-150400.9.10.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.10.1 * kubernetes1.28-client-1.28.13-150400.9.10.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kubernetes1.28-controller-manager-1.28.13-150400.9.10.1 * kubernetes1.28-kubelet-common-1.28.13-150400.9.10.1 * kubernetes1.28-scheduler-1.28.13-150400.9.10.1 * kubernetes1.28-apiserver-1.28.13-150400.9.10.1 * kubernetes1.28-client-common-1.28.13-150400.9.10.1 * kubernetes1.28-kubeadm-1.28.13-150400.9.10.1 * kubernetes1.28-proxy-1.28.13-150400.9.10.1 * kubernetes1.28-client-1.28.13-150400.9.10.1 * kubernetes1.28-kubelet-1.28.13-150400.9.10.1 * openSUSE Leap 15.4 (noarch) * kubernetes1.28-client-bash-completion-1.28.13-150400.9.10.1 * kubernetes1.28-client-fish-completion-1.28.13-150400.9.10.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.28-client-common-1.28.13-150400.9.10.1 * kubernetes1.28-client-1.28.13-150400.9.10.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1229122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 26 08:30:28 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 26 Sep 2024 08:30:28 -0000 Subject: SUSE-SU-2024:3453-1: important: Security update for kubernetes1.24 Message-ID: <172733942846.15730.11912136669599244851@smelt2.prg2.suse.org> # Security update for kubernetes1.24 Announcement ID: SUSE-SU-2024:3453-1 Rating: important References: * bsc#1229122 Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one security fix can now be installed. ## Description: This update of kubernetes1.24 fixes the following issues: * rebuild the package with the current go 1.23 security release (bsc#1229122). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3453=1 openSUSE-SLE-15.5-2024-3453=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3453=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3453=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-kubeadm-1.24.17-150500.3.24.1 * kubernetes1.24-kubelet-common-1.24.17-150500.3.24.1 * kubernetes1.24-controller-manager-1.24.17-150500.3.24.1 * kubernetes1.24-proxy-1.24.17-150500.3.24.1 * kubernetes1.24-kubelet-1.24.17-150500.3.24.1 * kubernetes1.24-scheduler-1.24.17-150500.3.24.1 * kubernetes1.24-client-1.24.17-150500.3.24.1 * kubernetes1.24-apiserver-1.24.17-150500.3.24.1 * kubernetes1.24-client-common-1.24.17-150500.3.24.1 * openSUSE Leap 15.5 (noarch) * kubernetes1.24-client-bash-completion-1.24.17-150500.3.24.1 * kubernetes1.24-client-fish-completion-1.24.17-150500.3.24.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-kubeadm-1.24.17-150500.3.24.1 * kubernetes1.24-kubelet-common-1.24.17-150500.3.24.1 * kubernetes1.24-controller-manager-1.24.17-150500.3.24.1 * kubernetes1.24-proxy-1.24.17-150500.3.24.1 * kubernetes1.24-kubelet-1.24.17-150500.3.24.1 * kubernetes1.24-scheduler-1.24.17-150500.3.24.1 * kubernetes1.24-client-1.24.17-150500.3.24.1 * kubernetes1.24-apiserver-1.24.17-150500.3.24.1 * kubernetes1.24-client-common-1.24.17-150500.3.24.1 * openSUSE Leap 15.6 (noarch) * kubernetes1.24-client-bash-completion-1.24.17-150500.3.24.1 * kubernetes1.24-client-fish-completion-1.24.17-150500.3.24.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kubernetes1.24-client-common-1.24.17-150500.3.24.1 * kubernetes1.24-client-1.24.17-150500.3.24.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1229122 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Sep 26 08:30:41 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Thu, 26 Sep 2024 08:30:41 -0000 Subject: SUSE-SU-2024:3447-1: important: Security update for python36 Message-ID: <172733944171.15730.9360608728936474424@smelt2.prg2.suse.org> # Security update for python36 Announcement ID: SUSE-SU-2024:3447-1 Rating: important References: * bsc#1230227 Cross-References: * CVE-2024-6232 CVSS scores: * CVE-2024-6232 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-6232 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6232 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves one vulnerability can now be installed. ## Description: This update for python36 fixes the following issues: * CVE-2024-6232: excessive backtracking when parsing tarfile headers leads to ReDoS. (bsc#1230227) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3447=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3447=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3447=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3447=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * python3-tk-debuginfo-3.6.15-150000.3.161.1 * python3-3.6.15-150000.3.161.1 * libpython3_6m1_0-debuginfo-3.6.15-150000.3.161.1 * libpython3_6m1_0-3.6.15-150000.3.161.1 * python3-curses-debuginfo-3.6.15-150000.3.161.1 * python3-devel-3.6.15-150000.3.161.1 * python3-debugsource-3.6.15-150000.3.161.1 * python3-dbm-debuginfo-3.6.15-150000.3.161.1 * python3-devel-debuginfo-3.6.15-150000.3.161.1 * python3-core-debugsource-3.6.15-150000.3.161.1 * python3-curses-3.6.15-150000.3.161.1 * python3-debuginfo-3.6.15-150000.3.161.1 * python3-tk-3.6.15-150000.3.161.1 * python3-tools-3.6.15-150000.3.161.1 * python3-dbm-3.6.15-150000.3.161.1 * python3-base-3.6.15-150000.3.161.1 * python3-idle-3.6.15-150000.3.161.1 * python3-base-debuginfo-3.6.15-150000.3.161.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * python3-tk-debuginfo-3.6.15-150000.3.161.1 * python3-3.6.15-150000.3.161.1 * libpython3_6m1_0-debuginfo-3.6.15-150000.3.161.1 * libpython3_6m1_0-3.6.15-150000.3.161.1 * python3-curses-debuginfo-3.6.15-150000.3.161.1 * python3-devel-3.6.15-150000.3.161.1 * python3-debugsource-3.6.15-150000.3.161.1 * python3-dbm-debuginfo-3.6.15-150000.3.161.1 * python3-devel-debuginfo-3.6.15-150000.3.161.1 * python3-core-debugsource-3.6.15-150000.3.161.1 * python3-curses-3.6.15-150000.3.161.1 * python3-debuginfo-3.6.15-150000.3.161.1 * python3-tk-3.6.15-150000.3.161.1 * python3-tools-3.6.15-150000.3.161.1 * python3-dbm-3.6.15-150000.3.161.1 * python3-base-3.6.15-150000.3.161.1 * python3-idle-3.6.15-150000.3.161.1 * python3-base-debuginfo-3.6.15-150000.3.161.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * python3-tk-debuginfo-3.6.15-150000.3.161.1 * python3-3.6.15-150000.3.161.1 * libpython3_6m1_0-debuginfo-3.6.15-150000.3.161.1 * libpython3_6m1_0-3.6.15-150000.3.161.1 * python3-curses-debuginfo-3.6.15-150000.3.161.1 * python3-devel-3.6.15-150000.3.161.1 * python3-debugsource-3.6.15-150000.3.161.1 * python3-dbm-debuginfo-3.6.15-150000.3.161.1 * python3-devel-debuginfo-3.6.15-150000.3.161.1 * python3-core-debugsource-3.6.15-150000.3.161.1 * python3-curses-3.6.15-150000.3.161.1 * python3-debuginfo-3.6.15-150000.3.161.1 * python3-tk-3.6.15-150000.3.161.1 * python3-tools-3.6.15-150000.3.161.1 * python3-dbm-3.6.15-150000.3.161.1 * python3-base-3.6.15-150000.3.161.1 * python3-idle-3.6.15-150000.3.161.1 * python3-base-debuginfo-3.6.15-150000.3.161.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * python3-3.6.15-150000.3.161.1 * libpython3_6m1_0-debuginfo-3.6.15-150000.3.161.1 * libpython3_6m1_0-3.6.15-150000.3.161.1 * python3-debugsource-3.6.15-150000.3.161.1 * python3-core-debugsource-3.6.15-150000.3.161.1 * python3-debuginfo-3.6.15-150000.3.161.1 * python3-base-3.6.15-150000.3.161.1 * python3-base-debuginfo-3.6.15-150000.3.161.1 ## References: * https://www.suse.com/security/cve/CVE-2024-6232.html * https://bugzilla.suse.com/show_bug.cgi?id=1230227 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 27 12:30:06 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 27 Sep 2024 12:30:06 -0000 Subject: SUSE-SU-2024:3468-1: important: Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6) Message-ID: <172744020618.19060.2032722135763824415@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6) Announcement ID: SUSE-SU-2024:3468-1 Rating: important References: * bsc#1225099 * bsc#1228349 Cross-References: * CVE-2023-52846 * CVE-2024-40909 CVSS scores: * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_5 fixes several issues. The following security issues were fixed: * CVE-2024-40909: Fix a potential use-after-free in bpf_link_free() (bsc#1228349). * CVE-2023-52846: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2024-3468=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3468=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_7-default-2-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_1-debugsource-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-2-150600.2.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_7-default-2-150600.2.1 * kernel-livepatch-SLE15-SP6_Update_1-debugsource-2-150600.2.1 * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-2-150600.2.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-40909.html * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1228349 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 27 12:30:23 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 27 Sep 2024 12:30:23 -0000 Subject: SUSE-SU-2024:3467-1: important: Security update for the Linux Kernel Message-ID: <172744022341.19060.1500839124156457034@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3467-1 Rating: important References: * bsc#1202346 * bsc#1227985 * bsc#1228002 * bsc#1228938 * bsc#1228959 * bsc#1229454 * bsc#1229456 * bsc#1229503 * bsc#1229657 * bsc#1229707 Cross-References: * CVE-2022-20368 * CVE-2022-48791 * CVE-2022-48839 * CVE-2022-48919 * CVE-2024-42232 * CVE-2024-43882 * CVE-2024-43883 * CVE-2024-44947 CVSS scores: * CVE-2022-20368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-20368 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48791 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48839 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48919 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48919 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48919 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43883 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43883 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Server 11 SP4 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 An update that solves eight vulnerabilities and has two security fixes can now be installed. ## Description: The SUSE Linux Enterprise 11 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-48791: Fix use-after-free for aborted TMF sas_task (bsc#1228002) * CVE-2022-48919: Fix double free race when mount fails in cifs_get_root() (bsc#1229657). * CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454). * CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) * CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959) The following non-security bugs were fixed: * fuse: fix SetPageUptodate() condition in STORE (bsc#1229456). * reiserfs: fix "new_insert_key may be used uninitialized ..." (bsc#1228938). * scsi: pm80xx: Fix TMF task completion race condition (bsc#1228002) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2024-3467=1 * SUSE Linux Enterprise Server 11 SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2024-3467=1 ## Package List: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 (nosrc x86_64) * kernel-default-3.0.101-108.162.1 * kernel-xen-3.0.101-108.162.1 * kernel-trace-3.0.101-108.162.1 * kernel-ec2-3.0.101-108.162.1 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 (x86_64) * kernel-trace-base-3.0.101-108.162.1 * kernel-source-3.0.101-108.162.1 * kernel-ec2-base-3.0.101-108.162.1 * kernel-xen-devel-3.0.101-108.162.1 * kernel-ec2-devel-3.0.101-108.162.1 * kernel-syms-3.0.101-108.162.1 * kernel-trace-devel-3.0.101-108.162.1 * kernel-default-base-3.0.101-108.162.1 * kernel-default-devel-3.0.101-108.162.1 * kernel-xen-base-3.0.101-108.162.1 * SUSE Linux Enterprise Server 11 SP4 (nosrc x86_64) * kernel-default-3.0.101-108.162.1 * kernel-xen-3.0.101-108.162.1 * kernel-trace-3.0.101-108.162.1 * kernel-ec2-3.0.101-108.162.1 * SUSE Linux Enterprise Server 11 SP4 (x86_64) * kernel-trace-base-3.0.101-108.162.1 * kernel-source-3.0.101-108.162.1 * kernel-ec2-base-3.0.101-108.162.1 * kernel-xen-devel-3.0.101-108.162.1 * kernel-ec2-devel-3.0.101-108.162.1 * kernel-syms-3.0.101-108.162.1 * kernel-trace-devel-3.0.101-108.162.1 * kernel-default-base-3.0.101-108.162.1 * kernel-default-devel-3.0.101-108.162.1 * kernel-xen-base-3.0.101-108.162.1 ## References: * https://www.suse.com/security/cve/CVE-2022-20368.html * https://www.suse.com/security/cve/CVE-2022-48791.html * https://www.suse.com/security/cve/CVE-2022-48839.html * https://www.suse.com/security/cve/CVE-2022-48919.html * https://www.suse.com/security/cve/CVE-2024-42232.html * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-43883.html * https://www.suse.com/security/cve/CVE-2024-44947.html * https://bugzilla.suse.com/show_bug.cgi?id=1202346 * https://bugzilla.suse.com/show_bug.cgi?id=1227985 * https://bugzilla.suse.com/show_bug.cgi?id=1228002 * https://bugzilla.suse.com/show_bug.cgi?id=1228938 * https://bugzilla.suse.com/show_bug.cgi?id=1228959 * https://bugzilla.suse.com/show_bug.cgi?id=1229454 * https://bugzilla.suse.com/show_bug.cgi?id=1229456 * https://bugzilla.suse.com/show_bug.cgi?id=1229503 * https://bugzilla.suse.com/show_bug.cgi?id=1229657 * https://bugzilla.suse.com/show_bug.cgi?id=1229707 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 27 16:34:43 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 27 Sep 2024 16:34:43 -0000 Subject: SUSE-SU-2024:3483-1: important: Security update for the Linux Kernel Message-ID: <172745488376.15730.1914465999748613158@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3483-1 Rating: important References: * bsc#1193629 * bsc#1194111 * bsc#1194765 * bsc#1194869 * bsc#1196261 * bsc#1196516 * bsc#1196894 * bsc#1198017 * bsc#1203329 * bsc#1203330 * bsc#1203360 * bsc#1205462 * bsc#1206006 * bsc#1206258 * bsc#1206843 * bsc#1207158 * bsc#1208783 * bsc#1210644 * bsc#1213580 * bsc#1213632 * bsc#1214285 * bsc#1216834 * bsc#1220428 * bsc#1220877 * bsc#1220962 * bsc#1221269 * bsc#1221326 * bsc#1221630 * bsc#1221645 * bsc#1222335 * bsc#1222350 * bsc#1222372 * bsc#1222387 * bsc#1222634 * bsc#1222808 * bsc#1222967 * bsc#1223074 * bsc#1223191 * bsc#1223508 * bsc#1223720 * bsc#1223742 * bsc#1223777 * bsc#1223803 * bsc#1223807 * bsc#1224105 * bsc#1224415 * bsc#1224496 * bsc#1224510 * bsc#1224542 * bsc#1224578 * bsc#1224639 * bsc#1225162 * bsc#1225352 * bsc#1225428 * bsc#1225524 * bsc#1225578 * bsc#1225582 * bsc#1225773 * bsc#1225814 * bsc#1225827 * bsc#1225832 * bsc#1225903 * bsc#1226168 * bsc#1226530 * bsc#1226613 * bsc#1226742 * bsc#1226765 * bsc#1226798 * bsc#1226801 * bsc#1226874 * bsc#1226885 * bsc#1227079 * bsc#1227623 * bsc#1227761 * bsc#1227830 * bsc#1227863 * bsc#1227867 * bsc#1227929 * bsc#1227937 * bsc#1227958 * bsc#1228020 * bsc#1228065 * bsc#1228114 * bsc#1228410 * bsc#1228426 * bsc#1228427 * bsc#1228429 * bsc#1228446 * bsc#1228447 * bsc#1228449 * bsc#1228450 * bsc#1228452 * bsc#1228456 * bsc#1228463 * bsc#1228466 * bsc#1228467 * bsc#1228469 * bsc#1228480 * bsc#1228481 * bsc#1228482 * bsc#1228483 * bsc#1228484 * bsc#1228485 * bsc#1228487 * bsc#1228489 * bsc#1228491 * bsc#1228493 * bsc#1228494 * bsc#1228495 * bsc#1228496 * bsc#1228501 * bsc#1228503 * bsc#1228509 * bsc#1228513 * bsc#1228515 * bsc#1228516 * bsc#1228526 * bsc#1228531 * bsc#1228563 * bsc#1228564 * bsc#1228567 * bsc#1228576 * bsc#1228579 * bsc#1228584 * bsc#1228588 * bsc#1228590 * bsc#1228615 * bsc#1228616 * bsc#1228635 * bsc#1228636 * bsc#1228654 * bsc#1228656 * bsc#1228658 * bsc#1228660 * bsc#1228662 * bsc#1228667 * bsc#1228673 * bsc#1228677 * bsc#1228687 * bsc#1228706 * bsc#1228708 * bsc#1228710 * bsc#1228718 * bsc#1228720 * bsc#1228721 * bsc#1228722 * bsc#1228724 * bsc#1228726 * bsc#1228727 * bsc#1228733 * bsc#1228748 * bsc#1228766 * bsc#1228779 * bsc#1228801 * bsc#1228850 * bsc#1228857 * bsc#1228959 * bsc#1228964 * bsc#1228966 * bsc#1228967 * bsc#1228979 * bsc#1228988 * bsc#1228989 * bsc#1228991 * bsc#1228992 * bsc#1229042 * bsc#1229054 * bsc#1229086 * bsc#1229136 * bsc#1229154 * bsc#1229187 * bsc#1229188 * bsc#1229190 * bsc#1229287 * bsc#1229290 * bsc#1229292 * bsc#1229296 * bsc#1229297 * bsc#1229301 * bsc#1229303 * bsc#1229304 * bsc#1229305 * bsc#1229307 * bsc#1229309 * bsc#1229312 * bsc#1229314 * bsc#1229315 * bsc#1229317 * bsc#1229318 * bsc#1229319 * bsc#1229327 * bsc#1229341 * bsc#1229345 * bsc#1229346 * bsc#1229347 * bsc#1229349 * bsc#1229350 * bsc#1229351 * bsc#1229354 * bsc#1229356 * bsc#1229357 * bsc#1229358 * bsc#1229359 * bsc#1229360 * bsc#1229366 * bsc#1229370 * bsc#1229373 * bsc#1229374 * bsc#1229381 * bsc#1229382 * bsc#1229383 * bsc#1229386 * bsc#1229388 * bsc#1229391 * bsc#1229392 * bsc#1229395 * bsc#1229398 * bsc#1229399 * bsc#1229400 * bsc#1229407 * bsc#1229409 * bsc#1229410 * bsc#1229411 * bsc#1229413 * bsc#1229414 * bsc#1229417 * bsc#1229418 * bsc#1229444 * bsc#1229453 * bsc#1229454 * bsc#1229481 * bsc#1229482 * bsc#1229488 * bsc#1229489 * bsc#1229490 * bsc#1229493 * bsc#1229495 * bsc#1229497 * bsc#1229500 * bsc#1229503 * bsc#1229506 * bsc#1229507 * bsc#1229508 * bsc#1229509 * bsc#1229510 * bsc#1229512 * bsc#1229516 * bsc#1229521 * bsc#1229522 * bsc#1229523 * bsc#1229524 * bsc#1229525 * bsc#1229526 * bsc#1229527 * bsc#1229528 * bsc#1229529 * bsc#1229531 * bsc#1229533 * bsc#1229535 * bsc#1229536 * bsc#1229537 * bsc#1229540 * bsc#1229544 * bsc#1229545 * bsc#1229546 * bsc#1229547 * bsc#1229548 * bsc#1229554 * bsc#1229557 * bsc#1229558 * bsc#1229559 * bsc#1229560 * bsc#1229562 * bsc#1229564 * bsc#1229565 * bsc#1229566 * bsc#1229568 * bsc#1229569 * bsc#1229572 * bsc#1229573 * bsc#1229576 * bsc#1229581 * bsc#1229588 * bsc#1229598 * bsc#1229603 * bsc#1229604 * bsc#1229605 * bsc#1229608 * bsc#1229611 * bsc#1229612 * bsc#1229613 * bsc#1229614 * bsc#1229615 * bsc#1229616 * bsc#1229617 * bsc#1229620 * bsc#1229622 * bsc#1229623 * bsc#1229624 * bsc#1229625 * bsc#1229626 * bsc#1229628 * bsc#1229629 * bsc#1229630 * bsc#1229631 * bsc#1229632 * bsc#1229635 * bsc#1229636 * bsc#1229637 * bsc#1229638 * bsc#1229639 * bsc#1229641 * bsc#1229642 * bsc#1229643 * bsc#1229645 * bsc#1229657 * bsc#1229658 * bsc#1229662 * bsc#1229664 * bsc#1229707 * bsc#1229739 * bsc#1229743 * bsc#1229746 * bsc#1229754 * bsc#1229755 * bsc#1229756 * bsc#1229759 * bsc#1229761 * bsc#1229767 * bsc#1229768 * bsc#1229781 * bsc#1229784 * bsc#1229787 * bsc#1229788 * bsc#1229789 * bsc#1229792 * bsc#1229820 * bsc#1230413 * jsc#PED-8491 * jsc#PED-8779 Cross-References: * CVE-2021-4204 * CVE-2021-4441 * CVE-2021-47106 * CVE-2021-47517 * CVE-2021-47546 * CVE-2022-0500 * CVE-2022-23222 * CVE-2022-38457 * CVE-2022-40133 * CVE-2022-4382 * CVE-2022-48645 * CVE-2022-48706 * CVE-2022-48808 * CVE-2022-48865 * CVE-2022-48868 * CVE-2022-48869 * CVE-2022-48870 * CVE-2022-48871 * CVE-2022-48872 * CVE-2022-48873 * CVE-2022-48875 * CVE-2022-48878 * CVE-2022-48880 * CVE-2022-48881 * CVE-2022-48882 * CVE-2022-48883 * CVE-2022-48884 * CVE-2022-48885 * CVE-2022-48886 * CVE-2022-48887 * CVE-2022-48888 * CVE-2022-48889 * CVE-2022-48890 * CVE-2022-48891 * CVE-2022-48893 * CVE-2022-48896 * CVE-2022-48898 * CVE-2022-48899 * CVE-2022-48903 * CVE-2022-48904 * CVE-2022-48905 * CVE-2022-48906 * CVE-2022-48907 * CVE-2022-48909 * CVE-2022-48910 * CVE-2022-48912 * CVE-2022-48913 * CVE-2022-48914 * CVE-2022-48915 * CVE-2022-48916 * CVE-2022-48917 * CVE-2022-48918 * CVE-2022-48919 * CVE-2022-48920 * CVE-2022-48921 * CVE-2022-48923 * CVE-2022-48924 * CVE-2022-48925 * CVE-2022-48926 * CVE-2022-48927 * CVE-2022-48928 * CVE-2022-48929 * CVE-2022-48930 * CVE-2022-48931 * CVE-2022-48932 * CVE-2022-48934 * CVE-2022-48937 * CVE-2022-48938 * CVE-2022-48939 * CVE-2022-48940 * CVE-2022-48941 * CVE-2022-48942 * CVE-2022-48943 * CVE-2023-3610 * CVE-2023-52458 * CVE-2023-52489 * CVE-2023-52498 * CVE-2023-52581 * CVE-2023-52859 * CVE-2023-52887 * CVE-2023-52889 * CVE-2023-52893 * CVE-2023-52894 * CVE-2023-52896 * CVE-2023-52898 * CVE-2023-52899 * CVE-2023-52900 * CVE-2023-52901 * CVE-2023-52904 * CVE-2023-52905 * CVE-2023-52906 * CVE-2023-52907 * CVE-2023-52908 * CVE-2023-52909 * CVE-2023-52910 * CVE-2023-52911 * CVE-2023-52912 * CVE-2023-52913 * CVE-2024-26631 * CVE-2024-26668 * CVE-2024-26669 * CVE-2024-26677 * CVE-2024-26735 * CVE-2024-26808 * CVE-2024-26812 * CVE-2024-26835 * CVE-2024-26851 * CVE-2024-27010 * CVE-2024-27011 * CVE-2024-27016 * CVE-2024-27024 * CVE-2024-27079 * CVE-2024-27403 * CVE-2024-31076 * CVE-2024-35897 * CVE-2024-35902 * CVE-2024-35945 * CVE-2024-35971 * CVE-2024-36009 * CVE-2024-36013 * CVE-2024-36270 * CVE-2024-36286 * CVE-2024-36489 * CVE-2024-36929 * CVE-2024-36933 * CVE-2024-36936 * CVE-2024-36962 * CVE-2024-38554 * CVE-2024-38602 * CVE-2024-38662 * CVE-2024-39489 * CVE-2024-40905 * CVE-2024-40978 * CVE-2024-40980 * CVE-2024-40995 * CVE-2024-41000 * CVE-2024-41007 * CVE-2024-41009 * CVE-2024-41011 * CVE-2024-41016 * CVE-2024-41020 * CVE-2024-41022 * CVE-2024-41035 * CVE-2024-41036 * CVE-2024-41038 * CVE-2024-41039 * CVE-2024-41042 * CVE-2024-41045 * CVE-2024-41056 * CVE-2024-41060 * CVE-2024-41062 * CVE-2024-41065 * CVE-2024-41068 * CVE-2024-41073 * CVE-2024-41079 * CVE-2024-41080 * CVE-2024-41087 * CVE-2024-41088 * CVE-2024-41089 * CVE-2024-41092 * CVE-2024-41093 * CVE-2024-41095 * CVE-2024-41097 * CVE-2024-41098 * CVE-2024-42069 * CVE-2024-42074 * CVE-2024-42076 * CVE-2024-42077 * CVE-2024-42080 * CVE-2024-42082 * CVE-2024-42085 * CVE-2024-42086 * CVE-2024-42087 * CVE-2024-42089 * CVE-2024-42090 * CVE-2024-42092 * CVE-2024-42095 * CVE-2024-42097 * CVE-2024-42098 * CVE-2024-42101 * CVE-2024-42104 * CVE-2024-42106 * CVE-2024-42107 * CVE-2024-42110 * CVE-2024-42114 * CVE-2024-42115 * CVE-2024-42119 * CVE-2024-42120 * CVE-2024-42121 * CVE-2024-42126 * CVE-2024-42127 * CVE-2024-42130 * CVE-2024-42137 * CVE-2024-42139 * CVE-2024-42142 * CVE-2024-42143 * CVE-2024-42148 * CVE-2024-42152 * CVE-2024-42155 * CVE-2024-42156 * CVE-2024-42157 * CVE-2024-42158 * CVE-2024-42162 * CVE-2024-42223 * CVE-2024-42225 * CVE-2024-42228 * CVE-2024-42229 * CVE-2024-42230 * CVE-2024-42232 * CVE-2024-42236 * CVE-2024-42237 * CVE-2024-42238 * CVE-2024-42239 * CVE-2024-42240 * CVE-2024-42244 * CVE-2024-42246 * CVE-2024-42247 * CVE-2024-42268 * CVE-2024-42271 * CVE-2024-42274 * CVE-2024-42276 * CVE-2024-42277 * CVE-2024-42280 * CVE-2024-42281 * CVE-2024-42283 * CVE-2024-42284 * CVE-2024-42285 * CVE-2024-42286 * CVE-2024-42287 * CVE-2024-42288 * CVE-2024-42289 * CVE-2024-42291 * CVE-2024-42292 * CVE-2024-42295 * CVE-2024-42301 * CVE-2024-42302 * CVE-2024-42308 * CVE-2024-42309 * CVE-2024-42310 * CVE-2024-42311 * CVE-2024-42312 * CVE-2024-42313 * CVE-2024-42315 * CVE-2024-42318 * CVE-2024-42319 * CVE-2024-42320 * CVE-2024-42322 * CVE-2024-43816 * CVE-2024-43818 * CVE-2024-43819 * CVE-2024-43821 * CVE-2024-43823 * CVE-2024-43829 * CVE-2024-43830 * CVE-2024-43831 * CVE-2024-43834 * CVE-2024-43837 * CVE-2024-43839 * CVE-2024-43841 * CVE-2024-43842 * CVE-2024-43846 * CVE-2024-43849 * CVE-2024-43853 * CVE-2024-43854 * CVE-2024-43856 * CVE-2024-43858 * CVE-2024-43860 * CVE-2024-43861 * CVE-2024-43863 * CVE-2024-43866 * CVE-2024-43867 * CVE-2024-43871 * CVE-2024-43872 * CVE-2024-43873 * CVE-2024-43879 * CVE-2024-43880 * CVE-2024-43882 * CVE-2024-43883 * CVE-2024-43884 * CVE-2024-43889 * CVE-2024-43892 * CVE-2024-43893 * CVE-2024-43894 * CVE-2024-43895 * CVE-2024-43899 * CVE-2024-43900 * CVE-2024-43902 * CVE-2024-43903 * CVE-2024-43904 * CVE-2024-43905 * CVE-2024-43907 * CVE-2024-43908 * CVE-2024-43909 * CVE-2024-44938 * CVE-2024-44939 * CVE-2024-44947 CVSS scores: * CVE-2021-4204 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-4204 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2021-4441 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-4441 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47106 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2021-47517 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2021-47546 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47546 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-0500 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-0500 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-23222 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-23222 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-38457 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-38457 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H * CVE-2022-40133 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-40133 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H * CVE-2022-4382 ( SUSE ): 7.4 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-4382 ( NVD ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48706 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48808 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48808 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48865 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48868 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48868 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48869 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48869 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48870 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48870 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2022-48871 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48872 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48872 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48873 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48873 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48875 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48875 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48878 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48878 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-48878 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48880 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48880 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48881 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48881 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48881 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2022-48882 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48882 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48882 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48883 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48883 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48884 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48884 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48885 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2022-48885 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2022-48885 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48886 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48886 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48887 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48887 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48888 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48888 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48889 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48890 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48890 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48891 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48891 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48893 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48896 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48898 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48898 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48899 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48904 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48904 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48905 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48906 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48906 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48907 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48909 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48910 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48910 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48912 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48912 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48913 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48914 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48914 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48915 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48916 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48916 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48917 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48918 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48918 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48919 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48919 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48919 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48920 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48921 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48921 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48923 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48923 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48923 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48924 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48924 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48926 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48926 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48927 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48927 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48928 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48928 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48929 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48929 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48931 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48932 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48932 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48934 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48934 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48937 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48937 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48938 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48938 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48939 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48940 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48940 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48941 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48941 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48942 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48942 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48943 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48943 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3610 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-3610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52458 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52458 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52489 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52498 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52581 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52859 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52887 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2023-52887 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:N * CVE-2023-52889 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52889 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52893 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52894 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52894 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52894 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52896 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52898 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52898 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52898 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52899 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52899 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52900 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52900 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52900 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52904 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52906 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52908 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52908 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52909 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52909 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52910 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52910 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52911 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52912 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2023-52912 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52912 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52913 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52913 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26669 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26677 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26735 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26808 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26812 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26835 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-26851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27010 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27016 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27024 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-27079 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27403 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-31076 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35897 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35945 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35971 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36270 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36286 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-36489 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36929 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36933 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-36936 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-36962 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38554 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38554 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38602 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38662 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38662 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-39489 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-39489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40905 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40978 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40980 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40980 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40995 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40995 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41000 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41000 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41007 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41007 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41009 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41009 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41011 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41011 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-41020 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41020 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41022 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41022 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41035 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41036 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41036 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41038 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2024-41038 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41039 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2024-41039 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41045 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41060 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41060 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41060 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41065 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41065 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41068 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41073 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41073 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41079 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41080 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41087 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41088 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41088 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41089 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41089 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41092 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41092 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41093 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41093 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41095 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41097 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41097 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41098 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42069 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42069 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42074 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42074 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42076 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42076 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42080 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42080 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42082 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42085 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42085 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42086 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42086 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-42087 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-42089 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42092 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42097 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-42097 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-42098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42101 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42101 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42104 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42104 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-42104 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42107 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42114 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42114 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42115 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42115 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42119 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42120 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42121 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42126 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42127 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42130 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42130 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42137 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42137 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42139 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42142 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42143 ( SUSE ): 0.0 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42143 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:N * CVE-2024-42148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42148 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42152 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42152 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42155 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42155 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42155 ( NVD ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N * CVE-2024-42156 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42156 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42157 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42158 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42158 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42162 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42223 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42223 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42225 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42225 ( NVD ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42228 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42228 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42229 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42229 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42230 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42230 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42230 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42236 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-42236 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-42236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42237 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42237 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42238 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42238 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42239 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42239 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42240 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42244 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42244 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42244 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42246 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42247 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42247 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42268 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-42268 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42271 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42271 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42274 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42274 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42276 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42276 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42277 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42277 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42277 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42280 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42281 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42283 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42283 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42284 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42284 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42285 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42285 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42286 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42286 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42287 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42288 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42289 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42291 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42292 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42295 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42301 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42301 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42302 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42302 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42308 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42308 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42309 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42309 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42310 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42310 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42311 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-42311 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42312 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42313 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42313 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42315 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42315 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42318 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42319 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42320 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42322 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43818 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43818 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43819 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43821 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43821 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43823 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43823 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43829 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43830 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43831 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43834 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43837 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43837 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43841 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43842 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43846 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43856 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43858 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43858 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43860 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43860 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43863 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43866 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43867 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43871 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43872 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43873 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43873 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43880 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43883 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43883 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43884 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43884 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43889 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43889 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43889 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43892 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43892 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43892 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43893 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43893 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43894 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43894 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43894 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43895 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43895 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43895 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43899 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43900 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43900 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43902 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43902 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43902 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43903 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43904 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43904 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43905 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43907 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43908 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43908 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43908 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43909 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43909 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43909 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44938 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-44938 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44939 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44939 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44939 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * Legacy Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 An update that solves 296 vulnerabilities, contains two features and has 42 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454). * CVE-2024-36936: Touch soft lockup during memory accept (bsc#1225773). * CVE-2022-48706: Do proper cleanup if IFCVF init fails (bsc#1225524). * CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707). * CVE-2024-41062: Sync sock recv cb and release (bsc#1228576). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500). * CVE-2024-36270: Fix reference in patches.suse/netfilter-tproxy-bail-out-if- IP-has-been-disabled-on.patch (bsc#1226798) * CVE-2023-52489: Fix race in accessing memory_section->usage (bsc#1221326). * CVE-2024-43893: Check uartclk for zero to avoid divide by zero (bsc#1229759). * CVE-2024-43821: Fix a possible null pointer dereference (bsc#1229315). * CVE-2024-43900: Avoid use-after-free in load_firmware_cb() (bsc#1229756). * CVE-2024-44938: Fix shift-out-of-bounds in dbDiscardAG (bsc#1229792). * CVE-2024-44939: Fix null ptr deref in dtInsertEntry (bsc#1229820). * CVE-2024-41087: Fix double free on error (CVE-2024-41087,bsc#1228466). * CVE-2024-42277: Avoid NULL deref in sprd_iommu_hw_en (bsc#1229409). * CVE-2024-43902: Add null checker before passing variables (bsc#1229767). * CVE-2024-43904: Add null checks for 'stream' and 'plane' before dereferencing (bsc#1229768) * CVE-2024-43880: Put back removed metod in struct objagg_ops (bsc#1229481). * CVE-2024-43884: Add error handling to pair_device() (bsc#1229739) * CVE-2024-43899: Fix null pointer deref in dcn20_resource.c (bsc#1229754). * CVE-2022-48920: Get rid of warning on transaction commit when using flushoncommit (bsc#1229658). * CVE-2023-52906: Fix warning during failed attribute validation (bsc#1229527). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) * CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495). * CVE-2024-26812: Struct virqfd kABI workaround (bsc#1222808). * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641) * CVE-2024-27010: Fix mirred deadlock on device recursion (bsc#1223720). * CVE-2022-48906: Correctly set DATA_FIN timeout when number of retransmits is large (bsc#1229605) * CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733). * CVE-2024-42156: Wipe copies of clear-key structures on failure (bsc#1228722). * CVE-2023-52899: Add exception protection processing for vd in axi_chan_handle_err function (bsc#1229569). * CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720). * CVE-2024-26631: Fix data-race in ipv6_mc_down / mld_ifc_work (bsc#1221630). * CVE-2024-43873: Always initialize seqpacket_allow (bsc#1229488) * CVE-2024-40905: Fix possible race in __fib6_drop_pcpu_from() (bsc#1227761) * CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623) * CVE-2021-47106: Fix use-after-free in nft_set_catchall_destroy() (bsc#1220962) * CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool (bsc#1225428). * CVE-2024-36489: Fix missing memory barrier in tls_init (bsc#1226874) * CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427). * CVE-2024-27079: Fix NULL domain on device release (bsc#1223742). * CVE-2024-35897: Discard table flag update with pending basechain deletion (bsc#1224510). * CVE-2024-27403: Restore const specifier in flow_offload_route_init() (bsc#1224415). * CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803). * CVE-2024-43819: Reject memory region operations for ucontrol VMs (bsc#1229290 git-fixes). * CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335). * CVE-2024-26835: Set dormant flag on hook register failure (bsc#1222967). * CVE-2024-26808: Handle NETDEV_UNREGISTER for inet/ingress basechain (bsc#1222634). * CVE-2024-27016: Validate pppoe header (bsc#1223807). * CVE-2024-35945: Prevent nullptr exceptions on ISR (bsc#1224639). * CVE-2023-52581: Fix memleak when more than 255 elements expired (bsc#1220877). * CVE-2024-36013: Fix slab-use-after-free in l2cap_connect() (bsc#1225578). * CVE-2024-43837: Fix updating attached freplace prog in prog_array map (bsc#1229297). * CVE-2024-42291: Add a per-VF limit on number of FDIR filters (bsc#1229374). * CVE-2024-42268: Fix missing lock on sync reset reload (bsc#1229391). * CVE-2024-43834: Fix invalid wait context of page_pool_destroy() (bsc#1229314) * CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801) * CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074) * CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727 CVE-2024-42157 git-fixes). * CVE-2024-26677: Blacklist e7870cf13d20 (" Fix delayed ACKs to not set the reference serial number") (bsc#1222387) * CVE-2024-36009: Blacklist 467324bcfe1a ("ax25: Fix netdev refcount issue") (bsc#1224542) * CVE-2023-52859: Fix use-after-free when register pmu fails (bsc#1225582). * CVE-2024-42280: Fix a use after free in hfcmulti_tx() (bsc#1229388) * CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382) * CVE-2024-42283: Initialize all fields in dumped nexthops (bsc#1229383) * CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357) * CVE-2024-43854: Initialize integrity buffer to zero before writing it to media (bsc#1229345) * CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347) * CVE-2024-42308: Update DRM patch reference (bsc#1229411) * CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407). * CVE-2024-42318: Do not lose track of restrictions on cred_transfer (bsc#1229351). * CVE-2024-26669: Fix chain template offload (bsc#1222350). * CVE-2023-52889: Fix null pointer deref when receiving skb during sock creation (bsc#1229287,). * CVE-2022-48645: Move enetc_set_psfp() out of the common enetc_set_features() (bsc#1223508). * CVE-2024-41007: Use signed arithmetic in tcp_rtx_probe0_timed_out() (bsc#1227863). * CVE-2024-36933: Use correct mac_offset to unwind gso skb in nsh_gso_segment() (bsc#1225832). * CVE-2024-42295: Handle inconsistent state in nilfs_btnode_create_block() (bsc#1229370). * CVE-2024-42319: Move devm_mbox_controller_register() after devm_pm_runtime_enable() (bsc#1229350). * CVE-2024-43860: Skip over memory region when node value is NULL (bsc#1229319). * CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309). * CVE-2024-43849: Protect locator_addr with the main mutex (bsc#1229307). * CVE-2024-43841: Do not use strlen() in const context (bsc#1229304). * CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301). * CVE-2024-41088: Fix infinite loop when xmit fails (bsc#1228469). * CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386). * CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400) * CVE-2024-41080: Fix possible deadlock in io_register_iowq_max_workers() (bsc#1228616). * CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989). * CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959) * CVE-2024-26735: Fix possible use-after-free and null-ptr-deref (bsc#1222372). * CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493). * CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885). * CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501). * CVE-2024-42247: Avoid unaligned 64-bit memory accesses (bsc#1228988). * CVE-2022-48865: Fix kernel panic when enabling bearer (bsc#1228065). * CVE-2023-52498: Fix possible deadlocks in core system-wide PM code (bsc#1221269). * CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579). * CVE-2022-48808: Fix panic when DSA master device unbinds on shutdown (bsc#1227958). * CVE-2024-42095: Fix Errata i2310 with RX FIFO level check (bsc#1228446). * CVE-2024-40978: Fix crash while reading debugfs attribute (bsc#1227929). * CVE-2024-42107: Do not process extts if PTP is disabled (bsc#1228494). * CVE-2024-42139: Fix improper extts handling (bsc#1228503). * CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487). * CVE-2024-42142: E-switch, Create ingress ACL when needed (bsc#1228491). * CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706). * CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482). * CVE-2024-41042: Prefer nft_chain_validate (bsc#1228526). * CVE-2023-3610: Fixed use-after-free vulnerability in nf_tables can be exploited to achieve local privilege escalation (bsc#1213580). * CVE-2024-42228: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (bsc#1228667). * CVE-2024-40995: Fix possible infinite loop in tcf_idr_check_alloc() (bsc#1227830). * CVE-2024-38602: Merge repeat codes in ax25_dev_device_down() (git-fixes CVE-2024-38602 bsc#1226613). * CVE-2024-38554: Fix reference count leak issue of net_device (bsc#1226742). * CVE-2024-36929: Reject skb_copy(_expand) for fraglist GSO skbs (bsc#1225814). * CVE-2024-41009: Fix overrunning reservations in ringbuf (bsc#1228020). * CVE-2024-27024: Fix WARNING in rds_conn_connect_if_down (bsc#1223777). The following non-security bugs were fixed: * Indicate support for IRQ ResourceSource thru _OSC (git-fixes). * Indicate support for the Generic Event Device thru _OSC (git-fixes). * Rework system-level device notification handling (git-fixes). * Drop nocrt parameter (git-fixes). * x86: s2 Post-increment variables when getting constraints (git-fixes). * Do not cross .backup mountpoint from backup volume (git-fixes). * Add HP MP9 G4 Retail System AMS to force connect list (stable-fixes). * Yet more pin fix for HP EliteDesk 800 G4 (stable-fixes). * Add Framework Laptop 13 (Intel Core Ultra) to quirks (stable-fixes). * Fix noise from speakers on Lenovo IdeaPad 3 15IAU7 (git-fixes). * line6: Fix racy access to midibuf (stable-fixes). * Relax start tick time check for slave timer elements (git-fixes). * Add delay quirk for VIVO USB-C-XE710 HEADSET (stable-fixes). * Re-add ScratchAmp quirk entries (git-fixes). * Support Yamaha P-125 quirk entry (stable-fixes). * Fix UBSAN warning in parse_audio_unit() (stable-fixes). * arm64: initialize all values of acpi_early_node_map to (git-fixes) * arm64: initialize all values of acpi_early_node_map to (git-fixes) * arm64: Add Neoverse-V2 part (git-fixes) * arm64: armv8_ Fix warning in isndep cpuhp starting process (git-fixes) * arm64: armv8_ Fix warning in isndep cpuhp starting process (git-fixes) * arm64: Restore spec_bar() macro (git-fixes) * arm64: Add missing .field_width for GIC system registers (git-fixes) * arm64: Fix the visibility of compat hwcaps (git-fixes) * arm64: Force HWCAP to be based on the sysreg visible to (git-fixes) * arm64: Add Cortex-A720 definitions (git-fixes) * arm64: Add Cortex-A725 definitions (git-fixes) * arm64: Add Cortex-X1C definitions (git-fixes) * arm64: Add Cortex-X3 definitions (git-fixes) * arm64: Add Cortex-X4 definitions (git-fixes) * arm64: Add Cortex-X925 definitions (git-fixes) * arm64: Add Neoverse-V3 definitions (git-fixes) * arm64: Increase VOP clk rate on RK3328 (git-fixes) * arm64: Increase VOP clk rate on RK3328 (git-fixes) * arm64: Expand speculative SSBS workaround (again) (git-fixes) * arm64: Expand speculative SSBS workaround (git-fixes) * arm64: Unify speculative SSBS errata logic (git-fixes) Also update default configuration. * arm64: Fix KASAN random tag seed initialization (git-fixes) * arm64: Fix KASAN random tag seed initialization (git-fixes) * wcd938 Correct Soundwire ports mask (git-fixes). * wsa881 Correct Soundwire ports mask (git-fixes). * fix irq scheduling issue with PREEMPT_RT (git-fixes). * Introduce async_schedule_dev_nocall() (bsc#1221269). * Split async_schedule_node_domain() (bsc#1221269). * Fix usage of __hci_cmd_sync_status (git-fixes). * hci_ Fix not handling hibernation actions (git-fixes). * l2 always unlock channel in l2cap_conless_channel() (git-fixes). * L2 Fix deadlock (git-fixes). * Fix a kernel verifier crash in stacksafe() (bsc#1225903). * remove unused declaring of bpf_kprobe_override (git-fixes). * fix leak of qgroup extent records after transaction abort (git-fixes). * make btrfs_destroy_delayed_refs() return void (git-fixes). * remove unnecessary prototype declarations at disk-io.c (git-fixes). * update fs features directory asynchronously (bsc#1226168). * propagate errors from vfs_getxattr() to avoid infinite loop (bsc#1229418). * issue a cap release immediately if no cap exists (bsc#1225162). * periodically flush the cap releases (bsc#1225162). * Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). * cpuidle, Evaluate LPI arch_flags for broadcast timer (git-fixes). * Fix register ID of SPSR_FIQ (git-fixes). * add missing MODULE_DESCRIPTION() macros (stable-fixes). * Add labels for both Valve Steam Deck revisions (stable-fixes). * Add quirk for Aya Neo KUN (stable-fixes). * Add quirk for Lenovo Yoga Tab 3 X90F (stable-fixes). * Add quirk for Nanote UMPC-01 (stable-fixes). * Add quirk for OrangePi Neo (stable-fixes). * drm/amd/amdgpu/imu_v11_0: Increase buffer size to ensure all possible values can be stored (stable-fixes). * Add NULL check for 'afb' before dereferencing in amdgpu_dm_plane_handle_cursor_update (stable-fixes). * avoid using null object of framebuffer (git-fixes). * Fix && vs || typos (git-fixes). * Skip Recompute DSC Params if no Stream on Link (stable-fixes). * Validate hw_points_num before using it (stable-fixes). * Fix the null pointer dereference for vega10_hwmgr (stable-fixes). * Actually check flags for all context ops (stable-fixes). * Add lock around VF RLCG interface (stable-fixes). * fix dereference null return value for the function amdgpu_vm_pt_parent (stable-fixes). * Fix the null pointer dereference to ras_manager (stable-fixes). * Validate TA binary size (stable-fixes). * drm/amdgpu/jpeg2: properly set atomics vmid field (stable-fixes). * Fix the null pointer dereference for smu7 (stable-fixes). * Fix the null pointer dereference in apply_state_adjust_rules (stable-fixes). * Fix the param type of set_power_profile_mode (stable-fixes). * analogix_ properly handle zero sized AUX transactions (stable-fixes). * tc358768: Attempt to fix DSI horizontal timings (stable-fixes). * fix null pointer dereference in drm_client_modeset_probe (git-fixes). * drm/dp_ Skip CSN if topology probing is not done yet (stable-fixes). * set gp bus_stop bit before hard reset (stable-fixes). * reset the link phy params before link training (git-fixes). * cleanup FB if dpu_format_populate_layout fails (git-fixes). * do not play tricks with debug macros (git-fixes). * Zero-initialize iosys_map (stable-fixes). * fix inode->i_blocks for non-512 byte sector size device (git-fixes). * fix potential deadlock on __exfat_get_dentry_set (git-fixes). * redefine DIR_DELETED as the bad cluster number (git-fixes). * support dynamic allocate bh for exfat_entry_set_cache (git-fixes). * fs/netfs/fscache_ add missing "n_accesses" check (bsc#1229453). * Initialize beyond-EOF page contents before setting uptodate (bsc#1229454). * Add might_sleep() to disable_irq() (git-fixes). * Always limit the affinity to online CPUs (git-fixes). * Do not return error on missing optional irq_request_resources() (git-fixes). * Take the proposed affinity at face value if force==true (git-fixes). * genirq/cpuhotplug, x86 Prevent vector leak during CPU offline (git-fixes). * genirq/generic_ Make irq_remove_generic_chip() irqdomain aware (git-fixes). * Fix NULL pointer deref in irq_data_get_affinity_mask() (git-fixes). * Do not try to remove non-existing sysfs files (git-fixes). * Exclude managed interrupts in irq_matrix_allocated() (git-fixes). * Shutdown managed interrupts with unsatifiable affinities (git-fixes). * gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git- fixes). * fix to initialize fields of hfs_inode_info after hfs_alloc_inode() (git- fixes). * i2 Improve handling of stuck alerts (git-fixes). * i2 Send alert notifications to all devices if source not found (git-fixes). * Convert comma to semicolon (git-fixes). * ip6_ Fix broken GRO (bsc#1229444). * ipv6: fix incorrect unregister order (git-fixes). * Drop bogus fwspec-mapping error handling (git-fixes). * Fix association race (git-fixes). * Fix disassociation race (git-fixes). * Fix domain registration race (git-fixes). * Fix mapping-creation race (git-fixes). * Fixed unbalanced fwnode get and put (git-fixes). * Look for existing mapping only once (git-fixes). * Refactor __irq_domain_alloc_irqs() (git-fixes). * Report irq number for NOMAP domains (git-fixes). * Revert "mm: prevent derefencing NULL ptr in pfn_section_valid()" (bsc#1230413). * Revert "mm, kmsan: fix infinite recursion due to RCU critical section" (bsc#1230413). * Revert "mm/sparsemem: fix race in accessing memory_section->usage" (bsc#1230413). * kernel/irq/irqdomain. fix memory leak with using debugfs_lookup() (git- fixes). * Fix to check symbol prefixes correctly (git-fixes). * move from strlcpy with unused retval to strscpy (git-fixes). * protect concurrent access to mem_cgroup_idr (git-fixes). * mm, fix infinite recursion due to RCU critical section (git-fixes). * prevent derefencing NULL ptr in pfn_section_valid() (git-fixes). * dw_ allow biu and ciu clocks to defer (git-fixes). * mmc_ Fix NULL dereference on allocation failure (git-fixes). * ks8851: Fix another TX stall caused by wrong ISR flag handling (git-fixes). * ks8851: Fix deadlock with the SPI chip variant (git-fixes). * ks8851: Fix potential TX stall after interface reopen (git-fixes). * ks8851: Fix TX stall caused by TX buffer overrun (gix-fixes). * Add support for page sizes other than 4KB on ARM64 (jsc#PED-8491 bsc#1226530). * Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154). * Fix race of mana_hwc_post_rx_wqe and new hwc response (git-fixes). * Fix RX buf alloc_size alignment and atomic op panic (bsc#1229086). * remove two BUG() from skb_checksum_help() (bsc#1229312). * qmi_ fix memory leak for not ip packets (git-fixes). * fix possible cp null dereference (git-fixes). * initialize noop_qdisc owner (git-fixes). * pn533: Add poll mod list filling check (git-fixes). * expose /proc/net/sunrpc/nfs in net namespaces (git-fixes). * make the rpc_stat per net namespace (git-fixes). * add posix ACLs to struct nfsd_attrs (git-fixes). * add security label to struct nfsd_attrs (git-fixes). * fix regression with setting ACLs (git-fixes). * Fix strncpy() fortify warning (git-fixes). * Increase NFSD_MAX_OPS_PER_COMPOUND (git-fixes). * introduce struct nfsd_attrs (git-fixes). * move from strlcpy with unused retval to strscpy (git-fixes). * Optimize DRC bucket pruning (git-fixes). * return error if nfs4_setacl fails (git-fixes). * set attributes when creating symlinks (git-fixes). * use locks_inode_context helper (git-fixes). * nilfs2: Remove check for PageError (git-fixes). * nvme_ scan namespaces asynchronously (bsc#1224105). * ocfs2: use coarse time for new created files (git-fixes). * Fix possible divide-by-0 panic in padata_mt_helper() (git-fixes). * perf/smmuv3: Enable HiSilicon Erratum 162001900 quirk for HIP08/09 (git- fixes). * platform/x86 Add support for ACPI based probing (jsc#PED-8779). * platform/x86 Cache pci_dev in struct hsmp_socket (jsc#PED-8779). * platform/x86 Change devm_kzalloc() to devm_kcalloc() (jsc#PED-8779). * platform/x86 Check HSMP support on AMD family of processors (jsc#PED-8779). * platform/x86 Check num_sockets against MAX_AMD_SOCKETS (jsc#PED-8779). * platform/x86 Create static func to handle platdev (jsc#PED-8779). * platform/x86 Define a struct to hold mailbox regs (jsc#PED-8779). * platform/x86 Move dev from platdev to hsmp_socket (jsc#PED-8779). * platform/x86 Move hsmp_test to probe (jsc#PED-8779). * platform/x86 Non-ACPI support for AMD F1A_M00~0Fh (jsc#PED-8779). * platform/x86 Remove extra parenthesis and add a space (jsc#PED-8779). * platform/x86 Restructure sysfs group creation (jsc#PED-8779). * platform/x86 switch to use device_add_groups() (jsc#PED-8779). * axp288_ Fix constant_charge_voltage writes (git-fixes). * axp288_ Round constant_charge_voltage writes down (git-fixes). * Fail build if using recordmcount with binutils v2.37 (bsc#1194869). * Mark .opd section read-only (bsc#1194869). * use generic version of arch_is_kernel_initmem_freed() (bsc#1194869). * xor_ Add '-mhard-float' to CFLAGS (bsc#1194869). * powerpc/64: Set _IO_BASE to POISON_POINTER_DELTA not 0 for CONFIG_PCI=n (bsc#1194869). * Avoid clang null pointer arithmetic warnings (bsc#1194869). * powerpc/kexec_ fix cpus node update to FDT (bsc#1194869). * make the update_cpus_node() function public (bsc#1194869). * split CONFIG_KEXEC_FILE and CONFIG_CRASH_DUMP (bsc#1194869). * Add failure related checks for h_get_mpp and h_get_ppp (bsc#1194869). * Whitelist dtl slub object for copying to userspace (bsc#1194869). * Move some functions into #ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE (bsc#1194869). * Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). * Check cpu id in commands "c#", "dp#" and "dx#" (bsc#1194869). * RDMA/mana_ Use virtual address in dma regions for MRs (git-fixes). * Fix incomplete state save in rxe_requester (git-fixes) * Fix rxe_modify_srq (git-fixes) * Handle zero length rdma (git-fixes) * Move work queue code to subroutines (git-fixes) * s390 get rid of register asm (git-fixes bsc#1227079 bsc#1229187). * s390 Make use of invalid opcode produce a link error (git-fixes bsc#1227079). * s390 Split and rework cpacf query functions (git-fixes bsc#1229187). * s390 fix error checks in dasd_copy_pair_store() (git-fixes bsc#1229190). * s390 fix error recovery leading to data corruption on ESE devices (git-fixes bsc#1229573). * s390 Prevent release of buffer in I/O (git-fixes bsc#1229572). * s390 Panic for set and remove shared access UVC errors (git-fixes bsc#1229188). * Fix scldiv calculation (git-fixes). * add a struct rpc_stats arg to rpc_create_args (git-fixes). * Fix a race to wake a sync task (git-fixes). * fix swiotlb_bounce() to do partial sync's correctly (git-fixes). * fix compat_sys_io_pgetevents_time64 usage (git-fixes). * Return from tracing_buffers_read() if the file has been closed (bsc#1229136 git-fixes). * add check for crypto_shash_tfm_digest (git-fixes). * dbg_orphan_ Fix missed key type checking (git-fixes). * Fix adding orphan entry twice for the same inode (git-fixes). * Fix unattached xattr inode if powercut happens after deleting (git-fixes). * fix potential memory leak in vfio_intx_enable() (git-fixes). * fix wgds rev 3 exact size (git-fixes). * duplicate static structs used in driver instances (git-fixes). * x86 drop the duplicate APM_MINOR_DEV macro (git-fixes). * x86 Fix PUSH instruction in x86 instruction decoder opcode map (git-fixes). * x86 Fix pti_clone_entry_text() for i386 (git-fixes). * x86 Check if fixed MTRRs exist before saving them (git-fixes). * x86 Work around false positive kmemleak report in msr_build_context() (git- fixes). * Fix missing interval for missing_owner in xfs fsmap (git-fixes). * Fix the owner setting issue for rmap query in xfs fsmap (git-fixes). * use XFS_BUF_DADDR_NULL for daddrs in getfsmap code (git-fixes). * Fix Panther point NULL pointer deref at full-speed re-enumeration (git- fixes). * Fix rpcrdma_reqs_reset() (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3483=1 openSUSE-SLE-15.5-2024-3483=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3483=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3483=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3483=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-3483=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-3483=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3483=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-3483=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-3483=1 ## Package List: * openSUSE Leap 15.5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.80.2 * openSUSE Leap 15.5 (noarch) * kernel-docs-html-5.14.21-150500.55.80.2 * kernel-source-5.14.21-150500.55.80.2 * kernel-macros-5.14.21-150500.55.80.2 * kernel-source-vanilla-5.14.21-150500.55.80.2 * kernel-devel-5.14.21-150500.55.80.2 * openSUSE Leap 15.5 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150500.55.80.2 * openSUSE Leap 15.5 (ppc64le x86_64) * kernel-debug-devel-5.14.21-150500.55.80.2 * kernel-debug-livepatch-devel-5.14.21-150500.55.80.2 * kernel-debug-debugsource-5.14.21-150500.55.80.2 * kernel-debug-devel-debuginfo-5.14.21-150500.55.80.2 * kernel-debug-debuginfo-5.14.21-150500.55.80.2 * openSUSE Leap 15.5 (x86_64) * kernel-kvmsmall-vdso-debuginfo-5.14.21-150500.55.80.2 * kernel-kvmsmall-vdso-5.14.21-150500.55.80.2 * kernel-debug-vdso-5.14.21-150500.55.80.2 * kernel-default-vdso-5.14.21-150500.55.80.2 * kernel-debug-vdso-debuginfo-5.14.21-150500.55.80.2 * kernel-default-vdso-debuginfo-5.14.21-150500.55.80.2 * openSUSE Leap 15.5 (aarch64 ppc64le x86_64) * kernel-kvmsmall-livepatch-devel-5.14.21-150500.55.80.2 * kernel-kvmsmall-debugsource-5.14.21-150500.55.80.2 * kernel-kvmsmall-debuginfo-5.14.21-150500.55.80.2 * kernel-default-base-rebuild-5.14.21-150500.55.80.2.150500.6.35.6 * kernel-kvmsmall-devel-debuginfo-5.14.21-150500.55.80.2 * kernel-kvmsmall-devel-5.14.21-150500.55.80.2 * kernel-default-base-5.14.21-150500.55.80.2.150500.6.35.6 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-5.14.21-150500.55.80.2 * kernel-default-debugsource-5.14.21-150500.55.80.2 * gfs2-kmp-default-5.14.21-150500.55.80.2 * dlm-kmp-default-debuginfo-5.14.21-150500.55.80.2 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.80.2 * kernel-default-debuginfo-5.14.21-150500.55.80.2 * kernel-obs-build-debugsource-5.14.21-150500.55.80.1 * kernel-default-optional-debuginfo-5.14.21-150500.55.80.2 * cluster-md-kmp-default-5.14.21-150500.55.80.2 * kernel-default-livepatch-5.14.21-150500.55.80.2 * dlm-kmp-default-5.14.21-150500.55.80.2 * kernel-default-extra-5.14.21-150500.55.80.2 * kernel-syms-5.14.21-150500.55.80.1 * kernel-obs-qa-5.14.21-150500.55.80.1 * kselftests-kmp-default-5.14.21-150500.55.80.2 * kernel-default-livepatch-devel-5.14.21-150500.55.80.2 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.80.2 * ocfs2-kmp-default-5.14.21-150500.55.80.2 * kernel-default-devel-debuginfo-5.14.21-150500.55.80.2 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.80.2 * kselftests-kmp-default-debuginfo-5.14.21-150500.55.80.2 * kernel-obs-build-5.14.21-150500.55.80.1 * kernel-default-extra-debuginfo-5.14.21-150500.55.80.2 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.80.2 * kernel-default-optional-5.14.21-150500.55.80.2 * reiserfs-kmp-default-5.14.21-150500.55.80.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.80.2 * openSUSE Leap 15.5 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150500.55.80.2 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-1-150500.11.3.2 * kernel-livepatch-SLE15-SP5_Update_19-debugsource-1-150500.11.3.2 * kernel-livepatch-5_14_21-150500_55_80-default-1-150500.11.3.2 * openSUSE Leap 15.5 (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.80.2 * openSUSE Leap 15.5 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150500.55.80.2 * kernel-zfcpdump-debugsource-5.14.21-150500.55.80.2 * openSUSE Leap 15.5 (nosrc) * dtb-aarch64-5.14.21-150500.55.80.1 * openSUSE Leap 15.5 (aarch64) * dtb-arm-5.14.21-150500.55.80.1 * gfs2-kmp-64kb-5.14.21-150500.55.80.2 * kernel-64kb-debuginfo-5.14.21-150500.55.80.2 * dtb-amazon-5.14.21-150500.55.80.1 * kernel-64kb-debugsource-5.14.21-150500.55.80.2 * dtb-altera-5.14.21-150500.55.80.1 * kernel-64kb-optional-debuginfo-5.14.21-150500.55.80.2 * dtb-lg-5.14.21-150500.55.80.1 * dtb-exynos-5.14.21-150500.55.80.1 * dtb-rockchip-5.14.21-150500.55.80.1 * dtb-qcom-5.14.21-150500.55.80.1 * ocfs2-kmp-64kb-5.14.21-150500.55.80.2 * dtb-amlogic-5.14.21-150500.55.80.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.80.2 * kselftests-kmp-64kb-5.14.21-150500.55.80.2 * dtb-nvidia-5.14.21-150500.55.80.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150500.55.80.2 * cluster-md-kmp-64kb-5.14.21-150500.55.80.2 * dtb-amd-5.14.21-150500.55.80.1 * dtb-xilinx-5.14.21-150500.55.80.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150500.55.80.2 * dlm-kmp-64kb-debuginfo-5.14.21-150500.55.80.2 * dtb-allwinner-5.14.21-150500.55.80.1 * dtb-broadcom-5.14.21-150500.55.80.1 * dtb-socionext-5.14.21-150500.55.80.1 * dtb-sprd-5.14.21-150500.55.80.1 * dtb-freescale-5.14.21-150500.55.80.1 * kernel-64kb-devel-5.14.21-150500.55.80.2 * dtb-apm-5.14.21-150500.55.80.1 * dtb-apple-5.14.21-150500.55.80.1 * dlm-kmp-64kb-5.14.21-150500.55.80.2 * kernel-64kb-optional-5.14.21-150500.55.80.2 * reiserfs-kmp-64kb-5.14.21-150500.55.80.2 * cluster-md-kmp-64kb-debuginfo-5.14.21-150500.55.80.2 * kernel-64kb-extra-5.14.21-150500.55.80.2 * ocfs2-kmp-64kb-debuginfo-5.14.21-150500.55.80.2 * dtb-cavium-5.14.21-150500.55.80.1 * dtb-marvell-5.14.21-150500.55.80.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150500.55.80.2 * kernel-64kb-livepatch-devel-5.14.21-150500.55.80.2 * dtb-hisilicon-5.14.21-150500.55.80.1 * dtb-mediatek-5.14.21-150500.55.80.1 * dtb-renesas-5.14.21-150500.55.80.1 * kernel-64kb-extra-debuginfo-5.14.21-150500.55.80.2 * openSUSE Leap 15.5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.80.2 * openSUSE Leap Micro 5.5 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150500.55.80.2 * openSUSE Leap Micro 5.5 (aarch64 x86_64) * kernel-default-base-5.14.21-150500.55.80.2.150500.6.35.6 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150500.55.80.2 * kernel-default-debugsource-5.14.21-150500.55.80.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.80.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * kernel-default-base-5.14.21-150500.55.80.2.150500.6.35.6 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-5.14.21-150500.55.80.2 * kernel-default-debugsource-5.14.21-150500.55.80.2 * Basesystem Module 15-SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.80.2 * Basesystem Module 15-SP5 (aarch64) * kernel-64kb-debuginfo-5.14.21-150500.55.80.2 * kernel-64kb-debugsource-5.14.21-150500.55.80.2 * kernel-64kb-devel-5.14.21-150500.55.80.2 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.80.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.80.2 * Basesystem Module 15-SP5 (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150500.55.80.2.150500.6.35.6 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-5.14.21-150500.55.80.2 * kernel-default-devel-debuginfo-5.14.21-150500.55.80.2 * kernel-default-debuginfo-5.14.21-150500.55.80.2 * kernel-default-debugsource-5.14.21-150500.55.80.2 * Basesystem Module 15-SP5 (noarch) * kernel-macros-5.14.21-150500.55.80.2 * kernel-devel-5.14.21-150500.55.80.2 * Basesystem Module 15-SP5 (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.80.2 * Basesystem Module 15-SP5 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150500.55.80.2 * kernel-zfcpdump-debugsource-5.14.21-150500.55.80.2 * Development Tools Module 15-SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.80.2 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-5.14.21-150500.55.80.1 * kernel-syms-5.14.21-150500.55.80.1 * kernel-obs-build-debugsource-5.14.21-150500.55.80.1 * Development Tools Module 15-SP5 (noarch) * kernel-source-5.14.21-150500.55.80.2 * Legacy Module 15-SP5 (nosrc) * kernel-default-5.14.21-150500.55.80.2 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.80.2 * reiserfs-kmp-default-5.14.21-150500.55.80.2 * kernel-default-debuginfo-5.14.21-150500.55.80.2 * kernel-default-debugsource-5.14.21-150500.55.80.2 * SUSE Linux Enterprise Live Patching 15-SP5 (nosrc) * kernel-default-5.14.21-150500.55.80.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_19-debugsource-1-150500.11.3.2 * kernel-default-debugsource-5.14.21-150500.55.80.2 * kernel-default-debuginfo-5.14.21-150500.55.80.2 * kernel-livepatch-5_14_21-150500_55_80-default-1-150500.11.3.2 * kernel-default-livepatch-devel-5.14.21-150500.55.80.2 * kernel-livepatch-5_14_21-150500_55_80-default-debuginfo-1-150500.11.3.2 * kernel-default-livepatch-5.14.21-150500.55.80.2 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * dlm-kmp-default-5.14.21-150500.55.80.2 * dlm-kmp-default-debuginfo-5.14.21-150500.55.80.2 * kernel-default-debugsource-5.14.21-150500.55.80.2 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.80.2 * kernel-default-debuginfo-5.14.21-150500.55.80.2 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.80.2 * gfs2-kmp-default-5.14.21-150500.55.80.2 * ocfs2-kmp-default-5.14.21-150500.55.80.2 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.80.2 * cluster-md-kmp-default-5.14.21-150500.55.80.2 * SUSE Linux Enterprise High Availability Extension 15 SP5 (nosrc) * kernel-default-5.14.21-150500.55.80.2 * SUSE Linux Enterprise Workstation Extension 15 SP5 (nosrc) * kernel-default-5.14.21-150500.55.80.2 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * kernel-default-extra-5.14.21-150500.55.80.2 * kernel-default-debuginfo-5.14.21-150500.55.80.2 * kernel-default-extra-debuginfo-5.14.21-150500.55.80.2 * kernel-default-debugsource-5.14.21-150500.55.80.2 ## References: * https://www.suse.com/security/cve/CVE-2021-4204.html * https://www.suse.com/security/cve/CVE-2021-4441.html * https://www.suse.com/security/cve/CVE-2021-47106.html * https://www.suse.com/security/cve/CVE-2021-47517.html * https://www.suse.com/security/cve/CVE-2021-47546.html * https://www.suse.com/security/cve/CVE-2022-0500.html * https://www.suse.com/security/cve/CVE-2022-23222.html * https://www.suse.com/security/cve/CVE-2022-38457.html * https://www.suse.com/security/cve/CVE-2022-40133.html * https://www.suse.com/security/cve/CVE-2022-4382.html * https://www.suse.com/security/cve/CVE-2022-48645.html * https://www.suse.com/security/cve/CVE-2022-48706.html * https://www.suse.com/security/cve/CVE-2022-48808.html * https://www.suse.com/security/cve/CVE-2022-48865.html * https://www.suse.com/security/cve/CVE-2022-48868.html * https://www.suse.com/security/cve/CVE-2022-48869.html * https://www.suse.com/security/cve/CVE-2022-48870.html * https://www.suse.com/security/cve/CVE-2022-48871.html * https://www.suse.com/security/cve/CVE-2022-48872.html * https://www.suse.com/security/cve/CVE-2022-48873.html * https://www.suse.com/security/cve/CVE-2022-48875.html * https://www.suse.com/security/cve/CVE-2022-48878.html * https://www.suse.com/security/cve/CVE-2022-48880.html * https://www.suse.com/security/cve/CVE-2022-48881.html * https://www.suse.com/security/cve/CVE-2022-48882.html * https://www.suse.com/security/cve/CVE-2022-48883.html * https://www.suse.com/security/cve/CVE-2022-48884.html * https://www.suse.com/security/cve/CVE-2022-48885.html * https://www.suse.com/security/cve/CVE-2022-48886.html * https://www.suse.com/security/cve/CVE-2022-48887.html * https://www.suse.com/security/cve/CVE-2022-48888.html * https://www.suse.com/security/cve/CVE-2022-48889.html * https://www.suse.com/security/cve/CVE-2022-48890.html * https://www.suse.com/security/cve/CVE-2022-48891.html * https://www.suse.com/security/cve/CVE-2022-48893.html * https://www.suse.com/security/cve/CVE-2022-48896.html * https://www.suse.com/security/cve/CVE-2022-48898.html * https://www.suse.com/security/cve/CVE-2022-48899.html * https://www.suse.com/security/cve/CVE-2022-48903.html * https://www.suse.com/security/cve/CVE-2022-48904.html * https://www.suse.com/security/cve/CVE-2022-48905.html * https://www.suse.com/security/cve/CVE-2022-48906.html * https://www.suse.com/security/cve/CVE-2022-48907.html * https://www.suse.com/security/cve/CVE-2022-48909.html * https://www.suse.com/security/cve/CVE-2022-48910.html * https://www.suse.com/security/cve/CVE-2022-48912.html * https://www.suse.com/security/cve/CVE-2022-48913.html * https://www.suse.com/security/cve/CVE-2022-48914.html * https://www.suse.com/security/cve/CVE-2022-48915.html * https://www.suse.com/security/cve/CVE-2022-48916.html * https://www.suse.com/security/cve/CVE-2022-48917.html * https://www.suse.com/security/cve/CVE-2022-48918.html * https://www.suse.com/security/cve/CVE-2022-48919.html * https://www.suse.com/security/cve/CVE-2022-48920.html * https://www.suse.com/security/cve/CVE-2022-48921.html * https://www.suse.com/security/cve/CVE-2022-48923.html * https://www.suse.com/security/cve/CVE-2022-48924.html * https://www.suse.com/security/cve/CVE-2022-48925.html * https://www.suse.com/security/cve/CVE-2022-48926.html * https://www.suse.com/security/cve/CVE-2022-48927.html * https://www.suse.com/security/cve/CVE-2022-48928.html * https://www.suse.com/security/cve/CVE-2022-48929.html * https://www.suse.com/security/cve/CVE-2022-48930.html * https://www.suse.com/security/cve/CVE-2022-48931.html * https://www.suse.com/security/cve/CVE-2022-48932.html * https://www.suse.com/security/cve/CVE-2022-48934.html * https://www.suse.com/security/cve/CVE-2022-48937.html * https://www.suse.com/security/cve/CVE-2022-48938.html * https://www.suse.com/security/cve/CVE-2022-48939.html * https://www.suse.com/security/cve/CVE-2022-48940.html * https://www.suse.com/security/cve/CVE-2022-48941.html * https://www.suse.com/security/cve/CVE-2022-48942.html * https://www.suse.com/security/cve/CVE-2022-48943.html * https://www.suse.com/security/cve/CVE-2023-3610.html * https://www.suse.com/security/cve/CVE-2023-52458.html * https://www.suse.com/security/cve/CVE-2023-52489.html * https://www.suse.com/security/cve/CVE-2023-52498.html * https://www.suse.com/security/cve/CVE-2023-52581.html * https://www.suse.com/security/cve/CVE-2023-52859.html * https://www.suse.com/security/cve/CVE-2023-52887.html * https://www.suse.com/security/cve/CVE-2023-52889.html * https://www.suse.com/security/cve/CVE-2023-52893.html * https://www.suse.com/security/cve/CVE-2023-52894.html * https://www.suse.com/security/cve/CVE-2023-52896.html * https://www.suse.com/security/cve/CVE-2023-52898.html * https://www.suse.com/security/cve/CVE-2023-52899.html * https://www.suse.com/security/cve/CVE-2023-52900.html * https://www.suse.com/security/cve/CVE-2023-52901.html * https://www.suse.com/security/cve/CVE-2023-52904.html * https://www.suse.com/security/cve/CVE-2023-52905.html * https://www.suse.com/security/cve/CVE-2023-52906.html * https://www.suse.com/security/cve/CVE-2023-52907.html * https://www.suse.com/security/cve/CVE-2023-52908.html * https://www.suse.com/security/cve/CVE-2023-52909.html * https://www.suse.com/security/cve/CVE-2023-52910.html * https://www.suse.com/security/cve/CVE-2023-52911.html * https://www.suse.com/security/cve/CVE-2023-52912.html * https://www.suse.com/security/cve/CVE-2023-52913.html * https://www.suse.com/security/cve/CVE-2024-26631.html * https://www.suse.com/security/cve/CVE-2024-26668.html * https://www.suse.com/security/cve/CVE-2024-26669.html * https://www.suse.com/security/cve/CVE-2024-26677.html * https://www.suse.com/security/cve/CVE-2024-26735.html * https://www.suse.com/security/cve/CVE-2024-26808.html * https://www.suse.com/security/cve/CVE-2024-26812.html * https://www.suse.com/security/cve/CVE-2024-26835.html * https://www.suse.com/security/cve/CVE-2024-26851.html * https://www.suse.com/security/cve/CVE-2024-27010.html * https://www.suse.com/security/cve/CVE-2024-27011.html * https://www.suse.com/security/cve/CVE-2024-27016.html * https://www.suse.com/security/cve/CVE-2024-27024.html * https://www.suse.com/security/cve/CVE-2024-27079.html * https://www.suse.com/security/cve/CVE-2024-27403.html * https://www.suse.com/security/cve/CVE-2024-31076.html * https://www.suse.com/security/cve/CVE-2024-35897.html * https://www.suse.com/security/cve/CVE-2024-35902.html * https://www.suse.com/security/cve/CVE-2024-35945.html * https://www.suse.com/security/cve/CVE-2024-35971.html * https://www.suse.com/security/cve/CVE-2024-36009.html * https://www.suse.com/security/cve/CVE-2024-36013.html * https://www.suse.com/security/cve/CVE-2024-36270.html * https://www.suse.com/security/cve/CVE-2024-36286.html * https://www.suse.com/security/cve/CVE-2024-36489.html * https://www.suse.com/security/cve/CVE-2024-36929.html * https://www.suse.com/security/cve/CVE-2024-36933.html * https://www.suse.com/security/cve/CVE-2024-36936.html * https://www.suse.com/security/cve/CVE-2024-36962.html * https://www.suse.com/security/cve/CVE-2024-38554.html * https://www.suse.com/security/cve/CVE-2024-38602.html * https://www.suse.com/security/cve/CVE-2024-38662.html * https://www.suse.com/security/cve/CVE-2024-39489.html * https://www.suse.com/security/cve/CVE-2024-40905.html * https://www.suse.com/security/cve/CVE-2024-40978.html * https://www.suse.com/security/cve/CVE-2024-40980.html * https://www.suse.com/security/cve/CVE-2024-40995.html * https://www.suse.com/security/cve/CVE-2024-41000.html * https://www.suse.com/security/cve/CVE-2024-41007.html * https://www.suse.com/security/cve/CVE-2024-41009.html * https://www.suse.com/security/cve/CVE-2024-41011.html * https://www.suse.com/security/cve/CVE-2024-41016.html * https://www.suse.com/security/cve/CVE-2024-41020.html * https://www.suse.com/security/cve/CVE-2024-41022.html * https://www.suse.com/security/cve/CVE-2024-41035.html * https://www.suse.com/security/cve/CVE-2024-41036.html * https://www.suse.com/security/cve/CVE-2024-41038.html * https://www.suse.com/security/cve/CVE-2024-41039.html * https://www.suse.com/security/cve/CVE-2024-41042.html * https://www.suse.com/security/cve/CVE-2024-41045.html * https://www.suse.com/security/cve/CVE-2024-41056.html * https://www.suse.com/security/cve/CVE-2024-41060.html * https://www.suse.com/security/cve/CVE-2024-41062.html * https://www.suse.com/security/cve/CVE-2024-41065.html * https://www.suse.com/security/cve/CVE-2024-41068.html * https://www.suse.com/security/cve/CVE-2024-41073.html * https://www.suse.com/security/cve/CVE-2024-41079.html * https://www.suse.com/security/cve/CVE-2024-41080.html * https://www.suse.com/security/cve/CVE-2024-41087.html * https://www.suse.com/security/cve/CVE-2024-41088.html * https://www.suse.com/security/cve/CVE-2024-41089.html * https://www.suse.com/security/cve/CVE-2024-41092.html * https://www.suse.com/security/cve/CVE-2024-41093.html * https://www.suse.com/security/cve/CVE-2024-41095.html * https://www.suse.com/security/cve/CVE-2024-41097.html * https://www.suse.com/security/cve/CVE-2024-41098.html * https://www.suse.com/security/cve/CVE-2024-42069.html * https://www.suse.com/security/cve/CVE-2024-42074.html * https://www.suse.com/security/cve/CVE-2024-42076.html * https://www.suse.com/security/cve/CVE-2024-42077.html * https://www.suse.com/security/cve/CVE-2024-42080.html * https://www.suse.com/security/cve/CVE-2024-42082.html * https://www.suse.com/security/cve/CVE-2024-42085.html * https://www.suse.com/security/cve/CVE-2024-42086.html * https://www.suse.com/security/cve/CVE-2024-42087.html * https://www.suse.com/security/cve/CVE-2024-42089.html * https://www.suse.com/security/cve/CVE-2024-42090.html * https://www.suse.com/security/cve/CVE-2024-42092.html * https://www.suse.com/security/cve/CVE-2024-42095.html * https://www.suse.com/security/cve/CVE-2024-42097.html * https://www.suse.com/security/cve/CVE-2024-42098.html * https://www.suse.com/security/cve/CVE-2024-42101.html * https://www.suse.com/security/cve/CVE-2024-42104.html * https://www.suse.com/security/cve/CVE-2024-42106.html * https://www.suse.com/security/cve/CVE-2024-42107.html * https://www.suse.com/security/cve/CVE-2024-42110.html * https://www.suse.com/security/cve/CVE-2024-42114.html * https://www.suse.com/security/cve/CVE-2024-42115.html * https://www.suse.com/security/cve/CVE-2024-42119.html * https://www.suse.com/security/cve/CVE-2024-42120.html * https://www.suse.com/security/cve/CVE-2024-42121.html * https://www.suse.com/security/cve/CVE-2024-42126.html * https://www.suse.com/security/cve/CVE-2024-42127.html * https://www.suse.com/security/cve/CVE-2024-42130.html * https://www.suse.com/security/cve/CVE-2024-42137.html * https://www.suse.com/security/cve/CVE-2024-42139.html * https://www.suse.com/security/cve/CVE-2024-42142.html * https://www.suse.com/security/cve/CVE-2024-42143.html * https://www.suse.com/security/cve/CVE-2024-42148.html * https://www.suse.com/security/cve/CVE-2024-42152.html * https://www.suse.com/security/cve/CVE-2024-42155.html * https://www.suse.com/security/cve/CVE-2024-42156.html * https://www.suse.com/security/cve/CVE-2024-42157.html * https://www.suse.com/security/cve/CVE-2024-42158.html * https://www.suse.com/security/cve/CVE-2024-42162.html * https://www.suse.com/security/cve/CVE-2024-42223.html * https://www.suse.com/security/cve/CVE-2024-42225.html * https://www.suse.com/security/cve/CVE-2024-42228.html * https://www.suse.com/security/cve/CVE-2024-42229.html * https://www.suse.com/security/cve/CVE-2024-42230.html * https://www.suse.com/security/cve/CVE-2024-42232.html * https://www.suse.com/security/cve/CVE-2024-42236.html * https://www.suse.com/security/cve/CVE-2024-42237.html * https://www.suse.com/security/cve/CVE-2024-42238.html * https://www.suse.com/security/cve/CVE-2024-42239.html * https://www.suse.com/security/cve/CVE-2024-42240.html * https://www.suse.com/security/cve/CVE-2024-42244.html * https://www.suse.com/security/cve/CVE-2024-42246.html * https://www.suse.com/security/cve/CVE-2024-42247.html * https://www.suse.com/security/cve/CVE-2024-42268.html * https://www.suse.com/security/cve/CVE-2024-42271.html * https://www.suse.com/security/cve/CVE-2024-42274.html * https://www.suse.com/security/cve/CVE-2024-42276.html * https://www.suse.com/security/cve/CVE-2024-42277.html * https://www.suse.com/security/cve/CVE-2024-42280.html * https://www.suse.com/security/cve/CVE-2024-42281.html * https://www.suse.com/security/cve/CVE-2024-42283.html * https://www.suse.com/security/cve/CVE-2024-42284.html * https://www.suse.com/security/cve/CVE-2024-42285.html * https://www.suse.com/security/cve/CVE-2024-42286.html * https://www.suse.com/security/cve/CVE-2024-42287.html * https://www.suse.com/security/cve/CVE-2024-42288.html * https://www.suse.com/security/cve/CVE-2024-42289.html * https://www.suse.com/security/cve/CVE-2024-42291.html * https://www.suse.com/security/cve/CVE-2024-42292.html * https://www.suse.com/security/cve/CVE-2024-42295.html * https://www.suse.com/security/cve/CVE-2024-42301.html * https://www.suse.com/security/cve/CVE-2024-42302.html * https://www.suse.com/security/cve/CVE-2024-42308.html * https://www.suse.com/security/cve/CVE-2024-42309.html * https://www.suse.com/security/cve/CVE-2024-42310.html * https://www.suse.com/security/cve/CVE-2024-42311.html * https://www.suse.com/security/cve/CVE-2024-42312.html * https://www.suse.com/security/cve/CVE-2024-42313.html * https://www.suse.com/security/cve/CVE-2024-42315.html * https://www.suse.com/security/cve/CVE-2024-42318.html * https://www.suse.com/security/cve/CVE-2024-42319.html * https://www.suse.com/security/cve/CVE-2024-42320.html * https://www.suse.com/security/cve/CVE-2024-42322.html * https://www.suse.com/security/cve/CVE-2024-43816.html * https://www.suse.com/security/cve/CVE-2024-43818.html * https://www.suse.com/security/cve/CVE-2024-43819.html * https://www.suse.com/security/cve/CVE-2024-43821.html * https://www.suse.com/security/cve/CVE-2024-43823.html * https://www.suse.com/security/cve/CVE-2024-43829.html * https://www.suse.com/security/cve/CVE-2024-43830.html * https://www.suse.com/security/cve/CVE-2024-43831.html * https://www.suse.com/security/cve/CVE-2024-43834.html * https://www.suse.com/security/cve/CVE-2024-43837.html * https://www.suse.com/security/cve/CVE-2024-43839.html * https://www.suse.com/security/cve/CVE-2024-43841.html * https://www.suse.com/security/cve/CVE-2024-43842.html * https://www.suse.com/security/cve/CVE-2024-43846.html * https://www.suse.com/security/cve/CVE-2024-43849.html * https://www.suse.com/security/cve/CVE-2024-43853.html * https://www.suse.com/security/cve/CVE-2024-43854.html * https://www.suse.com/security/cve/CVE-2024-43856.html * https://www.suse.com/security/cve/CVE-2024-43858.html * https://www.suse.com/security/cve/CVE-2024-43860.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-43863.html * https://www.suse.com/security/cve/CVE-2024-43866.html * https://www.suse.com/security/cve/CVE-2024-43867.html * https://www.suse.com/security/cve/CVE-2024-43871.html * https://www.suse.com/security/cve/CVE-2024-43872.html * https://www.suse.com/security/cve/CVE-2024-43873.html * https://www.suse.com/security/cve/CVE-2024-43879.html * https://www.suse.com/security/cve/CVE-2024-43880.html * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-43883.html * https://www.suse.com/security/cve/CVE-2024-43884.html * https://www.suse.com/security/cve/CVE-2024-43889.html * https://www.suse.com/security/cve/CVE-2024-43892.html * https://www.suse.com/security/cve/CVE-2024-43893.html * https://www.suse.com/security/cve/CVE-2024-43894.html * https://www.suse.com/security/cve/CVE-2024-43895.html * https://www.suse.com/security/cve/CVE-2024-43899.html * https://www.suse.com/security/cve/CVE-2024-43900.html * https://www.suse.com/security/cve/CVE-2024-43902.html * https://www.suse.com/security/cve/CVE-2024-43903.html * https://www.suse.com/security/cve/CVE-2024-43904.html * https://www.suse.com/security/cve/CVE-2024-43905.html * https://www.suse.com/security/cve/CVE-2024-43907.html * https://www.suse.com/security/cve/CVE-2024-43908.html * https://www.suse.com/security/cve/CVE-2024-43909.html * https://www.suse.com/security/cve/CVE-2024-44938.html * https://www.suse.com/security/cve/CVE-2024-44939.html * https://www.suse.com/security/cve/CVE-2024-44947.html * https://bugzilla.suse.com/show_bug.cgi?id=1193629 * https://bugzilla.suse.com/show_bug.cgi?id=1194111 * https://bugzilla.suse.com/show_bug.cgi?id=1194765 * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1196261 * https://bugzilla.suse.com/show_bug.cgi?id=1196516 * https://bugzilla.suse.com/show_bug.cgi?id=1196894 * https://bugzilla.suse.com/show_bug.cgi?id=1198017 * https://bugzilla.suse.com/show_bug.cgi?id=1203329 * https://bugzilla.suse.com/show_bug.cgi?id=1203330 * https://bugzilla.suse.com/show_bug.cgi?id=1203360 * https://bugzilla.suse.com/show_bug.cgi?id=1205462 * https://bugzilla.suse.com/show_bug.cgi?id=1206006 * https://bugzilla.suse.com/show_bug.cgi?id=1206258 * https://bugzilla.suse.com/show_bug.cgi?id=1206843 * https://bugzilla.suse.com/show_bug.cgi?id=1207158 * https://bugzilla.suse.com/show_bug.cgi?id=1208783 * https://bugzilla.suse.com/show_bug.cgi?id=1210644 * https://bugzilla.suse.com/show_bug.cgi?id=1213580 * https://bugzilla.suse.com/show_bug.cgi?id=1213632 * https://bugzilla.suse.com/show_bug.cgi?id=1214285 * https://bugzilla.suse.com/show_bug.cgi?id=1216834 * https://bugzilla.suse.com/show_bug.cgi?id=1220428 * https://bugzilla.suse.com/show_bug.cgi?id=1220877 * https://bugzilla.suse.com/show_bug.cgi?id=1220962 * https://bugzilla.suse.com/show_bug.cgi?id=1221269 * https://bugzilla.suse.com/show_bug.cgi?id=1221326 * https://bugzilla.suse.com/show_bug.cgi?id=1221630 * https://bugzilla.suse.com/show_bug.cgi?id=1221645 * https://bugzilla.suse.com/show_bug.cgi?id=1222335 * https://bugzilla.suse.com/show_bug.cgi?id=1222350 * https://bugzilla.suse.com/show_bug.cgi?id=1222372 * https://bugzilla.suse.com/show_bug.cgi?id=1222387 * https://bugzilla.suse.com/show_bug.cgi?id=1222634 * https://bugzilla.suse.com/show_bug.cgi?id=1222808 * https://bugzilla.suse.com/show_bug.cgi?id=1222967 * https://bugzilla.suse.com/show_bug.cgi?id=1223074 * https://bugzilla.suse.com/show_bug.cgi?id=1223191 * https://bugzilla.suse.com/show_bug.cgi?id=1223508 * https://bugzilla.suse.com/show_bug.cgi?id=1223720 * https://bugzilla.suse.com/show_bug.cgi?id=1223742 * https://bugzilla.suse.com/show_bug.cgi?id=1223777 * https://bugzilla.suse.com/show_bug.cgi?id=1223803 * https://bugzilla.suse.com/show_bug.cgi?id=1223807 * https://bugzilla.suse.com/show_bug.cgi?id=1224105 * https://bugzilla.suse.com/show_bug.cgi?id=1224415 * https://bugzilla.suse.com/show_bug.cgi?id=1224496 * https://bugzilla.suse.com/show_bug.cgi?id=1224510 * https://bugzilla.suse.com/show_bug.cgi?id=1224542 * https://bugzilla.suse.com/show_bug.cgi?id=1224578 * https://bugzilla.suse.com/show_bug.cgi?id=1224639 * https://bugzilla.suse.com/show_bug.cgi?id=1225162 * https://bugzilla.suse.com/show_bug.cgi?id=1225352 * https://bugzilla.suse.com/show_bug.cgi?id=1225428 * https://bugzilla.suse.com/show_bug.cgi?id=1225524 * https://bugzilla.suse.com/show_bug.cgi?id=1225578 * https://bugzilla.suse.com/show_bug.cgi?id=1225582 * https://bugzilla.suse.com/show_bug.cgi?id=1225773 * https://bugzilla.suse.com/show_bug.cgi?id=1225814 * https://bugzilla.suse.com/show_bug.cgi?id=1225827 * https://bugzilla.suse.com/show_bug.cgi?id=1225832 * https://bugzilla.suse.com/show_bug.cgi?id=1225903 * https://bugzilla.suse.com/show_bug.cgi?id=1226168 * https://bugzilla.suse.com/show_bug.cgi?id=1226530 * https://bugzilla.suse.com/show_bug.cgi?id=1226613 * https://bugzilla.suse.com/show_bug.cgi?id=1226742 * https://bugzilla.suse.com/show_bug.cgi?id=1226765 * https://bugzilla.suse.com/show_bug.cgi?id=1226798 * https://bugzilla.suse.com/show_bug.cgi?id=1226801 * https://bugzilla.suse.com/show_bug.cgi?id=1226874 * https://bugzilla.suse.com/show_bug.cgi?id=1226885 * https://bugzilla.suse.com/show_bug.cgi?id=1227079 * https://bugzilla.suse.com/show_bug.cgi?id=1227623 * https://bugzilla.suse.com/show_bug.cgi?id=1227761 * https://bugzilla.suse.com/show_bug.cgi?id=1227830 * https://bugzilla.suse.com/show_bug.cgi?id=1227863 * https://bugzilla.suse.com/show_bug.cgi?id=1227867 * https://bugzilla.suse.com/show_bug.cgi?id=1227929 * https://bugzilla.suse.com/show_bug.cgi?id=1227937 * https://bugzilla.suse.com/show_bug.cgi?id=1227958 * https://bugzilla.suse.com/show_bug.cgi?id=1228020 * https://bugzilla.suse.com/show_bug.cgi?id=1228065 * https://bugzilla.suse.com/show_bug.cgi?id=1228114 * https://bugzilla.suse.com/show_bug.cgi?id=1228410 * https://bugzilla.suse.com/show_bug.cgi?id=1228426 * https://bugzilla.suse.com/show_bug.cgi?id=1228427 * https://bugzilla.suse.com/show_bug.cgi?id=1228429 * https://bugzilla.suse.com/show_bug.cgi?id=1228446 * https://bugzilla.suse.com/show_bug.cgi?id=1228447 * https://bugzilla.suse.com/show_bug.cgi?id=1228449 * https://bugzilla.suse.com/show_bug.cgi?id=1228450 * https://bugzilla.suse.com/show_bug.cgi?id=1228452 * https://bugzilla.suse.com/show_bug.cgi?id=1228456 * https://bugzilla.suse.com/show_bug.cgi?id=1228463 * https://bugzilla.suse.com/show_bug.cgi?id=1228466 * https://bugzilla.suse.com/show_bug.cgi?id=1228467 * https://bugzilla.suse.com/show_bug.cgi?id=1228469 * https://bugzilla.suse.com/show_bug.cgi?id=1228480 * https://bugzilla.suse.com/show_bug.cgi?id=1228481 * https://bugzilla.suse.com/show_bug.cgi?id=1228482 * https://bugzilla.suse.com/show_bug.cgi?id=1228483 * https://bugzilla.suse.com/show_bug.cgi?id=1228484 * https://bugzilla.suse.com/show_bug.cgi?id=1228485 * https://bugzilla.suse.com/show_bug.cgi?id=1228487 * https://bugzilla.suse.com/show_bug.cgi?id=1228489 * https://bugzilla.suse.com/show_bug.cgi?id=1228491 * https://bugzilla.suse.com/show_bug.cgi?id=1228493 * https://bugzilla.suse.com/show_bug.cgi?id=1228494 * https://bugzilla.suse.com/show_bug.cgi?id=1228495 * https://bugzilla.suse.com/show_bug.cgi?id=1228496 * https://bugzilla.suse.com/show_bug.cgi?id=1228501 * https://bugzilla.suse.com/show_bug.cgi?id=1228503 * https://bugzilla.suse.com/show_bug.cgi?id=1228509 * https://bugzilla.suse.com/show_bug.cgi?id=1228513 * https://bugzilla.suse.com/show_bug.cgi?id=1228515 * https://bugzilla.suse.com/show_bug.cgi?id=1228516 * https://bugzilla.suse.com/show_bug.cgi?id=1228526 * https://bugzilla.suse.com/show_bug.cgi?id=1228531 * https://bugzilla.suse.com/show_bug.cgi?id=1228563 * https://bugzilla.suse.com/show_bug.cgi?id=1228564 * https://bugzilla.suse.com/show_bug.cgi?id=1228567 * https://bugzilla.suse.com/show_bug.cgi?id=1228576 * https://bugzilla.suse.com/show_bug.cgi?id=1228579 * https://bugzilla.suse.com/show_bug.cgi?id=1228584 * https://bugzilla.suse.com/show_bug.cgi?id=1228588 * https://bugzilla.suse.com/show_bug.cgi?id=1228590 * https://bugzilla.suse.com/show_bug.cgi?id=1228615 * https://bugzilla.suse.com/show_bug.cgi?id=1228616 * https://bugzilla.suse.com/show_bug.cgi?id=1228635 * https://bugzilla.suse.com/show_bug.cgi?id=1228636 * https://bugzilla.suse.com/show_bug.cgi?id=1228654 * https://bugzilla.suse.com/show_bug.cgi?id=1228656 * https://bugzilla.suse.com/show_bug.cgi?id=1228658 * https://bugzilla.suse.com/show_bug.cgi?id=1228660 * https://bugzilla.suse.com/show_bug.cgi?id=1228662 * https://bugzilla.suse.com/show_bug.cgi?id=1228667 * https://bugzilla.suse.com/show_bug.cgi?id=1228673 * https://bugzilla.suse.com/show_bug.cgi?id=1228677 * https://bugzilla.suse.com/show_bug.cgi?id=1228687 * https://bugzilla.suse.com/show_bug.cgi?id=1228706 * https://bugzilla.suse.com/show_bug.cgi?id=1228708 * https://bugzilla.suse.com/show_bug.cgi?id=1228710 * https://bugzilla.suse.com/show_bug.cgi?id=1228718 * https://bugzilla.suse.com/show_bug.cgi?id=1228720 * https://bugzilla.suse.com/show_bug.cgi?id=1228721 * https://bugzilla.suse.com/show_bug.cgi?id=1228722 * https://bugzilla.suse.com/show_bug.cgi?id=1228724 * https://bugzilla.suse.com/show_bug.cgi?id=1228726 * https://bugzilla.suse.com/show_bug.cgi?id=1228727 * https://bugzilla.suse.com/show_bug.cgi?id=1228733 * https://bugzilla.suse.com/show_bug.cgi?id=1228748 * https://bugzilla.suse.com/show_bug.cgi?id=1228766 * https://bugzilla.suse.com/show_bug.cgi?id=1228779 * https://bugzilla.suse.com/show_bug.cgi?id=1228801 * https://bugzilla.suse.com/show_bug.cgi?id=1228850 * https://bugzilla.suse.com/show_bug.cgi?id=1228857 * https://bugzilla.suse.com/show_bug.cgi?id=1228959 * https://bugzilla.suse.com/show_bug.cgi?id=1228964 * https://bugzilla.suse.com/show_bug.cgi?id=1228966 * https://bugzilla.suse.com/show_bug.cgi?id=1228967 * https://bugzilla.suse.com/show_bug.cgi?id=1228979 * https://bugzilla.suse.com/show_bug.cgi?id=1228988 * https://bugzilla.suse.com/show_bug.cgi?id=1228989 * https://bugzilla.suse.com/show_bug.cgi?id=1228991 * https://bugzilla.suse.com/show_bug.cgi?id=1228992 * https://bugzilla.suse.com/show_bug.cgi?id=1229042 * https://bugzilla.suse.com/show_bug.cgi?id=1229054 * https://bugzilla.suse.com/show_bug.cgi?id=1229086 * https://bugzilla.suse.com/show_bug.cgi?id=1229136 * https://bugzilla.suse.com/show_bug.cgi?id=1229154 * https://bugzilla.suse.com/show_bug.cgi?id=1229187 * https://bugzilla.suse.com/show_bug.cgi?id=1229188 * https://bugzilla.suse.com/show_bug.cgi?id=1229190 * https://bugzilla.suse.com/show_bug.cgi?id=1229287 * https://bugzilla.suse.com/show_bug.cgi?id=1229290 * https://bugzilla.suse.com/show_bug.cgi?id=1229292 * https://bugzilla.suse.com/show_bug.cgi?id=1229296 * https://bugzilla.suse.com/show_bug.cgi?id=1229297 * https://bugzilla.suse.com/show_bug.cgi?id=1229301 * https://bugzilla.suse.com/show_bug.cgi?id=1229303 * https://bugzilla.suse.com/show_bug.cgi?id=1229304 * https://bugzilla.suse.com/show_bug.cgi?id=1229305 * https://bugzilla.suse.com/show_bug.cgi?id=1229307 * https://bugzilla.suse.com/show_bug.cgi?id=1229309 * https://bugzilla.suse.com/show_bug.cgi?id=1229312 * https://bugzilla.suse.com/show_bug.cgi?id=1229314 * https://bugzilla.suse.com/show_bug.cgi?id=1229315 * https://bugzilla.suse.com/show_bug.cgi?id=1229317 * https://bugzilla.suse.com/show_bug.cgi?id=1229318 * https://bugzilla.suse.com/show_bug.cgi?id=1229319 * https://bugzilla.suse.com/show_bug.cgi?id=1229327 * https://bugzilla.suse.com/show_bug.cgi?id=1229341 * https://bugzilla.suse.com/show_bug.cgi?id=1229345 * https://bugzilla.suse.com/show_bug.cgi?id=1229346 * https://bugzilla.suse.com/show_bug.cgi?id=1229347 * https://bugzilla.suse.com/show_bug.cgi?id=1229349 * https://bugzilla.suse.com/show_bug.cgi?id=1229350 * https://bugzilla.suse.com/show_bug.cgi?id=1229351 * https://bugzilla.suse.com/show_bug.cgi?id=1229354 * https://bugzilla.suse.com/show_bug.cgi?id=1229356 * https://bugzilla.suse.com/show_bug.cgi?id=1229357 * https://bugzilla.suse.com/show_bug.cgi?id=1229358 * https://bugzilla.suse.com/show_bug.cgi?id=1229359 * https://bugzilla.suse.com/show_bug.cgi?id=1229360 * https://bugzilla.suse.com/show_bug.cgi?id=1229366 * https://bugzilla.suse.com/show_bug.cgi?id=1229370 * https://bugzilla.suse.com/show_bug.cgi?id=1229373 * https://bugzilla.suse.com/show_bug.cgi?id=1229374 * https://bugzilla.suse.com/show_bug.cgi?id=1229381 * https://bugzilla.suse.com/show_bug.cgi?id=1229382 * https://bugzilla.suse.com/show_bug.cgi?id=1229383 * https://bugzilla.suse.com/show_bug.cgi?id=1229386 * https://bugzilla.suse.com/show_bug.cgi?id=1229388 * https://bugzilla.suse.com/show_bug.cgi?id=1229391 * https://bugzilla.suse.com/show_bug.cgi?id=1229392 * https://bugzilla.suse.com/show_bug.cgi?id=1229395 * https://bugzilla.suse.com/show_bug.cgi?id=1229398 * https://bugzilla.suse.com/show_bug.cgi?id=1229399 * https://bugzilla.suse.com/show_bug.cgi?id=1229400 * https://bugzilla.suse.com/show_bug.cgi?id=1229407 * https://bugzilla.suse.com/show_bug.cgi?id=1229409 * https://bugzilla.suse.com/show_bug.cgi?id=1229410 * https://bugzilla.suse.com/show_bug.cgi?id=1229411 * https://bugzilla.suse.com/show_bug.cgi?id=1229413 * https://bugzilla.suse.com/show_bug.cgi?id=1229414 * https://bugzilla.suse.com/show_bug.cgi?id=1229417 * https://bugzilla.suse.com/show_bug.cgi?id=1229418 * https://bugzilla.suse.com/show_bug.cgi?id=1229444 * https://bugzilla.suse.com/show_bug.cgi?id=1229453 * https://bugzilla.suse.com/show_bug.cgi?id=1229454 * https://bugzilla.suse.com/show_bug.cgi?id=1229481 * https://bugzilla.suse.com/show_bug.cgi?id=1229482 * https://bugzilla.suse.com/show_bug.cgi?id=1229488 * https://bugzilla.suse.com/show_bug.cgi?id=1229489 * https://bugzilla.suse.com/show_bug.cgi?id=1229490 * https://bugzilla.suse.com/show_bug.cgi?id=1229493 * https://bugzilla.suse.com/show_bug.cgi?id=1229495 * https://bugzilla.suse.com/show_bug.cgi?id=1229497 * https://bugzilla.suse.com/show_bug.cgi?id=1229500 * https://bugzilla.suse.com/show_bug.cgi?id=1229503 * https://bugzilla.suse.com/show_bug.cgi?id=1229506 * https://bugzilla.suse.com/show_bug.cgi?id=1229507 * https://bugzilla.suse.com/show_bug.cgi?id=1229508 * https://bugzilla.suse.com/show_bug.cgi?id=1229509 * https://bugzilla.suse.com/show_bug.cgi?id=1229510 * https://bugzilla.suse.com/show_bug.cgi?id=1229512 * https://bugzilla.suse.com/show_bug.cgi?id=1229516 * https://bugzilla.suse.com/show_bug.cgi?id=1229521 * https://bugzilla.suse.com/show_bug.cgi?id=1229522 * https://bugzilla.suse.com/show_bug.cgi?id=1229523 * https://bugzilla.suse.com/show_bug.cgi?id=1229524 * https://bugzilla.suse.com/show_bug.cgi?id=1229525 * https://bugzilla.suse.com/show_bug.cgi?id=1229526 * https://bugzilla.suse.com/show_bug.cgi?id=1229527 * https://bugzilla.suse.com/show_bug.cgi?id=1229528 * https://bugzilla.suse.com/show_bug.cgi?id=1229529 * https://bugzilla.suse.com/show_bug.cgi?id=1229531 * https://bugzilla.suse.com/show_bug.cgi?id=1229533 * https://bugzilla.suse.com/show_bug.cgi?id=1229535 * https://bugzilla.suse.com/show_bug.cgi?id=1229536 * https://bugzilla.suse.com/show_bug.cgi?id=1229537 * https://bugzilla.suse.com/show_bug.cgi?id=1229540 * https://bugzilla.suse.com/show_bug.cgi?id=1229544 * https://bugzilla.suse.com/show_bug.cgi?id=1229545 * https://bugzilla.suse.com/show_bug.cgi?id=1229546 * https://bugzilla.suse.com/show_bug.cgi?id=1229547 * https://bugzilla.suse.com/show_bug.cgi?id=1229548 * https://bugzilla.suse.com/show_bug.cgi?id=1229554 * https://bugzilla.suse.com/show_bug.cgi?id=1229557 * https://bugzilla.suse.com/show_bug.cgi?id=1229558 * https://bugzilla.suse.com/show_bug.cgi?id=1229559 * https://bugzilla.suse.com/show_bug.cgi?id=1229560 * https://bugzilla.suse.com/show_bug.cgi?id=1229562 * https://bugzilla.suse.com/show_bug.cgi?id=1229564 * https://bugzilla.suse.com/show_bug.cgi?id=1229565 * https://bugzilla.suse.com/show_bug.cgi?id=1229566 * https://bugzilla.suse.com/show_bug.cgi?id=1229568 * https://bugzilla.suse.com/show_bug.cgi?id=1229569 * https://bugzilla.suse.com/show_bug.cgi?id=1229572 * https://bugzilla.suse.com/show_bug.cgi?id=1229573 * https://bugzilla.suse.com/show_bug.cgi?id=1229576 * https://bugzilla.suse.com/show_bug.cgi?id=1229581 * https://bugzilla.suse.com/show_bug.cgi?id=1229588 * https://bugzilla.suse.com/show_bug.cgi?id=1229598 * https://bugzilla.suse.com/show_bug.cgi?id=1229603 * https://bugzilla.suse.com/show_bug.cgi?id=1229604 * https://bugzilla.suse.com/show_bug.cgi?id=1229605 * https://bugzilla.suse.com/show_bug.cgi?id=1229608 * https://bugzilla.suse.com/show_bug.cgi?id=1229611 * https://bugzilla.suse.com/show_bug.cgi?id=1229612 * https://bugzilla.suse.com/show_bug.cgi?id=1229613 * https://bugzilla.suse.com/show_bug.cgi?id=1229614 * https://bugzilla.suse.com/show_bug.cgi?id=1229615 * https://bugzilla.suse.com/show_bug.cgi?id=1229616 * https://bugzilla.suse.com/show_bug.cgi?id=1229617 * https://bugzilla.suse.com/show_bug.cgi?id=1229620 * https://bugzilla.suse.com/show_bug.cgi?id=1229622 * https://bugzilla.suse.com/show_bug.cgi?id=1229623 * https://bugzilla.suse.com/show_bug.cgi?id=1229624 * https://bugzilla.suse.com/show_bug.cgi?id=1229625 * https://bugzilla.suse.com/show_bug.cgi?id=1229626 * https://bugzilla.suse.com/show_bug.cgi?id=1229628 * https://bugzilla.suse.com/show_bug.cgi?id=1229629 * https://bugzilla.suse.com/show_bug.cgi?id=1229630 * https://bugzilla.suse.com/show_bug.cgi?id=1229631 * https://bugzilla.suse.com/show_bug.cgi?id=1229632 * https://bugzilla.suse.com/show_bug.cgi?id=1229635 * https://bugzilla.suse.com/show_bug.cgi?id=1229636 * https://bugzilla.suse.com/show_bug.cgi?id=1229637 * https://bugzilla.suse.com/show_bug.cgi?id=1229638 * https://bugzilla.suse.com/show_bug.cgi?id=1229639 * https://bugzilla.suse.com/show_bug.cgi?id=1229641 * https://bugzilla.suse.com/show_bug.cgi?id=1229642 * https://bugzilla.suse.com/show_bug.cgi?id=1229643 * https://bugzilla.suse.com/show_bug.cgi?id=1229645 * https://bugzilla.suse.com/show_bug.cgi?id=1229657 * https://bugzilla.suse.com/show_bug.cgi?id=1229658 * https://bugzilla.suse.com/show_bug.cgi?id=1229662 * https://bugzilla.suse.com/show_bug.cgi?id=1229664 * https://bugzilla.suse.com/show_bug.cgi?id=1229707 * https://bugzilla.suse.com/show_bug.cgi?id=1229739 * https://bugzilla.suse.com/show_bug.cgi?id=1229743 * https://bugzilla.suse.com/show_bug.cgi?id=1229746 * https://bugzilla.suse.com/show_bug.cgi?id=1229754 * https://bugzilla.suse.com/show_bug.cgi?id=1229755 * https://bugzilla.suse.com/show_bug.cgi?id=1229756 * https://bugzilla.suse.com/show_bug.cgi?id=1229759 * https://bugzilla.suse.com/show_bug.cgi?id=1229761 * https://bugzilla.suse.com/show_bug.cgi?id=1229767 * https://bugzilla.suse.com/show_bug.cgi?id=1229768 * https://bugzilla.suse.com/show_bug.cgi?id=1229781 * https://bugzilla.suse.com/show_bug.cgi?id=1229784 * https://bugzilla.suse.com/show_bug.cgi?id=1229787 * https://bugzilla.suse.com/show_bug.cgi?id=1229788 * https://bugzilla.suse.com/show_bug.cgi?id=1229789 * https://bugzilla.suse.com/show_bug.cgi?id=1229792 * https://bugzilla.suse.com/show_bug.cgi?id=1229820 * https://bugzilla.suse.com/show_bug.cgi?id=1230413 * https://jira.suse.com/browse/PED-8491 * https://jira.suse.com/browse/PED-8779 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 27 16:34:59 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 27 Sep 2024 16:34:59 -0000 Subject: SUSE-SU-2024:3478-1: important: Security update for quagga Message-ID: <172745489987.15730.13680996312595566805@smelt2.prg2.suse.org> # Security update for quagga Announcement ID: SUSE-SU-2024:3478-1 Rating: important References: * bsc#1202023 * bsc#1229438 * bsc#1230866 Cross-References: * CVE-2017-15865 * CVE-2022-37032 * CVE-2024-44070 CVSS scores: * CVE-2017-15865 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2017-15865 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2017-15865 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2022-37032 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2022-37032 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-44070 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44070 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-44070 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Server Applications Module 15-SP5 * Server Applications Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves three vulnerabilities can now be installed. ## Description: This update for quagga fixes the following issues: * CVE-2017-15865: sensitive information disclosed when malformed BGP UPDATE packets are processed. (bsc#1230866) * CVE-2024-44070: crash when parsing Tunnel Encap attribute due to no length check. (bsc#1229438) * CVE-2022-37032: out-of-bounds read when parsing a BGP capability message due to incorrect size check. (bsc#1202023) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3478=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3478=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3478=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3478=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-3478=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3478=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3478=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3478=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3478=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3478=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3478=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3478=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * quagga-1.1.1-150400.12.8.1 * libospf0-1.1.1-150400.12.8.1 * libospfapiclient0-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-debuginfo-1.1.1-150400.12.8.1 * libzebra1-debuginfo-1.1.1-150400.12.8.1 * libospfapiclient0-1.1.1-150400.12.8.1 * libfpm_pb0-1.1.1-150400.12.8.1 * quagga-debugsource-1.1.1-150400.12.8.1 * libospf0-debuginfo-1.1.1-150400.12.8.1 * quagga-devel-1.1.1-150400.12.8.1 * quagga-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-1.1.1-150400.12.8.1 * libzebra1-1.1.1-150400.12.8.1 * libfpm_pb0-debuginfo-1.1.1-150400.12.8.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * quagga-1.1.1-150400.12.8.1 * libospf0-1.1.1-150400.12.8.1 * libospfapiclient0-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-debuginfo-1.1.1-150400.12.8.1 * libzebra1-debuginfo-1.1.1-150400.12.8.1 * libospfapiclient0-1.1.1-150400.12.8.1 * libfpm_pb0-1.1.1-150400.12.8.1 * quagga-debugsource-1.1.1-150400.12.8.1 * libospf0-debuginfo-1.1.1-150400.12.8.1 * quagga-devel-1.1.1-150400.12.8.1 * quagga-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-1.1.1-150400.12.8.1 * libzebra1-1.1.1-150400.12.8.1 * libfpm_pb0-debuginfo-1.1.1-150400.12.8.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * quagga-1.1.1-150400.12.8.1 * libospf0-1.1.1-150400.12.8.1 * libospfapiclient0-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-debuginfo-1.1.1-150400.12.8.1 * libzebra1-debuginfo-1.1.1-150400.12.8.1 * libospfapiclient0-1.1.1-150400.12.8.1 * libfpm_pb0-1.1.1-150400.12.8.1 * quagga-debugsource-1.1.1-150400.12.8.1 * libospf0-debuginfo-1.1.1-150400.12.8.1 * quagga-devel-1.1.1-150400.12.8.1 * quagga-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-1.1.1-150400.12.8.1 * libzebra1-1.1.1-150400.12.8.1 * libfpm_pb0-debuginfo-1.1.1-150400.12.8.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * quagga-1.1.1-150400.12.8.1 * libospf0-1.1.1-150400.12.8.1 * libospfapiclient0-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-debuginfo-1.1.1-150400.12.8.1 * libzebra1-debuginfo-1.1.1-150400.12.8.1 * libospfapiclient0-1.1.1-150400.12.8.1 * libfpm_pb0-1.1.1-150400.12.8.1 * quagga-debugsource-1.1.1-150400.12.8.1 * libospf0-debuginfo-1.1.1-150400.12.8.1 * quagga-devel-1.1.1-150400.12.8.1 * quagga-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-1.1.1-150400.12.8.1 * libzebra1-1.1.1-150400.12.8.1 * libfpm_pb0-debuginfo-1.1.1-150400.12.8.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * quagga-1.1.1-150400.12.8.1 * libospf0-1.1.1-150400.12.8.1 * libospfapiclient0-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-debuginfo-1.1.1-150400.12.8.1 * libzebra1-debuginfo-1.1.1-150400.12.8.1 * libospfapiclient0-1.1.1-150400.12.8.1 * libfpm_pb0-1.1.1-150400.12.8.1 * quagga-debugsource-1.1.1-150400.12.8.1 * libospf0-debuginfo-1.1.1-150400.12.8.1 * quagga-devel-1.1.1-150400.12.8.1 * quagga-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-1.1.1-150400.12.8.1 * libzebra1-1.1.1-150400.12.8.1 * libfpm_pb0-debuginfo-1.1.1-150400.12.8.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * quagga-1.1.1-150400.12.8.1 * libospf0-1.1.1-150400.12.8.1 * libospfapiclient0-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-debuginfo-1.1.1-150400.12.8.1 * libzebra1-debuginfo-1.1.1-150400.12.8.1 * libospfapiclient0-1.1.1-150400.12.8.1 * libfpm_pb0-1.1.1-150400.12.8.1 * quagga-debugsource-1.1.1-150400.12.8.1 * libospf0-debuginfo-1.1.1-150400.12.8.1 * quagga-devel-1.1.1-150400.12.8.1 * quagga-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-1.1.1-150400.12.8.1 * libzebra1-1.1.1-150400.12.8.1 * libfpm_pb0-debuginfo-1.1.1-150400.12.8.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * quagga-1.1.1-150400.12.8.1 * libospf0-1.1.1-150400.12.8.1 * libospfapiclient0-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-debuginfo-1.1.1-150400.12.8.1 * libzebra1-debuginfo-1.1.1-150400.12.8.1 * libospfapiclient0-1.1.1-150400.12.8.1 * libfpm_pb0-1.1.1-150400.12.8.1 * quagga-debugsource-1.1.1-150400.12.8.1 * libospf0-debuginfo-1.1.1-150400.12.8.1 * quagga-devel-1.1.1-150400.12.8.1 * quagga-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-1.1.1-150400.12.8.1 * libzebra1-1.1.1-150400.12.8.1 * libfpm_pb0-debuginfo-1.1.1-150400.12.8.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * quagga-1.1.1-150400.12.8.1 * libospf0-1.1.1-150400.12.8.1 * libospfapiclient0-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-debuginfo-1.1.1-150400.12.8.1 * libzebra1-debuginfo-1.1.1-150400.12.8.1 * libospfapiclient0-1.1.1-150400.12.8.1 * libfpm_pb0-1.1.1-150400.12.8.1 * quagga-debugsource-1.1.1-150400.12.8.1 * libospf0-debuginfo-1.1.1-150400.12.8.1 * quagga-devel-1.1.1-150400.12.8.1 * quagga-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-1.1.1-150400.12.8.1 * libzebra1-1.1.1-150400.12.8.1 * libfpm_pb0-debuginfo-1.1.1-150400.12.8.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * quagga-1.1.1-150400.12.8.1 * libospf0-1.1.1-150400.12.8.1 * libospfapiclient0-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-debuginfo-1.1.1-150400.12.8.1 * libzebra1-debuginfo-1.1.1-150400.12.8.1 * libospfapiclient0-1.1.1-150400.12.8.1 * libfpm_pb0-1.1.1-150400.12.8.1 * quagga-debugsource-1.1.1-150400.12.8.1 * libospf0-debuginfo-1.1.1-150400.12.8.1 * quagga-devel-1.1.1-150400.12.8.1 * quagga-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-1.1.1-150400.12.8.1 * libzebra1-1.1.1-150400.12.8.1 * libfpm_pb0-debuginfo-1.1.1-150400.12.8.1 * SUSE Manager Proxy 4.3 (x86_64) * quagga-1.1.1-150400.12.8.1 * libospf0-1.1.1-150400.12.8.1 * libospfapiclient0-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-debuginfo-1.1.1-150400.12.8.1 * libzebra1-debuginfo-1.1.1-150400.12.8.1 * libospfapiclient0-1.1.1-150400.12.8.1 * libfpm_pb0-1.1.1-150400.12.8.1 * quagga-debugsource-1.1.1-150400.12.8.1 * libospf0-debuginfo-1.1.1-150400.12.8.1 * quagga-devel-1.1.1-150400.12.8.1 * quagga-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-1.1.1-150400.12.8.1 * libzebra1-1.1.1-150400.12.8.1 * libfpm_pb0-debuginfo-1.1.1-150400.12.8.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * quagga-1.1.1-150400.12.8.1 * libospf0-1.1.1-150400.12.8.1 * libospfapiclient0-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-debuginfo-1.1.1-150400.12.8.1 * libzebra1-debuginfo-1.1.1-150400.12.8.1 * libospfapiclient0-1.1.1-150400.12.8.1 * libfpm_pb0-1.1.1-150400.12.8.1 * quagga-debugsource-1.1.1-150400.12.8.1 * libospf0-debuginfo-1.1.1-150400.12.8.1 * quagga-devel-1.1.1-150400.12.8.1 * quagga-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-1.1.1-150400.12.8.1 * libzebra1-1.1.1-150400.12.8.1 * libfpm_pb0-debuginfo-1.1.1-150400.12.8.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * quagga-1.1.1-150400.12.8.1 * libospf0-1.1.1-150400.12.8.1 * libospfapiclient0-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-debuginfo-1.1.1-150400.12.8.1 * libzebra1-debuginfo-1.1.1-150400.12.8.1 * libospfapiclient0-1.1.1-150400.12.8.1 * libfpm_pb0-1.1.1-150400.12.8.1 * quagga-debugsource-1.1.1-150400.12.8.1 * libospf0-debuginfo-1.1.1-150400.12.8.1 * quagga-devel-1.1.1-150400.12.8.1 * quagga-debuginfo-1.1.1-150400.12.8.1 * libquagga_pb0-1.1.1-150400.12.8.1 * libzebra1-1.1.1-150400.12.8.1 * libfpm_pb0-debuginfo-1.1.1-150400.12.8.1 ## References: * https://www.suse.com/security/cve/CVE-2017-15865.html * https://www.suse.com/security/cve/CVE-2022-37032.html * https://www.suse.com/security/cve/CVE-2024-44070.html * https://bugzilla.suse.com/show_bug.cgi?id=1202023 * https://bugzilla.suse.com/show_bug.cgi?id=1229438 * https://bugzilla.suse.com/show_bug.cgi?id=1230866 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Sep 27 16:35:26 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Fri, 27 Sep 2024 16:35:26 -0000 Subject: SUSE-SU-2024:3470-1: important: Security update for python3 Message-ID: <172745492690.15730.12994165651719892027@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2024:3470-1 Rating: important References: * bsc#1227233 * bsc#1227378 * bsc#1227999 * bsc#1228780 * bsc#1229596 * bsc#1230227 Cross-References: * CVE-2024-5642 * CVE-2024-6232 * CVE-2024-6923 * CVE-2024-7592 CVSS scores: * CVE-2024-5642 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L * CVE-2024-6232 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-6232 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6232 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities and has two security fixes can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2024-6923: Fixed uncontrolled CPU resource consumption when in http.cookies module (bsc#1228780). * CVE-2024-5642: Fixed buffer overread when NPN is used and invalid values are sent to the OpenSSL API (bsc#1227233). * CVE-2024-7592: Fixed Email header injection due to unquoted newlines (bsc#1229596). * CVE-2024-6232: excessive backtracking when parsing tarfile headers leads to ReDoS. (bsc#1230227) Bug fixes: * %{profileopt} variable is set according to the variable %{do_profiling} (bsc#1227999). * Stop using %%defattr, it seems to be breaking proper executable attributes on /usr/bin/ scripts (bsc#1227378). * Remove %suse_update_desktop_file macro as it is not useful any more. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3470=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3470=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3470=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3470=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3470=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3470=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3470=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3470=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3470=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3470=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3470=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-3470=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3470=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3470=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3470=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3470=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3470=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3470=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3470=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3470=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3470=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3470=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3470=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3470=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3470=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3470=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3470=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python3-curses-debuginfo-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-devel-debuginfo-3.6.15-150300.10.72.1 * python3-idle-3.6.15-150300.10.72.1 * python3-doc-3.6.15-150300.10.72.1 * python3-testsuite-debuginfo-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-dbm-3.6.15-150300.10.72.1 * python3-testsuite-3.6.15-150300.10.72.1 * python3-tk-debuginfo-3.6.15-150300.10.72.1 * python3-doc-devhelp-3.6.15-150300.10.72.1 * python3-tk-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * python3-dbm-debuginfo-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-tools-3.6.15-150300.10.72.1 * python3-curses-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * python3-devel-3.6.15-150300.10.72.1 * openSUSE Leap 15.3 (x86_64) * libpython3_6m1_0-32bit-3.6.15-150300.10.72.1 * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.72.1 * openSUSE Leap 15.3 (aarch64_ilp32) * libpython3_6m1_0-64bit-3.6.15-150300.10.72.1 * libpython3_6m1_0-64bit-debuginfo-3.6.15-150300.10.72.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python3-curses-debuginfo-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-devel-debuginfo-3.6.15-150300.10.72.1 * python3-idle-3.6.15-150300.10.72.1 * python3-doc-3.6.15-150300.10.72.1 * python3-testsuite-debuginfo-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-dbm-3.6.15-150300.10.72.1 * python3-testsuite-3.6.15-150300.10.72.1 * python3-tk-debuginfo-3.6.15-150300.10.72.1 * python3-doc-devhelp-3.6.15-150300.10.72.1 * python3-tk-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * python3-dbm-debuginfo-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-tools-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * python3-curses-3.6.15-150300.10.72.1 * python3-devel-3.6.15-150300.10.72.1 * openSUSE Leap 15.5 (x86_64) * libpython3_6m1_0-32bit-3.6.15-150300.10.72.1 * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.72.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python3-curses-debuginfo-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-devel-debuginfo-3.6.15-150300.10.72.1 * python3-idle-3.6.15-150300.10.72.1 * python3-doc-3.6.15-150300.10.72.1 * python3-testsuite-debuginfo-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-dbm-3.6.15-150300.10.72.1 * python3-testsuite-3.6.15-150300.10.72.1 * python3-tk-debuginfo-3.6.15-150300.10.72.1 * python3-doc-devhelp-3.6.15-150300.10.72.1 * python3-tk-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * python3-dbm-debuginfo-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-tools-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * python3-curses-3.6.15-150300.10.72.1 * python3-devel-3.6.15-150300.10.72.1 * openSUSE Leap 15.6 (x86_64) * libpython3_6m1_0-32bit-3.6.15-150300.10.72.1 * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.72.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-curses-debuginfo-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-dbm-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * python3-curses-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * python3-devel-debuginfo-3.6.15-150300.10.72.1 * python3-tk-3.6.15-150300.10.72.1 * python3-dbm-debuginfo-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-idle-3.6.15-150300.10.72.1 * python3-devel-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * python3-tk-debuginfo-3.6.15-150300.10.72.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-curses-debuginfo-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-dbm-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * python3-curses-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * python3-devel-debuginfo-3.6.15-150300.10.72.1 * python3-tk-3.6.15-150300.10.72.1 * python3-dbm-debuginfo-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-idle-3.6.15-150300.10.72.1 * python3-devel-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * python3-tk-debuginfo-3.6.15-150300.10.72.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-tools-3.6.15-150300.10.72.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-tools-3.6.15-150300.10.72.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-curses-debuginfo-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-dbm-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * python3-curses-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * python3-devel-debuginfo-3.6.15-150300.10.72.1 * python3-tk-3.6.15-150300.10.72.1 * python3-dbm-debuginfo-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-idle-3.6.15-150300.10.72.1 * python3-tools-3.6.15-150300.10.72.1 * python3-devel-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * python3-tk-debuginfo-3.6.15-150300.10.72.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-curses-debuginfo-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-dbm-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * python3-curses-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * python3-devel-debuginfo-3.6.15-150300.10.72.1 * python3-tk-3.6.15-150300.10.72.1 * python3-dbm-debuginfo-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-idle-3.6.15-150300.10.72.1 * python3-tools-3.6.15-150300.10.72.1 * python3-devel-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * python3-tk-debuginfo-3.6.15-150300.10.72.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-curses-debuginfo-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-dbm-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * python3-curses-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * python3-devel-debuginfo-3.6.15-150300.10.72.1 * python3-tk-3.6.15-150300.10.72.1 * python3-dbm-debuginfo-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-idle-3.6.15-150300.10.72.1 * python3-tools-3.6.15-150300.10.72.1 * python3-devel-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * python3-tk-debuginfo-3.6.15-150300.10.72.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-curses-debuginfo-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-dbm-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * python3-curses-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * python3-devel-debuginfo-3.6.15-150300.10.72.1 * python3-tk-3.6.15-150300.10.72.1 * python3-dbm-debuginfo-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-idle-3.6.15-150300.10.72.1 * python3-tools-3.6.15-150300.10.72.1 * python3-devel-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * python3-tk-debuginfo-3.6.15-150300.10.72.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-curses-debuginfo-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-dbm-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * python3-curses-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * python3-devel-debuginfo-3.6.15-150300.10.72.1 * python3-tk-3.6.15-150300.10.72.1 * python3-dbm-debuginfo-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-idle-3.6.15-150300.10.72.1 * python3-tools-3.6.15-150300.10.72.1 * python3-devel-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * python3-tk-debuginfo-3.6.15-150300.10.72.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-curses-debuginfo-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-dbm-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * python3-curses-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * python3-devel-debuginfo-3.6.15-150300.10.72.1 * python3-tk-3.6.15-150300.10.72.1 * python3-dbm-debuginfo-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-idle-3.6.15-150300.10.72.1 * python3-tools-3.6.15-150300.10.72.1 * python3-devel-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * python3-tk-debuginfo-3.6.15-150300.10.72.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-curses-debuginfo-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-dbm-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * python3-curses-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * python3-devel-debuginfo-3.6.15-150300.10.72.1 * python3-tk-3.6.15-150300.10.72.1 * python3-dbm-debuginfo-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-idle-3.6.15-150300.10.72.1 * python3-tools-3.6.15-150300.10.72.1 * python3-devel-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * python3-tk-debuginfo-3.6.15-150300.10.72.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-curses-debuginfo-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-dbm-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * python3-curses-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * python3-devel-debuginfo-3.6.15-150300.10.72.1 * python3-tk-3.6.15-150300.10.72.1 * python3-dbm-debuginfo-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-idle-3.6.15-150300.10.72.1 * python3-tools-3.6.15-150300.10.72.1 * python3-devel-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * python3-tk-debuginfo-3.6.15-150300.10.72.1 * SUSE Manager Proxy 4.3 (x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-curses-debuginfo-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-dbm-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * python3-curses-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * python3-devel-debuginfo-3.6.15-150300.10.72.1 * python3-tk-3.6.15-150300.10.72.1 * python3-dbm-debuginfo-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-idle-3.6.15-150300.10.72.1 * python3-devel-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * python3-tk-debuginfo-3.6.15-150300.10.72.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-curses-debuginfo-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-dbm-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * python3-curses-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * python3-devel-debuginfo-3.6.15-150300.10.72.1 * python3-tk-3.6.15-150300.10.72.1 * python3-dbm-debuginfo-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-idle-3.6.15-150300.10.72.1 * python3-devel-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * python3-tk-debuginfo-3.6.15-150300.10.72.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-curses-debuginfo-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-dbm-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * python3-curses-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * python3-devel-debuginfo-3.6.15-150300.10.72.1 * python3-tk-3.6.15-150300.10.72.1 * python3-dbm-debuginfo-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-idle-3.6.15-150300.10.72.1 * python3-devel-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * python3-tk-debuginfo-3.6.15-150300.10.72.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-curses-debuginfo-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-dbm-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * python3-curses-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * python3-devel-debuginfo-3.6.15-150300.10.72.1 * python3-tk-3.6.15-150300.10.72.1 * python3-dbm-debuginfo-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-idle-3.6.15-150300.10.72.1 * python3-tools-3.6.15-150300.10.72.1 * python3-devel-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * python3-tk-debuginfo-3.6.15-150300.10.72.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.72.1 * python3-debuginfo-3.6.15-150300.10.72.1 * python3-base-debuginfo-3.6.15-150300.10.72.1 * python3-base-3.6.15-150300.10.72.1 * libpython3_6m1_0-3.6.15-150300.10.72.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.72.1 * python3-debugsource-3.6.15-150300.10.72.1 * python3-3.6.15-150300.10.72.1 ## References: * https://www.suse.com/security/cve/CVE-2024-5642.html * https://www.suse.com/security/cve/CVE-2024-6232.html * https://www.suse.com/security/cve/CVE-2024-6923.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://bugzilla.suse.com/show_bug.cgi?id=1227233 * https://bugzilla.suse.com/show_bug.cgi?id=1227378 * https://bugzilla.suse.com/show_bug.cgi?id=1227999 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 * https://bugzilla.suse.com/show_bug.cgi?id=1229596 * https://bugzilla.suse.com/show_bug.cgi?id=1230227 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 30 12:30:49 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 30 Sep 2024 12:30:49 -0000 Subject: SUSE-SU-2024:3499-1: important: Security update for the Linux Kernel Message-ID: <172769944930.15730.10007969434669574937@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3499-1 Rating: important References: * bsc#1196018 * bsc#1196823 * bsc#1202346 * bsc#1209636 * bsc#1209799 * bsc#1210629 * bsc#1216834 * bsc#1220185 * bsc#1220186 * bsc#1222251 * bsc#1222728 * bsc#1223948 * bsc#1225109 * bsc#1225584 * bsc#1227942 * bsc#1227969 * bsc#1227985 * bsc#1228002 * bsc#1228015 * bsc#1228114 * bsc#1228516 * bsc#1228576 * bsc#1228959 * bsc#1229400 * bsc#1229454 * bsc#1229500 * bsc#1229503 * bsc#1229510 * bsc#1229512 * bsc#1229607 * bsc#1229630 * bsc#1229641 * bsc#1229657 * bsc#1229707 Cross-References: * CVE-2022-0854 * CVE-2022-20368 * CVE-2022-28748 * CVE-2022-2964 * CVE-2022-48686 * CVE-2022-48791 * CVE-2022-48802 * CVE-2022-48805 * CVE-2022-48839 * CVE-2022-48853 * CVE-2022-48872 * CVE-2022-48873 * CVE-2022-48901 * CVE-2022-48912 * CVE-2022-48919 * CVE-2022-48925 * CVE-2023-1582 * CVE-2023-2176 * CVE-2023-52854 * CVE-2024-26583 * CVE-2024-26584 * CVE-2024-26800 * CVE-2024-41011 * CVE-2024-41062 * CVE-2024-42077 * CVE-2024-42232 * CVE-2024-42271 * CVE-2024-43861 * CVE-2024-43882 * CVE-2024-43883 * CVE-2024-44947 CVSS scores: * CVE-2022-0854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-0854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-20368 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-20368 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-28748 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2022-2964 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-2964 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48686 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48686 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48791 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48791 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48802 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48805 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48839 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2022-48872 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48872 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48873 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48873 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48912 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48912 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48919 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48919 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48919 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1582 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-1582 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-2176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26583 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26583 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26584 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26584 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26800 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41011 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41011 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42271 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42271 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43883 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43883 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-44947 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-44947 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-44947 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Availability Extension 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Manager Proxy 4.1 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Server 4.1 An update that solves 31 vulnerabilities and has three security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2022-48791: Fix use-after-free for aborted TMF sas_task (bsc#1228002) * CVE-2024-44947: Initialize beyond-EOF page contents before setting uptodate (bsc#1229454). * CVE-2022-48919: Fix double free race when mount fails in cifs_get_root() (bsc#1229657). * CVE-2023-52854: Fix refcnt handling in padata_free_shell() (bsc#1225584). * CVE-2024-43883: Do not drop references before new references are gained (bsc#1229707). * CVE-2024-41062: Sync sock recv cb and release (bsc#1228576). * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) * CVE-2022-48912: Fix use-after-free in __nf_register_net_hook() (bsc#1229641) * CVE-2022-48872: Fix use-after-free race condition for maps (bsc#1229510). * CVE-2022-48873: Do not remove map on creater_process and device_release (bsc#1229512). * CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400) * CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959) * CVE-2022-48686: Fixed UAF when detecting digest errors (bsc#1223948). The following non-security bugs were fixed: * Bluetooth: L2CAP: Fix deadlock (git-fixes). * powerpc: Remove support for PowerPC 601 (Remove unused and malformed assembly causing build error). * sched/psi: use kernfs polling functions for PSI trigger polling (bsc#1209799 bsc#1225109). * scsi: pm80xx: Fix TMF task completion race condition (bsc#1228002) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-3499=1 * SUSE Linux Enterprise High Availability Extension 15 SP2 zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2024-3499=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3499=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3499=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3499=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (nosrc) * kernel-default-5.3.18-150200.24.203.1 * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-5.3.18-150200.24.203.1 * kernel-default-debuginfo-5.3.18-150200.24.203.1 * kernel-livepatch-SLE15-SP2_Update_52-debugsource-1-150200.5.3.1 * kernel-livepatch-5_3_18-150200_24_203-default-1-150200.5.3.1 * kernel-livepatch-5_3_18-150200_24_203-default-debuginfo-1-150200.5.3.1 * kernel-default-debugsource-5.3.18-150200.24.203.1 * kernel-default-livepatch-5.3.18-150200.24.203.1 * SUSE Linux Enterprise High Availability Extension 15 SP2 (aarch64 ppc64le s390x x86_64) * dlm-kmp-default-debuginfo-5.3.18-150200.24.203.1 * ocfs2-kmp-default-debuginfo-5.3.18-150200.24.203.1 * kernel-default-debuginfo-5.3.18-150200.24.203.1 * dlm-kmp-default-5.3.18-150200.24.203.1 * kernel-default-debugsource-5.3.18-150200.24.203.1 * gfs2-kmp-default-5.3.18-150200.24.203.1 * cluster-md-kmp-default-5.3.18-150200.24.203.1 * ocfs2-kmp-default-5.3.18-150200.24.203.1 * cluster-md-kmp-default-debuginfo-5.3.18-150200.24.203.1 * gfs2-kmp-default-debuginfo-5.3.18-150200.24.203.1 * SUSE Linux Enterprise High Availability Extension 15 SP2 (nosrc) * kernel-default-5.3.18-150200.24.203.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150200.24.203.1 * kernel-default-5.3.18-150200.24.203.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * kernel-preempt-devel-debuginfo-5.3.18-150200.24.203.1 * kernel-default-devel-debuginfo-5.3.18-150200.24.203.1 * kernel-default-debuginfo-5.3.18-150200.24.203.1 * kernel-preempt-debuginfo-5.3.18-150200.24.203.1 * kernel-preempt-debugsource-5.3.18-150200.24.203.1 * kernel-default-base-5.3.18-150200.24.203.1.150200.9.105.1 * kernel-preempt-devel-5.3.18-150200.24.203.1 * kernel-syms-5.3.18-150200.24.203.1 * kernel-obs-build-5.3.18-150200.24.203.1 * kernel-default-devel-5.3.18-150200.24.203.1 * kernel-default-debugsource-5.3.18-150200.24.203.1 * kernel-obs-build-debugsource-5.3.18-150200.24.203.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * kernel-source-5.3.18-150200.24.203.1 * kernel-devel-5.3.18-150200.24.203.1 * kernel-macros-5.3.18-150200.24.203.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch nosrc) * kernel-docs-5.3.18-150200.24.203.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150200.24.203.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-debuginfo-5.3.18-150200.24.203.1 * kernel-default-debuginfo-5.3.18-150200.24.203.1 * kernel-default-base-5.3.18-150200.24.203.1.150200.9.105.1 * reiserfs-kmp-default-debuginfo-5.3.18-150200.24.203.1 * reiserfs-kmp-default-5.3.18-150200.24.203.1 * kernel-syms-5.3.18-150200.24.203.1 * kernel-obs-build-5.3.18-150200.24.203.1 * kernel-default-devel-5.3.18-150200.24.203.1 * kernel-default-debugsource-5.3.18-150200.24.203.1 * kernel-obs-build-debugsource-5.3.18-150200.24.203.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * kernel-source-5.3.18-150200.24.203.1 * kernel-devel-5.3.18-150200.24.203.1 * kernel-macros-5.3.18-150200.24.203.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch nosrc) * kernel-docs-5.3.18-150200.24.203.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150200.24.203.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * kernel-preempt-debuginfo-5.3.18-150200.24.203.1 * kernel-preempt-debugsource-5.3.18-150200.24.203.1 * kernel-preempt-devel-debuginfo-5.3.18-150200.24.203.1 * kernel-preempt-devel-5.3.18-150200.24.203.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (nosrc ppc64le x86_64) * kernel-default-5.3.18-150200.24.203.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * kernel-default-devel-debuginfo-5.3.18-150200.24.203.1 * kernel-default-debuginfo-5.3.18-150200.24.203.1 * kernel-default-base-5.3.18-150200.24.203.1.150200.9.105.1 * reiserfs-kmp-default-debuginfo-5.3.18-150200.24.203.1 * reiserfs-kmp-default-5.3.18-150200.24.203.1 * kernel-syms-5.3.18-150200.24.203.1 * kernel-obs-build-5.3.18-150200.24.203.1 * kernel-default-devel-5.3.18-150200.24.203.1 * kernel-default-debugsource-5.3.18-150200.24.203.1 * kernel-obs-build-debugsource-5.3.18-150200.24.203.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * kernel-source-5.3.18-150200.24.203.1 * kernel-devel-5.3.18-150200.24.203.1 * kernel-macros-5.3.18-150200.24.203.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch nosrc) * kernel-docs-5.3.18-150200.24.203.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (nosrc x86_64) * kernel-preempt-5.3.18-150200.24.203.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * kernel-preempt-debuginfo-5.3.18-150200.24.203.1 * kernel-preempt-debugsource-5.3.18-150200.24.203.1 * kernel-preempt-devel-debuginfo-5.3.18-150200.24.203.1 * kernel-preempt-devel-5.3.18-150200.24.203.1 ## References: * https://www.suse.com/security/cve/CVE-2022-0854.html * https://www.suse.com/security/cve/CVE-2022-20368.html * https://www.suse.com/security/cve/CVE-2022-28748.html * https://www.suse.com/security/cve/CVE-2022-2964.html * https://www.suse.com/security/cve/CVE-2022-48686.html * https://www.suse.com/security/cve/CVE-2022-48791.html * https://www.suse.com/security/cve/CVE-2022-48802.html * https://www.suse.com/security/cve/CVE-2022-48805.html * https://www.suse.com/security/cve/CVE-2022-48839.html * https://www.suse.com/security/cve/CVE-2022-48853.html * https://www.suse.com/security/cve/CVE-2022-48872.html * https://www.suse.com/security/cve/CVE-2022-48873.html * https://www.suse.com/security/cve/CVE-2022-48901.html * https://www.suse.com/security/cve/CVE-2022-48912.html * https://www.suse.com/security/cve/CVE-2022-48919.html * https://www.suse.com/security/cve/CVE-2022-48925.html * https://www.suse.com/security/cve/CVE-2023-1582.html * https://www.suse.com/security/cve/CVE-2023-2176.html * https://www.suse.com/security/cve/CVE-2023-52854.html * https://www.suse.com/security/cve/CVE-2024-26583.html * https://www.suse.com/security/cve/CVE-2024-26584.html * https://www.suse.com/security/cve/CVE-2024-26800.html * https://www.suse.com/security/cve/CVE-2024-41011.html * https://www.suse.com/security/cve/CVE-2024-41062.html * https://www.suse.com/security/cve/CVE-2024-42077.html * https://www.suse.com/security/cve/CVE-2024-42232.html * https://www.suse.com/security/cve/CVE-2024-42271.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-43883.html * https://www.suse.com/security/cve/CVE-2024-44947.html * https://bugzilla.suse.com/show_bug.cgi?id=1196018 * https://bugzilla.suse.com/show_bug.cgi?id=1196823 * https://bugzilla.suse.com/show_bug.cgi?id=1202346 * https://bugzilla.suse.com/show_bug.cgi?id=1209636 * https://bugzilla.suse.com/show_bug.cgi?id=1209799 * https://bugzilla.suse.com/show_bug.cgi?id=1210629 * https://bugzilla.suse.com/show_bug.cgi?id=1216834 * https://bugzilla.suse.com/show_bug.cgi?id=1220185 * https://bugzilla.suse.com/show_bug.cgi?id=1220186 * https://bugzilla.suse.com/show_bug.cgi?id=1222251 * https://bugzilla.suse.com/show_bug.cgi?id=1222728 * https://bugzilla.suse.com/show_bug.cgi?id=1223948 * https://bugzilla.suse.com/show_bug.cgi?id=1225109 * https://bugzilla.suse.com/show_bug.cgi?id=1225584 * https://bugzilla.suse.com/show_bug.cgi?id=1227942 * https://bugzilla.suse.com/show_bug.cgi?id=1227969 * https://bugzilla.suse.com/show_bug.cgi?id=1227985 * https://bugzilla.suse.com/show_bug.cgi?id=1228002 * https://bugzilla.suse.com/show_bug.cgi?id=1228015 * https://bugzilla.suse.com/show_bug.cgi?id=1228114 * https://bugzilla.suse.com/show_bug.cgi?id=1228516 * https://bugzilla.suse.com/show_bug.cgi?id=1228576 * https://bugzilla.suse.com/show_bug.cgi?id=1228959 * https://bugzilla.suse.com/show_bug.cgi?id=1229400 * https://bugzilla.suse.com/show_bug.cgi?id=1229454 * https://bugzilla.suse.com/show_bug.cgi?id=1229500 * https://bugzilla.suse.com/show_bug.cgi?id=1229503 * https://bugzilla.suse.com/show_bug.cgi?id=1229510 * https://bugzilla.suse.com/show_bug.cgi?id=1229512 * https://bugzilla.suse.com/show_bug.cgi?id=1229607 * https://bugzilla.suse.com/show_bug.cgi?id=1229630 * https://bugzilla.suse.com/show_bug.cgi?id=1229641 * https://bugzilla.suse.com/show_bug.cgi?id=1229657 * https://bugzilla.suse.com/show_bug.cgi?id=1229707 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Sep 30 16:30:04 2024 From: null at suse.de (SLE-SECURITY-UPDATES) Date: Mon, 30 Sep 2024 16:30:04 -0000 Subject: SUSE-SU-2024:3500-1: important: Security update for openssl-3 Message-ID: <172771380434.2170.1891443760621265045@smelt2.prg2.suse.org> # Security update for openssl-3 Announcement ID: SUSE-SU-2024:3500-1 Release Date: 2024-09-30T14:14:23Z Rating: important References: * bsc#1230698 Cross-References: * CVE-2024-41996 CVSS scores: * CVE-2024-41996 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41996 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-3 fixes the following issues: * CVE-2024-41996: Validating the order of the public keys in the Diffie- Hellman Key Agreement Protocol, when an approved safe prime is used, allows remote attackers to trigger expensive server-side DHE (bsc#1230698) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3500=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3500=1 openSUSE-SLE-15.5-2024-3500=1 ## Package List: * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * openssl-3-debuginfo-3.0.8-150500.5.45.1 * libopenssl3-3.0.8-150500.5.45.1 * openssl-3-debugsource-3.0.8-150500.5.45.1 * libopenssl3-debuginfo-3.0.8-150500.5.45.1 * libopenssl-3-devel-3.0.8-150500.5.45.1 * openssl-3-3.0.8-150500.5.45.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * openssl-3-debuginfo-3.0.8-150500.5.45.1 * libopenssl3-3.0.8-150500.5.45.1 * openssl-3-debugsource-3.0.8-150500.5.45.1 * libopenssl3-debuginfo-3.0.8-150500.5.45.1 * libopenssl-3-devel-3.0.8-150500.5.45.1 * openssl-3-3.0.8-150500.5.45.1 * openSUSE Leap 15.5 (x86_64) * libopenssl-3-devel-32bit-3.0.8-150500.5.45.1 * libopenssl3-32bit-debuginfo-3.0.8-150500.5.45.1 * libopenssl3-32bit-3.0.8-150500.5.45.1 * openSUSE Leap 15.5 (noarch) * openssl-3-doc-3.0.8-150500.5.45.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libopenssl3-64bit-3.0.8-150500.5.45.1 * libopenssl3-64bit-debuginfo-3.0.8-150500.5.45.1 * libopenssl-3-devel-64bit-3.0.8-150500.5.45.1 ## References: * https://www.suse.com/security/cve/CVE-2024-41996.html * https://bugzilla.suse.com/show_bug.cgi?id=1230698 -------------- next part -------------- An HTML attachment was scrubbed... URL: