SUSE-RU-2024:2023-2: moderate: Recommended update for socat

SLE-UPDATES null at suse.de
Fri Jul 12 16:30:44 UTC 2024 


# Recommended update for socat

Announcement ID: SUSE-RU-2024:2023-2  
Rating: moderate  
References:

  * bsc#1160293
  * jsc#PED-8413

  
Affected Products:

  * SUSE Linux Enterprise Micro 5.5

  
  
An update that contains one feature and has one fix can now be installed.

## Description:

This update for socat fixes the following issues:

socat is updated to 1.8.0.0:

Primary feature is enabling TLS 1.3 support. (jsc#PED-8413)

    
    
    * Support for network namespaces (option netns)
    * TCP client now automatically tries all addresses (IPv4 and IPv6) provided by nameserver until success
    * Implementation of POSIX message queue (mq) control and access on Linux (addresses POSIXMQ-READ and following)
    * New wrapper script socat-chain.sh allows to stack two addresses, e.g.HTTP proxy connect over SSL
    * New script socat-mux.sh allows n-to-1 / 1-to-n communications
    * New script socat-broker.sh allows group communications
    * Experimental socks5 client feature
    * Address ACCEPT-FD for systemd "inetd" mode
    * UDP-Lite and DCCP address types
    * Addresses SOCKETPAIR and SHELL
    * New option bind-tmpname allows forked off children to bind UNIX domain client sockets to random unique pathes
    * New option retrieve-vlan (with INTERFACE addresses) now makes kernel keep VLAN tags in incoming packets
    * Simple statistics output with Socat option --statistics and with SIGUSR1
    * A couple of new options, many fixes and corrections, see file CHANGES
    

Update to 1.7.4.4:

  * FIX: In error.c msg2() there was a stack overflow on long messages: The
    terminating \0 Byte was written behind the last position.
  * FIX: UDP-RECVFROM with fork sometimes terminated when multiple packets
    arrived.
  * FIX: a couple of weaknesses and errors when accessing invalid or
    incompatible file system entries with UNIX domain, file, and generic
    addresses.
  * FIX: bad parser error message on "socat /tmp/x\"x/x -"

Update to 1.7.4.3:

  * fixes the TCP_INFO issue that broke building on non-Linux platforms.
  * building on AIX works again.
  * A few more corrections and improvements have been added

Update to version 1.7.4.2:

  * Fixes a lot of bugs, e.g., for options -r and -R.
  * Further bugfixes, see the CHANGES file

Update to 1.7.4.1:

Security:

  * Buffer size option (-b) is internally doubled for CR-CRLF conversion, but
    not checked for integer overflow. This could lead to heap based buffer
    overflow, assuming the attacker could provide this parameter.
  * Many further bugfixes and new features, see the CHANGES file

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * SUSE Linux Enterprise Micro 5.5  
    zypper in -t patch SUSE-SLE-Micro-5.5-2024-2023=1

## Package List:

  * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
    * socat-debugsource-1.8.0.0-150400.14.3.1
    * socat-1.8.0.0-150400.14.3.1
    * socat-debuginfo-1.8.0.0-150400.14.3.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1160293
  * https://jira.suse.com/browse/PED-8413

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20240712/7f551f1b/attachment.htm>

More information about the sle-updates mailing list