SUSE-RU-2024:1952-1: moderate: Recommended update for socat
SLE-UPDATES
null at suse.de
Fri Jun 7 16:30:05 UTC 2024
# Recommended update for socat
Announcement ID: SUSE-RU-2024:1952-1
Rating: moderate
References:
* bsc#1160293
* jsc#PED-8413
Affected Products:
* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
An update that contains one feature and has one fix can now be installed.
## Description:
This update for socat fixes the following issues:
Update to 1.8.0.0:
* Support for network namespaces (option netns)
* TCP client now automatically tries all addresses (IPv4 and IPv6) provided by
nameserver until success
* Implementation of POSIX message queue (mq) control and access on Linux
(addresses POSIXMQ-READ and following)
* New wrapper script socat-chain.sh allows to stack two addresses, e.g.HTTP
proxy connect over SSL
* New script socat-mux.sh allows n-to-1 / 1-to-n communications
* New script socat-broker.sh allows group communications
* Experimental socks5 client feature
* Address ACCEPT-FD for systemd "inetd" mode
* UDP-Lite and DCCP address types
* Addresses SOCKETPAIR and SHELL
* New option bind-tmpname allows forked off children to bind UNIX domain
client sockets to random unique pathes
* New option retrieve-vlan (with INTERFACE addresses) now makes kernel keep
VLAN tags in incoming packets
* Simple statistics output with Socat option --statistics and with SIGUSR1
* A couple of new options, many fixes and corrections, see file CHANGES
* Note: This version introduces "socat1", linking to "socat"
Update to 1.7.4.4:
* FIX: In error.c msg2() there was a stack overflow on long messages: The
terminating \0 Byte was written behind the last position.
* FIX: UDP-RECVFROM with fork sometimes terminated when multiple packets
arrived.
* FIX: a couple of weaknesses and errors when accessing invalid or
incompatible file system entries with UNIX domain, file, and generic
addresses.
* FIX: bad parser error message on "socat /tmp/x\"x/x -"
Update to 1.7.4.3:
* fixes the TCP_INFO issue that broke building on non-Linux platforms.
Update to version 1.7.4.2:
* Fixes a lot of bugs, e.g., for options -r and -R.
* Further bugfixes, see the CHANGES file
Update to 1.7.4.1:
Security:
* Buffer size option (-b) is internally doubled for CR-CRLF conversion, but
not checked for integer overflow. This could lead to heap based buffer
overflow, assuming the attacker could provide this parameter.
* Many further bugfixes and new features, see the CHANGES file
Update to version 1.7.3.4:
* bugfix release, see the CHANGES file for all changes
Update to version 1.7.3.3:
* bugfix release, see the CHANGES file for all changes
* We HAVE_SSLv23_*_method, just not as functions, but macros add the relevant
defines in the command line so support for autonegotiation of the highest
TLS version is restored.
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch SUSE-2024-1952=1 openSUSE-SLE-15.6-2024-1952=1
* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-1952=1
## Package List:
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* socat-debugsource-1.8.0.0-150600.20.3.1
* socat-1.8.0.0-150600.20.3.1
* socat-debuginfo-1.8.0.0-150600.20.3.1
* socat-extra-1.8.0.0-150600.20.3.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* socat-debugsource-1.8.0.0-150600.20.3.1
* socat-1.8.0.0-150600.20.3.1
* socat-debuginfo-1.8.0.0-150600.20.3.1
## References:
* https://bugzilla.suse.com/show_bug.cgi?id=1160293
* https://jira.suse.com/browse/PED-8413
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20240607/f315cf45/attachment.htm>
More information about the sle-updates
mailing list