SUSE-RU-2024:1637-2: moderate: Recommended update for google-cloud SDK
SLE-UPDATES
null at suse.de
Thu Jun 20 20:30:05 UTC 2024
# Recommended update for google-cloud SDK
Announcement ID: SUSE-RU-2024:1637-2
Rating: moderate
References:
* bsc#1210617
* jsc#PED-6697
* jsc#PED-7987
Cross-References:
* CVE-2023-30608
CVSS scores:
* CVE-2023-30608 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-30608 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
Affected Products:
* openSUSE Leap 15.6
* Public Cloud Module 15-SP6
* Python 3 Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
An update that solves one vulnerability and contains two features can now be
installed.
## Description:
This update for google-cloud SDK fixes the following issues:
* Add python311 cloud services packages and dependencies (jsc#PED-7987,
jsc#PED-6697)
* Bellow 5 binaries Obsolete the python3.6 counterpart: python311-google-
resumable-media python311-google-api-core python311-google-cloud-storage
python311-google-cloud-core python311-googleapis-common-protos
* Regular python311 updates (without Obsoletes): python-google-auth python-
grpcio python-sqlparse
* New python311 packages: libcrc32c python-google-cloud-appengine-logging
python-google-cloud-artifact-registry python-google-cloud-audit-log python-
google-cloud-build python-google-cloud-compute python-google-cloud-dns
python-google-cloud-domains python-google-cloud-iam python-google-cloud-kms-
inventory python-google-cloud-kms python-google-cloud-logging python-google-
cloud-run python-google-cloud-secret-manager python-google-cloud-service-
directory python-google-cloud-spanner python-google-cloud-vpc-access python-
google-crc32c python-grpc-google-iam-v1 python-grpcio-status python-proto-
plus
In python-sqlparse this security issue was fixed:
CVE-2023-30608: Fixed parser that contained a regular expression that is
vulnerable to ReDOS (Regular Expression Denial of Service) (bsc#1210617)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1637=1
* Public Cloud Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-1637=1
* Python 3 Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-1637=1
## Package List:
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* python-google-crc32c-debugsource-1.5.0-150400.9.3.1
* python-cffi-debugsource-1.15.1-150400.8.7.2
* libcrc32c-debugsource-1.1.2-150400.9.3.1
* python311-cffi-1.15.1-150400.8.7.2
* python311-google-crc32c-debuginfo-1.5.0-150400.9.3.1
* libcrc32c1-debuginfo-1.1.2-150400.9.3.1
* python311-cffi-debuginfo-1.15.1-150400.8.7.2
* libcrc32c1-1.1.2-150400.9.3.1
* libcrc32c-devel-1.1.2-150400.9.3.1
* python311-google-crc32c-1.5.0-150400.9.3.1
* openSUSE Leap 15.6 (noarch)
* python311-google-cloud-spanner-3.40.1-150400.9.3.1
* python311-google-cloud-kms-2.21.0-150400.9.3.1
* python311-google-cloud-audit-log-0.2.5-150400.9.3.1
* python311-apipkg-3.0.1-150400.12.6.1
* python311-google-cloud-logging-3.9.0-150400.9.3.1
* python311-google-cloud-service-directory-1.11.1-150400.9.3.1
* python311-google-cloud-storage-2.14.0-150400.10.3.1
* python311-charset-normalizer-3.1.0-150400.9.7.2
* python311-google-cloud-compute-1.15.0-150400.9.3.1
* python311-google-cloud-kms-inventory-0.2.2-150400.9.3.1
* python311-certifi-2023.7.22-150400.12.6.2
* python311-sqlparse-0.4.4-150400.6.4.2
* python311-google-cloud-vpc-access-1.10.0-150400.9.3.1
* python311-urllib3-2.0.7-150400.7.14.1
* python311-grpcio-status-1.60.1-150400.9.3.1
* python311-grpc-google-iam-v1-0.13.0-150400.9.3.1
* python311-google-cloud-run-0.10.1-150400.9.3.1
* python311-google-auth-2.27.0-150400.6.7.1
* python311-idna-3.4-150400.11.6.1
* python311-setuptools-67.7.2-150400.3.12.1
* python311-pyasn1-modules-0.3.0-150400.12.7.1
* python311-google-cloud-appengine-logging-1.4.0-150400.9.3.1
* python311-rsa-4.9-150400.12.7.1
* python311-requests-2.31.0-150400.6.8.1
* python311-pycparser-2.21-150400.12.7.2
* python311-iniconfig-2.0.0-150400.10.6.1
* python311-pytz-2023.3-150400.6.6.1
* python311-googleapis-common-protos-1.62.0-150400.10.4.1
* python311-setuptools-wheel-67.7.2-150400.3.12.1
* python311-google-cloud-iam-2.13.0-150400.9.3.1
* python311-proto-plus-1.23.0-150400.9.3.1
* python311-cachetools-5.3.1-150400.8.6.1
* python311-google-cloud-dns-0.35.0-150400.9.3.1
* python311-google-cloud-secret-manager-2.17.0-150400.9.3.1
* python311-google-resumable-media-2.7.0-150400.10.4.1
* python311-google-cloud-domains-1.7.1-150400.9.3.1
* python311-pyasn1-0.5.0-150400.12.7.2
* python311-google-cloud-build-3.22.0-150400.9.3.1
* python311-py-1.11.0-150400.12.7.2
* python311-google-cloud-core-2.4.1-150400.5.4.1
* python311-google-api-core-2.15.0-150400.5.4.1
* python311-google-cloud-artifact-registry-1.11.0-150400.9.3.1
* python311-pyOpenSSL-23.2.0-150400.3.10.1
* Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* python-google-crc32c-debugsource-1.5.0-150400.9.3.1
* libcrc32c-debugsource-1.1.2-150400.9.3.1
* python311-google-crc32c-debuginfo-1.5.0-150400.9.3.1
* libcrc32c1-debuginfo-1.1.2-150400.9.3.1
* libcrc32c1-1.1.2-150400.9.3.1
* libcrc32c-devel-1.1.2-150400.9.3.1
* python311-google-crc32c-1.5.0-150400.9.3.1
* Public Cloud Module 15-SP6 (noarch)
* python311-google-cloud-spanner-3.40.1-150400.9.3.1
* python311-google-cloud-kms-2.21.0-150400.9.3.1
* python311-google-cloud-audit-log-0.2.5-150400.9.3.1
* python311-google-cloud-logging-3.9.0-150400.9.3.1
* python311-google-cloud-service-directory-1.11.1-150400.9.3.1
* python311-google-cloud-storage-2.14.0-150400.10.3.1
* python311-google-cloud-compute-1.15.0-150400.9.3.1
* python311-google-cloud-kms-inventory-0.2.2-150400.9.3.1
* python311-sqlparse-0.4.4-150400.6.4.2
* python311-google-cloud-vpc-access-1.10.0-150400.9.3.1
* python311-grpcio-status-1.60.1-150400.9.3.1
* python311-grpc-google-iam-v1-0.13.0-150400.9.3.1
* python311-google-cloud-run-0.10.1-150400.9.3.1
* python311-google-auth-2.27.0-150400.6.7.1
* python311-google-cloud-appengine-logging-1.4.0-150400.9.3.1
* python311-googleapis-common-protos-1.62.0-150400.10.4.1
* python311-google-cloud-iam-2.13.0-150400.9.3.1
* python311-proto-plus-1.23.0-150400.9.3.1
* python311-google-cloud-dns-0.35.0-150400.9.3.1
* python311-google-cloud-secret-manager-2.17.0-150400.9.3.1
* python311-google-resumable-media-2.7.0-150400.10.4.1
* python311-google-cloud-domains-1.7.1-150400.9.3.1
* python311-google-cloud-build-3.22.0-150400.9.3.1
* python311-google-cloud-core-2.4.1-150400.5.4.1
* python311-google-api-core-2.15.0-150400.5.4.1
* python311-google-cloud-artifact-registry-1.11.0-150400.9.3.1
* Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* python311-cffi-1.15.1-150400.8.7.2
* python311-cffi-debuginfo-1.15.1-150400.8.7.2
* python-cffi-debugsource-1.15.1-150400.8.7.2
* Python 3 Module 15-SP6 (noarch)
* python311-rsa-4.9-150400.12.7.1
* python311-requests-2.31.0-150400.6.8.1
* python311-pycparser-2.21-150400.12.7.2
* python311-iniconfig-2.0.0-150400.10.6.1
* python311-pyasn1-0.5.0-150400.12.7.2
* python311-setuptools-67.7.2-150400.3.12.1
* python311-py-1.11.0-150400.12.7.2
* python311-pytz-2023.3-150400.6.6.1
* python311-idna-3.4-150400.11.6.1
* python311-urllib3-2.0.7-150400.7.14.1
* python311-apipkg-3.0.1-150400.12.6.1
* python311-google-auth-2.27.0-150400.6.7.1
* python311-charset-normalizer-3.1.0-150400.9.7.2
* python311-cachetools-5.3.1-150400.8.6.1
* python311-pyOpenSSL-23.2.0-150400.3.10.1
* python311-certifi-2023.7.22-150400.12.6.2
* python311-pyasn1-modules-0.3.0-150400.12.7.1
## References:
* https://www.suse.com/security/cve/CVE-2023-30608.html
* https://bugzilla.suse.com/show_bug.cgi?id=1210617
* https://jira.suse.com/browse/PED-6697
* https://jira.suse.com/browse/PED-7987
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20240620/d61bf774/attachment.htm>
More information about the sle-updates
mailing list