From null at suse.de Fri Mar 1 08:30:02 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 01 Mar 2024 08:30:02 -0000 Subject: SUSE-RU-2024:0736-1: moderate: Recommended update for sap-installation-wizard Message-ID: <170928180224.5869.14838277640187928008@smelt2.prg2.suse.org> # Recommended update for sap-installation-wizard Announcement ID: SUSE-RU-2024:0736-1 Rating: moderate References: * bsc#1218918 Affected Products: * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 An update that has one fix can now be installed. ## Description: This update for sap-installation-wizard fixes the following issues: sap-installation-wizard was updated to version 4.4.13: * Fixed SAP Business One storage configuration failing (bsc#1218918) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-736=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * sap-installation-wizard-4.4.13-150400.3.11.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1218918 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 1 08:30:02 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 01 Mar 2024 08:30:02 -0000 Subject: SUSE-SU-2024:0730-1: important: Security update for nodejs18 Message-ID: <170928180277.5869.6130147765661401671@smelt2.prg2.suse.org> # Security update for nodejs18 Announcement ID: SUSE-SU-2024:0730-1 Rating: important References: * bsc#1219724 * bsc#1219992 * bsc#1219993 * bsc#1219997 * bsc#1220014 * bsc#1220017 Cross-References: * CVE-2023-46809 * CVE-2024-21892 * CVE-2024-22019 * CVE-2024-22025 * CVE-2024-24758 * CVE-2024-24806 CVSS scores: * CVE-2023-46809 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-21892 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-22019 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24758 ( SUSE ): 3.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L * CVE-2024-24806 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-24806 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Server 4.3 * Web and Scripting Module 15-SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for nodejs18 fixes the following issues: Update to 18.19.1: (security updates) * CVE-2024-21892: Code injection and privilege escalation through Linux capabilities (bsc#1219992). * CVE-2024-22019: http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks (bsc#1219993). * CVE-2023-46809: Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) (bsc#1219997). * CVE-2024-22025: Denial of Service by resource exhaustion in fetch() brotli decoding (bsc#1220014). * CVE-2024-24758: undici version 5.28.3 (bsc#1220017). * CVE-2024-24806: libuv version 1.48.0 (bsc#1219724). Update to LTS version 18.19.0 * deps: npm updates to 10.x * esm: * Leverage loaders when resolving subsequent loaders * import.meta.resolve unflagged * \--experimental-default-type flag to flip module defaults ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-730=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-730=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-730=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-730=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-730=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-730=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-730=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-730=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * SUSE Manager Server 4.3 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * corepack18-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * openSUSE Leap 15.4 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * corepack18-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * openSUSE Leap 15.5 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * Web and Scripting Module 15-SP5 (aarch64 ppc64le s390x x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * Web and Scripting Module 15-SP5 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 ## References: * https://www.suse.com/security/cve/CVE-2023-46809.html * https://www.suse.com/security/cve/CVE-2024-21892.html * https://www.suse.com/security/cve/CVE-2024-22019.html * https://www.suse.com/security/cve/CVE-2024-22025.html * https://www.suse.com/security/cve/CVE-2024-24758.html * https://www.suse.com/security/cve/CVE-2024-24806.html * https://bugzilla.suse.com/show_bug.cgi?id=1219724 * https://bugzilla.suse.com/show_bug.cgi?id=1219992 * https://bugzilla.suse.com/show_bug.cgi?id=1219993 * https://bugzilla.suse.com/show_bug.cgi?id=1219997 * https://bugzilla.suse.com/show_bug.cgi?id=1220014 * https://bugzilla.suse.com/show_bug.cgi?id=1220017 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 1 08:33:05 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 01 Mar 2024 08:33:05 -0000 Subject: SUSE-SU-2024:0730-1: important: Security update for nodejs18 Message-ID: <170928198518.9038.9890100034737129863@smelt2.prg2.suse.org> # Security update for nodejs18 Announcement ID: SUSE-SU-2024:0730-1 Rating: important References: * bsc#1219724 * bsc#1219992 * bsc#1219993 * bsc#1219997 * bsc#1220014 * bsc#1220017 Cross-References: * CVE-2023-46809 * CVE-2024-21892 * CVE-2024-22019 * CVE-2024-22025 * CVE-2024-24758 * CVE-2024-24806 CVSS scores: * CVE-2023-46809 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-21892 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-22019 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24758 ( SUSE ): 3.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L * CVE-2024-24806 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-24806 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Server 4.3 * Web and Scripting Module 15-SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for nodejs18 fixes the following issues: Update to 18.19.1: (security updates) * CVE-2024-21892: Code injection and privilege escalation through Linux capabilities (bsc#1219992). * CVE-2024-22019: http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks (bsc#1219993). * CVE-2023-46809: Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) (bsc#1219997). * CVE-2024-22025: Denial of Service by resource exhaustion in fetch() brotli decoding (bsc#1220014). * CVE-2024-24758: undici version 5.28.3 (bsc#1220017). * CVE-2024-24806: libuv version 1.48.0 (bsc#1219724). Update to LTS version 18.19.0 * deps: npm updates to 10.x * esm: * Leverage loaders when resolving subsequent loaders * import.meta.resolve unflagged * \--experimental-default-type flag to flip module defaults ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-730=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-730=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-730=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-730=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-730=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-730=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-730=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-730=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * SUSE Manager Server 4.3 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * corepack18-18.19.1-150400.9.18.2 * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * openSUSE Leap 15.4 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * corepack18-18.19.1-150400.9.18.2 * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * openSUSE Leap 15.5 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * Web and Scripting Module 15-SP5 (aarch64 ppc64le s390x x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * Web and Scripting Module 15-SP5 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 ## References: * https://www.suse.com/security/cve/CVE-2023-46809.html * https://www.suse.com/security/cve/CVE-2024-21892.html * https://www.suse.com/security/cve/CVE-2024-22019.html * https://www.suse.com/security/cve/CVE-2024-22025.html * https://www.suse.com/security/cve/CVE-2024-24758.html * https://www.suse.com/security/cve/CVE-2024-24806.html * https://bugzilla.suse.com/show_bug.cgi?id=1219724 * https://bugzilla.suse.com/show_bug.cgi?id=1219992 * https://bugzilla.suse.com/show_bug.cgi?id=1219993 * https://bugzilla.suse.com/show_bug.cgi?id=1219997 * https://bugzilla.suse.com/show_bug.cgi?id=1220014 * https://bugzilla.suse.com/show_bug.cgi?id=1220017 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 1 08:36:07 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 01 Mar 2024 08:36:07 -0000 Subject: SUSE-SU-2024:0730-1: important: Security update for nodejs18 Message-ID: <170928216771.9038.2511498211033979804@smelt2.prg2.suse.org> # Security update for nodejs18 Announcement ID: SUSE-SU-2024:0730-1 Rating: important References: * bsc#1219724 * bsc#1219992 * bsc#1219993 * bsc#1219997 * bsc#1220014 * bsc#1220017 Cross-References: * CVE-2023-46809 * CVE-2024-21892 * CVE-2024-22019 * CVE-2024-22025 * CVE-2024-24758 * CVE-2024-24806 CVSS scores: * CVE-2023-46809 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-21892 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-22019 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24758 ( SUSE ): 3.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L * CVE-2024-24806 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-24806 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Server 4.3 * Web and Scripting Module 15-SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for nodejs18 fixes the following issues: Update to 18.19.1: (security updates) * CVE-2024-21892: Code injection and privilege escalation through Linux capabilities (bsc#1219992). * CVE-2024-22019: http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks (bsc#1219993). * CVE-2023-46809: Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) (bsc#1219997). * CVE-2024-22025: Denial of Service by resource exhaustion in fetch() brotli decoding (bsc#1220014). * CVE-2024-24758: undici version 5.28.3 (bsc#1220017). * CVE-2024-24806: libuv version 1.48.0 (bsc#1219724). Update to LTS version 18.19.0 * deps: npm updates to 10.x * esm: * Leverage loaders when resolving subsequent loaders * import.meta.resolve unflagged * \--experimental-default-type flag to flip module defaults ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-730=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-730=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-730=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-730=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-730=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-730=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-730=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-730=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * SUSE Manager Server 4.3 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * corepack18-18.19.1-150400.9.18.2 * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * openSUSE Leap 15.4 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * corepack18-18.19.1-150400.9.18.2 * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * openSUSE Leap 15.5 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * Web and Scripting Module 15-SP5 (aarch64 ppc64le s390x x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * Web and Scripting Module 15-SP5 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 ## References: * https://www.suse.com/security/cve/CVE-2023-46809.html * https://www.suse.com/security/cve/CVE-2024-21892.html * https://www.suse.com/security/cve/CVE-2024-22019.html * https://www.suse.com/security/cve/CVE-2024-22025.html * https://www.suse.com/security/cve/CVE-2024-24758.html * https://www.suse.com/security/cve/CVE-2024-24806.html * https://bugzilla.suse.com/show_bug.cgi?id=1219724 * https://bugzilla.suse.com/show_bug.cgi?id=1219992 * https://bugzilla.suse.com/show_bug.cgi?id=1219993 * https://bugzilla.suse.com/show_bug.cgi?id=1219997 * https://bugzilla.suse.com/show_bug.cgi?id=1220014 * https://bugzilla.suse.com/show_bug.cgi?id=1220017 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 1 09:00:25 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 01 Mar 2024 09:00:25 -0000 Subject: SUSE-SU-2024:0730-1: important: Security update for nodejs18 Message-ID: <170928362515.12870.11699436725994502249@smelt2.prg2.suse.org> # Security update for nodejs18 Announcement ID: SUSE-SU-2024:0730-1 Rating: important References: * bsc#1219724 * bsc#1219992 * bsc#1219993 * bsc#1219997 * bsc#1220014 * bsc#1220017 Cross-References: * CVE-2023-46809 * CVE-2024-21892 * CVE-2024-22019 * CVE-2024-22025 * CVE-2024-24758 * CVE-2024-24806 CVSS scores: * CVE-2023-46809 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-21892 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-22019 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24758 ( SUSE ): 3.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L * CVE-2024-24806 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-24806 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Server 4.3 * Web and Scripting Module 15-SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for nodejs18 fixes the following issues: Update to 18.19.1: (security updates) * CVE-2024-21892: Code injection and privilege escalation through Linux capabilities (bsc#1219992). * CVE-2024-22019: http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks (bsc#1219993). * CVE-2023-46809: Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) (bsc#1219997). * CVE-2024-22025: Denial of Service by resource exhaustion in fetch() brotli decoding (bsc#1220014). * CVE-2024-24758: undici version 5.28.3 (bsc#1220017). * CVE-2024-24806: libuv version 1.48.0 (bsc#1219724). Update to LTS version 18.19.0 * deps: npm updates to 10.x * esm: * Leverage loaders when resolving subsequent loaders * import.meta.resolve unflagged * \--experimental-default-type flag to flip module defaults ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-730=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-730=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-730=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-730=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-730=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-730=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-730=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-730=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * SUSE Manager Server 4.3 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * corepack18-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * openSUSE Leap 15.4 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * corepack18-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * openSUSE Leap 15.5 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 * Web and Scripting Module 15-SP5 (aarch64 ppc64le s390x x86_64) * npm18-18.19.1-150400.9.18.2 * nodejs18-debugsource-18.19.1-150400.9.18.2 * nodejs18-18.19.1-150400.9.18.2 * nodejs18-devel-18.19.1-150400.9.18.2 * nodejs18-debuginfo-18.19.1-150400.9.18.2 * Web and Scripting Module 15-SP5 (noarch) * nodejs18-docs-18.19.1-150400.9.18.2 ## References: * https://www.suse.com/security/cve/CVE-2023-46809.html * https://www.suse.com/security/cve/CVE-2024-21892.html * https://www.suse.com/security/cve/CVE-2024-22019.html * https://www.suse.com/security/cve/CVE-2024-22025.html * https://www.suse.com/security/cve/CVE-2024-24758.html * https://www.suse.com/security/cve/CVE-2024-24806.html * https://bugzilla.suse.com/show_bug.cgi?id=1219724 * https://bugzilla.suse.com/show_bug.cgi?id=1219992 * https://bugzilla.suse.com/show_bug.cgi?id=1219993 * https://bugzilla.suse.com/show_bug.cgi?id=1219997 * https://bugzilla.suse.com/show_bug.cgi?id=1220014 * https://bugzilla.suse.com/show_bug.cgi?id=1220017 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 1 09:00:28 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 01 Mar 2024 09:00:28 -0000 Subject: SUSE-SU-2024:0729-1: important: Security update for nodejs16 Message-ID: <170928362828.12870.9988924870145075239@smelt2.prg2.suse.org> # Security update for nodejs16 Announcement ID: SUSE-SU-2024:0729-1 Rating: important References: * bsc#1219993 * bsc#1219997 * bsc#1220014 * bsc#1220017 * bsc#1220053 Cross-References: * CVE-2023-46809 * CVE-2024-22019 * CVE-2024-22025 * CVE-2024-24758 * CVE-2024-24806 CVSS scores: * CVE-2023-46809 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-22019 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24758 ( SUSE ): 3.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L * CVE-2024-24806 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-24806 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves five vulnerabilities can now be installed. ## Description: This update for nodejs16 fixes the following issues: Security issues fixed: * CVE-2023-46809: Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) (bsc#1219997). * CVE-2024-22019: http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks (bsc#1219993). * CVE-2024-22025: Denial of Service by resource exhaustion in fetch() brotli decoding (bsc#1220014). * CVE-2024-24758: ignore proxy-authorization header (bsc#1220017). * CVE-2024-24806: fix improper domain lookup that potentially leads to SSRF attacks (bsc#1219724). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-729=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-729=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-729=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-729=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-729=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * corepack16-16.20.2-150300.7.33.1 * npm16-16.20.2-150300.7.33.1 * nodejs16-debugsource-16.20.2-150300.7.33.1 * nodejs16-devel-16.20.2-150300.7.33.1 * nodejs16-debuginfo-16.20.2-150300.7.33.1 * nodejs16-16.20.2-150300.7.33.1 * openSUSE Leap 15.3 (noarch) * nodejs16-docs-16.20.2-150300.7.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * npm16-16.20.2-150300.7.33.1 * nodejs16-debugsource-16.20.2-150300.7.33.1 * nodejs16-devel-16.20.2-150300.7.33.1 * nodejs16-debuginfo-16.20.2-150300.7.33.1 * nodejs16-16.20.2-150300.7.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * nodejs16-docs-16.20.2-150300.7.33.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * npm16-16.20.2-150300.7.33.1 * nodejs16-debugsource-16.20.2-150300.7.33.1 * nodejs16-devel-16.20.2-150300.7.33.1 * nodejs16-debuginfo-16.20.2-150300.7.33.1 * nodejs16-16.20.2-150300.7.33.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * nodejs16-docs-16.20.2-150300.7.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * npm16-16.20.2-150300.7.33.1 * nodejs16-debugsource-16.20.2-150300.7.33.1 * nodejs16-devel-16.20.2-150300.7.33.1 * nodejs16-debuginfo-16.20.2-150300.7.33.1 * nodejs16-16.20.2-150300.7.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * nodejs16-docs-16.20.2-150300.7.33.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * npm16-16.20.2-150300.7.33.1 * nodejs16-debugsource-16.20.2-150300.7.33.1 * nodejs16-devel-16.20.2-150300.7.33.1 * nodejs16-debuginfo-16.20.2-150300.7.33.1 * nodejs16-16.20.2-150300.7.33.1 * SUSE Enterprise Storage 7.1 (noarch) * nodejs16-docs-16.20.2-150300.7.33.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46809.html * https://www.suse.com/security/cve/CVE-2024-22019.html * https://www.suse.com/security/cve/CVE-2024-22025.html * https://www.suse.com/security/cve/CVE-2024-24758.html * https://www.suse.com/security/cve/CVE-2024-24806.html * https://bugzilla.suse.com/show_bug.cgi?id=1219993 * https://bugzilla.suse.com/show_bug.cgi?id=1219997 * https://bugzilla.suse.com/show_bug.cgi?id=1220014 * https://bugzilla.suse.com/show_bug.cgi?id=1220017 * https://bugzilla.suse.com/show_bug.cgi?id=1220053 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 1 09:00:31 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 01 Mar 2024 09:00:31 -0000 Subject: SUSE-SU-2024:0728-1: important: Security update for nodejs16 Message-ID: <170928363123.12870.14754144659011765618@smelt2.prg2.suse.org> # Security update for nodejs16 Announcement ID: SUSE-SU-2024:0728-1 Rating: important References: * bsc#1219993 * bsc#1219997 * bsc#1220014 * bsc#1220017 * bsc#1220053 Cross-References: * CVE-2023-46809 * CVE-2024-22019 * CVE-2024-22025 * CVE-2024-24758 * CVE-2024-24806 CVSS scores: * CVE-2023-46809 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-22019 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24758 ( SUSE ): 3.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L * CVE-2024-24806 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-24806 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Server 4.3 An update that solves five vulnerabilities can now be installed. ## Description: This update for nodejs16 fixes the following issues: Security issues fixed: * CVE-2023-46809: Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) (bsc#1219997). * CVE-2024-22019: http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks (bsc#1219993). * CVE-2024-22025: Denial of Service by resource exhaustion in fetch() brotli decoding (bsc#1220014). * CVE-2024-24758: ignore proxy-authorization header (bsc#1220017). * CVE-2024-24806: fix improper domain lookup that potentially leads to SSRF attacks (bsc#1219724). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-728=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-728=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-728=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-728=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-728=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-728=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * nodejs16-debugsource-16.20.2-150400.3.30.1 * nodejs16-16.20.2-150400.3.30.1 * npm16-16.20.2-150400.3.30.1 * nodejs16-debuginfo-16.20.2-150400.3.30.1 * nodejs16-devel-16.20.2-150400.3.30.1 * corepack16-16.20.2-150400.3.30.1 * openSUSE Leap 15.4 (noarch) * nodejs16-docs-16.20.2-150400.3.30.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * nodejs16-debugsource-16.20.2-150400.3.30.1 * nodejs16-16.20.2-150400.3.30.1 * npm16-16.20.2-150400.3.30.1 * nodejs16-debuginfo-16.20.2-150400.3.30.1 * nodejs16-devel-16.20.2-150400.3.30.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * nodejs16-docs-16.20.2-150400.3.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * nodejs16-debugsource-16.20.2-150400.3.30.1 * nodejs16-16.20.2-150400.3.30.1 * npm16-16.20.2-150400.3.30.1 * nodejs16-debuginfo-16.20.2-150400.3.30.1 * nodejs16-devel-16.20.2-150400.3.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * nodejs16-docs-16.20.2-150400.3.30.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * nodejs16-debugsource-16.20.2-150400.3.30.1 * nodejs16-16.20.2-150400.3.30.1 * npm16-16.20.2-150400.3.30.1 * nodejs16-debuginfo-16.20.2-150400.3.30.1 * nodejs16-devel-16.20.2-150400.3.30.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * nodejs16-docs-16.20.2-150400.3.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * nodejs16-debugsource-16.20.2-150400.3.30.1 * nodejs16-16.20.2-150400.3.30.1 * npm16-16.20.2-150400.3.30.1 * nodejs16-debuginfo-16.20.2-150400.3.30.1 * nodejs16-devel-16.20.2-150400.3.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * nodejs16-docs-16.20.2-150400.3.30.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * nodejs16-debugsource-16.20.2-150400.3.30.1 * nodejs16-16.20.2-150400.3.30.1 * npm16-16.20.2-150400.3.30.1 * nodejs16-debuginfo-16.20.2-150400.3.30.1 * nodejs16-devel-16.20.2-150400.3.30.1 * SUSE Manager Server 4.3 (noarch) * nodejs16-docs-16.20.2-150400.3.30.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46809.html * https://www.suse.com/security/cve/CVE-2024-22019.html * https://www.suse.com/security/cve/CVE-2024-22025.html * https://www.suse.com/security/cve/CVE-2024-24758.html * https://www.suse.com/security/cve/CVE-2024-24806.html * https://bugzilla.suse.com/show_bug.cgi?id=1219993 * https://bugzilla.suse.com/show_bug.cgi?id=1219997 * https://bugzilla.suse.com/show_bug.cgi?id=1220014 * https://bugzilla.suse.com/show_bug.cgi?id=1220017 * https://bugzilla.suse.com/show_bug.cgi?id=1220053 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 1 12:30:02 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 01 Mar 2024 12:30:02 -0000 Subject: SUSE-RU-2024:0739-1: moderate: Recommended update for pesign Message-ID: <170929620238.25145.1790367571828067448@smelt2.prg2.suse.org> # Recommended update for pesign Announcement ID: SUSE-RU-2024:0739-1 Rating: moderate References: * bsc#1219198 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for pesign fixes the following issue: * Fix errors when installing pesign alone (bsc#1219198) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-739=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-739=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-739=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-739=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-739=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-739=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-739=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-739=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-739=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-739=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-739=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-739=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-739=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-739=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-739=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-739=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-739=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64) * pesign-debuginfo-0.112-150000.4.21.1 * pesign-debugsource-0.112-150000.4.21.1 * pesign-0.112-150000.4.21.1 * openSUSE Leap 15.5 (noarch) * pesign-systemd-0.112-150000.4.21.1 * Basesystem Module 15-SP5 (aarch64 x86_64) * pesign-debuginfo-0.112-150000.4.21.1 * pesign-debugsource-0.112-150000.4.21.1 * pesign-0.112-150000.4.21.1 * Basesystem Module 15-SP5 (noarch) * pesign-systemd-0.112-150000.4.21.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * pesign-debuginfo-0.112-150000.4.21.1 * pesign-debugsource-0.112-150000.4.21.1 * pesign-0.112-150000.4.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * pesign-debuginfo-0.112-150000.4.21.1 * pesign-debugsource-0.112-150000.4.21.1 * pesign-0.112-150000.4.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * pesign-debuginfo-0.112-150000.4.21.1 * pesign-debugsource-0.112-150000.4.21.1 * pesign-0.112-150000.4.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * pesign-systemd-0.112-150000.4.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * pesign-debuginfo-0.112-150000.4.21.1 * pesign-debugsource-0.112-150000.4.21.1 * pesign-0.112-150000.4.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * pesign-systemd-0.112-150000.4.21.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * pesign-debuginfo-0.112-150000.4.21.1 * pesign-debugsource-0.112-150000.4.21.1 * pesign-0.112-150000.4.21.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * pesign-systemd-0.112-150000.4.21.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * pesign-debuginfo-0.112-150000.4.21.1 * pesign-debugsource-0.112-150000.4.21.1 * pesign-0.112-150000.4.21.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 x86_64) * pesign-debuginfo-0.112-150000.4.21.1 * pesign-debugsource-0.112-150000.4.21.1 * pesign-0.112-150000.4.21.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64) * pesign-debuginfo-0.112-150000.4.21.1 * pesign-debugsource-0.112-150000.4.21.1 * pesign-0.112-150000.4.21.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * pesign-systemd-0.112-150000.4.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * pesign-debuginfo-0.112-150000.4.21.1 * pesign-debugsource-0.112-150000.4.21.1 * pesign-0.112-150000.4.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * pesign-debuginfo-0.112-150000.4.21.1 * pesign-debugsource-0.112-150000.4.21.1 * pesign-0.112-150000.4.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * pesign-debuginfo-0.112-150000.4.21.1 * pesign-debugsource-0.112-150000.4.21.1 * pesign-0.112-150000.4.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * pesign-systemd-0.112-150000.4.21.1 * SUSE Manager Proxy 4.3 (x86_64) * pesign-debuginfo-0.112-150000.4.21.1 * pesign-debugsource-0.112-150000.4.21.1 * pesign-0.112-150000.4.21.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * pesign-debuginfo-0.112-150000.4.21.1 * pesign-debugsource-0.112-150000.4.21.1 * pesign-0.112-150000.4.21.1 * SUSE Manager Server 4.3 (x86_64) * pesign-debuginfo-0.112-150000.4.21.1 * pesign-debugsource-0.112-150000.4.21.1 * pesign-0.112-150000.4.21.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * pesign-debuginfo-0.112-150000.4.21.1 * pesign-debugsource-0.112-150000.4.21.1 * pesign-0.112-150000.4.21.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219198 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 1 12:30:04 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 01 Mar 2024 12:30:04 -0000 Subject: SUSE-SU-2024:0738-1: important: Security update for openvswitch3 Message-ID: <170929620426.25145.170256095048385512@smelt2.prg2.suse.org> # Security update for openvswitch3 Announcement ID: SUSE-SU-2024:0738-1 Rating: important References: * bsc#1219465 Cross-References: * CVE-2023-3966 CVSS scores: * CVE-2023-3966 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for openvswitch3 fixes the following issues: * CVE-2023-3966: Fixed invalid memory access in Geneve with HW offload (bsc#1219465). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-738=1 openSUSE-SLE-15.5-2024-738=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-738=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-738=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * ovn3-host-23.03.0-150500.3.16.1 * openvswitch3-pki-3.1.0-150500.3.16.1 * openvswitch3-vtep-debuginfo-3.1.0-150500.3.16.1 * openvswitch3-test-debuginfo-3.1.0-150500.3.16.1 * openvswitch3-vtep-3.1.0-150500.3.16.1 * libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.16.1 * openvswitch3-devel-3.1.0-150500.3.16.1 * ovn3-central-23.03.0-150500.3.16.1 * openvswitch3-ipsec-3.1.0-150500.3.16.1 * python3-ovs3-3.1.0-150500.3.16.1 * ovn3-23.03.0-150500.3.16.1 * openvswitch3-test-3.1.0-150500.3.16.1 * openvswitch3-debuginfo-3.1.0-150500.3.16.1 * ovn3-host-debuginfo-23.03.0-150500.3.16.1 * ovn3-docker-23.03.0-150500.3.16.1 * ovn3-central-debuginfo-23.03.0-150500.3.16.1 * libovn-23_03-0-debuginfo-23.03.0-150500.3.16.1 * ovn3-debuginfo-23.03.0-150500.3.16.1 * libopenvswitch-3_1-0-3.1.0-150500.3.16.1 * ovn3-vtep-debuginfo-23.03.0-150500.3.16.1 * libovn-23_03-0-23.03.0-150500.3.16.1 * ovn3-devel-23.03.0-150500.3.16.1 * ovn3-vtep-23.03.0-150500.3.16.1 * openvswitch3-3.1.0-150500.3.16.1 * openvswitch3-debugsource-3.1.0-150500.3.16.1 * openSUSE Leap 15.5 (noarch) * openvswitch3-doc-3.1.0-150500.3.16.1 * ovn3-doc-23.03.0-150500.3.16.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * libovn-23_03-0-debuginfo-23.03.0-150500.3.16.1 * openvswitch3-debuginfo-3.1.0-150500.3.16.1 * libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.16.1 * ovn3-debuginfo-23.03.0-150500.3.16.1 * libopenvswitch-3_1-0-3.1.0-150500.3.16.1 * ovn3-23.03.0-150500.3.16.1 * ovn3-host-23.03.0-150500.3.16.1 * ovn3-host-debuginfo-23.03.0-150500.3.16.1 * libovn-23_03-0-23.03.0-150500.3.16.1 * openvswitch3-pki-3.1.0-150500.3.16.1 * openvswitch3-vtep-debuginfo-3.1.0-150500.3.16.1 * ovn3-vtep-debuginfo-23.03.0-150500.3.16.1 * ovn3-vtep-23.03.0-150500.3.16.1 * ovn3-central-23.03.0-150500.3.16.1 * python3-ovs3-3.1.0-150500.3.16.1 * openvswitch3-3.1.0-150500.3.16.1 * openvswitch3-debugsource-3.1.0-150500.3.16.1 * openvswitch3-vtep-3.1.0-150500.3.16.1 * ovn3-docker-23.03.0-150500.3.16.1 * ovn3-central-debuginfo-23.03.0-150500.3.16.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * ovn3-host-23.03.0-150500.3.16.1 * openvswitch3-pki-3.1.0-150500.3.16.1 * openvswitch3-vtep-debuginfo-3.1.0-150500.3.16.1 * openvswitch3-test-debuginfo-3.1.0-150500.3.16.1 * openvswitch3-vtep-3.1.0-150500.3.16.1 * libopenvswitch-3_1-0-debuginfo-3.1.0-150500.3.16.1 * openvswitch3-devel-3.1.0-150500.3.16.1 * ovn3-central-23.03.0-150500.3.16.1 * openvswitch3-ipsec-3.1.0-150500.3.16.1 * python3-ovs3-3.1.0-150500.3.16.1 * ovn3-23.03.0-150500.3.16.1 * openvswitch3-test-3.1.0-150500.3.16.1 * openvswitch3-debuginfo-3.1.0-150500.3.16.1 * ovn3-host-debuginfo-23.03.0-150500.3.16.1 * ovn3-docker-23.03.0-150500.3.16.1 * ovn3-central-debuginfo-23.03.0-150500.3.16.1 * libovn-23_03-0-debuginfo-23.03.0-150500.3.16.1 * ovn3-debuginfo-23.03.0-150500.3.16.1 * libopenvswitch-3_1-0-3.1.0-150500.3.16.1 * ovn3-vtep-debuginfo-23.03.0-150500.3.16.1 * libovn-23_03-0-23.03.0-150500.3.16.1 * ovn3-devel-23.03.0-150500.3.16.1 * ovn3-vtep-23.03.0-150500.3.16.1 * openvswitch3-3.1.0-150500.3.16.1 * openvswitch3-debugsource-3.1.0-150500.3.16.1 ## References: * https://www.suse.com/security/cve/CVE-2023-3966.html * https://bugzilla.suse.com/show_bug.cgi?id=1219465 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 1 12:30:10 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 01 Mar 2024 12:30:10 -0000 Subject: SUSE-RU-2024:0737-1: important: Recommended update for system-user-prometheus Message-ID: <170929621022.25145.175812803510298760@smelt2.prg2.suse.org> # Recommended update for system-user-prometheus Announcement ID: SUSE-RU-2024:0737-1 Rating: important References: * bsc#1218252 Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP6 * SUSE Linux Enterprise Micro 5.0 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Client Tools for SLE 15 * SUSE Manager Client Tools for SLE Micro 5 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 Module 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 * SUSE Package Hub 15 15-SP5 An update that has one fix can now be installed. ## Description: This update for system-user-prometheus contains the following fixes: * Added `system-user-prometheus` to Package Hub SLE-15-SP5 to resolve dependency issue with prometheus (bsc#1218252) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-737=1 * SUSE Manager Client Tools for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-2024-737=1 * SUSE Manager Client Tools for SLE Micro 5 zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2024-737=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-737=1 * SUSE Manager Proxy 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2024-737=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-737=1 ## Package List: * openSUSE Leap 15.5 (noarch) * system-user-prometheus-1.0.0-150000.12.1 * SUSE Manager Client Tools for SLE 15 (noarch) * system-user-prometheus-1.0.0-150000.12.1 * SUSE Manager Client Tools for SLE Micro 5 (noarch) * system-user-prometheus-1.0.0-150000.12.1 * SUSE Package Hub 15 15-SP5 (noarch) * system-user-prometheus-1.0.0-150000.12.1 * SUSE Manager Proxy 4.3 Module 4.3 (noarch) * system-user-prometheus-1.0.0-150000.12.1 * SUSE Manager Server 4.3 Module 4.3 (noarch) * system-user-prometheus-1.0.0-150000.12.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1218252 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 1 20:30:05 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 01 Mar 2024 20:30:05 -0000 Subject: SUSE-RU-2024:0741-1: moderate: Recommended update for bluez Message-ID: <170932500574.28349.3495668178786056151@smelt2.prg2.suse.org> # Recommended update for bluez Announcement ID: SUSE-RU-2024:0741-1 Rating: moderate References: * bsc#1217251 Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 An update that has one fix can now be installed. ## Description: This update of bluez fixes the following issue: * The bluez-deprecated package is shipped again, as it contains some tools still in common use. (bsc#1217251) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-741=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-741=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-741=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-741=1 openSUSE-SLE-15.5-2024-741=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-741=1 ## Package List: * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * bluez-deprecated-5.65-150500.3.8.1 * bluez-5.65-150500.3.8.1 * libbluetooth3-5.65-150500.3.8.1 * libbluetooth3-debuginfo-5.65-150500.3.8.1 * bluez-deprecated-debuginfo-5.65-150500.3.8.1 * bluez-debugsource-5.65-150500.3.8.1 * bluez-debuginfo-5.65-150500.3.8.1 * Basesystem Module 15-SP5 (noarch) * bluez-zsh-completion-5.65-150500.3.8.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * bluez-debugsource-5.65-150500.3.8.1 * bluez-debuginfo-5.65-150500.3.8.1 * bluez-devel-5.65-150500.3.8.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * bluez-cups-5.65-150500.3.8.1 * bluez-cups-debuginfo-5.65-150500.3.8.1 * bluez-debuginfo-5.65-150500.3.8.1 * bluez-debugsource-5.65-150500.3.8.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * bluez-cups-5.65-150500.3.8.1 * bluez-deprecated-5.65-150500.3.8.1 * bluez-5.65-150500.3.8.1 * bluez-debugsource-5.65-150500.3.8.1 * libbluetooth3-5.65-150500.3.8.1 * bluez-obexd-debuginfo-5.65-150500.3.8.1 * bluez-test-5.65-150500.3.8.1 * bluez-devel-5.65-150500.3.8.1 * bluez-deprecated-debuginfo-5.65-150500.3.8.1 * bluez-test-debuginfo-5.65-150500.3.8.1 * libbluetooth3-debuginfo-5.65-150500.3.8.1 * bluez-obexd-5.65-150500.3.8.1 * bluez-cups-debuginfo-5.65-150500.3.8.1 * bluez-debuginfo-5.65-150500.3.8.1 * openSUSE Leap 15.5 (noarch) * bluez-zsh-completion-5.65-150500.3.8.1 * bluez-auto-enable-devices-5.65-150500.3.8.1 * openSUSE Leap 15.5 (x86_64) * bluez-devel-32bit-5.65-150500.3.8.1 * libbluetooth3-32bit-5.65-150500.3.8.1 * libbluetooth3-32bit-debuginfo-5.65-150500.3.8.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libbluetooth3-64bit-debuginfo-5.65-150500.3.8.1 * libbluetooth3-64bit-5.65-150500.3.8.1 * bluez-devel-64bit-5.65-150500.3.8.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * bluez-debugsource-5.65-150500.3.8.1 * libbluetooth3-5.65-150500.3.8.1 * bluez-debuginfo-5.65-150500.3.8.1 * libbluetooth3-debuginfo-5.65-150500.3.8.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1217251 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 4 08:30:04 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 Mar 2024 08:30:04 -0000 Subject: SUSE-SU-2024:0743-1: moderate: Security update for sendmail Message-ID: <170954100437.14740.6201390520235076028@smelt2.prg2.suse.org> # Security update for sendmail Announcement ID: SUSE-SU-2024:0743-1 Rating: moderate References: * bsc#1218351 Cross-References: * CVE-2023-51765 CVSS scores: * CVE-2023-51765 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-51765 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for sendmail fixes the following issues: * CVE-2023-51765: Fixed new SMTP smuggling attack. (bsc#1218351) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-743=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-743=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-743=1 ## Package List: * openSUSE Leap 15.5 (noarch) * sendmail-starttls-8.15.2-150000.8.12.1 * libmilter-doc-8.15.2-150000.8.12.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * sendmail-devel-8.15.2-150000.8.12.1 * rmail-debuginfo-8.15.2-150000.8.12.1 * libmilter1_0-debuginfo-8.15.2-150000.8.12.1 * libmilter1_0-8.15.2-150000.8.12.1 * sendmail-8.15.2-150000.8.12.1 * sendmail-debuginfo-8.15.2-150000.8.12.1 * rmail-8.15.2-150000.8.12.1 * sendmail-debugsource-8.15.2-150000.8.12.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libmilter1_0-debuginfo-8.15.2-150000.8.12.1 * sendmail-debugsource-8.15.2-150000.8.12.1 * sendmail-debuginfo-8.15.2-150000.8.12.1 * libmilter1_0-8.15.2-150000.8.12.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * rmail-debuginfo-8.15.2-150000.8.12.1 * sendmail-debugsource-8.15.2-150000.8.12.1 * rmail-8.15.2-150000.8.12.1 * sendmail-debuginfo-8.15.2-150000.8.12.1 ## References: * https://www.suse.com/security/cve/CVE-2023-51765.html * https://bugzilla.suse.com/show_bug.cgi?id=1218351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 4 08:30:06 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 Mar 2024 08:30:06 -0000 Subject: SUSE-SU-2024:0742-1: moderate: Security update for sendmail Message-ID: <170954100630.14740.12968533889800202127@smelt2.prg2.suse.org> # Security update for sendmail Announcement ID: SUSE-SU-2024:0742-1 Rating: moderate References: * bsc#1218351 Cross-References: * CVE-2023-51765 CVSS scores: * CVE-2023-51765 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-51765 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * Legacy Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for sendmail fixes the following issues: * CVE-2023-51765: Fixed new SMTP smuggling attack. (bsc#1218351) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Legacy Module 12 zypper in -t patch SUSE-SLE-Module-Legacy-12-2024-742=1 ## Package List: * Legacy Module 12 (aarch64 ppc64le s390x x86_64) * sendmail-8.14.9-4.9.1 * sendmail-debuginfo-8.14.9-4.9.1 * sendmail-debugsource-8.14.9-4.9.1 ## References: * https://www.suse.com/security/cve/CVE-2023-51765.html * https://bugzilla.suse.com/show_bug.cgi?id=1218351 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 4 12:30:01 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 Mar 2024 12:30:01 -0000 Subject: SUSE-RU-2024:0753-1: moderate: Recommended Beta update for SUSE Manager Client Tools Message-ID: <170955540133.6480.1496181731029347288@smelt2.prg2.suse.org> # Recommended Beta update for SUSE Manager Client Tools Announcement ID: SUSE-RU-2024:0753-1 Rating: moderate References: * jsc#MSQA-720 Affected Products: * SUSE Manager Client Tools Beta for Debian 11 An update that contains one feature can now be installed. ## Description: This update fixes the following issues: spacecmd: * Version 5.0.4-1 * Update translation strings * Version 5.0.3-1 * Revert py2.7-incompatible formatting * Version 5.0.2-1 * Apply Black and Pylint to enforce Python style ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools Beta for Debian 11 zypper in -t patch SUSE-Debian-11-CLIENT-TOOLS-BETA-2024-753=1 ## Package List: * SUSE Manager Client Tools Beta for Debian 11 (all) * spacecmd-5.0.4-2.16.1 ## References: * https://jira.suse.com/browse/MSQA-720 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 4 12:30:02 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 Mar 2024 12:30:02 -0000 Subject: SUSE-RU-2024:0752-1: moderate: Recommended Beta update for SUSE Manager Client Tools Message-ID: <170955540292.6480.14887518330843021907@smelt2.prg2.suse.org> # Recommended Beta update for SUSE Manager Client Tools Announcement ID: SUSE-RU-2024:0752-1 Rating: moderate References: * jsc#MSQA-720 * jsc#PED-7843 Affected Products: * SUSE Manager Client Tools Beta for Debian 12 An update that contains two features can now be installed. ## Description: This update fixes the following issues: spacecmd: * Version 5.0.4-1 * Update translation strings * Version 5.0.3-1 * Revert py2.7-incompatible formatting * Version 5.0.2-1 * Apply Black and Pylint to enforce Python style uyuni-tools: * Version 0.1.4-1 * Provide mgrctl to Debian 12 client tools (jsc#PED-7843) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools Beta for Debian 12 zypper in -t patch SUSE-Debian-12-CLIENT-TOOLS-BETA-2024-752=1 ## Package List: * SUSE Manager Client Tools Beta for Debian 12 (all) * mgrctl-bash-completion-0.1.4-2.3.1 * spacecmd-5.0.4-3.6.1 * mgrctl-zsh-completion-0.1.4-2.3.1 * mgrctl-fish-completion-0.1.4-2.3.1 * SUSE Manager Client Tools Beta for Debian 12 (amd64) * mgrctl-0.1.4-2.3.1 ## References: * https://jira.suse.com/browse/MSQA-720 * https://jira.suse.com/browse/PED-7843 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 4 12:30:04 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 Mar 2024 12:30:04 -0000 Subject: SUSE-RU-2024:0751-1: moderate: Recommended Beta update for SUSE Manager Client Tools Message-ID: <170955540426.6480.18129798085348328317@smelt2.prg2.suse.org> # Recommended Beta update for SUSE Manager Client Tools Announcement ID: SUSE-RU-2024:0751-1 Rating: moderate References: * jsc#ECO-3319 * jsc#MSQA-720 * jsc#PED-7843 Affected Products: * SUSE Manager Client Tools Beta for Ubuntu 22.04 2204 An update that contains three features can now be installed. ## Description: This update fixes the following issues: scap-security-guide: * Updated to 0.1.71 (jsc#ECO-3319) * Add RHEL 9 STIG * Add support for Debian 12 * Update PCI-DSS profile for RHEL * Several bugfixes and improvements for SUSE Linux Enterprise spacecmd: * Version 5.0.4-1 * Update translation strings * Version 5.0.3-1 * Revert py2.7-incompatible formatting * Version 5.0.2-1 * Apply Black and Pylint to enforce Python style uyuni-tools: * Version 0.1.4-1 * Provide mgrctl to Ubuntu 22.04 client tools (jsc#PED-7843) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools Beta for Ubuntu 22.04 2204 zypper in -t patch SUSE-Ubuntu-22.04-CLIENT-TOOLS-BETA-2024-751=1 ## Package List: * SUSE Manager Client Tools Beta for Ubuntu 22.04 2204 (all) * scap-security-guide-ubuntu-0.1.71-2.6.1 * spacecmd-5.0.4-2.9.1 * mgrctl-bash-completion-0.1.4-2.3.1 * mgrctl-zsh-completion-0.1.4-2.3.1 * mgrctl-fish-completion-0.1.4-2.3.1 * SUSE Manager Client Tools Beta for Ubuntu 22.04 2204 (amd64) * mgrctl-0.1.4-2.3.1 ## References: * https://jira.suse.com/browse/ECO-3319 * https://jira.suse.com/browse/MSQA-720 * https://jira.suse.com/browse/PED-7843 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 4 12:30:06 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 Mar 2024 12:30:06 -0000 Subject: SUSE-RU-2024:0750-1: moderate: Recommended Beta update for SUSE Manager Client Tools Message-ID: <170955540679.6480.8422926586395380989@smelt2.prg2.suse.org> # Recommended Beta update for SUSE Manager Client Tools Announcement ID: SUSE-RU-2024:0750-1 Rating: moderate References: * jsc#ECO-3319 * jsc#MSQA-720 * jsc#PED-7843 Affected Products: * SUSE Manager Client Tools Beta for Ubuntu 20.04 2004 An update that contains three features can now be installed. ## Description: This update fixes the following issues: scap-security-guide: * Updated to 0.1.71 (jsc#ECO-3319) * Add RHEL 9 STIG * Add support for Debian 12 * Update PCI-DSS profile for RHEL * Several bugfixes and improvements for SUSE Linux Enterprise spacecmd: * Version 5.0.4-1 * Update translation strings * Version 5.0.3-1 * Revert py2.7-incompatible formatting * Version 5.0.2-1 * Apply Black and Pylint to enforce Python style uyuni-tools: * Version 0.1.4-1 * Provide mgrctl to Ubuntu 20.04 client tools (jsc#PED-7843) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools Beta for Ubuntu 20.04 2004 zypper in -t patch SUSE-Ubuntu-20.04-CLIENT-TOOLS-BETA-2024-750=1 ## Package List: * SUSE Manager Client Tools Beta for Ubuntu 20.04 2004 (all) * scap-security-guide-ubuntu-0.1.71-2.18.1 * spacecmd-5.0.4-2.39.1 * mgrctl-bash-completion-0.1.4-2.3.1 * mgrctl-zsh-completion-0.1.4-2.3.1 * mgrctl-fish-completion-0.1.4-2.3.1 * SUSE Manager Client Tools Beta for Ubuntu 20.04 2004 (amd64) * mgrctl-0.1.4-2.3.1 ## References: * https://jira.suse.com/browse/ECO-3319 * https://jira.suse.com/browse/MSQA-720 * https://jira.suse.com/browse/PED-7843 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 4 12:30:08 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 Mar 2024 12:30:08 -0000 Subject: SUSE-RU-2024:0747-1: moderate: Recommended Beta update for SUSE Manager Client Tools Message-ID: <170955540802.6480.14525793623864229396@smelt2.prg2.suse.org> # Recommended Beta update for SUSE Manager Client Tools Announcement ID: SUSE-RU-2024:0747-1 Rating: moderate References: * jsc#ECO-3319 * jsc#MSQA-720 * jsc#PED-7843 Affected Products: * SUSE Manager Client Tools Beta for RHEL, Liberty and Clones 9 An update that contains three features can now be installed. ## Description: This update fixes the following issues: scap-security-guide: * Updated to 0.1.71 (jsc#ECO-3319) * Add RHEL 9 STIG * Add support for Debian 12 * Update PCI-DSS profile for RHEL * Lots of bugfixes and improvements for SUSE Linux Enterprise spacecmd: * Version 5.0.4-1 * Update translation strings * Version 5.0.3-1 * Revert py2.7-incompatible formatting * Version 5.0.2-1 * Apply Black and Pylint to enforce Python style uyuni-tools: * Version 0.1.4-1 * Provide mgrctl to Enterprise Linux 9 client tools (jsc#PED-7843) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools Beta for RHEL, Liberty and Clones 9 zypper in -t patch SUSE-EL-9-CLIENT-TOOLS-BETA-2024-747=1 ## Package List: * SUSE Manager Client Tools Beta for RHEL, Liberty and Clones 9 (aarch64 ppc64le s390x x86_64) * mgrctl-0.1.4-3.3.1 * SUSE Manager Client Tools Beta for RHEL, Liberty and Clones 9 (noarch) * mgrctl-bash-completion-0.1.4-3.3.1 * scap-security-guide-redhat-0.1.71-4.6.1 * spacecmd-5.0.4-4.6.1 * mgrctl-zsh-completion-0.1.4-3.3.1 ## References: * https://jira.suse.com/browse/ECO-3319 * https://jira.suse.com/browse/MSQA-720 * https://jira.suse.com/browse/PED-7843 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 4 12:30:13 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 Mar 2024 12:30:13 -0000 Subject: SUSE-RU-2024:0746-1: moderate: Recommended Beta update for SUSE Manager Client Tools Message-ID: <170955541321.6480.16542666006858186803@smelt2.prg2.suse.org> # Recommended Beta update for SUSE Manager Client Tools Announcement ID: SUSE-RU-2024:0746-1 Rating: moderate References: * bsc#1192154 * bsc#1192696 * bsc#1193492 * bsc#1193686 * bsc#1200480 * bsc#1204023 * bsc#1218838 * bsc#1218843 * bsc#1218844 * jsc#MSQA-720 * jsc#PED-7843 Affected Products: * SUSE Linux Enterprise Desktop 12 * SUSE Linux Enterprise Desktop 12 SP1 * SUSE Linux Enterprise Desktop 12 SP2 * SUSE Linux Enterprise Desktop 12 SP3 * SUSE Linux Enterprise Desktop 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 * SUSE Manager Client Tools Beta for SLE 12 An update that contains two features and has nine fixes can now be installed. ## Description: This update fixes the following issues: rhnlib: * Version 5.0.2-1 * Apply Black and Pylint to enforce Python style spacecmd: * Version 5.0.4-1 * Update translation strings * Version 5.0.3-1 * Revert py2.7-incompatible formatting * Version 5.0.2-1 * Apply Black and Pylint to enforce Python style spacewalk-client-tools: * Version 5.0.3-1 * Update translation strings * Version 5.0.2-1 * Update translation strings * Version 5.0.1-1 * Bump version to 5.0.0 * Version 4.4.7-1 * Remove unused and deprecated/removed platform.dist import. * Version 4.4.6-1 * Tito requires to list the package source as %{name}-%{version}.tar.gz * Version 4.4.5-1 * Remove mgr-virtualization usage * Remove dependency to suseRegisterInfo * Version 4.4.4-1 * Update translation strings * Version 4.4.3-1 * Update translation strings * Version 4.4.2-1 * Update translation strings * Version 4.4.1-1 * Update translation strings * Version 4.3.11-1 * Update translation strings * Version 4.3.10-1 * Update translation strings supportutils-plugin-susemanager-client: * Version 5.0.2-1 * Port to new supportconfig resource file uyuni-common-libs: * Version 5.0.2-1 * Apply Black and Pylint to enforce Python style uyuni-tools: * Version 0.1.4-1 * Provide mgrctl to SUSE Linux Enterprise 12 client tools (jsc#PED-7843) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools Beta for SLE 12 zypper in -t patch SUSE-SLE-Manager-Tools-12-BETA-2024-746=1 ## Package List: * SUSE Manager Client Tools Beta for SLE 12 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-prometheus-2.45.0-4.36.1 * mgrctl-0.1.4-3.3.1 * golang-github-prometheus-alertmanager-0.26.0-4.15.1 * grafana-9.5.8-4.24.1 * python2-uyuni-common-libs-5.0.2-3.36.1 * SUSE Manager Client Tools Beta for SLE 12 (noarch) * spacewalk-client-tools-5.0.3-55.48.1 * supportutils-plugin-susemanager-client-5.0.2-9.18.1 * python2-rhnlib-5.0.2-24.33.1 * spacewalk-client-setup-5.0.3-55.48.1 * mgrctl-zsh-completion-0.1.4-3.3.1 * python2-spacewalk-client-tools-5.0.3-55.48.1 * python2-spacewalk-client-setup-5.0.3-55.48.1 * spacewalk-check-5.0.3-55.48.1 * python2-spacewalk-check-5.0.3-55.48.1 * mgrctl-bash-completion-0.1.4-3.3.1 * spacecmd-5.0.4-41.45.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1192154 * https://bugzilla.suse.com/show_bug.cgi?id=1192696 * https://bugzilla.suse.com/show_bug.cgi?id=1193492 * https://bugzilla.suse.com/show_bug.cgi?id=1193686 * https://bugzilla.suse.com/show_bug.cgi?id=1200480 * https://bugzilla.suse.com/show_bug.cgi?id=1204023 * https://bugzilla.suse.com/show_bug.cgi?id=1218838 * https://bugzilla.suse.com/show_bug.cgi?id=1218843 * https://bugzilla.suse.com/show_bug.cgi?id=1218844 * https://jira.suse.com/browse/MSQA-720 * https://jira.suse.com/browse/PED-7843 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 4 12:30:16 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 Mar 2024 12:30:16 -0000 Subject: SUSE-RU-2024:0745-1: moderate: Recommended Beta update for SUSE Manager Client Tools and Salt Message-ID: <170955541641.6480.12356427518629701394@smelt2.prg2.suse.org> # Recommended Beta update for SUSE Manager Client Tools and Salt Announcement ID: SUSE-RU-2024:0745-1 Rating: moderate References: * bsc#1192154 * bsc#1192696 * bsc#1193492 * bsc#1193686 * bsc#1200480 * bsc#1204023 * bsc#1218843 * bsc#1218844 * jsc#MSQA-720 * jsc#PED-7843 Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP6 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Client Tools Beta for SLE 15 An update that contains two features and has eight fixes can now be installed. ## Description: This update fixes the following issues: rhnlib: * Version 5.0.2-1 * Apply Black and Pylint to enforce Python style spacecmd: * Version 5.0.4-1 * Update translation strings * Version 5.0.3-1 * Revert py2.7-incompatible formatting * Version 5.0.2-1 * Apply Black and Pylint to enforce Python style spacewalk-client-tools: * Version 5.0.3-1 * Update translation strings * Version 5.0.2-1 supportutils-plugin-susemanager-client: * Version 5.0.2-1 * Port to new supportconfig resource file uyuni-common-libs: * Version 5.0.2-1 * Apply Black and Pylint to enforce Python style uyuni-tools: * Version 0.1.4-1 * Provide mgrctl (jsc#PED-7843) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools Beta for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-BETA-2024-745=1 ## Package List: * SUSE Manager Client Tools Beta for SLE 15 (aarch64 ppc64le s390x x86_64) * firewalld-prometheus-config-0.1-159000.6.36.1 * grafana-9.5.8-159000.4.27.1 * grafana-debuginfo-9.5.8-159000.4.27.1 * golang-github-prometheus-prometheus-2.45.0-159000.6.36.1 * python3-uyuni-common-libs-5.0.2-159000.3.36.1 * mgrctl-0.1.4-159000.3.3.1 * SUSE Manager Client Tools Beta for SLE 15 (noarch) * supportutils-plugin-susemanager-client-5.0.2-159000.6.18.1 * python3-spacewalk-check-5.0.3-159000.6.51.1 * mgrctl-bash-completion-0.1.4-159000.3.3.1 * mgrctl-zsh-completion-0.1.4-159000.3.3.1 * spacecmd-5.0.4-159000.6.45.1 * spacewalk-client-tools-5.0.3-159000.6.51.1 * python3-rhnlib-5.0.2-159000.6.33.1 * spacewalk-check-5.0.3-159000.6.51.1 * spacewalk-client-setup-5.0.3-159000.6.51.1 * python3-spacewalk-client-tools-5.0.3-159000.6.51.1 * python3-spacewalk-client-setup-5.0.3-159000.6.51.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1192154 * https://bugzilla.suse.com/show_bug.cgi?id=1192696 * https://bugzilla.suse.com/show_bug.cgi?id=1193492 * https://bugzilla.suse.com/show_bug.cgi?id=1193686 * https://bugzilla.suse.com/show_bug.cgi?id=1200480 * https://bugzilla.suse.com/show_bug.cgi?id=1204023 * https://bugzilla.suse.com/show_bug.cgi?id=1218843 * https://bugzilla.suse.com/show_bug.cgi?id=1218844 * https://jira.suse.com/browse/MSQA-720 * https://jira.suse.com/browse/PED-7843 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 4 12:30:19 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 04 Mar 2024 12:30:19 -0000 Subject: SUSE-RU-2024:0744-1: important: Recommended update for yast2-hana-update Message-ID: <170955541908.6480.95290446459462008@smelt2.prg2.suse.org> # Recommended update for yast2-hana-update Announcement ID: SUSE-RU-2024:0744-1 Rating: important References: * bsc#1158843 * bsc#1216079 Affected Products: * openSUSE Leap 15.5 * SAP Applications Module 15-SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has two fixes can now be installed. ## Description: This update for yast2-hana-update fixes the following issues: * Fix reformatting output of SAPHanaSR-showAttr * Fix upgrade failure of SAP HANA when using YaST (bsc#1216079) * Fix broken gettext support (bsc#1158843) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-744=1 SUSE-2024-744=1 * SAP Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP5-2024-744=1 ## Package List: * openSUSE Leap 15.5 (ppc64le x86_64) * yast2-hana-update-1.2.3-150500.3.3.1 * SAP Applications Module 15-SP5 (ppc64le x86_64) * yast2-hana-update-1.2.3-150500.3.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1158843 * https://bugzilla.suse.com/show_bug.cgi?id=1216079 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 08:30:02 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 08:30:02 -0000 Subject: SUSE-RU-2024:0756-1: important: Recommended update for yast2-hana-update Message-ID: <170962740215.15781.6632435446324438089@smelt2.prg2.suse.org> # Recommended update for yast2-hana-update Announcement ID: SUSE-RU-2024:0756-1 Rating: important References: * bsc#1216079 Affected Products: * SAP Applications Module 15-SP2 * SAP Applications Module 15-SP3 * SAP Applications Module 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that has one fix can now be installed. ## Description: This update for yast2-hana-update fixes the following issues: yast2-hana-update was updated to version 1.2.3: * Fixed reformatting output of SAPHanaSR-showAttr * Fixed Azure - SAP HANA upgrade failure using YaST - Exception was: `Could not find virtual IP resource - SFSC 00708512 - ref:_00D1igLOd._5005qX8h2m:ref` (bsc#1216079) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SAP Applications Module 15-SP2 zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP2-2024-756=1 * SAP Applications Module 15-SP3 zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP3-2024-756=1 * SAP Applications Module 15-SP4 zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP4-2024-756=1 ## Package List: * SAP Applications Module 15-SP2 (ppc64le x86_64) * yast2-hana-update-1.2.3-150200.3.6.1 * SAP Applications Module 15-SP3 (ppc64le x86_64) * yast2-hana-update-1.2.3-150200.3.6.1 * SAP Applications Module 15-SP4 (ppc64le x86_64) * yast2-hana-update-1.2.3-150200.3.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1216079 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 12:30:03 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 12:30:03 -0000 Subject: SUSE-SU-2024:0759-1: important: Security update for glibc Message-ID: <170964180388.18069.16088066080763400358@smelt2.prg2.suse.org> # Security update for glibc Announcement ID: SUSE-SU-2024:0759-1 Rating: important References: * bsc#1018158 * bsc#1178386 * bsc#1179694 * bsc#1179721 * bsc#1181505 * bsc#1182117 Cross-References: * CVE-2019-25013 * CVE-2020-27618 * CVE-2020-29562 * CVE-2020-29573 * CVE-2021-3326 CVSS scores: * CVE-2019-25013 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2019-25013 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2020-27618 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2020-27618 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2020-29562 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2020-29562 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2020-29573 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2020-29573 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-3326 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2021-3326 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 11 SP4 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for glibc fixes the following issues: Security issues fixed: * CVE-2020-29573: x86: printf was hardened against non-normal long double values (bsc#1179721, BZ #26649) * CVE-2021-3326: Fix assertion failure in gconv ISO-2022-JP-3 module (bsc#1181505, BZ #27256) * CVE-2019-25013: Fix buffer overrun in EUC-KR conversion module (bsc#1182117, BZ #24973) * CVE-2020-27618: Accept redundant shift sequences in IBM1364 iconv (bsc#1178386, BZ #26224) * CVE-2020-29562: Fix incorrect UCS4 inner loop bounds in iconv (bsc#1179694, BZ #26923) * Schedule nscd cache pruning more accurately from re-added values (bsc#1018158) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2024-759=1 * SUSE Linux Enterprise Server 11 SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2024-759=1 ## Package List: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 (x86_64) * glibc-debuginfo-32bit-2.11.3-17.110.43.1 * glibc-html-2.11.3-17.110.43.1 * nscd-2.11.3-17.110.43.1 * glibc-profile-2.11.3-17.110.43.1 * glibc-debugsource-2.11.3-17.110.43.1 * glibc-locale-2.11.3-17.110.43.1 * glibc-profile-32bit-2.11.3-17.110.43.1 * glibc-debuginfo-2.11.3-17.110.43.1 * glibc-32bit-2.11.3-17.110.43.1 * glibc-i18ndata-2.11.3-17.110.43.1 * glibc-devel-2.11.3-17.110.43.1 * glibc-2.11.3-17.110.43.1 * glibc-info-2.11.3-17.110.43.1 * glibc-locale-32bit-2.11.3-17.110.43.1 * glibc-devel-32bit-2.11.3-17.110.43.1 * SUSE Linux Enterprise Server 11 SP4 (x86_64) * glibc-debuginfo-32bit-2.11.3-17.110.43.1 * glibc-html-2.11.3-17.110.43.1 * nscd-2.11.3-17.110.43.1 * glibc-profile-2.11.3-17.110.43.1 * glibc-debugsource-2.11.3-17.110.43.1 * glibc-locale-2.11.3-17.110.43.1 * glibc-profile-32bit-2.11.3-17.110.43.1 * glibc-debuginfo-2.11.3-17.110.43.1 * glibc-32bit-2.11.3-17.110.43.1 * glibc-i18ndata-2.11.3-17.110.43.1 * glibc-devel-2.11.3-17.110.43.1 * glibc-2.11.3-17.110.43.1 * glibc-info-2.11.3-17.110.43.1 * glibc-locale-32bit-2.11.3-17.110.43.1 * glibc-devel-32bit-2.11.3-17.110.43.1 ## References: * https://www.suse.com/security/cve/CVE-2019-25013.html * https://www.suse.com/security/cve/CVE-2020-27618.html * https://www.suse.com/security/cve/CVE-2020-29562.html * https://www.suse.com/security/cve/CVE-2020-29573.html * https://www.suse.com/security/cve/CVE-2021-3326.html * https://bugzilla.suse.com/show_bug.cgi?id=1018158 * https://bugzilla.suse.com/show_bug.cgi?id=1178386 * https://bugzilla.suse.com/show_bug.cgi?id=1179694 * https://bugzilla.suse.com/show_bug.cgi?id=1179721 * https://bugzilla.suse.com/show_bug.cgi?id=1181505 * https://bugzilla.suse.com/show_bug.cgi?id=1182117 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 12:30:05 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 12:30:05 -0000 Subject: SUSE-SU-2024:0758-1: important: Security update for apache2-mod_auth_openidc Message-ID: <170964180547.18069.13127443914512493560@smelt2.prg2.suse.org> # Security update for apache2-mod_auth_openidc Announcement ID: SUSE-SU-2024:0758-1 Rating: important References: * bsc#1219911 Cross-References: * CVE-2024-24814 CVSS scores: * CVE-2024-24814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for apache2-mod_auth_openidc fixes the following issues: * CVE-2024-24814: Fixed a denial of service when using `OIDCSessionType client-cookie` and manipulating cookies (bsc#1219911). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-758=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-758=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-758=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * apache2-mod_auth_openidc-debuginfo-2.4.0-7.12.2 * apache2-mod_auth_openidc-2.4.0-7.12.2 * apache2-mod_auth_openidc-debugsource-2.4.0-7.12.2 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * apache2-mod_auth_openidc-debuginfo-2.4.0-7.12.2 * apache2-mod_auth_openidc-2.4.0-7.12.2 * apache2-mod_auth_openidc-debugsource-2.4.0-7.12.2 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * apache2-mod_auth_openidc-debuginfo-2.4.0-7.12.2 * apache2-mod_auth_openidc-2.4.0-7.12.2 * apache2-mod_auth_openidc-debugsource-2.4.0-7.12.2 ## References: * https://www.suse.com/security/cve/CVE-2024-24814.html * https://bugzilla.suse.com/show_bug.cgi?id=1219911 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 12:30:06 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 12:30:06 -0000 Subject: SUSE-SU-2024:0757-1: important: Security update for apache2-mod_auth_openidc Message-ID: <170964180699.18069.9120854274527177287@smelt2.prg2.suse.org> # Security update for apache2-mod_auth_openidc Announcement ID: SUSE-SU-2024:0757-1 Rating: important References: * bsc#1219911 Cross-References: * CVE-2024-24814 CVSS scores: * CVE-2024-24814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for apache2-mod_auth_openidc fixes the following issues: * CVE-2024-24814: Fixed a denial of service when using `OIDCSessionType client-cookie` and manipulating cookies (bsc#1219911). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-757=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-757=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-757=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-757=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-757=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-757=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-757=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-757=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-757=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-757=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-757=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-757=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-757=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-757=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-757=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-757=1 ## Package List: * SUSE Manager Proxy 4.3 (x86_64) * apache2-mod_auth_openidc-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debuginfo-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debugsource-2.3.8-150100.3.28.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * apache2-mod_auth_openidc-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debuginfo-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debugsource-2.3.8-150100.3.28.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * apache2-mod_auth_openidc-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debuginfo-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debugsource-2.3.8-150100.3.28.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * apache2-mod_auth_openidc-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debuginfo-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debugsource-2.3.8-150100.3.28.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * apache2-mod_auth_openidc-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debuginfo-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debugsource-2.3.8-150100.3.28.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-mod_auth_openidc-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debuginfo-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debugsource-2.3.8-150100.3.28.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * apache2-mod_auth_openidc-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debuginfo-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debugsource-2.3.8-150100.3.28.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * apache2-mod_auth_openidc-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debuginfo-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debugsource-2.3.8-150100.3.28.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * apache2-mod_auth_openidc-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debuginfo-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debugsource-2.3.8-150100.3.28.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * apache2-mod_auth_openidc-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debuginfo-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debugsource-2.3.8-150100.3.28.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * apache2-mod_auth_openidc-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debuginfo-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debugsource-2.3.8-150100.3.28.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * apache2-mod_auth_openidc-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debuginfo-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debugsource-2.3.8-150100.3.28.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * apache2-mod_auth_openidc-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debuginfo-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debugsource-2.3.8-150100.3.28.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * apache2-mod_auth_openidc-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debuginfo-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debugsource-2.3.8-150100.3.28.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * apache2-mod_auth_openidc-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debuginfo-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debugsource-2.3.8-150100.3.28.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * apache2-mod_auth_openidc-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debuginfo-2.3.8-150100.3.28.1 * apache2-mod_auth_openidc-debugsource-2.3.8-150100.3.28.1 ## References: * https://www.suse.com/security/cve/CVE-2024-24814.html * https://bugzilla.suse.com/show_bug.cgi?id=1219911 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 16:30:03 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 16:30:03 -0000 Subject: SUSE-RU-2024:0768-1: moderate: Recommended update for go1.21 Message-ID: <170965620311.7614.872170832724948572@smelt2.prg2.suse.org> # Recommended update for go1.21 Announcement ID: SUSE-RU-2024:0768-1 Rating: moderate References: * bsc#1212475 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that has one fix can now be installed. ## Description: This update for go1.21 fixes the following issues: * go1.21.7 (released 2024-02-06) includes fixes to the compiler, the go command, the runtime, and the crypto/x509 package. (bsc#1212475) * go#63209 runtime: "fatal: morestack on g0" on amd64 after upgrade to Go 1.21 * go#63768 runtime: pinner.Pin doesn't panic when it says it will * go#64497 cmd/go: flag modcacherw does not take effect in the target package * go#64761 staticlockranking builders failing on release branches on LUCI * go#64935 runtime: "traceback: unexpected SPWRITE function runtime.systemstack" * go#65023 x/tools/go/analysis/unitchecker,slices: TestVetStdlib failing due to vet errors in panic tests * go#65053 cmd/compile: //go:build file version ignored when calling generic fn which has related type params * go#65323 crypto: rollback BoringCrypto fips-20220613 update * go#65351 cmd/go: go generate fails silently when run on a package in a nested workspace module * go#65380 crypto/x509: TestIssue51759 consistently failing on gotip-darwin- amd64_10.15 LUCI builder * go#65449 runtime/trace: frame pointer unwinding crash on arm64 during async preemption ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-768=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * go1.21-1.21.7-1.24.1 * go1.21-doc-1.21.7-1.24.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1212475 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 16:30:05 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 16:30:05 -0000 Subject: SUSE-RU-2024:0214-2: moderate: Recommended update for systemd Message-ID: <170965620502.7614.12517313483693321712@smelt2.prg2.suse.org> # Recommended update for systemd Announcement ID: SUSE-RU-2024:0214-2 Rating: moderate References: * bsc#1214668 * bsc#1215241 * bsc#1217460 Affected Products: * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has three fixes can now be installed. ## Description: This update for systemd fixes the following issues: * resolved: actually check authenticated flag of SOA transaction * core/mount: Make device deps from /proc/self/mountinfo and .mount unit file exclusive * core: Add trace logging to mount_add_device_dependencies() * core/mount: Remove default deps from /proc/self/mountinfo when it is updated (bsc#1217460) * core/mount: Set Mount.from_proc_self_mountinfo flag before adding default dependencies * core: wrap some long comment * utmp-wtmp: Handle EINTR gracefully when waiting to write to tty * utmp-wtmp: Fix error in case isatty() fails * homed: Handle EINTR gracefully when waiting for device node * resolved: Handle EINTR returned from fd_wait_for_event() better * sd-netlink: Handle EINTR from poll() gracefully, as success * varlink: Handle EINTR gracefully when waiting for EIO via ppoll() * stdio-bridge: Don't be bothered with EINTR * sd-bus: Handle EINTR return from bus_poll() (bsc#1215241) * core: Replace slice dependencies as they get added (bsc#1214668) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-214=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-214=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-214=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-214=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-214=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-214=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-214=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-214=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * systemd-container-249.17-150400.8.40.1 * systemd-doc-249.17-150400.8.40.1 * systemd-debuginfo-249.17-150400.8.40.1 * systemd-coredump-debuginfo-249.17-150400.8.40.1 * systemd-249.17-150400.8.40.1 * libudev1-249.17-150400.8.40.1 * udev-debuginfo-249.17-150400.8.40.1 * libsystemd0-249.17-150400.8.40.1 * systemd-container-debuginfo-249.17-150400.8.40.1 * systemd-sysvinit-249.17-150400.8.40.1 * systemd-devel-249.17-150400.8.40.1 * libsystemd0-debuginfo-249.17-150400.8.40.1 * libudev1-debuginfo-249.17-150400.8.40.1 * systemd-coredump-249.17-150400.8.40.1 * systemd-debugsource-249.17-150400.8.40.1 * udev-249.17-150400.8.40.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * systemd-lang-249.17-150400.8.40.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libsystemd0-32bit-249.17-150400.8.40.1 * libudev1-32bit-249.17-150400.8.40.1 * libsystemd0-32bit-debuginfo-249.17-150400.8.40.1 * libudev1-32bit-debuginfo-249.17-150400.8.40.1 * systemd-32bit-debuginfo-249.17-150400.8.40.1 * systemd-32bit-249.17-150400.8.40.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * systemd-container-249.17-150400.8.40.1 * systemd-doc-249.17-150400.8.40.1 * systemd-debuginfo-249.17-150400.8.40.1 * systemd-coredump-debuginfo-249.17-150400.8.40.1 * systemd-249.17-150400.8.40.1 * libudev1-249.17-150400.8.40.1 * udev-debuginfo-249.17-150400.8.40.1 * libsystemd0-249.17-150400.8.40.1 * systemd-container-debuginfo-249.17-150400.8.40.1 * systemd-sysvinit-249.17-150400.8.40.1 * systemd-devel-249.17-150400.8.40.1 * libsystemd0-debuginfo-249.17-150400.8.40.1 * libudev1-debuginfo-249.17-150400.8.40.1 * systemd-coredump-249.17-150400.8.40.1 * systemd-debugsource-249.17-150400.8.40.1 * udev-249.17-150400.8.40.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * systemd-lang-249.17-150400.8.40.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libsystemd0-32bit-249.17-150400.8.40.1 * libudev1-32bit-249.17-150400.8.40.1 * libsystemd0-32bit-debuginfo-249.17-150400.8.40.1 * libudev1-32bit-debuginfo-249.17-150400.8.40.1 * systemd-32bit-debuginfo-249.17-150400.8.40.1 * systemd-32bit-249.17-150400.8.40.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * systemd-container-249.17-150400.8.40.1 * systemd-sysvinit-249.17-150400.8.40.1 * systemd-coredump-debuginfo-249.17-150400.8.40.1 * systemd-devel-249.17-150400.8.40.1 * systemd-coredump-249.17-150400.8.40.1 * udev-249.17-150400.8.40.1 * libsystemd0-32bit-249.17-150400.8.40.1 * systemd-doc-249.17-150400.8.40.1 * systemd-debuginfo-249.17-150400.8.40.1 * libudev1-249.17-150400.8.40.1 * libudev1-32bit-249.17-150400.8.40.1 * libsystemd0-249.17-150400.8.40.1 * systemd-32bit-debuginfo-249.17-150400.8.40.1 * systemd-container-debuginfo-249.17-150400.8.40.1 * udev-debuginfo-249.17-150400.8.40.1 * systemd-32bit-249.17-150400.8.40.1 * systemd-debugsource-249.17-150400.8.40.1 * systemd-249.17-150400.8.40.1 * libsystemd0-32bit-debuginfo-249.17-150400.8.40.1 * libudev1-32bit-debuginfo-249.17-150400.8.40.1 * libsystemd0-debuginfo-249.17-150400.8.40.1 * libudev1-debuginfo-249.17-150400.8.40.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * systemd-lang-249.17-150400.8.40.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * systemd-container-249.17-150400.8.40.1 * systemd-doc-249.17-150400.8.40.1 * systemd-debuginfo-249.17-150400.8.40.1 * systemd-coredump-debuginfo-249.17-150400.8.40.1 * systemd-249.17-150400.8.40.1 * libudev1-249.17-150400.8.40.1 * udev-debuginfo-249.17-150400.8.40.1 * libsystemd0-249.17-150400.8.40.1 * systemd-container-debuginfo-249.17-150400.8.40.1 * systemd-sysvinit-249.17-150400.8.40.1 * systemd-devel-249.17-150400.8.40.1 * libsystemd0-debuginfo-249.17-150400.8.40.1 * libudev1-debuginfo-249.17-150400.8.40.1 * systemd-coredump-249.17-150400.8.40.1 * systemd-debugsource-249.17-150400.8.40.1 * udev-249.17-150400.8.40.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * systemd-lang-249.17-150400.8.40.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * libsystemd0-32bit-249.17-150400.8.40.1 * libudev1-32bit-249.17-150400.8.40.1 * libsystemd0-32bit-debuginfo-249.17-150400.8.40.1 * libudev1-32bit-debuginfo-249.17-150400.8.40.1 * systemd-32bit-debuginfo-249.17-150400.8.40.1 * systemd-32bit-249.17-150400.8.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * systemd-container-249.17-150400.8.40.1 * systemd-doc-249.17-150400.8.40.1 * systemd-debuginfo-249.17-150400.8.40.1 * systemd-coredump-debuginfo-249.17-150400.8.40.1 * systemd-249.17-150400.8.40.1 * libudev1-249.17-150400.8.40.1 * udev-debuginfo-249.17-150400.8.40.1 * libsystemd0-249.17-150400.8.40.1 * systemd-container-debuginfo-249.17-150400.8.40.1 * systemd-sysvinit-249.17-150400.8.40.1 * systemd-devel-249.17-150400.8.40.1 * libsystemd0-debuginfo-249.17-150400.8.40.1 * libudev1-debuginfo-249.17-150400.8.40.1 * systemd-coredump-249.17-150400.8.40.1 * systemd-debugsource-249.17-150400.8.40.1 * udev-249.17-150400.8.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * systemd-lang-249.17-150400.8.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libsystemd0-32bit-249.17-150400.8.40.1 * libudev1-32bit-249.17-150400.8.40.1 * libsystemd0-32bit-debuginfo-249.17-150400.8.40.1 * libudev1-32bit-debuginfo-249.17-150400.8.40.1 * systemd-32bit-debuginfo-249.17-150400.8.40.1 * systemd-32bit-249.17-150400.8.40.1 * SUSE Manager Proxy 4.3 (x86_64) * systemd-container-249.17-150400.8.40.1 * systemd-sysvinit-249.17-150400.8.40.1 * systemd-coredump-debuginfo-249.17-150400.8.40.1 * systemd-devel-249.17-150400.8.40.1 * systemd-coredump-249.17-150400.8.40.1 * udev-249.17-150400.8.40.1 * libsystemd0-32bit-249.17-150400.8.40.1 * systemd-doc-249.17-150400.8.40.1 * systemd-debuginfo-249.17-150400.8.40.1 * libudev1-249.17-150400.8.40.1 * libudev1-32bit-249.17-150400.8.40.1 * libsystemd0-249.17-150400.8.40.1 * systemd-32bit-debuginfo-249.17-150400.8.40.1 * systemd-container-debuginfo-249.17-150400.8.40.1 * udev-debuginfo-249.17-150400.8.40.1 * systemd-32bit-249.17-150400.8.40.1 * systemd-debugsource-249.17-150400.8.40.1 * systemd-249.17-150400.8.40.1 * libsystemd0-32bit-debuginfo-249.17-150400.8.40.1 * libudev1-32bit-debuginfo-249.17-150400.8.40.1 * libsystemd0-debuginfo-249.17-150400.8.40.1 * libudev1-debuginfo-249.17-150400.8.40.1 * SUSE Manager Proxy 4.3 (noarch) * systemd-lang-249.17-150400.8.40.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * systemd-container-249.17-150400.8.40.1 * systemd-sysvinit-249.17-150400.8.40.1 * systemd-coredump-debuginfo-249.17-150400.8.40.1 * systemd-devel-249.17-150400.8.40.1 * systemd-coredump-249.17-150400.8.40.1 * udev-249.17-150400.8.40.1 * libsystemd0-32bit-249.17-150400.8.40.1 * systemd-doc-249.17-150400.8.40.1 * systemd-debuginfo-249.17-150400.8.40.1 * libudev1-249.17-150400.8.40.1 * libudev1-32bit-249.17-150400.8.40.1 * libsystemd0-249.17-150400.8.40.1 * systemd-32bit-debuginfo-249.17-150400.8.40.1 * systemd-container-debuginfo-249.17-150400.8.40.1 * udev-debuginfo-249.17-150400.8.40.1 * systemd-32bit-249.17-150400.8.40.1 * systemd-debugsource-249.17-150400.8.40.1 * systemd-249.17-150400.8.40.1 * libsystemd0-32bit-debuginfo-249.17-150400.8.40.1 * libudev1-32bit-debuginfo-249.17-150400.8.40.1 * libsystemd0-debuginfo-249.17-150400.8.40.1 * libudev1-debuginfo-249.17-150400.8.40.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * systemd-lang-249.17-150400.8.40.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * systemd-container-249.17-150400.8.40.1 * systemd-doc-249.17-150400.8.40.1 * systemd-debuginfo-249.17-150400.8.40.1 * systemd-coredump-debuginfo-249.17-150400.8.40.1 * systemd-249.17-150400.8.40.1 * libudev1-249.17-150400.8.40.1 * udev-debuginfo-249.17-150400.8.40.1 * libsystemd0-249.17-150400.8.40.1 * systemd-container-debuginfo-249.17-150400.8.40.1 * systemd-sysvinit-249.17-150400.8.40.1 * systemd-devel-249.17-150400.8.40.1 * libsystemd0-debuginfo-249.17-150400.8.40.1 * libudev1-debuginfo-249.17-150400.8.40.1 * systemd-coredump-249.17-150400.8.40.1 * systemd-debugsource-249.17-150400.8.40.1 * udev-249.17-150400.8.40.1 * SUSE Manager Server 4.3 (noarch) * systemd-lang-249.17-150400.8.40.1 * SUSE Manager Server 4.3 (x86_64) * libsystemd0-32bit-249.17-150400.8.40.1 * libudev1-32bit-249.17-150400.8.40.1 * libsystemd0-32bit-debuginfo-249.17-150400.8.40.1 * libudev1-32bit-debuginfo-249.17-150400.8.40.1 * systemd-32bit-debuginfo-249.17-150400.8.40.1 * systemd-32bit-249.17-150400.8.40.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1214668 * https://bugzilla.suse.com/show_bug.cgi?id=1215241 * https://bugzilla.suse.com/show_bug.cgi?id=1217460 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 16:30:06 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 16:30:06 -0000 Subject: SUSE-RU-2024:0767-1: moderate: Recommended update for go1.20 Message-ID: <170965620646.7614.5360788201787254485@smelt2.prg2.suse.org> # Recommended update for go1.20 Announcement ID: SUSE-RU-2024:0767-1 Rating: moderate References: * bsc#1206346 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that has one fix can now be installed. ## Description: This update for go1.20 fixes the following issues: go1.20.14 (released 2024-02-06) includes fixes to the crypto/x509 package. (bsc#1206346) * go#64760 staticlockranking builders failing on release branches on LUCI * go#65322 crypto: rollback BoringCrypto fips-20220613 update * go#65379 crypto/x509: TestIssue51759 consistently failing on gotip-darwin- amd64_10.15 LUCI builder ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-767=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * go1.20-doc-1.20.14-1.41.1 * go1.20-debuginfo-1.20.14-1.41.1 * go1.20-1.20.14-1.41.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1206346 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 16:30:08 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 16:30:08 -0000 Subject: SUSE-RU-2024:0766-1: important: Recommended update for libssh Message-ID: <170965620857.7614.5407030197857797878@smelt2.prg2.suse.org> # Recommended update for libssh Announcement ID: SUSE-RU-2024:0766-1 Rating: important References: * bsc#1220385 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for libssh fixes the following issues: * Fix regression parsing IPv6 addresses provided as hostname (bsc#1220385) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-766=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-766=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-766=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-766=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-766=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-766=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-766=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-766=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-766=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-766=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-766=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-766=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-766=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-766=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-766=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-766=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-766=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-766=1 ## Package List: * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * libssh-config-0.9.8-150400.3.6.1 * libssh-debugsource-0.9.8-150400.3.6.1 * libssh4-debuginfo-0.9.8-150400.3.6.1 * libssh4-0.9.8-150400.3.6.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libssh-config-0.9.8-150400.3.6.1 * libssh4-0.9.8-150400.3.6.1 * libssh-devel-0.9.8-150400.3.6.1 * libssh-debugsource-0.9.8-150400.3.6.1 * libssh4-debuginfo-0.9.8-150400.3.6.1 * openSUSE Leap 15.5 (x86_64) * libssh4-32bit-debuginfo-0.9.8-150400.3.6.1 * libssh4-32bit-0.9.8-150400.3.6.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libssh-config-0.9.8-150400.3.6.1 * libssh-debugsource-0.9.8-150400.3.6.1 * libssh4-debuginfo-0.9.8-150400.3.6.1 * libssh4-0.9.8-150400.3.6.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libssh-config-0.9.8-150400.3.6.1 * libssh-debugsource-0.9.8-150400.3.6.1 * libssh4-debuginfo-0.9.8-150400.3.6.1 * libssh4-0.9.8-150400.3.6.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libssh-config-0.9.8-150400.3.6.1 * libssh-debugsource-0.9.8-150400.3.6.1 * libssh4-debuginfo-0.9.8-150400.3.6.1 * libssh4-0.9.8-150400.3.6.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libssh-config-0.9.8-150400.3.6.1 * libssh-debugsource-0.9.8-150400.3.6.1 * libssh4-debuginfo-0.9.8-150400.3.6.1 * libssh4-0.9.8-150400.3.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * libssh-config-0.9.8-150400.3.6.1 * libssh-debugsource-0.9.8-150400.3.6.1 * libssh4-debuginfo-0.9.8-150400.3.6.1 * libssh4-0.9.8-150400.3.6.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libssh-config-0.9.8-150400.3.6.1 * libssh4-0.9.8-150400.3.6.1 * libssh-devel-0.9.8-150400.3.6.1 * libssh-debugsource-0.9.8-150400.3.6.1 * libssh4-debuginfo-0.9.8-150400.3.6.1 * Basesystem Module 15-SP5 (x86_64) * libssh4-32bit-debuginfo-0.9.8-150400.3.6.1 * libssh4-32bit-0.9.8-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libssh-config-0.9.8-150400.3.6.1 * libssh4-0.9.8-150400.3.6.1 * libssh-devel-0.9.8-150400.3.6.1 * libssh-debugsource-0.9.8-150400.3.6.1 * libssh4-debuginfo-0.9.8-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libssh4-32bit-debuginfo-0.9.8-150400.3.6.1 * libssh4-32bit-0.9.8-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libssh-config-0.9.8-150400.3.6.1 * libssh4-0.9.8-150400.3.6.1 * libssh-devel-0.9.8-150400.3.6.1 * libssh-debugsource-0.9.8-150400.3.6.1 * libssh4-debuginfo-0.9.8-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libssh4-32bit-debuginfo-0.9.8-150400.3.6.1 * libssh4-32bit-0.9.8-150400.3.6.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libssh-config-0.9.8-150400.3.6.1 * libssh4-32bit-debuginfo-0.9.8-150400.3.6.1 * libssh4-32bit-0.9.8-150400.3.6.1 * libssh4-0.9.8-150400.3.6.1 * libssh-devel-0.9.8-150400.3.6.1 * libssh-debugsource-0.9.8-150400.3.6.1 * libssh4-debuginfo-0.9.8-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libssh-config-0.9.8-150400.3.6.1 * libssh4-0.9.8-150400.3.6.1 * libssh-devel-0.9.8-150400.3.6.1 * libssh-debugsource-0.9.8-150400.3.6.1 * libssh4-debuginfo-0.9.8-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * libssh4-32bit-debuginfo-0.9.8-150400.3.6.1 * libssh4-32bit-0.9.8-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libssh-config-0.9.8-150400.3.6.1 * libssh4-0.9.8-150400.3.6.1 * libssh-devel-0.9.8-150400.3.6.1 * libssh-debugsource-0.9.8-150400.3.6.1 * libssh4-debuginfo-0.9.8-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libssh4-32bit-debuginfo-0.9.8-150400.3.6.1 * libssh4-32bit-0.9.8-150400.3.6.1 * SUSE Manager Proxy 4.3 (x86_64) * libssh-config-0.9.8-150400.3.6.1 * libssh4-32bit-debuginfo-0.9.8-150400.3.6.1 * libssh4-32bit-0.9.8-150400.3.6.1 * libssh4-0.9.8-150400.3.6.1 * libssh-devel-0.9.8-150400.3.6.1 * libssh-debugsource-0.9.8-150400.3.6.1 * libssh4-debuginfo-0.9.8-150400.3.6.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libssh-config-0.9.8-150400.3.6.1 * libssh4-32bit-debuginfo-0.9.8-150400.3.6.1 * libssh4-32bit-0.9.8-150400.3.6.1 * libssh4-0.9.8-150400.3.6.1 * libssh-devel-0.9.8-150400.3.6.1 * libssh-debugsource-0.9.8-150400.3.6.1 * libssh4-debuginfo-0.9.8-150400.3.6.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libssh-config-0.9.8-150400.3.6.1 * libssh4-0.9.8-150400.3.6.1 * libssh-devel-0.9.8-150400.3.6.1 * libssh-debugsource-0.9.8-150400.3.6.1 * libssh4-debuginfo-0.9.8-150400.3.6.1 * SUSE Manager Server 4.3 (x86_64) * libssh4-32bit-debuginfo-0.9.8-150400.3.6.1 * libssh4-32bit-0.9.8-150400.3.6.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libssh-config-0.9.8-150400.3.6.1 * libssh4-0.9.8-150400.3.6.1 * libssh-devel-0.9.8-150400.3.6.1 * libssh-debugsource-0.9.8-150400.3.6.1 * libssh4-debuginfo-0.9.8-150400.3.6.1 * openSUSE Leap 15.4 (x86_64) * libssh4-32bit-debuginfo-0.9.8-150400.3.6.1 * libssh4-32bit-0.9.8-150400.3.6.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libssh4-64bit-debuginfo-0.9.8-150400.3.6.1 * libssh4-64bit-0.9.8-150400.3.6.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * libssh-config-0.9.8-150400.3.6.1 * libssh-debugsource-0.9.8-150400.3.6.1 * libssh4-debuginfo-0.9.8-150400.3.6.1 * libssh4-0.9.8-150400.3.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1220385 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 16:30:10 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 16:30:10 -0000 Subject: SUSE-SU-2024:0765-1: important: Security update for rubygem-rack Message-ID: <170965621097.7614.2165935728057232774@smelt2.prg2.suse.org> # Security update for rubygem-rack Announcement ID: SUSE-SU-2024:0765-1 Rating: important References: * bsc#1220239 * bsc#1220242 * bsc#1220248 Cross-References: * CVE-2024-25126 * CVE-2024-26141 * CVE-2024-26146 CVSS scores: * CVE-2024-25126 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26141 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26146 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Availability Extension 15 SP2 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.1 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.1 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves three vulnerabilities can now be installed. ## Description: This update for rubygem-rack fixes the following issues: * CVE-2024-25126: Fixed a denial-of-service vulnerability in Rack Content-Type parsing (bsc#1220239). * CVE-2024-26141: Fixed a denial-of-service vulnerability in Range request header parsing (bsc#1220242). * CVE-2024-26146: Fixed a denial-of-service vulnerability in Rack headers parsing routine (bsc#1220248). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-765=1 * SUSE Linux Enterprise High Availability Extension 15 SP2 zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2024-765=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2024-765=1 * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2024-765=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-765=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-rack-doc-2.0.8-150000.3.21.2 * ruby2.5-rubygem-rack-testsuite-2.0.8-150000.3.21.2 * ruby2.5-rubygem-rack-2.0.8-150000.3.21.2 * SUSE Linux Enterprise High Availability Extension 15 SP2 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-rack-2.0.8-150000.3.21.2 * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-rack-2.0.8-150000.3.21.2 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-rack-2.0.8-150000.3.21.2 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-rack-2.0.8-150000.3.21.2 ## References: * https://www.suse.com/security/cve/CVE-2024-25126.html * https://www.suse.com/security/cve/CVE-2024-26141.html * https://www.suse.com/security/cve/CVE-2024-26146.html * https://bugzilla.suse.com/show_bug.cgi?id=1220239 * https://bugzilla.suse.com/show_bug.cgi?id=1220242 * https://bugzilla.suse.com/show_bug.cgi?id=1220248 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 16:30:13 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 16:30:13 -0000 Subject: SUSE-SU-2024:0764-1: important: Security update for wpa_supplicant Message-ID: <170965621310.7614.13662180904112735104@smelt2.prg2.suse.org> # Security update for wpa_supplicant Announcement ID: SUSE-SU-2024:0764-1 Rating: important References: * bsc#1219975 Cross-References: * CVE-2023-52160 CVSS scores: * CVE-2023-52160 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52160 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for wpa_supplicant fixes the following issues: * CVE-2023-52160: Bypassing WiFi Authentication (bsc#1219975). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-764=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-764=1 openSUSE-SLE-15.5-2024-764=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-764=1 ## Package List: * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * wpa_supplicant-2.10-150500.3.3.1 * wpa_supplicant-debugsource-2.10-150500.3.3.1 * wpa_supplicant-debuginfo-2.10-150500.3.3.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * wpa_supplicant-debugsource-2.10-150500.3.3.1 * wpa_supplicant-gui-2.10-150500.3.3.1 * wpa_supplicant-gui-debuginfo-2.10-150500.3.3.1 * wpa_supplicant-2.10-150500.3.3.1 * wpa_supplicant-debuginfo-2.10-150500.3.3.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * wpa_supplicant-2.10-150500.3.3.1 * wpa_supplicant-debugsource-2.10-150500.3.3.1 * wpa_supplicant-debuginfo-2.10-150500.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52160.html * https://bugzilla.suse.com/show_bug.cgi?id=1219975 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 16:30:14 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 16:30:14 -0000 Subject: SUSE-SU-2024:0763-1: moderate: Security update for python-cryptography Message-ID: <170965621490.7614.249207884671198234@smelt2.prg2.suse.org> # Security update for python-cryptography Announcement ID: SUSE-SU-2024:0763-1 Rating: moderate References: * bsc#1220210 Cross-References: * CVE-2024-26130 CVSS scores: * CVE-2024-26130 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Python 3 Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python-cryptography fixes the following issues: * CVE-2024-26130: Fixed NULL pointer dereference in pkcs12.serialize_key_and_certificates() (bsc#1220210). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-763=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-763=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-763=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python-cryptography-debugsource-41.0.3-150400.16.15.1 * python311-cryptography-debuginfo-41.0.3-150400.16.15.1 * python311-cryptography-41.0.3-150400.16.15.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python-cryptography-debugsource-41.0.3-150400.16.15.1 * python311-cryptography-debuginfo-41.0.3-150400.16.15.1 * python311-cryptography-41.0.3-150400.16.15.1 * Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python-cryptography-debugsource-41.0.3-150400.16.15.1 * python311-cryptography-debuginfo-41.0.3-150400.16.15.1 * python311-cryptography-41.0.3-150400.16.15.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26130.html * https://bugzilla.suse.com/show_bug.cgi?id=1220210 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 16:30:16 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 16:30:16 -0000 Subject: SUSE-RU-2024:0762-1: important: Recommended update for SLE-Micro-release Message-ID: <170965621649.7614.6334854742180182275@smelt2.prg2.suse.org> # Recommended update for SLE-Micro-release Announcement ID: SUSE-RU-2024:0762-1 Rating: important References: Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that can now be installed. ## Description: This update for SLE-Micro-release contains the following fix: * Fix EOL date. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-762=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * SLE-Micro-release-5.5-150500.8.5.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 16:30:18 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 16:30:18 -0000 Subject: SUSE-RU-2024:0761-1: important: Recommended update for cloud-regionsrv-client Message-ID: <170965621852.7614.2855352335384148329@smelt2.prg2.suse.org> # Recommended update for cloud-regionsrv-client Announcement ID: SUSE-RU-2024:0761-1 Rating: important References: * bsc#1220164 * bsc#1220165 Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has two fixes can now be installed. ## Description: This update for cloud-regionsrv-client contains the following fixes: * Update to version 10.1.7 (bsc#1220164, bsc#1220165) * Fix the failover path to a new target update server. At present a new server is not found since credential validation fails. We targeted the server detected in down condition to verify the credentials instead of the replacement server. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2024-761=1 ## Package List: * Public Cloud Module 12 (noarch) * cloud-regionsrv-client-generic-config-1.0.0-52.108.1 * cloud-regionsrv-client-plugin-azure-2.0.0-52.108.1 * cloud-regionsrv-client-addon-azure-1.0.5-52.108.1 * cloud-regionsrv-client-10.1.7-52.108.1 * cloud-regionsrv-client-plugin-gce-1.0.0-52.108.1 * cloud-regionsrv-client-plugin-ec2-1.0.4-52.108.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1220164 * https://bugzilla.suse.com/show_bug.cgi?id=1220165 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 16:30:20 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 16:30:20 -0000 Subject: SUSE-RU-2024:0760-1: important: Recommended update for cloud-regionsrv-client Message-ID: <170965622098.7614.3754344004871667319@smelt2.prg2.suse.org> # Recommended update for cloud-regionsrv-client Announcement ID: SUSE-RU-2024:0760-1 Rating: important References: * bsc#1220164 * bsc#1220165 Affected Products: * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * Public Cloud Module 15-SP2 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.1 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.1 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that has two fixes can now be installed. ## Description: This update for cloud-regionsrv-client contains the following fixes: * Update to version 10.1.7 (bsc#1220164, bsc#1220165) * Fix the failover path to a new target update server. At present a new server is not found since credential validation fails. We targeted the server detected in down condition to verify the credentials instead of the replacement server. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-760=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-760=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-760=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-760=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-760=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-760=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-760=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-760=1 * Public Cloud Module 15-SP2 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2024-760=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2024-760=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-760=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-760=1 ## Package List: * openSUSE Leap Micro 5.3 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.108.1 * cloud-regionsrv-client-plugin-ec2-1.0.4-150000.6.108.1 * cloud-regionsrv-client-generic-config-1.0.0-150000.6.108.1 * cloud-regionsrv-client-addon-azure-1.0.5-150000.6.108.1 * cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.108.1 * cloud-regionsrv-client-10.1.7-150000.6.108.1 * openSUSE Leap Micro 5.4 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.108.1 * cloud-regionsrv-client-plugin-ec2-1.0.4-150000.6.108.1 * cloud-regionsrv-client-generic-config-1.0.0-150000.6.108.1 * cloud-regionsrv-client-addon-azure-1.0.5-150000.6.108.1 * cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.108.1 * cloud-regionsrv-client-10.1.7-150000.6.108.1 * openSUSE Leap 15.5 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.108.1 * cloud-regionsrv-client-plugin-ec2-1.0.4-150000.6.108.1 * cloud-regionsrv-client-generic-config-1.0.0-150000.6.108.1 * cloud-regionsrv-client-addon-azure-1.0.5-150000.6.108.1 * cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.108.1 * cloud-regionsrv-client-10.1.7-150000.6.108.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.108.1 * cloud-regionsrv-client-plugin-ec2-1.0.4-150000.6.108.1 * cloud-regionsrv-client-generic-config-1.0.0-150000.6.108.1 * cloud-regionsrv-client-addon-azure-1.0.5-150000.6.108.1 * cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.108.1 * cloud-regionsrv-client-10.1.7-150000.6.108.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.108.1 * cloud-regionsrv-client-plugin-ec2-1.0.4-150000.6.108.1 * cloud-regionsrv-client-generic-config-1.0.0-150000.6.108.1 * cloud-regionsrv-client-addon-azure-1.0.5-150000.6.108.1 * cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.108.1 * cloud-regionsrv-client-10.1.7-150000.6.108.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.108.1 * cloud-regionsrv-client-plugin-ec2-1.0.4-150000.6.108.1 * cloud-regionsrv-client-generic-config-1.0.0-150000.6.108.1 * cloud-regionsrv-client-addon-azure-1.0.5-150000.6.108.1 * cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.108.1 * cloud-regionsrv-client-10.1.7-150000.6.108.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.108.1 * cloud-regionsrv-client-plugin-ec2-1.0.4-150000.6.108.1 * cloud-regionsrv-client-generic-config-1.0.0-150000.6.108.1 * cloud-regionsrv-client-addon-azure-1.0.5-150000.6.108.1 * cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.108.1 * cloud-regionsrv-client-10.1.7-150000.6.108.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.108.1 * cloud-regionsrv-client-plugin-ec2-1.0.4-150000.6.108.1 * cloud-regionsrv-client-generic-config-1.0.0-150000.6.108.1 * cloud-regionsrv-client-addon-azure-1.0.5-150000.6.108.1 * cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.108.1 * cloud-regionsrv-client-10.1.7-150000.6.108.1 * Public Cloud Module 15-SP2 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.108.1 * cloud-regionsrv-client-plugin-ec2-1.0.4-150000.6.108.1 * cloud-regionsrv-client-generic-config-1.0.0-150000.6.108.1 * cloud-regionsrv-client-addon-azure-1.0.5-150000.6.108.1 * cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.108.1 * cloud-regionsrv-client-10.1.7-150000.6.108.1 * Public Cloud Module 15-SP3 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.108.1 * cloud-regionsrv-client-plugin-ec2-1.0.4-150000.6.108.1 * cloud-regionsrv-client-generic-config-1.0.0-150000.6.108.1 * cloud-regionsrv-client-addon-azure-1.0.5-150000.6.108.1 * cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.108.1 * cloud-regionsrv-client-10.1.7-150000.6.108.1 * Public Cloud Module 15-SP4 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.108.1 * cloud-regionsrv-client-plugin-ec2-1.0.4-150000.6.108.1 * cloud-regionsrv-client-generic-config-1.0.0-150000.6.108.1 * cloud-regionsrv-client-addon-azure-1.0.5-150000.6.108.1 * cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.108.1 * cloud-regionsrv-client-10.1.7-150000.6.108.1 * Public Cloud Module 15-SP5 (noarch) * cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.108.1 * cloud-regionsrv-client-plugin-ec2-1.0.4-150000.6.108.1 * cloud-regionsrv-client-generic-config-1.0.0-150000.6.108.1 * cloud-regionsrv-client-addon-azure-1.0.5-150000.6.108.1 * cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.108.1 * cloud-regionsrv-client-10.1.7-150000.6.108.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1220164 * https://bugzilla.suse.com/show_bug.cgi?id=1220165 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 20:30:05 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 20:30:05 -0000 Subject: SUSE-SU-2024:0773-1: critical: Security update for postgresql-jdbc Message-ID: <170967060506.29033.1326792818225866527@smelt2.prg2.suse.org> # Security update for postgresql-jdbc Announcement ID: SUSE-SU-2024:0773-1 Rating: critical References: * bsc#1220644 Cross-References: * CVE-2024-1597 CVSS scores: * CVE-2024-1597 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql-jdbc fixes the following issues: * CVE-2024-1597: Fixed SQL Injection via line comment generation (bsc#1220644). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-773=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-773=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-773=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-773=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-773=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-773=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-773=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-773=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-773=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-773=1 ## Package List: * openSUSE Leap 15.4 (noarch) * postgresql-jdbc-42.2.25-150400.3.12.1 * postgresql-jdbc-javadoc-42.2.25-150400.3.12.1 * openSUSE Leap 15.5 (noarch) * postgresql-jdbc-42.2.25-150400.3.12.1 * postgresql-jdbc-javadoc-42.2.25-150400.3.12.1 * Server Applications Module 15-SP5 (noarch) * postgresql-jdbc-42.2.25-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * postgresql-jdbc-42.2.25-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * postgresql-jdbc-42.2.25-150400.3.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * postgresql-jdbc-42.2.25-150400.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * postgresql-jdbc-42.2.25-150400.3.12.1 * SUSE Manager Proxy 4.3 (noarch) * postgresql-jdbc-42.2.25-150400.3.12.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * postgresql-jdbc-42.2.25-150400.3.12.1 * SUSE Manager Server 4.3 (noarch) * postgresql-jdbc-42.2.25-150400.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1597.html * https://bugzilla.suse.com/show_bug.cgi?id=1220644 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 20:30:07 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 20:30:07 -0000 Subject: SUSE-SU-2024:0772-1: important: Security update for kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed Message-ID: <170967060771.29033.14198047275486503906@smelt2.prg2.suse.org> # Security update for kernel-firmware-nvidia-gspx-G06, nvidia-open- driver-G06-signed Announcement ID: SUSE-SU-2024:0772-1 Rating: important References: * bsc#1220552 * jsc#PED-7117 Cross-References: * CVE-2022-42265 * CVE-2024-0074 * CVE-2024-0075 CVSS scores: * CVE-2022-42265 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-42265 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-0074 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0075 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities and contains one feature can now be installed. ## Description: This update for kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed fixes the following issues: Update to 550.54.14: * Added vGPU Host and vGPU Guest support. For vGPU Host, please refer to the README.vgpu packaged in the vGPU Host Package for more details. Security issues fixed: * CVE-2024-0074: A user could trigger a NULL ptr dereference. * CVE-2024-0075: A user could overwrite the end of a buffer, leading to crashes or code execution. * CVE-2022-42265: A unprivileged user could trigger an integer overflow which could lead to crashes or code execution. * create /run/udev/static_node-tags/uaccess/nvidia${devid} symlinks also during modprobing the nvidia module; this changes the issue of not having access to /dev/nvidia${devid}, when gfxcard has been replaced by a different gfx card after installing the driver * provide nvidia-open-driver-G06-kmp (jsc#PED-7117) This makes it easy to replace the package from nVidia's CUDA repository with this presigned package ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-772=1 openSUSE-SLE-15.5-2024-772=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-772=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-772=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-772=1 ## Package List: * openSUSE Leap 15.5 (aarch64 nosrc x86_64) * kernel-firmware-nvidia-gspx-G06-550.54.14-150500.11.18.1 * openSUSE Leap 15.5 (x86_64) * nvidia-open-driver-G06-signed-kmp-azure-debuginfo-550.54.14_k5.14.21_150500.33.34-150500.3.36.1 * nvidia-open-driver-G06-signed-kmp-azure-550.54.14_k5.14.21_150500.33.34-150500.3.36.1 * nvidia-open-driver-G06-signed-azure-devel-550.54.14-150500.3.36.1 * openSUSE Leap 15.5 (aarch64 x86_64) * nvidia-open-driver-G06-signed-debugsource-550.54.14-150500.3.36.1 * nvidia-open-driver-G06-signed-default-devel-550.54.14-150500.3.36.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.54.14_k5.14.21_150500.55.49-150500.3.36.1 * nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150500.55.49-150500.3.36.1 * openSUSE Leap 15.5 (aarch64) * nvidia-open-driver-G06-signed-64kb-devel-550.54.14-150500.3.36.1 * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.54.14_k5.14.21_150500.55.49-150500.3.36.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.54.14_k5.14.21_150500.55.49-150500.3.36.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 nosrc x86_64) * kernel-firmware-nvidia-gspx-G06-550.54.14-150500.11.18.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.54.14_k5.14.21_150500.55.49-150500.3.36.1 * nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150500.55.49-150500.3.36.1 * Basesystem Module 15-SP5 (aarch64 nosrc x86_64) * kernel-firmware-nvidia-gspx-G06-550.54.14-150500.11.18.1 * Basesystem Module 15-SP5 (aarch64) * nvidia-open-driver-G06-signed-64kb-devel-550.54.14-150500.3.36.1 * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.54.14_k5.14.21_150500.55.49-150500.3.36.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.54.14_k5.14.21_150500.55.49-150500.3.36.1 * Basesystem Module 15-SP5 (aarch64 x86_64) * nvidia-open-driver-G06-signed-debugsource-550.54.14-150500.3.36.1 * nvidia-open-driver-G06-signed-default-devel-550.54.14-150500.3.36.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.54.14_k5.14.21_150500.55.49-150500.3.36.1 * nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150500.55.49-150500.3.36.1 * Public Cloud Module 15-SP5 (x86_64) * nvidia-open-driver-G06-signed-kmp-azure-debuginfo-550.54.14_k5.14.21_150500.33.34-150500.3.36.1 * nvidia-open-driver-G06-signed-kmp-azure-550.54.14_k5.14.21_150500.33.34-150500.3.36.1 * nvidia-open-driver-G06-signed-azure-devel-550.54.14-150500.3.36.1 ## References: * https://www.suse.com/security/cve/CVE-2022-42265.html * https://www.suse.com/security/cve/CVE-2024-0074.html * https://www.suse.com/security/cve/CVE-2024-0075.html * https://bugzilla.suse.com/show_bug.cgi?id=1220552 * https://jira.suse.com/browse/PED-7117 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 20:30:13 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 20:30:13 -0000 Subject: SUSE-RU-2024:0254-2: moderate: Recommended update for containerd Message-ID: <170967061327.29033.1928314816218730842@smelt2.prg2.suse.org> # Recommended update for containerd Announcement ID: SUSE-RU-2024:0254-2 Rating: moderate References: * bsc#1217952 Affected Products: * Containers Module 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for containerd fixes the following issues: * Fix permissions of address file (bsc#1217952) * Update to version 1.7.10 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Containers Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Containers-15-SP4-2024-254=1 ## Package List: * Containers Module 15-SP4 (aarch64 ppc64le s390x x86_64) * containerd-1.7.10-150000.106.1 * containerd-ctr-1.7.10-150000.106.1 * containerd-devel-1.7.10-150000.106.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1217952 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 20:30:15 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 20:30:15 -0000 Subject: SUSE-SU-2024:0771-1: critical: Security update for postgresql-jdbc Message-ID: <170967061560.29033.6020674862729614972@smelt2.prg2.suse.org> # Security update for postgresql-jdbc Announcement ID: SUSE-SU-2024:0771-1 Rating: critical References: * bsc#1220644 Cross-References: * CVE-2024-1597 CVSS scores: * CVE-2024-1597 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql-jdbc fixes the following issues: * CVE-2024-1597: Fixed SQL Injection via line comment generation (bsc#1220644). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-771=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-771=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-771=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * postgresql-jdbc-9.4-3.12.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * postgresql-jdbc-9.4-3.12.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * postgresql-jdbc-9.4-3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1597.html * https://bugzilla.suse.com/show_bug.cgi?id=1220644 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 20:30:18 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 20:30:18 -0000 Subject: SUSE-SU-2024:0770-1: important: Security update for kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed Message-ID: <170967061853.29033.16847492853689510891@smelt2.prg2.suse.org> # Security update for kernel-firmware-nvidia-gspx-G06, nvidia-open- driver-G06-signed Announcement ID: SUSE-SU-2024:0770-1 Rating: important References: * bsc#1220552 * jsc#PED-7117 Cross-References: * CVE-2022-42265 * CVE-2024-0074 * CVE-2024-0075 CVSS scores: * CVE-2022-42265 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-42265 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2024-0074 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H * CVE-2024-0075 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves three vulnerabilities and contains one feature can now be installed. ## Description: This update for kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed fixes the following issues: Update to 550.54.14 * Added vGPU Host and vGPU Guest support. For vGPU Host, please refer to the README.vgpu packaged in the vGPU Host Package for more details. Security issues fixed: * CVE-2024-0074: A user could trigger a NULL ptr dereference. * CVE-2024-0075: A user could overwrite the end of a buffer, leading to crashes or code execution. * CVE-2022-42265: A unprivileged user could trigger an integer overflow which could lead to crashes or code execution. * create /run/udev/static_node-tags/uaccess/nvidia${devid} symlinks also during modprobing the nvidia module; this changes the issue of not having access to /dev/nvidia${devid}, when gfxcard has been replaced by a different gfx card after installing the driver * provide nvidia-open-driver-G06-kmp (jsc#PED-7117) * this makes it easy to replace the package from nVidia's CUDA repository with this presigned package ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-770=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-770=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-770=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-770=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-770=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-770=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-770=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-770=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-770=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-770=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-770=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-770=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-770=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc x86_64) * kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * nvidia-open-driver-G06-signed-debugsource-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc x86_64) * kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * nvidia-open-driver-G06-signed-debugsource-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc x86_64) * kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * nvidia-open-driver-G06-signed-64kb-devel-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * nvidia-open-driver-G06-signed-debugsource-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-default-devel-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc x86_64) * kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * nvidia-open-driver-G06-signed-64kb-devel-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * nvidia-open-driver-G06-signed-debugsource-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-default-devel-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (nosrc x86_64) * kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * nvidia-open-driver-G06-signed-debugsource-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-default-devel-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 nosrc x86_64) * kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64) * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * nvidia-open-driver-G06-signed-64kb-devel-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64) * nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * nvidia-open-driver-G06-signed-debugsource-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-default-devel-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc x86_64) * kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * nvidia-open-driver-G06-signed-debugsource-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-default-devel-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * SUSE Manager Proxy 4.3 (nosrc x86_64) * kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1 * SUSE Manager Proxy 4.3 (x86_64) * nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * nvidia-open-driver-G06-signed-debugsource-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-default-devel-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * SUSE Manager Retail Branch Server 4.3 (nosrc x86_64) * kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * nvidia-open-driver-G06-signed-debugsource-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-default-devel-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * SUSE Manager Server 4.3 (nosrc x86_64) * kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1 * SUSE Manager Server 4.3 (x86_64) * nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * nvidia-open-driver-G06-signed-debugsource-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-default-devel-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * openSUSE Leap 15.4 (aarch64 nosrc x86_64) * kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1 * openSUSE Leap 15.4 (x86_64) * nvidia-open-driver-G06-signed-kmp-azure-debuginfo-550.54.14_k5.14.21_150400.14.75-150400.9.50.1 * nvidia-open-driver-G06-signed-kmp-azure-550.54.14_k5.14.21_150400.14.75-150400.9.50.1 * nvidia-open-driver-G06-signed-azure-devel-550.54.14-150400.9.50.1 * openSUSE Leap 15.4 (aarch64 x86_64) * nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * nvidia-open-driver-G06-signed-debugsource-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-default-devel-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * openSUSE Leap 15.4 (aarch64) * nvidia-open-driver-G06-signed-kmp-64kb-debuginfo-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * nvidia-open-driver-G06-signed-64kb-devel-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-kmp-64kb-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc x86_64) * kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * nvidia-open-driver-G06-signed-debugsource-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc x86_64) * kernel-firmware-nvidia-gspx-G06-550.54.14-150400.9.21.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * nvidia-open-driver-G06-signed-kmp-default-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 * nvidia-open-driver-G06-signed-debugsource-550.54.14-150400.9.50.1 * nvidia-open-driver-G06-signed-kmp-default-debuginfo-550.54.14_k5.14.21_150400.24.108-150400.9.50.1 ## References: * https://www.suse.com/security/cve/CVE-2022-42265.html * https://www.suse.com/security/cve/CVE-2024-0074.html * https://www.suse.com/security/cve/CVE-2024-0075.html * https://bugzilla.suse.com/show_bug.cgi?id=1220552 * https://jira.suse.com/browse/PED-7117 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 20:30:21 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 20:30:21 -0000 Subject: SUSE-SU-2024:0769-1: critical: Security update for postgresql-jdbc Message-ID: <170967062119.29033.9059960397795283061@smelt2.prg2.suse.org> # Security update for postgresql-jdbc Announcement ID: SUSE-SU-2024:0769-1 Rating: critical References: * bsc#1220644 Cross-References: * CVE-2024-1597 CVSS scores: * CVE-2024-1597 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for postgresql-jdbc fixes the following issues: * CVE-2024-1597: Fixed SQL Injection via line comment generation (bsc#1220644). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-769=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-769=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-769=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-769=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-769=1 ## Package List: * openSUSE Leap 15.3 (noarch) * postgresql-jdbc-42.2.25-150300.3.14.1 * postgresql-jdbc-javadoc-42.2.25-150300.3.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * postgresql-jdbc-42.2.25-150300.3.14.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * postgresql-jdbc-42.2.25-150300.3.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * postgresql-jdbc-42.2.25-150300.3.14.1 * SUSE Enterprise Storage 7.1 (noarch) * postgresql-jdbc-42.2.25-150300.3.14.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1597.html * https://bugzilla.suse.com/show_bug.cgi?id=1220644 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 5 20:30:23 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 05 Mar 2024 20:30:23 -0000 Subject: SUSE-SU-2024:0329-2: moderate: Security update for python Message-ID: <170967062361.29033.12752074694633205882@smelt2.prg2.suse.org> # Security update for python Announcement ID: SUSE-SU-2024:0329-2 Rating: moderate References: * bsc#1210638 Cross-References: * CVE-2023-27043 CVSS scores: * CVE-2023-27043 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-27043 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP4 An update that solves one vulnerability can now be installed. ## Description: This update for python fixes the following issues: * CVE-2023-27043: Fixed incorrectly parses e-mail addresses which contain a special character (bsc#1210638). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP4 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2024-329=1 ## Package List: * SUSE Package Hub 15 15-SP4 (aarch64 ppc64le s390x x86_64) * python-debuginfo-2.7.18-150000.60.1 * python-base-debugsource-2.7.18-150000.60.1 * python-devel-2.7.18-150000.60.1 * python-xml-2.7.18-150000.60.1 * python-curses-2.7.18-150000.60.1 * python-2.7.18-150000.60.1 * libpython2_7-1_0-2.7.18-150000.60.1 * python-curses-debuginfo-2.7.18-150000.60.1 * python-gdbm-debuginfo-2.7.18-150000.60.1 * libpython2_7-1_0-debuginfo-2.7.18-150000.60.1 * python-base-2.7.18-150000.60.1 * python-base-debuginfo-2.7.18-150000.60.1 * python-gdbm-2.7.18-150000.60.1 * python-tk-debuginfo-2.7.18-150000.60.1 * python-debugsource-2.7.18-150000.60.1 * python-xml-debuginfo-2.7.18-150000.60.1 * python-tk-2.7.18-150000.60.1 ## References: * https://www.suse.com/security/cve/CVE-2023-27043.html * https://bugzilla.suse.com/show_bug.cgi?id=1210638 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 6 08:30:03 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 Mar 2024 08:30:03 -0000 Subject: SUSE-RU-2024:0775-1: important: Recommended update for cockpit Message-ID: <170971380369.23242.3488469983369962268@smelt2.prg2.suse.org> # Recommended update for cockpit Announcement ID: SUSE-RU-2024:0775-1 Rating: important References: * bsc#1220385 Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that has one fix can now be installed. ## Description: This update for cockpit fixes the following issues: * backport compatibility fixes for libssh (bsc#1220385) * Remove SELinux file context for /usr/bin/cockpit-bridge, this is already defined in the main selinux-policy package (bsc#1220385). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-775=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * cockpit-bridge-298-150500.3.3.1 * cockpit-bridge-debuginfo-298-150500.3.3.1 * cockpit-298-150500.3.3.1 * cockpit-ws-debuginfo-298-150500.3.3.1 * cockpit-debuginfo-298-150500.3.3.1 * cockpit-ws-298-150500.3.3.1 * cockpit-debugsource-298-150500.3.3.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * cockpit-storaged-298-150500.3.3.1 * cockpit-system-298-150500.3.3.1 * cockpit-selinux-298-150500.3.3.1 * cockpit-networkmanager-298-150500.3.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1220385 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 6 08:30:05 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 Mar 2024 08:30:05 -0000 Subject: SUSE-OU-2024:0774-1: moderate: Optional update for warewulf4 Message-ID: <170971380504.23242.8531432069978362448@smelt2.prg2.suse.org> # Optional update for warewulf4 Announcement ID: SUSE-OU-2024:0774-1 Rating: moderate References: * bsc#1215583 * bsc#1220189 Affected Products: * HPC Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 An update that has two fixes can now be installed. ## Description: This update for warewulf4 fixes the following issues: warewulf4 was updated to version 4.5.0rc2: * Changes in version 4.5.0rc2: * `wwctl node list` panics if a node uses a profile with a network which isn't present on this node (bsc#1220189) * Changes in version 4.5.0rc1: * All overlays reside now under a `rootfs` diretory e.g. the host overlays reside now under /var/lib/warewulf/host/rootfs. This has the advantage that the `rootfs` can be under a version control, without the effect that the meta files, e.g. `.git` will show up in the rendered overlays * Changes in version v4.5.0rc0: * Disks, partitions and file systems can set in the configuration and if ignition is present in the container, changes to the disks will be made * Grub can be used as alternative boot method instead of iPXE. The grub binary is extracted from the container and shim is executed before the grub. This enables secure boot * wwctl has now the genconfig subcommand which will print/create valid configurations * All paths e.g the overlay dir, can now be configured in warewulf.conf * Fixed a bug where profile tags were erroneously overridden by empty node values * Fixed bug where tags from profiles weren't rendered * Moved example templates for client overlays to example-templates/ in the package documentation * Renamed: `warewulf4-doc` to `warewulf4-man` * Renamed: `warewulf4-slurm` to `warewulf4-overlay-slurm` * Make only overlay dir being config files * Added documentation for replacing dhcpd and tftp with dnsmasq as README.dnsmasq (jira#HPC-65) * Check if automatic configured ip range doesn't contain ip address of ww4 host (bsc#1215583) * Removed the ipxe binaries * Set warewulf4-man and warewulf4-overlay-slurm to noarch * Use bash for config-warewulf.sh ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-774=1 openSUSE-SLE-15.5-2024-774=1 * HPC Module 15-SP5 zypper in -t patch SUSE-SLE-Module-HPC-15-SP5-2024-774=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64) * warewulf4-4.5.0~rc2-150500.6.5.1 * warewulf4-overlay-4.5.0~rc2-150500.6.5.1 * warewulf4-api-4.5.0~rc2-150500.6.5.1 * openSUSE Leap 15.5 (noarch) * warewulf4-overlay-slurm-4.5.0~rc2-150500.6.5.1 * warewulf4-man-4.5.0~rc2-150500.6.5.1 * HPC Module 15-SP5 (aarch64 x86_64) * warewulf4-4.5.0~rc2-150500.6.5.1 * warewulf4-overlay-4.5.0~rc2-150500.6.5.1 * warewulf4-api-4.5.0~rc2-150500.6.5.1 * HPC Module 15-SP5 (noarch) * warewulf4-overlay-slurm-4.5.0~rc2-150500.6.5.1 * warewulf4-man-4.5.0~rc2-150500.6.5.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1215583 * https://bugzilla.suse.com/show_bug.cgi?id=1220189 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 6 12:30:02 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 Mar 2024 12:30:02 -0000 Subject: SUSE-SU-2024:0777-1: important: Security update for xmlgraphics-batik Message-ID: <170972820244.22329.885440833233696761@smelt2.prg2.suse.org> # Security update for xmlgraphics-batik Announcement ID: SUSE-SU-2024:0777-1 Rating: important References: * bsc#1034675 * bsc#1172961 * bsc#1182748 * bsc#1203672 * bsc#1203673 * bsc#1203674 * bsc#1204704 * bsc#1204709 Cross-References: * CVE-2017-5662 * CVE-2019-17566 * CVE-2020-11987 * CVE-2022-38398 * CVE-2022-38648 * CVE-2022-40146 * CVE-2022-41704 * CVE-2022-42890 * CVE-2022-44729 * CVE-2022-44730 CVSS scores: * CVE-2017-5662 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2017-5662 ( NVD ): 7.3 CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H * CVE-2019-17566 ( SUSE ): 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N * CVE-2019-17566 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2020-11987 ( SUSE ): 5.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N * CVE-2020-11987 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N * CVE-2022-38398 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2022-38398 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2022-38648 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2022-38648 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2022-40146 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2022-40146 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2022-41704 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2022-41704 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2022-42890 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2022-42890 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2022-44729 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2022-44730 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for xmlgraphics-batik fixes the following issues: * CVE-2017-5662: Fixed Apache Batik information disclosure vulnerability (bsc#1034675). * CVE-2019-17566: Fixed SSRF vulnerability (bsc#1172961). * CVE-2020-11987: Fixed Apache XML Graphics Batik SSRF vulnerability (bsc#1182748). * CVE-2022-38398: Fixed information disclosure vulnerability (bsc#1203674). * CVE-2022-38648: Fixed information disclosure vulnerability (bsc#1203673). * CVE-2022-40146: Fixed information disclosure vulnerability (bsc#1203672). * CVE-2022-41704: Fixed information disclosure vulnerability in Apache Batik (bsc#1204704). * CVE-2022-42890: Fixed information disclosure vulnerability in Apache Batik (bsc#1204709). * CVE-2022-44729: Fixed Server-Side Request Forgery. * CVE-2022-44730: Fixed Server-Side Request Forgery. Upgrade to version 1.17. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-777=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch) * xmlgraphics-batik-1.17-2.7.1 ## References: * https://www.suse.com/security/cve/CVE-2017-5662.html * https://www.suse.com/security/cve/CVE-2019-17566.html * https://www.suse.com/security/cve/CVE-2020-11987.html * https://www.suse.com/security/cve/CVE-2022-38398.html * https://www.suse.com/security/cve/CVE-2022-38648.html * https://www.suse.com/security/cve/CVE-2022-40146.html * https://www.suse.com/security/cve/CVE-2022-41704.html * https://www.suse.com/security/cve/CVE-2022-42890.html * https://www.suse.com/security/cve/CVE-2022-44729.html * https://www.suse.com/security/cve/CVE-2022-44730.html * https://bugzilla.suse.com/show_bug.cgi?id=1034675 * https://bugzilla.suse.com/show_bug.cgi?id=1172961 * https://bugzilla.suse.com/show_bug.cgi?id=1182748 * https://bugzilla.suse.com/show_bug.cgi?id=1203672 * https://bugzilla.suse.com/show_bug.cgi?id=1203673 * https://bugzilla.suse.com/show_bug.cgi?id=1203674 * https://bugzilla.suse.com/show_bug.cgi?id=1204704 * https://bugzilla.suse.com/show_bug.cgi?id=1204709 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 6 12:30:05 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 Mar 2024 12:30:05 -0000 Subject: SUSE-RU-2024:0776-1: moderate: Recommended update for google-cloud-sap-agent Message-ID: <170972820514.22329.13818952934907912262@smelt2.prg2.suse.org> # Recommended update for google-cloud-sap-agent Announcement ID: SUSE-RU-2024:0776-1 Rating: moderate References: * bsc#1218736 * bsc#1218737 Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has two fixes can now be installed. ## Description: This update for google-cloud-sap-agent fixes the following issues: * Update to version 3.0 (bsc#1218736, bsc#1218737) * Suppress packemaker command error to debug to avoid log flooding * Expand load balancing cluster discovery. * Log success messages in OTEs to STDOUT instead of STDERR used by log.Print * Use bash always to avoid variation of behavior across OS/Shell types * Minor updates to installbackint. * Backint compose step properly saves metadata. * Fix issue with discovery on ASCS instances. * hanadiskrestore - fix the format of disktype string for disk create API * Fix issue with PCS cluster address discovery. * Update transform to insight * Rename HANA backup/restore OTEs to reflect they are supported for all disks and not just persistent disk * Increase the timeout for HDB stop to account for busy DBs * Adding project sap-ecs-testing to the list. * PD Restore - Support provisioned-iops and provisioned-throughput * Integration test for configure OTE * Added precondition in hana pd backup for stripped LVM * Add a precondition check to verify user has passed a valid snapshot name that is present in the current project * Update the usage to reflect additional required param * Minor path update for supportbundle OTE. * Fixing bug in slow moving metrics partial collection scenarios * Adding check for agent status after restart. * Ensure Backint ComposeChunks has a valid bucket handle * Discover whether a Netweaver instance is ABAP or Java * Replace standard slices package with third party version * WLM HANA metric `ha_in_same_zone` now reports instance names for HA nodes in the same zone * Fix data race condition for Backint Backup with new client connections * Make -new-disk-name a required parameter to avoid the 63 char limit in the name length due to auto-generated names * Fix command for collecting Corosync metric `two_node_runtime` * Make snapshot name similar to disk name * Bump golang.org/x/crypto from 0.15.0 to 0.17.0 * Enable Discovery config flag controls submission to Data Warehouse and Cloud Logging * Create new clients for each operation in Backint * Add `client_endpoint` to Backint proto. * Getting the build number into the version for display * Backint config name change: service_account to service_account_key * Add HANA HA metrics to collection definition. * Fix sorting bug in a diff in apps_discovery_test.go * Add discoverHANATenantDBs to main code path * Change PIPE filemode to WRONLY to allow us to detect broken pipes * Deprecate `sap_system_discovery` config field in favor of `enable_discovery` * Move the validation of whether user passed correct PD, before stopping HANA * Add a placeholder for public doc link with next steps after hanapdrestore workflow has completed * Fix executable path for HDB version command * Add optional param `new-disk-name` to hanapdrestore for users that wish to override the default * Sort the skipmetrics in unit test to avoid order related flakes * Generalizing configure OTE * Discover Netweaver kernel version * Fix Sprintf call * Use SAP System data to determine if HANA HA nodes share the same zone. * hanapdrestore - do not delete PDs in case of failures * Create discoverHANATenantDBs method to support multiple SIDs for HANA tenant DBs * Send additional fields in Data Warehouse WriteInsightRequest * Updating the username parameters for hana pd backup and restore * Retrieve Reliability data every 2 hours instead of 24 * Discover HANA version * Fix import for GitHub build * Add instance properties, and topology information to system data * Keep the device nam and disk name same after restore * Move sapdiscovery package into system package * Changer the default name of the disk created by restore workflow * Updates the generated protobuf go for system.proto * Update generated system proto * Update go.yml * Add topology and instance properties info to SAP System data * Add a check to verify the disk is attached to instance, fail if disk is not attached * Add application and database software properties to system representation * Fix race condition in heartbeat test case * Add error handling to restore workflow to try and keep the HANA system in a clean state on failures * Enable LogToCloud by default for both OTE and Daemon modes * Bump Agent version to 3.0 * Reliability OTE added to SAP Agent * Declare public Get interface for SAP System discovery data * Integration testing for Networkstats Package * Adding project sap-ecs-testing to the list * Adding one time execution for enabling/disabling of features * Change to using custom retries for initial bucket connection * Default collection definition to be fetched from GCS * Add a 2 minute context timeout for initial bucket connection * Add `collection_config_version` as a WLM system metric * Make project, host param optional for hanapdbackup, in addition make user param optional for hanapdrestore * Fix potential nil dereference WLM metrics collection * Add force-stop-hana to restore workflow to forcefully stop HANA when the param is passed * Rename the HANA PD snapshot and restore workflows * Add unit tests for GetProvisionIOps and GetProvisionedThoughput * Remove the TestCollect unit test which relies on nc command which can be flaky in unit tests * Increase Backint timeout for PIPE files to 3 minutes * Add XFS freeze and unfreeze to PD based snapshot ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2024-776=1 ## Package List: * Public Cloud Module 12 (aarch64 ppc64le s390x x86_64) * google-cloud-sap-agent-3.0-6.22.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1218736 * https://bugzilla.suse.com/show_bug.cgi?id=1218737 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 6 12:30:06 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 Mar 2024 12:30:06 -0000 Subject: SUSE-RU-2024:0571-2: important: Recommended update for python-base Message-ID: <170972820642.22329.18215146822702610980@smelt2.prg2.suse.org> # Recommended update for python-base Announcement ID: SUSE-RU-2024:0571-2 Rating: important References: * bsc#1212263 * jsc#MSC-724 Affected Products: * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP4 An update that contains one feature and has one fix can now be installed. ## Description: This update for python-base contains the following fixes: * Added `python-xml` to Package Hub SLE-15-SP4 (no source changes) (bsc#1212263, ijsc#MSC-724) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP4 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2024-571=1 ## Package List: * SUSE Package Hub 15 15-SP4 (aarch64 ppc64le s390x x86_64) * python-xml-2.7.18-150000.62.1 * python-base-debuginfo-2.7.18-150000.62.1 * libpython2_7-1_0-2.7.18-150000.62.1 * python-xml-debuginfo-2.7.18-150000.62.1 * python-devel-2.7.18-150000.62.1 * python-base-2.7.18-150000.62.1 * libpython2_7-1_0-debuginfo-2.7.18-150000.62.1 * python-base-debugsource-2.7.18-150000.62.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1212263 * https://jira.suse.com/browse/MSC-724 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 6 16:30:04 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 Mar 2024 16:30:04 -0000 Subject: SUSE-SU-2024:0782-1: important: Security update for python311 Message-ID: <170974260434.18007.2676011282788481763@smelt2.prg2.suse.org> # Security update for python311 Announcement ID: SUSE-SU-2024:0782-1 Rating: important References: * bsc#1196025 * bsc#1210638 * bsc#1219666 Cross-References: * CVE-2022-25236 * CVE-2023-27043 * CVE-2023-6597 CVSS scores: * CVE-2022-25236 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2022-25236 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-27043 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-27043 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-6597 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Python 3 Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for python311 fixes the following issues: * CVE-2023-6597: Fixed symlink bug in cleanup of tempfile.TemporaryDirectory (bsc#1219666). * CVE-2023-27043: Fixed incorrect e-mqil parsing (bsc#1210638). * CVE-2022-25236: Fixed an expat vulnerability by supporting expat >= 2.4.4 (bsc#1212015). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-782=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-782=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-782=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-782=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-782=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-782=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-782=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-782=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python311-curses-debuginfo-3.11.8-150400.9.23.1 * python311-debuginfo-3.11.8-150400.9.23.1 * libpython3_11-1_0-3.11.8-150400.9.23.1 * python311-testsuite-debuginfo-3.11.8-150400.9.23.1 * python311-tools-3.11.8-150400.9.23.1 * python311-doc-3.11.8-150400.9.23.1 * python311-dbm-debuginfo-3.11.8-150400.9.23.1 * python311-doc-devhelp-3.11.8-150400.9.23.1 * python311-dbm-3.11.8-150400.9.23.1 * python311-core-debugsource-3.11.8-150400.9.23.1 * python311-tk-3.11.8-150400.9.23.1 * python311-curses-3.11.8-150400.9.23.1 * python311-debugsource-3.11.8-150400.9.23.1 * python311-base-3.11.8-150400.9.23.1 * python311-tk-debuginfo-3.11.8-150400.9.23.1 * python311-devel-3.11.8-150400.9.23.1 * python311-testsuite-3.11.8-150400.9.23.1 * python311-base-debuginfo-3.11.8-150400.9.23.1 * python311-idle-3.11.8-150400.9.23.1 * python311-3.11.8-150400.9.23.1 * libpython3_11-1_0-debuginfo-3.11.8-150400.9.23.1 * openSUSE Leap 15.4 (x86_64) * libpython3_11-1_0-32bit-3.11.8-150400.9.23.1 * python311-base-32bit-3.11.8-150400.9.23.1 * libpython3_11-1_0-32bit-debuginfo-3.11.8-150400.9.23.1 * python311-32bit-debuginfo-3.11.8-150400.9.23.1 * python311-base-32bit-debuginfo-3.11.8-150400.9.23.1 * python311-32bit-3.11.8-150400.9.23.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libpython3_11-1_0-64bit-3.11.8-150400.9.23.1 * libpython3_11-1_0-64bit-debuginfo-3.11.8-150400.9.23.1 * python311-base-64bit-3.11.8-150400.9.23.1 * python311-64bit-debuginfo-3.11.8-150400.9.23.1 * python311-base-64bit-debuginfo-3.11.8-150400.9.23.1 * python311-64bit-3.11.8-150400.9.23.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python311-curses-debuginfo-3.11.8-150400.9.23.1 * python311-debuginfo-3.11.8-150400.9.23.1 * libpython3_11-1_0-3.11.8-150400.9.23.1 * python311-testsuite-debuginfo-3.11.8-150400.9.23.1 * python311-tools-3.11.8-150400.9.23.1 * python311-doc-3.11.8-150400.9.23.1 * python311-dbm-debuginfo-3.11.8-150400.9.23.1 * python311-doc-devhelp-3.11.8-150400.9.23.1 * python311-dbm-3.11.8-150400.9.23.1 * python311-core-debugsource-3.11.8-150400.9.23.1 * python311-tk-3.11.8-150400.9.23.1 * python311-curses-3.11.8-150400.9.23.1 * python311-debugsource-3.11.8-150400.9.23.1 * python311-base-3.11.8-150400.9.23.1 * python311-tk-debuginfo-3.11.8-150400.9.23.1 * python311-devel-3.11.8-150400.9.23.1 * python311-testsuite-3.11.8-150400.9.23.1 * python311-base-debuginfo-3.11.8-150400.9.23.1 * python311-idle-3.11.8-150400.9.23.1 * python311-3.11.8-150400.9.23.1 * libpython3_11-1_0-debuginfo-3.11.8-150400.9.23.1 * openSUSE Leap 15.5 (x86_64) * libpython3_11-1_0-32bit-3.11.8-150400.9.23.1 * python311-base-32bit-3.11.8-150400.9.23.1 * libpython3_11-1_0-32bit-debuginfo-3.11.8-150400.9.23.1 * python311-32bit-debuginfo-3.11.8-150400.9.23.1 * python311-base-32bit-debuginfo-3.11.8-150400.9.23.1 * python311-32bit-3.11.8-150400.9.23.1 * Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python311-debuginfo-3.11.8-150400.9.23.1 * python311-base-debuginfo-3.11.8-150400.9.23.1 * python311-tools-3.11.8-150400.9.23.1 * python311-doc-3.11.8-150400.9.23.1 * python311-dbm-debuginfo-3.11.8-150400.9.23.1 * python311-debugsource-3.11.8-150400.9.23.1 * python311-doc-devhelp-3.11.8-150400.9.23.1 * python311-base-3.11.8-150400.9.23.1 * python311-core-debugsource-3.11.8-150400.9.23.1 * python311-dbm-3.11.8-150400.9.23.1 * python311-idle-3.11.8-150400.9.23.1 * python311-devel-3.11.8-150400.9.23.1 * python311-curses-debuginfo-3.11.8-150400.9.23.1 * python311-tk-3.11.8-150400.9.23.1 * python311-tk-debuginfo-3.11.8-150400.9.23.1 * python311-curses-3.11.8-150400.9.23.1 * python311-3.11.8-150400.9.23.1 * libpython3_11-1_0-debuginfo-3.11.8-150400.9.23.1 * libpython3_11-1_0-3.11.8-150400.9.23.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python311-debuginfo-3.11.8-150400.9.23.1 * python311-base-debuginfo-3.11.8-150400.9.23.1 * python311-tools-3.11.8-150400.9.23.1 * python311-doc-3.11.8-150400.9.23.1 * python311-dbm-debuginfo-3.11.8-150400.9.23.1 * python311-debugsource-3.11.8-150400.9.23.1 * python311-doc-devhelp-3.11.8-150400.9.23.1 * python311-base-3.11.8-150400.9.23.1 * python311-core-debugsource-3.11.8-150400.9.23.1 * python311-dbm-3.11.8-150400.9.23.1 * python311-idle-3.11.8-150400.9.23.1 * python311-devel-3.11.8-150400.9.23.1 * python311-curses-debuginfo-3.11.8-150400.9.23.1 * python311-tk-3.11.8-150400.9.23.1 * python311-tk-debuginfo-3.11.8-150400.9.23.1 * python311-curses-3.11.8-150400.9.23.1 * python311-3.11.8-150400.9.23.1 * libpython3_11-1_0-debuginfo-3.11.8-150400.9.23.1 * libpython3_11-1_0-3.11.8-150400.9.23.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python311-debuginfo-3.11.8-150400.9.23.1 * python311-base-debuginfo-3.11.8-150400.9.23.1 * python311-tools-3.11.8-150400.9.23.1 * python311-doc-3.11.8-150400.9.23.1 * python311-dbm-debuginfo-3.11.8-150400.9.23.1 * python311-debugsource-3.11.8-150400.9.23.1 * python311-doc-devhelp-3.11.8-150400.9.23.1 * python311-base-3.11.8-150400.9.23.1 * python311-core-debugsource-3.11.8-150400.9.23.1 * python311-dbm-3.11.8-150400.9.23.1 * python311-idle-3.11.8-150400.9.23.1 * python311-devel-3.11.8-150400.9.23.1 * python311-curses-debuginfo-3.11.8-150400.9.23.1 * python311-tk-3.11.8-150400.9.23.1 * python311-tk-debuginfo-3.11.8-150400.9.23.1 * python311-curses-3.11.8-150400.9.23.1 * python311-3.11.8-150400.9.23.1 * libpython3_11-1_0-debuginfo-3.11.8-150400.9.23.1 * libpython3_11-1_0-3.11.8-150400.9.23.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * python311-debuginfo-3.11.8-150400.9.23.1 * python311-base-debuginfo-3.11.8-150400.9.23.1 * python311-tools-3.11.8-150400.9.23.1 * python311-doc-3.11.8-150400.9.23.1 * python311-dbm-debuginfo-3.11.8-150400.9.23.1 * python311-debugsource-3.11.8-150400.9.23.1 * python311-doc-devhelp-3.11.8-150400.9.23.1 * python311-base-3.11.8-150400.9.23.1 * python311-core-debugsource-3.11.8-150400.9.23.1 * python311-dbm-3.11.8-150400.9.23.1 * python311-idle-3.11.8-150400.9.23.1 * python311-devel-3.11.8-150400.9.23.1 * python311-curses-debuginfo-3.11.8-150400.9.23.1 * python311-tk-3.11.8-150400.9.23.1 * python311-tk-debuginfo-3.11.8-150400.9.23.1 * python311-curses-3.11.8-150400.9.23.1 * python311-3.11.8-150400.9.23.1 * libpython3_11-1_0-debuginfo-3.11.8-150400.9.23.1 * libpython3_11-1_0-3.11.8-150400.9.23.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * python311-debuginfo-3.11.8-150400.9.23.1 * python311-base-debuginfo-3.11.8-150400.9.23.1 * python311-tools-3.11.8-150400.9.23.1 * python311-doc-3.11.8-150400.9.23.1 * python311-dbm-debuginfo-3.11.8-150400.9.23.1 * python311-debugsource-3.11.8-150400.9.23.1 * python311-doc-devhelp-3.11.8-150400.9.23.1 * python311-base-3.11.8-150400.9.23.1 * python311-core-debugsource-3.11.8-150400.9.23.1 * python311-dbm-3.11.8-150400.9.23.1 * python311-idle-3.11.8-150400.9.23.1 * python311-devel-3.11.8-150400.9.23.1 * python311-curses-debuginfo-3.11.8-150400.9.23.1 * python311-tk-3.11.8-150400.9.23.1 * python311-tk-debuginfo-3.11.8-150400.9.23.1 * python311-curses-3.11.8-150400.9.23.1 * python311-3.11.8-150400.9.23.1 * libpython3_11-1_0-debuginfo-3.11.8-150400.9.23.1 * libpython3_11-1_0-3.11.8-150400.9.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python311-debuginfo-3.11.8-150400.9.23.1 * python311-base-debuginfo-3.11.8-150400.9.23.1 * python311-tools-3.11.8-150400.9.23.1 * python311-doc-3.11.8-150400.9.23.1 * python311-dbm-debuginfo-3.11.8-150400.9.23.1 * python311-debugsource-3.11.8-150400.9.23.1 * python311-doc-devhelp-3.11.8-150400.9.23.1 * python311-base-3.11.8-150400.9.23.1 * python311-core-debugsource-3.11.8-150400.9.23.1 * python311-dbm-3.11.8-150400.9.23.1 * python311-idle-3.11.8-150400.9.23.1 * python311-devel-3.11.8-150400.9.23.1 * python311-curses-debuginfo-3.11.8-150400.9.23.1 * python311-tk-3.11.8-150400.9.23.1 * python311-tk-debuginfo-3.11.8-150400.9.23.1 * python311-curses-3.11.8-150400.9.23.1 * python311-3.11.8-150400.9.23.1 * libpython3_11-1_0-debuginfo-3.11.8-150400.9.23.1 * libpython3_11-1_0-3.11.8-150400.9.23.1 ## References: * https://www.suse.com/security/cve/CVE-2022-25236.html * https://www.suse.com/security/cve/CVE-2023-27043.html * https://www.suse.com/security/cve/CVE-2023-6597.html * https://bugzilla.suse.com/show_bug.cgi?id=1196025 * https://bugzilla.suse.com/show_bug.cgi?id=1210638 * https://bugzilla.suse.com/show_bug.cgi?id=1219666 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 6 16:30:07 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 Mar 2024 16:30:07 -0000 Subject: SUSE-RU-2024:0781-1: moderate: Recommended update for cloud-netconfig Message-ID: <170974260723.18007.13765878178952955133@smelt2.prg2.suse.org> # Recommended update for cloud-netconfig Announcement ID: SUSE-RU-2024:0781-1 Rating: moderate References: * bsc#1219454 * bsc#1220718 Affected Products: * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * Public Cloud Module 15-SP2 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.1 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.1 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that has two fixes can now be installed. ## Description: This update for cloud-netconfig fixes the following issues: * Add Provides/Obsoletes for dropped cloud-netconfig-nm * Install dispatcher script into /etc/NetworkManager/dispatcher.d on older distributions * Add BuildReqires: NetworkManager to avoid owning dispatcher.d parent directory * Update to version 1.11: * Revert address metadata lookup in GCE to local lookup (bsc#1219454) * Fix hang on warning log messages * Check whether getting IPv4 addresses from metadata failed and abort if true * Only delete policy rules if they exist * Skip adding/removing IPv4 ranges if metdata lookup failed * Improve error handling and logging in Azure * Set SCRIPTDIR when installing netconfig wrapper ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-781=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-781=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-781=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-781=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-781=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-781=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-781=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-781=1 * Public Cloud Module 15-SP2 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2024-781=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2024-781=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-781=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-781=1 ## Package List: * openSUSE Leap Micro 5.3 (noarch) * cloud-netconfig-gce-1.11-150000.25.17.1 * cloud-netconfig-ec2-1.11-150000.25.17.1 * cloud-netconfig-azure-1.11-150000.25.17.1 * openSUSE Leap Micro 5.4 (noarch) * cloud-netconfig-gce-1.11-150000.25.17.1 * cloud-netconfig-ec2-1.11-150000.25.17.1 * cloud-netconfig-azure-1.11-150000.25.17.1 * openSUSE Leap 15.5 (noarch) * cloud-netconfig-gce-1.11-150000.25.17.1 * cloud-netconfig-ec2-1.11-150000.25.17.1 * cloud-netconfig-azure-1.11-150000.25.17.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * cloud-netconfig-gce-1.11-150000.25.17.1 * cloud-netconfig-ec2-1.11-150000.25.17.1 * cloud-netconfig-azure-1.11-150000.25.17.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * cloud-netconfig-gce-1.11-150000.25.17.1 * cloud-netconfig-ec2-1.11-150000.25.17.1 * cloud-netconfig-azure-1.11-150000.25.17.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * cloud-netconfig-gce-1.11-150000.25.17.1 * cloud-netconfig-ec2-1.11-150000.25.17.1 * cloud-netconfig-azure-1.11-150000.25.17.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * cloud-netconfig-gce-1.11-150000.25.17.1 * cloud-netconfig-ec2-1.11-150000.25.17.1 * cloud-netconfig-azure-1.11-150000.25.17.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * cloud-netconfig-gce-1.11-150000.25.17.1 * cloud-netconfig-ec2-1.11-150000.25.17.1 * cloud-netconfig-azure-1.11-150000.25.17.1 * Public Cloud Module 15-SP2 (noarch) * cloud-netconfig-gce-1.11-150000.25.17.1 * cloud-netconfig-ec2-1.11-150000.25.17.1 * cloud-netconfig-azure-1.11-150000.25.17.1 * Public Cloud Module 15-SP3 (noarch) * cloud-netconfig-gce-1.11-150000.25.17.1 * cloud-netconfig-ec2-1.11-150000.25.17.1 * cloud-netconfig-azure-1.11-150000.25.17.1 * Public Cloud Module 15-SP4 (noarch) * cloud-netconfig-gce-1.11-150000.25.17.1 * cloud-netconfig-ec2-1.11-150000.25.17.1 * cloud-netconfig-azure-1.11-150000.25.17.1 * Public Cloud Module 15-SP5 (noarch) * cloud-netconfig-gce-1.11-150000.25.17.1 * cloud-netconfig-ec2-1.11-150000.25.17.1 * cloud-netconfig-azure-1.11-150000.25.17.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219454 * https://bugzilla.suse.com/show_bug.cgi?id=1220718 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 6 16:30:09 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 Mar 2024 16:30:09 -0000 Subject: SUSE-SU-2024:0780-1: important: Security update for gstreamer-plugins-bad Message-ID: <170974260933.18007.13878334463789901406@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-bad Announcement ID: SUSE-SU-2024:0780-1 Rating: important References: * bsc#1217213 Cross-References: * CVE-2023-44446 CVSS scores: * CVE-2023-44446 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves one vulnerability can now be installed. ## Description: This update for gstreamer-plugins-bad fixes the following issues: * CVE-2023-44446: Fixed use-after-free remote code execution vulnerability via MXF file (bsc#1217213). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-780=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-780=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-780=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libgstphotography-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debugsource-1.16.3-150200.4.19.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-1.16.3-150200.4.19.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-devel-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150200.4.19.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150200.4.19.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libgstphotography-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debugsource-1.16.3-150200.4.19.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-1.16.3-150200.4.19.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-devel-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150200.4.19.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150200.4.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libgstphotography-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debugsource-1.16.3-150200.4.19.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-1.16.3-150200.4.19.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-devel-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150200.4.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150200.4.19.1 ## References: * https://www.suse.com/security/cve/CVE-2023-44446.html * https://bugzilla.suse.com/show_bug.cgi?id=1217213 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 6 20:30:03 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 Mar 2024 20:30:03 -0000 Subject: SUSE-SU-2024:0785-1: important: Security update for python3 Message-ID: <170975700359.9342.12504894921127616257@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2024:0785-1 Rating: important References: * bsc#1214692 * bsc#1219666 Cross-References: * CVE-2023-40217 * CVE-2023-6597 CVSS scores: * CVE-2023-40217 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-40217 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2023-6597 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * Web and Scripting Module 12 An update that solves two vulnerabilities can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2023-40217: Fixed bypass TLS handshake on closed sockets (bsc#1214692). * CVE-2023-6597: Fixed symlink bug in cleanup (bsc#1219666). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 12 zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2024-785=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-785=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-785=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-785=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-785=1 ## Package List: * Web and Scripting Module 12 (aarch64 ppc64le s390x x86_64) * libpython3_4m1_0-3.4.10-25.124.1 * python3-curses-3.4.10-25.124.1 * libpython3_4m1_0-debuginfo-3.4.10-25.124.1 * python3-base-3.4.10-25.124.1 * python3-base-debugsource-3.4.10-25.124.1 * python3-base-debuginfo-3.4.10-25.124.1 * python3-3.4.10-25.124.1 * python3-debugsource-3.4.10-25.124.1 * python3-debuginfo-3.4.10-25.124.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * python3-devel-3.4.10-25.124.1 * python3-base-debugsource-3.4.10-25.124.1 * python3-base-debuginfo-3.4.10-25.124.1 * python3-dbm-3.4.10-25.124.1 * python3-debugsource-3.4.10-25.124.1 * python3-debuginfo-3.4.10-25.124.1 * python3-dbm-debuginfo-3.4.10-25.124.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (ppc64le s390x x86_64) * python3-devel-debuginfo-3.4.10-25.124.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libpython3_4m1_0-3.4.10-25.124.1 * python3-curses-3.4.10-25.124.1 * libpython3_4m1_0-debuginfo-3.4.10-25.124.1 * python3-curses-debuginfo-3.4.10-25.124.1 * python3-base-3.4.10-25.124.1 * python3-base-debugsource-3.4.10-25.124.1 * python3-devel-3.4.10-25.124.1 * python3-base-debuginfo-3.4.10-25.124.1 * python3-3.4.10-25.124.1 * python3-debugsource-3.4.10-25.124.1 * python3-debuginfo-3.4.10-25.124.1 * python3-tk-3.4.10-25.124.1 * python3-tk-debuginfo-3.4.10-25.124.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * python3-devel-debuginfo-3.4.10-25.124.1 * libpython3_4m1_0-debuginfo-32bit-3.4.10-25.124.1 * libpython3_4m1_0-32bit-3.4.10-25.124.1 * python3-base-debuginfo-32bit-3.4.10-25.124.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libpython3_4m1_0-3.4.10-25.124.1 * python3-curses-3.4.10-25.124.1 * libpython3_4m1_0-debuginfo-3.4.10-25.124.1 * python3-curses-debuginfo-3.4.10-25.124.1 * python3-base-3.4.10-25.124.1 * python3-base-debugsource-3.4.10-25.124.1 * python3-devel-3.4.10-25.124.1 * python3-base-debuginfo-3.4.10-25.124.1 * python3-3.4.10-25.124.1 * python3-debugsource-3.4.10-25.124.1 * python3-debuginfo-3.4.10-25.124.1 * python3-tk-3.4.10-25.124.1 * python3-tk-debuginfo-3.4.10-25.124.1 * SUSE Linux Enterprise Server 12 SP5 (ppc64le s390x x86_64) * python3-devel-debuginfo-3.4.10-25.124.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libpython3_4m1_0-debuginfo-32bit-3.4.10-25.124.1 * libpython3_4m1_0-32bit-3.4.10-25.124.1 * python3-base-debuginfo-32bit-3.4.10-25.124.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libpython3_4m1_0-3.4.10-25.124.1 * python3-curses-3.4.10-25.124.1 * libpython3_4m1_0-debuginfo-3.4.10-25.124.1 * python3-curses-debuginfo-3.4.10-25.124.1 * python3-base-3.4.10-25.124.1 * python3-base-debugsource-3.4.10-25.124.1 * python3-devel-3.4.10-25.124.1 * python3-base-debuginfo-3.4.10-25.124.1 * python3-3.4.10-25.124.1 * python3-debugsource-3.4.10-25.124.1 * python3-debuginfo-3.4.10-25.124.1 * python3-devel-debuginfo-3.4.10-25.124.1 * python3-tk-debuginfo-3.4.10-25.124.1 * python3-tk-3.4.10-25.124.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libpython3_4m1_0-debuginfo-32bit-3.4.10-25.124.1 * libpython3_4m1_0-32bit-3.4.10-25.124.1 * python3-base-debuginfo-32bit-3.4.10-25.124.1 ## References: * https://www.suse.com/security/cve/CVE-2023-40217.html * https://www.suse.com/security/cve/CVE-2023-6597.html * https://bugzilla.suse.com/show_bug.cgi?id=1214692 * https://bugzilla.suse.com/show_bug.cgi?id=1219666 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 6 20:30:06 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 Mar 2024 20:30:06 -0000 Subject: SUSE-SU-2024:0784-1: important: Security update for python39 Message-ID: <170975700651.9342.14694989400787044062@smelt2.prg2.suse.org> # Security update for python39 Announcement ID: SUSE-SU-2024:0784-1 Rating: important References: * bsc#1196025 * bsc#1210638 * bsc#1212015 * bsc#1214692 * bsc#1215454 * bsc#1219666 * jsc#PED-7886 * jsc#SLE-21253 Cross-References: * CVE-2022-25236 * CVE-2023-27043 * CVE-2023-40217 * CVE-2023-6597 CVSS scores: * CVE-2022-25236 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2022-25236 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-27043 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-27043 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-40217 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2023-40217 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2023-6597 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves four vulnerabilities, contains two features and has two security fixes can now be installed. ## Description: This update for python39 fixes the following issues: * CVE-2023-6597: Fixed symlink bug in cleanup of tempfile.TemporaryDirectory (bsc#1219666). * CVE-2023-27043: Fixed incorrect e-mqil parsing (bsc#1210638). * CVE-2023-40217: Fixed a ssl.SSLSocket TLS bypass vulnerability where data is sent unencrypted (bsc#1214692). * CVE-2022-25236: Fixed an expat vulnerability by supporting expat >= 2.4.4 (bsc#1212015). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-784=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-784=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-784=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-784=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-784=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-784=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python39-core-debugsource-3.9.18-150300.4.38.1 * python39-tk-debuginfo-3.9.18-150300.4.38.1 * python39-debuginfo-3.9.18-150300.4.38.1 * python39-base-debuginfo-3.9.18-150300.4.38.1 * python39-devel-3.9.18-150300.4.38.1 * python39-curses-3.9.18-150300.4.38.1 * python39-doc-3.9.18-150300.4.38.1 * libpython3_9-1_0-debuginfo-3.9.18-150300.4.38.1 * python39-curses-debuginfo-3.9.18-150300.4.38.1 * python39-dbm-3.9.18-150300.4.38.1 * libpython3_9-1_0-3.9.18-150300.4.38.1 * python39-base-3.9.18-150300.4.38.1 * python39-tk-3.9.18-150300.4.38.1 * python39-idle-3.9.18-150300.4.38.1 * python39-3.9.18-150300.4.38.1 * python39-tools-3.9.18-150300.4.38.1 * python39-doc-devhelp-3.9.18-150300.4.38.1 * python39-testsuite-3.9.18-150300.4.38.1 * python39-debugsource-3.9.18-150300.4.38.1 * python39-dbm-debuginfo-3.9.18-150300.4.38.1 * python39-testsuite-debuginfo-3.9.18-150300.4.38.1 * openSUSE Leap 15.3 (x86_64) * libpython3_9-1_0-32bit-debuginfo-3.9.18-150300.4.38.1 * python39-32bit-debuginfo-3.9.18-150300.4.38.1 * python39-base-32bit-debuginfo-3.9.18-150300.4.38.1 * python39-32bit-3.9.18-150300.4.38.1 * libpython3_9-1_0-32bit-3.9.18-150300.4.38.1 * python39-base-32bit-3.9.18-150300.4.38.1 * openSUSE Leap 15.3 (aarch64_ilp32) * libpython3_9-1_0-64bit-debuginfo-3.9.18-150300.4.38.1 * python39-base-64bit-debuginfo-3.9.18-150300.4.38.1 * libpython3_9-1_0-64bit-3.9.18-150300.4.38.1 * python39-64bit-debuginfo-3.9.18-150300.4.38.1 * python39-base-64bit-3.9.18-150300.4.38.1 * python39-64bit-3.9.18-150300.4.38.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python39-core-debugsource-3.9.18-150300.4.38.1 * python39-tk-debuginfo-3.9.18-150300.4.38.1 * python39-debuginfo-3.9.18-150300.4.38.1 * python39-base-debuginfo-3.9.18-150300.4.38.1 * python39-devel-3.9.18-150300.4.38.1 * python39-curses-3.9.18-150300.4.38.1 * python39-doc-3.9.18-150300.4.38.1 * libpython3_9-1_0-debuginfo-3.9.18-150300.4.38.1 * python39-curses-debuginfo-3.9.18-150300.4.38.1 * python39-dbm-3.9.18-150300.4.38.1 * libpython3_9-1_0-3.9.18-150300.4.38.1 * python39-base-3.9.18-150300.4.38.1 * python39-tk-3.9.18-150300.4.38.1 * python39-idle-3.9.18-150300.4.38.1 * python39-3.9.18-150300.4.38.1 * python39-tools-3.9.18-150300.4.38.1 * python39-doc-devhelp-3.9.18-150300.4.38.1 * python39-testsuite-3.9.18-150300.4.38.1 * python39-debugsource-3.9.18-150300.4.38.1 * python39-dbm-debuginfo-3.9.18-150300.4.38.1 * python39-testsuite-debuginfo-3.9.18-150300.4.38.1 * openSUSE Leap 15.5 (x86_64) * libpython3_9-1_0-32bit-debuginfo-3.9.18-150300.4.38.1 * python39-32bit-debuginfo-3.9.18-150300.4.38.1 * python39-base-32bit-debuginfo-3.9.18-150300.4.38.1 * python39-32bit-3.9.18-150300.4.38.1 * libpython3_9-1_0-32bit-3.9.18-150300.4.38.1 * python39-base-32bit-3.9.18-150300.4.38.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * python39-tk-3.9.18-150300.4.38.1 * python39-core-debugsource-3.9.18-150300.4.38.1 * python39-curses-3.9.18-150300.4.38.1 * python39-tk-debuginfo-3.9.18-150300.4.38.1 * python39-debuginfo-3.9.18-150300.4.38.1 * libpython3_9-1_0-debuginfo-3.9.18-150300.4.38.1 * python39-idle-3.9.18-150300.4.38.1 * python39-debugsource-3.9.18-150300.4.38.1 * python39-dbm-debuginfo-3.9.18-150300.4.38.1 * python39-3.9.18-150300.4.38.1 * python39-base-debuginfo-3.9.18-150300.4.38.1 * python39-curses-debuginfo-3.9.18-150300.4.38.1 * python39-devel-3.9.18-150300.4.38.1 * python39-dbm-3.9.18-150300.4.38.1 * libpython3_9-1_0-3.9.18-150300.4.38.1 * python39-base-3.9.18-150300.4.38.1 * python39-tools-3.9.18-150300.4.38.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * python39-tk-3.9.18-150300.4.38.1 * python39-core-debugsource-3.9.18-150300.4.38.1 * python39-curses-3.9.18-150300.4.38.1 * python39-tk-debuginfo-3.9.18-150300.4.38.1 * python39-debuginfo-3.9.18-150300.4.38.1 * libpython3_9-1_0-debuginfo-3.9.18-150300.4.38.1 * python39-idle-3.9.18-150300.4.38.1 * python39-debugsource-3.9.18-150300.4.38.1 * python39-dbm-debuginfo-3.9.18-150300.4.38.1 * python39-3.9.18-150300.4.38.1 * python39-base-debuginfo-3.9.18-150300.4.38.1 * python39-curses-debuginfo-3.9.18-150300.4.38.1 * python39-devel-3.9.18-150300.4.38.1 * python39-dbm-3.9.18-150300.4.38.1 * libpython3_9-1_0-3.9.18-150300.4.38.1 * python39-base-3.9.18-150300.4.38.1 * python39-tools-3.9.18-150300.4.38.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * python39-tk-3.9.18-150300.4.38.1 * python39-core-debugsource-3.9.18-150300.4.38.1 * python39-curses-3.9.18-150300.4.38.1 * python39-tk-debuginfo-3.9.18-150300.4.38.1 * python39-debuginfo-3.9.18-150300.4.38.1 * libpython3_9-1_0-debuginfo-3.9.18-150300.4.38.1 * python39-idle-3.9.18-150300.4.38.1 * python39-debugsource-3.9.18-150300.4.38.1 * python39-dbm-debuginfo-3.9.18-150300.4.38.1 * python39-3.9.18-150300.4.38.1 * python39-base-debuginfo-3.9.18-150300.4.38.1 * python39-curses-debuginfo-3.9.18-150300.4.38.1 * python39-devel-3.9.18-150300.4.38.1 * python39-dbm-3.9.18-150300.4.38.1 * libpython3_9-1_0-3.9.18-150300.4.38.1 * python39-base-3.9.18-150300.4.38.1 * python39-tools-3.9.18-150300.4.38.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * python39-tk-3.9.18-150300.4.38.1 * python39-core-debugsource-3.9.18-150300.4.38.1 * python39-curses-3.9.18-150300.4.38.1 * python39-tk-debuginfo-3.9.18-150300.4.38.1 * python39-debuginfo-3.9.18-150300.4.38.1 * libpython3_9-1_0-debuginfo-3.9.18-150300.4.38.1 * python39-idle-3.9.18-150300.4.38.1 * python39-debugsource-3.9.18-150300.4.38.1 * python39-dbm-debuginfo-3.9.18-150300.4.38.1 * python39-3.9.18-150300.4.38.1 * python39-base-debuginfo-3.9.18-150300.4.38.1 * python39-curses-debuginfo-3.9.18-150300.4.38.1 * python39-devel-3.9.18-150300.4.38.1 * python39-dbm-3.9.18-150300.4.38.1 * libpython3_9-1_0-3.9.18-150300.4.38.1 * python39-base-3.9.18-150300.4.38.1 * python39-tools-3.9.18-150300.4.38.1 ## References: * https://www.suse.com/security/cve/CVE-2022-25236.html * https://www.suse.com/security/cve/CVE-2023-27043.html * https://www.suse.com/security/cve/CVE-2023-40217.html * https://www.suse.com/security/cve/CVE-2023-6597.html * https://bugzilla.suse.com/show_bug.cgi?id=1196025 * https://bugzilla.suse.com/show_bug.cgi?id=1210638 * https://bugzilla.suse.com/show_bug.cgi?id=1212015 * https://bugzilla.suse.com/show_bug.cgi?id=1214692 * https://bugzilla.suse.com/show_bug.cgi?id=1215454 * https://bugzilla.suse.com/show_bug.cgi?id=1219666 * https://jira.suse.com/browse/PED-7886 * https://jira.suse.com/browse/SLE-21253 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 6 20:30:09 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 Mar 2024 20:30:09 -0000 Subject: SUSE-SU-2024:0783-1: important: Security update for vim Message-ID: <170975700970.9342.7264674375508063757@smelt2.prg2.suse.org> # Security update for vim Announcement ID: SUSE-SU-2024:0783-1 Rating: important References: * bsc#1215005 * bsc#1217316 * bsc#1217320 * bsc#1217321 * bsc#1217324 * bsc#1217326 * bsc#1217329 * bsc#1217330 * bsc#1217432 * bsc#1219581 Cross-References: * CVE-2023-4750 * CVE-2023-48231 * CVE-2023-48232 * CVE-2023-48233 * CVE-2023-48234 * CVE-2023-48235 * CVE-2023-48236 * CVE-2023-48237 * CVE-2023-48706 * CVE-2024-22667 CVSS scores: * CVE-2023-4750 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4750 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4750 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-48231 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2023-48231 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48232 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2023-48232 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48233 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48233 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48234 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48234 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48235 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48235 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48236 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N * CVE-2023-48236 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48237 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48237 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48706 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2023-48706 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-22667 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-22667 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for vim fixes the following issues: * CVE-2023-48231: Fixed Use-After-Free in win_close() (bsc#1217316). * CVE-2023-48232: Fixed Floating point Exception in adjust_plines_for_skipcol() (bsc#1217320). * CVE-2023-48233: Fixed overflow with count for :s command (bsc#1217321). * CVE-2023-48234: Fixed overflow in nv_z_get_count (bsc#1217324). * CVE-2023-48235: Fixed overflow in ex address parsing (bsc#1217326). * CVE-2023-48236: Fixed overflow in get_number (bsc#1217329). * CVE-2023-48237: Fixed overflow in shift_line (bsc#1217330). * CVE-2023-48706: Fixed heap-use-after-free in ex_substitute (bsc#1217432). * CVE-2024-22667: Fixed stack-based buffer overflow in did_set_langmap function in map.c (bsc#1219581). * CVE-2023-4750: Fixed heap use-after-free in function bt_quickfix (bsc#1215005). Updated to version 9.1 with patch level 0111: https://github.com/vim/vim/compare/v9.0.2103...v9.1.0111 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-783=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-783=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-783=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * gvim-9.1.0111-17.29.1 * vim-debugsource-9.1.0111-17.29.1 * vim-debuginfo-9.1.0111-17.29.1 * gvim-debuginfo-9.1.0111-17.29.1 * vim-9.1.0111-17.29.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * vim-data-9.1.0111-17.29.1 * vim-data-common-9.1.0111-17.29.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * gvim-9.1.0111-17.29.1 * vim-debugsource-9.1.0111-17.29.1 * vim-debuginfo-9.1.0111-17.29.1 * gvim-debuginfo-9.1.0111-17.29.1 * vim-9.1.0111-17.29.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * vim-data-9.1.0111-17.29.1 * vim-data-common-9.1.0111-17.29.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * gvim-9.1.0111-17.29.1 * vim-debugsource-9.1.0111-17.29.1 * vim-debuginfo-9.1.0111-17.29.1 * gvim-debuginfo-9.1.0111-17.29.1 * vim-9.1.0111-17.29.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * vim-data-9.1.0111-17.29.1 * vim-data-common-9.1.0111-17.29.1 ## References: * https://www.suse.com/security/cve/CVE-2023-4750.html * https://www.suse.com/security/cve/CVE-2023-48231.html * https://www.suse.com/security/cve/CVE-2023-48232.html * https://www.suse.com/security/cve/CVE-2023-48233.html * https://www.suse.com/security/cve/CVE-2023-48234.html * https://www.suse.com/security/cve/CVE-2023-48235.html * https://www.suse.com/security/cve/CVE-2023-48236.html * https://www.suse.com/security/cve/CVE-2023-48237.html * https://www.suse.com/security/cve/CVE-2023-48706.html * https://www.suse.com/security/cve/CVE-2024-22667.html * https://bugzilla.suse.com/show_bug.cgi?id=1215005 * https://bugzilla.suse.com/show_bug.cgi?id=1217316 * https://bugzilla.suse.com/show_bug.cgi?id=1217320 * https://bugzilla.suse.com/show_bug.cgi?id=1217321 * https://bugzilla.suse.com/show_bug.cgi?id=1217324 * https://bugzilla.suse.com/show_bug.cgi?id=1217326 * https://bugzilla.suse.com/show_bug.cgi?id=1217329 * https://bugzilla.suse.com/show_bug.cgi?id=1217330 * https://bugzilla.suse.com/show_bug.cgi?id=1217432 * https://bugzilla.suse.com/show_bug.cgi?id=1219581 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 6 20:30:10 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 Mar 2024 20:30:10 -0000 Subject: SUSE-SU-2024:0780-1: important: Security update for gstreamer-plugins-bad Message-ID: <170975701068.9342.775116426948276677@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-bad Announcement ID: SUSE-SU-2024:0780-1 Rating: important References: * bsc#1217213 Cross-References: * CVE-2023-44446 CVSS scores: * CVE-2023-44446 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves one vulnerability can now be installed. ## Description: This update for gstreamer-plugins-bad fixes the following issues: * CVE-2023-44446: Fixed use-after-free remote code execution vulnerability via MXF file (bsc#1217213). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-780=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-780=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-780=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libgstphotography-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debugsource-1.16.3-150200.4.19.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-1.16.3-150200.4.19.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-devel-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150200.4.19.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150200.4.19.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libgstphotography-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debugsource-1.16.3-150200.4.19.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-1.16.3-150200.4.19.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-devel-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150200.4.19.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150200.4.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libgstphotography-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debugsource-1.16.3-150200.4.19.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-1.16.3-150200.4.19.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-devel-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150200.4.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150200.4.19.1 ## References: * https://www.suse.com/security/cve/CVE-2023-44446.html * https://bugzilla.suse.com/show_bug.cgi?id=1217213 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 6 20:33:14 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 Mar 2024 20:33:14 -0000 Subject: SUSE-SU-2024:0780-1: important: Security update for gstreamer-plugins-bad Message-ID: <170975719400.9816.12145727239885392120@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-bad Announcement ID: SUSE-SU-2024:0780-1 Rating: important References: * bsc#1217213 Cross-References: * CVE-2023-44446 CVSS scores: * CVE-2023-44446 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves one vulnerability can now be installed. ## Description: This update for gstreamer-plugins-bad fixes the following issues: * CVE-2023-44446: Fixed use-after-free remote code execution vulnerability via MXF file (bsc#1217213). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-780=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-780=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-780=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libgstphotography-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debugsource-1.16.3-150200.4.19.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-1.16.3-150200.4.19.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-devel-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150200.4.19.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150200.4.19.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libgstphotography-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debugsource-1.16.3-150200.4.19.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-1.16.3-150200.4.19.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-devel-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150200.4.19.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150200.4.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libgstphotography-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debugsource-1.16.3-150200.4.19.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-1.16.3-150200.4.19.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-devel-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150200.4.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150200.4.19.1 ## References: * https://www.suse.com/security/cve/CVE-2023-44446.html * https://bugzilla.suse.com/show_bug.cgi?id=1217213 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 6 20:36:15 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 Mar 2024 20:36:15 -0000 Subject: SUSE-SU-2024:0780-1: important: Security update for gstreamer-plugins-bad Message-ID: <170975737588.8850.12978889870919997350@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-bad Announcement ID: SUSE-SU-2024:0780-1 Rating: important References: * bsc#1217213 Cross-References: * CVE-2023-44446 CVSS scores: * CVE-2023-44446 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves one vulnerability can now be installed. ## Description: This update for gstreamer-plugins-bad fixes the following issues: * CVE-2023-44446: Fixed use-after-free remote code execution vulnerability via MXF file (bsc#1217213). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-780=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-780=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-780=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libgstisoff-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-1.16.3-150200.4.19.1 * libgstphotography-1_0-0-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-devel-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-1.16.3-150200.4.19.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debugsource-1.16.3-150200.4.19.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150200.4.19.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150200.4.19.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libgstisoff-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-1.16.3-150200.4.19.1 * libgstphotography-1_0-0-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-devel-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-1.16.3-150200.4.19.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debugsource-1.16.3-150200.4.19.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150200.4.19.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150200.4.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libgstisoff-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-1.16.3-150200.4.19.1 * libgstphotography-1_0-0-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-1.16.3-150200.4.19.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150200.4.19.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstsctp-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150200.4.19.1 * libgstcodecparsers-1_0-0-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-devel-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-1.16.3-150200.4.19.1 * libgstisoff-1_0-0-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstbadaudio-1_0-0-1.16.3-150200.4.19.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgsturidownloader-1_0-0-debuginfo-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150200.4.19.1 * gstreamer-plugins-bad-debugsource-1.16.3-150200.4.19.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150200.4.19.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150200.4.19.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150200.4.19.1 * libgstwebrtc-1_0-0-1.16.3-150200.4.19.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150200.4.19.1 * libgstmpegts-1_0-0-1.16.3-150200.4.19.1 * libgstinsertbin-1_0-0-1.16.3-150200.4.19.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150200.4.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150200.4.19.1 ## References: * https://www.suse.com/security/cve/CVE-2023-44446.html * https://bugzilla.suse.com/show_bug.cgi?id=1217213 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 6 20:36:18 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 Mar 2024 20:36:18 -0000 Subject: SUSE-SU-2024:0779-1: important: Security update for gstreamer-plugins-bad Message-ID: <170975737897.8850.6165976743259882440@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-bad Announcement ID: SUSE-SU-2024:0779-1 Rating: important References: * bsc#1217213 Cross-References: * CVE-2023-44446 CVSS scores: * CVE-2023-44446 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for gstreamer-plugins-bad fixes the following issues: * CVE-2023-44446: Fixed use-after-free remote code execution vulnerability via MXF file (bsc#1217213). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-779=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-779=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-779=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-779=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libgstinsertbin-1_0-0-debuginfo-1.8.3-18.15.1 * gstreamer-plugins-bad-devel-1.8.3-18.15.1 * libgsturidownloader-1_0-0-debuginfo-1.8.3-18.15.1 * gstreamer-plugins-bad-debugsource-1.8.3-18.15.1 * libgsturidownloader-1_0-0-1.8.3-18.15.1 * libgstinsertbin-1_0-0-1.8.3-18.15.1 * gstreamer-plugins-bad-debuginfo-1.8.3-18.15.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libgstmpegts-1_0-0-debuginfo-1.8.3-18.15.1 * libgstadaptivedemux-1_0-0-debuginfo-1.8.3-18.15.1 * libgstbadvideo-1_0-0-debuginfo-1.8.3-18.15.1 * gstreamer-plugins-bad-1.8.3-18.15.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.8.3-18.15.1 * libgstbadaudio-1_0-0-1.8.3-18.15.1 * gstreamer-plugins-bad-debuginfo-1.8.3-18.15.1 * libgsturidownloader-1_0-0-debuginfo-1.8.3-18.15.1 * gstreamer-plugins-bad-debugsource-1.8.3-18.15.1 * libgsturidownloader-1_0-0-1.8.3-18.15.1 * libgstphotography-1_0-0-debuginfo-1.8.3-18.15.1 * libgstadaptivedemux-1_0-0-1.8.3-18.15.1 * libgstbadvideo-1_0-0-1.8.3-18.15.1 * libgstbadbase-1_0-0-debuginfo-1.8.3-18.15.1 * libgstcodecparsers-1_0-0-debuginfo-1.8.3-18.15.1 * libgstphotography-1_0-0-1.8.3-18.15.1 * libgstgl-1_0-0-debuginfo-1.8.3-18.15.1 * libgstcodecparsers-1_0-0-1.8.3-18.15.1 * libgstbadbase-1_0-0-1.8.3-18.15.1 * libgstbadaudio-1_0-0-debuginfo-1.8.3-18.15.1 * libgstgl-1_0-0-1.8.3-18.15.1 * libgstmpegts-1_0-0-1.8.3-18.15.1 * libgstbasecamerabinsrc-1_0-0-1.8.3-18.15.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * gstreamer-plugins-bad-lang-1.8.3-18.15.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libgstmpegts-1_0-0-debuginfo-1.8.3-18.15.1 * libgstadaptivedemux-1_0-0-debuginfo-1.8.3-18.15.1 * libgstbadvideo-1_0-0-debuginfo-1.8.3-18.15.1 * gstreamer-plugins-bad-1.8.3-18.15.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.8.3-18.15.1 * libgstbadaudio-1_0-0-1.8.3-18.15.1 * gstreamer-plugins-bad-debuginfo-1.8.3-18.15.1 * libgsturidownloader-1_0-0-debuginfo-1.8.3-18.15.1 * gstreamer-plugins-bad-debugsource-1.8.3-18.15.1 * libgsturidownloader-1_0-0-1.8.3-18.15.1 * libgstphotography-1_0-0-debuginfo-1.8.3-18.15.1 * libgstadaptivedemux-1_0-0-1.8.3-18.15.1 * libgstbadvideo-1_0-0-1.8.3-18.15.1 * libgstbadbase-1_0-0-debuginfo-1.8.3-18.15.1 * libgstcodecparsers-1_0-0-debuginfo-1.8.3-18.15.1 * libgstphotography-1_0-0-1.8.3-18.15.1 * libgstgl-1_0-0-debuginfo-1.8.3-18.15.1 * libgstcodecparsers-1_0-0-1.8.3-18.15.1 * libgstbadbase-1_0-0-1.8.3-18.15.1 * libgstbadaudio-1_0-0-debuginfo-1.8.3-18.15.1 * libgstgl-1_0-0-1.8.3-18.15.1 * libgstmpegts-1_0-0-1.8.3-18.15.1 * libgstbasecamerabinsrc-1_0-0-1.8.3-18.15.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * gstreamer-plugins-bad-lang-1.8.3-18.15.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libgstmpegts-1_0-0-debuginfo-1.8.3-18.15.1 * libgstadaptivedemux-1_0-0-debuginfo-1.8.3-18.15.1 * libgstbadvideo-1_0-0-debuginfo-1.8.3-18.15.1 * gstreamer-plugins-bad-1.8.3-18.15.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.8.3-18.15.1 * libgstbadaudio-1_0-0-1.8.3-18.15.1 * gstreamer-plugins-bad-debuginfo-1.8.3-18.15.1 * libgsturidownloader-1_0-0-debuginfo-1.8.3-18.15.1 * gstreamer-plugins-bad-debugsource-1.8.3-18.15.1 * libgsturidownloader-1_0-0-1.8.3-18.15.1 * libgstphotography-1_0-0-debuginfo-1.8.3-18.15.1 * libgstadaptivedemux-1_0-0-1.8.3-18.15.1 * libgstbadvideo-1_0-0-1.8.3-18.15.1 * libgstbadbase-1_0-0-debuginfo-1.8.3-18.15.1 * libgstcodecparsers-1_0-0-debuginfo-1.8.3-18.15.1 * libgstphotography-1_0-0-1.8.3-18.15.1 * libgstgl-1_0-0-debuginfo-1.8.3-18.15.1 * libgstcodecparsers-1_0-0-1.8.3-18.15.1 * libgstbadbase-1_0-0-1.8.3-18.15.1 * libgstbadaudio-1_0-0-debuginfo-1.8.3-18.15.1 * libgstgl-1_0-0-1.8.3-18.15.1 * libgstmpegts-1_0-0-1.8.3-18.15.1 * libgstbasecamerabinsrc-1_0-0-1.8.3-18.15.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * gstreamer-plugins-bad-lang-1.8.3-18.15.1 ## References: * https://www.suse.com/security/cve/CVE-2023-44446.html * https://bugzilla.suse.com/show_bug.cgi?id=1217213 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 6 20:36:20 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 06 Mar 2024 20:36:20 -0000 Subject: SUSE-RU-2024:0778-1: moderate: Recommended update for cmake Message-ID: <170975738050.8850.11152571545079548643@smelt2.prg2.suse.org> # Recommended update for cmake Announcement ID: SUSE-RU-2024:0778-1 Rating: moderate References: * jsc#PED-68 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that contains one feature can now be installed. ## Description: This update for cmake fixes the following issue: * Detect PSP interpreter (jsc#PED-68) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-778=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-778=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-778=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * cmake-full-debugsource-3.20.4-150400.4.6.1 * cmake-gui-3.20.4-150400.4.6.1 * cmake-3.20.4-150400.4.6.1 * cmake-full-debuginfo-3.20.4-150400.4.6.1 * cmake-gui-debuginfo-3.20.4-150400.4.6.1 * cmake-ui-debugsource-3.20.4-150400.4.6.1 * cmake-man-3.20.4-150400.4.6.1 * cmake-full-3.20.4-150400.4.6.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * cmake-3.20.4-150400.4.6.1 * cmake-full-debuginfo-3.20.4-150400.4.6.1 * cmake-full-debugsource-3.20.4-150400.4.6.1 * cmake-full-3.20.4-150400.4.6.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * cmake-mini-debuginfo-3.20.4-150400.4.6.1 * cmake-full-debugsource-3.20.4-150400.4.6.1 * cmake-mini-debugsource-3.20.4-150400.4.6.1 * cmake-gui-3.20.4-150400.4.6.1 * cmake-3.20.4-150400.4.6.1 * cmake-full-debuginfo-3.20.4-150400.4.6.1 * cmake-gui-debuginfo-3.20.4-150400.4.6.1 * cmake-ui-debugsource-3.20.4-150400.4.6.1 * cmake-man-3.20.4-150400.4.6.1 * cmake-mini-3.20.4-150400.4.6.1 * cmake-full-3.20.4-150400.4.6.1 ## References: * https://jira.suse.com/browse/PED-68 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 08:30:01 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 08:30:01 -0000 Subject: SUSE-RU-2024:0788-1: moderate: Recommended update for saptune Message-ID: <170980020181.6864.13979231610090350033@smelt2.prg2.suse.org> # Recommended update for saptune Announcement ID: SUSE-RU-2024:0788-1 Rating: moderate References: * bsc#1219500 * jsc#PED-5025 Affected Products: * openSUSE Leap 15.5 * SAP Applications Module 15-SP2 * SAP Applications Module 15-SP3 * SAP Applications Module 15-SP4 * SAP Applications Module 15-SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that contains one feature and has one fix can now be installed. ## Description: This update for saptune fixes the following issues: * saptune was updated from version 3.1.1 to 3.1.2: * To support setups with saptune monitoring and heavy automation we limited the setting of our saptune lock to commands having the potential to change anything in the system. (bsc#1219500) * Fixed timestamp in log messages of saptune * Removed redundant version information in header comment of note definition files * SAP Note 1656250 updated to Version 63 SAP Note 1771258 updated to Version 8 SAP Note 2382421 updated to Version 45 SAP Note 3024346 updated to Version 10 but without parameter value changes, only house keeping of the version section and comment updates * SAP Note 1984787 updated to Version 42 SAP Note 2578899 updated to Version 47 * Added requirement of package `sysctl-logger` (jsc#PED-5025) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-788=1 * SAP Applications Module 15-SP2 zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP2-2024-788=1 * SAP Applications Module 15-SP3 zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP3-2024-788=1 * SAP Applications Module 15-SP4 zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP4-2024-788=1 * SAP Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP5-2024-788=1 ## Package List: * openSUSE Leap 15.5 (ppc64le x86_64) * saptune-debuginfo-3.1.2-150100.8.33.1 * saptune-3.1.2-150100.8.33.1 * SAP Applications Module 15-SP2 (ppc64le x86_64) * saptune-debuginfo-3.1.2-150100.8.33.1 * saptune-3.1.2-150100.8.33.1 * SAP Applications Module 15-SP3 (ppc64le x86_64) * saptune-debuginfo-3.1.2-150100.8.33.1 * saptune-3.1.2-150100.8.33.1 * SAP Applications Module 15-SP4 (ppc64le x86_64) * saptune-debuginfo-3.1.2-150100.8.33.1 * saptune-3.1.2-150100.8.33.1 * SAP Applications Module 15-SP5 (ppc64le x86_64) * saptune-debuginfo-3.1.2-150100.8.33.1 * saptune-3.1.2-150100.8.33.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219500 * https://jira.suse.com/browse/PED-5025 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 08:30:03 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 08:30:03 -0000 Subject: SUSE-RU-2024:0787-1: moderate: Recommended update for saptune Message-ID: <170980020329.6864.3357243802592223486@smelt2.prg2.suse.org> # Recommended update for saptune Announcement ID: SUSE-RU-2024:0787-1 Rating: moderate References: * bsc#1219500 * jsc#PED-5025 Affected Products: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that contains one feature and has one fix can now be installed. ## Description: This update for saptune fixes the following issues: * saptune was updated from version 3.1.1 to 3.1.2: * To support setups with saptune monitoring and heavy automation we limited the setting of our saptune lock to commands having the potential to change anything in the system. (bsc#1219500) * Fixed timestamp in log messages of saptune * Removed redundant version information in header comment of note definition files * SAP Note 1656250 updated to Version 63 SAP Note 1771258 updated to Version 8 SAP Note 2382421 updated to Version 45 SAP Note 3024346 updated to Version 10 but without parameter value changes, only house keeping of the version section and comment updates * SAP Note 1984787 updated to Version 42 SAP Note 2578899 updated to Version 47 * Added requirement of package `sysctl-logger` (jsc#PED-5025) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SAP-12-SP5-2024-787=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * saptune-3.1.2-4.21.1 * saptune-debuginfo-3.1.2-4.21.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219500 * https://jira.suse.com/browse/PED-5025 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 08:30:04 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 08:30:04 -0000 Subject: SUSE-SU-2024:0786-1: important: Security update for giflib Message-ID: <170980020487.6864.17931935392849562940@smelt2.prg2.suse.org> # Security update for giflib Announcement ID: SUSE-SU-2024:0786-1 Rating: important References: * bsc#1198880 * bsc#1200551 * bsc#1217390 Cross-References: * CVE-2021-40633 * CVE-2022-28506 * CVE-2023-48161 CVSS scores: * CVE-2021-40633 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2021-40633 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2022-28506 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2022-28506 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2023-48161 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2023-48161 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves three vulnerabilities can now be installed. ## Description: This update for giflib fixes the following issues: Update to version 5.2.2 * Fixes for CVE-2023-48161 (bsc#1217390), CVE-2022-28506 (bsc#1198880) * # 138 Documentation for obsolete utilities still installed * # 139: Typo in "LZW image data" page ("110_2 = 4_10") * # 140: Typo in "LZW image data" page ("LWZ") * # 141: Typo in "Bits and bytes" page ("filed") * Note as already fixed SF issue #143: cannot compile under mingw * # 144: giflib-5.2.1 cannot be build on windows and other platforms using c89 * # 145: Remove manual pages installation for binaries that are not installed too * # 146: [PATCH] Limit installed man pages to binaries, move giflib to section 7 * # 147 [PATCH] Fixes to doc/whatsinagif/ content * # 148: heap Out of Bound Read in gif2rgb.c:298 DumpScreen2RGB * Declared no-info on SF issue #150: There is a denial of service vulnerability in GIFLIB 5.2.1 * Declared Won't-fix on SF issue 149: Out of source builds no longer possible * # 151: A heap-buffer-overflow in gif2rgb.c:294:45 * # 152: Fix some typos on the html documentation and man pages * # 153: Fix segmentation faults due to non correct checking for args * # 154: Recover the giffilter manual page * # 155: Add gifsponge docs * # 157: An OutofMemory-Exception or Memory Leak in gif2rgb * # 158: There is a null pointer problem in gif2rgb * # 159 A heap-buffer-overflow in GIFLIB5.2.1 DumpScreen2RGB() in gif2rgb.c:298:45 * # 163: detected memory leaks in openbsd_reallocarray giflib/openbsd- reallocarray.c * # 164: detected memory leaks in GifMakeMapObject giflib/gifalloc.c * # 166: a read zero page leads segment fault in getarg.c and memory leaks in gif2rgb.c and gifmalloc.c * # 167: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function at Line 321 of gif2rgb.c ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-786=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-786=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-786=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-786=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-786=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-786=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-786=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-786=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-786=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-786=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-786=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-786=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-786=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-786=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-786=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-786=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-786=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * giflib-debugsource-5.2.2-150000.4.13.1 * libgif7-debuginfo-5.2.2-150000.4.13.1 * libgif7-5.2.2-150000.4.13.1 * giflib-progs-5.2.2-150000.4.13.1 * giflib-progs-debuginfo-5.2.2-150000.4.13.1 * giflib-devel-5.2.2-150000.4.13.1 * openSUSE Leap 15.5 (x86_64) * libgif7-32bit-5.2.2-150000.4.13.1 * giflib-devel-32bit-5.2.2-150000.4.13.1 * libgif7-32bit-debuginfo-5.2.2-150000.4.13.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libgif7-5.2.2-150000.4.13.1 * giflib-debugsource-5.2.2-150000.4.13.1 * libgif7-debuginfo-5.2.2-150000.4.13.1 * giflib-devel-5.2.2-150000.4.13.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libgif7-5.2.2-150000.4.13.1 * giflib-debugsource-5.2.2-150000.4.13.1 * libgif7-debuginfo-5.2.2-150000.4.13.1 * giflib-devel-5.2.2-150000.4.13.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libgif7-5.2.2-150000.4.13.1 * giflib-debugsource-5.2.2-150000.4.13.1 * libgif7-debuginfo-5.2.2-150000.4.13.1 * giflib-devel-5.2.2-150000.4.13.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libgif7-5.2.2-150000.4.13.1 * giflib-debugsource-5.2.2-150000.4.13.1 * libgif7-debuginfo-5.2.2-150000.4.13.1 * giflib-devel-5.2.2-150000.4.13.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libgif7-5.2.2-150000.4.13.1 * giflib-debugsource-5.2.2-150000.4.13.1 * libgif7-debuginfo-5.2.2-150000.4.13.1 * giflib-devel-5.2.2-150000.4.13.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libgif7-5.2.2-150000.4.13.1 * giflib-debugsource-5.2.2-150000.4.13.1 * libgif7-debuginfo-5.2.2-150000.4.13.1 * giflib-devel-5.2.2-150000.4.13.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libgif7-5.2.2-150000.4.13.1 * giflib-debugsource-5.2.2-150000.4.13.1 * libgif7-debuginfo-5.2.2-150000.4.13.1 * giflib-devel-5.2.2-150000.4.13.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libgif7-5.2.2-150000.4.13.1 * giflib-debugsource-5.2.2-150000.4.13.1 * libgif7-debuginfo-5.2.2-150000.4.13.1 * giflib-devel-5.2.2-150000.4.13.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libgif7-5.2.2-150000.4.13.1 * giflib-debugsource-5.2.2-150000.4.13.1 * libgif7-debuginfo-5.2.2-150000.4.13.1 * giflib-devel-5.2.2-150000.4.13.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libgif7-5.2.2-150000.4.13.1 * giflib-debugsource-5.2.2-150000.4.13.1 * libgif7-debuginfo-5.2.2-150000.4.13.1 * giflib-devel-5.2.2-150000.4.13.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libgif7-5.2.2-150000.4.13.1 * giflib-debugsource-5.2.2-150000.4.13.1 * libgif7-debuginfo-5.2.2-150000.4.13.1 * giflib-devel-5.2.2-150000.4.13.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libgif7-5.2.2-150000.4.13.1 * giflib-debugsource-5.2.2-150000.4.13.1 * libgif7-debuginfo-5.2.2-150000.4.13.1 * giflib-devel-5.2.2-150000.4.13.1 * SUSE Manager Proxy 4.3 (x86_64) * libgif7-5.2.2-150000.4.13.1 * giflib-debugsource-5.2.2-150000.4.13.1 * libgif7-debuginfo-5.2.2-150000.4.13.1 * giflib-devel-5.2.2-150000.4.13.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libgif7-5.2.2-150000.4.13.1 * giflib-debugsource-5.2.2-150000.4.13.1 * libgif7-debuginfo-5.2.2-150000.4.13.1 * giflib-devel-5.2.2-150000.4.13.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libgif7-5.2.2-150000.4.13.1 * giflib-debugsource-5.2.2-150000.4.13.1 * libgif7-debuginfo-5.2.2-150000.4.13.1 * giflib-devel-5.2.2-150000.4.13.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libgif7-5.2.2-150000.4.13.1 * giflib-debugsource-5.2.2-150000.4.13.1 * libgif7-debuginfo-5.2.2-150000.4.13.1 * giflib-devel-5.2.2-150000.4.13.1 ## References: * https://www.suse.com/security/cve/CVE-2021-40633.html * https://www.suse.com/security/cve/CVE-2022-28506.html * https://www.suse.com/security/cve/CVE-2023-48161.html * https://bugzilla.suse.com/show_bug.cgi?id=1198880 * https://bugzilla.suse.com/show_bug.cgi?id=1200551 * https://bugzilla.suse.com/show_bug.cgi?id=1217390 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 12:30:12 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 12:30:12 -0000 Subject: SUSE-RU-2024:0802-1: moderate: Recommended update for wicked Message-ID: <170981461225.935.1264991407331829229@smelt2.prg2.suse.org> # Recommended update for wicked Announcement ID: SUSE-RU-2024:0802-1 Rating: moderate References: * bsc#1215692 * bsc#1218926 * bsc#1218927 * bsc#1219265 * bsc#1219751 * jsc#PED-7183 Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that contains one feature and has five fixes can now be installed. ## Description: This update for wicked fixes the following issues: * ifreload: VLAN changes require device deletion (bsc#1218927) * ifcheck: fix config changed check (bsc#1218926) * client: fix exit code for no-carrier status (bsc#1219265) * dhcp6: omit the SO_REUSEPORT option (bsc#1215692) * duid: fix comment for v6time * rtnl: fix peer address parsing for non ptp-interfaces * system-updater: Parse updater format from XML configuration to ensure install calls can run * team: add new options like link_watch_policy (jsc#PED-7183) * Fix memory leaks in dbus variant destroy and fsm free * xpath: allow underscore in node identifier * vxlan: don't format unknown rtnl attrs (bsc#1219751) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-802=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-802=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-802=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-802=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-802=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-802=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-802=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * wicked-debugsource-0.6.74-150400.3.13.1 * wicked-0.6.74-150400.3.13.1 * wicked-debuginfo-0.6.74-150400.3.13.1 * wicked-service-0.6.74-150400.3.13.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * wicked-debugsource-0.6.74-150400.3.13.1 * wicked-0.6.74-150400.3.13.1 * wicked-debuginfo-0.6.74-150400.3.13.1 * wicked-service-0.6.74-150400.3.13.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * wicked-debugsource-0.6.74-150400.3.13.1 * wicked-0.6.74-150400.3.13.1 * wicked-debuginfo-0.6.74-150400.3.13.1 * wicked-service-0.6.74-150400.3.13.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * wicked-debugsource-0.6.74-150400.3.13.1 * wicked-0.6.74-150400.3.13.1 * wicked-debuginfo-0.6.74-150400.3.13.1 * wicked-service-0.6.74-150400.3.13.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * wicked-debugsource-0.6.74-150400.3.13.1 * wicked-0.6.74-150400.3.13.1 * wicked-debuginfo-0.6.74-150400.3.13.1 * wicked-service-0.6.74-150400.3.13.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * wicked-debugsource-0.6.74-150400.3.13.1 * wicked-0.6.74-150400.3.13.1 * wicked-debuginfo-0.6.74-150400.3.13.1 * wicked-service-0.6.74-150400.3.13.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * wicked-debugsource-0.6.74-150400.3.13.1 * wicked-0.6.74-150400.3.13.1 * wicked-debuginfo-0.6.74-150400.3.13.1 * wicked-service-0.6.74-150400.3.13.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1215692 * https://bugzilla.suse.com/show_bug.cgi?id=1218926 * https://bugzilla.suse.com/show_bug.cgi?id=1218927 * https://bugzilla.suse.com/show_bug.cgi?id=1219265 * https://bugzilla.suse.com/show_bug.cgi?id=1219751 * https://jira.suse.com/browse/PED-7183 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 12:30:33 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 12:30:33 -0000 Subject: SUSE-SU-2024:0796-1: important: Security update for sudo Message-ID: <170981463381.935.12881576766493162909@smelt2.prg2.suse.org> # Security update for sudo Announcement ID: SUSE-SU-2024:0796-1 Rating: important References: * bsc#1219026 * bsc#1220389 Cross-References: * CVE-2023-42465 CVSS scores: * CVE-2023-42465 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42465 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for sudo fixes the following issues: * CVE-2023-42465: Try to make sudo less vulnerable to ROWHAMMER attacks (bsc#1219026). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-796=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-796=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-796=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * sudo-1.8.27-150000.4.50.1 * sudo-debugsource-1.8.27-150000.4.50.1 * sudo-devel-1.8.27-150000.4.50.1 * sudo-debuginfo-1.8.27-150000.4.50.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * sudo-1.8.27-150000.4.50.1 * sudo-debugsource-1.8.27-150000.4.50.1 * sudo-devel-1.8.27-150000.4.50.1 * sudo-debuginfo-1.8.27-150000.4.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * sudo-1.8.27-150000.4.50.1 * sudo-debugsource-1.8.27-150000.4.50.1 * sudo-devel-1.8.27-150000.4.50.1 * sudo-debuginfo-1.8.27-150000.4.50.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42465.html * https://bugzilla.suse.com/show_bug.cgi?id=1219026 * https://bugzilla.suse.com/show_bug.cgi?id=1220389 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 12:30:05 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 12:30:05 -0000 Subject: SUSE-SU-2024:0804-1: important: Security update for java-1_8_0-openjdk Message-ID: <170981460567.935.7232787994453507341@smelt2.prg2.suse.org> # Security update for java-1_8_0-openjdk Announcement ID: SUSE-SU-2024:0804-1 Rating: important References: * bsc#1218903 * bsc#1218905 * bsc#1218906 * bsc#1218907 * bsc#1218909 * bsc#1218911 Cross-References: * CVE-2024-20918 * CVE-2024-20919 * CVE-2024-20921 * CVE-2024-20926 * CVE-2024-20945 * CVE-2024-20952 CVSS scores: * CVE-2024-20918 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2024-20919 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-20921 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-20926 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-20945 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-20952 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for java-1_8_0-openjdk fixes the following issues: * CVE-2024-20952: Fixed RSA padding issue and timing side-channel attack against TLS (8317547) (bsc#1218911). * CVE-2024-20921: Fixed range check loop optimization issue (8314307) (bsc#1218905). * CVE-2024-20926: Fixed rbitrary Java code execution in Nashorn (8314284) (bsc#1218906). * CVE-2024-20919: Fixed JVM class file verifier flaw allows unverified byte code execution (8314295) (bsc#1218903). * CVE-2024-20918: Fixed array out-of-bounds access due to missing range check in C1 compiler (8314468) (bsc#1218907). * CVE-2024-20945: Fixed logging of digital signature private keys (8316976) (bsc#1218909). Update to version jdk8u402 (icedtea-3.30.0). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-804=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-804=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-804=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * java-1_8_0-openjdk-headless-1.8.0.402-27.96.1 * java-1_8_0-openjdk-1.8.0.402-27.96.1 * java-1_8_0-openjdk-demo-1.8.0.402-27.96.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.402-27.96.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.402-27.96.1 * java-1_8_0-openjdk-debuginfo-1.8.0.402-27.96.1 * java-1_8_0-openjdk-devel-1.8.0.402-27.96.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.402-27.96.1 * java-1_8_0-openjdk-debugsource-1.8.0.402-27.96.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openjdk-headless-1.8.0.402-27.96.1 * java-1_8_0-openjdk-1.8.0.402-27.96.1 * java-1_8_0-openjdk-demo-1.8.0.402-27.96.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.402-27.96.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.402-27.96.1 * java-1_8_0-openjdk-debuginfo-1.8.0.402-27.96.1 * java-1_8_0-openjdk-devel-1.8.0.402-27.96.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.402-27.96.1 * java-1_8_0-openjdk-debugsource-1.8.0.402-27.96.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * java-1_8_0-openjdk-headless-1.8.0.402-27.96.1 * java-1_8_0-openjdk-1.8.0.402-27.96.1 * java-1_8_0-openjdk-demo-1.8.0.402-27.96.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.402-27.96.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.402-27.96.1 * java-1_8_0-openjdk-debuginfo-1.8.0.402-27.96.1 * java-1_8_0-openjdk-devel-1.8.0.402-27.96.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.402-27.96.1 * java-1_8_0-openjdk-debugsource-1.8.0.402-27.96.1 ## References: * https://www.suse.com/security/cve/CVE-2024-20918.html * https://www.suse.com/security/cve/CVE-2024-20919.html * https://www.suse.com/security/cve/CVE-2024-20921.html * https://www.suse.com/security/cve/CVE-2024-20926.html * https://www.suse.com/security/cve/CVE-2024-20945.html * https://www.suse.com/security/cve/CVE-2024-20952.html * https://bugzilla.suse.com/show_bug.cgi?id=1218903 * https://bugzilla.suse.com/show_bug.cgi?id=1218905 * https://bugzilla.suse.com/show_bug.cgi?id=1218906 * https://bugzilla.suse.com/show_bug.cgi?id=1218907 * https://bugzilla.suse.com/show_bug.cgi?id=1218909 * https://bugzilla.suse.com/show_bug.cgi?id=1218911 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 12:30:44 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 12:30:44 -0000 Subject: SUSE-SU-2024:0794-1: important: Security update for sudo Message-ID: <170981464473.935.15062225402755535774@smelt2.prg2.suse.org> # Security update for sudo Announcement ID: SUSE-SU-2024:0794-1 Rating: important References: * bsc#1219026 * bsc#1220389 Cross-References: * CVE-2023-42465 CVSS scores: * CVE-2023-42465 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42465 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for sudo fixes the following issues: * CVE-2023-42465: Try to make sudo less vulnerable to ROWHAMMER attacks (bsc#1219026). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-794=1 openSUSE-SLE-15.5-2024-794=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-794=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-794=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * sudo-test-1.9.12p1-150500.7.7.1 * sudo-plugin-python-debuginfo-1.9.12p1-150500.7.7.1 * sudo-plugin-python-1.9.12p1-150500.7.7.1 * sudo-debuginfo-1.9.12p1-150500.7.7.1 * sudo-1.9.12p1-150500.7.7.1 * sudo-debugsource-1.9.12p1-150500.7.7.1 * sudo-devel-1.9.12p1-150500.7.7.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * sudo-debuginfo-1.9.12p1-150500.7.7.1 * sudo-debugsource-1.9.12p1-150500.7.7.1 * sudo-1.9.12p1-150500.7.7.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * sudo-plugin-python-debuginfo-1.9.12p1-150500.7.7.1 * sudo-plugin-python-1.9.12p1-150500.7.7.1 * sudo-debuginfo-1.9.12p1-150500.7.7.1 * sudo-1.9.12p1-150500.7.7.1 * sudo-debugsource-1.9.12p1-150500.7.7.1 * sudo-devel-1.9.12p1-150500.7.7.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42465.html * https://bugzilla.suse.com/show_bug.cgi?id=1219026 * https://bugzilla.suse.com/show_bug.cgi?id=1220389 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 12:30:14 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 12:30:14 -0000 Subject: SUSE-OU-2024:0801-1: low: Optional update for grpc Message-ID: <170981461474.935.11671071579770520568@smelt2.prg2.suse.org> # Optional update for grpc Announcement ID: SUSE-OU-2024:0801-1 Rating: low References: * bsc#1220732 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for grpc fixes the following issue: * Add grpc-devel packages (bsc#1220732). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-801=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-801=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-801=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-801=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-801=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * upb-devel-1.60.0-150400.8.5.2 * libgrpc37-1.60.0-150400.8.5.2 * re2-debugsource-20240201-150400.9.5.1 * grpc-debuginfo-1.60.0-150400.8.5.2 * libgrpc++1_60-debuginfo-1.60.0-150400.8.5.2 * libre2-11-20240201-150400.9.5.1 * re2-devel-20240201-150400.9.5.1 * grpc-devel-debuginfo-1.60.0-150400.8.5.2 * grpc-devel-1.60.0-150400.8.5.2 * grpc-debugsource-1.60.0-150400.8.5.2 * libgrpc1_60-debuginfo-1.60.0-150400.8.5.2 * libupb37-debuginfo-1.60.0-150400.8.5.2 * libre2-11-debuginfo-20240201-150400.9.5.1 * libgrpc37-debuginfo-1.60.0-150400.8.5.2 * libgrpc1_60-1.60.0-150400.8.5.2 * libgrpc++1_60-1.60.0-150400.8.5.2 * libupb37-1.60.0-150400.8.5.2 * openSUSE Leap 15.4 (noarch) * grpc-source-1.60.0-150400.8.5.2 * openSUSE Leap 15.4 (x86_64) * libre2-11-32bit-debuginfo-20240201-150400.9.5.1 * libre2-11-32bit-20240201-150400.9.5.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libre2-11-64bit-20240201-150400.9.5.1 * libre2-11-64bit-debuginfo-20240201-150400.9.5.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * upb-devel-1.60.0-150400.8.5.2 * libgrpc37-1.60.0-150400.8.5.2 * re2-debugsource-20240201-150400.9.5.1 * grpc-debuginfo-1.60.0-150400.8.5.2 * libgrpc++1_60-debuginfo-1.60.0-150400.8.5.2 * libre2-11-20240201-150400.9.5.1 * re2-devel-20240201-150400.9.5.1 * grpc-devel-debuginfo-1.60.0-150400.8.5.2 * grpc-devel-1.60.0-150400.8.5.2 * grpc-debugsource-1.60.0-150400.8.5.2 * libgrpc1_60-debuginfo-1.60.0-150400.8.5.2 * libre2-11-debuginfo-20240201-150400.9.5.1 * libupb37-debuginfo-1.60.0-150400.8.5.2 * libgrpc37-debuginfo-1.60.0-150400.8.5.2 * libgrpc1_60-1.60.0-150400.8.5.2 * libgrpc++1_60-1.60.0-150400.8.5.2 * libupb37-1.60.0-150400.8.5.2 * openSUSE Leap 15.5 (noarch) * grpc-source-1.60.0-150400.8.5.2 * openSUSE Leap 15.5 (x86_64) * libre2-11-32bit-debuginfo-20240201-150400.9.5.1 * libre2-11-32bit-20240201-150400.9.5.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libgrpc++1_60-1.60.0-150400.8.5.2 * libgrpc37-1.60.0-150400.8.5.2 * re2-debugsource-20240201-150400.9.5.1 * grpc-debuginfo-1.60.0-150400.8.5.2 * libre2-11-20240201-150400.9.5.1 * re2-devel-20240201-150400.9.5.1 * libgrpc1_60-debuginfo-1.60.0-150400.8.5.2 * grpc-devel-1.60.0-150400.8.5.2 * grpc-debugsource-1.60.0-150400.8.5.2 * libre2-11-debuginfo-20240201-150400.9.5.1 * libupb37-debuginfo-1.60.0-150400.8.5.2 * libgrpc37-debuginfo-1.60.0-150400.8.5.2 * libgrpc1_60-1.60.0-150400.8.5.2 * libgrpc++1_60-debuginfo-1.60.0-150400.8.5.2 * libupb37-1.60.0-150400.8.5.2 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * grpc-debuginfo-1.60.0-150400.8.5.2 * grpc-debugsource-1.60.0-150400.8.5.2 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libgrpc37-1.60.0-150400.8.5.2 * re2-debugsource-20240201-150400.9.5.1 * grpc-debuginfo-1.60.0-150400.8.5.2 * libre2-11-20240201-150400.9.5.1 * libgrpc1_60-debuginfo-1.60.0-150400.8.5.2 * libre2-11-debuginfo-20240201-150400.9.5.1 * grpc-debugsource-1.60.0-150400.8.5.2 * libgrpc37-debuginfo-1.60.0-150400.8.5.2 * libgrpc1_60-1.60.0-150400.8.5.2 * libupb37-debuginfo-1.60.0-150400.8.5.2 * libupb37-1.60.0-150400.8.5.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1220732 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 12:31:08 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 12:31:08 -0000 Subject: SUSE-RU-2024:0791-1: moderate: Recommended update for timezone Message-ID: <170981466888.935.13472293080445553207@smelt2.prg2.suse.org> # Recommended update for timezone Announcement ID: SUSE-RU-2024:0791-1 Rating: moderate References: Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that can now be installed. ## Description: This update for timezone fixes the following issues: * Update to version 2024a * Kazakhstan unifies on UTC+5 * Palestine springs forward a week later than previously predicted in 2024 and 2025 * Asia/Ho_Chi_Minh's 1955-07-01 transition occurred at 01:00 not 00:00 * From 1947 through 1949, Toronto's transitions occurred at 02:00 not 00:00 * In 1911 Miquelon adopted standard time on June 15, not May 15 * The FROM and TO columns of Rule lines can no longer be "minimum" * localtime no longer mishandle some timestamps * strftime %s now uses tm_gmtoff if available * Ittoqqortoormiit, Greenland changes time zones on 2024-03-31 * Vostok, Antarctica changed time zones on 2023-12-18 * Casey, Antarctica changed time zones five times since 2020 * Code and data fixes for Palestine timestamps starting in 2072 * A new data file zonenow.tab for timestamps starting now * Much of Greenland changed its standard time from -03 to -02 on 2023-03-25 * localtime.c no longer mishandles TZif files that contain a single transition into a DST regime * tzselect no longer creates temporary files * tzselect no longer mishandles the following: * Spaces and most other special characters in BUGEMAIL, PACKAGE, TZDIR, and VERSION. * TZ strings when using mawk 1.4.3, which mishandles regular expressions of the form /X{2,}/ * ISO 6709 coordinates when using an awk that lacks the GNU extension of newlines in -v option-arguments * Non UTF-8 locales when using an iconv command that lacks the GNU //TRANSLIT extension * zic no longer mishandles data for Palestine after the year 2075 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-791=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-791=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-791=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * timezone-debugsource-2024a-74.79.1 * timezone-debuginfo-2024a-74.79.1 * timezone-2024a-74.79.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * timezone-java-2024a-74.79.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * timezone-debugsource-2024a-74.79.1 * timezone-debuginfo-2024a-74.79.1 * timezone-2024a-74.79.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * timezone-java-2024a-74.79.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * timezone-debugsource-2024a-74.79.1 * timezone-debuginfo-2024a-74.79.1 * timezone-2024a-74.79.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * timezone-java-2024a-74.79.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 12:31:02 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 12:31:02 -0000 Subject: SUSE-RU-2024:0792-1: moderate: Recommended update for timezone Message-ID: <170981466271.935.16511357132974126039@smelt2.prg2.suse.org> # Recommended update for timezone Announcement ID: SUSE-RU-2024:0792-1 Rating: moderate References: Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that can now be installed. ## Description: This update for timezone fixes the following issues: * Update to version 2024a * Kazakhstan unifies on UTC+5 * Palestine springs forward a week later than previously predicted in 2024 and 2025 * Asia/Ho_Chi_Minh's 1955-07-01 transition occurred at 01:00 not 00:00 * From 1947 through 1949, Toronto's transitions occurred at 02:00 not 00:00 * In 1911 Miquelon adopted standard time on June 15, not May 15 * The FROM and TO columns of Rule lines can no longer be "minimum" * localtime no longer mishandle some timestamps * strftime %s now uses tm_gmtoff if available * Ittoqqortoormiit, Greenland changes time zones on 2024-03-31 * Vostok, Antarctica changed time zones on 2023-12-18 * Casey, Antarctica changed time zones five times since 2020 * Code and data fixes for Palestine timestamps starting in 2072 * A new data file zonenow.tab for timestamps starting now * Much of Greenland changed its standard time from -03 to -02 on 2023-03-25 * localtime.c no longer mishandles TZif files that contain a single transition into a DST regime * tzselect no longer creates temporary files * tzselect no longer mishandles the following: * Spaces and most other special characters in BUGEMAIL, PACKAGE, TZDIR, and VERSION. * TZ strings when using mawk 1.4.3, which mishandles regular expressions of the form /X{2,}/ * ISO 6709 coordinates when using an awk that lacks the GNU extension of newlines in -v option-arguments * Non UTF-8 locales when using an iconv command that lacks the GNU //TRANSLIT extension * zic no longer mishandles data for Palestine after the year 2075 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-792=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-792=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-792=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-792=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-792=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-792=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-792=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-792=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-792=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-792=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-792=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-792=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-792=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-792=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-792=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-792=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-792=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-792=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-792=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-792=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-792=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-792=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-792=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-792=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-792=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-792=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-792=1 ## Package List: * openSUSE Leap Micro 5.3 (aarch64 x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * openSUSE Leap 15.5 (noarch) * timezone-java-2024a-150000.75.28.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * Basesystem Module 15-SP5 (noarch) * timezone-java-2024a-150000.75.28.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * timezone-java-2024a-150000.75.28.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * timezone-java-2024a-150000.75.28.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * timezone-java-2024a-150000.75.28.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * timezone-java-2024a-150000.75.28.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * timezone-java-2024a-150000.75.28.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * timezone-java-2024a-150000.75.28.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * timezone-java-2024a-150000.75.28.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * timezone-java-2024a-150000.75.28.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * timezone-java-2024a-150000.75.28.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * timezone-java-2024a-150000.75.28.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * timezone-java-2024a-150000.75.28.1 * SUSE Manager Proxy 4.3 (x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Manager Proxy 4.3 (noarch) * timezone-java-2024a-150000.75.28.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * timezone-java-2024a-150000.75.28.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Manager Server 4.3 (noarch) * timezone-java-2024a-150000.75.28.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Enterprise Storage 7.1 (noarch) * timezone-java-2024a-150000.75.28.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * timezone-debugsource-2024a-150000.75.28.1 * timezone-debuginfo-2024a-150000.75.28.1 * timezone-2024a-150000.75.28.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 12:30:18 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 12:30:18 -0000 Subject: SUSE-SU-2024:0800-1: important: Security update for go1.21 Message-ID: <170981461841.935.15590819029279071421@smelt2.prg2.suse.org> # Security update for go1.21 Announcement ID: SUSE-SU-2024:0800-1 Rating: important References: * bsc#1212475 * bsc#1219988 * bsc#1220999 * bsc#1221000 * bsc#1221001 * bsc#1221002 * bsc#1221003 Cross-References: * CVE-2023-45289 * CVE-2023-45290 * CVE-2024-24783 * CVE-2024-24784 * CVE-2024-24785 CVSS scores: * CVE-2023-45289 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-45290 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24783 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24784 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-24785 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves five vulnerabilities and has two security fixes can now be installed. ## Description: This update for go1.21 fixes the following issues: * Upgrade go to version 1.21.8 * CVE-2023-45289: net/http, net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect (bsc#1221000) * CVE-2023-45290: net/http: memory exhaustion in Request.ParseMultipartForm (bsc#1221001) * CVE-2024-24783: crypto/x509: Verify panics on certificates with an unknown public key algorithm (bsc#1220999) * CVE-2024-24784: net/mail: comments in display names are incorrectly handled (bsc#1221002) * CVE-2024-24785: html/template: errors returned from MarshalJSON methods may break template escaping (bsc#1221003) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-800=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * go1.21-doc-1.21.8-1.27.1 * go1.21-1.21.8-1.27.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45289.html * https://www.suse.com/security/cve/CVE-2023-45290.html * https://www.suse.com/security/cve/CVE-2024-24783.html * https://www.suse.com/security/cve/CVE-2024-24784.html * https://www.suse.com/security/cve/CVE-2024-24785.html * https://bugzilla.suse.com/show_bug.cgi?id=1212475 * https://bugzilla.suse.com/show_bug.cgi?id=1219988 * https://bugzilla.suse.com/show_bug.cgi?id=1220999 * https://bugzilla.suse.com/show_bug.cgi?id=1221000 * https://bugzilla.suse.com/show_bug.cgi?id=1221001 * https://bugzilla.suse.com/show_bug.cgi?id=1221002 * https://bugzilla.suse.com/show_bug.cgi?id=1221003 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 12:30:38 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 12:30:38 -0000 Subject: SUSE-SU-2024:0795-1: important: Security update for sudo Message-ID: <170981463874.935.8026191944444909009@smelt2.prg2.suse.org> # Security update for sudo Announcement ID: SUSE-SU-2024:0795-1 Rating: important References: * bsc#1219026 * bsc#1220389 Cross-References: * CVE-2023-42465 CVSS scores: * CVE-2023-42465 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42465 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for sudo fixes the following issues: * CVE-2023-42465: Try to make sudo less vulnerable to ROWHAMMER attacks (bsc#1219026). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-795=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-795=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-795=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-795=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-795=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-795=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-795=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-795=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-795=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-795=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-795=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-795=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-795=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-795=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-795=1 ## Package List: * openSUSE Leap Micro 5.3 (aarch64 x86_64) * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * SUSE Manager Proxy 4.3 (x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * sudo-test-1.9.9-150400.4.33.1 * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42465.html * https://bugzilla.suse.com/show_bug.cgi?id=1219026 * https://bugzilla.suse.com/show_bug.cgi?id=1220389 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 12:30:30 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 12:30:30 -0000 Subject: SUSE-SU-2024:0797-1: important: Security update for sudo Message-ID: <170981463053.935.16159557803744299767@smelt2.prg2.suse.org> # Security update for sudo Announcement ID: SUSE-SU-2024:0797-1 Rating: important References: * bsc#1219026 * bsc#1220389 Cross-References: * CVE-2023-42465 CVSS scores: * CVE-2023-42465 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42465 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for sudo fixes the following issues: * CVE-2023-42465: Try to make sudo less vulnerable to ROWHAMMER attacks (bsc#1219026). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-797=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-797=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-797=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-797=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * sudo-debugsource-1.8.27-4.45.1 * sudo-1.8.27-4.45.1 * sudo-debuginfo-1.8.27-4.45.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * sudo-debugsource-1.8.27-4.45.1 * sudo-1.8.27-4.45.1 * sudo-debuginfo-1.8.27-4.45.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * sudo-debugsource-1.8.27-4.45.1 * sudo-1.8.27-4.45.1 * sudo-debuginfo-1.8.27-4.45.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * sudo-debugsource-1.8.27-4.45.1 * sudo-devel-1.8.27-4.45.1 * sudo-debuginfo-1.8.27-4.45.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42465.html * https://bugzilla.suse.com/show_bug.cgi?id=1219026 * https://bugzilla.suse.com/show_bug.cgi?id=1220389 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 12:31:10 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 12:31:10 -0000 Subject: SUSE-RU-2024:0790-1: moderate: Recommended update for timezone Message-ID: <170981467073.935.14910510351940209733@smelt2.prg2.suse.org> # Recommended update for timezone Announcement ID: SUSE-RU-2024:0790-1 Rating: moderate References: Affected Products: * SUSE Linux Enterprise Server 11 SP4 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 An update that can now be installed. ## Description: This update for timezone fixes the following issues: * Update to version 2023d: * Ittoqqortoormiit, Greenland changes time zones on 2024-03-31. * Vostok, Antarctica changed time zones on 2023-12-18. * Casey, Antarctica changed time zones five times since 2020. * Code and data fixes for Palestine timestamps starting in 2072. * A new data file zonenow.tab for timestamps starting now. * Fix predictions for DST transitions in Palestine in 2072-2075, correcting a typo introduced in 2023a. * Vostok, Antarctica changed to +05 on 2023-12-18. It had been at +07 (not +06) for years. * Change data for Casey, Antarctica to agree with timeanddate.com, by adding five time zone changes since 2020. Casey is now at +08 instead of +11. * Much of Greenland, represented by America/Nuuk, changed its standard time from -03 to -02 on 2023-03-25, not on 2023-10-28. * localtime.c no longer mishandles TZif files that contain a single transition into a DST regime. Previously, it incorrectly assumed DST was in effect before the transition too. * tzselect no longer creates temporary files. * tzselect no longer mishandles the following: * Spaces and most other special characters in BUGEMAIL, PACKAGE, TZDIR, and VERSION. * TZ strings when using mawk 1.4.3, which mishandles regular expressions of the form /X{2,}/. * ISO 6709 coordinates when using an awk that lacks the GNU extension of newlines in -v option-arguments. * Non UTF-8 locales when using an iconv command that lacks the GNU //TRANSLIT extension. * zic no longer mishandles data for Palestine after the year 2075. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2024-790=1 * SUSE Linux Enterprise Server 11 SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2024-790=1 ## Package List: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 (x86_64) * timezone-2023d-0.52.48.1 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 (noarch) * timezone-java-2023d-0.52.48.1 * SUSE Linux Enterprise Server 11 SP4 (x86_64) * timezone-2023d-0.52.48.1 * SUSE Linux Enterprise Server 11 SP4 (noarch) * timezone-java-2023d-0.52.48.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 12:30:53 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 12:30:53 -0000 Subject: SUSE-SU-2024:0793-1: important: Security update for gstreamer-plugins-bad Message-ID: <170981465354.935.16411803669604979951@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-bad Announcement ID: SUSE-SU-2024:0793-1 Rating: important References: * bsc#1217213 Cross-References: * CVE-2023-44446 CVSS scores: * CVE-2023-44446 ( SUSE ): 8.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for gstreamer-plugins-bad fixes the following issues: * CVE-2023-44446: Fixed use-after-free remote code execution vulnerability via MXF file (bsc#1217213). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-793=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-793=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-793=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-793=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-793=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * libgstsctp-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstbadaudio-1_0-0-1.16.3-150300.9.18.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150300.9.18.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150300.9.18.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-devel-1.16.3-150300.9.18.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstmpegts-1_0-0-1.16.3-150300.9.18.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstadaptivedemux-1_0-0-1.16.3-150300.9.18.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150300.9.18.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150300.9.18.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150300.9.18.1 * libgsturidownloader-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstinsertbin-1_0-0-1.16.3-150300.9.18.1 * libgstwebrtc-1_0-0-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-doc-1.16.3-150300.9.18.1 * libgstplayer-1_0-0-1.16.3-150300.9.18.1 * libgstwayland-1_0-0-1.16.3-150300.9.18.1 * libgstisoff-1_0-0-1.16.3-150300.9.18.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150300.9.18.1 * libgsturidownloader-1_0-0-1.16.3-150300.9.18.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-debugsource-1.16.3-150300.9.18.1 * libgstsctp-1_0-0-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150300.9.18.1 * libgstphotography-1_0-0-1.16.3-150300.9.18.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-1.16.3-150300.9.18.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150300.9.18.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150300.9.18.1 * libgstcodecparsers-1_0-0-1.16.3-150300.9.18.1 * openSUSE Leap 15.3 (x86_64) * libgstinsertbin-1_0-0-32bit-debuginfo-1.16.3-150300.9.18.1 * libgstisoff-1_0-0-32bit-debuginfo-1.16.3-150300.9.18.1 * libgstcodecparsers-1_0-0-32bit-debuginfo-1.16.3-150300.9.18.1 * libgstinsertbin-1_0-0-32bit-1.16.3-150300.9.18.1 * libgstadaptivedemux-1_0-0-32bit-debuginfo-1.16.3-150300.9.18.1 * libgstplayer-1_0-0-32bit-1.16.3-150300.9.18.1 * libgsturidownloader-1_0-0-32bit-1.16.3-150300.9.18.1 * libgstadaptivedemux-1_0-0-32bit-1.16.3-150300.9.18.1 * libgstbadaudio-1_0-0-32bit-1.16.3-150300.9.18.1 * libgstplayer-1_0-0-32bit-debuginfo-1.16.3-150300.9.18.1 * libgstisoff-1_0-0-32bit-1.16.3-150300.9.18.1 * libgstmpegts-1_0-0-32bit-1.16.3-150300.9.18.1 * libgstmpegts-1_0-0-32bit-debuginfo-1.16.3-150300.9.18.1 * libgstsctp-1_0-0-32bit-1.16.3-150300.9.18.1 * libgstbadaudio-1_0-0-32bit-debuginfo-1.16.3-150300.9.18.1 * libgstbasecamerabinsrc-1_0-0-32bit-debuginfo-1.16.3-150300.9.18.1 * libgstphotography-1_0-0-32bit-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-32bit-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-chromaprint-32bit-debuginfo-1.16.3-150300.9.18.1 * libgstphotography-1_0-0-32bit-1.16.3-150300.9.18.1 * libgstbasecamerabinsrc-1_0-0-32bit-1.16.3-150300.9.18.1 * libgstwebrtc-1_0-0-32bit-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-32bit-debuginfo-1.16.3-150300.9.18.1 * libgsturidownloader-1_0-0-32bit-debuginfo-1.16.3-150300.9.18.1 * libgstcodecparsers-1_0-0-32bit-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-chromaprint-32bit-1.16.3-150300.9.18.1 * libgstwayland-1_0-0-32bit-1.16.3-150300.9.18.1 * libgstwayland-1_0-0-32bit-debuginfo-1.16.3-150300.9.18.1 * libgstsctp-1_0-0-32bit-debuginfo-1.16.3-150300.9.18.1 * libgstwebrtc-1_0-0-32bit-1.16.3-150300.9.18.1 * openSUSE Leap 15.3 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150300.9.18.1 * openSUSE Leap 15.3 (aarch64_ilp32) * libgstsctp-1_0-0-64bit-debuginfo-1.16.3-150300.9.18.1 * libgstcodecparsers-1_0-0-64bit-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-64bit-debuginfo-1.16.3-150300.9.18.1 * libgstinsertbin-1_0-0-64bit-debuginfo-1.16.3-150300.9.18.1 * libgstadaptivedemux-1_0-0-64bit-debuginfo-1.16.3-150300.9.18.1 * libgstadaptivedemux-1_0-0-64bit-1.16.3-150300.9.18.1 * libgstmpegts-1_0-0-64bit-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-chromaprint-64bit-debuginfo-1.16.3-150300.9.18.1 * libgstphotography-1_0-0-64bit-1.16.3-150300.9.18.1 * libgsturidownloader-1_0-0-64bit-1.16.3-150300.9.18.1 * libgstmpegts-1_0-0-64bit-1.16.3-150300.9.18.1 * libgstwebrtc-1_0-0-64bit-debuginfo-1.16.3-150300.9.18.1 * libgstplayer-1_0-0-64bit-1.16.3-150300.9.18.1 * libgstplayer-1_0-0-64bit-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-64bit-1.16.3-150300.9.18.1 * libgstphotography-1_0-0-64bit-debuginfo-1.16.3-150300.9.18.1 * libgstwayland-1_0-0-64bit-1.16.3-150300.9.18.1 * libgstwebrtc-1_0-0-64bit-1.16.3-150300.9.18.1 * libgstbasecamerabinsrc-1_0-0-64bit-1.16.3-150300.9.18.1 * libgstisoff-1_0-0-64bit-debuginfo-1.16.3-150300.9.18.1 * libgstbasecamerabinsrc-1_0-0-64bit-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-chromaprint-64bit-1.16.3-150300.9.18.1 * libgstbadaudio-1_0-0-64bit-1.16.3-150300.9.18.1 * libgstinsertbin-1_0-0-64bit-1.16.3-150300.9.18.1 * libgstsctp-1_0-0-64bit-1.16.3-150300.9.18.1 * libgstbadaudio-1_0-0-64bit-debuginfo-1.16.3-150300.9.18.1 * libgstisoff-1_0-0-64bit-1.16.3-150300.9.18.1 * libgstwayland-1_0-0-64bit-debuginfo-1.16.3-150300.9.18.1 * libgstcodecparsers-1_0-0-64bit-1.16.3-150300.9.18.1 * libgsturidownloader-1_0-0-64bit-debuginfo-1.16.3-150300.9.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libgstsctp-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstbadaudio-1_0-0-1.16.3-150300.9.18.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150300.9.18.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150300.9.18.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-devel-1.16.3-150300.9.18.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstmpegts-1_0-0-1.16.3-150300.9.18.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstadaptivedemux-1_0-0-1.16.3-150300.9.18.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150300.9.18.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150300.9.18.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150300.9.18.1 * libgsturidownloader-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstinsertbin-1_0-0-1.16.3-150300.9.18.1 * libgstwebrtc-1_0-0-1.16.3-150300.9.18.1 * libgstplayer-1_0-0-1.16.3-150300.9.18.1 * libgstwayland-1_0-0-1.16.3-150300.9.18.1 * libgstisoff-1_0-0-1.16.3-150300.9.18.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150300.9.18.1 * libgsturidownloader-1_0-0-1.16.3-150300.9.18.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-debugsource-1.16.3-150300.9.18.1 * libgstsctp-1_0-0-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150300.9.18.1 * libgstphotography-1_0-0-1.16.3-150300.9.18.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-1.16.3-150300.9.18.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150300.9.18.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150300.9.18.1 * libgstcodecparsers-1_0-0-1.16.3-150300.9.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150300.9.18.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libgstsctp-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstbadaudio-1_0-0-1.16.3-150300.9.18.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150300.9.18.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150300.9.18.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-devel-1.16.3-150300.9.18.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstmpegts-1_0-0-1.16.3-150300.9.18.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstadaptivedemux-1_0-0-1.16.3-150300.9.18.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150300.9.18.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150300.9.18.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150300.9.18.1 * libgsturidownloader-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstinsertbin-1_0-0-1.16.3-150300.9.18.1 * libgstwebrtc-1_0-0-1.16.3-150300.9.18.1 * libgstplayer-1_0-0-1.16.3-150300.9.18.1 * libgstwayland-1_0-0-1.16.3-150300.9.18.1 * libgstisoff-1_0-0-1.16.3-150300.9.18.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150300.9.18.1 * libgsturidownloader-1_0-0-1.16.3-150300.9.18.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-debugsource-1.16.3-150300.9.18.1 * libgstsctp-1_0-0-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150300.9.18.1 * libgstphotography-1_0-0-1.16.3-150300.9.18.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-1.16.3-150300.9.18.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150300.9.18.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150300.9.18.1 * libgstcodecparsers-1_0-0-1.16.3-150300.9.18.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150300.9.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libgstsctp-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstbadaudio-1_0-0-1.16.3-150300.9.18.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150300.9.18.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150300.9.18.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-devel-1.16.3-150300.9.18.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstmpegts-1_0-0-1.16.3-150300.9.18.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstadaptivedemux-1_0-0-1.16.3-150300.9.18.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150300.9.18.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150300.9.18.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150300.9.18.1 * libgsturidownloader-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstinsertbin-1_0-0-1.16.3-150300.9.18.1 * libgstwebrtc-1_0-0-1.16.3-150300.9.18.1 * libgstplayer-1_0-0-1.16.3-150300.9.18.1 * libgstwayland-1_0-0-1.16.3-150300.9.18.1 * libgstisoff-1_0-0-1.16.3-150300.9.18.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150300.9.18.1 * libgsturidownloader-1_0-0-1.16.3-150300.9.18.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-debugsource-1.16.3-150300.9.18.1 * libgstsctp-1_0-0-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150300.9.18.1 * libgstphotography-1_0-0-1.16.3-150300.9.18.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-1.16.3-150300.9.18.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150300.9.18.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150300.9.18.1 * libgstcodecparsers-1_0-0-1.16.3-150300.9.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150300.9.18.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libgstsctp-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstbadaudio-1_0-0-1.16.3-150300.9.18.1 * libgstbadaudio-1_0-0-debuginfo-1.16.3-150300.9.18.1 * typelib-1_0-GstPlayer-1_0-1.16.3-150300.9.18.1 * libgstmpegts-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-devel-1.16.3-150300.9.18.1 * libgstwayland-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstmpegts-1_0-0-1.16.3-150300.9.18.1 * libgstplayer-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstadaptivedemux-1_0-0-1.16.3-150300.9.18.1 * libgstisoff-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstphotography-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstbasecamerabinsrc-1_0-0-1.16.3-150300.9.18.1 * typelib-1_0-GstMpegts-1_0-1.16.3-150300.9.18.1 * typelib-1_0-GstWebRTC-1_0-1.16.3-150300.9.18.1 * libgsturidownloader-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstinsertbin-1_0-0-1.16.3-150300.9.18.1 * libgstwebrtc-1_0-0-1.16.3-150300.9.18.1 * libgstplayer-1_0-0-1.16.3-150300.9.18.1 * libgstwayland-1_0-0-1.16.3-150300.9.18.1 * libgstisoff-1_0-0-1.16.3-150300.9.18.1 * libgstcodecparsers-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-chromaprint-1.16.3-150300.9.18.1 * libgsturidownloader-1_0-0-1.16.3-150300.9.18.1 * libgstinsertbin-1_0-0-debuginfo-1.16.3-150300.9.18.1 * libgstwebrtc-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-debugsource-1.16.3-150300.9.18.1 * libgstsctp-1_0-0-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-chromaprint-debuginfo-1.16.3-150300.9.18.1 * libgstphotography-1_0-0-1.16.3-150300.9.18.1 * libgstbasecamerabinsrc-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-1.16.3-150300.9.18.1 * libgstadaptivedemux-1_0-0-debuginfo-1.16.3-150300.9.18.1 * gstreamer-plugins-bad-debuginfo-1.16.3-150300.9.18.1 * typelib-1_0-GstInsertBin-1_0-1.16.3-150300.9.18.1 * libgstcodecparsers-1_0-0-1.16.3-150300.9.18.1 * SUSE Enterprise Storage 7.1 (noarch) * gstreamer-plugins-bad-lang-1.16.3-150300.9.18.1 ## References: * https://www.suse.com/security/cve/CVE-2023-44446.html * https://bugzilla.suse.com/show_bug.cgi?id=1217213 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 12:31:15 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 12:31:15 -0000 Subject: SUSE-RU-2024:0789-1: moderate: Recommended update for go1.20 Message-ID: <170981467599.935.14415762468764095056@smelt2.prg2.suse.org> # Recommended update for go1.20 Announcement ID: SUSE-RU-2024:0789-1 Rating: moderate References: * bsc#1206346 Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for go1.20 fixes the following issues: go1.20.14 (released 2024-02-06) includes fixes to the crypto/x509 package. (bsc#1206346 go1.20 release tracking) * go#64760 staticlockranking builders failing on release branches on LUCI * go#65322 crypto: rollback BoringCrypto fips-20220613 update * go#65379 crypto/x509: TestIssue51759 consistently failing on gotip-darwin- amd64_10.15 LUCI builder ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-789=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-789=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * go1.20-1.20.14-150000.1.41.1 * go1.20-race-1.20.14-150000.1.41.1 * go1.20-debuginfo-1.20.14-150000.1.41.1 * go1.20-doc-1.20.14-150000.1.41.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * go1.20-1.20.14-150000.1.41.1 * go1.20-race-1.20.14-150000.1.41.1 * go1.20-debuginfo-1.20.14-150000.1.41.1 * go1.20-doc-1.20.14-150000.1.41.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1206346 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 12:30:22 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 12:30:22 -0000 Subject: SUSE-SU-2024:0799-1: critical: Security update for containerd Message-ID: <170981462251.935.4503627274944207134@smelt2.prg2.suse.org> # Security update for containerd Announcement ID: SUSE-SU-2024:0799-1 Rating: critical References: * bsc#1200528 Cross-References: * CVE-2022-1996 CVSS scores: * CVE-2022-1996 ( SUSE ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2022-1996 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2022-1996 ( NVD ): 9.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N Affected Products: * Containers Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for containerd fixes the following issues: * CVE-2022-1996: Fixed CORS bypass (bsc#1200528). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Containers Module 12 zypper in -t patch SUSE-SLE-Module-Containers-12-2024-799=1 ## Package List: * Containers Module 12 (ppc64le s390x x86_64) * containerd-1.7.8-16.91.7 ## References: * https://www.suse.com/security/cve/CVE-2022-1996.html * https://bugzilla.suse.com/show_bug.cgi?id=1200528 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 16:30:02 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 16:30:02 -0000 Subject: SUSE-SU-2024:0806-1: important: Security update for google-oauth-java-client Message-ID: <170982900289.5502.16032433274403074134@smelt2.prg2.suse.org> # Security update for google-oauth-java-client Announcement ID: SUSE-SU-2024:0806-1 Rating: important References: * bsc#1199188 Cross-References: * CVE-2021-22573 CVSS scores: * CVE-2021-22573 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.5 An update that solves one vulnerability can now be installed. ## Description: This update for google-oauth-java-client fixes the following issues: * CVE-2021-22573: Fixed token signature not verified (bsc#1199188). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-806=1 ## Package List: * openSUSE Leap 15.5 (noarch) * google-oauth-java-client-servlet-1.22.0-150200.3.7.1 * google-oauth-java-client-parent-1.22.0-150200.3.7.1 * google-oauth-java-client-1.22.0-150200.3.7.1 * google-oauth-java-client-java6-1.22.0-150200.3.7.1 * google-oauth-java-client-javadoc-1.22.0-150200.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2021-22573.html * https://bugzilla.suse.com/show_bug.cgi?id=1199188 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 16:36:06 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 16:36:06 -0000 Subject: SUSE-SU-2024:0806-1: important: Security update for google-oauth-java-client Message-ID: <170982936627.5502.18331147748535105490@smelt2.prg2.suse.org> # Security update for google-oauth-java-client Announcement ID: SUSE-SU-2024:0806-1 Rating: important References: * bsc#1199188 Cross-References: * CVE-2021-22573 CVSS scores: * CVE-2021-22573 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.5 An update that solves one vulnerability can now be installed. ## Description: This update for google-oauth-java-client fixes the following issues: * CVE-2021-22573: Fixed token signature not verified (bsc#1199188). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-806=1 ## Package List: * openSUSE Leap 15.5 (noarch) * google-oauth-java-client-servlet-1.22.0-150200.3.7.1 * google-oauth-java-client-parent-1.22.0-150200.3.7.1 * google-oauth-java-client-1.22.0-150200.3.7.1 * google-oauth-java-client-java6-1.22.0-150200.3.7.1 * google-oauth-java-client-javadoc-1.22.0-150200.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2021-22573.html * https://bugzilla.suse.com/show_bug.cgi?id=1199188 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 16:39:07 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 16:39:07 -0000 Subject: SUSE-SU-2024:0806-1: important: Security update for google-oauth-java-client Message-ID: <170982954729.7126.6630728491130736148@smelt2.prg2.suse.org> # Security update for google-oauth-java-client Announcement ID: SUSE-SU-2024:0806-1 Rating: important References: * bsc#1199188 Cross-References: * CVE-2021-22573 CVSS scores: * CVE-2021-22573 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.5 An update that solves one vulnerability can now be installed. ## Description: This update for google-oauth-java-client fixes the following issues: * CVE-2021-22573: Fixed token signature not verified (bsc#1199188). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-806=1 ## Package List: * openSUSE Leap 15.5 (noarch) * google-oauth-java-client-servlet-1.22.0-150200.3.7.1 * google-oauth-java-client-parent-1.22.0-150200.3.7.1 * google-oauth-java-client-1.22.0-150200.3.7.1 * google-oauth-java-client-java6-1.22.0-150200.3.7.1 * google-oauth-java-client-javadoc-1.22.0-150200.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2021-22573.html * https://bugzilla.suse.com/show_bug.cgi?id=1199188 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 16:39:10 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 16:39:10 -0000 Subject: SUSE-RU-2024:0805-1: moderate: Recommended update for ppc64-diag Message-ID: <170982955092.7126.6953467435572156148@smelt2.prg2.suse.org> # Recommended update for ppc64-diag Announcement ID: SUSE-RU-2024:0805-1 Rating: moderate References: * bsc#1209274 * bsc#1220345 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has two fixes can now be installed. ## Description: This update for ppc64-diag fixes the following issues: * Do not delete old system dumps offloaded from HMC (bsc#1209274). * Fix NVMe diagnostics support with nvmf drive (bsc#1220345). * Fix filelist for NVMe diag service, it was listed as conffile ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-805=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-805=1 openSUSE-SLE-15.5-2024-805=1 ## Package List: * Basesystem Module 15-SP5 (ppc64le) * ppc64-diag-debugsource-2.7.9-150500.3.8.1 * ppc64-diag-debuginfo-2.7.9-150500.3.8.1 * ppc64-diag-2.7.9-150500.3.8.1 * openSUSE Leap 15.5 (ppc64le) * ppc64-diag-debugsource-2.7.9-150500.3.8.1 * ppc64-diag-debuginfo-2.7.9-150500.3.8.1 * ppc64-diag-2.7.9-150500.3.8.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1209274 * https://bugzilla.suse.com/show_bug.cgi?id=1220345 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 20:30:02 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 20:30:02 -0000 Subject: SUSE-SU-2024:0808-1: important: Security update for xmlgraphics-batik Message-ID: <170984340201.23212.7112676305847256344@smelt2.prg2.suse.org> # Security update for xmlgraphics-batik Announcement ID: SUSE-SU-2024:0808-1 Rating: important References: * bsc#1204704 * bsc#1204709 Cross-References: * CVE-2022-41704 * CVE-2022-42890 * CVE-2022-44729 * CVE-2022-44730 CVSS scores: * CVE-2022-41704 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2022-41704 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2022-42890 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2022-42890 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2022-44729 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H * CVE-2022-44730 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for xmlgraphics-batik fixes the following issues: * CVE-2022-41704: Fixed information disclosure vulnerability in Apache Batik (bsc#1204704). * CVE-2022-42890: Fixed information disclosure vulnerability in Apache Batik (bsc#1204709). * CVE-2022-44730: Fixed Server-Side Request Forgery. * CVE-2022-44729: Fixed Server-Side Request Forgery. Upgrade to version 1.17. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-808=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-808=1 ## Package List: * openSUSE Leap 15.5 (noarch) * xmlgraphics-batik-1.17-150200.4.7.1 * xmlgraphics-batik-svgpp-1.17-150200.4.7.1 * xmlgraphics-batik-ttf2svg-1.17-150200.4.7.1 * xmlgraphics-batik-squiggle-1.17-150200.4.7.1 * xmlgraphics-batik-javadoc-1.17-150200.4.7.1 * xmlgraphics-batik-slideshow-1.17-150200.4.7.1 * xmlgraphics-batik-rasterizer-1.17-150200.4.7.1 * xmlgraphics-batik-css-1.17-150200.4.7.1 * xmlgraphics-batik-demo-1.17-150200.4.7.1 * Development Tools Module 15-SP5 (noarch) * xmlgraphics-batik-css-1.17-150200.4.7.1 * xmlgraphics-batik-1.17-150200.4.7.1 ## References: * https://www.suse.com/security/cve/CVE-2022-41704.html * https://www.suse.com/security/cve/CVE-2022-42890.html * https://www.suse.com/security/cve/CVE-2022-44729.html * https://www.suse.com/security/cve/CVE-2022-44730.html * https://bugzilla.suse.com/show_bug.cgi?id=1204704 * https://bugzilla.suse.com/show_bug.cgi?id=1204709 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 7 16:33:04 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 07 Mar 2024 16:33:04 -0000 Subject: SUSE-SU-2024:0806-1: important: Security update for google-oauth-java-client Message-ID: <170982918498.6342.12928461244133240515@smelt2.prg2.suse.org> # Security update for google-oauth-java-client Announcement ID: SUSE-SU-2024:0806-1 Rating: important References: * bsc#1199188 Cross-References: * CVE-2021-22573 CVSS scores: * CVE-2021-22573 ( NVD ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N Affected Products: * openSUSE Leap 15.5 An update that solves one vulnerability can now be installed. ## Description: This update for google-oauth-java-client fixes the following issues: * CVE-2021-22573: Fixed token signature not verified (bsc#1199188). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-806=1 ## Package List: * openSUSE Leap 15.5 (noarch) * google-oauth-java-client-javadoc-1.22.0-150200.3.7.1 * google-oauth-java-client-1.22.0-150200.3.7.1 * google-oauth-java-client-java6-1.22.0-150200.3.7.1 * google-oauth-java-client-servlet-1.22.0-150200.3.7.1 * google-oauth-java-client-parent-1.22.0-150200.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2021-22573.html * https://bugzilla.suse.com/show_bug.cgi?id=1199188 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 08:30:04 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 08:30:04 -0000 Subject: SUSE-SU-2024:0812-1: important: Security update for go1.22 Message-ID: <170988660459.31060.2008230328454617011@smelt2.prg2.suse.org> # Security update for go1.22 Announcement ID: SUSE-SU-2024:0812-1 Rating: important References: * bsc#1218424 * bsc#1219988 * bsc#1220999 * bsc#1221000 * bsc#1221001 * bsc#1221002 * bsc#1221003 Cross-References: * CVE-2023-45289 * CVE-2023-45290 * CVE-2024-24783 * CVE-2024-24784 * CVE-2024-24785 CVSS scores: * CVE-2023-45289 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-45290 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24783 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24784 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-24785 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves five vulnerabilities and has two security fixes can now be installed. ## Description: This update for go1.22 fixes the following issues: * Upgrade go to version 1.22.1 * CVE-2023-45289: net/http, net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect (bsc#1221000) * CVE-2023-45290: net/http: memory exhaustion in Request.ParseMultipartForm (bsc#1221001) * CVE-2024-24783: crypto/x509: Verify panics on certificates with an unknown public key algorithm (bsc#1220999) * CVE-2024-24784: net/mail: comments in display names are incorrectly handled (bsc#1221002) * CVE-2024-24785: html/template: errors returned from MarshalJSON methods may break template escaping (bsc#1221003) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-812=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-812=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * go1.22-1.22.1-150000.1.9.1 * go1.22-doc-1.22.1-150000.1.9.1 * go1.22-race-1.22.1-150000.1.9.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * go1.22-1.22.1-150000.1.9.1 * go1.22-doc-1.22.1-150000.1.9.1 * go1.22-race-1.22.1-150000.1.9.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45289.html * https://www.suse.com/security/cve/CVE-2023-45290.html * https://www.suse.com/security/cve/CVE-2024-24783.html * https://www.suse.com/security/cve/CVE-2024-24784.html * https://www.suse.com/security/cve/CVE-2024-24785.html * https://bugzilla.suse.com/show_bug.cgi?id=1218424 * https://bugzilla.suse.com/show_bug.cgi?id=1219988 * https://bugzilla.suse.com/show_bug.cgi?id=1220999 * https://bugzilla.suse.com/show_bug.cgi?id=1221000 * https://bugzilla.suse.com/show_bug.cgi?id=1221001 * https://bugzilla.suse.com/show_bug.cgi?id=1221002 * https://bugzilla.suse.com/show_bug.cgi?id=1221003 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 08:30:16 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 08:30:16 -0000 Subject: SUSE-RU-2024:0809-1: moderate: Recommended update for lifecycle-data-sle-module-hpc Message-ID: <170988661617.31060.13945761444066384371@smelt2.prg2.suse.org> # Recommended update for lifecycle-data-sle-module-hpc Announcement ID: SUSE-RU-2024:0809-1 Rating: moderate References: * jsc#PED-7897 Affected Products: * HPC Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 An update that contains one feature can now be installed. ## Description: This update for lifecycle-data-sle-module-hpc fixes the following issues: * Add lifecycle data for slurm versions up to 23.05 (jsc#PED-7897) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-809=1 * HPC Module 15-SP5 zypper in -t patch SUSE-SLE-Module-HPC-15-SP5-2024-809=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-809=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-809=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-809=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-809=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64) * lifecycle-data-sle-module-hpc-1-150000.5.7.1 * HPC Module 15-SP5 (aarch64 x86_64) * lifecycle-data-sle-module-hpc-1-150000.5.7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * lifecycle-data-sle-module-hpc-1-150000.5.7.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * lifecycle-data-sle-module-hpc-1-150000.5.7.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * lifecycle-data-sle-module-hpc-1-150000.5.7.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * lifecycle-data-sle-module-hpc-1-150000.5.7.1 ## References: * https://jira.suse.com/browse/PED-7897 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 08:30:09 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 08:30:09 -0000 Subject: SUSE-SU-2024:0811-1: important: Security update for go1.21 Message-ID: <170988660906.31060.4066255684081924766@smelt2.prg2.suse.org> # Security update for go1.21 Announcement ID: SUSE-SU-2024:0811-1 Rating: important References: * bsc#1212475 * bsc#1219988 * bsc#1220999 * bsc#1221000 * bsc#1221001 * bsc#1221002 * bsc#1221003 Cross-References: * CVE-2023-45289 * CVE-2023-45290 * CVE-2024-24783 * CVE-2024-24784 * CVE-2024-24785 CVSS scores: * CVE-2023-45289 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-45290 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24783 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24784 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-24785 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves five vulnerabilities and has two security fixes can now be installed. ## Description: This update for go1.21 fixes the following issues: * Upgrade go to version 1.21.8 * CVE-2023-45289: net/http, net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect (bsc#1221000) * CVE-2023-45290: net/http: memory exhaustion in Request.ParseMultipartForm (bsc#1221001) * CVE-2024-24783: crypto/x509: Verify panics on certificates with an unknown public key algorithm (bsc#1220999) * CVE-2024-24784: net/mail: comments in display names are incorrectly handled (bsc#1221002) * CVE-2024-24785: html/template: errors returned from MarshalJSON methods may break template escaping (bsc#1221003) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-811=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-811=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-811=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-811=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-811=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-811=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-811=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * go1.21-race-1.21.8-150000.1.27.1 * go1.21-1.21.8-150000.1.27.1 * go1.21-doc-1.21.8-150000.1.27.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * go1.21-race-1.21.8-150000.1.27.1 * go1.21-1.21.8-150000.1.27.1 * go1.21-doc-1.21.8-150000.1.27.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * go1.21-race-1.21.8-150000.1.27.1 * go1.21-1.21.8-150000.1.27.1 * go1.21-doc-1.21.8-150000.1.27.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * go1.21-race-1.21.8-150000.1.27.1 * go1.21-1.21.8-150000.1.27.1 * go1.21-doc-1.21.8-150000.1.27.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * go1.21-race-1.21.8-150000.1.27.1 * go1.21-1.21.8-150000.1.27.1 * go1.21-doc-1.21.8-150000.1.27.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * go1.21-1.21.8-150000.1.27.1 * go1.21-doc-1.21.8-150000.1.27.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64) * go1.21-race-1.21.8-150000.1.27.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * go1.21-1.21.8-150000.1.27.1 * go1.21-doc-1.21.8-150000.1.27.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * go1.21-race-1.21.8-150000.1.27.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45289.html * https://www.suse.com/security/cve/CVE-2023-45290.html * https://www.suse.com/security/cve/CVE-2024-24783.html * https://www.suse.com/security/cve/CVE-2024-24784.html * https://www.suse.com/security/cve/CVE-2024-24785.html * https://bugzilla.suse.com/show_bug.cgi?id=1212475 * https://bugzilla.suse.com/show_bug.cgi?id=1219988 * https://bugzilla.suse.com/show_bug.cgi?id=1220999 * https://bugzilla.suse.com/show_bug.cgi?id=1221000 * https://bugzilla.suse.com/show_bug.cgi?id=1221001 * https://bugzilla.suse.com/show_bug.cgi?id=1221002 * https://bugzilla.suse.com/show_bug.cgi?id=1221003 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 08:30:12 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 08:30:12 -0000 Subject: SUSE-RU-2024:0810-1: moderate: Recommended update for lifecycle-data-sle-module-hpc Message-ID: <170988661245.31060.13911373451347694205@smelt2.prg2.suse.org> # Recommended update for lifecycle-data-sle-module-hpc Announcement ID: SUSE-RU-2024:0810-1 Rating: moderate References: * jsc#PED-7897 Affected Products: * HPC Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that contains one feature can now be installed. ## Description: This update for lifecycle-data-sle-module-hpc fixes the following issues: * Add lifecycle data for slurm versions up to 23.05 (jsc#PED-7897) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * HPC Module 12 zypper in -t patch SUSE-SLE-Module-HPC-12-2024-810=1 ## Package List: * HPC Module 12 (aarch64 x86_64) * lifecycle-data-sle-module-hpc-1-3.3.1 ## References: * https://jira.suse.com/browse/PED-7897 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 12:30:03 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 12:30:03 -0000 Subject: SUSE-SU-2024:0820-1: important: Security update for python310 Message-ID: <170990100377.3106.10670929193543847888@smelt2.prg2.suse.org> # Security update for python310 Announcement ID: SUSE-SU-2024:0820-1 Rating: important References: * bsc#1219666 Cross-References: * CVE-2023-6597 CVSS scores: * CVE-2023-6597 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for python310 fixes the following issues: * CVE-2023-6597: Fixed symlink bug in cleanup of tempfile.TemporaryDirectory (bsc#1219666). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-820=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-820=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-820=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-820=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-820=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-820=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-820=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python310-dbm-debuginfo-3.10.13-150400.4.42.1 * python310-curses-3.10.13-150400.4.42.1 * python310-debugsource-3.10.13-150400.4.42.1 * python310-testsuite-3.10.13-150400.4.42.1 * libpython3_10-1_0-3.10.13-150400.4.42.1 * libpython3_10-1_0-debuginfo-3.10.13-150400.4.42.1 * python310-core-debugsource-3.10.13-150400.4.42.1 * python310-debuginfo-3.10.13-150400.4.42.1 * python310-devel-3.10.13-150400.4.42.1 * python310-doc-devhelp-3.10.13-150400.4.42.1 * python310-base-3.10.13-150400.4.42.1 * python310-testsuite-debuginfo-3.10.13-150400.4.42.1 * python310-tools-3.10.13-150400.4.42.1 * python310-idle-3.10.13-150400.4.42.1 * python310-3.10.13-150400.4.42.1 * python310-curses-debuginfo-3.10.13-150400.4.42.1 * python310-dbm-3.10.13-150400.4.42.1 * python310-doc-3.10.13-150400.4.42.1 * python310-base-debuginfo-3.10.13-150400.4.42.1 * python310-tk-3.10.13-150400.4.42.1 * python310-tk-debuginfo-3.10.13-150400.4.42.1 * openSUSE Leap 15.4 (x86_64) * python310-base-32bit-debuginfo-3.10.13-150400.4.42.1 * libpython3_10-1_0-32bit-debuginfo-3.10.13-150400.4.42.1 * python310-base-32bit-3.10.13-150400.4.42.1 * python310-32bit-3.10.13-150400.4.42.1 * python310-32bit-debuginfo-3.10.13-150400.4.42.1 * libpython3_10-1_0-32bit-3.10.13-150400.4.42.1 * openSUSE Leap 15.4 (aarch64_ilp32) * python310-base-64bit-3.10.13-150400.4.42.1 * libpython3_10-1_0-64bit-debuginfo-3.10.13-150400.4.42.1 * python310-64bit-3.10.13-150400.4.42.1 * python310-base-64bit-debuginfo-3.10.13-150400.4.42.1 * python310-64bit-debuginfo-3.10.13-150400.4.42.1 * libpython3_10-1_0-64bit-3.10.13-150400.4.42.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python310-dbm-debuginfo-3.10.13-150400.4.42.1 * python310-curses-3.10.13-150400.4.42.1 * python310-debugsource-3.10.13-150400.4.42.1 * python310-testsuite-3.10.13-150400.4.42.1 * libpython3_10-1_0-3.10.13-150400.4.42.1 * libpython3_10-1_0-debuginfo-3.10.13-150400.4.42.1 * python310-core-debugsource-3.10.13-150400.4.42.1 * python310-debuginfo-3.10.13-150400.4.42.1 * python310-devel-3.10.13-150400.4.42.1 * python310-doc-devhelp-3.10.13-150400.4.42.1 * python310-base-3.10.13-150400.4.42.1 * python310-testsuite-debuginfo-3.10.13-150400.4.42.1 * python310-tools-3.10.13-150400.4.42.1 * python310-idle-3.10.13-150400.4.42.1 * python310-3.10.13-150400.4.42.1 * python310-curses-debuginfo-3.10.13-150400.4.42.1 * python310-doc-3.10.13-150400.4.42.1 * python310-dbm-3.10.13-150400.4.42.1 * python310-base-debuginfo-3.10.13-150400.4.42.1 * python310-tk-3.10.13-150400.4.42.1 * python310-tk-debuginfo-3.10.13-150400.4.42.1 * openSUSE Leap 15.5 (x86_64) * python310-base-32bit-debuginfo-3.10.13-150400.4.42.1 * libpython3_10-1_0-32bit-debuginfo-3.10.13-150400.4.42.1 * python310-base-32bit-3.10.13-150400.4.42.1 * python310-32bit-3.10.13-150400.4.42.1 * python310-32bit-debuginfo-3.10.13-150400.4.42.1 * libpython3_10-1_0-32bit-3.10.13-150400.4.42.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python310-dbm-debuginfo-3.10.13-150400.4.42.1 * python310-curses-3.10.13-150400.4.42.1 * python310-debuginfo-3.10.13-150400.4.42.1 * python310-debugsource-3.10.13-150400.4.42.1 * python310-devel-3.10.13-150400.4.42.1 * python310-tk-3.10.13-150400.4.42.1 * python310-tools-3.10.13-150400.4.42.1 * python310-idle-3.10.13-150400.4.42.1 * python310-tk-debuginfo-3.10.13-150400.4.42.1 * python310-3.10.13-150400.4.42.1 * libpython3_10-1_0-3.10.13-150400.4.42.1 * libpython3_10-1_0-debuginfo-3.10.13-150400.4.42.1 * python310-curses-debuginfo-3.10.13-150400.4.42.1 * python310-base-3.10.13-150400.4.42.1 * python310-core-debugsource-3.10.13-150400.4.42.1 * python310-dbm-3.10.13-150400.4.42.1 * python310-base-debuginfo-3.10.13-150400.4.42.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python310-dbm-debuginfo-3.10.13-150400.4.42.1 * python310-curses-3.10.13-150400.4.42.1 * python310-debuginfo-3.10.13-150400.4.42.1 * python310-debugsource-3.10.13-150400.4.42.1 * python310-devel-3.10.13-150400.4.42.1 * python310-tk-3.10.13-150400.4.42.1 * python310-tools-3.10.13-150400.4.42.1 * python310-idle-3.10.13-150400.4.42.1 * python310-tk-debuginfo-3.10.13-150400.4.42.1 * python310-3.10.13-150400.4.42.1 * libpython3_10-1_0-3.10.13-150400.4.42.1 * libpython3_10-1_0-debuginfo-3.10.13-150400.4.42.1 * python310-curses-debuginfo-3.10.13-150400.4.42.1 * python310-base-3.10.13-150400.4.42.1 * python310-core-debugsource-3.10.13-150400.4.42.1 * python310-dbm-3.10.13-150400.4.42.1 * python310-base-debuginfo-3.10.13-150400.4.42.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * python310-dbm-debuginfo-3.10.13-150400.4.42.1 * python310-curses-3.10.13-150400.4.42.1 * python310-debuginfo-3.10.13-150400.4.42.1 * python310-debugsource-3.10.13-150400.4.42.1 * python310-devel-3.10.13-150400.4.42.1 * python310-tk-3.10.13-150400.4.42.1 * python310-tools-3.10.13-150400.4.42.1 * python310-idle-3.10.13-150400.4.42.1 * python310-tk-debuginfo-3.10.13-150400.4.42.1 * python310-3.10.13-150400.4.42.1 * libpython3_10-1_0-3.10.13-150400.4.42.1 * libpython3_10-1_0-debuginfo-3.10.13-150400.4.42.1 * python310-curses-debuginfo-3.10.13-150400.4.42.1 * python310-base-3.10.13-150400.4.42.1 * python310-core-debugsource-3.10.13-150400.4.42.1 * python310-dbm-3.10.13-150400.4.42.1 * python310-base-debuginfo-3.10.13-150400.4.42.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * python310-dbm-debuginfo-3.10.13-150400.4.42.1 * python310-curses-3.10.13-150400.4.42.1 * python310-debuginfo-3.10.13-150400.4.42.1 * python310-debugsource-3.10.13-150400.4.42.1 * python310-devel-3.10.13-150400.4.42.1 * python310-tk-3.10.13-150400.4.42.1 * python310-tools-3.10.13-150400.4.42.1 * python310-idle-3.10.13-150400.4.42.1 * python310-tk-debuginfo-3.10.13-150400.4.42.1 * python310-3.10.13-150400.4.42.1 * libpython3_10-1_0-3.10.13-150400.4.42.1 * libpython3_10-1_0-debuginfo-3.10.13-150400.4.42.1 * python310-curses-debuginfo-3.10.13-150400.4.42.1 * python310-base-3.10.13-150400.4.42.1 * python310-core-debugsource-3.10.13-150400.4.42.1 * python310-dbm-3.10.13-150400.4.42.1 * python310-base-debuginfo-3.10.13-150400.4.42.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python310-dbm-debuginfo-3.10.13-150400.4.42.1 * python310-curses-3.10.13-150400.4.42.1 * python310-debuginfo-3.10.13-150400.4.42.1 * python310-debugsource-3.10.13-150400.4.42.1 * python310-devel-3.10.13-150400.4.42.1 * python310-tk-3.10.13-150400.4.42.1 * python310-tools-3.10.13-150400.4.42.1 * python310-idle-3.10.13-150400.4.42.1 * python310-tk-debuginfo-3.10.13-150400.4.42.1 * python310-3.10.13-150400.4.42.1 * libpython3_10-1_0-3.10.13-150400.4.42.1 * libpython3_10-1_0-debuginfo-3.10.13-150400.4.42.1 * python310-curses-debuginfo-3.10.13-150400.4.42.1 * python310-base-3.10.13-150400.4.42.1 * python310-core-debugsource-3.10.13-150400.4.42.1 * python310-dbm-3.10.13-150400.4.42.1 * python310-base-debuginfo-3.10.13-150400.4.42.1 ## References: * https://www.suse.com/security/cve/CVE-2023-6597.html * https://bugzilla.suse.com/show_bug.cgi?id=1219666 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 12:30:10 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 12:30:10 -0000 Subject: SUSE-SU-2024:0817-1: important: Security update for jetty-minimal Message-ID: <170990101033.3106.4067679139485914864@smelt2.prg2.suse.org> # Security update for jetty-minimal Announcement ID: SUSE-SU-2024:0817-1 Rating: important References: * bsc#1220437 Cross-References: * CVE-2024-22201 CVSS scores: * CVE-2024-22201 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for jetty-minimal fixes the following issues: * CVE-2024-22201: Fixed denial-of-service via HTTP/2 connection leak (bsc#1220437). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-817=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-817=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-817=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-817=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-817=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-817=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-817=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-817=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-817=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-817=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-817=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-817=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-817=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-817=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * jetty-servlet-9.4.54-150200.3.25.1 * jetty-util-ajax-9.4.54-150200.3.25.1 * jetty-io-9.4.54-150200.3.25.1 * jetty-util-9.4.54-150200.3.25.1 * jetty-server-9.4.54-150200.3.25.1 * jetty-security-9.4.54-150200.3.25.1 * jetty-http-9.4.54-150200.3.25.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * jetty-servlet-9.4.54-150200.3.25.1 * jetty-util-ajax-9.4.54-150200.3.25.1 * jetty-io-9.4.54-150200.3.25.1 * jetty-util-9.4.54-150200.3.25.1 * jetty-server-9.4.54-150200.3.25.1 * jetty-security-9.4.54-150200.3.25.1 * jetty-http-9.4.54-150200.3.25.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * jetty-servlet-9.4.54-150200.3.25.1 * jetty-util-ajax-9.4.54-150200.3.25.1 * jetty-io-9.4.54-150200.3.25.1 * jetty-util-9.4.54-150200.3.25.1 * jetty-server-9.4.54-150200.3.25.1 * jetty-security-9.4.54-150200.3.25.1 * jetty-http-9.4.54-150200.3.25.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * jetty-servlet-9.4.54-150200.3.25.1 * jetty-util-ajax-9.4.54-150200.3.25.1 * jetty-io-9.4.54-150200.3.25.1 * jetty-util-9.4.54-150200.3.25.1 * jetty-server-9.4.54-150200.3.25.1 * jetty-security-9.4.54-150200.3.25.1 * jetty-http-9.4.54-150200.3.25.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * jetty-servlet-9.4.54-150200.3.25.1 * jetty-util-ajax-9.4.54-150200.3.25.1 * jetty-io-9.4.54-150200.3.25.1 * jetty-util-9.4.54-150200.3.25.1 * jetty-server-9.4.54-150200.3.25.1 * jetty-security-9.4.54-150200.3.25.1 * jetty-http-9.4.54-150200.3.25.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * jetty-servlet-9.4.54-150200.3.25.1 * jetty-util-ajax-9.4.54-150200.3.25.1 * jetty-io-9.4.54-150200.3.25.1 * jetty-util-9.4.54-150200.3.25.1 * jetty-server-9.4.54-150200.3.25.1 * jetty-security-9.4.54-150200.3.25.1 * jetty-http-9.4.54-150200.3.25.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * jetty-servlet-9.4.54-150200.3.25.1 * jetty-util-ajax-9.4.54-150200.3.25.1 * jetty-io-9.4.54-150200.3.25.1 * jetty-util-9.4.54-150200.3.25.1 * jetty-server-9.4.54-150200.3.25.1 * jetty-security-9.4.54-150200.3.25.1 * jetty-http-9.4.54-150200.3.25.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * jetty-servlet-9.4.54-150200.3.25.1 * jetty-util-ajax-9.4.54-150200.3.25.1 * jetty-io-9.4.54-150200.3.25.1 * jetty-util-9.4.54-150200.3.25.1 * jetty-server-9.4.54-150200.3.25.1 * jetty-security-9.4.54-150200.3.25.1 * jetty-http-9.4.54-150200.3.25.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * jetty-servlet-9.4.54-150200.3.25.1 * jetty-util-ajax-9.4.54-150200.3.25.1 * jetty-io-9.4.54-150200.3.25.1 * jetty-util-9.4.54-150200.3.25.1 * jetty-server-9.4.54-150200.3.25.1 * jetty-security-9.4.54-150200.3.25.1 * jetty-http-9.4.54-150200.3.25.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * jetty-servlet-9.4.54-150200.3.25.1 * jetty-util-ajax-9.4.54-150200.3.25.1 * jetty-io-9.4.54-150200.3.25.1 * jetty-util-9.4.54-150200.3.25.1 * jetty-server-9.4.54-150200.3.25.1 * jetty-security-9.4.54-150200.3.25.1 * jetty-http-9.4.54-150200.3.25.1 * SUSE Enterprise Storage 7.1 (noarch) * jetty-servlet-9.4.54-150200.3.25.1 * jetty-util-ajax-9.4.54-150200.3.25.1 * jetty-io-9.4.54-150200.3.25.1 * jetty-util-9.4.54-150200.3.25.1 * jetty-server-9.4.54-150200.3.25.1 * jetty-security-9.4.54-150200.3.25.1 * jetty-http-9.4.54-150200.3.25.1 * openSUSE Leap 15.5 (noarch) * jetty-annotations-9.4.54-150200.3.25.1 * jetty-openid-9.4.54-150200.3.25.1 * jetty-util-ajax-9.4.54-150200.3.25.1 * jetty-jsp-9.4.54-150200.3.25.1 * jetty-security-9.4.54-150200.3.25.1 * jetty-quickstart-9.4.54-150200.3.25.1 * jetty-minimal-javadoc-9.4.54-150200.3.25.1 * jetty-servlet-9.4.54-150200.3.25.1 * jetty-ant-9.4.54-150200.3.25.1 * jetty-http-spi-9.4.54-150200.3.25.1 * jetty-webapp-9.4.54-150200.3.25.1 * jetty-io-9.4.54-150200.3.25.1 * jetty-start-9.4.54-150200.3.25.1 * jetty-rewrite-9.4.54-150200.3.25.1 * jetty-http-9.4.54-150200.3.25.1 * jetty-fcgi-9.4.54-150200.3.25.1 * jetty-cdi-9.4.54-150200.3.25.1 * jetty-client-9.4.54-150200.3.25.1 * jetty-servlets-9.4.54-150200.3.25.1 * jetty-util-9.4.54-150200.3.25.1 * jetty-server-9.4.54-150200.3.25.1 * jetty-proxy-9.4.54-150200.3.25.1 * jetty-jndi-9.4.54-150200.3.25.1 * jetty-continuation-9.4.54-150200.3.25.1 * jetty-deploy-9.4.54-150200.3.25.1 * jetty-jmx-9.4.54-150200.3.25.1 * jetty-jaas-9.4.54-150200.3.25.1 * jetty-xml-9.4.54-150200.3.25.1 * jetty-plus-9.4.54-150200.3.25.1 * Development Tools Module 15-SP5 (noarch) * jetty-servlet-9.4.54-150200.3.25.1 * jetty-util-ajax-9.4.54-150200.3.25.1 * jetty-io-9.4.54-150200.3.25.1 * jetty-util-9.4.54-150200.3.25.1 * jetty-server-9.4.54-150200.3.25.1 * jetty-security-9.4.54-150200.3.25.1 * jetty-http-9.4.54-150200.3.25.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * jetty-servlet-9.4.54-150200.3.25.1 * jetty-util-ajax-9.4.54-150200.3.25.1 * jetty-io-9.4.54-150200.3.25.1 * jetty-util-9.4.54-150200.3.25.1 * jetty-server-9.4.54-150200.3.25.1 * jetty-security-9.4.54-150200.3.25.1 * jetty-http-9.4.54-150200.3.25.1 ## References: * https://www.suse.com/security/cve/CVE-2024-22201.html * https://bugzilla.suse.com/show_bug.cgi?id=1220437 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 12:30:08 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 12:30:08 -0000 Subject: SUSE-SU-2024:0818-1: important: Security update for wpa_supplicant Message-ID: <170990100856.3106.16954405007671916960@smelt2.prg2.suse.org> # Security update for wpa_supplicant Announcement ID: SUSE-SU-2024:0818-1 Rating: important References: * bsc#1219975 Cross-References: * CVE-2023-52160 CVSS scores: * CVE-2023-52160 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52160 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for wpa_supplicant fixes the following issues: * CVE-2023-52160: Bypassing WiFi Authentication (bsc#1219975). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-818=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-818=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-818=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * wpa_supplicant-debuginfo-2.9-23.20.1 * wpa_supplicant-2.9-23.20.1 * wpa_supplicant-debugsource-2.9-23.20.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * wpa_supplicant-debuginfo-2.9-23.20.1 * wpa_supplicant-2.9-23.20.1 * wpa_supplicant-debugsource-2.9-23.20.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * wpa_supplicant-debuginfo-2.9-23.20.1 * wpa_supplicant-2.9-23.20.1 * wpa_supplicant-debugsource-2.9-23.20.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52160.html * https://bugzilla.suse.com/show_bug.cgi?id=1219975 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 12:30:14 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 12:30:14 -0000 Subject: SUSE-SU-2024:0796-2: important: Security update for sudo Message-ID: <170990101422.3106.15845646121075215796@smelt2.prg2.suse.org> # Security update for sudo Announcement ID: SUSE-SU-2024:0796-2 Rating: important References: * bsc#1219026 * bsc#1220389 Cross-References: * CVE-2023-42465 CVSS scores: * CVE-2023-42465 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42465 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for sudo fixes the following issues: NOTE: This update has been retracted as the fix broke some functionality. * CVE-2023-42465: Try to make sudo less vulnerable to ROWHAMMER attacks (bsc#1219026). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-796=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-796=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-796=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * sudo-devel-1.8.27-150000.4.50.1 * sudo-1.8.27-150000.4.50.1 * sudo-debuginfo-1.8.27-150000.4.50.1 * sudo-debugsource-1.8.27-150000.4.50.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * sudo-devel-1.8.27-150000.4.50.1 * sudo-1.8.27-150000.4.50.1 * sudo-debuginfo-1.8.27-150000.4.50.1 * sudo-debugsource-1.8.27-150000.4.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * sudo-devel-1.8.27-150000.4.50.1 * sudo-1.8.27-150000.4.50.1 * sudo-debuginfo-1.8.27-150000.4.50.1 * sudo-debugsource-1.8.27-150000.4.50.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42465.html * https://bugzilla.suse.com/show_bug.cgi?id=1219026 * https://bugzilla.suse.com/show_bug.cgi?id=1220389 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 12:30:16 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 12:30:16 -0000 Subject: SUSE-SU-2024:0795-2: important: Security update for sudo Message-ID: <170990101604.3106.15176786072252046410@smelt2.prg2.suse.org> # Security update for sudo Announcement ID: SUSE-SU-2024:0795-2 Rating: important References: * bsc#1219026 * bsc#1220389 Cross-References: * CVE-2023-42465 CVSS scores: * CVE-2023-42465 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42465 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for sudo fixes the following issues: NOTE: This update has been retracted as some logic was not correct. * CVE-2023-42465: Try to make sudo less vulnerable to ROWHAMMER attacks (bsc#1219026). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-795=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-795=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-795=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-795=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-795=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-795=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-795=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-795=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-795=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-795=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-795=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-795=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-795=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-795=1 ## Package List: * openSUSE Leap Micro 5.3 (aarch64 x86_64) * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Manager Proxy 4.3 (x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42465.html * https://bugzilla.suse.com/show_bug.cgi?id=1219026 * https://bugzilla.suse.com/show_bug.cgi?id=1220389 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 12:36:22 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 12:36:22 -0000 Subject: SUSE-SU-2024:0795-2: important: Security update for sudo Message-ID: <170990138206.3106.14607250483050417564@smelt2.prg2.suse.org> # Security update for sudo Announcement ID: SUSE-SU-2024:0795-2 Rating: important References: * bsc#1219026 * bsc#1220389 Cross-References: * CVE-2023-42465 CVSS scores: * CVE-2023-42465 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42465 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for sudo fixes the following issues: NOTE: This update has been retracted as some logic was not correct. * CVE-2023-42465: Try to make sudo less vulnerable to ROWHAMMER attacks (bsc#1219026). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-795=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-795=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-795=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-795=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-795=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-795=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-795=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-795=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-795=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-795=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-795=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-795=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-795=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-795=1 ## Package List: * openSUSE Leap Micro 5.3 (aarch64 x86_64) * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Manager Proxy 4.3 (x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42465.html * https://bugzilla.suse.com/show_bug.cgi?id=1219026 * https://bugzilla.suse.com/show_bug.cgi?id=1220389 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 12:36:32 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 12:36:32 -0000 Subject: SUSE-SU-2024:0794-2: important: Security update for sudo Message-ID: <170990139233.3106.10787147335039998517@smelt2.prg2.suse.org> # Security update for sudo Announcement ID: SUSE-SU-2024:0794-2 Rating: important References: * bsc#1219026 * bsc#1220389 Cross-References: * CVE-2023-42465 CVSS scores: * CVE-2023-42465 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42465 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for sudo fixes the following issues: NOTE: This update has been retracted, as some logic was not changed correctly. * CVE-2023-42465: Try to make sudo less vulnerable to ROWHAMMER attacks (bsc#1219026). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-794=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-794=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-794=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * sudo-plugin-python-debuginfo-1.9.12p1-150500.7.7.1 * sudo-plugin-python-1.9.12p1-150500.7.7.1 * sudo-1.9.12p1-150500.7.7.1 * sudo-devel-1.9.12p1-150500.7.7.1 * sudo-debuginfo-1.9.12p1-150500.7.7.1 * sudo-test-1.9.12p1-150500.7.7.1 * sudo-debugsource-1.9.12p1-150500.7.7.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * sudo-1.9.12p1-150500.7.7.1 * sudo-debuginfo-1.9.12p1-150500.7.7.1 * sudo-debugsource-1.9.12p1-150500.7.7.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * sudo-plugin-python-debuginfo-1.9.12p1-150500.7.7.1 * sudo-plugin-python-1.9.12p1-150500.7.7.1 * sudo-1.9.12p1-150500.7.7.1 * sudo-devel-1.9.12p1-150500.7.7.1 * sudo-debuginfo-1.9.12p1-150500.7.7.1 * sudo-debugsource-1.9.12p1-150500.7.7.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42465.html * https://bugzilla.suse.com/show_bug.cgi?id=1219026 * https://bugzilla.suse.com/show_bug.cgi?id=1220389 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 12:36:36 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 12:36:36 -0000 Subject: SUSE-SU-2024:0815-1: moderate: Security update for openssl-3 Message-ID: <170990139650.3106.7716235923668708619@smelt2.prg2.suse.org> # Security update for openssl-3 Announcement ID: SUSE-SU-2024:0815-1 Rating: moderate References: * bsc#1219243 Cross-References: * CVE-2024-0727 CVSS scores: * CVE-2024-0727 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-0727 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-3 fixes the following issues: * CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file (bsc#1219243). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-815=1 openSUSE-SLE-15.5-2024-815=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-815=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * openssl-3-3.0.8-150500.5.27.1 * openssl-3-debuginfo-3.0.8-150500.5.27.1 * libopenssl3-3.0.8-150500.5.27.1 * libopenssl-3-devel-3.0.8-150500.5.27.1 * openssl-3-debugsource-3.0.8-150500.5.27.1 * libopenssl3-debuginfo-3.0.8-150500.5.27.1 * openSUSE Leap 15.5 (x86_64) * libopenssl3-32bit-debuginfo-3.0.8-150500.5.27.1 * libopenssl3-32bit-3.0.8-150500.5.27.1 * libopenssl-3-devel-32bit-3.0.8-150500.5.27.1 * openSUSE Leap 15.5 (noarch) * openssl-3-doc-3.0.8-150500.5.27.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libopenssl3-64bit-3.0.8-150500.5.27.1 * libopenssl3-64bit-debuginfo-3.0.8-150500.5.27.1 * libopenssl-3-devel-64bit-3.0.8-150500.5.27.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * openssl-3-3.0.8-150500.5.27.1 * openssl-3-debuginfo-3.0.8-150500.5.27.1 * libopenssl3-3.0.8-150500.5.27.1 * libopenssl-3-devel-3.0.8-150500.5.27.1 * openssl-3-debugsource-3.0.8-150500.5.27.1 * libopenssl3-debuginfo-3.0.8-150500.5.27.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0727.html * https://bugzilla.suse.com/show_bug.cgi?id=1219243 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 12:36:39 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 12:36:39 -0000 Subject: SUSE-SU-2024:0814-1: moderate: Security update for openssl-1_0_0 Message-ID: <170990139925.3106.29169497491502098@smelt2.prg2.suse.org> # Security update for openssl-1_0_0 Announcement ID: SUSE-SU-2024:0814-1 Rating: moderate References: * bsc#1219243 Cross-References: * CVE-2024-0727 CVSS scores: * CVE-2024-0727 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-0727 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-1_0_0 fixes the following issues: * CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file (bsc#1219243). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-814=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-814=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-814=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-814=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * openssl-1_0_0-debugsource-1.0.2p-3.90.1 * openssl-1_0_0-debuginfo-1.0.2p-3.90.1 * libopenssl-1_0_0-devel-1.0.2p-3.90.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (s390x x86_64) * libopenssl-1_0_0-devel-32bit-1.0.2p-3.90.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libopenssl1_0_0-hmac-1.0.2p-3.90.1 * libopenssl-1_0_0-devel-1.0.2p-3.90.1 * openssl-1_0_0-debuginfo-1.0.2p-3.90.1 * libopenssl1_0_0-debuginfo-1.0.2p-3.90.1 * openssl-1_0_0-1.0.2p-3.90.1 * libopenssl1_0_0-1.0.2p-3.90.1 * openssl-1_0_0-debugsource-1.0.2p-3.90.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * openssl-1_0_0-doc-1.0.2p-3.90.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libopenssl1_0_0-32bit-1.0.2p-3.90.1 * libopenssl1_0_0-hmac-32bit-1.0.2p-3.90.1 * libopenssl1_0_0-debuginfo-32bit-1.0.2p-3.90.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libopenssl1_0_0-hmac-1.0.2p-3.90.1 * libopenssl-1_0_0-devel-1.0.2p-3.90.1 * openssl-1_0_0-debuginfo-1.0.2p-3.90.1 * libopenssl1_0_0-debuginfo-1.0.2p-3.90.1 * openssl-1_0_0-1.0.2p-3.90.1 * libopenssl1_0_0-1.0.2p-3.90.1 * openssl-1_0_0-debugsource-1.0.2p-3.90.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * openssl-1_0_0-doc-1.0.2p-3.90.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libopenssl1_0_0-32bit-1.0.2p-3.90.1 * libopenssl1_0_0-hmac-32bit-1.0.2p-3.90.1 * libopenssl1_0_0-debuginfo-32bit-1.0.2p-3.90.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libopenssl1_0_0-hmac-1.0.2p-3.90.1 * libopenssl-1_0_0-devel-1.0.2p-3.90.1 * openssl-1_0_0-debuginfo-1.0.2p-3.90.1 * libopenssl1_0_0-debuginfo-1.0.2p-3.90.1 * openssl-1_0_0-1.0.2p-3.90.1 * libopenssl1_0_0-1.0.2p-3.90.1 * openssl-1_0_0-debugsource-1.0.2p-3.90.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * openssl-1_0_0-doc-1.0.2p-3.90.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libopenssl1_0_0-32bit-1.0.2p-3.90.1 * libopenssl1_0_0-hmac-32bit-1.0.2p-3.90.1 * libopenssl1_0_0-debuginfo-32bit-1.0.2p-3.90.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0727.html * https://bugzilla.suse.com/show_bug.cgi?id=1219243 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 12:36:42 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 12:36:42 -0000 Subject: SUSE-SU-2024:0813-1: moderate: Security update for openssl-1_1 Message-ID: <170990140241.3106.11933927161291173067@smelt2.prg2.suse.org> # Security update for openssl-1_1 Announcement ID: SUSE-SU-2024:0813-1 Rating: moderate References: * bsc#1219243 Cross-References: * CVE-2024-0727 CVSS scores: * CVE-2024-0727 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-0727 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-1_1 fixes the following issues: * CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file (bsc#1219243). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-813=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-813=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-813=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-813=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libopenssl-1_1-devel-1.1.1d-2.104.1 * openssl-1_1-debuginfo-1.1.1d-2.104.1 * openssl-1_1-debugsource-1.1.1d-2.104.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (s390x x86_64) * libopenssl-1_1-devel-32bit-1.1.1d-2.104.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * openssl-1_1-1.1.1d-2.104.1 * openssl-1_1-debuginfo-1.1.1d-2.104.1 * libopenssl1_1-hmac-1.1.1d-2.104.1 * libopenssl1_1-1.1.1d-2.104.1 * openssl-1_1-debugsource-1.1.1d-2.104.1 * libopenssl1_1-debuginfo-1.1.1d-2.104.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libopenssl1_1-32bit-1.1.1d-2.104.1 * libopenssl1_1-debuginfo-32bit-1.1.1d-2.104.1 * libopenssl1_1-hmac-32bit-1.1.1d-2.104.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * openssl-1_1-1.1.1d-2.104.1 * openssl-1_1-debuginfo-1.1.1d-2.104.1 * libopenssl1_1-hmac-1.1.1d-2.104.1 * libopenssl1_1-1.1.1d-2.104.1 * openssl-1_1-debugsource-1.1.1d-2.104.1 * libopenssl1_1-debuginfo-1.1.1d-2.104.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libopenssl1_1-32bit-1.1.1d-2.104.1 * libopenssl1_1-debuginfo-32bit-1.1.1d-2.104.1 * libopenssl1_1-hmac-32bit-1.1.1d-2.104.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * openssl-1_1-1.1.1d-2.104.1 * openssl-1_1-debuginfo-1.1.1d-2.104.1 * libopenssl1_1-hmac-1.1.1d-2.104.1 * libopenssl1_1-1.1.1d-2.104.1 * openssl-1_1-debugsource-1.1.1d-2.104.1 * libopenssl1_1-debuginfo-1.1.1d-2.104.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libopenssl1_1-32bit-1.1.1d-2.104.1 * libopenssl1_1-debuginfo-32bit-1.1.1d-2.104.1 * libopenssl1_1-hmac-32bit-1.1.1d-2.104.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0727.html * https://bugzilla.suse.com/show_bug.cgi?id=1219243 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 12:30:12 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 12:30:12 -0000 Subject: SUSE-RU-2024:0816-1: moderate: Recommended update for boost-legacy Message-ID: <170990101263.3106.1635407209660763002@smelt2.prg2.suse.org> # Recommended update for boost-legacy Announcement ID: SUSE-RU-2024:0816-1 Rating: moderate References: * bsc#1216876 Affected Products: * Legacy Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for boost-legacy fixes the following issue: * Exclude boost-legacy from provide generator (bsc#1216876) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-816=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-816=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libboost_serialization_legacy-1.66.0-150000.1.7.1 * libboost_serialization_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_math_legacy-1.66.0-150000.1.7.1 * libboost_container_legacy-1.66.0-150000.1.7.1 * libboost_system_legacy-1.66.0-150000.1.7.1 * libboost_container_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_type_erasure_legacy-1.66.0-150000.1.7.1 * libboost_atomic_legacy-1.66.0-150000.1.7.1 * libboost_locale_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_iostreams_legacy-1.66.0-150000.1.7.1 * libboost_random_legacy-1.66.0-150000.1.7.1 * libboost_program_options_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_date_time_legacy-1.66.0-150000.1.7.1 * libboost_math_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_signals_legacy-1.66.0-150000.1.7.1 * libboost_filesystem_legacy-1.66.0-150000.1.7.1 * libboost_log_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_stacktrace_legacy-1.66.0-150000.1.7.1 * libboost_regex_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_test_legacy-1.66.0-150000.1.7.1 * libboost_iostreams_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_timer_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_signals_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_thread_legacy-1.66.0-150000.1.7.1 * libboost_log_legacy-1.66.0-150000.1.7.1 * libboost_graph_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_system_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_program_options_legacy-1.66.0-150000.1.7.1 * libboost_type_erasure_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_random_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_stacktrace_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_wave_legacy-1.66.0-150000.1.7.1 * boost-legacy-base-debugsource-1.66.0-150000.1.7.1 * libboost_filesystem_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_locale_legacy-1.66.0-150000.1.7.1 * libboost_wave_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_atomic_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_date_time_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_timer_legacy-1.66.0-150000.1.7.1 * libboost_thread_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_chrono_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_test_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_graph_legacy-1.66.0-150000.1.7.1 * libboost_regex_legacy-1.66.0-150000.1.7.1 * libboost_chrono_legacy-1.66.0-150000.1.7.1 * openSUSE Leap 15.5 (x86_64) * libboost_program_options_legacy-32bit-1.66.0-150000.1.7.1 * libboost_regex_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_math_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_thread_legacy-32bit-1.66.0-150000.1.7.1 * libboost_coroutine_legacy-32bit-1.66.0-150000.1.7.1 * libboost_context_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_regex_legacy-32bit-1.66.0-150000.1.7.1 * libboost_date_time_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_graph_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_context_legacy-32bit-1.66.0-150000.1.7.1 * libboost_locale_legacy-32bit-1.66.0-150000.1.7.1 * libboost_stacktrace_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_fiber_legacy-32bit-1.66.0-150000.1.7.1 * libboost_locale_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_math_legacy-32bit-1.66.0-150000.1.7.1 * libboost_wave_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_date_time_legacy-32bit-1.66.0-150000.1.7.1 * libboost_atomic_legacy-32bit-1.66.0-150000.1.7.1 * libboost_serialization_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_system_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_random_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_coroutine_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_program_options_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_stacktrace_legacy-32bit-1.66.0-150000.1.7.1 * libboost_fiber_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_iostreams_legacy-32bit-1.66.0-150000.1.7.1 * libboost_thread_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_container_legacy-32bit-1.66.0-150000.1.7.1 * libboost_signals_legacy-32bit-1.66.0-150000.1.7.1 * libboost_signals_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_wave_legacy-32bit-1.66.0-150000.1.7.1 * libboost_iostreams_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_filesystem_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_graph_legacy-32bit-1.66.0-150000.1.7.1 * libboost_serialization_legacy-32bit-1.66.0-150000.1.7.1 * libboost_container_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_type_erasure_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_random_legacy-32bit-1.66.0-150000.1.7.1 * libboost_type_erasure_legacy-32bit-1.66.0-150000.1.7.1 * libboost_filesystem_legacy-32bit-1.66.0-150000.1.7.1 * libboost_atomic_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_test_legacy-32bit-debuginfo-1.66.0-150000.1.7.1 * libboost_test_legacy-32bit-1.66.0-150000.1.7.1 * libboost_system_legacy-32bit-1.66.0-150000.1.7.1 * openSUSE Leap 15.5 (aarch64 ppc64le x86_64) * libboost_coroutine_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_context_legacy-1.66.0-150000.1.7.1 * libboost_coroutine_legacy-1.66.0-150000.1.7.1 * libboost_context_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_fiber_legacy-1.66.0-150000.1.7.1 * libboost_fiber_legacy-debuginfo-1.66.0-150000.1.7.1 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * boost-legacy-base-debugsource-1.66.0-150000.1.7.1 * libboost_locale_legacy-1.66.0-150000.1.7.1 * libboost_regex_legacy-debuginfo-1.66.0-150000.1.7.1 * libboost_regex_legacy-1.66.0-150000.1.7.1 * libboost_locale_legacy-debuginfo-1.66.0-150000.1.7.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1216876 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 12:33:17 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 12:33:17 -0000 Subject: SUSE-SU-2024:0795-2: important: Security update for sudo Message-ID: <170990119794.3106.5451917041138664539@smelt2.prg2.suse.org> # Security update for sudo Announcement ID: SUSE-SU-2024:0795-2 Rating: important References: * bsc#1219026 * bsc#1220389 Cross-References: * CVE-2023-42465 CVSS scores: * CVE-2023-42465 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42465 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for sudo fixes the following issues: NOTE: This update has been retracted as some logic was not correct. * CVE-2023-42465: Try to make sudo less vulnerable to ROWHAMMER attacks (bsc#1219026). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-795=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-795=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-795=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-795=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-795=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-795=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-795=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-795=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-795=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-795=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-795=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-795=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-795=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-795=1 ## Package List: * openSUSE Leap Micro 5.3 (aarch64 x86_64) * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * sudo-debuginfo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Manager Proxy 4.3 (x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * sudo-plugin-python-1.9.9-150400.4.33.1 * sudo-plugin-python-debuginfo-1.9.9-150400.4.33.1 * sudo-1.9.9-150400.4.33.1 * sudo-debugsource-1.9.9-150400.4.33.1 * sudo-devel-1.9.9-150400.4.33.1 * sudo-debuginfo-1.9.9-150400.4.33.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42465.html * https://bugzilla.suse.com/show_bug.cgi?id=1219026 * https://bugzilla.suse.com/show_bug.cgi?id=1220389 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 12:36:27 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 12:36:27 -0000 Subject: SUSE-SU-2024:0797-2: important: Security update for sudo Message-ID: <170990138768.3106.1007412504190421446@smelt2.prg2.suse.org> # Security update for sudo Announcement ID: SUSE-SU-2024:0797-2 Rating: important References: * bsc#1219026 * bsc#1220389 Cross-References: * CVE-2023-42465 CVSS scores: * CVE-2023-42465 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42465 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for sudo fixes the following issues: NOTE: This update has been retracted as some sudo functionality was changed incorrectly. * CVE-2023-42465: Try to make sudo less vulnerable to ROWHAMMER attacks (bsc#1219026). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-797=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-797=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-797=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-797=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * sudo-debugsource-1.8.27-4.45.1 * sudo-1.8.27-4.45.1 * sudo-debuginfo-1.8.27-4.45.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * sudo-debugsource-1.8.27-4.45.1 * sudo-1.8.27-4.45.1 * sudo-debuginfo-1.8.27-4.45.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * sudo-debugsource-1.8.27-4.45.1 * sudo-1.8.27-4.45.1 * sudo-debuginfo-1.8.27-4.45.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * sudo-debugsource-1.8.27-4.45.1 * sudo-debuginfo-1.8.27-4.45.1 * sudo-devel-1.8.27-4.45.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42465.html * https://bugzilla.suse.com/show_bug.cgi?id=1219026 * https://bugzilla.suse.com/show_bug.cgi?id=1220389 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 12:30:06 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 12:30:06 -0000 Subject: SUSE-SU-2024:0819-1: important: Security update for wpa_supplicant Message-ID: <170990100632.3106.6654766485403416077@smelt2.prg2.suse.org> # Security update for wpa_supplicant Announcement ID: SUSE-SU-2024:0819-1 Rating: important References: * bsc#1219975 Cross-References: * CVE-2023-52160 CVSS scores: * CVE-2023-52160 ( SUSE ): 7.5 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52160 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for wpa_supplicant fixes the following issues: * CVE-2023-52160: Bypassing WiFi Authentication (bsc#1219975). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-819=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-819=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-819=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-819=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-819=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-819=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-819=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-819=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-819=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-819=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-819=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-819=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-819=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-819=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-819=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-819=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-819=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-819=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-819=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-819=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-819=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-819=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-819=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-819=1 ## Package List: * openSUSE Leap Micro 5.3 (aarch64 x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Manager Proxy 4.3 (x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * wpa_supplicant-2.9-150000.4.39.1 * wpa_supplicant-debuginfo-2.9-150000.4.39.1 * wpa_supplicant-debugsource-2.9-150000.4.39.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52160.html * https://bugzilla.suse.com/show_bug.cgi?id=1219975 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 12:30:02 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 12:30:02 -0000 Subject: SUSE-RU-2024:0821-1: moderate: Recommended update for suse-migration-services Message-ID: <170990100214.3106.11602183827023303506@smelt2.prg2.suse.org> # Recommended update for suse-migration-services Announcement ID: SUSE-RU-2024:0821-1 Rating: moderate References: * bsc#1219004 Affected Products: * openSUSE Leap 15.5 An update that has one fix can now be installed. ## Description: This update for suse-migration-services fixes the following issues: * Update to version: 2.0.39 * Update dependencies to use suseconnect-ng rather than the legacy SUSEConnect (bsc#1219004) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-821=1 ## Package List: * openSUSE Leap 15.5 (noarch) * suse-migration-pre-checks-2.0.39-150000.1.68.1 * suse-migration-services-2.0.39-150000.1.68.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219004 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 16:30:03 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 16:30:03 -0000 Subject: SUSE-RU-2024:0822-1: moderate: Recommended update for crmsh Message-ID: <170991540370.10992.1967702612715253956@smelt2.prg2.suse.org> # Recommended update for crmsh Announcement ID: SUSE-RU-2024:0822-1 Rating: moderate References: * bsc#1220022 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for crmsh fixes the following issues: * Update to version 4.5.1+20240220.de17a142 * Fix escape special characters in pattern (bsc#1220022) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-822=1 openSUSE-SLE-15.5-2024-822=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-822=1 ## Package List: * openSUSE Leap 15.5 (noarch) * crmsh-scripts-4.5.1+20240220.de17a142-150500.3.22.1 * crmsh-test-4.5.1+20240220.de17a142-150500.3.22.1 * crmsh-4.5.1+20240220.de17a142-150500.3.22.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (noarch) * crmsh-scripts-4.5.1+20240220.de17a142-150500.3.22.1 * crmsh-4.5.1+20240220.de17a142-150500.3.22.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1220022 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 16:30:01 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 16:30:01 -0000 Subject: SUSE-RU-2024:0823-1: moderate: Recommended update for google-cloud-sap-agent Message-ID: <170991540191.10992.8765528259121092015@smelt2.prg2.suse.org> # Recommended update for google-cloud-sap-agent Announcement ID: SUSE-RU-2024:0823-1 Rating: moderate References: * bsc#1218736 * bsc#1218737 Affected Products: * openSUSE Leap 15.5 * Public Cloud Module 15-SP2 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.1 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.1 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that has two fixes can now be installed. ## Description: This update for google-cloud-sap-agent contain the following fixes: * Update to version 3.0 (bsc#1218736, bsc#1218737) * Suppress packemaker command error to debug to avoid log flooding * Expand load balancing cluster discovery. * Log success messages in OTEs to STDOUT instead of STDERR used by log.Print * Use bash always to avoid variation of behavior across OS/Shell types * Minor updates to installbackint. * Backint compose step properly saves metadata. * Fix issue with discovery on ASCS instances. * hanadiskrestore - fix the format of disktype string for disk create API * Fix issue with PCS cluster address discovery. * Update transform to insight * Rename HANA backup/restore OTEs to reflect they are supported for all disks and not just persistent disk * Increase the timeout for HDB stop to account for busy DBs * Adding project sap-ecs-testing to the list. * PD Restore - Support provisioned-iops and provisioned-throughput * Integration test for configure OTE * Added precondition in hana pd backup for stripped LVM * Add a precondition check to verify user has passed a valid snapshot name that is present in the current project * Update the usage to reflect additional required param * Minor path update for supportbundle OTE. * Fixing bug in slow moving metrics partial collection scenarios * Adding check for agent status after restart. * Ensure Backint ComposeChunks has a valid bucket handle * Discover whether a Netweaver instance is ABAP or Java * Replace standard slices package with third party version * WLM HANA metric `ha_in_same_zone` now reports instance names for HA nodes in the same zone * Fix data race condition for Backint Backup with new client connections * Make -new-disk-name a required parameter to avoid the 63 char limit in the name length due to auto-generated names * Fix command for collecting Corosync metric `two_node_runtime` * Make snapshot name similar to disk name * Bump golang.org/x/crypto from 0.15.0 to 0.17.0 * Enable Discovery config flag controls submission to Data Warehouse and Cloud Logging * Create new clients for each operation in Backint * Add `client_endpoint` to Backint proto. * Getting the build number into the version for display * Backint config name change: service_account to service_account_key * Add HANA HA metrics to collection definition. * Fix sorting bug in a diff in apps_discovery_test.go * Add discoverHANATenantDBs to main code path * Change PIPE filemode to WRONLY to allow us to detect broken pipes * Deprecate `sap_system_discovery` config field in favor of `enable_discovery` * Move the validation of whether user passed correct PD, before stopping HANA * Add a placeholder for public doc link with next steps after hanapdrestore workflow has completed * Fix executable path for HDB version command * Add optional param `new-disk-name` to hanapdrestore for users that wish to override the default * Sort the skipmetrics in unit test to avoid order related flakes * Generalizing configure OTE * Discover Netweaver kernel version * Fix Sprintf call * Use SAP System data to determine if HANA HA nodes share the same zone. * hanapdrestore - do not delete PDs in case of failures * Create discoverHANATenantDBs method to support multiple SIDs for HANA tenant DBs * Send additional fields in Data Warehouse WriteInsightRequest * Updating the username parameters for hana pd backup and restore * Retrieve Reliability data every 2 hours instead of 24 * Discover HANA version * Fix import for GitHub build * Add instance properties, and topology information to system data * Keep the device nam and disk name same after restore * Move sapdiscovery package into system package * Changer the default name of the disk created by restore workflow * Updates the generated protobuf go for system.proto * Update generated system proto * Update go.yml * Add topology and instance properties info to SAP System data * Add a check to verify the disk is attached to instance, fail if disk is not attached * Add application and database software properties to system representation * Fix race condition in heartbeat test case * Add error handling to restore workflow to try and keep the HANA system in a clean state on failures * Enable LogToCloud by default for both OTE and Daemon modes * Bump Agent version to 3.0 * Reliability OTE added to SAP Agent * Declare public Get interface for SAP System discovery data * Integration testing for Networkstats Package * Adding project sap-ecs-testing to the list * Adding one time execution for enabling/disabling of features * Change to using custom retries for initial bucket connection * Default collection definition to be fetched from GCS * Add a 2 minute context timeout for initial bucket connection * Add `collection_config_version` as a WLM system metric * Make project, host param optional for hanapdbackup, in addition make user param optional for hanapdrestore * Fix potential nil dereference WLM metrics collection * Add force-stop-hana to restore workflow to forcefully stop HANA when the param is passed * Rename the HANA PD snapshot and restore workflows * Add unit tests for GetProvisionIOps and GetProvisionedThoughput * Remove the TestCollect unit test which relies on nc command which can be flaky in unit tests * Increase Backint timeout for PIPE files to 3 minutes * Add XFS freeze and unfreeze to PD based snapshot ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-823=1 * Public Cloud Module 15-SP2 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2024-823=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2024-823=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-823=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-823=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * google-cloud-sap-agent-3.0-150100.3.23.1 * Public Cloud Module 15-SP2 (aarch64 ppc64le s390x x86_64) * google-cloud-sap-agent-3.0-150100.3.23.1 * Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64) * google-cloud-sap-agent-3.0-150100.3.23.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * google-cloud-sap-agent-3.0-150100.3.23.1 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * google-cloud-sap-agent-3.0-150100.3.23.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1218736 * https://bugzilla.suse.com/show_bug.cgi?id=1218737 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 20:30:04 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 20:30:04 -0000 Subject: SUSE-SU-2024:0824-1: moderate: Security update for cpio Message-ID: <170992980470.8061.8928921502150210288@smelt2.prg2.suse.org> # Security update for cpio Announcement ID: SUSE-SU-2024:0824-1 Rating: moderate References: * bsc#1218571 * bsc#1219238 Cross-References: * CVE-2023-7207 CVSS scores: * CVE-2023-7207 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for cpio fixes the following issues: * CVE-2023-7207: Fixed path traversal vulnerability (bsc#1218571, bsc#1219238) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-824=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-824=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-824=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-824=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-824=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-824=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-824=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-824=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-824=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-824=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * cpio-mt-2.12-150000.3.12.1 * cpio-debugsource-2.12-150000.3.12.1 * cpio-mt-debuginfo-2.12-150000.3.12.1 * cpio-debuginfo-2.12-150000.3.12.1 * cpio-2.12-150000.3.12.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * cpio-lang-2.12-150000.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * cpio-mt-2.12-150000.3.12.1 * cpio-debugsource-2.12-150000.3.12.1 * cpio-mt-debuginfo-2.12-150000.3.12.1 * cpio-debuginfo-2.12-150000.3.12.1 * cpio-2.12-150000.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * cpio-lang-2.12-150000.3.12.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * cpio-mt-2.12-150000.3.12.1 * cpio-debugsource-2.12-150000.3.12.1 * cpio-mt-debuginfo-2.12-150000.3.12.1 * cpio-debuginfo-2.12-150000.3.12.1 * cpio-2.12-150000.3.12.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * cpio-lang-2.12-150000.3.12.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * cpio-mt-2.12-150000.3.12.1 * cpio-debugsource-2.12-150000.3.12.1 * cpio-mt-debuginfo-2.12-150000.3.12.1 * cpio-debuginfo-2.12-150000.3.12.1 * cpio-2.12-150000.3.12.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * cpio-lang-2.12-150000.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * cpio-mt-2.12-150000.3.12.1 * cpio-debugsource-2.12-150000.3.12.1 * cpio-mt-debuginfo-2.12-150000.3.12.1 * cpio-debuginfo-2.12-150000.3.12.1 * cpio-2.12-150000.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * cpio-lang-2.12-150000.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * cpio-mt-2.12-150000.3.12.1 * cpio-debugsource-2.12-150000.3.12.1 * cpio-mt-debuginfo-2.12-150000.3.12.1 * cpio-debuginfo-2.12-150000.3.12.1 * cpio-2.12-150000.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * cpio-lang-2.12-150000.3.12.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * cpio-mt-2.12-150000.3.12.1 * cpio-debugsource-2.12-150000.3.12.1 * cpio-mt-debuginfo-2.12-150000.3.12.1 * cpio-debuginfo-2.12-150000.3.12.1 * cpio-2.12-150000.3.12.1 * SUSE Enterprise Storage 7.1 (noarch) * cpio-lang-2.12-150000.3.12.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * cpio-debuginfo-2.12-150000.3.12.1 * cpio-debugsource-2.12-150000.3.12.1 * cpio-2.12-150000.3.12.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * cpio-debuginfo-2.12-150000.3.12.1 * cpio-debugsource-2.12-150000.3.12.1 * cpio-2.12-150000.3.12.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * cpio-debuginfo-2.12-150000.3.12.1 * cpio-debugsource-2.12-150000.3.12.1 * cpio-2.12-150000.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2023-7207.html * https://bugzilla.suse.com/show_bug.cgi?id=1218571 * https://bugzilla.suse.com/show_bug.cgi?id=1219238 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 8 20:30:02 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 08 Mar 2024 20:30:02 -0000 Subject: SUSE-SU-2024:0825-1: moderate: Security update for cpio Message-ID: <170992980230.8061.10066632165352002466@smelt2.prg2.suse.org> # Security update for cpio Announcement ID: SUSE-SU-2024:0825-1 Rating: moderate References: * bsc#1218571 * bsc#1219238 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has two security fixes can now be installed. ## Description: This update for cpio fixes the following issues: * Fixed cpio not extracting correctly when using --no-absolute-filenames option the security fix for CVE-2023-7207 (bsc#1218571, bsc#1219238) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-825=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-825=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-825=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * cpio-2.11-36.21.1 * cpio-debuginfo-2.11-36.21.1 * cpio-debugsource-2.11-36.21.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * cpio-lang-2.11-36.21.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * cpio-2.11-36.21.1 * cpio-debuginfo-2.11-36.21.1 * cpio-debugsource-2.11-36.21.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * cpio-lang-2.11-36.21.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * cpio-2.11-36.21.1 * cpio-debuginfo-2.11-36.21.1 * cpio-debugsource-2.11-36.21.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * cpio-lang-2.11-36.21.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1218571 * https://bugzilla.suse.com/show_bug.cgi?id=1219238 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 11 08:30:01 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 Mar 2024 08:30:01 -0000 Subject: SUSE-SU-2024:0829-1: important: Security update for tomcat Message-ID: <171014580198.13491.17762845318758327901@smelt2.prg2.suse.org> # Security update for tomcat Announcement ID: SUSE-SU-2024:0829-1 Rating: important References: * bsc#1219023 * bsc#1220503 Cross-References: * CVE-2024-21733 CVSS scores: * CVE-2024-21733 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-21733 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for tomcat fixes the following issues: * CVE-2024-21733: Fixed leaking of unrelated request bodies in default error page (bsc#1219023, bsc#1220503). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-829=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-829=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-829=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * tomcat-lib-9.0.36-3.121.1 * tomcat-docs-webapp-9.0.36-3.121.1 * tomcat-webapps-9.0.36-3.121.1 * tomcat-javadoc-9.0.36-3.121.1 * tomcat-9.0.36-3.121.1 * tomcat-admin-webapps-9.0.36-3.121.1 * tomcat-el-3_0-api-9.0.36-3.121.1 * tomcat-servlet-4_0-api-9.0.36-3.121.1 * tomcat-jsp-2_3-api-9.0.36-3.121.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * tomcat-lib-9.0.36-3.121.1 * tomcat-docs-webapp-9.0.36-3.121.1 * tomcat-webapps-9.0.36-3.121.1 * tomcat-javadoc-9.0.36-3.121.1 * tomcat-9.0.36-3.121.1 * tomcat-admin-webapps-9.0.36-3.121.1 * tomcat-el-3_0-api-9.0.36-3.121.1 * tomcat-servlet-4_0-api-9.0.36-3.121.1 * tomcat-jsp-2_3-api-9.0.36-3.121.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * tomcat-lib-9.0.36-3.121.1 * tomcat-docs-webapp-9.0.36-3.121.1 * tomcat-webapps-9.0.36-3.121.1 * tomcat-javadoc-9.0.36-3.121.1 * tomcat-9.0.36-3.121.1 * tomcat-admin-webapps-9.0.36-3.121.1 * tomcat-el-3_0-api-9.0.36-3.121.1 * tomcat-servlet-4_0-api-9.0.36-3.121.1 * tomcat-jsp-2_3-api-9.0.36-3.121.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21733.html * https://bugzilla.suse.com/show_bug.cgi?id=1219023 * https://bugzilla.suse.com/show_bug.cgi?id=1220503 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 11 08:30:03 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 Mar 2024 08:30:03 -0000 Subject: SUSE-RU-2024:0828-1: moderate: Recommended update for ant-contrib Message-ID: <171014580358.13491.7147205119237262974@smelt2.prg2.suse.org> # Recommended update for ant-contrib Announcement ID: SUSE-RU-2024:0828-1 Rating: moderate References: Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that can now be installed. ## Description: This update for ant-contrib fixes the following issues: ant: * Fix unit tests annotated with @CsvSource and @CsvFileSource) ant-contrib: * Recompile RPM package to resolve package building issues with newer versions of `ant` ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-828=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-828=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-828=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-828=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-828=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-828=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-828=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-828=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-828=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-828=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-828=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-828=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-828=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-828=1 ## Package List: * openSUSE Leap 15.5 (noarch) * ant-scripts-1.10.14-150200.4.22.1 * ant-jakartamail-1.10.14-150200.4.22.1 * ant-swing-1.10.14-150200.4.22.1 * ant-apache-resolver-1.10.14-150200.4.22.1 * ant-jmf-1.10.14-150200.4.22.1 * ant-jsch-1.10.14-150200.4.22.1 * ant-apache-oro-1.10.14-150200.4.22.1 * ant-contrib-1.0b3-150200.11.15.2 * ant-jdepend-1.10.14-150200.4.22.1 * ant-testutil-1.10.14-150200.4.22.1 * ant-antlr-1.10.14-150200.4.22.1 * ant-xz-1.10.14-150200.4.22.1 * ant-imageio-1.10.14-150200.4.22.1 * ant-apache-log4j-1.10.14-150200.4.22.1 * ant-apache-bsf-1.10.14-150200.4.22.1 * ant-manual-1.10.14-150200.4.22.1 * ant-junit-1.10.14-150200.4.22.1 * ant-commons-net-1.10.14-150200.4.22.1 * ant-apache-regexp-1.10.14-150200.4.22.1 * ant-contrib-javadoc-1.0b3-150200.11.15.2 * ant-1.10.14-150200.4.22.1 * ant-contrib-manual-1.0b3-150200.11.15.2 * ant-javamail-1.10.14-150200.4.22.1 * ant-junit5-1.10.14-150200.4.22.1 * ant-apache-bcel-1.10.14-150200.4.22.1 * ant-apache-xalan2-1.10.14-150200.4.22.1 * ant-commons-logging-1.10.14-150200.4.22.1 * Development Tools Module 15-SP5 (noarch) * ant-scripts-1.10.14-150200.4.22.1 * ant-jakartamail-1.10.14-150200.4.22.1 * ant-swing-1.10.14-150200.4.22.1 * ant-apache-oro-1.10.14-150200.4.22.1 * ant-apache-regexp-1.10.14-150200.4.22.1 * ant-contrib-1.0b3-150200.11.15.2 * ant-apache-log4j-1.10.14-150200.4.22.1 * ant-apache-bsf-1.10.14-150200.4.22.1 * ant-jdepend-1.10.14-150200.4.22.1 * ant-1.10.14-150200.4.22.1 * ant-antlr-1.10.14-150200.4.22.1 * ant-javamail-1.10.14-150200.4.22.1 * ant-apache-resolver-1.10.14-150200.4.22.1 * ant-jmf-1.10.14-150200.4.22.1 * ant-apache-bcel-1.10.14-150200.4.22.1 * ant-manual-1.10.14-150200.4.22.1 * ant-junit-1.10.14-150200.4.22.1 * ant-commons-logging-1.10.14-150200.4.22.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * ant-scripts-1.10.14-150200.4.22.1 * ant-jakartamail-1.10.14-150200.4.22.1 * ant-swing-1.10.14-150200.4.22.1 * ant-apache-oro-1.10.14-150200.4.22.1 * ant-apache-regexp-1.10.14-150200.4.22.1 * ant-contrib-1.0b3-150200.11.15.2 * ant-apache-log4j-1.10.14-150200.4.22.1 * ant-apache-bsf-1.10.14-150200.4.22.1 * ant-jdepend-1.10.14-150200.4.22.1 * ant-1.10.14-150200.4.22.1 * ant-antlr-1.10.14-150200.4.22.1 * ant-javamail-1.10.14-150200.4.22.1 * ant-apache-resolver-1.10.14-150200.4.22.1 * ant-jmf-1.10.14-150200.4.22.1 * ant-apache-bcel-1.10.14-150200.4.22.1 * ant-manual-1.10.14-150200.4.22.1 * ant-junit-1.10.14-150200.4.22.1 * ant-commons-logging-1.10.14-150200.4.22.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * ant-scripts-1.10.14-150200.4.22.1 * ant-jakartamail-1.10.14-150200.4.22.1 * ant-swing-1.10.14-150200.4.22.1 * ant-apache-oro-1.10.14-150200.4.22.1 * ant-apache-regexp-1.10.14-150200.4.22.1 * ant-contrib-1.0b3-150200.11.15.2 * ant-apache-log4j-1.10.14-150200.4.22.1 * ant-apache-bsf-1.10.14-150200.4.22.1 * ant-jdepend-1.10.14-150200.4.22.1 * ant-1.10.14-150200.4.22.1 * ant-antlr-1.10.14-150200.4.22.1 * ant-javamail-1.10.14-150200.4.22.1 * ant-apache-resolver-1.10.14-150200.4.22.1 * ant-jmf-1.10.14-150200.4.22.1 * ant-apache-bcel-1.10.14-150200.4.22.1 * ant-manual-1.10.14-150200.4.22.1 * ant-junit-1.10.14-150200.4.22.1 * ant-commons-logging-1.10.14-150200.4.22.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * ant-scripts-1.10.14-150200.4.22.1 * ant-jakartamail-1.10.14-150200.4.22.1 * ant-swing-1.10.14-150200.4.22.1 * ant-apache-oro-1.10.14-150200.4.22.1 * ant-apache-regexp-1.10.14-150200.4.22.1 * ant-contrib-1.0b3-150200.11.15.2 * ant-apache-log4j-1.10.14-150200.4.22.1 * ant-apache-bsf-1.10.14-150200.4.22.1 * ant-jdepend-1.10.14-150200.4.22.1 * ant-1.10.14-150200.4.22.1 * ant-antlr-1.10.14-150200.4.22.1 * ant-javamail-1.10.14-150200.4.22.1 * ant-apache-resolver-1.10.14-150200.4.22.1 * ant-jmf-1.10.14-150200.4.22.1 * ant-apache-bcel-1.10.14-150200.4.22.1 * ant-manual-1.10.14-150200.4.22.1 * ant-junit-1.10.14-150200.4.22.1 * ant-commons-logging-1.10.14-150200.4.22.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * ant-scripts-1.10.14-150200.4.22.1 * ant-jakartamail-1.10.14-150200.4.22.1 * ant-swing-1.10.14-150200.4.22.1 * ant-apache-oro-1.10.14-150200.4.22.1 * ant-apache-regexp-1.10.14-150200.4.22.1 * ant-contrib-1.0b3-150200.11.15.2 * ant-apache-log4j-1.10.14-150200.4.22.1 * ant-apache-bsf-1.10.14-150200.4.22.1 * ant-jdepend-1.10.14-150200.4.22.1 * ant-1.10.14-150200.4.22.1 * ant-antlr-1.10.14-150200.4.22.1 * ant-javamail-1.10.14-150200.4.22.1 * ant-apache-resolver-1.10.14-150200.4.22.1 * ant-jmf-1.10.14-150200.4.22.1 * ant-apache-bcel-1.10.14-150200.4.22.1 * ant-manual-1.10.14-150200.4.22.1 * ant-junit-1.10.14-150200.4.22.1 * ant-commons-logging-1.10.14-150200.4.22.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * ant-scripts-1.10.14-150200.4.22.1 * ant-jakartamail-1.10.14-150200.4.22.1 * ant-swing-1.10.14-150200.4.22.1 * ant-apache-oro-1.10.14-150200.4.22.1 * ant-apache-regexp-1.10.14-150200.4.22.1 * ant-contrib-1.0b3-150200.11.15.2 * ant-apache-log4j-1.10.14-150200.4.22.1 * ant-apache-bsf-1.10.14-150200.4.22.1 * ant-jdepend-1.10.14-150200.4.22.1 * ant-1.10.14-150200.4.22.1 * ant-antlr-1.10.14-150200.4.22.1 * ant-javamail-1.10.14-150200.4.22.1 * ant-apache-resolver-1.10.14-150200.4.22.1 * ant-jmf-1.10.14-150200.4.22.1 * ant-apache-bcel-1.10.14-150200.4.22.1 * ant-manual-1.10.14-150200.4.22.1 * ant-junit-1.10.14-150200.4.22.1 * ant-commons-logging-1.10.14-150200.4.22.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * ant-scripts-1.10.14-150200.4.22.1 * ant-jakartamail-1.10.14-150200.4.22.1 * ant-swing-1.10.14-150200.4.22.1 * ant-apache-oro-1.10.14-150200.4.22.1 * ant-apache-regexp-1.10.14-150200.4.22.1 * ant-contrib-1.0b3-150200.11.15.2 * ant-apache-log4j-1.10.14-150200.4.22.1 * ant-apache-bsf-1.10.14-150200.4.22.1 * ant-jdepend-1.10.14-150200.4.22.1 * ant-1.10.14-150200.4.22.1 * ant-antlr-1.10.14-150200.4.22.1 * ant-javamail-1.10.14-150200.4.22.1 * ant-apache-resolver-1.10.14-150200.4.22.1 * ant-jmf-1.10.14-150200.4.22.1 * ant-apache-bcel-1.10.14-150200.4.22.1 * ant-manual-1.10.14-150200.4.22.1 * ant-junit-1.10.14-150200.4.22.1 * ant-commons-logging-1.10.14-150200.4.22.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * ant-scripts-1.10.14-150200.4.22.1 * ant-jakartamail-1.10.14-150200.4.22.1 * ant-swing-1.10.14-150200.4.22.1 * ant-apache-oro-1.10.14-150200.4.22.1 * ant-apache-regexp-1.10.14-150200.4.22.1 * ant-contrib-1.0b3-150200.11.15.2 * ant-apache-log4j-1.10.14-150200.4.22.1 * ant-apache-bsf-1.10.14-150200.4.22.1 * ant-jdepend-1.10.14-150200.4.22.1 * ant-1.10.14-150200.4.22.1 * ant-antlr-1.10.14-150200.4.22.1 * ant-javamail-1.10.14-150200.4.22.1 * ant-apache-resolver-1.10.14-150200.4.22.1 * ant-jmf-1.10.14-150200.4.22.1 * ant-apache-bcel-1.10.14-150200.4.22.1 * ant-manual-1.10.14-150200.4.22.1 * ant-junit-1.10.14-150200.4.22.1 * ant-commons-logging-1.10.14-150200.4.22.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * ant-scripts-1.10.14-150200.4.22.1 * ant-jakartamail-1.10.14-150200.4.22.1 * ant-swing-1.10.14-150200.4.22.1 * ant-apache-oro-1.10.14-150200.4.22.1 * ant-apache-regexp-1.10.14-150200.4.22.1 * ant-contrib-1.0b3-150200.11.15.2 * ant-apache-log4j-1.10.14-150200.4.22.1 * ant-apache-bsf-1.10.14-150200.4.22.1 * ant-jdepend-1.10.14-150200.4.22.1 * ant-1.10.14-150200.4.22.1 * ant-antlr-1.10.14-150200.4.22.1 * ant-javamail-1.10.14-150200.4.22.1 * ant-apache-resolver-1.10.14-150200.4.22.1 * ant-jmf-1.10.14-150200.4.22.1 * ant-apache-bcel-1.10.14-150200.4.22.1 * ant-manual-1.10.14-150200.4.22.1 * ant-junit-1.10.14-150200.4.22.1 * ant-commons-logging-1.10.14-150200.4.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * ant-scripts-1.10.14-150200.4.22.1 * ant-jakartamail-1.10.14-150200.4.22.1 * ant-swing-1.10.14-150200.4.22.1 * ant-apache-oro-1.10.14-150200.4.22.1 * ant-apache-regexp-1.10.14-150200.4.22.1 * ant-contrib-1.0b3-150200.11.15.2 * ant-apache-log4j-1.10.14-150200.4.22.1 * ant-apache-bsf-1.10.14-150200.4.22.1 * ant-jdepend-1.10.14-150200.4.22.1 * ant-1.10.14-150200.4.22.1 * ant-antlr-1.10.14-150200.4.22.1 * ant-javamail-1.10.14-150200.4.22.1 * ant-apache-resolver-1.10.14-150200.4.22.1 * ant-jmf-1.10.14-150200.4.22.1 * ant-apache-bcel-1.10.14-150200.4.22.1 * ant-manual-1.10.14-150200.4.22.1 * ant-junit-1.10.14-150200.4.22.1 * ant-commons-logging-1.10.14-150200.4.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * ant-scripts-1.10.14-150200.4.22.1 * ant-jakartamail-1.10.14-150200.4.22.1 * ant-swing-1.10.14-150200.4.22.1 * ant-apache-oro-1.10.14-150200.4.22.1 * ant-apache-regexp-1.10.14-150200.4.22.1 * ant-contrib-1.0b3-150200.11.15.2 * ant-apache-log4j-1.10.14-150200.4.22.1 * ant-apache-bsf-1.10.14-150200.4.22.1 * ant-jdepend-1.10.14-150200.4.22.1 * ant-1.10.14-150200.4.22.1 * ant-antlr-1.10.14-150200.4.22.1 * ant-javamail-1.10.14-150200.4.22.1 * ant-apache-resolver-1.10.14-150200.4.22.1 * ant-jmf-1.10.14-150200.4.22.1 * ant-apache-bcel-1.10.14-150200.4.22.1 * ant-manual-1.10.14-150200.4.22.1 * ant-junit-1.10.14-150200.4.22.1 * ant-commons-logging-1.10.14-150200.4.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * ant-scripts-1.10.14-150200.4.22.1 * ant-jakartamail-1.10.14-150200.4.22.1 * ant-swing-1.10.14-150200.4.22.1 * ant-apache-oro-1.10.14-150200.4.22.1 * ant-apache-regexp-1.10.14-150200.4.22.1 * ant-contrib-1.0b3-150200.11.15.2 * ant-apache-log4j-1.10.14-150200.4.22.1 * ant-apache-bsf-1.10.14-150200.4.22.1 * ant-jdepend-1.10.14-150200.4.22.1 * ant-1.10.14-150200.4.22.1 * ant-antlr-1.10.14-150200.4.22.1 * ant-javamail-1.10.14-150200.4.22.1 * ant-apache-resolver-1.10.14-150200.4.22.1 * ant-jmf-1.10.14-150200.4.22.1 * ant-apache-bcel-1.10.14-150200.4.22.1 * ant-manual-1.10.14-150200.4.22.1 * ant-junit-1.10.14-150200.4.22.1 * ant-commons-logging-1.10.14-150200.4.22.1 * SUSE Enterprise Storage 7.1 (noarch) * ant-scripts-1.10.14-150200.4.22.1 * ant-jakartamail-1.10.14-150200.4.22.1 * ant-swing-1.10.14-150200.4.22.1 * ant-apache-oro-1.10.14-150200.4.22.1 * ant-apache-regexp-1.10.14-150200.4.22.1 * ant-contrib-1.0b3-150200.11.15.2 * ant-apache-log4j-1.10.14-150200.4.22.1 * ant-apache-bsf-1.10.14-150200.4.22.1 * ant-jdepend-1.10.14-150200.4.22.1 * ant-1.10.14-150200.4.22.1 * ant-antlr-1.10.14-150200.4.22.1 * ant-javamail-1.10.14-150200.4.22.1 * ant-apache-resolver-1.10.14-150200.4.22.1 * ant-jmf-1.10.14-150200.4.22.1 * ant-apache-bcel-1.10.14-150200.4.22.1 * ant-manual-1.10.14-150200.4.22.1 * ant-junit-1.10.14-150200.4.22.1 * ant-commons-logging-1.10.14-150200.4.22.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 11 08:30:05 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 Mar 2024 08:30:05 -0000 Subject: SUSE-RU-2024:0827-1: moderate: Recommended update for tomcat Message-ID: <171014580536.13491.10067264922397844217@smelt2.prg2.suse.org> # Recommended update for tomcat Announcement ID: SUSE-RU-2024:0827-1 Rating: moderate References: * bsc#1219530 Affected Products: * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Server 4.3 * Web and Scripting Module 15-SP5 An update that has one fix can now be installed. ## Description: This update for tomcat fixes the following issues: * Added dependencies on tomcat `user` and `group`, required by RPM 4.19 (bsc#1219530) * Link ecj.jar into the install instead of copying it ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-827=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-827=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-827=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-827=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-827=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-827=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-827=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-827=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-827=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-827=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-827=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-827=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-827=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-827=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * tomcat-servlet-4_0-api-9.0.85-150200.60.1 * tomcat-webapps-9.0.85-150200.60.1 * tomcat-9.0.85-150200.60.1 * tomcat-el-3_0-api-9.0.85-150200.60.1 * tomcat-jsp-2_3-api-9.0.85-150200.60.1 * tomcat-admin-webapps-9.0.85-150200.60.1 * tomcat-lib-9.0.85-150200.60.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * tomcat-servlet-4_0-api-9.0.85-150200.60.1 * tomcat-webapps-9.0.85-150200.60.1 * tomcat-9.0.85-150200.60.1 * tomcat-el-3_0-api-9.0.85-150200.60.1 * tomcat-jsp-2_3-api-9.0.85-150200.60.1 * tomcat-admin-webapps-9.0.85-150200.60.1 * tomcat-lib-9.0.85-150200.60.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * tomcat-servlet-4_0-api-9.0.85-150200.60.1 * tomcat-webapps-9.0.85-150200.60.1 * tomcat-9.0.85-150200.60.1 * tomcat-el-3_0-api-9.0.85-150200.60.1 * tomcat-jsp-2_3-api-9.0.85-150200.60.1 * tomcat-admin-webapps-9.0.85-150200.60.1 * tomcat-lib-9.0.85-150200.60.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * tomcat-servlet-4_0-api-9.0.85-150200.60.1 * tomcat-webapps-9.0.85-150200.60.1 * tomcat-9.0.85-150200.60.1 * tomcat-el-3_0-api-9.0.85-150200.60.1 * tomcat-jsp-2_3-api-9.0.85-150200.60.1 * tomcat-admin-webapps-9.0.85-150200.60.1 * tomcat-lib-9.0.85-150200.60.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * tomcat-servlet-4_0-api-9.0.85-150200.60.1 * tomcat-webapps-9.0.85-150200.60.1 * tomcat-9.0.85-150200.60.1 * tomcat-el-3_0-api-9.0.85-150200.60.1 * tomcat-jsp-2_3-api-9.0.85-150200.60.1 * tomcat-admin-webapps-9.0.85-150200.60.1 * tomcat-lib-9.0.85-150200.60.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * tomcat-servlet-4_0-api-9.0.85-150200.60.1 * tomcat-webapps-9.0.85-150200.60.1 * tomcat-9.0.85-150200.60.1 * tomcat-el-3_0-api-9.0.85-150200.60.1 * tomcat-jsp-2_3-api-9.0.85-150200.60.1 * tomcat-admin-webapps-9.0.85-150200.60.1 * tomcat-lib-9.0.85-150200.60.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * tomcat-servlet-4_0-api-9.0.85-150200.60.1 * tomcat-webapps-9.0.85-150200.60.1 * tomcat-9.0.85-150200.60.1 * tomcat-el-3_0-api-9.0.85-150200.60.1 * tomcat-jsp-2_3-api-9.0.85-150200.60.1 * tomcat-admin-webapps-9.0.85-150200.60.1 * tomcat-lib-9.0.85-150200.60.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * tomcat-servlet-4_0-api-9.0.85-150200.60.1 * tomcat-webapps-9.0.85-150200.60.1 * tomcat-9.0.85-150200.60.1 * tomcat-el-3_0-api-9.0.85-150200.60.1 * tomcat-jsp-2_3-api-9.0.85-150200.60.1 * tomcat-admin-webapps-9.0.85-150200.60.1 * tomcat-lib-9.0.85-150200.60.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * tomcat-servlet-4_0-api-9.0.85-150200.60.1 * tomcat-webapps-9.0.85-150200.60.1 * tomcat-9.0.85-150200.60.1 * tomcat-el-3_0-api-9.0.85-150200.60.1 * tomcat-jsp-2_3-api-9.0.85-150200.60.1 * tomcat-admin-webapps-9.0.85-150200.60.1 * tomcat-lib-9.0.85-150200.60.1 * SUSE Manager Server 4.3 (noarch) * tomcat-servlet-4_0-api-9.0.85-150200.60.1 * tomcat-webapps-9.0.85-150200.60.1 * tomcat-9.0.85-150200.60.1 * tomcat-el-3_0-api-9.0.85-150200.60.1 * tomcat-jsp-2_3-api-9.0.85-150200.60.1 * tomcat-admin-webapps-9.0.85-150200.60.1 * tomcat-lib-9.0.85-150200.60.1 * SUSE Enterprise Storage 7.1 (noarch) * tomcat-servlet-4_0-api-9.0.85-150200.60.1 * tomcat-webapps-9.0.85-150200.60.1 * tomcat-9.0.85-150200.60.1 * tomcat-el-3_0-api-9.0.85-150200.60.1 * tomcat-jsp-2_3-api-9.0.85-150200.60.1 * tomcat-admin-webapps-9.0.85-150200.60.1 * tomcat-lib-9.0.85-150200.60.1 * openSUSE Leap 15.5 (noarch) * tomcat-servlet-4_0-api-9.0.85-150200.60.1 * tomcat-webapps-9.0.85-150200.60.1 * tomcat-embed-9.0.85-150200.60.1 * tomcat-9.0.85-150200.60.1 * tomcat-javadoc-9.0.85-150200.60.1 * tomcat-jsvc-9.0.85-150200.60.1 * tomcat-docs-webapp-9.0.85-150200.60.1 * tomcat-el-3_0-api-9.0.85-150200.60.1 * tomcat-jsp-2_3-api-9.0.85-150200.60.1 * tomcat-admin-webapps-9.0.85-150200.60.1 * tomcat-lib-9.0.85-150200.60.1 * Web and Scripting Module 15-SP5 (noarch) * tomcat-servlet-4_0-api-9.0.85-150200.60.1 * tomcat-webapps-9.0.85-150200.60.1 * tomcat-9.0.85-150200.60.1 * tomcat-el-3_0-api-9.0.85-150200.60.1 * tomcat-jsp-2_3-api-9.0.85-150200.60.1 * tomcat-admin-webapps-9.0.85-150200.60.1 * tomcat-lib-9.0.85-150200.60.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * tomcat-servlet-4_0-api-9.0.85-150200.60.1 * tomcat-webapps-9.0.85-150200.60.1 * tomcat-9.0.85-150200.60.1 * tomcat-el-3_0-api-9.0.85-150200.60.1 * tomcat-jsp-2_3-api-9.0.85-150200.60.1 * tomcat-admin-webapps-9.0.85-150200.60.1 * tomcat-lib-9.0.85-150200.60.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219530 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 11 08:30:07 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 Mar 2024 08:30:07 -0000 Subject: SUSE-RU-2024:0826-1: moderate: Recommended update for tomcat10 Message-ID: <171014580700.13491.9526280212849876471@smelt2.prg2.suse.org> # Recommended update for tomcat10 Announcement ID: SUSE-RU-2024:0826-1 Rating: moderate References: * bsc#1219530 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * Web and Scripting Module 15-SP5 An update that has one fix can now be installed. ## Description: This update for tomcat10 fixes the following issues: * Added dependencies on tomcat `user` and `group`, required by RPM 4.19 (bsc#1219530) * Link ecj.jar into the install instead of copying it ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-826=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-826=1 ## Package List: * openSUSE Leap 15.5 (noarch) * tomcat10-jsp-3_1-api-10.1.18-150200.5.14.1 * tomcat10-admin-webapps-10.1.18-150200.5.14.1 * tomcat10-embed-10.1.18-150200.5.14.1 * tomcat10-docs-webapp-10.1.18-150200.5.14.1 * tomcat10-webapps-10.1.18-150200.5.14.1 * tomcat10-lib-10.1.18-150200.5.14.1 * tomcat10-el-5_0-api-10.1.18-150200.5.14.1 * tomcat10-10.1.18-150200.5.14.1 * tomcat10-servlet-6_0-api-10.1.18-150200.5.14.1 * tomcat10-jsvc-10.1.18-150200.5.14.1 * Web and Scripting Module 15-SP5 (noarch) * tomcat10-jsp-3_1-api-10.1.18-150200.5.14.1 * tomcat10-admin-webapps-10.1.18-150200.5.14.1 * tomcat10-webapps-10.1.18-150200.5.14.1 * tomcat10-lib-10.1.18-150200.5.14.1 * tomcat10-el-5_0-api-10.1.18-150200.5.14.1 * tomcat10-10.1.18-150200.5.14.1 * tomcat10-servlet-6_0-api-10.1.18-150200.5.14.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219530 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 11 12:30:01 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 Mar 2024 12:30:01 -0000 Subject: SUSE-SU-2024:0833-1: moderate: Security update for openssl-1_1 Message-ID: <171016020188.19251.3112614530445458793@smelt2.prg2.suse.org> # Security update for openssl-1_1 Announcement ID: SUSE-SU-2024:0833-1 Rating: moderate References: * bsc#1219243 Cross-References: * CVE-2024-0727 CVSS scores: * CVE-2024-0727 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-0727 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-1_1 fixes the following issues: * CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file (bsc#1219243). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-833=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-833=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-833=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-833=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-833=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-833=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-833=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-833=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-833=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-833=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-833=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-833=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-833=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-833=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-833=1 ## Package List: * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libopenssl-1_1-devel-1.1.1l-150400.7.63.1 * libopenssl1_1-1.1.1l-150400.7.63.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-1.1.1l-150400.7.63.1 * openssl-1_1-debugsource-1.1.1l-150400.7.63.1 * openssl-1_1-1.1.1l-150400.7.63.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.63.1 * SUSE Manager Server 4.3 (x86_64) * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.63.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libopenssl-1_1-devel-1.1.1l-150400.7.63.1 * libopenssl1_1-1.1.1l-150400.7.63.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-1.1.1l-150400.7.63.1 * openssl-1_1-debugsource-1.1.1l-150400.7.63.1 * openssl-1_1-1.1.1l-150400.7.63.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.63.1 * openSUSE Leap 15.4 (x86_64) * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.63.1 * openSUSE Leap 15.4 (noarch) * openssl-1_1-doc-1.1.1l-150400.7.63.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libopenssl1_1-hmac-64bit-1.1.1l-150400.7.63.1 * libopenssl1_1-64bit-1.1.1l-150400.7.63.1 * libopenssl1_1-64bit-debuginfo-1.1.1l-150400.7.63.1 * libopenssl-1_1-devel-64bit-1.1.1l-150400.7.63.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * libopenssl-1_1-devel-1.1.1l-150400.7.63.1 * libopenssl1_1-1.1.1l-150400.7.63.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-1.1.1l-150400.7.63.1 * openssl-1_1-debugsource-1.1.1l-150400.7.63.1 * openssl-1_1-1.1.1l-150400.7.63.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.63.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * libopenssl-1_1-devel-1.1.1l-150400.7.63.1 * libopenssl1_1-1.1.1l-150400.7.63.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-1.1.1l-150400.7.63.1 * openssl-1_1-debugsource-1.1.1l-150400.7.63.1 * openssl-1_1-1.1.1l-150400.7.63.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.63.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libopenssl-1_1-devel-1.1.1l-150400.7.63.1 * libopenssl1_1-1.1.1l-150400.7.63.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-1.1.1l-150400.7.63.1 * openssl-1_1-debugsource-1.1.1l-150400.7.63.1 * openssl-1_1-1.1.1l-150400.7.63.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.63.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libopenssl-1_1-devel-1.1.1l-150400.7.63.1 * libopenssl1_1-1.1.1l-150400.7.63.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-1.1.1l-150400.7.63.1 * openssl-1_1-debugsource-1.1.1l-150400.7.63.1 * openssl-1_1-1.1.1l-150400.7.63.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.63.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libopenssl-1_1-devel-1.1.1l-150400.7.63.1 * libopenssl1_1-1.1.1l-150400.7.63.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-1.1.1l-150400.7.63.1 * openssl-1_1-debugsource-1.1.1l-150400.7.63.1 * openssl-1_1-1.1.1l-150400.7.63.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.63.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libopenssl-1_1-devel-1.1.1l-150400.7.63.1 * libopenssl1_1-1.1.1l-150400.7.63.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-1.1.1l-150400.7.63.1 * openssl-1_1-debugsource-1.1.1l-150400.7.63.1 * openssl-1_1-1.1.1l-150400.7.63.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.63.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libopenssl-1_1-devel-1.1.1l-150400.7.63.1 * libopenssl1_1-1.1.1l-150400.7.63.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-1.1.1l-150400.7.63.1 * openssl-1_1-debugsource-1.1.1l-150400.7.63.1 * openssl-1_1-1.1.1l-150400.7.63.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.63.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.63.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libopenssl-1_1-devel-1.1.1l-150400.7.63.1 * libopenssl1_1-1.1.1l-150400.7.63.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-1.1.1l-150400.7.63.1 * openssl-1_1-debugsource-1.1.1l-150400.7.63.1 * openssl-1_1-1.1.1l-150400.7.63.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.63.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.63.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.63.1 * libopenssl-1_1-devel-1.1.1l-150400.7.63.1 * libopenssl1_1-1.1.1l-150400.7.63.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.63.1 * libopenssl1_1-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.63.1 * openssl-1_1-debugsource-1.1.1l-150400.7.63.1 * openssl-1_1-1.1.1l-150400.7.63.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.63.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.63.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libopenssl-1_1-devel-1.1.1l-150400.7.63.1 * libopenssl1_1-1.1.1l-150400.7.63.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-1.1.1l-150400.7.63.1 * openssl-1_1-debugsource-1.1.1l-150400.7.63.1 * openssl-1_1-1.1.1l-150400.7.63.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.63.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.63.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libopenssl-1_1-devel-1.1.1l-150400.7.63.1 * libopenssl1_1-1.1.1l-150400.7.63.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-1.1.1l-150400.7.63.1 * openssl-1_1-debugsource-1.1.1l-150400.7.63.1 * openssl-1_1-1.1.1l-150400.7.63.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.63.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.63.1 * SUSE Manager Proxy 4.3 (x86_64) * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.63.1 * libopenssl-1_1-devel-1.1.1l-150400.7.63.1 * libopenssl1_1-1.1.1l-150400.7.63.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.63.1 * libopenssl1_1-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.63.1 * openssl-1_1-debugsource-1.1.1l-150400.7.63.1 * openssl-1_1-1.1.1l-150400.7.63.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.63.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.63.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.63.1 * libopenssl-1_1-devel-1.1.1l-150400.7.63.1 * libopenssl1_1-1.1.1l-150400.7.63.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.63.1 * libopenssl1_1-32bit-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-1.1.1l-150400.7.63.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.63.1 * openssl-1_1-debugsource-1.1.1l-150400.7.63.1 * openssl-1_1-1.1.1l-150400.7.63.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.63.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.63.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0727.html * https://bugzilla.suse.com/show_bug.cgi?id=1219243 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 11 12:30:04 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 Mar 2024 12:30:04 -0000 Subject: SUSE-SU-2024:0832-1: moderate: Security update for openssl-1_1 Message-ID: <171016020437.19251.4943137059939910630@smelt2.prg2.suse.org> # Security update for openssl-1_1 Announcement ID: SUSE-SU-2024:0832-1 Rating: moderate References: * bsc#1219243 Cross-References: * CVE-2024-0727 CVSS scores: * CVE-2024-0727 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-0727 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-1_1 fixes the following issues: * CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file (bsc#1219243). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-832=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-832=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-832=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-832=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-832=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-832=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-832=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-832=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-832=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-832=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libopenssl-1_1-devel-1.1.1d-150200.11.85.1 * openssl-1_1-1.1.1d-150200.11.85.1 * libopenssl1_1-debuginfo-1.1.1d-150200.11.85.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.85.1 * openssl-1_1-debugsource-1.1.1d-150200.11.85.1 * libopenssl1_1-1.1.1d-150200.11.85.1 * libopenssl1_1-hmac-1.1.1d-150200.11.85.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.85.1 * libopenssl1_1-32bit-1.1.1d-150200.11.85.1 * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.85.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libopenssl-1_1-devel-1.1.1d-150200.11.85.1 * openssl-1_1-1.1.1d-150200.11.85.1 * libopenssl1_1-debuginfo-1.1.1d-150200.11.85.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.85.1 * openssl-1_1-debugsource-1.1.1d-150200.11.85.1 * libopenssl1_1-1.1.1d-150200.11.85.1 * libopenssl1_1-hmac-1.1.1d-150200.11.85.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * openssl-1_1-doc-1.1.1d-150200.11.85.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.85.1 * libopenssl1_1-32bit-1.1.1d-150200.11.85.1 * libopenssl-1_1-devel-32bit-1.1.1d-150200.11.85.1 * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.85.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libopenssl-1_1-devel-1.1.1d-150200.11.85.1 * openssl-1_1-1.1.1d-150200.11.85.1 * libopenssl1_1-debuginfo-1.1.1d-150200.11.85.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.85.1 * openssl-1_1-debugsource-1.1.1d-150200.11.85.1 * libopenssl1_1-1.1.1d-150200.11.85.1 * libopenssl1_1-hmac-1.1.1d-150200.11.85.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.85.1 * libopenssl1_1-32bit-1.1.1d-150200.11.85.1 * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.85.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libopenssl-1_1-devel-1.1.1d-150200.11.85.1 * openssl-1_1-1.1.1d-150200.11.85.1 * libopenssl1_1-debuginfo-1.1.1d-150200.11.85.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.85.1 * openssl-1_1-debugsource-1.1.1d-150200.11.85.1 * libopenssl1_1-1.1.1d-150200.11.85.1 * libopenssl1_1-hmac-1.1.1d-150200.11.85.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * openssl-1_1-doc-1.1.1d-150200.11.85.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.85.1 * libopenssl1_1-32bit-1.1.1d-150200.11.85.1 * libopenssl-1_1-devel-32bit-1.1.1d-150200.11.85.1 * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.85.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libopenssl-1_1-devel-1.1.1d-150200.11.85.1 * openssl-1_1-1.1.1d-150200.11.85.1 * libopenssl1_1-debuginfo-1.1.1d-150200.11.85.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.85.1 * openssl-1_1-debugsource-1.1.1d-150200.11.85.1 * libopenssl1_1-1.1.1d-150200.11.85.1 * libopenssl1_1-hmac-1.1.1d-150200.11.85.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.85.1 * libopenssl1_1-32bit-1.1.1d-150200.11.85.1 * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.85.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libopenssl-1_1-devel-1.1.1d-150200.11.85.1 * openssl-1_1-1.1.1d-150200.11.85.1 * libopenssl1_1-debuginfo-1.1.1d-150200.11.85.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.85.1 * openssl-1_1-debugsource-1.1.1d-150200.11.85.1 * libopenssl1_1-1.1.1d-150200.11.85.1 * libopenssl1_1-hmac-1.1.1d-150200.11.85.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * openssl-1_1-doc-1.1.1d-150200.11.85.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.85.1 * libopenssl1_1-32bit-1.1.1d-150200.11.85.1 * libopenssl-1_1-devel-32bit-1.1.1d-150200.11.85.1 * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.85.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libopenssl-1_1-devel-1.1.1d-150200.11.85.1 * openssl-1_1-1.1.1d-150200.11.85.1 * libopenssl1_1-debuginfo-1.1.1d-150200.11.85.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.85.1 * openssl-1_1-debugsource-1.1.1d-150200.11.85.1 * libopenssl1_1-1.1.1d-150200.11.85.1 * libopenssl1_1-hmac-1.1.1d-150200.11.85.1 * SUSE Enterprise Storage 7.1 (noarch) * openssl-1_1-doc-1.1.1d-150200.11.85.1 * SUSE Enterprise Storage 7.1 (x86_64) * libopenssl1_1-32bit-debuginfo-1.1.1d-150200.11.85.1 * libopenssl1_1-32bit-1.1.1d-150200.11.85.1 * libopenssl-1_1-devel-32bit-1.1.1d-150200.11.85.1 * libopenssl1_1-hmac-32bit-1.1.1d-150200.11.85.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libopenssl-1_1-devel-1.1.1d-150200.11.85.1 * openssl-1_1-1.1.1d-150200.11.85.1 * libopenssl1_1-debuginfo-1.1.1d-150200.11.85.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.85.1 * openssl-1_1-debugsource-1.1.1d-150200.11.85.1 * libopenssl1_1-1.1.1d-150200.11.85.1 * libopenssl1_1-hmac-1.1.1d-150200.11.85.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libopenssl-1_1-devel-1.1.1d-150200.11.85.1 * openssl-1_1-1.1.1d-150200.11.85.1 * libopenssl1_1-debuginfo-1.1.1d-150200.11.85.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.85.1 * openssl-1_1-debugsource-1.1.1d-150200.11.85.1 * libopenssl1_1-1.1.1d-150200.11.85.1 * libopenssl1_1-hmac-1.1.1d-150200.11.85.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libopenssl-1_1-devel-1.1.1d-150200.11.85.1 * openssl-1_1-1.1.1d-150200.11.85.1 * libopenssl1_1-debuginfo-1.1.1d-150200.11.85.1 * openssl-1_1-debuginfo-1.1.1d-150200.11.85.1 * openssl-1_1-debugsource-1.1.1d-150200.11.85.1 * libopenssl1_1-1.1.1d-150200.11.85.1 * libopenssl1_1-hmac-1.1.1d-150200.11.85.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0727.html * https://bugzilla.suse.com/show_bug.cgi?id=1219243 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 11 12:30:07 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 Mar 2024 12:30:07 -0000 Subject: SUSE-SU-2024:0831-1: moderate: Security update for openssl-1_0_0 Message-ID: <171016020788.19251.8985825472623892708@smelt2.prg2.suse.org> # Security update for openssl-1_0_0 Announcement ID: SUSE-SU-2024:0831-1 Rating: moderate References: * bsc#1219243 Cross-References: * CVE-2024-0727 CVSS scores: * CVE-2024-0727 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-0727 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Legacy Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-1_0_0 fixes the following issues: * CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file (bsc#1219243). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-831=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-831=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-831=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-831=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-831=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-831=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-831=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-831=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-831=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-831=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-831=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-831=1 ## Package List: * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libopenssl1_0_0-1.0.2p-150000.3.91.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.91.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.91.1 * libopenssl1_0_0-hmac-1.0.2p-150000.3.91.1 * openssl-1_0_0-1.0.2p-150000.3.91.1 * libopenssl10-debuginfo-1.0.2p-150000.3.91.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl10-1.0.2p-150000.3.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libopenssl1_0_0-1.0.2p-150000.3.91.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.91.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.91.1 * openssl-1_0_0-1.0.2p-150000.3.91.1 * libopenssl10-debuginfo-1.0.2p-150000.3.91.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl10-1.0.2p-150000.3.91.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libopenssl1_0_0-1.0.2p-150000.3.91.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.91.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.91.1 * libopenssl1_0_0-hmac-1.0.2p-150000.3.91.1 * openssl-1_0_0-1.0.2p-150000.3.91.1 * libopenssl10-debuginfo-1.0.2p-150000.3.91.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl10-1.0.2p-150000.3.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libopenssl1_0_0-1.0.2p-150000.3.91.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.91.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.91.1 * libopenssl1_0_0-hmac-1.0.2p-150000.3.91.1 * openssl-1_0_0-1.0.2p-150000.3.91.1 * libopenssl10-debuginfo-1.0.2p-150000.3.91.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl10-1.0.2p-150000.3.91.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libopenssl1_0_0-1.0.2p-150000.3.91.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.91.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.91.1 * openssl-1_0_0-1.0.2p-150000.3.91.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.91.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libopenssl1_0_0-1.0.2p-150000.3.91.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.91.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.91.1 * openssl-1_0_0-1.0.2p-150000.3.91.1 * libopenssl10-debuginfo-1.0.2p-150000.3.91.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl10-1.0.2p-150000.3.91.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libopenssl1_0_0-1.0.2p-150000.3.91.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.91.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.91.1 * libopenssl1_0_0-hmac-1.0.2p-150000.3.91.1 * openssl-1_0_0-1.0.2p-150000.3.91.1 * libopenssl10-debuginfo-1.0.2p-150000.3.91.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl10-1.0.2p-150000.3.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libopenssl1_0_0-1.0.2p-150000.3.91.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.91.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.91.1 * openssl-1_0_0-1.0.2p-150000.3.91.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libopenssl1_0_0-1.0.2p-150000.3.91.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.91.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.91.1 * openssl-1_0_0-1.0.2p-150000.3.91.1 * libopenssl10-debuginfo-1.0.2p-150000.3.91.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl10-1.0.2p-150000.3.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libopenssl1_0_0-1.0.2p-150000.3.91.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.91.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.91.1 * libopenssl1_0_0-hmac-1.0.2p-150000.3.91.1 * openssl-1_0_0-1.0.2p-150000.3.91.1 * libopenssl10-debuginfo-1.0.2p-150000.3.91.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl10-1.0.2p-150000.3.91.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libopenssl1_0_0-1.0.2p-150000.3.91.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.91.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.91.1 * openssl-1_0_0-1.0.2p-150000.3.91.1 * libopenssl10-debuginfo-1.0.2p-150000.3.91.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl10-1.0.2p-150000.3.91.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libopenssl1_0_0-1.0.2p-150000.3.91.1 * libopenssl-1_0_0-devel-1.0.2p-150000.3.91.1 * libopenssl1_0_0-steam-debuginfo-1.0.2p-150000.3.91.1 * openssl-1_0_0-cavs-1.0.2p-150000.3.91.1 * openssl-1_0_0-cavs-debuginfo-1.0.2p-150000.3.91.1 * openssl-1_0_0-debugsource-1.0.2p-150000.3.91.1 * libopenssl1_0_0-hmac-1.0.2p-150000.3.91.1 * libopenssl1_0_0-steam-1.0.2p-150000.3.91.1 * openssl-1_0_0-1.0.2p-150000.3.91.1 * libopenssl10-debuginfo-1.0.2p-150000.3.91.1 * openssl-1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl1_0_0-debuginfo-1.0.2p-150000.3.91.1 * libopenssl10-1.0.2p-150000.3.91.1 * openSUSE Leap 15.5 (x86_64) * libopenssl1_0_0-32bit-debuginfo-1.0.2p-150000.3.91.1 * libopenssl1_0_0-32bit-1.0.2p-150000.3.91.1 * libopenssl1_0_0-steam-32bit-1.0.2p-150000.3.91.1 * libopenssl1_0_0-steam-32bit-debuginfo-1.0.2p-150000.3.91.1 * libopenssl-1_0_0-devel-32bit-1.0.2p-150000.3.91.1 * libopenssl1_0_0-hmac-32bit-1.0.2p-150000.3.91.1 * openSUSE Leap 15.5 (noarch) * openssl-1_0_0-doc-1.0.2p-150000.3.91.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0727.html * https://bugzilla.suse.com/show_bug.cgi?id=1219243 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 11 12:30:12 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 11 Mar 2024 12:30:12 -0000 Subject: SUSE-SU-2024:0830-1: moderate: Security update for xen Message-ID: <171016021246.19251.15683433225040386379@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:0830-1 Rating: moderate References: * bsc#1027519 * bsc#1218851 * bsc#1219080 * bsc#1219885 Cross-References: * CVE-2023-46839 * CVE-2023-46840 * CVE-2023-46841 CVSS scores: * CVE-2023-46839 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-46840 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2023-46841 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2023-46839: Fixed memory access through PCI device with phantom functions (XSA-449) (bsc#1218851). * CVE-2023-46840: Fixed Failure to quarantine devices in !HVM builds (XSA-450) (bsc#1219080). * CVE-2023-46841: Fixed shadow stack vs exceptions from emulation stubs (XSA-451) (bsc#1219885). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-830=1 openSUSE-SLE-15.5-2024-830=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-830=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-830=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-830=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64 i586) * xen-devel-4.17.3_06-150500.3.24.1 * xen-tools-domU-4.17.3_06-150500.3.24.1 * xen-libs-4.17.3_06-150500.3.24.1 * xen-debugsource-4.17.3_06-150500.3.24.1 * xen-tools-domU-debuginfo-4.17.3_06-150500.3.24.1 * xen-libs-debuginfo-4.17.3_06-150500.3.24.1 * openSUSE Leap 15.5 (x86_64) * xen-libs-32bit-debuginfo-4.17.3_06-150500.3.24.1 * xen-libs-32bit-4.17.3_06-150500.3.24.1 * openSUSE Leap 15.5 (aarch64 x86_64) * xen-doc-html-4.17.3_06-150500.3.24.1 * xen-4.17.3_06-150500.3.24.1 * xen-tools-4.17.3_06-150500.3.24.1 * xen-tools-debuginfo-4.17.3_06-150500.3.24.1 * openSUSE Leap 15.5 (noarch) * xen-tools-xendomains-wait-disk-4.17.3_06-150500.3.24.1 * openSUSE Leap 15.5 (aarch64_ilp32) * xen-libs-64bit-4.17.3_06-150500.3.24.1 * xen-libs-64bit-debuginfo-4.17.3_06-150500.3.24.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * xen-debugsource-4.17.3_06-150500.3.24.1 * xen-libs-debuginfo-4.17.3_06-150500.3.24.1 * xen-libs-4.17.3_06-150500.3.24.1 * Basesystem Module 15-SP5 (x86_64) * xen-tools-domU-4.17.3_06-150500.3.24.1 * xen-libs-4.17.3_06-150500.3.24.1 * xen-debugsource-4.17.3_06-150500.3.24.1 * xen-tools-domU-debuginfo-4.17.3_06-150500.3.24.1 * xen-libs-debuginfo-4.17.3_06-150500.3.24.1 * Server Applications Module 15-SP5 (x86_64) * xen-tools-debuginfo-4.17.3_06-150500.3.24.1 * xen-devel-4.17.3_06-150500.3.24.1 * xen-tools-4.17.3_06-150500.3.24.1 * xen-debugsource-4.17.3_06-150500.3.24.1 * xen-4.17.3_06-150500.3.24.1 * Server Applications Module 15-SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.3_06-150500.3.24.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46839.html * https://www.suse.com/security/cve/CVE-2023-46840.html * https://www.suse.com/security/cve/CVE-2023-46841.html * https://bugzilla.suse.com/show_bug.cgi?id=1027519 * https://bugzilla.suse.com/show_bug.cgi?id=1218851 * https://bugzilla.suse.com/show_bug.cgi?id=1219080 * https://bugzilla.suse.com/show_bug.cgi?id=1219885 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 12:54:10 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 12:54:10 -0000 Subject: SUSE-RU-2024:0845-1: moderate: Recommended update for release-notes-sles Message-ID: <171024805055.3320.12665636047491703194@smelt2.prg2.suse.org> # Recommended update for release-notes-sles Announcement ID: SUSE-RU-2024:0845-1 Rating: moderate References: * bsc#1201266 * bsc#1210490 * bsc#1215156 * bsc#1216929 * bsc#933411 * jsc#TEAM-1245 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature and has five fixes can now be installed. ## Description: This update for release-notes-sles fixes the following issues: * Added note about sched parameter deprecation (bsc#1216929) * Added note about set-hostname deprecation (bsc#1215156) * Added note about Xen Dom0 suspend/resume (bsc#1210490) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-845=1 * SUSE Linux Enterprise Server 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-845=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-845=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-845=1 * SUSE Linux Enterprise Desktop 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-845=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-845=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-845=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-845=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-845=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP4 (noarch) * release-notes-sles-15.4.20240119-150400.3.24.5 * SUSE Linux Enterprise Server 15 SP4 (noarch) * release-notes-sles-15.4.20240119-150400.3.24.5 * SUSE Manager Server 4.3 (noarch) * release-notes-sles-15.4.20240119-150400.3.24.5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * release-notes-sles-15.4.20240119-150400.3.24.5 * SUSE Linux Enterprise Desktop 15 SP4 (noarch) * release-notes-sles-15.4.20240119-150400.3.24.5 * SUSE Manager Retail Branch Server 4.3 (noarch) * release-notes-sles-15.4.20240119-150400.3.24.5 * SUSE Manager Proxy 4.3 (noarch) * release-notes-sles-15.4.20240119-150400.3.24.5 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * release-notes-sles-15.4.20240119-150400.3.24.5 * openSUSE Leap 15.4 (noarch) * release-notes-sles-15.4.20240119-150400.3.24.5 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1201266 * https://bugzilla.suse.com/show_bug.cgi?id=1210490 * https://bugzilla.suse.com/show_bug.cgi?id=1215156 * https://bugzilla.suse.com/show_bug.cgi?id=1216929 * https://bugzilla.suse.com/show_bug.cgi?id=933411 * https://jira.suse.com/browse/TEAM-1245 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 12:54:12 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 12:54:12 -0000 Subject: SUSE-RU-2024:0844-1: moderate: Recommended update for raspberrypi-firmware-dt Message-ID: <171024805228.3320.1861288818236190192@smelt2.prg2.suse.org> # Recommended update for raspberrypi-firmware-dt Announcement ID: SUSE-RU-2024:0844-1 Rating: moderate References: * bsc#1219094 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for raspberrypi-firmware-dt fixes the following issue: * Extend "ARM: dts: bcm27xx: Use better name for spidev" patch coverage. Change compatible "spidev" to "rohm,dh2228fv" in overlay files too. (bsc#1219094) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-844=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-844=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-844=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-844=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-844=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-844=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-844=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-844=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-844=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-844=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-844=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-844=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-844=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * raspberrypi-firmware-dt-2021.11.19-150400.5.6.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * raspberrypi-firmware-dt-2021.11.19-150400.5.6.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * raspberrypi-firmware-dt-2021.11.19-150400.5.6.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * raspberrypi-firmware-dt-2021.11.19-150400.5.6.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * raspberrypi-firmware-dt-2021.11.19-150400.5.6.1 * Basesystem Module 15-SP5 (noarch) * raspberrypi-firmware-dt-2021.11.19-150400.5.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * raspberrypi-firmware-dt-2021.11.19-150400.5.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * raspberrypi-firmware-dt-2021.11.19-150400.5.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * raspberrypi-firmware-dt-2021.11.19-150400.5.6.1 * openSUSE Leap 15.4 (noarch) * raspberrypi-firmware-dt-2021.11.19-150400.5.6.1 * openSUSE Leap Micro 5.3 (noarch) * raspberrypi-firmware-dt-2021.11.19-150400.5.6.1 * openSUSE Leap Micro 5.4 (noarch) * raspberrypi-firmware-dt-2021.11.19-150400.5.6.1 * openSUSE Leap 15.5 (noarch) * raspberrypi-firmware-dt-2021.11.19-150400.5.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219094 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 12:54:14 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 12:54:14 -0000 Subject: SUSE-RU-2024:0843-1: moderate: Recommended update for libzypp Message-ID: <171024805498.3320.9574188619223060726@smelt2.prg2.suse.org> # Recommended update for libzypp Announcement ID: SUSE-RU-2024:0843-1 Rating: moderate References: * bsc#1219442 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that has one fix can now be installed. ## Description: This update for libzypp fixes the following issues: * applydeltaprm: Create target directory if it does not exist (bsc#1219442) * Update to version 16.22.12 ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-843=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-843=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-843=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-843=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libzypp-devel-16.22.12-62.1 * libzypp-debugsource-16.22.12-62.1 * libzypp-devel-doc-16.22.12-62.1 * libzypp-debuginfo-16.22.12-62.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libzypp-16.22.12-62.1 * libzypp-devel-16.22.12-62.1 * libzypp-debugsource-16.22.12-62.1 * libzypp-debuginfo-16.22.12-62.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libzypp-16.22.12-62.1 * libzypp-devel-16.22.12-62.1 * libzypp-debugsource-16.22.12-62.1 * libzypp-debuginfo-16.22.12-62.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libzypp-16.22.12-62.1 * libzypp-devel-16.22.12-62.1 * libzypp-debugsource-16.22.12-62.1 * libzypp-debuginfo-16.22.12-62.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219442 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 12:54:18 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 12:54:18 -0000 Subject: SUSE-SU-2024:0842-1: moderate: Security update for openssl Message-ID: <171024805855.3320.18310561043783885645@smelt2.prg2.suse.org> # Security update for openssl Announcement ID: SUSE-SU-2024:0842-1 Rating: moderate References: * bsc#1219243 Cross-References: * CVE-2024-0727 CVSS scores: * CVE-2024-0727 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-0727 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 11 SP4 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 An update that solves one vulnerability can now be installed. ## Description: This update for openssl fixes the following issues: * CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file (bsc#1219243). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2024-842=1 * SUSE Linux Enterprise Server 11 SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2024-842=1 ## Package List: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 (x86_64) * openssl-0.9.8j-0.106.83.1 * libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.83.1 * libopenssl0_9_8-32bit-0.9.8j-0.106.83.1 * openssl-doc-0.9.8j-0.106.83.1 * libopenssl0_9_8-hmac-0.9.8j-0.106.83.1 * libopenssl0_9_8-0.9.8j-0.106.83.1 * SUSE Linux Enterprise Server 11 SP4 (x86_64) * openssl-0.9.8j-0.106.83.1 * libopenssl0_9_8-hmac-32bit-0.9.8j-0.106.83.1 * libopenssl0_9_8-32bit-0.9.8j-0.106.83.1 * openssl-doc-0.9.8j-0.106.83.1 * libopenssl0_9_8-hmac-0.9.8j-0.106.83.1 * libopenssl0_9_8-0.9.8j-0.106.83.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0727.html * https://bugzilla.suse.com/show_bug.cgi?id=1219243 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 12:54:20 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 12:54:20 -0000 Subject: SUSE-SU-2024:0841-1: moderate: Security update for openssl1 Message-ID: <171024806001.3320.2824899696715203889@smelt2.prg2.suse.org> # Security update for openssl1 Announcement ID: SUSE-SU-2024:0841-1 Rating: moderate References: * bsc#1219243 Cross-References: * CVE-2024-0727 CVSS scores: * CVE-2024-0727 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-0727 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 11 SP4 * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 An update that solves one vulnerability can now be installed. ## Description: This update for openssl1 fixes the following issues: * CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file (bsc#1219243). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2024-841=1 * SUSE Linux Enterprise Server 11 SP4 zypper in -t patch SUSE-SLE-SERVER-11-SP4-LTSS-EXTREME-CORE-2024-841=1 ## Package List: * SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE 11-SP4 (x86_64) * openssl1-1.0.1g-0.58.79.1 * libopenssl1-devel-1.0.1g-0.58.79.1 * libopenssl1_0_0-1.0.1g-0.58.79.1 * libopenssl1_0_0-32bit-1.0.1g-0.58.79.1 * openssl1-doc-1.0.1g-0.58.79.1 * SUSE Linux Enterprise Server 11 SP4 (x86_64) * openssl1-1.0.1g-0.58.79.1 * libopenssl1-devel-1.0.1g-0.58.79.1 * libopenssl1_0_0-1.0.1g-0.58.79.1 * libopenssl1_0_0-32bit-1.0.1g-0.58.79.1 * openssl1-doc-1.0.1g-0.58.79.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0727.html * https://bugzilla.suse.com/show_bug.cgi?id=1219243 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 12:54:23 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 12:54:23 -0000 Subject: SUSE-SU-2024:0840-1: moderate: Security update for compat-openssl098 Message-ID: <171024806331.3320.2349360732641169406@smelt2.prg2.suse.org> # Security update for compat-openssl098 Announcement ID: SUSE-SU-2024:0840-1 Rating: moderate References: * bsc#1219243 Cross-References: * CVE-2024-0727 CVSS scores: * CVE-2024-0727 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-0727 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Legacy Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for compat-openssl098 fixes the following issues: * CVE-2024-0727: Denial of service when processing a maliciously formatted PKCS12 file (bsc#1219243). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Legacy Module 12 zypper in -t patch SUSE-SLE-Module-Legacy-12-2024-840=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SAP-12-SP5-2024-840=1 ## Package List: * Legacy Module 12 (s390x x86_64) * libopenssl0_9_8-32bit-0.9.8j-106.64.1 * libopenssl0_9_8-0.9.8j-106.64.1 * libopenssl0_9_8-debuginfo-32bit-0.9.8j-106.64.1 * compat-openssl098-debugsource-0.9.8j-106.64.1 * libopenssl0_9_8-debuginfo-0.9.8j-106.64.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * compat-openssl098-debugsource-0.9.8j-106.64.1 * libopenssl0_9_8-0.9.8j-106.64.1 * libopenssl0_9_8-debuginfo-0.9.8j-106.64.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0727.html * https://bugzilla.suse.com/show_bug.cgi?id=1219243 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 16:30:06 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 16:30:06 -0000 Subject: SUSE-SU-2024:0852-1: moderate: Security update for axis Message-ID: <171026100652.28098.6220454699948164301@smelt2.prg2.suse.org> # Security update for axis Announcement ID: SUSE-SU-2024:0852-1 Rating: moderate References: * bsc#1218605 Cross-References: * CVE-2023-51441 CVSS scores: * CVE-2023-51441 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-51441 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for axis fixes the following issues: * CVE-2023-51441: Fixed SSRF when untrusted input is passed to the service admin HTTP API (bsc#1218605). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-852=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-852=1 ## Package List: * openSUSE Leap 15.5 (noarch) * axis-1.4-150200.13.9.1 * axis-manual-1.4-150200.13.9.1 * Basesystem Module 15-SP5 (noarch) * axis-1.4-150200.13.9.1 ## References: * https://www.suse.com/security/cve/CVE-2023-51441.html * https://bugzilla.suse.com/show_bug.cgi?id=1218605 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 16:30:09 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 16:30:09 -0000 Subject: SUSE-SU-2024:0851-1: moderate: Security update for axis Message-ID: <171026100995.28098.14606425736269034829@smelt2.prg2.suse.org> # Security update for axis Announcement ID: SUSE-SU-2024:0851-1 Rating: moderate References: * bsc#1218605 Cross-References: * CVE-2023-51441 CVSS scores: * CVE-2023-51441 ( SUSE ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-51441 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for axis fixes the following issues: * CVE-2023-51441: Fixed SSRF when untrusted input is passed to the service admin HTTP API (bsc#1218605). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-851=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-851=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-851=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * axis-1.4-290.9.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * axis-1.4-290.9.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * axis-1.4-290.9.1 ## References: * https://www.suse.com/security/cve/CVE-2023-51441.html * https://bugzilla.suse.com/show_bug.cgi?id=1218605 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 16:30:11 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 16:30:11 -0000 Subject: SUSE-SU-2024:0850-1: important: Security update for python3 Message-ID: <171026101162.28098.15955997914898324040@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2024:0850-1 Rating: important References: * bsc#1219666 Cross-References: * CVE-2023-6597 CVSS scores: * CVE-2023-6597 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves one vulnerability can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2023-6597: Fixed symlink bug in cleanup of tempfile.TemporaryDirectory (bsc#1219666). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-850=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-850=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-850=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-850=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * python3-base-debuginfo-3.6.15-150000.3.141.1 * python3-debuginfo-3.6.15-150000.3.141.1 * python3-tools-3.6.15-150000.3.141.1 * python3-curses-debuginfo-3.6.15-150000.3.141.1 * python3-curses-3.6.15-150000.3.141.1 * python3-base-3.6.15-150000.3.141.1 * python3-dbm-3.6.15-150000.3.141.1 * python3-devel-debuginfo-3.6.15-150000.3.141.1 * python3-core-debugsource-3.6.15-150000.3.141.1 * python3-tk-3.6.15-150000.3.141.1 * python3-3.6.15-150000.3.141.1 * python3-dbm-debuginfo-3.6.15-150000.3.141.1 * python3-tk-debuginfo-3.6.15-150000.3.141.1 * libpython3_6m1_0-debuginfo-3.6.15-150000.3.141.1 * python3-devel-3.6.15-150000.3.141.1 * libpython3_6m1_0-3.6.15-150000.3.141.1 * python3-debugsource-3.6.15-150000.3.141.1 * python3-idle-3.6.15-150000.3.141.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * python3-base-debuginfo-3.6.15-150000.3.141.1 * python3-debuginfo-3.6.15-150000.3.141.1 * python3-tools-3.6.15-150000.3.141.1 * python3-curses-debuginfo-3.6.15-150000.3.141.1 * python3-curses-3.6.15-150000.3.141.1 * python3-base-3.6.15-150000.3.141.1 * python3-dbm-3.6.15-150000.3.141.1 * python3-devel-debuginfo-3.6.15-150000.3.141.1 * python3-core-debugsource-3.6.15-150000.3.141.1 * python3-tk-3.6.15-150000.3.141.1 * python3-3.6.15-150000.3.141.1 * python3-dbm-debuginfo-3.6.15-150000.3.141.1 * python3-tk-debuginfo-3.6.15-150000.3.141.1 * libpython3_6m1_0-debuginfo-3.6.15-150000.3.141.1 * python3-devel-3.6.15-150000.3.141.1 * libpython3_6m1_0-3.6.15-150000.3.141.1 * python3-debugsource-3.6.15-150000.3.141.1 * python3-idle-3.6.15-150000.3.141.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * python3-base-debuginfo-3.6.15-150000.3.141.1 * python3-debuginfo-3.6.15-150000.3.141.1 * python3-tools-3.6.15-150000.3.141.1 * python3-curses-debuginfo-3.6.15-150000.3.141.1 * python3-curses-3.6.15-150000.3.141.1 * python3-base-3.6.15-150000.3.141.1 * python3-dbm-3.6.15-150000.3.141.1 * python3-devel-debuginfo-3.6.15-150000.3.141.1 * python3-core-debugsource-3.6.15-150000.3.141.1 * python3-tk-3.6.15-150000.3.141.1 * python3-3.6.15-150000.3.141.1 * python3-dbm-debuginfo-3.6.15-150000.3.141.1 * python3-tk-debuginfo-3.6.15-150000.3.141.1 * libpython3_6m1_0-debuginfo-3.6.15-150000.3.141.1 * python3-devel-3.6.15-150000.3.141.1 * libpython3_6m1_0-3.6.15-150000.3.141.1 * python3-debugsource-3.6.15-150000.3.141.1 * python3-idle-3.6.15-150000.3.141.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * python3-base-debuginfo-3.6.15-150000.3.141.1 * python3-debuginfo-3.6.15-150000.3.141.1 * python3-base-3.6.15-150000.3.141.1 * python3-core-debugsource-3.6.15-150000.3.141.1 * python3-3.6.15-150000.3.141.1 * libpython3_6m1_0-debuginfo-3.6.15-150000.3.141.1 * libpython3_6m1_0-3.6.15-150000.3.141.1 * python3-debugsource-3.6.15-150000.3.141.1 ## References: * https://www.suse.com/security/cve/CVE-2023-6597.html * https://bugzilla.suse.com/show_bug.cgi?id=1219666 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 16:30:14 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 16:30:14 -0000 Subject: SUSE-RU-2024:0849-1: important: Recommended update for cloud-init Message-ID: <171026101425.28098.8648943045857811096@smelt2.prg2.suse.org> # Recommended update for cloud-init Announcement ID: SUSE-RU-2024:0849-1 Rating: important References: * bsc#1198533 * bsc#1214169 * bsc#1218952 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Public Cloud Module 15-SP2 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.1 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.1 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 An update that has three fixes can now be installed. ## Description: This update for cloud-init contains the following fixes: * Skip tests with empty config. * Support reboot on package update/upgrade via the cloud-init config. (bsc#1198533, bsc#1218952, jsc#SMO-326) * Switch build dependency to the generic distribution-release package. * Move fdupes call back to %install. (bsc#1214169) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-849=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-849=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-849=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-849=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-849=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-849=1 openSUSE-SLE-15.5-2024-849=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-849=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-849=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-849=1 * Public Cloud Module 15-SP2 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2024-849=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2024-849=1 ## Package List: * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * cloud-init-23.3-150100.8.74.7 * cloud-init-config-suse-23.3-150100.8.74.7 * Public Cloud Module 15-SP4 (noarch) * python3-jsonpointer-1.14-150000.3.2.1 * python3-jsonpatch-1.23-150100.3.5.1 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * cloud-init-23.3-150100.8.74.7 * cloud-init-config-suse-23.3-150100.8.74.7 * Public Cloud Module 15-SP5 (noarch) * python3-jsonpointer-1.14-150000.3.2.1 * python3-jsonpatch-1.23-150100.3.5.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * dhcp-debuginfo-4.3.6.P1-150000.6.19.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.19.1 * bind-9.16.48-150500.8.18.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.19.1 * dhcp-debugsource-4.3.6.P1-150000.6.19.1 * dhcp-relay-4.3.6.P1-150000.6.19.1 * bind-debuginfo-9.16.48-150500.8.18.1 * bind-debugsource-9.16.48-150500.8.18.1 * dhcp-server-4.3.6.P1-150000.6.19.1 * Server Applications Module 15-SP5 (noarch) * python3-pyserial-3.4-150000.3.4.1 * bind-doc-9.16.48-150500.8.18.1 * openSUSE Leap 15.3 (noarch) * python3-passlib-1.7.4-150300.3.2.1 * openSUSE Leap 15.4 (noarch) * python3-more-itertools-8.10.0-150400.7.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * bind-9.16.48-150500.8.18.1 * bind-utils-9.16.48-150500.8.18.1 * libuv-debugsource-1.44.2-150500.3.2.1 * libuv1-1.44.2-150500.3.2.1 * libuv1-debuginfo-1.44.2-150500.3.2.1 * bind-utils-debuginfo-9.16.48-150500.8.18.1 * bind-debuginfo-9.16.48-150500.8.18.1 * bind-debugsource-9.16.48-150500.8.18.1 * libuv-devel-1.44.2-150500.3.2.1 * openSUSE Leap 15.5 (noarch) * python3-jsonpointer-1.14-150000.3.2.1 * python3-jsonschema-3.2.0-150200.9.5.1 * python3-pyserial-3.4-150000.3.4.1 * python-pyserial-doc-3.4-150000.3.4.1 * python3-jsonpatch-1.23-150100.3.5.1 * python3-attrs-19.3.0-150200.3.6.1 * python3-PyJWT-2.4.0-150200.3.8.1 * python3-importlib-metadata-1.5.0-150100.3.5.1 * python3-zipp-0.6.0-150100.3.5.1 * python3-passlib-1.7.4-150300.3.2.1 * wget-lang-1.20.3-150000.3.17.1 * python3-oauthlib-2.0.6-150000.3.6.1 * python3-bind-9.16.48-150500.8.18.1 * python3-blinker-1.4-150000.3.6.1 * python3-more-itertools-8.10.0-150400.7.1 * python-blinker-doc-1.4-150000.3.6.1 * bind-doc-9.16.48-150500.8.18.1 * openSUSE Leap 15.5 (x86_64) * libmaxminddb0-32bit-debuginfo-1.4.3-150000.1.8.1 * libmaxminddb0-32bit-1.4.3-150000.1.8.1 * libuv1-32bit-debuginfo-1.44.2-150500.3.2.1 * libuv1-32bit-1.44.2-150500.3.2.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libuv1-64bit-1.44.2-150500.3.2.1 * libuv1-64bit-debuginfo-1.44.2-150500.3.2.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libmaxminddb-devel-1.4.3-150000.1.8.1 * mmdblookup-1.4.3-150000.1.8.1 * dhcp-devel-4.3.6.P1-150000.6.19.1 * cloud-init-23.3-150100.8.74.7 * dhcp-debugsource-4.3.6.P1-150000.6.19.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.19.1 * dhcp-client-4.3.6.P1-150000.6.19.1 * libmetalink-devel-0.1.3-150000.3.2.1 * python-netifaces-debuginfo-0.10.6-150000.3.2.1 * python-pyrsistent-debugsource-0.14.4-150100.3.4.1 * python3-pyrsistent-debuginfo-0.14.4-150100.3.4.1 * dhcp-server-4.3.6.P1-150000.6.19.1 * libmaxminddb0-1.4.3-150000.1.8.1 * dhcp-debuginfo-4.3.6.P1-150000.6.19.1 * python3-pyrsistent-0.14.4-150100.3.4.1 * python-pyrsistent-debuginfo-0.14.4-150100.3.4.1 * wget-debugsource-1.20.3-150000.3.17.1 * libmetalink3-debuginfo-0.1.3-150000.3.2.1 * wget-debuginfo-1.20.3-150000.3.17.1 * dhcp-relay-4.3.6.P1-150000.6.19.1 * python3-netifaces-debuginfo-0.10.6-150000.3.2.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.19.1 * mmdblookup-debuginfo-1.4.3-150000.1.8.1 * cloud-init-config-suse-23.3-150100.8.74.7 * python-netifaces-debugsource-0.10.6-150000.3.2.1 * python3-netifaces-0.10.6-150000.3.2.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.19.1 * dhcp-4.3.6.P1-150000.6.19.1 * cloud-init-doc-23.3-150100.8.74.7 * libmaxminddb0-debuginfo-1.4.3-150000.1.8.1 * dhcp-doc-4.3.6.P1-150000.6.19.1 * libmaxminddb-debugsource-1.4.3-150000.1.8.1 * wget-1.20.3-150000.3.17.1 * libmetalink-debugsource-0.1.3-150000.3.2.1 * libmetalink3-0.1.3-150000.3.2.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * dhcp-devel-4.3.6.P1-150000.6.19.1 * cloud-init-23.3-150100.8.74.7 * dhcp-debugsource-4.3.6.P1-150000.6.19.1 * libuv1-1.44.2-150500.3.2.1 * dhcp-client-4.3.6.P1-150000.6.19.1 * python3-pyrsistent-debuginfo-0.14.4-150100.3.4.1 * libmaxminddb0-1.4.3-150000.1.8.1 * dhcp-debuginfo-4.3.6.P1-150000.6.19.1 * python3-pyrsistent-0.14.4-150100.3.4.1 * wget-debugsource-1.20.3-150000.3.17.1 * libmetalink3-debuginfo-0.1.3-150000.3.2.1 * wget-debuginfo-1.20.3-150000.3.17.1 * bind-utils-9.16.48-150500.8.18.1 * python3-netifaces-debuginfo-0.10.6-150000.3.2.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.19.1 * bind-utils-debuginfo-9.16.48-150500.8.18.1 * cloud-init-config-suse-23.3-150100.8.74.7 * python3-netifaces-0.10.6-150000.3.2.1 * dhcp-4.3.6.P1-150000.6.19.1 * libuv1-debuginfo-1.44.2-150500.3.2.1 * libmaxminddb0-debuginfo-1.4.3-150000.1.8.1 * wget-1.20.3-150000.3.17.1 * libmetalink3-0.1.3-150000.3.2.1 * SUSE Linux Enterprise Micro 5.5 (aarch64) * dhcp-relay-debuginfo-4.3.6.P1-150000.6.19.1 * python2-netifaces-debuginfo-0.10.6-150000.3.2.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.19.1 * libuv-debugsource-1.44.2-150500.3.2.1 * dhcp-relay-4.3.6.P1-150000.6.19.1 * python2-netifaces-0.10.6-150000.3.2.1 * libmetalink-devel-0.1.3-150000.3.2.1 * python-netifaces-debuginfo-0.10.6-150000.3.2.1 * python-netifaces-debugsource-0.10.6-150000.3.2.1 * libmetalink-debugsource-0.1.3-150000.3.2.1 * dhcp-server-4.3.6.P1-150000.6.19.1 * libuv-devel-1.44.2-150500.3.2.1 * SUSE Linux Enterprise Micro 5.5 (aarch64_ilp32) * libmaxminddb0-64bit-1.4.3-150000.1.8.1 * libuv1-64bit-1.44.2-150500.3.2.1 * libuv1-64bit-debuginfo-1.44.2-150500.3.2.1 * libmaxminddb0-64bit-debuginfo-1.4.3-150000.1.8.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * python3-jsonschema-3.2.0-150200.9.5.1 * python3-pyserial-3.4-150000.3.4.1 * python2-blinker-1.4-150000.3.6.1 * python2-pyserial-3.4-150000.3.4.1 * python3-jsonpatch-1.23-150100.3.5.1 * python3-attrs-19.3.0-150200.3.6.1 * python3-PyJWT-2.4.0-150200.3.8.1 * python3-importlib-metadata-1.5.0-150100.3.5.1 * python3-zipp-0.6.0-150100.3.5.1 * python3-passlib-1.7.4-150300.3.2.1 * python3-oauthlib-2.0.6-150000.3.6.1 * python3-bind-9.16.48-150500.8.18.1 * python2-oauthlib-2.0.6-150000.3.6.1 * python3-blinker-1.4-150000.3.6.1 * python3-more-itertools-8.10.0-150400.7.1 * python2-jsonpointer-1.14-150000.3.2.1 * python3-jsonpointer-1.14-150000.3.2.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * bind-debugsource-9.16.48-150500.8.18.1 * bind-debuginfo-9.16.48-150500.8.18.1 * Basesystem Module 15-SP5 (noarch) * python3-jsonschema-3.2.0-150200.9.5.1 * python3-attrs-19.3.0-150200.3.6.1 * python3-PyJWT-2.4.0-150200.3.8.1 * python3-importlib-metadata-1.5.0-150100.3.5.1 * python3-zipp-0.6.0-150100.3.5.1 * python3-passlib-1.7.4-150300.3.2.1 * python3-oauthlib-2.0.6-150000.3.6.1 * python3-bind-9.16.48-150500.8.18.1 * python3-blinker-1.4-150000.3.6.1 * python3-more-itertools-8.10.0-150400.7.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * bind-debugsource-9.16.48-150500.8.18.1 * libmaxminddb-devel-1.4.3-150000.1.8.1 * mmdblookup-1.4.3-150000.1.8.1 * dhcp-devel-4.3.6.P1-150000.6.19.1 * dhcp-debugsource-4.3.6.P1-150000.6.19.1 * libuv1-1.44.2-150500.3.2.1 * dhcp-client-4.3.6.P1-150000.6.19.1 * libmetalink-devel-0.1.3-150000.3.2.1 * python-netifaces-debuginfo-0.10.6-150000.3.2.1 * python-pyrsistent-debugsource-0.14.4-150100.3.4.1 * python3-pyrsistent-debuginfo-0.14.4-150100.3.4.1 * libmaxminddb0-1.4.3-150000.1.8.1 * dhcp-debuginfo-4.3.6.P1-150000.6.19.1 * python3-pyrsistent-0.14.4-150100.3.4.1 * python-pyrsistent-debuginfo-0.14.4-150100.3.4.1 * libuv-debugsource-1.44.2-150500.3.2.1 * wget-debugsource-1.20.3-150000.3.17.1 * libmetalink3-debuginfo-0.1.3-150000.3.2.1 * wget-debuginfo-1.20.3-150000.3.17.1 * libuv-devel-1.44.2-150500.3.2.1 * bind-utils-9.16.48-150500.8.18.1 * python3-netifaces-debuginfo-0.10.6-150000.3.2.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.19.1 * bind-debuginfo-9.16.48-150500.8.18.1 * mmdblookup-debuginfo-1.4.3-150000.1.8.1 * bind-utils-debuginfo-9.16.48-150500.8.18.1 * python-netifaces-debugsource-0.10.6-150000.3.2.1 * python3-netifaces-0.10.6-150000.3.2.1 * dhcp-4.3.6.P1-150000.6.19.1 * libuv1-debuginfo-1.44.2-150500.3.2.1 * libmaxminddb0-debuginfo-1.4.3-150000.1.8.1 * libmaxminddb-debugsource-1.4.3-150000.1.8.1 * wget-1.20.3-150000.3.17.1 * libmetalink-debugsource-0.1.3-150000.3.2.1 * libmetalink3-0.1.3-150000.3.2.1 * SUSE Package Hub 15 15-SP5 (noarch) * python2-blinker-1.4-150000.3.6.1 * python2-pyserial-3.4-150000.3.4.1 * python2-oauthlib-2.0.6-150000.3.6.1 * python2-jsonpointer-1.14-150000.3.2.1 * python2-jsonpatch-1.23-150100.3.5.1 * python2-jsonschema-3.2.0-150200.9.5.1 * Public Cloud Module 15-SP2 (aarch64 ppc64le s390x x86_64) * cloud-init-23.3-150100.8.74.7 * cloud-init-config-suse-23.3-150100.8.74.7 * Public Cloud Module 15-SP2 (noarch) * python3-pyserial-3.4-150000.3.4.1 * python2-blinker-1.4-150000.3.6.1 * python3-jsonpatch-1.23-150100.3.5.1 * python2-oauthlib-2.0.6-150000.3.6.1 * python3-jsonpointer-1.14-150000.3.2.1 * Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64) * cloud-init-23.3-150100.8.74.7 * cloud-init-config-suse-23.3-150100.8.74.7 * Public Cloud Module 15-SP3 (noarch) * python3-jsonpointer-1.14-150000.3.2.1 * python3-jsonpatch-1.23-150100.3.5.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1198533 * https://bugzilla.suse.com/show_bug.cgi?id=1214169 * https://bugzilla.suse.com/show_bug.cgi?id=1218952 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 16:30:17 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 16:30:17 -0000 Subject: SUSE-RU-2024:0848-1: moderate: Recommended update for inst-source-utils Message-ID: <171026101731.28098.12862224271839668307@smelt2.prg2.suse.org> # Recommended update for inst-source-utils Announcement ID: SUSE-RU-2024:0848-1 Rating: moderate References: * bsc#1178224 * bsc#546152 * bsc#958511 * bsc#978085 Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 An update that has four fixes can now be installed. ## Description: This update for inst-source-utils fixes the following issues: * Update to 2023.11.08 (bsc#1178224) * Handle zstd repos in rezip_repo_rsyncable * Added a small perl helper to create updateinfos on your own * Add pattern-category also to susedata, not just susedata_i18n * rezip_repo_rsyncable: add "-n" option for gzip * Update create_package_descr: fix utf8 handling thanks to mls does not exist * Fix bogus code in rezip-repo-rsyncable * Add option -D to use sha256 checksums in create_package_descr * create_sha1sums fails to find custom gpg-key on non-english systems (bsc#546152) * Drop requires for recode only rpm headers instead of full rpms (bsc#978085) * Files recompressed (bsc#958511) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-848=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-848=1 ## Package List: * openSUSE Leap 15.5 (noarch) * inst-source-utils-2023.11.08-150400.3.3.1 * openSUSE Leap 15.4 (noarch) * inst-source-utils-2023.11.08-150400.3.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1178224 * https://bugzilla.suse.com/show_bug.cgi?id=546152 * https://bugzilla.suse.com/show_bug.cgi?id=958511 * https://bugzilla.suse.com/show_bug.cgi?id=978085 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 16:30:20 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 16:30:20 -0000 Subject: SUSE-SU-2024:0847-1: important: Security update for java-1_8_0-openjdk Message-ID: <171026102022.28098.6907342115730654828@smelt2.prg2.suse.org> # Security update for java-1_8_0-openjdk Announcement ID: SUSE-SU-2024:0847-1 Rating: important References: * bsc#1218903 * bsc#1218905 * bsc#1218906 * bsc#1218907 * bsc#1218909 * bsc#1218911 Cross-References: * CVE-2024-20918 * CVE-2024-20919 * CVE-2024-20921 * CVE-2024-20926 * CVE-2024-20945 * CVE-2024-20952 CVSS scores: * CVE-2024-20918 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N * CVE-2024-20919 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-20921 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-20926 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-20945 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-20952 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N Affected Products: * Legacy Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves six vulnerabilities can now be installed. ## Description: This update for java-1_8_0-openjdk fixes the following issues: * CVE-2024-20952: Fixed RSA padding issue and timing side-channel attack against TLS (8317547) (bsc#1218911). * CVE-2024-20921: Fixed range check loop optimization issue (8314307) (bsc#1218905). * CVE-2024-20926: Fixed rbitrary Java code execution in Nashorn (8314284) (bsc#1218906). * CVE-2024-20919: Fixed JVM class file verifier flaw allows unverified byte code execution (8314295) (bsc#1218903). * CVE-2024-20918: Fixed array out-of-bounds access due to missing range check in C1 compiler (8314468) (bsc#1218907). * CVE-2024-20945: Fixed logging of digital signature private keys (8316976) (bsc#1218909). Update to version jdk8u402 (icedtea-3.30.0). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-847=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-847=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-847=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-847=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-847=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-847=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-847=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-847=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-847=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-847=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-847=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-847=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openjdk-demo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debugsource-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-accessibility-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-src-1.8.0.402-150000.3.88.1 * openSUSE Leap 15.5 (noarch) * java-1_8_0-openjdk-javadoc-1.8.0.402-150000.3.88.1 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openjdk-demo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debugsource-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.402-150000.3.88.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * java-1_8_0-openjdk-demo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debugsource-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.402-150000.3.88.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * java-1_8_0-openjdk-demo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debugsource-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.402-150000.3.88.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * java-1_8_0-openjdk-demo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debugsource-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.402-150000.3.88.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openjdk-demo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debugsource-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.402-150000.3.88.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openjdk-demo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debugsource-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.402-150000.3.88.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * java-1_8_0-openjdk-demo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debugsource-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.402-150000.3.88.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * java-1_8_0-openjdk-demo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debugsource-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.402-150000.3.88.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * java-1_8_0-openjdk-demo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debugsource-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.402-150000.3.88.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * java-1_8_0-openjdk-demo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debugsource-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.402-150000.3.88.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * java-1_8_0-openjdk-demo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-headless-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-debugsource-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-demo-debuginfo-1.8.0.402-150000.3.88.1 * java-1_8_0-openjdk-devel-debuginfo-1.8.0.402-150000.3.88.1 ## References: * https://www.suse.com/security/cve/CVE-2024-20918.html * https://www.suse.com/security/cve/CVE-2024-20919.html * https://www.suse.com/security/cve/CVE-2024-20921.html * https://www.suse.com/security/cve/CVE-2024-20926.html * https://www.suse.com/security/cve/CVE-2024-20945.html * https://www.suse.com/security/cve/CVE-2024-20952.html * https://bugzilla.suse.com/show_bug.cgi?id=1218903 * https://bugzilla.suse.com/show_bug.cgi?id=1218905 * https://bugzilla.suse.com/show_bug.cgi?id=1218906 * https://bugzilla.suse.com/show_bug.cgi?id=1218907 * https://bugzilla.suse.com/show_bug.cgi?id=1218909 * https://bugzilla.suse.com/show_bug.cgi?id=1218911 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 16:30:23 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 16:30:23 -0000 Subject: SUSE-RU-2024:0846-1: moderate: Recommended update for selinux-policy Message-ID: <171026102314.28098.6027420242130158946@smelt2.prg2.suse.org> # Recommended update for selinux-policy Announcement ID: SUSE-RU-2024:0846-1 Rating: moderate References: * bsc#1220361 Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that has one fix can now be installed. ## Description: This update for selinux-policy fixes the following issues: * Don't audit getty and plymouth the checkpoint_restore capability (bsc#1220361) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-846=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (noarch) * selinux-policy-targeted-20230511+git15.bdc96df2-150500.3.15.1 * selinux-policy-20230511+git15.bdc96df2-150500.3.15.1 * selinux-policy-devel-20230511+git15.bdc96df2-150500.3.15.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1220361 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 16:30:23 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 16:30:23 -0000 Subject: SUSE-FU-2024:0839-1: moderate: Feature update for flatpak, libostree, bubblewrap Message-ID: <171026102355.28098.6057195951346625608@smelt2.prg2.suse.org> # Feature update for flatpak, libostree, bubblewrap Announcement ID: SUSE-FU-2024:0839-1 Rating: moderate References: Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that can now be installed. ## Description: This update for flatpak, libostree, bubblewrap fixes the following issues: * Update flatpak to version 1.14.5: * Features: * Stop http transfers if a download in progress becomes very slow * Add anchors to link to sections of flatpak-metadata documentation * Bug fixes: * Avoid warnings processing symbolic links with GLib >= 2.77.0 * Fix installation errors with libostree 2023.4 * Show AppStream metadata in flatpak remote-info as intended * Don't let Flatpak apps inherit VK_DRIVER_FILES or VK_ICD_FILENAMES from the host * Fix build failure with prereleases of libappstream 0.17.x * Forward-compatibility with libappstream 1.0 * Fix a memory leak * Fix compiler warnings * Clean up /var/tmp/flatpak-cache-* directories on boot * Don't force GIO_USE_VFS=local for programs launched via flatpak-spawn * Clarify documentation for D-Bus name ownership * Update libostree to version 2023.7: * Support for a "transient etc" * HTTP layer now retries requests by default * Fixed trying to fetch "loose" objects even when we were doing a delta pull * Fix variety of clang-analyzer fixes * Update bubblewrap to v0.8.0: * Add --disable-userns option to prevent the sandbox from creating its own nested user namespace * Add --assert-userns-disabled option to check that an existing userns was created with --disable-userns * Give a clearer error message if the kernel doesn't have CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-839=1 openSUSE-SLE-15.5-2024-839=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-839=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-839=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * flatpak-remote-flathub-1.14.5-150500.3.3.2 * libflatpak0-debuginfo-1.14.5-150500.3.3.2 * libostree-1-1-2023.7-150500.3.6.1 * libflatpak0-1.14.5-150500.3.3.2 * typelib-1_0-OSTree-1_0-2023.7-150500.3.6.1 * flatpak-debugsource-1.14.5-150500.3.3.2 * libostree-1-1-debuginfo-2023.7-150500.3.6.1 * libostree-debugsource-2023.7-150500.3.6.1 * flatpak-1.14.5-150500.3.3.2 * bubblewrap-debugsource-0.8.0-150500.3.3.1 * bubblewrap-zsh-completion-0.8.0-150500.3.3.1 * bubblewrap-0.8.0-150500.3.3.1 * flatpak-debuginfo-1.14.5-150500.3.3.2 * flatpak-devel-1.14.5-150500.3.3.2 * bubblewrap-debuginfo-0.8.0-150500.3.3.1 * typelib-1_0-Flatpak-1_0-1.14.5-150500.3.3.2 * libostree-devel-2023.7-150500.3.6.1 * libostree-2023.7-150500.3.6.1 * libostree-debuginfo-2023.7-150500.3.6.1 * openSUSE Leap 15.5 (noarch) * flatpak-zsh-completion-1.14.5-150500.3.3.2 * libostree-grub2-2023.7-150500.3.6.1 * system-user-flatpak-1.14.5-150500.3.3.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libostree-1-1-2023.7-150500.3.6.1 * libostree-1-1-debuginfo-2023.7-150500.3.6.1 * libostree-debugsource-2023.7-150500.3.6.1 * bubblewrap-debugsource-0.8.0-150500.3.3.1 * bubblewrap-zsh-completion-0.8.0-150500.3.3.1 * bubblewrap-0.8.0-150500.3.3.1 * bubblewrap-debuginfo-0.8.0-150500.3.3.1 * libostree-debuginfo-2023.7-150500.3.6.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * flatpak-remote-flathub-1.14.5-150500.3.3.2 * libflatpak0-debuginfo-1.14.5-150500.3.3.2 * libflatpak0-1.14.5-150500.3.3.2 * typelib-1_0-OSTree-1_0-2023.7-150500.3.6.1 * flatpak-debugsource-1.14.5-150500.3.3.2 * libostree-debugsource-2023.7-150500.3.6.1 * flatpak-1.14.5-150500.3.3.2 * libostree-devel-2023.7-150500.3.6.1 * flatpak-devel-1.14.5-150500.3.3.2 * flatpak-debuginfo-1.14.5-150500.3.3.2 * typelib-1_0-Flatpak-1_0-1.14.5-150500.3.3.2 * libostree-2023.7-150500.3.6.1 * libostree-debuginfo-2023.7-150500.3.6.1 * Desktop Applications Module 15-SP5 (noarch) * flatpak-zsh-completion-1.14.5-150500.3.3.2 * system-user-flatpak-1.14.5-150500.3.3.2 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 16:33:24 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 16:33:24 -0000 Subject: SUSE-FU-2024:0839-1: moderate: Feature update for flatpak, libostree, bubblewrap Message-ID: <171026120487.28341.3912728869759365361@smelt2.prg2.suse.org> # Feature update for flatpak, libostree, bubblewrap Announcement ID: SUSE-FU-2024:0839-1 Rating: moderate References: Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that can now be installed. ## Description: This update for flatpak, libostree, bubblewrap fixes the following issues: * Update flatpak to version 1.14.5: * Features: * Stop http transfers if a download in progress becomes very slow * Add anchors to link to sections of flatpak-metadata documentation * Bug fixes: * Avoid warnings processing symbolic links with GLib >= 2.77.0 * Fix installation errors with libostree 2023.4 * Show AppStream metadata in flatpak remote-info as intended * Don't let Flatpak apps inherit VK_DRIVER_FILES or VK_ICD_FILENAMES from the host * Fix build failure with prereleases of libappstream 0.17.x * Forward-compatibility with libappstream 1.0 * Fix a memory leak * Fix compiler warnings * Clean up /var/tmp/flatpak-cache-* directories on boot * Don't force GIO_USE_VFS=local for programs launched via flatpak-spawn * Clarify documentation for D-Bus name ownership * Update libostree to version 2023.7: * Support for a "transient etc" * HTTP layer now retries requests by default * Fixed trying to fetch "loose" objects even when we were doing a delta pull * Fix variety of clang-analyzer fixes * Update bubblewrap to v0.8.0: * Add --disable-userns option to prevent the sandbox from creating its own nested user namespace * Add --assert-userns-disabled option to check that an existing userns was created with --disable-userns * Give a clearer error message if the kernel doesn't have CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-839=1 openSUSE-SLE-15.5-2024-839=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-839=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-839=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * bubblewrap-0.8.0-150500.3.3.1 * libostree-1-1-2023.7-150500.3.6.1 * libostree-devel-2023.7-150500.3.6.1 * flatpak-debugsource-1.14.5-150500.3.3.2 * typelib-1_0-Flatpak-1_0-1.14.5-150500.3.3.2 * libflatpak0-1.14.5-150500.3.3.2 * libostree-1-1-debuginfo-2023.7-150500.3.6.1 * libostree-2023.7-150500.3.6.1 * libostree-debuginfo-2023.7-150500.3.6.1 * libostree-debugsource-2023.7-150500.3.6.1 * flatpak-debuginfo-1.14.5-150500.3.3.2 * libflatpak0-debuginfo-1.14.5-150500.3.3.2 * typelib-1_0-OSTree-1_0-2023.7-150500.3.6.1 * flatpak-1.14.5-150500.3.3.2 * flatpak-devel-1.14.5-150500.3.3.2 * flatpak-remote-flathub-1.14.5-150500.3.3.2 * bubblewrap-debugsource-0.8.0-150500.3.3.1 * bubblewrap-zsh-completion-0.8.0-150500.3.3.1 * bubblewrap-debuginfo-0.8.0-150500.3.3.1 * openSUSE Leap 15.5 (noarch) * system-user-flatpak-1.14.5-150500.3.3.2 * libostree-grub2-2023.7-150500.3.6.1 * flatpak-zsh-completion-1.14.5-150500.3.3.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * bubblewrap-0.8.0-150500.3.3.1 * libostree-1-1-2023.7-150500.3.6.1 * libostree-1-1-debuginfo-2023.7-150500.3.6.1 * libostree-debuginfo-2023.7-150500.3.6.1 * libostree-debugsource-2023.7-150500.3.6.1 * bubblewrap-debugsource-0.8.0-150500.3.3.1 * bubblewrap-zsh-completion-0.8.0-150500.3.3.1 * bubblewrap-debuginfo-0.8.0-150500.3.3.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libostree-devel-2023.7-150500.3.6.1 * flatpak-debugsource-1.14.5-150500.3.3.2 * typelib-1_0-Flatpak-1_0-1.14.5-150500.3.3.2 * libostree-2023.7-150500.3.6.1 * libostree-debuginfo-2023.7-150500.3.6.1 * libostree-debugsource-2023.7-150500.3.6.1 * flatpak-debuginfo-1.14.5-150500.3.3.2 * libflatpak0-debuginfo-1.14.5-150500.3.3.2 * typelib-1_0-OSTree-1_0-2023.7-150500.3.6.1 * flatpak-1.14.5-150500.3.3.2 * flatpak-devel-1.14.5-150500.3.3.2 * flatpak-remote-flathub-1.14.5-150500.3.3.2 * libflatpak0-1.14.5-150500.3.3.2 * Desktop Applications Module 15-SP5 (noarch) * system-user-flatpak-1.14.5-150500.3.3.2 * flatpak-zsh-completion-1.14.5-150500.3.3.2 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 16:36:25 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 16:36:25 -0000 Subject: SUSE-FU-2024:0839-1: moderate: Feature update for flatpak, libostree, bubblewrap Message-ID: <171026138578.29111.1081901969347048410@smelt2.prg2.suse.org> # Feature update for flatpak, libostree, bubblewrap Announcement ID: SUSE-FU-2024:0839-1 Rating: moderate References: Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that can now be installed. ## Description: This update for flatpak, libostree, bubblewrap fixes the following issues: * Update flatpak to version 1.14.5: * Features: * Stop http transfers if a download in progress becomes very slow * Add anchors to link to sections of flatpak-metadata documentation * Bug fixes: * Avoid warnings processing symbolic links with GLib >= 2.77.0 * Fix installation errors with libostree 2023.4 * Show AppStream metadata in flatpak remote-info as intended * Don't let Flatpak apps inherit VK_DRIVER_FILES or VK_ICD_FILENAMES from the host * Fix build failure with prereleases of libappstream 0.17.x * Forward-compatibility with libappstream 1.0 * Fix a memory leak * Fix compiler warnings * Clean up /var/tmp/flatpak-cache-* directories on boot * Don't force GIO_USE_VFS=local for programs launched via flatpak-spawn * Clarify documentation for D-Bus name ownership * Update libostree to version 2023.7: * Support for a "transient etc" * HTTP layer now retries requests by default * Fixed trying to fetch "loose" objects even when we were doing a delta pull * Fix variety of clang-analyzer fixes * Update bubblewrap to v0.8.0: * Add --disable-userns option to prevent the sandbox from creating its own nested user namespace * Add --assert-userns-disabled option to check that an existing userns was created with --disable-userns * Give a clearer error message if the kernel doesn't have CONFIG_SECCOMP and CONFIG_SECCOMP_FILTER ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-839=1 openSUSE-SLE-15.5-2024-839=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-839=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-839=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * flatpak-remote-flathub-1.14.5-150500.3.3.2 * libflatpak0-debuginfo-1.14.5-150500.3.3.2 * libostree-1-1-2023.7-150500.3.6.1 * libflatpak0-1.14.5-150500.3.3.2 * typelib-1_0-OSTree-1_0-2023.7-150500.3.6.1 * flatpak-debugsource-1.14.5-150500.3.3.2 * libostree-1-1-debuginfo-2023.7-150500.3.6.1 * libostree-debugsource-2023.7-150500.3.6.1 * flatpak-1.14.5-150500.3.3.2 * bubblewrap-debugsource-0.8.0-150500.3.3.1 * bubblewrap-zsh-completion-0.8.0-150500.3.3.1 * bubblewrap-0.8.0-150500.3.3.1 * flatpak-debuginfo-1.14.5-150500.3.3.2 * flatpak-devel-1.14.5-150500.3.3.2 * bubblewrap-debuginfo-0.8.0-150500.3.3.1 * typelib-1_0-Flatpak-1_0-1.14.5-150500.3.3.2 * libostree-devel-2023.7-150500.3.6.1 * libostree-2023.7-150500.3.6.1 * libostree-debuginfo-2023.7-150500.3.6.1 * openSUSE Leap 15.5 (noarch) * flatpak-zsh-completion-1.14.5-150500.3.3.2 * libostree-grub2-2023.7-150500.3.6.1 * system-user-flatpak-1.14.5-150500.3.3.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libostree-1-1-2023.7-150500.3.6.1 * libostree-1-1-debuginfo-2023.7-150500.3.6.1 * libostree-debugsource-2023.7-150500.3.6.1 * bubblewrap-debugsource-0.8.0-150500.3.3.1 * bubblewrap-zsh-completion-0.8.0-150500.3.3.1 * bubblewrap-0.8.0-150500.3.3.1 * bubblewrap-debuginfo-0.8.0-150500.3.3.1 * libostree-debuginfo-2023.7-150500.3.6.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * flatpak-remote-flathub-1.14.5-150500.3.3.2 * libflatpak0-debuginfo-1.14.5-150500.3.3.2 * libflatpak0-1.14.5-150500.3.3.2 * typelib-1_0-OSTree-1_0-2023.7-150500.3.6.1 * flatpak-debugsource-1.14.5-150500.3.3.2 * libostree-debugsource-2023.7-150500.3.6.1 * flatpak-1.14.5-150500.3.3.2 * libostree-devel-2023.7-150500.3.6.1 * flatpak-devel-1.14.5-150500.3.3.2 * flatpak-debuginfo-1.14.5-150500.3.3.2 * typelib-1_0-Flatpak-1_0-1.14.5-150500.3.3.2 * libostree-2023.7-150500.3.6.1 * libostree-debuginfo-2023.7-150500.3.6.1 * Desktop Applications Module 15-SP5 (noarch) * flatpak-zsh-completion-1.14.5-150500.3.3.2 * system-user-flatpak-1.14.5-150500.3.3.2 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 16:36:29 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 16:36:29 -0000 Subject: SUSE-RU-2024:0838-1: moderate: Recommended update for util-linux Message-ID: <171026138913.29111.1094819422553065322@smelt2.prg2.suse.org> # Recommended update for util-linux Announcement ID: SUSE-RU-2024:0838-1 Rating: moderate References: * bsc#1220117 Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that has one fix can now be installed. ## Description: This update for util-linux fixes the following issues: * Processes not cleaned up after failed SSH session are using up 100% CPU (bsc#1220117) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-838=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-838=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-838=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-838=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-838=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-838=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-838=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libmount1-debuginfo-2.37.2-150400.8.26.1 * libblkid1-debuginfo-2.37.2-150400.8.26.1 * util-linux-systemd-2.37.2-150400.8.26.1 * libfdisk-devel-static-2.37.2-150400.8.26.1 * uuidd-debuginfo-2.37.2-150400.8.26.1 * python3-libmount-2.37.2-150400.8.26.1 * util-linux-2.37.2-150400.8.26.1 * util-linux-systemd-debuginfo-2.37.2-150400.8.26.1 * libmount-devel-2.37.2-150400.8.26.1 * libuuid1-2.37.2-150400.8.26.1 * libblkid1-2.37.2-150400.8.26.1 * python3-libmount-debugsource-2.37.2-150400.8.26.1 * libsmartcols1-debuginfo-2.37.2-150400.8.26.1 * libuuid-devel-2.37.2-150400.8.26.1 * libblkid-devel-2.37.2-150400.8.26.1 * python3-libmount-debuginfo-2.37.2-150400.8.26.1 * util-linux-systemd-debugsource-2.37.2-150400.8.26.1 * libuuid1-debuginfo-2.37.2-150400.8.26.1 * libmount1-2.37.2-150400.8.26.1 * uuidd-2.37.2-150400.8.26.1 * libmount-devel-static-2.37.2-150400.8.26.1 * libblkid-devel-static-2.37.2-150400.8.26.1 * libuuid-devel-static-2.37.2-150400.8.26.1 * libsmartcols-devel-static-2.37.2-150400.8.26.1 * libsmartcols1-2.37.2-150400.8.26.1 * libfdisk1-debuginfo-2.37.2-150400.8.26.1 * libfdisk1-2.37.2-150400.8.26.1 * util-linux-debuginfo-2.37.2-150400.8.26.1 * util-linux-debugsource-2.37.2-150400.8.26.1 * libfdisk-devel-2.37.2-150400.8.26.1 * libsmartcols-devel-2.37.2-150400.8.26.1 * openSUSE Leap 15.4 (x86_64) * libfdisk-devel-32bit-2.37.2-150400.8.26.1 * libfdisk1-32bit-2.37.2-150400.8.26.1 * libmount1-32bit-2.37.2-150400.8.26.1 * libuuid1-32bit-2.37.2-150400.8.26.1 * libblkid-devel-32bit-2.37.2-150400.8.26.1 * libmount-devel-32bit-2.37.2-150400.8.26.1 * libsmartcols1-32bit-debuginfo-2.37.2-150400.8.26.1 * libfdisk1-32bit-debuginfo-2.37.2-150400.8.26.1 * libblkid1-32bit-2.37.2-150400.8.26.1 * libblkid1-32bit-debuginfo-2.37.2-150400.8.26.1 * libmount1-32bit-debuginfo-2.37.2-150400.8.26.1 * libuuid-devel-32bit-2.37.2-150400.8.26.1 * libuuid1-32bit-debuginfo-2.37.2-150400.8.26.1 * libsmartcols-devel-32bit-2.37.2-150400.8.26.1 * libsmartcols1-32bit-2.37.2-150400.8.26.1 * openSUSE Leap 15.4 (noarch) * util-linux-lang-2.37.2-150400.8.26.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libmount1-64bit-2.37.2-150400.8.26.1 * libsmartcols1-64bit-debuginfo-2.37.2-150400.8.26.1 * libblkid1-64bit-2.37.2-150400.8.26.1 * libmount1-64bit-debuginfo-2.37.2-150400.8.26.1 * libblkid-devel-64bit-2.37.2-150400.8.26.1 * libsmartcols-devel-64bit-2.37.2-150400.8.26.1 * libblkid1-64bit-debuginfo-2.37.2-150400.8.26.1 * libsmartcols1-64bit-2.37.2-150400.8.26.1 * libuuid1-64bit-2.37.2-150400.8.26.1 * libfdisk-devel-64bit-2.37.2-150400.8.26.1 * libuuid-devel-64bit-2.37.2-150400.8.26.1 * libmount-devel-64bit-2.37.2-150400.8.26.1 * libfdisk1-64bit-2.37.2-150400.8.26.1 * libuuid1-64bit-debuginfo-2.37.2-150400.8.26.1 * libfdisk1-64bit-debuginfo-2.37.2-150400.8.26.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * libmount1-debuginfo-2.37.2-150400.8.26.1 * libblkid1-debuginfo-2.37.2-150400.8.26.1 * util-linux-systemd-debugsource-2.37.2-150400.8.26.1 * libuuid1-debuginfo-2.37.2-150400.8.26.1 * libmount1-2.37.2-150400.8.26.1 * libsmartcols1-2.37.2-150400.8.26.1 * util-linux-systemd-debuginfo-2.37.2-150400.8.26.1 * libfdisk1-debuginfo-2.37.2-150400.8.26.1 * libblkid1-2.37.2-150400.8.26.1 * libuuid1-2.37.2-150400.8.26.1 * libfdisk1-2.37.2-150400.8.26.1 * util-linux-debuginfo-2.37.2-150400.8.26.1 * util-linux-systemd-2.37.2-150400.8.26.1 * util-linux-debugsource-2.37.2-150400.8.26.1 * libsmartcols1-debuginfo-2.37.2-150400.8.26.1 * util-linux-2.37.2-150400.8.26.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * libmount1-debuginfo-2.37.2-150400.8.26.1 * libblkid1-debuginfo-2.37.2-150400.8.26.1 * util-linux-systemd-debugsource-2.37.2-150400.8.26.1 * libuuid1-debuginfo-2.37.2-150400.8.26.1 * libmount1-2.37.2-150400.8.26.1 * libsmartcols1-2.37.2-150400.8.26.1 * util-linux-systemd-debuginfo-2.37.2-150400.8.26.1 * libfdisk1-debuginfo-2.37.2-150400.8.26.1 * libblkid1-2.37.2-150400.8.26.1 * libuuid1-2.37.2-150400.8.26.1 * libfdisk1-2.37.2-150400.8.26.1 * util-linux-debuginfo-2.37.2-150400.8.26.1 * util-linux-systemd-2.37.2-150400.8.26.1 * util-linux-debugsource-2.37.2-150400.8.26.1 * libsmartcols1-debuginfo-2.37.2-150400.8.26.1 * util-linux-2.37.2-150400.8.26.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libmount1-debuginfo-2.37.2-150400.8.26.1 * libblkid1-debuginfo-2.37.2-150400.8.26.1 * util-linux-systemd-debugsource-2.37.2-150400.8.26.1 * libuuid1-debuginfo-2.37.2-150400.8.26.1 * libmount1-2.37.2-150400.8.26.1 * libsmartcols1-2.37.2-150400.8.26.1 * util-linux-systemd-debuginfo-2.37.2-150400.8.26.1 * libfdisk1-debuginfo-2.37.2-150400.8.26.1 * libblkid1-2.37.2-150400.8.26.1 * libuuid1-2.37.2-150400.8.26.1 * libfdisk1-2.37.2-150400.8.26.1 * util-linux-debuginfo-2.37.2-150400.8.26.1 * util-linux-systemd-2.37.2-150400.8.26.1 * util-linux-debugsource-2.37.2-150400.8.26.1 * libsmartcols1-debuginfo-2.37.2-150400.8.26.1 * util-linux-2.37.2-150400.8.26.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libmount1-debuginfo-2.37.2-150400.8.26.1 * libblkid1-debuginfo-2.37.2-150400.8.26.1 * util-linux-systemd-debugsource-2.37.2-150400.8.26.1 * libuuid1-debuginfo-2.37.2-150400.8.26.1 * libmount1-2.37.2-150400.8.26.1 * libsmartcols1-2.37.2-150400.8.26.1 * util-linux-systemd-debuginfo-2.37.2-150400.8.26.1 * libfdisk1-debuginfo-2.37.2-150400.8.26.1 * libblkid1-2.37.2-150400.8.26.1 * libuuid1-2.37.2-150400.8.26.1 * libfdisk1-2.37.2-150400.8.26.1 * util-linux-debuginfo-2.37.2-150400.8.26.1 * util-linux-systemd-2.37.2-150400.8.26.1 * util-linux-debugsource-2.37.2-150400.8.26.1 * libsmartcols1-debuginfo-2.37.2-150400.8.26.1 * util-linux-2.37.2-150400.8.26.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libmount1-debuginfo-2.37.2-150400.8.26.1 * libblkid1-debuginfo-2.37.2-150400.8.26.1 * util-linux-systemd-debugsource-2.37.2-150400.8.26.1 * libuuid1-debuginfo-2.37.2-150400.8.26.1 * libmount1-2.37.2-150400.8.26.1 * libsmartcols1-2.37.2-150400.8.26.1 * util-linux-systemd-debuginfo-2.37.2-150400.8.26.1 * libfdisk1-debuginfo-2.37.2-150400.8.26.1 * libblkid1-2.37.2-150400.8.26.1 * libuuid1-2.37.2-150400.8.26.1 * libfdisk1-2.37.2-150400.8.26.1 * util-linux-debuginfo-2.37.2-150400.8.26.1 * util-linux-systemd-2.37.2-150400.8.26.1 * util-linux-debugsource-2.37.2-150400.8.26.1 * libsmartcols1-debuginfo-2.37.2-150400.8.26.1 * util-linux-2.37.2-150400.8.26.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libmount1-debuginfo-2.37.2-150400.8.26.1 * libblkid1-debuginfo-2.37.2-150400.8.26.1 * util-linux-systemd-debugsource-2.37.2-150400.8.26.1 * libuuid1-debuginfo-2.37.2-150400.8.26.1 * libmount1-2.37.2-150400.8.26.1 * libsmartcols1-2.37.2-150400.8.26.1 * util-linux-systemd-debuginfo-2.37.2-150400.8.26.1 * libfdisk1-debuginfo-2.37.2-150400.8.26.1 * libblkid1-2.37.2-150400.8.26.1 * libuuid1-2.37.2-150400.8.26.1 * libfdisk1-2.37.2-150400.8.26.1 * util-linux-debuginfo-2.37.2-150400.8.26.1 * util-linux-systemd-2.37.2-150400.8.26.1 * util-linux-debugsource-2.37.2-150400.8.26.1 * libsmartcols1-debuginfo-2.37.2-150400.8.26.1 * util-linux-2.37.2-150400.8.26.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1220117 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 16:36:32 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 16:36:32 -0000 Subject: SUSE-RU-2024:0837-1: moderate: Recommended update for selinux-policy Message-ID: <171026139243.29111.16275405357012684384@smelt2.prg2.suse.org> # Recommended update for selinux-policy Announcement ID: SUSE-RU-2024:0837-1 Rating: moderate References: * bsc#1220361 Affected Products: * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that has one fix can now be installed. ## Description: This update for selinux-policy fixes the following issues: * Fixed SELinux preventing agetty from using the checkpoint_restore capability (bsc#1220361) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-837=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-837=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-837=1 ## Package List: * openSUSE Leap Micro 5.4 (noarch) * selinux-policy-targeted-20230511+git16.5733e724-150400.4.30.1 * selinux-policy-20230511+git16.5733e724-150400.4.30.1 * selinux-policy-devel-20230511+git16.5733e724-150400.4.30.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * selinux-policy-targeted-20230511+git16.5733e724-150400.4.30.1 * selinux-policy-20230511+git16.5733e724-150400.4.30.1 * selinux-policy-devel-20230511+git16.5733e724-150400.4.30.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * selinux-policy-targeted-20230511+git16.5733e724-150400.4.30.1 * selinux-policy-20230511+git16.5733e724-150400.4.30.1 * selinux-policy-devel-20230511+git16.5733e724-150400.4.30.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1220361 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 16:36:35 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 16:36:35 -0000 Subject: SUSE-RU-2024:0836-1: moderate: Recommended update for ocl-icd Message-ID: <171026139510.29111.4952955167433540302@smelt2.prg2.suse.org> # Recommended update for ocl-icd Announcement ID: SUSE-RU-2024:0836-1 Rating: moderate References: * bsc#1173005 * bsc#1189433 * bsc#1219781 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 * SUSE Package Hub 15 15-SP5 An update that has three fixes can now be installed. ## Description: This update for ocl-icd fixes the following issue: * Fix build against recent opencl: pass --enable-official-khronos-headers to configure. Update to version 2.3.1 * Khronos Header Compatibility * overwrite the libopenCL.so.1 link in %post of baselibs. (bsc#1189433) Update to version 2.3.0 * Change OCL_ICD_LAYERS to OPENCL_LAYERS to conform to upecification * Updated layer support around official CL/cl_layer.h * Updated OpenCL Headers * Fixed typo in manpage Update to version 2.2.14 * Added experimental support for layers Update to version 2.2.13 * Removed warnings and use uniform warning suppression * Switched Khornos Headers to OpenCL3.0 * Added OpenCL 3.0 support * Fix warning in gcc10 * Updated loader and headers to support clSetContextDestructorCallback. * Call clGetDeviceIDs directly through the dispatch table Switched to /usr/etc/OpenCL/vendors for vendor specific .icd files (boo#1173005); currently I'm only aware of Mesa using it (taking care about adjusting this myself); NVIDIA is using its own libOpenCL ... Update to version 2.2.12: * Switched khronos headers to OpenCL 2.2. * Added OpenCL 2.2 support. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-836=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-836=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-836=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * ocl-icd-debugsource-2.3.1-150100.8.7.1 * ocl-icd-devel-2.3.1-150100.8.7.1 * libOpenCL1-2.3.1-150100.8.7.1 * libOpenCL1-debuginfo-2.3.1-150100.8.7.1 * openSUSE Leap 15.5 (x86_64) * libOpenCL1-32bit-debuginfo-2.3.1-150100.8.7.1 * libOpenCL1-32bit-2.3.1-150100.8.7.1 * ocl-icd-devel-32bit-2.3.1-150100.8.7.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x) * ocl-icd-debugsource-2.3.1-150100.8.7.1 * ocl-icd-devel-2.3.1-150100.8.7.1 * libOpenCL1-2.3.1-150100.8.7.1 * libOpenCL1-debuginfo-2.3.1-150100.8.7.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * ocl-icd-debugsource-2.3.1-150100.8.7.1 * ocl-icd-devel-2.3.1-150100.8.7.1 * libOpenCL1-2.3.1-150100.8.7.1 * libOpenCL1-debuginfo-2.3.1-150100.8.7.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1173005 * https://bugzilla.suse.com/show_bug.cgi?id=1189433 * https://bugzilla.suse.com/show_bug.cgi?id=1219781 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 16:36:36 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 16:36:36 -0000 Subject: SUSE-SU-2024:0834-1: important: Security update for sudo Message-ID: <171026139668.29111.3929396354039426611@smelt2.prg2.suse.org> # Security update for sudo Announcement ID: SUSE-SU-2024:0834-1 Rating: important References: * bsc#1219026 * bsc#1220389 Cross-References: * CVE-2023-42465 CVSS scores: * CVE-2023-42465 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42465 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for sudo fixes the following issues: * CVE-2023-42465: Try to make sudo less vulnerable to ROWHAMMER attacks (bsc#1219026). Fixed issues introduced by first patches for CVE-2023-42465 (bsc#1220389). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-834=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-834=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-834=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-834=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-834=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-834=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-834=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-834=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * sudo-devel-1.9.5p2-150300.3.33.1 * sudo-1.9.5p2-150300.3.33.1 * sudo-plugin-python-1.9.5p2-150300.3.33.1 * sudo-debugsource-1.9.5p2-150300.3.33.1 * sudo-debuginfo-1.9.5p2-150300.3.33.1 * sudo-plugin-python-debuginfo-1.9.5p2-150300.3.33.1 * sudo-test-1.9.5p2-150300.3.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * sudo-devel-1.9.5p2-150300.3.33.1 * sudo-1.9.5p2-150300.3.33.1 * sudo-plugin-python-1.9.5p2-150300.3.33.1 * sudo-debugsource-1.9.5p2-150300.3.33.1 * sudo-debuginfo-1.9.5p2-150300.3.33.1 * sudo-plugin-python-debuginfo-1.9.5p2-150300.3.33.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * sudo-devel-1.9.5p2-150300.3.33.1 * sudo-1.9.5p2-150300.3.33.1 * sudo-plugin-python-1.9.5p2-150300.3.33.1 * sudo-debugsource-1.9.5p2-150300.3.33.1 * sudo-debuginfo-1.9.5p2-150300.3.33.1 * sudo-plugin-python-debuginfo-1.9.5p2-150300.3.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * sudo-devel-1.9.5p2-150300.3.33.1 * sudo-1.9.5p2-150300.3.33.1 * sudo-plugin-python-1.9.5p2-150300.3.33.1 * sudo-debugsource-1.9.5p2-150300.3.33.1 * sudo-debuginfo-1.9.5p2-150300.3.33.1 * sudo-plugin-python-debuginfo-1.9.5p2-150300.3.33.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * sudo-devel-1.9.5p2-150300.3.33.1 * sudo-1.9.5p2-150300.3.33.1 * sudo-plugin-python-1.9.5p2-150300.3.33.1 * sudo-debugsource-1.9.5p2-150300.3.33.1 * sudo-debuginfo-1.9.5p2-150300.3.33.1 * sudo-plugin-python-debuginfo-1.9.5p2-150300.3.33.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * sudo-debugsource-1.9.5p2-150300.3.33.1 * sudo-debuginfo-1.9.5p2-150300.3.33.1 * sudo-1.9.5p2-150300.3.33.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * sudo-debugsource-1.9.5p2-150300.3.33.1 * sudo-debuginfo-1.9.5p2-150300.3.33.1 * sudo-1.9.5p2-150300.3.33.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * sudo-debugsource-1.9.5p2-150300.3.33.1 * sudo-debuginfo-1.9.5p2-150300.3.33.1 * sudo-1.9.5p2-150300.3.33.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42465.html * https://bugzilla.suse.com/show_bug.cgi?id=1219026 * https://bugzilla.suse.com/show_bug.cgi?id=1220389 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 20:30:18 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 20:30:18 -0000 Subject: SUSE-SU-2024:0855-1: important: Security update for the Linux Kernel Message-ID: <171027541858.18042.5633801766267230944@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:0855-1 Rating: important References: * bsc#1194869 * bsc#1206453 * bsc#1209412 * bsc#1216776 * bsc#1217927 * bsc#1218195 * bsc#1218216 * bsc#1218450 * bsc#1218527 * bsc#1218562 * bsc#1218663 * bsc#1218915 * bsc#1219126 * bsc#1219127 * bsc#1219141 * bsc#1219146 * bsc#1219295 * bsc#1219443 * bsc#1219653 * bsc#1219827 * bsc#1219835 * bsc#1219839 * bsc#1219840 * bsc#1219934 * bsc#1220003 * bsc#1220009 * bsc#1220021 * bsc#1220030 * bsc#1220106 * bsc#1220140 * bsc#1220187 * bsc#1220238 * bsc#1220240 * bsc#1220241 * bsc#1220243 * bsc#1220250 * bsc#1220251 * bsc#1220253 * bsc#1220254 * bsc#1220255 * bsc#1220257 * bsc#1220267 * bsc#1220277 * bsc#1220317 * bsc#1220325 * bsc#1220326 * bsc#1220328 * bsc#1220330 * bsc#1220335 * bsc#1220344 * bsc#1220348 * bsc#1220350 * bsc#1220364 * bsc#1220392 * bsc#1220393 * bsc#1220398 * bsc#1220409 * bsc#1220433 * bsc#1220444 * bsc#1220457 * bsc#1220459 * bsc#1220469 * bsc#1220649 * bsc#1220735 * bsc#1220736 * bsc#1220796 * bsc#1220825 * bsc#1220845 * bsc#1220848 * bsc#1220917 * bsc#1220930 * bsc#1220931 * bsc#1220933 * jsc#PED-7618 Cross-References: * CVE-2019-25162 * CVE-2021-46923 * CVE-2021-46924 * CVE-2021-46932 * CVE-2021-46934 * CVE-2021-47083 * CVE-2022-48627 * CVE-2022-48628 * CVE-2023-5197 * CVE-2023-52340 * CVE-2023-52429 * CVE-2023-52439 * CVE-2023-52443 * CVE-2023-52445 * CVE-2023-52447 * CVE-2023-52448 * CVE-2023-52449 * CVE-2023-52451 * CVE-2023-52452 * CVE-2023-52456 * CVE-2023-52457 * CVE-2023-52462 * CVE-2023-52463 * CVE-2023-52464 * CVE-2023-52467 * CVE-2023-52475 * CVE-2023-52478 * CVE-2023-52482 * CVE-2023-52530 * CVE-2023-52531 * CVE-2023-52559 * CVE-2023-6270 * CVE-2023-6817 * CVE-2024-0607 * CVE-2024-1151 * CVE-2024-23849 * CVE-2024-23850 * CVE-2024-23851 * CVE-2024-25744 * CVE-2024-26585 * CVE-2024-26586 * CVE-2024-26589 * CVE-2024-26591 * CVE-2024-26593 * CVE-2024-26595 * CVE-2024-26598 * CVE-2024-26602 * CVE-2024-26603 * CVE-2024-26607 * CVE-2024-26622 CVSS scores: * CVE-2019-25162 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46923 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46924 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46932 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46934 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47083 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2022-48627 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2022-48628 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2023-5197 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-5197 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52439 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52443 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52445 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52448 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52451 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52452 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52456 ( SUSE ): 4.0 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52457 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52462 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N * CVE-2023-52463 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52464 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52467 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52475 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52478 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52482 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-52530 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52531 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52559 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6817 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6817 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0607 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-0607 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-1151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-23849 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26586 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26589 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26591 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26593 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26607 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 50 vulnerabilities, contains one feature and has 23 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 Azure kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2023-6270: Fixed a use-after-free bug in aoecmd_cfg_pkts (bsc#1218562). * CVE-2023-52559: Fixed a bug by avoiding memory allocation in iommu_suspend (bsc#1220933). * CVE-2023-52462: Fixed a security check for attempt to corrupt spilled pointer (bsc#1220325). * CVE-2023-52467: Fixed a null pointer dereference in of_syscon_register (bsc#1220433). * CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328). * CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930). * CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736). * CVE-2024-26591: Fixed re-attachment branch in bpf_tracing_prog_attach (bsc#1220254). * CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295). * CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915). * CVE-2023-6817: Fixed use-after-free in nft_pipapo_walk (bsc#1218195). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825). * CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126). * CVE-2023-52452: Fixed Fix accesses to uninit stack slots (bsc#1220257). * CVE-2023-52457: Fixed skipped resource freeing if pm_runtime_resume_and_get() failed (bsc#1220350). * CVE-2023-52456: Fixed tx statemachine deadlock (bsc#1220364). * CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250). * CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251). * CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238). * CVE-2021-46923: Fixed reference leakage in fs/mount_setattr (bsc#1220457). * CVE-2024-26598: Fixed potential UAF in LPI translation cache (bsc#1220326). * CVE-2024-26603: Fixed infinite loop via #PF handling (bsc#1220335). * CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241). * CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140). * CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240). * CVE-2024-26593: Fixed block process call transactions (bsc#1220009). * CVE-2024-26586: Fixed stack corruption (bsc#1220243). * CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344). * CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330) * CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2_rgrp_dump (bsc#1220253). * CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835). * CVE-2023-5197: Fixed se-after-free due to addition and removal of rules from chain bindings within the same transaction (bsc#1218216). * CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127). * CVE-2023-52429: Fixed potential DoS in dm_table_create in drivers/md/dm- table.c (bsc#1219827). * CVE-2024-23851: Fixed crash in copy_params in drivers/md/dm-ioctl.c (bsc#1219146). The following non-security bugs were fixed: * ACPI: APEI: set memory failure flags as MF_ACTION_REQUIRED on synchronous events (git-fixes). * ACPI: button: Add lid disable DMI quirk for Nextbook Ares 8A (git-fixes). * ACPI: extlog: fix NULL pointer dereference check (git-fixes). * ACPI: resource: Add ASUS model S5402ZA to quirks (git-fixes). * ACPI: resource: Skip IRQ override on ASUS ExpertBook B1502CBA (git-fixes). * ACPI: resource: Skip IRQ override on Asus Expertbook B2402CBA (git-fixes). * ACPI: video: Add backlight=native DMI quirk for Apple iMac11,3 (git-fixes). * ACPI: video: Add backlight=native DMI quirk for Apple iMac12,1 and iMac12,2 (git-fixes). * ACPI: video: Add backlight=native DMI quirk for Lenovo ThinkPad X131e (3371 AMD version) (git-fixes). * ACPI: video: Add quirk for the Colorful X15 AT 23 Laptop (git-fixes). * afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() (git- fixes). * afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() (git-fixes). * afs: Hide silly-rename files from userspace (git-fixes). * afs: Increase buffer size in afs_update_volume_status() (git-fixes). * ahci: asm1166: correct count of reported ports (git-fixes). * ALSA: Drop leftover snd-rtctimer stuff from Makefile (git-fixes). * ALSA: firewire-lib: fix to check cycle continuity (git-fixes). * ALSA: hda/conexant: Add quirk for SWS JS201D (git-fixes). * ALSA: hda/realtek: Apply headset jack quirk for non-bass alc287 thinkpads (git-fixes). * ALSA: hda/realtek: cs35l41: Fix device ID / model name (git-fixes). * ALSA: hda/realtek: cs35l41: Fix order and duplicates in quirks table (git- fixes). * ALSA: hda/realtek: Enable headset mic on Vaio VJFE-ADL (git-fixes). * ALSA: hda/realtek: Enable Mute LED on HP Laptop 14-fq0xxx (git-fixes). * ALSA: hda/realtek: fix mute/micmute LED For HP mt645 (git-fixes). * ALSA: hda/realtek: fix mute/micmute LEDs for HP ZBook Power (git-fixes). * ALSA: hda/realtek: Fix the external mic not being recognised for Acer Swift 1 SF114-32 (git-fixes). * ALSA: usb-audio: Add a quirk for Yamaha YIT-W12TX transmitter (git-fixes). * ALSA: usb-audio: Add delay quirk for MOTU M Series 2nd revision (git-fixes). * ALSA: usb-audio: add quirk for RODE NT-USB+ (git-fixes). * ALSA: usb-audio: Check presence of valid altsetting control (git-fixes). * ALSA: usb-audio: Ignore clock selector errors for single connection (git- fixes). * ALSA: usb-audio: More relaxed check of MIDI jack names (git-fixes). * ALSA: usb-audio: Sort quirk table entries (git-fixes). * arm64: entry: fix ARM64_WORKAROUND_SPECULATIVE_UNPRIV_LOAD (bsc#1219443) * arm64: entry: Preserve/restore X29 even for compat tasks (bsc#1219443) * arm64: entry: Simplify tramp_alias macro and tramp_exit routine (bsc#1219443) * arm64: errata: Add Cortex-A510 speculative unprivileged load (bsc#1219443) Enable workaround. * arm64: errata: Add Cortex-A520 speculative unprivileged load (bsc#1219443) Enable workaround without kABI break. * arm64: errata: Mitigate Ampere1 erratum AC03_CPU_38 at stage-2 (git-fixes) Enable AMPERE_ERRATUM_AC03_CPU_38 workaround without kABI break * arm64: irq: set the correct node for shadow call stack (git-fixes) * arm64: irq: set the correct node for VMAP stack (git-fixes) * arm64: Rename ARM64_WORKAROUND_2966298 (bsc#1219443) * arm64: Subscribe Microsoft Azure Cobalt 100 to ARM Neoverse N2 errata (git- fixes) * ASoC: doc: Fix undefined SND_SOC_DAPM_NOPM argument (git-fixes). * ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work() (git-fixes). * ASoC: SOF: IPC3: fix message bounds on ipc ops (git-fixes). * ASoC: sunxi: sun4i-spdif: Add support for Allwinner H616 (git-fixes). * atm: idt77252: fix a memleak in open_card_ubr0 (git-fixes). * Bluetooth: Avoid potential use-after-free in hci_error_reset (git-fixes). * Bluetooth: Enforce validation on max value of connection interval (git- fixes). * Bluetooth: hci_event: Fix handling of HCI_EV_IO_CAPA_REQUEST (git-fixes). * Bluetooth: hci_event: Fix wrongly recorded wakeup BD_ADDR (git-fixes). * Bluetooth: hci_sync: Check the correct flag before starting a scan (git- fixes). * Bluetooth: hci_sync: Fix accept_list when attempting to suspend (git-fixes). * Bluetooth: L2CAP: Fix possible multiple reject send (git-fixes). * Bluetooth: qca: Fix wrong event type for patch config command (git-fixes). * bpf: Fix verification of indirect var-off stack access (git-fixes). * bpf: Fix verification of indirect var-off stack access (git-fixes). * bpf: Guard stack limits against 32bit overflow (git-fixes). * bpf: Guard stack limits against 32bit overflow (git-fixes). * bpf: Minor logging improvement (bsc#1220257). * bus: moxtet: Add spi device table (git-fixes). * cachefiles: fix memory leak in cachefiles_add_cache() (bsc#1220267). * can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) (git-fixes). * crypto: api - Disallow identical driver names (git-fixes). * crypto: ccp - Fix null pointer dereference in __sev_platform_shutdown_locked (git-fixes). * crypto: octeontx2 - Fix cptvf driver cleanup (git-fixes). * crypto: stm32/crc32 - fix parsing list of devices (git-fixes). * dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA (git-fixes). * dmaengine: fsl-qdma: fix SoC may hang on 16 byte unaligned read (git-fixes). * dmaengine: fsl-qdma: increase size of 'irq_name' (git-fixes). * dmaengine: fsl-qdma: init irq after reg initialization (git-fixes). * dmaengine: ptdma: use consistent DMA masks (git-fixes). * dmaengine: shdma: increase size of 'dev_id' (git-fixes). * dmaengine: ti: edma: Add some null pointer checks to the edma_probe (git- fixes). * driver core: Fix device_link_flag_is_sync_state_only() (git-fixes). * drm/amd/display: Fix memory leak in dm_sw_fini() (git-fixes). * drm/amd/display: Fix possible buffer overflow in 'find_dcfclk_for_voltage()' (git-fixes). * drm/amd/display: Fix possible NULL dereference on device remove/driver unload (git-fixes). * drm/amd/display: Increase frame-larger-than for all display_mode_vba files (git-fixes). * drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz (git-fixes). * drm/amd/display: Preserve original aspect ratio in create stream (git- fixes). * drm/amdgpu: reset gpu for s3 suspend abort case (git-fixes). * drm/amdgpu: skip to program GFXDEC registers for suspend abort (git-fixes). * drm/amdgpu/display: Initialize gamma correction mode variable in dcn30_get_gamcor_current() (git-fixes). * drm/buddy: fix range bias (git-fixes). * drm/crtc: fix uninitialized variable use even harder (git-fixes). * drm/i915/gvt: Fix uninitialized variable in handle_mmio() (git-fixes). * drm/msm/dp: return correct Colorimetry for DP_TEST_DYNAMIC_RANGE_CEA case (git-fixes). * drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup (git- fixes). * drm/msms/dp: fixed link clock divider bits be over written in BPC unknown case (git-fixes). * drm/prime: Support page array >= 4GB (git-fixes). * drm/syncobj: call drm_syncobj_fence_add_wait when WAIT_AVAILABLE flag is set (git-fixes). * drm/ttm: Fix an invalid freeing on already freed page in error path (git- fixes). * efi: Do not add memblocks for soft-reserved memory (git-fixes). * efi: runtime: Fix potential overflow of soft-reserved region size (git- fixes). * efi/capsule-loader: fix incorrect allocation size (git-fixes). * fbcon: always restore the old font data in fbcon_do_set_font() (git-fixes). * fbdev: savage: Error out if pixclock equals zero (git-fixes). * fbdev: sis: Error out if pixclock equals zero (git-fixes). * firewire: core: send bus reset promptly on gap count error (git-fixes). * fs: dlm: fix build with CONFIG_IPV6 disabled (git-fixes). * fs: JFS: UBSAN: array-index-out-of-bounds in dbAdjTree (git-fixes). * gpio: 74x164: Enable output pins after registers are reset (git-fixes). * gpio: fix resource unwinding order in error path (git-fixes). * gpiolib: acpi: Ignore touchpad wakeup on GPD G1619-04 (git-fixes). * gpiolib: Fix the error path order in gpiochip_add_data_with_key() (git- fixes). * HID: apple: Add 2021 magic keyboard FN key mapping (git-fixes). * HID: apple: Add support for the 2021 Magic Keyboard (git-fixes). * HID: wacom: Do not register input devices until after hid_hw_start (git- fixes). * HID: wacom: generic: Avoid reporting a serial of '0' to userspace (git- fixes). * hwmon: (aspeed-pwm-tacho) mutex for tach reading (git-fixes). * hwmon: (coretemp) Enlarge per package core count limit (git-fixes). * hwmon: (coretemp) Fix bogus core_id to attr name mapping (git-fixes). * hwmon: (coretemp) Fix out-of-bounds memory access (git-fixes). * i2c: i801: Fix block process call transactions (git-fixes). * i2c: i801: Remove i801_set_block_buffer_mode (git-fixes). * i2c: imx: Add timer for handling the stop condition (git-fixes). * i2c: imx: when being a target, mark the last read as processed (git-fixes). * i3c: master: cdns: Update maximum prescaler value for i2c clock (git-fixes). * IB/hfi1: Fix a memleak in init_credit_return (git-fixes) * IB/hfi1: Fix sdma.h tx->num_descs off-by-one error (git-fixes) * iio: accel: bma400: Fix a compilation problem (git-fixes). * iio: adc: ad7091r: Set alert bit in config register (git-fixes). * iio: core: fix memleak in iio_device_register_sysfs (git-fixes). * iio: hid-sensor-als: Return 0 for HID_USAGE_SENSOR_TIME_TIMESTAMP (git- fixes). * iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC (git-fixes). * Input: i8042 - add Fujitsu Lifebook E5411 to i8042 quirk table (git-fixes). * Input: i8042 - add Fujitsu Lifebook U728 to i8042 quirk table (git-fixes). * Input: i8042 - add quirk for Fujitsu Lifebook A574/H (git-fixes). * Input: i8042 - fix strange behavior of touchpad on Clevo NS70PU (git-fixes). * Input: iqs269a - switch to DEFINE_SIMPLE_DEV_PM_OPS() and pm_sleep_ptr() (git-fixes). * Input: pm8941-powerkey - fix debounce on gen2+ PMICs (git-fixes). * Input: pm8941-pwrkey - add software key press debouncing support (git- fixes). * Input: pm8941-pwrkey - add support for PON GEN3 base addresses (git-fixes). * Input: xpad - add Lenovo Legion Go controllers (git-fixes). * Input: xpad - add Lenovo Legion Go controllers (git-fixes). * irqchip/gic-v3-its: Fix GICv4.1 VPE affinity update (git-fixes). * irqchip/irq-brcmstb-l2: Add write memory barrier before exit (git-fixes). * jfs: fix array-index-out-of-bounds in dbAdjTree (git-fixes). * jfs: fix array-index-out-of-bounds in diNewExt (git-fixes). * jfs: fix slab-out-of-bounds Read in dtSearch (git-fixes). * jfs: fix uaf in jfs_evict_inode (git-fixes). * kbuild: Fix changing ELF file type for output of gen_btf for big endian (git-fixes). * KVM: s390: fix cc for successful PQAP (git-fixes bsc#1219839). * KVM: s390: fix setting of fpc register (git-fixes bsc#1220392). * KVM: s390: vsie: fix race during shadow creation (git-fixes bsc#1220393). * KVM: VMX: Move VERW closer to VMentry for MDS mitigation (git-fixes). * KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (git- fixes). * lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-commit). * lan78xx: enable auto speed configuration for LAN7850 if no EEPROM is detected (git-fixes). * leds: trigger: panic: Do not register panic notifier if creating the trigger failed (git-fixes). * lib/stackdepot: add depot_fetch_stack helper (jsc-PED#7423). * lib/stackdepot: add refcount for records (jsc-PED#7423). * lib/stackdepot: Fix first entry having a 0-handle (jsc-PED#7423). * lib/stackdepot: Move stack_record struct definition into the header (jsc- PED#7423). * libsubcmd: Fix memory leak in uniq() (git-fixes). * md: Do not ignore suspended array in md_check_recovery() (git-fixes). * md: do not leave 'MD_RECOVERY_FROZEN' in error path of md_set_readonly() (git-fixes). * md: introduce md_ro_state (git-fixes). * md: Make sure md_do_sync() will set MD_RECOVERY_DONE (git-fixes). * md: Whenassemble the array, consult the superblock of the freshest device (git-fixes). * md/raid10: check slab-out-of-bounds in md_bitmap_get_counter (git-fixes). * md/raid5: release batch_last before waiting for another stripe_head (git- fixes). * md/raid6: use valid sector values to determine if an I/O should wait on the reshape (git-fixes). * media: ddbridge: fix an error code problem in ddb_probe (git-fixes). * media: ir_toy: fix a memleak in irtoy_tx (git-fixes). * media: rc: bpf attach/detach requires write permission (git-fixes). * media: rockchip: rga: fix swizzling for RGB formats (git-fixes). * media: stk1160: Fixed high volume of stk1160_dbg messages (git-fixes). * mfd: syscon: Fix null pointer dereference in of_syscon_register() (git- fixes). * mm,page_owner: Display all stacks and their count (jsc-PED#7423). * mm,page_owner: Filter out stacks by a threshold (jsc-PED#7423). * mm,page_owner: Implement the tracking of the stacks count (jsc-PED#7423). * mm,page_owner: Maintain own list of stack_records structs (jsc-PED#7423). * mm,page_owner: Update Documentation regarding page_owner_stacks (jsc- PED#7423). * mm: memory-failure: fix potential unexpected return value from unpoison_memory() (git-fixes). * mm/hwpoison: fix unpoison_memory() (bsc#1218663). * mm/hwpoison: mf_mutex for soft offline and unpoison (bsc#1218663). * mm/hwpoison: remove MF_MSG_BUDDY_2ND and MF_MSG_POISONED_HUGE (bsc#1218663). * mmc: core: Fix eMMC initialization with 1-bit bus connection (git-fixes). * mmc: core: Use mrq.sbc in close-ended ffu (git-fixes). * mmc: mmc_spi: remove custom DMA mapped buffers (git-fixes). * mmc: sdhci-xenon: add timeout for PHY init complete (git-fixes). * mmc: sdhci-xenon: fix PHY init clock stability (git-fixes). * mmc: slot-gpio: Allow non-sleeping GPIO ro (git-fixes). * modpost: trim leading spaces when processing source files list (git-fixes). * mtd: spinand: gigadevice: Fix the get ecc status issue (git-fixes). * net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes). * net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes). * netfs, fscache: Prevent Oops in fscache_put_cache() (bsc#1220003). * nilfs2: fix data corruption in dsync block recovery for small block sizes (git-fixes). * nilfs2: replace WARN_ONs for invalid DAT metadata block requests (git- fixes). * nouveau: fix function cast warnings (git-fixes). * nouveau/svm: fix kvcalloc() argument order (git-fixes). * ntfs: check overflow when iterating ATTR_RECORDs (git-fixes). * ntfs: fix use-after-free in ntfs_attr_find() (git-fixes). * nvme-fabrics: fix I/O connect error handling (git-fixes). * nvme-host: fix the updating of the firmware version (git-fixes). * PCI: Add no PM reset quirk for NVIDIA Spectrum devices (git-fixes). * PCI: Add PCI_HEADER_TYPE_MFD definition (bsc#1220021). * PCI: Fix 64GT/s effective data rate calculation (git-fixes). * PCI: Only override AMD USB controller if required (git-fixes). * PCI: switchtec: Fix stdev_release() crash after surprise hot remove (git- fixes). * PCI/AER: Decode Requester ID when no error info found (git-fixes). * platform/x86: thinkpad_acpi: Only update profile if successfully converted (git-fixes). * platform/x86: touchscreen_dmi: Add info for the TECLAST X16 Plus tablet (git-fixes). * platform/x86: touchscreen_dmi: Allow partial (prefix) matches for ACPI names (git-fixes). * PM: core: Remove unnecessary (void *) conversions (git-fixes). * PM: runtime: Have devm_pm_runtime_enable() handle pm_runtime_dont_use_autosuspend() (git-fixes). * PNP: ACPI: fix fortify warning (git-fixes). * power: supply: bq27xxx-i2c: Do not free non existing IRQ (git-fixes). * powerpc: add crtsavres.o to always-y instead of extra-y (bsc#1194869). * powerpc: Do not include lppaca.h in paca.h (bsc#1194869). * powerpc/64: Set task pt_regs->link to the LR value on scv entry (bsc#1194869). * powerpc/powernv: Fix fortify source warnings in opal-prd.c (bsc#1194869). * powerpc/pseries: Add a clear modifier to ibm,pa/pi-features parser (bsc#1220348). * powerpc/pseries: Rework lppaca_shared_proc() to avoid DEBUG_PREEMPT (bsc#1194869). * powerpc/pseries: Set CPU_FTR_DBELL according to ibm,pi-features (bsc#1220348). * powerpc/watchpoint: Disable pagefaults when getting user instruction (bsc#1194869). * powerpc/watchpoints: Annotate atomic context in more places (bsc#1194869). * powerpc/watchpoints: Disable preemption in thread_change_pc() (bsc#1194869). * pstore/ram: Fix crash when setting number of cpus to an odd number (git- fixes). * RAS: Introduce a FRU memory poison manager (jsc#PED-7618). * RAS/AMD/ATL: Add MI300 row retirement support (jsc#PED-7618). * RAS/AMD/ATL: Fix bit overflow in denorm_addr_df4_np2() (git-fixes). * RDMA/bnxt_re: Add a missing check in bnxt_qplib_query_srq (git-fixes) * RDMA/bnxt_re: Return error for SRQ resize (git-fixes) * RDMA/core: Fix uninit-value access in ib_get_eth_speed() (bsc#1219934). * RDMA/core: Get IB width and speed from netdev (bsc#1219934). * RDMA/irdma: Add AE for too many RNRS (git-fixes) * RDMA/irdma: Fix KASAN issue with tasklet (git-fixes) * RDMA/irdma: Set the CQ read threshold for GEN 1 (git-fixes) * RDMA/irdma: Validate max_send_wr and max_recv_wr (git-fixes) * RDMA/qedr: Fix qedr_create_user_qp error flow (git-fixes) * RDMA/srpt: fix function pointer cast warnings (git-fixes) * RDMA/srpt: Support specifying the srpt_service_guid parameter (git-fixes) * regulator: core: Only increment use_count when enable_count changes (git- fixes). * regulator: pwm-regulator: Add validity checks in continuous .get_voltage (git-fixes). * Revert "drm/amd: flush any delayed gfxoff on suspend entry" (git-fixes). * Revert "drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz" (git- fixes). * Revert "drm/amd/pm: resolve reboot exception for si oland" (git-fixes). * ring-buffer: Clean ring_buffer_poll_wait() error return (git-fixes). * s390: use the correct count for __iowrite64_copy() (git-fixes bsc#1220317). * s390/qeth: Fix potential loss of L3-IP@ in case of network issues (git-fixes bsc#1219840). * sched/membarrier: reduce the ability to hammer on sys_membarrier (git- fixes). * scsi: core: Move scsi_host_busy() out of host lock for waking up EH handler (git-fixes). * scsi: core: Move scsi_host_busy() out of host lock if it is for per-command (git-fixes). * scsi: fnic: Move fnic_fnic_flush_tx() to a work queue (git-fixes bsc#1219141). * scsi: hisi_sas: Prevent parallel FLR and controller reset (git-fixes). * scsi: ibmvfc: Limit max hw queues by num_online_cpus() (bsc#1220106). * scsi: ibmvfc: Open-code reset loop for target reset (bsc#1220106). * scsi: isci: Fix an error code problem in isci_io_request_build() (git- fixes). * scsi: lpfc: Add condition to delete ndlp object after sending BLS_RJT to an ABTS (bsc#1220021). * scsi: lpfc: Allow lpfc_plogi_confirm_nport() logic to execute for Fabric nodes (bsc#1220021). * scsi: lpfc: Change lpfc_vport fc_flag member into a bitmask (bsc#1220021). * scsi: lpfc: Change lpfc_vport load_flag member into a bitmask (bsc#1220021). * scsi: lpfc: Change nlp state statistic counters into atomic_t (bsc#1220021). * scsi: lpfc: Copyright updates for 14.4.0.0 patches (bsc#1220021). * scsi: lpfc: Fix failure to delete vports when discovery is in progress (bsc#1220021). * scsi: lpfc: Fix possible memory leak in lpfc_rcv_padisc() (bsc#1220021). * scsi: lpfc: Initialize status local variable in lpfc_sli4_repost_sgl_list() (bsc#1220021). * scsi: lpfc: Move handling of reset congestion statistics events (bsc#1220021). * scsi: lpfc: Protect vport fc_nodes list with an explicit spin lock (bsc#1220021). * scsi: lpfc: Remove D_ID swap log message from trace event logger (bsc#1220021). * scsi: lpfc: Remove NLP_RCV_PLOGI early return during RSCN processing for ndlps (bsc#1220021). * scsi: lpfc: Remove shost_lock protection for fc_host_port shost APIs (bsc#1220021). * scsi: lpfc: Replace deprecated strncpy() with strscpy() (bsc#1220021). * scsi: lpfc: Save FPIN frequency statistics upon receipt of peer cgn notifications (bsc#1220021). * scsi: lpfc: Update lpfc version to 14.4.0.0 (bsc#1220021). * scsi: lpfc: Use PCI_HEADER_TYPE_MFD instead of literal (bsc#1220021). * scsi: lpfc: Use sg_dma_len() API to get struct scatterlist's length (bsc#1220021). * scsi: mpi3mr: Refresh sdev queue depth after controller reset (git-fixes). * scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" (git- fixes bsc#1219141). * serial: 8250: Remove serial_rs485 sanitization from em485 (git-fixes). * spi-mxs: Fix chipselect glitch (git-fixes). * spi: hisi-sfc-v3xx: Return IRQ_NONE if no interrupts were detected (git- fixes). * spi: ppc4xx: Drop write-only variable (git-fixes). * spi: sh-msiof: avoid integer overflow in constants (git-fixes). * staging: iio: ad5933: fix type mismatch regression (git-fixes). * tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (bsc#1218450). * tomoyo: fix UAF write bug in tomoyo_write_control() (git-fixes). * topology: Fix up build warning in topology_is_visible() (jsc#PED-7618). * topology/sysfs: Add format parameter to macro defining "show" functions for proc (jsc#PED-7618). * topology/sysfs: Add PPIN in sysfs under cpu topology (jsc#PED-7618). * topology/sysfs: Hide PPIN on systems that do not support it (jsc#PED-7618). * tracing: Fix wasted memory in saved_cmdlines logic (git-fixes). * tracing: Inform kmemleak of saved_cmdlines allocation (git-fixes). * tracing/probes: Fix to show a parse error for bad type for $comm (git- fixes). * tty: allow TIOCSLCKTRMIOS with CAP_CHECKPOINT_RESTORE (git-fixes). * UBSAN: array-index-out-of-bounds in dtSplitRoot (git-fixes). * usb: cdns: readd old API (git-fixes). * usb: cdns3: fix memory double free when handle zero packet (git-fixes). * usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable() (git- fixes). * usb: cdns3: Modify the return value of cdns_set_active () to void when CONFIG_PM_SLEEP is disabled (git-fixes). * usb: cdns3: Put the cdns set active part outside the spin lock (git-fixes). * usb: cdnsp: blocked some cdns3 specific code (git-fixes). * usb: cdnsp: fixed issue with incorrect detecting CDNSP family controllers (git-fixes). * usb: dwc3: gadget: Do not disconnect if not started (git-fixes). * usb: dwc3: gadget: Handle EP0 request dequeuing properly (git-fixes). * usb: dwc3: gadget: Ignore End Transfer delay on teardown (git-fixes). * usb: dwc3: gadget: Queue PM runtime idle on disconnect event (git-fixes). * usb: dwc3: gadget: Refactor EP0 forced stall/restart into a separate API (git-fixes). * usb: dwc3: gadget: Submit endxfer command if delayed during disconnect (git- fixes). * usb: dwc3: host: Set XHCI_SG_TRB_CACHE_SIZE_QUIRK (git-fixes). * usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes). * usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes). * usb: gadget: core: Add missing kerneldoc for vbus_work (git-fixes). * usb: gadget: core: adjust uevent timing on gadget unbind (git-fixes). * usb: Gadget: core: Help prevent panic during UVC unconfigure (git-fixes). * usb: gadget: core: remove unbalanced mutex_unlock in usb_gadget_activate (git-fixes). * usb: gadget: f_hid: fix report descriptor allocation (git-fixes). * usb: gadget: Fix obscure lockdep violation for udc_mutex (git-fixes). * usb: gadget: Fix use-after-free Read in usb_udc_uevent() (git-fixes). * usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc (git-fixes). * usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs (git- fixes). * usb: gadget: udc: core: Offload usb_udc_vbus_handler processing (git-fixes). * usb: gadget: udc: core: Prevent soft_connect_store() race (git-fixes). * usb: gadget: udc: Handle gadget_connect failure during bind operation (git- fixes). * usb: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT (bsc#1218527). * usb: hub: Replace hardcoded quirk value with BIT() macro (git-fixes). * usb: hub: Replace hardcoded quirk value with BIT() macro (git-fixes). * usb: roles: do not get/set_role() when usb_role_switch is unregistered (git- fixes). * usb: roles: fix NULL pointer issue when put module's reference (git-fixes). * usb: serial: cp210x: add ID for IMST iM871A-USB (git-fixes). * usb: serial: option: add Fibocom FM101-GL variant (git-fixes). * usb: serial: qcserial: add new usb-id for Dell Wireless DW5826e (git-fixes). * watchdog: it87_wdt: Keep WDTCTRL bit 3 unmodified for IT8784/IT8786 (git- fixes). * wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range (git-fixes). * wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() (git-fixes). * wifi: cfg80211: fix missing interfaces when dumping (git-fixes). * wifi: cfg80211: fix RCU dereference in __cfg80211_bss_update (git-fixes). * wifi: cfg80211: free beacon_ies when overridden from hidden BSS (git-fixes). * wifi: iwlwifi: Fix some error codes (git-fixes). * wifi: iwlwifi: mvm: avoid baid size integer overflow (git-fixes). * wifi: iwlwifi: uninitialized variable in iwl_acpi_get_ppag_table() (git- fixes). * wifi: mac80211: adding missing drv_mgd_complete_tx() call (git-fixes). * wifi: mac80211: fix race condition on enabling fast-xmit (git-fixes). * wifi: nl80211: reject iftype change with mesh ID change (git-fixes). * wifi: rt2x00: restart beacon queue when hardware reset (git-fixes). * wifi: rtl8xxxu: Add additional USB IDs for RTL8192EU devices (git-fixes). * wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() (git-fixes). * wifi: wext-core: Fix -Wstringop-overflow warning in ioctl_standard_iw_point() (git-fixes). * x86/asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix (git-fixes). * x86/bugs: Add asm helpers for executing VERW (git-fixes). * x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (git- fixes). Also add mds_user_clear to kABI severities since it's strictly mitigation related so should be low risk. * x86/cpu: X86_FEATURE_INTEL_PPIN finally had a CPUID bit (jsc#PED-7618). * x86/entry_32: Add VERW just before userspace transition (git-fixes). * x86/entry_64: Add VERW just before userspace transition (git-fixes). * x86/mm: Fix memory encryption features advertisement (bsc#1206453). * xfs: remove unused fields from struct xbtree_ifakeroot (git-fixes). * xfs: short circuit xfs_growfs_data_private() if delta is zero (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-855=1 SUSE-2024-855=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-855=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64) * kernel-azure-optional-5.14.21-150500.33.37.1 * dlm-kmp-azure-5.14.21-150500.33.37.1 * kernel-azure-debugsource-5.14.21-150500.33.37.1 * kernel-azure-extra-5.14.21-150500.33.37.1 * gfs2-kmp-azure-debuginfo-5.14.21-150500.33.37.1 * kernel-azure-extra-debuginfo-5.14.21-150500.33.37.1 * kernel-azure-livepatch-devel-5.14.21-150500.33.37.1 * gfs2-kmp-azure-5.14.21-150500.33.37.1 * dlm-kmp-azure-debuginfo-5.14.21-150500.33.37.1 * kernel-syms-azure-5.14.21-150500.33.37.1 * cluster-md-kmp-azure-5.14.21-150500.33.37.1 * kernel-azure-debuginfo-5.14.21-150500.33.37.1 * reiserfs-kmp-azure-debuginfo-5.14.21-150500.33.37.1 * cluster-md-kmp-azure-debuginfo-5.14.21-150500.33.37.1 * kernel-azure-devel-5.14.21-150500.33.37.1 * kernel-azure-optional-debuginfo-5.14.21-150500.33.37.1 * reiserfs-kmp-azure-5.14.21-150500.33.37.1 * kselftests-kmp-azure-5.14.21-150500.33.37.1 * kernel-azure-devel-debuginfo-5.14.21-150500.33.37.1 * ocfs2-kmp-azure-debuginfo-5.14.21-150500.33.37.1 * ocfs2-kmp-azure-5.14.21-150500.33.37.1 * kselftests-kmp-azure-debuginfo-5.14.21-150500.33.37.1 * openSUSE Leap 15.5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.37.1 * openSUSE Leap 15.5 (x86_64) * kernel-azure-vdso-debuginfo-5.14.21-150500.33.37.1 * kernel-azure-vdso-5.14.21-150500.33.37.1 * openSUSE Leap 15.5 (noarch) * kernel-source-azure-5.14.21-150500.33.37.1 * kernel-devel-azure-5.14.21-150500.33.37.1 * Public Cloud Module 15-SP5 (aarch64 nosrc x86_64) * kernel-azure-5.14.21-150500.33.37.1 * Public Cloud Module 15-SP5 (aarch64 x86_64) * kernel-azure-devel-debuginfo-5.14.21-150500.33.37.1 * kernel-azure-debugsource-5.14.21-150500.33.37.1 * kernel-azure-devel-5.14.21-150500.33.37.1 * kernel-syms-azure-5.14.21-150500.33.37.1 * kernel-azure-debuginfo-5.14.21-150500.33.37.1 * Public Cloud Module 15-SP5 (noarch) * kernel-source-azure-5.14.21-150500.33.37.1 * kernel-devel-azure-5.14.21-150500.33.37.1 ## References: * https://www.suse.com/security/cve/CVE-2019-25162.html * https://www.suse.com/security/cve/CVE-2021-46923.html * https://www.suse.com/security/cve/CVE-2021-46924.html * https://www.suse.com/security/cve/CVE-2021-46932.html * https://www.suse.com/security/cve/CVE-2021-46934.html * https://www.suse.com/security/cve/CVE-2021-47083.html * https://www.suse.com/security/cve/CVE-2022-48627.html * https://www.suse.com/security/cve/CVE-2022-48628.html * https://www.suse.com/security/cve/CVE-2023-5197.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52429.html * https://www.suse.com/security/cve/CVE-2023-52439.html * https://www.suse.com/security/cve/CVE-2023-52443.html * https://www.suse.com/security/cve/CVE-2023-52445.html * https://www.suse.com/security/cve/CVE-2023-52447.html * https://www.suse.com/security/cve/CVE-2023-52448.html * https://www.suse.com/security/cve/CVE-2023-52449.html * https://www.suse.com/security/cve/CVE-2023-52451.html * https://www.suse.com/security/cve/CVE-2023-52452.html * https://www.suse.com/security/cve/CVE-2023-52456.html * https://www.suse.com/security/cve/CVE-2023-52457.html * https://www.suse.com/security/cve/CVE-2023-52462.html * https://www.suse.com/security/cve/CVE-2023-52463.html * https://www.suse.com/security/cve/CVE-2023-52464.html * https://www.suse.com/security/cve/CVE-2023-52467.html * https://www.suse.com/security/cve/CVE-2023-52475.html * https://www.suse.com/security/cve/CVE-2023-52478.html * https://www.suse.com/security/cve/CVE-2023-52482.html * https://www.suse.com/security/cve/CVE-2023-52530.html * https://www.suse.com/security/cve/CVE-2023-52531.html * https://www.suse.com/security/cve/CVE-2023-52559.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2023-6817.html * https://www.suse.com/security/cve/CVE-2024-0607.html * https://www.suse.com/security/cve/CVE-2024-1151.html * https://www.suse.com/security/cve/CVE-2024-23849.html * https://www.suse.com/security/cve/CVE-2024-23850.html * https://www.suse.com/security/cve/CVE-2024-23851.html * https://www.suse.com/security/cve/CVE-2024-25744.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26586.html * https://www.suse.com/security/cve/CVE-2024-26589.html * https://www.suse.com/security/cve/CVE-2024-26591.html * https://www.suse.com/security/cve/CVE-2024-26593.html * https://www.suse.com/security/cve/CVE-2024-26595.html * https://www.suse.com/security/cve/CVE-2024-26598.html * https://www.suse.com/security/cve/CVE-2024-26602.html * https://www.suse.com/security/cve/CVE-2024-26603.html * https://www.suse.com/security/cve/CVE-2024-26607.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1206453 * https://bugzilla.suse.com/show_bug.cgi?id=1209412 * https://bugzilla.suse.com/show_bug.cgi?id=1216776 * https://bugzilla.suse.com/show_bug.cgi?id=1217927 * https://bugzilla.suse.com/show_bug.cgi?id=1218195 * https://bugzilla.suse.com/show_bug.cgi?id=1218216 * https://bugzilla.suse.com/show_bug.cgi?id=1218450 * https://bugzilla.suse.com/show_bug.cgi?id=1218527 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1218663 * https://bugzilla.suse.com/show_bug.cgi?id=1218915 * https://bugzilla.suse.com/show_bug.cgi?id=1219126 * https://bugzilla.suse.com/show_bug.cgi?id=1219127 * https://bugzilla.suse.com/show_bug.cgi?id=1219141 * https://bugzilla.suse.com/show_bug.cgi?id=1219146 * https://bugzilla.suse.com/show_bug.cgi?id=1219295 * https://bugzilla.suse.com/show_bug.cgi?id=1219443 * https://bugzilla.suse.com/show_bug.cgi?id=1219653 * https://bugzilla.suse.com/show_bug.cgi?id=1219827 * https://bugzilla.suse.com/show_bug.cgi?id=1219835 * https://bugzilla.suse.com/show_bug.cgi?id=1219839 * https://bugzilla.suse.com/show_bug.cgi?id=1219840 * https://bugzilla.suse.com/show_bug.cgi?id=1219934 * https://bugzilla.suse.com/show_bug.cgi?id=1220003 * https://bugzilla.suse.com/show_bug.cgi?id=1220009 * https://bugzilla.suse.com/show_bug.cgi?id=1220021 * https://bugzilla.suse.com/show_bug.cgi?id=1220030 * https://bugzilla.suse.com/show_bug.cgi?id=1220106 * https://bugzilla.suse.com/show_bug.cgi?id=1220140 * https://bugzilla.suse.com/show_bug.cgi?id=1220187 * https://bugzilla.suse.com/show_bug.cgi?id=1220238 * https://bugzilla.suse.com/show_bug.cgi?id=1220240 * https://bugzilla.suse.com/show_bug.cgi?id=1220241 * https://bugzilla.suse.com/show_bug.cgi?id=1220243 * https://bugzilla.suse.com/show_bug.cgi?id=1220250 * https://bugzilla.suse.com/show_bug.cgi?id=1220251 * https://bugzilla.suse.com/show_bug.cgi?id=1220253 * https://bugzilla.suse.com/show_bug.cgi?id=1220254 * https://bugzilla.suse.com/show_bug.cgi?id=1220255 * https://bugzilla.suse.com/show_bug.cgi?id=1220257 * https://bugzilla.suse.com/show_bug.cgi?id=1220267 * https://bugzilla.suse.com/show_bug.cgi?id=1220277 * https://bugzilla.suse.com/show_bug.cgi?id=1220317 * https://bugzilla.suse.com/show_bug.cgi?id=1220325 * https://bugzilla.suse.com/show_bug.cgi?id=1220326 * https://bugzilla.suse.com/show_bug.cgi?id=1220328 * https://bugzilla.suse.com/show_bug.cgi?id=1220330 * https://bugzilla.suse.com/show_bug.cgi?id=1220335 * https://bugzilla.suse.com/show_bug.cgi?id=1220344 * https://bugzilla.suse.com/show_bug.cgi?id=1220348 * https://bugzilla.suse.com/show_bug.cgi?id=1220350 * https://bugzilla.suse.com/show_bug.cgi?id=1220364 * https://bugzilla.suse.com/show_bug.cgi?id=1220392 * https://bugzilla.suse.com/show_bug.cgi?id=1220393 * https://bugzilla.suse.com/show_bug.cgi?id=1220398 * https://bugzilla.suse.com/show_bug.cgi?id=1220409 * https://bugzilla.suse.com/show_bug.cgi?id=1220433 * https://bugzilla.suse.com/show_bug.cgi?id=1220444 * https://bugzilla.suse.com/show_bug.cgi?id=1220457 * https://bugzilla.suse.com/show_bug.cgi?id=1220459 * https://bugzilla.suse.com/show_bug.cgi?id=1220469 * https://bugzilla.suse.com/show_bug.cgi?id=1220649 * https://bugzilla.suse.com/show_bug.cgi?id=1220735 * https://bugzilla.suse.com/show_bug.cgi?id=1220736 * https://bugzilla.suse.com/show_bug.cgi?id=1220796 * https://bugzilla.suse.com/show_bug.cgi?id=1220825 * https://bugzilla.suse.com/show_bug.cgi?id=1220845 * https://bugzilla.suse.com/show_bug.cgi?id=1220848 * https://bugzilla.suse.com/show_bug.cgi?id=1220917 * https://bugzilla.suse.com/show_bug.cgi?id=1220930 * https://bugzilla.suse.com/show_bug.cgi?id=1220931 * https://bugzilla.suse.com/show_bug.cgi?id=1220933 * https://jira.suse.com/browse/PED-7618 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 20:30:20 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 20:30:20 -0000 Subject: SUSE-RU-2024:0854-1: moderate: Recommended update for hpc-node Message-ID: <171027542094.18042.4748769573327151366@smelt2.prg2.suse.org> # Recommended update for hpc-node Announcement ID: SUSE-RU-2024:0854-1 Rating: moderate References: * bsc#1221283 Affected Products: * openSUSE Leap 15.5 An update that has one fix can now be installed. ## Description: This update for hpc-node fixes the following issues: * Fix registry publication path (bsc#1221283). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-854=1 ## Package List: * openSUSE Leap 15.5 (noarch) * container:sle-hpc-node-image-15.5.0-11.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1221283 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 12 20:30:22 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 12 Mar 2024 20:30:22 -0000 Subject: SUSE-RU-2024:0853-1: moderate: Recommended update for qrencode Message-ID: <171027542281.18042.16514164101051318204@smelt2.prg2.suse.org> # Recommended update for qrencode Announcement ID: SUSE-RU-2024:0853-1 Rating: moderate References: * jsc#PED-7296 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 An update that contains one feature can now be installed. ## Description: This update for qrencode fixes the following issues: * update to 4.1.1 (jsc#PED-7296): * Some minor bugs in Micro QR Code generation have been fixed. * The data capacity calculations are now correct. These bugs probably did not affect the Micro QR Code generation. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-853=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-853=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-853=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-853=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-853=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-853=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-853=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-853=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-853=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-853=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-853=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-853=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-853=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-853=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-853=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-853=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-853=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-853=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-853=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-853=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-853=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * libqrencode4-32bit-4.1.1-150000.3.3.1 * libqrencode4-32bit-debuginfo-4.1.1-150000.3.3.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libqrencode4-4.1.1-150000.3.3.1 * qrencode-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * qrencode-devel-4.1.1-150000.3.3.1 * qrencode-debuginfo-4.1.1-150000.3.3.1 * libqrencode4-debuginfo-4.1.1-150000.3.3.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libqrencode4-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * qrencode-devel-4.1.1-150000.3.3.1 * qrencode-debuginfo-4.1.1-150000.3.3.1 * libqrencode4-debuginfo-4.1.1-150000.3.3.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * qrencode-debuginfo-4.1.1-150000.3.3.1 * qrencode-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libqrencode4-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * qrencode-devel-4.1.1-150000.3.3.1 * qrencode-debuginfo-4.1.1-150000.3.3.1 * libqrencode4-debuginfo-4.1.1-150000.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libqrencode4-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * qrencode-devel-4.1.1-150000.3.3.1 * qrencode-debuginfo-4.1.1-150000.3.3.1 * libqrencode4-debuginfo-4.1.1-150000.3.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libqrencode4-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * qrencode-devel-4.1.1-150000.3.3.1 * qrencode-debuginfo-4.1.1-150000.3.3.1 * libqrencode4-debuginfo-4.1.1-150000.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libqrencode4-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * qrencode-devel-4.1.1-150000.3.3.1 * qrencode-debuginfo-4.1.1-150000.3.3.1 * libqrencode4-debuginfo-4.1.1-150000.3.3.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libqrencode4-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * qrencode-devel-4.1.1-150000.3.3.1 * qrencode-debuginfo-4.1.1-150000.3.3.1 * libqrencode4-debuginfo-4.1.1-150000.3.3.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libqrencode4-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * qrencode-devel-4.1.1-150000.3.3.1 * qrencode-debuginfo-4.1.1-150000.3.3.1 * libqrencode4-debuginfo-4.1.1-150000.3.3.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libqrencode4-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * qrencode-devel-4.1.1-150000.3.3.1 * qrencode-debuginfo-4.1.1-150000.3.3.1 * libqrencode4-debuginfo-4.1.1-150000.3.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libqrencode4-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * qrencode-devel-4.1.1-150000.3.3.1 * qrencode-debuginfo-4.1.1-150000.3.3.1 * libqrencode4-debuginfo-4.1.1-150000.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libqrencode4-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * qrencode-devel-4.1.1-150000.3.3.1 * qrencode-debuginfo-4.1.1-150000.3.3.1 * libqrencode4-debuginfo-4.1.1-150000.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libqrencode4-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * qrencode-devel-4.1.1-150000.3.3.1 * qrencode-debuginfo-4.1.1-150000.3.3.1 * libqrencode4-debuginfo-4.1.1-150000.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libqrencode4-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * qrencode-devel-4.1.1-150000.3.3.1 * qrencode-debuginfo-4.1.1-150000.3.3.1 * libqrencode4-debuginfo-4.1.1-150000.3.3.1 * SUSE Manager Proxy 4.3 (x86_64) * libqrencode4-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * qrencode-devel-4.1.1-150000.3.3.1 * qrencode-debuginfo-4.1.1-150000.3.3.1 * libqrencode4-debuginfo-4.1.1-150000.3.3.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libqrencode4-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * qrencode-devel-4.1.1-150000.3.3.1 * qrencode-debuginfo-4.1.1-150000.3.3.1 * libqrencode4-debuginfo-4.1.1-150000.3.3.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libqrencode4-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * qrencode-devel-4.1.1-150000.3.3.1 * qrencode-debuginfo-4.1.1-150000.3.3.1 * libqrencode4-debuginfo-4.1.1-150000.3.3.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libqrencode4-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * qrencode-devel-4.1.1-150000.3.3.1 * qrencode-debuginfo-4.1.1-150000.3.3.1 * libqrencode4-debuginfo-4.1.1-150000.3.3.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libqrencode4-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * qrencode-debuginfo-4.1.1-150000.3.3.1 * libqrencode4-debuginfo-4.1.1-150000.3.3.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libqrencode4-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * qrencode-debuginfo-4.1.1-150000.3.3.1 * libqrencode4-debuginfo-4.1.1-150000.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libqrencode4-4.1.1-150000.3.3.1 * qrencode-debugsource-4.1.1-150000.3.3.1 * qrencode-debuginfo-4.1.1-150000.3.3.1 * libqrencode4-debuginfo-4.1.1-150000.3.3.1 ## References: * https://jira.suse.com/browse/PED-7296 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 08:30:03 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 08:30:03 -0000 Subject: SUSE-SU-2024:0860-1: moderate: Security update for gnutls Message-ID: <171031860386.24355.2850414686937796196@smelt2.prg2.suse.org> # Security update for gnutls Announcement ID: SUSE-SU-2024:0860-1 Rating: moderate References: * bsc#1218865 Cross-References: * CVE-2023-5981 * CVE-2024-0553 CVSS scores: * CVE-2023-5981 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-5981 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-0553 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-0553 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for gnutls fixes the following issues: * CVE-2024-0553: Fixed insufficient mitigation for side channel attack in RSA- PSK, aka CVE-2023-5981 (bsc#1218865). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-860=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-860=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-860=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-860=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-860=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-860=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-860=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-860=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-860=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-860=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * libgnutls30-32bit-debuginfo-3.6.7-150200.14.31.1 * libgnutls30-hmac-32bit-3.6.7-150200.14.31.1 * libgnutls-devel-3.6.7-150200.14.31.1 * libgnutls30-32bit-3.6.7-150200.14.31.1 * gnutls-debuginfo-3.6.7-150200.14.31.1 * libgnutls30-hmac-3.6.7-150200.14.31.1 * libgnutls30-3.6.7-150200.14.31.1 * libgnutls30-debuginfo-3.6.7-150200.14.31.1 * gnutls-3.6.7-150200.14.31.1 * libgnutlsxx28-debuginfo-3.6.7-150200.14.31.1 * libgnutlsxx28-3.6.7-150200.14.31.1 * libgnutlsxx-devel-3.6.7-150200.14.31.1 * gnutls-debugsource-3.6.7-150200.14.31.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * libgnutls30-32bit-debuginfo-3.6.7-150200.14.31.1 * libgnutls-devel-3.6.7-150200.14.31.1 * libgnutls30-32bit-3.6.7-150200.14.31.1 * gnutls-debuginfo-3.6.7-150200.14.31.1 * libgnutls30-hmac-3.6.7-150200.14.31.1 * libgnutls30-3.6.7-150200.14.31.1 * libgnutls30-debuginfo-3.6.7-150200.14.31.1 * libgnutls-devel-32bit-3.6.7-150200.14.31.1 * gnutls-3.6.7-150200.14.31.1 * libgnutlsxx-devel-3.6.7-150200.14.31.1 * libgnutlsxx28-debuginfo-3.6.7-150200.14.31.1 * libgnutlsxx28-3.6.7-150200.14.31.1 * libgnutls30-hmac-32bit-3.6.7-150200.14.31.1 * gnutls-debugsource-3.6.7-150200.14.31.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (ppc64le s390x x86_64) * libgnutls-devel-3.6.7-150200.14.31.1 * gnutls-debuginfo-3.6.7-150200.14.31.1 * libgnutls30-hmac-3.6.7-150200.14.31.1 * libgnutls30-3.6.7-150200.14.31.1 * libgnutls30-debuginfo-3.6.7-150200.14.31.1 * gnutls-3.6.7-150200.14.31.1 * libgnutlsxx28-debuginfo-3.6.7-150200.14.31.1 * libgnutlsxx28-3.6.7-150200.14.31.1 * libgnutlsxx-devel-3.6.7-150200.14.31.1 * gnutls-debugsource-3.6.7-150200.14.31.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * libgnutls30-hmac-32bit-3.6.7-150200.14.31.1 * libgnutls30-32bit-debuginfo-3.6.7-150200.14.31.1 * libgnutls30-32bit-3.6.7-150200.14.31.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (ppc64le s390x x86_64) * libgnutls-devel-3.6.7-150200.14.31.1 * gnutls-debuginfo-3.6.7-150200.14.31.1 * libgnutls30-hmac-3.6.7-150200.14.31.1 * libgnutls30-3.6.7-150200.14.31.1 * libgnutls30-debuginfo-3.6.7-150200.14.31.1 * gnutls-3.6.7-150200.14.31.1 * libgnutlsxx28-debuginfo-3.6.7-150200.14.31.1 * libgnutlsxx28-3.6.7-150200.14.31.1 * libgnutlsxx-devel-3.6.7-150200.14.31.1 * gnutls-debugsource-3.6.7-150200.14.31.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * libgnutls30-hmac-32bit-3.6.7-150200.14.31.1 * libgnutls30-32bit-debuginfo-3.6.7-150200.14.31.1 * libgnutls-devel-32bit-3.6.7-150200.14.31.1 * libgnutls30-32bit-3.6.7-150200.14.31.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libgnutls-devel-3.6.7-150200.14.31.1 * gnutls-debuginfo-3.6.7-150200.14.31.1 * libgnutls30-hmac-3.6.7-150200.14.31.1 * libgnutls30-3.6.7-150200.14.31.1 * libgnutls30-debuginfo-3.6.7-150200.14.31.1 * gnutls-3.6.7-150200.14.31.1 * libgnutlsxx28-debuginfo-3.6.7-150200.14.31.1 * libgnutlsxx28-3.6.7-150200.14.31.1 * libgnutlsxx-devel-3.6.7-150200.14.31.1 * gnutls-debugsource-3.6.7-150200.14.31.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * libgnutls30-hmac-32bit-3.6.7-150200.14.31.1 * libgnutls30-32bit-debuginfo-3.6.7-150200.14.31.1 * libgnutls30-32bit-3.6.7-150200.14.31.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libgnutls-devel-3.6.7-150200.14.31.1 * gnutls-debuginfo-3.6.7-150200.14.31.1 * libgnutls30-hmac-3.6.7-150200.14.31.1 * libgnutls30-3.6.7-150200.14.31.1 * libgnutls30-debuginfo-3.6.7-150200.14.31.1 * gnutls-3.6.7-150200.14.31.1 * libgnutlsxx28-debuginfo-3.6.7-150200.14.31.1 * libgnutlsxx28-3.6.7-150200.14.31.1 * libgnutlsxx-devel-3.6.7-150200.14.31.1 * gnutls-debugsource-3.6.7-150200.14.31.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * libgnutls30-hmac-32bit-3.6.7-150200.14.31.1 * libgnutls30-32bit-debuginfo-3.6.7-150200.14.31.1 * libgnutls-devel-32bit-3.6.7-150200.14.31.1 * libgnutls30-32bit-3.6.7-150200.14.31.1 * SUSE Enterprise Storage 7.1 (x86_64) * libgnutls30-32bit-debuginfo-3.6.7-150200.14.31.1 * libgnutls-devel-3.6.7-150200.14.31.1 * libgnutls30-32bit-3.6.7-150200.14.31.1 * gnutls-debuginfo-3.6.7-150200.14.31.1 * libgnutls30-hmac-3.6.7-150200.14.31.1 * libgnutls30-3.6.7-150200.14.31.1 * libgnutls30-debuginfo-3.6.7-150200.14.31.1 * libgnutls-devel-32bit-3.6.7-150200.14.31.1 * gnutls-3.6.7-150200.14.31.1 * libgnutlsxx-devel-3.6.7-150200.14.31.1 * libgnutlsxx28-debuginfo-3.6.7-150200.14.31.1 * libgnutlsxx28-3.6.7-150200.14.31.1 * libgnutls30-hmac-32bit-3.6.7-150200.14.31.1 * gnutls-debugsource-3.6.7-150200.14.31.1 * SUSE Linux Enterprise Micro 5.1 (s390x x86_64) * gnutls-debuginfo-3.6.7-150200.14.31.1 * libgnutls30-hmac-3.6.7-150200.14.31.1 * libgnutls30-3.6.7-150200.14.31.1 * libgnutls30-debuginfo-3.6.7-150200.14.31.1 * gnutls-debugsource-3.6.7-150200.14.31.1 * SUSE Linux Enterprise Micro 5.2 (s390x x86_64) * gnutls-debuginfo-3.6.7-150200.14.31.1 * libgnutls30-hmac-3.6.7-150200.14.31.1 * libgnutls30-3.6.7-150200.14.31.1 * libgnutls30-debuginfo-3.6.7-150200.14.31.1 * gnutls-3.6.7-150200.14.31.1 * gnutls-debugsource-3.6.7-150200.14.31.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (s390x x86_64) * gnutls-debuginfo-3.6.7-150200.14.31.1 * libgnutls30-hmac-3.6.7-150200.14.31.1 * libgnutls30-3.6.7-150200.14.31.1 * libgnutls30-debuginfo-3.6.7-150200.14.31.1 * gnutls-3.6.7-150200.14.31.1 * gnutls-debugsource-3.6.7-150200.14.31.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5981.html * https://www.suse.com/security/cve/CVE-2024-0553.html * https://bugzilla.suse.com/show_bug.cgi?id=1218865 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 08:30:05 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 08:30:05 -0000 Subject: SUSE-RU-2024:0859-1: moderate: Recommended update for google-http-java-client, gradle, gradle-bootstrap Message-ID: <171031860508.24355.11448391722670827160@smelt2.prg2.suse.org> # Recommended update for google-http-java-client, gradle, gradle-bootstrap Announcement ID: SUSE-RU-2024:0859-1 Rating: moderate References: Affected Products: * openSUSE Leap 15.5 An update that can now be installed. ## Description: This update for google-http-java-client, gradle, gradle-bootstrap fixes the following issues: * Fixed RPM package building issues ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-859=1 ## Package List: * openSUSE Leap 15.5 (noarch) * google-http-java-client-gson-1.22.0-150200.3.7.1 * google-http-java-client-test-1.22.0-150200.3.7.1 * google-http-java-client-jackson2-1.22.0-150200.3.7.1 * google-http-java-client-protobuf-1.22.0-150200.3.7.1 * google-http-java-client-jackson-1.22.0-150200.3.7.1 * google-http-java-client-javadoc-1.22.0-150200.3.7.1 * google-http-java-client-findbugs-1.22.0-150200.3.7.1 * google-http-java-client-xml-1.22.0-150200.3.7.1 * google-http-java-client-parent-1.22.0-150200.3.7.1 * google-http-java-client-jdo-1.22.0-150200.3.7.1 * google-http-java-client-1.22.0-150200.3.7.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 08:30:15 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 08:30:15 -0000 Subject: SUSE-SU-2024:0858-1: important: Security update for the Linux Kernel Message-ID: <171031861579.24355.5593910471321003707@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:0858-1 Rating: important References: * bsc#1194869 * bsc#1206453 * bsc#1209412 * bsc#1213456 * bsc#1216776 * bsc#1217927 * bsc#1218195 * bsc#1218216 * bsc#1218450 * bsc#1218527 * bsc#1218663 * bsc#1218915 * bsc#1219126 * bsc#1219127 * bsc#1219141 * bsc#1219146 * bsc#1219295 * bsc#1219443 * bsc#1219653 * bsc#1219827 * bsc#1219835 * bsc#1219839 * bsc#1219840 * bsc#1219934 * bsc#1220003 * bsc#1220009 * bsc#1220021 * bsc#1220030 * bsc#1220106 * bsc#1220140 * bsc#1220187 * bsc#1220238 * bsc#1220240 * bsc#1220241 * bsc#1220243 * bsc#1220250 * bsc#1220251 * bsc#1220253 * bsc#1220254 * bsc#1220255 * bsc#1220257 * bsc#1220267 * bsc#1220277 * bsc#1220317 * bsc#1220326 * bsc#1220328 * bsc#1220330 * bsc#1220335 * bsc#1220344 * bsc#1220348 * bsc#1220350 * bsc#1220364 * bsc#1220392 * bsc#1220393 * bsc#1220398 * bsc#1220409 * bsc#1220444 * bsc#1220457 * bsc#1220459 * bsc#1220649 * bsc#1220796 * bsc#1220825 * jsc#PED-7618 Cross-References: * CVE-2019-25162 * CVE-2021-46923 * CVE-2021-46924 * CVE-2021-46932 * CVE-2023-28746 * CVE-2023-5197 * CVE-2023-52340 * CVE-2023-52429 * CVE-2023-52439 * CVE-2023-52443 * CVE-2023-52445 * CVE-2023-52447 * CVE-2023-52448 * CVE-2023-52449 * CVE-2023-52451 * CVE-2023-52452 * CVE-2023-52456 * CVE-2023-52457 * CVE-2023-52463 * CVE-2023-52464 * CVE-2023-52475 * CVE-2023-52478 * CVE-2023-6817 * CVE-2024-0607 * CVE-2024-1151 * CVE-2024-23849 * CVE-2024-23850 * CVE-2024-23851 * CVE-2024-25744 * CVE-2024-26585 * CVE-2024-26586 * CVE-2024-26589 * CVE-2024-26591 * CVE-2024-26593 * CVE-2024-26595 * CVE-2024-26598 * CVE-2024-26602 * CVE-2024-26603 * CVE-2024-26622 CVSS scores: * CVE-2019-25162 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46923 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46924 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46932 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-5197 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-5197 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52439 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52443 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52445 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52448 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52451 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52452 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52456 ( SUSE ): 4.0 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52457 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52463 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52464 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52475 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52478 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-6817 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6817 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0607 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-0607 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-1151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-23849 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26586 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26589 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26591 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26593 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * Legacy Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 An update that solves 39 vulnerabilities, contains one feature and has 23 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2019-25162: Fixed a potential use after free (bsc#1220409). * CVE-2021-46923: Fixed reference leakage in fs/mount_setattr (bsc#1220457). * CVE-2021-46924: Fixed fix memory leak in device probe and remove (bsc#1220459) * CVE-2021-46932: Fixed missing work initialization before device registration (bsc#1220444) * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-5197: Fixed se-after-free due to addition and removal of rules from chain bindings within the same transaction (bsc#1218216). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295). * CVE-2023-52429: Fixed potential DoS in dm_table_create in drivers/md/dm- table.c (bsc#1219827). * CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140). * CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240). * CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241). * CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251). * CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2_rgrp_dump (bsc#1220253). * CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238). * CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250). * CVE-2023-52452: Fixed Fix accesses to uninit stack slots (bsc#1220257). * CVE-2023-52456: Fixed tx statemachine deadlock (bsc#1220364). * CVE-2023-52457: Fixed skipped resource freeing if pm_runtime_resume_and_get() failed (bsc#1220350). * CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328). * CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330) * CVE-2023-52475: Fixed use-after-free in powermate_config_complete (bsc#1220649) * CVE-2023-52478: Fixed kernel crash on receiver USB disconnect (bsc#1220796) * CVE-2023-6817: Fixed use-after-free in nft_pipapo_walk (bsc#1218195). * CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915). * CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835). * CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127). * CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126). * CVE-2024-23851: Fixed crash in copy_params in drivers/md/dm-ioctl.c (bsc#1219146). * CVE-2024-25744: Fixed Security issue with int 80 interrupt vector (bsc#1217927). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187). * CVE-2024-26586: Fixed stack corruption (bsc#1220243). * CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255). * CVE-2024-26591: Fixed re-attachment branch in bpf_tracing_prog_attach (bsc#1220254). * CVE-2024-26593: Fixed block process call transactions (bsc#1220009). * CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344). * CVE-2024-26598: Fixed potential UAF in LPI translation cache (bsc#1220326). * CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398). * CVE-2024-26603: Fixed infinite loop via #PF handling (bsc#1220335). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825). The following non-security bugs were fixed: * acpi: apei: set memory failure flags as mf_action_required on synchronous events (git-fixes). * acpi: button: add lid disable dmi quirk for nextbook ares 8a (git-fixes). * acpi: extlog: fix null pointer dereference check (git-fixes). * acpi: resource: add asus model s5402za to quirks (git-fixes). * acpi: resource: skip irq override on asus expertbook b1502cba (git-fixes). * acpi: resource: skip irq override on asus expertbook b2402cba (git-fixes). * acpi: video: add backlight=native dmi quirk for apple imac11,3 (git-fixes). * acpi: video: add backlight=native dmi quirk for apple imac12,1 and imac12,2 (git-fixes). * acpi: video: add backlight=native dmi quirk for lenovo thinkpad x131e (3371 amd version) (git-fixes). * acpi: video: add quirk for the colorful x15 at 23 laptop (git-fixes). * add reference to recently released cve * afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() (git- fixes). * afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() (git-fixes). * afs: hide silly-rename files from userspace (git-fixes). * afs: increase buffer size in afs_update_volume_status() (git-fixes). * ahci: asm1166: correct count of reported ports (git-fixes). * alsa: drop leftover snd-rtctimer stuff from makefile (git-fixes). * alsa: firewire-lib: fix to check cycle continuity (git-fixes). * alsa: hda/conexant: add quirk for sws js201d (git-fixes). * alsa: hda/realtek: apply headset jack quirk for non-bass alc287 thinkpads (git-fixes). * alsa: hda/realtek: cs35l41: fix device id / model name (git-fixes). * alsa: hda/realtek: cs35l41: fix order and duplicates in quirks table (git- fixes). * alsa: hda/realtek: enable headset mic on vaio vjfe-adl (git-fixes). * alsa: hda/realtek: enable mute led on hp laptop 14-fq0xxx (git-fixes). * alsa: hda/realtek: fix mute/micmute led for hp mt645 (git-fixes). * alsa: hda/realtek: fix mute/micmute leds for hp zbook power (git-fixes). * alsa: hda/realtek: fix the external mic not being recognised for acer swift 1 sf114-32 (git-fixes). * alsa: usb-audio: add a quirk for yamaha yit-w12tx transmitter (git-fixes). * alsa: usb-audio: add delay quirk for motu m series 2nd revision (git-fixes). * alsa: usb-audio: add quirk for rode nt-usb+ (git-fixes). * alsa: usb-audio: check presence of valid altsetting control (git-fixes). * alsa: usb-audio: ignore clock selector errors for single connection (git- fixes). * alsa: usb-audio: more relaxed check of midi jack names (git-fixes). * alsa: usb-audio: sort quirk table entries (git-fixes). * arm64: entry: fix arm64_workaround_speculative_unpriv_load (bsc#1219443) * arm64: entry: preserve/restore x29 even for compat tasks (bsc#1219443) * arm64: entry: simplify tramp_alias macro and tramp_exit routine (bsc#1219443) * arm64: errata: add cortex-a510 speculative unprivileged load (bsc#1219443) enable workaround. * arm64: errata: add cortex-a520 speculative unprivileged load (bsc#1219443) enable workaround without kabi break. * arm64: errata: mitigate ampere1 erratum ac03_cpu_38 at stage-2 (git-fixes) enable ampere_erratum_ac03_cpu_38 workaround without kabi break * arm64: irq: set the correct node for shadow call stack (git-fixes) * arm64: irq: set the correct node for vmap stack (git-fixes) * arm64: rename arm64_workaround_2966298 (bsc#1219443) * arm64: subscribe microsoft azure cobalt 100 to arm neoverse n2 errata (git- fixes) * asoc: doc: fix undefined snd_soc_dapm_nopm argument (git-fixes). * asoc: rt5645: fix deadlock in rt5645_jack_detect_work() (git-fixes). * asoc: sof: ipc3: fix message bounds on ipc ops (git-fixes). * asoc: sunxi: sun4i-spdif: add support for allwinner h616 (git-fixes). * atm: idt77252: fix a memleak in open_card_ubr0 (git-fixes). * bluetooth: avoid potential use-after-free in hci_error_reset (git-fixes). * bluetooth: enforce validation on max value of connection interval (git- fixes). * bluetooth: hci_event: fix handling of hci_ev_io_capa_request (git-fixes). * bluetooth: hci_event: fix wrongly recorded wakeup bd_addr (git-fixes). * bluetooth: hci_sync: check the correct flag before starting a scan (git- fixes). * bluetooth: hci_sync: fix accept_list when attempting to suspend (git-fixes). * bluetooth: l2cap: fix possible multiple reject send (git-fixes). * bluetooth: qca: fix wrong event type for patch config command (git-fixes). * bpf: fix verification of indirect var-off stack access (git-fixes). * bpf: guard stack limits against 32bit overflow (git-fixes). * bpf: minor logging improvement (bsc#1220257). * bus: moxtet: add spi device table (git-fixes). * cachefiles: fix memory leak in cachefiles_add_cache() (bsc#1220267). * can: j1939: fix uaf in j1939_sk_match_filter during setsockopt(so_j1939_filter) (git-fixes). * crypto: api - disallow identical driver names (git-fixes). * crypto: ccp - fix null pointer dereference in __sev_platform_shutdown_locked (git-fixes). * crypto: octeontx2 - fix cptvf driver cleanup (git-fixes). * crypto: stm32/crc32 - fix parsing list of devices (git-fixes). * dmaengine: fsl-qdma: fix a memory leak related to the queue command dma (git-fixes). * dmaengine: fsl-qdma: fix soc may hang on 16 byte unaligned read (git-fixes). * dmaengine: fsl-qdma: increase size of 'irq_name' (git-fixes). * dmaengine: fsl-qdma: init irq after reg initialization (git-fixes). * dmaengine: ptdma: use consistent dma masks (git-fixes). * dmaengine: shdma: increase size of 'dev_id' (git-fixes). * dmaengine: ti: edma: add some null pointer checks to the edma_probe (git- fixes). * driver core: fix device_link_flag_is_sync_state_only() (git-fixes). * drm/amd/display: fix memory leak in dm_sw_fini() (git-fixes). * drm/amd/display: fix possible buffer overflow in 'find_dcfclk_for_voltage()' (git-fixes). * drm/amd/display: fix possible null dereference on device remove/driver unload (git-fixes). * drm/amd/display: increase frame-larger-than for all display_mode_vba files (git-fixes). * drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz (git-fixes). * drm/amd/display: preserve original aspect ratio in create stream (git- fixes). * drm/amdgpu/display: initialize gamma correction mode variable in dcn30_get_gamcor_current() (git-fixes). * drm/amdgpu: reset gpu for s3 suspend abort case (git-fixes). * drm/amdgpu: skip to program gfxdec registers for suspend abort (git-fixes). * drm/buddy: fix range bias (git-fixes). * drm/crtc: fix uninitialized variable use even harder (git-fixes). * drm/i915/gvt: fix uninitialized variable in handle_mmio() (git-fixes). * drm/msm/dp: return correct colorimetry for dp_test_dynamic_range_cea case (git-fixes). * drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup (git- fixes). * drm/msms/dp: fixed link clock divider bits be over written in bpc unknown case (git-fixes). * drm/prime: support page array >= 4gb (git-fixes). * drm/syncobj: call drm_syncobj_fence_add_wait when wait_available flag is set (git-fixes). * drm/ttm: fix an invalid freeing on already freed page in error path (git- fixes). * drop bcm5974 input patch causing a regression (bsc#1220030) * efi/capsule-loader: fix incorrect allocation size (git-fixes). * efi: do not add memblocks for soft-reserved memory (git-fixes). * efi: runtime: fix potential overflow of soft-reserved region size (git- fixes). * fbcon: always restore the old font data in fbcon_do_set_font() (git-fixes). * fbdev: savage: error out if pixclock equals zero (git-fixes). * fbdev: sis: error out if pixclock equals zero (git-fixes). * firewire: core: send bus reset promptly on gap count error (git-fixes). * fs: dlm: fix build with config_ipv6 disabled (git-fixes). * fs:jfs:ubsan:array-index-out-of-bounds in dbadjtree (git-fixes). * gpio: 74x164: enable output pins after registers are reset (git-fixes). * gpio: fix resource unwinding order in error path (git-fixes). * gpiolib: acpi: ignore touchpad wakeup on gpd g1619-04 (git-fixes). * gpiolib: fix the error path order in gpiochip_add_data_with_key() (git- fixes). * hid: apple: add 2021 magic keyboard fn key mapping (git-fixes). * hid: apple: add support for the 2021 magic keyboard (git-fixes). * hid: wacom: do not register input devices until after hid_hw_start (git- fixes). * hid: wacom: generic: avoid reporting a serial of '0' to userspace (git- fixes). * hwmon: (aspeed-pwm-tacho) mutex for tach reading (git-fixes). * hwmon: (coretemp) enlarge per package core count limit (git-fixes). * hwmon: (coretemp) fix bogus core_id to attr name mapping (git-fixes). * hwmon: (coretemp) fix out-of-bounds memory access (git-fixes). * i2c: i801: fix block process call transactions (git-fixes). * i2c: i801: remove i801_set_block_buffer_mode (git-fixes). * i2c: imx: add timer for handling the stop condition (git-fixes). * i2c: imx: when being a target, mark the last read as processed (git-fixes). * i3c: master: cdns: update maximum prescaler value for i2c clock (git-fixes). * ib/hfi1: fix a memleak in init_credit_return (git-fixes) * ib/hfi1: fix sdma.h tx->num_descs off-by-one error (git-fixes) * iio: accel: bma400: fix a compilation problem (git-fixes). * iio: adc: ad7091r: set alert bit in config register (git-fixes). * iio: core: fix memleak in iio_device_register_sysfs (git-fixes). * iio: hid-sensor-als: return 0 for hid_usage_sensor_time_timestamp (git- fixes). * iio: magnetometer: rm3100: add boundary check for the value read from rm3100_reg_tmrc (git-fixes). * input: iqs269a - switch to define_simple_dev_pm_ops() and pm_sleep_ptr() (git-fixes). * input: xpad - add lenovo legion go controllers (git-fixes). * irqchip/gic-v3-its: fix gicv4.1 vpe affinity update (git-fixes). * irqchip/irq-brcmstb-l2: add write memory barrier before exit (git-fixes). * jfs: fix array-index-out-of-bounds in dbadjtree (git-fixes). * jfs: fix array-index-out-of-bounds in dinewext (git-fixes). * jfs: fix slab-out-of-bounds read in dtsearch (git-fixes). * jfs: fix uaf in jfs_evict_inode (git-fixes). * kbuild: fix changing elf file type for output of gen_btf for big endian (git-fixes). * kvm: s390: fix cc for successful pqap (git-fixes bsc#1219839). * kvm: s390: fix setting of fpc register (git-fixes bsc#1220392). * kvm: s390: vsie: fix race during shadow creation (git-fixes bsc#1220393). * kvm: vmx: move verw closer to vmentry for mds mitigation (git-fixes). * kvm: vmx: use bt+jnc, i.e. eflags.cf to select vmresume vs. vmlaunch (git- fixes). * lan78xx: enable auto speed configuration for lan7850 if no eeprom is detected (git-fixes). * leds: trigger: panic: do not register panic notifier if creating the trigger failed (git-fixes). * lib/stackdepot: add depot_fetch_stack helper (jsc-ped#7423). * lib/stackdepot: add refcount for records (jsc-ped#7423). * lib/stackdepot: fix first entry having a 0-handle (jsc-ped#7423). * lib/stackdepot: move stack_record struct definition into the header (jsc- ped#7423). * libsubcmd: fix memory leak in uniq() (git-fixes). * media: ddbridge: fix an error code problem in ddb_probe (git-fixes). * media: ir_toy: fix a memleak in irtoy_tx (git-fixes). * media: rc: bpf attach/detach requires write permission (git-fixes). * media: rockchip: rga: fix swizzling for rgb formats (git-fixes). * media: stk1160: fixed high volume of stk1160_dbg messages (git-fixes). * mfd: syscon: fix null pointer dereference in of_syscon_register() (git- fixes). * mm,page_owner: display all stacks and their count (jsc-ped#7423). * mm,page_owner: filter out stacks by a threshold (jsc-ped#7423). * mm,page_owner: implement the tracking of the stacks count (jsc-ped#7423). * mm,page_owner: maintain own list of stack_records structs (jsc-ped#7423). * mm,page_owner: update documentation regarding page_owner_stacks (jsc- ped#7423). * mm/hwpoison: fix unpoison_memory() (bsc#1218663). * mm/hwpoison: mf_mutex for soft offline and unpoison (bsc#1218663). * mm/hwpoison: remove mf_msg_buddy_2nd and mf_msg_poisoned_huge (bsc#1218663). * mm: memory-failure: fix potential unexpected return value from unpoison_memory() (git-fixes). * mmc: core: fix emmc initialization with 1-bit bus connection (git-fixes). * mmc: core: use mrq.sbc in close-ended ffu (git-fixes). * mmc: mmc_spi: remove custom dma mapped buffers (git-fixes). * mmc: sdhci-xenon: add timeout for phy init complete (git-fixes). * mmc: sdhci-xenon: fix phy init clock stability (git-fixes). * mmc: slot-gpio: allow non-sleeping gpio ro (git-fixes). * modpost: trim leading spaces when processing source files list (git-fixes). * mtd: spinand: gigadevice: fix the get ecc status issue (git-fixes). * net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes). * netfs, fscache: prevent oops in fscache_put_cache() (bsc#1220003). * nilfs2: fix data corruption in dsync block recovery for small block sizes (git-fixes). * nilfs2: replace warn_ons for invalid dat metadata block requests (git- fixes). * nouveau/svm: fix kvcalloc() argument order (git-fixes). * nouveau: fix function cast warnings (git-fixes). * ntfs: check overflow when iterating attr_records (git-fixes). * ntfs: fix use-after-free in ntfs_attr_find() (git-fixes). * nvme-fabrics: fix i/o connect error handling (git-fixes). * nvme-host: fix the updating of the firmware version (git-fixes). * pci/aer: decode requester id when no error info found (git-fixes). * pci: add no pm reset quirk for nvidia spectrum devices (git-fixes). * pci: add pci_header_type_mfd definition (bsc#1220021). * pci: fix 64gt/s effective data rate calculation (git-fixes). * pci: only override amd usb controller if required (git-fixes). * pci: switchtec: fix stdev_release() crash after surprise hot remove (git- fixes). * platform/x86: thinkpad_acpi: only update profile if successfully converted (git-fixes). * platform/x86: touchscreen_dmi: add info for the teclast x16 plus tablet (git-fixes). * platform/x86: touchscreen_dmi: allow partial (prefix) matches for acpi names (git-fixes). * pm: core: remove unnecessary (void *) conversions (git-fixes). * pm: runtime: have devm_pm_runtime_enable() handle pm_runtime_dont_use_autosuspend() (git-fixes). * pnp: acpi: fix fortify warning (git-fixes). * power: supply: bq27xxx-i2c: do not free non existing irq (git-fixes). * powerpc/64: set task pt_regs->link to the lr value on scv entry (bsc#1194869). * powerpc/powernv: fix fortify source warnings in opal-prd.c (bsc#1194869). * powerpc/pseries: add a clear modifier to ibm,pa/pi-features parser (bsc#1220348). * powerpc/pseries: rework lppaca_shared_proc() to avoid debug_preempt (bsc#1194869). * powerpc/pseries: set cpu_ftr_dbell according to ibm,pi-features (bsc#1220348). * powerpc/watchpoint: disable pagefaults when getting user instruction (bsc#1194869). * powerpc/watchpoints: annotate atomic context in more places (bsc#1194869). * powerpc/watchpoints: disable preemption in thread_change_pc() (bsc#1194869). * powerpc: add crtsavres.o to always-y instead of extra-y (bsc#1194869). * powerpc: do not include lppaca.h in paca.h (bsc#1194869). * pstore/ram: fix crash when setting number of cpus to an odd number (git- fixes). * ras/amd/atl: add mi300 row retirement support (jsc#ped-7618). * ras/amd/atl: fix bit overflow in denorm_addr_df4_np2() (git-fixes). * ras: introduce a fru memory poison manager (jsc#ped-7618). * rdma/bnxt_re: add a missing check in bnxt_qplib_query_srq (git-fixes) * rdma/bnxt_re: return error for srq resize (git-fixes) * rdma/core: fix uninit-value access in ib_get_eth_speed() (bsc#1219934). * rdma/core: get ib width and speed from netdev (bsc#1219934). * rdma/irdma: add ae for too many rnrs (git-fixes) * rdma/irdma: fix kasan issue with tasklet (git-fixes) * rdma/irdma: set the cq read threshold for gen 1 (git-fixes) * rdma/irdma: validate max_send_wr and max_recv_wr (git-fixes) * rdma/qedr: fix qedr_create_user_qp error flow (git-fixes) * rdma/srpt: fix function pointer cast warnings (git-fixes) * rdma/srpt: support specifying the srpt_service_guid parameter (git-fixes) * refresh patches.suse/dm_blk_ioctl-implement-path-failover-for-sg_io (bsc#1216776, bsc#1220277) * regulator: core: only increment use_count when enable_count changes (git- fixes). * regulator: pwm-regulator: add validity checks in continuous .get_voltage (git-fixes). * revert "drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz" (git- fixes). * revert "drm/amd/pm: resolve reboot exception for si oland" (git-fixes). * revert "drm/amd: flush any delayed gfxoff on suspend entry" (git-fixes). * rpm/kernel-binary.spec.in: install scripts/gdb when enabled in config (bsc#1219653) they are put into -devel subpackage. and a proper link to /usr/share/gdb/auto-load/ is created. * s390/qeth: fix potential loss of l3-ip@ in case of network issues (git-fixes bsc#1219840). * s390: use the correct count for __iowrite64_copy() (git-fixes bsc#1220317). * sched/membarrier: reduce the ability to hammer on sys_membarrier (git- fixes). * scsi: core: move scsi_host_busy() out of host lock for waking up eh handler (git-fixes). * scsi: core: move scsi_host_busy() out of host lock if it is for per-command (git-fixes). * scsi: fnic: move fnic_fnic_flush_tx() to a work queue (git-fixes bsc#1219141). * scsi: hisi_sas: prevent parallel flr and controller reset (git-fixes). * scsi: ibmvfc: limit max hw queues by num_online_cpus() (bsc#1220106). * scsi: ibmvfc: open-code reset loop for target reset (bsc#1220106). * scsi: isci: fix an error code problem in isci_io_request_build() (git- fixes). * scsi: lpfc: add condition to delete ndlp object after sending bls_rjt to an abts (bsc#1220021). * scsi: lpfc: allow lpfc_plogi_confirm_nport() logic to execute for fabric nodes (bsc#1220021). * scsi: lpfc: change lpfc_vport fc_flag member into a bitmask (bsc#1220021). * scsi: lpfc: change lpfc_vport load_flag member into a bitmask (bsc#1220021). * scsi: lpfc: change nlp state statistic counters into atomic_t (bsc#1220021). * scsi: lpfc: copyright updates for 14.4.0.0 patches (bsc#1220021). * scsi: lpfc: fix failure to delete vports when discovery is in progress (bsc#1220021). * scsi: lpfc: fix possible memory leak in lpfc_rcv_padisc() (bsc#1220021). * scsi: lpfc: initialize status local variable in lpfc_sli4_repost_sgl_list() (bsc#1220021). * scsi: lpfc: move handling of reset congestion statistics events (bsc#1220021). * scsi: lpfc: protect vport fc_nodes list with an explicit spin lock (bsc#1220021). * scsi: lpfc: remove d_id swap log message from trace event logger (bsc#1220021). * scsi: lpfc: remove nlp_rcv_plogi early return during rscn processing for ndlps (bsc#1220021). * scsi: lpfc: remove shost_lock protection for fc_host_port shost apis (bsc#1220021). * scsi: lpfc: replace deprecated strncpy() with strscpy() (bsc#1220021). * scsi: lpfc: save fpin frequency statistics upon receipt of peer cgn notifications (bsc#1220021). * scsi: lpfc: update lpfc version to 14.4.0.0 (bsc#1220021). * scsi: lpfc: use pci_header_type_mfd instead of literal (bsc#1220021). * scsi: lpfc: use sg_dma_len() api to get struct scatterlist's length (bsc#1220021). * scsi: mpi3mr: refresh sdev queue depth after controller reset (git-fixes). * scsi: revert "scsi: fcoe: fix potential deadlock on &fip->ctlr_lock" (git- fixes bsc#1219141). * serial: 8250: remove serial_rs485 sanitization from em485 (git-fixes). * spi-mxs: fix chipselect glitch (git-fixes). * spi: hisi-sfc-v3xx: return irq_none if no interrupts were detected (git- fixes). * spi: ppc4xx: drop write-only variable (git-fixes). * spi: sh-msiof: avoid integer overflow in constants (git-fixes). * staging: iio: ad5933: fix type mismatch regression (git-fixes). * supported.conf: remove external flag from ibm supported modules. (bsc#1209412) * tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (bsc#1218450). * tomoyo: fix uaf write bug in tomoyo_write_control() (git-fixes). * topology/sysfs: add format parameter to macro defining "show" functions for proc (jsc#ped-7618). * topology/sysfs: add ppin in sysfs under cpu topology (jsc#ped-7618). * tty: allow tiocslcktrmios with cap_checkpoint_restore (git-fixes). * ubsan: array-index-out-of-bounds in dtsplitroot (git-fixes). * usb: cdns3: fix memory double free when handle zero packet (git-fixes). * usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable() (git- fixes). * usb: cdns3: modify the return value of cdns_set_active () to void when config_pm_sleep is disabled (git-fixes). * usb: cdns3: put the cdns set active part outside the spin lock (git-fixes). * usb: cdns: readd old api (git-fixes). * usb: cdnsp: blocked some cdns3 specific code (git-fixes). * usb: cdnsp: fixed issue with incorrect detecting cdnsp family controllers (git-fixes). * usb: dwc3: gadget: do not disconnect if not started (git-fixes). * usb: dwc3: gadget: handle ep0 request dequeuing properly (git-fixes). * usb: dwc3: gadget: ignore end transfer delay on teardown (git-fixes). * usb: dwc3: gadget: queue pm runtime idle on disconnect event (git-fixes). * usb: dwc3: gadget: refactor ep0 forced stall/restart into a separate api (git-fixes). * usb: dwc3: gadget: submit endxfer command if delayed during disconnect (git- fixes). * usb: dwc3: host: set xhci_sg_trb_cache_size_quirk (git-fixes). * usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes). * usb: gadget: core: add missing kerneldoc for vbus_work (git-fixes). * usb: gadget: core: adjust uevent timing on gadget unbind (git-fixes). * usb: gadget: core: help prevent panic during uvc unconfigure (git-fixes). * usb: gadget: core: remove unbalanced mutex_unlock in usb_gadget_activate (git-fixes). * usb: gadget: f_hid: fix report descriptor allocation (git-fixes). * usb: gadget: fix obscure lockdep violation for udc_mutex (git-fixes). * usb: gadget: fix use-after-free read in usb_udc_uevent() (git-fixes). * usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc (git-fixes). * usb: gadget: ncm: avoid dropping datagrams of properly parsed ntbs (git- fixes). * usb: gadget: udc: core: offload usb_udc_vbus_handler processing (git-fixes). * usb: gadget: udc: core: prevent soft_connect_store() race (git-fixes). * usb: gadget: udc: handle gadget_connect failure during bind operation (git- fixes). * usb: hub: check for alternate port before enabling a_alt_hnp_support (bsc#1218527). * usb: hub: replace hardcoded quirk value with bit() macro (git-fixes). * usb: roles: do not get/set_role() when usb_role_switch is unregistered (git- fixes). * usb: roles: fix null pointer issue when put module's reference (git-fixes). * usb: serial: cp210x: add id for imst im871a-usb (git-fixes). * usb: serial: option: add fibocom fm101-gl variant (git-fixes). * usb: serial: qcserial: add new usb-id for dell wireless dw5826e (git-fixes). * watchdog: it87_wdt: keep wdtctrl bit 3 unmodified for it8784/it8786 (git- fixes). * wifi: ath11k: fix registration of 6ghz-only phy without the full channel range (git-fixes). * wifi: ath9k: fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() (git-fixes). * wifi: cfg80211: fix missing interfaces when dumping (git-fixes). * wifi: cfg80211: free beacon_ies when overridden from hidden bss (git-fixes). * wifi: iwlwifi: fix some error codes (git-fixes). * wifi: iwlwifi: mvm: avoid baid size integer overflow (git-fixes). * wifi: iwlwifi: uninitialized variable in iwl_acpi_get_ppag_table() (git- fixes). * wifi: mac80211: adding missing drv_mgd_complete_tx() call (git-fixes). * wifi: mac80211: fix race condition on enabling fast-xmit (git-fixes). * wifi: nl80211: reject iftype change with mesh id change (git-fixes). * wifi: rt2x00: restart beacon queue when hardware reset (git-fixes). * wifi: rtl8xxxu: add additional usb ids for rtl8192eu devices (git-fixes). * wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() (git-fixes). * wifi: wext-core: fix -wstringop-overflow warning in ioctl_standard_iw_point() (git-fixes). * x86/asm: add _asm_rip() macro for x86-64 (%rip) suffix (git-fixes). * x86/bugs: add asm helpers for executing verw (git-fixes). * x86/bugs: use alternative() instead of mds_user_clear static key (git- fixes). also add mds_user_clear to kabi severities since it's strictly mitigation related so should be low risk. * x86/cpu: x86_feature_intel_ppin finally had a cpuid bit (jsc#ped-7618). * x86/entry_32: add verw just before userspace transition (git-fixes). * x86/entry_64: add verw just before userspace transition (git-fixes). * x86/mm: fix memory encryption features advertisement (bsc#1206453). * xfs: remove unused fields from struct xbtree_ifakeroot (git-fixes). * xfs: short circuit xfs_growfs_data_private() if delta is zero (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-858=1 openSUSE-SLE-15.5-2024-858=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-858=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-858=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-858=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-858=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-858=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-858=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-858=1 ## Package List: * openSUSE Leap 15.5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.52.1 * openSUSE Leap 15.5 (noarch) * kernel-source-vanilla-5.14.21-150500.55.52.1 * kernel-docs-html-5.14.21-150500.55.52.1 * kernel-devel-5.14.21-150500.55.52.1 * kernel-macros-5.14.21-150500.55.52.1 * kernel-source-5.14.21-150500.55.52.1 * openSUSE Leap 15.5 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150500.55.52.1 * openSUSE Leap 15.5 (ppc64le x86_64) * kernel-debug-debugsource-5.14.21-150500.55.52.1 * kernel-debug-devel-debuginfo-5.14.21-150500.55.52.1 * kernel-debug-debuginfo-5.14.21-150500.55.52.1 * kernel-debug-livepatch-devel-5.14.21-150500.55.52.1 * kernel-debug-devel-5.14.21-150500.55.52.1 * openSUSE Leap 15.5 (x86_64) * kernel-default-vdso-5.14.21-150500.55.52.1 * kernel-debug-vdso-debuginfo-5.14.21-150500.55.52.1 * kernel-kvmsmall-vdso-5.14.21-150500.55.52.1 * kernel-debug-vdso-5.14.21-150500.55.52.1 * kernel-default-vdso-debuginfo-5.14.21-150500.55.52.1 * kernel-kvmsmall-vdso-debuginfo-5.14.21-150500.55.52.1 * openSUSE Leap 15.5 (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150500.55.52.1.150500.6.23.1 * kernel-kvmsmall-debugsource-5.14.21-150500.55.52.1 * kernel-kvmsmall-debuginfo-5.14.21-150500.55.52.1 * kernel-kvmsmall-livepatch-devel-5.14.21-150500.55.52.1 * kernel-kvmsmall-devel-5.14.21-150500.55.52.1 * kernel-kvmsmall-devel-debuginfo-5.14.21-150500.55.52.1 * kernel-default-base-rebuild-5.14.21-150500.55.52.1.150500.6.23.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-5.14.21-150500.55.52.1 * kernel-default-optional-5.14.21-150500.55.52.1 * dlm-kmp-default-5.14.21-150500.55.52.1 * kernel-default-livepatch-5.14.21-150500.55.52.1 * kernel-default-debugsource-5.14.21-150500.55.52.1 * kernel-default-extra-debuginfo-5.14.21-150500.55.52.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.52.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.52.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.52.1 * gfs2-kmp-default-5.14.21-150500.55.52.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.52.1 * kselftests-kmp-default-debuginfo-5.14.21-150500.55.52.1 * kernel-default-debuginfo-5.14.21-150500.55.52.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.52.1 * kernel-default-optional-debuginfo-5.14.21-150500.55.52.1 * kernel-obs-qa-5.14.21-150500.55.52.1 * kernel-obs-build-5.14.21-150500.55.52.1 * kernel-syms-5.14.21-150500.55.52.1 * kernel-default-livepatch-devel-5.14.21-150500.55.52.1 * cluster-md-kmp-default-5.14.21-150500.55.52.1 * ocfs2-kmp-default-5.14.21-150500.55.52.1 * kernel-default-extra-5.14.21-150500.55.52.1 * reiserfs-kmp-default-5.14.21-150500.55.52.1 * kselftests-kmp-default-5.14.21-150500.55.52.1 * kernel-obs-build-debugsource-5.14.21-150500.55.52.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.52.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.52.1 * openSUSE Leap 15.5 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150500.55.52.1 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_11-debugsource-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_55_52-default-1-150500.11.3.1 * openSUSE Leap 15.5 (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.52.1 * openSUSE Leap 15.5 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150500.55.52.1 * kernel-zfcpdump-debugsource-5.14.21-150500.55.52.1 * openSUSE Leap 15.5 (nosrc) * dtb-aarch64-5.14.21-150500.55.52.1 * openSUSE Leap 15.5 (aarch64) * kernel-64kb-optional-5.14.21-150500.55.52.1 * dtb-qcom-5.14.21-150500.55.52.1 * dtb-amd-5.14.21-150500.55.52.1 * dtb-altera-5.14.21-150500.55.52.1 * dtb-socionext-5.14.21-150500.55.52.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150500.55.52.1 * dtb-apple-5.14.21-150500.55.52.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150500.55.52.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150500.55.52.1 * kernel-64kb-extra-5.14.21-150500.55.52.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150500.55.52.1 * dtb-apm-5.14.21-150500.55.52.1 * dtb-hisilicon-5.14.21-150500.55.52.1 * kernel-64kb-devel-debuginfo-5.14.21-150500.55.52.1 * dtb-renesas-5.14.21-150500.55.52.1 * dtb-arm-5.14.21-150500.55.52.1 * gfs2-kmp-64kb-5.14.21-150500.55.52.1 * kernel-64kb-devel-5.14.21-150500.55.52.1 * kselftests-kmp-64kb-5.14.21-150500.55.52.1 * dtb-lg-5.14.21-150500.55.52.1 * dlm-kmp-64kb-5.14.21-150500.55.52.1 * kernel-64kb-livepatch-devel-5.14.21-150500.55.52.1 * dtb-amlogic-5.14.21-150500.55.52.1 * dtb-amazon-5.14.21-150500.55.52.1 * kernel-64kb-debugsource-5.14.21-150500.55.52.1 * dtb-sprd-5.14.21-150500.55.52.1 * dtb-xilinx-5.14.21-150500.55.52.1 * dtb-cavium-5.14.21-150500.55.52.1 * dtb-nvidia-5.14.21-150500.55.52.1 * kernel-64kb-extra-debuginfo-5.14.21-150500.55.52.1 * dtb-mediatek-5.14.21-150500.55.52.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150500.55.52.1 * kernel-64kb-optional-debuginfo-5.14.21-150500.55.52.1 * dtb-allwinner-5.14.21-150500.55.52.1 * kernel-64kb-debuginfo-5.14.21-150500.55.52.1 * cluster-md-kmp-64kb-5.14.21-150500.55.52.1 * dtb-freescale-5.14.21-150500.55.52.1 * dtb-marvell-5.14.21-150500.55.52.1 * dtb-rockchip-5.14.21-150500.55.52.1 * dtb-broadcom-5.14.21-150500.55.52.1 * ocfs2-kmp-64kb-5.14.21-150500.55.52.1 * reiserfs-kmp-64kb-5.14.21-150500.55.52.1 * dlm-kmp-64kb-debuginfo-5.14.21-150500.55.52.1 * dtb-exynos-5.14.21-150500.55.52.1 * openSUSE Leap 15.5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.52.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150500.55.52.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * kernel-default-base-5.14.21-150500.55.52.1.150500.6.23.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150500.55.52.1 * kernel-default-debugsource-5.14.21-150500.55.52.1 * Basesystem Module 15-SP5 (aarch64 nosrc) * kernel-64kb-5.14.21-150500.55.52.1 * Basesystem Module 15-SP5 (aarch64) * kernel-64kb-devel-debuginfo-5.14.21-150500.55.52.1 * kernel-64kb-devel-5.14.21-150500.55.52.1 * kernel-64kb-debuginfo-5.14.21-150500.55.52.1 * kernel-64kb-debugsource-5.14.21-150500.55.52.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150500.55.52.1 * Basesystem Module 15-SP5 (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150500.55.52.1.150500.6.23.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-5.14.21-150500.55.52.1 * kernel-default-devel-debuginfo-5.14.21-150500.55.52.1 * kernel-default-debuginfo-5.14.21-150500.55.52.1 * kernel-default-debugsource-5.14.21-150500.55.52.1 * Basesystem Module 15-SP5 (noarch) * kernel-devel-5.14.21-150500.55.52.1 * kernel-macros-5.14.21-150500.55.52.1 * Basesystem Module 15-SP5 (nosrc s390x) * kernel-zfcpdump-5.14.21-150500.55.52.1 * Basesystem Module 15-SP5 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150500.55.52.1 * kernel-zfcpdump-debugsource-5.14.21-150500.55.52.1 * Development Tools Module 15-SP5 (noarch nosrc) * kernel-docs-5.14.21-150500.55.52.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kernel-syms-5.14.21-150500.55.52.1 * kernel-obs-build-5.14.21-150500.55.52.1 * kernel-obs-build-debugsource-5.14.21-150500.55.52.1 * Development Tools Module 15-SP5 (noarch) * kernel-source-5.14.21-150500.55.52.1 * Legacy Module 15-SP5 (nosrc) * kernel-default-5.14.21-150500.55.52.1 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * reiserfs-kmp-default-5.14.21-150500.55.52.1 * reiserfs-kmp-default-debuginfo-5.14.21-150500.55.52.1 * kernel-default-debuginfo-5.14.21-150500.55.52.1 * kernel-default-debugsource-5.14.21-150500.55.52.1 * SUSE Linux Enterprise Live Patching 15-SP5 (nosrc) * kernel-default-5.14.21-150500.55.52.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_11-debugsource-1-150500.11.3.1 * kernel-default-livepatch-5.14.21-150500.55.52.1 * kernel-default-debugsource-5.14.21-150500.55.52.1 * kernel-default-livepatch-devel-5.14.21-150500.55.52.1 * kernel-livepatch-5_14_21-150500_55_52-default-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_55_52-default-debuginfo-1-150500.11.3.1 * kernel-default-debuginfo-5.14.21-150500.55.52.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * kernel-default-debugsource-5.14.21-150500.55.52.1 * dlm-kmp-default-debuginfo-5.14.21-150500.55.52.1 * cluster-md-kmp-default-5.14.21-150500.55.52.1 * dlm-kmp-default-5.14.21-150500.55.52.1 * cluster-md-kmp-default-debuginfo-5.14.21-150500.55.52.1 * gfs2-kmp-default-debuginfo-5.14.21-150500.55.52.1 * gfs2-kmp-default-5.14.21-150500.55.52.1 * ocfs2-kmp-default-5.14.21-150500.55.52.1 * kernel-default-debuginfo-5.14.21-150500.55.52.1 * ocfs2-kmp-default-debuginfo-5.14.21-150500.55.52.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (nosrc) * kernel-default-5.14.21-150500.55.52.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (nosrc) * kernel-default-5.14.21-150500.55.52.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * kernel-default-extra-5.14.21-150500.55.52.1 * kernel-default-extra-debuginfo-5.14.21-150500.55.52.1 * kernel-default-debuginfo-5.14.21-150500.55.52.1 * kernel-default-debugsource-5.14.21-150500.55.52.1 ## References: * https://www.suse.com/security/cve/CVE-2019-25162.html * https://www.suse.com/security/cve/CVE-2021-46923.html * https://www.suse.com/security/cve/CVE-2021-46924.html * https://www.suse.com/security/cve/CVE-2021-46932.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-5197.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52429.html * https://www.suse.com/security/cve/CVE-2023-52439.html * https://www.suse.com/security/cve/CVE-2023-52443.html * https://www.suse.com/security/cve/CVE-2023-52445.html * https://www.suse.com/security/cve/CVE-2023-52447.html * https://www.suse.com/security/cve/CVE-2023-52448.html * https://www.suse.com/security/cve/CVE-2023-52449.html * https://www.suse.com/security/cve/CVE-2023-52451.html * https://www.suse.com/security/cve/CVE-2023-52452.html * https://www.suse.com/security/cve/CVE-2023-52456.html * https://www.suse.com/security/cve/CVE-2023-52457.html * https://www.suse.com/security/cve/CVE-2023-52463.html * https://www.suse.com/security/cve/CVE-2023-52464.html * https://www.suse.com/security/cve/CVE-2023-52475.html * https://www.suse.com/security/cve/CVE-2023-52478.html * https://www.suse.com/security/cve/CVE-2023-6817.html * https://www.suse.com/security/cve/CVE-2024-0607.html * https://www.suse.com/security/cve/CVE-2024-1151.html * https://www.suse.com/security/cve/CVE-2024-23849.html * https://www.suse.com/security/cve/CVE-2024-23850.html * https://www.suse.com/security/cve/CVE-2024-23851.html * https://www.suse.com/security/cve/CVE-2024-25744.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26586.html * https://www.suse.com/security/cve/CVE-2024-26589.html * https://www.suse.com/security/cve/CVE-2024-26591.html * https://www.suse.com/security/cve/CVE-2024-26593.html * https://www.suse.com/security/cve/CVE-2024-26595.html * https://www.suse.com/security/cve/CVE-2024-26598.html * https://www.suse.com/security/cve/CVE-2024-26602.html * https://www.suse.com/security/cve/CVE-2024-26603.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1206453 * https://bugzilla.suse.com/show_bug.cgi?id=1209412 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1216776 * https://bugzilla.suse.com/show_bug.cgi?id=1217927 * https://bugzilla.suse.com/show_bug.cgi?id=1218195 * https://bugzilla.suse.com/show_bug.cgi?id=1218216 * https://bugzilla.suse.com/show_bug.cgi?id=1218450 * https://bugzilla.suse.com/show_bug.cgi?id=1218527 * https://bugzilla.suse.com/show_bug.cgi?id=1218663 * https://bugzilla.suse.com/show_bug.cgi?id=1218915 * https://bugzilla.suse.com/show_bug.cgi?id=1219126 * https://bugzilla.suse.com/show_bug.cgi?id=1219127 * https://bugzilla.suse.com/show_bug.cgi?id=1219141 * https://bugzilla.suse.com/show_bug.cgi?id=1219146 * https://bugzilla.suse.com/show_bug.cgi?id=1219295 * https://bugzilla.suse.com/show_bug.cgi?id=1219443 * https://bugzilla.suse.com/show_bug.cgi?id=1219653 * https://bugzilla.suse.com/show_bug.cgi?id=1219827 * https://bugzilla.suse.com/show_bug.cgi?id=1219835 * https://bugzilla.suse.com/show_bug.cgi?id=1219839 * https://bugzilla.suse.com/show_bug.cgi?id=1219840 * https://bugzilla.suse.com/show_bug.cgi?id=1219934 * https://bugzilla.suse.com/show_bug.cgi?id=1220003 * https://bugzilla.suse.com/show_bug.cgi?id=1220009 * https://bugzilla.suse.com/show_bug.cgi?id=1220021 * https://bugzilla.suse.com/show_bug.cgi?id=1220030 * https://bugzilla.suse.com/show_bug.cgi?id=1220106 * https://bugzilla.suse.com/show_bug.cgi?id=1220140 * https://bugzilla.suse.com/show_bug.cgi?id=1220187 * https://bugzilla.suse.com/show_bug.cgi?id=1220238 * https://bugzilla.suse.com/show_bug.cgi?id=1220240 * https://bugzilla.suse.com/show_bug.cgi?id=1220241 * https://bugzilla.suse.com/show_bug.cgi?id=1220243 * https://bugzilla.suse.com/show_bug.cgi?id=1220250 * https://bugzilla.suse.com/show_bug.cgi?id=1220251 * https://bugzilla.suse.com/show_bug.cgi?id=1220253 * https://bugzilla.suse.com/show_bug.cgi?id=1220254 * https://bugzilla.suse.com/show_bug.cgi?id=1220255 * https://bugzilla.suse.com/show_bug.cgi?id=1220257 * https://bugzilla.suse.com/show_bug.cgi?id=1220267 * https://bugzilla.suse.com/show_bug.cgi?id=1220277 * https://bugzilla.suse.com/show_bug.cgi?id=1220317 * https://bugzilla.suse.com/show_bug.cgi?id=1220326 * https://bugzilla.suse.com/show_bug.cgi?id=1220328 * https://bugzilla.suse.com/show_bug.cgi?id=1220330 * https://bugzilla.suse.com/show_bug.cgi?id=1220335 * https://bugzilla.suse.com/show_bug.cgi?id=1220344 * https://bugzilla.suse.com/show_bug.cgi?id=1220348 * https://bugzilla.suse.com/show_bug.cgi?id=1220350 * https://bugzilla.suse.com/show_bug.cgi?id=1220364 * https://bugzilla.suse.com/show_bug.cgi?id=1220392 * https://bugzilla.suse.com/show_bug.cgi?id=1220393 * https://bugzilla.suse.com/show_bug.cgi?id=1220398 * https://bugzilla.suse.com/show_bug.cgi?id=1220409 * https://bugzilla.suse.com/show_bug.cgi?id=1220444 * https://bugzilla.suse.com/show_bug.cgi?id=1220457 * https://bugzilla.suse.com/show_bug.cgi?id=1220459 * https://bugzilla.suse.com/show_bug.cgi?id=1220649 * https://bugzilla.suse.com/show_bug.cgi?id=1220796 * https://bugzilla.suse.com/show_bug.cgi?id=1220825 * https://jira.suse.com/browse/PED-7618 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 08:30:31 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 08:30:31 -0000 Subject: SUSE-SU-2024:0857-1: important: Security update for the Linux Kernel Message-ID: <171031863148.24355.11387786209365160081@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:0857-1 Rating: important References: * bsc#1200599 * bsc#1207653 * bsc#1212514 * bsc#1213456 * bsc#1216223 * bsc#1218195 * bsc#1218689 * bsc#1218915 * bsc#1219127 * bsc#1219128 * bsc#1219146 * bsc#1219295 * bsc#1219653 * bsc#1219827 * bsc#1219835 * bsc#1219915 * bsc#1220009 * bsc#1220140 * bsc#1220187 * bsc#1220238 * bsc#1220240 * bsc#1220241 * bsc#1220243 * bsc#1220250 * bsc#1220253 * bsc#1220255 * bsc#1220328 * bsc#1220330 * bsc#1220344 * bsc#1220398 * bsc#1220409 * bsc#1220416 * bsc#1220418 * bsc#1220421 * bsc#1220436 * bsc#1220444 * bsc#1220459 * bsc#1220469 * bsc#1220482 * bsc#1220526 * bsc#1220538 * bsc#1220570 * bsc#1220572 * bsc#1220599 * bsc#1220627 * bsc#1220641 * bsc#1220649 * bsc#1220660 * bsc#1220689 * bsc#1220700 * bsc#1220735 * bsc#1220736 * bsc#1220737 * bsc#1220742 * bsc#1220745 * bsc#1220767 * bsc#1220796 * bsc#1220825 * bsc#1220826 * bsc#1220831 * bsc#1220845 * bsc#1220860 * bsc#1220863 * bsc#1220870 * bsc#1220917 * bsc#1220918 * bsc#1220930 * bsc#1220931 * bsc#1220932 * bsc#1221039 * bsc#1221040 Cross-References: * CVE-2019-25162 * CVE-2020-36777 * CVE-2020-36784 * CVE-2021-46904 * CVE-2021-46905 * CVE-2021-46906 * CVE-2021-46915 * CVE-2021-46924 * CVE-2021-46929 * CVE-2021-46932 * CVE-2021-46934 * CVE-2021-46953 * CVE-2021-46964 * CVE-2021-46966 * CVE-2021-46968 * CVE-2021-46974 * CVE-2021-46989 * CVE-2021-47005 * CVE-2021-47012 * CVE-2021-47013 * CVE-2021-47054 * CVE-2021-47060 * CVE-2021-47061 * CVE-2021-47069 * CVE-2021-47076 * CVE-2021-47078 * CVE-2021-47083 * CVE-2022-20154 * CVE-2022-48627 * CVE-2023-28746 * CVE-2023-35827 * CVE-2023-46343 * CVE-2023-51042 * CVE-2023-52340 * CVE-2023-52429 * CVE-2023-52439 * CVE-2023-52443 * CVE-2023-52445 * CVE-2023-52448 * CVE-2023-52449 * CVE-2023-52451 * CVE-2023-52463 * CVE-2023-52475 * CVE-2023-52478 * CVE-2023-52482 * CVE-2023-52502 * CVE-2023-52530 * CVE-2023-52531 * CVE-2023-52532 * CVE-2023-52569 * CVE-2023-52574 * CVE-2023-52597 * CVE-2023-52605 * CVE-2023-6817 * CVE-2024-0340 * CVE-2024-0607 * CVE-2024-1151 * CVE-2024-23849 * CVE-2024-23851 * CVE-2024-26585 * CVE-2024-26586 * CVE-2024-26589 * CVE-2024-26593 * CVE-2024-26595 * CVE-2024-26602 * CVE-2024-26607 * CVE-2024-26622 CVSS scores: * CVE-2019-25162 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2020-36777 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2020-36784 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46905 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46924 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46932 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46934 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46953 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46968 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46974 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2021-47005 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47012 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47060 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47069 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47076 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47078 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47083 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2022-20154 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-20154 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48627 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-46343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46343 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-51042 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-51042 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52439 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52443 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52445 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52448 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52451 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52463 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52475 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52478 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52482 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52530 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52531 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52569 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6817 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6817 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0340 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-0340 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-0607 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-0607 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-1151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-23849 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26586 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26589 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26593 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26607 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Manager Proxy 4.2 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Server 4.2 An update that solves 67 vulnerabilities and has four security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831). * CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295). * CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915). * CVE-2023-6817: Fixed use-after-free in nft_pipapo_walk (bsc#1218195). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825). * CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250). * CVE-2021-46932: Fixed missing work initialization before device registration (bsc#1220444) * CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328). * CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238). * CVE-2023-52475: Fixed use-after-free in powermate_config_complete (bsc#1220649) * CVE-2023-52478: Fixed kernel crash on receiver USB disconnect (bsc#1220796) * CVE-2021-46915: Fixed a bug to avoid possible divide error in nft_limit_init (bsc#1220436). * CVE-2021-46924: Fixed fix memory leak in device probe and remove (bsc#1220459) * CVE-2019-25162: Fixed a potential use after free (bsc#1220409). * CVE-2020-36784: Fixed reference leak when pm_runtime_get_sync fails (bsc#1220570). * CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241). * CVE-2023-46343: Fixed a NULL pointer dereference in send_acknowledge() (CVE-2023-46343). * CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140). * CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240). * CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398). * CVE-2024-26593: Fixed block process call transactions (bsc#1220009). * CVE-2021-47013: Fixed a use after free in emac_mac_tx_buf_send (bsc#1220641). * CVE-2024-26586: Fixed stack corruption (bsc#1220243). * CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344). * CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2_rgrp_dump (bsc#1220253). * CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835). * CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127). * CVE-2024-0340: Fixed information disclosure in vhost/vhost.c:vhost_new_msg() (bsc#1218689). * CVE-2023-51042: Fixed use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (bsc#1219128). * CVE-2021-47078: Fixed a bug by clearing all QP fields if creation failed (bsc#1220863) * CVE-2021-47076: Fixed a bug by returning CQE error if invalid lkey was supplied (bsc#1220860) * CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039) * CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to insert delayed dir index item (bsc#1220918). * CVE-2023-52482: Fixex a bug by adding SRSO mitigation for Hygon processors (bsc#1220735). * CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040). * CVE-2022-48627: Fixed a memory overlapping when deleting chars in the buffer (bsc#1220845). * CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870). * CVE-2021-46934: Fixed a bug by validating user data in compat ioctl (bsc#1220469). * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). * CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932). * CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930). * CVE-2023-52531: Fixed a memory corruption issue in iwlwifi (bsc#1220931). * CVE-2021-47083: Fixed a global-out-of-bounds issue in mediatek: (bsc#1220917). * CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736). * CVE-2021-47005: Fixed a NULL pointer dereference for ->get_features() (bsc#1220660). * CVE-2021-47060: Fixed a bug in KVM by stop looking for coalesced MMIO zones if the bus is destroyed (bsc#1220742). * CVE-2021-47012: Fixed a use after free in siw_alloc_mr (bsc#1220627). * CVE-2021-46989: Fixed a bug by preventing corruption in shrinking truncate in hfsplus (bsc#1220737). * CVE-2021-47061: Fixed a bug in KVM by destroy I/O bus devices on unregister failure _after_ sync'ing SRCU (bsc#1220745). The following non-security bugs were fixed: * EDAC/thunderx: Fix possible out-of-bounds string access (bsc#1220330) * ext4: fix deadlock due to mbcache entry corruption (bsc#1207653 bsc#1219915). * ibmvfc: make 'max_sectors' a module option (bsc#1216223). * KVM: Destroy target device if coalesced MMIO unregistration fails (git- fixes). * KVM: mmio: Fix use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio (git-fixes). * KVM: VMX: Move VERW closer to VMentry for MDS mitigation (git-fixes). * KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (git- fixes). * KVM: x86: add support for CPUID leaf 0x80000021 (git-fixes). * KVM: x86: Move open-coded CPUID leaf 0x80000021 EAX bit propagation code (git-fixes). * KVM: x86: synthesize CPUID leaf 0x80000021h if useful (git-fixes). * KVM: x86: work around QEMU issue with synthetic CPUID leaves (git-fixes). * mbcache: Fixup kABI of mb_cache_entry (bsc#1207653 bsc#1219915). * scsi: Update max_hw_sectors on rescan (bsc#1216223). * x86/asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix (git-fixes). * x86/bugs: Add asm helpers for executing VERW (git-fixes). * x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (git- fixes). Also add the removed mds_user_clear symbol to kABI severities as it is exposed just for KVM module and is generally a core kernel component so removing it is low risk. * x86/cpu, kvm: Move X86_FEATURE_LFENCE_RDTSC to its native leaf (git-fixes). * x86/entry_32: Add VERW just before userspace transition (git-fixes). * x86/entry_64: Add VERW just before userspace transition (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-857=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-857=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2024-857=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-857=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-857=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-857=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-857=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-857=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-857=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-857=1 ## Package List: * openSUSE Leap 15.3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.153.2 * openSUSE Leap 15.3 (noarch) * kernel-devel-5.3.18-150300.59.153.2 * kernel-docs-html-5.3.18-150300.59.153.2 * kernel-macros-5.3.18-150300.59.153.2 * kernel-source-5.3.18-150300.59.153.2 * kernel-source-vanilla-5.3.18-150300.59.153.2 * openSUSE Leap 15.3 (nosrc ppc64le x86_64) * kernel-kvmsmall-5.3.18-150300.59.153.2 * kernel-debug-5.3.18-150300.59.153.2 * openSUSE Leap 15.3 (ppc64le x86_64) * kernel-debug-devel-debuginfo-5.3.18-150300.59.153.2 * kernel-debug-debuginfo-5.3.18-150300.59.153.2 * kernel-kvmsmall-devel-5.3.18-150300.59.153.2 * kernel-kvmsmall-livepatch-devel-5.3.18-150300.59.153.2 * kernel-kvmsmall-debuginfo-5.3.18-150300.59.153.2 * kernel-kvmsmall-debugsource-5.3.18-150300.59.153.2 * kernel-debug-livepatch-devel-5.3.18-150300.59.153.2 * kernel-debug-devel-5.3.18-150300.59.153.2 * kernel-kvmsmall-devel-debuginfo-5.3.18-150300.59.153.2 * kernel-debug-debugsource-5.3.18-150300.59.153.2 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * dlm-kmp-default-debuginfo-5.3.18-150300.59.153.2 * kernel-default-livepatch-devel-5.3.18-150300.59.153.2 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.153.2 * kernel-default-devel-debuginfo-5.3.18-150300.59.153.2 * reiserfs-kmp-default-5.3.18-150300.59.153.2 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.153.2 * kernel-default-extra-debuginfo-5.3.18-150300.59.153.2 * kernel-obs-build-5.3.18-150300.59.153.2 * kernel-obs-qa-5.3.18-150300.59.153.1 * kernel-default-optional-5.3.18-150300.59.153.2 * kernel-obs-build-debugsource-5.3.18-150300.59.153.2 * kselftests-kmp-default-5.3.18-150300.59.153.2 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.153.2 * cluster-md-kmp-default-5.3.18-150300.59.153.2 * kernel-default-devel-5.3.18-150300.59.153.2 * kernel-default-extra-5.3.18-150300.59.153.2 * dlm-kmp-default-5.3.18-150300.59.153.2 * kernel-default-base-5.3.18-150300.59.153.2.150300.18.90.2 * kernel-default-livepatch-5.3.18-150300.59.153.2 * kernel-syms-5.3.18-150300.59.153.1 * kernel-default-debugsource-5.3.18-150300.59.153.2 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.153.2 * kselftests-kmp-default-debuginfo-5.3.18-150300.59.153.2 * kernel-default-debuginfo-5.3.18-150300.59.153.2 * gfs2-kmp-default-5.3.18-150300.59.153.2 * kernel-default-optional-debuginfo-5.3.18-150300.59.153.2 * ocfs2-kmp-default-5.3.18-150300.59.153.2 * kernel-default-base-rebuild-5.3.18-150300.59.153.2.150300.18.90.2 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.153.2 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_153-default-debuginfo-1-150300.7.3.2 * kernel-livepatch-5_3_18-150300_59_153-default-1-150300.7.3.2 * kernel-livepatch-SLE15-SP3_Update_42-debugsource-1-150300.7.3.2 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_153-preempt-1-150300.7.3.2 * kernel-livepatch-5_3_18-150300_59_153-preempt-debuginfo-1-150300.7.3.2 * openSUSE Leap 15.3 (aarch64 x86_64) * kselftests-kmp-preempt-5.3.18-150300.59.153.2 * cluster-md-kmp-preempt-debuginfo-5.3.18-150300.59.153.2 * kernel-preempt-devel-5.3.18-150300.59.153.2 * kernel-preempt-optional-5.3.18-150300.59.153.2 * dlm-kmp-preempt-5.3.18-150300.59.153.2 * ocfs2-kmp-preempt-5.3.18-150300.59.153.2 * dlm-kmp-preempt-debuginfo-5.3.18-150300.59.153.2 * kernel-preempt-debugsource-5.3.18-150300.59.153.2 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.153.2 * kernel-preempt-extra-5.3.18-150300.59.153.2 * reiserfs-kmp-preempt-debuginfo-5.3.18-150300.59.153.2 * kernel-preempt-debuginfo-5.3.18-150300.59.153.2 * kernel-preempt-optional-debuginfo-5.3.18-150300.59.153.2 * kernel-preempt-extra-debuginfo-5.3.18-150300.59.153.2 * gfs2-kmp-preempt-5.3.18-150300.59.153.2 * gfs2-kmp-preempt-debuginfo-5.3.18-150300.59.153.2 * kselftests-kmp-preempt-debuginfo-5.3.18-150300.59.153.2 * reiserfs-kmp-preempt-5.3.18-150300.59.153.2 * cluster-md-kmp-preempt-5.3.18-150300.59.153.2 * kernel-preempt-livepatch-devel-5.3.18-150300.59.153.2 * ocfs2-kmp-preempt-debuginfo-5.3.18-150300.59.153.2 * openSUSE Leap 15.3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.153.2 * openSUSE Leap 15.3 (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.153.2 * openSUSE Leap 15.3 (s390x) * kernel-zfcpdump-debugsource-5.3.18-150300.59.153.2 * kernel-zfcpdump-debuginfo-5.3.18-150300.59.153.2 * openSUSE Leap 15.3 (nosrc) * dtb-aarch64-5.3.18-150300.59.153.1 * openSUSE Leap 15.3 (aarch64) * kernel-64kb-debuginfo-5.3.18-150300.59.153.2 * gfs2-kmp-64kb-debuginfo-5.3.18-150300.59.153.2 * dtb-sprd-5.3.18-150300.59.153.1 * dtb-exynos-5.3.18-150300.59.153.1 * dtb-zte-5.3.18-150300.59.153.1 * dtb-broadcom-5.3.18-150300.59.153.1 * gfs2-kmp-64kb-5.3.18-150300.59.153.2 * reiserfs-kmp-64kb-5.3.18-150300.59.153.2 * kernel-64kb-extra-5.3.18-150300.59.153.2 * ocfs2-kmp-64kb-5.3.18-150300.59.153.2 * kselftests-kmp-64kb-5.3.18-150300.59.153.2 * dtb-cavium-5.3.18-150300.59.153.1 * dtb-socionext-5.3.18-150300.59.153.1 * kernel-64kb-extra-debuginfo-5.3.18-150300.59.153.2 * dlm-kmp-64kb-debuginfo-5.3.18-150300.59.153.2 * ocfs2-kmp-64kb-debuginfo-5.3.18-150300.59.153.2 * dtb-rockchip-5.3.18-150300.59.153.1 * cluster-md-kmp-64kb-5.3.18-150300.59.153.2 * reiserfs-kmp-64kb-debuginfo-5.3.18-150300.59.153.2 * dtb-allwinner-5.3.18-150300.59.153.1 * dtb-hisilicon-5.3.18-150300.59.153.1 * dtb-amlogic-5.3.18-150300.59.153.1 * cluster-md-kmp-64kb-debuginfo-5.3.18-150300.59.153.2 * dlm-kmp-64kb-5.3.18-150300.59.153.2 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.153.2 * kselftests-kmp-64kb-debuginfo-5.3.18-150300.59.153.2 * dtb-nvidia-5.3.18-150300.59.153.1 * kernel-64kb-livepatch-devel-5.3.18-150300.59.153.2 * dtb-qcom-5.3.18-150300.59.153.1 * kernel-64kb-optional-debuginfo-5.3.18-150300.59.153.2 * dtb-mediatek-5.3.18-150300.59.153.1 * dtb-arm-5.3.18-150300.59.153.1 * dtb-apm-5.3.18-150300.59.153.1 * kernel-64kb-debugsource-5.3.18-150300.59.153.2 * kernel-64kb-optional-5.3.18-150300.59.153.2 * dtb-altera-5.3.18-150300.59.153.1 * dtb-renesas-5.3.18-150300.59.153.1 * dtb-marvell-5.3.18-150300.59.153.1 * kernel-64kb-devel-5.3.18-150300.59.153.2 * dtb-xilinx-5.3.18-150300.59.153.1 * dtb-lg-5.3.18-150300.59.153.1 * dtb-al-5.3.18-150300.59.153.1 * dtb-freescale-5.3.18-150300.59.153.1 * dtb-amd-5.3.18-150300.59.153.1 * openSUSE Leap 15.3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Live Patching 15-SP3 (nosrc) * kernel-default-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-5.3.18-150300.59.153.2 * kernel-default-livepatch-5.3.18-150300.59.153.2 * kernel-default-debugsource-5.3.18-150300.59.153.2 * kernel-livepatch-5_3_18-150300_59_153-default-1-150300.7.3.2 * kernel-default-debuginfo-5.3.18-150300.59.153.2 * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * dlm-kmp-default-debuginfo-5.3.18-150300.59.153.2 * gfs2-kmp-default-debuginfo-5.3.18-150300.59.153.2 * kernel-default-debugsource-5.3.18-150300.59.153.2 * cluster-md-kmp-default-debuginfo-5.3.18-150300.59.153.2 * cluster-md-kmp-default-5.3.18-150300.59.153.2 * gfs2-kmp-default-5.3.18-150300.59.153.2 * kernel-default-debuginfo-5.3.18-150300.59.153.2 * ocfs2-kmp-default-debuginfo-5.3.18-150300.59.153.2 * dlm-kmp-default-5.3.18-150300.59.153.2 * ocfs2-kmp-default-5.3.18-150300.59.153.2 * SUSE Linux Enterprise High Availability Extension 15 SP3 (nosrc) * kernel-default-5.3.18-150300.59.153.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.153.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64) * kernel-64kb-debugsource-5.3.18-150300.59.153.2 * kernel-64kb-devel-5.3.18-150300.59.153.2 * kernel-64kb-debuginfo-5.3.18-150300.59.153.2 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.153.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.153.2 * kernel-default-5.3.18-150300.59.153.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * kernel-preempt-debuginfo-5.3.18-150300.59.153.2 * kernel-syms-5.3.18-150300.59.153.1 * kernel-obs-build-debugsource-5.3.18-150300.59.153.2 * kernel-preempt-devel-5.3.18-150300.59.153.2 * kernel-preempt-debugsource-5.3.18-150300.59.153.2 * kernel-default-devel-debuginfo-5.3.18-150300.59.153.2 * reiserfs-kmp-default-5.3.18-150300.59.153.2 * kernel-default-debugsource-5.3.18-150300.59.153.2 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.153.2 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.153.2 * kernel-default-devel-5.3.18-150300.59.153.2 * kernel-default-debuginfo-5.3.18-150300.59.153.2 * kernel-default-base-5.3.18-150300.59.153.2.150300.18.90.2 * kernel-obs-build-5.3.18-150300.59.153.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * kernel-source-5.3.18-150300.59.153.2 * kernel-macros-5.3.18-150300.59.153.2 * kernel-devel-5.3.18-150300.59.153.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64) * kernel-64kb-debugsource-5.3.18-150300.59.153.2 * kernel-64kb-devel-5.3.18-150300.59.153.2 * kernel-64kb-debuginfo-5.3.18-150300.59.153.2 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * kernel-syms-5.3.18-150300.59.153.1 * kernel-obs-build-debugsource-5.3.18-150300.59.153.2 * kernel-default-devel-debuginfo-5.3.18-150300.59.153.2 * reiserfs-kmp-default-5.3.18-150300.59.153.2 * kernel-default-debugsource-5.3.18-150300.59.153.2 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.153.2 * kernel-default-devel-5.3.18-150300.59.153.2 * kernel-default-debuginfo-5.3.18-150300.59.153.2 * kernel-default-base-5.3.18-150300.59.153.2.150300.18.90.2 * kernel-obs-build-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * kernel-source-5.3.18-150300.59.153.2 * kernel-macros-5.3.18-150300.59.153.2 * kernel-devel-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 x86_64) * kernel-preempt-debuginfo-5.3.18-150300.59.153.2 * kernel-preempt-devel-5.3.18-150300.59.153.2 * kernel-preempt-debugsource-5.3.18-150300.59.153.2 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (nosrc s390x) * kernel-zfcpdump-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (s390x) * kernel-zfcpdump-debugsource-5.3.18-150300.59.153.2 * kernel-zfcpdump-debuginfo-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc ppc64le x86_64) * kernel-default-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * kernel-syms-5.3.18-150300.59.153.1 * kernel-obs-build-debugsource-5.3.18-150300.59.153.2 * kernel-default-devel-debuginfo-5.3.18-150300.59.153.2 * reiserfs-kmp-default-5.3.18-150300.59.153.2 * kernel-default-debugsource-5.3.18-150300.59.153.2 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.153.2 * kernel-default-devel-5.3.18-150300.59.153.2 * kernel-default-debuginfo-5.3.18-150300.59.153.2 * kernel-default-base-5.3.18-150300.59.153.2.150300.18.90.2 * kernel-obs-build-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * kernel-source-5.3.18-150300.59.153.2 * kernel-macros-5.3.18-150300.59.153.2 * kernel-devel-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch nosrc) * kernel-docs-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (nosrc x86_64) * kernel-preempt-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * kernel-preempt-debuginfo-5.3.18-150300.59.153.2 * kernel-preempt-devel-5.3.18-150300.59.153.2 * kernel-preempt-debugsource-5.3.18-150300.59.153.2 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.153.2 * SUSE Enterprise Storage 7.1 (aarch64 nosrc) * kernel-64kb-5.3.18-150300.59.153.2 * SUSE Enterprise Storage 7.1 (aarch64) * kernel-64kb-debugsource-5.3.18-150300.59.153.2 * kernel-64kb-devel-5.3.18-150300.59.153.2 * kernel-64kb-debuginfo-5.3.18-150300.59.153.2 * kernel-64kb-devel-debuginfo-5.3.18-150300.59.153.2 * SUSE Enterprise Storage 7.1 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150300.59.153.2 * kernel-default-5.3.18-150300.59.153.2 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * kernel-preempt-debuginfo-5.3.18-150300.59.153.2 * kernel-syms-5.3.18-150300.59.153.1 * kernel-obs-build-debugsource-5.3.18-150300.59.153.2 * kernel-preempt-devel-5.3.18-150300.59.153.2 * kernel-preempt-debugsource-5.3.18-150300.59.153.2 * kernel-default-devel-debuginfo-5.3.18-150300.59.153.2 * reiserfs-kmp-default-5.3.18-150300.59.153.2 * kernel-default-debugsource-5.3.18-150300.59.153.2 * kernel-preempt-devel-debuginfo-5.3.18-150300.59.153.2 * reiserfs-kmp-default-debuginfo-5.3.18-150300.59.153.2 * kernel-default-devel-5.3.18-150300.59.153.2 * kernel-default-debuginfo-5.3.18-150300.59.153.2 * kernel-default-base-5.3.18-150300.59.153.2.150300.18.90.2 * kernel-obs-build-5.3.18-150300.59.153.2 * SUSE Enterprise Storage 7.1 (noarch) * kernel-source-5.3.18-150300.59.153.2 * kernel-macros-5.3.18-150300.59.153.2 * kernel-devel-5.3.18-150300.59.153.2 * SUSE Enterprise Storage 7.1 (noarch nosrc) * kernel-docs-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Micro 5.1 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * kernel-default-base-5.3.18-150300.59.153.2.150300.18.90.2 * kernel-default-debuginfo-5.3.18-150300.59.153.2 * kernel-default-debugsource-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Micro 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.153.2.150300.18.90.2 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.153.2 * kernel-default-debugsource-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 nosrc s390x x86_64) * kernel-default-5.3.18-150300.59.153.2 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64) * kernel-default-base-5.3.18-150300.59.153.2.150300.18.90.2 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.3.18-150300.59.153.2 * kernel-default-debugsource-5.3.18-150300.59.153.2 ## References: * https://www.suse.com/security/cve/CVE-2019-25162.html * https://www.suse.com/security/cve/CVE-2020-36777.html * https://www.suse.com/security/cve/CVE-2020-36784.html * https://www.suse.com/security/cve/CVE-2021-46904.html * https://www.suse.com/security/cve/CVE-2021-46905.html * https://www.suse.com/security/cve/CVE-2021-46906.html * https://www.suse.com/security/cve/CVE-2021-46915.html * https://www.suse.com/security/cve/CVE-2021-46924.html * https://www.suse.com/security/cve/CVE-2021-46929.html * https://www.suse.com/security/cve/CVE-2021-46932.html * https://www.suse.com/security/cve/CVE-2021-46934.html * https://www.suse.com/security/cve/CVE-2021-46953.html * https://www.suse.com/security/cve/CVE-2021-46964.html * https://www.suse.com/security/cve/CVE-2021-46966.html * https://www.suse.com/security/cve/CVE-2021-46968.html * https://www.suse.com/security/cve/CVE-2021-46974.html * https://www.suse.com/security/cve/CVE-2021-46989.html * https://www.suse.com/security/cve/CVE-2021-47005.html * https://www.suse.com/security/cve/CVE-2021-47012.html * https://www.suse.com/security/cve/CVE-2021-47013.html * https://www.suse.com/security/cve/CVE-2021-47054.html * https://www.suse.com/security/cve/CVE-2021-47060.html * https://www.suse.com/security/cve/CVE-2021-47061.html * https://www.suse.com/security/cve/CVE-2021-47069.html * https://www.suse.com/security/cve/CVE-2021-47076.html * https://www.suse.com/security/cve/CVE-2021-47078.html * https://www.suse.com/security/cve/CVE-2021-47083.html * https://www.suse.com/security/cve/CVE-2022-20154.html * https://www.suse.com/security/cve/CVE-2022-48627.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-35827.html * https://www.suse.com/security/cve/CVE-2023-46343.html * https://www.suse.com/security/cve/CVE-2023-51042.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52429.html * https://www.suse.com/security/cve/CVE-2023-52439.html * https://www.suse.com/security/cve/CVE-2023-52443.html * https://www.suse.com/security/cve/CVE-2023-52445.html * https://www.suse.com/security/cve/CVE-2023-52448.html * https://www.suse.com/security/cve/CVE-2023-52449.html * https://www.suse.com/security/cve/CVE-2023-52451.html * https://www.suse.com/security/cve/CVE-2023-52463.html * https://www.suse.com/security/cve/CVE-2023-52475.html * https://www.suse.com/security/cve/CVE-2023-52478.html * https://www.suse.com/security/cve/CVE-2023-52482.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52530.html * https://www.suse.com/security/cve/CVE-2023-52531.html * https://www.suse.com/security/cve/CVE-2023-52532.html * https://www.suse.com/security/cve/CVE-2023-52569.html * https://www.suse.com/security/cve/CVE-2023-52574.html * https://www.suse.com/security/cve/CVE-2023-52597.html * https://www.suse.com/security/cve/CVE-2023-52605.html * https://www.suse.com/security/cve/CVE-2023-6817.html * https://www.suse.com/security/cve/CVE-2024-0340.html * https://www.suse.com/security/cve/CVE-2024-0607.html * https://www.suse.com/security/cve/CVE-2024-1151.html * https://www.suse.com/security/cve/CVE-2024-23849.html * https://www.suse.com/security/cve/CVE-2024-23851.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26586.html * https://www.suse.com/security/cve/CVE-2024-26589.html * https://www.suse.com/security/cve/CVE-2024-26593.html * https://www.suse.com/security/cve/CVE-2024-26595.html * https://www.suse.com/security/cve/CVE-2024-26602.html * https://www.suse.com/security/cve/CVE-2024-26607.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1200599 * https://bugzilla.suse.com/show_bug.cgi?id=1207653 * https://bugzilla.suse.com/show_bug.cgi?id=1212514 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1216223 * https://bugzilla.suse.com/show_bug.cgi?id=1218195 * https://bugzilla.suse.com/show_bug.cgi?id=1218689 * https://bugzilla.suse.com/show_bug.cgi?id=1218915 * https://bugzilla.suse.com/show_bug.cgi?id=1219127 * https://bugzilla.suse.com/show_bug.cgi?id=1219128 * https://bugzilla.suse.com/show_bug.cgi?id=1219146 * https://bugzilla.suse.com/show_bug.cgi?id=1219295 * https://bugzilla.suse.com/show_bug.cgi?id=1219653 * https://bugzilla.suse.com/show_bug.cgi?id=1219827 * https://bugzilla.suse.com/show_bug.cgi?id=1219835 * https://bugzilla.suse.com/show_bug.cgi?id=1219915 * https://bugzilla.suse.com/show_bug.cgi?id=1220009 * https://bugzilla.suse.com/show_bug.cgi?id=1220140 * https://bugzilla.suse.com/show_bug.cgi?id=1220187 * https://bugzilla.suse.com/show_bug.cgi?id=1220238 * https://bugzilla.suse.com/show_bug.cgi?id=1220240 * https://bugzilla.suse.com/show_bug.cgi?id=1220241 * https://bugzilla.suse.com/show_bug.cgi?id=1220243 * https://bugzilla.suse.com/show_bug.cgi?id=1220250 * https://bugzilla.suse.com/show_bug.cgi?id=1220253 * https://bugzilla.suse.com/show_bug.cgi?id=1220255 * https://bugzilla.suse.com/show_bug.cgi?id=1220328 * https://bugzilla.suse.com/show_bug.cgi?id=1220330 * https://bugzilla.suse.com/show_bug.cgi?id=1220344 * https://bugzilla.suse.com/show_bug.cgi?id=1220398 * https://bugzilla.suse.com/show_bug.cgi?id=1220409 * https://bugzilla.suse.com/show_bug.cgi?id=1220416 * https://bugzilla.suse.com/show_bug.cgi?id=1220418 * https://bugzilla.suse.com/show_bug.cgi?id=1220421 * https://bugzilla.suse.com/show_bug.cgi?id=1220436 * https://bugzilla.suse.com/show_bug.cgi?id=1220444 * https://bugzilla.suse.com/show_bug.cgi?id=1220459 * https://bugzilla.suse.com/show_bug.cgi?id=1220469 * https://bugzilla.suse.com/show_bug.cgi?id=1220482 * https://bugzilla.suse.com/show_bug.cgi?id=1220526 * https://bugzilla.suse.com/show_bug.cgi?id=1220538 * https://bugzilla.suse.com/show_bug.cgi?id=1220570 * https://bugzilla.suse.com/show_bug.cgi?id=1220572 * https://bugzilla.suse.com/show_bug.cgi?id=1220599 * https://bugzilla.suse.com/show_bug.cgi?id=1220627 * https://bugzilla.suse.com/show_bug.cgi?id=1220641 * https://bugzilla.suse.com/show_bug.cgi?id=1220649 * https://bugzilla.suse.com/show_bug.cgi?id=1220660 * https://bugzilla.suse.com/show_bug.cgi?id=1220689 * https://bugzilla.suse.com/show_bug.cgi?id=1220700 * https://bugzilla.suse.com/show_bug.cgi?id=1220735 * https://bugzilla.suse.com/show_bug.cgi?id=1220736 * https://bugzilla.suse.com/show_bug.cgi?id=1220737 * https://bugzilla.suse.com/show_bug.cgi?id=1220742 * https://bugzilla.suse.com/show_bug.cgi?id=1220745 * https://bugzilla.suse.com/show_bug.cgi?id=1220767 * https://bugzilla.suse.com/show_bug.cgi?id=1220796 * https://bugzilla.suse.com/show_bug.cgi?id=1220825 * https://bugzilla.suse.com/show_bug.cgi?id=1220826 * https://bugzilla.suse.com/show_bug.cgi?id=1220831 * https://bugzilla.suse.com/show_bug.cgi?id=1220845 * https://bugzilla.suse.com/show_bug.cgi?id=1220860 * https://bugzilla.suse.com/show_bug.cgi?id=1220863 * https://bugzilla.suse.com/show_bug.cgi?id=1220870 * https://bugzilla.suse.com/show_bug.cgi?id=1220917 * https://bugzilla.suse.com/show_bug.cgi?id=1220918 * https://bugzilla.suse.com/show_bug.cgi?id=1220930 * https://bugzilla.suse.com/show_bug.cgi?id=1220931 * https://bugzilla.suse.com/show_bug.cgi?id=1220932 * https://bugzilla.suse.com/show_bug.cgi?id=1221039 * https://bugzilla.suse.com/show_bug.cgi?id=1221040 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 08:30:48 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 08:30:48 -0000 Subject: SUSE-SU-2024:0856-1: important: Security update for the Linux Kernel Message-ID: <171031864845.24355.17826397681952083558@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:0856-1 Rating: important References: * bsc#1155518 * bsc#1184436 * bsc#1185988 * bsc#1186286 * bsc#1200599 * bsc#1207653 * bsc#1212514 * bsc#1213456 * bsc#1216223 * bsc#1218195 * bsc#1218689 * bsc#1218915 * bsc#1219127 * bsc#1219128 * bsc#1219146 * bsc#1219295 * bsc#1219653 * bsc#1219827 * bsc#1219835 * bsc#1219915 * bsc#1220009 * bsc#1220140 * bsc#1220187 * bsc#1220238 * bsc#1220240 * bsc#1220241 * bsc#1220243 * bsc#1220250 * bsc#1220253 * bsc#1220255 * bsc#1220328 * bsc#1220330 * bsc#1220344 * bsc#1220398 * bsc#1220409 * bsc#1220416 * bsc#1220418 * bsc#1220421 * bsc#1220436 * bsc#1220444 * bsc#1220459 * bsc#1220469 * bsc#1220482 * bsc#1220526 * bsc#1220538 * bsc#1220570 * bsc#1220572 * bsc#1220599 * bsc#1220627 * bsc#1220641 * bsc#1220649 * bsc#1220660 * bsc#1220700 * bsc#1220735 * bsc#1220736 * bsc#1220737 * bsc#1220742 * bsc#1220745 * bsc#1220767 * bsc#1220796 * bsc#1220825 * bsc#1220826 * bsc#1220831 * bsc#1220845 * bsc#1220860 * bsc#1220863 * bsc#1220870 * bsc#1220917 * bsc#1220918 * bsc#1220930 * bsc#1220931 * bsc#1220932 * bsc#1221039 * bsc#1221040 Cross-References: * CVE-2019-25162 * CVE-2020-36777 * CVE-2020-36784 * CVE-2021-46904 * CVE-2021-46905 * CVE-2021-46906 * CVE-2021-46915 * CVE-2021-46924 * CVE-2021-46929 * CVE-2021-46932 * CVE-2021-46934 * CVE-2021-46953 * CVE-2021-46964 * CVE-2021-46966 * CVE-2021-46968 * CVE-2021-46974 * CVE-2021-46989 * CVE-2021-47005 * CVE-2021-47012 * CVE-2021-47013 * CVE-2021-47054 * CVE-2021-47060 * CVE-2021-47061 * CVE-2021-47069 * CVE-2021-47076 * CVE-2021-47078 * CVE-2021-47083 * CVE-2022-20154 * CVE-2022-48627 * CVE-2023-28746 * CVE-2023-35827 * CVE-2023-46343 * CVE-2023-51042 * CVE-2023-52340 * CVE-2023-52429 * CVE-2023-52439 * CVE-2023-52443 * CVE-2023-52445 * CVE-2023-52448 * CVE-2023-52449 * CVE-2023-52451 * CVE-2023-52463 * CVE-2023-52475 * CVE-2023-52478 * CVE-2023-52482 * CVE-2023-52502 * CVE-2023-52530 * CVE-2023-52531 * CVE-2023-52532 * CVE-2023-52569 * CVE-2023-52574 * CVE-2023-52597 * CVE-2023-52605 * CVE-2023-6817 * CVE-2024-0340 * CVE-2024-0607 * CVE-2024-1151 * CVE-2024-23849 * CVE-2024-23851 * CVE-2024-26585 * CVE-2024-26586 * CVE-2024-26589 * CVE-2024-26593 * CVE-2024-26595 * CVE-2024-26602 * CVE-2024-26607 * CVE-2024-26622 CVSS scores: * CVE-2019-25162 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2020-36777 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2020-36784 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46905 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46924 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46932 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46934 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46953 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46968 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46974 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2021-47005 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47012 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47060 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47069 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47076 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47078 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47083 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2022-20154 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-20154 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48627 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-46343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46343 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-51042 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-51042 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52439 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52443 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52445 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52448 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52451 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52463 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52475 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52478 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52482 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52530 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52531 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52569 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6817 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6817 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0340 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-0340 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-0607 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-0607 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-1151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-23849 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26586 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26589 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26593 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26607 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves 67 vulnerabilities and has seven security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47078: Fixed a bug by clearing all QP fields if creation failed (bsc#1220863) * CVE-2021-47076: Fixed a bug by returning CQE error if invalid lkey was supplied (bsc#1220860) * CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039) * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831). * CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to insert delayed dir index item (bsc#1220918). * CVE-2023-52482: Fixed a bug by adding SRSO mitigation for Hygon processors (bsc#1220735). * CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040). * CVE-2022-48627: Fixed a memory overlapping when deleting chars in the buffer (bsc#1220845). * CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870). * CVE-2021-46934: Fixed a bug by validating user data in compat ioctl (bsc#1220469). * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). * CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932). * CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930). * CVE-2023-52531: Fixed a memory corruption issue in iwlwifi (bsc#1220931). * CVE-2021-47083: Fixed a global-out-of-bounds issue in mediatek: (bsc#1220917). * CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736). * CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255). * CVE-2021-47005: Fixed a NULL pointer dereference for ->get_features() (bsc#1220660). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295). * CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915). * CVE-2021-47060: Fixed a bug in KVM by stop looking for coalesced MMIO zones if the bus is destroyed (bsc#1220742). * CVE-2023-6817: Fixed use-after-free in nft_pipapo_walk (bsc#1218195). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825). * CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250). * CVE-2021-46932: Fixed missing work initialization before device registration (bsc#1220444) * CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328). * CVE-2021-47012: Fixed a use after free in siw_alloc_mr (bsc#1220627). * CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238). * CVE-2023-52475: Fixed use-after-free in powermate_config_complete (bsc#1220649) * CVE-2023-52478: Fixed kernel crash on receiver USB disconnect (bsc#1220796) * CVE-2021-46989: Fixed a bug by preventing corruption in shrinking truncate in hfsplus (bsc#1220737). * CVE-2021-46915: Fixed a bug to avoid possible divide error in nft_limit_init (bsc#1220436). * CVE-2021-46924: Fixed fix memory leak in device probe and remove (bsc#1220459) * CVE-2019-25162: Fixed a potential use after free (bsc#1220409). * CVE-2020-36784: Fixed reference leak when pm_runtime_get_sync fails (bsc#1220570). * CVE-2021-47061: Fixed a bug in KVM by destroy I/O bus devices on unregister failure _after_ sync'ing SRCU (bsc#1220745). * CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241). * CVE-2023-46343: Fixed a NULL pointer dereference in send_acknowledge() (CVE-2023-46343). * CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140). * CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240). * CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398). * CVE-2024-26593: Fixed block process call transactions (bsc#1220009). * CVE-2021-47013: Fixed a use after free in emac_mac_tx_buf_send (bsc#1220641). * CVE-2024-26586: Fixed stack corruption (bsc#1220243). * CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344). * CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2_rgrp_dump (bsc#1220253). * CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835). * CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127). * CVE-2024-0340: Fixed information disclosure in vhost/vhost.c:vhost_new_msg() (bsc#1218689). * CVE-2023-51042: Fixed use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (bsc#1219128). The following non-security bugs were fixed: * EDAC/thunderx: Fix possible out-of-bounds string access (bsc#1220330) * ext4: fix deadlock due to mbcache entry corruption (bsc#1207653 bsc#1219915). * ibmvfc: make 'max_sectors' a module option (bsc#1216223). * KVM: Destroy target device if coalesced MMIO unregistration fails (git- fixes). * KVM: mmio: Fix use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio (git-fixes). * KVM: VMX: Move VERW closer to VMentry for MDS mitigation (git-fixes). * KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (git- fixes). * KVM: x86: add support for CPUID leaf 0x80000021 (git-fixes). * KVM: x86: Move open-coded CPUID leaf 0x80000021 EAX bit propagation code (git-fixes). * KVM: x86: synthesize CPUID leaf 0x80000021h if useful (git-fixes). * KVM: x86: work around QEMU issue with synthetic CPUID leaves (git-fixes). * mbcache: Fixup kABI of mb_cache_entry (bsc#1207653 bsc#1219915). * scsi: Update max_hw_sectors on rescan (bsc#1216223). * x86/asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix (git-fixes). * x86/bugs: Add asm helpers for executing VERW (git-fixes). * x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (git- fixes). * x86/cpu, kvm: Move X86_FEATURE_LFENCE_RDTSC to its native leaf (git-fixes). * x86/entry_32: Add VERW just before userspace transition (git-fixes). * x86/entry_64: Add VERW just before userspace transition (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-856=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-856=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-856=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (nosrc x86_64) * kernel-rt-5.3.18-150300.161.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * kernel-rt-debugsource-5.3.18-150300.161.1 * kernel-rt-debuginfo-5.3.18-150300.161.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * kernel-source-rt-5.3.18-150300.161.1 * SUSE Linux Enterprise Micro 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.161.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * kernel-rt-debugsource-5.3.18-150300.161.1 * kernel-rt-debuginfo-5.3.18-150300.161.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * kernel-source-rt-5.3.18-150300.161.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (nosrc x86_64) * kernel-rt-5.3.18-150300.161.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * kernel-rt-debugsource-5.3.18-150300.161.1 * kernel-rt-debuginfo-5.3.18-150300.161.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * kernel-source-rt-5.3.18-150300.161.1 ## References: * https://www.suse.com/security/cve/CVE-2019-25162.html * https://www.suse.com/security/cve/CVE-2020-36777.html * https://www.suse.com/security/cve/CVE-2020-36784.html * https://www.suse.com/security/cve/CVE-2021-46904.html * https://www.suse.com/security/cve/CVE-2021-46905.html * https://www.suse.com/security/cve/CVE-2021-46906.html * https://www.suse.com/security/cve/CVE-2021-46915.html * https://www.suse.com/security/cve/CVE-2021-46924.html * https://www.suse.com/security/cve/CVE-2021-46929.html * https://www.suse.com/security/cve/CVE-2021-46932.html * https://www.suse.com/security/cve/CVE-2021-46934.html * https://www.suse.com/security/cve/CVE-2021-46953.html * https://www.suse.com/security/cve/CVE-2021-46964.html * https://www.suse.com/security/cve/CVE-2021-46966.html * https://www.suse.com/security/cve/CVE-2021-46968.html * https://www.suse.com/security/cve/CVE-2021-46974.html * https://www.suse.com/security/cve/CVE-2021-46989.html * https://www.suse.com/security/cve/CVE-2021-47005.html * https://www.suse.com/security/cve/CVE-2021-47012.html * https://www.suse.com/security/cve/CVE-2021-47013.html * https://www.suse.com/security/cve/CVE-2021-47054.html * https://www.suse.com/security/cve/CVE-2021-47060.html * https://www.suse.com/security/cve/CVE-2021-47061.html * https://www.suse.com/security/cve/CVE-2021-47069.html * https://www.suse.com/security/cve/CVE-2021-47076.html * https://www.suse.com/security/cve/CVE-2021-47078.html * https://www.suse.com/security/cve/CVE-2021-47083.html * https://www.suse.com/security/cve/CVE-2022-20154.html * https://www.suse.com/security/cve/CVE-2022-48627.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-35827.html * https://www.suse.com/security/cve/CVE-2023-46343.html * https://www.suse.com/security/cve/CVE-2023-51042.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52429.html * https://www.suse.com/security/cve/CVE-2023-52439.html * https://www.suse.com/security/cve/CVE-2023-52443.html * https://www.suse.com/security/cve/CVE-2023-52445.html * https://www.suse.com/security/cve/CVE-2023-52448.html * https://www.suse.com/security/cve/CVE-2023-52449.html * https://www.suse.com/security/cve/CVE-2023-52451.html * https://www.suse.com/security/cve/CVE-2023-52463.html * https://www.suse.com/security/cve/CVE-2023-52475.html * https://www.suse.com/security/cve/CVE-2023-52478.html * https://www.suse.com/security/cve/CVE-2023-52482.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52530.html * https://www.suse.com/security/cve/CVE-2023-52531.html * https://www.suse.com/security/cve/CVE-2023-52532.html * https://www.suse.com/security/cve/CVE-2023-52569.html * https://www.suse.com/security/cve/CVE-2023-52574.html * https://www.suse.com/security/cve/CVE-2023-52597.html * https://www.suse.com/security/cve/CVE-2023-52605.html * https://www.suse.com/security/cve/CVE-2023-6817.html * https://www.suse.com/security/cve/CVE-2024-0340.html * https://www.suse.com/security/cve/CVE-2024-0607.html * https://www.suse.com/security/cve/CVE-2024-1151.html * https://www.suse.com/security/cve/CVE-2024-23849.html * https://www.suse.com/security/cve/CVE-2024-23851.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26586.html * https://www.suse.com/security/cve/CVE-2024-26589.html * https://www.suse.com/security/cve/CVE-2024-26593.html * https://www.suse.com/security/cve/CVE-2024-26595.html * https://www.suse.com/security/cve/CVE-2024-26602.html * https://www.suse.com/security/cve/CVE-2024-26607.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1155518 * https://bugzilla.suse.com/show_bug.cgi?id=1184436 * https://bugzilla.suse.com/show_bug.cgi?id=1185988 * https://bugzilla.suse.com/show_bug.cgi?id=1186286 * https://bugzilla.suse.com/show_bug.cgi?id=1200599 * https://bugzilla.suse.com/show_bug.cgi?id=1207653 * https://bugzilla.suse.com/show_bug.cgi?id=1212514 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1216223 * https://bugzilla.suse.com/show_bug.cgi?id=1218195 * https://bugzilla.suse.com/show_bug.cgi?id=1218689 * https://bugzilla.suse.com/show_bug.cgi?id=1218915 * https://bugzilla.suse.com/show_bug.cgi?id=1219127 * https://bugzilla.suse.com/show_bug.cgi?id=1219128 * https://bugzilla.suse.com/show_bug.cgi?id=1219146 * https://bugzilla.suse.com/show_bug.cgi?id=1219295 * https://bugzilla.suse.com/show_bug.cgi?id=1219653 * https://bugzilla.suse.com/show_bug.cgi?id=1219827 * https://bugzilla.suse.com/show_bug.cgi?id=1219835 * https://bugzilla.suse.com/show_bug.cgi?id=1219915 * https://bugzilla.suse.com/show_bug.cgi?id=1220009 * https://bugzilla.suse.com/show_bug.cgi?id=1220140 * https://bugzilla.suse.com/show_bug.cgi?id=1220187 * https://bugzilla.suse.com/show_bug.cgi?id=1220238 * https://bugzilla.suse.com/show_bug.cgi?id=1220240 * https://bugzilla.suse.com/show_bug.cgi?id=1220241 * https://bugzilla.suse.com/show_bug.cgi?id=1220243 * https://bugzilla.suse.com/show_bug.cgi?id=1220250 * https://bugzilla.suse.com/show_bug.cgi?id=1220253 * https://bugzilla.suse.com/show_bug.cgi?id=1220255 * https://bugzilla.suse.com/show_bug.cgi?id=1220328 * https://bugzilla.suse.com/show_bug.cgi?id=1220330 * https://bugzilla.suse.com/show_bug.cgi?id=1220344 * https://bugzilla.suse.com/show_bug.cgi?id=1220398 * https://bugzilla.suse.com/show_bug.cgi?id=1220409 * https://bugzilla.suse.com/show_bug.cgi?id=1220416 * https://bugzilla.suse.com/show_bug.cgi?id=1220418 * https://bugzilla.suse.com/show_bug.cgi?id=1220421 * https://bugzilla.suse.com/show_bug.cgi?id=1220436 * https://bugzilla.suse.com/show_bug.cgi?id=1220444 * https://bugzilla.suse.com/show_bug.cgi?id=1220459 * https://bugzilla.suse.com/show_bug.cgi?id=1220469 * https://bugzilla.suse.com/show_bug.cgi?id=1220482 * https://bugzilla.suse.com/show_bug.cgi?id=1220526 * https://bugzilla.suse.com/show_bug.cgi?id=1220538 * https://bugzilla.suse.com/show_bug.cgi?id=1220570 * https://bugzilla.suse.com/show_bug.cgi?id=1220572 * https://bugzilla.suse.com/show_bug.cgi?id=1220599 * https://bugzilla.suse.com/show_bug.cgi?id=1220627 * https://bugzilla.suse.com/show_bug.cgi?id=1220641 * https://bugzilla.suse.com/show_bug.cgi?id=1220649 * https://bugzilla.suse.com/show_bug.cgi?id=1220660 * https://bugzilla.suse.com/show_bug.cgi?id=1220700 * https://bugzilla.suse.com/show_bug.cgi?id=1220735 * https://bugzilla.suse.com/show_bug.cgi?id=1220736 * https://bugzilla.suse.com/show_bug.cgi?id=1220737 * https://bugzilla.suse.com/show_bug.cgi?id=1220742 * https://bugzilla.suse.com/show_bug.cgi?id=1220745 * https://bugzilla.suse.com/show_bug.cgi?id=1220767 * https://bugzilla.suse.com/show_bug.cgi?id=1220796 * https://bugzilla.suse.com/show_bug.cgi?id=1220825 * https://bugzilla.suse.com/show_bug.cgi?id=1220826 * https://bugzilla.suse.com/show_bug.cgi?id=1220831 * https://bugzilla.suse.com/show_bug.cgi?id=1220845 * https://bugzilla.suse.com/show_bug.cgi?id=1220860 * https://bugzilla.suse.com/show_bug.cgi?id=1220863 * https://bugzilla.suse.com/show_bug.cgi?id=1220870 * https://bugzilla.suse.com/show_bug.cgi?id=1220917 * https://bugzilla.suse.com/show_bug.cgi?id=1220918 * https://bugzilla.suse.com/show_bug.cgi?id=1220930 * https://bugzilla.suse.com/show_bug.cgi?id=1220931 * https://bugzilla.suse.com/show_bug.cgi?id=1220932 * https://bugzilla.suse.com/show_bug.cgi?id=1221039 * https://bugzilla.suse.com/show_bug.cgi?id=1221040 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 12:30:01 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 12:30:01 -0000 Subject: SUSE-RU-2024:0869-1: important: Recommended update for cloud-netconfig Message-ID: <171033300167.15840.17745204111466998563@smelt2.prg2.suse.org> # Recommended update for cloud-netconfig Announcement ID: SUSE-RU-2024:0869-1 Rating: important References: * bsc#1221202 Affected Products: * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * Public Cloud Module 15-SP2 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.1 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.1 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for cloud-netconfig fixes the following issues: * Update to version 1.12 (bsc#1221202) * If token access succeeds using IPv4 do not use the IPv6 endpoint only use the IPv6 IMDS endpoint if IPv4 access fails. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-869=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-869=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-869=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-869=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-869=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-869=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-869=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-869=1 * Public Cloud Module 15-SP2 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2024-869=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2024-869=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-869=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-869=1 ## Package List: * openSUSE Leap Micro 5.3 (noarch) * cloud-netconfig-ec2-1.12-150000.25.20.1 * cloud-netconfig-gce-1.12-150000.25.20.1 * cloud-netconfig-azure-1.12-150000.25.20.1 * openSUSE Leap Micro 5.4 (noarch) * cloud-netconfig-ec2-1.12-150000.25.20.1 * cloud-netconfig-gce-1.12-150000.25.20.1 * cloud-netconfig-azure-1.12-150000.25.20.1 * openSUSE Leap 15.5 (noarch) * cloud-netconfig-gce-1.12-150000.25.20.1 * cloud-netconfig-ec2-1.12-150000.25.20.1 * cloud-netconfig-azure-1.12-150000.25.20.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * cloud-netconfig-ec2-1.12-150000.25.20.1 * cloud-netconfig-gce-1.12-150000.25.20.1 * cloud-netconfig-azure-1.12-150000.25.20.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * cloud-netconfig-ec2-1.12-150000.25.20.1 * cloud-netconfig-gce-1.12-150000.25.20.1 * cloud-netconfig-azure-1.12-150000.25.20.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * cloud-netconfig-ec2-1.12-150000.25.20.1 * cloud-netconfig-gce-1.12-150000.25.20.1 * cloud-netconfig-azure-1.12-150000.25.20.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * cloud-netconfig-ec2-1.12-150000.25.20.1 * cloud-netconfig-gce-1.12-150000.25.20.1 * cloud-netconfig-azure-1.12-150000.25.20.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * cloud-netconfig-ec2-1.12-150000.25.20.1 * cloud-netconfig-gce-1.12-150000.25.20.1 * cloud-netconfig-azure-1.12-150000.25.20.1 * Public Cloud Module 15-SP2 (noarch) * cloud-netconfig-ec2-1.12-150000.25.20.1 * cloud-netconfig-gce-1.12-150000.25.20.1 * cloud-netconfig-azure-1.12-150000.25.20.1 * Public Cloud Module 15-SP3 (noarch) * cloud-netconfig-ec2-1.12-150000.25.20.1 * cloud-netconfig-gce-1.12-150000.25.20.1 * cloud-netconfig-azure-1.12-150000.25.20.1 * Public Cloud Module 15-SP4 (noarch) * cloud-netconfig-ec2-1.12-150000.25.20.1 * cloud-netconfig-gce-1.12-150000.25.20.1 * cloud-netconfig-azure-1.12-150000.25.20.1 * Public Cloud Module 15-SP5 (noarch) * cloud-netconfig-ec2-1.12-150000.25.20.1 * cloud-netconfig-gce-1.12-150000.25.20.1 * cloud-netconfig-azure-1.12-150000.25.20.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1221202 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 12:30:03 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 12:30:03 -0000 Subject: SUSE-RU-2024:0868-1: moderate: Recommended update for lttng-tools Message-ID: <171033300346.15840.5761448226522912725@smelt2.prg2.suse.org> # Recommended update for lttng-tools Announcement ID: SUSE-RU-2024:0868-1 Rating: moderate References: * bsc#1218508 Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for lttng-tools fixes the following issues: * Fix UST communication when -EAGAIN is returned which leads to lttng-sessiond abort (bsc#1218508) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-868=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-868=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-868=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-868=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-868=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le x86_64 i586) * liblttng-ctl0-debuginfo-2.12.2-150300.3.3.1 * lttng-tools-debugsource-2.12.2-150300.3.3.1 * lttng-tools-debuginfo-2.12.2-150300.3.3.1 * lttng-tools-devel-2.12.2-150300.3.3.1 * liblttng-ctl0-2.12.2-150300.3.3.1 * lttng-tools-2.12.2-150300.3.3.1 * openSUSE Leap 15.5 (aarch64 ppc64le x86_64) * liblttng-ctl0-debuginfo-2.12.2-150300.3.3.1 * lttng-tools-debugsource-2.12.2-150300.3.3.1 * lttng-tools-debuginfo-2.12.2-150300.3.3.1 * lttng-tools-devel-2.12.2-150300.3.3.1 * liblttng-ctl0-2.12.2-150300.3.3.1 * lttng-tools-2.12.2-150300.3.3.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * liblttng-ctl0-debuginfo-2.12.2-150300.3.3.1 * lttng-tools-debugsource-2.12.2-150300.3.3.1 * lttng-tools-debuginfo-2.12.2-150300.3.3.1 * liblttng-ctl0-2.12.2-150300.3.3.1 * lttng-tools-2.12.2-150300.3.3.1 * Basesystem Module 15-SP5 (aarch64 ppc64le x86_64) * liblttng-ctl0-debuginfo-2.12.2-150300.3.3.1 * liblttng-ctl0-2.12.2-150300.3.3.1 * lttng-tools-debugsource-2.12.2-150300.3.3.1 * lttng-tools-debuginfo-2.12.2-150300.3.3.1 * Development Tools Module 15-SP5 (x86_64) * lttng-tools-debuginfo-2.12.2-150300.3.3.1 * lttng-tools-devel-2.12.2-150300.3.3.1 * lttng-tools-debugsource-2.12.2-150300.3.3.1 * lttng-tools-2.12.2-150300.3.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1218508 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 12:30:05 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 12:30:05 -0000 Subject: SUSE-RU-2024:0867-1: moderate: Recommended update for fence-agents Message-ID: <171033300587.15840.17419821643432302086@smelt2.prg2.suse.org> # Recommended update for fence-agents Announcement ID: SUSE-RU-2024:0867-1 Rating: moderate References: * bsc#1218718 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for fence-agents fixes the following issues: * Fix detecting problems accessing the fence device (bsc#1218718) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-867=1 openSUSE-SLE-15.5-2024-867=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-867=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * fence-agents-4.12.1+git.1677142927.bf55c675-150500.4.6.1 * fence-agents-debugsource-4.12.1+git.1677142927.bf55c675-150500.4.6.1 * fence-agents-debuginfo-4.12.1+git.1677142927.bf55c675-150500.4.6.1 * fence-agents-devel-4.12.1+git.1677142927.bf55c675-150500.4.6.1 * fence-agents-amt_ws-4.12.1+git.1677142927.bf55c675-150500.4.6.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * fence-agents-4.12.1+git.1677142927.bf55c675-150500.4.6.1 * fence-agents-devel-4.12.1+git.1677142927.bf55c675-150500.4.6.1 * fence-agents-debuginfo-4.12.1+git.1677142927.bf55c675-150500.4.6.1 * fence-agents-debugsource-4.12.1+git.1677142927.bf55c675-150500.4.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1218718 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 12:30:07 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 12:30:07 -0000 Subject: SUSE-RU-2024:0866-1: moderate: Recommended update for fence-agents Message-ID: <171033300722.15840.6120168757233002245@smelt2.prg2.suse.org> # Recommended update for fence-agents Announcement ID: SUSE-RU-2024:0866-1 Rating: moderate References: * bsc#1218718 Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that has one fix can now be installed. ## Description: This update for fence-agents fixes the following issues: * Fix detecting problems accessing the fence device (bsc#1218718) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2024-866=1 * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2024-866=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-866=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-866=1 ## Package List: * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * fence-agents-debugsource-4.9.0+git.1624456340.8d746be9-150300.3.17.1 * fence-agents-debuginfo-4.9.0+git.1624456340.8d746be9-150300.3.17.1 * fence-agents-4.9.0+git.1624456340.8d746be9-150300.3.17.1 * fence-agents-devel-4.9.0+git.1624456340.8d746be9-150300.3.17.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * fence-agents-debugsource-4.9.0+git.1624456340.8d746be9-150300.3.17.1 * fence-agents-debuginfo-4.9.0+git.1624456340.8d746be9-150300.3.17.1 * fence-agents-4.9.0+git.1624456340.8d746be9-150300.3.17.1 * fence-agents-devel-4.9.0+git.1624456340.8d746be9-150300.3.17.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * fence-agents-debuginfo-4.9.0+git.1624456340.8d746be9-150300.3.17.1 * fence-agents-amt_ws-4.9.0+git.1624456340.8d746be9-150300.3.17.1 * fence-agents-debugsource-4.9.0+git.1624456340.8d746be9-150300.3.17.1 * fence-agents-4.9.0+git.1624456340.8d746be9-150300.3.17.1 * fence-agents-devel-4.9.0+git.1624456340.8d746be9-150300.3.17.1 * SUSE Manager Server 4.3 Module 4.3 (aarch64 ppc64le s390x x86_64) * fence-agents-debugsource-4.9.0+git.1624456340.8d746be9-150300.3.17.1 * fence-agents-debuginfo-4.9.0+git.1624456340.8d746be9-150300.3.17.1 * fence-agents-4.9.0+git.1624456340.8d746be9-150300.3.17.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1218718 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 12:30:08 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 12:30:08 -0000 Subject: SUSE-RU-2024:0865-1: moderate: Recommended update for yast2 Message-ID: <171033300873.15840.3174129769505996923@smelt2.prg2.suse.org> # Recommended update for yast2 Announcement ID: SUSE-RU-2024:0865-1 Rating: moderate References: * bsc#1219920 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for yast2 fixes the following issue: * Allow host/domain names starting with an underscore (bsc#1219920) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-865=1 openSUSE-SLE-15.5-2024-865=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-865=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-865=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * yast2-logs-4.5.26-150500.3.3.2 * yast2-4.5.26-150500.3.3.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * yast2-logs-4.5.26-150500.3.3.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * yast2-logs-4.5.26-150500.3.3.2 * yast2-4.5.26-150500.3.3.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219920 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 12:30:12 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 12:30:12 -0000 Subject: SUSE-SU-2024:0864-1: important: Security update for fontforge Message-ID: <171033301206.15840.14101449410732893836@smelt2.prg2.suse.org> # Security update for fontforge Announcement ID: SUSE-SU-2024:0864-1 Rating: important References: * bsc#1220404 * bsc#1220405 Cross-References: * CVE-2024-25081 * CVE-2024-25082 CVSS scores: * CVE-2024-25081 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-25082 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for fontforge fixes the following issues: * CVE-2024-25081: Fixed command injection via crafted filenames (bsc#1220404). * CVE-2024-25082: Fixed command injection via crafted archives or compressed files (bsc#1220405). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-864=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-864=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-864=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-864=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-864=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-864=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-864=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-864=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-864=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-864=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-864=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-864=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-864=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-864=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * fontforge-devel-20200314-150200.3.6.1 * fontforge-debuginfo-20200314-150200.3.6.1 * fontforge-debugsource-20200314-150200.3.6.1 * fontforge-20200314-150200.3.6.1 * openSUSE Leap 15.5 (noarch) * fontforge-doc-20200314-150200.3.6.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * fontforge-debuginfo-20200314-150200.3.6.1 * fontforge-debugsource-20200314-150200.3.6.1 * fontforge-20200314-150200.3.6.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * fontforge-debuginfo-20200314-150200.3.6.1 * fontforge-debugsource-20200314-150200.3.6.1 * fontforge-20200314-150200.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * fontforge-debuginfo-20200314-150200.3.6.1 * fontforge-debugsource-20200314-150200.3.6.1 * fontforge-20200314-150200.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * fontforge-debuginfo-20200314-150200.3.6.1 * fontforge-debugsource-20200314-150200.3.6.1 * fontforge-20200314-150200.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * fontforge-debuginfo-20200314-150200.3.6.1 * fontforge-debugsource-20200314-150200.3.6.1 * fontforge-20200314-150200.3.6.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * fontforge-debuginfo-20200314-150200.3.6.1 * fontforge-debugsource-20200314-150200.3.6.1 * fontforge-20200314-150200.3.6.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * fontforge-debuginfo-20200314-150200.3.6.1 * fontforge-debugsource-20200314-150200.3.6.1 * fontforge-20200314-150200.3.6.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * fontforge-debuginfo-20200314-150200.3.6.1 * fontforge-debugsource-20200314-150200.3.6.1 * fontforge-20200314-150200.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * fontforge-debuginfo-20200314-150200.3.6.1 * fontforge-debugsource-20200314-150200.3.6.1 * fontforge-20200314-150200.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * fontforge-debuginfo-20200314-150200.3.6.1 * fontforge-debugsource-20200314-150200.3.6.1 * fontforge-20200314-150200.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * fontforge-debuginfo-20200314-150200.3.6.1 * fontforge-debugsource-20200314-150200.3.6.1 * fontforge-20200314-150200.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * fontforge-debuginfo-20200314-150200.3.6.1 * fontforge-debugsource-20200314-150200.3.6.1 * fontforge-20200314-150200.3.6.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * fontforge-debuginfo-20200314-150200.3.6.1 * fontforge-debugsource-20200314-150200.3.6.1 * fontforge-20200314-150200.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-25081.html * https://www.suse.com/security/cve/CVE-2024-25082.html * https://bugzilla.suse.com/show_bug.cgi?id=1220404 * https://bugzilla.suse.com/show_bug.cgi?id=1220405 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 12:30:15 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 12:30:15 -0000 Subject: SUSE-SU-2024:0863-1: important: Security update for fontforge Message-ID: <171033301506.15840.4582050842155651114@smelt2.prg2.suse.org> # Security update for fontforge Announcement ID: SUSE-SU-2024:0863-1 Rating: important References: * bsc#1220404 * bsc#1220405 Cross-References: * CVE-2024-25081 * CVE-2024-25082 CVSS scores: * CVE-2024-25081 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-25082 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for fontforge fixes the following issues: * CVE-2024-25081: Fixed command injection via crafted filenames (bsc#1220404). * CVE-2024-25082: Fixed command injection via crafted archives or compressed files (bsc#1220405). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-863=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * fontforge-20170731-11.17.1 * fontforge-debugsource-20170731-11.17.1 * fontforge-debuginfo-20170731-11.17.1 ## References: * https://www.suse.com/security/cve/CVE-2024-25081.html * https://www.suse.com/security/cve/CVE-2024-25082.html * https://bugzilla.suse.com/show_bug.cgi?id=1220404 * https://bugzilla.suse.com/show_bug.cgi?id=1220405 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 12:30:17 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 12:30:17 -0000 Subject: SUSE-SU-2024:0862-1: moderate: Security update for zabbix Message-ID: <171033301736.15840.16114999260960689402@smelt2.prg2.suse.org> # Security update for zabbix Announcement ID: SUSE-SU-2024:0862-1 Rating: moderate References: * bsc#1219775 Cross-References: * CVE-2024-22119 CVSS scores: * CVE-2024-22119 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N * CVE-2024-22119 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for zabbix fixes the following issues: * CVE-2024-22119: Fixed ability to run XSS in graph item names (bsc#1219775). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-862=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-862=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-862=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * zabbix-agent-debuginfo-4.0.12-4.27.1 * zabbix-debugsource-4.0.12-4.27.1 * zabbix-agent-4.0.12-4.27.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * zabbix-agent-debuginfo-4.0.12-4.27.1 * zabbix-debugsource-4.0.12-4.27.1 * zabbix-agent-4.0.12-4.27.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * zabbix-agent-debuginfo-4.0.12-4.27.1 * zabbix-debugsource-4.0.12-4.27.1 * zabbix-agent-4.0.12-4.27.1 ## References: * https://www.suse.com/security/cve/CVE-2024-22119.html * https://bugzilla.suse.com/show_bug.cgi?id=1219775 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 12:30:19 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 12:30:19 -0000 Subject: SUSE-RU-2024:0861-1: moderate: Recommended update for aaa_base Message-ID: <171033301928.15840.15609947514031724239@smelt2.prg2.suse.org> # Recommended update for aaa_base Announcement ID: SUSE-RU-2024:0861-1 Rating: moderate References: * bsc#1218232 Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for aaa_base fixes the following issues: * Silence the output in the case of broken symlinks (bsc#1218232) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-861=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-861=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-861=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-861=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-861=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-861=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-861=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-861=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-861=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-861=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-861=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-861=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-861=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * aaa_base-extras-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debuginfo-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-wsl-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-malloccheck-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debugsource-84.87+git20180409.04c9dae-150300.10.12.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * aaa_base-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debuginfo-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debugsource-84.87+git20180409.04c9dae-150300.10.12.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * aaa_base-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debuginfo-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debugsource-84.87+git20180409.04c9dae-150300.10.12.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * aaa_base-extras-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debuginfo-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-wsl-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-malloccheck-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debugsource-84.87+git20180409.04c9dae-150300.10.12.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * aaa_base-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debuginfo-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debugsource-84.87+git20180409.04c9dae-150300.10.12.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * aaa_base-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debuginfo-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debugsource-84.87+git20180409.04c9dae-150300.10.12.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * aaa_base-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debuginfo-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debugsource-84.87+git20180409.04c9dae-150300.10.12.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * aaa_base-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debuginfo-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debugsource-84.87+git20180409.04c9dae-150300.10.12.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * aaa_base-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debuginfo-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debugsource-84.87+git20180409.04c9dae-150300.10.12.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * aaa_base-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debuginfo-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-extras-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debugsource-84.87+git20180409.04c9dae-150300.10.12.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * aaa_base-debuginfo-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-malloccheck-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debugsource-84.87+git20180409.04c9dae-150300.10.12.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * aaa_base-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debuginfo-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debugsource-84.87+git20180409.04c9dae-150300.10.12.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * aaa_base-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debuginfo-84.87+git20180409.04c9dae-150300.10.12.1 * aaa_base-debugsource-84.87+git20180409.04c9dae-150300.10.12.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1218232 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 16:30:03 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 16:30:03 -0000 Subject: SUSE-SU-2024:0877-1: important: Security update for sudo Message-ID: <171034740384.8191.2043613168106608816@smelt2.prg2.suse.org> # Security update for sudo Announcement ID: SUSE-SU-2024:0877-1 Rating: important References: * bsc#1221134 * bsc#1221151 Cross-References: * CVE-2023-42465 CVSS scores: * CVE-2023-42465 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42465 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for sudo fixes the following issues: * CVE-2023-42465: Fixed issues introduced by first patches (bsc#1221151, bsc#1221134). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-877=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-877=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-877=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-877=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-877=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-877=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-877=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-877=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-877=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-877=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-877=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-877=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-877=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-877=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-877=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * sudo-plugin-python-debuginfo-1.9.9-150400.4.36.1 * sudo-plugin-python-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-test-1.9.9-150400.4.36.1 * sudo-1.9.9-150400.4.36.1 * sudo-devel-1.9.9-150400.4.36.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * sudo-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * sudo-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * sudo-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * sudo-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * sudo-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * sudo-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * sudo-plugin-python-debuginfo-1.9.9-150400.4.36.1 * sudo-plugin-python-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-1.9.9-150400.4.36.1 * sudo-devel-1.9.9-150400.4.36.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * sudo-plugin-python-debuginfo-1.9.9-150400.4.36.1 * sudo-plugin-python-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-1.9.9-150400.4.36.1 * sudo-devel-1.9.9-150400.4.36.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * sudo-plugin-python-debuginfo-1.9.9-150400.4.36.1 * sudo-plugin-python-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-1.9.9-150400.4.36.1 * sudo-devel-1.9.9-150400.4.36.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * sudo-plugin-python-debuginfo-1.9.9-150400.4.36.1 * sudo-plugin-python-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-1.9.9-150400.4.36.1 * sudo-devel-1.9.9-150400.4.36.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * sudo-plugin-python-debuginfo-1.9.9-150400.4.36.1 * sudo-plugin-python-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-1.9.9-150400.4.36.1 * sudo-devel-1.9.9-150400.4.36.1 * SUSE Manager Proxy 4.3 (x86_64) * sudo-plugin-python-debuginfo-1.9.9-150400.4.36.1 * sudo-plugin-python-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-1.9.9-150400.4.36.1 * sudo-devel-1.9.9-150400.4.36.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * sudo-plugin-python-debuginfo-1.9.9-150400.4.36.1 * sudo-plugin-python-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-1.9.9-150400.4.36.1 * sudo-devel-1.9.9-150400.4.36.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * sudo-plugin-python-debuginfo-1.9.9-150400.4.36.1 * sudo-plugin-python-1.9.9-150400.4.36.1 * sudo-debugsource-1.9.9-150400.4.36.1 * sudo-debuginfo-1.9.9-150400.4.36.1 * sudo-1.9.9-150400.4.36.1 * sudo-devel-1.9.9-150400.4.36.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42465.html * https://bugzilla.suse.com/show_bug.cgi?id=1221134 * https://bugzilla.suse.com/show_bug.cgi?id=1221151 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 16:30:06 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 16:30:06 -0000 Subject: SUSE-SU-2024:0876-1: important: Security update for sudo Message-ID: <171034740624.8191.11151429579239594894@smelt2.prg2.suse.org> # Security update for sudo Announcement ID: SUSE-SU-2024:0876-1 Rating: important References: * bsc#1221134 * bsc#1221151 Cross-References: * CVE-2023-42465 CVSS scores: * CVE-2023-42465 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42465 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for sudo fixes the following issues: * CVE-2023-42465: Fixed issues introduced by first patches (bsc#1221151, bsc#1221134). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-876=1 openSUSE-SLE-15.5-2024-876=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-876=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-876=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * sudo-devel-1.9.12p1-150500.7.10.1 * sudo-test-1.9.12p1-150500.7.10.1 * sudo-plugin-python-1.9.12p1-150500.7.10.1 * sudo-plugin-python-debuginfo-1.9.12p1-150500.7.10.1 * sudo-debuginfo-1.9.12p1-150500.7.10.1 * sudo-debugsource-1.9.12p1-150500.7.10.1 * sudo-1.9.12p1-150500.7.10.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * sudo-debuginfo-1.9.12p1-150500.7.10.1 * sudo-debugsource-1.9.12p1-150500.7.10.1 * sudo-1.9.12p1-150500.7.10.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * sudo-devel-1.9.12p1-150500.7.10.1 * sudo-plugin-python-1.9.12p1-150500.7.10.1 * sudo-plugin-python-debuginfo-1.9.12p1-150500.7.10.1 * sudo-debuginfo-1.9.12p1-150500.7.10.1 * sudo-debugsource-1.9.12p1-150500.7.10.1 * sudo-1.9.12p1-150500.7.10.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42465.html * https://bugzilla.suse.com/show_bug.cgi?id=1221134 * https://bugzilla.suse.com/show_bug.cgi?id=1221151 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 16:30:08 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 16:30:08 -0000 Subject: SUSE-SU-2024:0875-1: important: Security update for python-Django Message-ID: <171034740828.8191.2454388366722921712@smelt2.prg2.suse.org> # Security update for python-Django Announcement ID: SUSE-SU-2024:0875-1 Rating: important References: * bsc#1219683 * bsc#1220358 Cross-References: * CVE-2024-24680 * CVE-2024-27351 CVSS scores: * CVE-2024-24680 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24680 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27351 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * HPE Helion OpenStack 8 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise Server 12 SP3 * SUSE OpenStack Cloud 8 * SUSE OpenStack Cloud Crowbar 8 An update that solves two vulnerabilities can now be installed. ## Description: This update for python-Django fixes the following issues: * CVE-2024-24680: Fixed a denial-of-service in intcomma template filter (bsc#1219683). * CVE-2024-27351: Fixed potential regular expression denial-of-service in `django.utils.text.Truncator.words()` (bsc#1220358). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * HPE Helion OpenStack 8 zypper in -t patch HPE-Helion-OpenStack-8-2024-875=1 * SUSE OpenStack Cloud 8 zypper in -t patch SUSE-OpenStack-Cloud-8-2024-875=1 * SUSE OpenStack Cloud Crowbar 8 zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2024-875=1 ## Package List: * HPE Helion OpenStack 8 (noarch) * python-Django-1.11.29-3.59.3 * venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.54.4 * SUSE OpenStack Cloud 8 (noarch) * venv-openstack-horizon-x86_64-12.0.5~dev6-14.54.5 * python-Django-1.11.29-3.59.3 * SUSE OpenStack Cloud Crowbar 8 (noarch) * python-Django-1.11.29-3.59.3 ## References: * https://www.suse.com/security/cve/CVE-2024-24680.html * https://www.suse.com/security/cve/CVE-2024-27351.html * https://bugzilla.suse.com/show_bug.cgi?id=1219683 * https://bugzilla.suse.com/show_bug.cgi?id=1220358 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 16:30:10 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 16:30:10 -0000 Subject: SUSE-SU-2024:0874-1: important: Security update for python-Django1 Message-ID: <171034741056.8191.18095292095111061077@smelt2.prg2.suse.org> # Security update for python-Django1 Announcement ID: SUSE-SU-2024:0874-1 Rating: important References: * bsc#1219683 * bsc#1220358 Cross-References: * CVE-2024-24680 * CVE-2024-27351 CVSS scores: * CVE-2024-24680 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24680 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27351 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Server 12 SP4 * SUSE OpenStack Cloud 9 * SUSE OpenStack Cloud Crowbar 9 An update that solves two vulnerabilities can now be installed. ## Description: This update for python-Django1 fixes the following issues: * CVE-2024-24680: Fixed a denial-of-service in intcomma template filter (bsc#1219683). * CVE-2024-27351: Fixed potential regular expression denial-of-service in `django.utils.text.Truncator.words()` (bsc#1220358). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE OpenStack Cloud Crowbar 9 zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2024-874=1 * SUSE OpenStack Cloud 9 zypper in -t patch SUSE-OpenStack-Cloud-9-2024-874=1 ## Package List: * SUSE OpenStack Cloud Crowbar 9 (noarch) * python-Django1-1.11.29-3.58.3 * SUSE OpenStack Cloud 9 (noarch) * python-Django1-1.11.29-3.58.3 * venv-openstack-horizon-x86_64-14.1.1~dev11-4.51.4 ## References: * https://www.suse.com/security/cve/CVE-2024-24680.html * https://www.suse.com/security/cve/CVE-2024-27351.html * https://bugzilla.suse.com/show_bug.cgi?id=1219683 * https://bugzilla.suse.com/show_bug.cgi?id=1220358 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 16:30:13 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 16:30:13 -0000 Subject: SUSE-RU-2024:0873-1: moderate: Recommended update for lifecycle-data-sle-live-patching Message-ID: <171034741304.8191.7662254080293567988@smelt2.prg2.suse.org> # Recommended update for lifecycle-data-sle-live-patching Announcement ID: SUSE-RU-2024:0873-1 Rating: moderate References: * bsc#1020320 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Live Patching 12 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has one fix can now be installed. ## Description: This update for lifecycle-data-sle-live-patching fixes the following issues: * Added data for 4_12_14-122_159, 4_12_14-122_189, 4_12_14-122_194 (bsc#1020320) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12 zypper in -t patch SUSE-SLE-Live-Patching-12-2024-873=1 * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-873=1 ## Package List: * SUSE Linux Enterprise Live Patching 12 (noarch) * lifecycle-data-sle-live-patching-1-10.143.1 * SUSE Linux Enterprise Live Patching 12-SP5 (noarch) * lifecycle-data-sle-live-patching-1-10.143.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1020320 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 16:30:15 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 16:30:15 -0000 Subject: SUSE-RU-2024:0872-1: moderate: Recommended update for lifecycle-data-sle-module-live-patching Message-ID: <171034741528.8191.119887679793082692@smelt2.prg2.suse.org> # Recommended update for lifecycle-data-sle-module-live-patching Announcement ID: SUSE-RU-2024:0872-1 Rating: moderate References: * bsc#1020320 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for lifecycle-data-sle-module-live-patching fixes the following issues: * Added data for 4_12_14-150100_197_168, 5_14_21-150400_24_103, 5_14_21-150400_24_108, 5_14_21-150500_55_44, 5_14_21-150500_55_49, 5_3_18-150200_24_175, 5_3_18-150200_24_178, 5_3_18-150300_59_147, 5_3_18-150300_59_150 (bsc#1020320) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-872=1 * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-872=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-872=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-872=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-872=1 ## Package List: * openSUSE Leap 15.5 (noarch) * lifecycle-data-sle-module-live-patching-15-150000.4.108.1 * SUSE Linux Enterprise Live Patching 15-SP2 (noarch) * lifecycle-data-sle-module-live-patching-15-150000.4.108.1 * SUSE Linux Enterprise Live Patching 15-SP3 (noarch) * lifecycle-data-sle-module-live-patching-15-150000.4.108.1 * SUSE Linux Enterprise Live Patching 15-SP4 (noarch) * lifecycle-data-sle-module-live-patching-15-150000.4.108.1 * SUSE Linux Enterprise Live Patching 15-SP5 (noarch) * lifecycle-data-sle-module-live-patching-15-150000.4.108.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1020320 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 16:30:17 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 16:30:17 -0000 Subject: SUSE-SU-2024:0871-1: important: Security update for vim Message-ID: <171034741775.8191.13502126564562199003@smelt2.prg2.suse.org> # Security update for vim Announcement ID: SUSE-SU-2024:0871-1 Rating: important References: * bsc#1215005 * bsc#1217316 * bsc#1217320 * bsc#1217321 * bsc#1217324 * bsc#1217326 * bsc#1217329 * bsc#1217330 * bsc#1217432 * bsc#1219581 Cross-References: * CVE-2023-4750 * CVE-2023-48231 * CVE-2023-48232 * CVE-2023-48233 * CVE-2023-48234 * CVE-2023-48235 * CVE-2023-48236 * CVE-2023-48237 * CVE-2023-48706 * CVE-2024-22667 CVSS scores: * CVE-2023-4750 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4750 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4750 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-48231 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2023-48231 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48232 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2023-48232 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48233 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48233 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48234 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48234 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48235 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48235 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48236 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N * CVE-2023-48236 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48237 ( SUSE ): 2.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48237 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-48706 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L * CVE-2023-48706 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-22667 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-22667 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for vim fixes the following issues: * CVE-2023-48231: Fixed Use-After-Free in win_close() (bsc#1217316). * CVE-2023-48232: Fixed Floating point Exception in adjust_plines_for_skipcol() (bsc#1217320). * CVE-2023-48233: Fixed overflow with count for :s command (bsc#1217321). * CVE-2023-48234: Fixed overflow in nv_z_get_count (bsc#1217324). * CVE-2023-48235: Fixed overflow in ex address parsing (bsc#1217326). * CVE-2023-48236: Fixed overflow in get_number (bsc#1217329). * CVE-2023-48237: Fixed overflow in shift_line (bsc#1217330). * CVE-2023-48706: Fixed heap-use-after-free in ex_substitute (bsc#1217432). * CVE-2024-22667: Fixed stack-based buffer overflow in did_set_langmap function in map.c (bsc#1219581). * CVE-2023-4750: Fixed heap use-after-free in function bt_quickfix (bsc#1215005). Updated to version 9.1 with patch level 0111: https://github.com/vim/vim/compare/v9.0.2103...v9.1.0111 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-871=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-871=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-871=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-871=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-871=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-871=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-871=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-871=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-871=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-871=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-871=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-871=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-871=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-871=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-871=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-871=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-871=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-871=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-871=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-871=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-871=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-871=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-871=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-871=1 ## Package List: * openSUSE Leap Micro 5.3 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * vim-small-debuginfo-9.1.0111-150000.5.60.1 * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * openSUSE Leap Micro 5.4 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * vim-small-debuginfo-9.1.0111-150000.5.60.1 * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * vim-small-debuginfo-9.1.0111-150000.5.60.1 * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * vim-small-debuginfo-9.1.0111-150000.5.60.1 * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * vim-small-debuginfo-9.1.0111-150000.5.60.1 * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * vim-small-debuginfo-9.1.0111-150000.5.60.1 * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * vim-debugsource-9.1.0111-150000.5.60.1 * gvim-debuginfo-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * gvim-9.1.0111-150000.5.60.1 * vim-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * vim-data-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * gvim-debuginfo-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * vim-small-debuginfo-9.1.0111-150000.5.60.1 * gvim-9.1.0111-150000.5.60.1 * vim-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * vim-data-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * gvim-debuginfo-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * vim-small-debuginfo-9.1.0111-150000.5.60.1 * gvim-9.1.0111-150000.5.60.1 * vim-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * vim-data-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * gvim-debuginfo-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * vim-small-debuginfo-9.1.0111-150000.5.60.1 * gvim-9.1.0111-150000.5.60.1 * vim-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * vim-data-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * gvim-debuginfo-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * vim-small-debuginfo-9.1.0111-150000.5.60.1 * gvim-9.1.0111-150000.5.60.1 * vim-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * vim-data-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * vim-debugsource-9.1.0111-150000.5.60.1 * gvim-debuginfo-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * gvim-9.1.0111-150000.5.60.1 * vim-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * vim-data-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * gvim-debuginfo-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * vim-small-debuginfo-9.1.0111-150000.5.60.1 * gvim-9.1.0111-150000.5.60.1 * vim-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * vim-data-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * gvim-debuginfo-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * vim-small-debuginfo-9.1.0111-150000.5.60.1 * gvim-9.1.0111-150000.5.60.1 * vim-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * vim-data-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * vim-debugsource-9.1.0111-150000.5.60.1 * gvim-debuginfo-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * gvim-9.1.0111-150000.5.60.1 * vim-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * vim-data-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * gvim-debuginfo-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * vim-small-debuginfo-9.1.0111-150000.5.60.1 * gvim-9.1.0111-150000.5.60.1 * vim-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * vim-data-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * gvim-debuginfo-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * vim-small-debuginfo-9.1.0111-150000.5.60.1 * gvim-9.1.0111-150000.5.60.1 * vim-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * vim-data-9.1.0111-150000.5.60.1 * SUSE Manager Proxy 4.3 (x86_64) * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * vim-small-debuginfo-9.1.0111-150000.5.60.1 * vim-9.1.0111-150000.5.60.1 * SUSE Manager Proxy 4.3 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * vim-data-9.1.0111-150000.5.60.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * vim-small-debuginfo-9.1.0111-150000.5.60.1 * vim-9.1.0111-150000.5.60.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * vim-data-9.1.0111-150000.5.60.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * vim-small-debuginfo-9.1.0111-150000.5.60.1 * vim-9.1.0111-150000.5.60.1 * SUSE Manager Server 4.3 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * vim-data-9.1.0111-150000.5.60.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * gvim-debuginfo-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * vim-small-debuginfo-9.1.0111-150000.5.60.1 * gvim-9.1.0111-150000.5.60.1 * vim-9.1.0111-150000.5.60.1 * SUSE Enterprise Storage 7.1 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * vim-data-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * vim-small-debuginfo-9.1.0111-150000.5.60.1 * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * vim-small-debuginfo-9.1.0111-150000.5.60.1 * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * vim-data-common-9.1.0111-150000.5.60.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * vim-small-debuginfo-9.1.0111-150000.5.60.1 * vim-small-9.1.0111-150000.5.60.1 * vim-debugsource-9.1.0111-150000.5.60.1 * vim-debuginfo-9.1.0111-150000.5.60.1 ## References: * https://www.suse.com/security/cve/CVE-2023-4750.html * https://www.suse.com/security/cve/CVE-2023-48231.html * https://www.suse.com/security/cve/CVE-2023-48232.html * https://www.suse.com/security/cve/CVE-2023-48233.html * https://www.suse.com/security/cve/CVE-2023-48234.html * https://www.suse.com/security/cve/CVE-2023-48235.html * https://www.suse.com/security/cve/CVE-2023-48236.html * https://www.suse.com/security/cve/CVE-2023-48237.html * https://www.suse.com/security/cve/CVE-2023-48706.html * https://www.suse.com/security/cve/CVE-2024-22667.html * https://bugzilla.suse.com/show_bug.cgi?id=1215005 * https://bugzilla.suse.com/show_bug.cgi?id=1217316 * https://bugzilla.suse.com/show_bug.cgi?id=1217320 * https://bugzilla.suse.com/show_bug.cgi?id=1217321 * https://bugzilla.suse.com/show_bug.cgi?id=1217324 * https://bugzilla.suse.com/show_bug.cgi?id=1217326 * https://bugzilla.suse.com/show_bug.cgi?id=1217329 * https://bugzilla.suse.com/show_bug.cgi?id=1217330 * https://bugzilla.suse.com/show_bug.cgi?id=1217432 * https://bugzilla.suse.com/show_bug.cgi?id=1219581 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 13 16:30:22 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 13 Mar 2024 16:30:22 -0000 Subject: SUSE-SU-2024:0870-1: moderate: Security update for glibc Message-ID: <171034742202.8191.14052723050630311777@smelt2.prg2.suse.org> # Security update for glibc Announcement ID: SUSE-SU-2024:0870-1 Rating: moderate References: * bsc#1217445 * bsc#1217589 * bsc#1218866 Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has three security fixes can now be installed. ## Description: This update for glibc fixes the following issues: Security issues fixed: * qsort: harden handling of degenerated / non transient compare function (bsc#1218866) Other issues fixed: * getaddrinfo: translate ENOMEM to EAI_MEMORY (bsc#1217589, BZ #31163) * aarch64: correct CFI in rawmemchr (bsc#1217445, BZ #31113) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-870=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-870=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-870=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-870=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-870=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-870=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-870=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-870=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-870=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-870=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-870=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-870=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-870=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-870=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-870=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-870=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-870=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-870=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-870=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-870=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-870=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-870=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-870=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-870=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-870=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-870=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586 i686) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-devel-static-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-profile-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * glibc-utils-2.31-150300.68.1 * nscd-2.31-150300.68.1 * glibc-extra-2.31-150300.68.1 * nscd-debuginfo-2.31-150300.68.1 * glibc-utils-debuginfo-2.31-150300.68.1 * glibc-utils-src-debugsource-2.31-150300.68.1 * glibc-extra-debuginfo-2.31-150300.68.1 * openSUSE Leap 15.3 (noarch) * glibc-info-2.31-150300.68.1 * glibc-i18ndata-2.31-150300.68.1 * glibc-html-2.31-150300.68.1 * glibc-lang-2.31-150300.68.1 * openSUSE Leap 15.3 (x86_64) * glibc-utils-32bit-2.31-150300.68.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.68.1 * glibc-32bit-debuginfo-2.31-150300.68.1 * glibc-utils-32bit-debuginfo-2.31-150300.68.1 * glibc-profile-32bit-2.31-150300.68.1 * glibc-locale-base-32bit-2.31-150300.68.1 * glibc-devel-32bit-debuginfo-2.31-150300.68.1 * glibc-devel-32bit-2.31-150300.68.1 * glibc-devel-static-32bit-2.31-150300.68.1 * glibc-32bit-2.31-150300.68.1 * openSUSE Leap 15.3 (aarch64_ilp32) * glibc-64bit-debuginfo-2.31-150300.68.1 * glibc-devel-static-64bit-2.31-150300.68.1 * glibc-64bit-2.31-150300.68.1 * glibc-profile-64bit-2.31-150300.68.1 * glibc-locale-base-64bit-2.31-150300.68.1 * glibc-devel-64bit-debuginfo-2.31-150300.68.1 * glibc-devel-64bit-2.31-150300.68.1 * glibc-utils-64bit-2.31-150300.68.1 * glibc-utils-64bit-debuginfo-2.31-150300.68.1 * glibc-locale-base-64bit-debuginfo-2.31-150300.68.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-utils-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * nscd-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-extra-2.31-150300.68.1 * glibc-utils-debuginfo-2.31-150300.68.1 * nscd-debuginfo-2.31-150300.68.1 * glibc-devel-static-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-utils-src-debugsource-2.31-150300.68.1 * glibc-profile-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-extra-debuginfo-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * openSUSE Leap 15.5 (x86_64) * glibc-utils-32bit-2.31-150300.68.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.68.1 * glibc-32bit-debuginfo-2.31-150300.68.1 * glibc-utils-32bit-debuginfo-2.31-150300.68.1 * glibc-profile-32bit-2.31-150300.68.1 * glibc-locale-base-32bit-2.31-150300.68.1 * glibc-devel-32bit-debuginfo-2.31-150300.68.1 * glibc-devel-32bit-2.31-150300.68.1 * glibc-devel-static-32bit-2.31-150300.68.1 * glibc-32bit-2.31-150300.68.1 * openSUSE Leap 15.5 (noarch) * glibc-info-2.31-150300.68.1 * glibc-i18ndata-2.31-150300.68.1 * glibc-html-2.31-150300.68.1 * glibc-lang-2.31-150300.68.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * nscd-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-extra-2.31-150300.68.1 * nscd-debuginfo-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-profile-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-extra-debuginfo-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * Basesystem Module 15-SP5 (noarch) * glibc-info-2.31-150300.68.1 * glibc-i18ndata-2.31-150300.68.1 * glibc-lang-2.31-150300.68.1 * Basesystem Module 15-SP5 (x86_64) * glibc-locale-base-32bit-debuginfo-2.31-150300.68.1 * glibc-locale-base-32bit-2.31-150300.68.1 * glibc-32bit-2.31-150300.68.1 * glibc-32bit-debuginfo-2.31-150300.68.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * glibc-utils-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-utils-debuginfo-2.31-150300.68.1 * glibc-devel-static-2.31-150300.68.1 * glibc-utils-src-debugsource-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * Development Tools Module 15-SP5 (x86_64) * glibc-devel-32bit-debuginfo-2.31-150300.68.1 * glibc-devel-32bit-2.31-150300.68.1 * glibc-32bit-debuginfo-2.31-150300.68.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-utils-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * nscd-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-extra-2.31-150300.68.1 * glibc-utils-debuginfo-2.31-150300.68.1 * nscd-debuginfo-2.31-150300.68.1 * glibc-devel-static-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-utils-src-debugsource-2.31-150300.68.1 * glibc-profile-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-extra-debuginfo-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * glibc-info-2.31-150300.68.1 * glibc-i18ndata-2.31-150300.68.1 * glibc-lang-2.31-150300.68.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * glibc-locale-base-32bit-debuginfo-2.31-150300.68.1 * glibc-32bit-debuginfo-2.31-150300.68.1 * glibc-locale-base-32bit-2.31-150300.68.1 * glibc-devel-32bit-debuginfo-2.31-150300.68.1 * glibc-devel-32bit-2.31-150300.68.1 * glibc-32bit-2.31-150300.68.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-utils-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * nscd-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-extra-2.31-150300.68.1 * glibc-utils-debuginfo-2.31-150300.68.1 * nscd-debuginfo-2.31-150300.68.1 * glibc-devel-static-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-utils-src-debugsource-2.31-150300.68.1 * glibc-profile-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-extra-debuginfo-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * glibc-info-2.31-150300.68.1 * glibc-i18ndata-2.31-150300.68.1 * glibc-lang-2.31-150300.68.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * glibc-locale-base-32bit-debuginfo-2.31-150300.68.1 * glibc-32bit-debuginfo-2.31-150300.68.1 * glibc-locale-base-32bit-2.31-150300.68.1 * glibc-devel-32bit-debuginfo-2.31-150300.68.1 * glibc-devel-32bit-2.31-150300.68.1 * glibc-32bit-2.31-150300.68.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-utils-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * nscd-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-extra-2.31-150300.68.1 * glibc-utils-debuginfo-2.31-150300.68.1 * nscd-debuginfo-2.31-150300.68.1 * glibc-devel-static-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-utils-src-debugsource-2.31-150300.68.1 * glibc-profile-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-extra-debuginfo-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * glibc-info-2.31-150300.68.1 * glibc-i18ndata-2.31-150300.68.1 * glibc-lang-2.31-150300.68.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * glibc-locale-base-32bit-debuginfo-2.31-150300.68.1 * glibc-32bit-debuginfo-2.31-150300.68.1 * glibc-locale-base-32bit-2.31-150300.68.1 * glibc-devel-32bit-debuginfo-2.31-150300.68.1 * glibc-devel-32bit-2.31-150300.68.1 * glibc-32bit-2.31-150300.68.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * glibc-locale-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * glibc-devel-static-2.31-150300.68.1 * glibc-devel-32bit-debuginfo-2.31-150300.68.1 * glibc-devel-32bit-2.31-150300.68.1 * glibc-32bit-2.31-150300.68.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.68.1 * glibc-locale-base-32bit-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-utils-2.31-150300.68.1 * glibc-32bit-debuginfo-2.31-150300.68.1 * nscd-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-extra-2.31-150300.68.1 * glibc-utils-debuginfo-2.31-150300.68.1 * nscd-debuginfo-2.31-150300.68.1 * glibc-utils-src-debugsource-2.31-150300.68.1 * glibc-profile-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-extra-debuginfo-2.31-150300.68.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * glibc-info-2.31-150300.68.1 * glibc-i18ndata-2.31-150300.68.1 * glibc-lang-2.31-150300.68.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-utils-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * nscd-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-extra-2.31-150300.68.1 * glibc-utils-debuginfo-2.31-150300.68.1 * nscd-debuginfo-2.31-150300.68.1 * glibc-devel-static-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-utils-src-debugsource-2.31-150300.68.1 * glibc-profile-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-extra-debuginfo-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * glibc-info-2.31-150300.68.1 * glibc-i18ndata-2.31-150300.68.1 * glibc-lang-2.31-150300.68.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * glibc-locale-base-32bit-debuginfo-2.31-150300.68.1 * glibc-32bit-debuginfo-2.31-150300.68.1 * glibc-locale-base-32bit-2.31-150300.68.1 * glibc-devel-32bit-debuginfo-2.31-150300.68.1 * glibc-devel-32bit-2.31-150300.68.1 * glibc-32bit-2.31-150300.68.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-utils-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * nscd-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-extra-2.31-150300.68.1 * glibc-utils-debuginfo-2.31-150300.68.1 * nscd-debuginfo-2.31-150300.68.1 * glibc-devel-static-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-utils-src-debugsource-2.31-150300.68.1 * glibc-profile-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-extra-debuginfo-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * glibc-info-2.31-150300.68.1 * glibc-i18ndata-2.31-150300.68.1 * glibc-lang-2.31-150300.68.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * glibc-locale-base-32bit-debuginfo-2.31-150300.68.1 * glibc-32bit-debuginfo-2.31-150300.68.1 * glibc-locale-base-32bit-2.31-150300.68.1 * glibc-devel-32bit-debuginfo-2.31-150300.68.1 * glibc-devel-32bit-2.31-150300.68.1 * glibc-32bit-2.31-150300.68.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-utils-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * nscd-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-extra-2.31-150300.68.1 * glibc-utils-debuginfo-2.31-150300.68.1 * nscd-debuginfo-2.31-150300.68.1 * glibc-devel-static-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-utils-src-debugsource-2.31-150300.68.1 * glibc-profile-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-extra-debuginfo-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * glibc-info-2.31-150300.68.1 * glibc-i18ndata-2.31-150300.68.1 * glibc-lang-2.31-150300.68.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * glibc-locale-base-32bit-debuginfo-2.31-150300.68.1 * glibc-32bit-debuginfo-2.31-150300.68.1 * glibc-locale-base-32bit-2.31-150300.68.1 * glibc-devel-32bit-debuginfo-2.31-150300.68.1 * glibc-devel-32bit-2.31-150300.68.1 * glibc-32bit-2.31-150300.68.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-utils-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * nscd-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-extra-2.31-150300.68.1 * glibc-utils-debuginfo-2.31-150300.68.1 * nscd-debuginfo-2.31-150300.68.1 * glibc-devel-static-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-utils-src-debugsource-2.31-150300.68.1 * glibc-profile-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-extra-debuginfo-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * glibc-info-2.31-150300.68.1 * glibc-i18ndata-2.31-150300.68.1 * glibc-lang-2.31-150300.68.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * glibc-locale-base-32bit-debuginfo-2.31-150300.68.1 * glibc-32bit-debuginfo-2.31-150300.68.1 * glibc-locale-base-32bit-2.31-150300.68.1 * glibc-devel-32bit-debuginfo-2.31-150300.68.1 * glibc-devel-32bit-2.31-150300.68.1 * glibc-32bit-2.31-150300.68.1 * SUSE Manager Proxy 4.3 (x86_64) * glibc-locale-2.31-150300.68.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * glibc-32bit-debuginfo-2.31-150300.68.1 * nscd-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-extra-2.31-150300.68.1 * nscd-debuginfo-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-locale-base-32bit-2.31-150300.68.1 * glibc-profile-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-extra-debuginfo-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * glibc-32bit-2.31-150300.68.1 * SUSE Manager Proxy 4.3 (noarch) * glibc-info-2.31-150300.68.1 * glibc-i18ndata-2.31-150300.68.1 * glibc-lang-2.31-150300.68.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * glibc-locale-2.31-150300.68.1 * glibc-locale-base-32bit-debuginfo-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * glibc-32bit-debuginfo-2.31-150300.68.1 * nscd-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-extra-2.31-150300.68.1 * nscd-debuginfo-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-locale-base-32bit-2.31-150300.68.1 * glibc-profile-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-extra-debuginfo-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * glibc-32bit-2.31-150300.68.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * glibc-info-2.31-150300.68.1 * glibc-i18ndata-2.31-150300.68.1 * glibc-lang-2.31-150300.68.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * nscd-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-extra-2.31-150300.68.1 * nscd-debuginfo-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-profile-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-extra-debuginfo-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * SUSE Manager Server 4.3 (noarch) * glibc-info-2.31-150300.68.1 * glibc-i18ndata-2.31-150300.68.1 * glibc-lang-2.31-150300.68.1 * SUSE Manager Server 4.3 (x86_64) * glibc-locale-base-32bit-debuginfo-2.31-150300.68.1 * glibc-locale-base-32bit-2.31-150300.68.1 * glibc-32bit-2.31-150300.68.1 * glibc-32bit-debuginfo-2.31-150300.68.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-utils-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * nscd-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-extra-2.31-150300.68.1 * glibc-utils-debuginfo-2.31-150300.68.1 * nscd-debuginfo-2.31-150300.68.1 * glibc-devel-static-2.31-150300.68.1 * glibc-devel-debuginfo-2.31-150300.68.1 * glibc-utils-src-debugsource-2.31-150300.68.1 * glibc-profile-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-extra-debuginfo-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * SUSE Enterprise Storage 7.1 (noarch) * glibc-info-2.31-150300.68.1 * glibc-i18ndata-2.31-150300.68.1 * glibc-lang-2.31-150300.68.1 * SUSE Enterprise Storage 7.1 (x86_64) * glibc-locale-base-32bit-debuginfo-2.31-150300.68.1 * glibc-32bit-debuginfo-2.31-150300.68.1 * glibc-locale-base-32bit-2.31-150300.68.1 * glibc-devel-32bit-debuginfo-2.31-150300.68.1 * glibc-devel-32bit-2.31-150300.68.1 * glibc-32bit-2.31-150300.68.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * glibc-locale-2.31-150300.68.1 * glibc-devel-2.31-150300.68.1 * glibc-locale-base-2.31-150300.68.1 * glibc-locale-base-debuginfo-2.31-150300.68.1 * glibc-debuginfo-2.31-150300.68.1 * glibc-2.31-150300.68.1 * glibc-debugsource-2.31-150300.68.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1217445 * https://bugzilla.suse.com/show_bug.cgi?id=1217589 * https://bugzilla.suse.com/show_bug.cgi?id=1218866 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 14 08:30:01 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 14 Mar 2024 08:30:01 -0000 Subject: SUSE-RU-2024:0878-1: important: Recommended update for grub2 Message-ID: <171040500181.19765.5426092037117722848@smelt2.prg2.suse.org> # Recommended update for grub2 Announcement ID: SUSE-RU-2024:0878-1 Rating: important References: * bsc#1181762 * bsc#1219248 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has two fixes can now be installed. ## Description: This update for grub2 fixes the following issues: * Fix grub.xen memdisk script looking for /boot/grub/grub.cfg (bsc#1219248, bsc#1181762) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-878=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-878=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-878=1 openSUSE-SLE-15.5-2024-878=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-878=1 ## Package List: * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * grub2-2.06-150500.29.19.1 * grub2-debuginfo-2.06-150500.29.19.1 * Basesystem Module 15-SP5 (noarch) * grub2-snapper-plugin-2.06-150500.29.19.1 * grub2-i386-pc-2.06-150500.29.19.1 * grub2-arm64-efi-2.06-150500.29.19.1 * grub2-powerpc-ieee1275-2.06-150500.29.19.1 * grub2-x86_64-efi-2.06-150500.29.19.1 * grub2-systemd-sleep-plugin-2.06-150500.29.19.1 * Basesystem Module 15-SP5 (aarch64 s390x x86_64) * grub2-debugsource-2.06-150500.29.19.1 * Basesystem Module 15-SP5 (s390x) * grub2-s390x-emu-2.06-150500.29.19.1 * Server Applications Module 15-SP5 (noarch) * grub2-x86_64-xen-2.06-150500.29.19.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * grub2-2.06-150500.29.19.1 * grub2-debuginfo-2.06-150500.29.19.1 * grub2-branding-upstream-2.06-150500.29.19.1 * openSUSE Leap 15.5 (aarch64 s390x x86_64 i586) * grub2-debugsource-2.06-150500.29.19.1 * openSUSE Leap 15.5 (noarch) * grub2-powerpc-ieee1275-extras-2.06-150500.29.19.1 * grub2-i386-pc-debug-2.06-150500.29.19.1 * grub2-i386-pc-extras-2.06-150500.29.19.1 * grub2-i386-efi-debug-2.06-150500.29.19.1 * grub2-i386-efi-extras-2.06-150500.29.19.1 * grub2-powerpc-ieee1275-debug-2.06-150500.29.19.1 * grub2-snapper-plugin-2.06-150500.29.19.1 * grub2-i386-pc-2.06-150500.29.19.1 * grub2-x86_64-xen-2.06-150500.29.19.1 * grub2-arm64-efi-extras-2.06-150500.29.19.1 * grub2-arm64-efi-2.06-150500.29.19.1 * grub2-x86_64-efi-debug-2.06-150500.29.19.1 * grub2-i386-efi-2.06-150500.29.19.1 * grub2-systemd-sleep-plugin-2.06-150500.29.19.1 * grub2-x86_64-efi-extras-2.06-150500.29.19.1 * grub2-x86_64-xen-extras-2.06-150500.29.19.1 * grub2-powerpc-ieee1275-2.06-150500.29.19.1 * grub2-arm64-efi-debug-2.06-150500.29.19.1 * grub2-x86_64-efi-2.06-150500.29.19.1 * grub2-i386-xen-extras-2.06-150500.29.19.1 * grub2-i386-xen-2.06-150500.29.19.1 * grub2-s390x-emu-extras-2.06-150500.29.19.1 * openSUSE Leap 15.5 (s390x) * grub2-s390x-emu-2.06-150500.29.19.1 * grub2-s390x-emu-debug-2.06-150500.29.19.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * grub2-2.06-150500.29.19.1 * grub2-debuginfo-2.06-150500.29.19.1 * grub2-debugsource-2.06-150500.29.19.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * grub2-snapper-plugin-2.06-150500.29.19.1 * grub2-i386-pc-2.06-150500.29.19.1 * grub2-x86_64-xen-2.06-150500.29.19.1 * grub2-arm64-efi-2.06-150500.29.19.1 * grub2-x86_64-efi-2.06-150500.29.19.1 * SUSE Linux Enterprise Micro 5.5 (s390x) * grub2-s390x-emu-2.06-150500.29.19.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1181762 * https://bugzilla.suse.com/show_bug.cgi?id=1219248 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 14 12:30:01 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 14 Mar 2024 12:30:01 -0000 Subject: SUSE-RU-2024:0883-1: moderate: Recommended update for perl-Bootloader Message-ID: <171041940168.16735.1208622290948766445@smelt2.prg2.suse.org> # Recommended update for perl-Bootloader Announcement ID: SUSE-RU-2024:0883-1 Rating: moderate References: * bsc#1215064 * bsc#1218842 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has two fixes can now be installed. ## Description: This update for perl-Bootloader fixes the following issues: * Support old grub versions (less than v2.02) that used /usr/lib (bsc#1218842) * Bootloader_entry script can have an optional 'force-default' argument (bsc#1215064) * Skip warning about unsupported options when in compat mode ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-883=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-883=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-883=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * perl-Bootloader-0.946-3.6.2 * perl-Bootloader-YAML-0.946-3.6.2 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * perl-Bootloader-0.946-3.6.2 * perl-Bootloader-YAML-0.946-3.6.2 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * perl-Bootloader-0.946-3.6.2 * perl-Bootloader-YAML-0.946-3.6.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1215064 * https://bugzilla.suse.com/show_bug.cgi?id=1218842 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 14 16:30:01 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 14 Mar 2024 16:30:01 -0000 Subject: SUSE-SU-2024:0899-1: moderate: Security update for gdb Message-ID: <171043380185.6698.6804582631129731490@smelt2.prg2.suse.org> # Security update for gdb Announcement ID: SUSE-SU-2024:0899-1 Rating: moderate References: * bsc#1068950 * bsc#1081527 * bsc#1211052 * jsc#PED-6584 Cross-References: * CVE-2017-16829 * CVE-2018-7208 * CVE-2022-48064 CVSS scores: * CVE-2017-16829 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2017-16829 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2018-7208 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2018-7208 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2022-48064 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2022-48064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities and contains one feature can now be installed. ## Description: This update for gdb fixes the following issues: * Drop libdebuginfod1 BuildRequires/Recommends. The former isn't needed because there's a build requirement on libdebuginfod-devel already, which will pull the shared library. And the latter, because it's bogus since RPM auto generated dependency will take care of that requirement. gdb was released in 13.2: * This version of GDB includes the following changes and enhancements: * Support for the following new targets has been added in both GDB and GDBserver: * GNU/Linux/LoongArch (gdbserver) loongarch*-*-linux* * GNU/Linux/CSKY (gdbserver) csky*-*linux* * The Windows native target now supports target async. * Floating-point support has now been added on LoongArch GNU/Linux. * New commands: * set print nibbles [on|off] * show print nibbles * This controls whether the 'print/t' command will display binary values in groups of four bits, known as "nibbles". The default is 'off'. Various styling-related commands. See the gdb/NEWS file for more details. Various maintenance commands. These are normally aimed at GDB experts or developers. See the gdb/NEWS file for more details. * Python API improvements: * New Python API for instruction disassembly. * The new attribute 'locations' of gdb.Breakpoint returns a list of gdb.BreakpointLocation objects specifying the locations where the breakpoint is inserted into the debuggee. * New Python type gdb.BreakpointLocation. * New function gdb.format_address(ADDRESS, PROGSPACE, ARCHITECTURE) that formats ADDRESS as 'address ' * New function gdb.current_language that returns the name of the current language. Unlike gdb.parameter('language'), this will never return 'auto'. * New function gdb.print_options that returns a dictionary of the prevailing print options, in the form accepted by gdb.Value.format_string. * New method gdb.Frame.language that returns the name of the frame's language. * gdb.Value.format_string now uses the format provided by 'print', if it is called during a 'print' or other similar operation. * gdb.Value.format_string now accepts the 'summary' keyword. This can be used to request a shorter representation of a value, the way that 'set print frame-arguments scalars' does. * The gdb.register_window_type method now restricts the set of acceptable window names. The first character of a window's name must start with a character in the set [a-zA-Z], every subsequent character of a window's name must be in the set [-_.a-zA-Z0-9]. * GDB/MI changes: * MI version 1 is deprecated, and will be removed in GDB 14. * The async record stating the stopped reason 'breakpoint-hit' now contains an optional field locno. * Miscellaneous improvements: * gdb now supports zstd compressed debug sections (ELFCOMPRESS_ZSTD) for ELF. * New convenience variable $_inferior_thread_count contains the number of live threads in the current inferior. * New convenience variables $_hit_bpnum and $_hit_locno, set to the breakpoint number and the breakpoint location number of the breakpoint last hit. * The "info breakpoints" now displays enabled breakpoint locations of disabled breakpoints as in the "y-" state. * The format of 'disassemble /r' and 'record instruction-history /r' has changed to match the layout of GNU objdump when disassembling. * A new format "/b" has been introduce to provide the old behavior of "/r". * The TUI no longer styles the source and assembly code highlighted by the current position indicator by default. You can however re-enable styling using the new "set style tui-current-position" command. * It is now possible to use the "document" command to document user-defined commands. * Support for memory tag data for AArch64 MTE. * Support Removal notices: * DBX mode has been removed. * Support for building against Python version 2 has been removed. It is now only possible to build GDB against Python 3. * Support for the following commands has been removed: * set debug aix-solib on|off * show debug aix-solib * set debug solib-frv on|off * show debug solib-frv * Use the "set/show debug solib" commands instead. See the NEWS file for a more complete and detailed list of what this release includes. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-899=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-899=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-899=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-899=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-899=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-899=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-899=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 ## References: * https://www.suse.com/security/cve/CVE-2017-16829.html * https://www.suse.com/security/cve/CVE-2018-7208.html * https://www.suse.com/security/cve/CVE-2022-48064.html * https://bugzilla.suse.com/show_bug.cgi?id=1068950 * https://bugzilla.suse.com/show_bug.cgi?id=1081527 * https://bugzilla.suse.com/show_bug.cgi?id=1211052 * https://jira.suse.com/browse/PED-6584 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 14 20:30:03 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 14 Mar 2024 20:30:03 -0000 Subject: SUSE-SU-2024:0902-1: important: Security update for python-Django Message-ID: <171044820310.27531.6539898688172715341@smelt2.prg2.suse.org> # Security update for python-Django Announcement ID: SUSE-SU-2024:0902-1 Rating: important References: * bsc#1220358 Cross-References: * CVE-2024-27351 CVSS scores: * CVE-2024-27351 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 An update that solves one vulnerability can now be installed. ## Description: This update for python-Django fixes the following issues: * CVE-2024-27351: Fixed a regular expression DoS in django.utils.text.Truncator.words (bsc#1220358) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-902=1 ## Package List: * openSUSE Leap 15.5 (noarch) * python3-Django-2.0.7-150000.1.17.1 ## References: * https://www.suse.com/security/cve/CVE-2024-27351.html * https://bugzilla.suse.com/show_bug.cgi?id=1220358 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 14 20:30:06 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 14 Mar 2024 20:30:06 -0000 Subject: SUSE-SU-2024:0901-1: important: Security update for python3 Message-ID: <171044820655.27531.7136430619802248797@smelt2.prg2.suse.org> # Security update for python3 Announcement ID: SUSE-SU-2024:0901-1 Rating: important References: * bsc#1214691 * bsc#1219666 Cross-References: * CVE-2022-48566 * CVE-2023-6597 CVSS scores: * CVE-2022-48566 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N * CVE-2022-48566 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-6597 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for python3 fixes the following issues: * CVE-2023-6597: Fixed symlink bug in cleanup of tempfile.TemporaryDirectory (bsc#1219666). * CVE-2022-48566: Make compare_digest more constant-time (bsc#1214691). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-901=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-901=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-901=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-901=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-901=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-901=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-901=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-901=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-901=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-901=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-901=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-901=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-901=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-901=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-901=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-901=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-901=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-901=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-901=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-901=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-901=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-901=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-901=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-901=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-901=1 ## Package List: * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python3-testsuite-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-testsuite-3.6.15-150300.10.57.1 * python3-doc-devhelp-3.6.15-150300.10.57.1 * python3-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-curses-debuginfo-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * python3-devel-debuginfo-3.6.15-150300.10.57.1 * python3-dbm-3.6.15-150300.10.57.1 * python3-tk-3.6.15-150300.10.57.1 * python3-dbm-debuginfo-3.6.15-150300.10.57.1 * python3-curses-3.6.15-150300.10.57.1 * python3-tools-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * python3-idle-3.6.15-150300.10.57.1 * python3-devel-3.6.15-150300.10.57.1 * python3-tk-debuginfo-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * python3-doc-3.6.15-150300.10.57.1 * openSUSE Leap 15.5 (x86_64) * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-32bit-3.6.15-150300.10.57.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python3-3.6.15-150300.10.57.1 * python3-devel-debuginfo-3.6.15-150300.10.57.1 * python3-dbm-3.6.15-150300.10.57.1 * python3-curses-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * python3-dbm-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-tk-3.6.15-150300.10.57.1 * python3-idle-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-curses-debuginfo-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * python3-devel-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-tk-debuginfo-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-tools-3.6.15-150300.10.57.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * python3-3.6.15-150300.10.57.1 * python3-devel-debuginfo-3.6.15-150300.10.57.1 * python3-tools-3.6.15-150300.10.57.1 * python3-dbm-3.6.15-150300.10.57.1 * python3-curses-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * python3-dbm-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-tk-3.6.15-150300.10.57.1 * python3-idle-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-curses-debuginfo-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * python3-devel-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-tk-debuginfo-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * python3-3.6.15-150300.10.57.1 * python3-devel-debuginfo-3.6.15-150300.10.57.1 * python3-tools-3.6.15-150300.10.57.1 * python3-dbm-3.6.15-150300.10.57.1 * python3-curses-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * python3-dbm-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-tk-3.6.15-150300.10.57.1 * python3-idle-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-curses-debuginfo-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * python3-devel-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-tk-debuginfo-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * python3-3.6.15-150300.10.57.1 * python3-devel-debuginfo-3.6.15-150300.10.57.1 * python3-tools-3.6.15-150300.10.57.1 * python3-dbm-3.6.15-150300.10.57.1 * python3-curses-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * python3-dbm-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-tk-3.6.15-150300.10.57.1 * python3-idle-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-curses-debuginfo-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * python3-devel-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-tk-debuginfo-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * python3-3.6.15-150300.10.57.1 * python3-devel-debuginfo-3.6.15-150300.10.57.1 * python3-tools-3.6.15-150300.10.57.1 * python3-dbm-3.6.15-150300.10.57.1 * python3-curses-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * python3-dbm-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-tk-3.6.15-150300.10.57.1 * python3-idle-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-curses-debuginfo-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * python3-devel-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-tk-debuginfo-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * python3-3.6.15-150300.10.57.1 * python3-devel-debuginfo-3.6.15-150300.10.57.1 * python3-tools-3.6.15-150300.10.57.1 * python3-dbm-3.6.15-150300.10.57.1 * python3-curses-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * python3-dbm-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-tk-3.6.15-150300.10.57.1 * python3-idle-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-curses-debuginfo-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * python3-devel-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-tk-debuginfo-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * python3-3.6.15-150300.10.57.1 * python3-devel-debuginfo-3.6.15-150300.10.57.1 * python3-tools-3.6.15-150300.10.57.1 * python3-dbm-3.6.15-150300.10.57.1 * python3-curses-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * python3-dbm-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-tk-3.6.15-150300.10.57.1 * python3-idle-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-curses-debuginfo-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * python3-devel-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-tk-debuginfo-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * python3-3.6.15-150300.10.57.1 * python3-devel-debuginfo-3.6.15-150300.10.57.1 * python3-tools-3.6.15-150300.10.57.1 * python3-dbm-3.6.15-150300.10.57.1 * python3-curses-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * python3-dbm-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-tk-3.6.15-150300.10.57.1 * python3-idle-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-curses-debuginfo-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * python3-devel-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-tk-debuginfo-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * python3-3.6.15-150300.10.57.1 * python3-devel-debuginfo-3.6.15-150300.10.57.1 * python3-tools-3.6.15-150300.10.57.1 * python3-dbm-3.6.15-150300.10.57.1 * python3-curses-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * python3-dbm-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-tk-3.6.15-150300.10.57.1 * python3-idle-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-curses-debuginfo-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * python3-devel-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-tk-debuginfo-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * SUSE Manager Proxy 4.3 (x86_64) * python3-3.6.15-150300.10.57.1 * python3-devel-debuginfo-3.6.15-150300.10.57.1 * python3-dbm-3.6.15-150300.10.57.1 * python3-curses-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * python3-dbm-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-tk-3.6.15-150300.10.57.1 * python3-idle-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-curses-debuginfo-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * python3-devel-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-tk-debuginfo-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * python3-3.6.15-150300.10.57.1 * python3-devel-debuginfo-3.6.15-150300.10.57.1 * python3-dbm-3.6.15-150300.10.57.1 * python3-curses-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * python3-dbm-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-tk-3.6.15-150300.10.57.1 * python3-idle-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-curses-debuginfo-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * python3-devel-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-tk-debuginfo-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * python3-3.6.15-150300.10.57.1 * python3-devel-debuginfo-3.6.15-150300.10.57.1 * python3-dbm-3.6.15-150300.10.57.1 * python3-curses-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * python3-dbm-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-tk-3.6.15-150300.10.57.1 * python3-idle-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-curses-debuginfo-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * python3-devel-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-tk-debuginfo-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * python3-3.6.15-150300.10.57.1 * python3-devel-debuginfo-3.6.15-150300.10.57.1 * python3-tools-3.6.15-150300.10.57.1 * python3-dbm-3.6.15-150300.10.57.1 * python3-curses-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * python3-dbm-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-tk-3.6.15-150300.10.57.1 * python3-idle-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-curses-debuginfo-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * python3-devel-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-tk-debuginfo-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * python3-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python3-testsuite-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-testsuite-3.6.15-150300.10.57.1 * python3-doc-devhelp-3.6.15-150300.10.57.1 * python3-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-curses-debuginfo-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * python3-devel-debuginfo-3.6.15-150300.10.57.1 * python3-dbm-3.6.15-150300.10.57.1 * python3-tk-3.6.15-150300.10.57.1 * python3-dbm-debuginfo-3.6.15-150300.10.57.1 * python3-curses-3.6.15-150300.10.57.1 * python3-tools-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * python3-idle-3.6.15-150300.10.57.1 * python3-devel-3.6.15-150300.10.57.1 * python3-tk-debuginfo-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 * python3-doc-3.6.15-150300.10.57.1 * openSUSE Leap 15.3 (x86_64) * libpython3_6m1_0-32bit-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-32bit-3.6.15-150300.10.57.1 * openSUSE Leap 15.3 (aarch64_ilp32) * libpython3_6m1_0-64bit-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-64bit-3.6.15-150300.10.57.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * python3-3.6.15-150300.10.57.1 * python3-debugsource-3.6.15-150300.10.57.1 * libpython3_6m1_0-debuginfo-3.6.15-150300.10.57.1 * python3-base-3.6.15-150300.10.57.1 * python3-core-debugsource-3.6.15-150300.10.57.1 * python3-debuginfo-3.6.15-150300.10.57.1 * libpython3_6m1_0-3.6.15-150300.10.57.1 * python3-base-debuginfo-3.6.15-150300.10.57.1 ## References: * https://www.suse.com/security/cve/CVE-2022-48566.html * https://www.suse.com/security/cve/CVE-2023-6597.html * https://bugzilla.suse.com/show_bug.cgi?id=1214691 * https://bugzilla.suse.com/show_bug.cgi?id=1219666 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 14 20:30:17 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 14 Mar 2024 20:30:17 -0000 Subject: SUSE-SU-2024:0900-1: important: Security update for the Linux Kernel Message-ID: <171044821732.27531.16198709579602126911@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:0900-1 Rating: important References: * bsc#1211515 * bsc#1213456 * bsc#1214064 * bsc#1218195 * bsc#1218216 * bsc#1218562 * bsc#1218915 * bsc#1219073 * bsc#1219126 * bsc#1219127 * bsc#1219146 * bsc#1219295 * bsc#1219633 * bsc#1219653 * bsc#1219827 * bsc#1219835 * bsc#1220009 * bsc#1220140 * bsc#1220187 * bsc#1220238 * bsc#1220240 * bsc#1220241 * bsc#1220243 * bsc#1220250 * bsc#1220251 * bsc#1220253 * bsc#1220254 * bsc#1220255 * bsc#1220257 * bsc#1220326 * bsc#1220328 * bsc#1220330 * bsc#1220335 * bsc#1220344 * bsc#1220350 * bsc#1220364 * bsc#1220398 * bsc#1220409 * bsc#1220433 * bsc#1220444 * bsc#1220457 * bsc#1220459 * bsc#1220469 * bsc#1220649 * bsc#1220735 * bsc#1220736 * bsc#1220796 * bsc#1220797 * bsc#1220825 * bsc#1220845 * bsc#1220917 * bsc#1220930 * bsc#1220931 * bsc#1220933 Cross-References: * CVE-2019-25162 * CVE-2021-46923 * CVE-2021-46924 * CVE-2021-46932 * CVE-2021-46934 * CVE-2021-47083 * CVE-2022-48627 * CVE-2023-28746 * CVE-2023-5197 * CVE-2023-52340 * CVE-2023-52429 * CVE-2023-52439 * CVE-2023-52443 * CVE-2023-52445 * CVE-2023-52447 * CVE-2023-52448 * CVE-2023-52449 * CVE-2023-52451 * CVE-2023-52452 * CVE-2023-52456 * CVE-2023-52457 * CVE-2023-52463 * CVE-2023-52464 * CVE-2023-52467 * CVE-2023-52475 * CVE-2023-52478 * CVE-2023-52482 * CVE-2023-52484 * CVE-2023-52530 * CVE-2023-52531 * CVE-2023-52559 * CVE-2023-6270 * CVE-2023-6817 * CVE-2024-0607 * CVE-2024-1151 * CVE-2024-23849 * CVE-2024-23850 * CVE-2024-23851 * CVE-2024-26585 * CVE-2024-26586 * CVE-2024-26589 * CVE-2024-26591 * CVE-2024-26593 * CVE-2024-26595 * CVE-2024-26598 * CVE-2024-26602 * CVE-2024-26603 * CVE-2024-26607 * CVE-2024-26622 CVSS scores: * CVE-2019-25162 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46923 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46924 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46932 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46934 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47083 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2022-48627 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-5197 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-5197 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52439 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52443 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52445 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52448 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52451 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52452 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52456 ( SUSE ): 4.0 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52457 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52463 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52464 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52467 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52475 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52478 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52482 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-52484 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52530 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52531 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52559 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6817 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6817 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0607 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-0607 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-1151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-23849 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26586 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26589 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26591 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26593 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26607 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 49 vulnerabilities and has five security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). * CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328). * CVE-2023-52559: Fixed a bug by avoiding memory allocation in iommu_suspend (bsc#1220933). * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930). * CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736). * CVE-2023-52467: Fixed a null pointer dereference in of_syscon_register (bsc#1220433). * CVE-2024-26591: Fixed re-attachment branch in bpf_tracing_prog_attach (bsc#1220254). * CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255). * CVE-2023-52484: Fixed a soft lockup triggered by arm_smmu_mm_invalidate_range (bsc#1220797). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295). * CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915). * CVE-2023-6817: Fixed use-after-free in nft_pipapo_walk (bsc#1218195). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825). * CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126). * CVE-2023-52452: Fixed Fix accesses to uninit stack slots (bsc#1220257). * CVE-2023-52457: Fixed skipped resource freeing if pm_runtime_resume_and_get() failed (bsc#1220350). * CVE-2023-52456: Fixed tx statemachine deadlock (bsc#1220364). * CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250). * CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238). * CVE-2021-46923: Fixed reference leakage in fs/mount_setattr (bsc#1220457). * CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251). * CVE-2024-26598: Fixed potential UAF in LPI translation cache (bsc#1220326). * CVE-2024-26603: Fixed infinite loop via #PF handling (bsc#1220335). * CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241). * CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140). * CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240). * CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398). * CVE-2024-26593: Fixed block process call transactions (bsc#1220009). * CVE-2024-26586: Fixed stack corruption (bsc#1220243). * CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344). * CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330) * CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2_rgrp_dump (bsc#1220253). * CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835). * CVE-2023-5197: Fixed se-after-free due to addition and removal of rules from chain bindings within the same transaction (bsc#1218216). * CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127). * CVE-2023-52429: Fixed potential DoS in dm_table_create in drivers/md/dm- table.c (bsc#1219827). * CVE-2024-23851: Fixed crash in copy_params in drivers/md/dm-ioctl.c (bsc#1219146). The following non-security bugs were fixed: * bpf: Fix verification of indirect var-off stack access (git-fixes). * bpf: Guard stack limits against 32bit overflow (git-fixes). * KVM: VMX: Move VERW closer to VMentry for MDS mitigation (git-fixes). * KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (git- fixes). * NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633). * nvme: move nvme_stop_keep_alive() back to original position (bsc#1211515). * nvme: remove nvme_alloc_request and nvme_alloc_request_qid (bsc#1214064). * nvme: start keep-alive after admin queue setup (bsc#1211515). * x86/asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix (git-fixes). * x86/bugs: Add asm helpers for executing VERW (git-fixes). * x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (git- fixes). * x86/entry_32: Add VERW just before userspace transition (git-fixes). * x86/entry_64: Add VERW just before userspace transition (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-900=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-900=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-900=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-900=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-900=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-900=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-900=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-900=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2024-900=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-900=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-900=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-900=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-900=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-900=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-900=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-900=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-900=1 ## Package List: * openSUSE Leap 15.4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.111.2 * openSUSE Leap 15.4 (noarch) * kernel-macros-5.14.21-150400.24.111.1 * kernel-devel-5.14.21-150400.24.111.1 * kernel-source-5.14.21-150400.24.111.1 * kernel-docs-html-5.14.21-150400.24.111.2 * kernel-source-vanilla-5.14.21-150400.24.111.1 * openSUSE Leap 15.4 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150400.24.111.2 * openSUSE Leap 15.4 (ppc64le x86_64) * kernel-debug-debugsource-5.14.21-150400.24.111.2 * kernel-debug-livepatch-devel-5.14.21-150400.24.111.2 * kernel-debug-devel-5.14.21-150400.24.111.2 * kernel-debug-debuginfo-5.14.21-150400.24.111.2 * kernel-debug-devel-debuginfo-5.14.21-150400.24.111.2 * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * kernel-kvmsmall-debugsource-5.14.21-150400.24.111.2 * kernel-kvmsmall-debuginfo-5.14.21-150400.24.111.2 * kernel-default-base-rebuild-5.14.21-150400.24.111.2.150400.24.52.1 * kernel-kvmsmall-livepatch-devel-5.14.21-150400.24.111.2 * kernel-default-base-5.14.21-150400.24.111.2.150400.24.52.1 * kernel-kvmsmall-devel-5.14.21-150400.24.111.2 * kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.111.2 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * dlm-kmp-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-optional-debuginfo-5.14.21-150400.24.111.2 * kernel-default-extra-debuginfo-5.14.21-150400.24.111.2 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-debuginfo-5.14.21-150400.24.111.2 * kselftests-kmp-default-debuginfo-5.14.21-150400.24.111.2 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.111.2 * kernel-obs-build-5.14.21-150400.24.111.1 * cluster-md-kmp-default-5.14.21-150400.24.111.2 * gfs2-kmp-default-5.14.21-150400.24.111.2 * kernel-default-livepatch-5.14.21-150400.24.111.2 * kselftests-kmp-default-5.14.21-150400.24.111.2 * ocfs2-kmp-default-5.14.21-150400.24.111.2 * kernel-obs-qa-5.14.21-150400.24.111.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-devel-5.14.21-150400.24.111.2 * dlm-kmp-default-5.14.21-150400.24.111.2 * reiserfs-kmp-default-5.14.21-150400.24.111.2 * kernel-default-debugsource-5.14.21-150400.24.111.2 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.111.2 * kernel-syms-5.14.21-150400.24.111.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.111.2 * kernel-obs-build-debugsource-5.14.21-150400.24.111.1 * kernel-default-optional-5.14.21-150400.24.111.2 * kernel-default-extra-5.14.21-150400.24.111.2 * kernel-default-livepatch-devel-5.14.21-150400.24.111.2 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.111.2 * openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150400.24.111.2 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-1-150400.9.3.1 * kernel-livepatch-SLE15-SP4_Update_24-debugsource-1-150400.9.3.1 * kernel-livepatch-5_14_21-150400_24_111-default-1-150400.9.3.1 * openSUSE Leap 15.4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.111.2 * openSUSE Leap 15.4 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150400.24.111.2 * kernel-zfcpdump-debugsource-5.14.21-150400.24.111.2 * openSUSE Leap 15.4 (nosrc) * dtb-aarch64-5.14.21-150400.24.111.1 * openSUSE Leap 15.4 (aarch64) * cluster-md-kmp-64kb-5.14.21-150400.24.111.2 * gfs2-kmp-64kb-5.14.21-150400.24.111.2 * ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.111.2 * dtb-mediatek-5.14.21-150400.24.111.1 * dtb-renesas-5.14.21-150400.24.111.1 * dtb-arm-5.14.21-150400.24.111.1 * dtb-amazon-5.14.21-150400.24.111.1 * dtb-amlogic-5.14.21-150400.24.111.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.111.2 * kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.111.2 * dtb-rockchip-5.14.21-150400.24.111.1 * dlm-kmp-64kb-5.14.21-150400.24.111.2 * dtb-qcom-5.14.21-150400.24.111.1 * dtb-broadcom-5.14.21-150400.24.111.1 * ocfs2-kmp-64kb-5.14.21-150400.24.111.2 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.111.2 * kernel-64kb-livepatch-devel-5.14.21-150400.24.111.2 * kernel-64kb-extra-5.14.21-150400.24.111.2 * dtb-cavium-5.14.21-150400.24.111.1 * kernel-64kb-devel-5.14.21-150400.24.111.2 * dtb-apple-5.14.21-150400.24.111.1 * kselftests-kmp-64kb-5.14.21-150400.24.111.2 * dtb-hisilicon-5.14.21-150400.24.111.1 * dtb-apm-5.14.21-150400.24.111.1 * dtb-marvell-5.14.21-150400.24.111.1 * dtb-amd-5.14.21-150400.24.111.1 * kernel-64kb-extra-debuginfo-5.14.21-150400.24.111.2 * dtb-exynos-5.14.21-150400.24.111.1 * dtb-socionext-5.14.21-150400.24.111.1 * dtb-sprd-5.14.21-150400.24.111.1 * kernel-64kb-optional-debuginfo-5.14.21-150400.24.111.2 * dlm-kmp-64kb-debuginfo-5.14.21-150400.24.111.2 * gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.111.2 * dtb-xilinx-5.14.21-150400.24.111.1 * kernel-64kb-debugsource-5.14.21-150400.24.111.2 * dtb-allwinner-5.14.21-150400.24.111.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.111.2 * kernel-64kb-debuginfo-5.14.21-150400.24.111.2 * dtb-altera-5.14.21-150400.24.111.1 * dtb-freescale-5.14.21-150400.24.111.1 * reiserfs-kmp-64kb-5.14.21-150400.24.111.2 * dtb-nvidia-5.14.21-150400.24.111.1 * dtb-lg-5.14.21-150400.24.111.1 * kernel-64kb-optional-5.14.21-150400.24.111.2 * openSUSE Leap 15.4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.111.2 * openSUSE Leap Micro 5.3 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.111.2 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * kernel-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-base-5.14.21-150400.24.111.2.150400.24.52.1 * kernel-default-debugsource-5.14.21-150400.24.111.2 * openSUSE Leap Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.111.2 * openSUSE Leap Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.111.2.150400.24.52.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-debugsource-5.14.21-150400.24.111.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.111.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.111.2.150400.24.52.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-debugsource-5.14.21-150400.24.111.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.111.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.111.2.150400.24.52.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-debugsource-5.14.21-150400.24.111.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.111.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.111.2.150400.24.52.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-debugsource-5.14.21-150400.24.111.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.111.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.111.2.150400.24.52.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-debugsource-5.14.21-150400.24.111.2 * SUSE Linux Enterprise Live Patching 15-SP4 (nosrc) * kernel-default-5.14.21-150400.24.111.2 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-livepatch-5.14.21-150400.24.111.2 * kernel-default-debugsource-5.14.21-150400.24.111.2 * kernel-livepatch-SLE15-SP4_Update_24-debugsource-1-150400.9.3.1 * kernel-default-livepatch-devel-5.14.21-150400.24.111.2 * kernel-livepatch-5_14_21-150400_24_111-default-1-150400.9.3.1 * kernel-livepatch-5_14_21-150400_24_111-default-debuginfo-1-150400.9.3.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.111.2 * dlm-kmp-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-debugsource-5.14.21-150400.24.111.2 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.111.2 * ocfs2-kmp-default-5.14.21-150400.24.111.2 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.111.2 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.111.2 * dlm-kmp-default-5.14.21-150400.24.111.2 * cluster-md-kmp-default-5.14.21-150400.24.111.2 * gfs2-kmp-default-5.14.21-150400.24.111.2 * SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc) * kernel-default-5.14.21-150400.24.111.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.111.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * kernel-64kb-devel-debuginfo-5.14.21-150400.24.111.2 * kernel-64kb-debuginfo-5.14.21-150400.24.111.2 * kernel-64kb-debugsource-5.14.21-150400.24.111.2 * kernel-64kb-devel-5.14.21-150400.24.111.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.111.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kernel-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-debugsource-5.14.21-150400.24.111.2 * kernel-syms-5.14.21-150400.24.111.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.111.2 * kernel-obs-build-debugsource-5.14.21-150400.24.111.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-devel-5.14.21-150400.24.111.2 * reiserfs-kmp-default-5.14.21-150400.24.111.2 * kernel-obs-build-5.14.21-150400.24.111.1 * kernel-default-base-5.14.21-150400.24.111.2.150400.24.52.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * kernel-macros-5.14.21-150400.24.111.1 * kernel-source-5.14.21-150400.24.111.1 * kernel-devel-5.14.21-150400.24.111.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.111.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.111.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * kernel-64kb-devel-debuginfo-5.14.21-150400.24.111.2 * kernel-64kb-debuginfo-5.14.21-150400.24.111.2 * kernel-64kb-debugsource-5.14.21-150400.24.111.2 * kernel-64kb-devel-5.14.21-150400.24.111.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.111.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kernel-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-debugsource-5.14.21-150400.24.111.2 * kernel-syms-5.14.21-150400.24.111.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.111.2 * kernel-obs-build-debugsource-5.14.21-150400.24.111.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-devel-5.14.21-150400.24.111.2 * reiserfs-kmp-default-5.14.21-150400.24.111.2 * kernel-obs-build-5.14.21-150400.24.111.1 * kernel-default-base-5.14.21-150400.24.111.2.150400.24.52.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * kernel-macros-5.14.21-150400.24.111.1 * kernel-source-5.14.21-150400.24.111.1 * kernel-devel-5.14.21-150400.24.111.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.111.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (nosrc x86_64) * kernel-default-5.14.21-150400.24.111.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * kernel-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-debugsource-5.14.21-150400.24.111.2 * kernel-syms-5.14.21-150400.24.111.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.111.2 * kernel-obs-build-debugsource-5.14.21-150400.24.111.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.111.2 * kernel-default-extra-5.14.21-150400.24.111.2 * kernel-default-devel-5.14.21-150400.24.111.2 * kernel-obs-build-5.14.21-150400.24.111.1 * kernel-default-base-5.14.21-150400.24.111.2.150400.24.52.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * kernel-macros-5.14.21-150400.24.111.1 * kernel-source-5.14.21-150400.24.111.1 * kernel-devel-5.14.21-150400.24.111.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.111.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.111.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64) * kernel-64kb-devel-debuginfo-5.14.21-150400.24.111.2 * kernel-64kb-debuginfo-5.14.21-150400.24.111.2 * kernel-64kb-debugsource-5.14.21-150400.24.111.2 * kernel-64kb-devel-5.14.21-150400.24.111.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.111.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.111.2.150400.24.52.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-debugsource-5.14.21-150400.24.111.2 * kernel-syms-5.14.21-150400.24.111.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.111.2 * kernel-obs-build-debugsource-5.14.21-150400.24.111.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-devel-5.14.21-150400.24.111.2 * reiserfs-kmp-default-5.14.21-150400.24.111.2 * kernel-obs-build-5.14.21-150400.24.111.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * kernel-macros-5.14.21-150400.24.111.1 * kernel-source-5.14.21-150400.24.111.1 * kernel-devel-5.14.21-150400.24.111.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.111.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.111.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150400.24.111.2 * kernel-zfcpdump-debugsource-5.14.21-150400.24.111.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150400.24.111.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kernel-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-debugsource-5.14.21-150400.24.111.2 * kernel-syms-5.14.21-150400.24.111.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.111.2 * kernel-obs-build-debugsource-5.14.21-150400.24.111.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-devel-5.14.21-150400.24.111.2 * reiserfs-kmp-default-5.14.21-150400.24.111.2 * kernel-obs-build-5.14.21-150400.24.111.1 * kernel-default-base-5.14.21-150400.24.111.2.150400.24.52.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * kernel-macros-5.14.21-150400.24.111.1 * kernel-source-5.14.21-150400.24.111.1 * kernel-devel-5.14.21-150400.24.111.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.111.2 * SUSE Manager Proxy 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.111.2 * SUSE Manager Proxy 4.3 (x86_64) * kernel-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-debugsource-5.14.21-150400.24.111.2 * kernel-default-devel-debuginfo-5.14.21-150400.24.111.2 * kernel-default-devel-5.14.21-150400.24.111.2 * kernel-default-base-5.14.21-150400.24.111.2.150400.24.52.1 * SUSE Manager Proxy 4.3 (noarch) * kernel-macros-5.14.21-150400.24.111.1 * kernel-devel-5.14.21-150400.24.111.1 * SUSE Manager Retail Branch Server 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.111.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * kernel-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-debugsource-5.14.21-150400.24.111.2 * kernel-default-devel-debuginfo-5.14.21-150400.24.111.2 * kernel-default-devel-5.14.21-150400.24.111.2 * kernel-default-base-5.14.21-150400.24.111.2.150400.24.52.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * kernel-macros-5.14.21-150400.24.111.1 * kernel-devel-5.14.21-150400.24.111.1 * SUSE Manager Server 4.3 (nosrc ppc64le s390x x86_64) * kernel-default-5.14.21-150400.24.111.2 * SUSE Manager Server 4.3 (ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.111.2.150400.24.52.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-devel-debuginfo-5.14.21-150400.24.111.2 * kernel-default-debugsource-5.14.21-150400.24.111.2 * kernel-default-devel-5.14.21-150400.24.111.2 * SUSE Manager Server 4.3 (noarch) * kernel-macros-5.14.21-150400.24.111.1 * kernel-devel-5.14.21-150400.24.111.1 * SUSE Manager Server 4.3 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.111.2 * SUSE Manager Server 4.3 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150400.24.111.2 * kernel-zfcpdump-debugsource-5.14.21-150400.24.111.2 ## References: * https://www.suse.com/security/cve/CVE-2019-25162.html * https://www.suse.com/security/cve/CVE-2021-46923.html * https://www.suse.com/security/cve/CVE-2021-46924.html * https://www.suse.com/security/cve/CVE-2021-46932.html * https://www.suse.com/security/cve/CVE-2021-46934.html * https://www.suse.com/security/cve/CVE-2021-47083.html * https://www.suse.com/security/cve/CVE-2022-48627.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-5197.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52429.html * https://www.suse.com/security/cve/CVE-2023-52439.html * https://www.suse.com/security/cve/CVE-2023-52443.html * https://www.suse.com/security/cve/CVE-2023-52445.html * https://www.suse.com/security/cve/CVE-2023-52447.html * https://www.suse.com/security/cve/CVE-2023-52448.html * https://www.suse.com/security/cve/CVE-2023-52449.html * https://www.suse.com/security/cve/CVE-2023-52451.html * https://www.suse.com/security/cve/CVE-2023-52452.html * https://www.suse.com/security/cve/CVE-2023-52456.html * https://www.suse.com/security/cve/CVE-2023-52457.html * https://www.suse.com/security/cve/CVE-2023-52463.html * https://www.suse.com/security/cve/CVE-2023-52464.html * https://www.suse.com/security/cve/CVE-2023-52467.html * https://www.suse.com/security/cve/CVE-2023-52475.html * https://www.suse.com/security/cve/CVE-2023-52478.html * https://www.suse.com/security/cve/CVE-2023-52482.html * https://www.suse.com/security/cve/CVE-2023-52484.html * https://www.suse.com/security/cve/CVE-2023-52530.html * https://www.suse.com/security/cve/CVE-2023-52531.html * https://www.suse.com/security/cve/CVE-2023-52559.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2023-6817.html * https://www.suse.com/security/cve/CVE-2024-0607.html * https://www.suse.com/security/cve/CVE-2024-1151.html * https://www.suse.com/security/cve/CVE-2024-23849.html * https://www.suse.com/security/cve/CVE-2024-23850.html * https://www.suse.com/security/cve/CVE-2024-23851.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26586.html * https://www.suse.com/security/cve/CVE-2024-26589.html * https://www.suse.com/security/cve/CVE-2024-26591.html * https://www.suse.com/security/cve/CVE-2024-26593.html * https://www.suse.com/security/cve/CVE-2024-26595.html * https://www.suse.com/security/cve/CVE-2024-26598.html * https://www.suse.com/security/cve/CVE-2024-26602.html * https://www.suse.com/security/cve/CVE-2024-26603.html * https://www.suse.com/security/cve/CVE-2024-26607.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1211515 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1214064 * https://bugzilla.suse.com/show_bug.cgi?id=1218195 * https://bugzilla.suse.com/show_bug.cgi?id=1218216 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1218915 * https://bugzilla.suse.com/show_bug.cgi?id=1219073 * https://bugzilla.suse.com/show_bug.cgi?id=1219126 * https://bugzilla.suse.com/show_bug.cgi?id=1219127 * https://bugzilla.suse.com/show_bug.cgi?id=1219146 * https://bugzilla.suse.com/show_bug.cgi?id=1219295 * https://bugzilla.suse.com/show_bug.cgi?id=1219633 * https://bugzilla.suse.com/show_bug.cgi?id=1219653 * https://bugzilla.suse.com/show_bug.cgi?id=1219827 * https://bugzilla.suse.com/show_bug.cgi?id=1219835 * https://bugzilla.suse.com/show_bug.cgi?id=1220009 * https://bugzilla.suse.com/show_bug.cgi?id=1220140 * https://bugzilla.suse.com/show_bug.cgi?id=1220187 * https://bugzilla.suse.com/show_bug.cgi?id=1220238 * https://bugzilla.suse.com/show_bug.cgi?id=1220240 * https://bugzilla.suse.com/show_bug.cgi?id=1220241 * https://bugzilla.suse.com/show_bug.cgi?id=1220243 * https://bugzilla.suse.com/show_bug.cgi?id=1220250 * https://bugzilla.suse.com/show_bug.cgi?id=1220251 * https://bugzilla.suse.com/show_bug.cgi?id=1220253 * https://bugzilla.suse.com/show_bug.cgi?id=1220254 * https://bugzilla.suse.com/show_bug.cgi?id=1220255 * https://bugzilla.suse.com/show_bug.cgi?id=1220257 * https://bugzilla.suse.com/show_bug.cgi?id=1220326 * https://bugzilla.suse.com/show_bug.cgi?id=1220328 * https://bugzilla.suse.com/show_bug.cgi?id=1220330 * https://bugzilla.suse.com/show_bug.cgi?id=1220335 * https://bugzilla.suse.com/show_bug.cgi?id=1220344 * https://bugzilla.suse.com/show_bug.cgi?id=1220350 * https://bugzilla.suse.com/show_bug.cgi?id=1220364 * https://bugzilla.suse.com/show_bug.cgi?id=1220398 * https://bugzilla.suse.com/show_bug.cgi?id=1220409 * https://bugzilla.suse.com/show_bug.cgi?id=1220433 * https://bugzilla.suse.com/show_bug.cgi?id=1220444 * https://bugzilla.suse.com/show_bug.cgi?id=1220457 * https://bugzilla.suse.com/show_bug.cgi?id=1220459 * https://bugzilla.suse.com/show_bug.cgi?id=1220469 * https://bugzilla.suse.com/show_bug.cgi?id=1220649 * https://bugzilla.suse.com/show_bug.cgi?id=1220735 * https://bugzilla.suse.com/show_bug.cgi?id=1220736 * https://bugzilla.suse.com/show_bug.cgi?id=1220796 * https://bugzilla.suse.com/show_bug.cgi?id=1220797 * https://bugzilla.suse.com/show_bug.cgi?id=1220825 * https://bugzilla.suse.com/show_bug.cgi?id=1220845 * https://bugzilla.suse.com/show_bug.cgi?id=1220917 * https://bugzilla.suse.com/show_bug.cgi?id=1220930 * https://bugzilla.suse.com/show_bug.cgi?id=1220931 * https://bugzilla.suse.com/show_bug.cgi?id=1220933 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 14 20:30:19 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 14 Mar 2024 20:30:19 -0000 Subject: SUSE-SU-2024:0899-1: moderate: Security update for gdb Message-ID: <171044821961.27531.17761065932935114916@smelt2.prg2.suse.org> # Security update for gdb Announcement ID: SUSE-SU-2024:0899-1 Rating: moderate References: * bsc#1068950 * bsc#1081527 * bsc#1211052 * jsc#PED-6584 Cross-References: * CVE-2017-16829 * CVE-2018-7208 * CVE-2022-48064 CVSS scores: * CVE-2017-16829 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2017-16829 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2018-7208 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2018-7208 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2022-48064 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2022-48064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities and contains one feature can now be installed. ## Description: This update for gdb fixes the following issues: * Drop libdebuginfod1 BuildRequires/Recommends. The former isn't needed because there's a build requirement on libdebuginfod-devel already, which will pull the shared library. And the latter, because it's bogus since RPM auto generated dependency will take care of that requirement. gdb was released in 13.2: * This version of GDB includes the following changes and enhancements: * Support for the following new targets has been added in both GDB and GDBserver: * GNU/Linux/LoongArch (gdbserver) loongarch*-*-linux* * GNU/Linux/CSKY (gdbserver) csky*-*linux* * The Windows native target now supports target async. * Floating-point support has now been added on LoongArch GNU/Linux. * New commands: * set print nibbles [on|off] * show print nibbles * This controls whether the 'print/t' command will display binary values in groups of four bits, known as "nibbles". The default is 'off'. Various styling-related commands. See the gdb/NEWS file for more details. Various maintenance commands. These are normally aimed at GDB experts or developers. See the gdb/NEWS file for more details. * Python API improvements: * New Python API for instruction disassembly. * The new attribute 'locations' of gdb.Breakpoint returns a list of gdb.BreakpointLocation objects specifying the locations where the breakpoint is inserted into the debuggee. * New Python type gdb.BreakpointLocation. * New function gdb.format_address(ADDRESS, PROGSPACE, ARCHITECTURE) that formats ADDRESS as 'address ' * New function gdb.current_language that returns the name of the current language. Unlike gdb.parameter('language'), this will never return 'auto'. * New function gdb.print_options that returns a dictionary of the prevailing print options, in the form accepted by gdb.Value.format_string. * New method gdb.Frame.language that returns the name of the frame's language. * gdb.Value.format_string now uses the format provided by 'print', if it is called during a 'print' or other similar operation. * gdb.Value.format_string now accepts the 'summary' keyword. This can be used to request a shorter representation of a value, the way that 'set print frame-arguments scalars' does. * The gdb.register_window_type method now restricts the set of acceptable window names. The first character of a window's name must start with a character in the set [a-zA-Z], every subsequent character of a window's name must be in the set [-_.a-zA-Z0-9]. * GDB/MI changes: * MI version 1 is deprecated, and will be removed in GDB 14. * The async record stating the stopped reason 'breakpoint-hit' now contains an optional field locno. * Miscellaneous improvements: * gdb now supports zstd compressed debug sections (ELFCOMPRESS_ZSTD) for ELF. * New convenience variable $_inferior_thread_count contains the number of live threads in the current inferior. * New convenience variables $_hit_bpnum and $_hit_locno, set to the breakpoint number and the breakpoint location number of the breakpoint last hit. * The "info breakpoints" now displays enabled breakpoint locations of disabled breakpoints as in the "y-" state. * The format of 'disassemble /r' and 'record instruction-history /r' has changed to match the layout of GNU objdump when disassembling. * A new format "/b" has been introduce to provide the old behavior of "/r". * The TUI no longer styles the source and assembly code highlighted by the current position indicator by default. You can however re-enable styling using the new "set style tui-current-position" command. * It is now possible to use the "document" command to document user-defined commands. * Support for memory tag data for AArch64 MTE. * Support Removal notices: * DBX mode has been removed. * Support for building against Python version 2 has been removed. It is now only possible to build GDB against Python 3. * Support for the following commands has been removed: * set debug aix-solib on|off * show debug aix-solib * set debug solib-frv on|off * show debug solib-frv * Use the "set/show debug solib" commands instead. See the NEWS file for a more complete and detailed list of what this release includes. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-899=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-899=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-899=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-899=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-899=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-899=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-899=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 ## References: * https://www.suse.com/security/cve/CVE-2017-16829.html * https://www.suse.com/security/cve/CVE-2018-7208.html * https://www.suse.com/security/cve/CVE-2022-48064.html * https://bugzilla.suse.com/show_bug.cgi?id=1068950 * https://bugzilla.suse.com/show_bug.cgi?id=1081527 * https://bugzilla.suse.com/show_bug.cgi?id=1211052 * https://jira.suse.com/browse/PED-6584 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 14 20:33:20 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 14 Mar 2024 20:33:20 -0000 Subject: SUSE-SU-2024:0899-1: moderate: Security update for gdb Message-ID: <171044840097.26757.8768055647690507616@smelt2.prg2.suse.org> # Security update for gdb Announcement ID: SUSE-SU-2024:0899-1 Rating: moderate References: * bsc#1068950 * bsc#1081527 * bsc#1211052 * jsc#PED-6584 Cross-References: * CVE-2017-16829 * CVE-2018-7208 * CVE-2022-48064 CVSS scores: * CVE-2017-16829 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2017-16829 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2018-7208 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2018-7208 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2022-48064 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2022-48064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities and contains one feature can now be installed. ## Description: This update for gdb fixes the following issues: * Drop libdebuginfod1 BuildRequires/Recommends. The former isn't needed because there's a build requirement on libdebuginfod-devel already, which will pull the shared library. And the latter, because it's bogus since RPM auto generated dependency will take care of that requirement. gdb was released in 13.2: * This version of GDB includes the following changes and enhancements: * Support for the following new targets has been added in both GDB and GDBserver: * GNU/Linux/LoongArch (gdbserver) loongarch*-*-linux* * GNU/Linux/CSKY (gdbserver) csky*-*linux* * The Windows native target now supports target async. * Floating-point support has now been added on LoongArch GNU/Linux. * New commands: * set print nibbles [on|off] * show print nibbles * This controls whether the 'print/t' command will display binary values in groups of four bits, known as "nibbles". The default is 'off'. Various styling-related commands. See the gdb/NEWS file for more details. Various maintenance commands. These are normally aimed at GDB experts or developers. See the gdb/NEWS file for more details. * Python API improvements: * New Python API for instruction disassembly. * The new attribute 'locations' of gdb.Breakpoint returns a list of gdb.BreakpointLocation objects specifying the locations where the breakpoint is inserted into the debuggee. * New Python type gdb.BreakpointLocation. * New function gdb.format_address(ADDRESS, PROGSPACE, ARCHITECTURE) that formats ADDRESS as 'address ' * New function gdb.current_language that returns the name of the current language. Unlike gdb.parameter('language'), this will never return 'auto'. * New function gdb.print_options that returns a dictionary of the prevailing print options, in the form accepted by gdb.Value.format_string. * New method gdb.Frame.language that returns the name of the frame's language. * gdb.Value.format_string now uses the format provided by 'print', if it is called during a 'print' or other similar operation. * gdb.Value.format_string now accepts the 'summary' keyword. This can be used to request a shorter representation of a value, the way that 'set print frame-arguments scalars' does. * The gdb.register_window_type method now restricts the set of acceptable window names. The first character of a window's name must start with a character in the set [a-zA-Z], every subsequent character of a window's name must be in the set [-_.a-zA-Z0-9]. * GDB/MI changes: * MI version 1 is deprecated, and will be removed in GDB 14. * The async record stating the stopped reason 'breakpoint-hit' now contains an optional field locno. * Miscellaneous improvements: * gdb now supports zstd compressed debug sections (ELFCOMPRESS_ZSTD) for ELF. * New convenience variable $_inferior_thread_count contains the number of live threads in the current inferior. * New convenience variables $_hit_bpnum and $_hit_locno, set to the breakpoint number and the breakpoint location number of the breakpoint last hit. * The "info breakpoints" now displays enabled breakpoint locations of disabled breakpoints as in the "y-" state. * The format of 'disassemble /r' and 'record instruction-history /r' has changed to match the layout of GNU objdump when disassembling. * A new format "/b" has been introduce to provide the old behavior of "/r". * The TUI no longer styles the source and assembly code highlighted by the current position indicator by default. You can however re-enable styling using the new "set style tui-current-position" command. * It is now possible to use the "document" command to document user-defined commands. * Support for memory tag data for AArch64 MTE. * Support Removal notices: * DBX mode has been removed. * Support for building against Python version 2 has been removed. It is now only possible to build GDB against Python 3. * Support for the following commands has been removed: * set debug aix-solib on|off * show debug aix-solib * set debug solib-frv on|off * show debug solib-frv * Use the "set/show debug solib" commands instead. See the NEWS file for a more complete and detailed list of what this release includes. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-899=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-899=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-899=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-899=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-899=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-899=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-899=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 ## References: * https://www.suse.com/security/cve/CVE-2017-16829.html * https://www.suse.com/security/cve/CVE-2018-7208.html * https://www.suse.com/security/cve/CVE-2022-48064.html * https://bugzilla.suse.com/show_bug.cgi?id=1068950 * https://bugzilla.suse.com/show_bug.cgi?id=1081527 * https://bugzilla.suse.com/show_bug.cgi?id=1211052 * https://jira.suse.com/browse/PED-6584 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 14 20:36:23 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 14 Mar 2024 20:36:23 -0000 Subject: SUSE-SU-2024:0899-1: moderate: Security update for gdb Message-ID: <171044858372.27531.3454209649192650648@smelt2.prg2.suse.org> # Security update for gdb Announcement ID: SUSE-SU-2024:0899-1 Rating: moderate References: * bsc#1068950 * bsc#1081527 * bsc#1211052 * jsc#PED-6584 Cross-References: * CVE-2017-16829 * CVE-2018-7208 * CVE-2022-48064 CVSS scores: * CVE-2017-16829 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2017-16829 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2018-7208 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2018-7208 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2022-48064 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2022-48064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities and contains one feature can now be installed. ## Description: This update for gdb fixes the following issues: * Drop libdebuginfod1 BuildRequires/Recommends. The former isn't needed because there's a build requirement on libdebuginfod-devel already, which will pull the shared library. And the latter, because it's bogus since RPM auto generated dependency will take care of that requirement. gdb was released in 13.2: * This version of GDB includes the following changes and enhancements: * Support for the following new targets has been added in both GDB and GDBserver: * GNU/Linux/LoongArch (gdbserver) loongarch*-*-linux* * GNU/Linux/CSKY (gdbserver) csky*-*linux* * The Windows native target now supports target async. * Floating-point support has now been added on LoongArch GNU/Linux. * New commands: * set print nibbles [on|off] * show print nibbles * This controls whether the 'print/t' command will display binary values in groups of four bits, known as "nibbles". The default is 'off'. Various styling-related commands. See the gdb/NEWS file for more details. Various maintenance commands. These are normally aimed at GDB experts or developers. See the gdb/NEWS file for more details. * Python API improvements: * New Python API for instruction disassembly. * The new attribute 'locations' of gdb.Breakpoint returns a list of gdb.BreakpointLocation objects specifying the locations where the breakpoint is inserted into the debuggee. * New Python type gdb.BreakpointLocation. * New function gdb.format_address(ADDRESS, PROGSPACE, ARCHITECTURE) that formats ADDRESS as 'address ' * New function gdb.current_language that returns the name of the current language. Unlike gdb.parameter('language'), this will never return 'auto'. * New function gdb.print_options that returns a dictionary of the prevailing print options, in the form accepted by gdb.Value.format_string. * New method gdb.Frame.language that returns the name of the frame's language. * gdb.Value.format_string now uses the format provided by 'print', if it is called during a 'print' or other similar operation. * gdb.Value.format_string now accepts the 'summary' keyword. This can be used to request a shorter representation of a value, the way that 'set print frame-arguments scalars' does. * The gdb.register_window_type method now restricts the set of acceptable window names. The first character of a window's name must start with a character in the set [a-zA-Z], every subsequent character of a window's name must be in the set [-_.a-zA-Z0-9]. * GDB/MI changes: * MI version 1 is deprecated, and will be removed in GDB 14. * The async record stating the stopped reason 'breakpoint-hit' now contains an optional field locno. * Miscellaneous improvements: * gdb now supports zstd compressed debug sections (ELFCOMPRESS_ZSTD) for ELF. * New convenience variable $_inferior_thread_count contains the number of live threads in the current inferior. * New convenience variables $_hit_bpnum and $_hit_locno, set to the breakpoint number and the breakpoint location number of the breakpoint last hit. * The "info breakpoints" now displays enabled breakpoint locations of disabled breakpoints as in the "y-" state. * The format of 'disassemble /r' and 'record instruction-history /r' has changed to match the layout of GNU objdump when disassembling. * A new format "/b" has been introduce to provide the old behavior of "/r". * The TUI no longer styles the source and assembly code highlighted by the current position indicator by default. You can however re-enable styling using the new "set style tui-current-position" command. * It is now possible to use the "document" command to document user-defined commands. * Support for memory tag data for AArch64 MTE. * Support Removal notices: * DBX mode has been removed. * Support for building against Python version 2 has been removed. It is now only possible to build GDB against Python 3. * Support for the following commands has been removed: * set debug aix-solib on|off * show debug aix-solib * set debug solib-frv on|off * show debug solib-frv * Use the "set/show debug solib" commands instead. See the NEWS file for a more complete and detailed list of what this release includes. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-899=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-899=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-899=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-899=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-899=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-899=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-899=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * gdbserver-13.2-150100.8.39.1 * gdbserver-debuginfo-13.2-150100.8.39.1 * gdb-debuginfo-13.2-150100.8.39.1 * gdb-debugsource-13.2-150100.8.39.1 * gdb-13.2-150100.8.39.1 ## References: * https://www.suse.com/security/cve/CVE-2017-16829.html * https://www.suse.com/security/cve/CVE-2018-7208.html * https://www.suse.com/security/cve/CVE-2022-48064.html * https://bugzilla.suse.com/show_bug.cgi?id=1068950 * https://bugzilla.suse.com/show_bug.cgi?id=1081527 * https://bugzilla.suse.com/show_bug.cgi?id=1211052 * https://jira.suse.com/browse/PED-6584 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 14 20:36:25 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 14 Mar 2024 20:36:25 -0000 Subject: SUSE-SU-2024:0898-1: moderate: Security update for gdb Message-ID: <171044858583.27531.17750241671947333523@smelt2.prg2.suse.org> # Security update for gdb Announcement ID: SUSE-SU-2024:0898-1 Rating: moderate References: * bsc#1068950 * bsc#1081527 * bsc#1211052 * jsc#PED-6584 Cross-References: * CVE-2017-16829 * CVE-2018-7208 * CVE-2022-48064 CVSS scores: * CVE-2017-16829 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2017-16829 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2018-7208 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2018-7208 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2022-48064 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2022-48064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities and contains one feature can now be installed. ## Description: This update for gdb fixes the following issues: * Drop libdebuginfod1 BuildRequires/Recommends. The former isn't needed because there's a build requirement on libdebuginfod-devel already, which will pull the shared library. And the latter, because it's bogus since RPM auto generated dependency will take care of that requirement. gdb was released in 13.2: * This version of GDB includes the following changes and enhancements: * Support for the following new targets has been added in both GDB and GDBserver: * GNU/Linux/LoongArch (gdbserver) loongarch*-*-linux* * GNU/Linux/CSKY (gdbserver) csky*-*linux* * The Windows native target now supports target async. * Floating-point support has now been added on LoongArch GNU/Linux. * New commands: * set print nibbles [on|off] * show print nibbles * This controls whether the 'print/t' command will display binary values in groups of four bits, known as "nibbles". The default is 'off'. Various styling-related commands. See the gdb/NEWS file for more details. Various maintenance commands. These are normally aimed at GDB experts or developers. See the gdb/NEWS file for more details. * Python API improvements: * New Python API for instruction disassembly. * The new attribute 'locations' of gdb.Breakpoint returns a list of gdb.BreakpointLocation objects specifying the locations where the breakpoint is inserted into the debuggee. * New Python type gdb.BreakpointLocation. * New function gdb.format_address(ADDRESS, PROGSPACE, ARCHITECTURE) that formats ADDRESS as 'address ' * New function gdb.current_language that returns the name of the current language. Unlike gdb.parameter('language'), this will never return 'auto'. * New function gdb.print_options that returns a dictionary of the prevailing print options, in the form accepted by gdb.Value.format_string. * New method gdb.Frame.language that returns the name of the frame's language. * gdb.Value.format_string now uses the format provided by 'print', if it is called during a 'print' or other similar operation. * gdb.Value.format_string now accepts the 'summary' keyword. This can be used to request a shorter representation of a value, the way that 'set print frame-arguments scalars' does. * The gdb.register_window_type method now restricts the set of acceptable window names. The first character of a window's name must start with a character in the set [a-zA-Z], every subsequent character of a window's name must be in the set [-_.a-zA-Z0-9]. * GDB/MI changes: * MI version 1 is deprecated, and will be removed in GDB 14. * The async record stating the stopped reason 'breakpoint-hit' now contains an optional field locno. * Miscellaneous improvements: * gdb now supports zstd compressed debug sections (ELFCOMPRESS_ZSTD) for ELF. * New convenience variable $_inferior_thread_count contains the number of live threads in the current inferior. * New convenience variables $_hit_bpnum and $_hit_locno, set to the breakpoint number and the breakpoint location number of the breakpoint last hit. * The "info breakpoints" now displays enabled breakpoint locations of disabled breakpoints as in the "y-" state. * The format of 'disassemble /r' and 'record instruction-history /r' has changed to match the layout of GNU objdump when disassembling. * A new format "/b" has been introduce to provide the old behavior of "/r". * The TUI no longer styles the source and assembly code highlighted by the current position indicator by default. You can however re-enable styling using the new "set style tui-current-position" command. * It is now possible to use the "document" command to document user-defined commands. * Support for memory tag data for AArch64 MTE. * Support Removal notices: * DBX mode has been removed. * Support for building against Python version 2 has been removed. It is now only possible to build GDB against Python 3. * Support for the following commands has been removed: * set debug aix-solib on|off * show debug aix-solib * set debug solib-frv on|off * show debug solib-frv * Use the "set/show debug solib" commands instead. See the NEWS file for a more complete and detailed list of what this release includes. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-898=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-898=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-898=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-898=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-898=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-898=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-898=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-898=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * gdb-debugsource-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586 nosrc) * gdb-testresults-13.2-150400.15.14.4 * openSUSE Leap 15.4 (aarch64_ilp32) * gdb-64bit-13.2-150400.15.14.1 * gdbserver-64bit-debuginfo-13.2-150400.15.14.1 * gdb-64bit-debuginfo-13.2-150400.15.14.1 * gdbserver-64bit-13.2-150400.15.14.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc) * gdb-testresults-13.2-150400.15.14.4 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 ## References: * https://www.suse.com/security/cve/CVE-2017-16829.html * https://www.suse.com/security/cve/CVE-2018-7208.html * https://www.suse.com/security/cve/CVE-2022-48064.html * https://bugzilla.suse.com/show_bug.cgi?id=1068950 * https://bugzilla.suse.com/show_bug.cgi?id=1081527 * https://bugzilla.suse.com/show_bug.cgi?id=1211052 * https://jira.suse.com/browse/PED-6584 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 14 20:39:28 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 14 Mar 2024 20:39:28 -0000 Subject: SUSE-SU-2024:0898-1: moderate: Security update for gdb Message-ID: <171044876803.28644.2970112040745820682@smelt2.prg2.suse.org> # Security update for gdb Announcement ID: SUSE-SU-2024:0898-1 Rating: moderate References: * bsc#1068950 * bsc#1081527 * bsc#1211052 * jsc#PED-6584 Cross-References: * CVE-2017-16829 * CVE-2018-7208 * CVE-2022-48064 CVSS scores: * CVE-2017-16829 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2017-16829 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2018-7208 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2018-7208 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2022-48064 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2022-48064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities and contains one feature can now be installed. ## Description: This update for gdb fixes the following issues: * Drop libdebuginfod1 BuildRequires/Recommends. The former isn't needed because there's a build requirement on libdebuginfod-devel already, which will pull the shared library. And the latter, because it's bogus since RPM auto generated dependency will take care of that requirement. gdb was released in 13.2: * This version of GDB includes the following changes and enhancements: * Support for the following new targets has been added in both GDB and GDBserver: * GNU/Linux/LoongArch (gdbserver) loongarch*-*-linux* * GNU/Linux/CSKY (gdbserver) csky*-*linux* * The Windows native target now supports target async. * Floating-point support has now been added on LoongArch GNU/Linux. * New commands: * set print nibbles [on|off] * show print nibbles * This controls whether the 'print/t' command will display binary values in groups of four bits, known as "nibbles". The default is 'off'. Various styling-related commands. See the gdb/NEWS file for more details. Various maintenance commands. These are normally aimed at GDB experts or developers. See the gdb/NEWS file for more details. * Python API improvements: * New Python API for instruction disassembly. * The new attribute 'locations' of gdb.Breakpoint returns a list of gdb.BreakpointLocation objects specifying the locations where the breakpoint is inserted into the debuggee. * New Python type gdb.BreakpointLocation. * New function gdb.format_address(ADDRESS, PROGSPACE, ARCHITECTURE) that formats ADDRESS as 'address ' * New function gdb.current_language that returns the name of the current language. Unlike gdb.parameter('language'), this will never return 'auto'. * New function gdb.print_options that returns a dictionary of the prevailing print options, in the form accepted by gdb.Value.format_string. * New method gdb.Frame.language that returns the name of the frame's language. * gdb.Value.format_string now uses the format provided by 'print', if it is called during a 'print' or other similar operation. * gdb.Value.format_string now accepts the 'summary' keyword. This can be used to request a shorter representation of a value, the way that 'set print frame-arguments scalars' does. * The gdb.register_window_type method now restricts the set of acceptable window names. The first character of a window's name must start with a character in the set [a-zA-Z], every subsequent character of a window's name must be in the set [-_.a-zA-Z0-9]. * GDB/MI changes: * MI version 1 is deprecated, and will be removed in GDB 14. * The async record stating the stopped reason 'breakpoint-hit' now contains an optional field locno. * Miscellaneous improvements: * gdb now supports zstd compressed debug sections (ELFCOMPRESS_ZSTD) for ELF. * New convenience variable $_inferior_thread_count contains the number of live threads in the current inferior. * New convenience variables $_hit_bpnum and $_hit_locno, set to the breakpoint number and the breakpoint location number of the breakpoint last hit. * The "info breakpoints" now displays enabled breakpoint locations of disabled breakpoints as in the "y-" state. * The format of 'disassemble /r' and 'record instruction-history /r' has changed to match the layout of GNU objdump when disassembling. * A new format "/b" has been introduce to provide the old behavior of "/r". * The TUI no longer styles the source and assembly code highlighted by the current position indicator by default. You can however re-enable styling using the new "set style tui-current-position" command. * It is now possible to use the "document" command to document user-defined commands. * Support for memory tag data for AArch64 MTE. * Support Removal notices: * DBX mode has been removed. * Support for building against Python version 2 has been removed. It is now only possible to build GDB against Python 3. * Support for the following commands has been removed: * set debug aix-solib on|off * show debug aix-solib * set debug solib-frv on|off * show debug solib-frv * Use the "set/show debug solib" commands instead. See the NEWS file for a more complete and detailed list of what this release includes. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-898=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-898=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-898=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-898=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-898=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-898=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-898=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-898=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586 nosrc) * gdb-testresults-13.2-150400.15.14.4 * openSUSE Leap 15.4 (aarch64_ilp32) * gdb-64bit-debuginfo-13.2-150400.15.14.1 * gdbserver-64bit-13.2-150400.15.14.1 * gdbserver-64bit-debuginfo-13.2-150400.15.14.1 * gdb-64bit-13.2-150400.15.14.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc) * gdb-testresults-13.2-150400.15.14.4 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 ## References: * https://www.suse.com/security/cve/CVE-2017-16829.html * https://www.suse.com/security/cve/CVE-2018-7208.html * https://www.suse.com/security/cve/CVE-2022-48064.html * https://bugzilla.suse.com/show_bug.cgi?id=1068950 * https://bugzilla.suse.com/show_bug.cgi?id=1081527 * https://bugzilla.suse.com/show_bug.cgi?id=1211052 * https://jira.suse.com/browse/PED-6584 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 08:30:04 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 08:30:04 -0000 Subject: SUSE-RU-2024:0907-1: moderate: Recommended update for audit Message-ID: <171049140416.19585.482019472234249876@smelt2.prg2.suse.org> # Recommended update for audit Announcement ID: SUSE-RU-2024:0907-1 Rating: moderate References: * bsc#1215377 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for audit fixes the following issue: * Fix plugin termination when using systemd service units (bsc#1215377) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-907=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-907=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-907=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-907=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-907=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-907=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-907=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-907=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-907=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-907=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-907=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-907=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-907=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-907=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-907=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-907=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-907=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-907=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * audit-devel-3.0.6-150400.4.16.1 * system-group-audit-3.0.6-150400.4.16.1 * audit-debugsource-3.0.6-150400.4.16.1 * audit-audispd-plugins-3.0.6-150400.4.16.1 * audit-3.0.6-150400.4.16.1 * python3-audit-3.0.6-150400.4.16.1 * python3-audit-debuginfo-3.0.6-150400.4.16.1 * libauparse0-3.0.6-150400.4.16.1 * libaudit1-debuginfo-3.0.6-150400.4.16.1 * libauparse0-debuginfo-3.0.6-150400.4.16.1 * libaudit1-3.0.6-150400.4.16.1 * audit-audispd-plugins-debuginfo-3.0.6-150400.4.16.1 * audit-secondary-debugsource-3.0.6-150400.4.16.1 * audit-debuginfo-3.0.6-150400.4.16.1 * openSUSE Leap 15.4 (x86_64) * libauparse0-32bit-3.0.6-150400.4.16.1 * libauparse0-32bit-debuginfo-3.0.6-150400.4.16.1 * libaudit1-32bit-3.0.6-150400.4.16.1 * libaudit1-32bit-debuginfo-3.0.6-150400.4.16.1 * audit-devel-32bit-3.0.6-150400.4.16.1 * openSUSE Leap 15.4 (aarch64_ilp32) * audit-devel-64bit-3.0.6-150400.4.16.1 * libauparse0-64bit-3.0.6-150400.4.16.1 * libaudit1-64bit-debuginfo-3.0.6-150400.4.16.1 * libauparse0-64bit-debuginfo-3.0.6-150400.4.16.1 * libaudit1-64bit-3.0.6-150400.4.16.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * system-group-audit-3.0.6-150400.4.16.1 * audit-debugsource-3.0.6-150400.4.16.1 * audit-audispd-plugins-3.0.6-150400.4.16.1 * audit-3.0.6-150400.4.16.1 * python3-audit-3.0.6-150400.4.16.1 * libauparse0-3.0.6-150400.4.16.1 * python3-audit-debuginfo-3.0.6-150400.4.16.1 * libaudit1-debuginfo-3.0.6-150400.4.16.1 * libauparse0-debuginfo-3.0.6-150400.4.16.1 * libaudit1-3.0.6-150400.4.16.1 * audit-audispd-plugins-debuginfo-3.0.6-150400.4.16.1 * audit-secondary-debugsource-3.0.6-150400.4.16.1 * audit-debuginfo-3.0.6-150400.4.16.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * system-group-audit-3.0.6-150400.4.16.1 * audit-debugsource-3.0.6-150400.4.16.1 * audit-audispd-plugins-3.0.6-150400.4.16.1 * audit-3.0.6-150400.4.16.1 * python3-audit-3.0.6-150400.4.16.1 * libauparse0-3.0.6-150400.4.16.1 * python3-audit-debuginfo-3.0.6-150400.4.16.1 * libaudit1-debuginfo-3.0.6-150400.4.16.1 * libauparse0-debuginfo-3.0.6-150400.4.16.1 * libaudit1-3.0.6-150400.4.16.1 * audit-audispd-plugins-debuginfo-3.0.6-150400.4.16.1 * audit-secondary-debugsource-3.0.6-150400.4.16.1 * audit-debuginfo-3.0.6-150400.4.16.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * audit-devel-3.0.6-150400.4.16.1 * system-group-audit-3.0.6-150400.4.16.1 * audit-debugsource-3.0.6-150400.4.16.1 * audit-audispd-plugins-3.0.6-150400.4.16.1 * audit-3.0.6-150400.4.16.1 * python3-audit-3.0.6-150400.4.16.1 * libauparse0-3.0.6-150400.4.16.1 * python3-audit-debuginfo-3.0.6-150400.4.16.1 * libaudit1-debuginfo-3.0.6-150400.4.16.1 * libauparse0-debuginfo-3.0.6-150400.4.16.1 * libaudit1-3.0.6-150400.4.16.1 * audit-audispd-plugins-debuginfo-3.0.6-150400.4.16.1 * audit-secondary-debugsource-3.0.6-150400.4.16.1 * audit-debuginfo-3.0.6-150400.4.16.1 * openSUSE Leap 15.5 (x86_64) * libauparse0-32bit-3.0.6-150400.4.16.1 * libauparse0-32bit-debuginfo-3.0.6-150400.4.16.1 * libaudit1-32bit-3.0.6-150400.4.16.1 * libaudit1-32bit-debuginfo-3.0.6-150400.4.16.1 * audit-devel-32bit-3.0.6-150400.4.16.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * system-group-audit-3.0.6-150400.4.16.1 * audit-debugsource-3.0.6-150400.4.16.1 * audit-audispd-plugins-3.0.6-150400.4.16.1 * audit-3.0.6-150400.4.16.1 * python3-audit-3.0.6-150400.4.16.1 * libauparse0-3.0.6-150400.4.16.1 * python3-audit-debuginfo-3.0.6-150400.4.16.1 * libaudit1-debuginfo-3.0.6-150400.4.16.1 * libauparse0-debuginfo-3.0.6-150400.4.16.1 * libaudit1-3.0.6-150400.4.16.1 * audit-audispd-plugins-debuginfo-3.0.6-150400.4.16.1 * audit-secondary-debugsource-3.0.6-150400.4.16.1 * audit-debuginfo-3.0.6-150400.4.16.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * system-group-audit-3.0.6-150400.4.16.1 * audit-debugsource-3.0.6-150400.4.16.1 * audit-audispd-plugins-3.0.6-150400.4.16.1 * audit-3.0.6-150400.4.16.1 * python3-audit-3.0.6-150400.4.16.1 * libauparse0-3.0.6-150400.4.16.1 * python3-audit-debuginfo-3.0.6-150400.4.16.1 * libaudit1-debuginfo-3.0.6-150400.4.16.1 * libauparse0-debuginfo-3.0.6-150400.4.16.1 * libaudit1-3.0.6-150400.4.16.1 * audit-audispd-plugins-debuginfo-3.0.6-150400.4.16.1 * audit-secondary-debugsource-3.0.6-150400.4.16.1 * audit-debuginfo-3.0.6-150400.4.16.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * system-group-audit-3.0.6-150400.4.16.1 * audit-debugsource-3.0.6-150400.4.16.1 * audit-audispd-plugins-3.0.6-150400.4.16.1 * audit-3.0.6-150400.4.16.1 * python3-audit-3.0.6-150400.4.16.1 * libauparse0-3.0.6-150400.4.16.1 * python3-audit-debuginfo-3.0.6-150400.4.16.1 * libaudit1-debuginfo-3.0.6-150400.4.16.1 * libauparse0-debuginfo-3.0.6-150400.4.16.1 * libaudit1-3.0.6-150400.4.16.1 * audit-audispd-plugins-debuginfo-3.0.6-150400.4.16.1 * audit-secondary-debugsource-3.0.6-150400.4.16.1 * audit-debuginfo-3.0.6-150400.4.16.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * system-group-audit-3.0.6-150400.4.16.1 * audit-debugsource-3.0.6-150400.4.16.1 * audit-audispd-plugins-3.0.6-150400.4.16.1 * audit-3.0.6-150400.4.16.1 * python3-audit-3.0.6-150400.4.16.1 * libauparse0-3.0.6-150400.4.16.1 * python3-audit-debuginfo-3.0.6-150400.4.16.1 * libaudit1-debuginfo-3.0.6-150400.4.16.1 * libauparse0-debuginfo-3.0.6-150400.4.16.1 * libaudit1-3.0.6-150400.4.16.1 * audit-audispd-plugins-debuginfo-3.0.6-150400.4.16.1 * audit-secondary-debugsource-3.0.6-150400.4.16.1 * audit-debuginfo-3.0.6-150400.4.16.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * system-group-audit-3.0.6-150400.4.16.1 * audit-debugsource-3.0.6-150400.4.16.1 * audit-audispd-plugins-3.0.6-150400.4.16.1 * audit-3.0.6-150400.4.16.1 * python3-audit-3.0.6-150400.4.16.1 * libauparse0-3.0.6-150400.4.16.1 * python3-audit-debuginfo-3.0.6-150400.4.16.1 * libaudit1-debuginfo-3.0.6-150400.4.16.1 * libauparse0-debuginfo-3.0.6-150400.4.16.1 * libaudit1-3.0.6-150400.4.16.1 * audit-audispd-plugins-debuginfo-3.0.6-150400.4.16.1 * audit-secondary-debugsource-3.0.6-150400.4.16.1 * audit-debuginfo-3.0.6-150400.4.16.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * audit-devel-3.0.6-150400.4.16.1 * system-group-audit-3.0.6-150400.4.16.1 * audit-debugsource-3.0.6-150400.4.16.1 * audit-audispd-plugins-3.0.6-150400.4.16.1 * audit-3.0.6-150400.4.16.1 * python3-audit-3.0.6-150400.4.16.1 * libauparse0-3.0.6-150400.4.16.1 * python3-audit-debuginfo-3.0.6-150400.4.16.1 * libaudit1-debuginfo-3.0.6-150400.4.16.1 * libauparse0-debuginfo-3.0.6-150400.4.16.1 * libaudit1-3.0.6-150400.4.16.1 * audit-audispd-plugins-debuginfo-3.0.6-150400.4.16.1 * audit-secondary-debugsource-3.0.6-150400.4.16.1 * audit-debuginfo-3.0.6-150400.4.16.1 * Basesystem Module 15-SP5 (x86_64) * libaudit1-32bit-3.0.6-150400.4.16.1 * libaudit1-32bit-debuginfo-3.0.6-150400.4.16.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * audit-devel-3.0.6-150400.4.16.1 * system-group-audit-3.0.6-150400.4.16.1 * audit-debugsource-3.0.6-150400.4.16.1 * audit-audispd-plugins-3.0.6-150400.4.16.1 * audit-3.0.6-150400.4.16.1 * python3-audit-3.0.6-150400.4.16.1 * libauparse0-3.0.6-150400.4.16.1 * python3-audit-debuginfo-3.0.6-150400.4.16.1 * libaudit1-debuginfo-3.0.6-150400.4.16.1 * libauparse0-debuginfo-3.0.6-150400.4.16.1 * libaudit1-3.0.6-150400.4.16.1 * audit-audispd-plugins-debuginfo-3.0.6-150400.4.16.1 * audit-secondary-debugsource-3.0.6-150400.4.16.1 * audit-debuginfo-3.0.6-150400.4.16.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libaudit1-32bit-3.0.6-150400.4.16.1 * libaudit1-32bit-debuginfo-3.0.6-150400.4.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * audit-devel-3.0.6-150400.4.16.1 * system-group-audit-3.0.6-150400.4.16.1 * audit-debugsource-3.0.6-150400.4.16.1 * audit-audispd-plugins-3.0.6-150400.4.16.1 * audit-3.0.6-150400.4.16.1 * python3-audit-3.0.6-150400.4.16.1 * libauparse0-3.0.6-150400.4.16.1 * python3-audit-debuginfo-3.0.6-150400.4.16.1 * libaudit1-debuginfo-3.0.6-150400.4.16.1 * libauparse0-debuginfo-3.0.6-150400.4.16.1 * libaudit1-3.0.6-150400.4.16.1 * audit-audispd-plugins-debuginfo-3.0.6-150400.4.16.1 * audit-secondary-debugsource-3.0.6-150400.4.16.1 * audit-debuginfo-3.0.6-150400.4.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libaudit1-32bit-3.0.6-150400.4.16.1 * libaudit1-32bit-debuginfo-3.0.6-150400.4.16.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * audit-devel-3.0.6-150400.4.16.1 * system-group-audit-3.0.6-150400.4.16.1 * audit-debugsource-3.0.6-150400.4.16.1 * audit-audispd-plugins-3.0.6-150400.4.16.1 * audit-3.0.6-150400.4.16.1 * python3-audit-3.0.6-150400.4.16.1 * libaudit1-32bit-3.0.6-150400.4.16.1 * libaudit1-32bit-debuginfo-3.0.6-150400.4.16.1 * libauparse0-3.0.6-150400.4.16.1 * python3-audit-debuginfo-3.0.6-150400.4.16.1 * libaudit1-debuginfo-3.0.6-150400.4.16.1 * libauparse0-debuginfo-3.0.6-150400.4.16.1 * libaudit1-3.0.6-150400.4.16.1 * audit-audispd-plugins-debuginfo-3.0.6-150400.4.16.1 * audit-secondary-debugsource-3.0.6-150400.4.16.1 * audit-debuginfo-3.0.6-150400.4.16.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * audit-devel-3.0.6-150400.4.16.1 * system-group-audit-3.0.6-150400.4.16.1 * audit-debugsource-3.0.6-150400.4.16.1 * audit-audispd-plugins-3.0.6-150400.4.16.1 * audit-3.0.6-150400.4.16.1 * python3-audit-3.0.6-150400.4.16.1 * libauparse0-3.0.6-150400.4.16.1 * python3-audit-debuginfo-3.0.6-150400.4.16.1 * libaudit1-debuginfo-3.0.6-150400.4.16.1 * libauparse0-debuginfo-3.0.6-150400.4.16.1 * libaudit1-3.0.6-150400.4.16.1 * audit-audispd-plugins-debuginfo-3.0.6-150400.4.16.1 * audit-secondary-debugsource-3.0.6-150400.4.16.1 * audit-debuginfo-3.0.6-150400.4.16.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * libaudit1-32bit-3.0.6-150400.4.16.1 * libaudit1-32bit-debuginfo-3.0.6-150400.4.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * audit-devel-3.0.6-150400.4.16.1 * system-group-audit-3.0.6-150400.4.16.1 * audit-debugsource-3.0.6-150400.4.16.1 * audit-audispd-plugins-3.0.6-150400.4.16.1 * audit-3.0.6-150400.4.16.1 * python3-audit-3.0.6-150400.4.16.1 * libauparse0-3.0.6-150400.4.16.1 * python3-audit-debuginfo-3.0.6-150400.4.16.1 * libaudit1-debuginfo-3.0.6-150400.4.16.1 * libauparse0-debuginfo-3.0.6-150400.4.16.1 * libaudit1-3.0.6-150400.4.16.1 * audit-audispd-plugins-debuginfo-3.0.6-150400.4.16.1 * audit-secondary-debugsource-3.0.6-150400.4.16.1 * audit-debuginfo-3.0.6-150400.4.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libaudit1-32bit-3.0.6-150400.4.16.1 * libaudit1-32bit-debuginfo-3.0.6-150400.4.16.1 * SUSE Manager Proxy 4.3 (x86_64) * audit-devel-3.0.6-150400.4.16.1 * system-group-audit-3.0.6-150400.4.16.1 * audit-debugsource-3.0.6-150400.4.16.1 * audit-audispd-plugins-3.0.6-150400.4.16.1 * audit-3.0.6-150400.4.16.1 * python3-audit-3.0.6-150400.4.16.1 * libaudit1-32bit-3.0.6-150400.4.16.1 * libaudit1-32bit-debuginfo-3.0.6-150400.4.16.1 * libauparse0-3.0.6-150400.4.16.1 * python3-audit-debuginfo-3.0.6-150400.4.16.1 * libaudit1-debuginfo-3.0.6-150400.4.16.1 * libauparse0-debuginfo-3.0.6-150400.4.16.1 * libaudit1-3.0.6-150400.4.16.1 * audit-audispd-plugins-debuginfo-3.0.6-150400.4.16.1 * audit-secondary-debugsource-3.0.6-150400.4.16.1 * audit-debuginfo-3.0.6-150400.4.16.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * audit-devel-3.0.6-150400.4.16.1 * system-group-audit-3.0.6-150400.4.16.1 * audit-debugsource-3.0.6-150400.4.16.1 * audit-audispd-plugins-3.0.6-150400.4.16.1 * audit-3.0.6-150400.4.16.1 * python3-audit-3.0.6-150400.4.16.1 * libaudit1-32bit-3.0.6-150400.4.16.1 * libaudit1-32bit-debuginfo-3.0.6-150400.4.16.1 * libauparse0-3.0.6-150400.4.16.1 * python3-audit-debuginfo-3.0.6-150400.4.16.1 * libaudit1-debuginfo-3.0.6-150400.4.16.1 * libauparse0-debuginfo-3.0.6-150400.4.16.1 * libaudit1-3.0.6-150400.4.16.1 * audit-audispd-plugins-debuginfo-3.0.6-150400.4.16.1 * audit-secondary-debugsource-3.0.6-150400.4.16.1 * audit-debuginfo-3.0.6-150400.4.16.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * audit-devel-3.0.6-150400.4.16.1 * system-group-audit-3.0.6-150400.4.16.1 * audit-debugsource-3.0.6-150400.4.16.1 * audit-audispd-plugins-3.0.6-150400.4.16.1 * audit-3.0.6-150400.4.16.1 * python3-audit-3.0.6-150400.4.16.1 * libauparse0-3.0.6-150400.4.16.1 * python3-audit-debuginfo-3.0.6-150400.4.16.1 * libaudit1-debuginfo-3.0.6-150400.4.16.1 * libauparse0-debuginfo-3.0.6-150400.4.16.1 * libaudit1-3.0.6-150400.4.16.1 * audit-audispd-plugins-debuginfo-3.0.6-150400.4.16.1 * audit-secondary-debugsource-3.0.6-150400.4.16.1 * audit-debuginfo-3.0.6-150400.4.16.1 * SUSE Manager Server 4.3 (x86_64) * libaudit1-32bit-3.0.6-150400.4.16.1 * libaudit1-32bit-debuginfo-3.0.6-150400.4.16.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1215377 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 08:30:05 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 08:30:05 -0000 Subject: SUSE-RU-2024:0906-1: moderate: Recommended update for supportutils-plugin-ha-sap Message-ID: <171049140547.19585.17028922297423903164@smelt2.prg2.suse.org> # Recommended update for supportutils-plugin-ha-sap Announcement ID: SUSE-RU-2024:0906-1 Rating: moderate References: Affected Products: * openSUSE Leap 15.5 * SAP Applications Module 15-SP2 * SAP Applications Module 15-SP3 * SAP Applications Module 15-SP4 * SAP Applications Module 15-SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that can now be installed. ## Description: This update for supportutils-plugin-ha-sap fixes the following issues: * Update to version 0.0.5+git.1709295499.1c8e8cd * Adapt documentation links * Add support for SAP systemd services regarding SID retrieval * Add information about SAP related systemd services * Add information about sapcontrol function GetStartProfile * Add information from daemon.ini * Collect hook script logs (suschksrv and saphanasr_multitarget_hook) * Collect logs of sap_suse_cluster_connector and sapstartsrv * Add python version * Check sudoers for srhook configuration ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-906=1 * SAP Applications Module 15-SP2 zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP2-2024-906=1 * SAP Applications Module 15-SP3 zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP3-2024-906=1 * SAP Applications Module 15-SP4 zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP4-2024-906=1 * SAP Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP5-2024-906=1 ## Package List: * openSUSE Leap 15.5 (noarch) * supportutils-plugin-ha-sap-0.0.5+git.1709295499.1c8e8cd-150000.1.15.1 * SAP Applications Module 15-SP2 (noarch) * supportutils-plugin-ha-sap-0.0.5+git.1709295499.1c8e8cd-150000.1.15.1 * SAP Applications Module 15-SP3 (noarch) * supportutils-plugin-ha-sap-0.0.5+git.1709295499.1c8e8cd-150000.1.15.1 * SAP Applications Module 15-SP4 (noarch) * supportutils-plugin-ha-sap-0.0.5+git.1709295499.1c8e8cd-150000.1.15.1 * SAP Applications Module 15-SP5 (noarch) * supportutils-plugin-ha-sap-0.0.5+git.1709295499.1c8e8cd-150000.1.15.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 08:30:06 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 08:30:06 -0000 Subject: SUSE-RU-2024:0905-1: moderate: Recommended update for supportutils-plugin-ha-sap Message-ID: <171049140686.19585.4094026140954504326@smelt2.prg2.suse.org> # Recommended update for supportutils-plugin-ha-sap Announcement ID: SUSE-RU-2024:0905-1 Rating: moderate References: Affected Products: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that can now be installed. ## Description: This update for supportutils-plugin-ha-sap fixes the following issues: * Update to version 0.0.5+git.1709295499.1c8e8cd * Adapt documentation links * Add support for SAP systemd services regarding SID retrieval * Add information about SAP related systemd services * Add information about sapcontrol function GetStartProfile * Add information from daemon.ini * Collect hook script logs (suschksrv and saphanasr_multitarget_hook) * Collect logs of sap_suse_cluster_connector and sapstartsrv * Add python version * Check sudoers for srhook configuration ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SAP-12-SP5-2024-905=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * supportutils-plugin-ha-sap-0.0.5+git.1709295499.1c8e8cd-1.15.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 08:30:08 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 08:30:08 -0000 Subject: SUSE-RU-2024:0904-1: moderate: Recommended update for supportutils Message-ID: <171049140843.19585.12061437977511636508@smelt2.prg2.suse.org> # Recommended update for supportutils Announcement ID: SUSE-RU-2024:0904-1 Rating: moderate References: * bsc#1214713 * bsc#1218632 * bsc#1218812 * bsc#1218814 * bsc#1219241 * bsc#1219639 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has six fixes can now be installed. ## Description: This update for supportutils fixes the following issues: * Update toversion 3.1.29 * Extended scaling for performance (bsc#1214713) * Fixed kdumptool output error (bsc#1218632) * Corrected podman ID errors (bsc#1218812) * Duplicate non root podman entries removed (bsc#1218814) * Corrected get_sles_ver for SLE Micro (bsc#1219241) * Check nvidida-persistenced state (bsc#1219639) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-904=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-904=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-904=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-904=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-904=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-904=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-904=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-904=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-904=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-904=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-904=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-904=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-904=1 ## Package List: * Basesystem Module 15-SP5 (noarch) * supportutils-3.1.29-150300.7.35.27.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * supportutils-3.1.29-150300.7.35.27.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * supportutils-3.1.29-150300.7.35.27.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * supportutils-3.1.29-150300.7.35.27.1 * openSUSE Leap 15.3 (noarch) * supportutils-3.1.29-150300.7.35.27.1 * openSUSE Leap Micro 5.3 (noarch) * supportutils-3.1.29-150300.7.35.27.1 * openSUSE Leap Micro 5.4 (noarch) * supportutils-3.1.29-150300.7.35.27.1 * openSUSE Leap 15.5 (noarch) * supportutils-3.1.29-150300.7.35.27.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * supportutils-3.1.29-150300.7.35.27.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * supportutils-3.1.29-150300.7.35.27.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * supportutils-3.1.29-150300.7.35.27.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * supportutils-3.1.29-150300.7.35.27.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * supportutils-3.1.29-150300.7.35.27.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1214713 * https://bugzilla.suse.com/show_bug.cgi?id=1218632 * https://bugzilla.suse.com/show_bug.cgi?id=1218812 * https://bugzilla.suse.com/show_bug.cgi?id=1218814 * https://bugzilla.suse.com/show_bug.cgi?id=1219241 * https://bugzilla.suse.com/show_bug.cgi?id=1219639 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 08:30:10 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 08:30:10 -0000 Subject: SUSE-RU-2024:0903-1: moderate: Recommended update for systemd-presets-common-SUSE Message-ID: <171049141004.19585.15890964120072898282@smelt2.prg2.suse.org> # Recommended update for systemd-presets-common-SUSE Announcement ID: SUSE-RU-2024:0903-1 Rating: moderate References: * bsc#1200731 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for systemd-presets-common-SUSE fixes the following issues: * Split hcn-init.service to hcn-init-NetworkManager and hcn-init-wicked (bsc#1200731) * Support both the old and new service to avoid complex version interdependency ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-903=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-903=1 openSUSE-SLE-15.5-2024-903=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-903=1 ## Package List: * Basesystem Module 15-SP5 (noarch) * systemd-presets-common-SUSE-15-150500.20.6.1 * openSUSE Leap 15.5 (noarch) * systemd-presets-common-SUSE-15-150500.20.6.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * systemd-presets-common-SUSE-15-150500.20.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1200731 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 08:30:10 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 08:30:10 -0000 Subject: SUSE-SU-2024:0898-1: moderate: Security update for gdb Message-ID: <171049141096.19585.12591234304584328606@smelt2.prg2.suse.org> # Security update for gdb Announcement ID: SUSE-SU-2024:0898-1 Rating: moderate References: * bsc#1068950 * bsc#1081527 * bsc#1211052 * jsc#PED-6584 Cross-References: * CVE-2017-16829 * CVE-2018-7208 * CVE-2022-48064 CVSS scores: * CVE-2017-16829 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2017-16829 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2018-7208 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2018-7208 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2022-48064 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2022-48064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities and contains one feature can now be installed. ## Description: This update for gdb fixes the following issues: * Drop libdebuginfod1 BuildRequires/Recommends. The former isn't needed because there's a build requirement on libdebuginfod-devel already, which will pull the shared library. And the latter, because it's bogus since RPM auto generated dependency will take care of that requirement. gdb was released in 13.2: * This version of GDB includes the following changes and enhancements: * Support for the following new targets has been added in both GDB and GDBserver: * GNU/Linux/LoongArch (gdbserver) loongarch*-*-linux* * GNU/Linux/CSKY (gdbserver) csky*-*linux* * The Windows native target now supports target async. * Floating-point support has now been added on LoongArch GNU/Linux. * New commands: * set print nibbles [on|off] * show print nibbles * This controls whether the 'print/t' command will display binary values in groups of four bits, known as "nibbles". The default is 'off'. Various styling-related commands. See the gdb/NEWS file for more details. Various maintenance commands. These are normally aimed at GDB experts or developers. See the gdb/NEWS file for more details. * Python API improvements: * New Python API for instruction disassembly. * The new attribute 'locations' of gdb.Breakpoint returns a list of gdb.BreakpointLocation objects specifying the locations where the breakpoint is inserted into the debuggee. * New Python type gdb.BreakpointLocation. * New function gdb.format_address(ADDRESS, PROGSPACE, ARCHITECTURE) that formats ADDRESS as 'address ' * New function gdb.current_language that returns the name of the current language. Unlike gdb.parameter('language'), this will never return 'auto'. * New function gdb.print_options that returns a dictionary of the prevailing print options, in the form accepted by gdb.Value.format_string. * New method gdb.Frame.language that returns the name of the frame's language. * gdb.Value.format_string now uses the format provided by 'print', if it is called during a 'print' or other similar operation. * gdb.Value.format_string now accepts the 'summary' keyword. This can be used to request a shorter representation of a value, the way that 'set print frame-arguments scalars' does. * The gdb.register_window_type method now restricts the set of acceptable window names. The first character of a window's name must start with a character in the set [a-zA-Z], every subsequent character of a window's name must be in the set [-_.a-zA-Z0-9]. * GDB/MI changes: * MI version 1 is deprecated, and will be removed in GDB 14. * The async record stating the stopped reason 'breakpoint-hit' now contains an optional field locno. * Miscellaneous improvements: * gdb now supports zstd compressed debug sections (ELFCOMPRESS_ZSTD) for ELF. * New convenience variable $_inferior_thread_count contains the number of live threads in the current inferior. * New convenience variables $_hit_bpnum and $_hit_locno, set to the breakpoint number and the breakpoint location number of the breakpoint last hit. * The "info breakpoints" now displays enabled breakpoint locations of disabled breakpoints as in the "y-" state. * The format of 'disassemble /r' and 'record instruction-history /r' has changed to match the layout of GNU objdump when disassembling. * A new format "/b" has been introduce to provide the old behavior of "/r". * The TUI no longer styles the source and assembly code highlighted by the current position indicator by default. You can however re-enable styling using the new "set style tui-current-position" command. * It is now possible to use the "document" command to document user-defined commands. * Support for memory tag data for AArch64 MTE. * Support Removal notices: * DBX mode has been removed. * Support for building against Python version 2 has been removed. It is now only possible to build GDB against Python 3. * Support for the following commands has been removed: * set debug aix-solib on|off * show debug aix-solib * set debug solib-frv on|off * show debug solib-frv * Use the "set/show debug solib" commands instead. See the NEWS file for a more complete and detailed list of what this release includes. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-898=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-898=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-898=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-898=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-898=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-898=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-898=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-898=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * gdb-debugsource-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586 nosrc) * gdb-testresults-13.2-150400.15.14.4 * openSUSE Leap 15.4 (aarch64_ilp32) * gdb-64bit-13.2-150400.15.14.1 * gdbserver-64bit-debuginfo-13.2-150400.15.14.1 * gdb-64bit-debuginfo-13.2-150400.15.14.1 * gdbserver-64bit-13.2-150400.15.14.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc) * gdb-testresults-13.2-150400.15.14.4 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 ## References: * https://www.suse.com/security/cve/CVE-2017-16829.html * https://www.suse.com/security/cve/CVE-2018-7208.html * https://www.suse.com/security/cve/CVE-2022-48064.html * https://bugzilla.suse.com/show_bug.cgi?id=1068950 * https://bugzilla.suse.com/show_bug.cgi?id=1081527 * https://bugzilla.suse.com/show_bug.cgi?id=1211052 * https://jira.suse.com/browse/PED-6584 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 08:33:14 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 08:33:14 -0000 Subject: SUSE-SU-2024:0898-1: moderate: Security update for gdb Message-ID: <171049159426.26596.75669165825514520@smelt2.prg2.suse.org> # Security update for gdb Announcement ID: SUSE-SU-2024:0898-1 Rating: moderate References: * bsc#1068950 * bsc#1081527 * bsc#1211052 * jsc#PED-6584 Cross-References: * CVE-2017-16829 * CVE-2018-7208 * CVE-2022-48064 CVSS scores: * CVE-2017-16829 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2017-16829 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2018-7208 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2018-7208 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2022-48064 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2022-48064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities and contains one feature can now be installed. ## Description: This update for gdb fixes the following issues: * Drop libdebuginfod1 BuildRequires/Recommends. The former isn't needed because there's a build requirement on libdebuginfod-devel already, which will pull the shared library. And the latter, because it's bogus since RPM auto generated dependency will take care of that requirement. gdb was released in 13.2: * This version of GDB includes the following changes and enhancements: * Support for the following new targets has been added in both GDB and GDBserver: * GNU/Linux/LoongArch (gdbserver) loongarch*-*-linux* * GNU/Linux/CSKY (gdbserver) csky*-*linux* * The Windows native target now supports target async. * Floating-point support has now been added on LoongArch GNU/Linux. * New commands: * set print nibbles [on|off] * show print nibbles * This controls whether the 'print/t' command will display binary values in groups of four bits, known as "nibbles". The default is 'off'. Various styling-related commands. See the gdb/NEWS file for more details. Various maintenance commands. These are normally aimed at GDB experts or developers. See the gdb/NEWS file for more details. * Python API improvements: * New Python API for instruction disassembly. * The new attribute 'locations' of gdb.Breakpoint returns a list of gdb.BreakpointLocation objects specifying the locations where the breakpoint is inserted into the debuggee. * New Python type gdb.BreakpointLocation. * New function gdb.format_address(ADDRESS, PROGSPACE, ARCHITECTURE) that formats ADDRESS as 'address ' * New function gdb.current_language that returns the name of the current language. Unlike gdb.parameter('language'), this will never return 'auto'. * New function gdb.print_options that returns a dictionary of the prevailing print options, in the form accepted by gdb.Value.format_string. * New method gdb.Frame.language that returns the name of the frame's language. * gdb.Value.format_string now uses the format provided by 'print', if it is called during a 'print' or other similar operation. * gdb.Value.format_string now accepts the 'summary' keyword. This can be used to request a shorter representation of a value, the way that 'set print frame-arguments scalars' does. * The gdb.register_window_type method now restricts the set of acceptable window names. The first character of a window's name must start with a character in the set [a-zA-Z], every subsequent character of a window's name must be in the set [-_.a-zA-Z0-9]. * GDB/MI changes: * MI version 1 is deprecated, and will be removed in GDB 14. * The async record stating the stopped reason 'breakpoint-hit' now contains an optional field locno. * Miscellaneous improvements: * gdb now supports zstd compressed debug sections (ELFCOMPRESS_ZSTD) for ELF. * New convenience variable $_inferior_thread_count contains the number of live threads in the current inferior. * New convenience variables $_hit_bpnum and $_hit_locno, set to the breakpoint number and the breakpoint location number of the breakpoint last hit. * The "info breakpoints" now displays enabled breakpoint locations of disabled breakpoints as in the "y-" state. * The format of 'disassemble /r' and 'record instruction-history /r' has changed to match the layout of GNU objdump when disassembling. * A new format "/b" has been introduce to provide the old behavior of "/r". * The TUI no longer styles the source and assembly code highlighted by the current position indicator by default. You can however re-enable styling using the new "set style tui-current-position" command. * It is now possible to use the "document" command to document user-defined commands. * Support for memory tag data for AArch64 MTE. * Support Removal notices: * DBX mode has been removed. * Support for building against Python version 2 has been removed. It is now only possible to build GDB against Python 3. * Support for the following commands has been removed: * set debug aix-solib on|off * show debug aix-solib * set debug solib-frv on|off * show debug solib-frv * Use the "set/show debug solib" commands instead. See the NEWS file for a more complete and detailed list of what this release includes. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-898=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-898=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-898=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-898=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-898=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-898=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-898=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-898=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586 nosrc) * gdb-testresults-13.2-150400.15.14.4 * openSUSE Leap 15.4 (aarch64_ilp32) * gdb-64bit-debuginfo-13.2-150400.15.14.1 * gdbserver-64bit-13.2-150400.15.14.1 * gdbserver-64bit-debuginfo-13.2-150400.15.14.1 * gdb-64bit-13.2-150400.15.14.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc) * gdb-testresults-13.2-150400.15.14.4 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 ## References: * https://www.suse.com/security/cve/CVE-2017-16829.html * https://www.suse.com/security/cve/CVE-2018-7208.html * https://www.suse.com/security/cve/CVE-2022-48064.html * https://bugzilla.suse.com/show_bug.cgi?id=1068950 * https://bugzilla.suse.com/show_bug.cgi?id=1081527 * https://bugzilla.suse.com/show_bug.cgi?id=1211052 * https://jira.suse.com/browse/PED-6584 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 08:36:15 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 08:36:15 -0000 Subject: SUSE-SU-2024:0898-1: moderate: Security update for gdb Message-ID: <171049177575.27801.4450344690123354368@smelt2.prg2.suse.org> # Security update for gdb Announcement ID: SUSE-SU-2024:0898-1 Rating: moderate References: * bsc#1068950 * bsc#1081527 * bsc#1211052 * jsc#PED-6584 Cross-References: * CVE-2017-16829 * CVE-2018-7208 * CVE-2022-48064 CVSS scores: * CVE-2017-16829 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2017-16829 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2018-7208 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2018-7208 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2022-48064 ( SUSE ): 0.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:N * CVE-2022-48064 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities and contains one feature can now be installed. ## Description: This update for gdb fixes the following issues: * Drop libdebuginfod1 BuildRequires/Recommends. The former isn't needed because there's a build requirement on libdebuginfod-devel already, which will pull the shared library. And the latter, because it's bogus since RPM auto generated dependency will take care of that requirement. gdb was released in 13.2: * This version of GDB includes the following changes and enhancements: * Support for the following new targets has been added in both GDB and GDBserver: * GNU/Linux/LoongArch (gdbserver) loongarch*-*-linux* * GNU/Linux/CSKY (gdbserver) csky*-*linux* * The Windows native target now supports target async. * Floating-point support has now been added on LoongArch GNU/Linux. * New commands: * set print nibbles [on|off] * show print nibbles * This controls whether the 'print/t' command will display binary values in groups of four bits, known as "nibbles". The default is 'off'. Various styling-related commands. See the gdb/NEWS file for more details. Various maintenance commands. These are normally aimed at GDB experts or developers. See the gdb/NEWS file for more details. * Python API improvements: * New Python API for instruction disassembly. * The new attribute 'locations' of gdb.Breakpoint returns a list of gdb.BreakpointLocation objects specifying the locations where the breakpoint is inserted into the debuggee. * New Python type gdb.BreakpointLocation. * New function gdb.format_address(ADDRESS, PROGSPACE, ARCHITECTURE) that formats ADDRESS as 'address ' * New function gdb.current_language that returns the name of the current language. Unlike gdb.parameter('language'), this will never return 'auto'. * New function gdb.print_options that returns a dictionary of the prevailing print options, in the form accepted by gdb.Value.format_string. * New method gdb.Frame.language that returns the name of the frame's language. * gdb.Value.format_string now uses the format provided by 'print', if it is called during a 'print' or other similar operation. * gdb.Value.format_string now accepts the 'summary' keyword. This can be used to request a shorter representation of a value, the way that 'set print frame-arguments scalars' does. * The gdb.register_window_type method now restricts the set of acceptable window names. The first character of a window's name must start with a character in the set [a-zA-Z], every subsequent character of a window's name must be in the set [-_.a-zA-Z0-9]. * GDB/MI changes: * MI version 1 is deprecated, and will be removed in GDB 14. * The async record stating the stopped reason 'breakpoint-hit' now contains an optional field locno. * Miscellaneous improvements: * gdb now supports zstd compressed debug sections (ELFCOMPRESS_ZSTD) for ELF. * New convenience variable $_inferior_thread_count contains the number of live threads in the current inferior. * New convenience variables $_hit_bpnum and $_hit_locno, set to the breakpoint number and the breakpoint location number of the breakpoint last hit. * The "info breakpoints" now displays enabled breakpoint locations of disabled breakpoints as in the "y-" state. * The format of 'disassemble /r' and 'record instruction-history /r' has changed to match the layout of GNU objdump when disassembling. * A new format "/b" has been introduce to provide the old behavior of "/r". * The TUI no longer styles the source and assembly code highlighted by the current position indicator by default. You can however re-enable styling using the new "set style tui-current-position" command. * It is now possible to use the "document" command to document user-defined commands. * Support for memory tag data for AArch64 MTE. * Support Removal notices: * DBX mode has been removed. * Support for building against Python version 2 has been removed. It is now only possible to build GDB against Python 3. * Support for the following commands has been removed: * set debug aix-solib on|off * show debug aix-solib * set debug solib-frv on|off * show debug solib-frv * Use the "set/show debug solib" commands instead. See the NEWS file for a more complete and detailed list of what this release includes. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-898=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-898=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-898=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-898=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-898=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-898=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-898=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-898=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586 nosrc) * gdb-testresults-13.2-150400.15.14.4 * openSUSE Leap 15.4 (aarch64_ilp32) * gdb-64bit-debuginfo-13.2-150400.15.14.1 * gdbserver-64bit-13.2-150400.15.14.1 * gdbserver-64bit-debuginfo-13.2-150400.15.14.1 * gdb-64bit-13.2-150400.15.14.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc) * gdb-testresults-13.2-150400.15.14.4 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * gdb-debugsource-13.2-150400.15.14.1 * gdb-13.2-150400.15.14.1 * gdbserver-13.2-150400.15.14.1 * gdb-debuginfo-13.2-150400.15.14.1 * gdbserver-debuginfo-13.2-150400.15.14.1 ## References: * https://www.suse.com/security/cve/CVE-2017-16829.html * https://www.suse.com/security/cve/CVE-2018-7208.html * https://www.suse.com/security/cve/CVE-2022-48064.html * https://bugzilla.suse.com/show_bug.cgi?id=1068950 * https://bugzilla.suse.com/show_bug.cgi?id=1081527 * https://bugzilla.suse.com/show_bug.cgi?id=1211052 * https://jira.suse.com/browse/PED-6584 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 08:36:19 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 08:36:19 -0000 Subject: SUSE-RU-2024:0897-1: moderate: Recommended update for wicked Message-ID: <171049177976.27801.6294491267591286512@smelt2.prg2.suse.org> # Recommended update for wicked Announcement ID: SUSE-RU-2024:0897-1 Rating: moderate References: * bsc#1215692 * bsc#1218926 * bsc#1218927 * bsc#1219265 * bsc#1219751 * jsc#PED-7183 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that contains one feature and has five fixes can now be installed. ## Description: This update for wicked fixes the following issues: * ifreload: VLAN changes require device deletion (bsc#1218927) * ifcheck: fix config changed check (bsc#1218926) * client: fix exit code for no-carrier status (bsc#1219265) * dhcp6: omit the SO_REUSEPORT option (bsc#1215692) * duid: fix comment for v6time * rtnl: fix peer address parsing for non ptp-interfaces * system-updater: Parse updater format from XML configuration to ensure install calls can run * team: add new options like link_watch_policy (jsc#PED-7183) * Fix memory leaks in dbus variant destroy and fsm free * xpath: allow underscore in node identifier * vxlan: don't format unknown rtnl attrs (bsc#1219751) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-897=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-897=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-897=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * wicked-service-0.6.74-3.29.1 * wicked-debugsource-0.6.74-3.29.1 * wicked-0.6.74-3.29.1 * wicked-debuginfo-0.6.74-3.29.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * wicked-service-0.6.74-3.29.1 * wicked-debugsource-0.6.74-3.29.1 * wicked-0.6.74-3.29.1 * wicked-debuginfo-0.6.74-3.29.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * wicked-service-0.6.74-3.29.1 * wicked-debugsource-0.6.74-3.29.1 * wicked-0.6.74-3.29.1 * wicked-debuginfo-0.6.74-3.29.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1215692 * https://bugzilla.suse.com/show_bug.cgi?id=1218926 * https://bugzilla.suse.com/show_bug.cgi?id=1218927 * https://bugzilla.suse.com/show_bug.cgi?id=1219265 * https://bugzilla.suse.com/show_bug.cgi?id=1219751 * https://jira.suse.com/browse/PED-7183 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 08:36:21 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 08:36:21 -0000 Subject: SUSE-RU-2024:0896-1: moderate: Recommended update for wicked Message-ID: <171049178128.27801.12698377596918426541@smelt2.prg2.suse.org> # Recommended update for wicked Announcement ID: SUSE-RU-2024:0896-1 Rating: moderate References: * bsc#1215692 * bsc#1218926 * bsc#1218927 * bsc#1219265 Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that has four fixes can now be installed. ## Description: This update for wicked fixes the following issues: * ifreload: VLAN changes require device deletion (bsc#1218927) * ifcheck: fix config changed check (bsc#1218926) * client: fix exit code for no-carrier status (bsc#1219265) * dhcp6: omit the SO_REUSEPORT option (bsc#1215692) * duid: fix comment for v6time * rtnl: fix peer address parsing for non ptp-interfaces * system-updater: parse updater format from XML configuration to ensure install calls can run ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-896=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-896=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-896=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-896=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * wicked-0.6.74-150300.4.18.1 * wicked-debuginfo-0.6.74-150300.4.18.1 * wicked-debugsource-0.6.74-150300.4.18.1 * wicked-service-0.6.74-150300.4.18.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * wicked-0.6.74-150300.4.18.1 * wicked-debuginfo-0.6.74-150300.4.18.1 * wicked-debugsource-0.6.74-150300.4.18.1 * wicked-service-0.6.74-150300.4.18.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * wicked-0.6.74-150300.4.18.1 * wicked-debuginfo-0.6.74-150300.4.18.1 * wicked-debugsource-0.6.74-150300.4.18.1 * wicked-service-0.6.74-150300.4.18.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * wicked-0.6.74-150300.4.18.1 * wicked-debuginfo-0.6.74-150300.4.18.1 * wicked-debugsource-0.6.74-150300.4.18.1 * wicked-service-0.6.74-150300.4.18.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1215692 * https://bugzilla.suse.com/show_bug.cgi?id=1218926 * https://bugzilla.suse.com/show_bug.cgi?id=1218927 * https://bugzilla.suse.com/show_bug.cgi?id=1219265 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 08:36:24 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 08:36:24 -0000 Subject: SUSE-RU-2024:0895-1: moderate: Recommended update for wicked Message-ID: <171049178422.27801.1910062719692752245@smelt2.prg2.suse.org> # Recommended update for wicked Announcement ID: SUSE-RU-2024:0895-1 Rating: moderate References: * bsc#1215692 * bsc#1218926 * bsc#1218927 * bsc#1219265 * bsc#1219751 * jsc#PED-7183 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that contains one feature and has five fixes can now be installed. ## Description: This update for wicked fixes the following issues: * ifreload: VLAN changes require device deletion (bsc#1218927) * ifcheck: fix config changed check (bsc#1218926) * client: fix exit code for no-carrier status (bsc#1219265) * dhcp6: omit the SO_REUSEPORT option (bsc#1215692) * duid: fix comment for v6time * rtnl: fix peer address parsing for non ptp-interfaces * system-updater: Parse updater format from XML configuration to ensure install calls can run * team: add new options like link_watch_policy (jsc#PED-7183) * Fix memory leaks in dbus variant destroy and fsm free * xpath: allow underscore in node identifier * vxlan: don't format unknown rtnl attrs (bsc#1219751) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-895=1 openSUSE-SLE-15.5-2024-895=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-895=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-895=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * wicked-debugsource-0.6.74-150500.3.15.1 * wicked-debuginfo-0.6.74-150500.3.15.1 * wicked-0.6.74-150500.3.15.1 * wicked-service-0.6.74-150500.3.15.1 * wicked-nbft-0.6.74-150500.3.15.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * wicked-debugsource-0.6.74-150500.3.15.1 * wicked-debuginfo-0.6.74-150500.3.15.1 * wicked-0.6.74-150500.3.15.1 * wicked-service-0.6.74-150500.3.15.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * wicked-debugsource-0.6.74-150500.3.15.1 * wicked-debuginfo-0.6.74-150500.3.15.1 * wicked-0.6.74-150500.3.15.1 * wicked-service-0.6.74-150500.3.15.1 * wicked-nbft-0.6.74-150500.3.15.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1215692 * https://bugzilla.suse.com/show_bug.cgi?id=1218926 * https://bugzilla.suse.com/show_bug.cgi?id=1218927 * https://bugzilla.suse.com/show_bug.cgi?id=1219265 * https://bugzilla.suse.com/show_bug.cgi?id=1219751 * https://jira.suse.com/browse/PED-7183 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 08:36:25 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 08:36:25 -0000 Subject: SUSE-SU-2024:0893-1: important: Security update for MozillaThunderbird Message-ID: <171049178554.27801.4582025812031157253@smelt2.prg2.suse.org> # Security update for MozillaThunderbird Announcement ID: SUSE-SU-2024:0893-1 Rating: important References: * bsc#1221054 Cross-References: * CVE-2024-1936 CVSS scores: * CVE-2024-1936 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for MozillaThunderbird fixes the following issues: Security Vulnerabilities fixed in Thunderbird 115.8.1 (bsc#1221054): * CVE-2024-1936: Fixed leaking of encrypted email subjects to other conversations (MFSA 2024-11) (bsc#1221054). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-893=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-893=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-893=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-893=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * MozillaThunderbird-translations-other-115.8.1-150200.8.151.1 * MozillaThunderbird-115.8.1-150200.8.151.1 * MozillaThunderbird-debugsource-115.8.1-150200.8.151.1 * MozillaThunderbird-debuginfo-115.8.1-150200.8.151.1 * MozillaThunderbird-translations-common-115.8.1-150200.8.151.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x) * MozillaThunderbird-translations-other-115.8.1-150200.8.151.1 * MozillaThunderbird-115.8.1-150200.8.151.1 * MozillaThunderbird-debugsource-115.8.1-150200.8.151.1 * MozillaThunderbird-debuginfo-115.8.1-150200.8.151.1 * MozillaThunderbird-translations-common-115.8.1-150200.8.151.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * MozillaThunderbird-translations-other-115.8.1-150200.8.151.1 * MozillaThunderbird-115.8.1-150200.8.151.1 * MozillaThunderbird-debugsource-115.8.1-150200.8.151.1 * MozillaThunderbird-debuginfo-115.8.1-150200.8.151.1 * MozillaThunderbird-translations-common-115.8.1-150200.8.151.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * MozillaThunderbird-translations-other-115.8.1-150200.8.151.1 * MozillaThunderbird-115.8.1-150200.8.151.1 * MozillaThunderbird-debugsource-115.8.1-150200.8.151.1 * MozillaThunderbird-debuginfo-115.8.1-150200.8.151.1 * MozillaThunderbird-translations-common-115.8.1-150200.8.151.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1936.html * https://bugzilla.suse.com/show_bug.cgi?id=1221054 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 08:36:28 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 08:36:28 -0000 Subject: SUSE-SU-2024:0892-1: low: Security update for python36-pip Message-ID: <171049178833.27801.11550686252830927717@smelt2.prg2.suse.org> # Security update for python36-pip Announcement ID: SUSE-SU-2024:0892-1 Rating: low References: * bsc#1217353 Cross-References: * CVE-2023-5752 CVSS scores: * CVE-2023-5752 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2023-5752 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for python36-pip fixes the following issues: * CVE-2023-5752: Fixed possible injection of arbitrary configuration through Mercurial parameter. (bsc#1217353) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-892=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-892=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-892=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * python36-pip-20.2.4-8.15.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * python36-pip-20.2.4-8.15.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * python36-pip-20.2.4-8.15.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5752.html * https://bugzilla.suse.com/show_bug.cgi?id=1217353 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 08:36:30 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 08:36:30 -0000 Subject: SUSE-SU-2024:0890-1: important: Security update for sudo Message-ID: <171049179046.27801.541468979331348180@smelt2.prg2.suse.org> # Security update for sudo Announcement ID: SUSE-SU-2024:0890-1 Rating: important References: * bsc#1221134 * bsc#1221151 Cross-References: * CVE-2023-42465 CVSS scores: * CVE-2023-42465 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42465 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for sudo fixes the following issues: * CVE-2023-42465: Fixed issues introduced by first patches (bsc#1221151, bsc#1221134). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-890=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-890=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-890=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-890=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * sudo-devel-1.8.27-4.48.2 * sudo-debuginfo-1.8.27-4.48.2 * sudo-debugsource-1.8.27-4.48.2 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * sudo-1.8.27-4.48.2 * sudo-debuginfo-1.8.27-4.48.2 * sudo-debugsource-1.8.27-4.48.2 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * sudo-1.8.27-4.48.2 * sudo-debuginfo-1.8.27-4.48.2 * sudo-debugsource-1.8.27-4.48.2 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * sudo-1.8.27-4.48.2 * sudo-debuginfo-1.8.27-4.48.2 * sudo-debugsource-1.8.27-4.48.2 ## References: * https://www.suse.com/security/cve/CVE-2023-42465.html * https://bugzilla.suse.com/show_bug.cgi?id=1221134 * https://bugzilla.suse.com/show_bug.cgi?id=1221151 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 08:36:32 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 08:36:32 -0000 Subject: SUSE-SU-2024:0889-1: important: Security update for sudo Message-ID: <171049179276.27801.3081894935405428776@smelt2.prg2.suse.org> # Security update for sudo Announcement ID: SUSE-SU-2024:0889-1 Rating: important References: * bsc#1221134 * bsc#1221151 Cross-References: * CVE-2023-42465 CVSS scores: * CVE-2023-42465 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-42465 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for sudo fixes the following issues: * CVE-2023-42465: Fixed issues introduced by first patches (bsc#1221151, bsc#1221134). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-889=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-889=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-889=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * sudo-debuginfo-1.8.27-150000.4.53.1 * sudo-1.8.27-150000.4.53.1 * sudo-debugsource-1.8.27-150000.4.53.1 * sudo-devel-1.8.27-150000.4.53.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * sudo-debuginfo-1.8.27-150000.4.53.1 * sudo-1.8.27-150000.4.53.1 * sudo-debugsource-1.8.27-150000.4.53.1 * sudo-devel-1.8.27-150000.4.53.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * sudo-debuginfo-1.8.27-150000.4.53.1 * sudo-1.8.27-150000.4.53.1 * sudo-debugsource-1.8.27-150000.4.53.1 * sudo-devel-1.8.27-150000.4.53.1 ## References: * https://www.suse.com/security/cve/CVE-2023-42465.html * https://bugzilla.suse.com/show_bug.cgi?id=1221134 * https://bugzilla.suse.com/show_bug.cgi?id=1221151 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 08:36:35 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 08:36:35 -0000 Subject: SUSE-RU-2024:0888-1: moderate: Recommended update for pacemaker Message-ID: <171049179550.27801.6018163640821905275@smelt2.prg2.suse.org> # Recommended update for pacemaker Announcement ID: SUSE-RU-2024:0888-1 Rating: moderate References: * bsc#1216972 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for pacemaker fixes the following issues: \- libcrmservice: avoid async zombie children by resending ignored SIGCHLD (bsc#1216972, gh#ClusterLabs/pacemaker#3374) \- fencer: fix pcmk_delay_max description (gh#ClusterLabs/pacemaker#3373) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-888=1 openSUSE-SLE-15.5-2024-888=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-888=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * pacemaker-libs-debuginfo-2.1.5+20221208.a3f44794f-150500.6.14.4 * pacemaker-devel-2.1.5+20221208.a3f44794f-150500.6.14.4 * pacemaker-libs-2.1.5+20221208.a3f44794f-150500.6.14.4 * pacemaker-debugsource-2.1.5+20221208.a3f44794f-150500.6.14.4 * pacemaker-remote-2.1.5+20221208.a3f44794f-150500.6.14.4 * pacemaker-debuginfo-2.1.5+20221208.a3f44794f-150500.6.14.4 * pacemaker-2.1.5+20221208.a3f44794f-150500.6.14.4 * pacemaker-remote-debuginfo-2.1.5+20221208.a3f44794f-150500.6.14.4 * pacemaker-cli-2.1.5+20221208.a3f44794f-150500.6.14.4 * pacemaker-cli-debuginfo-2.1.5+20221208.a3f44794f-150500.6.14.4 * openSUSE Leap 15.5 (noarch) * pacemaker-cts-2.1.5+20221208.a3f44794f-150500.6.14.4 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * pacemaker-libs-debuginfo-2.1.5+20221208.a3f44794f-150500.6.14.4 * pacemaker-devel-2.1.5+20221208.a3f44794f-150500.6.14.4 * pacemaker-libs-2.1.5+20221208.a3f44794f-150500.6.14.4 * pacemaker-debugsource-2.1.5+20221208.a3f44794f-150500.6.14.4 * pacemaker-remote-2.1.5+20221208.a3f44794f-150500.6.14.4 * pacemaker-debuginfo-2.1.5+20221208.a3f44794f-150500.6.14.4 * pacemaker-2.1.5+20221208.a3f44794f-150500.6.14.4 * pacemaker-remote-debuginfo-2.1.5+20221208.a3f44794f-150500.6.14.4 * pacemaker-cli-2.1.5+20221208.a3f44794f-150500.6.14.4 * pacemaker-cli-debuginfo-2.1.5+20221208.a3f44794f-150500.6.14.4 * SUSE Linux Enterprise High Availability Extension 15 SP5 (noarch) * pacemaker-cts-2.1.5+20221208.a3f44794f-150500.6.14.4 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1216972 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 08:36:37 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 08:36:37 -0000 Subject: SUSE-RU-2024:0887-1: moderate: Recommended update for ClusterTools2 Message-ID: <171049179755.27801.3399100411601244291@smelt2.prg2.suse.org> # Recommended update for ClusterTools2 Announcement ID: SUSE-RU-2024:0887-1 Rating: moderate References: * bsc#1194285 * bsc#1219806 Affected Products: * openSUSE Leap 15.5 * SAP Applications Module 15-SP2 * SAP Applications Module 15-SP3 * SAP Applications Module 15-SP4 * SAP Applications Module 15-SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has two fixes can now be installed. ## Description: This update for ClusterTools2 fixes the following issues: * Update to version 3.1.3 * Adapt 'cs_show_scores' to support newer versions of crmsh (bsc#1219806) * Change SBP URL in man page ha_related_sap_notes.7 to point to the new location (bsc#1194285) * Additional man page updates * New script /usr/sbin/cs_list_sap_instances ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-887=1 * SAP Applications Module 15-SP2 zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP2-2024-887=1 * SAP Applications Module 15-SP3 zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP3-2024-887=1 * SAP Applications Module 15-SP4 zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP4-2024-887=1 * SAP Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-SAP-Applications-15-SP5-2024-887=1 ## Package List: * openSUSE Leap 15.5 (noarch) * ClusterTools2-3.1.3-150100.8.12.1 * SAP Applications Module 15-SP2 (noarch) * ClusterTools2-3.1.3-150100.8.12.1 * SAP Applications Module 15-SP3 (noarch) * ClusterTools2-3.1.3-150100.8.12.1 * SAP Applications Module 15-SP4 (noarch) * ClusterTools2-3.1.3-150100.8.12.1 * SAP Applications Module 15-SP5 (noarch) * ClusterTools2-3.1.3-150100.8.12.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1194285 * https://bugzilla.suse.com/show_bug.cgi?id=1219806 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 08:36:42 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 08:36:42 -0000 Subject: SUSE-RU-2024:0886-1: moderate: Recommended update for ClusterTools2 Message-ID: <171049180228.27801.18410221457247007919@smelt2.prg2.suse.org> # Recommended update for ClusterTools2 Announcement ID: SUSE-RU-2024:0886-1 Rating: moderate References: * bsc#1194285 * bsc#1219806 Affected Products: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has two fixes can now be installed. ## Description: This update for ClusterTools2 fixes the following issues: * Update to version 3.1.3 * Adapt 'cs_show_scores' to support newer versions of crmsh (bsc#1219806) * Change SBP URL in man page ha_related_sap_notes.7 to point to the new location (bsc#1194285) * Additional man page updates * New script /usr/sbin/cs_list_sap_instances ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SAP-12-SP5-2024-886=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * ClusterTools2-3.1.3-19.15.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1194285 * https://bugzilla.suse.com/show_bug.cgi?id=1219806 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 08:36:43 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 08:36:43 -0000 Subject: SUSE-SU-2024:0885-1: moderate: Security update for spectre-meltdown-checker Message-ID: <171049180362.27801.2059394673429007630@smelt2.prg2.suse.org> # Security update for spectre-meltdown-checker Announcement ID: SUSE-SU-2024:0885-1 Rating: moderate References: * jsc#PED-2362 * jsc#SLE-5514 Cross-References: * CVE-2023-20593 CVSS scores: * CVE-2023-20593 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-20593 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability and contains two features can now be installed. ## Description: This update for spectre-meltdown-checker fixes the following issues: * updated to 0.46 This release mainly focuses on the detection of the new Zenbleed (CVE-2023-20593) vulnerability, among few other changes that were in line waiting for a release: * feat: detect the vulnerability and mitigation of Zenbleed (CVE-2023-20593) * feat: add the linux-firmware repository as another source for CPU microcode versions * feat: arm: add Neoverse-N2, Neoverse-V1 and Neoverse-V2 * fix: docker: adding missing utils (#433) * feat: add support for Guix System kernel * fix: rewrite SQL to be sqlite3 >= 3.41 compatible (#443) * fix: a /devnull file was mistakenly created on the filesystem * fix: fwdb: ignore MCEdb versions where an official Intel version exists (fixes #430) * updated to 0.45 * arm64: phytium: Add CPU Implementer Phytium * arm64: variant 4: detect ssbd mitigation from kernel img, system.map or kconfig * chore: ensure vars are set before being dereferenced (set -u compat) * chore: fix indentation * chore: fwdb: update to v220+i20220208 * chore: only attempt to load msr and cpuid module once * chore: read_cpuid: use named constants * chore: readme: framapic is gone, host the screenshots on GitHub * chore: replace 'Vulnerable to' by 'Affected by' in the hw section * chore: speculative execution -> transient execution * chore: update fwdb to v222+i20220208 * chore: update Intel Family 6 models * chore: wording: model not vulnerable -> model not affected * doc: add an FAQ entry about CVE support * doc: add an FAQ.md and update the README.md accordingly * doc: more FAQ and README * doc: readme: make the FAQ entry more visible * feat: add --allow-msr-write, no longer write by default (#385), detect when writing is denied * feat: add --cpu, apply changes to (read|write)_msr, update fwdb to v221+i20220208 * feat: add subleaf != 0 support for read_cpuid * feat: arm: add Cortex A77 and Neoverse-N1 (fixes #371) * feat: bsd: for unimplemented CVEs, at least report when CPU is not affected * feat: hw check: add IPRED, RRSBA, BHI features check * feat: implement detection for MCEPSC under BSD * feat: set default TMPDIR for Android (#415) * fix: extract_kernel: don't overwrite kernel_err if already set * fix: has_vmm false positive with pcp * fix: is_ucode_blacklisted: fix some model names * fix: mcedb: v191 changed the MCE table format * fix: refuse to run under MacOS and ESXi * fix: retpoline: detection on 5.15.28+ (#420) * fix: variant4: added case where prctl ssbd status is tagged as 'unknown' ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-885=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-885=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-885=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * spectre-meltdown-checker-0.46-3.9.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * spectre-meltdown-checker-0.46-3.9.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * spectre-meltdown-checker-0.46-3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2023-20593.html * https://jira.suse.com/browse/PED-2362 * https://jira.suse.com/browse/SLE-5514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 08:36:45 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 08:36:45 -0000 Subject: SUSE-SU-2024:0884-1: moderate: Security update for spectre-meltdown-checker Message-ID: <171049180513.27801.9684518438740610161@smelt2.prg2.suse.org> # Security update for spectre-meltdown-checker Announcement ID: SUSE-SU-2024:0884-1 Rating: moderate References: * jsc#PED-2362 * jsc#SLE-5514 Cross-References: * CVE-2023-20593 CVSS scores: * CVE-2023-20593 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-20593 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and contains two features can now be installed. ## Description: This update for spectre-meltdown-checker fixes the following issues: * updated to 0.46 This release mainly focuses on the detection of the new Zenbleed (CVE-2023-20593) vulnerability, among few other changes that were in line waiting for a release: * feat: detect the vulnerability and mitigation of Zenbleed (CVE-2023-20593) * feat: add the linux-firmware repository as another source for CPU microcode versions * feat: arm: add Neoverse-N2, Neoverse-V1 and Neoverse-V2 * fix: docker: adding missing utils (#433) * feat: add support for Guix System kernel * fix: rewrite SQL to be sqlite3 >= 3.41 compatible (#443) * fix: a /devnull file was mistakenly created on the filesystem * fix: fwdb: ignore MCEdb versions where an official Intel version exists (fixes #430) * updated to 0.45 * arm64: phytium: Add CPU Implementer Phytium * arm64: variant 4: detect ssbd mitigation from kernel img, system.map or kconfig * chore: ensure vars are set before being dereferenced (set -u compat) * chore: fix indentation * chore: fwdb: update to v220+i20220208 * chore: only attempt to load msr and cpuid module once * chore: read_cpuid: use named constants * chore: readme: framapic is gone, host the screenshots on GitHub * chore: replace 'Vulnerable to' by 'Affected by' in the hw section * chore: speculative execution -> transient execution * chore: update fwdb to v222+i20220208 * chore: update Intel Family 6 models * chore: wording: model not vulnerable -> model not affected * doc: add an FAQ entry about CVE support * doc: add an FAQ.md and update the README.md accordingly * doc: more FAQ and README * doc: readme: make the FAQ entry more visible * feat: add --allow-msr-write, no longer write by default (#385), detect when writing is denied * feat: add --cpu, apply changes to (read|write)_msr, update fwdb to v221+i20220208 * feat: add subleaf != 0 support for read_cpuid * feat: arm: add Cortex A77 and Neoverse-N1 (fixes #371) * feat: bsd: for unimplemented CVEs, at least report when CPU is not affected * feat: hw check: add IPRED, RRSBA, BHI features check * feat: implement detection for MCEPSC under BSD * feat: set default TMPDIR for Android (#415) * fix: extract_kernel: don't overwrite kernel_err if already set * fix: has_vmm false positive with pcp * fix: is_ucode_blacklisted: fix some model names * fix: mcedb: v191 changed the MCE table format * fix: refuse to run under MacOS and ESXi * fix: retpoline: detection on 5.15.28+ (#420) * fix: variant4: added case where prctl ssbd status is tagged as 'unknown' ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-884=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-884=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-884=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-884=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-884=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-884=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-884=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-884=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-884=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-884=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-884=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-884=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-884=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-884=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-884=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-884=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-884=1 ## Package List: * SUSE Manager Proxy 4.3 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Manager Server 4.3 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Enterprise Storage 7.1 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * openSUSE Leap 15.5 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * Basesystem Module 15-SP5 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * spectre-meltdown-checker-0.46-150100.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2023-20593.html * https://jira.suse.com/browse/PED-2362 * https://jira.suse.com/browse/SLE-5514 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 12:30:03 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 12:30:03 -0000 Subject: SUSE-RU-2024:0909-1: moderate: Recommended update for SUSE Manager 4.3.11.1 Release Notes Message-ID: <171050580308.2606.16979205852932755880@smelt2.prg2.suse.org> # Recommended update for SUSE Manager 4.3.11.1 Release Notes Announcement ID: SUSE-RU-2024:0909-1 Rating: moderate References: * jsc#MSQA-737 Affected Products: * openSUSE Leap 15.4 * SUSE Manager Server 4.3 An update that contains one feature can now be installed. ## Description: This update fixes the following issues: release-notes-susemanager: * Update to SUSE Manager 4.3.11.1 * Availability of Virtual Machine images for SUSE Manager Server 4.3 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-909=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-909=1 ## Package List: * openSUSE Leap 15.4 (noarch) * release-notes-susemanager-4.3.11.1-150400.3.103.2 * SUSE Manager Server 4.3 (noarch) * release-notes-susemanager-4.3.11.1-150400.3.103.2 ## References: * https://jira.suse.com/browse/MSQA-737 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 12:30:05 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 12:30:05 -0000 Subject: SUSE-SU-2024:0908-1: moderate: Security update for 389-ds Message-ID: <171050580511.2606.9760620615488645202@smelt2.prg2.suse.org> # Security update for 389-ds Announcement ID: SUSE-SU-2024:0908-1 Rating: moderate References: * bsc#1219836 Cross-References: * CVE-2024-1062 CVSS scores: * CVE-2024-1062 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for 389-ds fixes the following issues: * CVE-2024-1062: Fixed possible denial of service when audit logging is enabled (bsc#1219836). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-908=1 openSUSE-SLE-15.5-2024-908=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-908=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * 389-ds-snmp-2.2.8~git65.347aae6-150500.3.17.1 * 389-ds-snmp-debuginfo-2.2.8~git65.347aae6-150500.3.17.1 * 389-ds-debuginfo-2.2.8~git65.347aae6-150500.3.17.1 * libsvrcore0-debuginfo-2.2.8~git65.347aae6-150500.3.17.1 * 389-ds-2.2.8~git65.347aae6-150500.3.17.1 * libsvrcore0-2.2.8~git65.347aae6-150500.3.17.1 * lib389-2.2.8~git65.347aae6-150500.3.17.1 * 389-ds-devel-2.2.8~git65.347aae6-150500.3.17.1 * 389-ds-debugsource-2.2.8~git65.347aae6-150500.3.17.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * 389-ds-debuginfo-2.2.8~git65.347aae6-150500.3.17.1 * libsvrcore0-debuginfo-2.2.8~git65.347aae6-150500.3.17.1 * 389-ds-2.2.8~git65.347aae6-150500.3.17.1 * libsvrcore0-2.2.8~git65.347aae6-150500.3.17.1 * lib389-2.2.8~git65.347aae6-150500.3.17.1 * 389-ds-devel-2.2.8~git65.347aae6-150500.3.17.1 * 389-ds-debugsource-2.2.8~git65.347aae6-150500.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1062.html * https://bugzilla.suse.com/show_bug.cgi?id=1219836 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 16:30:15 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 16:30:15 -0000 Subject: SUSE-SU-2024:0910-1: important: Security update for the Linux Kernel Message-ID: <171052021515.2985.652381526826719051@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:0910-1 Rating: important References: * bsc#1194869 * bsc#1206453 * bsc#1209412 * bsc#1213456 * bsc#1216776 * bsc#1217927 * bsc#1218195 * bsc#1218216 * bsc#1218450 * bsc#1218527 * bsc#1218663 * bsc#1218915 * bsc#1219126 * bsc#1219127 * bsc#1219141 * bsc#1219146 * bsc#1219295 * bsc#1219443 * bsc#1219653 * bsc#1219827 * bsc#1219835 * bsc#1219839 * bsc#1219840 * bsc#1219934 * bsc#1220003 * bsc#1220009 * bsc#1220021 * bsc#1220030 * bsc#1220106 * bsc#1220140 * bsc#1220187 * bsc#1220238 * bsc#1220240 * bsc#1220241 * bsc#1220243 * bsc#1220250 * bsc#1220251 * bsc#1220253 * bsc#1220254 * bsc#1220255 * bsc#1220257 * bsc#1220267 * bsc#1220277 * bsc#1220317 * bsc#1220326 * bsc#1220328 * bsc#1220330 * bsc#1220335 * bsc#1220344 * bsc#1220348 * bsc#1220350 * bsc#1220364 * bsc#1220392 * bsc#1220393 * bsc#1220398 * bsc#1220409 * bsc#1220444 * bsc#1220457 * bsc#1220459 * bsc#1220649 * bsc#1220796 * bsc#1220825 * jsc#PED-7618 Cross-References: * CVE-2019-25162 * CVE-2021-46923 * CVE-2021-46924 * CVE-2021-46932 * CVE-2023-28746 * CVE-2023-5197 * CVE-2023-52340 * CVE-2023-52429 * CVE-2023-52439 * CVE-2023-52443 * CVE-2023-52445 * CVE-2023-52447 * CVE-2023-52448 * CVE-2023-52449 * CVE-2023-52451 * CVE-2023-52452 * CVE-2023-52456 * CVE-2023-52457 * CVE-2023-52463 * CVE-2023-52464 * CVE-2023-52475 * CVE-2023-52478 * CVE-2023-6817 * CVE-2024-0607 * CVE-2024-1151 * CVE-2024-23849 * CVE-2024-23850 * CVE-2024-23851 * CVE-2024-25744 * CVE-2024-26585 * CVE-2024-26586 * CVE-2024-26589 * CVE-2024-26591 * CVE-2024-26593 * CVE-2024-26595 * CVE-2024-26598 * CVE-2024-26602 * CVE-2024-26603 * CVE-2024-26622 CVSS scores: * CVE-2019-25162 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46923 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46924 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46932 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-5197 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-5197 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52439 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52439 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52443 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52443 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52445 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52445 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52448 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52451 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52452 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52456 ( SUSE ): 4.0 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52457 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52463 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52464 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52475 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52478 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-6817 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6817 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0607 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-0607 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-1151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-23849 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26586 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26589 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26591 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26593 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Real Time Module 15-SP5 An update that solves 39 vulnerabilities, contains one feature and has 23 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2019-25162: Fixed a potential use after free (bsc#1220409). * CVE-2021-46923: Fixed reference leakage in fs/mount_setattr (bsc#1220457). * CVE-2021-46924: Fixed fix memory leak in device probe and remove (bsc#1220459) * CVE-2021-46932: Fixed missing work initialization before device registration (bsc#1220444) * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-5197: Fixed se-after-free due to addition and removal of rules from chain bindings within the same transaction (bsc#1218216). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295). * CVE-2023-52429: Fixed potential DoS in dm_table_create in drivers/md/dm- table.c (bsc#1219827). * CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140). * CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240). * CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241). * CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251). * CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2_rgrp_dump (bsc#1220253). * CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238). * CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250). * CVE-2023-52452: Fixed Fix accesses to uninit stack slots (bsc#1220257). * CVE-2023-52456: Fixed tx statemachine deadlock (bsc#1220364). * CVE-2023-52457: Fixed skipped resource freeing if pm_runtime_resume_and_get() failed (bsc#1220350). * CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328). * CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330) * CVE-2023-52475: Fixed use-after-free in powermate_config_complete (bsc#1220649) * CVE-2023-52478: Fixed kernel crash on receiver USB disconnect (bsc#1220796) * CVE-2023-6817: Fixed use-after-free in nft_pipapo_walk (bsc#1218195). * CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915). * CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835). * CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127). * CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126). * CVE-2024-23851: Fixed crash in copy_params in drivers/md/dm-ioctl.c (bsc#1219146). * CVE-2024-25744: Fixed Security issue with int 80 interrupt vector (bsc#1217927). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187). * CVE-2024-26586: Fixed stack corruption (bsc#1220243). * CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255). * CVE-2024-26591: Fixed re-attachment branch in bpf_tracing_prog_attach (bsc#1220254). * CVE-2024-26593: Fixed block process call transactions (bsc#1220009). * CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344). * CVE-2024-26598: Fixed potential UAF in LPI translation cache (bsc#1220326). * CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398). * CVE-2024-26603: Fixed infinite loop via #PF handling (bsc#1220335). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825). The following non-security bugs were fixed: * acpi: apei: set memory failure flags as mf_action_required on synchronous events (git-fixes). * acpi: button: add lid disable dmi quirk for nextbook ares 8a (git-fixes). * acpi: extlog: fix null pointer dereference check (git-fixes). * acpi: resource: add asus model s5402za to quirks (git-fixes). * acpi: resource: skip irq override on asus expertbook b1502cba (git-fixes). * acpi: resource: skip irq override on asus expertbook b2402cba (git-fixes). * acpi: video: add backlight=native dmi quirk for apple imac11,3 (git-fixes). * acpi: video: add backlight=native dmi quirk for apple imac12,1 and imac12,2 (git-fixes). * acpi: video: add backlight=native dmi quirk for lenovo thinkpad x131e (3371 amd version) (git-fixes). * acpi: video: add quirk for the colorful x15 at 23 laptop (git-fixes). * add reference to recently released cve * afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() (git- fixes). * afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() (git-fixes). * afs: hide silly-rename files from userspace (git-fixes). * afs: increase buffer size in afs_update_volume_status() (git-fixes). * ahci: asm1166: correct count of reported ports (git-fixes). * alsa: drop leftover snd-rtctimer stuff from makefile (git-fixes). * alsa: firewire-lib: fix to check cycle continuity (git-fixes). * alsa: hda/conexant: add quirk for sws js201d (git-fixes). * alsa: hda/realtek: apply headset jack quirk for non-bass alc287 thinkpads (git-fixes). * alsa: hda/realtek: cs35l41: fix device id / model name (git-fixes). * alsa: hda/realtek: cs35l41: fix order and duplicates in quirks table (git- fixes). * alsa: hda/realtek: enable headset mic on vaio vjfe-adl (git-fixes). * alsa: hda/realtek: enable mute led on hp laptop 14-fq0xxx (git-fixes). * alsa: hda/realtek: fix mute/micmute led for hp mt645 (git-fixes). * alsa: hda/realtek: fix mute/micmute leds for hp zbook power (git-fixes). * alsa: hda/realtek: fix the external mic not being recognised for acer swift 1 sf114-32 (git-fixes). * alsa: usb-audio: add a quirk for yamaha yit-w12tx transmitter (git-fixes). * alsa: usb-audio: add delay quirk for motu m series 2nd revision (git-fixes). * alsa: usb-audio: add quirk for rode nt-usb+ (git-fixes). * alsa: usb-audio: check presence of valid altsetting control (git-fixes). * alsa: usb-audio: ignore clock selector errors for single connection (git- fixes). * alsa: usb-audio: more relaxed check of midi jack names (git-fixes). * alsa: usb-audio: sort quirk table entries (git-fixes). * arm64: entry: fix arm64_workaround_speculative_unpriv_load (bsc#1219443) * arm64: entry: preserve/restore x29 even for compat tasks (bsc#1219443) * arm64: entry: simplify tramp_alias macro and tramp_exit routine (bsc#1219443) * arm64: errata: add cortex-a510 speculative unprivileged load (bsc#1219443) enable workaround. * arm64: errata: add cortex-a520 speculative unprivileged load (bsc#1219443) enable workaround without kabi break. * arm64: errata: mitigate ampere1 erratum ac03_cpu_38 at stage-2 (git-fixes) enable ampere_erratum_ac03_cpu_38 workaround without kabi break * arm64: irq: set the correct node for shadow call stack (git-fixes) * arm64: irq: set the correct node for vmap stack (git-fixes) * arm64: rename arm64_workaround_2966298 (bsc#1219443) * arm64: subscribe microsoft azure cobalt 100 to arm neoverse n2 errata (git- fixes) * asoc: doc: fix undefined snd_soc_dapm_nopm argument (git-fixes). * asoc: rt5645: fix deadlock in rt5645_jack_detect_work() (git-fixes). * asoc: sof: ipc3: fix message bounds on ipc ops (git-fixes). * asoc: sunxi: sun4i-spdif: add support for allwinner h616 (git-fixes). * atm: idt77252: fix a memleak in open_card_ubr0 (git-fixes). * bluetooth: avoid potential use-after-free in hci_error_reset (git-fixes). * bluetooth: enforce validation on max value of connection interval (git- fixes). * bluetooth: hci_event: fix handling of hci_ev_io_capa_request (git-fixes). * bluetooth: hci_event: fix wrongly recorded wakeup bd_addr (git-fixes). * bluetooth: hci_sync: check the correct flag before starting a scan (git- fixes). * bluetooth: hci_sync: fix accept_list when attempting to suspend (git-fixes). * bluetooth: l2cap: fix possible multiple reject send (git-fixes). * bluetooth: qca: fix wrong event type for patch config command (git-fixes). * bpf: fix verification of indirect var-off stack access (git-fixes). * bpf: guard stack limits against 32bit overflow (git-fixes). * bpf: minor logging improvement (bsc#1220257). * bus: moxtet: add spi device table (git-fixes). * cachefiles: fix memory leak in cachefiles_add_cache() (bsc#1220267). * can: j1939: fix uaf in j1939_sk_match_filter during setsockopt(so_j1939_filter) (git-fixes). * crypto: api - disallow identical driver names (git-fixes). * crypto: ccp - fix null pointer dereference in __sev_platform_shutdown_locked (git-fixes). * crypto: octeontx2 - fix cptvf driver cleanup (git-fixes). * crypto: stm32/crc32 - fix parsing list of devices (git-fixes). * dmaengine: fsl-qdma: fix a memory leak related to the queue command dma (git-fixes). * dmaengine: fsl-qdma: fix soc may hang on 16 byte unaligned read (git-fixes). * dmaengine: fsl-qdma: increase size of 'irq_name' (git-fixes). * dmaengine: fsl-qdma: init irq after reg initialization (git-fixes). * dmaengine: ptdma: use consistent dma masks (git-fixes). * dmaengine: shdma: increase size of 'dev_id' (git-fixes). * dmaengine: ti: edma: add some null pointer checks to the edma_probe (git- fixes). * driver core: fix device_link_flag_is_sync_state_only() (git-fixes). * drm/amd/display: fix memory leak in dm_sw_fini() (git-fixes). * drm/amd/display: fix possible buffer overflow in 'find_dcfclk_for_voltage()' (git-fixes). * drm/amd/display: fix possible null dereference on device remove/driver unload (git-fixes). * drm/amd/display: increase frame-larger-than for all display_mode_vba files (git-fixes). * drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz (git-fixes). * drm/amd/display: preserve original aspect ratio in create stream (git- fixes). * drm/amdgpu/display: initialize gamma correction mode variable in dcn30_get_gamcor_current() (git-fixes). * drm/amdgpu: reset gpu for s3 suspend abort case (git-fixes). * drm/amdgpu: skip to program gfxdec registers for suspend abort (git-fixes). * drm/buddy: fix range bias (git-fixes). * drm/crtc: fix uninitialized variable use even harder (git-fixes). * drm/i915/gvt: fix uninitialized variable in handle_mmio() (git-fixes). * drm/msm/dp: return correct colorimetry for dp_test_dynamic_range_cea case (git-fixes). * drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup (git- fixes). * drm/msms/dp: fixed link clock divider bits be over written in bpc unknown case (git-fixes). * drm/prime: support page array >= 4gb (git-fixes). * drm/syncobj: call drm_syncobj_fence_add_wait when wait_available flag is set (git-fixes). * drm/ttm: fix an invalid freeing on already freed page in error path (git- fixes). * drop bcm5974 input patch causing a regression (bsc#1220030) * efi/capsule-loader: fix incorrect allocation size (git-fixes). * efi: do not add memblocks for soft-reserved memory (git-fixes). * efi: runtime: fix potential overflow of soft-reserved region size (git- fixes). * fbcon: always restore the old font data in fbcon_do_set_font() (git-fixes). * fbdev: savage: error out if pixclock equals zero (git-fixes). * fbdev: sis: error out if pixclock equals zero (git-fixes). * firewire: core: send bus reset promptly on gap count error (git-fixes). * fs: dlm: fix build with config_ipv6 disabled (git-fixes). * fs:jfs:ubsan:array-index-out-of-bounds in dbadjtree (git-fixes). * gpio: 74x164: enable output pins after registers are reset (git-fixes). * gpio: fix resource unwinding order in error path (git-fixes). * gpiolib: acpi: ignore touchpad wakeup on gpd g1619-04 (git-fixes). * gpiolib: fix the error path order in gpiochip_add_data_with_key() (git- fixes). * hid: apple: add 2021 magic keyboard fn key mapping (git-fixes). * hid: apple: add support for the 2021 magic keyboard (git-fixes). * hid: wacom: do not register input devices until after hid_hw_start (git- fixes). * hid: wacom: generic: avoid reporting a serial of '0' to userspace (git- fixes). * hwmon: (aspeed-pwm-tacho) mutex for tach reading (git-fixes). * hwmon: (coretemp) enlarge per package core count limit (git-fixes). * hwmon: (coretemp) fix bogus core_id to attr name mapping (git-fixes). * hwmon: (coretemp) fix out-of-bounds memory access (git-fixes). * i2c: i801: fix block process call transactions (git-fixes). * i2c: i801: remove i801_set_block_buffer_mode (git-fixes). * i2c: imx: add timer for handling the stop condition (git-fixes). * i2c: imx: when being a target, mark the last read as processed (git-fixes). * i3c: master: cdns: update maximum prescaler value for i2c clock (git-fixes). * ib/hfi1: fix a memleak in init_credit_return (git-fixes) * ib/hfi1: fix sdma.h tx->num_descs off-by-one error (git-fixes) * iio: accel: bma400: fix a compilation problem (git-fixes). * iio: adc: ad7091r: set alert bit in config register (git-fixes). * iio: core: fix memleak in iio_device_register_sysfs (git-fixes). * iio: hid-sensor-als: return 0 for hid_usage_sensor_time_timestamp (git- fixes). * iio: magnetometer: rm3100: add boundary check for the value read from rm3100_reg_tmrc (git-fixes). * input: iqs269a - switch to define_simple_dev_pm_ops() and pm_sleep_ptr() (git-fixes). * input: xpad - add lenovo legion go controllers (git-fixes). * irqchip/irq-brcmstb-l2: add write memory barrier before exit (git-fixes). * jfs: fix array-index-out-of-bounds in dbadjtree (git-fixes). * jfs: fix array-index-out-of-bounds in dinewext (git-fixes). * jfs: fix slab-out-of-bounds read in dtsearch (git-fixes). * jfs: fix uaf in jfs_evict_inode (git-fixes). * kbuild: fix changing elf file type for output of gen_btf for big endian (git-fixes). * kvm: s390: fix cc for successful pqap (git-fixes bsc#1219839). * kvm: s390: fix setting of fpc register (git-fixes bsc#1220392). * kvm: s390: vsie: fix race during shadow creation (git-fixes bsc#1220393). * kvm: vmx: move verw closer to vmentry for mds mitigation (git-fixes). * kvm: vmx: use bt+jnc, i.e. eflags.cf to select vmresume vs. vmlaunch (git- fixes). * lan78xx: enable auto speed configuration for lan7850 if no eeprom is detected (git-fixes). * leds: trigger: panic: do not register panic notifier if creating the trigger failed (git-fixes). * lib/stackdepot: add depot_fetch_stack helper (jsc-ped#7423). * lib/stackdepot: add refcount for records (jsc-ped#7423). * lib/stackdepot: fix first entry having a 0-handle (jsc-ped#7423). * lib/stackdepot: move stack_record struct definition into the header (jsc- ped#7423). * libsubcmd: fix memory leak in uniq() (git-fixes). * media: ddbridge: fix an error code problem in ddb_probe (git-fixes). * media: ir_toy: fix a memleak in irtoy_tx (git-fixes). * media: rc: bpf attach/detach requires write permission (git-fixes). * media: rockchip: rga: fix swizzling for rgb formats (git-fixes). * media: stk1160: fixed high volume of stk1160_dbg messages (git-fixes). * mfd: syscon: fix null pointer dereference in of_syscon_register() (git- fixes). * mm,page_owner: display all stacks and their count (jsc-ped#7423). * mm,page_owner: filter out stacks by a threshold (jsc-ped#7423). * mm,page_owner: implement the tracking of the stacks count (jsc-ped#7423). * mm,page_owner: maintain own list of stack_records structs (jsc-ped#7423). * mm,page_owner: update documentation regarding page_owner_stacks (jsc- ped#7423). * mm/hwpoison: fix unpoison_memory() (bsc#1218663). * mm/hwpoison: mf_mutex for soft offline and unpoison (bsc#1218663). * mm/hwpoison: remove mf_msg_buddy_2nd and mf_msg_poisoned_huge (bsc#1218663). * mm: memory-failure: fix potential unexpected return value from unpoison_memory() (git-fixes). * mmc: core: fix emmc initialization with 1-bit bus connection (git-fixes). * mmc: core: use mrq.sbc in close-ended ffu (git-fixes). * mmc: mmc_spi: remove custom dma mapped buffers (git-fixes). * mmc: sdhci-xenon: add timeout for phy init complete (git-fixes). * mmc: sdhci-xenon: fix phy init clock stability (git-fixes). * mmc: slot-gpio: allow non-sleeping gpio ro (git-fixes). * modpost: trim leading spaces when processing source files list (git-fixes). * mtd: spinand: gigadevice: fix the get ecc status issue (git-fixes). * net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes). * netfs, fscache: prevent oops in fscache_put_cache() (bsc#1220003). * nilfs2: fix data corruption in dsync block recovery for small block sizes (git-fixes). * nilfs2: replace warn_ons for invalid dat metadata block requests (git- fixes). * nouveau/svm: fix kvcalloc() argument order (git-fixes). * nouveau: fix function cast warnings (git-fixes). * ntfs: check overflow when iterating attr_records (git-fixes). * ntfs: fix use-after-free in ntfs_attr_find() (git-fixes). * nvme-fabrics: fix i/o connect error handling (git-fixes). * nvme-host: fix the updating of the firmware version (git-fixes). * pci/aer: decode requester id when no error info found (git-fixes). * pci: add no pm reset quirk for nvidia spectrum devices (git-fixes). * pci: add pci_header_type_mfd definition (bsc#1220021). * pci: fix 64gt/s effective data rate calculation (git-fixes). * pci: only override amd usb controller if required (git-fixes). * pci: switchtec: fix stdev_release() crash after surprise hot remove (git- fixes). * platform/x86: thinkpad_acpi: only update profile if successfully converted (git-fixes). * platform/x86: touchscreen_dmi: add info for the teclast x16 plus tablet (git-fixes). * platform/x86: touchscreen_dmi: allow partial (prefix) matches for acpi names (git-fixes). * pm: core: remove unnecessary (void *) conversions (git-fixes). * pm: runtime: have devm_pm_runtime_enable() handle pm_runtime_dont_use_autosuspend() (git-fixes). * pnp: acpi: fix fortify warning (git-fixes). * power: supply: bq27xxx-i2c: do not free non existing irq (git-fixes). * powerpc/64: set task pt_regs->link to the lr value on scv entry (bsc#1194869). * powerpc/powernv: fix fortify source warnings in opal-prd.c (bsc#1194869). * powerpc/pseries: add a clear modifier to ibm,pa/pi-features parser (bsc#1220348). * powerpc/pseries: rework lppaca_shared_proc() to avoid debug_preempt (bsc#1194869). * powerpc/pseries: set cpu_ftr_dbell according to ibm,pi-features (bsc#1220348). * powerpc/watchpoint: disable pagefaults when getting user instruction (bsc#1194869). * powerpc/watchpoints: annotate atomic context in more places (bsc#1194869). * powerpc/watchpoints: disable preemption in thread_change_pc() (bsc#1194869). * powerpc: add crtsavres.o to always-y instead of extra-y (bsc#1194869). * powerpc: do not include lppaca.h in paca.h (bsc#1194869). * pstore/ram: fix crash when setting number of cpus to an odd number (git- fixes). * ras/amd/atl: add mi300 row retirement support (jsc#ped-7618). * ras/amd/atl: fix bit overflow in denorm_addr_df4_np2() (git-fixes). * ras: introduce a fru memory poison manager (jsc#ped-7618). * rdma/bnxt_re: add a missing check in bnxt_qplib_query_srq (git-fixes) * rdma/bnxt_re: return error for srq resize (git-fixes) * rdma/core: fix uninit-value access in ib_get_eth_speed() (bsc#1219934). * rdma/core: get ib width and speed from netdev (bsc#1219934). * rdma/irdma: add ae for too many rnrs (git-fixes) * rdma/irdma: fix kasan issue with tasklet (git-fixes) * rdma/irdma: set the cq read threshold for gen 1 (git-fixes) * rdma/irdma: validate max_send_wr and max_recv_wr (git-fixes) * rdma/qedr: fix qedr_create_user_qp error flow (git-fixes) * rdma/srpt: fix function pointer cast warnings (git-fixes) * rdma/srpt: support specifying the srpt_service_guid parameter (git-fixes) * refresh patches.suse/dm_blk_ioctl-implement-path-failover-for-sg_io. (bsc#1216776, bsc#1220277) * regulator: core: only increment use_count when enable_count changes (git- fixes). * regulator: pwm-regulator: add validity checks in continuous .get_voltage (git-fixes). * revert "drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz" (git- fixes). * revert "drm/amd/pm: resolve reboot exception for si oland" (git-fixes). * revert "drm/amd: flush any delayed gfxoff on suspend entry" (git-fixes). * rpm/kernel-binary.spec.in: install scripts/gdb when enabled in config (bsc#1219653) they are put into -devel subpackage. and a proper link to /usr/share/gdb/auto-load/ is created. * s390/qeth: fix potential loss of l3-ip@ in case of network issues (git-fixes bsc#1219840). * s390: use the correct count for __iowrite64_copy() (git-fixes bsc#1220317). * sched/membarrier: reduce the ability to hammer on sys_membarrier (git- fixes). * scsi: core: move scsi_host_busy() out of host lock for waking up eh handler (git-fixes). * scsi: core: move scsi_host_busy() out of host lock if it is for per-command (git-fixes). * scsi: fnic: move fnic_fnic_flush_tx() to a work queue (git-fixes bsc#1219141). * scsi: hisi_sas: prevent parallel flr and controller reset (git-fixes). * scsi: ibmvfc: limit max hw queues by num_online_cpus() (bsc#1220106). * scsi: ibmvfc: open-code reset loop for target reset (bsc#1220106). * scsi: isci: fix an error code problem in isci_io_request_build() (git- fixes). * scsi: lpfc: add condition to delete ndlp object after sending bls_rjt to an abts (bsc#1220021). * scsi: lpfc: allow lpfc_plogi_confirm_nport() logic to execute for fabric nodes (bsc#1220021). * scsi: lpfc: change lpfc_vport fc_flag member into a bitmask (bsc#1220021). * scsi: lpfc: change lpfc_vport load_flag member into a bitmask (bsc#1220021). * scsi: lpfc: change nlp state statistic counters into atomic_t (bsc#1220021). * scsi: lpfc: copyright updates for 14.4.0.0 patches (bsc#1220021). * scsi: lpfc: fix failure to delete vports when discovery is in progress (bsc#1220021). * scsi: lpfc: fix possible memory leak in lpfc_rcv_padisc() (bsc#1220021). * scsi: lpfc: initialize status local variable in lpfc_sli4_repost_sgl_list() (bsc#1220021). * scsi: lpfc: move handling of reset congestion statistics events (bsc#1220021). * scsi: lpfc: protect vport fc_nodes list with an explicit spin lock (bsc#1220021). * scsi: lpfc: remove d_id swap log message from trace event logger (bsc#1220021). * scsi: lpfc: remove nlp_rcv_plogi early return during rscn processing for ndlps (bsc#1220021). * scsi: lpfc: remove shost_lock protection for fc_host_port shost apis (bsc#1220021). * scsi: lpfc: replace deprecated strncpy() with strscpy() (bsc#1220021). * scsi: lpfc: save fpin frequency statistics upon receipt of peer cgn notifications (bsc#1220021). * scsi: lpfc: update lpfc version to 14.4.0.0 (bsc#1220021). * scsi: lpfc: use pci_header_type_mfd instead of literal (bsc#1220021). * scsi: lpfc: use sg_dma_len() api to get struct scatterlist's length (bsc#1220021). * scsi: mpi3mr: refresh sdev queue depth after controller reset (git-fixes). * scsi: revert "scsi: fcoe: fix potential deadlock on &fip->ctlr_lock" (git- fixes bsc#1219141). * serial: 8250: remove serial_rs485 sanitization from em485 (git-fixes). * spi-mxs: fix chipselect glitch (git-fixes). * spi: hisi-sfc-v3xx: return irq_none if no interrupts were detected (git- fixes). * spi: ppc4xx: drop write-only variable (git-fixes). * spi: sh-msiof: avoid integer overflow in constants (git-fixes). * staging: iio: ad5933: fix type mismatch regression (git-fixes). * supported.conf: remove external flag from ibm supported modules. (bsc#1209412) * tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (bsc#1218450). * tomoyo: fix uaf write bug in tomoyo_write_control() (git-fixes). * topology/sysfs: add format parameter to macro defining "show" functions for proc (jsc#ped-7618). * topology/sysfs: add ppin in sysfs under cpu topology (jsc#ped-7618). * tty: allow tiocslcktrmios with cap_checkpoint_restore (git-fixes). * ubsan: array-index-out-of-bounds in dtsplitroot (git-fixes). * usb: cdns3: fix memory double free when handle zero packet (git-fixes). * usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable() (git- fixes). * usb: cdns3: modify the return value of cdns_set_active () to void when config_pm_sleep is disabled (git-fixes). * usb: cdns3: put the cdns set active part outside the spin lock (git-fixes). * usb: cdns: readd old api (git-fixes). * usb: cdnsp: blocked some cdns3 specific code (git-fixes). * usb: cdnsp: fixed issue with incorrect detecting cdnsp family controllers (git-fixes). * usb: dwc3: gadget: do not disconnect if not started (git-fixes). * usb: dwc3: gadget: handle ep0 request dequeuing properly (git-fixes). * usb: dwc3: gadget: ignore end transfer delay on teardown (git-fixes). * usb: dwc3: gadget: queue pm runtime idle on disconnect event (git-fixes). * usb: dwc3: gadget: refactor ep0 forced stall/restart into a separate api (git-fixes). * usb: dwc3: gadget: submit endxfer command if delayed during disconnect (git- fixes). * usb: dwc3: host: set xhci_sg_trb_cache_size_quirk (git-fixes). * usb: f_mass_storage: forbid async queue when shutdown happen (git-fixes). * usb: gadget: core: add missing kerneldoc for vbus_work (git-fixes). * usb: gadget: core: adjust uevent timing on gadget unbind (git-fixes). * usb: gadget: core: help prevent panic during uvc unconfigure (git-fixes). * usb: gadget: core: remove unbalanced mutex_unlock in usb_gadget_activate (git-fixes). * usb: gadget: f_hid: fix report descriptor allocation (git-fixes). * usb: gadget: fix obscure lockdep violation for udc_mutex (git-fixes). * usb: gadget: fix use-after-free read in usb_udc_uevent() (git-fixes). * usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc (git-fixes). * usb: gadget: ncm: avoid dropping datagrams of properly parsed ntbs (git- fixes). * usb: gadget: udc: core: offload usb_udc_vbus_handler processing (git-fixes). * usb: gadget: udc: core: prevent soft_connect_store() race (git-fixes). * usb: gadget: udc: handle gadget_connect failure during bind operation (git- fixes). * usb: hub: check for alternate port before enabling a_alt_hnp_support (bsc#1218527). * usb: hub: replace hardcoded quirk value with bit() macro (git-fixes). * usb: roles: do not get/set_role() when usb_role_switch is unregistered (git- fixes). * usb: roles: fix null pointer issue when put module's reference (git-fixes). * usb: serial: cp210x: add id for imst im871a-usb (git-fixes). * usb: serial: option: add fibocom fm101-gl variant (git-fixes). * usb: serial: qcserial: add new usb-id for dell wireless dw5826e (git-fixes). * watchdog: it87_wdt: keep wdtctrl bit 3 unmodified for it8784/it8786 (git- fixes). * wifi: ath11k: fix registration of 6ghz-only phy without the full channel range (git-fixes). * wifi: ath9k: fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() (git-fixes). * wifi: cfg80211: fix missing interfaces when dumping (git-fixes). * wifi: cfg80211: fix rcu dereference in __cfg80211_bss_update (git-fixes). * wifi: cfg80211: free beacon_ies when overridden from hidden bss (git-fixes). * wifi: iwlwifi: fix some error codes (git-fixes). * wifi: iwlwifi: mvm: avoid baid size integer overflow (git-fixes). * wifi: iwlwifi: uninitialized variable in iwl_acpi_get_ppag_table() (git- fixes). * wifi: mac80211: adding missing drv_mgd_complete_tx() call (git-fixes). * wifi: mac80211: fix race condition on enabling fast-xmit (git-fixes). * wifi: nl80211: reject iftype change with mesh id change (git-fixes). * wifi: rt2x00: restart beacon queue when hardware reset (git-fixes). * wifi: rtl8xxxu: add additional usb ids for rtl8192eu devices (git-fixes). * wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() (git-fixes). * wifi: wext-core: fix -wstringop-overflow warning in ioctl_standard_iw_point() (git-fixes). * x86/asm: add _asm_rip() macro for x86-64 (%rip) suffix (git-fixes). * x86/bugs: add asm helpers for executing verw (git-fixes). * x86/bugs: use alternative() instead of mds_user_clear static key (git- fixes). also add mds_user_clear to kabi severities since it's strictly mitigation related so should be low risk. * x86/cpu: x86_feature_intel_ppin finally had a cpuid bit (jsc#ped-7618). * x86/entry_32: add verw just before userspace transition (git-fixes). * x86/entry_64: add verw just before userspace transition (git-fixes). * x86/mm: fix memory encryption features advertisement (bsc#1206453). * xfs: remove unused fields from struct xbtree_ifakeroot (git-fixes). * xfs: short circuit xfs_growfs_data_private() if delta is zero (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-910=1 openSUSE-SLE-15.5-2024-910=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-910=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-910=1 * SUSE Real Time Module 15-SP5 zypper in -t patch SUSE-SLE-Module-RT-15-SP5-2024-910=1 ## Package List: * openSUSE Leap 15.5 (noarch) * kernel-source-rt-5.14.21-150500.13.38.1 * kernel-devel-rt-5.14.21-150500.13.38.1 * openSUSE Leap 15.5 (x86_64) * kernel-rt_debug-vdso-5.14.21-150500.13.38.1 * kernel-rt-devel-5.14.21-150500.13.38.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.38.1 * cluster-md-kmp-rt-5.14.21-150500.13.38.1 * kernel-livepatch-SLE15-SP5-RT_Update_11-debugsource-1-150500.11.3.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.38.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-livepatch-5.14.21-150500.13.38.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.38.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.38.1 * kselftests-kmp-rt-5.14.21-150500.13.38.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-debuginfo-5.14.21-150500.13.38.1 * kernel-livepatch-5_14_21-150500_13_38-rt-debuginfo-1-150500.11.3.1 * kernel-rt-extra-5.14.21-150500.13.38.1 * reiserfs-kmp-rt-5.14.21-150500.13.38.1 * gfs2-kmp-rt-5.14.21-150500.13.38.1 * ocfs2-kmp-rt-5.14.21-150500.13.38.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-vdso-5.14.21-150500.13.38.1 * kernel-rt-optional-5.14.21-150500.13.38.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.38.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.38.1 * kernel-rt_debug-devel-5.14.21-150500.13.38.1 * kernel-syms-rt-5.14.21-150500.13.38.1 * dlm-kmp-rt-5.14.21-150500.13.38.1 * kernel-rt-livepatch-devel-5.14.21-150500.13.38.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.38.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.38.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-debugsource-5.14.21-150500.13.38.1 * kernel-rt_debug-livepatch-devel-5.14.21-150500.13.38.1 * kernel-livepatch-5_14_21-150500_13_38-rt-1-150500.11.3.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt_debug-5.14.21-150500.13.38.1 * kernel-rt-5.14.21-150500.13.38.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.38.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-debugsource-5.14.21-150500.13.38.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.38.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_11-debugsource-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_13_38-rt-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_13_38-rt-debuginfo-1-150500.11.3.1 * SUSE Real Time Module 15-SP5 (x86_64) * kernel-rt_debug-vdso-5.14.21-150500.13.38.1 * kernel-rt-devel-5.14.21-150500.13.38.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.38.1 * cluster-md-kmp-rt-5.14.21-150500.13.38.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.38.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-debuginfo-5.14.21-150500.13.38.1 * gfs2-kmp-rt-5.14.21-150500.13.38.1 * ocfs2-kmp-rt-5.14.21-150500.13.38.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-vdso-5.14.21-150500.13.38.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.38.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.38.1 * kernel-rt_debug-devel-5.14.21-150500.13.38.1 * kernel-syms-rt-5.14.21-150500.13.38.1 * dlm-kmp-rt-5.14.21-150500.13.38.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.38.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.38.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-debugsource-5.14.21-150500.13.38.1 * SUSE Real Time Module 15-SP5 (noarch) * kernel-source-rt-5.14.21-150500.13.38.1 * kernel-devel-rt-5.14.21-150500.13.38.1 * SUSE Real Time Module 15-SP5 (nosrc x86_64) * kernel-rt_debug-5.14.21-150500.13.38.1 * kernel-rt-5.14.21-150500.13.38.1 ## References: * https://www.suse.com/security/cve/CVE-2019-25162.html * https://www.suse.com/security/cve/CVE-2021-46923.html * https://www.suse.com/security/cve/CVE-2021-46924.html * https://www.suse.com/security/cve/CVE-2021-46932.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-5197.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52429.html * https://www.suse.com/security/cve/CVE-2023-52439.html * https://www.suse.com/security/cve/CVE-2023-52443.html * https://www.suse.com/security/cve/CVE-2023-52445.html * https://www.suse.com/security/cve/CVE-2023-52447.html * https://www.suse.com/security/cve/CVE-2023-52448.html * https://www.suse.com/security/cve/CVE-2023-52449.html * https://www.suse.com/security/cve/CVE-2023-52451.html * https://www.suse.com/security/cve/CVE-2023-52452.html * https://www.suse.com/security/cve/CVE-2023-52456.html * https://www.suse.com/security/cve/CVE-2023-52457.html * https://www.suse.com/security/cve/CVE-2023-52463.html * https://www.suse.com/security/cve/CVE-2023-52464.html * https://www.suse.com/security/cve/CVE-2023-52475.html * https://www.suse.com/security/cve/CVE-2023-52478.html * https://www.suse.com/security/cve/CVE-2023-6817.html * https://www.suse.com/security/cve/CVE-2024-0607.html * https://www.suse.com/security/cve/CVE-2024-1151.html * https://www.suse.com/security/cve/CVE-2024-23849.html * https://www.suse.com/security/cve/CVE-2024-23850.html * https://www.suse.com/security/cve/CVE-2024-23851.html * https://www.suse.com/security/cve/CVE-2024-25744.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26586.html * https://www.suse.com/security/cve/CVE-2024-26589.html * https://www.suse.com/security/cve/CVE-2024-26591.html * https://www.suse.com/security/cve/CVE-2024-26593.html * https://www.suse.com/security/cve/CVE-2024-26595.html * https://www.suse.com/security/cve/CVE-2024-26598.html * https://www.suse.com/security/cve/CVE-2024-26602.html * https://www.suse.com/security/cve/CVE-2024-26603.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1206453 * https://bugzilla.suse.com/show_bug.cgi?id=1209412 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1216776 * https://bugzilla.suse.com/show_bug.cgi?id=1217927 * https://bugzilla.suse.com/show_bug.cgi?id=1218195 * https://bugzilla.suse.com/show_bug.cgi?id=1218216 * https://bugzilla.suse.com/show_bug.cgi?id=1218450 * https://bugzilla.suse.com/show_bug.cgi?id=1218527 * https://bugzilla.suse.com/show_bug.cgi?id=1218663 * https://bugzilla.suse.com/show_bug.cgi?id=1218915 * https://bugzilla.suse.com/show_bug.cgi?id=1219126 * https://bugzilla.suse.com/show_bug.cgi?id=1219127 * https://bugzilla.suse.com/show_bug.cgi?id=1219141 * https://bugzilla.suse.com/show_bug.cgi?id=1219146 * https://bugzilla.suse.com/show_bug.cgi?id=1219295 * https://bugzilla.suse.com/show_bug.cgi?id=1219443 * https://bugzilla.suse.com/show_bug.cgi?id=1219653 * https://bugzilla.suse.com/show_bug.cgi?id=1219827 * https://bugzilla.suse.com/show_bug.cgi?id=1219835 * https://bugzilla.suse.com/show_bug.cgi?id=1219839 * https://bugzilla.suse.com/show_bug.cgi?id=1219840 * https://bugzilla.suse.com/show_bug.cgi?id=1219934 * https://bugzilla.suse.com/show_bug.cgi?id=1220003 * https://bugzilla.suse.com/show_bug.cgi?id=1220009 * https://bugzilla.suse.com/show_bug.cgi?id=1220021 * https://bugzilla.suse.com/show_bug.cgi?id=1220030 * https://bugzilla.suse.com/show_bug.cgi?id=1220106 * https://bugzilla.suse.com/show_bug.cgi?id=1220140 * https://bugzilla.suse.com/show_bug.cgi?id=1220187 * https://bugzilla.suse.com/show_bug.cgi?id=1220238 * https://bugzilla.suse.com/show_bug.cgi?id=1220240 * https://bugzilla.suse.com/show_bug.cgi?id=1220241 * https://bugzilla.suse.com/show_bug.cgi?id=1220243 * https://bugzilla.suse.com/show_bug.cgi?id=1220250 * https://bugzilla.suse.com/show_bug.cgi?id=1220251 * https://bugzilla.suse.com/show_bug.cgi?id=1220253 * https://bugzilla.suse.com/show_bug.cgi?id=1220254 * https://bugzilla.suse.com/show_bug.cgi?id=1220255 * https://bugzilla.suse.com/show_bug.cgi?id=1220257 * https://bugzilla.suse.com/show_bug.cgi?id=1220267 * https://bugzilla.suse.com/show_bug.cgi?id=1220277 * https://bugzilla.suse.com/show_bug.cgi?id=1220317 * https://bugzilla.suse.com/show_bug.cgi?id=1220326 * https://bugzilla.suse.com/show_bug.cgi?id=1220328 * https://bugzilla.suse.com/show_bug.cgi?id=1220330 * https://bugzilla.suse.com/show_bug.cgi?id=1220335 * https://bugzilla.suse.com/show_bug.cgi?id=1220344 * https://bugzilla.suse.com/show_bug.cgi?id=1220348 * https://bugzilla.suse.com/show_bug.cgi?id=1220350 * https://bugzilla.suse.com/show_bug.cgi?id=1220364 * https://bugzilla.suse.com/show_bug.cgi?id=1220392 * https://bugzilla.suse.com/show_bug.cgi?id=1220393 * https://bugzilla.suse.com/show_bug.cgi?id=1220398 * https://bugzilla.suse.com/show_bug.cgi?id=1220409 * https://bugzilla.suse.com/show_bug.cgi?id=1220444 * https://bugzilla.suse.com/show_bug.cgi?id=1220457 * https://bugzilla.suse.com/show_bug.cgi?id=1220459 * https://bugzilla.suse.com/show_bug.cgi?id=1220649 * https://bugzilla.suse.com/show_bug.cgi?id=1220796 * https://bugzilla.suse.com/show_bug.cgi?id=1220825 * https://jira.suse.com/browse/PED-7618 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 16:30:26 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 16:30:26 -0000 Subject: SUSE-SU-2024:0900-2: important: Security update for the Linux Kernel Message-ID: <171052022684.2985.11760305176496409000@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:0900-2 Rating: important References: * bsc#1211515 * bsc#1213456 * bsc#1214064 * bsc#1218195 * bsc#1218216 * bsc#1218562 * bsc#1218915 * bsc#1219073 * bsc#1219126 * bsc#1219127 * bsc#1219146 * bsc#1219295 * bsc#1219633 * bsc#1219653 * bsc#1219827 * bsc#1219835 * bsc#1220009 * bsc#1220140 * bsc#1220187 * bsc#1220238 * bsc#1220240 * bsc#1220241 * bsc#1220243 * bsc#1220250 * bsc#1220251 * bsc#1220253 * bsc#1220254 * bsc#1220255 * bsc#1220257 * bsc#1220326 * bsc#1220328 * bsc#1220330 * bsc#1220335 * bsc#1220344 * bsc#1220350 * bsc#1220364 * bsc#1220398 * bsc#1220409 * bsc#1220433 * bsc#1220444 * bsc#1220457 * bsc#1220459 * bsc#1220469 * bsc#1220649 * bsc#1220735 * bsc#1220736 * bsc#1220796 * bsc#1220797 * bsc#1220825 * bsc#1220845 * bsc#1220917 * bsc#1220930 * bsc#1220931 * bsc#1220933 Cross-References: * CVE-2019-25162 * CVE-2021-46923 * CVE-2021-46924 * CVE-2021-46932 * CVE-2021-46934 * CVE-2021-47083 * CVE-2022-48627 * CVE-2023-28746 * CVE-2023-5197 * CVE-2023-52340 * CVE-2023-52429 * CVE-2023-52439 * CVE-2023-52443 * CVE-2023-52445 * CVE-2023-52447 * CVE-2023-52448 * CVE-2023-52449 * CVE-2023-52451 * CVE-2023-52452 * CVE-2023-52456 * CVE-2023-52457 * CVE-2023-52463 * CVE-2023-52464 * CVE-2023-52467 * CVE-2023-52475 * CVE-2023-52478 * CVE-2023-52482 * CVE-2023-52484 * CVE-2023-52530 * CVE-2023-52531 * CVE-2023-52559 * CVE-2023-6270 * CVE-2023-6817 * CVE-2024-0607 * CVE-2024-1151 * CVE-2024-23849 * CVE-2024-23850 * CVE-2024-23851 * CVE-2024-26585 * CVE-2024-26586 * CVE-2024-26589 * CVE-2024-26591 * CVE-2024-26593 * CVE-2024-26595 * CVE-2024-26598 * CVE-2024-26602 * CVE-2024-26603 * CVE-2024-26607 * CVE-2024-26622 CVSS scores: * CVE-2019-25162 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46923 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46924 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46932 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46934 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47083 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2022-48627 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-5197 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-5197 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52439 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52439 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52443 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52443 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52445 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52445 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52448 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52451 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52452 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52456 ( SUSE ): 4.0 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52457 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52463 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52464 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52467 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52475 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52478 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52482 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-52484 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52530 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52531 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52559 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6817 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6817 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0607 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-0607 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-1151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-23849 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26586 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26589 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26591 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26593 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26607 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Manager Proxy 4.3 * SUSE Manager Server 4.3 An update that solves 49 vulnerabilities and has five security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). * CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328). * CVE-2023-52559: Fixed a bug by avoiding memory allocation in iommu_suspend (bsc#1220933). * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930). * CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736). * CVE-2023-52467: Fixed a null pointer dereference in of_syscon_register (bsc#1220433). * CVE-2024-26591: Fixed re-attachment branch in bpf_tracing_prog_attach (bsc#1220254). * CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255). * CVE-2023-52484: Fixed a soft lockup triggered by arm_smmu_mm_invalidate_range (bsc#1220797). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295). * CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915). * CVE-2023-6817: Fixed use-after-free in nft_pipapo_walk (bsc#1218195). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825). * CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126). * CVE-2023-52452: Fixed Fix accesses to uninit stack slots (bsc#1220257). * CVE-2023-52457: Fixed skipped resource freeing if pm_runtime_resume_and_get() failed (bsc#1220350). * CVE-2023-52456: Fixed tx statemachine deadlock (bsc#1220364). * CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250). * CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238). * CVE-2021-46923: Fixed reference leakage in fs/mount_setattr (bsc#1220457). * CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251). * CVE-2024-26598: Fixed potential UAF in LPI translation cache (bsc#1220326). * CVE-2024-26603: Fixed infinite loop via #PF handling (bsc#1220335). * CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241). * CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140). * CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240). * CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398). * CVE-2024-26593: Fixed block process call transactions (bsc#1220009). * CVE-2024-26586: Fixed stack corruption (bsc#1220243). * CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344). * CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330) * CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2_rgrp_dump (bsc#1220253). * CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835). * CVE-2023-5197: Fixed se-after-free due to addition and removal of rules from chain bindings within the same transaction (bsc#1218216). * CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127). * CVE-2023-52429: Fixed potential DoS in dm_table_create in drivers/md/dm- table.c (bsc#1219827). * CVE-2024-23851: Fixed crash in copy_params in drivers/md/dm-ioctl.c (bsc#1219146). The following non-security bugs were fixed: * bpf: Fix verification of indirect var-off stack access (git-fixes). * bpf: Guard stack limits against 32bit overflow (git-fixes). * KVM: VMX: Move VERW closer to VMentry for MDS mitigation (git-fixes). * KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (git- fixes). * NFS: avoid infinite loop in pnfs_update_layout (bsc#1219633). * nvme: move nvme_stop_keep_alive() back to original position (bsc#1211515). * nvme: remove nvme_alloc_request and nvme_alloc_request_qid (bsc#1214064). * nvme: start keep-alive after admin queue setup (bsc#1211515). * x86/asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix (git-fixes). * x86/bugs: Add asm helpers for executing VERW (git-fixes). * x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (git- fixes). * x86/entry_32: Add VERW just before userspace transition (git-fixes). * x86/entry_64: Add VERW just before userspace transition (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-900=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-900=1 ## Package List: * SUSE Manager Proxy 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.111.2 * SUSE Manager Proxy 4.3 (x86_64) * kernel-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-debugsource-5.14.21-150400.24.111.2 * kernel-syms-5.14.21-150400.24.111.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.111.2 * kernel-default-devel-5.14.21-150400.24.111.2 * kernel-default-base-5.14.21-150400.24.111.2.150400.24.52.1 * SUSE Manager Proxy 4.3 (noarch) * kernel-macros-5.14.21-150400.24.111.1 * kernel-source-5.14.21-150400.24.111.1 * kernel-devel-5.14.21-150400.24.111.1 * SUSE Manager Server 4.3 (nosrc ppc64le s390x x86_64) * kernel-default-5.14.21-150400.24.111.2 * SUSE Manager Server 4.3 (ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.111.2.150400.24.52.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * kernel-default-debuginfo-5.14.21-150400.24.111.2 * kernel-default-debugsource-5.14.21-150400.24.111.2 * kernel-syms-5.14.21-150400.24.111.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.111.2 * kernel-default-devel-5.14.21-150400.24.111.2 * SUSE Manager Server 4.3 (noarch) * kernel-macros-5.14.21-150400.24.111.1 * kernel-source-5.14.21-150400.24.111.1 * kernel-devel-5.14.21-150400.24.111.1 * SUSE Manager Server 4.3 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.111.2 * SUSE Manager Server 4.3 (s390x) * kernel-zfcpdump-debuginfo-5.14.21-150400.24.111.2 * kernel-zfcpdump-debugsource-5.14.21-150400.24.111.2 ## References: * https://www.suse.com/security/cve/CVE-2019-25162.html * https://www.suse.com/security/cve/CVE-2021-46923.html * https://www.suse.com/security/cve/CVE-2021-46924.html * https://www.suse.com/security/cve/CVE-2021-46932.html * https://www.suse.com/security/cve/CVE-2021-46934.html * https://www.suse.com/security/cve/CVE-2021-47083.html * https://www.suse.com/security/cve/CVE-2022-48627.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-5197.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52429.html * https://www.suse.com/security/cve/CVE-2023-52439.html * https://www.suse.com/security/cve/CVE-2023-52443.html * https://www.suse.com/security/cve/CVE-2023-52445.html * https://www.suse.com/security/cve/CVE-2023-52447.html * https://www.suse.com/security/cve/CVE-2023-52448.html * https://www.suse.com/security/cve/CVE-2023-52449.html * https://www.suse.com/security/cve/CVE-2023-52451.html * https://www.suse.com/security/cve/CVE-2023-52452.html * https://www.suse.com/security/cve/CVE-2023-52456.html * https://www.suse.com/security/cve/CVE-2023-52457.html * https://www.suse.com/security/cve/CVE-2023-52463.html * https://www.suse.com/security/cve/CVE-2023-52464.html * https://www.suse.com/security/cve/CVE-2023-52467.html * https://www.suse.com/security/cve/CVE-2023-52475.html * https://www.suse.com/security/cve/CVE-2023-52478.html * https://www.suse.com/security/cve/CVE-2023-52482.html * https://www.suse.com/security/cve/CVE-2023-52484.html * https://www.suse.com/security/cve/CVE-2023-52530.html * https://www.suse.com/security/cve/CVE-2023-52531.html * https://www.suse.com/security/cve/CVE-2023-52559.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2023-6817.html * https://www.suse.com/security/cve/CVE-2024-0607.html * https://www.suse.com/security/cve/CVE-2024-1151.html * https://www.suse.com/security/cve/CVE-2024-23849.html * https://www.suse.com/security/cve/CVE-2024-23850.html * https://www.suse.com/security/cve/CVE-2024-23851.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26586.html * https://www.suse.com/security/cve/CVE-2024-26589.html * https://www.suse.com/security/cve/CVE-2024-26591.html * https://www.suse.com/security/cve/CVE-2024-26593.html * https://www.suse.com/security/cve/CVE-2024-26595.html * https://www.suse.com/security/cve/CVE-2024-26598.html * https://www.suse.com/security/cve/CVE-2024-26602.html * https://www.suse.com/security/cve/CVE-2024-26603.html * https://www.suse.com/security/cve/CVE-2024-26607.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1211515 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1214064 * https://bugzilla.suse.com/show_bug.cgi?id=1218195 * https://bugzilla.suse.com/show_bug.cgi?id=1218216 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1218915 * https://bugzilla.suse.com/show_bug.cgi?id=1219073 * https://bugzilla.suse.com/show_bug.cgi?id=1219126 * https://bugzilla.suse.com/show_bug.cgi?id=1219127 * https://bugzilla.suse.com/show_bug.cgi?id=1219146 * https://bugzilla.suse.com/show_bug.cgi?id=1219295 * https://bugzilla.suse.com/show_bug.cgi?id=1219633 * https://bugzilla.suse.com/show_bug.cgi?id=1219653 * https://bugzilla.suse.com/show_bug.cgi?id=1219827 * https://bugzilla.suse.com/show_bug.cgi?id=1219835 * https://bugzilla.suse.com/show_bug.cgi?id=1220009 * https://bugzilla.suse.com/show_bug.cgi?id=1220140 * https://bugzilla.suse.com/show_bug.cgi?id=1220187 * https://bugzilla.suse.com/show_bug.cgi?id=1220238 * https://bugzilla.suse.com/show_bug.cgi?id=1220240 * https://bugzilla.suse.com/show_bug.cgi?id=1220241 * https://bugzilla.suse.com/show_bug.cgi?id=1220243 * https://bugzilla.suse.com/show_bug.cgi?id=1220250 * https://bugzilla.suse.com/show_bug.cgi?id=1220251 * https://bugzilla.suse.com/show_bug.cgi?id=1220253 * https://bugzilla.suse.com/show_bug.cgi?id=1220254 * https://bugzilla.suse.com/show_bug.cgi?id=1220255 * https://bugzilla.suse.com/show_bug.cgi?id=1220257 * https://bugzilla.suse.com/show_bug.cgi?id=1220326 * https://bugzilla.suse.com/show_bug.cgi?id=1220328 * https://bugzilla.suse.com/show_bug.cgi?id=1220330 * https://bugzilla.suse.com/show_bug.cgi?id=1220335 * https://bugzilla.suse.com/show_bug.cgi?id=1220344 * https://bugzilla.suse.com/show_bug.cgi?id=1220350 * https://bugzilla.suse.com/show_bug.cgi?id=1220364 * https://bugzilla.suse.com/show_bug.cgi?id=1220398 * https://bugzilla.suse.com/show_bug.cgi?id=1220409 * https://bugzilla.suse.com/show_bug.cgi?id=1220433 * https://bugzilla.suse.com/show_bug.cgi?id=1220444 * https://bugzilla.suse.com/show_bug.cgi?id=1220457 * https://bugzilla.suse.com/show_bug.cgi?id=1220459 * https://bugzilla.suse.com/show_bug.cgi?id=1220469 * https://bugzilla.suse.com/show_bug.cgi?id=1220649 * https://bugzilla.suse.com/show_bug.cgi?id=1220735 * https://bugzilla.suse.com/show_bug.cgi?id=1220736 * https://bugzilla.suse.com/show_bug.cgi?id=1220796 * https://bugzilla.suse.com/show_bug.cgi?id=1220797 * https://bugzilla.suse.com/show_bug.cgi?id=1220825 * https://bugzilla.suse.com/show_bug.cgi?id=1220845 * https://bugzilla.suse.com/show_bug.cgi?id=1220917 * https://bugzilla.suse.com/show_bug.cgi?id=1220930 * https://bugzilla.suse.com/show_bug.cgi?id=1220931 * https://bugzilla.suse.com/show_bug.cgi?id=1220933 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 16:30:29 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 16:30:29 -0000 Subject: SUSE-RU-2024:0911-1: moderate: Recommended update for virt-v2v Message-ID: <171052022986.2985.14996431082686137943@smelt2.prg2.suse.org> # Recommended update for virt-v2v Announcement ID: SUSE-RU-2024:0911-1 Rating: moderate References: * bsc#1216068 Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for virt-v2v fixes the following issue: * virt-v2v fails due to zstd module compression (bsc#1216068) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-911=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-911=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-911=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-911=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-911=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-911=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-911=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-911=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-911=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-911=1 ## Package List: * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * Server Applications Module 15-SP5 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Manager Proxy 4.3 (x86_64) * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * SUSE Manager Proxy 4.3 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * SUSE Manager Server 4.3 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * openSUSE Leap 15.4 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * openSUSE Leap 15.5 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1216068 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 16:33:30 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 16:33:30 -0000 Subject: SUSE-RU-2024:0911-1: moderate: Recommended update for virt-v2v Message-ID: <171052041099.16653.5887635856092073684@smelt2.prg2.suse.org> # Recommended update for virt-v2v Announcement ID: SUSE-RU-2024:0911-1 Rating: moderate References: * bsc#1216068 Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for virt-v2v fixes the following issue: * virt-v2v fails due to zstd module compression (bsc#1216068) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-911=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-911=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-911=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-911=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-911=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-911=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-911=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-911=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-911=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-911=1 ## Package List: * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * Server Applications Module 15-SP5 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Manager Proxy 4.3 (x86_64) * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * SUSE Manager Proxy 4.3 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * SUSE Manager Server 4.3 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * openSUSE Leap 15.4 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * openSUSE Leap 15.5 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1216068 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 15 16:36:32 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 15 Mar 2024 16:36:32 -0000 Subject: SUSE-RU-2024:0911-1: moderate: Recommended update for virt-v2v Message-ID: <171052059211.16993.5338081727755458104@smelt2.prg2.suse.org> # Recommended update for virt-v2v Announcement ID: SUSE-RU-2024:0911-1 Rating: moderate References: * bsc#1216068 Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for virt-v2v fixes the following issue: * virt-v2v fails due to zstd module compression (bsc#1216068) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-911=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-911=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-911=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-911=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-911=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-911=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-911=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-911=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-911=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-911=1 ## Package List: * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * Server Applications Module 15-SP5 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Manager Proxy 4.3 (x86_64) * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * SUSE Manager Proxy 4.3 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * SUSE Manager Server 4.3 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * openSUSE Leap 15.4 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * virt-v2v-debuginfo-1.44.2-150400.3.6.1 * virt-v2v-debugsource-1.44.2-150400.3.6.1 * virt-v2v-1.44.2-150400.3.6.1 * openSUSE Leap 15.5 (noarch) * virt-v2v-bash-completion-1.44.2-150400.3.6.1 * virt-v2v-man-pages-uk-1.44.2-150400.3.6.1 * virt-v2v-man-pages-ja-1.44.2-150400.3.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1216068 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 18 08:30:04 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 18 Mar 2024 08:30:04 -0000 Subject: SUSE-SU-2024:0915-1: moderate: Security update for tiff Message-ID: <171075060412.24641.5056807774796674350@smelt2.prg2.suse.org> # Security update for tiff Announcement ID: SUSE-SU-2024:0915-1 Rating: moderate References: * bsc#1213590 * bsc#1214686 * bsc#1214687 * bsc#1221187 * bsc#960589 Cross-References: * CVE-2015-8668 * CVE-2023-38288 * CVE-2023-40745 * CVE-2023-41175 CVSS scores: * CVE-2015-8668 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2023-38288 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-40745 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-40745 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-41175 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-41175 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for tiff fixes the following issues: * CVE-2023-41175: Fixed potential integer overflow in raw2tiff.c (bsc#1214686). * CVE-2023-38288: Fixed potential integer overflow in raw2tiff.c (bsc#1213590). * CVE-2023-40745: Fixed integer overflow in tiffcp.c (bsc#1214687). * CVE-2015-8668: Fixed Heap-based buffer overflow in bmp2tiff / PackBitsEncode (bsc#960589). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-915=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-915=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-915=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-915=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libtiff-devel-4.0.9-44.80.1 * tiff-debuginfo-4.0.9-44.80.1 * tiff-debugsource-4.0.9-44.80.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libtiff5-debuginfo-4.0.9-44.80.1 * libtiff5-4.0.9-44.80.1 * tiff-4.0.9-44.80.1 * tiff-debuginfo-4.0.9-44.80.1 * tiff-debugsource-4.0.9-44.80.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libtiff5-debuginfo-32bit-4.0.9-44.80.1 * libtiff5-32bit-4.0.9-44.80.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libtiff5-debuginfo-4.0.9-44.80.1 * libtiff5-4.0.9-44.80.1 * tiff-4.0.9-44.80.1 * tiff-debuginfo-4.0.9-44.80.1 * tiff-debugsource-4.0.9-44.80.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libtiff5-debuginfo-32bit-4.0.9-44.80.1 * libtiff5-32bit-4.0.9-44.80.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libtiff5-debuginfo-4.0.9-44.80.1 * libtiff5-4.0.9-44.80.1 * tiff-4.0.9-44.80.1 * tiff-debuginfo-4.0.9-44.80.1 * tiff-debugsource-4.0.9-44.80.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libtiff5-debuginfo-32bit-4.0.9-44.80.1 * libtiff5-32bit-4.0.9-44.80.1 ## References: * https://www.suse.com/security/cve/CVE-2015-8668.html * https://www.suse.com/security/cve/CVE-2023-38288.html * https://www.suse.com/security/cve/CVE-2023-40745.html * https://www.suse.com/security/cve/CVE-2023-41175.html * https://bugzilla.suse.com/show_bug.cgi?id=1213590 * https://bugzilla.suse.com/show_bug.cgi?id=1214686 * https://bugzilla.suse.com/show_bug.cgi?id=1214687 * https://bugzilla.suse.com/show_bug.cgi?id=1221187 * https://bugzilla.suse.com/show_bug.cgi?id=960589 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 18 08:30:06 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 18 Mar 2024 08:30:06 -0000 Subject: SUSE-RU-2024:0914-1: important: Recommended update for shadow Message-ID: <171075060619.24641.13544135770889704549@smelt2.prg2.suse.org> # Recommended update for shadow Announcement ID: SUSE-RU-2024:0914-1 Rating: important References: * bsc#1176006 * bsc#1188307 * bsc#1203823 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has three fixes can now be installed. ## Description: This update for shadow fixes the following issues: * Fix chage date miscalculation (bsc#1176006) * Fix passwd segfault when nsswitch.conf defines 'files compat' (bsc#1188307 * Remove pam_keyinit from PAM config files (bsc#1203823) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-914=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-914=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-914=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-914=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-914=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-914=1 ## Package List: * openSUSE Leap 15.4 (noarch) * login_defs-4.8.1-150400.10.15.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * shadow-debugsource-4.8.1-150400.10.15.1 * shadow-debuginfo-4.8.1-150400.10.15.1 * shadow-4.8.1-150400.10.15.1 * openSUSE Leap Micro 5.3 (noarch) * login_defs-4.8.1-150400.10.15.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * shadow-debugsource-4.8.1-150400.10.15.1 * shadow-debuginfo-4.8.1-150400.10.15.1 * shadow-4.8.1-150400.10.15.1 * openSUSE Leap 15.5 (noarch) * login_defs-4.8.1-150400.10.15.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * shadow-debugsource-4.8.1-150400.10.15.1 * shadow-debuginfo-4.8.1-150400.10.15.1 * shadow-4.8.1-150400.10.15.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * login_defs-4.8.1-150400.10.15.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * shadow-debugsource-4.8.1-150400.10.15.1 * shadow-debuginfo-4.8.1-150400.10.15.1 * shadow-4.8.1-150400.10.15.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * login_defs-4.8.1-150400.10.15.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * shadow-debugsource-4.8.1-150400.10.15.1 * shadow-debuginfo-4.8.1-150400.10.15.1 * shadow-4.8.1-150400.10.15.1 * Basesystem Module 15-SP5 (noarch) * login_defs-4.8.1-150400.10.15.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * shadow-debugsource-4.8.1-150400.10.15.1 * shadow-debuginfo-4.8.1-150400.10.15.1 * shadow-4.8.1-150400.10.15.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1176006 * https://bugzilla.suse.com/show_bug.cgi?id=1188307 * https://bugzilla.suse.com/show_bug.cgi?id=1203823 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 18 08:30:07 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 18 Mar 2024 08:30:07 -0000 Subject: SUSE-RU-2024:0913-1: important: Recommended update for shadow Message-ID: <171075060760.24641.5398652177518696471@smelt2.prg2.suse.org> # Recommended update for shadow Announcement ID: SUSE-RU-2024:0913-1 Rating: important References: * bsc#1188307 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has one fix can now be installed. ## Description: This update for shadow fixes the following issues: * Fix passwd segfault when nsswitch.conf defines 'files compat' (bsc#1188307) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-913=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-913=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-913=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * shadow-debuginfo-4.2.1-36.9.1 * shadow-debugsource-4.2.1-36.9.1 * shadow-4.2.1-36.9.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * shadow-debuginfo-4.2.1-36.9.1 * shadow-debugsource-4.2.1-36.9.1 * shadow-4.2.1-36.9.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * shadow-debuginfo-4.2.1-36.9.1 * shadow-debugsource-4.2.1-36.9.1 * shadow-4.2.1-36.9.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1188307 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 18 08:30:11 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 18 Mar 2024 08:30:11 -0000 Subject: SUSE-SU-2024:0912-1: important: Security update for openvswitch Message-ID: <171075061123.24641.8315930548428794131@smelt2.prg2.suse.org> # Security update for openvswitch Announcement ID: SUSE-SU-2024:0912-1 Rating: important References: * bsc#1219465 Cross-References: * CVE-2023-3966 CVSS scores: * CVE-2023-3966 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves one vulnerability can now be installed. ## Description: This update for openvswitch fixes the following issues: * CVE-2023-3966: Fixed invalid memory access in Geneve with HW offload (bsc#1219465). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-912=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-912=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-912=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * openvswitch-vtep-2.13.2-150200.9.34.1 * libopenvswitch-2_13-0-2.13.2-150200.9.34.1 * openvswitch-pki-2.13.2-150200.9.34.1 * openvswitch-test-2.13.2-150200.9.34.1 * libovn-20_03-0-debuginfo-20.03.1-150200.9.34.1 * openvswitch-debuginfo-2.13.2-150200.9.34.1 * python3-ovs-2.13.2-150200.9.34.1 * libopenvswitch-2_13-0-debuginfo-2.13.2-150200.9.34.1 * ovn-devel-20.03.1-150200.9.34.1 * ovn-vtep-20.03.1-150200.9.34.1 * openvswitch-2.13.2-150200.9.34.1 * ovn-docker-20.03.1-150200.9.34.1 * ovn-20.03.1-150200.9.34.1 * libovn-20_03-0-20.03.1-150200.9.34.1 * openvswitch-devel-2.13.2-150200.9.34.1 * ovn-central-20.03.1-150200.9.34.1 * openvswitch-ipsec-2.13.2-150200.9.34.1 * openvswitch-vtep-debuginfo-2.13.2-150200.9.34.1 * ovn-host-20.03.1-150200.9.34.1 * openvswitch-test-debuginfo-2.13.2-150200.9.34.1 * openvswitch-debugsource-2.13.2-150200.9.34.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * openvswitch-vtep-2.13.2-150200.9.34.1 * libopenvswitch-2_13-0-2.13.2-150200.9.34.1 * openvswitch-pki-2.13.2-150200.9.34.1 * openvswitch-test-2.13.2-150200.9.34.1 * libovn-20_03-0-debuginfo-20.03.1-150200.9.34.1 * openvswitch-debuginfo-2.13.2-150200.9.34.1 * python3-ovs-2.13.2-150200.9.34.1 * libopenvswitch-2_13-0-debuginfo-2.13.2-150200.9.34.1 * ovn-devel-20.03.1-150200.9.34.1 * ovn-vtep-20.03.1-150200.9.34.1 * openvswitch-2.13.2-150200.9.34.1 * ovn-docker-20.03.1-150200.9.34.1 * ovn-20.03.1-150200.9.34.1 * libovn-20_03-0-20.03.1-150200.9.34.1 * openvswitch-devel-2.13.2-150200.9.34.1 * ovn-central-20.03.1-150200.9.34.1 * openvswitch-ipsec-2.13.2-150200.9.34.1 * openvswitch-vtep-debuginfo-2.13.2-150200.9.34.1 * ovn-host-20.03.1-150200.9.34.1 * openvswitch-test-debuginfo-2.13.2-150200.9.34.1 * openvswitch-debugsource-2.13.2-150200.9.34.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * openvswitch-vtep-2.13.2-150200.9.34.1 * libopenvswitch-2_13-0-2.13.2-150200.9.34.1 * openvswitch-pki-2.13.2-150200.9.34.1 * openvswitch-test-2.13.2-150200.9.34.1 * libovn-20_03-0-debuginfo-20.03.1-150200.9.34.1 * openvswitch-debuginfo-2.13.2-150200.9.34.1 * python3-ovs-2.13.2-150200.9.34.1 * libopenvswitch-2_13-0-debuginfo-2.13.2-150200.9.34.1 * ovn-devel-20.03.1-150200.9.34.1 * ovn-vtep-20.03.1-150200.9.34.1 * openvswitch-2.13.2-150200.9.34.1 * ovn-docker-20.03.1-150200.9.34.1 * ovn-20.03.1-150200.9.34.1 * libovn-20_03-0-20.03.1-150200.9.34.1 * openvswitch-devel-2.13.2-150200.9.34.1 * ovn-central-20.03.1-150200.9.34.1 * openvswitch-ipsec-2.13.2-150200.9.34.1 * openvswitch-vtep-debuginfo-2.13.2-150200.9.34.1 * ovn-host-20.03.1-150200.9.34.1 * openvswitch-test-debuginfo-2.13.2-150200.9.34.1 * openvswitch-debugsource-2.13.2-150200.9.34.1 ## References: * https://www.suse.com/security/cve/CVE-2023-3966.html * https://bugzilla.suse.com/show_bug.cgi?id=1219465 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:14 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:14 -0000 Subject: SUSE-SU-2024:0976-1: important: Security update for the Linux Kernel Message-ID: <171111061440.3825.17963085419082039628@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:0976-1 Rating: important References: * bsc#1050549 * bsc#1186484 * bsc#1200599 * bsc#1212514 * bsc#1213456 * bsc#1218450 * bsc#1218527 * bsc#1218915 * bsc#1219127 * bsc#1219146 * bsc#1219295 * bsc#1219653 * bsc#1219827 * bsc#1219835 * bsc#1220187 * bsc#1220238 * bsc#1220240 * bsc#1220241 * bsc#1220250 * bsc#1220330 * bsc#1220340 * bsc#1220344 * bsc#1220409 * bsc#1220421 * bsc#1220436 * bsc#1220444 * bsc#1220459 * bsc#1220468 * bsc#1220482 * bsc#1220526 * bsc#1220570 * bsc#1220575 * bsc#1220599 * bsc#1220607 * bsc#1220613 * bsc#1220638 * bsc#1220641 * bsc#1220649 * bsc#1220700 * bsc#1220735 * bsc#1220767 * bsc#1220796 * bsc#1220825 * bsc#1220831 * bsc#1220845 * bsc#1220860 * bsc#1220861 * bsc#1220863 * bsc#1220870 * bsc#1220930 * bsc#1220931 * bsc#1220932 * bsc#1220957 * bsc#1221039 * bsc#1221040 * bsc#1221287 Cross-References: * CVE-2019-25162 * CVE-2020-36777 * CVE-2020-36784 * CVE-2021-46906 * CVE-2021-46915 * CVE-2021-46921 * CVE-2021-46924 * CVE-2021-46929 * CVE-2021-46932 * CVE-2021-46953 * CVE-2021-46974 * CVE-2021-46991 * CVE-2021-46992 * CVE-2021-47013 * CVE-2021-47054 * CVE-2021-47076 * CVE-2021-47077 * CVE-2021-47078 * CVE-2022-48627 * CVE-2023-28746 * CVE-2023-35827 * CVE-2023-46343 * CVE-2023-52340 * CVE-2023-52429 * CVE-2023-52443 * CVE-2023-52445 * CVE-2023-52449 * CVE-2023-52451 * CVE-2023-52464 * CVE-2023-52475 * CVE-2023-52478 * CVE-2023-52482 * CVE-2023-52502 * CVE-2023-52530 * CVE-2023-52531 * CVE-2023-52532 * CVE-2023-52574 * CVE-2023-52597 * CVE-2023-52605 * CVE-2024-0607 * CVE-2024-1151 * CVE-2024-23849 * CVE-2024-23851 * CVE-2024-26585 * CVE-2024-26595 * CVE-2024-26600 * CVE-2024-26622 CVSS scores: * CVE-2019-25162 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2020-36777 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2020-36784 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46921 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46924 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46932 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46953 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46974 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2021-46991 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46992 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47054 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47076 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47078 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-48627 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-46343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46343 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52443 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52443 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52445 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52445 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52449 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52451 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52451 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52464 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52475 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52478 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52482 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52530 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52531 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0607 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-0607 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-1151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-23849 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26600 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Real Time 12 SP5 * SUSE Linux Enterprise Server 12 SP5 An update that solves 47 vulnerabilities and has nine security fixes can now be installed. ## Description: The SUSE Linux Enterprise SLE12SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2019-25162: Fixed a potential use after free (bsc#1220409). * CVE-2020-36777: Fixed a memory leak in dvb_media_device_free() (bsc#1220526). * CVE-2020-36784: Fixed reference leak when pm_runtime_get_sync fails (bsc#1220570). * CVE-2021-46906: Fixed an info leak in hid_submit_ctrl (bsc#1220421). * CVE-2021-46915: Fixed a bug to avoid possible divide error in nft_limit_init (bsc#1220436). * CVE-2021-46921: Fixed ordering in queued_write_lock_slowpath (bsc#1220468). * CVE-2021-46924: Fixed fix memory leak in device probe and remove (bsc#1220459) * CVE-2021-46932: Fixed missing work initialization before device registration (bsc#1220444) * CVE-2021-46953: Fixed a corruption in interrupt mappings on watchdow probe failure (bsc#1220599). * CVE-2021-46991: Fixed a use-after-free in i40e_client_subtask (bsc#1220575). * CVE-2021-46992: Fixed a bug to avoid overflows in nft_hash_buckets (bsc#1220638). * CVE-2021-47013: Fixed a use after free in emac_mac_tx_buf_send (bsc#1220641). * CVE-2021-47054: Fixed a bug to put child node before return (bsc#1220767). * CVE-2021-47076: Fixed a bug by returning CQE error if invalid lkey was supplied (bsc#1220860) * CVE-2021-47077: Fixed a NULL pointer dereference when in shost_data (bsc#1220861). * CVE-2021-47078: Fixed a bug by clearing all QP fields if creation failed (bsc#1220863) * CVE-2022-48627: Fixed a memory overlapping when deleting chars in the buffer (bsc#1220845). * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). * CVE-2023-46343: Fixed a NULL pointer dereference in send_acknowledge() (CVE-2023-46343). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295). * CVE-2023-52429: Fixed potential DoS in dm_table_create in drivers/md/dm- table.c (bsc#1219827). * CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240). * CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241). * CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238). * CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250). * CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330) * CVE-2023-52475: Fixed use-after-free in powermate_config_complete (bsc#1220649) * CVE-2023-52478: Fixed kernel crash on receiver USB disconnect (bsc#1220796) * CVE-2023-52482: Fixed a bug by adding SRSO mitigation for Hygon processors (bsc#1220735). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831). * CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930). * CVE-2023-52531: Fixed a memory corruption issue in iwlwifi (bsc#1220931). * CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932). * CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870). * CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040). * CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039) * CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915). * CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835). * CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127). * CVE-2024-23851: Fixed crash in copy_params in drivers/md/dm-ioctl.c (bsc#1219146). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187). * CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344). * CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2 (bsc#1220340). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825). The following non-security bugs were fixed: * [media] coda: simplify optional reset handling (git-fixes). * [media] media drivers: annotate fall-through (git-fixes). * [media] media: platform: coda: remove variable self assignment (git-fixes). * asn.1: fix check for strdup() success (git-fixes). * audit: fix possible soft lockup in __audit_inode_child() (git-fixes). * bluetooth: hci_bcsp: do not call kfree_skb() under spin_lock_irqsave() (git- fixes). * bluetooth: hci_h5: do not call kfree_skb() under spin_lock_irqsave() (git- fixes). * bluetooth: hci_ll: do not call kfree_skb() under spin_lock_irqsave() (git- fixes). * bluetooth: hci_qca: do not call kfree_skb() under spin_lock_irqsave() (git- fixes). * bnx2x: fix pf-vf communication over multi-cos queues (git-fixes). * doc/readme.ksyms: add to repo.++ kernel-source-rt.spec (revision 4)%define git_commit 1431ee6e1c7fc02206d6bd539f8bd8ec4ce61801release: <release>.g1431ee6this package provides the rpm macros and templates for kernel module packages++ kernel-source.spec.in (revision 4)this package provides the rpm macros and templates for kernel module packages * e1000: fix memory leaks (git-fixes). * gve: fix skb truesize underestimation (git-fixes). * igb: clean up in all error paths when enabling sr-iov (git-fixes). * igb: fix constant media auto sense switching when no cable is connected (git-fixes). * ipv6: fix handling of lla with vrf and sockets bound to vrf (git-fixes). * ipv6: fix typos in __ip6_finish_output() (git-fixes). * ixgbe: protect tx timestamping from api misuse (git-fixes). * kcm: call strp_stop before strp_done in kcm_attach (git-fixes). * kcm: fix strp_init() order and cleanup (git-fixes). * kernel-source: fix description typo * kvm: s390: vsie: fix race during shadow creation (git-fixes bsc#1220613). * kvm: vmx: move verw closer to vmentry for mds mitigation (git-fixes). * kvm: vmx: use bt+jnc, i.e. eflags.cf to select vmresume vs. vmlaunch (git- fixes). * kvm: x86: add support for cpuid leaf 0x80000021 (git-fixes). * kvm: x86: move open-coded cpuid leaf 0x80000021 eax bit propagation code (git-fixes). * kvm: x86: synthesize cpuid leaf 0x80000021h if useful (git-fixes). * kvm: x86: work around qemu issue with synthetic cpuid leaves (git-fixes). * locking/barriers: introduce smp_cond_load_relaxed() and atomic_cond_read_relaxed() (bsc#1220468 bsc#1050549). * media: coda: constify platform_device_id (git-fixes). * media: coda: explicitly request exclusive reset control (git-fixes). * media: coda: reduce iram size to leave space for suspend to ram (git-fixes). * media: coda: reuse coda_s_fmt_vid_cap to propagate format in coda_s_fmt_vid_out (git-fixes). * media: coda: set min_buffers_needed (git-fixes). * media: coda: wake up capture queue on encoder stop after output streamoff (git-fixes). * media: dvb-usb: add memory free on error path in dw2102_probe() (git-fixes). * media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address (git- fixes). * media: dvb-usb: m920x: fix a potential memory leak in m920x_i2c_xfer() (git- fixes). * media: dw2102: fix memleak on sequence of probes (git-fixes). * media: dw2102: fix use after free (git-fixes). * media: dw2102: make dvb_usb_device_description structures const (git-fixes). * media: m920x: do not use stack on usb reads (git-fixes). * media: rc: do not remove first bit if leader pulse is present (git-fixes). * media: rc: ir-rc6-decoder: enable toggle bit for kathrein rcu-676 remote (git-fixes). * media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte() (git- fixes). * media: uvcvideo: set capability in s_param (git-fixes). * mkspec: use variant in constraints template constraints are not applied consistently with kernel package variants. add variant to the constraints template as appropriate, and expand it in mkspec. * net/mlx5e: ethtool, avoid setting speed to 56gbase when autoneg off (git- fixes). * net/sched: tcindex: search key must be 16 bits (git-fixes). * net: bonding: debug: avoid printing debug logs when bond is not notifying peers (git-fixes). * net: fec: add missed clk_disable_unprepare in remove (git-fixes). * net: fec: better handle pm_runtime_get() failing in .remove() (git-fixes). * net: fec: fix clock count mis-match (git-fixes). * net: fec: fix use-after-free in fec_drv_remove (git-fixes). * net: hisilicon: fix dma_map_single failed on arm64 (git-fixes). * net: hisilicon: fix hip04-xmit never return tx_busy (git-fixes). * net: hisilicon: fix usage of uninitialized variable in function mdio_sc_cfg_reg_write() (git-fixes). * net: hisilicon: make hip04_tx_reclaim non-reentrant (git-fixes). * net: hns3: add compatible handling for mac vlan switch parameter configuration (git-fixes). * net: hns3: not allow ssu loopback while execute ethtool -t dev (git-fixes). * net: lpc-enet: fix printk format strings (git-fixes). * net: nfc: llcp: add lock when modifying device list (git-fixes). * net: phy: dp83867: enable robust auto-mdix (git-fixes). * net: phy: initialise phydev speed and duplex sanely (git-fixes). * net: sfp: add mutex to prevent concurrent state checks (git-fixes). * net: tundra: tsi108: use spin_lock_irqsave instead of spin_lock_irq in irq context (git-fixes). * net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes). * nfsd: do not refuse to serve out of cache (bsc#1220957). * pci: prevent xhci driver from claiming amd vangogh usb3 drd device (git- fixes). * revert "md/raid5: wait for md_sb_change_pending in raid5d" (git-fixes). * revert "wcn36xx: disable bmps when encryption is disabled" (git-fixes). * rpm/constraints.in: set jobs for riscv to 8 the same workers are used for x86 and riscv and the riscv builds take ages. so align the riscv jobs count to x86. * rpm/kernel-binary.spec.in: install scripts/gdb when enabled in config (bsc#1219653) they are put into -devel subpackage. and a proper link to /usr/share/gdb/auto-load/ is created. * rpm/mkspec: sort entries in _multibuild otherwise it creates unnecessary diffs when tar-up-ing. it's of course due to readdir() using "random" order as served by the underlying filesystem. see for example: https://build.opensuse.org/request/show/1144457/changes * rpm: use run_if_exists for all external scriptlets with that the scriptlets do not need to be installed for build. * s390: use the correct count for __iowrite64_copy() (git-fixes bsc#1220607). * stmmac: fix potential division by 0 (git-fixes). * tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (bsc#1218450). * usb: host: fotg210: fix the actual_length of an iso packet (git-fixes). * usb: host: fotg210: fix the endpoint's transactional opportunities calculation (git-fixes). * usb: hub: check for alternate port before enabling a_alt_hnp_support (bsc#1218527). * usb: musb: dsps: fix the probe error path (git-fixes). * usb: musb: musb_dsps: request_irq() after initializing musb (git-fixes). * usb: musb: tusb6010: check return value after calling platform_get_resource() (git-fixes). * usb: typec: tcpci: clear the fault status bit (git-fixes). * wcn36xx: fix (qos) null data frame bitrate/modulation (git-fixes). * wcn36xx: fix discarded frames due to wrong sequence number (git-fixes). * wcn36xx: fix rx bd rate mapping for 5ghz legacy rates (git-fixes). * x86/asm: add _asm_rip() macro for x86-64 (%rip) suffix (git-fixes). * x86/bugs: add asm helpers for executing verw (bsc#1213456). * x86/bugs: use alternative() instead of mds_user_clear static key (git- fixes). also add mds_user_clear to kabi severity as it's used purely for mitigation so it's low risk. * x86/cpu, kvm: move x86_feature_lfence_rdtsc to its native leaf (git-fixes). * x86/entry_32: add verw just before userspace transition (git-fixes). * x86/entry_64: Add VERW just before userspace transition (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Real Time 12 SP5 zypper in -t patch SUSE-SLE-RT-12-SP5-2024-976=1 ## Package List: * SUSE Linux Enterprise Real Time 12 SP5 (x86_64) * gfs2-kmp-rt-debuginfo-4.12.14-10.171.1 * kernel-rt-debuginfo-4.12.14-10.171.1 * ocfs2-kmp-rt-debuginfo-4.12.14-10.171.1 * ocfs2-kmp-rt-4.12.14-10.171.1 * gfs2-kmp-rt-4.12.14-10.171.1 * dlm-kmp-rt-4.12.14-10.171.1 * kernel-syms-rt-4.12.14-10.171.1 * cluster-md-kmp-rt-debuginfo-4.12.14-10.171.1 * dlm-kmp-rt-debuginfo-4.12.14-10.171.1 * kernel-rt-debugsource-4.12.14-10.171.1 * cluster-md-kmp-rt-4.12.14-10.171.1 * kernel-rt-base-4.12.14-10.171.1 * kernel-rt_debug-debuginfo-4.12.14-10.171.1 * kernel-rt-devel-debuginfo-4.12.14-10.171.1 * kernel-rt-base-debuginfo-4.12.14-10.171.1 * kernel-rt_debug-debugsource-4.12.14-10.171.1 * kernel-rt_debug-devel-4.12.14-10.171.1 * kernel-rt_debug-devel-debuginfo-4.12.14-10.171.1 * kernel-rt-devel-4.12.14-10.171.1 * SUSE Linux Enterprise Real Time 12 SP5 (noarch) * kernel-devel-rt-4.12.14-10.171.1 * kernel-source-rt-4.12.14-10.171.1 * SUSE Linux Enterprise Real Time 12 SP5 (nosrc x86_64) * kernel-rt_debug-4.12.14-10.171.1 * kernel-rt-4.12.14-10.171.1 ## References: * https://www.suse.com/security/cve/CVE-2019-25162.html * https://www.suse.com/security/cve/CVE-2020-36777.html * https://www.suse.com/security/cve/CVE-2020-36784.html * https://www.suse.com/security/cve/CVE-2021-46906.html * https://www.suse.com/security/cve/CVE-2021-46915.html * https://www.suse.com/security/cve/CVE-2021-46921.html * https://www.suse.com/security/cve/CVE-2021-46924.html * https://www.suse.com/security/cve/CVE-2021-46929.html * https://www.suse.com/security/cve/CVE-2021-46932.html * https://www.suse.com/security/cve/CVE-2021-46953.html * https://www.suse.com/security/cve/CVE-2021-46974.html * https://www.suse.com/security/cve/CVE-2021-46991.html * https://www.suse.com/security/cve/CVE-2021-46992.html * https://www.suse.com/security/cve/CVE-2021-47013.html * https://www.suse.com/security/cve/CVE-2021-47054.html * https://www.suse.com/security/cve/CVE-2021-47076.html * https://www.suse.com/security/cve/CVE-2021-47077.html * https://www.suse.com/security/cve/CVE-2021-47078.html * https://www.suse.com/security/cve/CVE-2022-48627.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-35827.html * https://www.suse.com/security/cve/CVE-2023-46343.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52429.html * https://www.suse.com/security/cve/CVE-2023-52443.html * https://www.suse.com/security/cve/CVE-2023-52445.html * https://www.suse.com/security/cve/CVE-2023-52449.html * https://www.suse.com/security/cve/CVE-2023-52451.html * https://www.suse.com/security/cve/CVE-2023-52464.html * https://www.suse.com/security/cve/CVE-2023-52475.html * https://www.suse.com/security/cve/CVE-2023-52478.html * https://www.suse.com/security/cve/CVE-2023-52482.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52530.html * https://www.suse.com/security/cve/CVE-2023-52531.html * https://www.suse.com/security/cve/CVE-2023-52532.html * https://www.suse.com/security/cve/CVE-2023-52574.html * https://www.suse.com/security/cve/CVE-2023-52597.html * https://www.suse.com/security/cve/CVE-2023-52605.html * https://www.suse.com/security/cve/CVE-2024-0607.html * https://www.suse.com/security/cve/CVE-2024-1151.html * https://www.suse.com/security/cve/CVE-2024-23849.html * https://www.suse.com/security/cve/CVE-2024-23851.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26595.html * https://www.suse.com/security/cve/CVE-2024-26600.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1050549 * https://bugzilla.suse.com/show_bug.cgi?id=1186484 * https://bugzilla.suse.com/show_bug.cgi?id=1200599 * https://bugzilla.suse.com/show_bug.cgi?id=1212514 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1218450 * https://bugzilla.suse.com/show_bug.cgi?id=1218527 * https://bugzilla.suse.com/show_bug.cgi?id=1218915 * https://bugzilla.suse.com/show_bug.cgi?id=1219127 * https://bugzilla.suse.com/show_bug.cgi?id=1219146 * https://bugzilla.suse.com/show_bug.cgi?id=1219295 * https://bugzilla.suse.com/show_bug.cgi?id=1219653 * https://bugzilla.suse.com/show_bug.cgi?id=1219827 * https://bugzilla.suse.com/show_bug.cgi?id=1219835 * https://bugzilla.suse.com/show_bug.cgi?id=1220187 * https://bugzilla.suse.com/show_bug.cgi?id=1220238 * https://bugzilla.suse.com/show_bug.cgi?id=1220240 * https://bugzilla.suse.com/show_bug.cgi?id=1220241 * https://bugzilla.suse.com/show_bug.cgi?id=1220250 * https://bugzilla.suse.com/show_bug.cgi?id=1220330 * https://bugzilla.suse.com/show_bug.cgi?id=1220340 * https://bugzilla.suse.com/show_bug.cgi?id=1220344 * https://bugzilla.suse.com/show_bug.cgi?id=1220409 * https://bugzilla.suse.com/show_bug.cgi?id=1220421 * https://bugzilla.suse.com/show_bug.cgi?id=1220436 * https://bugzilla.suse.com/show_bug.cgi?id=1220444 * https://bugzilla.suse.com/show_bug.cgi?id=1220459 * https://bugzilla.suse.com/show_bug.cgi?id=1220468 * https://bugzilla.suse.com/show_bug.cgi?id=1220482 * https://bugzilla.suse.com/show_bug.cgi?id=1220526 * https://bugzilla.suse.com/show_bug.cgi?id=1220570 * https://bugzilla.suse.com/show_bug.cgi?id=1220575 * https://bugzilla.suse.com/show_bug.cgi?id=1220599 * https://bugzilla.suse.com/show_bug.cgi?id=1220607 * https://bugzilla.suse.com/show_bug.cgi?id=1220613 * https://bugzilla.suse.com/show_bug.cgi?id=1220638 * https://bugzilla.suse.com/show_bug.cgi?id=1220641 * https://bugzilla.suse.com/show_bug.cgi?id=1220649 * https://bugzilla.suse.com/show_bug.cgi?id=1220700 * https://bugzilla.suse.com/show_bug.cgi?id=1220735 * https://bugzilla.suse.com/show_bug.cgi?id=1220767 * https://bugzilla.suse.com/show_bug.cgi?id=1220796 * https://bugzilla.suse.com/show_bug.cgi?id=1220825 * https://bugzilla.suse.com/show_bug.cgi?id=1220831 * https://bugzilla.suse.com/show_bug.cgi?id=1220845 * https://bugzilla.suse.com/show_bug.cgi?id=1220860 * https://bugzilla.suse.com/show_bug.cgi?id=1220861 * https://bugzilla.suse.com/show_bug.cgi?id=1220863 * https://bugzilla.suse.com/show_bug.cgi?id=1220870 * https://bugzilla.suse.com/show_bug.cgi?id=1220930 * https://bugzilla.suse.com/show_bug.cgi?id=1220931 * https://bugzilla.suse.com/show_bug.cgi?id=1220932 * https://bugzilla.suse.com/show_bug.cgi?id=1220957 * https://bugzilla.suse.com/show_bug.cgi?id=1221039 * https://bugzilla.suse.com/show_bug.cgi?id=1221040 * https://bugzilla.suse.com/show_bug.cgi?id=1221287 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:25 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:25 -0000 Subject: SUSE-SU-2024:0975-1: important: Security update for the Linux Kernel Message-ID: <171111062542.3825.16143726335941650758@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:0975-1 Rating: important References: * bsc#1050549 * bsc#1186484 * bsc#1200599 * bsc#1212514 * bsc#1213456 * bsc#1217987 * bsc#1217988 * bsc#1217989 * bsc#1218450 * bsc#1218527 * bsc#1218915 * bsc#1219127 * bsc#1219146 * bsc#1219295 * bsc#1219653 * bsc#1219827 * bsc#1219835 * bsc#1220187 * bsc#1220238 * bsc#1220240 * bsc#1220241 * bsc#1220250 * bsc#1220330 * bsc#1220340 * bsc#1220344 * bsc#1220409 * bsc#1220421 * bsc#1220436 * bsc#1220444 * bsc#1220459 * bsc#1220468 * bsc#1220482 * bsc#1220526 * bsc#1220570 * bsc#1220575 * bsc#1220599 * bsc#1220607 * bsc#1220613 * bsc#1220638 * bsc#1220641 * bsc#1220649 * bsc#1220700 * bsc#1220735 * bsc#1220767 * bsc#1220796 * bsc#1220825 * bsc#1220831 * bsc#1220845 * bsc#1220860 * bsc#1220861 * bsc#1220863 * bsc#1220870 * bsc#1220930 * bsc#1220931 * bsc#1220932 * bsc#1220957 * bsc#1221039 * bsc#1221040 * bsc#1221287 Cross-References: * CVE-2019-25162 * CVE-2020-36777 * CVE-2020-36784 * CVE-2021-33200 * CVE-2021-46906 * CVE-2021-46915 * CVE-2021-46921 * CVE-2021-46924 * CVE-2021-46929 * CVE-2021-46932 * CVE-2021-46953 * CVE-2021-46974 * CVE-2021-46991 * CVE-2021-46992 * CVE-2021-47013 * CVE-2021-47054 * CVE-2021-47076 * CVE-2021-47077 * CVE-2021-47078 * CVE-2022-20154 * CVE-2022-48627 * CVE-2023-28746 * CVE-2023-35827 * CVE-2023-46343 * CVE-2023-52340 * CVE-2023-52429 * CVE-2023-52443 * CVE-2023-52445 * CVE-2023-52449 * CVE-2023-52451 * CVE-2023-52464 * CVE-2023-52475 * CVE-2023-52478 * CVE-2023-52482 * CVE-2023-52502 * CVE-2023-52530 * CVE-2023-52531 * CVE-2023-52532 * CVE-2023-52574 * CVE-2023-52597 * CVE-2023-52605 * CVE-2023-6356 * CVE-2023-6535 * CVE-2023-6536 * CVE-2024-0607 * CVE-2024-1151 * CVE-2024-23849 * CVE-2024-23851 * CVE-2024-26585 * CVE-2024-26595 * CVE-2024-26600 * CVE-2024-26622 CVSS scores: * CVE-2019-25162 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2020-36777 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2020-36784 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-33200 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2021-33200 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46921 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46924 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46932 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46953 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46974 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2021-46991 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46992 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47054 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47076 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47078 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-20154 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-20154 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48627 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-46343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46343 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52443 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52443 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52445 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52445 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52449 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52451 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52451 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52464 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52475 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52478 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52482 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52530 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52531 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6356 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6356 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6535 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6536 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0607 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-0607 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-1151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-23849 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26600 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 52 vulnerabilities and has seven security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 Azure kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-26600: Fixed NULL pointer dereference for SRP (bsc#1220340). * CVE-2021-47078: Fixed a bug by clearing all QP fields if creation failed (bsc#1220863) * CVE-2021-47076: Fixed a bug by returning CQE error if invalid lkey was supplied (bsc#1220860) * CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039) * CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040). * CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870). * CVE-2023-52482: Fixed a bug by adding SRSO mitigation for Hygon processors (bsc#1220735). * CVE-2022-48627: Fixed a memory overlapping when deleting chars in the buffer (bsc#1220845). * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2021-47077: Fixed a NULL pointer dereference when in shost_data (bsc#1220861). * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). * CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932). * CVE-2021-33200: Fixed a leakage of uninitialized bpf stack under speculation. (bsc#1186484) * CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930). * CVE-2023-52531: Fixed a memory corruption issue in iwlwifi (bsc#1220931). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295). * CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825). * CVE-2021-46921: Fixed ordering in queued_write_lock_slowpath (bsc#1220468). * CVE-2021-46932: Fixed missing work initialization before device registration (bsc#1220444) * CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250). * CVE-2021-46953: Fixed a corruption in interrupt mappings on watchdow probe failure (bsc#1220599). * CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238). * CVE-2023-52475: Fixed use-after-free in powermate_config_complete (bsc#1220649) * CVE-2023-52478: Fixed kernel crash on receiver USB disconnect (bsc#1220796) * CVE-2019-25162: Fixed a potential use after free (bsc#1220409). * CVE-2020-36784: Fixed reference leak when pm_runtime_get_sync fails (bsc#1220570). * CVE-2021-47054: Fixed a bug to put child node before return (bsc#1220767). * CVE-2021-46924: Fixed fix memory leak in device probe and remove (bsc#1220459) * CVE-2021-46915: Fixed a bug to avoid possible divide error in nft_limit_init (bsc#1220436). * CVE-2021-46906: Fixed an info leak in hid_submit_ctrl (bsc#1220421). * CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241). * CVE-2020-36777: Fixed a memory leak in dvb_media_device_free (bsc#1220526). * CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240). * CVE-2023-46343: Fixed a NULL pointer dereference in send_acknowledge() (CVE-2023-46343). * CVE-2021-46992: Fixed a bug to avoid overflows in nft_hash_buckets (bsc#1220638). * CVE-2021-47013: Fixed a use after free in emac_mac_tx_buf_send (bsc#1220641). * CVE-2021-46991: Fixed a use-after-free in i40e_client_subtask (bsc#1220575). * CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344). * CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835). * CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330) * CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127). The following non-security bugs were fixed: * ASN.1: Fix check for strdup() success (git-fixes). * audit: fix possible soft lockup in __audit_inode_child() (git-fixes). * Bluetooth: hci_bcsp: do not call kfree_skb() under spin_lock_irqsave() (git- fixes). * Bluetooth: hci_h5: do not call kfree_skb() under spin_lock_irqsave() (git- fixes). * Bluetooth: hci_ll: do not call kfree_skb() under spin_lock_irqsave() (git- fixes). * Bluetooth: hci_qca: do not call kfree_skb() under spin_lock_irqsave() (git- fixes). * bnx2x: Fix PF-VF communication over multi-cos queues (git-fixes). * doc/README.KSYMS: Add to repo. * e1000: fix memory leaks (git-fixes). * gve: Fix skb truesize underestimation (git-fixes). * igb: clean up in all error paths when enabling SR-IOV (git-fixes). * igb: Fix constant media auto sense switching when no cable is connected (git-fixes). * ipv6: Fix handling of LLA with VRF and sockets bound to VRF (git-fixes). * ipv6: fix typos in __ip6_finish_output() (git-fixes). * ixgbe: protect TX timestamping from API misuse (git-fixes). * kcm: Call strp_stop before strp_done in kcm_attach (git-fixes). * kcm: fix strp_init() order and cleanup (git-fixes). * KVM: s390: vsie: fix race during shadow creation (git-fixes bsc#1220613). * KVM: VMX: Move VERW closer to VMentry for MDS mitigation (git-fixes). * KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (git- fixes). * KVM: x86: add support for CPUID leaf 0x80000021 (git-fixes). * KVM: x86: Move open-coded CPUID leaf 0x80000021 EAX bit propagation code (git-fixes). * KVM: x86: synthesize CPUID leaf 0x80000021h if useful (git-fixes). * KVM: x86: work around QEMU issue with synthetic CPUID leaves (git-fixes). * locking/barriers: Introduce smp_cond_load_relaxed() and atomic_cond_read_relaxed() (bsc#1220468 bsc#1050549). * md: bypass block throttle for superblock update (git-fixes). * media: coda: constify platform_device_id (git-fixes). * media: coda: explicitly request exclusive reset control (git-fixes). * media: coda: reduce iram size to leave space for suspend to ram (git-fixes). * media: coda: reuse coda_s_fmt_vid_cap to propagate format in coda_s_fmt_vid_out (git-fixes). * media: coda: set min_buffers_needed (git-fixes). * media: coda: wake up capture queue on encoder stop after output streamoff (git-fixes). * media: dvb-usb: Add memory free on error path in dw2102_probe() (git-fixes). * media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address (git- fixes). * media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer() (git- fixes). * media: dw2102: Fix memleak on sequence of probes (git-fixes). * media: dw2102: Fix use after free (git-fixes). * media: dw2102: make dvb_usb_device_description structures const (git-fixes). * media: m920x: do not use stack on USB reads (git-fixes). * media: rc: do not remove first bit if leader pulse is present (git-fixes). * media: rc: ir-rc6-decoder: enable toggle bit for Kathrein RCU-676 remote (git-fixes). * media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte() (git- fixes). * media: uvcvideo: Set capability in s_param (git-fixes). * net: bonding: debug: avoid printing debug logs when bond is not notifying peers (git-fixes). * net: fec: add missed clk_disable_unprepare in remove (git-fixes). * net: fec: Better handle pm_runtime_get() failing in .remove() (git-fixes). * net: fec: fix clock count mis-match (git-fixes). * net: fec: fix use-after-free in fec_drv_remove (git-fixes). * net: hisilicon: Fix dma_map_single failed on arm64 (git-fixes). * net: hisilicon: fix hip04-xmit never return TX_BUSY (git-fixes). * net: hisilicon: Fix usage of uninitialized variable in function mdio_sc_cfg_reg_write() (git-fixes). * net: hisilicon: make hip04_tx_reclaim non-reentrant (git-fixes). * net: hns3: add compatible handling for MAC VLAN switch parameter configuration (git-fixes). * net: hns3: not allow SSU loopback while execute ethtool -t dev (git-fixes). * net: lpc-enet: fix printk format strings (git-fixes). * net: nfc: llcp: Add lock when modifying device list (git-fixes). * net: phy: dp83867: enable robust auto-mdix (git-fixes). * net: phy: initialise phydev speed and duplex sanely (git-fixes). * net: sfp: add mutex to prevent concurrent state checks (git-fixes). * net: tundra: tsi108: use spin_lock_irqsave instead of spin_lock_irq in IRQ context (git-fixes). * net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes). * net/mlx5e: ethtool, Avoid setting speed to 56GBASE when autoneg off (git- fixes). * net/sched: tcindex: search key must be 16 bits (git-fixes). * nfsd: Do not refuse to serve out of cache (bsc#1220957). * PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device (git- fixes). * s390: use the correct count for __iowrite64_copy() (git-fixes bsc#1220607). * stmmac: fix potential division by 0 (git-fixes). * tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (bsc#1218450). * usb: host: fotg210: fix the actual_length of an iso packet (git-fixes). * usb: host: fotg210: fix the endpoint's transactional opportunities calculation (git-fixes). * usb: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT (bsc#1218527). * usb: musb: dsps: Fix the probe error path (git-fixes). * usb: musb: musb_dsps: request_irq() after initializing musb (git-fixes). * usb: musb: tusb6010: check return value after calling platform_get_resource() (git-fixes). * usb: typec: tcpci: clear the fault status bit (git-fixes). * wcn36xx: Fix (QoS) null data frame bitrate/modulation (git-fixes). * wcn36xx: Fix discarded frames due to wrong sequence number (git-fixes). * wcn36xx: fix RX BD rate mapping for 5GHz legacy rates (git-fixes). * x86/asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix (git-fixes). * x86/bugs: Add asm helpers for executing VERW (bsc#1213456). * x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (git- fixes). Also add mds_user_clear to kABI severity as it's used purely for mitigation so it's low risk. * x86/cpu, kvm: Move X86_FEATURE_LFENCE_RDTSC to its native leaf (git-fixes). * x86/entry_32: Add VERW just before userspace transition (git-fixes). * x86/entry_64: Add VERW just before userspace transition (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-975=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-975=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-975=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc x86_64) * kernel-azure-4.12.14-16.173.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * kernel-azure-base-4.12.14-16.173.1 * kernel-azure-base-debuginfo-4.12.14-16.173.1 * kernel-azure-debugsource-4.12.14-16.173.1 * kernel-azure-debuginfo-4.12.14-16.173.1 * kernel-azure-devel-4.12.14-16.173.1 * kernel-syms-azure-4.12.14-16.173.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * kernel-source-azure-4.12.14-16.173.1 * kernel-devel-azure-4.12.14-16.173.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (nosrc x86_64) * kernel-azure-4.12.14-16.173.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * kernel-azure-base-4.12.14-16.173.1 * kernel-azure-base-debuginfo-4.12.14-16.173.1 * kernel-azure-debugsource-4.12.14-16.173.1 * kernel-azure-debuginfo-4.12.14-16.173.1 * kernel-azure-devel-4.12.14-16.173.1 * kernel-syms-azure-4.12.14-16.173.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * kernel-source-azure-4.12.14-16.173.1 * kernel-devel-azure-4.12.14-16.173.1 * SUSE Linux Enterprise Server 12 SP5 (nosrc x86_64) * kernel-azure-4.12.14-16.173.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * kernel-azure-base-4.12.14-16.173.1 * kernel-azure-base-debuginfo-4.12.14-16.173.1 * kernel-azure-debugsource-4.12.14-16.173.1 * kernel-azure-debuginfo-4.12.14-16.173.1 * kernel-azure-devel-4.12.14-16.173.1 * kernel-syms-azure-4.12.14-16.173.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * kernel-source-azure-4.12.14-16.173.1 * kernel-devel-azure-4.12.14-16.173.1 ## References: * https://www.suse.com/security/cve/CVE-2019-25162.html * https://www.suse.com/security/cve/CVE-2020-36777.html * https://www.suse.com/security/cve/CVE-2020-36784.html * https://www.suse.com/security/cve/CVE-2021-33200.html * https://www.suse.com/security/cve/CVE-2021-46906.html * https://www.suse.com/security/cve/CVE-2021-46915.html * https://www.suse.com/security/cve/CVE-2021-46921.html * https://www.suse.com/security/cve/CVE-2021-46924.html * https://www.suse.com/security/cve/CVE-2021-46929.html * https://www.suse.com/security/cve/CVE-2021-46932.html * https://www.suse.com/security/cve/CVE-2021-46953.html * https://www.suse.com/security/cve/CVE-2021-46974.html * https://www.suse.com/security/cve/CVE-2021-46991.html * https://www.suse.com/security/cve/CVE-2021-46992.html * https://www.suse.com/security/cve/CVE-2021-47013.html * https://www.suse.com/security/cve/CVE-2021-47054.html * https://www.suse.com/security/cve/CVE-2021-47076.html * https://www.suse.com/security/cve/CVE-2021-47077.html * https://www.suse.com/security/cve/CVE-2021-47078.html * https://www.suse.com/security/cve/CVE-2022-20154.html * https://www.suse.com/security/cve/CVE-2022-48627.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-35827.html * https://www.suse.com/security/cve/CVE-2023-46343.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52429.html * https://www.suse.com/security/cve/CVE-2023-52443.html * https://www.suse.com/security/cve/CVE-2023-52445.html * https://www.suse.com/security/cve/CVE-2023-52449.html * https://www.suse.com/security/cve/CVE-2023-52451.html * https://www.suse.com/security/cve/CVE-2023-52464.html * https://www.suse.com/security/cve/CVE-2023-52475.html * https://www.suse.com/security/cve/CVE-2023-52478.html * https://www.suse.com/security/cve/CVE-2023-52482.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52530.html * https://www.suse.com/security/cve/CVE-2023-52531.html * https://www.suse.com/security/cve/CVE-2023-52532.html * https://www.suse.com/security/cve/CVE-2023-52574.html * https://www.suse.com/security/cve/CVE-2023-52597.html * https://www.suse.com/security/cve/CVE-2023-52605.html * https://www.suse.com/security/cve/CVE-2023-6356.html * https://www.suse.com/security/cve/CVE-2023-6535.html * https://www.suse.com/security/cve/CVE-2023-6536.html * https://www.suse.com/security/cve/CVE-2024-0607.html * https://www.suse.com/security/cve/CVE-2024-1151.html * https://www.suse.com/security/cve/CVE-2024-23849.html * https://www.suse.com/security/cve/CVE-2024-23851.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26595.html * https://www.suse.com/security/cve/CVE-2024-26600.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1050549 * https://bugzilla.suse.com/show_bug.cgi?id=1186484 * https://bugzilla.suse.com/show_bug.cgi?id=1200599 * https://bugzilla.suse.com/show_bug.cgi?id=1212514 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1217987 * https://bugzilla.suse.com/show_bug.cgi?id=1217988 * https://bugzilla.suse.com/show_bug.cgi?id=1217989 * https://bugzilla.suse.com/show_bug.cgi?id=1218450 * https://bugzilla.suse.com/show_bug.cgi?id=1218527 * https://bugzilla.suse.com/show_bug.cgi?id=1218915 * https://bugzilla.suse.com/show_bug.cgi?id=1219127 * https://bugzilla.suse.com/show_bug.cgi?id=1219146 * https://bugzilla.suse.com/show_bug.cgi?id=1219295 * https://bugzilla.suse.com/show_bug.cgi?id=1219653 * https://bugzilla.suse.com/show_bug.cgi?id=1219827 * https://bugzilla.suse.com/show_bug.cgi?id=1219835 * https://bugzilla.suse.com/show_bug.cgi?id=1220187 * https://bugzilla.suse.com/show_bug.cgi?id=1220238 * https://bugzilla.suse.com/show_bug.cgi?id=1220240 * https://bugzilla.suse.com/show_bug.cgi?id=1220241 * https://bugzilla.suse.com/show_bug.cgi?id=1220250 * https://bugzilla.suse.com/show_bug.cgi?id=1220330 * https://bugzilla.suse.com/show_bug.cgi?id=1220340 * https://bugzilla.suse.com/show_bug.cgi?id=1220344 * https://bugzilla.suse.com/show_bug.cgi?id=1220409 * https://bugzilla.suse.com/show_bug.cgi?id=1220421 * https://bugzilla.suse.com/show_bug.cgi?id=1220436 * https://bugzilla.suse.com/show_bug.cgi?id=1220444 * https://bugzilla.suse.com/show_bug.cgi?id=1220459 * https://bugzilla.suse.com/show_bug.cgi?id=1220468 * https://bugzilla.suse.com/show_bug.cgi?id=1220482 * https://bugzilla.suse.com/show_bug.cgi?id=1220526 * https://bugzilla.suse.com/show_bug.cgi?id=1220570 * https://bugzilla.suse.com/show_bug.cgi?id=1220575 * https://bugzilla.suse.com/show_bug.cgi?id=1220599 * https://bugzilla.suse.com/show_bug.cgi?id=1220607 * https://bugzilla.suse.com/show_bug.cgi?id=1220613 * https://bugzilla.suse.com/show_bug.cgi?id=1220638 * https://bugzilla.suse.com/show_bug.cgi?id=1220641 * https://bugzilla.suse.com/show_bug.cgi?id=1220649 * https://bugzilla.suse.com/show_bug.cgi?id=1220700 * https://bugzilla.suse.com/show_bug.cgi?id=1220735 * https://bugzilla.suse.com/show_bug.cgi?id=1220767 * https://bugzilla.suse.com/show_bug.cgi?id=1220796 * https://bugzilla.suse.com/show_bug.cgi?id=1220825 * https://bugzilla.suse.com/show_bug.cgi?id=1220831 * https://bugzilla.suse.com/show_bug.cgi?id=1220845 * https://bugzilla.suse.com/show_bug.cgi?id=1220860 * https://bugzilla.suse.com/show_bug.cgi?id=1220861 * https://bugzilla.suse.com/show_bug.cgi?id=1220863 * https://bugzilla.suse.com/show_bug.cgi?id=1220870 * https://bugzilla.suse.com/show_bug.cgi?id=1220930 * https://bugzilla.suse.com/show_bug.cgi?id=1220931 * https://bugzilla.suse.com/show_bug.cgi?id=1220932 * https://bugzilla.suse.com/show_bug.cgi?id=1220957 * https://bugzilla.suse.com/show_bug.cgi?id=1221039 * https://bugzilla.suse.com/show_bug.cgi?id=1221040 * https://bugzilla.suse.com/show_bug.cgi?id=1221287 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:27 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:27 -0000 Subject: SUSE-SU-2024:0974-1: moderate: Security update for jsch-agent-proxy Message-ID: <171111062738.3825.3810599278481887553@smelt2.prg2.suse.org> # Security update for jsch-agent-proxy Announcement ID: SUSE-SU-2024:0974-1 Rating: moderate References: * bsc#1218198 Cross-References: * CVE-2023-48795 CVSS scores: * CVE-2023-48795 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2023-48795 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * openSUSE Leap 15.5 An update that solves one vulnerability can now be installed. ## Description: This update for jsch-agent-proxy fixes the following issues: * CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity aka Terrapin Attack (bsc#1218198). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-974=1 ## Package List: * openSUSE Leap 15.5 (noarch) * jsch-agent-proxy-javadoc-0.0.9-150200.3.7.1 * jsch-agent-proxy-usocket-jna-0.0.9-150200.3.7.1 * jsch-agent-proxy-usocket-nc-0.0.9-150200.3.7.1 * jsch-agent-proxy-core-0.0.9-150200.3.7.1 * jsch-agent-proxy-pageant-0.0.9-150200.3.7.1 * jsch-agent-proxy-jsch-0.0.9-150200.3.7.1 * jsch-agent-proxy-sshagent-0.0.9-150200.3.7.1 * jsch-agent-proxy-connector-factory-0.0.9-150200.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2023-48795.html * https://bugzilla.suse.com/show_bug.cgi?id=1218198 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:29 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:29 -0000 Subject: SUSE-SU-2024:0973-1: moderate: Security update for tiff Message-ID: <171111062948.3825.13859307927832423692@smelt2.prg2.suse.org> # Security update for tiff Announcement ID: SUSE-SU-2024:0973-1 Rating: moderate References: * bsc#1213590 * bsc#1214686 * bsc#1214687 * bsc#1221187 Cross-References: * CVE-2023-38288 * CVE-2023-40745 * CVE-2023-41175 CVSS scores: * CVE-2023-38288 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-40745 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-40745 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-41175 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-41175 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for tiff fixes the following issues: * CVE-2023-41175: Fixed potential integer overflow in raw2tiff.c (bsc#1214686). * CVE-2023-38288: Fixed potential integer overflow in raw2tiff.c (bsc#1213590). * CVE-2023-40745: Fixed integer overflow in tiffcp.c (bsc#1214687). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-973=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-973=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-973=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-973=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-973=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-973=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-973=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-973=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-973=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-973=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-973=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-973=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libtiff5-debuginfo-4.0.9-150000.45.41.1 * tiff-debuginfo-4.0.9-150000.45.41.1 * tiff-debugsource-4.0.9-150000.45.41.1 * libtiff5-4.0.9-150000.45.41.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libtiff5-debuginfo-4.0.9-150000.45.41.1 * tiff-debuginfo-4.0.9-150000.45.41.1 * tiff-debugsource-4.0.9-150000.45.41.1 * libtiff5-4.0.9-150000.45.41.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libtiff5-debuginfo-4.0.9-150000.45.41.1 * tiff-debuginfo-4.0.9-150000.45.41.1 * tiff-debugsource-4.0.9-150000.45.41.1 * libtiff5-4.0.9-150000.45.41.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libtiff5-debuginfo-4.0.9-150000.45.41.1 * tiff-debuginfo-4.0.9-150000.45.41.1 * tiff-debugsource-4.0.9-150000.45.41.1 * libtiff5-4.0.9-150000.45.41.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * libtiff5-debuginfo-4.0.9-150000.45.41.1 * tiff-debuginfo-4.0.9-150000.45.41.1 * tiff-debugsource-4.0.9-150000.45.41.1 * libtiff5-4.0.9-150000.45.41.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * tiff-debugsource-4.0.9-150000.45.41.1 * libtiff5-4.0.9-150000.45.41.1 * libtiff-devel-4.0.9-150000.45.41.1 * tiff-debuginfo-4.0.9-150000.45.41.1 * libtiff5-debuginfo-4.0.9-150000.45.41.1 * Basesystem Module 15-SP5 (x86_64) * libtiff5-32bit-4.0.9-150000.45.41.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.41.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * tiff-debuginfo-4.0.9-150000.45.41.1 * tiff-debugsource-4.0.9-150000.45.41.1 * tiff-4.0.9-150000.45.41.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libtiff5-debuginfo-4.0.9-150000.45.41.1 * tiff-debuginfo-4.0.9-150000.45.41.1 * tiff-debugsource-4.0.9-150000.45.41.1 * libtiff5-4.0.9-150000.45.41.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libtiff5-debuginfo-4.0.9-150000.45.41.1 * tiff-debuginfo-4.0.9-150000.45.41.1 * tiff-debugsource-4.0.9-150000.45.41.1 * libtiff5-4.0.9-150000.45.41.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * libtiff5-debuginfo-4.0.9-150000.45.41.1 * tiff-debuginfo-4.0.9-150000.45.41.1 * tiff-debugsource-4.0.9-150000.45.41.1 * libtiff5-4.0.9-150000.45.41.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * libtiff5-debuginfo-4.0.9-150000.45.41.1 * tiff-debuginfo-4.0.9-150000.45.41.1 * tiff-debugsource-4.0.9-150000.45.41.1 * libtiff5-4.0.9-150000.45.41.1 * openSUSE Leap 15.5 (x86_64) * libtiff5-32bit-4.0.9-150000.45.41.1 * libtiff5-32bit-debuginfo-4.0.9-150000.45.41.1 * libtiff-devel-32bit-4.0.9-150000.45.41.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * tiff-debugsource-4.0.9-150000.45.41.1 * libtiff5-4.0.9-150000.45.41.1 * libtiff-devel-4.0.9-150000.45.41.1 * tiff-debuginfo-4.0.9-150000.45.41.1 * libtiff5-debuginfo-4.0.9-150000.45.41.1 * tiff-4.0.9-150000.45.41.1 ## References: * https://www.suse.com/security/cve/CVE-2023-38288.html * https://www.suse.com/security/cve/CVE-2023-40745.html * https://www.suse.com/security/cve/CVE-2023-41175.html * https://bugzilla.suse.com/show_bug.cgi?id=1213590 * https://bugzilla.suse.com/show_bug.cgi?id=1214686 * https://bugzilla.suse.com/show_bug.cgi?id=1214687 * https://bugzilla.suse.com/show_bug.cgi?id=1221187 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:31 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:31 -0000 Subject: SUSE-SU-2024:0972-1: moderate: Security update for jbcrypt, trilead-ssh2 Message-ID: <171111063133.3825.4604800168219628145@smelt2.prg2.suse.org> # Security update for jbcrypt, trilead-ssh2 Announcement ID: SUSE-SU-2024:0972-1 Rating: moderate References: * bsc#1218198 Cross-References: * CVE-2023-48795 CVSS scores: * CVE-2023-48795 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2023-48795 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * openSUSE Leap 15.5 An update that solves one vulnerability can now be installed. ## Description: This update for jbcrypt, trilead-ssh2 fixes the following issues: * CVE-2023-48795: Fixed prefix truncation breaking ssh channel integrity aka Terrapin Attack (bsc#1218198). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-972=1 ## Package List: * openSUSE Leap 15.5 (noarch) * trilead-ssh2-javadoc-217.293.v56de4d4d3515-150200.3.7.1 * trilead-ssh2-217.293.v56de4d4d3515-150200.3.7.1 ## References: * https://www.suse.com/security/cve/CVE-2023-48795.html * https://bugzilla.suse.com/show_bug.cgi?id=1218198 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:33 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:33 -0000 Subject: SUSE-SU-2024:0971-1: important: Security update for MozillaFirefox Message-ID: <171111063303.3825.5389525318189817892@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2024:0971-1 Rating: important References: * bsc#1221327 Cross-References: * CVE-2023-5388 * CVE-2024-0743 * CVE-2024-2605 * CVE-2024-2607 * CVE-2024-2608 * CVE-2024-2610 * CVE-2024-2611 * CVE-2024-2612 * CVE-2024-2614 * CVE-2024-2616 CVSS scores: * CVE-2023-5388 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-0743 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0743 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-2605 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-2607 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-2608 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-2610 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-2611 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-2612 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-2614 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-2616 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.9.0 ESR (bsc#1221327): * CVE-2024-0743: Crash in NSS TLS method (bmo#1867408). * CVE-2024-2605: Windows Error Reporter could be used as a Sandbox escape vector (bmo#1872920). * CVE-2024-2607: JIT code failed to save return registers on Armv7-A (bmo#1879939). * CVE-2024-2608: Integer overflow could have led to out of bounds write (bmo#1880692). * CVE-2024-2616: Improve handling of out-of-memory conditions in ICU (bmo#1846197). * CVE-2023-5388: NSS susceptible to timing attack against RSA decryption (bmo#1780432). * CVE-2024-2610: Improper handling of html and body tags enabled CSP nonce leakage (bmo#1871112). * CVE-2024-2611: Clickjacking vulnerability could have led to a user accidentally granting permissions (bmo#1876675). * CVE-2024-2612: Self referencing object could have potentially led to a use- after-free (bmo#1879444). * CVE-2024-2614: Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9 (bmo#1685358, bmo#1861016, bmo#1880405, bmo#1881093). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-971=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-971=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-971=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-971=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-115.9.0-112.203.2 * MozillaFirefox-debuginfo-115.9.0-112.203.2 * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch) * MozillaFirefox-devel-115.9.0-112.203.2 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * MozillaFirefox-115.9.0-112.203.2 * MozillaFirefox-translations-common-115.9.0-112.203.2 * MozillaFirefox-debugsource-115.9.0-112.203.2 * MozillaFirefox-debuginfo-115.9.0-112.203.2 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * MozillaFirefox-devel-115.9.0-112.203.2 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-115.9.0-112.203.2 * MozillaFirefox-translations-common-115.9.0-112.203.2 * MozillaFirefox-debugsource-115.9.0-112.203.2 * MozillaFirefox-debuginfo-115.9.0-112.203.2 * SUSE Linux Enterprise Server 12 SP5 (noarch) * MozillaFirefox-devel-115.9.0-112.203.2 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * MozillaFirefox-115.9.0-112.203.2 * MozillaFirefox-translations-common-115.9.0-112.203.2 * MozillaFirefox-debugsource-115.9.0-112.203.2 * MozillaFirefox-debuginfo-115.9.0-112.203.2 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * MozillaFirefox-devel-115.9.0-112.203.2 ## References: * https://www.suse.com/security/cve/CVE-2023-5388.html * https://www.suse.com/security/cve/CVE-2024-0743.html * https://www.suse.com/security/cve/CVE-2024-2605.html * https://www.suse.com/security/cve/CVE-2024-2607.html * https://www.suse.com/security/cve/CVE-2024-2608.html * https://www.suse.com/security/cve/CVE-2024-2610.html * https://www.suse.com/security/cve/CVE-2024-2611.html * https://www.suse.com/security/cve/CVE-2024-2612.html * https://www.suse.com/security/cve/CVE-2024-2614.html * https://www.suse.com/security/cve/CVE-2024-2616.html * https://bugzilla.suse.com/show_bug.cgi?id=1221327 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:35 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:35 -0000 Subject: SUSE-SU-2024:0970-1: moderate: Security update for zziplib Message-ID: <171111063581.3825.16007502349515364990@smelt2.prg2.suse.org> # Security update for zziplib Announcement ID: SUSE-SU-2024:0970-1 Rating: moderate References: * bsc#1154002 * bsc#1187526 * bsc#1214577 Cross-References: * CVE-2020-18442 * CVE-2020-18770 CVSS scores: * CVE-2020-18442 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2020-18442 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2020-18770 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2020-18770 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for zziplib fixes the following issues: Security issue fixed: * CVE-2020-18442: Fixed infinite loop in zzip_file_read() as used in unzzip_cat_file() (bsc#1187526). * CVE-2020-18770: Fixed denial-of-service in function zzip_disk_entry_to_file_header in mmapped.c (bsc#1214577). Non-security issue fixed: * Implement an error message with a condition by checking the return value of a function call. (bsc#1154002) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-970=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-970=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * zziplib-debugsource-0.13.69-150000.3.17.1 * libzzip-0-13-debuginfo-0.13.69-150000.3.17.1 * libzzip-0-13-0.13.69-150000.3.17.1 * zziplib-devel-0.13.69-150000.3.17.1 * zziplib-devel-debuginfo-0.13.69-150000.3.17.1 * openSUSE Leap 15.5 (x86_64) * zziplib-devel-32bit-debuginfo-0.13.69-150000.3.17.1 * libzzip-0-13-32bit-0.13.69-150000.3.17.1 * libzzip-0-13-32bit-debuginfo-0.13.69-150000.3.17.1 * zziplib-devel-32bit-0.13.69-150000.3.17.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * zziplib-debugsource-0.13.69-150000.3.17.1 * libzzip-0-13-debuginfo-0.13.69-150000.3.17.1 * libzzip-0-13-0.13.69-150000.3.17.1 * zziplib-devel-0.13.69-150000.3.17.1 * zziplib-devel-debuginfo-0.13.69-150000.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2020-18442.html * https://www.suse.com/security/cve/CVE-2020-18770.html * https://bugzilla.suse.com/show_bug.cgi?id=1154002 * https://bugzilla.suse.com/show_bug.cgi?id=1187526 * https://bugzilla.suse.com/show_bug.cgi?id=1214577 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:39 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:39 -0000 Subject: SUSE-RU-2024:0968-1: important: Recommended update for yast2-network Message-ID: <171111063927.3825.11402989651184846032@smelt2.prg2.suse.org> # Recommended update for yast2-network Announcement ID: SUSE-RU-2024:0968-1 Rating: important References: * bsc#1221194 Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that has one fix can now be installed. ## Description: This update for yast2-network fixes the following issues: * Guard secret attributes against leaking to the log (bsc#1221194) * Update to version 4.3.89 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-968=1 * SUSE Linux Enterprise Server 15 SP3 zypper in -t patch SUSE-SLE-INSTALLER-15-SP3-2024-968=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-968=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-968=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-968=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-968=1 ## Package List: * openSUSE Leap 15.3 (noarch) * yast2-network-4.3.89-150300.3.41.1 * SUSE Linux Enterprise Server 15 SP3 (noarch) * yast2-network-4.3.89-150300.3.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * yast2-network-4.3.89-150300.3.41.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * yast2-network-4.3.89-150300.3.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * yast2-network-4.3.89-150300.3.41.1 * SUSE Enterprise Storage 7.1 (noarch) * yast2-network-4.3.89-150300.3.41.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1221194 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:37 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:37 -0000 Subject: SUSE-RU-2024:0969-1: important: Recommended update for yast2-network Message-ID: <171111063779.3825.16604837676228727176@smelt2.prg2.suse.org> # Recommended update for yast2-network Announcement ID: SUSE-RU-2024:0969-1 Rating: important References: * bsc#1221194 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for yast2-network fixes the following issues: * Guard secret attributes against leaking to the log (bsc#1221194) * Update to version 4.4.60 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-969=1 * SUSE Linux Enterprise High Performance Computing 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-969=1 * SUSE Linux Enterprise Server 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-969=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-969=1 SUSE- SLE-INSTALLER-15-SP4-2024-969=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-969=1 SUSE-SLE- INSTALLER-15-SP4-2024-969=1 * SUSE Linux Enterprise Desktop 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-969=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-969=1 SUSE-SLE-INSTALLER-15-SP4-2024-969=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-969=1 SUSE-SLE- INSTALLER-15-SP4-2024-969=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-969=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-969=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-969=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-969=1 ## Package List: * openSUSE Leap 15.4 (noarch) * yast2-network-4.4.60-150400.3.30.1 * SUSE Linux Enterprise High Performance Computing 15 SP4 (noarch) * yast2-network-4.4.60-150400.3.30.1 * SUSE Linux Enterprise Server 15 SP4 (noarch) * yast2-network-4.4.60-150400.3.30.1 * SUSE Manager Server 4.3 (noarch) * yast2-network-4.4.60-150400.3.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * yast2-network-4.4.60-150400.3.30.1 * SUSE Linux Enterprise Desktop 15 SP4 (noarch) * yast2-network-4.4.60-150400.3.30.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * yast2-network-4.4.60-150400.3.30.1 * SUSE Manager Proxy 4.3 (noarch) * yast2-network-4.4.60-150400.3.30.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * yast2-network-4.4.60-150400.3.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * yast2-network-4.4.60-150400.3.30.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * yast2-network-4.4.60-150400.3.30.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * yast2-network-4.4.60-150400.3.30.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1221194 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:40 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:40 -0000 Subject: SUSE-RU-2024:0967-1: important: Recommended update for yast2-network Message-ID: <171111064048.3825.8219902660715903361@smelt2.prg2.suse.org> # Recommended update for yast2-network Announcement ID: SUSE-RU-2024:0967-1 Rating: important References: * bsc#1221194 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for yast2-network fixes the following issues: * Guard secret attributes against leaking to the log (bsc#1221194) * Update to version 4.5.24 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-967=1 openSUSE-SLE-15.5-2024-967=1 * SUSE Linux Enterprise High Performance Computing 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-967=1 * SUSE Linux Enterprise Server 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-967=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-967=1 * SUSE Linux Enterprise Desktop 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-967=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-967=1 ## Package List: * openSUSE Leap 15.5 (noarch) * yast2-network-4.5.24-150500.3.14.1 * SUSE Linux Enterprise High Performance Computing 15 SP5 (noarch) * yast2-network-4.5.24-150500.3.14.1 * SUSE Linux Enterprise Server 15 SP5 (noarch) * yast2-network-4.5.24-150500.3.14.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * yast2-network-4.5.24-150500.3.14.1 * SUSE Linux Enterprise Desktop 15 SP5 (noarch) * yast2-network-4.5.24-150500.3.14.1 * Basesystem Module 15-SP5 (noarch) * yast2-network-4.5.24-150500.3.14.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1221194 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:42 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:42 -0000 Subject: SUSE-SU-2024:0966-1: moderate: Security update for PackageKit Message-ID: <171111064219.3825.11895047244077881944@smelt2.prg2.suse.org> # Security update for PackageKit Announcement ID: SUSE-SU-2024:0966-1 Rating: moderate References: * bsc#1218544 Cross-References: * CVE-2024-0217 CVSS scores: * CVE-2024-0217 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-0217 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for PackageKit fixes the following issues: * CVE-2024-0217: Check that Finished signal is emitted at most once (bsc#1218544). ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-966=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-966=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-966=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-966=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-966=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libpackagekit-glib2-devel-1.1.3-24.18.1 * PackageKit-debugsource-1.1.3-24.18.1 * PackageKit-devel-1.1.3-24.18.1 * PackageKit-devel-debuginfo-1.1.3-24.18.1 * PackageKit-debuginfo-1.1.3-24.18.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * PackageKit-debugsource-1.1.3-24.18.1 * PackageKit-backend-zypp-1.1.3-24.18.1 * PackageKit-1.1.3-24.18.1 * libpackagekit-glib2-18-debuginfo-1.1.3-24.18.1 * PackageKit-backend-zypp-debuginfo-1.1.3-24.18.1 * libpackagekit-glib2-18-1.1.3-24.18.1 * PackageKit-debuginfo-1.1.3-24.18.1 * typelib-1_0-PackageKitGlib-1_0-1.1.3-24.18.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * PackageKit-lang-1.1.3-24.18.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * PackageKit-debugsource-1.1.3-24.18.1 * PackageKit-backend-zypp-1.1.3-24.18.1 * PackageKit-1.1.3-24.18.1 * libpackagekit-glib2-18-debuginfo-1.1.3-24.18.1 * PackageKit-backend-zypp-debuginfo-1.1.3-24.18.1 * libpackagekit-glib2-18-1.1.3-24.18.1 * PackageKit-debuginfo-1.1.3-24.18.1 * typelib-1_0-PackageKitGlib-1_0-1.1.3-24.18.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * PackageKit-lang-1.1.3-24.18.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * PackageKit-debugsource-1.1.3-24.18.1 * PackageKit-backend-zypp-1.1.3-24.18.1 * PackageKit-1.1.3-24.18.1 * libpackagekit-glib2-18-debuginfo-1.1.3-24.18.1 * PackageKit-backend-zypp-debuginfo-1.1.3-24.18.1 * libpackagekit-glib2-18-1.1.3-24.18.1 * PackageKit-debuginfo-1.1.3-24.18.1 * typelib-1_0-PackageKitGlib-1_0-1.1.3-24.18.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * PackageKit-lang-1.1.3-24.18.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * PackageKit-gstreamer-plugin-debuginfo-1.1.3-24.18.1 * PackageKit-debugsource-1.1.3-24.18.1 * PackageKit-gstreamer-plugin-1.1.3-24.18.1 * PackageKit-debuginfo-1.1.3-24.18.1 * PackageKit-gtk3-module-1.1.3-24.18.1 * PackageKit-gtk3-module-debuginfo-1.1.3-24.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0217.html * https://bugzilla.suse.com/show_bug.cgi?id=1218544 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:45 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:45 -0000 Subject: SUSE-SU-2024:0964-1: moderate: Security update for dav1d Message-ID: <171111064551.3825.5096121940686901635@smelt2.prg2.suse.org> # Security update for dav1d Announcement ID: SUSE-SU-2024:0964-1 Rating: moderate References: * bsc#1220100 Cross-References: * CVE-2024-1580 CVSS scores: * CVE-2024-1580 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L Affected Products: * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for dav1d fixes the following issues: * CVE-2024-1580: Fixed tile_start_off calculations for extremely large frame sizes (bsc#1220100). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-964=1 openSUSE-SLE-15.5-2024-964=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-964=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-964=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * dav1d-1.0.0-150500.3.6.1 * libdav1d6-1.0.0-150500.3.6.1 * libdav1d6-debuginfo-1.0.0-150500.3.6.1 * dav1d-debuginfo-1.0.0-150500.3.6.1 * dav1d-devel-1.0.0-150500.3.6.1 * dav1d-debugsource-1.0.0-150500.3.6.1 * openSUSE Leap 15.5 (x86_64) * libdav1d6-32bit-1.0.0-150500.3.6.1 * libdav1d6-32bit-debuginfo-1.0.0-150500.3.6.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libdav1d6-64bit-1.0.0-150500.3.6.1 * libdav1d6-64bit-debuginfo-1.0.0-150500.3.6.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libdav1d6-1.0.0-150500.3.6.1 * libdav1d6-debuginfo-1.0.0-150500.3.6.1 * dav1d-debuginfo-1.0.0-150500.3.6.1 * dav1d-devel-1.0.0-150500.3.6.1 * dav1d-debugsource-1.0.0-150500.3.6.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * dav1d-debuginfo-1.0.0-150500.3.6.1 * dav1d-1.0.0-150500.3.6.1 * dav1d-debugsource-1.0.0-150500.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1580.html * https://bugzilla.suse.com/show_bug.cgi?id=1220100 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:47 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:47 -0000 Subject: SUSE-SU-2024:0963-1: moderate: Security update for dav1d Message-ID: <171111064726.3825.1488269404869376783@smelt2.prg2.suse.org> # Security update for dav1d Announcement ID: SUSE-SU-2024:0963-1 Rating: moderate References: * bsc#1220100 Cross-References: * CVE-2024-1580 CVSS scores: * CVE-2024-1580 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for dav1d fixes the following issues: * CVE-2024-1580: Fixed tile_start_off calculations for extremely large frame sizes (bsc#1220100). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-963=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-963=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * dav1d-debugsource-0.9.2-150400.3.3.1 * dav1d-debuginfo-0.9.2-150400.3.3.1 * libdav1d5-0.9.2-150400.3.3.1 * dav1d-0.9.2-150400.3.3.1 * dav1d-devel-0.9.2-150400.3.3.1 * libdav1d5-debuginfo-0.9.2-150400.3.3.1 * openSUSE Leap 15.4 (x86_64) * libdav1d5-32bit-debuginfo-0.9.2-150400.3.3.1 * libdav1d5-32bit-0.9.2-150400.3.3.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libdav1d5-64bit-0.9.2-150400.3.3.1 * libdav1d5-64bit-debuginfo-0.9.2-150400.3.3.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libdav1d5-0.9.2-150400.3.3.1 * dav1d-debuginfo-0.9.2-150400.3.3.1 * dav1d-debugsource-0.9.2-150400.3.3.1 * libdav1d5-debuginfo-0.9.2-150400.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1580.html * https://bugzilla.suse.com/show_bug.cgi?id=1220100 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:48 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:48 -0000 Subject: SUSE-RU-2024:0962-1: moderate: Recommended update for transactional-update Message-ID: <171111064893.3825.4480252102182203033@smelt2.prg2.suse.org> # Recommended update for transactional-update Announcement ID: SUSE-RU-2024:0962-1 Rating: moderate References: * bsc#1221346 Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that has one fix can now be installed. ## Description: This update for transactional-update fixes the following issue: * Always use zypper of installed system [bsc#1221346] ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-962=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (noarch) * transactional-update-zypp-config-4.1.7-150500.3.6.2 * dracut-transactional-update-4.1.7-150500.3.6.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * transactional-update-debugsource-4.1.7-150500.3.6.2 * libtukit4-debuginfo-4.1.7-150500.3.6.2 * libtukit4-4.1.7-150500.3.6.2 * tukit-debuginfo-4.1.7-150500.3.6.2 * transactional-update-4.1.7-150500.3.6.2 * transactional-update-debuginfo-4.1.7-150500.3.6.2 * tukit-4.1.7-150500.3.6.2 * tukitd-debuginfo-4.1.7-150500.3.6.2 * tukitd-4.1.7-150500.3.6.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1221346 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:49 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:49 -0000 Subject: SUSE-SU-2024:0961-1: low: Security update for zziplib Message-ID: <171111064993.3825.9961042505473304351@smelt2.prg2.suse.org> # Security update for zziplib Announcement ID: SUSE-SU-2024:0961-1 Rating: low References: * bsc#1214577 Cross-References: * CVE-2020-18770 CVSS scores: * CVE-2020-18770 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2020-18770 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for zziplib fixes the following issues: * CVE-2020-18770: Fixed denial-of-service in function zzip_disk_entry_to_file_header in mmapped.c (bsc#1214577). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-961=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-961=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libzzip-0-13-debuginfo-0.13.67-10.36.1 * zziplib-devel-0.13.67-10.36.1 * zziplib-devel-debuginfo-0.13.67-10.36.1 * zziplib-debugsource-0.13.67-10.36.1 * libzzip-0-13-0.13.67-10.36.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * libzzip-0-13-debuginfo-0.13.67-10.36.1 * libzzip-0-13-0.13.67-10.36.1 * zziplib-debugsource-0.13.67-10.36.1 ## References: * https://www.suse.com/security/cve/CVE-2020-18770.html * https://bugzilla.suse.com/show_bug.cgi?id=1214577 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:52 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:52 -0000 Subject: SUSE-RU-2024:0959-1: moderate: Recommended update for git Message-ID: <171111065297.3825.1583535462472441556@smelt2.prg2.suse.org> # Recommended update for git Announcement ID: SUSE-RU-2024:0959-1 Rating: moderate References: * bsc#1216545 Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that has one fix can now be installed. ## Description: This update for git fixes the following issues: * Do not replace apparmor configuration (bsc#1216545) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-959=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-959=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-959=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * git-debugsource-2.26.2-150000.53.1 * gitk-2.26.2-150000.53.1 * git-daemon-2.26.2-150000.53.1 * git-arch-2.26.2-150000.53.1 * git-debuginfo-2.26.2-150000.53.1 * git-svn-debuginfo-2.26.2-150000.53.1 * git-gui-2.26.2-150000.53.1 * git-core-2.26.2-150000.53.1 * git-svn-2.26.2-150000.53.1 * git-daemon-debuginfo-2.26.2-150000.53.1 * git-email-2.26.2-150000.53.1 * git-cvs-2.26.2-150000.53.1 * git-2.26.2-150000.53.1 * git-web-2.26.2-150000.53.1 * git-core-debuginfo-2.26.2-150000.53.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * git-doc-2.26.2-150000.53.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * git-debugsource-2.26.2-150000.53.1 * gitk-2.26.2-150000.53.1 * git-daemon-2.26.2-150000.53.1 * git-arch-2.26.2-150000.53.1 * git-debuginfo-2.26.2-150000.53.1 * git-svn-debuginfo-2.26.2-150000.53.1 * git-gui-2.26.2-150000.53.1 * git-core-2.26.2-150000.53.1 * git-svn-2.26.2-150000.53.1 * git-daemon-debuginfo-2.26.2-150000.53.1 * git-email-2.26.2-150000.53.1 * git-cvs-2.26.2-150000.53.1 * git-2.26.2-150000.53.1 * git-web-2.26.2-150000.53.1 * git-core-debuginfo-2.26.2-150000.53.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * git-doc-2.26.2-150000.53.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * git-debugsource-2.26.2-150000.53.1 * gitk-2.26.2-150000.53.1 * git-daemon-2.26.2-150000.53.1 * git-arch-2.26.2-150000.53.1 * git-debuginfo-2.26.2-150000.53.1 * git-svn-debuginfo-2.26.2-150000.53.1 * git-gui-2.26.2-150000.53.1 * git-core-2.26.2-150000.53.1 * git-svn-2.26.2-150000.53.1 * git-daemon-debuginfo-2.26.2-150000.53.1 * git-email-2.26.2-150000.53.1 * git-cvs-2.26.2-150000.53.1 * git-2.26.2-150000.53.1 * git-web-2.26.2-150000.53.1 * git-core-debuginfo-2.26.2-150000.53.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * git-doc-2.26.2-150000.53.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1216545 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:54 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:54 -0000 Subject: SUSE-RU-2024:0958-1: moderate: Recommended update for google-guest-agent, google-guest-oslogin Message-ID: <171111065471.3825.6082277527263295083@smelt2.prg2.suse.org> # Recommended update for google-guest-agent, google-guest-oslogin Announcement ID: SUSE-RU-2024:0958-1 Rating: moderate References: * bsc#1191036 * bsc#1202100 * bsc#1202101 * bsc#1216546 * bsc#1216547 * bsc#1216548 * bsc#1216750 * bsc#1216751 * bsc#1219642 Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has nine fixes can now be installed. ## Description: This update for google-guest-agent, google-guest-oslogin fixes the following issues: * Add explicit versioned dependency on google-guest-oslogin (bsc#1219642) * Update to version 20231031.01 (bsc#1216547, bsc#1216751, bsc#1216548, bsc#1216750, bsc#1202100, bsc#1202101) * Enable mTLS by default * Rotate MDS root certificate * Don't try to schedule mTLS job twice * Bump the golang compiler version to 1.21 (bsc#1216546) * Instance setup: trust/rely on metadata package's retry * Update known cert dirs for updaters * Verify cert refresher is enabled before running * Add support for the SSH key options * Events interface improvement * Refactor script runner to use common metadata package * Schedule MTLS job before notifying systemd * Refactor authorized keys to use metadata package * docs update: Add configuration and event manager's docs * oslogin: Resort ssh configuration keys * sshca: Make sure to restore SELinux context of the pipe * Notify systemd after scheduling required jobs * Use pam_moduledir (bsc#1191036) * pam login: Split conditions for logging ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2024-958=1 ## Package List: * Public Cloud Module 12 (aarch64 ppc64le s390x x86_64) * google-guest-oslogin-debugsource-20231101.00-1.29.1 * google-guest-agent-20231031.01-1.35.1 * google-guest-oslogin-debuginfo-20231101.00-1.29.1 * google-guest-oslogin-20231101.00-1.29.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1191036 * https://bugzilla.suse.com/show_bug.cgi?id=1202100 * https://bugzilla.suse.com/show_bug.cgi?id=1202101 * https://bugzilla.suse.com/show_bug.cgi?id=1216546 * https://bugzilla.suse.com/show_bug.cgi?id=1216547 * https://bugzilla.suse.com/show_bug.cgi?id=1216548 * https://bugzilla.suse.com/show_bug.cgi?id=1216750 * https://bugzilla.suse.com/show_bug.cgi?id=1216751 * https://bugzilla.suse.com/show_bug.cgi?id=1219642 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:55 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:55 -0000 Subject: SUSE-FU-2024:0957-1: moderate: Feature update for python3-atomicwrites Message-ID: <171111065577.3825.13369542971376126021@smelt2.prg2.suse.org> # Feature update for python3-atomicwrites Announcement ID: SUSE-FU-2024:0957-1 Rating: moderate References: * jsc#PED-7668 Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature can now be installed. ## Description: This update for python3-atomicwrites fixes the following issues: * Update to version 1.3.0 (jsc#PED-7668) * Restore ability to use tempfile kwargs other than dir * Update to version 1.2.1 * Exclude pycache from sdist * Updat to version 1.2.0 * Avoid API breakage under Python 2 * Passes kwargs through AtomicWriter to tempfile.NamedTemporaryFile * Update supported Python versions * Remove non-existent _static dir from docs/conf.py ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-957=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-957=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-957=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-957=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python3-atomicwrites-1.3.0-150400.9.3.1 * openSUSE Leap 15.5 (noarch) * python3-atomicwrites-1.3.0-150400.9.3.1 * Public Cloud Module 15-SP4 (noarch) * python3-atomicwrites-1.3.0-150400.9.3.1 * Public Cloud Module 15-SP5 (noarch) * python3-atomicwrites-1.3.0-150400.9.3.1 ## References: * https://jira.suse.com/browse/PED-7668 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:57 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:57 -0000 Subject: SUSE-RU-2024:0956-1: moderate: Recommended update for powerpc-utils Message-ID: <171111065786.3825.14322695712757153979@smelt2.prg2.suse.org> # Recommended update for powerpc-utils Announcement ID: SUSE-RU-2024:0956-1 Rating: moderate References: * bsc#1195404 * bsc#1200731 * bsc#1206518 * bsc#1219234 * bsc#1219433 * bsc#1219716 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has six fixes can now be installed. ## Description: This update for powerpc-utils fixes the following issues: * lparstat mode incorrect in a dedicated-donating LPAR (bsc#1206518) * Support muliple NVMe device paths in bootlist (bsc#1219234) * Add fixes merged upstream (bsc#1219433) * Fix setting primary HNV link when using NM (bsc#1195404 ltc#196259) * HNV interface fails to come up when added in lpar inactive state (bnc#1200731) * [Regression]: [P10] [6.4.0-150600.4-default] : lsslot command displays incorrect output (bnc#1219716) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-956=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-956=1 openSUSE-SLE-15.5-2024-956=1 ## Package List: * Basesystem Module 15-SP5 (ppc64le) * powerpc-utils-debugsource-1.3.11-150500.3.14.3 * powerpc-utils-1.3.11-150500.3.14.3 * powerpc-utils-debuginfo-1.3.11-150500.3.14.3 * openSUSE Leap 15.5 (ppc64le) * powerpc-utils-debugsource-1.3.11-150500.3.14.3 * powerpc-utils-1.3.11-150500.3.14.3 * powerpc-utils-debuginfo-1.3.11-150500.3.14.3 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1195404 * https://bugzilla.suse.com/show_bug.cgi?id=1200731 * https://bugzilla.suse.com/show_bug.cgi?id=1206518 * https://bugzilla.suse.com/show_bug.cgi?id=1219234 * https://bugzilla.suse.com/show_bug.cgi?id=1219433 * https://bugzilla.suse.com/show_bug.cgi?id=1219716 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:43 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:43 -0000 Subject: SUSE-SU-2024:0965-1: moderate: Security update for indent Message-ID: <171111064366.3825.11533660150086024195@smelt2.prg2.suse.org> # Security update for indent Announcement ID: SUSE-SU-2024:0965-1 Rating: moderate References: * bsc#1219210 Cross-References: * CVE-2024-0911 CVSS scores: * CVE-2024-0911 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H * CVE-2024-0911 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for indent fixes the following issues: * CVE-2024-0911: Fixed heap-based buffer overflow in set_buf_break() (bsc#1219210). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-965=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-965=1 ## Package List: * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * indent-debuginfo-2.2.11-150000.3.9.1 * indent-2.2.11-150000.3.9.1 * indent-debugsource-2.2.11-150000.3.9.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * indent-debuginfo-2.2.11-150000.3.9.1 * indent-2.2.11-150000.3.9.1 * indent-debugsource-2.2.11-150000.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0911.html * https://bugzilla.suse.com/show_bug.cgi?id=1219210 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:51 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:51 -0000 Subject: SUSE-RU-2024:0960-1: moderate: Recommended update for git Message-ID: <171111065141.3825.16328973539600866179@smelt2.prg2.suse.org> # Recommended update for git Announcement ID: SUSE-RU-2024:0960-1 Rating: moderate References: * bsc#1216545 Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for git fixes the following issues: * Do not replace apparmor configuration (bsc#1216545) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-960=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-960=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-960=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-960=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-960=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * git-arch-2.35.3-150300.10.36.1 * git-web-2.35.3-150300.10.36.1 * git-daemon-2.35.3-150300.10.36.1 * git-debugsource-2.35.3-150300.10.36.1 * git-daemon-debuginfo-2.35.3-150300.10.36.1 * git-email-2.35.3-150300.10.36.1 * git-core-2.35.3-150300.10.36.1 * git-cvs-2.35.3-150300.10.36.1 * git-credential-libsecret-debuginfo-2.35.3-150300.10.36.1 * git-2.35.3-150300.10.36.1 * git-core-debuginfo-2.35.3-150300.10.36.1 * git-credential-libsecret-2.35.3-150300.10.36.1 * git-svn-2.35.3-150300.10.36.1 * gitk-2.35.3-150300.10.36.1 * git-debuginfo-2.35.3-150300.10.36.1 * git-credential-gnome-keyring-2.35.3-150300.10.36.1 * git-credential-gnome-keyring-debuginfo-2.35.3-150300.10.36.1 * git-p4-2.35.3-150300.10.36.1 * git-gui-2.35.3-150300.10.36.1 * perl-Git-2.35.3-150300.10.36.1 * openSUSE Leap 15.3 (noarch) * git-doc-2.35.3-150300.10.36.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * git-arch-2.35.3-150300.10.36.1 * git-web-2.35.3-150300.10.36.1 * git-daemon-2.35.3-150300.10.36.1 * git-debugsource-2.35.3-150300.10.36.1 * git-daemon-debuginfo-2.35.3-150300.10.36.1 * git-email-2.35.3-150300.10.36.1 * git-core-2.35.3-150300.10.36.1 * git-cvs-2.35.3-150300.10.36.1 * git-credential-libsecret-debuginfo-2.35.3-150300.10.36.1 * git-2.35.3-150300.10.36.1 * git-core-debuginfo-2.35.3-150300.10.36.1 * git-credential-libsecret-2.35.3-150300.10.36.1 * git-svn-2.35.3-150300.10.36.1 * gitk-2.35.3-150300.10.36.1 * git-debuginfo-2.35.3-150300.10.36.1 * git-credential-gnome-keyring-2.35.3-150300.10.36.1 * git-credential-gnome-keyring-debuginfo-2.35.3-150300.10.36.1 * git-p4-2.35.3-150300.10.36.1 * git-gui-2.35.3-150300.10.36.1 * perl-Git-2.35.3-150300.10.36.1 * openSUSE Leap 15.5 (noarch) * git-doc-2.35.3-150300.10.36.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * git-debugsource-2.35.3-150300.10.36.1 * git-core-2.35.3-150300.10.36.1 * git-2.35.3-150300.10.36.1 * git-core-debuginfo-2.35.3-150300.10.36.1 * git-debuginfo-2.35.3-150300.10.36.1 * perl-Git-2.35.3-150300.10.36.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * git-core-debuginfo-2.35.3-150300.10.36.1 * git-debugsource-2.35.3-150300.10.36.1 * git-core-2.35.3-150300.10.36.1 * git-debuginfo-2.35.3-150300.10.36.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * git-arch-2.35.3-150300.10.36.1 * git-web-2.35.3-150300.10.36.1 * git-daemon-2.35.3-150300.10.36.1 * git-debugsource-2.35.3-150300.10.36.1 * git-daemon-debuginfo-2.35.3-150300.10.36.1 * git-email-2.35.3-150300.10.36.1 * git-cvs-2.35.3-150300.10.36.1 * git-2.35.3-150300.10.36.1 * git-svn-2.35.3-150300.10.36.1 * git-debuginfo-2.35.3-150300.10.36.1 * gitk-2.35.3-150300.10.36.1 * perl-Git-2.35.3-150300.10.36.1 * git-gui-2.35.3-150300.10.36.1 * Development Tools Module 15-SP5 (noarch) * git-doc-2.35.3-150300.10.36.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1216545 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:30:59 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:30:59 -0000 Subject: SUSE-RU-2024:0955-1: moderate: Recommended update for rmt-server Message-ID: <171111065995.3825.7774765906239597641@smelt2.prg2.suse.org> # Recommended update for rmt-server Announcement ID: SUSE-RU-2024:0955-1 Rating: moderate References: * bsc#1215176 * bsc#1216389 * bsc#1218775 * bsc#1219153 * bsc#1219540 * bsc#1221223 * jsc#PED-3734 Affected Products: * openSUSE Leap 15.5 * Public Cloud Module 15-SP5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that contains one feature and has six fixes can now be installed. ## Description: This update for rmt-server fixes the following issues: * Version 2.15: * Moving system hardware information to systems database table to allow transmitting system information dynamically. (jsc#PED-3734) * Dropping Rails Secrets facilities and related config files (bsc#1215176) * Updated supportconfig script (bsc#1216389) * Support zstd compression for repository metadata (bsc#1218775) * Do not add credential handling to normal repository URLs (bsc#1219153) * Fix for SUSE Liberty registration script to allow RHEL7/SLL7/CentOS7 clients to register to RMT servers * make sure yum that can read repomd.xml correctly is installed (bsc#1221223) * Provide user/group symbol for user created during pre (bsc#1219540) * Disable authentication for license files in pubcloud context * Higher registration sharing timeout * rmt-server-pubcloud: * Extend cache expiration time for BYOS systems (PAYG: 20 min, BYOS: 24 hours) * Include byos parameter when checking subscription validity for BYOS systems with SCC ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-955=1 openSUSE-SLE-15.5-2024-955=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-955=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-955=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * rmt-server-pubcloud-2.15-150500.3.9.2 * rmt-server-debuginfo-2.15-150500.3.9.2 * rmt-server-2.15-150500.3.9.2 * rmt-server-debugsource-2.15-150500.3.9.2 * rmt-server-config-2.15-150500.3.9.2 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * rmt-server-pubcloud-2.15-150500.3.9.2 * rmt-server-debugsource-2.15-150500.3.9.2 * rmt-server-debuginfo-2.15-150500.3.9.2 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * rmt-server-debugsource-2.15-150500.3.9.2 * rmt-server-debuginfo-2.15-150500.3.9.2 * rmt-server-2.15-150500.3.9.2 * rmt-server-config-2.15-150500.3.9.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1215176 * https://bugzilla.suse.com/show_bug.cgi?id=1216389 * https://bugzilla.suse.com/show_bug.cgi?id=1218775 * https://bugzilla.suse.com/show_bug.cgi?id=1219153 * https://bugzilla.suse.com/show_bug.cgi?id=1219540 * https://bugzilla.suse.com/show_bug.cgi?id=1221223 * https://jira.suse.com/browse/PED-3734 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:01 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:01 -0000 Subject: SUSE-RU-2024:0954-1: moderate: Recommended update for rmt-server Message-ID: <171111066175.3825.17904700614937731924@smelt2.prg2.suse.org> # Recommended update for rmt-server Announcement ID: SUSE-RU-2024:0954-1 Rating: moderate References: * bsc#1215176 * bsc#1216389 * bsc#1218775 * bsc#1219153 * bsc#1219540 * bsc#1221223 * jsc#PED-3734 Affected Products: * Public Cloud Module 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Manager Proxy 4.1 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Server 4.1 An update that contains one feature and has six fixes can now be installed. ## Description: This update for rmt-server fixes the following issues: * Version 2.15: * Moving system hardware information to systems database table to allow transmitting system information dynamically. (jsc#PED-3734) * Dropping Rails Secrets facilities and related config files (bsc#1215176) * Updated supportconfig script (bsc#1216389) * Support zstd compression for repository metadata (bsc#1218775) * Do not add credential handling to normal repository URLs (bsc#1219153) * Fix for SUSE Liberty registration script to allow RHEL7/SLL7/CentOS7 clients to register to RMT servers * make sure yum that can read repomd.xml correctly is installed (bsc#1221223) * Provide user/group symbol for user created during pre (bsc#1219540) * Disable authentication for license files in pubcloud context * Higher registration sharing timeout * rmt-server-pubcloud: * Extend cache expiration time for BYOS systems (PAYG: 20 min, BYOS: 24 hours) * Include byos parameter when checking subscription validity for BYOS systems with SCC ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-954=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-954=1 * Public Cloud Module 15-SP2 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2024-954=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-954=1 ## Package List: * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * rmt-server-debugsource-2.15-150200.3.38.1 * rmt-server-debuginfo-2.15-150200.3.38.1 * rmt-server-2.15-150200.3.38.1 * rmt-server-config-2.15-150200.3.38.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * rmt-server-debugsource-2.15-150200.3.38.1 * rmt-server-debuginfo-2.15-150200.3.38.1 * rmt-server-2.15-150200.3.38.1 * rmt-server-config-2.15-150200.3.38.1 * Public Cloud Module 15-SP2 (aarch64 ppc64le s390x x86_64) * rmt-server-debuginfo-2.15-150200.3.38.1 * rmt-server-pubcloud-2.15-150200.3.38.1 * rmt-server-debugsource-2.15-150200.3.38.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * rmt-server-debugsource-2.15-150200.3.38.1 * rmt-server-debuginfo-2.15-150200.3.38.1 * rmt-server-2.15-150200.3.38.1 * rmt-server-config-2.15-150200.3.38.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1215176 * https://bugzilla.suse.com/show_bug.cgi?id=1216389 * https://bugzilla.suse.com/show_bug.cgi?id=1218775 * https://bugzilla.suse.com/show_bug.cgi?id=1219153 * https://bugzilla.suse.com/show_bug.cgi?id=1219540 * https://bugzilla.suse.com/show_bug.cgi?id=1221223 * https://jira.suse.com/browse/PED-3734 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:04 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:04 -0000 Subject: SUSE-RU-2024:0953-1: moderate: Recommended update for rmt-server Message-ID: <171111066445.3825.236453440504606682@smelt2.prg2.suse.org> # Recommended update for rmt-server Announcement ID: SUSE-RU-2024:0953-1 Rating: moderate References: * bsc#1215176 * bsc#1216389 * bsc#1218775 * bsc#1219153 * bsc#1219540 * bsc#1221223 * jsc#PED-3734 Affected Products: * openSUSE Leap 15.3 * Public Cloud Module 15-SP3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Manager Proxy 4.2 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Server 4.2 An update that contains one feature and has six fixes can now be installed. ## Description: This update for rmt-server fixes the following issues: * Version 2.15: * Moving system hardware information to systems database table to allow transmitting system information dynamically. (jsc#PED-3734) * Dropping Rails Secrets facilities and related config files (bsc#1215176) * Updated supportconfig script (bsc#1216389) * Support zstd compression for repository metadata (bsc#1218775) * Do not add credential handling to normal repository URLs (bsc#1219153) * Fix for SUSE Liberty registration script to allow RHEL7/SLL7/CentOS7 clients to register to RMT servers * make sure yum that can read repomd.xml correctly is installed (bsc#1221223) * Provide user/group symbol for user created during pre (bsc#1219540) * Disable authentication for license files in pubcloud context * Higher registration sharing timeout * rmt-server-pubcloud: * Extend cache expiration time for BYOS systems (PAYG: 20 min, BYOS: 24 hours) * Include byos parameter when checking subscription validity for BYOS systems with SCC ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-953=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2024-953=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-953=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-953=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-953=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-953=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64) * rmt-server-debugsource-2.15-150300.3.30.1 * rmt-server-debuginfo-2.15-150300.3.30.1 * rmt-server-config-2.15-150300.3.30.1 * rmt-server-pubcloud-2.15-150300.3.30.1 * rmt-server-2.15-150300.3.30.1 * Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64) * rmt-server-pubcloud-2.15-150300.3.30.1 * rmt-server-debugsource-2.15-150300.3.30.1 * rmt-server-debuginfo-2.15-150300.3.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * rmt-server-debuginfo-2.15-150300.3.30.1 * rmt-server-debugsource-2.15-150300.3.30.1 * rmt-server-config-2.15-150300.3.30.1 * rmt-server-2.15-150300.3.30.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * rmt-server-debuginfo-2.15-150300.3.30.1 * rmt-server-debugsource-2.15-150300.3.30.1 * rmt-server-config-2.15-150300.3.30.1 * rmt-server-2.15-150300.3.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * rmt-server-debuginfo-2.15-150300.3.30.1 * rmt-server-debugsource-2.15-150300.3.30.1 * rmt-server-config-2.15-150300.3.30.1 * rmt-server-2.15-150300.3.30.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * rmt-server-debuginfo-2.15-150300.3.30.1 * rmt-server-debugsource-2.15-150300.3.30.1 * rmt-server-config-2.15-150300.3.30.1 * rmt-server-2.15-150300.3.30.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1215176 * https://bugzilla.suse.com/show_bug.cgi?id=1216389 * https://bugzilla.suse.com/show_bug.cgi?id=1218775 * https://bugzilla.suse.com/show_bug.cgi?id=1219153 * https://bugzilla.suse.com/show_bug.cgi?id=1219540 * https://bugzilla.suse.com/show_bug.cgi?id=1221223 * https://jira.suse.com/browse/PED-3734 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:06 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:06 -0000 Subject: SUSE-RU-2024:0952-1: moderate: Recommended update for rmt-server Message-ID: <171111066677.3825.15744024207626449538@smelt2.prg2.suse.org> # Recommended update for rmt-server Announcement ID: SUSE-RU-2024:0952-1 Rating: moderate References: * bsc#1215176 * bsc#1216389 * bsc#1218775 * bsc#1219153 * bsc#1219540 * bsc#1221223 * jsc#PED-3734 Affected Products: * openSUSE Leap 15.4 * Public Cloud Module 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature and has six fixes can now be installed. ## Description: This update for rmt-server fixes the following issues: * Version 2.15: * Moving system hardware information to systems database table to allow transmitting system information dynamically. (jsc#PED-3734) * Dropping Rails Secrets facilities and related config files (bsc#1215176) * Updated supportconfig script (bsc#1216389) * Support zstd compression for repository metadata (bsc#1218775) * Do not add credential handling to normal repository URLs (bsc#1219153) * Fix for SUSE Liberty registration script to allow RHEL7/SLL7/CentOS7 clients to register to RMT servers * make sure yum that can read repomd.xml correctly is installed (bsc#1221223) * Provide user/group symbol for user created during pre (bsc#1219540) * Disable authentication for license files in pubcloud context * Higher registration sharing timeout * rmt-server-pubcloud: * Extend cache expiration time for BYOS systems (PAYG: 20 min, BYOS: 24 hours) * Include byos parameter when checking subscription validity for BYOS systems with SCC ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-952=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-952=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-952=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-952=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-952=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-952=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-952=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-952=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-952=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * rmt-server-config-2.15-150400.3.18.2 * rmt-server-debugsource-2.15-150400.3.18.2 * rmt-server-debuginfo-2.15-150400.3.18.2 * rmt-server-2.15-150400.3.18.2 * rmt-server-pubcloud-2.15-150400.3.18.2 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * rmt-server-debugsource-2.15-150400.3.18.2 * rmt-server-pubcloud-2.15-150400.3.18.2 * rmt-server-debuginfo-2.15-150400.3.18.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * rmt-server-config-2.15-150400.3.18.2 * rmt-server-debugsource-2.15-150400.3.18.2 * rmt-server-debuginfo-2.15-150400.3.18.2 * rmt-server-2.15-150400.3.18.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * rmt-server-config-2.15-150400.3.18.2 * rmt-server-debugsource-2.15-150400.3.18.2 * rmt-server-debuginfo-2.15-150400.3.18.2 * rmt-server-2.15-150400.3.18.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * rmt-server-config-2.15-150400.3.18.2 * rmt-server-debugsource-2.15-150400.3.18.2 * rmt-server-debuginfo-2.15-150400.3.18.2 * rmt-server-2.15-150400.3.18.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * rmt-server-config-2.15-150400.3.18.2 * rmt-server-debugsource-2.15-150400.3.18.2 * rmt-server-debuginfo-2.15-150400.3.18.2 * rmt-server-2.15-150400.3.18.2 * SUSE Manager Proxy 4.3 (x86_64) * rmt-server-config-2.15-150400.3.18.2 * rmt-server-debugsource-2.15-150400.3.18.2 * rmt-server-debuginfo-2.15-150400.3.18.2 * rmt-server-2.15-150400.3.18.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * rmt-server-config-2.15-150400.3.18.2 * rmt-server-debugsource-2.15-150400.3.18.2 * rmt-server-debuginfo-2.15-150400.3.18.2 * rmt-server-2.15-150400.3.18.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * rmt-server-config-2.15-150400.3.18.2 * rmt-server-debugsource-2.15-150400.3.18.2 * rmt-server-debuginfo-2.15-150400.3.18.2 * rmt-server-2.15-150400.3.18.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1215176 * https://bugzilla.suse.com/show_bug.cgi?id=1216389 * https://bugzilla.suse.com/show_bug.cgi?id=1218775 * https://bugzilla.suse.com/show_bug.cgi?id=1219153 * https://bugzilla.suse.com/show_bug.cgi?id=1219540 * https://bugzilla.suse.com/show_bug.cgi?id=1221223 * https://jira.suse.com/browse/PED-3734 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:09 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:09 -0000 Subject: SUSE-RU-2024:0951-1: important: Recommended update for spack Message-ID: <171111066951.3825.13585874031581805601@smelt2.prg2.suse.org> # Recommended update for spack Announcement ID: SUSE-RU-2024:0951-1 Rating: important References: * bsc#1221471 * bsc#1221503 Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 An update that has two fixes can now be installed. ## Description: This update for spack fixes the following issues: * Spack was updated to version 0.21.2: * Bugs fixed: * Containerize: accommodate nested or pre-existing `spack-env` paths. * Fix `setup-env` script, when going back and forth between instances. * Fix using fully-qualified namespaces from root specs. * Fix a bug when a required provider is requested for multiple virtuals. * OCI buildcaches: * only push in parallel when forking. * use pickleable errors (#42160) * Fix using sticky variants in externals. * Fix a rare issue with conditional requirements and multi-valued variants. * Recipy updates: * `rust`: add v1.75, rework a few variants. * `py-transformers`: add v4.35.2. * Fix path to setup-env.sh in the Apptainer template (bsc#1221471). * Add libgfortran, libfl2 and libzip5 to the Spack runtime container as the Spack build container has the corresponding devel packages but these libraries are not installed in a BCI-style base container by default (bsc#1221503). * Make python version used configurable. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-951=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-951=1 ## Package List: * openSUSE Leap 15.3 (noarch) * spack-recipes-0.21.2-150300.15.1 * spack-info-0.21.2-150300.15.1 * spack-0.21.2-150300.15.1 * spack-man-0.21.2-150300.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * spack-recipes-0.21.2-150300.15.1 * spack-info-0.21.2-150300.15.1 * spack-0.21.2-150300.15.1 * spack-man-0.21.2-150300.15.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1221471 * https://bugzilla.suse.com/show_bug.cgi?id=1221503 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:11 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:11 -0000 Subject: SUSE-RU-2024:0950-1: important: Recommended update for spack Message-ID: <171111067129.3825.5887808438115877415@smelt2.prg2.suse.org> # Recommended update for spack Announcement ID: SUSE-RU-2024:0950-1 Rating: important References: * bsc#1221471 * bsc#1221503 Affected Products: * HPC Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 An update that has two fixes can now be installed. ## Description: This update for spack fixes the following issues: * Spack was updated to version 0.21.2: * Bugs fixed: * Containerize: accommodate nested or pre-existing `spack-env` paths. * Fix `setup-env` script, when going back and forth between instances. * Fix using fully-qualified namespaces from root specs. * Fix a bug when a required provider is requested for multiple virtuals. * OCI buildcaches: * only push in parallel when forking. * use pickleable errors (#42160) * Fix using sticky variants in externals. * Fix a rare issue with conditional requirements and multi-valued variants. * Recipy updates: * `rust`: add v1.75, rework a few variants. * `py-transformers`: add v4.35.2. * Fix path to setup-env.sh in the Apptainer template (bsc#1221471). * Add libgfortran, libfl2 and libzip5 to the Spack runtime container as the Spack build container has the corresponding devel packages but these libraries are not installed in a BCI-style base container by default (bsc#1221503). * Make python version used configurable. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-950=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-950=1 * HPC Module 15-SP5 zypper in -t patch SUSE-SLE-Module-HPC-15-SP5-2024-950=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-950=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-950=1 ## Package List: * openSUSE Leap 15.4 (noarch) * spack-info-0.21.2-150400.15.2 * spack-man-0.21.2-150400.15.2 * spack-0.21.2-150400.15.2 * spack-recipes-0.21.2-150400.15.2 * openSUSE Leap 15.5 (noarch) * spack-info-0.21.2-150400.15.2 * spack-man-0.21.2-150400.15.2 * spack-0.21.2-150400.15.2 * spack-recipes-0.21.2-150400.15.2 * HPC Module 15-SP5 (noarch) * spack-info-0.21.2-150400.15.2 * spack-man-0.21.2-150400.15.2 * spack-0.21.2-150400.15.2 * spack-recipes-0.21.2-150400.15.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * spack-info-0.21.2-150400.15.2 * spack-man-0.21.2-150400.15.2 * spack-0.21.2-150400.15.2 * spack-recipes-0.21.2-150400.15.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * spack-info-0.21.2-150400.15.2 * spack-man-0.21.2-150400.15.2 * spack-0.21.2-150400.15.2 * spack-recipes-0.21.2-150400.15.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1221471 * https://bugzilla.suse.com/show_bug.cgi?id=1221503 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:12 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:12 -0000 Subject: SUSE-RU-2024:0949-1: moderate: Recommended update for growpart-rootgrow Message-ID: <171111067254.3825.689538545161416924@smelt2.prg2.suse.org> # Recommended update for growpart-rootgrow Announcement ID: SUSE-RU-2024:0949-1 Rating: moderate References: * bsc#1219941 Affected Products: * openSUSE Leap 15.5 * Public Cloud Module 15-SP2 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.1 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.1 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for growpart-rootgrow fixes the following issues: * Update to version 1.0.7 * Support root to be in a btrfs snapshot (bsc#1219941) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-949=1 * Public Cloud Module 15-SP2 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2024-949=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2024-949=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-949=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-949=1 ## Package List: * openSUSE Leap 15.5 (noarch) * growpart-rootgrow-1.0.7-150000.1.12.1 * Public Cloud Module 15-SP2 (noarch) * growpart-rootgrow-1.0.7-150000.1.12.1 * Public Cloud Module 15-SP3 (noarch) * growpart-rootgrow-1.0.7-150000.1.12.1 * Public Cloud Module 15-SP4 (noarch) * growpart-rootgrow-1.0.7-150000.1.12.1 * Public Cloud Module 15-SP5 (noarch) * growpart-rootgrow-1.0.7-150000.1.12.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219941 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:13 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:13 -0000 Subject: SUSE-RU-2024:0948-1: moderate: Recommended update for java-17-openjdk Message-ID: <171111067394.3825.6844270155050735790@smelt2.prg2.suse.org> # Recommended update for java-17-openjdk Announcement ID: SUSE-RU-2024:0948-1 Rating: moderate References: * bsc#1219662 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for java-17-openjdk fixes the following issues: * Recommend mozilla-nss-sysinit in order to have available the /etc/pki/nssdb directory and its content, required in fips mode (bsc#1219662). * Do not install our crafted nss.fips.cfg file, but use the one that the build produces with our fips.patch applied. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-948=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-948=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-948=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * java-17-openjdk-debugsource-17.0.10.0-150400.3.39.2 * java-17-openjdk-headless-17.0.10.0-150400.3.39.2 * java-17-openjdk-debuginfo-17.0.10.0-150400.3.39.2 * java-17-openjdk-demo-17.0.10.0-150400.3.39.2 * java-17-openjdk-devel-17.0.10.0-150400.3.39.2 * java-17-openjdk-headless-debuginfo-17.0.10.0-150400.3.39.2 * java-17-openjdk-17.0.10.0-150400.3.39.2 * java-17-openjdk-jmods-17.0.10.0-150400.3.39.2 * java-17-openjdk-src-17.0.10.0-150400.3.39.2 * java-17-openjdk-devel-debuginfo-17.0.10.0-150400.3.39.2 * openSUSE Leap 15.4 (noarch) * java-17-openjdk-javadoc-17.0.10.0-150400.3.39.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-debugsource-17.0.10.0-150400.3.39.2 * java-17-openjdk-headless-17.0.10.0-150400.3.39.2 * java-17-openjdk-debuginfo-17.0.10.0-150400.3.39.2 * java-17-openjdk-demo-17.0.10.0-150400.3.39.2 * java-17-openjdk-devel-17.0.10.0-150400.3.39.2 * java-17-openjdk-headless-debuginfo-17.0.10.0-150400.3.39.2 * java-17-openjdk-17.0.10.0-150400.3.39.2 * java-17-openjdk-jmods-17.0.10.0-150400.3.39.2 * java-17-openjdk-src-17.0.10.0-150400.3.39.2 * java-17-openjdk-devel-debuginfo-17.0.10.0-150400.3.39.2 * openSUSE Leap 15.5 (noarch) * java-17-openjdk-javadoc-17.0.10.0-150400.3.39.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-debugsource-17.0.10.0-150400.3.39.2 * java-17-openjdk-headless-17.0.10.0-150400.3.39.2 * java-17-openjdk-debuginfo-17.0.10.0-150400.3.39.2 * java-17-openjdk-demo-17.0.10.0-150400.3.39.2 * java-17-openjdk-devel-17.0.10.0-150400.3.39.2 * java-17-openjdk-headless-debuginfo-17.0.10.0-150400.3.39.2 * java-17-openjdk-17.0.10.0-150400.3.39.2 * java-17-openjdk-devel-debuginfo-17.0.10.0-150400.3.39.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219662 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:15 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:15 -0000 Subject: SUSE-SU-2024:0947-1: important: Security update for python-uamqp Message-ID: <171111067570.3825.15400453181018956753@smelt2.prg2.suse.org> # Security update for python-uamqp Announcement ID: SUSE-SU-2024:0947-1 Rating: important References: * bsc#1217782 * bsc#1220535 Cross-References: * CVE-2024-27099 CVSS scores: * CVE-2024-27099 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * Public Cloud Module 15-SP2 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.1 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.1 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python-uamqp fixes the following issues: * CVE-2024-27099: Fixed potential double-free in link_frame_received() (bsc#1220535). Bug fixes: * Fixed compatibility with OpenSSL 3.x (bsc#1217782) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-947=1 * Public Cloud Module 15-SP2 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2024-947=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2024-947=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-947=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-947=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python3-uamqp-debuginfo-1.5.3-150100.4.18.1 * python-uamqp-debugsource-1.5.3-150100.4.18.1 * python3-uamqp-1.5.3-150100.4.18.1 * Public Cloud Module 15-SP2 (aarch64 ppc64le s390x x86_64) * python3-uamqp-debuginfo-1.5.3-150100.4.18.1 * python-uamqp-debugsource-1.5.3-150100.4.18.1 * python3-uamqp-1.5.3-150100.4.18.1 * Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64) * python3-uamqp-debuginfo-1.5.3-150100.4.18.1 * python-uamqp-debugsource-1.5.3-150100.4.18.1 * python3-uamqp-1.5.3-150100.4.18.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * python3-uamqp-debuginfo-1.5.3-150100.4.18.1 * python-uamqp-debugsource-1.5.3-150100.4.18.1 * python3-uamqp-1.5.3-150100.4.18.1 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python3-uamqp-debuginfo-1.5.3-150100.4.18.1 * python-uamqp-debugsource-1.5.3-150100.4.18.1 * python3-uamqp-1.5.3-150100.4.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-27099.html * https://bugzilla.suse.com/show_bug.cgi?id=1217782 * https://bugzilla.suse.com/show_bug.cgi?id=1220535 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:17 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:17 -0000 Subject: SUSE-SU-2024:0946-1: important: Security update for rubygem-rack-1_4 Message-ID: <171111067773.3825.12210257654160786807@smelt2.prg2.suse.org> # Security update for rubygem-rack-1_4 Announcement ID: SUSE-SU-2024:0946-1 Rating: important References: * bsc#1220239 * bsc#1220242 * bsc#1220248 Cross-References: * CVE-2024-25126 * CVE-2024-26141 * CVE-2024-26146 CVSS scores: * CVE-2024-25126 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26141 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26146 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Containers Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for rubygem-rack-1_4 fixes the following issues: * CVE-2024-25126: Fixed a Denial of Service Vulnerability in Rack Content-Type Parsing (bsc#1220239) * CVE-2024-26141: Fixed a Denial of Service Vulnerability in Range request header parsing (bsc#1220242) * CVE-2024-26146: Fixed a Denial of Service vulnerability in Rack headers parsing routine (bsc#1220248) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Containers Module 12 zypper in -t patch SUSE-SLE-Module-Containers-12-2024-946=1 ## Package List: * Containers Module 12 (x86_64) * ruby2.1-rubygem-rack-1_4-1.4.5-9.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-25126.html * https://www.suse.com/security/cve/CVE-2024-26141.html * https://www.suse.com/security/cve/CVE-2024-26146.html * https://bugzilla.suse.com/show_bug.cgi?id=1220239 * https://bugzilla.suse.com/show_bug.cgi?id=1220242 * https://bugzilla.suse.com/show_bug.cgi?id=1220248 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:20 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:20 -0000 Subject: SUSE-RU-2024:0945-1: important: Recommended update for suseconnect-ng Message-ID: <171111068052.3825.4188515237124359371@smelt2.prg2.suse.org> # Recommended update for suseconnect-ng Announcement ID: SUSE-RU-2024:0945-1 Rating: important References: * bsc#1220679 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has one fix can now be installed. ## Description: This update for suseconnect-ng fixes the following issues: * Allow "\--rollback" flag to run on readonly filesystem (bsc#1220679) * Update to version 1.7.0 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-945=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-945=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-945=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libsuseconnect-1.8.0-3.12.1 * suseconnect-ng-1.8.0-3.12.1 * suseconnect-ruby-bindings-1.8.0-3.12.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libsuseconnect-1.8.0-3.12.1 * suseconnect-ng-1.8.0-3.12.1 * suseconnect-ruby-bindings-1.8.0-3.12.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libsuseconnect-1.8.0-3.12.1 * suseconnect-ng-1.8.0-3.12.1 * suseconnect-ruby-bindings-1.8.0-3.12.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1220679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:22 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:22 -0000 Subject: SUSE-RU-2024:0944-1: important: Recommended update for suseconnect-ng Message-ID: <171111068253.3825.14900313048903286164@smelt2.prg2.suse.org> # Recommended update for suseconnect-ng Announcement ID: SUSE-RU-2024:0944-1 Rating: important References: * bsc#1220679 Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that has one fix can now be installed. ## Description: This update for suseconnect-ng fixes the following issues: * Allow "\--rollback" flag to run on readonly filesystem (bsc#1220679) * Update to version 1.7.0 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP2 zypper in -t patch SUSE-SLE-INSTALLER-15-SP2-2024-944=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-944=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-944=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-944=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-944=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-944=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-944=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-944=1 ## Package List: * SUSE Linux Enterprise Server 15 SP2 (aarch64 ppc64le s390x x86_64) * suseconnect-ng-1.8.0-150100.3.23.1 * libsuseconnect-1.8.0-150100.3.23.1 * suseconnect-ruby-bindings-1.8.0-150100.3.23.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * suseconnect-ng-1.8.0-150100.3.23.1 * libsuseconnect-1.8.0-150100.3.23.1 * suseconnect-ruby-bindings-1.8.0-150100.3.23.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * suseconnect-ng-1.8.0-150100.3.23.1 * libsuseconnect-1.8.0-150100.3.23.1 * suseconnect-ruby-bindings-1.8.0-150100.3.23.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * suseconnect-ng-1.8.0-150100.3.23.1 * libsuseconnect-1.8.0-150100.3.23.1 * suseconnect-ruby-bindings-1.8.0-150100.3.23.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * suseconnect-ng-1.8.0-150100.3.23.1 * libsuseconnect-1.8.0-150100.3.23.1 * suseconnect-ruby-bindings-1.8.0-150100.3.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * suseconnect-ng-1.8.0-150100.3.23.1 * libsuseconnect-1.8.0-150100.3.23.1 * suseconnect-ruby-bindings-1.8.0-150100.3.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * suseconnect-ng-1.8.0-150100.3.23.1 * libsuseconnect-1.8.0-150100.3.23.1 * suseconnect-ruby-bindings-1.8.0-150100.3.23.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * suseconnect-ng-1.8.0-150100.3.23.1 * libsuseconnect-1.8.0-150100.3.23.1 * suseconnect-ruby-bindings-1.8.0-150100.3.23.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1220679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:23 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:23 -0000 Subject: SUSE-RU-2024:0943-1: important: Recommended update for suseconnect-ng Message-ID: <171111068365.3825.17629987877737003170@smelt2.prg2.suse.org> # Recommended update for suseconnect-ng Announcement ID: SUSE-RU-2024:0943-1 Rating: important References: * bsc#1220679 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for suseconnect-ng fixes the following issues: * Allow "\--rollback" flag to run on readonly filesystem (bsc#1220679) * Update to version 1.7.0 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-943=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-943=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-943=1 ## Package List: * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * suseconnect-ng-1.8.0-150500.3.18.1 * suseconnect-ruby-bindings-1.8.0-150500.3.18.1 * libsuseconnect-1.8.0-150500.3.18.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * suseconnect-ng-1.8.0-150500.3.18.1 * suseconnect-ruby-bindings-1.8.0-150500.3.18.1 * libsuseconnect-1.8.0-150500.3.18.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * suseconnect-ng-1.8.0-150500.3.18.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1220679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:25 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:25 -0000 Subject: SUSE-RU-2024:0942-1: important: Recommended update for suseconnect-ng Message-ID: <171111068502.3825.15728369325114073041@smelt2.prg2.suse.org> # Recommended update for suseconnect-ng Announcement ID: SUSE-RU-2024:0942-1 Rating: important References: * bsc#1220679 Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for suseconnect-ng fixes the following issues: * Allow "\--rollback" flag to run on readonly filesystem (bsc#1220679) * Update to version 1.7.0 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-942=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-942=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-942=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-942=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-942=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-942=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-942=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-942=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-942=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-942=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-942=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-942=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-942=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-942=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-942=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * libsuseconnect-1.8.0-150400.3.28.1 * suseconnect-ruby-bindings-1.8.0-150400.3.28.1 * suseconnect-ng-1.8.0-150400.3.28.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * suseconnect-ng-1.8.0-150400.3.28.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * suseconnect-ng-1.8.0-150400.3.28.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * suseconnect-ng-1.8.0-150400.3.28.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * suseconnect-ng-1.8.0-150400.3.28.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * suseconnect-ng-1.8.0-150400.3.28.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * suseconnect-ng-1.8.0-150400.3.28.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libsuseconnect-1.8.0-150400.3.28.1 * suseconnect-ruby-bindings-1.8.0-150400.3.28.1 * suseconnect-ng-1.8.0-150400.3.28.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libsuseconnect-1.8.0-150400.3.28.1 * suseconnect-ruby-bindings-1.8.0-150400.3.28.1 * suseconnect-ng-1.8.0-150400.3.28.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libsuseconnect-1.8.0-150400.3.28.1 * suseconnect-ruby-bindings-1.8.0-150400.3.28.1 * suseconnect-ng-1.8.0-150400.3.28.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libsuseconnect-1.8.0-150400.3.28.1 * suseconnect-ruby-bindings-1.8.0-150400.3.28.1 * suseconnect-ng-1.8.0-150400.3.28.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libsuseconnect-1.8.0-150400.3.28.1 * suseconnect-ruby-bindings-1.8.0-150400.3.28.1 * suseconnect-ng-1.8.0-150400.3.28.1 * SUSE Manager Proxy 4.3 (x86_64) * libsuseconnect-1.8.0-150400.3.28.1 * suseconnect-ruby-bindings-1.8.0-150400.3.28.1 * suseconnect-ng-1.8.0-150400.3.28.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libsuseconnect-1.8.0-150400.3.28.1 * suseconnect-ruby-bindings-1.8.0-150400.3.28.1 * suseconnect-ng-1.8.0-150400.3.28.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libsuseconnect-1.8.0-150400.3.28.1 * suseconnect-ruby-bindings-1.8.0-150400.3.28.1 * suseconnect-ng-1.8.0-150400.3.28.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1220679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:26 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:26 -0000 Subject: SUSE-RU-2024:0941-1: important: Recommended update for suseconnect-ng Message-ID: <171111068661.3825.6214750538413403972@smelt2.prg2.suse.org> # Recommended update for suseconnect-ng Announcement ID: SUSE-RU-2024:0941-1 Rating: important References: * bsc#1220679 Affected Products: * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that has one fix can now be installed. ## Description: This update for suseconnect-ng fixes the following issues: * Allow "\--rollback" flag to run on readonly filesystem (bsc#1220679) * Update to version 1.7.0 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-941=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-941=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * suseconnect-ng-1.8.0-150300.3.12.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * suseconnect-ng-1.8.0-150300.3.12.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1220679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:27 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:27 -0000 Subject: SUSE-RU-2024:0940-1: important: Recommended update for suseconnect-ng Message-ID: <171111068765.3825.4342492182863488753@smelt2.prg2.suse.org> # Recommended update for suseconnect-ng Announcement ID: SUSE-RU-2024:0940-1 Rating: important References: * bsc#1220679 Affected Products: * SUSE Linux Enterprise Micro 5.1 An update that has one fix can now be installed. ## Description: This update for suseconnect-ng fixes the following issues: * Allow "\--rollback" flag to run on readonly filesystem (bsc#1220679) * Update to version 1.7.0 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-940=1 ## Package List: * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * suseconnect-ng-1.8.0-150300.3.17.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1220679 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:29 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:29 -0000 Subject: SUSE-SU-2024:0939-1: moderate: Security update for shadow Message-ID: <171111068980.3825.10644439592951472138@smelt2.prg2.suse.org> # Security update for shadow Announcement ID: SUSE-SU-2024:0939-1 Rating: moderate References: * bsc#1144060 * bsc#1176006 * bsc#1188307 * bsc#1203823 * bsc#1205502 * bsc#1206627 * bsc#1210507 * bsc#1213189 Cross-References: * CVE-2023-29383 CVSS scores: * CVE-2023-29383 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-29383 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N Affected Products: * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability and has seven security fixes can now be installed. ## Description: This update for shadow fixes the following issues: * CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn (bsc#1210507). The following non-security bugs were fixed: * bsc#1176006: Fix chage date miscalculation * bsc#1188307: Fix passwd segfault * bsc#1203823: Remove pam_keyinit from PAM config files * bsc#1213189: Change lock mechanism to file locking to prevent lock files after power interruptions * bsc#1206627: Add --prefix support to passwd, chpasswd and chage * bsc#1205502: useradd audit event user id field cannot be interpretedd ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-939=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-939=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-939=1 ## Package List: * openSUSE Leap Micro 5.4 (noarch) * login_defs-4.8.1-150400.3.6.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * shadow-debuginfo-4.8.1-150400.3.6.1 * shadow-4.8.1-150400.3.6.1 * shadow-debugsource-4.8.1-150400.3.6.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * login_defs-4.8.1-150400.3.6.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * shadow-debuginfo-4.8.1-150400.3.6.1 * shadow-4.8.1-150400.3.6.1 * shadow-debugsource-4.8.1-150400.3.6.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * login_defs-4.8.1-150400.3.6.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * shadow-debuginfo-4.8.1-150400.3.6.1 * shadow-4.8.1-150400.3.6.1 * shadow-debugsource-4.8.1-150400.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-29383.html * https://bugzilla.suse.com/show_bug.cgi?id=1144060 * https://bugzilla.suse.com/show_bug.cgi?id=1176006 * https://bugzilla.suse.com/show_bug.cgi?id=1188307 * https://bugzilla.suse.com/show_bug.cgi?id=1203823 * https://bugzilla.suse.com/show_bug.cgi?id=1205502 * https://bugzilla.suse.com/show_bug.cgi?id=1206627 * https://bugzilla.suse.com/show_bug.cgi?id=1210507 * https://bugzilla.suse.com/show_bug.cgi?id=1213189 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:32 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:32 -0000 Subject: SUSE-RU-2024:0938-1: moderate: Recommended update for sapconf Message-ID: <171111069255.3825.12238349552649214825@smelt2.prg2.suse.org> # Recommended update for sapconf Announcement ID: SUSE-RU-2024:0938-1 Rating: moderate References: * jsc#PED-5025 Affected Products: * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature can now be installed. ## Description: This update for sapconf fixes the following issues: sapconf was updated from version 5.0.6 to 5.0.7: * Added requirement of package `sysctl-logger` (jsc#PED-5025) * Suppress error message regarding missing systemd service file during posttrans script ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-938=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-938=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-938=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-938=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-938=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-938=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-938=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-938=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-938=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-938=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-938=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-938=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-938=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-938=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-938=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-938=1 ## Package List: * openSUSE Leap 15.5 (noarch) * sapconf-5.0.7-150000.7.30.1 * Server Applications Module 15-SP5 (noarch) * sapconf-5.0.7-150000.7.30.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * sapconf-5.0.7-150000.7.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * sapconf-5.0.7-150000.7.30.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * sapconf-5.0.7-150000.7.30.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * sapconf-5.0.7-150000.7.30.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * sapconf-5.0.7-150000.7.30.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * sapconf-5.0.7-150000.7.30.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * sapconf-5.0.7-150000.7.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * sapconf-5.0.7-150000.7.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * sapconf-5.0.7-150000.7.30.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * sapconf-5.0.7-150000.7.30.1 * SUSE Manager Proxy 4.3 (noarch) * sapconf-5.0.7-150000.7.30.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * sapconf-5.0.7-150000.7.30.1 * SUSE Manager Server 4.3 (noarch) * sapconf-5.0.7-150000.7.30.1 * SUSE Enterprise Storage 7.1 (noarch) * sapconf-5.0.7-150000.7.30.1 ## References: * https://jira.suse.com/browse/PED-5025 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:34 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:34 -0000 Subject: SUSE-SU-2024:0937-1: important: Security update for openvswitch Message-ID: <171111069434.3825.11600037060279296325@smelt2.prg2.suse.org> # Security update for openvswitch Announcement ID: SUSE-SU-2024:0937-1 Rating: important References: * bsc#1219465 Cross-References: * CVE-2023-3966 CVSS scores: * CVE-2023-3966 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Legacy Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for openvswitch fixes the following issues: * CVE-2023-3966: Fixed invalid memory access in Geneve with HW offload (bsc#1219465). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-937=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-937=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-937=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-937=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-937=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-937=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-937=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-937=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-937=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-937=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-937=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * openvswitch-devel-2.14.2-150400.24.23.1 * libovn-20_06-0-20.06.2-150400.24.23.1 * python3-ovs-2.14.2-150400.24.23.1 * openvswitch-2.14.2-150400.24.23.1 * libopenvswitch-2_14-0-2.14.2-150400.24.23.1 * openvswitch-vtep-2.14.2-150400.24.23.1 * openvswitch-vtep-debuginfo-2.14.2-150400.24.23.1 * openvswitch-debuginfo-2.14.2-150400.24.23.1 * ovn-central-20.06.2-150400.24.23.1 * ovn-devel-20.06.2-150400.24.23.1 * ovn-vtep-20.06.2-150400.24.23.1 * libovn-20_06-0-debuginfo-20.06.2-150400.24.23.1 * openvswitch-debugsource-2.14.2-150400.24.23.1 * ovn-vtep-debuginfo-20.06.2-150400.24.23.1 * ovn-20.06.2-150400.24.23.1 * ovn-host-20.06.2-150400.24.23.1 * ovn-debuginfo-20.06.2-150400.24.23.1 * openvswitch-ipsec-2.14.2-150400.24.23.1 * ovn-host-debuginfo-20.06.2-150400.24.23.1 * openvswitch-test-2.14.2-150400.24.23.1 * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.23.1 * ovn-central-debuginfo-20.06.2-150400.24.23.1 * ovn-docker-20.06.2-150400.24.23.1 * openvswitch-pki-2.14.2-150400.24.23.1 * openvswitch-test-debuginfo-2.14.2-150400.24.23.1 * openSUSE Leap 15.4 (noarch) * ovn-doc-20.06.2-150400.24.23.1 * openvswitch-doc-2.14.2-150400.24.23.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * openvswitch-devel-2.14.2-150400.24.23.1 * libovn-20_06-0-20.06.2-150400.24.23.1 * python3-ovs-2.14.2-150400.24.23.1 * openvswitch-2.14.2-150400.24.23.1 * libopenvswitch-2_14-0-2.14.2-150400.24.23.1 * openvswitch-vtep-2.14.2-150400.24.23.1 * openvswitch-vtep-debuginfo-2.14.2-150400.24.23.1 * openvswitch-debuginfo-2.14.2-150400.24.23.1 * ovn-central-20.06.2-150400.24.23.1 * ovn-devel-20.06.2-150400.24.23.1 * ovn-vtep-20.06.2-150400.24.23.1 * libovn-20_06-0-debuginfo-20.06.2-150400.24.23.1 * openvswitch-debugsource-2.14.2-150400.24.23.1 * ovn-vtep-debuginfo-20.06.2-150400.24.23.1 * ovn-20.06.2-150400.24.23.1 * ovn-host-20.06.2-150400.24.23.1 * ovn-debuginfo-20.06.2-150400.24.23.1 * openvswitch-ipsec-2.14.2-150400.24.23.1 * ovn-host-debuginfo-20.06.2-150400.24.23.1 * openvswitch-test-2.14.2-150400.24.23.1 * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.23.1 * ovn-central-debuginfo-20.06.2-150400.24.23.1 * ovn-docker-20.06.2-150400.24.23.1 * openvswitch-pki-2.14.2-150400.24.23.1 * openvswitch-test-debuginfo-2.14.2-150400.24.23.1 * openSUSE Leap 15.5 (noarch) * ovn-doc-20.06.2-150400.24.23.1 * openvswitch-doc-2.14.2-150400.24.23.1 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * openvswitch-devel-2.14.2-150400.24.23.1 * libovn-20_06-0-20.06.2-150400.24.23.1 * python3-ovs-2.14.2-150400.24.23.1 * openvswitch-2.14.2-150400.24.23.1 * libopenvswitch-2_14-0-2.14.2-150400.24.23.1 * openvswitch-vtep-2.14.2-150400.24.23.1 * openvswitch-vtep-debuginfo-2.14.2-150400.24.23.1 * openvswitch-debuginfo-2.14.2-150400.24.23.1 * ovn-central-20.06.2-150400.24.23.1 * ovn-devel-20.06.2-150400.24.23.1 * ovn-vtep-20.06.2-150400.24.23.1 * libovn-20_06-0-debuginfo-20.06.2-150400.24.23.1 * openvswitch-debugsource-2.14.2-150400.24.23.1 * ovn-vtep-debuginfo-20.06.2-150400.24.23.1 * ovn-20.06.2-150400.24.23.1 * ovn-host-20.06.2-150400.24.23.1 * ovn-debuginfo-20.06.2-150400.24.23.1 * openvswitch-ipsec-2.14.2-150400.24.23.1 * ovn-host-debuginfo-20.06.2-150400.24.23.1 * openvswitch-test-2.14.2-150400.24.23.1 * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.23.1 * ovn-central-debuginfo-20.06.2-150400.24.23.1 * ovn-docker-20.06.2-150400.24.23.1 * openvswitch-pki-2.14.2-150400.24.23.1 * openvswitch-test-debuginfo-2.14.2-150400.24.23.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * openvswitch-debugsource-2.14.2-150400.24.23.1 * openvswitch-debuginfo-2.14.2-150400.24.23.1 * python3-ovs-2.14.2-150400.24.23.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * openvswitch-devel-2.14.2-150400.24.23.1 * libovn-20_06-0-20.06.2-150400.24.23.1 * python3-ovs-2.14.2-150400.24.23.1 * openvswitch-2.14.2-150400.24.23.1 * libopenvswitch-2_14-0-2.14.2-150400.24.23.1 * openvswitch-vtep-2.14.2-150400.24.23.1 * openvswitch-vtep-debuginfo-2.14.2-150400.24.23.1 * openvswitch-debuginfo-2.14.2-150400.24.23.1 * ovn-central-20.06.2-150400.24.23.1 * ovn-devel-20.06.2-150400.24.23.1 * ovn-vtep-20.06.2-150400.24.23.1 * libovn-20_06-0-debuginfo-20.06.2-150400.24.23.1 * openvswitch-debugsource-2.14.2-150400.24.23.1 * ovn-vtep-debuginfo-20.06.2-150400.24.23.1 * ovn-20.06.2-150400.24.23.1 * ovn-host-20.06.2-150400.24.23.1 * ovn-debuginfo-20.06.2-150400.24.23.1 * openvswitch-ipsec-2.14.2-150400.24.23.1 * ovn-host-debuginfo-20.06.2-150400.24.23.1 * openvswitch-test-2.14.2-150400.24.23.1 * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.23.1 * ovn-central-debuginfo-20.06.2-150400.24.23.1 * ovn-docker-20.06.2-150400.24.23.1 * openvswitch-pki-2.14.2-150400.24.23.1 * openvswitch-test-debuginfo-2.14.2-150400.24.23.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * openvswitch-devel-2.14.2-150400.24.23.1 * libovn-20_06-0-20.06.2-150400.24.23.1 * python3-ovs-2.14.2-150400.24.23.1 * openvswitch-2.14.2-150400.24.23.1 * libopenvswitch-2_14-0-2.14.2-150400.24.23.1 * openvswitch-vtep-2.14.2-150400.24.23.1 * openvswitch-vtep-debuginfo-2.14.2-150400.24.23.1 * openvswitch-debuginfo-2.14.2-150400.24.23.1 * ovn-central-20.06.2-150400.24.23.1 * ovn-devel-20.06.2-150400.24.23.1 * ovn-vtep-20.06.2-150400.24.23.1 * libovn-20_06-0-debuginfo-20.06.2-150400.24.23.1 * openvswitch-debugsource-2.14.2-150400.24.23.1 * ovn-vtep-debuginfo-20.06.2-150400.24.23.1 * ovn-20.06.2-150400.24.23.1 * ovn-host-20.06.2-150400.24.23.1 * ovn-debuginfo-20.06.2-150400.24.23.1 * openvswitch-ipsec-2.14.2-150400.24.23.1 * ovn-host-debuginfo-20.06.2-150400.24.23.1 * openvswitch-test-2.14.2-150400.24.23.1 * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.23.1 * ovn-central-debuginfo-20.06.2-150400.24.23.1 * ovn-docker-20.06.2-150400.24.23.1 * openvswitch-pki-2.14.2-150400.24.23.1 * openvswitch-test-debuginfo-2.14.2-150400.24.23.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * openvswitch-devel-2.14.2-150400.24.23.1 * libovn-20_06-0-20.06.2-150400.24.23.1 * python3-ovs-2.14.2-150400.24.23.1 * openvswitch-2.14.2-150400.24.23.1 * libopenvswitch-2_14-0-2.14.2-150400.24.23.1 * openvswitch-vtep-2.14.2-150400.24.23.1 * openvswitch-vtep-debuginfo-2.14.2-150400.24.23.1 * openvswitch-debuginfo-2.14.2-150400.24.23.1 * ovn-central-20.06.2-150400.24.23.1 * ovn-devel-20.06.2-150400.24.23.1 * ovn-vtep-20.06.2-150400.24.23.1 * libovn-20_06-0-debuginfo-20.06.2-150400.24.23.1 * openvswitch-debugsource-2.14.2-150400.24.23.1 * ovn-vtep-debuginfo-20.06.2-150400.24.23.1 * ovn-20.06.2-150400.24.23.1 * ovn-host-20.06.2-150400.24.23.1 * ovn-debuginfo-20.06.2-150400.24.23.1 * openvswitch-ipsec-2.14.2-150400.24.23.1 * ovn-host-debuginfo-20.06.2-150400.24.23.1 * openvswitch-test-2.14.2-150400.24.23.1 * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.23.1 * ovn-central-debuginfo-20.06.2-150400.24.23.1 * ovn-docker-20.06.2-150400.24.23.1 * openvswitch-pki-2.14.2-150400.24.23.1 * openvswitch-test-debuginfo-2.14.2-150400.24.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * openvswitch-devel-2.14.2-150400.24.23.1 * libovn-20_06-0-20.06.2-150400.24.23.1 * python3-ovs-2.14.2-150400.24.23.1 * openvswitch-2.14.2-150400.24.23.1 * libopenvswitch-2_14-0-2.14.2-150400.24.23.1 * openvswitch-vtep-2.14.2-150400.24.23.1 * openvswitch-vtep-debuginfo-2.14.2-150400.24.23.1 * openvswitch-debuginfo-2.14.2-150400.24.23.1 * ovn-central-20.06.2-150400.24.23.1 * ovn-devel-20.06.2-150400.24.23.1 * ovn-vtep-20.06.2-150400.24.23.1 * libovn-20_06-0-debuginfo-20.06.2-150400.24.23.1 * openvswitch-debugsource-2.14.2-150400.24.23.1 * ovn-vtep-debuginfo-20.06.2-150400.24.23.1 * ovn-20.06.2-150400.24.23.1 * ovn-host-20.06.2-150400.24.23.1 * ovn-debuginfo-20.06.2-150400.24.23.1 * openvswitch-ipsec-2.14.2-150400.24.23.1 * ovn-host-debuginfo-20.06.2-150400.24.23.1 * openvswitch-test-2.14.2-150400.24.23.1 * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.23.1 * ovn-central-debuginfo-20.06.2-150400.24.23.1 * ovn-docker-20.06.2-150400.24.23.1 * openvswitch-pki-2.14.2-150400.24.23.1 * openvswitch-test-debuginfo-2.14.2-150400.24.23.1 * SUSE Manager Proxy 4.3 (x86_64) * openvswitch-devel-2.14.2-150400.24.23.1 * libovn-20_06-0-20.06.2-150400.24.23.1 * python3-ovs-2.14.2-150400.24.23.1 * openvswitch-2.14.2-150400.24.23.1 * libopenvswitch-2_14-0-2.14.2-150400.24.23.1 * openvswitch-vtep-2.14.2-150400.24.23.1 * openvswitch-vtep-debuginfo-2.14.2-150400.24.23.1 * openvswitch-debuginfo-2.14.2-150400.24.23.1 * ovn-central-20.06.2-150400.24.23.1 * ovn-devel-20.06.2-150400.24.23.1 * ovn-vtep-20.06.2-150400.24.23.1 * libovn-20_06-0-debuginfo-20.06.2-150400.24.23.1 * openvswitch-debugsource-2.14.2-150400.24.23.1 * ovn-vtep-debuginfo-20.06.2-150400.24.23.1 * ovn-20.06.2-150400.24.23.1 * ovn-host-20.06.2-150400.24.23.1 * ovn-debuginfo-20.06.2-150400.24.23.1 * openvswitch-ipsec-2.14.2-150400.24.23.1 * ovn-host-debuginfo-20.06.2-150400.24.23.1 * openvswitch-test-2.14.2-150400.24.23.1 * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.23.1 * ovn-central-debuginfo-20.06.2-150400.24.23.1 * ovn-docker-20.06.2-150400.24.23.1 * openvswitch-pki-2.14.2-150400.24.23.1 * openvswitch-test-debuginfo-2.14.2-150400.24.23.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * openvswitch-devel-2.14.2-150400.24.23.1 * libovn-20_06-0-20.06.2-150400.24.23.1 * python3-ovs-2.14.2-150400.24.23.1 * openvswitch-2.14.2-150400.24.23.1 * libopenvswitch-2_14-0-2.14.2-150400.24.23.1 * openvswitch-vtep-2.14.2-150400.24.23.1 * openvswitch-vtep-debuginfo-2.14.2-150400.24.23.1 * openvswitch-debuginfo-2.14.2-150400.24.23.1 * ovn-central-20.06.2-150400.24.23.1 * ovn-devel-20.06.2-150400.24.23.1 * ovn-vtep-20.06.2-150400.24.23.1 * libovn-20_06-0-debuginfo-20.06.2-150400.24.23.1 * openvswitch-debugsource-2.14.2-150400.24.23.1 * ovn-vtep-debuginfo-20.06.2-150400.24.23.1 * ovn-20.06.2-150400.24.23.1 * ovn-host-20.06.2-150400.24.23.1 * ovn-debuginfo-20.06.2-150400.24.23.1 * openvswitch-ipsec-2.14.2-150400.24.23.1 * ovn-host-debuginfo-20.06.2-150400.24.23.1 * openvswitch-test-2.14.2-150400.24.23.1 * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.23.1 * ovn-central-debuginfo-20.06.2-150400.24.23.1 * ovn-docker-20.06.2-150400.24.23.1 * openvswitch-pki-2.14.2-150400.24.23.1 * openvswitch-test-debuginfo-2.14.2-150400.24.23.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * openvswitch-devel-2.14.2-150400.24.23.1 * libovn-20_06-0-20.06.2-150400.24.23.1 * python3-ovs-2.14.2-150400.24.23.1 * openvswitch-2.14.2-150400.24.23.1 * libopenvswitch-2_14-0-2.14.2-150400.24.23.1 * openvswitch-vtep-2.14.2-150400.24.23.1 * openvswitch-vtep-debuginfo-2.14.2-150400.24.23.1 * openvswitch-debuginfo-2.14.2-150400.24.23.1 * ovn-central-20.06.2-150400.24.23.1 * ovn-devel-20.06.2-150400.24.23.1 * ovn-vtep-20.06.2-150400.24.23.1 * libovn-20_06-0-debuginfo-20.06.2-150400.24.23.1 * openvswitch-debugsource-2.14.2-150400.24.23.1 * ovn-vtep-debuginfo-20.06.2-150400.24.23.1 * ovn-20.06.2-150400.24.23.1 * ovn-host-20.06.2-150400.24.23.1 * ovn-debuginfo-20.06.2-150400.24.23.1 * openvswitch-ipsec-2.14.2-150400.24.23.1 * ovn-host-debuginfo-20.06.2-150400.24.23.1 * openvswitch-test-2.14.2-150400.24.23.1 * libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.23.1 * ovn-central-debuginfo-20.06.2-150400.24.23.1 * ovn-docker-20.06.2-150400.24.23.1 * openvswitch-pki-2.14.2-150400.24.23.1 * openvswitch-test-debuginfo-2.14.2-150400.24.23.1 ## References: * https://www.suse.com/security/cve/CVE-2023-3966.html * https://bugzilla.suse.com/show_bug.cgi?id=1219465 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:38 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:38 -0000 Subject: SUSE-RU-2024:0802-2: moderate: Recommended update for wicked Message-ID: <171111069864.3825.13510337019587394429@smelt2.prg2.suse.org> # Recommended update for wicked Announcement ID: SUSE-RU-2024:0802-2 Rating: moderate References: * bsc#1215692 * bsc#1218926 * bsc#1218927 * bsc#1219265 * bsc#1219751 * jsc#PED-7183 Affected Products: * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature and has five fixes can now be installed. ## Description: This update for wicked fixes the following issues: * ifreload: VLAN changes require device deletion (bsc#1218927) * ifcheck: fix config changed check (bsc#1218926) * client: fix exit code for no-carrier status (bsc#1219265) * dhcp6: omit the SO_REUSEPORT option (bsc#1215692) * duid: fix comment for v6time * rtnl: fix peer address parsing for non ptp-interfaces * system-updater: Parse updater format from XML configuration to ensure install calls can run * team: add new options like link_watch_policy (jsc#PED-7183) * Fix memory leaks in dbus variant destroy and fsm free * xpath: allow underscore in node identifier * vxlan: don't format unknown rtnl attrs (bsc#1219751) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-802=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-802=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-802=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-802=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-802=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-802=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-802=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-802=1 ## Package List: * SUSE Manager Retail Branch Server 4.3 (x86_64) * wicked-0.6.74-150400.3.13.1 * wicked-debugsource-0.6.74-150400.3.13.1 * wicked-service-0.6.74-150400.3.13.1 * wicked-debuginfo-0.6.74-150400.3.13.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * wicked-0.6.74-150400.3.13.1 * wicked-debugsource-0.6.74-150400.3.13.1 * wicked-service-0.6.74-150400.3.13.1 * wicked-debuginfo-0.6.74-150400.3.13.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * wicked-0.6.74-150400.3.13.1 * wicked-debugsource-0.6.74-150400.3.13.1 * wicked-service-0.6.74-150400.3.13.1 * wicked-debuginfo-0.6.74-150400.3.13.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * wicked-0.6.74-150400.3.13.1 * wicked-debugsource-0.6.74-150400.3.13.1 * wicked-service-0.6.74-150400.3.13.1 * wicked-debuginfo-0.6.74-150400.3.13.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * wicked-0.6.74-150400.3.13.1 * wicked-debugsource-0.6.74-150400.3.13.1 * wicked-service-0.6.74-150400.3.13.1 * wicked-debuginfo-0.6.74-150400.3.13.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * wicked-0.6.74-150400.3.13.1 * wicked-debugsource-0.6.74-150400.3.13.1 * wicked-service-0.6.74-150400.3.13.1 * wicked-debuginfo-0.6.74-150400.3.13.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * wicked-0.6.74-150400.3.13.1 * wicked-debugsource-0.6.74-150400.3.13.1 * wicked-service-0.6.74-150400.3.13.1 * wicked-debuginfo-0.6.74-150400.3.13.1 * SUSE Manager Proxy 4.3 (x86_64) * wicked-0.6.74-150400.3.13.1 * wicked-debugsource-0.6.74-150400.3.13.1 * wicked-service-0.6.74-150400.3.13.1 * wicked-debuginfo-0.6.74-150400.3.13.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1215692 * https://bugzilla.suse.com/show_bug.cgi?id=1218926 * https://bugzilla.suse.com/show_bug.cgi?id=1218927 * https://bugzilla.suse.com/show_bug.cgi?id=1219265 * https://bugzilla.suse.com/show_bug.cgi?id=1219751 * https://jira.suse.com/browse/PED-7183 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:41 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:41 -0000 Subject: SUSE-SU-2024:0936-1: important: Security update for go1.22 Message-ID: <171111070126.3825.3758831669403531816@smelt2.prg2.suse.org> # Security update for go1.22 Announcement ID: SUSE-SU-2024:0936-1 Rating: important References: * bsc#1218424 * bsc#1219988 * bsc#1220999 * bsc#1221000 * bsc#1221001 * bsc#1221002 * bsc#1221003 Cross-References: * CVE-2023-45289 * CVE-2023-45290 * CVE-2024-24783 * CVE-2024-24784 * CVE-2024-24785 CVSS scores: * CVE-2023-45289 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-45290 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24783 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24784 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-24785 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves five vulnerabilities and has two security fixes can now be installed. ## Description: This update for go1.22 fixes the following issues: * go1.22.1 (released 2024-03-05) includes security fixes to the crypto/x509, html/template, net/http, net/http/cookiejar, and net/mail packages, as well as bug fixes to the compiler, the go command, the runtime, the trace command, and the go/types and net/http packages. (bsc#1218424) CVE-2023-45289 CVE-2023-45290 CVE-2024-24783 CVE-2024-24784 CVE-2024-24785 * go#65831 go#65390 bsc#1220999 security: fix CVE-2024-24783 crypto/x509: Verify panics on certificates with an unknown public key algorithm * go#65849 go#65083 bsc#1221002 security: fix CVE-2024-24784 net/mail: comments in display names are incorrectly handled * go#65850 go#65383 bsc#1221001 security: fix CVE-2023-45290 net/http: memory exhaustion in Request.ParseMultipartForm * go#65859 go#65065 bsc#1221000 security: fix CVE-2023-45289 net/http, net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect * go#65969 go#65697 bsc#1221003 security: fix CVE-2024-24785 html/template: errors returned from MarshalJSON methods may break template escaping * go#65352 cmd/go: go generate fails silently when run on a package in a nested workspace module * go#65471 internal/testenv: TestHasGoBuild failures on the LUCI noopt builders * go#65474 internal/testenv: support LUCI mobile builders in testenv tests * go#65577 cmd/trace/v2: goroutine analysis page doesn't identify goroutines consistently * go#65618 cmd/compile: Go 1.22 build fails with 1.21 PGO profile on internal/saferio change * go#65619 cmd/compile: Go 1.22 changes support for modules that declare go 1.0 * go#65641 cmd/cgo/internal/testsanitizers,x/build: LUCI clang15 builders failing * go#65644 runtime: crash in race detector when execution tracer reads from CPU profile buffer * go#65728 go/types: nil pointer dereference in Alias.Underlying() * go#65759 net/http: context cancellation can leave HTTP client with deadlocked HTTP/1.1 connections in Go1.22 * go#65760 runtime: Go 1.22.0 fails to build from source on armv7 Alpine Linux * go#65818 runtime: go1.22.0 test with -race will SIGSEGV or SIGBUS or Bad Pointer * go#65852 cmd/go: "missing ziphash" error with go.work * go#65883 runtime: scheduler sometimes starves a runnable goroutine on wasm platforms * Packaging improvements: * bsc#1219988 ensure VERSION file is present in GOROOT as required by go tool dist and go tool distpack * go1.22 (released 2024-02-06) is a major release of Go. go1.22.x minor releases will be provided through February 2024. https://github.com/golang/go/wiki/Go-Release-Cycle go1.22 arrives six months after go1.21. Most of its changes are in the implementation of the toolchain, runtime, and libraries. As always, the release maintains the Go 1 promise of compatibility. We expect almost all Go programs to continue to compile and run as before. (bsc#1218424) * Language change: go1.22 makes two changes to for loops. Previously, the variables declared by a for loop were created once and updated by each iteration. In go1.22, each iteration of the loop creates new variables, to avoid accidental sharing bugs. The transition support tooling described in the proposal continues to work in the same way it did in Go 1.21. * Language change: For loops may now range over integers * Language change: go1.22 includes a preview of a language change we are considering for a future version of Go: range-over-function iterators. Building with GOEXPERIMENT=rangefunc enables this feature. * go command: Commands in workspaces can now use a vendor directory containing the dependencies of the workspace. The directory is created by go work vendor, and used by build commands when the -mod flag is set to vendor, which is the default when a workspace vendor directory is present. Note that the vendor directory's contents for a workspace are different from those of a single module: if the directory at the root of a workspace also contains one of the modules in the workspace, its vendor directory can contain the dependencies of either the workspace or of the module, but not both. * go get is no longer supported outside of a module in the legacy GOPATH mode (that is, with GO111MODULE=off). Other build commands, such as go build and go test, will continue to work indefinitely for legacy GOPATH programs. * go mod init no longer attempts to import module requirements from configuration files for other vendoring tools (such as Gopkg.lock). * go test -cover now prints coverage summaries for covered packages that do not have their own test files. Prior to Go 1.22 a go test -cover run for such a package would report: ? mymod/mypack [no test files] and now with go1.22, functions in the package are treated as uncovered: mymod/mypack coverage: 0.0% of statements Note that if a package contains no executable code at all, we can't report a meaningful coverage percentage; for such packages the go tool will continue to report that there are no test files. * trace: The trace tool's web UI has been gently refreshed as part of the work to support the new tracer, resolving several issues and improving the readability of various sub-pages. The web UI now supports exploring traces in a thread-oriented view. The trace viewer also now displays the full duration of all system calls. These improvements only apply for viewing traces produced by programs built with go1.22 or newer. A future release will bring some of these improvements to traces produced by older version of Go. * vet: References to loop variables The behavior of the vet tool has changed to match the new semantics (see above) of loop variables in go1.22. When analyzing a file that requires go1.22 or newer (due to its go.mod file or a per-file build constraint), vetcode> no longer reports references to loop variables from within a function literal that might outlive the iteration of the loop. In Go 1.22, loop variables are created anew for each iteration, so such references are no longer at risk of using a variable after it has been updated by the loop. * vet: New warnings for missing values after append The vet tool now reports calls to append that pass no values to be appended to the slice, such as slice = append(slice). Such a statement has no effect, and experience has shown that is nearly always a mistake. * vet: New warnings for deferring time.Since The vet tool now reports a non- deferred call to time.Since(t) within a defer statement. This is equivalent to calling time.Now().Sub(t) before the defer statement, not when the deferred function is called. In nearly all cases, the correct code requires deferring the time.Since call. * vet: New warnings for mismatched key-value pairs in log/slog calls The vet tool now reports invalid arguments in calls to functions and methods in the structured logging package, log/slog, that accept alternating key/value pairs. It reports calls where an argument in a key position is neither a string nor a slog.Attr, and where a final key is missing its value. * runtime: The runtime now keeps type-based garbage collection metadata nearer to each heap object, improving the CPU performance (latency or throughput) of Go programs by 1-3%. This change also reduces the memory overhead of the majority Go programs by approximately 1% by deduplicating redundant metadata. Some programs may see a smaller improvement because this change adjusts the size class boundaries of the memory allocator, so some objects may be moved up a size class. A consequence of this change is that some objects' addresses that were previously always aligned to a 16 byte (or higher) boundary will now only be aligned to an 8 byte boundary. Some programs that use assembly instructions that require memory addresses to be more than 8-byte aligned and rely on the memory allocator's previous alignment behavior may break, but we expect such programs to be rare. Such programs may be built with GOEXPERIMENT=noallocheaders to revert to the old metadata layout and restore the previous alignment behavior, but package owners should update their assembly code to avoid the alignment assumption, as this workaround will be removed in a future release. * runtime: On the windows/amd64 port, programs linking or loading Go libraries built with -buildmode=c-archive or -buildmode=c-shared can now use the SetUnhandledExceptionFilter Win32 function to catch exceptions not handled by the Go runtime. Note that this was already supported on the windows/386 port. * compiler: Profile-guided Optimization (PGO) builds can now devirtualize a higher proportion of calls than previously possible. Most programs from a representative set of Go programs now see between 2 and 14% improvement from enabling PGO. * compiler: The compiler now interleaves devirtualization and inlining, so interface method calls are better optimized. * compiler: go1.22 also includes a preview of an enhanced implementation of the compiler's inlining phase that uses heuristics to boost inlinability at call sites deemed "important" (for example, in loops) and discourage inlining at call sites deemed "unimportant" (for example, on panic paths). Building with GOEXPERIMENT=newinliner enables the new call-site heuristics; see issue #61502 for more info and to provide feedback. * linker: The linker's -s and -w flags are now behave more consistently across all platforms. The -w flag suppresses DWARF debug information generation. The -s flag suppresses symbol table generation. The -s flag also implies the -w flag, which can be negated with -w=0. That is, -s -w=0 will generate a binary with DWARF debug information generation but without the symbol table. * linker: On ELF platforms, the -B linker flag now accepts a special form: with -B gobuildid, the linker will generate a GNU build ID (the ELF NT_GNU_BUILD_ID note) derived from the Go build ID. * linker: On Windows, when building with -linkmode=internal, the linker now preserves SEH information from C object files by copying the .pdata and .xdata sections into the final binary. This helps with debugging and profiling binaries using native tools, such as WinDbg. Note that until now, C functions' SEH exception handlers were not being honored, so this change may cause some programs to behave differently. -linkmode=external is not affected by this change, as external linkers already preserve SEH information. * bootstrap: As mentioned in the Go 1.20 release notes, go1.22 now requires the final point release of Go 1.20 or later for bootstrap. We expect that Go 1.24 will require the final point release of go1.22 or later for bootstrap. * core library: New math/rand/v2 package: go1.22 includes the first ?v2? package in the standard library, math/rand/v2. The changes compared to math/rand are detailed in proposal go#61716. The most important changes are: * The Read method, deprecated in math/rand, was not carried forward for math/rand/v2. (It remains available in math/rand.) The vast majority of calls to Read should use crypto/rand?s Read instead. Otherwise a custom Read can be constructed using the Uint64 method. * The global generator accessed by top-level functions is unconditionally randomly seeded. Because the API guarantees no fixed sequence of results, optimizations like per-thread random generator states are now possible. * The Source interface now has a single Uint64 method; there is no Source64 interface. * Many methods now use faster algorithms that were not possible to adopt in math/rand because they changed the output streams. * The Intn, Int31, Int31n, Int63, and Int64n top-level functions and methods from math/rand are spelled more idiomatically in math/rand/v2: IntN, Int32, Int32N, Int64, and Int64N. There are also new top-level functions and methods Uint32, Uint32N, Uint64, Uint64N, Uint, and UintN. * The new generic function N is like Int64N or Uint64N but works for any integer type. For example a random duration from 0 up to 5 minutes is rand.N(5*time.Minute). * The Mitchell & Reeds LFSR generator provided by math/rand?s Source has been replaced by two more modern pseudo-random generator sources: ChaCha8 PCG. ChaCha8 is a new, cryptographically strong random number generator roughly similar to PCG in efficiency. ChaCha8 is the algorithm used for the top-level functions in math/rand/v2. As of go1.22, math/rand's top-level functions (when not explicitly seeded) and the Go runtime also use ChaCha8 for randomness. * We plan to include an API migration tool in a future release, likely Go 1.23. * core library: New go/version package: The new go/version package implements functions for validating and comparing Go version strings. * core library: Enhanced routing patterns: HTTP routing in the standard library is now more expressive. The patterns used by net/http.ServeMux have been enhanced to accept methods and wildcards. This change breaks backwards compatibility in small ways, some obvious?patterns with "{" and "}" behave differently? and some less so?treatment of escaped paths has been improved. The change is controlled by a GODEBUG field named httpmuxgo121. Set httpmuxgo121=1 to restore the old behavior. * Minor changes to the library As always, there are various minor changes and updates to the library, made with the Go 1 promise of compatibility in mind. There are also various performance improvements, not enumerated here. * archive/tar: The new method Writer.AddFS adds all of the files from an fs.FS to the archive. * archive/zip: The new method Writer.AddFS adds all of the files from an fs.FS to the archive. * bufio: When a SplitFunc returns ErrFinalToken with a nil token, Scanner will now stop immediately. Previously, it would report a final empty token before stopping, which was usually not desired. Callers that do want to report a final empty token can do so by returning []byte{} rather than nil. * cmp: The new function Or returns the first in a sequence of values that is not the zero value. * crypto/tls: ConnectionState.ExportKeyingMaterial will now return an error unless TLS 1.3 is in use, or the extended_master_secret extension is supported by both the server and client. crypto/tls has supported this extension since Go 1.20. This can be disabled with the tlsunsafeekm=1 GODEBUG setting. * crypto/tls: By default, the minimum version offered by crypto/tls servers is now TLS 1.2 if not specified with config.MinimumVersion, matching the behavior of crypto/tls clients. This change can be reverted with the tls10server=1 GODEBUG setting. * crypto/tls: By default, cipher suites without ECDHE support are no longer offered by either clients or servers during pre-TLS 1.3 handshakes. This change can be reverted with the tlsrsakex=1 GODEBUG setting. * crypto/x509: The new CertPool.AddCertWithConstraint method can be used to add customized constraints to root certificates to be applied during chain building. * crypto/x509: On Android, root certificates will now be loaded from /data/misc/keychain/certs-added as well as /system/etc/security/cacerts. * crypto/x509: A new type, OID, supports ASN.1 Object Identifiers with individual components larger than 31 bits. A new field which uses this type, Policies, is added to the Certificate struct, and is now populated during parsing. Any OIDs which cannot be represented using a asn1.ObjectIdentifier will appear in Policies, but not in the old PolicyIdentifiers field. When calling CreateCertificate, the Policies field is ignored, and policies are taken from the PolicyIdentifiers field. Using the x509usepolicies=1 GODEBUG setting inverts this, populating certificate policies from the Policies field, and ignoring the PolicyIdentifiers field. We may change the default value of x509usepolicies in Go 1.23, making Policies the default field for marshaling. * database/sql: The new Null[T] type provide a way to scan nullable columns for any column types. * debug/elf: Constant R_MIPS_PC32 is defined for use with MIPS64 systems. Additional R_LARCH_* constants are defined for use with LoongArch systems. * encoding: The new methods AppendEncode and AppendDecode added to each of the Encoding types in the packages encoding/base32, encoding/base64, and encoding/hex simplify encoding and decoding from and to byte slices by taking care of byte slice buffer management. * encoding: The methods base32.Encoding.WithPadding and base64.Encoding.WithPadding now panic if the padding argument is a negative value other than NoPadding. * encoding/json: Marshaling and encoding functionality now escapes '\b' and '\f' characters as \b and \f instead of \u0008 and \u000c. * go/ast: The following declarations related to syntactic identifier resolution are now deprecated: Ident.Obj, Object, Scope, File.Scope, File.Unresolved, Importer, Package, NewPackage. In general, identifiers cannot be accurately resolved without type information. Consider, for example, the identifier K in T{K: ""}: it could be the name of a local variable if T is a map type, or the name of a field if T is a struct type. New programs should use the go/types package to resolve identifiers; see Object, Info.Uses, and Info.Defs for details. * go/ast: The new ast.Unparen function removes any enclosing parentheses from an expression. * go/types: The new Alias type represents type aliases. Previously, type aliases were not represented explicitly, so a reference to a type alias was equivalent to spelling out the aliased type, and the name of the alias was lost. The new representation retains the intermediate Alias. This enables improved error reporting (the name of a type alias can be reported), and allows for better handling of cyclic type declarations involving type aliases. In a future release, Alias types will also carry type parameter information. The new function Unalias returns the actual type denoted by an Alias type (or any other Type for that matter). * go/types: Because Alias types may break existing type switches that do not know to check for them, this functionality is controlled by a GODEBUG field named gotypesalias. With gotypesalias=0, everything behaves as before, and Alias types are never created. With gotypesalias=1, Alias types are created and clients must expect them. The default is gotypesalias=0. In a future release, the default will be changed to gotypesalias=1. Clients of go/types are urged to adjust their code as soon as possible to work with gotypesalias=1 to eliminate problems early. * go/types: The Info struct now exports the FileVersions map which provides per-file Go version information. * go/types: The new helper method PkgNameOf returns the local package name for the given import declaration. * go/types: The implementation of SizesFor has been adjusted to compute the same type sizes as the compiler when the compiler argument for SizesFor is "gc". The default Sizes implementation used by the type checker is now types.SizesFor("gc", "amd64"). * go/types: The start position (Pos) of the lexical environment block (Scope) that represents a function body has changed: it used to start at the opening curly brace of the function body, but now starts at the function's func token. * html/template: Javascript template literals may now contain Go template actions, and parsing a template containing one will no longer return ErrJSTemplate. Similarly the GODEBUG setting jstmpllitinterp no longer has any effect. * io: The new SectionReader.Outer method returns the ReaderAt, offset, and size passed to NewSectionReader. * log/slog: The new SetLogLoggerLevel function controls the level for the bridge between the `slog` and `log` packages. It sets the minimum level for calls to the top-level `slog` logging functions, and it sets the level for calls to `log.Logger` that go through `slog`. * math/big: The new method Rat.FloatPrec computes the number of fractional decimal digits required to represent a rational number accurately as a floating-point number, and whether accurate decimal representation is possible in the first place. * net: When io.Copy copies from a TCPConn to a UnixConn, it will now use Linux's splice(2) system call if possible, using the new method TCPConn.WriteTo. * net: The Go DNS Resolver, used when building with "-tags=netgo", now searches for a matching name in the Windows hosts file, located at %SystemRoot%\System32\drivers\etc\hosts, before making a DNS query. * net/http: The new functions ServeFileFS, FileServerFS, and NewFileTransportFS are versions of the existing ServeFile, FileServer, and NewFileTransport, operating on an fs.FS. * net/http: The HTTP server and client now reject requests and responses containing an invalid empty Content-Length header. The previous behavior may be restored by setting GODEBUG field httplaxcontentlength=1. * net/http: The new method Request.PathValue returns path wildcard values from a request and the new method Request.SetPathValue sets path wildcard values on a request. * net/http/cgi: When executing a CGI process, the PATH_INFO variable is now always set to the empty string or a value starting with a / character, as required by RFC 3875. It was previously possible for some combinations of Handler.Root and request URL to violate this requirement. * net/netip: The new AddrPort.Compare method compares two AddrPorts. * os: On Windows, the Stat function now follows all reparse points that link to another named entity in the system. It was previously only following IO_REPARSE_TAG_SYMLINK and IO_REPARSE_TAG_MOUNT_POINT reparse points. * os: On Windows, passing O_SYNC to OpenFile now causes write operations to go directly to disk, equivalent to O_SYNC on Unix platforms. * os: On Windows, the ReadDir, File.ReadDir, File.Readdir, and File.Readdirnames functions now read directory entries in batches to reduce the number of system calls, improving performance up to 30%. * os: When io.Copy copies from a File to a net.UnixConn, it will now use Linux's sendfile(2) system call if possible, using the new method File.WriteTo. * os/exec: On Windows, LookPath now ignores empty entries in %PATH%, and returns ErrNotFound (instead of ErrNotExist) if no executable file extension is found to resolve an otherwise-unambiguous name. * os/exec: On Windows, Command and Cmd.Start no longer call LookPath if the path to the executable is already absolute and has an executable file extension. In addition, Cmd.Start no longer writes the resolved extension back to the Path field, so it is now safe to call the String method concurrently with a call to Start. * reflect: The Value.IsZero method will now return true for a floating-point or complex negative zero, and will return true for a struct value if a blank field (a field named _) somehow has a non-zero value. These changes make IsZero consistent with comparing a value to zero using the language == operator. * reflect: The PtrTo function is deprecated, in favor of PointerTo. * reflect: The new function TypeFor returns the Type that represents the type argument T. Previously, to get the reflect.Type value for a type, one had to use reflect.TypeOf((*T)(nil)).Elem(). This may now be written as reflect.TypeForT. * runtime/metrics: Four new histogram metrics /sched/pauses/stopping/gc:seconds, /sched/pauses/stopping/other:seconds, /sched/pauses/total/gc:seconds, and /sched/pauses/total/other:seconds provide additional details about stop-the-world pauses. The "stopping" metrics report the time taken from deciding to stop the world until all goroutines are stopped. The "total" metrics report the time taken from deciding to stop the world until it is started again. * runtime/metrics: The /gc/pauses:seconds metric is deprecated, as it is equivalent to the new /sched/pauses/total/gc:seconds metric. * runtime/metrics: /sync/mutex/wait/total:seconds now includes contention on runtime-internal locks in addition to sync.Mutex and sync.RWMutex. * runtime/pprof: Mutex profiles now scale contention by the number of goroutines blocked on the mutex. This provides a more accurate representation of the degree to which a mutex is a bottleneck in a Go program. For instance, if 100 goroutines are blocked on a mutex for 10 milliseconds, a mutex profile will now record 1 second of delay instead of 10 milliseconds of delay. * runtime/pprof: Mutex profiles also now include contention on runtime- internal locks in addition to sync.Mutex and sync.RWMutex. Contention on runtime-internal locks is always reported at runtime._LostContendedRuntimeLock. A future release will add complete stack traces in these cases. * runtime/pprof: CPU profiles on Darwin platforms now contain the process's memory map, enabling the disassembly view in the pprof tool. * runtime/trace: The execution tracer has been completely overhauled in this release, resolving several long-standing issues and paving the way for new use-cases for execution traces. * runtime/trace: Execution traces now use the operating system's clock on most platforms (Windows excluded) so it is possible to correlate them with traces produced by lower-level components. Execution traces no longer depend on the reliability of the platform's clock to produce a correct trace. Execution traces are now partitioned regularly on-the-fly and as a result may be processed in a streamable way. Execution traces now contain complete durations for all system calls. Execution traces now contain information about the operating system threads that goroutines executed on. The latency impact of starting and stopping execution traces has been dramatically reduced. Execution traces may now begin or end during the garbage collection mark phase. * runtime/trace: To allow Go developers to take advantage of these improvements, an experimental trace reading package is available at golang.org/x/exp/trace. Note that this package only works on traces produced by programs built with go1.22 at the moment. Please try out the package and provide feedback on the corresponding proposal issue. * runtime/trace: If you experience any issues with the new execution tracer implementation, you may switch back to the old implementation by building your Go program with GOEXPERIMENT=noexectracer2. If you do, please file an issue, otherwise this option will be removed in a future release. * slices: The new function Concat concatenates multiple slices. * slices: Functions that shrink the size of a slice (Delete, DeleteFunc, Compact, CompactFunc, and Replace) now zero the elements between the new length and the old length. * slices: Insert now always panics if the argument i is out of range. Previously it did not panic in this situation if there were no elements to be inserted. * syscall: The syscall package has been frozen since Go 1.4 and was marked as deprecated in Go 1.11, causing many editors to warn about any use of the package. However, some non-deprecated functionality requires use of the syscall package, such as the os/exec.Cmd.SysProcAttr field. To avoid unnecessary complaints on such code, the syscall package is no longer marked as deprecated. The package remains frozen to most new functionality, and new code remains encouraged to use golang.org/x/sys/unix or golang.org/x/sys/windows where possible. * syscall: On Linux, the new SysProcAttr.PidFD field allows obtaining a PID FD when starting a child process via StartProcess or os/exec. * syscall: On Windows, passing O_SYNC to Open now causes write operations to go directly to disk, equivalent to O_SYNC on Unix platforms. * testing/slogtest: The new Run function uses sub-tests to run test cases, providing finer-grained control. * Ports: Darwin: On macOS on 64-bit x86 architecture (the darwin/amd64 port), the Go toolchain now generates position-independent executables (PIE) by default. Non-PIE binaries can be generated by specifying the -buildmode=exe build flag. On 64-bit ARM-based macOS (the darwin/arm64 port), the Go toolchain already generates PIE by default. go1.22 is the last release that will run on macOS 10.15 Catalina. Go 1.23 will require macOS 11 Big Sur or later. * Ports: Arm: The GOARM environment variable now allows you to select whether to use software or hardware floating point. Previously, valid GOARM values were 5, 6, or 7. Now those same values can be optionally followed by ,softfloat or ,hardfloat to select the floating-point implementation. This new option defaults to softfloat for version 5 and hardfloat for versions 6 and 7. * Ports: Loong64: The loong64 port now supports passing function arguments and results using registers. The linux/loong64 port now supports the address sanitizer, memory sanitizer, new-style linker relocations, and the plugin build mode. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-936=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * go1.22-doc-1.22.1-1.3.1 * go1.22-1.22.1-1.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45289.html * https://www.suse.com/security/cve/CVE-2023-45290.html * https://www.suse.com/security/cve/CVE-2024-24783.html * https://www.suse.com/security/cve/CVE-2024-24784.html * https://www.suse.com/security/cve/CVE-2024-24785.html * https://bugzilla.suse.com/show_bug.cgi?id=1218424 * https://bugzilla.suse.com/show_bug.cgi?id=1219988 * https://bugzilla.suse.com/show_bug.cgi?id=1220999 * https://bugzilla.suse.com/show_bug.cgi?id=1221000 * https://bugzilla.suse.com/show_bug.cgi?id=1221001 * https://bugzilla.suse.com/show_bug.cgi?id=1221002 * https://bugzilla.suse.com/show_bug.cgi?id=1221003 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:44 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:44 -0000 Subject: SUSE-SU-2024:0935-1: moderate: Security update for xen Message-ID: <171111070480.3825.8682783761846245699@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:0935-1 Rating: moderate References: * bsc#1219885 Cross-References: * CVE-2023-46841 CVSS scores: * CVE-2023-46841 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 An update that solves one vulnerability can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2023-46841: Fixed shadow stack vs exceptions from emulation stubs (XSA-451) (bsc#1219885). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-935=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-935=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-935=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-935=1 ## Package List: * SUSE Linux Enterprise Micro 5.2 (x86_64) * xen-libs-debuginfo-4.14.6_12-150300.3.66.1 * xen-libs-4.14.6_12-150300.3.66.1 * xen-debugsource-4.14.6_12-150300.3.66.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * xen-libs-debuginfo-4.14.6_12-150300.3.66.1 * xen-libs-4.14.6_12-150300.3.66.1 * xen-debugsource-4.14.6_12-150300.3.66.1 * openSUSE Leap 15.3 (aarch64 x86_64 i586) * xen-tools-domU-4.14.6_12-150300.3.66.1 * xen-devel-4.14.6_12-150300.3.66.1 * xen-libs-debuginfo-4.14.6_12-150300.3.66.1 * xen-libs-4.14.6_12-150300.3.66.1 * xen-tools-domU-debuginfo-4.14.6_12-150300.3.66.1 * xen-debugsource-4.14.6_12-150300.3.66.1 * openSUSE Leap 15.3 (x86_64) * xen-libs-32bit-debuginfo-4.14.6_12-150300.3.66.1 * xen-libs-32bit-4.14.6_12-150300.3.66.1 * openSUSE Leap 15.3 (aarch64 x86_64) * xen-tools-4.14.6_12-150300.3.66.1 * xen-tools-debuginfo-4.14.6_12-150300.3.66.1 * xen-4.14.6_12-150300.3.66.1 * xen-doc-html-4.14.6_12-150300.3.66.1 * openSUSE Leap 15.3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_12-150300.3.66.1 * openSUSE Leap 15.3 (aarch64_ilp32) * xen-libs-64bit-4.14.6_12-150300.3.66.1 * xen-libs-64bit-debuginfo-4.14.6_12-150300.3.66.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * xen-libs-debuginfo-4.14.6_12-150300.3.66.1 * xen-libs-4.14.6_12-150300.3.66.1 * xen-debugsource-4.14.6_12-150300.3.66.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46841.html * https://bugzilla.suse.com/show_bug.cgi?id=1219885 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:46 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:46 -0000 Subject: SUSE-SU-2024:0934-1: moderate: Security update for xen Message-ID: <171111070687.3825.4917954226586855380@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:0934-1 Rating: moderate References: * bsc#1219885 Cross-References: * CVE-2023-46841 CVSS scores: * CVE-2023-46841 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 An update that solves one vulnerability can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2023-46841: Fixed shadow stack vs exceptions from emulation stubs (XSA-451) (bsc#1219885). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-934=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-934=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-934=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-934=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-934=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-934=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-934=1 ## Package List: * openSUSE Leap 15.4 (aarch64 x86_64 i586) * xen-libs-4.16.5_14-150400.4.49.1 * xen-tools-domU-debuginfo-4.16.5_14-150400.4.49.1 * xen-libs-debuginfo-4.16.5_14-150400.4.49.1 * xen-devel-4.16.5_14-150400.4.49.1 * xen-debugsource-4.16.5_14-150400.4.49.1 * xen-tools-domU-4.16.5_14-150400.4.49.1 * openSUSE Leap 15.4 (x86_64) * xen-libs-32bit-4.16.5_14-150400.4.49.1 * xen-libs-32bit-debuginfo-4.16.5_14-150400.4.49.1 * openSUSE Leap 15.4 (aarch64 x86_64) * xen-tools-4.16.5_14-150400.4.49.1 * xen-4.16.5_14-150400.4.49.1 * xen-tools-debuginfo-4.16.5_14-150400.4.49.1 * xen-doc-html-4.16.5_14-150400.4.49.1 * openSUSE Leap 15.4 (noarch) * xen-tools-xendomains-wait-disk-4.16.5_14-150400.4.49.1 * openSUSE Leap 15.4 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.16.5_14-150400.4.49.1 * xen-libs-64bit-4.16.5_14-150400.4.49.1 * openSUSE Leap Micro 5.3 (x86_64) * xen-libs-4.16.5_14-150400.4.49.1 * xen-debugsource-4.16.5_14-150400.4.49.1 * xen-libs-debuginfo-4.16.5_14-150400.4.49.1 * openSUSE Leap Micro 5.4 (x86_64) * xen-libs-4.16.5_14-150400.4.49.1 * xen-debugsource-4.16.5_14-150400.4.49.1 * xen-libs-debuginfo-4.16.5_14-150400.4.49.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * xen-libs-4.16.5_14-150400.4.49.1 * xen-debugsource-4.16.5_14-150400.4.49.1 * xen-libs-debuginfo-4.16.5_14-150400.4.49.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * xen-libs-4.16.5_14-150400.4.49.1 * xen-debugsource-4.16.5_14-150400.4.49.1 * xen-libs-debuginfo-4.16.5_14-150400.4.49.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * xen-libs-4.16.5_14-150400.4.49.1 * xen-debugsource-4.16.5_14-150400.4.49.1 * xen-libs-debuginfo-4.16.5_14-150400.4.49.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * xen-libs-4.16.5_14-150400.4.49.1 * xen-debugsource-4.16.5_14-150400.4.49.1 * xen-libs-debuginfo-4.16.5_14-150400.4.49.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46841.html * https://bugzilla.suse.com/show_bug.cgi?id=1219885 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:50 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:50 -0000 Subject: SUSE-RU-2024:0933-1: moderate: Recommended update for intel-opencl Message-ID: <171111071010.3825.4691102905891399955@smelt2.prg2.suse.org> # Recommended update for intel-opencl Announcement ID: SUSE-RU-2024:0933-1 Rating: moderate References: * bsc#1219781 Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for intel-opencl fixes the following issues: * keep icd file in /etc/OpenCL/vendors on Leap 15.x/sle-15-SPx; added Requires to libigc1, libigdfcl1 packages (bsc#1219781) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-933=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-933=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-933=1 openSUSE-SLE-15.5-2024-933=1 ## Package List: * Development Tools Module 15-SP5 (x86_64) * libigdfcl1-1.0.8744-150400.3.3.1 * libigc1-debuginfo-1.0.8744-150400.3.3.1 * libopencl-clang11-debuginfo-1.0.8744-150400.3.3.1 * libigc1-1.0.8744-150400.3.3.1 * intel-graphics-compiler-debugsource-1.0.8744-150400.3.3.1 * libigdfcl1-debuginfo-1.0.8744-150400.3.3.1 * intel-opencl-21.39.21127-150500.7.5.1 * intel-graphics-compiler-debuginfo-1.0.8744-150400.3.3.1 * intel-opencl-debugsource-21.39.21127-150500.7.5.1 * intel-opencl-devel-21.39.21127-150500.7.5.1 * libopencl-clang11-1.0.8744-150400.3.3.1 * intel-opencl-debuginfo-21.39.21127-150500.7.5.1 * openSUSE Leap 15.4 (x86_64) * iga-1.0.8744-150400.3.3.1 * libigdfcl1-1.0.8744-150400.3.3.1 * libigc1-debuginfo-1.0.8744-150400.3.3.1 * libopencl-clang11-debuginfo-1.0.8744-150400.3.3.1 * libigc1-1.0.8744-150400.3.3.1 * libiga-devel-1.0.8744-150400.3.3.1 * intel-graphics-compiler-debugsource-1.0.8744-150400.3.3.1 * libigdfcl-devel-1.0.8744-150400.3.3.1 * libigdfcl1-debuginfo-1.0.8744-150400.3.3.1 * libiga64-1-1.0.8744-150400.3.3.1 * intel-graphics-compiler-debuginfo-1.0.8744-150400.3.3.1 * libigc-devel-1.0.8744-150400.3.3.1 * iga-debuginfo-1.0.8744-150400.3.3.1 * libiga64-1-debuginfo-1.0.8744-150400.3.3.1 * libopencl-clang11-1.0.8744-150400.3.3.1 * openSUSE Leap 15.5 (x86_64) * iga-1.0.8744-150400.3.3.1 * libigdfcl1-1.0.8744-150400.3.3.1 * libigc1-debuginfo-1.0.8744-150400.3.3.1 * libopencl-clang11-debuginfo-1.0.8744-150400.3.3.1 * libigc1-1.0.8744-150400.3.3.1 * libiga-devel-1.0.8744-150400.3.3.1 * intel-graphics-compiler-debugsource-1.0.8744-150400.3.3.1 * libigdfcl-devel-1.0.8744-150400.3.3.1 * libigdfcl1-debuginfo-1.0.8744-150400.3.3.1 * libiga64-1-1.0.8744-150400.3.3.1 * intel-opencl-21.39.21127-150500.7.5.1 * intel-graphics-compiler-debuginfo-1.0.8744-150400.3.3.1 * libigc-devel-1.0.8744-150400.3.3.1 * intel-opencl-debugsource-21.39.21127-150500.7.5.1 * intel-opencl-devel-21.39.21127-150500.7.5.1 * iga-debuginfo-1.0.8744-150400.3.3.1 * libiga64-1-debuginfo-1.0.8744-150400.3.3.1 * libopencl-clang11-1.0.8744-150400.3.3.1 * intel-opencl-debuginfo-21.39.21127-150500.7.5.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219781 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:51 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:51 -0000 Subject: SUSE-RU-2024:0932-1: moderate: Recommended update for scap-security-guide Message-ID: <171111071113.3825.9023821240479920878@smelt2.prg2.suse.org> # Recommended update for scap-security-guide Announcement ID: SUSE-RU-2024:0932-1 Rating: moderate References: * jsc#ECO-3319 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that contains one feature can now be installed. ## Description: This update for scap-security-guide fixes the following issues: scap-security-guide was updated to 0.1.72 (jsc#ECO-3319) * ANSSI BP 028 profile for debian12 (#11368) * Control for BSI APP.4.4 (#11342) * update to CIS RHEL 7 and RHEL 8 profiles aligning them with the latest benchmarks * various fixes to SLE profiles * add openeuler data to -redhat package ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-932=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-932=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-932=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * scap-security-guide-0.1.72-9.24.3 * scap-security-guide-ubuntu-0.1.72-9.24.3 * scap-security-guide-redhat-0.1.72-9.24.3 * scap-security-guide-debian-0.1.72-9.24.3 * SUSE Linux Enterprise Server 12 SP5 (noarch) * scap-security-guide-0.1.72-9.24.3 * scap-security-guide-ubuntu-0.1.72-9.24.3 * scap-security-guide-redhat-0.1.72-9.24.3 * scap-security-guide-debian-0.1.72-9.24.3 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * scap-security-guide-0.1.72-9.24.3 * scap-security-guide-ubuntu-0.1.72-9.24.3 * scap-security-guide-redhat-0.1.72-9.24.3 * scap-security-guide-debian-0.1.72-9.24.3 ## References: * https://jira.suse.com/browse/ECO-3319 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:54 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:54 -0000 Subject: SUSE-RU-2024:0931-1: moderate: Recommended update for gtk3 Message-ID: <171111071412.3825.18260869859141910117@smelt2.prg2.suse.org> # Recommended update for gtk3 Announcement ID: SUSE-RU-2024:0931-1 Rating: moderate References: * bsc#1219891 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that has one fix can now be installed. ## Description: This update for gtk3 fixes the following issues: * Don't call XInput API for core events to fix crash of emacs based on gtk ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-931=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-931=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-931=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-931=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * gtk3-devel-debuginfo-3.20.10-17.13.1 * gtk3-debugsource-3.20.10-17.13.1 * gtk3-devel-3.20.10-17.13.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * gtk3-lang-3.20.10-17.13.1 * gtk3-data-3.20.10-17.13.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libgtk-3-0-3.20.10-17.13.1 * gtk3-tools-3.20.10-17.13.1 * libgtk-3-0-debuginfo-3.20.10-17.13.1 * gtk3-debugsource-3.20.10-17.13.1 * typelib-1_0-Gtk-3_0-3.20.10-17.13.1 * gtk3-tools-debuginfo-3.20.10-17.13.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * gtk3-tools-debuginfo-32bit-3.20.10-17.13.1 * gtk3-tools-32bit-3.20.10-17.13.1 * libgtk-3-0-debuginfo-32bit-3.20.10-17.13.1 * libgtk-3-0-32bit-3.20.10-17.13.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * gtk3-lang-3.20.10-17.13.1 * gtk3-data-3.20.10-17.13.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libgtk-3-0-3.20.10-17.13.1 * gtk3-tools-3.20.10-17.13.1 * libgtk-3-0-debuginfo-3.20.10-17.13.1 * gtk3-debugsource-3.20.10-17.13.1 * typelib-1_0-Gtk-3_0-3.20.10-17.13.1 * gtk3-tools-debuginfo-3.20.10-17.13.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * gtk3-tools-debuginfo-32bit-3.20.10-17.13.1 * gtk3-tools-32bit-3.20.10-17.13.1 * libgtk-3-0-debuginfo-32bit-3.20.10-17.13.1 * libgtk-3-0-32bit-3.20.10-17.13.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * gtk3-lang-3.20.10-17.13.1 * gtk3-data-3.20.10-17.13.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libgtk-3-0-3.20.10-17.13.1 * gtk3-tools-3.20.10-17.13.1 * libgtk-3-0-debuginfo-3.20.10-17.13.1 * gtk3-debugsource-3.20.10-17.13.1 * typelib-1_0-Gtk-3_0-3.20.10-17.13.1 * gtk3-tools-debuginfo-3.20.10-17.13.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * gtk3-tools-debuginfo-32bit-3.20.10-17.13.1 * gtk3-tools-32bit-3.20.10-17.13.1 * libgtk-3-0-debuginfo-32bit-3.20.10-17.13.1 * libgtk-3-0-32bit-3.20.10-17.13.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219891 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:55 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:55 -0000 Subject: SUSE-RU-2024:0930-1: moderate: Recommended update for mariadb Message-ID: <171111071522.3825.8046695228732625527@smelt2.prg2.suse.org> # Recommended update for mariadb Announcement ID: SUSE-RU-2024:0930-1 Rating: moderate References: Affected Products: * Galera for Ericsson 15 SP3 * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that can now be installed. ## Description: This update for mariadb fixes the following issues: * Update to 10.5.24: * https://mariadb.com/kb/en/mariadb-10-5-24-release-notes/ * https://mariadb.com/kb/en/mariadb-10-5-24-changelog/ ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-930=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-930=1 * Galera for Ericsson 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-ERICSSON-2024-930=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-930=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-930=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-930=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * mariadb-10.5.24-150300.3.41.1 * mariadb-galera-10.5.24-150300.3.41.1 * mariadb-bench-10.5.24-150300.3.41.1 * libmariadbd19-10.5.24-150300.3.41.1 * libmariadbd19-debuginfo-10.5.24-150300.3.41.1 * mariadb-bench-debuginfo-10.5.24-150300.3.41.1 * mariadb-test-debuginfo-10.5.24-150300.3.41.1 * mariadb-test-10.5.24-150300.3.41.1 * mariadb-rpm-macros-10.5.24-150300.3.41.1 * mariadb-tools-10.5.24-150300.3.41.1 * mariadb-client-debuginfo-10.5.24-150300.3.41.1 * mariadb-debuginfo-10.5.24-150300.3.41.1 * mariadb-debugsource-10.5.24-150300.3.41.1 * mariadb-client-10.5.24-150300.3.41.1 * mariadb-tools-debuginfo-10.5.24-150300.3.41.1 * libmariadbd-devel-10.5.24-150300.3.41.1 * openSUSE Leap 15.3 (noarch) * mariadb-errormessages-10.5.24-150300.3.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * mariadb-10.5.24-150300.3.41.1 * libmariadbd19-10.5.24-150300.3.41.1 * libmariadbd19-debuginfo-10.5.24-150300.3.41.1 * mariadb-tools-10.5.24-150300.3.41.1 * mariadb-client-debuginfo-10.5.24-150300.3.41.1 * mariadb-debuginfo-10.5.24-150300.3.41.1 * mariadb-debugsource-10.5.24-150300.3.41.1 * mariadb-client-10.5.24-150300.3.41.1 * mariadb-tools-debuginfo-10.5.24-150300.3.41.1 * libmariadbd-devel-10.5.24-150300.3.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * mariadb-errormessages-10.5.24-150300.3.41.1 * Galera for Ericsson 15 SP3 (x86_64) * mariadb-galera-10.5.24-150300.3.41.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * mariadb-10.5.24-150300.3.41.1 * libmariadbd19-10.5.24-150300.3.41.1 * libmariadbd19-debuginfo-10.5.24-150300.3.41.1 * mariadb-tools-10.5.24-150300.3.41.1 * mariadb-client-debuginfo-10.5.24-150300.3.41.1 * mariadb-debuginfo-10.5.24-150300.3.41.1 * mariadb-debugsource-10.5.24-150300.3.41.1 * mariadb-client-10.5.24-150300.3.41.1 * mariadb-tools-debuginfo-10.5.24-150300.3.41.1 * libmariadbd-devel-10.5.24-150300.3.41.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * mariadb-errormessages-10.5.24-150300.3.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * mariadb-10.5.24-150300.3.41.1 * libmariadbd19-10.5.24-150300.3.41.1 * libmariadbd19-debuginfo-10.5.24-150300.3.41.1 * mariadb-tools-10.5.24-150300.3.41.1 * mariadb-client-debuginfo-10.5.24-150300.3.41.1 * mariadb-debuginfo-10.5.24-150300.3.41.1 * mariadb-debugsource-10.5.24-150300.3.41.1 * mariadb-client-10.5.24-150300.3.41.1 * mariadb-tools-debuginfo-10.5.24-150300.3.41.1 * libmariadbd-devel-10.5.24-150300.3.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * mariadb-errormessages-10.5.24-150300.3.41.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * mariadb-10.5.24-150300.3.41.1 * libmariadbd19-10.5.24-150300.3.41.1 * libmariadbd19-debuginfo-10.5.24-150300.3.41.1 * mariadb-tools-10.5.24-150300.3.41.1 * mariadb-client-debuginfo-10.5.24-150300.3.41.1 * mariadb-debuginfo-10.5.24-150300.3.41.1 * mariadb-debugsource-10.5.24-150300.3.41.1 * mariadb-client-10.5.24-150300.3.41.1 * mariadb-tools-debuginfo-10.5.24-150300.3.41.1 * libmariadbd-devel-10.5.24-150300.3.41.1 * SUSE Enterprise Storage 7.1 (noarch) * mariadb-errormessages-10.5.24-150300.3.41.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:31:57 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:31:57 -0000 Subject: SUSE-RU-2024:0929-1: moderate: Recommended update for coreutils Message-ID: <171111071793.3825.11943073826125913175@smelt2.prg2.suse.org> # Recommended update for coreutils Announcement ID: SUSE-RU-2024:0929-1 Rating: moderate References: * bsc#1219321 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for coreutils fixes the following issues: * tail: fix tailing sysfs files where PAGE_SIZE > BUFSIZ (bsc#1219321) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-929=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-929=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-929=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-929=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-929=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-929=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-929=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-929=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-929=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-929=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * coreutils-single-debuginfo-8.32-150400.9.3.1 * coreutils-testsuite-8.32-150400.9.3.1 * coreutils-8.32-150400.9.3.1 * coreutils-single-debugsource-8.32-150400.9.3.1 * coreutils-debugsource-8.32-150400.9.3.1 * coreutils-single-8.32-150400.9.3.1 * coreutils-debuginfo-8.32-150400.9.3.1 * openSUSE Leap 15.5 (noarch) * coreutils-lang-8.32-150400.9.3.1 * coreutils-doc-8.32-150400.9.3.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * coreutils-debugsource-8.32-150400.9.3.1 * coreutils-8.32-150400.9.3.1 * coreutils-debuginfo-8.32-150400.9.3.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * coreutils-debugsource-8.32-150400.9.3.1 * coreutils-8.32-150400.9.3.1 * coreutils-debuginfo-8.32-150400.9.3.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * coreutils-debugsource-8.32-150400.9.3.1 * coreutils-8.32-150400.9.3.1 * coreutils-debuginfo-8.32-150400.9.3.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * coreutils-debugsource-8.32-150400.9.3.1 * coreutils-8.32-150400.9.3.1 * coreutils-debuginfo-8.32-150400.9.3.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * coreutils-debugsource-8.32-150400.9.3.1 * coreutils-8.32-150400.9.3.1 * coreutils-debuginfo-8.32-150400.9.3.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * coreutils-debugsource-8.32-150400.9.3.1 * coreutils-8.32-150400.9.3.1 * coreutils-debuginfo-8.32-150400.9.3.1 * Basesystem Module 15-SP5 (noarch) * coreutils-lang-8.32-150400.9.3.1 * coreutils-doc-8.32-150400.9.3.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * coreutils-single-debuginfo-8.32-150400.9.3.1 * coreutils-testsuite-8.32-150400.9.3.1 * coreutils-8.32-150400.9.3.1 * coreutils-single-debugsource-8.32-150400.9.3.1 * coreutils-debugsource-8.32-150400.9.3.1 * coreutils-single-8.32-150400.9.3.1 * coreutils-debuginfo-8.32-150400.9.3.1 * openSUSE Leap 15.4 (noarch) * coreutils-lang-8.32-150400.9.3.1 * coreutils-doc-8.32-150400.9.3.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * coreutils-debugsource-8.32-150400.9.3.1 * coreutils-8.32-150400.9.3.1 * coreutils-debuginfo-8.32-150400.9.3.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * coreutils-debugsource-8.32-150400.9.3.1 * coreutils-8.32-150400.9.3.1 * coreutils-debuginfo-8.32-150400.9.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219321 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:32:15 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:32:15 -0000 Subject: SUSE-SU-2024:0926-1: important: Security update for the Linux Kernel Message-ID: <171111073559.3825.8945658592852688942@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:0926-1 Rating: important References: * bsc#1155518 * bsc#1184436 * bsc#1185988 * bsc#1186286 * bsc#1200599 * bsc#1212514 * bsc#1213456 * bsc#1218689 * bsc#1218915 * bsc#1219127 * bsc#1219128 * bsc#1219146 * bsc#1219295 * bsc#1219653 * bsc#1219827 * bsc#1219835 * bsc#1220009 * bsc#1220140 * bsc#1220187 * bsc#1220238 * bsc#1220240 * bsc#1220241 * bsc#1220243 * bsc#1220250 * bsc#1220253 * bsc#1220255 * bsc#1220328 * bsc#1220330 * bsc#1220344 * bsc#1220398 * bsc#1220409 * bsc#1220416 * bsc#1220418 * bsc#1220421 * bsc#1220436 * bsc#1220444 * bsc#1220459 * bsc#1220469 * bsc#1220482 * bsc#1220526 * bsc#1220538 * bsc#1220570 * bsc#1220572 * bsc#1220599 * bsc#1220627 * bsc#1220641 * bsc#1220649 * bsc#1220660 * bsc#1220700 * bsc#1220735 * bsc#1220736 * bsc#1220737 * bsc#1220742 * bsc#1220745 * bsc#1220767 * bsc#1220796 * bsc#1220825 * bsc#1220826 * bsc#1220831 * bsc#1220845 * bsc#1220860 * bsc#1220863 * bsc#1220870 * bsc#1220917 * bsc#1220918 * bsc#1220930 * bsc#1220931 * bsc#1220932 * bsc#1221039 * bsc#1221040 * bsc#1221287 Cross-References: * CVE-2019-25162 * CVE-2020-36777 * CVE-2020-36784 * CVE-2021-46904 * CVE-2021-46905 * CVE-2021-46906 * CVE-2021-46915 * CVE-2021-46924 * CVE-2021-46929 * CVE-2021-46932 * CVE-2021-46934 * CVE-2021-46953 * CVE-2021-46964 * CVE-2021-46966 * CVE-2021-46974 * CVE-2021-46989 * CVE-2021-47005 * CVE-2021-47012 * CVE-2021-47013 * CVE-2021-47054 * CVE-2021-47060 * CVE-2021-47061 * CVE-2021-47069 * CVE-2021-47076 * CVE-2021-47078 * CVE-2021-47083 * CVE-2022-20154 * CVE-2022-48627 * CVE-2023-28746 * CVE-2023-35827 * CVE-2023-46343 * CVE-2023-51042 * CVE-2023-52340 * CVE-2023-52429 * CVE-2023-52439 * CVE-2023-52443 * CVE-2023-52445 * CVE-2023-52448 * CVE-2023-52449 * CVE-2023-52451 * CVE-2023-52463 * CVE-2023-52475 * CVE-2023-52478 * CVE-2023-52482 * CVE-2023-52502 * CVE-2023-52530 * CVE-2023-52531 * CVE-2023-52532 * CVE-2023-52569 * CVE-2023-52574 * CVE-2023-52597 * CVE-2023-52605 * CVE-2024-0340 * CVE-2024-0607 * CVE-2024-1151 * CVE-2024-23849 * CVE-2024-23851 * CVE-2024-26585 * CVE-2024-26586 * CVE-2024-26589 * CVE-2024-26593 * CVE-2024-26595 * CVE-2024-26602 * CVE-2024-26607 * CVE-2024-26622 CVSS scores: * CVE-2019-25162 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2020-36777 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2020-36784 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46904 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46905 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46924 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46932 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46934 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46953 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46974 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2021-47005 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47012 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47054 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47060 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47061 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47069 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47076 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47078 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47083 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2022-20154 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-20154 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48627 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-46343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46343 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-51042 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-51042 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52439 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52439 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52443 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52443 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52445 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52445 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52448 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52448 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52449 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52451 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52451 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52463 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52475 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52478 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52482 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52530 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52531 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52569 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0340 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-0340 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-0607 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-0607 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-1151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-23849 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26586 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26589 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26589 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26593 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26607 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Availability Extension 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Manager Proxy 4.1 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Server 4.1 An update that solves 65 vulnerabilities and has six security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP2 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47078: Fixed a bug by clearing all QP fields if creation failed (bsc#1220863) * CVE-2021-47076: Fixed a bug by returning CQE error if invalid lkey was supplied (bsc#1220860) * CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039) * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() (bsc#1220831). * CVE-2023-52569: Fixed a bug in btrfs by remoning BUG() after failure to insert delayed dir index item (bsc#1220918). * CVE-2023-52482: Fixed a bug by adding SRSO mitigation for Hygon processors (bsc#1220735). * CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040). * CVE-2022-48627: Fixed a memory overlapping when deleting chars in the buffer (bsc#1220845). * CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870). * CVE-2021-46934: Fixed a bug by validating user data in compat ioctl (bsc#1220469). * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work() (bsc#1212514). * CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932). * CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930). * CVE-2023-52531: Fixed a memory corruption issue in iwlwifi (bsc#1220931). * CVE-2021-47083: Fixed a global-out-of-bounds issue in mediatek: (bsc#1220917). * CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736). * CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255). * CVE-2021-47005: Fixed a NULL pointer dereference for ->get_features() (bsc#1220660). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295). * CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915). * CVE-2021-47060: Fixed a bug in KVM by stop looking for coalesced MMIO zones if the bus is destroyed (bsc#1220742). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825). * CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250). * CVE-2021-46932: Fixed missing work initialization before device registration (bsc#1220444) * CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328). * CVE-2021-47012: Fixed a use after free in siw_alloc_mr (bsc#1220627). * CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238). * CVE-2023-52475: Fixed use-after-free in powermate_config_complete (bsc#1220649) * CVE-2023-52478: Fixed kernel crash on receiver USB disconnect (bsc#1220796) * CVE-2021-46989: Fixed a bug by preventing corruption in shrinking truncate in hfsplus (bsc#1220737). * CVE-2021-46915: Fixed a bug to avoid possible divide error in nft_limit_init (bsc#1220436). * CVE-2021-46924: Fixed fix memory leak in device probe and remove (bsc#1220459) * CVE-2019-25162: Fixed a potential use after free (bsc#1220409). * CVE-2020-36784: Fixed reference leak when pm_runtime_get_sync fails (bsc#1220570). * CVE-2021-47061: Fixed a bug in KVM by destroy I/O bus devices on unregister failure _after_ sync'ing SRCU (bsc#1220745). * CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241). * CVE-2023-46343: Fixed a NULL pointer dereference in send_acknowledge() (CVE-2023-46343). * CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140). * CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240). * CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398). * CVE-2024-26593: Fixed block process call transactions (bsc#1220009). * CVE-2021-47013: Fixed a use after free in emac_mac_tx_buf_send (bsc#1220641). * CVE-2024-26586: Fixed stack corruption (bsc#1220243). * CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344). * CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2_rgrp_dump (bsc#1220253). * CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835). * CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127). * CVE-2024-0340: Fixed information disclosure in vhost/vhost.c:vhost_new_msg() (bsc#1218689). * CVE-2023-51042: Fixed use-after-free in amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c (bsc#1219128). The following non-security bugs were fixed: * EDAC/thunderx: Fix possible out-of-bounds string access (bsc#1220330) * KVM: Destroy target device if coalesced MMIO unregistration fails (git- fixes). * KVM: mmio: Fix use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio (git-fixes). * KVM: VMX: Move VERW closer to VMentry for MDS mitigation (git-fixes). * KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (git- fixes). * KVM: x86: add support for CPUID leaf 0x80000021 (git-fixes). * KVM: x86: Move open-coded CPUID leaf 0x80000021 EAX bit propagation code (git-fixes). * KVM: x86: synthesize CPUID leaf 0x80000021h if useful (git-fixes). * KVM: x86: work around QEMU issue with synthetic CPUID leaves (git-fixes). * x86/asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix (git-fixes). * x86/bugs: Add asm helpers for executing VERW (git-fixes). * x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (git- fixes). * x86/cpu, kvm: Move X86_FEATURE_LFENCE_RDTSC to its native leaf (git-fixes). * x86/entry_32: Add VERW just before userspace transition (git-fixes). * x86/entry_64: Add VERW just before userspace transition (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-926=1 * SUSE Linux Enterprise High Availability Extension 15 SP2 zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2024-926=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-926=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-926=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-926=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (nosrc) * kernel-default-5.3.18-150200.24.183.1 * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-default-livepatch-devel-5.3.18-150200.24.183.1 * kernel-livepatch-SLE15-SP2_Update_46-debugsource-1-150200.5.3.2 * kernel-default-debuginfo-5.3.18-150200.24.183.1 * kernel-default-livepatch-5.3.18-150200.24.183.1 * kernel-livepatch-5_3_18-150200_24_183-default-debuginfo-1-150200.5.3.2 * kernel-livepatch-5_3_18-150200_24_183-default-1-150200.5.3.2 * kernel-default-debugsource-5.3.18-150200.24.183.1 * SUSE Linux Enterprise High Availability Extension 15 SP2 (aarch64 ppc64le s390x x86_64) * cluster-md-kmp-default-5.3.18-150200.24.183.1 * gfs2-kmp-default-5.3.18-150200.24.183.1 * ocfs2-kmp-default-debuginfo-5.3.18-150200.24.183.1 * cluster-md-kmp-default-debuginfo-5.3.18-150200.24.183.1 * dlm-kmp-default-debuginfo-5.3.18-150200.24.183.1 * kernel-default-debuginfo-5.3.18-150200.24.183.1 * gfs2-kmp-default-debuginfo-5.3.18-150200.24.183.1 * kernel-default-debugsource-5.3.18-150200.24.183.1 * ocfs2-kmp-default-5.3.18-150200.24.183.1 * dlm-kmp-default-5.3.18-150200.24.183.1 * SUSE Linux Enterprise High Availability Extension 15 SP2 (nosrc) * kernel-default-5.3.18-150200.24.183.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150200.24.183.1 * kernel-default-5.3.18-150200.24.183.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * kernel-default-devel-5.3.18-150200.24.183.1 * kernel-preempt-devel-5.3.18-150200.24.183.1 * kernel-preempt-debuginfo-5.3.18-150200.24.183.1 * kernel-syms-5.3.18-150200.24.183.1 * kernel-default-base-5.3.18-150200.24.183.1.150200.9.93.2 * kernel-obs-build-5.3.18-150200.24.183.1 * kernel-obs-build-debugsource-5.3.18-150200.24.183.1 * kernel-default-debuginfo-5.3.18-150200.24.183.1 * kernel-preempt-debugsource-5.3.18-150200.24.183.1 * kernel-default-devel-debuginfo-5.3.18-150200.24.183.1 * kernel-preempt-devel-debuginfo-5.3.18-150200.24.183.1 * kernel-default-debugsource-5.3.18-150200.24.183.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * kernel-devel-5.3.18-150200.24.183.1 * kernel-macros-5.3.18-150200.24.183.1 * kernel-source-5.3.18-150200.24.183.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch nosrc) * kernel-docs-5.3.18-150200.24.183.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.3.18-150200.24.183.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-5.3.18-150200.24.183.1 * reiserfs-kmp-default-debuginfo-5.3.18-150200.24.183.1 * kernel-syms-5.3.18-150200.24.183.1 * kernel-default-base-5.3.18-150200.24.183.1.150200.9.93.2 * kernel-obs-build-5.3.18-150200.24.183.1 * kernel-obs-build-debugsource-5.3.18-150200.24.183.1 * kernel-default-debuginfo-5.3.18-150200.24.183.1 * kernel-default-devel-debuginfo-5.3.18-150200.24.183.1 * reiserfs-kmp-default-5.3.18-150200.24.183.1 * kernel-default-debugsource-5.3.18-150200.24.183.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * kernel-devel-5.3.18-150200.24.183.1 * kernel-macros-5.3.18-150200.24.183.1 * kernel-source-5.3.18-150200.24.183.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch nosrc) * kernel-docs-5.3.18-150200.24.183.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 nosrc x86_64) * kernel-preempt-5.3.18-150200.24.183.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * kernel-preempt-devel-5.3.18-150200.24.183.1 * kernel-preempt-debugsource-5.3.18-150200.24.183.1 * kernel-preempt-debuginfo-5.3.18-150200.24.183.1 * kernel-preempt-devel-debuginfo-5.3.18-150200.24.183.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (nosrc ppc64le x86_64) * kernel-default-5.3.18-150200.24.183.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * kernel-default-devel-5.3.18-150200.24.183.1 * reiserfs-kmp-default-debuginfo-5.3.18-150200.24.183.1 * kernel-syms-5.3.18-150200.24.183.1 * kernel-default-base-5.3.18-150200.24.183.1.150200.9.93.2 * kernel-obs-build-5.3.18-150200.24.183.1 * kernel-obs-build-debugsource-5.3.18-150200.24.183.1 * kernel-default-debuginfo-5.3.18-150200.24.183.1 * kernel-default-devel-debuginfo-5.3.18-150200.24.183.1 * reiserfs-kmp-default-5.3.18-150200.24.183.1 * kernel-default-debugsource-5.3.18-150200.24.183.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * kernel-devel-5.3.18-150200.24.183.1 * kernel-macros-5.3.18-150200.24.183.1 * kernel-source-5.3.18-150200.24.183.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch nosrc) * kernel-docs-5.3.18-150200.24.183.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (nosrc x86_64) * kernel-preempt-5.3.18-150200.24.183.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * kernel-preempt-devel-5.3.18-150200.24.183.1 * kernel-preempt-debugsource-5.3.18-150200.24.183.1 * kernel-preempt-debuginfo-5.3.18-150200.24.183.1 * kernel-preempt-devel-debuginfo-5.3.18-150200.24.183.1 ## References: * https://www.suse.com/security/cve/CVE-2019-25162.html * https://www.suse.com/security/cve/CVE-2020-36777.html * https://www.suse.com/security/cve/CVE-2020-36784.html * https://www.suse.com/security/cve/CVE-2021-46904.html * https://www.suse.com/security/cve/CVE-2021-46905.html * https://www.suse.com/security/cve/CVE-2021-46906.html * https://www.suse.com/security/cve/CVE-2021-46915.html * https://www.suse.com/security/cve/CVE-2021-46924.html * https://www.suse.com/security/cve/CVE-2021-46929.html * https://www.suse.com/security/cve/CVE-2021-46932.html * https://www.suse.com/security/cve/CVE-2021-46934.html * https://www.suse.com/security/cve/CVE-2021-46953.html * https://www.suse.com/security/cve/CVE-2021-46964.html * https://www.suse.com/security/cve/CVE-2021-46966.html * https://www.suse.com/security/cve/CVE-2021-46974.html * https://www.suse.com/security/cve/CVE-2021-46989.html * https://www.suse.com/security/cve/CVE-2021-47005.html * https://www.suse.com/security/cve/CVE-2021-47012.html * https://www.suse.com/security/cve/CVE-2021-47013.html * https://www.suse.com/security/cve/CVE-2021-47054.html * https://www.suse.com/security/cve/CVE-2021-47060.html * https://www.suse.com/security/cve/CVE-2021-47061.html * https://www.suse.com/security/cve/CVE-2021-47069.html * https://www.suse.com/security/cve/CVE-2021-47076.html * https://www.suse.com/security/cve/CVE-2021-47078.html * https://www.suse.com/security/cve/CVE-2021-47083.html * https://www.suse.com/security/cve/CVE-2022-20154.html * https://www.suse.com/security/cve/CVE-2022-48627.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-35827.html * https://www.suse.com/security/cve/CVE-2023-46343.html * https://www.suse.com/security/cve/CVE-2023-51042.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52429.html * https://www.suse.com/security/cve/CVE-2023-52439.html * https://www.suse.com/security/cve/CVE-2023-52443.html * https://www.suse.com/security/cve/CVE-2023-52445.html * https://www.suse.com/security/cve/CVE-2023-52448.html * https://www.suse.com/security/cve/CVE-2023-52449.html * https://www.suse.com/security/cve/CVE-2023-52451.html * https://www.suse.com/security/cve/CVE-2023-52463.html * https://www.suse.com/security/cve/CVE-2023-52475.html * https://www.suse.com/security/cve/CVE-2023-52478.html * https://www.suse.com/security/cve/CVE-2023-52482.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52530.html * https://www.suse.com/security/cve/CVE-2023-52531.html * https://www.suse.com/security/cve/CVE-2023-52532.html * https://www.suse.com/security/cve/CVE-2023-52569.html * https://www.suse.com/security/cve/CVE-2023-52574.html * https://www.suse.com/security/cve/CVE-2023-52597.html * https://www.suse.com/security/cve/CVE-2023-52605.html * https://www.suse.com/security/cve/CVE-2024-0340.html * https://www.suse.com/security/cve/CVE-2024-0607.html * https://www.suse.com/security/cve/CVE-2024-1151.html * https://www.suse.com/security/cve/CVE-2024-23849.html * https://www.suse.com/security/cve/CVE-2024-23851.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26586.html * https://www.suse.com/security/cve/CVE-2024-26589.html * https://www.suse.com/security/cve/CVE-2024-26593.html * https://www.suse.com/security/cve/CVE-2024-26595.html * https://www.suse.com/security/cve/CVE-2024-26602.html * https://www.suse.com/security/cve/CVE-2024-26607.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1155518 * https://bugzilla.suse.com/show_bug.cgi?id=1184436 * https://bugzilla.suse.com/show_bug.cgi?id=1185988 * https://bugzilla.suse.com/show_bug.cgi?id=1186286 * https://bugzilla.suse.com/show_bug.cgi?id=1200599 * https://bugzilla.suse.com/show_bug.cgi?id=1212514 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1218689 * https://bugzilla.suse.com/show_bug.cgi?id=1218915 * https://bugzilla.suse.com/show_bug.cgi?id=1219127 * https://bugzilla.suse.com/show_bug.cgi?id=1219128 * https://bugzilla.suse.com/show_bug.cgi?id=1219146 * https://bugzilla.suse.com/show_bug.cgi?id=1219295 * https://bugzilla.suse.com/show_bug.cgi?id=1219653 * https://bugzilla.suse.com/show_bug.cgi?id=1219827 * https://bugzilla.suse.com/show_bug.cgi?id=1219835 * https://bugzilla.suse.com/show_bug.cgi?id=1220009 * https://bugzilla.suse.com/show_bug.cgi?id=1220140 * https://bugzilla.suse.com/show_bug.cgi?id=1220187 * https://bugzilla.suse.com/show_bug.cgi?id=1220238 * https://bugzilla.suse.com/show_bug.cgi?id=1220240 * https://bugzilla.suse.com/show_bug.cgi?id=1220241 * https://bugzilla.suse.com/show_bug.cgi?id=1220243 * https://bugzilla.suse.com/show_bug.cgi?id=1220250 * https://bugzilla.suse.com/show_bug.cgi?id=1220253 * https://bugzilla.suse.com/show_bug.cgi?id=1220255 * https://bugzilla.suse.com/show_bug.cgi?id=1220328 * https://bugzilla.suse.com/show_bug.cgi?id=1220330 * https://bugzilla.suse.com/show_bug.cgi?id=1220344 * https://bugzilla.suse.com/show_bug.cgi?id=1220398 * https://bugzilla.suse.com/show_bug.cgi?id=1220409 * https://bugzilla.suse.com/show_bug.cgi?id=1220416 * https://bugzilla.suse.com/show_bug.cgi?id=1220418 * https://bugzilla.suse.com/show_bug.cgi?id=1220421 * https://bugzilla.suse.com/show_bug.cgi?id=1220436 * https://bugzilla.suse.com/show_bug.cgi?id=1220444 * https://bugzilla.suse.com/show_bug.cgi?id=1220459 * https://bugzilla.suse.com/show_bug.cgi?id=1220469 * https://bugzilla.suse.com/show_bug.cgi?id=1220482 * https://bugzilla.suse.com/show_bug.cgi?id=1220526 * https://bugzilla.suse.com/show_bug.cgi?id=1220538 * https://bugzilla.suse.com/show_bug.cgi?id=1220570 * https://bugzilla.suse.com/show_bug.cgi?id=1220572 * https://bugzilla.suse.com/show_bug.cgi?id=1220599 * https://bugzilla.suse.com/show_bug.cgi?id=1220627 * https://bugzilla.suse.com/show_bug.cgi?id=1220641 * https://bugzilla.suse.com/show_bug.cgi?id=1220649 * https://bugzilla.suse.com/show_bug.cgi?id=1220660 * https://bugzilla.suse.com/show_bug.cgi?id=1220700 * https://bugzilla.suse.com/show_bug.cgi?id=1220735 * https://bugzilla.suse.com/show_bug.cgi?id=1220736 * https://bugzilla.suse.com/show_bug.cgi?id=1220737 * https://bugzilla.suse.com/show_bug.cgi?id=1220742 * https://bugzilla.suse.com/show_bug.cgi?id=1220745 * https://bugzilla.suse.com/show_bug.cgi?id=1220767 * https://bugzilla.suse.com/show_bug.cgi?id=1220796 * https://bugzilla.suse.com/show_bug.cgi?id=1220825 * https://bugzilla.suse.com/show_bug.cgi?id=1220826 * https://bugzilla.suse.com/show_bug.cgi?id=1220831 * https://bugzilla.suse.com/show_bug.cgi?id=1220845 * https://bugzilla.suse.com/show_bug.cgi?id=1220860 * https://bugzilla.suse.com/show_bug.cgi?id=1220863 * https://bugzilla.suse.com/show_bug.cgi?id=1220870 * https://bugzilla.suse.com/show_bug.cgi?id=1220917 * https://bugzilla.suse.com/show_bug.cgi?id=1220918 * https://bugzilla.suse.com/show_bug.cgi?id=1220930 * https://bugzilla.suse.com/show_bug.cgi?id=1220931 * https://bugzilla.suse.com/show_bug.cgi?id=1220932 * https://bugzilla.suse.com/show_bug.cgi?id=1221039 * https://bugzilla.suse.com/show_bug.cgi?id=1221040 * https://bugzilla.suse.com/show_bug.cgi?id=1221287 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:32:28 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:32:28 -0000 Subject: SUSE-SU-2024:0925-1: important: Security update for the Linux Kernel Message-ID: <171111074880.3825.10205539599782948847@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:0925-1 Rating: important References: * bsc#1050549 * bsc#1186484 * bsc#1200599 * bsc#1212514 * bsc#1213456 * bsc#1218450 * bsc#1218527 * bsc#1218915 * bsc#1219127 * bsc#1219146 * bsc#1219295 * bsc#1219653 * bsc#1219827 * bsc#1219835 * bsc#1220187 * bsc#1220238 * bsc#1220240 * bsc#1220241 * bsc#1220250 * bsc#1220330 * bsc#1220340 * bsc#1220344 * bsc#1220409 * bsc#1220421 * bsc#1220436 * bsc#1220444 * bsc#1220459 * bsc#1220468 * bsc#1220482 * bsc#1220526 * bsc#1220570 * bsc#1220575 * bsc#1220599 * bsc#1220607 * bsc#1220613 * bsc#1220638 * bsc#1220641 * bsc#1220649 * bsc#1220700 * bsc#1220735 * bsc#1220767 * bsc#1220796 * bsc#1220825 * bsc#1220831 * bsc#1220845 * bsc#1220860 * bsc#1220861 * bsc#1220863 * bsc#1220870 * bsc#1220930 * bsc#1220931 * bsc#1220932 * bsc#1220957 * bsc#1221039 * bsc#1221040 * bsc#1221287 Cross-References: * CVE-2019-25162 * CVE-2020-36777 * CVE-2020-36784 * CVE-2021-33200 * CVE-2021-46906 * CVE-2021-46915 * CVE-2021-46921 * CVE-2021-46924 * CVE-2021-46929 * CVE-2021-46932 * CVE-2021-46953 * CVE-2021-46974 * CVE-2021-46991 * CVE-2021-46992 * CVE-2021-47013 * CVE-2021-47054 * CVE-2021-47076 * CVE-2021-47077 * CVE-2021-47078 * CVE-2022-20154 * CVE-2022-48627 * CVE-2023-28746 * CVE-2023-35827 * CVE-2023-46343 * CVE-2023-52340 * CVE-2023-52429 * CVE-2023-52443 * CVE-2023-52445 * CVE-2023-52449 * CVE-2023-52451 * CVE-2023-52464 * CVE-2023-52475 * CVE-2023-52478 * CVE-2023-52482 * CVE-2023-52502 * CVE-2023-52530 * CVE-2023-52531 * CVE-2023-52532 * CVE-2023-52574 * CVE-2023-52597 * CVE-2023-52605 * CVE-2024-0607 * CVE-2024-1151 * CVE-2024-23849 * CVE-2024-23851 * CVE-2024-26585 * CVE-2024-26595 * CVE-2024-26600: * CVE-2024-26622 CVSS scores: * CVE-2019-25162 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2020-36777 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2020-36784 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-33200 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2021-33200 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46906 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46921 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46924 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46929 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2021-46932 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46953 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-46974 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2021-46991 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2021-46992 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2021-47013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47054 ( SUSE ): 2.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47076 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47078 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L * CVE-2022-20154 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-20154 ( NVD ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48627 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-35827 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-46343 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-46343 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52443 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52443 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52445 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52445 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52449 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52451 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52451 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52464 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52475 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52478 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52482 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-52502 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52530 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52531 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52532 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52574 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52597 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H * CVE-2023-52605 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0607 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-0607 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-1151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-23849 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Availability Extension 12 SP5 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves 49 vulnerabilities and has seven security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2021-47078: Fixed a bug by clearing all QP fields if creation failed (bsc#1220863) * CVE-2021-47076: Fixed a bug by returning CQE error if invalid lkey was supplied (bsc#1220860) * CVE-2023-52605: Fixed a NULL pointer dereference check (bsc#1221039) * CVE-2023-52597: Fixed a setting of fpc register in KVM (bsc#1221040). * CVE-2023-52574: Fixed a bug by hiding new member header_ops (bsc#1220870). * CVE-2023-52482: Fixed a bug by adding SRSO mitigation for Hygon processors (bsc#1220735). * CVE-2022-48627: Fixed a memory overlapping when deleting chars in the buffer (bsc#1220845). * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2021-47077: Fixed a NULL pointer dereference when in shost_data (bsc#1220861). * CVE-2023-35827: Fixed a use-after-free issue in ravb_tx_timeout_work (bsc#1212514). * CVE-2023-52532: Fixed a bug in TX CQE error handling (bsc#1220932). * CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930). * CVE-2023-52531: Fixed a memory corruption issue in iwlwifi (bsc#1220931). * CVE-2023-52502: Fixed a race condition in nfc_llcp_sock_get and nfc_llcp_sock_get_sn (bsc#1220831). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295). * CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval (bsc#1218915). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control (bsc#1220825). * CVE-2021-46921: Fixed ordering in queued_write_lock_slowpath (bsc#1220468). * CVE-2021-46932: Fixed missing work initialization before device registration (bsc#1220444) * CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250). * CVE-2021-46953: Fixed a corruption in interrupt mappings on watchdow probe failure (bsc#1220599). * CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238). * CVE-2023-52475: Fixed use-after-free in powermate_config_complete (bsc#1220649) * CVE-2023-52478: Fixed kernel crash on receiver USB disconnect (bsc#1220796) * CVE-2019-25162: Fixed a potential use after free (bsc#1220409). * CVE-2020-36784: Fixed reference leak when pm_runtime_get_sync fails (bsc#1220570). * CVE-2021-47054: Fixed a bug to put child node before return (bsc#1220767). * CVE-2021-46924: Fixed fix memory leak in device probe and remove (bsc#1220459) * CVE-2021-46915: Fixed a bug to avoid possible divide error in nft_limit_init (bsc#1220436). * CVE-2021-46906: Fixed an info leak in hid_submit_ctrl (bsc#1220421). * CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241). * CVE-2020-36777: Fixed a memory leak in dvb_media_device_free (bsc#1220526). * CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240). * CVE-2023-46343: Fixed a NULL pointer dereference in send_acknowledge (CVE-2023-46343). * CVE-2021-46992: Fixed a bug to avoid overflows in nft_hash_buckets (bsc#1220638). * CVE-2021-47013: Fixed a use after free in emac_mac_tx_buf_send (bsc#1220641). * CVE-2021-46991: Fixed a use-after-free in i40e_client_subtask (bsc#1220575). * CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344). * CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835). * CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330) * CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127). * CVE-2024-26600: Fixed NULL pointer dereference for SRP in phy-omap-usb2 (bsc#1220340). The following non-security bugs were fixed: * ASN.1: Fix check for strdup() success (git-fixes). * audit: fix possible soft lockup in __audit_inode_child() (git-fixes). * Bluetooth: hci_bcsp: do not call kfree_skb() under spin_lock_irqsave() (git- fixes). * Bluetooth: hci_h5: do not call kfree_skb() under spin_lock_irqsave() (git- fixes). * Bluetooth: hci_ll: do not call kfree_skb() under spin_lock_irqsave() (git- fixes). * Bluetooth: hci_qca: do not call kfree_skb() under spin_lock_irqsave() (git- fixes). * bnx2x: Fix PF-VF communication over multi-cos queues (git-fixes). * e1000: fix memory leaks (git-fixes). * gve: Fix skb truesize underestimation (git-fixes). * igb: clean up in all error paths when enabling SR-IOV (git-fixes). * igb: Fix constant media auto sense switching when no cable is connected (git-fixes). * ipv6: Fix handling of LLA with VRF and sockets bound to VRF (git-fixes). * ipv6: fix typos in __ip6_finish_output() (git-fixes). * ixgbe: protect TX timestamping from API misuse (git-fixes). * kcm: Call strp_stop before strp_done in kcm_attach (git-fixes). * kcm: fix strp_init() order and cleanup (git-fixes). * KVM: s390: vsie: fix race during shadow creation (git-fixes bsc#1220613). * KVM: VMX: Move VERW closer to VMentry for MDS mitigation (git-fixes). * KVM: VMX: Use BT+JNC, i.e. EFLAGS.CF to select VMRESUME vs. VMLAUNCH (git- fixes). * KVM: x86: add support for CPUID leaf 0x80000021 (git-fixes). * KVM: x86: Move open-coded CPUID leaf 0x80000021 EAX bit propagation code (git-fixes). * KVM: x86: synthesize CPUID leaf 0x80000021h if useful (git-fixes). * KVM: x86: work around QEMU issue with synthetic CPUID leaves (git-fixes). * locking/barriers: Introduce smp_cond_load_relaxed() and atomic_cond_read_relaxed() (bsc#1220468 bsc#1050549). * md: bypass block throttle for superblock update (git-fixes). * media: coda: constify platform_device_id (git-fixes). * media: coda: explicitly request exclusive reset control (git-fixes). * media: coda: reduce iram size to leave space for suspend to ram (git-fixes). * media: coda: reuse coda_s_fmt_vid_cap to propagate format in coda_s_fmt_vid_out (git-fixes). * media: coda: set min_buffers_needed (git-fixes). * media: coda: wake up capture queue on encoder stop after output streamoff (git-fixes). * media: dvb-usb: Add memory free on error path in dw2102_probe() (git-fixes). * media: dvb-usb: dw2102: fix uninit-value in su3000_read_mac_address (git- fixes). * media: dvb-usb: m920x: Fix a potential memory leak in m920x_i2c_xfer() (git- fixes). * media: dw2102: Fix memleak on sequence of probes (git-fixes). * media: dw2102: Fix use after free (git-fixes). * media: dw2102: make dvb_usb_device_description structures const (git-fixes). * media: m920x: do not use stack on USB reads (git-fixes). * media: rc: do not remove first bit if leader pulse is present (git-fixes). * media: rc: ir-rc6-decoder: enable toggle bit for Kathrein RCU-676 remote (git-fixes). * media: usb: dvd-usb: fix uninit-value bug in dibusb_read_eeprom_byte() (git- fixes). * media: uvcvideo: Set capability in s_param (git-fixes). * net: bonding: debug: avoid printing debug logs when bond is not notifying peers (git-fixes). * net: fec: add missed clk_disable_unprepare in remove (git-fixes). * net: fec: Better handle pm_runtime_get() failing in .remove() (git-fixes). * net: fec: fix clock count mis-match (git-fixes). * net: fec: fix use-after-free in fec_drv_remove (git-fixes). * net: hisilicon: Fix dma_map_single failed on arm64 (git-fixes). * net: hisilicon: fix hip04-xmit never return TX_BUSY (git-fixes). * net: hisilicon: Fix usage of uninitialized variable in function mdio_sc_cfg_reg_write() (git-fixes). * net: hisilicon: make hip04_tx_reclaim non-reentrant (git-fixes). * net: hns3: add compatible handling for MAC VLAN switch parameter configuration (git-fixes). * net: hns3: not allow SSU loopback while execute ethtool -t dev (git-fixes). * net: lpc-enet: fix printk format strings (git-fixes). * net: nfc: llcp: Add lock when modifying device list (git-fixes). * net: phy: dp83867: enable robust auto-mdix (git-fixes). * net: phy: initialise phydev speed and duplex sanely (git-fixes). * net: sfp: add mutex to prevent concurrent state checks (git-fixes). * net: tundra: tsi108: use spin_lock_irqsave instead of spin_lock_irq in IRQ context (git-fixes). * net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes). * net/mlx5e: ethtool, Avoid setting speed to 56GBASE when autoneg off (git- fixes). * net/sched: tcindex: search key must be 16 bits (git-fixes). * nfsd: Do not refuse to serve out of cache (bsc#1220957). * PCI: Prevent xHCI driver from claiming AMD VanGogh USB3 DRD device (git- fixes). * Revert "md/raid5: Wait for MD_SB_CHANGE_PENDING in raid5d" (git-fixes). * Revert "wcn36xx: Disable bmps when encryption is disabled" (git-fixes). * s390: use the correct count for __iowrite64_copy() (git-fixes bsc#1220607). * stmmac: fix potential division by 0 (git-fixes). * tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (bsc#1218450). * usb: host: fotg210: fix the actual_length of an iso packet (git-fixes). * usb: host: fotg210: fix the endpoint's transactional opportunities calculation (git-fixes). * usb: hub: check for alternate port before enabling A_ALT_HNP_SUPPORT (bsc#1218527). * usb: musb: dsps: Fix the probe error path (git-fixes). * usb: musb: musb_dsps: request_irq() after initializing musb (git-fixes). * usb: musb: tusb6010: check return value after calling platform_get_resource() (git-fixes). * usb: typec: tcpci: clear the fault status bit (git-fixes). * wcn36xx: Fix (QoS) null data frame bitrate/modulation (git-fixes). * wcn36xx: Fix discarded frames due to wrong sequence number (git-fixes). * wcn36xx: fix RX BD rate mapping for 5GHz legacy rates (git-fixes). * x86/asm: Add _ASM_RIP() macro for x86-64 (%rip) suffix (git-fixes). * x86/bugs: Add asm helpers for executing VERW (bsc#1213456). * x86/bugs: Use ALTERNATIVE() instead of mds_user_clear static key (git- fixes). Also add mds_user_clear to kABI severity as it's used purely for mitigation so it's low risk. * x86/cpu, kvm: Move X86_FEATURE_LFENCE_RDTSC to its native leaf (git-fixes). * x86/entry_32: Add VERW just before userspace transition (git-fixes). * x86/entry_64: Add VERW just before userspace transition (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2024-925=1 SUSE-SLE- SERVER-12-SP5-2024-925=1 * SUSE Linux Enterprise High Availability Extension 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2024-925=1 * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-925=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-925=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-925=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-925=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-925=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * gfs2-kmp-default-4.12.14-122.201.1 * dlm-kmp-default-debuginfo-4.12.14-122.201.1 * kernel-default-base-4.12.14-122.201.1 * kernel-default-debuginfo-4.12.14-122.201.1 * gfs2-kmp-default-debuginfo-4.12.14-122.201.1 * dlm-kmp-default-4.12.14-122.201.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.201.1 * kernel-default-devel-4.12.14-122.201.1 * kernel-default-base-debuginfo-4.12.14-122.201.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.201.1 * kernel-default-debugsource-4.12.14-122.201.1 * kernel-syms-4.12.14-122.201.1 * cluster-md-kmp-default-4.12.14-122.201.1 * ocfs2-kmp-default-4.12.14-122.201.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc ppc64le x86_64) * kernel-default-4.12.14-122.201.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * kernel-macros-4.12.14-122.201.1 * kernel-devel-4.12.14-122.201.1 * kernel-source-4.12.14-122.201.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.201.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (ppc64le s390x x86_64) * gfs2-kmp-default-4.12.14-122.201.1 * dlm-kmp-default-debuginfo-4.12.14-122.201.1 * kernel-default-debuginfo-4.12.14-122.201.1 * gfs2-kmp-default-debuginfo-4.12.14-122.201.1 * dlm-kmp-default-4.12.14-122.201.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.201.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.201.1 * kernel-default-debugsource-4.12.14-122.201.1 * cluster-md-kmp-default-4.12.14-122.201.1 * ocfs2-kmp-default-4.12.14-122.201.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (nosrc) * kernel-default-4.12.14-122.201.1 * SUSE Linux Enterprise Live Patching 12-SP5 (nosrc) * kernel-default-4.12.14-122.201.1 * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kernel-default-kgraft-devel-4.12.14-122.201.1 * kernel-default-kgraft-4.12.14-122.201.1 * kernel-default-debuginfo-4.12.14-122.201.1 * kernel-default-debugsource-4.12.14-122.201.1 * kgraft-patch-4_12_14-122_201-default-1-8.7.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch nosrc) * kernel-docs-4.12.14-122.201.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-4.12.14-122.201.2 * kernel-obs-build-4.12.14-122.201.2 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 nosrc x86_64) * kernel-default-4.12.14-122.201.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * kernel-default-base-4.12.14-122.201.1 * kernel-default-debuginfo-4.12.14-122.201.1 * kernel-default-devel-4.12.14-122.201.1 * kernel-default-base-debuginfo-4.12.14-122.201.1 * kernel-default-debugsource-4.12.14-122.201.1 * kernel-syms-4.12.14-122.201.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * kernel-macros-4.12.14-122.201.1 * kernel-devel-4.12.14-122.201.1 * kernel-source-4.12.14-122.201.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.201.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-4.12.14-122.201.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * kernel-default-base-4.12.14-122.201.1 * kernel-default-debuginfo-4.12.14-122.201.1 * kernel-default-devel-4.12.14-122.201.1 * kernel-default-base-debuginfo-4.12.14-122.201.1 * kernel-default-debugsource-4.12.14-122.201.1 * kernel-syms-4.12.14-122.201.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * kernel-macros-4.12.14-122.201.1 * kernel-devel-4.12.14-122.201.1 * kernel-source-4.12.14-122.201.1 * SUSE Linux Enterprise Server 12 SP5 (s390x) * kernel-default-man-4.12.14-122.201.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.201.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (nosrc) * kernel-default-4.12.14-122.201.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * kernel-default-debugsource-4.12.14-122.201.1 * kernel-default-extra-4.12.14-122.201.1 * kernel-default-extra-debuginfo-4.12.14-122.201.1 * kernel-default-debuginfo-4.12.14-122.201.1 ## References: * https://www.suse.com/security/cve/CVE-2019-25162.html * https://www.suse.com/security/cve/CVE-2020-36777.html * https://www.suse.com/security/cve/CVE-2020-36784.html * https://www.suse.com/security/cve/CVE-2021-33200.html * https://www.suse.com/security/cve/CVE-2021-46906.html * https://www.suse.com/security/cve/CVE-2021-46915.html * https://www.suse.com/security/cve/CVE-2021-46921.html * https://www.suse.com/security/cve/CVE-2021-46924.html * https://www.suse.com/security/cve/CVE-2021-46929.html * https://www.suse.com/security/cve/CVE-2021-46932.html * https://www.suse.com/security/cve/CVE-2021-46953.html * https://www.suse.com/security/cve/CVE-2021-46974.html * https://www.suse.com/security/cve/CVE-2021-46991.html * https://www.suse.com/security/cve/CVE-2021-46992.html * https://www.suse.com/security/cve/CVE-2021-47013.html * https://www.suse.com/security/cve/CVE-2021-47054.html * https://www.suse.com/security/cve/CVE-2021-47076.html * https://www.suse.com/security/cve/CVE-2021-47077.html * https://www.suse.com/security/cve/CVE-2021-47078.html * https://www.suse.com/security/cve/CVE-2022-20154.html * https://www.suse.com/security/cve/CVE-2022-48627.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-35827.html * https://www.suse.com/security/cve/CVE-2023-46343.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52429.html * https://www.suse.com/security/cve/CVE-2023-52443.html * https://www.suse.com/security/cve/CVE-2023-52445.html * https://www.suse.com/security/cve/CVE-2023-52449.html * https://www.suse.com/security/cve/CVE-2023-52451.html * https://www.suse.com/security/cve/CVE-2023-52464.html * https://www.suse.com/security/cve/CVE-2023-52475.html * https://www.suse.com/security/cve/CVE-2023-52478.html * https://www.suse.com/security/cve/CVE-2023-52482.html * https://www.suse.com/security/cve/CVE-2023-52502.html * https://www.suse.com/security/cve/CVE-2023-52530.html * https://www.suse.com/security/cve/CVE-2023-52531.html * https://www.suse.com/security/cve/CVE-2023-52532.html * https://www.suse.com/security/cve/CVE-2023-52574.html * https://www.suse.com/security/cve/CVE-2023-52597.html * https://www.suse.com/security/cve/CVE-2023-52605.html * https://www.suse.com/security/cve/CVE-2024-0607.html * https://www.suse.com/security/cve/CVE-2024-1151.html * https://www.suse.com/security/cve/CVE-2024-23849.html * https://www.suse.com/security/cve/CVE-2024-23851.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26595.html * https://www.suse.com/security/cve/CVE-2024-26600:.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1050549 * https://bugzilla.suse.com/show_bug.cgi?id=1186484 * https://bugzilla.suse.com/show_bug.cgi?id=1200599 * https://bugzilla.suse.com/show_bug.cgi?id=1212514 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1218450 * https://bugzilla.suse.com/show_bug.cgi?id=1218527 * https://bugzilla.suse.com/show_bug.cgi?id=1218915 * https://bugzilla.suse.com/show_bug.cgi?id=1219127 * https://bugzilla.suse.com/show_bug.cgi?id=1219146 * https://bugzilla.suse.com/show_bug.cgi?id=1219295 * https://bugzilla.suse.com/show_bug.cgi?id=1219653 * https://bugzilla.suse.com/show_bug.cgi?id=1219827 * https://bugzilla.suse.com/show_bug.cgi?id=1219835 * https://bugzilla.suse.com/show_bug.cgi?id=1220187 * https://bugzilla.suse.com/show_bug.cgi?id=1220238 * https://bugzilla.suse.com/show_bug.cgi?id=1220240 * https://bugzilla.suse.com/show_bug.cgi?id=1220241 * https://bugzilla.suse.com/show_bug.cgi?id=1220250 * https://bugzilla.suse.com/show_bug.cgi?id=1220330 * https://bugzilla.suse.com/show_bug.cgi?id=1220340 * https://bugzilla.suse.com/show_bug.cgi?id=1220344 * https://bugzilla.suse.com/show_bug.cgi?id=1220409 * https://bugzilla.suse.com/show_bug.cgi?id=1220421 * https://bugzilla.suse.com/show_bug.cgi?id=1220436 * https://bugzilla.suse.com/show_bug.cgi?id=1220444 * https://bugzilla.suse.com/show_bug.cgi?id=1220459 * https://bugzilla.suse.com/show_bug.cgi?id=1220468 * https://bugzilla.suse.com/show_bug.cgi?id=1220482 * https://bugzilla.suse.com/show_bug.cgi?id=1220526 * https://bugzilla.suse.com/show_bug.cgi?id=1220570 * https://bugzilla.suse.com/show_bug.cgi?id=1220575 * https://bugzilla.suse.com/show_bug.cgi?id=1220599 * https://bugzilla.suse.com/show_bug.cgi?id=1220607 * https://bugzilla.suse.com/show_bug.cgi?id=1220613 * https://bugzilla.suse.com/show_bug.cgi?id=1220638 * https://bugzilla.suse.com/show_bug.cgi?id=1220641 * https://bugzilla.suse.com/show_bug.cgi?id=1220649 * https://bugzilla.suse.com/show_bug.cgi?id=1220700 * https://bugzilla.suse.com/show_bug.cgi?id=1220735 * https://bugzilla.suse.com/show_bug.cgi?id=1220767 * https://bugzilla.suse.com/show_bug.cgi?id=1220796 * https://bugzilla.suse.com/show_bug.cgi?id=1220825 * https://bugzilla.suse.com/show_bug.cgi?id=1220831 * https://bugzilla.suse.com/show_bug.cgi?id=1220845 * https://bugzilla.suse.com/show_bug.cgi?id=1220860 * https://bugzilla.suse.com/show_bug.cgi?id=1220861 * https://bugzilla.suse.com/show_bug.cgi?id=1220863 * https://bugzilla.suse.com/show_bug.cgi?id=1220870 * https://bugzilla.suse.com/show_bug.cgi?id=1220930 * https://bugzilla.suse.com/show_bug.cgi?id=1220931 * https://bugzilla.suse.com/show_bug.cgi?id=1220932 * https://bugzilla.suse.com/show_bug.cgi?id=1220957 * https://bugzilla.suse.com/show_bug.cgi?id=1221039 * https://bugzilla.suse.com/show_bug.cgi?id=1221040 * https://bugzilla.suse.com/show_bug.cgi?id=1221287 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:32:31 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:32:31 -0000 Subject: SUSE-SU-2024:0922-1: important: Security update for openvswitch Message-ID: <171111075148.3825.522134187696003629@smelt2.prg2.suse.org> # Security update for openvswitch Announcement ID: SUSE-SU-2024:0922-1 Rating: important References: * bsc#1219465 Cross-References: * CVE-2023-3966 CVSS scores: * CVE-2023-3966 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for openvswitch fixes the following issues: * CVE-2023-3966: Fixed invalid memory access in Geneve with HW offload (bsc#1219465). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-922=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-922=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-922=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-922=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-922=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * libopenvswitch-2_14-0-debuginfo-2.14.2-150300.19.20.1 * openvswitch-2.14.2-150300.19.20.1 * ovn-host-20.06.2-150300.19.20.1 * openvswitch-debugsource-2.14.2-150300.19.20.1 * ovn-central-20.06.2-150300.19.20.1 * python3-ovs-2.14.2-150300.19.20.1 * ovn-docker-20.06.2-150300.19.20.1 * libovn-20_06-0-20.06.2-150300.19.20.1 * openvswitch-test-2.14.2-150300.19.20.1 * openvswitch-pki-2.14.2-150300.19.20.1 * ovn-20.06.2-150300.19.20.1 * openvswitch-devel-2.14.2-150300.19.20.1 * ovn-vtep-20.06.2-150300.19.20.1 * libovn-20_06-0-debuginfo-20.06.2-150300.19.20.1 * openvswitch-test-debuginfo-2.14.2-150300.19.20.1 * ovn-central-debuginfo-20.06.2-150300.19.20.1 * ovn-host-debuginfo-20.06.2-150300.19.20.1 * openvswitch-vtep-2.14.2-150300.19.20.1 * openvswitch-ipsec-2.14.2-150300.19.20.1 * ovn-debuginfo-20.06.2-150300.19.20.1 * ovn-vtep-debuginfo-20.06.2-150300.19.20.1 * openvswitch-debuginfo-2.14.2-150300.19.20.1 * libopenvswitch-2_14-0-2.14.2-150300.19.20.1 * openvswitch-vtep-debuginfo-2.14.2-150300.19.20.1 * ovn-devel-20.06.2-150300.19.20.1 * openSUSE Leap 15.3 (noarch) * ovn-doc-20.06.2-150300.19.20.1 * openvswitch-doc-2.14.2-150300.19.20.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libopenvswitch-2_14-0-debuginfo-2.14.2-150300.19.20.1 * openvswitch-2.14.2-150300.19.20.1 * ovn-host-20.06.2-150300.19.20.1 * openvswitch-debugsource-2.14.2-150300.19.20.1 * ovn-central-20.06.2-150300.19.20.1 * python3-ovs-2.14.2-150300.19.20.1 * ovn-docker-20.06.2-150300.19.20.1 * libovn-20_06-0-20.06.2-150300.19.20.1 * openvswitch-test-2.14.2-150300.19.20.1 * openvswitch-pki-2.14.2-150300.19.20.1 * ovn-20.06.2-150300.19.20.1 * openvswitch-devel-2.14.2-150300.19.20.1 * ovn-vtep-20.06.2-150300.19.20.1 * libovn-20_06-0-debuginfo-20.06.2-150300.19.20.1 * openvswitch-test-debuginfo-2.14.2-150300.19.20.1 * ovn-central-debuginfo-20.06.2-150300.19.20.1 * ovn-host-debuginfo-20.06.2-150300.19.20.1 * openvswitch-vtep-2.14.2-150300.19.20.1 * openvswitch-ipsec-2.14.2-150300.19.20.1 * ovn-debuginfo-20.06.2-150300.19.20.1 * ovn-vtep-debuginfo-20.06.2-150300.19.20.1 * openvswitch-debuginfo-2.14.2-150300.19.20.1 * libopenvswitch-2_14-0-2.14.2-150300.19.20.1 * openvswitch-vtep-debuginfo-2.14.2-150300.19.20.1 * ovn-devel-20.06.2-150300.19.20.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libopenvswitch-2_14-0-debuginfo-2.14.2-150300.19.20.1 * openvswitch-2.14.2-150300.19.20.1 * ovn-host-20.06.2-150300.19.20.1 * openvswitch-debugsource-2.14.2-150300.19.20.1 * ovn-central-20.06.2-150300.19.20.1 * python3-ovs-2.14.2-150300.19.20.1 * ovn-docker-20.06.2-150300.19.20.1 * libovn-20_06-0-20.06.2-150300.19.20.1 * openvswitch-test-2.14.2-150300.19.20.1 * openvswitch-pki-2.14.2-150300.19.20.1 * ovn-20.06.2-150300.19.20.1 * openvswitch-devel-2.14.2-150300.19.20.1 * ovn-vtep-20.06.2-150300.19.20.1 * libovn-20_06-0-debuginfo-20.06.2-150300.19.20.1 * openvswitch-test-debuginfo-2.14.2-150300.19.20.1 * ovn-central-debuginfo-20.06.2-150300.19.20.1 * ovn-host-debuginfo-20.06.2-150300.19.20.1 * openvswitch-vtep-2.14.2-150300.19.20.1 * openvswitch-ipsec-2.14.2-150300.19.20.1 * ovn-debuginfo-20.06.2-150300.19.20.1 * ovn-vtep-debuginfo-20.06.2-150300.19.20.1 * openvswitch-debuginfo-2.14.2-150300.19.20.1 * libopenvswitch-2_14-0-2.14.2-150300.19.20.1 * openvswitch-vtep-debuginfo-2.14.2-150300.19.20.1 * ovn-devel-20.06.2-150300.19.20.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libopenvswitch-2_14-0-debuginfo-2.14.2-150300.19.20.1 * openvswitch-2.14.2-150300.19.20.1 * ovn-host-20.06.2-150300.19.20.1 * openvswitch-debugsource-2.14.2-150300.19.20.1 * ovn-central-20.06.2-150300.19.20.1 * python3-ovs-2.14.2-150300.19.20.1 * ovn-docker-20.06.2-150300.19.20.1 * libovn-20_06-0-20.06.2-150300.19.20.1 * openvswitch-test-2.14.2-150300.19.20.1 * openvswitch-pki-2.14.2-150300.19.20.1 * ovn-20.06.2-150300.19.20.1 * openvswitch-devel-2.14.2-150300.19.20.1 * ovn-vtep-20.06.2-150300.19.20.1 * libovn-20_06-0-debuginfo-20.06.2-150300.19.20.1 * openvswitch-test-debuginfo-2.14.2-150300.19.20.1 * ovn-central-debuginfo-20.06.2-150300.19.20.1 * ovn-host-debuginfo-20.06.2-150300.19.20.1 * openvswitch-vtep-2.14.2-150300.19.20.1 * openvswitch-ipsec-2.14.2-150300.19.20.1 * ovn-debuginfo-20.06.2-150300.19.20.1 * ovn-vtep-debuginfo-20.06.2-150300.19.20.1 * openvswitch-debuginfo-2.14.2-150300.19.20.1 * libopenvswitch-2_14-0-2.14.2-150300.19.20.1 * openvswitch-vtep-debuginfo-2.14.2-150300.19.20.1 * ovn-devel-20.06.2-150300.19.20.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libopenvswitch-2_14-0-debuginfo-2.14.2-150300.19.20.1 * openvswitch-2.14.2-150300.19.20.1 * ovn-host-20.06.2-150300.19.20.1 * openvswitch-debugsource-2.14.2-150300.19.20.1 * ovn-central-20.06.2-150300.19.20.1 * python3-ovs-2.14.2-150300.19.20.1 * ovn-docker-20.06.2-150300.19.20.1 * libovn-20_06-0-20.06.2-150300.19.20.1 * openvswitch-test-2.14.2-150300.19.20.1 * openvswitch-pki-2.14.2-150300.19.20.1 * ovn-20.06.2-150300.19.20.1 * openvswitch-devel-2.14.2-150300.19.20.1 * ovn-vtep-20.06.2-150300.19.20.1 * libovn-20_06-0-debuginfo-20.06.2-150300.19.20.1 * openvswitch-test-debuginfo-2.14.2-150300.19.20.1 * ovn-central-debuginfo-20.06.2-150300.19.20.1 * ovn-host-debuginfo-20.06.2-150300.19.20.1 * openvswitch-vtep-2.14.2-150300.19.20.1 * openvswitch-ipsec-2.14.2-150300.19.20.1 * ovn-debuginfo-20.06.2-150300.19.20.1 * ovn-vtep-debuginfo-20.06.2-150300.19.20.1 * openvswitch-debuginfo-2.14.2-150300.19.20.1 * libopenvswitch-2_14-0-2.14.2-150300.19.20.1 * openvswitch-vtep-debuginfo-2.14.2-150300.19.20.1 * ovn-devel-20.06.2-150300.19.20.1 ## References: * https://www.suse.com/security/cve/CVE-2023-3966.html * https://bugzilla.suse.com/show_bug.cgi?id=1219465 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:32:33 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:32:33 -0000 Subject: SUSE-SU-2024:0921-1: moderate: Security update for ghostscript Message-ID: <171111075367.3825.14082461367319487902@smelt2.prg2.suse.org> # Security update for ghostscript Announcement ID: SUSE-SU-2024:0921-1 Rating: moderate References: * bsc#1219357 * bsc#1219554 Cross-References: * CVE-2020-36773 CVSS scores: * CVE-2020-36773 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H * CVE-2020-36773 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for ghostscript fixes the following issues: * Fixed segfaults in gs_heap_free_object() ? ref:_00D1igLOd._500Tr4BRgx:ref (bsc#1219357). Previously fixed security issue: * CVE-2020-36773: Fixed out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) (bsc#1219554). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-921=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-921=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-921=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-921=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * ghostscript-debuginfo-9.52-23.71.1 * ghostscript-debugsource-9.52-23.71.1 * ghostscript-devel-9.52-23.71.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * ghostscript-x11-9.52-23.71.1 * ghostscript-x11-debuginfo-9.52-23.71.1 * ghostscript-devel-9.52-23.71.1 * ghostscript-debuginfo-9.52-23.71.1 * ghostscript-9.52-23.71.1 * ghostscript-debugsource-9.52-23.71.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-9.52-23.71.1 * ghostscript-x11-debuginfo-9.52-23.71.1 * ghostscript-devel-9.52-23.71.1 * ghostscript-debuginfo-9.52-23.71.1 * ghostscript-9.52-23.71.1 * ghostscript-debugsource-9.52-23.71.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * ghostscript-x11-9.52-23.71.1 * ghostscript-x11-debuginfo-9.52-23.71.1 * ghostscript-devel-9.52-23.71.1 * ghostscript-debuginfo-9.52-23.71.1 * ghostscript-9.52-23.71.1 * ghostscript-debugsource-9.52-23.71.1 ## References: * https://www.suse.com/security/cve/CVE-2020-36773.html * https://bugzilla.suse.com/show_bug.cgi?id=1219357 * https://bugzilla.suse.com/show_bug.cgi?id=1219554 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:32:35 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:32:35 -0000 Subject: SUSE-SU-2024:0920-1: moderate: Security update for ghostscript Message-ID: <171111075529.3825.15719327266480713446@smelt2.prg2.suse.org> # Security update for ghostscript Announcement ID: SUSE-SU-2024:0920-1 Rating: moderate References: * bsc#1219357 * bsc#1219554 Cross-References: * CVE-2020-36773 CVSS scores: * CVE-2020-36773 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H * CVE-2020-36773 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for ghostscript fixes the following issues: * Fixed segfaults in gs_heap_free_object() ? ref:_00D1igLOd._500Tr4BRgx:ref (bsc#1219357). Previously fixed security issue: * CVE-2020-36773: Fixed out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) (bsc#1219554). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-920=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-920=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.185.1 * ghostscript-9.52-150000.185.1 * ghostscript-debugsource-9.52-150000.185.1 * ghostscript-devel-9.52-150000.185.1 * ghostscript-debuginfo-9.52-150000.185.1 * ghostscript-x11-9.52-150000.185.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * ghostscript-x11-debuginfo-9.52-150000.185.1 * ghostscript-9.52-150000.185.1 * ghostscript-debugsource-9.52-150000.185.1 * ghostscript-devel-9.52-150000.185.1 * ghostscript-debuginfo-9.52-150000.185.1 * ghostscript-x11-9.52-150000.185.1 ## References: * https://www.suse.com/security/cve/CVE-2020-36773.html * https://bugzilla.suse.com/show_bug.cgi?id=1219357 * https://bugzilla.suse.com/show_bug.cgi?id=1219554 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:32:37 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:32:37 -0000 Subject: SUSE-RU-2024:0919-1: moderate: Recommended update for libtcnative-1-0 Message-ID: <171111075782.3825.14986681551857453111@smelt2.prg2.suse.org> # Recommended update for libtcnative-1-0 Announcement ID: SUSE-RU-2024:0919-1 Rating: moderate References: * bsc#1221198 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * Web and Scripting Module 15-SP5 An update that has one fix can now be installed. ## Description: This update of libtcnative-1-0 rebuilds it against a TLS 1.3 capable openssl 1.1, enabling TLS 1.3 support. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-919=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-919=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-919=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-919=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-919=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-919=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-919=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-919=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-919=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-919=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-919=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-919=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-919=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-919=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-919=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libtcnative-1-0-debuginfo-1.2.38-150200.6.2.1 * libtcnative-1-0-debugsource-1.2.38-150200.6.2.1 * libtcnative-1-0-devel-1.2.38-150200.6.2.1 * libtcnative-1-0-1.2.38-150200.6.2.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libtcnative-1-0-debuginfo-1.2.38-150200.6.2.1 * libtcnative-1-0-debugsource-1.2.38-150200.6.2.1 * libtcnative-1-0-devel-1.2.38-150200.6.2.1 * libtcnative-1-0-1.2.38-150200.6.2.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libtcnative-1-0-debuginfo-1.2.38-150200.6.2.1 * libtcnative-1-0-debugsource-1.2.38-150200.6.2.1 * libtcnative-1-0-1.2.38-150200.6.2.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libtcnative-1-0-debuginfo-1.2.38-150200.6.2.1 * libtcnative-1-0-debugsource-1.2.38-150200.6.2.1 * libtcnative-1-0-devel-1.2.38-150200.6.2.1 * libtcnative-1-0-1.2.38-150200.6.2.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libtcnative-1-0-debuginfo-1.2.38-150200.6.2.1 * libtcnative-1-0-debugsource-1.2.38-150200.6.2.1 * libtcnative-1-0-devel-1.2.38-150200.6.2.1 * libtcnative-1-0-1.2.38-150200.6.2.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libtcnative-1-0-debuginfo-1.2.38-150200.6.2.1 * libtcnative-1-0-debugsource-1.2.38-150200.6.2.1 * libtcnative-1-0-devel-1.2.38-150200.6.2.1 * libtcnative-1-0-1.2.38-150200.6.2.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libtcnative-1-0-debuginfo-1.2.38-150200.6.2.1 * libtcnative-1-0-debugsource-1.2.38-150200.6.2.1 * libtcnative-1-0-devel-1.2.38-150200.6.2.1 * libtcnative-1-0-1.2.38-150200.6.2.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libtcnative-1-0-debuginfo-1.2.38-150200.6.2.1 * libtcnative-1-0-debugsource-1.2.38-150200.6.2.1 * libtcnative-1-0-devel-1.2.38-150200.6.2.1 * libtcnative-1-0-1.2.38-150200.6.2.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libtcnative-1-0-debuginfo-1.2.38-150200.6.2.1 * libtcnative-1-0-debugsource-1.2.38-150200.6.2.1 * libtcnative-1-0-devel-1.2.38-150200.6.2.1 * libtcnative-1-0-1.2.38-150200.6.2.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libtcnative-1-0-debuginfo-1.2.38-150200.6.2.1 * libtcnative-1-0-debugsource-1.2.38-150200.6.2.1 * libtcnative-1-0-devel-1.2.38-150200.6.2.1 * libtcnative-1-0-1.2.38-150200.6.2.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libtcnative-1-0-debuginfo-1.2.38-150200.6.2.1 * libtcnative-1-0-debugsource-1.2.38-150200.6.2.1 * libtcnative-1-0-devel-1.2.38-150200.6.2.1 * libtcnative-1-0-1.2.38-150200.6.2.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libtcnative-1-0-debuginfo-1.2.38-150200.6.2.1 * libtcnative-1-0-debugsource-1.2.38-150200.6.2.1 * libtcnative-1-0-1.2.38-150200.6.2.1 * Web and Scripting Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libtcnative-1-0-debuginfo-1.2.38-150200.6.2.1 * libtcnative-1-0-debugsource-1.2.38-150200.6.2.1 * libtcnative-1-0-devel-1.2.38-150200.6.2.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libtcnative-1-0-debuginfo-1.2.38-150200.6.2.1 * libtcnative-1-0-debugsource-1.2.38-150200.6.2.1 * libtcnative-1-0-devel-1.2.38-150200.6.2.1 * libtcnative-1-0-1.2.38-150200.6.2.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libtcnative-1-0-debuginfo-1.2.38-150200.6.2.1 * libtcnative-1-0-debugsource-1.2.38-150200.6.2.1 * libtcnative-1-0-devel-1.2.38-150200.6.2.1 * libtcnative-1-0-1.2.38-150200.6.2.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1221198 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:32:40 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:32:40 -0000 Subject: SUSE-SU-2024:0917-1: moderate: Security update for ucode-intel Message-ID: <171111076074.3825.9397680797742680032@smelt2.prg2.suse.org> # Security update for ucode-intel Announcement ID: SUSE-SU-2024:0917-1 Rating: moderate References: * bsc#1221323 Cross-References: * CVE-2023-22655 * CVE-2023-28746 * CVE-2023-38575 * CVE-2023-39368 * CVE-2023-43490 CVSS scores: * CVE-2023-22655 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-38575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-39368 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-43490 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for ucode-intel fixes the following issues: * Updated to Intel CPU Microcode 20240312 release. (bsc#1221323) * CVE-2023-39368: Protection mechanism failure of bus lock regulator for some Intel Processors may allow an unauthenticated user to potentially enable denial of service via network access * CVE-2023-38575: Non-transparent sharing of return predictor targets between contexts in some Intel Processors may allow an authorized user to potentially enable information disclosure via local access. * CVE-2023-28746: Information exposure through microarchitectural state after transient execution from some register files for some Intel Atom Processors may allow an authenticated user to potentially enable information disclosure via local access. * CVE-2023-22655 Protection mechanism failure in some 3rd and 4th Generation Intel Xeon Processors when using Intel SGX or Intel TDX may allow a privileged user to potentially enable escalation of privilege via local access. * CVE-2023-43490: Incorrect calculation in microcode keying mechanism for some Intel Xeon D Processors with Intel? SGX may allow a privileged user to potentially enable information disclosure via local access. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-917=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-917=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-917=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * ucode-intel-debuginfo-20240312-134.1 * ucode-intel-debugsource-20240312-134.1 * ucode-intel-20240312-134.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * ucode-intel-debuginfo-20240312-134.1 * ucode-intel-debugsource-20240312-134.1 * ucode-intel-20240312-134.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * ucode-intel-debuginfo-20240312-134.1 * ucode-intel-debugsource-20240312-134.1 * ucode-intel-20240312-134.1 ## References: * https://www.suse.com/security/cve/CVE-2023-22655.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-38575.html * https://www.suse.com/security/cve/CVE-2023-39368.html * https://www.suse.com/security/cve/CVE-2023-43490.html * https://bugzilla.suse.com/show_bug.cgi?id=1221323 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 12:32:39 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 12:32:39 -0000 Subject: SUSE-RU-2024:0918-1: moderate: Recommended update for openssh8.4 Message-ID: <171111075954.3825.2796103061622029957@smelt2.prg2.suse.org> # Recommended update for openssh8.4 Announcement ID: SUSE-RU-2024:0918-1 Rating: moderate References: * bsc#1220110 * jsc#SLE-24929 * jsc#SLE-9443 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that contains two features and has one fix can now be installed. ## Description: This update for libcbor, libfido2, openssh8.4 fixes the following issues: This update brings a parallel installable version of openssh 8.4 (same as SUSE Linux Enterprise 15 version). This release contains: * added cryptographic ciphers required by various compliance standards * FIDO key support * more The default openssh is kept as there might be incompatibilities between configurations. A transition to openssh 8.4 needs to be triggered manually by doing: zypper in openssh8.4-server zypper in openssh8.4-clients When zypper prompts you, select deinstallation of the regular openssh and installation of the new openssh8.4 packages. After doing this review if the service starts or if it needs configuration adjustments. If sshd.service was default enabled before, you will need to also enable it again doing these once: systemctl enable sshd.service systemctl start sshd.service This update also shops libfido2 supporting the FIDO keys. openssh was also enhanced to: * Add conflicts with openssh8.4-(server|clients|common) packages to make the downgrading from openssh 8.4 back to 7.2 easier (SLE-24929, bsc#1201750) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-918=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-918=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-918=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-918=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libfido2-devel-1.5.0-8.3.22 * libcbor-devel-0.5.0-8.3.20 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * openssh8.4-askpass-gnome-debuginfo-8.4p1-8.10.1 * openssh8.4-clients-8.4p1-8.10.1 * openssh8.4-common-debuginfo-8.4p1-8.10.1 * openssh8.4-common-8.4p1-8.10.1 * openssh8.4-fips-8.4p1-8.10.1 * libcbor0-debuginfo-0.5.0-8.3.20 * libfido2-utils-debuginfo-1.5.0-8.3.22 * libfido2-debugsource-1.5.0-8.3.22 * libfido2-1-debuginfo-1.5.0-8.3.22 * openssh8.4-helpers-8.4p1-8.10.1 * openssh8.4-debugsource-8.4p1-8.10.1 * libcbor0-0.5.0-8.3.20 * openssh8.4-helpers-debuginfo-8.4p1-8.10.1 * libfido2-utils-1.5.0-8.3.22 * openssh8.4-8.4p1-8.10.1 * openssh8.4-server-debuginfo-8.4p1-8.10.1 * openssh8.4-askpass-gnome-debugsource-8.4p1-8.10.1 * libfido2-1-1.5.0-8.3.22 * openssh8.4-server-8.4p1-8.10.1 * openssh8.4-askpass-gnome-8.4p1-8.10.1 * openssh8.4-clients-debuginfo-8.4p1-8.10.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * libfido2-udev-1.5.0-8.3.22 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * openssh8.4-askpass-gnome-debuginfo-8.4p1-8.10.1 * openssh8.4-clients-8.4p1-8.10.1 * openssh8.4-common-debuginfo-8.4p1-8.10.1 * openssh8.4-common-8.4p1-8.10.1 * openssh8.4-fips-8.4p1-8.10.1 * libcbor0-debuginfo-0.5.0-8.3.20 * libfido2-utils-debuginfo-1.5.0-8.3.22 * libfido2-debugsource-1.5.0-8.3.22 * libfido2-1-debuginfo-1.5.0-8.3.22 * openssh8.4-helpers-8.4p1-8.10.1 * openssh8.4-debugsource-8.4p1-8.10.1 * libcbor0-0.5.0-8.3.20 * openssh8.4-helpers-debuginfo-8.4p1-8.10.1 * libfido2-utils-1.5.0-8.3.22 * openssh8.4-8.4p1-8.10.1 * openssh8.4-server-debuginfo-8.4p1-8.10.1 * openssh8.4-askpass-gnome-debugsource-8.4p1-8.10.1 * libfido2-1-1.5.0-8.3.22 * openssh8.4-server-8.4p1-8.10.1 * openssh8.4-askpass-gnome-8.4p1-8.10.1 * openssh8.4-clients-debuginfo-8.4p1-8.10.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * libfido2-udev-1.5.0-8.3.22 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * openssh8.4-askpass-gnome-debuginfo-8.4p1-8.10.1 * openssh8.4-clients-8.4p1-8.10.1 * openssh8.4-common-debuginfo-8.4p1-8.10.1 * openssh8.4-common-8.4p1-8.10.1 * openssh8.4-fips-8.4p1-8.10.1 * libcbor0-debuginfo-0.5.0-8.3.20 * libfido2-utils-debuginfo-1.5.0-8.3.22 * libfido2-debugsource-1.5.0-8.3.22 * libfido2-1-debuginfo-1.5.0-8.3.22 * openssh8.4-helpers-8.4p1-8.10.1 * openssh8.4-debugsource-8.4p1-8.10.1 * libcbor0-0.5.0-8.3.20 * openssh8.4-helpers-debuginfo-8.4p1-8.10.1 * libfido2-utils-1.5.0-8.3.22 * openssh8.4-8.4p1-8.10.1 * openssh8.4-server-debuginfo-8.4p1-8.10.1 * openssh8.4-askpass-gnome-debugsource-8.4p1-8.10.1 * libfido2-1-1.5.0-8.3.22 * openssh8.4-server-8.4p1-8.10.1 * openssh8.4-askpass-gnome-8.4p1-8.10.1 * openssh8.4-clients-debuginfo-8.4p1-8.10.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * libfido2-udev-1.5.0-8.3.22 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1220110 * https://jira.suse.com/browse/SLE-24929 * https://jira.suse.com/browse/SLE-9443 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 22 16:30:12 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 22 Mar 2024 16:30:12 -0000 Subject: SUSE-SU-2024:0977-1: important: Security update for the Linux Kernel Message-ID: <171112501284.23592.7461250458892379338@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:0977-1 Rating: important References: * bsc#1211515 * bsc#1213456 * bsc#1214064 * bsc#1218195 * bsc#1218216 * bsc#1218562 * bsc#1218915 * bsc#1219073 * bsc#1219126 * bsc#1219127 * bsc#1219146 * bsc#1219295 * bsc#1219633 * bsc#1219653 * bsc#1219827 * bsc#1219835 * bsc#1220009 * bsc#1220140 * bsc#1220187 * bsc#1220238 * bsc#1220240 * bsc#1220241 * bsc#1220243 * bsc#1220250 * bsc#1220251 * bsc#1220253 * bsc#1220254 * bsc#1220255 * bsc#1220257 * bsc#1220326 * bsc#1220328 * bsc#1220330 * bsc#1220335 * bsc#1220344 * bsc#1220350 * bsc#1220364 * bsc#1220398 * bsc#1220409 * bsc#1220433 * bsc#1220444 * bsc#1220457 * bsc#1220459 * bsc#1220469 * bsc#1220649 * bsc#1220735 * bsc#1220736 * bsc#1220796 * bsc#1220797 * bsc#1220825 * bsc#1220845 * bsc#1220917 * bsc#1220930 * bsc#1220931 * bsc#1220933 Cross-References: * CVE-2019-25162 * CVE-2021-46923 * CVE-2021-46924 * CVE-2021-46932 * CVE-2021-46934 * CVE-2021-47083 * CVE-2022-48627 * CVE-2023-28746 * CVE-2023-5197 * CVE-2023-52340 * CVE-2023-52429 * CVE-2023-52439 * CVE-2023-52443 * CVE-2023-52445 * CVE-2023-52447 * CVE-2023-52448 * CVE-2023-52449 * CVE-2023-52451 * CVE-2023-52452 * CVE-2023-52456 * CVE-2023-52457 * CVE-2023-52463 * CVE-2023-52464 * CVE-2023-52467 * CVE-2023-52475 * CVE-2023-52478 * CVE-2023-52482 * CVE-2023-52484 * CVE-2023-52530 * CVE-2023-52531 * CVE-2023-52559 * CVE-2023-6270 * CVE-2023-6817 * CVE-2024-0607 * CVE-2024-1151 * CVE-2024-23849 * CVE-2024-23850 * CVE-2024-23851 * CVE-2024-26585 * CVE-2024-26586 * CVE-2024-26589 * CVE-2024-26591 * CVE-2024-26593 * CVE-2024-26595 * CVE-2024-26598 * CVE-2024-26602 * CVE-2024-26603 * CVE-2024-26607 * CVE-2024-26622 CVSS scores: * CVE-2019-25162 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46923 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46924 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46932 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-46934 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-47083 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2022-48627 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-5197 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-5197 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52439 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52439 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52443 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52443 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52445 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52445 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52448 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52448 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52449 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52451 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52451 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52452 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52452 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52456 ( SUSE ): 4.0 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52457 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52463 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52464 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52467 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52475 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52478 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52482 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-52484 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52530 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52531 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52559 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6817 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6817 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0607 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-0607 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-1151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-23849 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26586 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26586 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26589 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26589 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26591 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26591 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26593 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26607 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves 49 vulnerabilities and has five security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2019-25162: Fixed a potential use after free (bsc#1220409). * CVE-2021-46923: Fixed reference leakage in fs/mount_setattr (bsc#1220457). * CVE-2021-46924: Fixed fix memory leak in device probe and remove (bsc#1220459) * CVE-2021-46932: Fixed missing work initialization before device registration (bsc#1220444) * CVE-2021-46934: Fixed a bug by validating user data in compat ioctl (bsc#1220469). * CVE-2021-47083: Fixed a global-out-of-bounds issue in mediatek: (bsc#1220917). * CVE-2022-48627: Fixed a memory overlapping when deleting chars in the buffer (bsc#1220845). * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-5197: Fixed se-after-free due to addition and removal of rules from chain bindings within the same transaction (bsc#1218216). * CVE-2023-52340: Fixed ICMPv6 ?Packet Too Big? packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295). * CVE-2023-52429: Fixed potential DoS in dm_table_create in drivers/md/dm- table.c (bsc#1219827). * CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140). * CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240). * CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241). * CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251). * CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2_rgrp_dump (bsc#1220253). * CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238). * CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250). * CVE-2023-52452: Fixed Fix accesses to uninit stack slots (bsc#1220257). * CVE-2023-52456: Fixed tx statemachine deadlock (bsc#1220364). * CVE-2023-52457: Fixed skipped resource freeing if pm_runtime_resume_and_get() failed (bsc#1220350). * CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328). * CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330) * CVE-2023-52467: Fixed a null pointer dereference in of_syscon_register (bsc#1220433). * CVE-2023-52475: Fixed use-after-free in powermate_config_complete (bsc#1220649) * CVE-2023-52478: Fixed kernel crash on receiver USB disconnect (bsc#1220796) * CVE-2023-52482: Fixed a bug by adding SRSO mitigation for Hygon processors (bsc#1220735). * CVE-2023-52484: Fixed a soft lockup triggered by arm_smmu_mm_invalidate_range (bsc#1220797). * CVE-2023-52530: Fixed a potential key use-after-free in wifi mac80211 (bsc#1220930). * CVE-2023-52531: Fixed a memory corruption issue in iwlwifi (bsc#1220931). * CVE-2023-52559: Fixed a bug by avoiding memory allocation in iommu_suspend (bsc#1220933). * CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts (bsc#1218562). * CVE-2023-6817: Fixed use-after-free in nft_pipapo_walk (bsc#1218195). * CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915). * CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835). * CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127). * CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126). * CVE-2024-23851: Fixed crash in copy_params in drivers/md/dm-ioctl.c (bsc#1219146). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187). * CVE-2024-26586: Fixed stack corruption (bsc#1220243). * CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255). * CVE-2024-26591: Fixed re-attachment branch in bpf_tracing_prog_attach (bsc#1220254). * CVE-2024-26593: Fixed block process call transactions (bsc#1220009). * CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344). * CVE-2024-26598: Fixed potential UAF in LPI translation cache (bsc#1220326). * CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398). * CVE-2024-26603: Fixed infinite loop via #PF handling (bsc#1220335). * CVE-2024-26607: Fixed a probing race issue in sii902x: (bsc#1220736). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825). The following non-security bugs were fixed: * bpf: fix verification of indirect var-off stack access (git-fixes). * bpf: guard stack limits against 32bit overflow (git-fixes). * drop 2 git-fixes patches which are suspicious to introduce regression reported in bsc#1219073 * fix unresolved hunks in readme.branch * kvm: vmx: move verw closer to vmentry for mds mitigation (git-fixes). * kvm: vmx: use bt+jnc, i.e. eflags.cf to select vmresume vs. vmlaunch (git- fixes). * nfs: avoid infinite loop in pnfs_update_layout (bsc#1219633). * nvme: move nvme_stop_keep_alive() back to original position (bsc#1211515). * nvme: remove nvme_alloc_request and nvme_alloc_request_qid (bsc#1214064). * nvme: start keep-alive after admin queue setup (bsc#1211515). * readme.branch: use correct mail for roy * rpm/kernel-binary.spec.in: install scripts/gdb when enabled in config (bsc#1219653) they are put into -devel subpackage. and a proper link to /usr/share/gdb/auto-load/ is created. * x86/asm: add _asm_rip() macro for x86-64 (%rip) suffix (git-fixes). * x86/bugs: add asm helpers for executing verw (git-fixes). * x86/bugs: use alternative() instead of mds_user_clear static key (git- fixes). also add the removed mds_user_clear symbol to kabi severities as it is exposed just for kvm module and is generally a core kernel component so removing it is low risk. * x86/entry_32: add verw just before userspace transition (git-fixes). * x86/entry_64: Add VERW just before userspace transition (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-977=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-977=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-977=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-977=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-977=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-977=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-977=1 ## Package List: * openSUSE Leap Micro 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.71.1 * openSUSE Leap Micro 5.3 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.71.1 * kernel-rt-debuginfo-5.14.21-150400.15.71.1 * openSUSE Leap Micro 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.71.1 * openSUSE Leap Micro 5.4 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.71.1 * kernel-rt-debuginfo-5.14.21-150400.15.71.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.71.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.71.1 * kernel-rt-debuginfo-5.14.21-150400.15.71.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.71.1 * SUSE Linux Enterprise Micro 5.3 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.71.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.71.1 * kernel-rt-debuginfo-5.14.21-150400.15.71.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * kernel-source-rt-5.14.21-150400.15.71.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.71.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.71.1 * kernel-rt-debuginfo-5.14.21-150400.15.71.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.71.1 * SUSE Linux Enterprise Micro 5.4 (nosrc x86_64) * kernel-rt-5.14.21-150400.15.71.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * kernel-rt-debugsource-5.14.21-150400.15.71.1 * kernel-rt-debuginfo-5.14.21-150400.15.71.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * kernel-source-rt-5.14.21-150400.15.71.1 * SUSE Linux Enterprise Live Patching 15-SP4 (x86_64) * kernel-livepatch-5_14_21-150400_15_71-rt-1-150400.1.3.1 * kernel-livepatch-SLE15-SP4-RT_Update_19-debugsource-1-150400.1.3.1 * kernel-livepatch-5_14_21-150400_15_71-rt-debuginfo-1-150400.1.3.1 ## References: * https://www.suse.com/security/cve/CVE-2019-25162.html * https://www.suse.com/security/cve/CVE-2021-46923.html * https://www.suse.com/security/cve/CVE-2021-46924.html * https://www.suse.com/security/cve/CVE-2021-46932.html * https://www.suse.com/security/cve/CVE-2021-46934.html * https://www.suse.com/security/cve/CVE-2021-47083.html * https://www.suse.com/security/cve/CVE-2022-48627.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-5197.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52429.html * https://www.suse.com/security/cve/CVE-2023-52439.html * https://www.suse.com/security/cve/CVE-2023-52443.html * https://www.suse.com/security/cve/CVE-2023-52445.html * https://www.suse.com/security/cve/CVE-2023-52447.html * https://www.suse.com/security/cve/CVE-2023-52448.html * https://www.suse.com/security/cve/CVE-2023-52449.html * https://www.suse.com/security/cve/CVE-2023-52451.html * https://www.suse.com/security/cve/CVE-2023-52452.html * https://www.suse.com/security/cve/CVE-2023-52456.html * https://www.suse.com/security/cve/CVE-2023-52457.html * https://www.suse.com/security/cve/CVE-2023-52463.html * https://www.suse.com/security/cve/CVE-2023-52464.html * https://www.suse.com/security/cve/CVE-2023-52467.html * https://www.suse.com/security/cve/CVE-2023-52475.html * https://www.suse.com/security/cve/CVE-2023-52478.html * https://www.suse.com/security/cve/CVE-2023-52482.html * https://www.suse.com/security/cve/CVE-2023-52484.html * https://www.suse.com/security/cve/CVE-2023-52530.html * https://www.suse.com/security/cve/CVE-2023-52531.html * https://www.suse.com/security/cve/CVE-2023-52559.html * https://www.suse.com/security/cve/CVE-2023-6270.html * https://www.suse.com/security/cve/CVE-2023-6817.html * https://www.suse.com/security/cve/CVE-2024-0607.html * https://www.suse.com/security/cve/CVE-2024-1151.html * https://www.suse.com/security/cve/CVE-2024-23849.html * https://www.suse.com/security/cve/CVE-2024-23850.html * https://www.suse.com/security/cve/CVE-2024-23851.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26586.html * https://www.suse.com/security/cve/CVE-2024-26589.html * https://www.suse.com/security/cve/CVE-2024-26591.html * https://www.suse.com/security/cve/CVE-2024-26593.html * https://www.suse.com/security/cve/CVE-2024-26595.html * https://www.suse.com/security/cve/CVE-2024-26598.html * https://www.suse.com/security/cve/CVE-2024-26602.html * https://www.suse.com/security/cve/CVE-2024-26603.html * https://www.suse.com/security/cve/CVE-2024-26607.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1211515 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1214064 * https://bugzilla.suse.com/show_bug.cgi?id=1218195 * https://bugzilla.suse.com/show_bug.cgi?id=1218216 * https://bugzilla.suse.com/show_bug.cgi?id=1218562 * https://bugzilla.suse.com/show_bug.cgi?id=1218915 * https://bugzilla.suse.com/show_bug.cgi?id=1219073 * https://bugzilla.suse.com/show_bug.cgi?id=1219126 * https://bugzilla.suse.com/show_bug.cgi?id=1219127 * https://bugzilla.suse.com/show_bug.cgi?id=1219146 * https://bugzilla.suse.com/show_bug.cgi?id=1219295 * https://bugzilla.suse.com/show_bug.cgi?id=1219633 * https://bugzilla.suse.com/show_bug.cgi?id=1219653 * https://bugzilla.suse.com/show_bug.cgi?id=1219827 * https://bugzilla.suse.com/show_bug.cgi?id=1219835 * https://bugzilla.suse.com/show_bug.cgi?id=1220009 * https://bugzilla.suse.com/show_bug.cgi?id=1220140 * https://bugzilla.suse.com/show_bug.cgi?id=1220187 * https://bugzilla.suse.com/show_bug.cgi?id=1220238 * https://bugzilla.suse.com/show_bug.cgi?id=1220240 * https://bugzilla.suse.com/show_bug.cgi?id=1220241 * https://bugzilla.suse.com/show_bug.cgi?id=1220243 * https://bugzilla.suse.com/show_bug.cgi?id=1220250 * https://bugzilla.suse.com/show_bug.cgi?id=1220251 * https://bugzilla.suse.com/show_bug.cgi?id=1220253 * https://bugzilla.suse.com/show_bug.cgi?id=1220254 * https://bugzilla.suse.com/show_bug.cgi?id=1220255 * https://bugzilla.suse.com/show_bug.cgi?id=1220257 * https://bugzilla.suse.com/show_bug.cgi?id=1220326 * https://bugzilla.suse.com/show_bug.cgi?id=1220328 * https://bugzilla.suse.com/show_bug.cgi?id=1220330 * https://bugzilla.suse.com/show_bug.cgi?id=1220335 * https://bugzilla.suse.com/show_bug.cgi?id=1220344 * https://bugzilla.suse.com/show_bug.cgi?id=1220350 * https://bugzilla.suse.com/show_bug.cgi?id=1220364 * https://bugzilla.suse.com/show_bug.cgi?id=1220398 * https://bugzilla.suse.com/show_bug.cgi?id=1220409 * https://bugzilla.suse.com/show_bug.cgi?id=1220433 * https://bugzilla.suse.com/show_bug.cgi?id=1220444 * https://bugzilla.suse.com/show_bug.cgi?id=1220457 * https://bugzilla.suse.com/show_bug.cgi?id=1220459 * https://bugzilla.suse.com/show_bug.cgi?id=1220469 * https://bugzilla.suse.com/show_bug.cgi?id=1220649 * https://bugzilla.suse.com/show_bug.cgi?id=1220735 * https://bugzilla.suse.com/show_bug.cgi?id=1220736 * https://bugzilla.suse.com/show_bug.cgi?id=1220796 * https://bugzilla.suse.com/show_bug.cgi?id=1220797 * https://bugzilla.suse.com/show_bug.cgi?id=1220825 * https://bugzilla.suse.com/show_bug.cgi?id=1220845 * https://bugzilla.suse.com/show_bug.cgi?id=1220917 * https://bugzilla.suse.com/show_bug.cgi?id=1220930 * https://bugzilla.suse.com/show_bug.cgi?id=1220931 * https://bugzilla.suse.com/show_bug.cgi?id=1220933 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 25 08:30:01 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 25 Mar 2024 08:30:01 -0000 Subject: SUSE-RU-2024:0980-1: moderate: Recommended update for pam-config Message-ID: <171135540167.3668.6158699924652998534@smelt2.prg2.suse.org> # Recommended update for pam-config Announcement ID: SUSE-RU-2024:0980-1 Rating: moderate References: * bsc#1219767 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for pam-config fixes the following issues: * Fix pam_gnome_keyring module for AUTH (bsc#1219767) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-980=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-980=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-980=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-980=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-980=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-980=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-980=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-980=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-980=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-980=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-980=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-980=1 ## Package List: * openSUSE Leap Micro 5.3 (aarch64 x86_64) * pam-config-debuginfo-1.1-150200.3.6.1 * pam-config-1.1-150200.3.6.1 * pam-config-debugsource-1.1-150200.3.6.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * pam-config-debuginfo-1.1-150200.3.6.1 * pam-config-1.1-150200.3.6.1 * pam-config-debugsource-1.1-150200.3.6.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * pam-config-debuginfo-1.1-150200.3.6.1 * pam-config-1.1-150200.3.6.1 * pam-config-debugsource-1.1-150200.3.6.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * pam-config-debuginfo-1.1-150200.3.6.1 * pam-config-1.1-150200.3.6.1 * pam-config-debugsource-1.1-150200.3.6.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * pam-config-debuginfo-1.1-150200.3.6.1 * pam-config-1.1-150200.3.6.1 * pam-config-debugsource-1.1-150200.3.6.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * pam-config-debuginfo-1.1-150200.3.6.1 * pam-config-1.1-150200.3.6.1 * pam-config-debugsource-1.1-150200.3.6.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * pam-config-debuginfo-1.1-150200.3.6.1 * pam-config-1.1-150200.3.6.1 * pam-config-debugsource-1.1-150200.3.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * pam-config-debuginfo-1.1-150200.3.6.1 * pam-config-1.1-150200.3.6.1 * pam-config-debugsource-1.1-150200.3.6.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * pam-config-debuginfo-1.1-150200.3.6.1 * pam-config-1.1-150200.3.6.1 * pam-config-debugsource-1.1-150200.3.6.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * pam-config-debuginfo-1.1-150200.3.6.1 * pam-config-1.1-150200.3.6.1 * pam-config-debugsource-1.1-150200.3.6.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * pam-config-debuginfo-1.1-150200.3.6.1 * pam-config-1.1-150200.3.6.1 * pam-config-debugsource-1.1-150200.3.6.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * pam-config-debuginfo-1.1-150200.3.6.1 * pam-config-1.1-150200.3.6.1 * pam-config-debugsource-1.1-150200.3.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219767 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 25 08:30:03 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 25 Mar 2024 08:30:03 -0000 Subject: SUSE-RU-2024:0979-1: moderate: Recommended update for hawk2 Message-ID: <171135540332.3668.6465851357932990614@smelt2.prg2.suse.org> # Recommended update for hawk2 Announcement ID: SUSE-RU-2024:0979-1 Rating: moderate References: * bsc#1214396 * bsc#1219548 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Availability Extension 15 SP2 * SUSE Linux Enterprise High Availability Extension 15 SP3 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 Business Critical Linux 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 Business Critical Linux 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.1 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.1 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that has two fixes can now be installed. ## Description: This update for hawk2 fixes the following issues: * hawk2 was updated to version 2.6.4+git.1708604510.dc8c081f: * Enable ACL (bsc#1214396,bsc#1219548) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-979=1 * SUSE Linux Enterprise High Availability Extension 15 SP2 zypper in -t patch SUSE-SLE-Product-HA-15-SP2-2024-979=1 * SUSE Linux Enterprise High Availability Extension 15 SP3 zypper in -t patch SUSE-SLE-Product-HA-15-SP3-2024-979=1 * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2024-979=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-979=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * hawk2-2.6.4+git.1708604510.dc8c081f-150000.3.45.1 * hawk2-debugsource-2.6.4+git.1708604510.dc8c081f-150000.3.45.1 * hawk2-debuginfo-2.6.4+git.1708604510.dc8c081f-150000.3.45.1 * SUSE Linux Enterprise High Availability Extension 15 SP2 (aarch64 ppc64le s390x x86_64) * hawk2-2.6.4+git.1708604510.dc8c081f-150000.3.45.1 * hawk2-debugsource-2.6.4+git.1708604510.dc8c081f-150000.3.45.1 * hawk2-debuginfo-2.6.4+git.1708604510.dc8c081f-150000.3.45.1 * SUSE Linux Enterprise High Availability Extension 15 SP3 (aarch64 ppc64le s390x x86_64) * hawk2-2.6.4+git.1708604510.dc8c081f-150000.3.45.1 * hawk2-debugsource-2.6.4+git.1708604510.dc8c081f-150000.3.45.1 * hawk2-debuginfo-2.6.4+git.1708604510.dc8c081f-150000.3.45.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * hawk2-2.6.4+git.1708604510.dc8c081f-150000.3.45.1 * hawk2-debugsource-2.6.4+git.1708604510.dc8c081f-150000.3.45.1 * hawk2-debuginfo-2.6.4+git.1708604510.dc8c081f-150000.3.45.1 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * hawk2-2.6.4+git.1708604510.dc8c081f-150000.3.45.1 * hawk2-debugsource-2.6.4+git.1708604510.dc8c081f-150000.3.45.1 * hawk2-debuginfo-2.6.4+git.1708604510.dc8c081f-150000.3.45.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1214396 * https://bugzilla.suse.com/show_bug.cgi?id=1219548 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 25 08:30:04 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 25 Mar 2024 08:30:04 -0000 Subject: SUSE-RU-2024:0978-1: important: Recommended update for yast2-network Message-ID: <171135540496.3668.11300318905330355299@smelt2.prg2.suse.org> # Recommended update for yast2-network Announcement ID: SUSE-RU-2024:0978-1 Rating: important References: * bsc#1221194 Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that has one fix can now be installed. ## Description: This update for yast2-network fixes the following issues: * Guard secret attributes against leaking to the log (bsc#1221194) * Update to version 4.2.111 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-978=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-978=1 * SUSE Linux Enterprise Server 15 SP2 zypper in -t patch SUSE-SLE-INSTALLER-15-SP2-2024-978=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-978=1 ## Package List: * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * yast2-network-4.2.111-150200.3.80.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * yast2-network-4.2.111-150200.3.80.1 * SUSE Linux Enterprise Server 15 SP2 (noarch) * yast2-network-4.2.111-150200.3.80.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * yast2-network-4.2.111-150200.3.80.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1221194 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 25 12:30:04 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 25 Mar 2024 12:30:04 -0000 Subject: SUSE-RU-2024:0982-1: moderate: Recommended update for systemd-rpm-macros Message-ID: <171136980470.2472.18377800182946153998@smelt2.prg2.suse.org> # Recommended update for systemd-rpm-macros Announcement ID: SUSE-RU-2024:0982-1 Rating: moderate References: * bsc#1217964 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for systemd-rpm-macros fixes the following issue: * Order packages that requires systemd after systemd-sysvcompat if needed. (bsc#1217964) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-982=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-982=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-982=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-982=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-982=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-982=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-982=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-982=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-982=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-982=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-982=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-982=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-982=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-982=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-982=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-982=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-982=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-982=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-982=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-982=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-982=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-982=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-982=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-982=1 ## Package List: * openSUSE Leap Micro 5.3 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * openSUSE Leap Micro 5.4 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * openSUSE Leap 15.5 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * Basesystem Module 15-SP5 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * SUSE Manager Proxy 4.3 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * SUSE Manager Server 4.3 (noarch) * systemd-rpm-macros-15-150000.7.39.1 * SUSE Enterprise Storage 7.1 (noarch) * systemd-rpm-macros-15-150000.7.39.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1217964 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 25 12:30:06 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 25 Mar 2024 12:30:06 -0000 Subject: SUSE-RU-2024:0981-1: important: Recommended update for runc Message-ID: <171136980671.2472.13724229514055732291@smelt2.prg2.suse.org> # Recommended update for runc Announcement ID: SUSE-RU-2024:0981-1 Rating: important References: * bsc#1192051 * bsc#1221050 Affected Products: * Containers Module 12 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has two fixes can now be installed. ## Description: This update for runc fixes the following issues: * Add upstream patch to properly fix -ENOSYS stub on ppc64le. bsc#1192051 bsc#1221050 This allows running 15 sp6 containers on older distributions. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Containers Module 12 zypper in -t patch SUSE-SLE-Module-Containers-12-2024-981=1 ## Package List: * Containers Module 12 (ppc64le s390x x86_64) * runc-1.1.12-16.49.1 * runc-debuginfo-1.1.12-16.49.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1192051 * https://bugzilla.suse.com/show_bug.cgi?id=1221050 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 25 16:30:02 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 25 Mar 2024 16:30:02 -0000 Subject: SUSE-RU-2024:0984-1: important: Recommended update for runc Message-ID: <171138420224.20421.16325874297695990405@smelt2.prg2.suse.org> # Recommended update for runc Announcement ID: SUSE-RU-2024:0984-1 Rating: important References: * bsc#1192051 * bsc#1221050 Affected Products: * Containers Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has two fixes can now be installed. ## Description: This update for runc fixes the following issues: * Add upstream patch to properly fix -ENOSYS stub on ppc64le. bsc#1192051 bsc#1221050 This allows running 15 SP6 containers on older distributions. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-984=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-984=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-984=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-984=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-984=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-984=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-984=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-984=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-984=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-984=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-984=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-984=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-984=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-984=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-984=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-984=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-984=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-984=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-984=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-984=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-984=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-984=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-984=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * runc-debuginfo-1.1.12-150000.64.1 * runc-1.1.12-150000.64.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1192051 * https://bugzilla.suse.com/show_bug.cgi?id=1221050 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 25 16:30:04 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 25 Mar 2024 16:30:04 -0000 Subject: SUSE-SU-2024:0983-1: moderate: Security update for glade Message-ID: <171138420481.20421.2721700903450328335@smelt2.prg2.suse.org> # Security update for glade Announcement ID: SUSE-SU-2024:0983-1 Rating: moderate References: * bsc#1220059 Cross-References: * CVE-2020-36774 CVSS scores: * CVE-2020-36774 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for glade fixes the following issues: * CVE-2020-36774: Fixed crash when rebuilding GladeGtkBox (bsc#1220059). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-983=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libgladeui-2-devel-3.20.0-7.3.1 * typelib-1_0-Gladeui-2_0-3.20.0-7.3.1 * libgladeui-2-6-debuginfo-3.20.0-7.3.1 * glade-3.20.0-7.3.1 * glade-debugsource-3.20.0-7.3.1 * libgladeui-2-6-3.20.0-7.3.1 * glade-debuginfo-3.20.0-7.3.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch) * glade-lang-3.20.0-7.3.1 ## References: * https://www.suse.com/security/cve/CVE-2020-36774.html * https://bugzilla.suse.com/show_bug.cgi?id=1220059 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Mar 25 20:39:06 2024 From: null at suse.de (SLE-UPDATES) Date: Mon, 25 Mar 2024 20:39:06 -0000 Subject: SUSE-RU-2024:0985-1: critical: Recommended update for python-kiwi Message-ID: <171139914625.8967.13895063749740411029@smelt2.prg2.suse.org> # Recommended update for python-kiwi Announcement ID: SUSE-RU-2024:0985-1 Rating: critical References: * bsc#1218095 * bsc#1221469 Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has two fixes can now be installed. ## Description: This update for python-kiwi fixes the following issues: * Make sure temporary modifications to the zipl template and configuration file are not effective in the later system (bsc#1221469) * Differentiate between output and input console settings for grub terminal setup, and run sanity checks on the provided values (bsc#1218095) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-985=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-985=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-985=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-985=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-985=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-985=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-985=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-985=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-985=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-985=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-985=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-985=1 ## Package List: * openSUSE Leap Micro 5.3 (aarch64 x86_64) * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kiwi-systemdeps-filesystems-9.24.43-150100.3.71.1 * kiwi-systemdeps-image-validation-9.24.43-150100.3.71.1 * kiwi-tools-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * kiwi-systemdeps-bootloaders-9.24.43-150100.3.71.1 * kiwi-systemdeps-iso-media-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * python3-kiwi-9.24.43-150100.3.71.1 * kiwi-systemdeps-disk-images-9.24.43-150100.3.71.1 * dracut-kiwi-live-9.24.43-150100.3.71.1 * kiwi-systemdeps-9.24.43-150100.3.71.1 * kiwi-man-pages-9.24.43-150100.3.71.1 * kiwi-tools-debuginfo-9.24.43-150100.3.71.1 * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-overlay-9.24.43-150100.3.71.1 * kiwi-systemdeps-containers-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * kiwi-systemdeps-core-9.24.43-150100.3.71.1 * openSUSE Leap 15.5 (x86_64) * kiwi-pxeboot-9.24.43-150100.3.71.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kiwi-systemdeps-filesystems-9.24.43-150100.3.71.1 * kiwi-systemdeps-image-validation-9.24.43-150100.3.71.1 * kiwi-tools-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * kiwi-systemdeps-bootloaders-9.24.43-150100.3.71.1 * kiwi-systemdeps-iso-media-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * python3-kiwi-9.24.43-150100.3.71.1 * kiwi-systemdeps-disk-images-9.24.43-150100.3.71.1 * dracut-kiwi-live-9.24.43-150100.3.71.1 * kiwi-systemdeps-9.24.43-150100.3.71.1 * kiwi-man-pages-9.24.43-150100.3.71.1 * kiwi-tools-debuginfo-9.24.43-150100.3.71.1 * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-overlay-9.24.43-150100.3.71.1 * kiwi-systemdeps-containers-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * kiwi-systemdeps-core-9.24.43-150100.3.71.1 * Development Tools Module 15-SP5 (x86_64) * kiwi-pxeboot-9.24.43-150100.3.71.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1218095 * https://bugzilla.suse.com/show_bug.cgi?id=1221469 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 26 08:30:04 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 26 Mar 2024 08:30:04 -0000 Subject: SUSE-SU-2024:0989-1: important: Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP5) Message-ID: <171144180434.2904.11924896721642483761@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 7 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:0989-1 Rating: important References: * bsc#1218487 * bsc#1218610 * bsc#1219157 Cross-References: * CVE-2023-51779 * CVE-2023-6531 CVSS scores: * CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_24 fixes several issues. The following security issues were fixed: * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). * CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218610). * Recommended fix for IO lock-ups on HBA355i with SLES 15SP5. (bsc#1219157) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-989=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-989=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_24-rt-debuginfo-5-150500.2.2 * kernel-livepatch-SLE15-SP5-RT_Update_7-debugsource-5-150500.2.2 * kernel-livepatch-5_14_21-150500_13_24-rt-5-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_24-rt-debuginfo-5-150500.2.2 * kernel-livepatch-SLE15-SP5-RT_Update_7-debugsource-5-150500.2.2 * kernel-livepatch-5_14_21-150500_13_24-rt-5-150500.2.2 ## References: * https://www.suse.com/security/cve/CVE-2023-51779.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1218610 * https://bugzilla.suse.com/show_bug.cgi?id=1219157 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 26 08:30:06 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 26 Mar 2024 08:30:06 -0000 Subject: SUSE-RU-2024:0988-1: important: Recommended update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP5) Message-ID: <171144180625.2904.12118566563686963672@smelt2.prg2.suse.org> # Recommended update for the Linux Kernel RT (Live Patch 9 for SLE 15 SP5) Announcement ID: SUSE-RU-2024:0988-1 Rating: important References: * bsc#1219157 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_30 fixes one issue. The following bugs were fixed: * Recommended fix for IO lock-ups on HBA355i with SLES 15SP5. (bsc#1219157) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-988=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-988=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_30-rt-3-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_9-debugsource-3-150500.2.1 * kernel-livepatch-5_14_21-150500_13_30-rt-debuginfo-3-150500.2.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_30-rt-3-150500.2.1 * kernel-livepatch-SLE15-SP5-RT_Update_9-debugsource-3-150500.2.1 * kernel-livepatch-5_14_21-150500_13_30-rt-debuginfo-3-150500.2.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219157 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 26 08:30:09 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 26 Mar 2024 08:30:09 -0000 Subject: SUSE-SU-2024:0986-1: important: Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP5) Message-ID: <171144180902.2904.6956828346096325347@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 6 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:0986-1 Rating: important References: * bsc#1215887 * bsc#1216898 * bsc#1218487 * bsc#1218610 Cross-References: * CVE-2023-39191 * CVE-2023-46813 * CVE-2023-51779 * CVE-2023-6531 CVSS scores: * CVE-2023-39191 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-39191 ( NVD ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-46813 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-46813 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_21 fixes several issues. The following security issues were fixed: * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). * CVE-2023-46813: Fixed a local privilege escalation with user-space programs that have access to MMIO regions (bsc#1216898). * CVE-2023-39191: Fixed a lack of validation of dynamic pointers within user- supplied eBPF programs that may have allowed an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code. (bsc#1215863) * CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218610). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-987=1 SUSE-2024-986=1 SUSE-2024-990=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-990=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-987=1 SUSE-SLE-Module-Live- Patching-15-SP5-2024-986=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_21-rt-5-150500.2.2 * kernel-livepatch-SLE15-SP5-RT_Update_6-debugsource-5-150500.2.2 * kernel-livepatch-5_14_21-150500_13_11-rt-7-150500.2.2 * kernel-livepatch-5_14_21-150500_13_18-rt-6-150500.2.2 * kernel-livepatch-SLE15-SP5-RT_Update_3-debugsource-7-150500.2.2 * kernel-livepatch-5_14_21-150500_13_21-rt-debuginfo-5-150500.2.2 * kernel-livepatch-5_14_21-150500_13_18-rt-debuginfo-6-150500.2.2 * kernel-livepatch-SLE15-SP5-RT_Update_5-debugsource-6-150500.2.2 * kernel-livepatch-5_14_21-150500_13_11-rt-debuginfo-7-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_21-rt-5-150500.2.2 * kernel-livepatch-SLE15-SP5-RT_Update_6-debugsource-5-150500.2.2 * kernel-livepatch-5_14_21-150500_13_11-rt-7-150500.2.2 * kernel-livepatch-5_14_21-150500_13_18-rt-6-150500.2.2 * kernel-livepatch-SLE15-SP5-RT_Update_3-debugsource-7-150500.2.2 * kernel-livepatch-5_14_21-150500_13_21-rt-debuginfo-5-150500.2.2 * kernel-livepatch-5_14_21-150500_13_18-rt-debuginfo-6-150500.2.2 * kernel-livepatch-SLE15-SP5-RT_Update_5-debugsource-6-150500.2.2 * kernel-livepatch-5_14_21-150500_13_11-rt-debuginfo-7-150500.2.2 ## References: * https://www.suse.com/security/cve/CVE-2023-39191.html * https://www.suse.com/security/cve/CVE-2023-46813.html * https://www.suse.com/security/cve/CVE-2023-51779.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://bugzilla.suse.com/show_bug.cgi?id=1215887 * https://bugzilla.suse.com/show_bug.cgi?id=1216898 * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1218610 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 26 08:30:10 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 26 Mar 2024 08:30:10 -0000 Subject: SUSE-RU-2024:0985-1: critical: Recommended update for python-kiwi Message-ID: <171144181017.2904.13768438778836284336@smelt2.prg2.suse.org> # Recommended update for python-kiwi Announcement ID: SUSE-RU-2024:0985-1 Rating: critical References: * bsc#1218095 * bsc#1221469 Affected Products: * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has two fixes can now be installed. ## Description: This update for python-kiwi fixes the following issues: * Make sure temporary modifications to the zipl template and configuration file are not effective in the later system (bsc#1221469) * Differentiate between output and input console settings for grub terminal setup, and run sanity checks on the provided values (bsc#1218095) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-985=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-985=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-985=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-985=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-985=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-985=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-985=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-985=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-985=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-985=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-985=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-985=1 ## Package List: * openSUSE Leap Micro 5.3 (aarch64 x86_64) * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * kiwi-systemdeps-filesystems-9.24.43-150100.3.71.1 * kiwi-systemdeps-image-validation-9.24.43-150100.3.71.1 * kiwi-tools-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * kiwi-systemdeps-bootloaders-9.24.43-150100.3.71.1 * kiwi-systemdeps-iso-media-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * python3-kiwi-9.24.43-150100.3.71.1 * kiwi-systemdeps-disk-images-9.24.43-150100.3.71.1 * dracut-kiwi-live-9.24.43-150100.3.71.1 * kiwi-systemdeps-9.24.43-150100.3.71.1 * kiwi-man-pages-9.24.43-150100.3.71.1 * kiwi-tools-debuginfo-9.24.43-150100.3.71.1 * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-overlay-9.24.43-150100.3.71.1 * kiwi-systemdeps-containers-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * kiwi-systemdeps-core-9.24.43-150100.3.71.1 * openSUSE Leap 15.5 (x86_64) * kiwi-pxeboot-9.24.43-150100.3.71.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * kiwi-systemdeps-filesystems-9.24.43-150100.3.71.1 * kiwi-systemdeps-image-validation-9.24.43-150100.3.71.1 * kiwi-tools-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * kiwi-systemdeps-bootloaders-9.24.43-150100.3.71.1 * kiwi-systemdeps-iso-media-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * python3-kiwi-9.24.43-150100.3.71.1 * kiwi-systemdeps-disk-images-9.24.43-150100.3.71.1 * dracut-kiwi-live-9.24.43-150100.3.71.1 * kiwi-systemdeps-9.24.43-150100.3.71.1 * kiwi-man-pages-9.24.43-150100.3.71.1 * kiwi-tools-debuginfo-9.24.43-150100.3.71.1 * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-overlay-9.24.43-150100.3.71.1 * kiwi-systemdeps-containers-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * kiwi-systemdeps-core-9.24.43-150100.3.71.1 * Development Tools Module 15-SP5 (x86_64) * kiwi-pxeboot-9.24.43-150100.3.71.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * python-kiwi-debugsource-9.24.43-150100.3.71.1 * dracut-kiwi-lib-9.24.43-150100.3.71.1 * dracut-kiwi-oem-dump-9.24.43-150100.3.71.1 * dracut-kiwi-oem-repart-9.24.43-150100.3.71.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1218095 * https://bugzilla.suse.com/show_bug.cgi?id=1221469 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 26 12:30:06 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 26 Mar 2024 12:30:06 -0000 Subject: SUSE-SU-2024:0995-1: important: Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP5) Message-ID: <171145620674.31089.13887021841369737135@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 1 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:0995-1 Rating: important References: * bsc#1215887 * bsc#1216898 * bsc#1218487 * bsc#1218610 Cross-References: * CVE-2023-39191 * CVE-2023-46813 * CVE-2023-51779 * CVE-2023-6531 CVSS scores: * CVE-2023-39191 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-39191 ( NVD ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-46813 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-46813 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_5 fixes several issues. The following security issues were fixed: * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). * CVE-2023-46813: Fixed a local privilege escalation with user-space programs that have access to MMIO regions (bsc#1216898). * CVE-2023-39191: Fixed a lack of validation of dynamic pointers within user- supplied eBPF programs that may have allowed an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code. (bsc#1215863) * CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218610). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-995=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-995=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_1-debugsource-8-150500.2.2 * kernel-livepatch-5_14_21-150500_13_5-rt-8-150500.2.2 * kernel-livepatch-5_14_21-150500_13_5-rt-debuginfo-8-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_1-debugsource-8-150500.2.2 * kernel-livepatch-5_14_21-150500_13_5-rt-8-150500.2.2 * kernel-livepatch-5_14_21-150500_13_5-rt-debuginfo-8-150500.2.2 ## References: * https://www.suse.com/security/cve/CVE-2023-39191.html * https://www.suse.com/security/cve/CVE-2023-46813.html * https://www.suse.com/security/cve/CVE-2023-51779.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://bugzilla.suse.com/show_bug.cgi?id=1215887 * https://bugzilla.suse.com/show_bug.cgi?id=1216898 * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1218610 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 26 12:33:09 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 26 Mar 2024 12:33:09 -0000 Subject: SUSE-SU-2024:0991-1: important: Security update for the Linux Kernel RT (Live Patch 8 for SLE 15 SP5) Message-ID: <171145638993.5757.12766402568138915152@smelt2.prg2.suse.org> # Security update for the Linux Kernel RT (Live Patch 8 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:0991-1 Rating: important References: * bsc#1218487 * bsc#1218610 * bsc#1219157 Cross-References: * CVE-2023-51779 * CVE-2023-6531 CVSS scores: * CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_13_27 fixes several issues. The following security issues were fixed: * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). * CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218610). * Recommended fix for IO lock-ups on HBA355i with SLES 15SP5. (bsc#1219157) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-991=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-991=1 ## Package List: * openSUSE Leap 15.5 (x86_64) * kernel-livepatch-5_14_21-150500_13_27-rt-4-150500.2.2 * kernel-livepatch-5_14_21-150500_13_27-rt-debuginfo-4-150500.2.2 * kernel-livepatch-SLE15-SP5-RT_Update_8-debugsource-4-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-5_14_21-150500_13_27-rt-4-150500.2.2 * kernel-livepatch-5_14_21-150500_13_27-rt-debuginfo-4-150500.2.2 * kernel-livepatch-SLE15-SP5-RT_Update_8-debugsource-4-150500.2.2 ## References: * https://www.suse.com/security/cve/CVE-2023-51779.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1218610 * https://bugzilla.suse.com/show_bug.cgi?id=1219157 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 26 12:36:14 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 26 Mar 2024 12:36:14 -0000 Subject: SUSE-SU-2024:0997-1: important: Security update for krb5 Message-ID: <171145657406.6787.18379718686309714937@smelt2.prg2.suse.org> # Security update for krb5 Announcement ID: SUSE-SU-2024:0997-1 Rating: important References: * bsc#1220770 * bsc#1220771 * bsc#1220772 Cross-References: * CVE-2024-26458 * CVE-2024-26461 * CVE-2024-26462 CVSS scores: * CVE-2024-26458 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26461 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26462 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-26458: Fixed memory leak at /krb5/src/lib/rpc/pmap_rmt.c (bsc#1220770). * CVE-2024-26461: Fixed memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c (bsc#1220771). * CVE-2024-26462: Fixed memory leak at /krb5/src/kdc/ndr.c (bsc#1220772). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-997=1 openSUSE-SLE-15.5-2024-997=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-997=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-997=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-997=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * krb5-plugin-preauth-spake-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-otp-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-spake-1.20.1-150500.3.6.1 * krb5-server-1.20.1-150500.3.6.1 * krb5-server-debuginfo-1.20.1-150500.3.6.1 * krb5-client-debuginfo-1.20.1-150500.3.6.1 * krb5-mini-debugsource-1.20.1-150500.3.6.1 * krb5-mini-devel-1.20.1-150500.3.6.1 * krb5-mini-1.20.1-150500.3.6.1 * krb5-client-1.20.1-150500.3.6.1 * krb5-mini-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-1.20.1-150500.3.6.1 * openSUSE Leap 15.5 (x86_64) * krb5-devel-32bit-1.20.1-150500.3.6.1 * krb5-32bit-debuginfo-1.20.1-150500.3.6.1 * krb5-32bit-1.20.1-150500.3.6.1 * openSUSE Leap 15.5 (aarch64_ilp32) * krb5-64bit-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-64bit-1.20.1-150500.3.6.1 * krb5-64bit-1.20.1-150500.3.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * krb5-plugin-preauth-otp-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-client-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-1.20.1-150500.3.6.1 * krb5-client-1.20.1-150500.3.6.1 * Basesystem Module 15-SP5 (x86_64) * krb5-32bit-debuginfo-1.20.1-150500.3.6.1 * krb5-32bit-1.20.1-150500.3.6.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * krb5-plugin-kdb-ldap-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-server-1.20.1-150500.3.6.1 * krb5-server-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26458.html * https://www.suse.com/security/cve/CVE-2024-26461.html * https://www.suse.com/security/cve/CVE-2024-26462.html * https://bugzilla.suse.com/show_bug.cgi?id=1220770 * https://bugzilla.suse.com/show_bug.cgi?id=1220771 * https://bugzilla.suse.com/show_bug.cgi?id=1220772 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 26 12:39:15 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 26 Mar 2024 12:39:15 -0000 Subject: SUSE-SU-2024:0997-1: important: Security update for krb5 Message-ID: <171145675562.7093.4555424911933614925@smelt2.prg2.suse.org> # Security update for krb5 Announcement ID: SUSE-SU-2024:0997-1 Rating: important References: * bsc#1220770 * bsc#1220771 * bsc#1220772 Cross-References: * CVE-2024-26458 * CVE-2024-26461 * CVE-2024-26462 CVSS scores: * CVE-2024-26458 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26461 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26462 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-26458: Fixed memory leak at /krb5/src/lib/rpc/pmap_rmt.c (bsc#1220770). * CVE-2024-26461: Fixed memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c (bsc#1220771). * CVE-2024-26462: Fixed memory leak at /krb5/src/kdc/ndr.c (bsc#1220772). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-997=1 openSUSE-SLE-15.5-2024-997=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-997=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-997=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-997=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * krb5-plugin-preauth-spake-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-otp-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-spake-1.20.1-150500.3.6.1 * krb5-server-1.20.1-150500.3.6.1 * krb5-server-debuginfo-1.20.1-150500.3.6.1 * krb5-client-debuginfo-1.20.1-150500.3.6.1 * krb5-mini-debugsource-1.20.1-150500.3.6.1 * krb5-mini-devel-1.20.1-150500.3.6.1 * krb5-mini-1.20.1-150500.3.6.1 * krb5-client-1.20.1-150500.3.6.1 * krb5-mini-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-1.20.1-150500.3.6.1 * openSUSE Leap 15.5 (x86_64) * krb5-devel-32bit-1.20.1-150500.3.6.1 * krb5-32bit-debuginfo-1.20.1-150500.3.6.1 * krb5-32bit-1.20.1-150500.3.6.1 * openSUSE Leap 15.5 (aarch64_ilp32) * krb5-64bit-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-64bit-1.20.1-150500.3.6.1 * krb5-64bit-1.20.1-150500.3.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * krb5-plugin-preauth-otp-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-client-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-1.20.1-150500.3.6.1 * krb5-client-1.20.1-150500.3.6.1 * Basesystem Module 15-SP5 (x86_64) * krb5-32bit-debuginfo-1.20.1-150500.3.6.1 * krb5-32bit-1.20.1-150500.3.6.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * krb5-plugin-kdb-ldap-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-server-1.20.1-150500.3.6.1 * krb5-server-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26458.html * https://www.suse.com/security/cve/CVE-2024-26461.html * https://www.suse.com/security/cve/CVE-2024-26462.html * https://bugzilla.suse.com/show_bug.cgi?id=1220770 * https://bugzilla.suse.com/show_bug.cgi?id=1220771 * https://bugzilla.suse.com/show_bug.cgi?id=1220772 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 26 16:30:04 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 26 Mar 2024 16:30:04 -0000 Subject: SUSE-SU-2024:1000-1: critical: Security update for MozillaFirefox Message-ID: <171147060412.19419.14036475571678785524@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2024:1000-1 Rating: critical References: * bsc#1221850 Cross-References: * CVE-2024-29944 CVSS scores: Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.9.1esr ESR MFSA 2024-16 (bsc#1221850) * CVE-2024-29944: Privileged JavaScript Execution via Event Handlers (bmo#1886852). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1000=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1000=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1000=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1000=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-115.9.1-112.206.1 * MozillaFirefox-debuginfo-115.9.1-112.206.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch) * MozillaFirefox-devel-115.9.1-112.206.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * MozillaFirefox-115.9.1-112.206.1 * MozillaFirefox-debugsource-115.9.1-112.206.1 * MozillaFirefox-debuginfo-115.9.1-112.206.1 * MozillaFirefox-translations-common-115.9.1-112.206.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * MozillaFirefox-devel-115.9.1-112.206.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-115.9.1-112.206.1 * MozillaFirefox-debugsource-115.9.1-112.206.1 * MozillaFirefox-debuginfo-115.9.1-112.206.1 * MozillaFirefox-translations-common-115.9.1-112.206.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * MozillaFirefox-devel-115.9.1-112.206.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * MozillaFirefox-115.9.1-112.206.1 * MozillaFirefox-debugsource-115.9.1-112.206.1 * MozillaFirefox-debuginfo-115.9.1-112.206.1 * MozillaFirefox-translations-common-115.9.1-112.206.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * MozillaFirefox-devel-115.9.1-112.206.1 ## References: * https://www.suse.com/security/cve/CVE-2024-29944.html * https://bugzilla.suse.com/show_bug.cgi?id=1221850 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 26 16:30:05 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 26 Mar 2024 16:30:05 -0000 Subject: SUSE-SU-2024:0999-1: important: Security update for krb5 Message-ID: <171147060586.19419.3073606355167288529@smelt2.prg2.suse.org> # Security update for krb5 Announcement ID: SUSE-SU-2024:0999-1 Rating: important References: * bsc#1220770 * bsc#1220771 Cross-References: * CVE-2024-26458 * CVE-2024-26461 CVSS scores: * CVE-2024-26458 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26461 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves two vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-26458: Fixed memory leak at /krb5/src/lib/rpc/pmap_rmt.c (bsc#1220770). * CVE-2024-26461: Fixed memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c (bsc#1220771). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-999=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-999=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-999=1 ## Package List: * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-pkinit-1.16.3-150100.3.33.1 * krb5-plugin-preauth-otp-debuginfo-1.16.3-150100.3.33.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-150100.3.33.1 * krb5-server-1.16.3-150100.3.33.1 * krb5-debugsource-1.16.3-150100.3.33.1 * krb5-devel-1.16.3-150100.3.33.1 * krb5-plugin-preauth-otp-1.16.3-150100.3.33.1 * krb5-client-debuginfo-1.16.3-150100.3.33.1 * krb5-client-1.16.3-150100.3.33.1 * krb5-server-debuginfo-1.16.3-150100.3.33.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-150100.3.33.1 * krb5-1.16.3-150100.3.33.1 * krb5-plugin-kdb-ldap-1.16.3-150100.3.33.1 * krb5-debuginfo-1.16.3-150100.3.33.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * krb5-32bit-debuginfo-1.16.3-150100.3.33.1 * krb5-32bit-1.16.3-150100.3.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * krb5-plugin-preauth-pkinit-1.16.3-150100.3.33.1 * krb5-plugin-preauth-otp-debuginfo-1.16.3-150100.3.33.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-150100.3.33.1 * krb5-server-1.16.3-150100.3.33.1 * krb5-debugsource-1.16.3-150100.3.33.1 * krb5-devel-1.16.3-150100.3.33.1 * krb5-plugin-preauth-otp-1.16.3-150100.3.33.1 * krb5-client-debuginfo-1.16.3-150100.3.33.1 * krb5-client-1.16.3-150100.3.33.1 * krb5-server-debuginfo-1.16.3-150100.3.33.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-150100.3.33.1 * krb5-1.16.3-150100.3.33.1 * krb5-plugin-kdb-ldap-1.16.3-150100.3.33.1 * krb5-debuginfo-1.16.3-150100.3.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * krb5-32bit-debuginfo-1.16.3-150100.3.33.1 * krb5-32bit-1.16.3-150100.3.33.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * krb5-plugin-preauth-pkinit-1.16.3-150100.3.33.1 * krb5-plugin-preauth-otp-debuginfo-1.16.3-150100.3.33.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-150100.3.33.1 * krb5-server-1.16.3-150100.3.33.1 * krb5-debugsource-1.16.3-150100.3.33.1 * krb5-devel-1.16.3-150100.3.33.1 * krb5-plugin-preauth-otp-1.16.3-150100.3.33.1 * krb5-client-debuginfo-1.16.3-150100.3.33.1 * krb5-client-1.16.3-150100.3.33.1 * krb5-server-debuginfo-1.16.3-150100.3.33.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-150100.3.33.1 * krb5-1.16.3-150100.3.33.1 * krb5-plugin-kdb-ldap-1.16.3-150100.3.33.1 * krb5-debuginfo-1.16.3-150100.3.33.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * krb5-32bit-debuginfo-1.16.3-150100.3.33.1 * krb5-32bit-1.16.3-150100.3.33.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26458.html * https://www.suse.com/security/cve/CVE-2024-26461.html * https://bugzilla.suse.com/show_bug.cgi?id=1220770 * https://bugzilla.suse.com/show_bug.cgi?id=1220771 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 26 16:30:06 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 26 Mar 2024 16:30:06 -0000 Subject: SUSE-SU-2024:0997-1: important: Security update for krb5 Message-ID: <171147060664.19419.13872387715456564407@smelt2.prg2.suse.org> # Security update for krb5 Announcement ID: SUSE-SU-2024:0997-1 Rating: important References: * bsc#1220770 * bsc#1220771 * bsc#1220772 Cross-References: * CVE-2024-26458 * CVE-2024-26461 * CVE-2024-26462 CVSS scores: * CVE-2024-26458 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26461 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26462 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-26458: Fixed memory leak at /krb5/src/lib/rpc/pmap_rmt.c (bsc#1220770). * CVE-2024-26461: Fixed memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c (bsc#1220771). * CVE-2024-26462: Fixed memory leak at /krb5/src/kdc/ndr.c (bsc#1220772). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-997=1 openSUSE-SLE-15.5-2024-997=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-997=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-997=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-997=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * krb5-plugin-preauth-spake-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-otp-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-spake-1.20.1-150500.3.6.1 * krb5-server-1.20.1-150500.3.6.1 * krb5-server-debuginfo-1.20.1-150500.3.6.1 * krb5-client-debuginfo-1.20.1-150500.3.6.1 * krb5-mini-debugsource-1.20.1-150500.3.6.1 * krb5-mini-devel-1.20.1-150500.3.6.1 * krb5-mini-1.20.1-150500.3.6.1 * krb5-client-1.20.1-150500.3.6.1 * krb5-mini-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-1.20.1-150500.3.6.1 * openSUSE Leap 15.5 (x86_64) * krb5-devel-32bit-1.20.1-150500.3.6.1 * krb5-32bit-debuginfo-1.20.1-150500.3.6.1 * krb5-32bit-1.20.1-150500.3.6.1 * openSUSE Leap 15.5 (aarch64_ilp32) * krb5-64bit-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-64bit-1.20.1-150500.3.6.1 * krb5-64bit-1.20.1-150500.3.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * krb5-plugin-preauth-otp-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-client-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-1.20.1-150500.3.6.1 * krb5-client-1.20.1-150500.3.6.1 * Basesystem Module 15-SP5 (x86_64) * krb5-32bit-debuginfo-1.20.1-150500.3.6.1 * krb5-32bit-1.20.1-150500.3.6.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * krb5-plugin-kdb-ldap-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-server-1.20.1-150500.3.6.1 * krb5-server-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26458.html * https://www.suse.com/security/cve/CVE-2024-26461.html * https://www.suse.com/security/cve/CVE-2024-26462.html * https://bugzilla.suse.com/show_bug.cgi?id=1220770 * https://bugzilla.suse.com/show_bug.cgi?id=1220771 * https://bugzilla.suse.com/show_bug.cgi?id=1220772 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 26 16:33:08 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 26 Mar 2024 16:33:08 -0000 Subject: SUSE-SU-2024:0997-1: important: Security update for krb5 Message-ID: <171147078816.23723.10823039787797288630@smelt2.prg2.suse.org> # Security update for krb5 Announcement ID: SUSE-SU-2024:0997-1 Rating: important References: * bsc#1220770 * bsc#1220771 * bsc#1220772 Cross-References: * CVE-2024-26458 * CVE-2024-26461 * CVE-2024-26462 CVSS scores: * CVE-2024-26458 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26461 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26462 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-26458: Fixed memory leak at /krb5/src/lib/rpc/pmap_rmt.c (bsc#1220770). * CVE-2024-26461: Fixed memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c (bsc#1220771). * CVE-2024-26462: Fixed memory leak at /krb5/src/kdc/ndr.c (bsc#1220772). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-997=1 openSUSE-SLE-15.5-2024-997=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-997=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-997=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-997=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.6.1 * krb5-mini-1.20.1-150500.3.6.1 * krb5-mini-devel-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-1.20.1-150500.3.6.1 * krb5-plugin-preauth-otp-1.20.1-150500.3.6.1 * krb5-client-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-mini-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-spake-1.20.1-150500.3.6.1 * krb5-server-debuginfo-1.20.1-150500.3.6.1 * krb5-mini-debugsource-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.6.1 * krb5-client-debuginfo-1.20.1-150500.3.6.1 * krb5-server-1.20.1-150500.3.6.1 * krb5-plugin-preauth-spake-debuginfo-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-1.20.1-150500.3.6.1 * openSUSE Leap 15.5 (x86_64) * krb5-devel-32bit-1.20.1-150500.3.6.1 * krb5-32bit-debuginfo-1.20.1-150500.3.6.1 * krb5-32bit-1.20.1-150500.3.6.1 * openSUSE Leap 15.5 (aarch64_ilp32) * krb5-64bit-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-64bit-1.20.1-150500.3.6.1 * krb5-64bit-1.20.1-150500.3.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-1.20.1-150500.3.6.1 * krb5-plugin-preauth-otp-1.20.1-150500.3.6.1 * krb5-client-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.6.1 * krb5-client-debuginfo-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * Basesystem Module 15-SP5 (x86_64) * krb5-32bit-debuginfo-1.20.1-150500.3.6.1 * krb5-32bit-1.20.1-150500.3.6.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-server-1.20.1-150500.3.6.1 * krb5-server-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-1.20.1-150500.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26458.html * https://www.suse.com/security/cve/CVE-2024-26461.html * https://www.suse.com/security/cve/CVE-2024-26462.html * https://bugzilla.suse.com/show_bug.cgi?id=1220770 * https://bugzilla.suse.com/show_bug.cgi?id=1220771 * https://bugzilla.suse.com/show_bug.cgi?id=1220772 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 26 16:36:10 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 26 Mar 2024 16:36:10 -0000 Subject: SUSE-SU-2024:0997-1: important: Security update for krb5 Message-ID: <171147097007.25738.8465156184847045788@smelt2.prg2.suse.org> # Security update for krb5 Announcement ID: SUSE-SU-2024:0997-1 Rating: important References: * bsc#1220770 * bsc#1220771 * bsc#1220772 Cross-References: * CVE-2024-26458 * CVE-2024-26461 * CVE-2024-26462 CVSS scores: * CVE-2024-26458 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26461 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26462 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-26458: Fixed memory leak at /krb5/src/lib/rpc/pmap_rmt.c (bsc#1220770). * CVE-2024-26461: Fixed memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c (bsc#1220771). * CVE-2024-26462: Fixed memory leak at /krb5/src/kdc/ndr.c (bsc#1220772). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-997=1 openSUSE-SLE-15.5-2024-997=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-997=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-997=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-997=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * krb5-plugin-preauth-spake-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-otp-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-spake-1.20.1-150500.3.6.1 * krb5-server-1.20.1-150500.3.6.1 * krb5-server-debuginfo-1.20.1-150500.3.6.1 * krb5-client-debuginfo-1.20.1-150500.3.6.1 * krb5-mini-debugsource-1.20.1-150500.3.6.1 * krb5-mini-devel-1.20.1-150500.3.6.1 * krb5-mini-1.20.1-150500.3.6.1 * krb5-client-1.20.1-150500.3.6.1 * krb5-mini-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-1.20.1-150500.3.6.1 * openSUSE Leap 15.5 (x86_64) * krb5-devel-32bit-1.20.1-150500.3.6.1 * krb5-32bit-debuginfo-1.20.1-150500.3.6.1 * krb5-32bit-1.20.1-150500.3.6.1 * openSUSE Leap 15.5 (aarch64_ilp32) * krb5-64bit-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-64bit-1.20.1-150500.3.6.1 * krb5-64bit-1.20.1-150500.3.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * krb5-plugin-preauth-otp-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-client-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-1.20.1-150500.3.6.1 * krb5-client-1.20.1-150500.3.6.1 * Basesystem Module 15-SP5 (x86_64) * krb5-32bit-debuginfo-1.20.1-150500.3.6.1 * krb5-32bit-1.20.1-150500.3.6.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * krb5-plugin-kdb-ldap-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-server-1.20.1-150500.3.6.1 * krb5-server-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26458.html * https://www.suse.com/security/cve/CVE-2024-26461.html * https://www.suse.com/security/cve/CVE-2024-26462.html * https://bugzilla.suse.com/show_bug.cgi?id=1220770 * https://bugzilla.suse.com/show_bug.cgi?id=1220771 * https://bugzilla.suse.com/show_bug.cgi?id=1220772 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 26 16:39:12 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 26 Mar 2024 16:39:12 -0000 Subject: SUSE-SU-2024:0997-1: important: Security update for krb5 Message-ID: <171147115248.25738.6296809395066666861@smelt2.prg2.suse.org> # Security update for krb5 Announcement ID: SUSE-SU-2024:0997-1 Rating: important References: * bsc#1220770 * bsc#1220771 * bsc#1220772 Cross-References: * CVE-2024-26458 * CVE-2024-26461 * CVE-2024-26462 CVSS scores: * CVE-2024-26458 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26461 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26462 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-26458: Fixed memory leak at /krb5/src/lib/rpc/pmap_rmt.c (bsc#1220770). * CVE-2024-26461: Fixed memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c (bsc#1220771). * CVE-2024-26462: Fixed memory leak at /krb5/src/kdc/ndr.c (bsc#1220772). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-997=1 openSUSE-SLE-15.5-2024-997=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-997=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-997=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-997=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * krb5-plugin-preauth-spake-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-otp-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-spake-1.20.1-150500.3.6.1 * krb5-server-1.20.1-150500.3.6.1 * krb5-server-debuginfo-1.20.1-150500.3.6.1 * krb5-client-debuginfo-1.20.1-150500.3.6.1 * krb5-mini-debugsource-1.20.1-150500.3.6.1 * krb5-mini-devel-1.20.1-150500.3.6.1 * krb5-mini-1.20.1-150500.3.6.1 * krb5-client-1.20.1-150500.3.6.1 * krb5-mini-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-1.20.1-150500.3.6.1 * openSUSE Leap 15.5 (x86_64) * krb5-devel-32bit-1.20.1-150500.3.6.1 * krb5-32bit-debuginfo-1.20.1-150500.3.6.1 * krb5-32bit-1.20.1-150500.3.6.1 * openSUSE Leap 15.5 (aarch64_ilp32) * krb5-64bit-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-64bit-1.20.1-150500.3.6.1 * krb5-64bit-1.20.1-150500.3.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * krb5-plugin-preauth-otp-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-client-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-1.20.1-150500.3.6.1 * krb5-client-1.20.1-150500.3.6.1 * Basesystem Module 15-SP5 (x86_64) * krb5-32bit-debuginfo-1.20.1-150500.3.6.1 * krb5-32bit-1.20.1-150500.3.6.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * krb5-plugin-kdb-ldap-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-server-1.20.1-150500.3.6.1 * krb5-server-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26458.html * https://www.suse.com/security/cve/CVE-2024-26461.html * https://www.suse.com/security/cve/CVE-2024-26462.html * https://bugzilla.suse.com/show_bug.cgi?id=1220770 * https://bugzilla.suse.com/show_bug.cgi?id=1220771 * https://bugzilla.suse.com/show_bug.cgi?id=1220772 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 26 20:30:00 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 26 Mar 2024 20:30:00 -0000 Subject: SUSE-SU-2024:0997-1: important: Security update for krb5 Message-ID: <171148500086.23503.9719366275200182029@smelt2.prg2.suse.org> # Security update for krb5 Announcement ID: SUSE-SU-2024:0997-1 Rating: important References: * bsc#1220770 * bsc#1220771 * bsc#1220772 Cross-References: * CVE-2024-26458 * CVE-2024-26461 * CVE-2024-26462 CVSS scores: * CVE-2024-26458 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26461 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26462 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-26458: Fixed memory leak at /krb5/src/lib/rpc/pmap_rmt.c (bsc#1220770). * CVE-2024-26461: Fixed memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c (bsc#1220771). * CVE-2024-26462: Fixed memory leak at /krb5/src/kdc/ndr.c (bsc#1220772). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-997=1 openSUSE-SLE-15.5-2024-997=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-997=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-997=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-997=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * krb5-plugin-preauth-spake-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-otp-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-preauth-spake-1.20.1-150500.3.6.1 * krb5-server-1.20.1-150500.3.6.1 * krb5-server-debuginfo-1.20.1-150500.3.6.1 * krb5-client-debuginfo-1.20.1-150500.3.6.1 * krb5-mini-debugsource-1.20.1-150500.3.6.1 * krb5-mini-devel-1.20.1-150500.3.6.1 * krb5-mini-1.20.1-150500.3.6.1 * krb5-client-1.20.1-150500.3.6.1 * krb5-mini-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-1.20.1-150500.3.6.1 * openSUSE Leap 15.5 (x86_64) * krb5-devel-32bit-1.20.1-150500.3.6.1 * krb5-32bit-debuginfo-1.20.1-150500.3.6.1 * krb5-32bit-1.20.1-150500.3.6.1 * openSUSE Leap 15.5 (aarch64_ilp32) * krb5-64bit-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-64bit-1.20.1-150500.3.6.1 * krb5-64bit-1.20.1-150500.3.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-otp-debuginfo-1.20.1-150500.3.6.1 * krb5-1.20.1-150500.3.6.1 * krb5-plugin-preauth-otp-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-1.20.1-150500.3.6.1 * krb5-plugin-preauth-pkinit-debuginfo-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-client-debuginfo-1.20.1-150500.3.6.1 * krb5-devel-1.20.1-150500.3.6.1 * krb5-client-1.20.1-150500.3.6.1 * Basesystem Module 15-SP5 (x86_64) * krb5-32bit-debuginfo-1.20.1-150500.3.6.1 * krb5-32bit-1.20.1-150500.3.6.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * krb5-plugin-kdb-ldap-1.20.1-150500.3.6.1 * krb5-debuginfo-1.20.1-150500.3.6.1 * krb5-debugsource-1.20.1-150500.3.6.1 * krb5-server-1.20.1-150500.3.6.1 * krb5-server-debuginfo-1.20.1-150500.3.6.1 * krb5-plugin-kdb-ldap-debuginfo-1.20.1-150500.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26458.html * https://www.suse.com/security/cve/CVE-2024-26461.html * https://www.suse.com/security/cve/CVE-2024-26462.html * https://bugzilla.suse.com/show_bug.cgi?id=1220770 * https://bugzilla.suse.com/show_bug.cgi?id=1220771 * https://bugzilla.suse.com/show_bug.cgi?id=1220772 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 26 20:30:02 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 26 Mar 2024 20:30:02 -0000 Subject: SUSE-RU-2024:0996-1: moderate: Recommended update for krb5 Message-ID: <171148500265.23503.1756554556762886204@smelt2.prg2.suse.org> # Recommended update for krb5 Announcement ID: SUSE-RU-2024:0996-1 Rating: moderate References: * jsc#PED-7884 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that contains one feature can now be installed. ## Description: This update for krb5 fixes the following issues: This update updates krb5 to 1.16.3 (jsc#PED-7884). Most relevant changes: * Remove the triple-DES and RC4 encryption types from the default value of supported_enctypes, which determines the default key and salt types for new password-derived keys. By default, keys will only created only for AES128 and AES256. This mitigates some types of password guessing attacks. * Add support for the AES-SHA2 enctypes, which allows sites to conform to Suite B crypto requirements. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-996=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-996=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-996=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-996=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * krb5-devel-1.16.3-46.3.1 * krb5-debugsource-1.16.3-46.3.1 * krb5-debuginfo-1.16.3-46.3.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * krb5-plugin-preauth-otp-1.16.3-46.3.1 * krb5-debugsource-1.16.3-46.3.1 * krb5-plugin-preauth-pkinit-1.16.3-46.3.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-46.3.1 * krb5-doc-1.16.3-46.3.1 * krb5-plugin-preauth-otp-debuginfo-1.16.3-46.3.1 * krb5-client-debuginfo-1.16.3-46.3.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-46.3.1 * krb5-plugin-kdb-ldap-1.16.3-46.3.1 * krb5-client-1.16.3-46.3.1 * krb5-server-debuginfo-1.16.3-46.3.1 * krb5-1.16.3-46.3.1 * krb5-server-1.16.3-46.3.1 * krb5-debuginfo-1.16.3-46.3.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * krb5-debuginfo-32bit-1.16.3-46.3.1 * krb5-32bit-1.16.3-46.3.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-otp-1.16.3-46.3.1 * krb5-debugsource-1.16.3-46.3.1 * krb5-plugin-preauth-pkinit-1.16.3-46.3.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-46.3.1 * krb5-doc-1.16.3-46.3.1 * krb5-plugin-preauth-otp-debuginfo-1.16.3-46.3.1 * krb5-client-debuginfo-1.16.3-46.3.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-46.3.1 * krb5-plugin-kdb-ldap-1.16.3-46.3.1 * krb5-client-1.16.3-46.3.1 * krb5-server-debuginfo-1.16.3-46.3.1 * krb5-1.16.3-46.3.1 * krb5-server-1.16.3-46.3.1 * krb5-debuginfo-1.16.3-46.3.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * krb5-debuginfo-32bit-1.16.3-46.3.1 * krb5-32bit-1.16.3-46.3.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * krb5-plugin-preauth-otp-1.16.3-46.3.1 * krb5-debugsource-1.16.3-46.3.1 * krb5-plugin-preauth-pkinit-1.16.3-46.3.1 * krb5-plugin-kdb-ldap-debuginfo-1.16.3-46.3.1 * krb5-doc-1.16.3-46.3.1 * krb5-plugin-preauth-otp-debuginfo-1.16.3-46.3.1 * krb5-client-debuginfo-1.16.3-46.3.1 * krb5-plugin-preauth-pkinit-debuginfo-1.16.3-46.3.1 * krb5-plugin-kdb-ldap-1.16.3-46.3.1 * krb5-client-1.16.3-46.3.1 * krb5-server-debuginfo-1.16.3-46.3.1 * krb5-1.16.3-46.3.1 * krb5-server-1.16.3-46.3.1 * krb5-debuginfo-1.16.3-46.3.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * krb5-debuginfo-32bit-1.16.3-46.3.1 * krb5-32bit-1.16.3-46.3.1 ## References: * https://jira.suse.com/browse/PED-7884 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 26 20:30:03 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 26 Mar 2024 20:30:03 -0000 Subject: SUSE-RU-2024:0994-1: moderate: Recommended update for rasdaemon Message-ID: <171148500363.23503.1473770496317579343@smelt2.prg2.suse.org> # Recommended update for rasdaemon Announcement ID: SUSE-RU-2024:0994-1 Rating: moderate References: * jsc#PED-7633 Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature can now be installed. ## Description: This update for rasdaemon fixes the following issues: * Maint: MI300A: rasdaemon: MI300A support patches (jsc#PED-7633) * Fix SMCA bank type decoding * Identify the DIe Number in multidie system * Handle reassigned bit definitions for UMC bank * Add new MA_LLC, USR_DP, and USR_CP bank types * Add support for post-processing MCA errors * Handle reassigned bit definitions for CS SMCA * Update SMCA bank error descriptions ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-994=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-994=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-994=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-994=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-994=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-994=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-994=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-994=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-994=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-994=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * Server Applications Module 15-SP5 (aarch64 s390x x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 s390x x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Manager Proxy 4.3 (x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Manager Server 4.3 (s390x x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 ## References: * https://jira.suse.com/browse/PED-7633 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 26 20:33:05 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 26 Mar 2024 20:33:05 -0000 Subject: SUSE-RU-2024:0994-1: moderate: Recommended update for rasdaemon Message-ID: <171148518503.23503.13752895221983789023@smelt2.prg2.suse.org> # Recommended update for rasdaemon Announcement ID: SUSE-RU-2024:0994-1 Rating: moderate References: * jsc#PED-7633 Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature can now be installed. ## Description: This update for rasdaemon fixes the following issues: * Maint: MI300A: rasdaemon: MI300A support patches (jsc#PED-7633) * Fix SMCA bank type decoding * Identify the DIe Number in multidie system * Handle reassigned bit definitions for UMC bank * Add new MA_LLC, USR_DP, and USR_CP bank types * Add support for post-processing MCA errors * Handle reassigned bit definitions for CS SMCA * Update SMCA bank error descriptions ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-994=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-994=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-994=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-994=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-994=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-994=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-994=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-994=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-994=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-994=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * Server Applications Module 15-SP5 (aarch64 s390x x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 s390x x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Manager Proxy 4.3 (x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Manager Server 4.3 (s390x x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 ## References: * https://jira.suse.com/browse/PED-7633 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 26 20:36:07 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 26 Mar 2024 20:36:07 -0000 Subject: SUSE-RU-2024:0994-1: moderate: Recommended update for rasdaemon Message-ID: <171148536730.23503.3223972318105493524@smelt2.prg2.suse.org> # Recommended update for rasdaemon Announcement ID: SUSE-RU-2024:0994-1 Rating: moderate References: * jsc#PED-7633 Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature can now be installed. ## Description: This update for rasdaemon fixes the following issues: * Maint: MI300A: rasdaemon: MI300A support patches (jsc#PED-7633) * Fix SMCA bank type decoding * Identify the DIe Number in multidie system * Handle reassigned bit definitions for UMC bank * Add new MA_LLC, USR_DP, and USR_CP bank types * Add support for post-processing MCA errors * Handle reassigned bit definitions for CS SMCA * Update SMCA bank error descriptions ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-994=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-994=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-994=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-994=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-994=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-994=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-994=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-994=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-994=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-994=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * Server Applications Module 15-SP5 (aarch64 s390x x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 s390x x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Manager Proxy 4.3 (x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 * SUSE Manager Server 4.3 (s390x x86_64) * rasdaemon-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150400.4.3.1 * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150400.4.3.1 ## References: * https://jira.suse.com/browse/PED-7633 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Mar 26 20:36:08 2024 From: null at suse.de (SLE-UPDATES) Date: Tue, 26 Mar 2024 20:36:08 -0000 Subject: SUSE-OU-2024:0992-1: low: Optional update for graphviz Message-ID: <171148536896.23503.14676055337189764519@smelt2.prg2.suse.org> # Optional update for graphviz Announcement ID: SUSE-OU-2024:0992-1 Rating: low References: * bsc#1212157 Affected Products: * SUSE Linux Enterprise High Availability Extension 12 SP5 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that has one fix can now be installed. ## Description: This update for graphviz fixes the following issues: * Improve builds reproducibility (bsc#1212157) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-992=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-992=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-992=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-992=1 SUSE-SLE- HA-12-SP5-2024-992=1 * SUSE Linux Enterprise High Availability Extension 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2024-992=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * graphviz-debuginfo-2.28.0-29.9.1 * graphviz-debugsource-2.28.0-29.9.1 * graphviz-devel-2.28.0-29.9.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * graphviz-debuginfo-2.28.0-29.9.1 * graphviz-plugins-debugsource-2.28.0-29.9.1 * graphviz-tcl-2.28.0-29.9.1 * graphviz-debugsource-2.28.0-29.9.1 * graphviz-gd-2.28.0-29.9.1 * graphviz-2.28.0-29.9.1 * graphviz-gnome-2.28.0-29.9.1 * graphviz-tcl-debuginfo-2.28.0-29.9.1 * graphviz-gd-debuginfo-2.28.0-29.9.1 * graphviz-gnome-debuginfo-2.28.0-29.9.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * graphviz-debuginfo-2.28.0-29.9.1 * graphviz-plugins-debugsource-2.28.0-29.9.1 * graphviz-tcl-2.28.0-29.9.1 * graphviz-debugsource-2.28.0-29.9.1 * graphviz-gd-2.28.0-29.9.1 * graphviz-2.28.0-29.9.1 * graphviz-gnome-2.28.0-29.9.1 * graphviz-tcl-debuginfo-2.28.0-29.9.1 * graphviz-gd-debuginfo-2.28.0-29.9.1 * graphviz-gnome-debuginfo-2.28.0-29.9.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * graphviz-debuginfo-2.28.0-29.9.1 * graphviz-python-debuginfo-2.28.0-29.9.1 * graphviz-python-2.28.0-29.9.1 * graphviz-plugins-debugsource-2.28.0-29.9.1 * graphviz-tcl-2.28.0-29.9.1 * graphviz-debugsource-2.28.0-29.9.1 * graphviz-gd-2.28.0-29.9.1 * graphviz-2.28.0-29.9.1 * graphviz-gnome-2.28.0-29.9.1 * graphviz-tcl-debuginfo-2.28.0-29.9.1 * graphviz-gd-debuginfo-2.28.0-29.9.1 * graphviz-gnome-debuginfo-2.28.0-29.9.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (ppc64le s390x x86_64) * graphviz-plugins-debugsource-2.28.0-29.9.1 * graphviz-python-debuginfo-2.28.0-29.9.1 * graphviz-python-2.28.0-29.9.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1212157 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 27 08:30:03 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 27 Mar 2024 08:30:03 -0000 Subject: SUSE-RU-2024:1004-1: important: Recommended update for warewulf4 Message-ID: <171152820395.20617.15258576415128396628@smelt2.prg2.suse.org> # Recommended update for warewulf4 Announcement ID: SUSE-RU-2024:1004-1 Rating: important References: * bsc#1221133 * bsc#1221886 Affected Products: * HPC Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 An update that has two fixes can now be installed. ## Description: This update for warewulf4 fixes the following issues: * Warewulf was updated to version 4.5.0: * Disks, partitions and file systems can set in the configration and if ignition is present in the container, changes to the disks will be made * Grub can be used as alternative boot method instead of iPXE. The grub binairy is extracted from the container and shim is executed before the grub. This enables secure boot * wwctl has now the genconfig subcommand which will print/create valid configurations * All paths e.g the overlay dir, can now be configured in warewulf.conf * Notable bug fixes: * Fixed a bug where profile tags were erroneously overridden by empty node values. * Fixed bug where tags from profiles weren't rendered. * All configuration overlays now live in `/var/lib/warewulf4/overlays`. The overlay templates now reside under `rootfs` in each top level directory. This allows the overlays to be maintained in git repositories without risk of including git meta information into the node images. When updating the package, an attempt will be made to move all added or modified overlay templates to this directory. After an update, check whether `/usr/share/warewulf/overlays` still exists and what files have remained and move these manually. * Aarch64 compute nodes boot properly, now (bsc#1221133). * Package Changes: * `dnsmasq` may be used instead of the ISC `dhcpd`. Specify `dnsmasq` as package to install when installing `warewulf4`: zypper in warewulf4 dnsmasq * Client configuration example templates have been moved to the package documentation. * Sub-package dependencies got fixed to avoid mixing package components from different versions. * The script generating ssh keys for users now perperly identifies 1000 as the minimal user UID (boo#1221886). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1004=1 openSUSE-SLE-15.5-2024-1004=1 * HPC Module 15-SP5 zypper in -t patch SUSE-SLE-Module-HPC-15-SP5-2024-1004=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64) * warewulf4-api-4.5.0-150500.6.8.1 * warewulf4-4.5.0-150500.6.8.1 * warewulf4-overlay-4.5.0-150500.6.8.1 * openSUSE Leap 15.5 (noarch) * warewulf4-overlay-slurm-4.5.0-150500.6.8.1 * warewulf4-man-4.5.0-150500.6.8.1 * HPC Module 15-SP5 (aarch64 x86_64) * warewulf4-api-4.5.0-150500.6.8.1 * warewulf4-4.5.0-150500.6.8.1 * warewulf4-overlay-4.5.0-150500.6.8.1 * HPC Module 15-SP5 (noarch) * warewulf4-overlay-slurm-4.5.0-150500.6.8.1 * warewulf4-man-4.5.0-150500.6.8.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1221133 * https://bugzilla.suse.com/show_bug.cgi?id=1221886 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 27 08:30:05 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 27 Mar 2024 08:30:05 -0000 Subject: SUSE-SU-2024:1002-1: critical: Security update for MozillaFirefox Message-ID: <171152820584.20617.7786776990557019507@smelt2.prg2.suse.org> # Security update for MozillaFirefox Announcement ID: SUSE-SU-2024:1002-1 Rating: critical References: * bsc#1220048 * bsc#1221327 * bsc#1221850 Cross-References: * CVE-2023-5388 * CVE-2024-0743 * CVE-2024-1546 * CVE-2024-1547 * CVE-2024-1548 * CVE-2024-1549 * CVE-2024-1550 * CVE-2024-1551 * CVE-2024-1552 * CVE-2024-1553 * CVE-2024-2605 * CVE-2024-2607 * CVE-2024-2608 * CVE-2024-2610 * CVE-2024-2611 * CVE-2024-2612 * CVE-2024-2614 * CVE-2024-2616 * CVE-2024-29944 CVSS scores: * CVE-2023-5388 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-0743 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-0743 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-2605 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-2607 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-2608 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-2610 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-2611 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-2612 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-2614 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-2616 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 19 vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 115.9.1esr ESR MFSA 2024-16 (bsc#1221850). * CVE-2024-29944: Privileged JavaScript Execution via Event Handlers (bmo#1886852). Firefox Extended Support Release 115.9.0 ESR (bsc#1221327): * CVE-2024-0743: Crash in NSS TLS method (bmo#1867408). * CVE-2024-2605: Windows Error Reporter could be used as a Sandbox escape vector (bmo#1872920). * CVE-2024-2607: JIT code failed to save return registers on Armv7-A (bmo#1879939). * CVE-2024-2608: Integer overflow could have led to out of bounds write (bmo#1880692). * CVE-2024-2616: Improve handling of out-of-memory conditions in ICU (bmo#1846197). * CVE-2023-5388: NSS susceptible to timing attack against RSA decryption (bmo#1780432). * CVE-2024-2610: Improper handling of html and body tags enabled CSP nonce leakage (bmo#1871112). * CVE-2024-2611: Clickjacking vulnerability could have led to a user accidentally granting permissions (bmo#1876675). * CVE-2024-2612: Self referencing object could have potentially led to a use- after-free (bmo#1879444). * CVE-2024-2614: Memory safety bugs fixed in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9 (bmo#1685358, bmo#1861016, bmo#1880405, bmo#1881093). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1002=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1002=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1002=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1002=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1002=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1002=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1002=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1002=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1002=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1002=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1002=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1002=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1002=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1002=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-branding-upstream-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * openSUSE Leap 15.5 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * Desktop Applications Module 15-SP5 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * MozillaFirefox-debuginfo-115.9.1-150200.152.131.1 * MozillaFirefox-debugsource-115.9.1-150200.152.131.1 * MozillaFirefox-translations-other-115.9.1-150200.152.131.1 * MozillaFirefox-translations-common-115.9.1-150200.152.131.1 * MozillaFirefox-115.9.1-150200.152.131.1 * SUSE Enterprise Storage 7.1 (noarch) * MozillaFirefox-devel-115.9.1-150200.152.131.1 ## References: * https://www.suse.com/security/cve/CVE-2023-5388.html * https://www.suse.com/security/cve/CVE-2024-0743.html * https://www.suse.com/security/cve/CVE-2024-1546.html * https://www.suse.com/security/cve/CVE-2024-1547.html * https://www.suse.com/security/cve/CVE-2024-1548.html * https://www.suse.com/security/cve/CVE-2024-1549.html * https://www.suse.com/security/cve/CVE-2024-1550.html * https://www.suse.com/security/cve/CVE-2024-1551.html * https://www.suse.com/security/cve/CVE-2024-1552.html * https://www.suse.com/security/cve/CVE-2024-1553.html * https://www.suse.com/security/cve/CVE-2024-2605.html * https://www.suse.com/security/cve/CVE-2024-2607.html * https://www.suse.com/security/cve/CVE-2024-2608.html * https://www.suse.com/security/cve/CVE-2024-2610.html * https://www.suse.com/security/cve/CVE-2024-2611.html * https://www.suse.com/security/cve/CVE-2024-2612.html * https://www.suse.com/security/cve/CVE-2024-2614.html * https://www.suse.com/security/cve/CVE-2024-2616.html * https://www.suse.com/security/cve/CVE-2024-29944.html * https://bugzilla.suse.com/show_bug.cgi?id=1220048 * https://bugzilla.suse.com/show_bug.cgi?id=1221327 * https://bugzilla.suse.com/show_bug.cgi?id=1221850 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 27 08:30:09 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 27 Mar 2024 08:30:09 -0000 Subject: SUSE-SU-2024:1001-1: important: Security update for krb5 Message-ID: <171152820908.20617.10232971313855521@smelt2.prg2.suse.org> # Security update for krb5 Announcement ID: SUSE-SU-2024:1001-1 Rating: important References: * bsc#1220770 * bsc#1220771 Cross-References: * CVE-2024-26458 * CVE-2024-26461 CVSS scores: * CVE-2024-26458 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26461 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-26458: Fixed memory leak at /krb5/src/lib/rpc/pmap_rmt.c (bsc#1220770). * CVE-2024-26461: Fixed memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c (bsc#1220771). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1001=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1001=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1001=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1001=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1001=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1001=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1001=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1001=1 ## Package List: * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.16.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.16.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.16.1 * krb5-devel-1.19.2-150300.16.1 * krb5-server-1.19.2-150300.16.1 * krb5-plugin-preauth-spake-1.19.2-150300.16.1 * krb5-server-debuginfo-1.19.2-150300.16.1 * krb5-debuginfo-1.19.2-150300.16.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.16.1 * krb5-client-debuginfo-1.19.2-150300.16.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.16.1 * krb5-debugsource-1.19.2-150300.16.1 * krb5-client-1.19.2-150300.16.1 * krb5-plugin-preauth-otp-1.19.2-150300.16.1 * krb5-plugin-kdb-ldap-1.19.2-150300.16.1 * krb5-1.19.2-150300.16.1 * SUSE Enterprise Storage 7.1 (x86_64) * krb5-32bit-1.19.2-150300.16.1 * krb5-32bit-debuginfo-1.19.2-150300.16.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * krb5-debuginfo-1.19.2-150300.16.1 * krb5-1.19.2-150300.16.1 * krb5-debugsource-1.19.2-150300.16.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * krb5-debuginfo-1.19.2-150300.16.1 * krb5-1.19.2-150300.16.1 * krb5-debugsource-1.19.2-150300.16.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * krb5-debuginfo-1.19.2-150300.16.1 * krb5-1.19.2-150300.16.1 * krb5-debugsource-1.19.2-150300.16.1 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.16.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.16.1 * krb5-mini-debugsource-1.19.2-150300.16.1 * krb5-plugin-preauth-otp-1.19.2-150300.16.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.16.1 * krb5-devel-1.19.2-150300.16.1 * krb5-server-1.19.2-150300.16.1 * krb5-plugin-preauth-spake-1.19.2-150300.16.1 * krb5-server-debuginfo-1.19.2-150300.16.1 * krb5-debuginfo-1.19.2-150300.16.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.16.1 * krb5-client-debuginfo-1.19.2-150300.16.1 * krb5-mini-1.19.2-150300.16.1 * krb5-mini-debuginfo-1.19.2-150300.16.1 * krb5-client-1.19.2-150300.16.1 * krb5-debugsource-1.19.2-150300.16.1 * krb5-plugin-kdb-ldap-1.19.2-150300.16.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.16.1 * krb5-mini-devel-1.19.2-150300.16.1 * krb5-1.19.2-150300.16.1 * openSUSE Leap 15.3 (x86_64) * krb5-32bit-1.19.2-150300.16.1 * krb5-devel-32bit-1.19.2-150300.16.1 * krb5-32bit-debuginfo-1.19.2-150300.16.1 * openSUSE Leap 15.3 (aarch64_ilp32) * krb5-64bit-debuginfo-1.19.2-150300.16.1 * krb5-64bit-1.19.2-150300.16.1 * krb5-devel-64bit-1.19.2-150300.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.16.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.16.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.16.1 * krb5-devel-1.19.2-150300.16.1 * krb5-server-1.19.2-150300.16.1 * krb5-plugin-preauth-spake-1.19.2-150300.16.1 * krb5-server-debuginfo-1.19.2-150300.16.1 * krb5-debuginfo-1.19.2-150300.16.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.16.1 * krb5-client-debuginfo-1.19.2-150300.16.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.16.1 * krb5-debugsource-1.19.2-150300.16.1 * krb5-client-1.19.2-150300.16.1 * krb5-plugin-preauth-otp-1.19.2-150300.16.1 * krb5-plugin-kdb-ldap-1.19.2-150300.16.1 * krb5-1.19.2-150300.16.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * krb5-32bit-1.19.2-150300.16.1 * krb5-32bit-debuginfo-1.19.2-150300.16.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.16.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.16.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.16.1 * krb5-devel-1.19.2-150300.16.1 * krb5-server-1.19.2-150300.16.1 * krb5-plugin-preauth-spake-1.19.2-150300.16.1 * krb5-server-debuginfo-1.19.2-150300.16.1 * krb5-debuginfo-1.19.2-150300.16.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.16.1 * krb5-client-debuginfo-1.19.2-150300.16.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.16.1 * krb5-debugsource-1.19.2-150300.16.1 * krb5-client-1.19.2-150300.16.1 * krb5-plugin-preauth-otp-1.19.2-150300.16.1 * krb5-plugin-kdb-ldap-1.19.2-150300.16.1 * krb5-1.19.2-150300.16.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * krb5-32bit-1.19.2-150300.16.1 * krb5-32bit-debuginfo-1.19.2-150300.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * krb5-plugin-preauth-spake-debuginfo-1.19.2-150300.16.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150300.16.1 * krb5-plugin-preauth-pkinit-1.19.2-150300.16.1 * krb5-devel-1.19.2-150300.16.1 * krb5-server-1.19.2-150300.16.1 * krb5-plugin-preauth-spake-1.19.2-150300.16.1 * krb5-server-debuginfo-1.19.2-150300.16.1 * krb5-debuginfo-1.19.2-150300.16.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150300.16.1 * krb5-client-debuginfo-1.19.2-150300.16.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150300.16.1 * krb5-debugsource-1.19.2-150300.16.1 * krb5-client-1.19.2-150300.16.1 * krb5-plugin-preauth-otp-1.19.2-150300.16.1 * krb5-plugin-kdb-ldap-1.19.2-150300.16.1 * krb5-1.19.2-150300.16.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * krb5-32bit-1.19.2-150300.16.1 * krb5-32bit-debuginfo-1.19.2-150300.16.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26458.html * https://www.suse.com/security/cve/CVE-2024-26461.html * https://bugzilla.suse.com/show_bug.cgi?id=1220770 * https://bugzilla.suse.com/show_bug.cgi?id=1220771 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 27 12:30:03 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 27 Mar 2024 12:30:03 -0000 Subject: SUSE-SU-2024:1007-1: moderate: Security update for shadow Message-ID: <171154260309.12485.1468691811234736140@smelt2.prg2.suse.org> # Security update for shadow Announcement ID: SUSE-SU-2024:1007-1 Rating: moderate References: * bsc#1144060 * bsc#1176006 * bsc#1188307 * bsc#1203823 * bsc#1205502 * bsc#1206627 * bsc#1210507 * bsc#1213189 * bsc#1214806 Cross-References: * CVE-2023-29383 * CVE-2023-4641 CVSS scores: * CVE-2023-29383 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-29383 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2023-4641 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-4641 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves two vulnerabilities and has seven security fixes can now be installed. ## Description: This update for shadow fixes the following issues: * CVE-2023-29383: Fixed apparent /etc/shadow manipulation via chfn (bsc#1210507). * CVE-2023-4641: Fixed possible password leak during passwd(1) change (bsc#1214806). The following non-security bugs were fixed: * bsc#1176006: Fix chage date miscalculation * bsc#1188307: Fix passwd segfault * bsc#1203823: Remove pam_keyinit from PAM config files * bsc#1213189: Change lock mechanism to file locking to prevent lock files after power interruptions * bsc#1206627: Add --prefix support to passwd, chpasswd and chage * bsc#1205502: useradd audit event user id field cannot be interpretedd ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1007=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (noarch) * login_defs-4.8.1-150500.3.3.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * shadow-debuginfo-4.8.1-150500.3.3.1 * shadow-4.8.1-150500.3.3.1 * shadow-debugsource-4.8.1-150500.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-29383.html * https://www.suse.com/security/cve/CVE-2023-4641.html * https://bugzilla.suse.com/show_bug.cgi?id=1144060 * https://bugzilla.suse.com/show_bug.cgi?id=1176006 * https://bugzilla.suse.com/show_bug.cgi?id=1188307 * https://bugzilla.suse.com/show_bug.cgi?id=1203823 * https://bugzilla.suse.com/show_bug.cgi?id=1205502 * https://bugzilla.suse.com/show_bug.cgi?id=1206627 * https://bugzilla.suse.com/show_bug.cgi?id=1210507 * https://bugzilla.suse.com/show_bug.cgi?id=1213189 * https://bugzilla.suse.com/show_bug.cgi?id=1214806 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 27 12:30:04 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 27 Mar 2024 12:30:04 -0000 Subject: SUSE-SU-2024:1006-1: important: Security update for krb5 Message-ID: <171154260479.12485.16017790045537289107@smelt2.prg2.suse.org> # Security update for krb5 Announcement ID: SUSE-SU-2024:1006-1 Rating: important References: * bsc#1220770 * bsc#1220771 Cross-References: * CVE-2024-26458 * CVE-2024-26461 CVSS scores: * CVE-2024-26458 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26461 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for krb5 fixes the following issues: * CVE-2024-26458: Fixed memory leak at /krb5/src/lib/rpc/pmap_rmt.c (bsc#1220770). * CVE-2024-26461: Fixed memory leak at /krb5/src/lib/gssapi/krb5/k5sealv3.c (bsc#1220771). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1006=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1006=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1006=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1006=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1006=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1006=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1006=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1006=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1006=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1006=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1006=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1006=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1006=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1006=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1006=1 ## Package List: * SUSE Manager Proxy 4.3 (x86_64) * krb5-32bit-1.19.2-150400.3.9.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.9.1 * krb5-server-1.19.2-150400.3.9.1 * krb5-devel-1.19.2-150400.3.9.1 * krb5-1.19.2-150400.3.9.1 * krb5-server-debuginfo-1.19.2-150400.3.9.1 * krb5-client-1.19.2-150400.3.9.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.9.1 * krb5-32bit-debuginfo-1.19.2-150400.3.9.1 * krb5-client-debuginfo-1.19.2-150400.3.9.1 * krb5-debugsource-1.19.2-150400.3.9.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.9.1 * krb5-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.9.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.9.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * krb5-32bit-1.19.2-150400.3.9.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.9.1 * krb5-server-1.19.2-150400.3.9.1 * krb5-devel-1.19.2-150400.3.9.1 * krb5-1.19.2-150400.3.9.1 * krb5-server-debuginfo-1.19.2-150400.3.9.1 * krb5-client-1.19.2-150400.3.9.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.9.1 * krb5-32bit-debuginfo-1.19.2-150400.3.9.1 * krb5-client-debuginfo-1.19.2-150400.3.9.1 * krb5-debugsource-1.19.2-150400.3.9.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.9.1 * krb5-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.9.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.9.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.9.1 * krb5-server-1.19.2-150400.3.9.1 * krb5-devel-1.19.2-150400.3.9.1 * krb5-1.19.2-150400.3.9.1 * krb5-server-debuginfo-1.19.2-150400.3.9.1 * krb5-client-1.19.2-150400.3.9.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.9.1 * krb5-client-debuginfo-1.19.2-150400.3.9.1 * krb5-debugsource-1.19.2-150400.3.9.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.9.1 * krb5-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.9.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.9.1 * SUSE Manager Server 4.3 (x86_64) * krb5-32bit-debuginfo-1.19.2-150400.3.9.1 * krb5-32bit-1.19.2-150400.3.9.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * krb5-mini-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.9.1 * krb5-mini-devel-1.19.2-150400.3.9.1 * krb5-devel-1.19.2-150400.3.9.1 * krb5-1.19.2-150400.3.9.1 * krb5-server-1.19.2-150400.3.9.1 * krb5-server-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-preauth-spake-debuginfo-1.19.2-150400.3.9.1 * krb5-client-1.19.2-150400.3.9.1 * krb5-mini-debugsource-1.19.2-150400.3.9.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.9.1 * krb5-mini-1.19.2-150400.3.9.1 * krb5-client-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-preauth-spake-1.19.2-150400.3.9.1 * krb5-debugsource-1.19.2-150400.3.9.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.9.1 * krb5-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.9.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.9.1 * openSUSE Leap 15.4 (x86_64) * krb5-32bit-debuginfo-1.19.2-150400.3.9.1 * krb5-32bit-1.19.2-150400.3.9.1 * krb5-devel-32bit-1.19.2-150400.3.9.1 * openSUSE Leap 15.4 (aarch64_ilp32) * krb5-devel-64bit-1.19.2-150400.3.9.1 * krb5-64bit-1.19.2-150400.3.9.1 * krb5-64bit-debuginfo-1.19.2-150400.3.9.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * krb5-1.19.2-150400.3.9.1 * krb5-debuginfo-1.19.2-150400.3.9.1 * krb5-debugsource-1.19.2-150400.3.9.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * krb5-1.19.2-150400.3.9.1 * krb5-debuginfo-1.19.2-150400.3.9.1 * krb5-debugsource-1.19.2-150400.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * krb5-1.19.2-150400.3.9.1 * krb5-debuginfo-1.19.2-150400.3.9.1 * krb5-debugsource-1.19.2-150400.3.9.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * krb5-1.19.2-150400.3.9.1 * krb5-debuginfo-1.19.2-150400.3.9.1 * krb5-debugsource-1.19.2-150400.3.9.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * krb5-1.19.2-150400.3.9.1 * krb5-debuginfo-1.19.2-150400.3.9.1 * krb5-debugsource-1.19.2-150400.3.9.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * krb5-1.19.2-150400.3.9.1 * krb5-debuginfo-1.19.2-150400.3.9.1 * krb5-debugsource-1.19.2-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.9.1 * krb5-server-1.19.2-150400.3.9.1 * krb5-devel-1.19.2-150400.3.9.1 * krb5-1.19.2-150400.3.9.1 * krb5-server-debuginfo-1.19.2-150400.3.9.1 * krb5-client-1.19.2-150400.3.9.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.9.1 * krb5-client-debuginfo-1.19.2-150400.3.9.1 * krb5-debugsource-1.19.2-150400.3.9.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.9.1 * krb5-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.9.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * krb5-32bit-debuginfo-1.19.2-150400.3.9.1 * krb5-32bit-1.19.2-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.9.1 * krb5-server-1.19.2-150400.3.9.1 * krb5-devel-1.19.2-150400.3.9.1 * krb5-1.19.2-150400.3.9.1 * krb5-server-debuginfo-1.19.2-150400.3.9.1 * krb5-client-1.19.2-150400.3.9.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.9.1 * krb5-client-debuginfo-1.19.2-150400.3.9.1 * krb5-debugsource-1.19.2-150400.3.9.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.9.1 * krb5-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.9.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * krb5-32bit-debuginfo-1.19.2-150400.3.9.1 * krb5-32bit-1.19.2-150400.3.9.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * krb5-32bit-1.19.2-150400.3.9.1 * krb5-devel-1.19.2-150400.3.9.1 * krb5-1.19.2-150400.3.9.1 * krb5-client-1.19.2-150400.3.9.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.9.1 * krb5-32bit-debuginfo-1.19.2-150400.3.9.1 * krb5-client-debuginfo-1.19.2-150400.3.9.1 * krb5-debugsource-1.19.2-150400.3.9.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.9.1 * krb5-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.9.1 * krb5-server-1.19.2-150400.3.9.1 * krb5-devel-1.19.2-150400.3.9.1 * krb5-1.19.2-150400.3.9.1 * krb5-server-debuginfo-1.19.2-150400.3.9.1 * krb5-client-1.19.2-150400.3.9.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.9.1 * krb5-client-debuginfo-1.19.2-150400.3.9.1 * krb5-debugsource-1.19.2-150400.3.9.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.9.1 * krb5-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.9.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * krb5-32bit-debuginfo-1.19.2-150400.3.9.1 * krb5-32bit-1.19.2-150400.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * krb5-plugin-kdb-ldap-debuginfo-1.19.2-150400.3.9.1 * krb5-server-1.19.2-150400.3.9.1 * krb5-devel-1.19.2-150400.3.9.1 * krb5-1.19.2-150400.3.9.1 * krb5-server-debuginfo-1.19.2-150400.3.9.1 * krb5-client-1.19.2-150400.3.9.1 * krb5-plugin-preauth-pkinit-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-preauth-otp-debuginfo-1.19.2-150400.3.9.1 * krb5-client-debuginfo-1.19.2-150400.3.9.1 * krb5-debugsource-1.19.2-150400.3.9.1 * krb5-plugin-preauth-otp-1.19.2-150400.3.9.1 * krb5-debuginfo-1.19.2-150400.3.9.1 * krb5-plugin-preauth-pkinit-1.19.2-150400.3.9.1 * krb5-plugin-kdb-ldap-1.19.2-150400.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * krb5-32bit-debuginfo-1.19.2-150400.3.9.1 * krb5-32bit-1.19.2-150400.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-26458.html * https://www.suse.com/security/cve/CVE-2024-26461.html * https://bugzilla.suse.com/show_bug.cgi?id=1220770 * https://bugzilla.suse.com/show_bug.cgi?id=1220771 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 27 12:30:08 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 27 Mar 2024 12:30:08 -0000 Subject: SUSE-SU-2024:1005-1: moderate: Security update for libvirt Message-ID: <171154260826.12485.15692481118556004783@smelt2.prg2.suse.org> # Security update for libvirt Announcement ID: SUSE-SU-2024:1005-1 Rating: moderate References: * bsc#1221237 * bsc#1221468 Cross-References: * CVE-2024-1441 * CVE-2024-2496 CVSS scores: * CVE-2024-1441 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-2496 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for libvirt fixes the following issues: * CVE-2024-2496: Fixed NULL pointer dereference in udevConnectListAllInterfaces() (bsc#1221468). * CVE-2024-1441: Fix off-by-one error in udevListInterfacesByStatus (bsc#1221237) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1005=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1005=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1005=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1005=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libvirt-debugsource-5.1.0-13.39.1 * libvirt-devel-5.1.0-13.39.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * libvirt-daemon-driver-storage-core-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-network-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-nodedev-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-storage-disk-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-storage-rbd-5.1.0-13.39.1 * libvirt-nss-debuginfo-5.1.0-13.39.1 * libvirt-daemon-5.1.0-13.39.1 * libvirt-daemon-driver-storage-rbd-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-nodedev-5.1.0-13.39.1 * libvirt-nss-5.1.0-13.39.1 * libvirt-libs-5.1.0-13.39.1 * libvirt-daemon-driver-network-5.1.0-13.39.1 * libvirt-debugsource-5.1.0-13.39.1 * libvirt-daemon-driver-qemu-5.1.0-13.39.1 * libvirt-daemon-driver-nwfilter-debuginfo-5.1.0-13.39.1 * libvirt-admin-debuginfo-5.1.0-13.39.1 * libvirt-libs-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-storage-logical-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-storage-core-5.1.0-13.39.1 * libvirt-daemon-driver-storage-5.1.0-13.39.1 * libvirt-lock-sanlock-5.1.0-13.39.1 * libvirt-daemon-driver-storage-scsi-5.1.0-13.39.1 * libvirt-daemon-hooks-5.1.0-13.39.1 * libvirt-daemon-driver-secret-debuginfo-5.1.0-13.39.1 * libvirt-daemon-lxc-5.1.0-13.39.1 * libvirt-admin-5.1.0-13.39.1 * libvirt-daemon-driver-storage-scsi-debuginfo-5.1.0-13.39.1 * libvirt-client-5.1.0-13.39.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-storage-mpath-5.1.0-13.39.1 * libvirt-lock-sanlock-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-qemu-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-interface-debuginfo-5.1.0-13.39.1 * libvirt-daemon-config-network-5.1.0-13.39.1 * libvirt-daemon-driver-nwfilter-5.1.0-13.39.1 * libvirt-daemon-driver-secret-5.1.0-13.39.1 * libvirt-daemon-qemu-5.1.0-13.39.1 * libvirt-doc-5.1.0-13.39.1 * libvirt-5.1.0-13.39.1 * libvirt-client-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-lxc-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-storage-mpath-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-lxc-5.1.0-13.39.1 * libvirt-daemon-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-storage-logical-5.1.0-13.39.1 * libvirt-daemon-driver-interface-5.1.0-13.39.1 * libvirt-daemon-driver-storage-iscsi-5.1.0-13.39.1 * libvirt-daemon-driver-storage-disk-5.1.0-13.39.1 * libvirt-daemon-config-nwfilter-5.1.0-13.39.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libvirt-daemon-xen-5.1.0-13.39.1 * libvirt-daemon-driver-libxl-5.1.0-13.39.1 * libvirt-daemon-driver-libxl-debuginfo-5.1.0-13.39.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * libvirt-daemon-driver-storage-core-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-network-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-nodedev-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-storage-disk-debuginfo-5.1.0-13.39.1 * libvirt-nss-debuginfo-5.1.0-13.39.1 * libvirt-daemon-5.1.0-13.39.1 * libvirt-daemon-driver-nodedev-5.1.0-13.39.1 * libvirt-nss-5.1.0-13.39.1 * libvirt-libs-5.1.0-13.39.1 * libvirt-daemon-driver-network-5.1.0-13.39.1 * libvirt-debugsource-5.1.0-13.39.1 * libvirt-daemon-driver-qemu-5.1.0-13.39.1 * libvirt-daemon-driver-nwfilter-debuginfo-5.1.0-13.39.1 * libvirt-admin-debuginfo-5.1.0-13.39.1 * libvirt-libs-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-storage-logical-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-storage-core-5.1.0-13.39.1 * libvirt-daemon-driver-storage-5.1.0-13.39.1 * libvirt-lock-sanlock-5.1.0-13.39.1 * libvirt-daemon-driver-storage-scsi-5.1.0-13.39.1 * libvirt-daemon-hooks-5.1.0-13.39.1 * libvirt-daemon-driver-secret-debuginfo-5.1.0-13.39.1 * libvirt-daemon-lxc-5.1.0-13.39.1 * libvirt-admin-5.1.0-13.39.1 * libvirt-daemon-driver-storage-scsi-debuginfo-5.1.0-13.39.1 * libvirt-client-5.1.0-13.39.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-storage-mpath-5.1.0-13.39.1 * libvirt-lock-sanlock-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-qemu-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-interface-debuginfo-5.1.0-13.39.1 * libvirt-daemon-config-network-5.1.0-13.39.1 * libvirt-daemon-driver-nwfilter-5.1.0-13.39.1 * libvirt-daemon-driver-secret-5.1.0-13.39.1 * libvirt-daemon-qemu-5.1.0-13.39.1 * libvirt-doc-5.1.0-13.39.1 * libvirt-5.1.0-13.39.1 * libvirt-client-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-lxc-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-storage-mpath-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-lxc-5.1.0-13.39.1 * libvirt-daemon-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-storage-logical-5.1.0-13.39.1 * libvirt-daemon-driver-interface-5.1.0-13.39.1 * libvirt-daemon-driver-storage-iscsi-5.1.0-13.39.1 * libvirt-daemon-driver-storage-disk-5.1.0-13.39.1 * libvirt-daemon-config-nwfilter-5.1.0-13.39.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 x86_64) * libvirt-daemon-driver-storage-rbd-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-storage-rbd-5.1.0-13.39.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * libvirt-daemon-xen-5.1.0-13.39.1 * libvirt-daemon-driver-libxl-5.1.0-13.39.1 * libvirt-daemon-driver-libxl-debuginfo-5.1.0-13.39.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * libvirt-daemon-driver-storage-core-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-network-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-nodedev-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-storage-disk-debuginfo-5.1.0-13.39.1 * libvirt-nss-debuginfo-5.1.0-13.39.1 * libvirt-daemon-5.1.0-13.39.1 * libvirt-daemon-driver-nodedev-5.1.0-13.39.1 * libvirt-nss-5.1.0-13.39.1 * libvirt-libs-5.1.0-13.39.1 * libvirt-daemon-driver-network-5.1.0-13.39.1 * libvirt-debugsource-5.1.0-13.39.1 * libvirt-daemon-driver-qemu-5.1.0-13.39.1 * libvirt-daemon-driver-nwfilter-debuginfo-5.1.0-13.39.1 * libvirt-admin-debuginfo-5.1.0-13.39.1 * libvirt-libs-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-storage-logical-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-storage-core-5.1.0-13.39.1 * libvirt-daemon-driver-storage-5.1.0-13.39.1 * libvirt-lock-sanlock-5.1.0-13.39.1 * libvirt-daemon-driver-storage-scsi-5.1.0-13.39.1 * libvirt-daemon-hooks-5.1.0-13.39.1 * libvirt-daemon-driver-secret-debuginfo-5.1.0-13.39.1 * libvirt-daemon-lxc-5.1.0-13.39.1 * libvirt-admin-5.1.0-13.39.1 * libvirt-daemon-driver-storage-scsi-debuginfo-5.1.0-13.39.1 * libvirt-client-5.1.0-13.39.1 * libvirt-daemon-driver-storage-iscsi-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-storage-mpath-5.1.0-13.39.1 * libvirt-lock-sanlock-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-qemu-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-interface-debuginfo-5.1.0-13.39.1 * libvirt-daemon-config-network-5.1.0-13.39.1 * libvirt-daemon-driver-nwfilter-5.1.0-13.39.1 * libvirt-daemon-driver-secret-5.1.0-13.39.1 * libvirt-daemon-qemu-5.1.0-13.39.1 * libvirt-doc-5.1.0-13.39.1 * libvirt-5.1.0-13.39.1 * libvirt-client-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-lxc-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-storage-mpath-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-lxc-5.1.0-13.39.1 * libvirt-daemon-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-storage-logical-5.1.0-13.39.1 * libvirt-daemon-driver-interface-5.1.0-13.39.1 * libvirt-daemon-driver-storage-iscsi-5.1.0-13.39.1 * libvirt-daemon-driver-storage-disk-5.1.0-13.39.1 * libvirt-daemon-config-nwfilter-5.1.0-13.39.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libvirt-daemon-xen-5.1.0-13.39.1 * libvirt-daemon-driver-libxl-5.1.0-13.39.1 * libvirt-daemon-driver-storage-rbd-5.1.0-13.39.1 * libvirt-daemon-driver-storage-rbd-debuginfo-5.1.0-13.39.1 * libvirt-daemon-driver-libxl-debuginfo-5.1.0-13.39.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1441.html * https://www.suse.com/security/cve/CVE-2024-2496.html * https://bugzilla.suse.com/show_bug.cgi?id=1221237 * https://bugzilla.suse.com/show_bug.cgi?id=1221468 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 27 16:30:04 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 27 Mar 2024 16:30:04 -0000 Subject: SUSE-RU-2024:1012-1: moderate: Recommended update for yast2-packager Message-ID: <171155700425.3490.1505698604994835038@smelt2.prg2.suse.org> # Recommended update for yast2-packager Announcement ID: SUSE-RU-2024:1012-1 Rating: moderate References: * bsc#1201816 * bsc#1220567 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has two fixes can now be installed. ## Description: This update for yast2-packager fixes the following issues: * Reimplemented hardcoded product mapping to support the migration from SLE_HPC to SLES SP6+ (bsc#1220567) * Do not fail when the installation URL contains a space (bsc#1201816) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1012=1 SUSE-2024-1012=1 * SUSE Linux Enterprise High Performance Computing 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-1012=1 * SUSE Linux Enterprise Server 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-1012=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-1012=1 * SUSE Linux Enterprise Desktop 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-1012=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1012=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * yast2-packager-4.5.20-150500.3.11.4 * openSUSE Leap 15.5 (noarch) * yast2-registration-4.5.9-150500.3.3.4 * SUSE Linux Enterprise High Performance Computing 15 SP5 (aarch64 x86_64) * yast2-packager-4.5.20-150500.3.11.4 * SUSE Linux Enterprise Server 15 SP5 (aarch64 ppc64le s390x x86_64) * yast2-packager-4.5.20-150500.3.11.4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * yast2-packager-4.5.20-150500.3.11.4 * SUSE Linux Enterprise Desktop 15 SP5 (x86_64) * yast2-packager-4.5.20-150500.3.11.4 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * yast2-packager-4.5.20-150500.3.11.4 * Basesystem Module 15-SP5 (noarch) * yast2-registration-4.5.9-150500.3.3.4 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1201816 * https://bugzilla.suse.com/show_bug.cgi?id=1220567 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 27 16:30:07 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 27 Mar 2024 16:30:07 -0000 Subject: SUSE-RU-2024:1011-1: important: Recommended update for perl-Bootloader Message-ID: <171155700704.3490.4654442024571426916@smelt2.prg2.suse.org> # Recommended update for perl-Bootloader Announcement ID: SUSE-RU-2024:1011-1 Rating: important References: * bsc#1221470 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has one fix can now be installed. ## Description: This update for perl-Bootloader fixes the following issues: * Log grub2-install errors correctly (bsc#1221470) * Update to version 0.947 * Create EFI boot fallback directory if necessary ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1011=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1011=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1011=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * perl-Bootloader-0.947-3.9.1 * perl-Bootloader-YAML-0.947-3.9.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * perl-Bootloader-0.947-3.9.1 * perl-Bootloader-YAML-0.947-3.9.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * perl-Bootloader-0.947-3.9.1 * perl-Bootloader-YAML-0.947-3.9.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1221470 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 27 16:30:08 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 27 Mar 2024 16:30:08 -0000 Subject: SUSE-RU-2024:1010-1: important: Recommended update for perl-Bootloader Message-ID: <171155700819.3490.12103200474416156340@smelt2.prg2.suse.org> # Recommended update for perl-Bootloader Announcement ID: SUSE-RU-2024:1010-1 Rating: important References: * bsc#1218842 * bsc#1221470 Affected Products: * Basesystem Module 15-SP5 * Development Tools Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has two fixes can now be installed. ## Description: This update for perl-Bootloader fixes the following issues: * Log grub2-install errors correctly (bsc#1221470) * Update to version 0.947 * Support old grub versions that used /usr/lib (bsc#1218842) * Create EFI boot fallback directory if necessary ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1010=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1010=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1010=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1010=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1010=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1010=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1010=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1010=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1010=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1010=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1010=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1010=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1010=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1010=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1010=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1010=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1010=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1010=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1010=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * perl-Bootloader-YAML-0.947-150400.3.12.1 * perl-Bootloader-0.947-150400.3.12.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * perl-Bootloader-0.947-150400.3.12.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * perl-Bootloader-0.947-150400.3.12.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * perl-Bootloader-YAML-0.947-150400.3.12.1 * perl-Bootloader-0.947-150400.3.12.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * perl-Bootloader-0.947-150400.3.12.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * perl-Bootloader-0.947-150400.3.12.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * perl-Bootloader-0.947-150400.3.12.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * perl-Bootloader-0.947-150400.3.12.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * perl-Bootloader-0.947-150400.3.12.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * perl-Bootloader-0.947-150400.3.12.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * perl-Bootloader-YAML-0.947-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * perl-Bootloader-YAML-0.947-150400.3.12.1 * perl-Bootloader-0.947-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * perl-Bootloader-YAML-0.947-150400.3.12.1 * perl-Bootloader-0.947-150400.3.12.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * perl-Bootloader-YAML-0.947-150400.3.12.1 * perl-Bootloader-0.947-150400.3.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * perl-Bootloader-YAML-0.947-150400.3.12.1 * perl-Bootloader-0.947-150400.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * perl-Bootloader-YAML-0.947-150400.3.12.1 * perl-Bootloader-0.947-150400.3.12.1 * SUSE Manager Proxy 4.3 (x86_64) * perl-Bootloader-0.947-150400.3.12.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * perl-Bootloader-0.947-150400.3.12.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * perl-Bootloader-0.947-150400.3.12.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1218842 * https://bugzilla.suse.com/show_bug.cgi?id=1221470 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 27 16:30:10 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 27 Mar 2024 16:30:10 -0000 Subject: SUSE-SU-2024:1009-1: important: Security update for python39 Message-ID: <171155701009.3490.600091147966252397@smelt2.prg2.suse.org> # Security update for python39 Announcement ID: SUSE-SU-2024:1009-1 Rating: important References: * bsc#1211301 * bsc#1219559 * bsc#1219666 * bsc#1221854 Cross-References: * CVE-2023-52425 * CVE-2023-6597 * CVE-2024-0450 CVSS scores: * CVE-2023-52425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52425 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-6597 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0450 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves three vulnerabilities and has one security fix can now be installed. ## Description: This update for python39 fixes the following issues: * CVE-2023-52425: Fixed denial of service (resource consumption) caused by processing large tokens in expat (bsc#1219559). * CVE-2023-6597: Fixed symlink race condition in tempfile.TemporaryDirectory (bsc#1219666). * CVE-2024-0450: Fixed "quoted-overlap" in zipfile module (bsc#1221854). The following non-security bugs were fixed: * Use the system-wide crypto-policies (bsc#1211301). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1009=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1009=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1009=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1009=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1009=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1009=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python39-idle-3.9.19-150300.4.41.1 * python39-debuginfo-3.9.19-150300.4.41.1 * python39-tk-debuginfo-3.9.19-150300.4.41.1 * python39-doc-3.9.19-150300.4.41.1 * python39-testsuite-debuginfo-3.9.19-150300.4.41.2 * python39-dbm-3.9.19-150300.4.41.1 * python39-base-debuginfo-3.9.19-150300.4.41.2 * python39-3.9.19-150300.4.41.1 * python39-core-debugsource-3.9.19-150300.4.41.2 * python39-doc-devhelp-3.9.19-150300.4.41.1 * libpython3_9-1_0-debuginfo-3.9.19-150300.4.41.2 * python39-testsuite-3.9.19-150300.4.41.2 * libpython3_9-1_0-3.9.19-150300.4.41.2 * python39-curses-3.9.19-150300.4.41.1 * python39-tools-3.9.19-150300.4.41.2 * python39-devel-3.9.19-150300.4.41.2 * python39-debugsource-3.9.19-150300.4.41.1 * python39-base-3.9.19-150300.4.41.2 * python39-dbm-debuginfo-3.9.19-150300.4.41.1 * python39-curses-debuginfo-3.9.19-150300.4.41.1 * python39-tk-3.9.19-150300.4.41.1 * openSUSE Leap 15.3 (x86_64) * libpython3_9-1_0-32bit-debuginfo-3.9.19-150300.4.41.2 * python39-32bit-3.9.19-150300.4.41.1 * python39-32bit-debuginfo-3.9.19-150300.4.41.1 * python39-base-32bit-3.9.19-150300.4.41.2 * libpython3_9-1_0-32bit-3.9.19-150300.4.41.2 * python39-base-32bit-debuginfo-3.9.19-150300.4.41.2 * openSUSE Leap 15.3 (aarch64_ilp32) * python39-base-64bit-3.9.19-150300.4.41.2 * python39-64bit-debuginfo-3.9.19-150300.4.41.1 * libpython3_9-1_0-64bit-3.9.19-150300.4.41.2 * python39-base-64bit-debuginfo-3.9.19-150300.4.41.2 * libpython3_9-1_0-64bit-debuginfo-3.9.19-150300.4.41.2 * python39-64bit-3.9.19-150300.4.41.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python39-idle-3.9.19-150300.4.41.1 * python39-debuginfo-3.9.19-150300.4.41.1 * python39-tk-debuginfo-3.9.19-150300.4.41.1 * python39-doc-3.9.19-150300.4.41.1 * python39-testsuite-debuginfo-3.9.19-150300.4.41.2 * python39-dbm-3.9.19-150300.4.41.1 * python39-base-debuginfo-3.9.19-150300.4.41.2 * python39-3.9.19-150300.4.41.1 * python39-core-debugsource-3.9.19-150300.4.41.2 * python39-doc-devhelp-3.9.19-150300.4.41.1 * libpython3_9-1_0-debuginfo-3.9.19-150300.4.41.2 * python39-testsuite-3.9.19-150300.4.41.2 * libpython3_9-1_0-3.9.19-150300.4.41.2 * python39-curses-3.9.19-150300.4.41.1 * python39-tools-3.9.19-150300.4.41.2 * python39-devel-3.9.19-150300.4.41.2 * python39-debugsource-3.9.19-150300.4.41.1 * python39-base-3.9.19-150300.4.41.2 * python39-dbm-debuginfo-3.9.19-150300.4.41.1 * python39-curses-debuginfo-3.9.19-150300.4.41.1 * python39-tk-3.9.19-150300.4.41.1 * openSUSE Leap 15.5 (x86_64) * libpython3_9-1_0-32bit-debuginfo-3.9.19-150300.4.41.2 * python39-32bit-3.9.19-150300.4.41.1 * python39-32bit-debuginfo-3.9.19-150300.4.41.1 * python39-base-32bit-3.9.19-150300.4.41.2 * libpython3_9-1_0-32bit-3.9.19-150300.4.41.2 * python39-base-32bit-debuginfo-3.9.19-150300.4.41.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * python39-idle-3.9.19-150300.4.41.1 * python39-debugsource-3.9.19-150300.4.41.1 * python39-core-debugsource-3.9.19-150300.4.41.2 * python39-debuginfo-3.9.19-150300.4.41.1 * python39-dbm-3.9.19-150300.4.41.1 * python39-tk-debuginfo-3.9.19-150300.4.41.1 * libpython3_9-1_0-debuginfo-3.9.19-150300.4.41.2 * python39-base-3.9.19-150300.4.41.2 * python39-base-debuginfo-3.9.19-150300.4.41.2 * libpython3_9-1_0-3.9.19-150300.4.41.2 * python39-dbm-debuginfo-3.9.19-150300.4.41.1 * python39-curses-debuginfo-3.9.19-150300.4.41.1 * python39-curses-3.9.19-150300.4.41.1 * python39-3.9.19-150300.4.41.1 * python39-tk-3.9.19-150300.4.41.1 * python39-tools-3.9.19-150300.4.41.2 * python39-devel-3.9.19-150300.4.41.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * python39-idle-3.9.19-150300.4.41.1 * python39-debugsource-3.9.19-150300.4.41.1 * python39-core-debugsource-3.9.19-150300.4.41.2 * python39-debuginfo-3.9.19-150300.4.41.1 * python39-dbm-3.9.19-150300.4.41.1 * python39-tk-debuginfo-3.9.19-150300.4.41.1 * libpython3_9-1_0-debuginfo-3.9.19-150300.4.41.2 * python39-base-3.9.19-150300.4.41.2 * python39-base-debuginfo-3.9.19-150300.4.41.2 * libpython3_9-1_0-3.9.19-150300.4.41.2 * python39-dbm-debuginfo-3.9.19-150300.4.41.1 * python39-curses-debuginfo-3.9.19-150300.4.41.1 * python39-curses-3.9.19-150300.4.41.1 * python39-3.9.19-150300.4.41.1 * python39-tk-3.9.19-150300.4.41.1 * python39-tools-3.9.19-150300.4.41.2 * python39-devel-3.9.19-150300.4.41.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * python39-idle-3.9.19-150300.4.41.1 * python39-debugsource-3.9.19-150300.4.41.1 * python39-core-debugsource-3.9.19-150300.4.41.2 * python39-debuginfo-3.9.19-150300.4.41.1 * python39-dbm-3.9.19-150300.4.41.1 * python39-tk-debuginfo-3.9.19-150300.4.41.1 * libpython3_9-1_0-debuginfo-3.9.19-150300.4.41.2 * python39-base-3.9.19-150300.4.41.2 * python39-base-debuginfo-3.9.19-150300.4.41.2 * libpython3_9-1_0-3.9.19-150300.4.41.2 * python39-dbm-debuginfo-3.9.19-150300.4.41.1 * python39-curses-debuginfo-3.9.19-150300.4.41.1 * python39-curses-3.9.19-150300.4.41.1 * python39-3.9.19-150300.4.41.1 * python39-tk-3.9.19-150300.4.41.1 * python39-tools-3.9.19-150300.4.41.2 * python39-devel-3.9.19-150300.4.41.2 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * python39-idle-3.9.19-150300.4.41.1 * python39-debugsource-3.9.19-150300.4.41.1 * python39-core-debugsource-3.9.19-150300.4.41.2 * python39-debuginfo-3.9.19-150300.4.41.1 * python39-dbm-3.9.19-150300.4.41.1 * python39-tk-debuginfo-3.9.19-150300.4.41.1 * libpython3_9-1_0-debuginfo-3.9.19-150300.4.41.2 * python39-base-3.9.19-150300.4.41.2 * python39-base-debuginfo-3.9.19-150300.4.41.2 * libpython3_9-1_0-3.9.19-150300.4.41.2 * python39-dbm-debuginfo-3.9.19-150300.4.41.1 * python39-curses-debuginfo-3.9.19-150300.4.41.1 * python39-curses-3.9.19-150300.4.41.1 * python39-3.9.19-150300.4.41.1 * python39-tk-3.9.19-150300.4.41.1 * python39-tools-3.9.19-150300.4.41.2 * python39-devel-3.9.19-150300.4.41.2 ## References: * https://www.suse.com/security/cve/CVE-2023-52425.html * https://www.suse.com/security/cve/CVE-2023-6597.html * https://www.suse.com/security/cve/CVE-2024-0450.html * https://bugzilla.suse.com/show_bug.cgi?id=1211301 * https://bugzilla.suse.com/show_bug.cgi?id=1219559 * https://bugzilla.suse.com/show_bug.cgi?id=1219666 * https://bugzilla.suse.com/show_bug.cgi?id=1221854 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 27 16:30:14 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 27 Mar 2024 16:30:14 -0000 Subject: SUSE-SU-2024:1008-1: moderate: Security update for avahi Message-ID: <171155701413.3490.1495344145436715740@smelt2.prg2.suse.org> # Security update for avahi Announcement ID: SUSE-SU-2024:1008-1 Rating: moderate References: * bsc#1216594 * bsc#1216598 Cross-References: * CVE-2023-38469 * CVE-2023-38471 CVSS scores: * CVE-2023-38469 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38469 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38471 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38471 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for avahi fixes the following issues: * CVE-2023-38471: Fixed reachable assertion in dbus_set_host_name (bsc#1216594). * CVE-2023-38469: Fixed reachable assertions in avahi (bsc#1216598). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1008=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1008=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1008=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1008=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-1008=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * avahi-debugsource-0.6.32-32.24.1 * avahi-compat-mDNSResponder-devel-0.6.32-32.24.1 * libhowl0-debuginfo-0.6.32-32.24.1 * typelib-1_0-Avahi-0_6-0.6.32-32.24.1 * libavahi-gobject-devel-0.6.32-32.24.1 * libavahi-ui0-0.6.32-32.24.1 * libhowl0-0.6.32-32.24.1 * avahi-glib2-debugsource-0.6.32-32.24.1 * libavahi-ui-gtk3-0-debuginfo-0.6.32-32.24.1 * libavahi-gobject0-debuginfo-0.6.32-32.24.1 * libavahi-glib-devel-0.6.32-32.24.1 * python-avahi-0.6.32-32.24.1 * avahi-debuginfo-0.6.32-32.24.1 * libavahi-ui0-debuginfo-0.6.32-32.24.1 * avahi-compat-howl-devel-0.6.32-32.24.1 * libavahi-ui-gtk3-0-0.6.32-32.24.1 * libavahi-gobject0-0.6.32-32.24.1 * libavahi-devel-0.6.32-32.24.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * avahi-debugsource-0.6.32-32.24.1 * libavahi-core7-debuginfo-0.6.32-32.24.1 * libavahi-glib1-debuginfo-0.6.32-32.24.1 * libavahi-common3-0.6.32-32.24.1 * avahi-glib2-debugsource-0.6.32-32.24.1 * avahi-0.6.32-32.24.1 * libavahi-client3-0.6.32-32.24.1 * avahi-utils-debuginfo-0.6.32-32.24.1 * libavahi-glib1-0.6.32-32.24.1 * avahi-debuginfo-0.6.32-32.24.1 * libavahi-client3-debuginfo-0.6.32-32.24.1 * libavahi-core7-0.6.32-32.24.1 * libavahi-common3-debuginfo-0.6.32-32.24.1 * libdns_sd-0.6.32-32.24.1 * libdns_sd-debuginfo-0.6.32-32.24.1 * avahi-utils-0.6.32-32.24.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * avahi-lang-0.6.32-32.24.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * libavahi-glib1-debuginfo-32bit-0.6.32-32.24.1 * libavahi-glib1-32bit-0.6.32-32.24.1 * libavahi-common3-debuginfo-32bit-0.6.32-32.24.1 * libdns_sd-32bit-0.6.32-32.24.1 * libavahi-client3-debuginfo-32bit-0.6.32-32.24.1 * libavahi-common3-32bit-0.6.32-32.24.1 * libavahi-client3-32bit-0.6.32-32.24.1 * libdns_sd-debuginfo-32bit-0.6.32-32.24.1 * avahi-debuginfo-32bit-0.6.32-32.24.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * avahi-debugsource-0.6.32-32.24.1 * libavahi-core7-debuginfo-0.6.32-32.24.1 * libavahi-glib1-debuginfo-0.6.32-32.24.1 * libavahi-common3-0.6.32-32.24.1 * avahi-glib2-debugsource-0.6.32-32.24.1 * avahi-0.6.32-32.24.1 * libavahi-client3-0.6.32-32.24.1 * avahi-utils-debuginfo-0.6.32-32.24.1 * libavahi-glib1-0.6.32-32.24.1 * avahi-debuginfo-0.6.32-32.24.1 * libavahi-client3-debuginfo-0.6.32-32.24.1 * libavahi-core7-0.6.32-32.24.1 * libavahi-common3-debuginfo-0.6.32-32.24.1 * libdns_sd-0.6.32-32.24.1 * libdns_sd-debuginfo-0.6.32-32.24.1 * avahi-utils-0.6.32-32.24.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * avahi-lang-0.6.32-32.24.1 * SUSE Linux Enterprise Server 12 SP5 (s390x x86_64) * libavahi-glib1-debuginfo-32bit-0.6.32-32.24.1 * libavahi-glib1-32bit-0.6.32-32.24.1 * libavahi-common3-debuginfo-32bit-0.6.32-32.24.1 * libdns_sd-32bit-0.6.32-32.24.1 * libavahi-client3-debuginfo-32bit-0.6.32-32.24.1 * libavahi-common3-32bit-0.6.32-32.24.1 * libavahi-client3-32bit-0.6.32-32.24.1 * libdns_sd-debuginfo-32bit-0.6.32-32.24.1 * avahi-debuginfo-32bit-0.6.32-32.24.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * avahi-debugsource-0.6.32-32.24.1 * libavahi-core7-debuginfo-0.6.32-32.24.1 * libavahi-glib1-debuginfo-0.6.32-32.24.1 * libavahi-common3-0.6.32-32.24.1 * avahi-glib2-debugsource-0.6.32-32.24.1 * avahi-0.6.32-32.24.1 * libavahi-client3-0.6.32-32.24.1 * avahi-utils-debuginfo-0.6.32-32.24.1 * libavahi-glib1-0.6.32-32.24.1 * avahi-debuginfo-0.6.32-32.24.1 * libavahi-client3-debuginfo-0.6.32-32.24.1 * libavahi-core7-0.6.32-32.24.1 * libavahi-common3-debuginfo-0.6.32-32.24.1 * libdns_sd-0.6.32-32.24.1 * libdns_sd-debuginfo-0.6.32-32.24.1 * avahi-utils-0.6.32-32.24.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * avahi-lang-0.6.32-32.24.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * libavahi-glib1-debuginfo-32bit-0.6.32-32.24.1 * libavahi-glib1-32bit-0.6.32-32.24.1 * libavahi-common3-debuginfo-32bit-0.6.32-32.24.1 * libdns_sd-32bit-0.6.32-32.24.1 * libavahi-client3-debuginfo-32bit-0.6.32-32.24.1 * libavahi-common3-32bit-0.6.32-32.24.1 * libavahi-client3-32bit-0.6.32-32.24.1 * libdns_sd-debuginfo-32bit-0.6.32-32.24.1 * avahi-debuginfo-32bit-0.6.32-32.24.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * libavahi-ui0-0.6.32-32.24.1 * avahi-glib2-debugsource-0.6.32-32.24.1 * libavahi-ui-gtk3-0-debuginfo-0.6.32-32.24.1 * libavahi-gobject0-debuginfo-0.6.32-32.24.1 * libavahi-ui0-debuginfo-0.6.32-32.24.1 * libavahi-ui-gtk3-0-0.6.32-32.24.1 * libavahi-gobject0-0.6.32-32.24.1 ## References: * https://www.suse.com/security/cve/CVE-2023-38469.html * https://www.suse.com/security/cve/CVE-2023-38471.html * https://bugzilla.suse.com/show_bug.cgi?id=1216594 * https://bugzilla.suse.com/show_bug.cgi?id=1216598 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 27 20:30:04 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 27 Mar 2024 20:30:04 -0000 Subject: SUSE-SU-2024:1014-1: moderate: Security update for avahi Message-ID: <171157140492.16505.11660373151681435004@smelt2.prg2.suse.org> # Security update for avahi Announcement ID: SUSE-SU-2024:1014-1 Rating: moderate References: * bsc#1216594 * bsc#1216598 Cross-References: * CVE-2023-38469 * CVE-2023-38471 CVSS scores: * CVE-2023-38469 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38469 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38471 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-38471 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for avahi fixes the following issues: * CVE-2023-38471: Fixed reachable assertion in dbus_set_host_name (bsc#1216594). * CVE-2023-38469: Fixed reachable assertions in avahi (bsc#1216598). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1014=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1014=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1014=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1014=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1014=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1014=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1014=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1014=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1014=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1014=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1014=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1014=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libavahi-glib1-debuginfo-0.8-150400.7.16.1 * libavahi-glib-devel-0.8-150400.7.16.1 * libavahi-gobject-devel-0.8-150400.7.16.1 * avahi-utils-gtk-0.8-150400.7.16.1 * avahi-utils-gtk-debuginfo-0.8-150400.7.16.1 * avahi-0.8-150400.7.16.1 * libhowl0-0.8-150400.7.16.1 * libavahi-libevent1-debuginfo-0.8-150400.7.16.1 * libdns_sd-debuginfo-0.8-150400.7.16.1 * avahi-utils-debuginfo-0.8-150400.7.16.1 * libavahi-gobject0-0.8-150400.7.16.1 * libavahi-qt5-1-0.8-150400.7.16.1 * libavahi-qt5-devel-0.8-150400.7.16.1 * typelib-1_0-Avahi-0_6-0.8-150400.7.16.1 * libavahi-common3-debuginfo-0.8-150400.7.16.1 * avahi-compat-mDNSResponder-devel-0.8-150400.7.16.1 * libavahi-ui-gtk3-0-debuginfo-0.8-150400.7.16.1 * avahi-debugsource-0.8-150400.7.16.1 * libdns_sd-0.8-150400.7.16.1 * avahi-autoipd-0.8-150400.7.16.1 * avahi-qt5-debugsource-0.8-150400.7.16.1 * libavahi-client3-0.8-150400.7.16.1 * avahi-glib2-debugsource-0.8-150400.7.16.1 * libavahi-devel-0.8-150400.7.16.1 * libavahi-libevent1-0.8-150400.7.16.1 * libavahi-gobject0-debuginfo-0.8-150400.7.16.1 * avahi-compat-howl-devel-0.8-150400.7.16.1 * libhowl0-debuginfo-0.8-150400.7.16.1 * python3-avahi-0.8-150400.7.16.1 * libavahi-client3-debuginfo-0.8-150400.7.16.1 * libavahi-glib1-0.8-150400.7.16.1 * libavahi-qt5-1-debuginfo-0.8-150400.7.16.1 * avahi-debuginfo-0.8-150400.7.16.1 * libavahi-common3-0.8-150400.7.16.1 * python3-avahi-gtk-0.8-150400.7.16.1 * libavahi-core7-debuginfo-0.8-150400.7.16.1 * libavahi-ui-gtk3-0-0.8-150400.7.16.1 * avahi-autoipd-debuginfo-0.8-150400.7.16.1 * avahi-utils-0.8-150400.7.16.1 * libavahi-core7-0.8-150400.7.16.1 * openSUSE Leap 15.4 (x86_64) * libdns_sd-32bit-0.8-150400.7.16.1 * libavahi-common3-32bit-debuginfo-0.8-150400.7.16.1 * libdns_sd-32bit-debuginfo-0.8-150400.7.16.1 * libavahi-glib1-32bit-debuginfo-0.8-150400.7.16.1 * libavahi-client3-32bit-debuginfo-0.8-150400.7.16.1 * libavahi-client3-32bit-0.8-150400.7.16.1 * libavahi-glib1-32bit-0.8-150400.7.16.1 * avahi-32bit-debuginfo-0.8-150400.7.16.1 * libavahi-common3-32bit-0.8-150400.7.16.1 * openSUSE Leap 15.4 (noarch) * avahi-lang-0.8-150400.7.16.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libdns_sd-64bit-0.8-150400.7.16.1 * libdns_sd-64bit-debuginfo-0.8-150400.7.16.1 * libavahi-common3-64bit-0.8-150400.7.16.1 * libavahi-client3-64bit-debuginfo-0.8-150400.7.16.1 * libavahi-common3-64bit-debuginfo-0.8-150400.7.16.1 * libavahi-glib1-64bit-debuginfo-0.8-150400.7.16.1 * avahi-64bit-debuginfo-0.8-150400.7.16.1 * libavahi-client3-64bit-0.8-150400.7.16.1 * libavahi-glib1-64bit-0.8-150400.7.16.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * avahi-debugsource-0.8-150400.7.16.1 * libavahi-client3-debuginfo-0.8-150400.7.16.1 * avahi-debuginfo-0.8-150400.7.16.1 * libavahi-client3-0.8-150400.7.16.1 * libavahi-common3-0.8-150400.7.16.1 * libavahi-core7-debuginfo-0.8-150400.7.16.1 * libavahi-common3-debuginfo-0.8-150400.7.16.1 * libavahi-core7-0.8-150400.7.16.1 * avahi-0.8-150400.7.16.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * avahi-debugsource-0.8-150400.7.16.1 * libavahi-client3-debuginfo-0.8-150400.7.16.1 * avahi-debuginfo-0.8-150400.7.16.1 * libavahi-client3-0.8-150400.7.16.1 * libavahi-common3-0.8-150400.7.16.1 * libavahi-core7-debuginfo-0.8-150400.7.16.1 * libavahi-common3-debuginfo-0.8-150400.7.16.1 * libavahi-core7-0.8-150400.7.16.1 * avahi-0.8-150400.7.16.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libavahi-glib1-debuginfo-0.8-150400.7.16.1 * libavahi-glib-devel-0.8-150400.7.16.1 * libavahi-gobject-devel-0.8-150400.7.16.1 * avahi-utils-gtk-0.8-150400.7.16.1 * avahi-utils-gtk-debuginfo-0.8-150400.7.16.1 * avahi-0.8-150400.7.16.1 * libhowl0-0.8-150400.7.16.1 * libavahi-libevent1-debuginfo-0.8-150400.7.16.1 * libdns_sd-debuginfo-0.8-150400.7.16.1 * avahi-utils-debuginfo-0.8-150400.7.16.1 * libavahi-gobject0-0.8-150400.7.16.1 * libavahi-qt5-1-0.8-150400.7.16.1 * libavahi-qt5-devel-0.8-150400.7.16.1 * typelib-1_0-Avahi-0_6-0.8-150400.7.16.1 * libavahi-common3-debuginfo-0.8-150400.7.16.1 * avahi-compat-mDNSResponder-devel-0.8-150400.7.16.1 * libavahi-ui-gtk3-0-debuginfo-0.8-150400.7.16.1 * avahi-debugsource-0.8-150400.7.16.1 * libdns_sd-0.8-150400.7.16.1 * avahi-autoipd-0.8-150400.7.16.1 * avahi-qt5-debugsource-0.8-150400.7.16.1 * libavahi-client3-0.8-150400.7.16.1 * avahi-glib2-debugsource-0.8-150400.7.16.1 * libavahi-devel-0.8-150400.7.16.1 * libavahi-libevent1-0.8-150400.7.16.1 * libavahi-gobject0-debuginfo-0.8-150400.7.16.1 * avahi-compat-howl-devel-0.8-150400.7.16.1 * libhowl0-debuginfo-0.8-150400.7.16.1 * libavahi-glib1-0.8-150400.7.16.1 * libavahi-client3-debuginfo-0.8-150400.7.16.1 * python3-avahi-0.8-150400.7.16.1 * libavahi-qt5-1-debuginfo-0.8-150400.7.16.1 * avahi-debuginfo-0.8-150400.7.16.1 * libavahi-common3-0.8-150400.7.16.1 * python3-avahi-gtk-0.8-150400.7.16.1 * libavahi-core7-debuginfo-0.8-150400.7.16.1 * libavahi-ui-gtk3-0-0.8-150400.7.16.1 * avahi-autoipd-debuginfo-0.8-150400.7.16.1 * avahi-utils-0.8-150400.7.16.1 * libavahi-core7-0.8-150400.7.16.1 * openSUSE Leap 15.5 (x86_64) * libdns_sd-32bit-0.8-150400.7.16.1 * libavahi-common3-32bit-debuginfo-0.8-150400.7.16.1 * libdns_sd-32bit-debuginfo-0.8-150400.7.16.1 * libavahi-glib1-32bit-debuginfo-0.8-150400.7.16.1 * libavahi-client3-32bit-debuginfo-0.8-150400.7.16.1 * libavahi-client3-32bit-0.8-150400.7.16.1 * libavahi-glib1-32bit-0.8-150400.7.16.1 * avahi-32bit-debuginfo-0.8-150400.7.16.1 * libavahi-common3-32bit-0.8-150400.7.16.1 * openSUSE Leap 15.5 (noarch) * avahi-lang-0.8-150400.7.16.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * avahi-debugsource-0.8-150400.7.16.1 * libavahi-client3-debuginfo-0.8-150400.7.16.1 * avahi-debuginfo-0.8-150400.7.16.1 * libavahi-client3-0.8-150400.7.16.1 * libavahi-common3-0.8-150400.7.16.1 * libavahi-core7-debuginfo-0.8-150400.7.16.1 * libavahi-common3-debuginfo-0.8-150400.7.16.1 * libavahi-core7-0.8-150400.7.16.1 * avahi-0.8-150400.7.16.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * avahi-debugsource-0.8-150400.7.16.1 * libavahi-client3-debuginfo-0.8-150400.7.16.1 * avahi-debuginfo-0.8-150400.7.16.1 * libavahi-client3-0.8-150400.7.16.1 * libavahi-common3-0.8-150400.7.16.1 * libavahi-core7-debuginfo-0.8-150400.7.16.1 * libavahi-common3-debuginfo-0.8-150400.7.16.1 * libavahi-core7-0.8-150400.7.16.1 * avahi-0.8-150400.7.16.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * avahi-debugsource-0.8-150400.7.16.1 * libavahi-client3-debuginfo-0.8-150400.7.16.1 * avahi-debuginfo-0.8-150400.7.16.1 * libavahi-client3-0.8-150400.7.16.1 * libavahi-common3-0.8-150400.7.16.1 * libavahi-core7-debuginfo-0.8-150400.7.16.1 * libavahi-common3-debuginfo-0.8-150400.7.16.1 * libavahi-core7-0.8-150400.7.16.1 * avahi-0.8-150400.7.16.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * avahi-debugsource-0.8-150400.7.16.1 * libavahi-client3-debuginfo-0.8-150400.7.16.1 * avahi-debuginfo-0.8-150400.7.16.1 * libavahi-client3-0.8-150400.7.16.1 * libavahi-common3-0.8-150400.7.16.1 * libavahi-core7-debuginfo-0.8-150400.7.16.1 * libavahi-common3-debuginfo-0.8-150400.7.16.1 * libavahi-core7-0.8-150400.7.16.1 * avahi-0.8-150400.7.16.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * avahi-debugsource-0.8-150400.7.16.1 * libavahi-client3-debuginfo-0.8-150400.7.16.1 * avahi-debuginfo-0.8-150400.7.16.1 * libavahi-client3-0.8-150400.7.16.1 * libavahi-common3-0.8-150400.7.16.1 * libavahi-core7-debuginfo-0.8-150400.7.16.1 * libavahi-common3-debuginfo-0.8-150400.7.16.1 * libavahi-core7-0.8-150400.7.16.1 * avahi-0.8-150400.7.16.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libavahi-glib1-debuginfo-0.8-150400.7.16.1 * libavahi-glib-devel-0.8-150400.7.16.1 * avahi-0.8-150400.7.16.1 * libhowl0-0.8-150400.7.16.1 * libavahi-libevent1-debuginfo-0.8-150400.7.16.1 * libdns_sd-debuginfo-0.8-150400.7.16.1 * avahi-utils-debuginfo-0.8-150400.7.16.1 * libavahi-gobject0-0.8-150400.7.16.1 * typelib-1_0-Avahi-0_6-0.8-150400.7.16.1 * libavahi-common3-debuginfo-0.8-150400.7.16.1 * avahi-compat-mDNSResponder-devel-0.8-150400.7.16.1 * libavahi-ui-gtk3-0-debuginfo-0.8-150400.7.16.1 * avahi-debugsource-0.8-150400.7.16.1 * libdns_sd-0.8-150400.7.16.1 * libavahi-client3-0.8-150400.7.16.1 * avahi-glib2-debugsource-0.8-150400.7.16.1 * libavahi-devel-0.8-150400.7.16.1 * libavahi-libevent1-0.8-150400.7.16.1 * libavahi-gobject0-debuginfo-0.8-150400.7.16.1 * avahi-compat-howl-devel-0.8-150400.7.16.1 * libhowl0-debuginfo-0.8-150400.7.16.1 * libavahi-glib1-0.8-150400.7.16.1 * libavahi-client3-debuginfo-0.8-150400.7.16.1 * avahi-debuginfo-0.8-150400.7.16.1 * libavahi-common3-0.8-150400.7.16.1 * libavahi-core7-debuginfo-0.8-150400.7.16.1 * libavahi-ui-gtk3-0-0.8-150400.7.16.1 * avahi-utils-0.8-150400.7.16.1 * libavahi-core7-0.8-150400.7.16.1 * Basesystem Module 15-SP5 (noarch) * avahi-lang-0.8-150400.7.16.1 * Basesystem Module 15-SP5 (x86_64) * libavahi-common3-32bit-debuginfo-0.8-150400.7.16.1 * libavahi-client3-32bit-debuginfo-0.8-150400.7.16.1 * libavahi-client3-32bit-0.8-150400.7.16.1 * avahi-32bit-debuginfo-0.8-150400.7.16.1 * libavahi-common3-32bit-0.8-150400.7.16.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * avahi-debugsource-0.8-150400.7.16.1 * avahi-autoipd-0.8-150400.7.16.1 * libavahi-gobject-devel-0.8-150400.7.16.1 * avahi-debuginfo-0.8-150400.7.16.1 * avahi-glib2-debugsource-0.8-150400.7.16.1 * avahi-utils-gtk-0.8-150400.7.16.1 * avahi-autoipd-debuginfo-0.8-150400.7.16.1 * avahi-utils-gtk-debuginfo-0.8-150400.7.16.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * avahi-debugsource-0.8-150400.7.16.1 * avahi-debuginfo-0.8-150400.7.16.1 * python3-avahi-0.8-150400.7.16.1 ## References: * https://www.suse.com/security/cve/CVE-2023-38469.html * https://www.suse.com/security/cve/CVE-2023-38471.html * https://bugzilla.suse.com/show_bug.cgi?id=1216594 * https://bugzilla.suse.com/show_bug.cgi?id=1216598 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Mar 27 20:30:08 2024 From: null at suse.de (SLE-UPDATES) Date: Wed, 27 Mar 2024 20:30:08 -0000 Subject: SUSE-RU-2024:1013-1: moderate: Recommended update for grub2 Message-ID: <171157140847.16505.2479969941529679296@smelt2.prg2.suse.org> # Recommended update for grub2 Announcement ID: SUSE-RU-2024:1013-1 Rating: moderate References: * bsc#1221779 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for grub2 fixes the following issues: * Fix memdisk becomes the default boot entry, fixes no graphic display device error in guest vnc console (bsc#1221779) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1013=1 openSUSE-SLE-15.5-2024-1013=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1013=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1013=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1013=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * grub2-branding-upstream-2.06-150500.29.22.2 * grub2-debuginfo-2.06-150500.29.22.2 * grub2-2.06-150500.29.22.2 * openSUSE Leap 15.5 (aarch64 s390x x86_64 i586) * grub2-debugsource-2.06-150500.29.22.2 * openSUSE Leap 15.5 (noarch) * grub2-systemd-sleep-plugin-2.06-150500.29.22.2 * grub2-arm64-efi-debug-2.06-150500.29.22.2 * grub2-powerpc-ieee1275-debug-2.06-150500.29.22.2 * grub2-i386-efi-extras-2.06-150500.29.22.2 * grub2-arm64-efi-extras-2.06-150500.29.22.2 * grub2-x86_64-xen-extras-2.06-150500.29.22.2 * grub2-powerpc-ieee1275-extras-2.06-150500.29.22.2 * grub2-x86_64-efi-extras-2.06-150500.29.22.2 * grub2-i386-efi-debug-2.06-150500.29.22.2 * grub2-i386-xen-extras-2.06-150500.29.22.2 * grub2-snapper-plugin-2.06-150500.29.22.2 * grub2-x86_64-efi-debug-2.06-150500.29.22.2 * grub2-s390x-emu-extras-2.06-150500.29.22.2 * grub2-x86_64-efi-2.06-150500.29.22.2 * grub2-arm64-efi-2.06-150500.29.22.2 * grub2-x86_64-xen-2.06-150500.29.22.2 * grub2-i386-xen-2.06-150500.29.22.2 * grub2-i386-pc-debug-2.06-150500.29.22.2 * grub2-i386-efi-2.06-150500.29.22.2 * grub2-i386-pc-2.06-150500.29.22.2 * grub2-i386-pc-extras-2.06-150500.29.22.2 * grub2-powerpc-ieee1275-2.06-150500.29.22.2 * openSUSE Leap 15.5 (s390x) * grub2-s390x-emu-2.06-150500.29.22.2 * grub2-s390x-emu-debug-2.06-150500.29.22.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * grub2-debuginfo-2.06-150500.29.22.2 * grub2-debugsource-2.06-150500.29.22.2 * grub2-2.06-150500.29.22.2 * SUSE Linux Enterprise Micro 5.5 (noarch) * grub2-x86_64-xen-2.06-150500.29.22.2 * grub2-i386-pc-2.06-150500.29.22.2 * grub2-x86_64-efi-2.06-150500.29.22.2 * grub2-arm64-efi-2.06-150500.29.22.2 * grub2-snapper-plugin-2.06-150500.29.22.2 * SUSE Linux Enterprise Micro 5.5 (s390x) * grub2-s390x-emu-2.06-150500.29.22.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * grub2-debuginfo-2.06-150500.29.22.2 * grub2-2.06-150500.29.22.2 * Basesystem Module 15-SP5 (noarch) * grub2-snapper-plugin-2.06-150500.29.22.2 * grub2-systemd-sleep-plugin-2.06-150500.29.22.2 * grub2-i386-pc-2.06-150500.29.22.2 * grub2-x86_64-efi-2.06-150500.29.22.2 * grub2-arm64-efi-2.06-150500.29.22.2 * grub2-powerpc-ieee1275-2.06-150500.29.22.2 * Basesystem Module 15-SP5 (aarch64 s390x x86_64) * grub2-debugsource-2.06-150500.29.22.2 * Basesystem Module 15-SP5 (s390x) * grub2-s390x-emu-2.06-150500.29.22.2 * Server Applications Module 15-SP5 (noarch) * grub2-x86_64-xen-2.06-150500.29.22.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1221779 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 28 08:30:04 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 28 Mar 2024 08:30:04 -0000 Subject: SUSE-SU-2024:1023-1: important: Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP5) Message-ID: <171161460456.11650.5568869971607443905@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1023-1 Rating: important References: * bsc#1215887 * bsc#1216898 * bsc#1218487 * bsc#1218610 Cross-References: * CVE-2023-39191 * CVE-2023-46813 * CVE-2023-51779 * CVE-2023-6531 CVSS scores: * CVE-2023-39191 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-39191 ( NVD ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-46813 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-46813 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_12 fixes several issues. The following security issues were fixed: * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). * CVE-2023-46813: Fixed a local privilege escalation with user-space programs that have access to MMIO regions (bsc#1216898). * CVE-2023-39191: Fixed a lack of validation of dynamic pointers within user- supplied eBPF programs that may have allowed an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code. (bsc#1215863) * CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218610). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1027=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-1023=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1023=1 SUSE-2024-1027=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_7-default-8-150500.2.3 * kernel-livepatch-5_14_21-150500_55_12-default-debuginfo-8-150500.2.3 * kernel-livepatch-5_14_21-150500_55_7-default-debuginfo-8-150500.2.3 * kernel-livepatch-SLE15-SP5_Update_2-debugsource-8-150500.2.3 * kernel-livepatch-SLE15-SP5_Update_1-debugsource-8-150500.2.3 * kernel-livepatch-5_14_21-150500_55_12-default-8-150500.2.3 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_12-default-debuginfo-8-150500.2.3 * kernel-livepatch-SLE15-SP5_Update_2-debugsource-8-150500.2.3 * kernel-livepatch-5_14_21-150500_55_7-default-debuginfo-8-150500.2.3 * kernel-livepatch-5_14_21-150500_55_7-default-8-150500.2.3 * kernel-livepatch-SLE15-SP5_Update_1-debugsource-8-150500.2.3 * kernel-livepatch-5_14_21-150500_55_12-default-8-150500.2.3 ## References: * https://www.suse.com/security/cve/CVE-2023-39191.html * https://www.suse.com/security/cve/CVE-2023-46813.html * https://www.suse.com/security/cve/CVE-2023-51779.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://bugzilla.suse.com/show_bug.cgi?id=1215887 * https://bugzilla.suse.com/show_bug.cgi?id=1216898 * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1218610 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 28 08:30:07 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 28 Mar 2024 08:30:07 -0000 Subject: SUSE-SU-2024:1017-1: important: Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP3) Message-ID: <171161460772.11650.10932900375877480204@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 30 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1017-1 Rating: important References: * bsc#1218487 * bsc#1218610 Cross-References: * CVE-2023-51779 * CVE-2023-6531 CVSS scores: * CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_115 fixes several issues. The following security issues were fixed: * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). * CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218610). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1017=1 SUSE-SLE- Module-Live-Patching-15-SP2-2024-1018=1 SUSE-SLE-Module-Live- Patching-15-SP2-2024-1019=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1022=1 SUSE-2024-1020=1 SUSE-2024-1021=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1021=1 SUSE-SLE- Module-Live-Patching-15-SP3-2024-1022=1 SUSE-SLE-Module-Live- Patching-15-SP3-2024-1020=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP2_Update_39-debugsource-7-150200.2.3 * kernel-livepatch-5_3_18-150200_24_160-default-7-150200.2.3 * kernel-livepatch-5_3_18-150200_24_163-default-debuginfo-6-150200.2.3 * kernel-livepatch-SLE15-SP2_Update_40-debugsource-6-150200.2.3 * kernel-livepatch-5_3_18-150200_24_169-default-5-150200.2.3 * kernel-livepatch-SLE15-SP2_Update_42-debugsource-5-150200.2.3 * kernel-livepatch-5_3_18-150200_24_160-default-debuginfo-7-150200.2.3 * kernel-livepatch-5_3_18-150200_24_163-default-6-150200.2.3 * kernel-livepatch-5_3_18-150200_24_169-default-debuginfo-5-150200.2.3 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_124-default-9-150300.2.3 * kernel-livepatch-5_3_18-150300_59_141-default-5-150300.2.3 * kernel-livepatch-5_3_18-150300_59_115-default-12-150300.2.3 * kernel-livepatch-SLE15-SP3_Update_30-debugsource-12-150300.2.3 * kernel-livepatch-5_3_18-150300_59_141-default-debuginfo-5-150300.2.3 * kernel-livepatch-5_3_18-150300_59_115-default-debuginfo-12-150300.2.3 * kernel-livepatch-SLE15-SP3_Update_38-debugsource-5-150300.2.3 * kernel-livepatch-5_3_18-150300_59_124-default-debuginfo-9-150300.2.3 * kernel-livepatch-SLE15-SP3_Update_33-debugsource-9-150300.2.3 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_115-preempt-debuginfo-12-150300.2.3 * kernel-livepatch-5_3_18-150300_59_141-preempt-5-150300.2.3 * kernel-livepatch-5_3_18-150300_59_124-preempt-debuginfo-9-150300.2.3 * kernel-livepatch-5_3_18-150300_59_141-preempt-debuginfo-5-150300.2.3 * kernel-livepatch-5_3_18-150300_59_124-preempt-9-150300.2.3 * kernel-livepatch-5_3_18-150300_59_115-preempt-12-150300.2.3 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_124-default-9-150300.2.3 * kernel-livepatch-5_3_18-150300_59_115-default-12-150300.2.3 * kernel-livepatch-5_3_18-150300_59_141-default-5-150300.2.3 ## References: * https://www.suse.com/security/cve/CVE-2023-51779.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1218610 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 28 08:30:09 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 28 Mar 2024 08:30:09 -0000 Subject: SUSE-SU-2024:1025-1: important: Security update for the Linux Kernel (Live Patch 42 for SLE 12 SP5) Message-ID: <171161460956.11650.14661053208042117471@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 42 for SLE 12 SP5) Announcement ID: SUSE-SU-2024:1025-1 Rating: important References: * bsc#1218610 Cross-References: * CVE-2023-51779 CVSS scores: * CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_156 fixes one issue. The following security issue was fixed: * CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218610). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-1025=1 SUSE-SLE-Live- Patching-12-SP5-2024-1026=1 SUSE-SLE-Live-Patching-12-SP5-2024-1024=1 SUSE-SLE- Live-Patching-12-SP5-2024-1016=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_153-default-11-2.2 * kgraft-patch-4_12_14-122_183-default-5-2.2 * kgraft-patch-4_12_14-122_156-default-11-2.2 * kgraft-patch-4_12_14-122_173-default-7-2.2 ## References: * https://www.suse.com/security/cve/CVE-2023-51779.html * https://bugzilla.suse.com/show_bug.cgi?id=1218610 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 28 08:30:10 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 28 Mar 2024 08:30:10 -0000 Subject: SUSE-RU-2024:1015-1: important: Recommended update for sed Message-ID: <171161461097.11650.6909824329317001967@smelt2.prg2.suse.org> # Recommended update for sed Announcement ID: SUSE-RU-2024:1015-1 Rating: important References: * bsc#1221218 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for sed fixes the following issues: * "sed -i" now creates temporary files with correct umask (bsc#1221218) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1015=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1015=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1015=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1015=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1015=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1015=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1015=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1015=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-1015=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1015=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1015=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1015=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1015=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1015=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1015=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1015=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1015=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1015=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1015=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-1015=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1015=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1015=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1015=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1015=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1015=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * openSUSE Leap 15.3 (noarch) * sed-lang-4.4-150300.13.3.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * openSUSE Leap 15.5 (noarch) * sed-lang-4.4-150300.13.3.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * Basesystem Module 15-SP5 (noarch) * sed-lang-4.4-150300.13.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * sed-lang-4.4-150300.13.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * sed-lang-4.4-150300.13.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * sed-lang-4.4-150300.13.3.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * sed-lang-4.4-150300.13.3.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * sed-lang-4.4-150300.13.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * sed-lang-4.4-150300.13.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * sed-lang-4.4-150300.13.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * sed-lang-4.4-150300.13.3.1 * SUSE Manager Proxy 4.3 (x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * SUSE Manager Proxy 4.3 (noarch) * sed-lang-4.4-150300.13.3.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * sed-lang-4.4-150300.13.3.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * SUSE Manager Server 4.3 (noarch) * sed-lang-4.4-150300.13.3.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * SUSE Enterprise Storage 7.1 (noarch) * sed-lang-4.4-150300.13.3.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * sed-debuginfo-4.4-150300.13.3.1 * sed-debugsource-4.4-150300.13.3.1 * sed-4.4-150300.13.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1221218 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 28 12:30:09 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 28 Mar 2024 12:30:09 -0000 Subject: SUSE-SU-2024:1045-1: important: Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP5) Message-ID: <171162900950.7089.2941761461595272366@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 6 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1045-1 Rating: important References: * bsc#1215887 * bsc#1216898 * bsc#1218487 * bsc#1218610 Cross-References: * CVE-2023-39191 * CVE-2023-46813 * CVE-2023-51779 * CVE-2023-6531 CVSS scores: * CVE-2023-39191 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-39191 ( NVD ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-46813 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-46813 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_31 fixes several issues. The following security issues were fixed: * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). * CVE-2023-46813: Fixed a local privilege escalation with user-space programs that have access to MMIO regions (bsc#1216898). * CVE-2023-39191: Fixed a lack of validation of dynamic pointers within user- supplied eBPF programs that may have allowed an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code. (bsc#1215863) * CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218610). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1050=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-1051=1 SUSE-SLE-Module-Live- Patching-15-SP5-2024-1045=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1051=1 SUSE-2024-1045=1 SUSE-2024-1050=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_28-default-6-150500.2.3 * kernel-livepatch-5_14_21-150500_55_19-default-7-150500.2.3 * kernel-livepatch-5_14_21-150500_55_28-default-debuginfo-6-150500.2.3 * kernel-livepatch-5_14_21-150500_55_31-default-debuginfo-5-150500.2.3 * kernel-livepatch-5_14_21-150500_55_19-default-debuginfo-7-150500.2.3 * kernel-livepatch-5_14_21-150500_55_31-default-5-150500.2.3 * kernel-livepatch-SLE15-SP5_Update_5-debugsource-6-150500.2.3 * kernel-livepatch-SLE15-SP5_Update_6-debugsource-5-150500.2.3 * kernel-livepatch-SLE15-SP5_Update_3-debugsource-7-150500.2.3 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_28-default-6-150500.2.3 * kernel-livepatch-SLE15-SP5_Update_5-debugsource-6-150500.2.3 * kernel-livepatch-5_14_21-150500_55_28-default-debuginfo-6-150500.2.3 * kernel-livepatch-5_14_21-150500_55_31-default-debuginfo-5-150500.2.3 * kernel-livepatch-5_14_21-150500_55_19-default-debuginfo-7-150500.2.3 * kernel-livepatch-5_14_21-150500_55_31-default-5-150500.2.3 * kernel-livepatch-5_14_21-150500_55_19-default-7-150500.2.3 * kernel-livepatch-SLE15-SP5_Update_6-debugsource-5-150500.2.3 * kernel-livepatch-SLE15-SP5_Update_3-debugsource-7-150500.2.3 ## References: * https://www.suse.com/security/cve/CVE-2023-39191.html * https://www.suse.com/security/cve/CVE-2023-46813.html * https://www.suse.com/security/cve/CVE-2023-51779.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://bugzilla.suse.com/show_bug.cgi?id=1215887 * https://bugzilla.suse.com/show_bug.cgi?id=1216898 * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1218610 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 28 12:30:12 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 28 Mar 2024 12:30:12 -0000 Subject: SUSE-SU-2024:1040-1: important: Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP5) Message-ID: <171162901251.7089.9551554166450666210@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 8 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1040-1 Rating: important References: * bsc#1218487 * bsc#1218610 * bsc#1219157 Cross-References: * CVE-2023-51779 * CVE-2023-6531 CVSS scores: * CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_39 fixes several issues. The following security issues were fixed: * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). * CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218610). * Recommended fix for IO lock-ups on HBA355i with SLES 15SP5. (bsc#1219157) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1040=1 SUSE-2024-1052=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1040=1 SUSE-SLE- Module-Live-Patching-15-SP5-2024-1052=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_7-debugsource-4-150500.2.3 * kernel-livepatch-SLE15-SP5_Update_8-debugsource-4-150500.2.3 * kernel-livepatch-5_14_21-150500_55_39-default-debuginfo-4-150500.2.3 * kernel-livepatch-5_14_21-150500_55_36-default-4-150500.2.3 * kernel-livepatch-5_14_21-150500_55_39-default-4-150500.2.3 * kernel-livepatch-5_14_21-150500_55_36-default-debuginfo-4-150500.2.3 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_7-debugsource-4-150500.2.3 * kernel-livepatch-SLE15-SP5_Update_8-debugsource-4-150500.2.3 * kernel-livepatch-5_14_21-150500_55_39-default-debuginfo-4-150500.2.3 * kernel-livepatch-5_14_21-150500_55_36-default-4-150500.2.3 * kernel-livepatch-5_14_21-150500_55_39-default-4-150500.2.3 * kernel-livepatch-5_14_21-150500_55_36-default-debuginfo-4-150500.2.3 ## References: * https://www.suse.com/security/cve/CVE-2023-51779.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1218610 * https://bugzilla.suse.com/show_bug.cgi?id=1219157 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 28 12:30:16 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 28 Mar 2024 12:30:16 -0000 Subject: SUSE-SU-2024:1039-1: important: Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP5) Message-ID: <171162901616.7089.9010261297812085782@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:1039-1 Rating: important References: * bsc#1208911 * bsc#1215887 * bsc#1216898 * bsc#1218487 * bsc#1218610 Cross-References: * CVE-2023-0461 * CVE-2023-39191 * CVE-2023-46813 * CVE-2023-51779 * CVE-2023-6531 CVSS scores: * CVE-2023-0461 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-0461 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-39191 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-39191 ( NVD ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2023-46813 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-46813 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_53 fixes several issues. The following security issues were fixed: * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). * CVE-2023-46813: Fixed a local privilege escalation with user-space programs that have access to MMIO regions (bsc#1216898). * CVE-2023-39191: Fixed a lack of validation of dynamic pointers within user- supplied eBPF programs that may have allowed an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code. (bsc#1215863) * CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218610). * CVE-2023-0461: Fixed use-after-free in icsk_ulp_data (bsc#1208911). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1039=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1039=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_0-debugsource-9-150500.6.2 * kernel-livepatch-5_14_21-150500_53-default-9-150500.6.2 * kernel-livepatch-5_14_21-150500_53-default-debuginfo-9-150500.6.2 * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP5_Update_0-debugsource-9-150500.6.2 * kernel-livepatch-5_14_21-150500_53-default-9-150500.6.2 * kernel-livepatch-5_14_21-150500_53-default-debuginfo-9-150500.6.2 ## References: * https://www.suse.com/security/cve/CVE-2023-0461.html * https://www.suse.com/security/cve/CVE-2023-39191.html * https://www.suse.com/security/cve/CVE-2023-46813.html * https://www.suse.com/security/cve/CVE-2023-51779.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://bugzilla.suse.com/show_bug.cgi?id=1208911 * https://bugzilla.suse.com/show_bug.cgi?id=1215887 * https://bugzilla.suse.com/show_bug.cgi?id=1216898 * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1218610 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 28 12:30:20 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 28 Mar 2024 12:30:20 -0000 Subject: SUSE-SU-2024:1033-1: important: Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP3) Message-ID: <171162902086.7089.967469012180844292@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 40 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1033-1 Rating: important References: * bsc#1218487 Cross-References: * CVE-2023-6531 CVSS scores: * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_147 fixes one issue. The following security issue was fixed: * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1033=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1044=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1044=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_178-default-3-150200.2.3 * kernel-livepatch-5_3_18-150200_24_178-default-debuginfo-3-150200.2.3 * kernel-livepatch-SLE15-SP2_Update_45-debugsource-3-150200.2.3 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_147-default-debuginfo-4-150300.2.3 * kernel-livepatch-5_3_18-150300_59_147-default-4-150300.2.3 * kernel-livepatch-SLE15-SP3_Update_40-debugsource-4-150300.2.3 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_147-preempt-4-150300.2.3 * kernel-livepatch-5_3_18-150300_59_147-preempt-debuginfo-4-150300.2.3 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_147-default-4-150300.2.3 ## References: * https://www.suse.com/security/cve/CVE-2023-6531.html * https://bugzilla.suse.com/show_bug.cgi?id=1218487 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 28 12:30:23 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 28 Mar 2024 12:30:23 -0000 Subject: SUSE-SU-2024:1047-1: important: Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP3) Message-ID: <171162902383.7089.7084203237140499305@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1047-1 Rating: important References: * bsc#1218487 * bsc#1218610 Cross-References: * CVE-2023-51779 * CVE-2023-6531 CVSS scores: * CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_130 fixes several issues. The following security issues were fixed: * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). * CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218610). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1047=1 SUSE-SLE- Module-Live-Patching-15-SP2-2024-1031=1 SUSE-SLE-Module-Live- Patching-15-SP2-2024-1032=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1034=1 SUSE-2024-1038=1 SUSE-2024-1048=1 SUSE-2024-1049=1 SUSE-2024-1035=1 SUSE-2024-1036=1 SUSE-2024-1037=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1034=1 SUSE-SLE- Module-Live-Patching-15-SP3-2024-1038=1 SUSE-SLE-Module-Live- Patching-15-SP3-2024-1048=1 SUSE-SLE-Module-Live-Patching-15-SP3-2024-1049=1 SUSE-SLE-Module-Live-Patching-15-SP3-2024-1035=1 SUSE-SLE-Module-Live- Patching-15-SP3-2024-1036=1 SUSE-SLE-Module-Live-Patching-15-SP3-2024-1037=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP2_Update_41-debugsource-6-150200.2.3 * kernel-livepatch-5_3_18-150200_24_151-default-debuginfo-11-150200.2.3 * kernel-livepatch-SLE15-SP2_Update_36-debugsource-11-150200.2.3 * kernel-livepatch-5_3_18-150200_24_166-default-debuginfo-6-150200.2.3 * kernel-livepatch-5_3_18-150200_24_151-default-11-150200.2.3 * kernel-livepatch-5_3_18-150200_24_148-default-debuginfo-11-150200.2.3 * kernel-livepatch-5_3_18-150200_24_166-default-6-150200.2.3 * kernel-livepatch-SLE15-SP2_Update_35-debugsource-11-150200.2.3 * kernel-livepatch-5_3_18-150200_24_148-default-11-150200.2.3 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_32-debugsource-11-150300.2.3 * kernel-livepatch-SLE15-SP3_Update_36-debugsource-6-150300.2.3 * kernel-livepatch-5_3_18-150300_59_138-default-6-150300.2.3 * kernel-livepatch-5_3_18-150300_59_130-default-debuginfo-7-150300.2.3 * kernel-livepatch-5_3_18-150300_59_127-default-8-150300.2.3 * kernel-livepatch-5_3_18-150300_59_133-default-debuginfo-6-150300.2.3 * kernel-livepatch-5_3_18-150300_59_121-default-debuginfo-11-150300.2.3 * kernel-livepatch-5_3_18-150300_59_130-default-7-150300.2.3 * kernel-livepatch-5_3_18-150300_59_144-default-4-150300.2.3 * kernel-livepatch-SLE15-SP3_Update_39-debugsource-4-150300.2.3 * kernel-livepatch-5_3_18-150300_59_133-default-6-150300.2.3 * kernel-livepatch-SLE15-SP3_Update_34-debugsource-8-150300.2.3 * kernel-livepatch-5_3_18-150300_59_138-default-debuginfo-6-150300.2.3 * kernel-livepatch-5_3_18-150300_59_121-default-11-150300.2.3 * kernel-livepatch-SLE15-SP3_Update_37-debugsource-6-150300.2.3 * kernel-livepatch-5_3_18-150300_59_118-default-debuginfo-11-150300.2.3 * kernel-livepatch-5_3_18-150300_59_144-default-debuginfo-4-150300.2.3 * kernel-livepatch-5_3_18-150300_59_127-default-debuginfo-8-150300.2.3 * kernel-livepatch-SLE15-SP3_Update_31-debugsource-11-150300.2.3 * kernel-livepatch-SLE15-SP3_Update_35-debugsource-7-150300.2.3 * kernel-livepatch-5_3_18-150300_59_118-default-11-150300.2.3 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_133-preempt-debuginfo-6-150300.2.3 * kernel-livepatch-5_3_18-150300_59_118-preempt-debuginfo-11-150300.2.3 * kernel-livepatch-5_3_18-150300_59_127-preempt-debuginfo-8-150300.2.3 * kernel-livepatch-5_3_18-150300_59_144-preempt-4-150300.2.3 * kernel-livepatch-5_3_18-150300_59_130-preempt-debuginfo-7-150300.2.3 * kernel-livepatch-5_3_18-150300_59_121-preempt-debuginfo-11-150300.2.3 * kernel-livepatch-5_3_18-150300_59_144-preempt-debuginfo-4-150300.2.3 * kernel-livepatch-5_3_18-150300_59_130-preempt-7-150300.2.3 * kernel-livepatch-5_3_18-150300_59_127-preempt-8-150300.2.3 * kernel-livepatch-5_3_18-150300_59_133-preempt-6-150300.2.3 * kernel-livepatch-5_3_18-150300_59_138-preempt-debuginfo-6-150300.2.3 * kernel-livepatch-5_3_18-150300_59_118-preempt-11-150300.2.3 * kernel-livepatch-5_3_18-150300_59_138-preempt-6-150300.2.3 * kernel-livepatch-5_3_18-150300_59_121-preempt-11-150300.2.3 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_121-default-11-150300.2.3 * kernel-livepatch-5_3_18-150300_59_138-default-6-150300.2.3 * kernel-livepatch-5_3_18-150300_59_130-default-7-150300.2.3 * kernel-livepatch-5_3_18-150300_59_144-default-4-150300.2.3 * kernel-livepatch-5_3_18-150300_59_133-default-6-150300.2.3 * kernel-livepatch-5_3_18-150300_59_127-default-8-150300.2.3 * kernel-livepatch-5_3_18-150300_59_118-default-11-150300.2.3 ## References: * https://www.suse.com/security/cve/CVE-2023-51779.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1218610 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 28 12:30:27 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 28 Mar 2024 12:30:27 -0000 Subject: SUSE-SU-2024:1028-1: important: Security update for the Linux Kernel (Live Patch 51 for SLE 12 SP5) Message-ID: <171162902746.7089.3717648446827496125@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 51 for SLE 12 SP5) Announcement ID: SUSE-SU-2024:1028-1 Rating: important References: * bsc#1218610 Cross-References: * CVE-2023-51779 CVSS scores: * CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_186 fixes one issue. The following security issue was fixed: * CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218610). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-1042=1 SUSE-SLE-Live- Patching-12-SP5-2024-1030=1 SUSE-SLE-Live-Patching-12-SP5-2024-1043=1 SUSE-SLE- Live-Patching-12-SP5-2024-1028=1 SUSE-SLE-Live-Patching-12-SP5-2024-1041=1 SUSE- SLE-Live-Patching-12-SP5-2024-1029=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_176-default-6-2.2 * kgraft-patch-4_12_14-122_165-default-8-2.2 * kgraft-patch-4_12_14-122_159-default-10-2.2 * kgraft-patch-4_12_14-122_186-default-4-2.2 * kgraft-patch-4_12_14-122_162-default-9-2.2 * kgraft-patch-4_12_14-122_179-default-5-2.2 ## References: * https://www.suse.com/security/cve/CVE-2023-51779.html * https://bugzilla.suse.com/show_bug.cgi?id=1218610 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 28 12:39:34 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 28 Mar 2024 12:39:34 -0000 Subject: SUSE-SU-2024:1046-1: moderate: Security update for PackageKit Message-ID: <171162957405.10788.3766227779723064146@smelt2.prg2.suse.org> # Security update for PackageKit Announcement ID: SUSE-SU-2024:1046-1 Rating: moderate References: * bsc#1209138 * bsc#1218544 Cross-References: * CVE-2024-0217 CVSS scores: * CVE-2024-0217 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-0217 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * Desktop Applications Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for PackageKit fixes the following issues: * CVE-2024-0217: Check that Finished signal is emitted at most once (bsc#1218544). * Dropped unnecessary executable permission (bsc#1209138). ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1046=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1046=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1046=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1046=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * PackageKit-debugsource-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-debuginfo-1.2.4-150400.3.13.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.13.1 * PackageKit-backend-dnf-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-1.2.4-150400.3.13.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-1.2.4-150400.3.13.1 * PackageKit-backend-dnf-1.2.4-150400.3.13.1 * PackageKit-1.2.4-150400.3.13.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-1.2.4-150400.3.13.1 * PackageKit-devel-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-1.2.4-150400.3.13.1 * PackageKit-debuginfo-1.2.4-150400.3.13.1 * PackageKit-backend-zypp-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.13.1 * openSUSE Leap 15.4 (noarch) * PackageKit-branding-upstream-1.2.4-150400.3.13.1 * PackageKit-lang-1.2.4-150400.3.13.1 * openSUSE Leap 15.4 (x86_64) * libpackagekit-glib2-18-32bit-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-32bit-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-32bit-1.2.4-150400.3.13.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libpackagekit-glib2-18-64bit-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-64bit-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-64bit-1.2.4-150400.3.13.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * PackageKit-debugsource-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-debuginfo-1.2.4-150400.3.13.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.13.1 * PackageKit-backend-dnf-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-1.2.4-150400.3.13.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-1.2.4-150400.3.13.1 * PackageKit-backend-dnf-1.2.4-150400.3.13.1 * PackageKit-1.2.4-150400.3.13.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-1.2.4-150400.3.13.1 * PackageKit-devel-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-1.2.4-150400.3.13.1 * PackageKit-debuginfo-1.2.4-150400.3.13.1 * PackageKit-backend-zypp-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.13.1 * openSUSE Leap 15.5 (noarch) * PackageKit-branding-upstream-1.2.4-150400.3.13.1 * PackageKit-lang-1.2.4-150400.3.13.1 * openSUSE Leap 15.5 (x86_64) * libpackagekit-glib2-18-32bit-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-32bit-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-32bit-1.2.4-150400.3.13.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * PackageKit-debugsource-1.2.4-150400.3.13.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-1.2.4-150400.3.13.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.13.1 * PackageKit-1.2.4-150400.3.13.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.13.1 * PackageKit-devel-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-1.2.4-150400.3.13.1 * PackageKit-debuginfo-1.2.4-150400.3.13.1 * PackageKit-backend-zypp-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.13.1 * Desktop Applications Module 15-SP5 (noarch) * PackageKit-lang-1.2.4-150400.3.13.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * PackageKit-debugsource-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-1.2.4-150400.3.13.1 * PackageKit-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-1.2.4-150400.3.13.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0217.html * https://bugzilla.suse.com/show_bug.cgi?id=1209138 * https://bugzilla.suse.com/show_bug.cgi?id=1218544 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 28 16:30:02 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 28 Mar 2024 16:30:02 -0000 Subject: SUSE-RU-2024:1055-1: important: Recommended update for the Linux Kernel (Live Patch 9 for SLE 15 SP5) Message-ID: <171164340208.1234.5153750447431560782@smelt2.prg2.suse.org> # Recommended update for the Linux Kernel (Live Patch 9 for SLE 15 SP5) Announcement ID: SUSE-RU-2024:1055-1 Rating: important References: * bsc#1219157 Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_44 fixes one issue. The following bugs were fixed: * Recommended fix for IO lock-ups on HBA355i with SLES 15SP5. (bsc#1219157) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-1055=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1055=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_44-default-3-150500.2.2 * kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-3-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_9-debugsource-3-150500.2.2 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_44-default-3-150500.2.2 * kernel-livepatch-5_14_21-150500_55_44-default-debuginfo-3-150500.2.2 * kernel-livepatch-SLE15-SP5_Update_9-debugsource-3-150500.2.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219157 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 28 16:30:04 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 28 Mar 2024 16:30:04 -0000 Subject: SUSE-SU-2024:1054-1: important: Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3) Message-ID: <171164340449.1234.344959837667444681@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP3) Announcement ID: SUSE-SU-2024:1054-1 Rating: important References: * bsc#1218487 Cross-References: * CVE-2023-6531 CVSS scores: * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_150 fixes one issue. The following security issue was fixed: * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1054=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1056=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2024-1056=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_175-default-debuginfo-4-150200.2.3 * kernel-livepatch-SLE15-SP2_Update_44-debugsource-4-150200.2.3 * kernel-livepatch-5_3_18-150200_24_175-default-4-150200.2.3 * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP3_Update_41-debugsource-3-150300.2.3 * kernel-livepatch-5_3_18-150300_59_150-default-debuginfo-3-150300.2.3 * kernel-livepatch-5_3_18-150300_59_150-default-3-150300.2.3 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_150-preempt-debuginfo-3-150300.2.3 * kernel-livepatch-5_3_18-150300_59_150-preempt-3-150300.2.3 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_150-default-3-150300.2.3 ## References: * https://www.suse.com/security/cve/CVE-2023-6531.html * https://bugzilla.suse.com/show_bug.cgi?id=1218487 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 28 16:30:06 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 28 Mar 2024 16:30:06 -0000 Subject: SUSE-SU-2024:1053-1: important: Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP2) Message-ID: <171164340690.1234.12188102946685070028@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 43 for SLE 15 SP2) Announcement ID: SUSE-SU-2024:1053-1 Rating: important References: * bsc#1218487 * bsc#1218610 Cross-References: * CVE-2023-51779 * CVE-2023-6531 CVSS scores: * CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise Live Patching 15-SP2 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150200_24_183 fixes several issues. The following security issues were fixed: * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). * CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218610). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP2 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP2-2024-1061=1 SUSE-SLE- Module-Live-Patching-15-SP2-2024-1053=1 SUSE-SLE-Module-Live- Patching-15-SP2-2024-1060=1 SUSE-SLE-Module-Live-Patching-15-SP2-2024-1057=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP2 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150200_24_157-default-8-150200.2.3 * kernel-livepatch-5_3_18-150200_24_145-default-debuginfo-12-150200.2.3 * kernel-livepatch-5_3_18-150200_24_145-default-12-150200.2.3 * kernel-livepatch-SLE15-SP2_Update_34-debugsource-12-150200.2.3 * kernel-livepatch-5_3_18-150200_24_157-default-debuginfo-8-150200.2.3 * kernel-livepatch-SLE15-SP2_Update_38-debugsource-8-150200.2.3 * kernel-livepatch-5_3_18-150200_24_172-default-4-150200.2.3 * kernel-livepatch-5_3_18-150200_24_154-default-debuginfo-9-150200.2.3 * kernel-livepatch-5_3_18-150200_24_172-default-debuginfo-4-150200.2.3 * kernel-livepatch-SLE15-SP2_Update_37-debugsource-9-150200.2.3 * kernel-livepatch-5_3_18-150200_24_154-default-9-150200.2.3 * kernel-livepatch-SLE15-SP2_Update_43-debugsource-4-150200.2.3 ## References: * https://www.suse.com/security/cve/CVE-2023-51779.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1218610 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 28 16:30:08 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 28 Mar 2024 16:30:08 -0000 Subject: SUSE-RU-2024:1062-1: moderate: Recommended update for openssh Message-ID: <171164340807.1234.10804026434081032781@smelt2.prg2.suse.org> # Recommended update for openssh Announcement ID: SUSE-RU-2024:1062-1 Rating: moderate References: * bsc#1220110 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that has one fix can now be installed. ## Description: This update of openssh fixes the following issue: * remember the active state of the sshd service, so a seamless transition to openssh8.4 is possible. (bsc#1220110) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-1062=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1062=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1062=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-1062=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * openssh-testuser-0-81.17.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * openssh-7.2p2-81.17.1 * openssh-helpers-7.2p2-81.17.1 * openssh-helpers-debuginfo-7.2p2-81.17.1 * openssh-debugsource-7.2p2-81.17.1 * openssh-debuginfo-7.2p2-81.17.1 * openssh-fips-7.2p2-81.17.1 * openssh-askpass-gnome-debuginfo-7.2p2-81.17.1 * openssh-askpass-gnome-7.2p2-81.17.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * openssh-7.2p2-81.17.1 * openssh-helpers-7.2p2-81.17.1 * openssh-helpers-debuginfo-7.2p2-81.17.1 * openssh-debugsource-7.2p2-81.17.1 * openssh-debuginfo-7.2p2-81.17.1 * openssh-fips-7.2p2-81.17.1 * openssh-askpass-gnome-debuginfo-7.2p2-81.17.1 * openssh-askpass-gnome-7.2p2-81.17.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * openssh-7.2p2-81.17.1 * openssh-helpers-7.2p2-81.17.1 * openssh-helpers-debuginfo-7.2p2-81.17.1 * openssh-debugsource-7.2p2-81.17.1 * openssh-debuginfo-7.2p2-81.17.1 * openssh-fips-7.2p2-81.17.1 * openssh-askpass-gnome-debuginfo-7.2p2-81.17.1 * openssh-askpass-gnome-7.2p2-81.17.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1220110 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 28 16:30:09 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 28 Mar 2024 16:30:09 -0000 Subject: SUSE-SU-2024:1059-1: important: Security update for podman Message-ID: <171164340906.1234.18380772014367404284@smelt2.prg2.suse.org> # Security update for podman Announcement ID: SUSE-SU-2024:1059-1 Rating: important References: * bsc#1221677 Cross-References: * CVE-2024-1753 CVSS scores: * CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves one vulnerability can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2024-1753: Fixed full container escape at build time in buildah (bsc#1221677). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-1059=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1059=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1059=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1059=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1059=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1059=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1059=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1059=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * podman-debuginfo-4.4.4-150300.9.26.2 * podman-remote-debuginfo-4.4.4-150300.9.26.2 * podman-remote-4.4.4-150300.9.26.2 * podman-4.4.4-150300.9.26.2 * openSUSE Leap 15.3 (noarch) * podman-cni-config-4.4.4-150300.9.26.2 * podman-docker-4.4.4-150300.9.26.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * podman-4.4.4-150300.9.26.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * podman-cni-config-4.4.4-150300.9.26.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * podman-4.4.4-150300.9.26.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * podman-cni-config-4.4.4-150300.9.26.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * podman-4.4.4-150300.9.26.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * podman-cni-config-4.4.4-150300.9.26.2 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * podman-debuginfo-4.4.4-150300.9.26.2 * podman-4.4.4-150300.9.26.2 * SUSE Enterprise Storage 7.1 (noarch) * podman-cni-config-4.4.4-150300.9.26.2 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * podman-4.4.4-150300.9.26.2 * SUSE Linux Enterprise Micro 5.1 (noarch) * podman-cni-config-4.4.4-150300.9.26.2 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * podman-debuginfo-4.4.4-150300.9.26.2 * podman-4.4.4-150300.9.26.2 * SUSE Linux Enterprise Micro 5.2 (noarch) * podman-cni-config-4.4.4-150300.9.26.2 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * podman-debuginfo-4.4.4-150300.9.26.2 * podman-4.4.4-150300.9.26.2 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * podman-cni-config-4.4.4-150300.9.26.2 ## References: * https://www.suse.com/security/cve/CVE-2024-1753.html * https://bugzilla.suse.com/show_bug.cgi?id=1221677 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 28 16:30:11 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 28 Mar 2024 16:30:11 -0000 Subject: SUSE-SU-2024:1058-1: important: Security update for podman Message-ID: <171164341150.1234.11281913249956108312@smelt2.prg2.suse.org> # Security update for podman Announcement ID: SUSE-SU-2024:1058-1 Rating: important References: * bsc#1221677 Cross-References: * CVE-2024-1753 CVSS scores: * CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves one vulnerability can now be installed. ## Description: This update for podman fixes the following issues: * CVE-2024-1753: Fixed full container escape at build time (bsc#1221677). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1058=1 * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1058=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1058=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1058=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-1058=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1058=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-1058=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1058=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1058=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1058=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1058=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * podman-debuginfo-4.4.4-150400.4.22.1 * podman-remote-debuginfo-4.4.4-150400.4.22.1 * podman-4.4.4-150400.4.22.1 * podman-remote-4.4.4-150400.4.22.1 * openSUSE Leap 15.4 (noarch) * podman-docker-4.4.4-150400.4.22.1 * podman-cni-config-4.4.4-150400.4.22.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * podman-debuginfo-4.4.4-150400.4.22.1 * podman-4.4.4-150400.4.22.1 * openSUSE Leap Micro 5.3 (noarch) * podman-cni-config-4.4.4-150400.4.22.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * podman-debuginfo-4.4.4-150400.4.22.1 * podman-4.4.4-150400.4.22.1 * openSUSE Leap Micro 5.4 (noarch) * podman-cni-config-4.4.4-150400.4.22.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * podman-debuginfo-4.4.4-150400.4.22.1 * podman-4.4.4-150400.4.22.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * podman-cni-config-4.4.4-150400.4.22.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * podman-debuginfo-4.4.4-150400.4.22.1 * podman-4.4.4-150400.4.22.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * podman-cni-config-4.4.4-150400.4.22.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * podman-debuginfo-4.4.4-150400.4.22.1 * podman-4.4.4-150400.4.22.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * podman-cni-config-4.4.4-150400.4.22.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * podman-debuginfo-4.4.4-150400.4.22.1 * podman-4.4.4-150400.4.22.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * podman-cni-config-4.4.4-150400.4.22.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * podman-debuginfo-4.4.4-150400.4.22.1 * podman-remote-debuginfo-4.4.4-150400.4.22.1 * podman-4.4.4-150400.4.22.1 * podman-remote-4.4.4-150400.4.22.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * podman-docker-4.4.4-150400.4.22.1 * podman-cni-config-4.4.4-150400.4.22.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * podman-debuginfo-4.4.4-150400.4.22.1 * podman-remote-debuginfo-4.4.4-150400.4.22.1 * podman-4.4.4-150400.4.22.1 * podman-remote-4.4.4-150400.4.22.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * podman-docker-4.4.4-150400.4.22.1 * podman-cni-config-4.4.4-150400.4.22.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * podman-debuginfo-4.4.4-150400.4.22.1 * podman-remote-debuginfo-4.4.4-150400.4.22.1 * podman-4.4.4-150400.4.22.1 * podman-remote-4.4.4-150400.4.22.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * podman-docker-4.4.4-150400.4.22.1 * podman-cni-config-4.4.4-150400.4.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * podman-debuginfo-4.4.4-150400.4.22.1 * podman-remote-debuginfo-4.4.4-150400.4.22.1 * podman-4.4.4-150400.4.22.1 * podman-remote-4.4.4-150400.4.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * podman-docker-4.4.4-150400.4.22.1 * podman-cni-config-4.4.4-150400.4.22.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1753.html * https://bugzilla.suse.com/show_bug.cgi?id=1221677 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 28 16:30:12 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 28 Mar 2024 16:30:12 -0000 Subject: SUSE-SU-2024:1046-1: moderate: Security update for PackageKit Message-ID: <171164341252.1234.3715475810861860504@smelt2.prg2.suse.org> # Security update for PackageKit Announcement ID: SUSE-SU-2024:1046-1 Rating: moderate References: * bsc#1209138 * bsc#1218544 Cross-References: * CVE-2024-0217 CVSS scores: * CVE-2024-0217 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-0217 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * Desktop Applications Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for PackageKit fixes the following issues: * CVE-2024-0217: Check that Finished signal is emitted at most once (bsc#1218544). * Dropped unnecessary executable permission (bsc#1209138). ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1046=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1046=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1046=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1046=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * PackageKit-backend-zypp-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-1.2.4-150400.3.13.1 * PackageKit-backend-dnf-1.2.4-150400.3.13.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.13.1 * PackageKit-devel-1.2.4-150400.3.13.1 * PackageKit-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-debuginfo-1.2.4-150400.3.13.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.13.1 * PackageKit-1.2.4-150400.3.13.1 * PackageKit-debugsource-1.2.4-150400.3.13.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-1.2.4-150400.3.13.1 * PackageKit-backend-dnf-debuginfo-1.2.4-150400.3.13.1 * openSUSE Leap 15.4 (noarch) * PackageKit-lang-1.2.4-150400.3.13.1 * PackageKit-branding-upstream-1.2.4-150400.3.13.1 * openSUSE Leap 15.4 (x86_64) * libpackagekit-glib2-18-32bit-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-32bit-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-32bit-debuginfo-1.2.4-150400.3.13.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libpackagekit-glib2-18-64bit-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-64bit-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-64bit-debuginfo-1.2.4-150400.3.13.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * PackageKit-backend-zypp-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-1.2.4-150400.3.13.1 * PackageKit-backend-dnf-1.2.4-150400.3.13.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.13.1 * PackageKit-devel-1.2.4-150400.3.13.1 * PackageKit-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-debuginfo-1.2.4-150400.3.13.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.13.1 * PackageKit-1.2.4-150400.3.13.1 * PackageKit-debugsource-1.2.4-150400.3.13.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-1.2.4-150400.3.13.1 * PackageKit-backend-dnf-debuginfo-1.2.4-150400.3.13.1 * openSUSE Leap 15.5 (noarch) * PackageKit-lang-1.2.4-150400.3.13.1 * PackageKit-branding-upstream-1.2.4-150400.3.13.1 * openSUSE Leap 15.5 (x86_64) * libpackagekit-glib2-18-32bit-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-32bit-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-32bit-debuginfo-1.2.4-150400.3.13.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * PackageKit-backend-zypp-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.13.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.13.1 * PackageKit-devel-1.2.4-150400.3.13.1 * PackageKit-debuginfo-1.2.4-150400.3.13.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.13.1 * PackageKit-1.2.4-150400.3.13.1 * PackageKit-debugsource-1.2.4-150400.3.13.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-1.2.4-150400.3.13.1 * Desktop Applications Module 15-SP5 (noarch) * PackageKit-lang-1.2.4-150400.3.13.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * PackageKit-gtk3-module-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-1.2.4-150400.3.13.1 * PackageKit-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-debuginfo-1.2.4-150400.3.13.1 * PackageKit-debugsource-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-1.2.4-150400.3.13.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0217.html * https://bugzilla.suse.com/show_bug.cgi?id=1209138 * https://bugzilla.suse.com/show_bug.cgi?id=1218544 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 28 16:33:14 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 28 Mar 2024 16:33:14 -0000 Subject: SUSE-SU-2024:1046-1: moderate: Security update for PackageKit Message-ID: <171164359475.29338.15641172565251561727@smelt2.prg2.suse.org> # Security update for PackageKit Announcement ID: SUSE-SU-2024:1046-1 Rating: moderate References: * bsc#1209138 * bsc#1218544 Cross-References: * CVE-2024-0217 CVSS scores: * CVE-2024-0217 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-0217 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * Desktop Applications Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for PackageKit fixes the following issues: * CVE-2024-0217: Check that Finished signal is emitted at most once (bsc#1218544). * Dropped unnecessary executable permission (bsc#1209138). ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1046=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1046=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1046=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1046=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * PackageKit-backend-zypp-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-1.2.4-150400.3.13.1 * PackageKit-backend-dnf-1.2.4-150400.3.13.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.13.1 * PackageKit-devel-1.2.4-150400.3.13.1 * PackageKit-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-debuginfo-1.2.4-150400.3.13.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.13.1 * PackageKit-1.2.4-150400.3.13.1 * PackageKit-debugsource-1.2.4-150400.3.13.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-1.2.4-150400.3.13.1 * PackageKit-backend-dnf-debuginfo-1.2.4-150400.3.13.1 * openSUSE Leap 15.4 (noarch) * PackageKit-lang-1.2.4-150400.3.13.1 * PackageKit-branding-upstream-1.2.4-150400.3.13.1 * openSUSE Leap 15.4 (x86_64) * libpackagekit-glib2-18-32bit-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-32bit-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-32bit-debuginfo-1.2.4-150400.3.13.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libpackagekit-glib2-18-64bit-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-64bit-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-64bit-debuginfo-1.2.4-150400.3.13.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * PackageKit-backend-zypp-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-1.2.4-150400.3.13.1 * PackageKit-backend-dnf-1.2.4-150400.3.13.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.13.1 * PackageKit-devel-1.2.4-150400.3.13.1 * PackageKit-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-debuginfo-1.2.4-150400.3.13.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.13.1 * PackageKit-1.2.4-150400.3.13.1 * PackageKit-debugsource-1.2.4-150400.3.13.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-1.2.4-150400.3.13.1 * PackageKit-backend-dnf-debuginfo-1.2.4-150400.3.13.1 * openSUSE Leap 15.5 (noarch) * PackageKit-lang-1.2.4-150400.3.13.1 * PackageKit-branding-upstream-1.2.4-150400.3.13.1 * openSUSE Leap 15.5 (x86_64) * libpackagekit-glib2-18-32bit-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-32bit-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-32bit-debuginfo-1.2.4-150400.3.13.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * PackageKit-backend-zypp-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.13.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.13.1 * PackageKit-devel-1.2.4-150400.3.13.1 * PackageKit-debuginfo-1.2.4-150400.3.13.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.13.1 * PackageKit-1.2.4-150400.3.13.1 * PackageKit-debugsource-1.2.4-150400.3.13.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-1.2.4-150400.3.13.1 * Desktop Applications Module 15-SP5 (noarch) * PackageKit-lang-1.2.4-150400.3.13.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * PackageKit-gtk3-module-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-1.2.4-150400.3.13.1 * PackageKit-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-debuginfo-1.2.4-150400.3.13.1 * PackageKit-debugsource-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-1.2.4-150400.3.13.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0217.html * https://bugzilla.suse.com/show_bug.cgi?id=1209138 * https://bugzilla.suse.com/show_bug.cgi?id=1218544 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Mar 28 16:36:16 2024 From: null at suse.de (SLE-UPDATES) Date: Thu, 28 Mar 2024 16:36:16 -0000 Subject: SUSE-SU-2024:1046-1: moderate: Security update for PackageKit Message-ID: <171164377682.1391.2312289374531870658@smelt2.prg2.suse.org> # Security update for PackageKit Announcement ID: SUSE-SU-2024:1046-1 Rating: moderate References: * bsc#1209138 * bsc#1218544 Cross-References: * CVE-2024-0217 CVSS scores: * CVE-2024-0217 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-0217 ( NVD ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L Affected Products: * Desktop Applications Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for PackageKit fixes the following issues: * CVE-2024-0217: Check that Finished signal is emitted at most once (bsc#1218544). * Dropped unnecessary executable permission (bsc#1209138). ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1046=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-1046=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1046=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1046=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * PackageKit-debugsource-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-debuginfo-1.2.4-150400.3.13.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.13.1 * PackageKit-backend-dnf-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-1.2.4-150400.3.13.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-1.2.4-150400.3.13.1 * PackageKit-backend-dnf-1.2.4-150400.3.13.1 * PackageKit-1.2.4-150400.3.13.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-1.2.4-150400.3.13.1 * PackageKit-devel-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-1.2.4-150400.3.13.1 * PackageKit-debuginfo-1.2.4-150400.3.13.1 * PackageKit-backend-zypp-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.13.1 * openSUSE Leap 15.4 (noarch) * PackageKit-branding-upstream-1.2.4-150400.3.13.1 * PackageKit-lang-1.2.4-150400.3.13.1 * openSUSE Leap 15.4 (x86_64) * libpackagekit-glib2-18-32bit-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-32bit-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-32bit-1.2.4-150400.3.13.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libpackagekit-glib2-18-64bit-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-64bit-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-64bit-1.2.4-150400.3.13.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * PackageKit-debugsource-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-debuginfo-1.2.4-150400.3.13.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.13.1 * PackageKit-backend-dnf-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-1.2.4-150400.3.13.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-1.2.4-150400.3.13.1 * PackageKit-backend-dnf-1.2.4-150400.3.13.1 * PackageKit-1.2.4-150400.3.13.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-1.2.4-150400.3.13.1 * PackageKit-devel-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-1.2.4-150400.3.13.1 * PackageKit-debuginfo-1.2.4-150400.3.13.1 * PackageKit-backend-zypp-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.13.1 * openSUSE Leap 15.5 (noarch) * PackageKit-branding-upstream-1.2.4-150400.3.13.1 * PackageKit-lang-1.2.4-150400.3.13.1 * openSUSE Leap 15.5 (x86_64) * libpackagekit-glib2-18-32bit-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-32bit-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-32bit-1.2.4-150400.3.13.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * PackageKit-debugsource-1.2.4-150400.3.13.1 * PackageKit-backend-zypp-debuginfo-1.2.4-150400.3.13.1 * libpackagekit-glib2-devel-1.2.4-150400.3.13.1 * typelib-1_0-PackageKitGlib-1_0-1.2.4-150400.3.13.1 * PackageKit-1.2.4-150400.3.13.1 * PackageKit-devel-debuginfo-1.2.4-150400.3.13.1 * PackageKit-devel-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-1.2.4-150400.3.13.1 * PackageKit-debuginfo-1.2.4-150400.3.13.1 * PackageKit-backend-zypp-1.2.4-150400.3.13.1 * libpackagekit-glib2-18-debuginfo-1.2.4-150400.3.13.1 * Desktop Applications Module 15-SP5 (noarch) * PackageKit-lang-1.2.4-150400.3.13.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * PackageKit-debugsource-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gstreamer-plugin-1.2.4-150400.3.13.1 * PackageKit-debuginfo-1.2.4-150400.3.13.1 * PackageKit-gtk3-module-1.2.4-150400.3.13.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0217.html * https://bugzilla.suse.com/show_bug.cgi?id=1209138 * https://bugzilla.suse.com/show_bug.cgi?id=1218544 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 29 16:30:02 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 29 Mar 2024 16:30:02 -0000 Subject: SUSE-SU-2024:1072-1: important: Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP4) Message-ID: <171172980231.3765.16480684612012937369@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 21 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:1072-1 Rating: important References: * bsc#1218487 * bsc#1218610 Cross-References: * CVE-2023-51779 * CVE-2023-6531 CVSS scores: * CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves two vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_100 fixes several issues. The following security issues were fixed: * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). * CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218610). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1072=1 SUSE-2024-1073=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1072=1 SUSE-SLE- Module-Live-Patching-15-SP4-2024-1073=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_20-debugsource-4-150400.2.3 * kernel-livepatch-5_14_21-150400_24_97-default-4-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_21-debugsource-4-150400.2.3 * kernel-livepatch-5_14_21-150400_24_100-default-debuginfo-4-150400.2.3 * kernel-livepatch-5_14_21-150400_24_100-default-4-150400.2.3 * kernel-livepatch-5_14_21-150400_24_97-default-debuginfo-4-150400.2.3 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_20-debugsource-4-150400.2.3 * kernel-livepatch-5_14_21-150400_24_97-default-4-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_21-debugsource-4-150400.2.3 * kernel-livepatch-5_14_21-150400_24_100-default-debuginfo-4-150400.2.3 * kernel-livepatch-5_14_21-150400_24_100-default-4-150400.2.3 * kernel-livepatch-5_14_21-150400_24_97-default-debuginfo-4-150400.2.3 ## References: * https://www.suse.com/security/cve/CVE-2023-51779.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1218610 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Mar 29 16:30:03 2024 From: null at suse.de (SLE-UPDATES) Date: Fri, 29 Mar 2024 16:30:03 -0000 Subject: SUSE-SU-2024:1063-1: important: Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP4) Message-ID: <171172980398.3765.8287064621098029991@smelt2.prg2.suse.org> # Security update for the Linux Kernel (Live Patch 18 for SLE 15 SP4) Announcement ID: SUSE-SU-2024:1063-1 Rating: important References: * bsc#1216898 * bsc#1218487 * bsc#1218610 Cross-References: * CVE-2023-46813 * CVE-2023-51779 * CVE-2023-6531 CVSS scores: * CVE-2023-46813 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-46813 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-51779 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6531 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150400_24_88 fixes several issues. The following security issues were fixed: * CVE-2023-6531: Fixed a use-after-free flaw due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic()on the socket that the SKB is queued on (bsc#1218487). * CVE-2023-46813: Fixed a local privilege escalation with user-space programs that have access to MMIO regions (bsc#1216898). * CVE-2023-51779: Fixed a use-after-free because of a bt_sock_ioctl race condition in bt_sock_recvmsg (bsc#1218610). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-1064=1 SUSE-2024-1065=1 SUSE-2024-1066=1 SUSE-2024-1067=1 SUSE-2024-1068=1 SUSE-2024-1069=1 SUSE-2024-1071=1 SUSE-2024-1070=1 SUSE-2024-1063=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2024-1064=1 SUSE-SLE- Module-Live-Patching-15-SP4-2024-1065=1 SUSE-SLE-Module-Live- Patching-15-SP4-2024-1066=1 SUSE-SLE-Module-Live-Patching-15-SP4-2024-1067=1 SUSE-SLE-Module-Live-Patching-15-SP4-2024-1068=1 SUSE-SLE-Module-Live- Patching-15-SP4-2024-1069=1 SUSE-SLE-Module-Live-Patching-15-SP4-2024-1071=1 SUSE-SLE-Module-Live-Patching-15-SP4-2024-1070=1 SUSE-SLE-Module-Live- Patching-15-SP4-2024-1063=1 ## Package List: * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_10-debugsource-12-150400.2.3 * kernel-livepatch-5_14_21-150400_24_74-default-8-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_18-debugsource-6-150400.2.2 * kernel-livepatch-5_14_21-150400_24_60-default-11-150400.2.3 * kernel-livepatch-5_14_21-150400_24_63-default-debuginfo-11-150400.2.3 * kernel-livepatch-5_14_21-150400_24_81-default-7-150400.2.3 * kernel-livepatch-5_14_21-150400_24_88-default-6-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_16-debugsource-7-150400.2.3 * kernel-livepatch-5_14_21-150400_24_69-default-8-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_12-debugsource-11-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_13-debugsource-9-150400.2.3 * kernel-livepatch-5_14_21-150400_24_92-default-5-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_11-debugsource-11-150400.2.3 * kernel-livepatch-5_14_21-150400_24_60-default-debuginfo-11-150400.2.3 * kernel-livepatch-5_14_21-150400_24_74-default-debuginfo-8-150400.2.3 * kernel-livepatch-5_14_21-150400_24_55-default-12-150400.2.3 * kernel-livepatch-5_14_21-150400_24_66-default-debuginfo-9-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_14-debugsource-8-150400.2.3 * kernel-livepatch-5_14_21-150400_24_81-default-debuginfo-7-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_19-debugsource-5-150400.2.3 * kernel-livepatch-5_14_21-150400_24_69-default-debuginfo-8-150400.2.3 * kernel-livepatch-5_14_21-150400_24_92-default-debuginfo-5-150400.2.3 * kernel-livepatch-5_14_21-150400_24_63-default-11-150400.2.3 * kernel-livepatch-5_14_21-150400_24_66-default-9-150400.2.3 * kernel-livepatch-5_14_21-150400_24_88-default-debuginfo-6-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_15-debugsource-8-150400.2.3 * kernel-livepatch-5_14_21-150400_24_55-default-debuginfo-12-150400.2.3 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-SLE15-SP4_Update_10-debugsource-12-150400.2.3 * kernel-livepatch-5_14_21-150400_24_74-default-8-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_18-debugsource-6-150400.2.2 * kernel-livepatch-5_14_21-150400_24_60-default-11-150400.2.3 * kernel-livepatch-5_14_21-150400_24_63-default-debuginfo-11-150400.2.3 * kernel-livepatch-5_14_21-150400_24_81-default-7-150400.2.3 * kernel-livepatch-5_14_21-150400_24_88-default-6-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_16-debugsource-7-150400.2.3 * kernel-livepatch-5_14_21-150400_24_69-default-8-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_12-debugsource-11-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_13-debugsource-9-150400.2.3 * kernel-livepatch-5_14_21-150400_24_92-default-5-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_11-debugsource-11-150400.2.3 * kernel-livepatch-5_14_21-150400_24_60-default-debuginfo-11-150400.2.3 * kernel-livepatch-5_14_21-150400_24_74-default-debuginfo-8-150400.2.3 * kernel-livepatch-5_14_21-150400_24_55-default-12-150400.2.3 * kernel-livepatch-5_14_21-150400_24_66-default-debuginfo-9-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_14-debugsource-8-150400.2.3 * kernel-livepatch-5_14_21-150400_24_81-default-debuginfo-7-150400.2.3 * kernel-livepatch-SLE15-SP4_Update_19-debugsource-5-150400.2.3 * kernel-livepatch-5_14_21-150400_24_69-default-debuginfo-8-150400.2.3 * kernel-livepatch-5_14_21-150400_24_92-default-debuginfo-5-150400.2.3 * kernel-livepatch-5_14_21-150400_24_63-default-11-150400.2.3 * kernel-livepatch-5_14_21-150400_24_66-default-9-150400.2.3 * kernel-livepatch-5_14_21-150400_24_88-default-debuginfo-6-150400.2.2 * kernel-livepatch-SLE15-SP4_Update_15-debugsource-8-150400.2.3 * kernel-livepatch-5_14_21-150400_24_55-default-debuginfo-12-150400.2.3 ## References: * https://www.suse.com/security/cve/CVE-2023-46813.html * https://www.suse.com/security/cve/CVE-2023-51779.html * https://www.suse.com/security/cve/CVE-2023-6531.html * https://bugzilla.suse.com/show_bug.cgi?id=1216898 * https://bugzilla.suse.com/show_bug.cgi?id=1218487 * https://bugzilla.suse.com/show_bug.cgi?id=1218610 -------------- next part -------------- An HTML attachment was scrubbed... URL: