From null at suse.de Fri Nov 1 16:30:21 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 01 Nov 2024 16:30:21 -0000 Subject: SUSE-SU-2024:3875-1: moderate: Security update for java-11-openjdk Message-ID: <173047862107.4695.8732248475451382970@smelt2.prg2.suse.org> # Security update for java-11-openjdk Announcement ID: SUSE-SU-2024:3875-1 Release Date: 2024-11-01T15:29:10Z Rating: moderate References: * bsc#1231702 * bsc#1231711 * bsc#1231716 * bsc#1231719 Cross-References: * CVE-2024-21208 * CVE-2024-21210 * CVE-2024-21217 * CVE-2024-21235 CVSS scores: * CVE-2024-21208 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-21208 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21208 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21210 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-21210 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21210 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21217 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-21217 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21217 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21235 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-21235 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21235 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP5 * Legacy Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for java-11-openjdk fixes the following issues: Updated to version 11.0.25+9 (October 2024 CPU): * CVE-2024-21208: Fixed partial DoS in component Networking (bsc#1231702) * CVE-2024-21210: Fixed unauthorized read/write access to data in component Hotspot (bsc#1231711) * CVE-2024-21217: Fixed partial DoS in component Serialization (bsc#1231716) * CVE-2024-21235: Fixed unauthorized read/write access to data in component Hotspot (bsc#1231719) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3875=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3875=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3875=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-3875=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3875=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3875=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3875=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3875=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3875=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3875=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3875=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3875=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3875=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3875=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3875=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3875=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3875=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3875=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-src-11.0.25.0-150000.3.119.1 * java-11-openjdk-debuginfo-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-jmods-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * openSUSE Leap 15.5 (noarch) * java-11-openjdk-javadoc-11.0.25.0-150000.3.119.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-debuginfo-11.0.25.0-150000.3.119.1 * java-11-openjdk-src-11.0.25.0-150000.3.119.1 * java-11-openjdk-debuginfo-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-jmods-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-debuginfo-11.0.25.0-150000.3.119.1 * openSUSE Leap 15.6 (noarch) * java-11-openjdk-javadoc-11.0.25.0-150000.3.119.1 * Basesystem Module 15-SP5 (ppc64le x86_64) * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * Legacy Module 15-SP6 (ppc64le s390x) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-debuginfo-11.0.25.0-150000.3.119.1 * java-11-openjdk-debuginfo-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-debuginfo-11.0.25.0-150000.3.119.1 * SUSE Package Hub 15 15-SP5 (noarch) * java-11-openjdk-javadoc-11.0.25.0-150000.3.119.1 * SUSE Package Hub 15 15-SP6 (noarch) * java-11-openjdk-javadoc-11.0.25.0-150000.3.119.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 s390x) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-debuginfo-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (s390x) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-debuginfo-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-debuginfo-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-debuginfo-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Manager Proxy 4.3 (x86_64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Manager Server 4.3 (s390x) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * java-11-openjdk-debugsource-11.0.25.0-150000.3.119.1 * java-11-openjdk-11.0.25.0-150000.3.119.1 * java-11-openjdk-debuginfo-11.0.25.0-150000.3.119.1 * java-11-openjdk-headless-11.0.25.0-150000.3.119.1 * java-11-openjdk-devel-11.0.25.0-150000.3.119.1 * java-11-openjdk-demo-11.0.25.0-150000.3.119.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21208.html * https://www.suse.com/security/cve/CVE-2024-21210.html * https://www.suse.com/security/cve/CVE-2024-21217.html * https://www.suse.com/security/cve/CVE-2024-21235.html * https://bugzilla.suse.com/show_bug.cgi?id=1231702 * https://bugzilla.suse.com/show_bug.cgi?id=1231711 * https://bugzilla.suse.com/show_bug.cgi?id=1231716 * https://bugzilla.suse.com/show_bug.cgi?id=1231719 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:30:26 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 01 Nov 2024 16:30:26 -0000 Subject: SUSE-SU-2024:3874-1: important: Security update for ruby2.5 Message-ID: <173047862680.4695.14360590799597818330@smelt2.prg2.suse.org> # Security update for ruby2.5 Announcement ID: SUSE-SU-2024:3874-1 Release Date: 2024-11-01T15:26:07Z Rating: important References: * bsc#1224390 * bsc#1228072 * bsc#1228794 * bsc#1228799 * bsc#1229673 Cross-References: * CVE-2024-35176 * CVE-2024-39908 * CVE-2024-41123 * CVE-2024-41946 * CVE-2024-43398 CVSS scores: * CVE-2024-35176 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-39908 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41123 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-41123 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41123 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41123 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41946 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-41946 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41946 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43398 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43398 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities can now be installed. ## Description: This update for ruby2.5 fixes the following issues: * CVE-2024-43398: Fixed DoS when parsing a XML that has many deep elements with the same local name attributes (bsc#1229673) * CVE-2024-41123: Fixed DoS when parsing an XML that contains many specific characters such as whitespaces, >] and ]> (bsc#1228794) * CVE-2024-41946: Fixed DoS when parsing an XML that has many entity expansions with SAX2 or pull parser API (bsc#1228799) * CVE-2024-35176: Fixed DoS when parsing an XML that has many left angled brackets in an attribute value (bsc#1224390) * CVE-2024-39908: Fixed ReDos when parsing an XML that has many specific characters (bsc#1228072) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3874=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3874=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3874=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3874=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3874=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3874=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3874=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3874=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3874=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3874=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3874=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3874=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3874=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3874=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Manager Server 4.3 (ppc64le s390x) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * Basesystem Module 15-SP5 (ppc64le) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * Basesystem Module 15-SP6 (x86_64) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64) * libruby2_5-2_5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-debuginfo-2.5.9-150000.4.32.1 * libruby2_5-2_5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-2.5.9-150000.4.32.1 * ruby2.5-stdlib-2.5.9-150000.4.32.1 * ruby2.5-debugsource-2.5.9-150000.4.32.1 * ruby2.5-devel-extra-2.5.9-150000.4.32.1 * ruby2.5-debuginfo-2.5.9-150000.4.32.1 * ruby2.5-devel-2.5.9-150000.4.32.1 ## References: * https://www.suse.com/security/cve/CVE-2024-35176.html * https://www.suse.com/security/cve/CVE-2024-39908.html * https://www.suse.com/security/cve/CVE-2024-41123.html * https://www.suse.com/security/cve/CVE-2024-41946.html * https://www.suse.com/security/cve/CVE-2024-43398.html * https://bugzilla.suse.com/show_bug.cgi?id=1224390 * https://bugzilla.suse.com/show_bug.cgi?id=1228072 * https://bugzilla.suse.com/show_bug.cgi?id=1228794 * https://bugzilla.suse.com/show_bug.cgi?id=1228799 * https://bugzilla.suse.com/show_bug.cgi?id=1229673 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:30:29 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 01 Nov 2024 16:30:29 -0000 Subject: SUSE-SU-2024:3873-1: important: Security update for rubygem-bundler Message-ID: <173047862969.4695.12159183990495461047@smelt2.prg2.suse.org> # Security update for rubygem-bundler Announcement ID: SUSE-SU-2024:3873-1 Release Date: 2024-11-01T15:23:36Z Rating: important References: * bsc#1193578 Cross-References: * CVE-2021-43809 CVSS scores: * CVE-2021-43809 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2021-43809 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for rubygem-bundler fixes the following issues: * CVE-2021-43809: Fixed remote execution via Gemfile argument injection (bsc#1193578) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3873=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3873=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3873=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3873=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3873=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3873=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3873=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3873=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3873=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3873=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3873=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 * ruby2.5-rubygem-bundler-doc-1.16.1-150000.3.6.1 * Basesystem Module 15-SP5 (ppc64le x86_64) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 * Basesystem Module 15-SP6 (aarch64 s390x x86_64) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (ppc64le x86_64) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 s390x) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 * SUSE Manager Server 4.3 (s390x x86_64) * ruby2.5-rubygem-bundler-1.16.1-150000.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-43809.html * https://bugzilla.suse.com/show_bug.cgi?id=1193578 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:30:34 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 01 Nov 2024 16:30:34 -0000 Subject: SUSE-SU-2024:3872-1: moderate: Security update for openssl-1_1 Message-ID: <173047863474.4695.962659318275895024@smelt2.prg2.suse.org> # Security update for openssl-1_1 Announcement ID: SUSE-SU-2024:3872-1 Release Date: 2024-11-01T15:20:59Z Rating: moderate References: * bsc#1220262 Cross-References: * CVE-2023-50782 CVSS scores: * CVE-2023-50782 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-1_1 fixes the following issues: * CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3872=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3872=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3872=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3872=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3872=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3872=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3872=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3872=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3872=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3872=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x) * libopenssl1_1-1.1.1l-150400.7.75.1 * openssl-1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-1.1.1l-150400.7.75.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.75.1 * openssl-1_1-debugsource-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-1.1.1l-150400.7.75.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.75.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x) * libopenssl1_1-1.1.1l-150400.7.75.1 * openssl-1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-1.1.1l-150400.7.75.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.75.1 * openssl-1_1-debugsource-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-1.1.1l-150400.7.75.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.75.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (s390x x86_64) * libopenssl1_1-1.1.1l-150400.7.75.1 * openssl-1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-1.1.1l-150400.7.75.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.75.1 * openssl-1_1-debugsource-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-1.1.1l-150400.7.75.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.75.1 * SUSE Linux Enterprise Micro 5.4 (s390x x86_64) * libopenssl1_1-1.1.1l-150400.7.75.1 * openssl-1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-1.1.1l-150400.7.75.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.75.1 * openssl-1_1-debugsource-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-1.1.1l-150400.7.75.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.75.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libopenssl1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.75.1 * openssl-1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-1.1.1l-150400.7.75.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.75.1 * openssl-1_1-debugsource-1.1.1l-150400.7.75.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.75.1 * libopenssl1_1-32bit-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-1.1.1l-150400.7.75.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.75.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * libopenssl1_1-1.1.1l-150400.7.75.1 * openssl-1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-1.1.1l-150400.7.75.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.75.1 * openssl-1_1-debugsource-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-1.1.1l-150400.7.75.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.75.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * libopenssl1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.75.1 * openssl-1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-1.1.1l-150400.7.75.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.75.1 * openssl-1_1-debugsource-1.1.1l-150400.7.75.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.75.1 * libopenssl1_1-32bit-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-1.1.1l-150400.7.75.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.75.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libopenssl1_1-1.1.1l-150400.7.75.1 * openssl-1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-1.1.1l-150400.7.75.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.75.1 * openssl-1_1-debugsource-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-1.1.1l-150400.7.75.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.75.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.75.1 * libopenssl1_1-32bit-1.1.1l-150400.7.75.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.75.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libopenssl1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.75.1 * openssl-1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-1.1.1l-150400.7.75.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.75.1 * openssl-1_1-debugsource-1.1.1l-150400.7.75.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.75.1 * libopenssl1_1-32bit-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-1.1.1l-150400.7.75.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.75.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libopenssl1_1-1.1.1l-150400.7.75.1 * openssl-1_1-1.1.1l-150400.7.75.1 * libopenssl-1_1-devel-1.1.1l-150400.7.75.1 * openssl-1_1-debuginfo-1.1.1l-150400.7.75.1 * openssl-1_1-debugsource-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-1.1.1l-150400.7.75.1 * libopenssl1_1-debuginfo-1.1.1l-150400.7.75.1 * SUSE Manager Server 4.3 (x86_64) * libopenssl-1_1-devel-32bit-1.1.1l-150400.7.75.1 * libopenssl1_1-32bit-1.1.1l-150400.7.75.1 * libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.75.1 * libopenssl1_1-hmac-32bit-1.1.1l-150400.7.75.1 ## References: * https://www.suse.com/security/cve/CVE-2023-50782.html * https://bugzilla.suse.com/show_bug.cgi?id=1220262 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:30:40 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 01 Nov 2024 16:30:40 -0000 Subject: SUSE-SU-2024:3871-1: important: Security update for openssl-3 Message-ID: <173047864095.4695.1274037108691837314@smelt2.prg2.suse.org> # Security update for openssl-3 Announcement ID: SUSE-SU-2024:3871-1 Release Date: 2024-11-01T15:20:05Z Rating: important References: * bsc#1220262 * bsc#1230698 Cross-References: * CVE-2023-50782 * CVE-2024-41996 CVSS scores: * CVE-2023-50782 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-41996 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41996 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for openssl-3 fixes the following issues: * CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262) * CVE-2024-41996: Avoid expensive public key validation for known safe-prime groups (DHEATATTACK) (bsc#1230698) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3871=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3871=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3871=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3871=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3871=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3871=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3871=1 ## Package List: * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.69.1 * openssl-3-debugsource-3.0.8-150400.4.69.1 * libopenssl3-3.0.8-150400.4.69.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.69.1 * openssl-3-debugsource-3.0.8-150400.4.69.1 * libopenssl3-3.0.8-150400.4.69.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.69.1 * openssl-3-debugsource-3.0.8-150400.4.69.1 * libopenssl3-3.0.8-150400.4.69.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.69.1 * openssl-3-debugsource-3.0.8-150400.4.69.1 * libopenssl3-3.0.8-150400.4.69.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.69.1 * libopenssl3-3.0.8-150400.4.69.1 * openssl-3-debuginfo-3.0.8-150400.4.69.1 * openssl-3-3.0.8-150400.4.69.1 * openssl-3-debugsource-3.0.8-150400.4.69.1 * libopenssl-3-devel-3.0.8-150400.4.69.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (ppc64le s390x x86_64) * libopenssl3-debuginfo-3.0.8-150400.4.69.1 * libopenssl3-3.0.8-150400.4.69.1 * openssl-3-debuginfo-3.0.8-150400.4.69.1 * openssl-3-3.0.8-150400.4.69.1 * openssl-3-debugsource-3.0.8-150400.4.69.1 * libopenssl-3-devel-3.0.8-150400.4.69.1 * SUSE Manager Server 4.3 (s390x) * libopenssl3-debuginfo-3.0.8-150400.4.69.1 * libopenssl3-3.0.8-150400.4.69.1 * openssl-3-debuginfo-3.0.8-150400.4.69.1 * openssl-3-3.0.8-150400.4.69.1 * openssl-3-debugsource-3.0.8-150400.4.69.1 * libopenssl-3-devel-3.0.8-150400.4.69.1 ## References: * https://www.suse.com/security/cve/CVE-2023-50782.html * https://www.suse.com/security/cve/CVE-2024-41996.html * https://bugzilla.suse.com/show_bug.cgi?id=1220262 * https://bugzilla.suse.com/show_bug.cgi?id=1230698 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:30:47 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 01 Nov 2024 16:30:47 -0000 Subject: SUSE-SU-2024:3869-1: important: Security update for webkit2gtk3 Message-ID: <173047864771.4695.8635258540892715528@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2024:3869-1 Release Date: 2024-11-01T15:18:16Z Rating: important References: * bsc#1231039 Cross-References: * CVE-2024-23206 * CVE-2024-23213 * CVE-2024-23222 * CVE-2024-23271 * CVE-2024-27808 * CVE-2024-27820 * CVE-2024-27833 * CVE-2024-27834 * CVE-2024-27838 * CVE-2024-27851 * CVE-2024-40866 * CVE-2024-44187 * CVE-2024-4558 CVSS scores: * CVE-2024-23206 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-23206 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-23213 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23213 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23222 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23222 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-23271 ( SUSE ): 4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N * CVE-2024-27808 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27808 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27820 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27820 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27833 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27833 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27834 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27838 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-27838 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-27851 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-27851 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-40866 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-40866 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-44187 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-44187 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Retail Branch Server 4.3 An update that solves 13 vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.46.0 (bsc#1231039). * CVE-2024-40866 * CVE-2024-44187 Already fixed in version 2.44.3: * CVE-2024-4558 * CVE-2024-27838 * CVE-2024-27851 Already fixed in version 2.44.2: * CVE-2024-27834 * CVE-2024-27808 * CVE-2024-27820 * CVE-2024-27833 Already fixed in version 2.44.1: * CVE-2024-23222 * CVE-2024-23206 * CVE-2024-23213 * CVE-2024-23271 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3869=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3869=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-3869=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3869=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3869=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3869=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3869=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3869=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3869=1 ## Package List: * openSUSE Leap 15.4 (noarch) * WebKitGTK-4.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-6.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-4.1-lang-2.46.0-150400.4.91.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * typelib-1_0-JavaScriptCore-6_0-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-2.46.0-150400.4.91.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.0-150400.4.91.1 * webkit-jsc-6.0-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkitgtk-6_0-injected-bundles-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-2.46.0-150400.4.91.1 * webkit2gtk4-debugsource-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150400.4.91.1 * webkit-jsc-4-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-2.46.0-150400.4.91.1 * webkit2gtk3-devel-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.46.0-150400.4.91.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkit2gtk3-minibrowser-2.46.0-150400.4.91.1 * webkit-jsc-4.1-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_1-2.46.0-150400.4.91.1 * webkit2gtk4-minibrowser-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-devel-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkit2gtk4-devel-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-minibrowser-2.46.0-150400.4.91.1 * webkit2gtk3-debugsource-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-debugsource-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-2.46.0-150400.4.91.1 * webkit2gtk4-minibrowser-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_0-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150400.4.91.1 * webkit-jsc-4-debuginfo-2.46.0-150400.4.91.1 * webkit2gtk3-minibrowser-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit-6_0-2.46.0-150400.4.91.1 * webkit-jsc-6.0-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_1-2.46.0-150400.4.91.1 * webkit-jsc-4.1-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_0-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-2.46.0-150400.4.91.1 * openSUSE Leap 15.4 (x86_64) * libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-32bit-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-32bit-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-32bit-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-32bit-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.0-150400.4.91.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-64bit-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-64bit-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-64bit-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-64bit-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.46.0-150400.4.91.1 * Basesystem Module 15-SP5 (noarch) * WebKitGTK-4.0-lang-2.46.0-150400.4.91.1 * Basesystem Module 15-SP5 (aarch64 ppc64le) * libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-devel-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-debugsource-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_0-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_0-2.46.0-150400.4.91.1 * Desktop Applications Module 15-SP5 (noarch) * WebKitGTK-4.1-lang-2.46.0-150400.4.91.1 * Desktop Applications Module 15-SP5 (ppc64le) * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-2.46.0-150400.4.91.1 * webkit2gtk3-debugsource-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_1-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_1-2.46.0-150400.4.91.1 * webkit2gtk3-devel-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-6.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-4.1-lang-2.46.0-150400.4.91.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libwebkit2gtk-4_0-37-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkitgtk-6_0-injected-bundles-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-2.46.0-150400.4.91.1 * webkit2gtk4-debugsource-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-2.46.0-150400.4.91.1 * webkit2gtk3-devel-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-devel-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkit2gtk3-debugsource-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-debugsource-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_0-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_1-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_0-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-2.46.0-150400.4.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-6.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-4.1-lang-2.46.0-150400.4.91.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libwebkit2gtk-4_0-37-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkitgtk-6_0-injected-bundles-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-2.46.0-150400.4.91.1 * webkit2gtk4-debugsource-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-2.46.0-150400.4.91.1 * webkit2gtk3-devel-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-devel-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkit2gtk3-debugsource-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-debugsource-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_0-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_1-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_0-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-2.46.0-150400.4.91.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * WebKitGTK-4.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-6.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-4.1-lang-2.46.0-150400.4.91.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libwebkit2gtk-4_0-37-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkitgtk-6_0-injected-bundles-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-2.46.0-150400.4.91.1 * webkit2gtk4-debugsource-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-2.46.0-150400.4.91.1 * webkit2gtk3-devel-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-devel-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkit2gtk3-debugsource-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-debugsource-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_0-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_1-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_0-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-2.46.0-150400.4.91.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * WebKitGTK-4.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-6.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-4.1-lang-2.46.0-150400.4.91.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64) * libwebkit2gtk-4_0-37-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkitgtk-6_0-injected-bundles-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-2.46.0-150400.4.91.1 * webkit2gtk4-debugsource-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-2.46.0-150400.4.91.1 * webkit2gtk3-devel-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-devel-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkit2gtk3-debugsource-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-debugsource-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_0-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_1-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_0-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-2.46.0-150400.4.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-6.0-lang-2.46.0-150400.4.91.1 * WebKitGTK-4.1-lang-2.46.0-150400.4.91.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libwebkit2gtk-4_0-37-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkitgtk-6_0-injected-bundles-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-2.46.0-150400.4.91.1 * webkit2gtk4-debugsource-2.46.0-150400.4.91.1 * libwebkitgtk-6_0-4-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-2.46.0-150400.4.91.1 * webkit2gtk3-devel-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-devel-2.46.0-150400.4.91.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * webkit2gtk3-debugsource-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-debugsource-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_0-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-2.46.0-150400.4.91.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_1-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_0-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_1-0-2.46.0-150400.4.91.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * WebKitGTK-4.0-lang-2.46.0-150400.4.91.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libjavascriptcoregtk-4_0-18-debuginfo-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-devel-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.0-150400.4.91.1 * libjavascriptcoregtk-4_0-18-2.46.0-150400.4.91.1 * webkit2gtk3-soup2-debugsource-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-2.46.0-150400.4.91.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-JavaScriptCore-4_0-2.46.0-150400.4.91.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.0-150400.4.91.1 * typelib-1_0-WebKit2-4_0-2.46.0-150400.4.91.1 ## References: * https://www.suse.com/security/cve/CVE-2024-23206.html * https://www.suse.com/security/cve/CVE-2024-23213.html * https://www.suse.com/security/cve/CVE-2024-23222.html * https://www.suse.com/security/cve/CVE-2024-23271.html * https://www.suse.com/security/cve/CVE-2024-27808.html * https://www.suse.com/security/cve/CVE-2024-27820.html * https://www.suse.com/security/cve/CVE-2024-27833.html * https://www.suse.com/security/cve/CVE-2024-27834.html * https://www.suse.com/security/cve/CVE-2024-27838.html * https://www.suse.com/security/cve/CVE-2024-27851.html * https://www.suse.com/security/cve/CVE-2024-40866.html * https://www.suse.com/security/cve/CVE-2024-44187.html * https://www.suse.com/security/cve/CVE-2024-4558.html * https://bugzilla.suse.com/show_bug.cgi?id=1231039 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:30:50 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 01 Nov 2024 16:30:50 -0000 Subject: SUSE-RU-2024:3868-1: moderate: Recommended update for suse-build-key Message-ID: <173047865016.4695.8120442710691771875@smelt2.prg2.suse.org> # Recommended update for suse-build-key Announcement ID: SUSE-RU-2024:3868-1 Release Date: 2024-11-01T15:16:39Z Rating: moderate References: * bsc#1231829 Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for suse-build-key fixes the following issues: * Also include the GPG key from the current build project to allow Staging testing without production keys, but only in staging. (bsc#1231829) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3868=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3868=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3868=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3868=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3868=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3868=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3868=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3868=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3868=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3868=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3868=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3868=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3868=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3868=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3868=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3868=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3868=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3868=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3868=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3868=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3868=1 ## Package List: * openSUSE Leap 15.5 (noarch) * suse-build-key-12.0-150000.8.55.1 * openSUSE Leap 15.6 (noarch) * suse-build-key-12.0-150000.8.55.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * suse-build-key-12.0-150000.8.55.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * suse-build-key-12.0-150000.8.55.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * suse-build-key-12.0-150000.8.55.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * suse-build-key-12.0-150000.8.55.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * suse-build-key-12.0-150000.8.55.1 * Basesystem Module 15-SP5 (noarch) * suse-build-key-12.0-150000.8.55.1 * Basesystem Module 15-SP6 (noarch) * suse-build-key-12.0-150000.8.55.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * suse-build-key-12.0-150000.8.55.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * suse-build-key-12.0-150000.8.55.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * suse-build-key-12.0-150000.8.55.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * suse-build-key-12.0-150000.8.55.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * suse-build-key-12.0-150000.8.55.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * suse-build-key-12.0-150000.8.55.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * suse-build-key-12.0-150000.8.55.1 * SUSE Manager Server 4.3 (noarch) * suse-build-key-12.0-150000.8.55.1 * SUSE Enterprise Storage 7.1 (noarch) * suse-build-key-12.0-150000.8.55.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * suse-build-key-12.0-150000.8.55.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * suse-build-key-12.0-150000.8.55.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * suse-build-key-12.0-150000.8.55.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1231829 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:30:55 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 01 Nov 2024 16:30:55 -0000 Subject: SUSE-SU-2024:3866-1: important: Security update for xorg-x11-server Message-ID: <173047865534.4695.485661074575964079@smelt2.prg2.suse.org> # Security update for xorg-x11-server Announcement ID: SUSE-SU-2024:3866-1 Release Date: 2024-11-01T15:13:09Z Rating: important References: * bsc#1231565 Cross-References: * CVE-2024-9632 CVSS scores: * CVE-2024-9632 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-9632 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-9632 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for xorg-x11-server fixes the following issues: * CVE-2024-9632: Fixed heap-based buffer overflow privilege escalation in _XkbSetCompatMap (bsc#1231565). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3866=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3866=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3866=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3866=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3866=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3866=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3866=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3866=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3866=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * xorg-x11-server-sdk-1.20.3-150400.38.51.1 * xorg-x11-server-source-1.20.3-150400.38.51.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-debugsource-1.20.3-150400.38.51.1 * xorg-x11-server-extra-1.20.3-150400.38.51.1 * xorg-x11-server-1.20.3-150400.38.51.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * xorg-x11-server-sdk-1.20.3-150400.38.51.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-debugsource-1.20.3-150400.38.51.1 * xorg-x11-server-extra-1.20.3-150400.38.51.1 * xorg-x11-server-1.20.3-150400.38.51.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * xorg-x11-server-sdk-1.20.3-150400.38.51.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-debugsource-1.20.3-150400.38.51.1 * xorg-x11-server-extra-1.20.3-150400.38.51.1 * xorg-x11-server-1.20.3-150400.38.51.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * xorg-x11-server-sdk-1.20.3-150400.38.51.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-debugsource-1.20.3-150400.38.51.1 * xorg-x11-server-extra-1.20.3-150400.38.51.1 * xorg-x11-server-1.20.3-150400.38.51.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-sdk-1.20.3-150400.38.51.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-debugsource-1.20.3-150400.38.51.1 * xorg-x11-server-extra-1.20.3-150400.38.51.1 * xorg-x11-server-1.20.3-150400.38.51.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * xorg-x11-server-sdk-1.20.3-150400.38.51.1 * xorg-x11-server-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-debugsource-1.20.3-150400.38.51.1 * xorg-x11-server-extra-1.20.3-150400.38.51.1 * xorg-x11-server-1.20.3-150400.38.51.1 * SUSE Manager Proxy 4.3 (x86_64) * xorg-x11-server-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-debugsource-1.20.3-150400.38.51.1 * xorg-x11-server-extra-1.20.3-150400.38.51.1 * xorg-x11-server-1.20.3-150400.38.51.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * xorg-x11-server-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-debugsource-1.20.3-150400.38.51.1 * xorg-x11-server-extra-1.20.3-150400.38.51.1 * xorg-x11-server-1.20.3-150400.38.51.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * xorg-x11-server-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-extra-debuginfo-1.20.3-150400.38.51.1 * xorg-x11-server-debugsource-1.20.3-150400.38.51.1 * xorg-x11-server-extra-1.20.3-150400.38.51.1 * xorg-x11-server-1.20.3-150400.38.51.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9632.html * https://bugzilla.suse.com/show_bug.cgi?id=1231565 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:30:58 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 01 Nov 2024 16:30:58 -0000 Subject: SUSE-RU-2024:3865-1: moderate: Recommended update for gcc14 Message-ID: <173047865851.4695.10133431579263505052@smelt2.prg2.suse.org> # Recommended update for gcc14 Announcement ID: SUSE-RU-2024:3865-1 Release Date: 2024-11-01T15:12:41Z Rating: moderate References: * bsc#1231833 Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap Micro 5.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that has one fix can now be installed. ## Description: This update for gcc14 fixes the following issues: * Fixed parsing timezone tzdata 2024b [gcc#116657 bsc#1231833] ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3865=1 * SUSE Linux Enterprise Server 15 SP2 zypper in -t patch SUSE-SLE-INSTALLER-15-SP2-2024-3865=1 * SUSE Linux Enterprise Server 15 SP3 zypper in -t patch SUSE-SLE-INSTALLER-15-SP3-2024-3865=1 * SUSE Linux Enterprise High Performance Computing 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3865=1 * SUSE Linux Enterprise Server 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3865=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3865=1 SUSE-SLE-Product-SUSE- Manager-Server-4.3-2024-3865=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3865=1 SUSE-SLE-Product- SLES_SAP-15-SP4-2024-3865=1 * SUSE Linux Enterprise Desktop 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3865=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3865=1 SUSE-SLE-INSTALLER-15-SP4-2024-3865=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3865=1 SUSE- SLE-INSTALLER-15-SP4-2024-3865=1 * SUSE Linux Enterprise High Performance Computing 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3865=1 * SUSE Linux Enterprise Server 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3865=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3865=1 * SUSE Linux Enterprise Desktop 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3865=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3865=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3865=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3865=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3865=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3865=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3865=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3865=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-3865=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3865=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3865=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3865=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3865=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3865=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3865=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3865=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3865=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3865=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3865=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3865=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3865=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3865=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3865=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3865=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3865=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3865=1 ## Package List: * openSUSE Leap Micro 5.5 (aarch64 ppc64le s390x x86_64) * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * libgcc_s1-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server 15 SP2 (aarch64 ppc64le s390x x86_64) * libstdc++6-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server 15 SP3 (aarch64 ppc64le s390x x86_64) * libstdc++6-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise High Performance Computing 15 SP4 (aarch64 x86_64) * libstdc++6-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server 15 SP4 (aarch64 ppc64le s390x x86_64) * libstdc++6-14.2.0+git10526-150000.1.6.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libgfortran5-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * libobjc4-14.2.0+git10526-150000.1.6.1 * libgfortran5-14.2.0+git10526-150000.1.6.1 * libasan8-debuginfo-14.2.0+git10526-150000.1.6.1 * libtsan2-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * libgomp1-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libgomp1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * libobjc4-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-14.2.0+git10526-150000.1.6.1 * libitm1-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-14.2.0+git10526-150000.1.6.1 * libtsan2-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-14.2.0+git10526-150000.1.6.1 * libstdc++6-locale-14.2.0+git10526-150000.1.6.1 * SUSE Manager Server 4.3 (ppc64le x86_64) * libquadmath0-14.2.0+git10526-150000.1.6.1 * libquadmath0-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Manager Server 4.3 (x86_64) * libobjc4-32bit-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-14.2.0+git10526-150000.1.6.1 * libobjc4-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libhwasan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-14.2.0+git10526-150000.1.6.1 * libhwasan0-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libgfortran5-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libquadmath0-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-14.2.0+git10526-150000.1.6.1 * libobjc4-14.2.0+git10526-150000.1.6.1 * libgfortran5-14.2.0+git10526-150000.1.6.1 * libasan8-debuginfo-14.2.0+git10526-150000.1.6.1 * libtsan2-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * libgomp1-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libgomp1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * libobjc4-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-14.2.0+git10526-150000.1.6.1 * libitm1-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-14.2.0+git10526-150000.1.6.1 * libtsan2-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-14.2.0+git10526-150000.1.6.1 * libstdc++6-locale-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libobjc4-32bit-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-14.2.0+git10526-150000.1.6.1 * libobjc4-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libhwasan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-14.2.0+git10526-150000.1.6.1 * libhwasan0-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Desktop 15 SP4 (x86_64) * libstdc++6-14.2.0+git10526-150000.1.6.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libgfortran5-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * libobjc4-32bit-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-14.2.0+git10526-150000.1.6.1 * libobjc4-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgfortran5-14.2.0+git10526-150000.1.6.1 * libasan8-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libtsan2-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * libgomp1-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-14.2.0+git10526-150000.1.6.1 * libobjc4-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-14.2.0+git10526-150000.1.6.1 * libhwasan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-14.2.0+git10526-150000.1.6.1 * libobjc4-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-14.2.0+git10526-150000.1.6.1 * libubsan1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-14.2.0+git10526-150000.1.6.1 * libitm1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-14.2.0+git10526-150000.1.6.1 * libasan8-14.2.0+git10526-150000.1.6.1 * libtsan2-debuginfo-14.2.0+git10526-150000.1.6.1 * libhwasan0-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-14.2.0+git10526-150000.1.6.1 * libubsan1-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-locale-14.2.0+git10526-150000.1.6.1 * SUSE Manager Proxy 4.3 (x86_64) * libgfortran5-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * libobjc4-32bit-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-14.2.0+git10526-150000.1.6.1 * libobjc4-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgfortran5-14.2.0+git10526-150000.1.6.1 * libasan8-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libtsan2-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * libgomp1-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-14.2.0+git10526-150000.1.6.1 * libobjc4-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-14.2.0+git10526-150000.1.6.1 * libhwasan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-14.2.0+git10526-150000.1.6.1 * libobjc4-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-14.2.0+git10526-150000.1.6.1 * libubsan1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-14.2.0+git10526-150000.1.6.1 * libitm1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-14.2.0+git10526-150000.1.6.1 * libasan8-14.2.0+git10526-150000.1.6.1 * libtsan2-debuginfo-14.2.0+git10526-150000.1.6.1 * libhwasan0-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-14.2.0+git10526-150000.1.6.1 * libubsan1-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-locale-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise High Performance Computing 15 SP5 (aarch64 x86_64) * libstdc++6-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server 15 SP5 (aarch64 ppc64le s390x x86_64) * libstdc++6-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libstdc++6-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Desktop 15 SP5 (x86_64) * libstdc++6-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libgfortran5-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libobjc4-14.2.0+git10526-150000.1.6.1 * libgfortran5-14.2.0+git10526-150000.1.6.1 * libasan8-debuginfo-14.2.0+git10526-150000.1.6.1 * libtsan2-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * libgomp1-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libgomp1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * libobjc4-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-14.2.0+git10526-150000.1.6.1 * libitm1-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-14.2.0+git10526-150000.1.6.1 * libtsan2-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-14.2.0+git10526-150000.1.6.1 * libstdc++6-locale-14.2.0+git10526-150000.1.6.1 * Basesystem Module 15-SP5 (aarch64 x86_64) * libhwasan0-14.2.0+git10526-150000.1.6.1 * libhwasan0-debuginfo-14.2.0+git10526-150000.1.6.1 * Basesystem Module 15-SP5 (ppc64le x86_64) * libquadmath0-14.2.0+git10526-150000.1.6.1 * libquadmath0-debuginfo-14.2.0+git10526-150000.1.6.1 * Basesystem Module 15-SP5 (x86_64) * libobjc4-32bit-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-14.2.0+git10526-150000.1.6.1 * libobjc4-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libgfortran5-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libobjc4-14.2.0+git10526-150000.1.6.1 * libgfortran5-14.2.0+git10526-150000.1.6.1 * libasan8-debuginfo-14.2.0+git10526-150000.1.6.1 * libtsan2-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * libgomp1-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libgomp1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * libobjc4-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-14.2.0+git10526-150000.1.6.1 * libitm1-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-14.2.0+git10526-150000.1.6.1 * libtsan2-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-14.2.0+git10526-150000.1.6.1 * libstdc++6-locale-14.2.0+git10526-150000.1.6.1 * Basesystem Module 15-SP6 (aarch64 x86_64) * libhwasan0-14.2.0+git10526-150000.1.6.1 * libhwasan0-debuginfo-14.2.0+git10526-150000.1.6.1 * Basesystem Module 15-SP6 (ppc64le x86_64) * libquadmath0-14.2.0+git10526-150000.1.6.1 * libquadmath0-debuginfo-14.2.0+git10526-150000.1.6.1 * Basesystem Module 15-SP6 (x86_64) * libobjc4-32bit-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-14.2.0+git10526-150000.1.6.1 * libobjc4-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * gcc14-c++-14.2.0+git10526-150000.1.6.1 * gcc14-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * cpp14-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-fortran-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-PIE-14.2.0+git10526-150000.1.6.1 * libstdc++6-devel-gcc14-14.2.0+git10526-150000.1.6.1 * gcc14-fortran-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * cpp14-14.2.0+git10526-150000.1.6.1 * gcc14-c++-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-locale-14.2.0+git10526-150000.1.6.1 * Development Tools Module 15-SP5 (noarch) * gcc14-info-14.2.0+git10526-150000.1.6.1 * Development Tools Module 15-SP5 (ppc64le x86_64) * libquadmath0-devel-gcc14-14.2.0+git10526-150000.1.6.1 * Development Tools Module 15-SP5 (x86_64) * gcc14-c++-32bit-14.2.0+git10526-150000.1.6.1 * cross-nvptx-gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-devel-gcc14-32bit-14.2.0+git10526-150000.1.6.1 * gcc14-fortran-32bit-14.2.0+git10526-150000.1.6.1 * cross-nvptx-gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libstdc++6-devel-gcc14-32bit-14.2.0+git10526-150000.1.6.1 * cross-nvptx-newlib14-devel-14.2.0+git10526-150000.1.6.1 * gcc14-32bit-14.2.0+git10526-150000.1.6.1 * cross-nvptx-gcc14-14.2.0+git10526-150000.1.6.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * gcc14-c++-14.2.0+git10526-150000.1.6.1 * gcc14-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * cpp14-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-fortran-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-PIE-14.2.0+git10526-150000.1.6.1 * libstdc++6-devel-gcc14-14.2.0+git10526-150000.1.6.1 * gcc14-fortran-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * cpp14-14.2.0+git10526-150000.1.6.1 * gcc14-c++-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-locale-14.2.0+git10526-150000.1.6.1 * Development Tools Module 15-SP6 (noarch) * gcc14-info-14.2.0+git10526-150000.1.6.1 * Development Tools Module 15-SP6 (ppc64le x86_64) * libquadmath0-devel-gcc14-14.2.0+git10526-150000.1.6.1 * Development Tools Module 15-SP6 (x86_64) * gcc14-c++-32bit-14.2.0+git10526-150000.1.6.1 * cross-nvptx-gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-devel-gcc14-32bit-14.2.0+git10526-150000.1.6.1 * gcc14-fortran-32bit-14.2.0+git10526-150000.1.6.1 * cross-nvptx-gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libstdc++6-devel-gcc14-32bit-14.2.0+git10526-150000.1.6.1 * cross-nvptx-newlib14-devel-14.2.0+git10526-150000.1.6.1 * gcc14-32bit-14.2.0+git10526-150000.1.6.1 * cross-nvptx-gcc14-14.2.0+git10526-150000.1.6.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * libm2cor19-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * gcc14-m2-14.2.0+git10526-150000.1.6.1 * libm2min19-14.2.0+git10526-150000.1.6.1 * libgo23-14.2.0+git10526-150000.1.6.1 * libm2log19-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-m2-debuginfo-14.2.0+git10526-150000.1.6.1 * libada14-14.2.0+git10526-150000.1.6.1 * gcc14-ada-debuginfo-14.2.0+git10526-150000.1.6.1 * libm2iso19-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-obj-c++-debuginfo-14.2.0+git10526-150000.1.6.1 * libgo23-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-objc-debuginfo-14.2.0+git10526-150000.1.6.1 * libm2min19-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-objc-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libm2cor19-14.2.0+git10526-150000.1.6.1 * gcc14-go-debuginfo-14.2.0+git10526-150000.1.6.1 * libm2log19-14.2.0+git10526-150000.1.6.1 * libm2pim19-14.2.0+git10526-150000.1.6.1 * gcc14-obj-c++-14.2.0+git10526-150000.1.6.1 * libada14-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-ada-14.2.0+git10526-150000.1.6.1 * libm2iso19-14.2.0+git10526-150000.1.6.1 * gcc14-go-14.2.0+git10526-150000.1.6.1 * libm2pim19-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Package Hub 15 15-SP5 (aarch64 s390x x86_64) * gcc14-d-debuginfo-14.2.0+git10526-150000.1.6.1 * libgphobos5-debuginfo-14.2.0+git10526-150000.1.6.1 * libgphobos5-14.2.0+git10526-150000.1.6.1 * libgdruntime5-14.2.0+git10526-150000.1.6.1 * gcc14-d-14.2.0+git10526-150000.1.6.1 * libgdruntime5-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Package Hub 15 15-SP5 (x86_64) * gcc14-d-32bit-14.2.0+git10526-150000.1.6.1 * libgo23-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libm2min19-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libada14-32bit-14.2.0+git10526-150000.1.6.1 * gcc14-objc-32bit-14.2.0+git10526-150000.1.6.1 * libm2pim19-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libm2cor19-32bit-14.2.0+git10526-150000.1.6.1 * libgdruntime5-32bit-14.2.0+git10526-150000.1.6.1 * libm2log19-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgo23-32bit-14.2.0+git10526-150000.1.6.1 * libgphobos5-32bit-14.2.0+git10526-150000.1.6.1 * libm2iso19-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-ada-32bit-14.2.0+git10526-150000.1.6.1 * libm2min19-32bit-14.2.0+git10526-150000.1.6.1 * libada14-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-go-32bit-14.2.0+git10526-150000.1.6.1 * libgdruntime5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libm2log19-32bit-14.2.0+git10526-150000.1.6.1 * libgphobos5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libm2pim19-32bit-14.2.0+git10526-150000.1.6.1 * gcc14-m2-32bit-14.2.0+git10526-150000.1.6.1 * libm2iso19-32bit-14.2.0+git10526-150000.1.6.1 * libm2cor19-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-obj-c++-32bit-14.2.0+git10526-150000.1.6.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * libm2cor19-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * gcc14-m2-14.2.0+git10526-150000.1.6.1 * libm2min19-14.2.0+git10526-150000.1.6.1 * libgo23-14.2.0+git10526-150000.1.6.1 * libm2log19-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-m2-debuginfo-14.2.0+git10526-150000.1.6.1 * libada14-14.2.0+git10526-150000.1.6.1 * gcc14-ada-debuginfo-14.2.0+git10526-150000.1.6.1 * libm2iso19-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-obj-c++-debuginfo-14.2.0+git10526-150000.1.6.1 * libgo23-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-objc-debuginfo-14.2.0+git10526-150000.1.6.1 * libm2min19-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-objc-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libm2cor19-14.2.0+git10526-150000.1.6.1 * gcc14-go-debuginfo-14.2.0+git10526-150000.1.6.1 * libm2log19-14.2.0+git10526-150000.1.6.1 * libm2pim19-14.2.0+git10526-150000.1.6.1 * gcc14-obj-c++-14.2.0+git10526-150000.1.6.1 * libada14-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-ada-14.2.0+git10526-150000.1.6.1 * libm2iso19-14.2.0+git10526-150000.1.6.1 * gcc14-go-14.2.0+git10526-150000.1.6.1 * libm2pim19-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Package Hub 15 15-SP6 (aarch64 s390x x86_64) * gcc14-d-debuginfo-14.2.0+git10526-150000.1.6.1 * libgphobos5-debuginfo-14.2.0+git10526-150000.1.6.1 * libgphobos5-14.2.0+git10526-150000.1.6.1 * libgdruntime5-14.2.0+git10526-150000.1.6.1 * gcc14-d-14.2.0+git10526-150000.1.6.1 * libgdruntime5-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Package Hub 15 15-SP6 (x86_64) * gcc14-d-32bit-14.2.0+git10526-150000.1.6.1 * libgo23-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libm2min19-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libada14-32bit-14.2.0+git10526-150000.1.6.1 * gcc14-objc-32bit-14.2.0+git10526-150000.1.6.1 * libm2pim19-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libm2cor19-32bit-14.2.0+git10526-150000.1.6.1 * libgdruntime5-32bit-14.2.0+git10526-150000.1.6.1 * libm2log19-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgo23-32bit-14.2.0+git10526-150000.1.6.1 * libgphobos5-32bit-14.2.0+git10526-150000.1.6.1 * libm2iso19-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-ada-32bit-14.2.0+git10526-150000.1.6.1 * libm2min19-32bit-14.2.0+git10526-150000.1.6.1 * libada14-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-go-32bit-14.2.0+git10526-150000.1.6.1 * libgdruntime5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libm2log19-32bit-14.2.0+git10526-150000.1.6.1 * libgphobos5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libm2pim19-32bit-14.2.0+git10526-150000.1.6.1 * gcc14-m2-32bit-14.2.0+git10526-150000.1.6.1 * libm2iso19-32bit-14.2.0+git10526-150000.1.6.1 * libm2cor19-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-obj-c++-32bit-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libgfortran5-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libobjc4-14.2.0+git10526-150000.1.6.1 * libgfortran5-14.2.0+git10526-150000.1.6.1 * libasan8-debuginfo-14.2.0+git10526-150000.1.6.1 * libtsan2-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * libgomp1-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libhwasan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * libobjc4-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-14.2.0+git10526-150000.1.6.1 * libitm1-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-14.2.0+git10526-150000.1.6.1 * libtsan2-debuginfo-14.2.0+git10526-150000.1.6.1 * libhwasan0-14.2.0+git10526-150000.1.6.1 * libubsan1-14.2.0+git10526-150000.1.6.1 * libstdc++6-locale-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * libobjc4-32bit-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-14.2.0+git10526-150000.1.6.1 * libobjc4-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libgfortran5-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libobjc4-14.2.0+git10526-150000.1.6.1 * libgfortran5-14.2.0+git10526-150000.1.6.1 * libasan8-debuginfo-14.2.0+git10526-150000.1.6.1 * libtsan2-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * libgomp1-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libhwasan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * libobjc4-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-14.2.0+git10526-150000.1.6.1 * libitm1-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-14.2.0+git10526-150000.1.6.1 * libtsan2-debuginfo-14.2.0+git10526-150000.1.6.1 * libhwasan0-14.2.0+git10526-150000.1.6.1 * libubsan1-14.2.0+git10526-150000.1.6.1 * libstdc++6-locale-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * libobjc4-32bit-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-14.2.0+git10526-150000.1.6.1 * libobjc4-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libgfortran5-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libobjc4-14.2.0+git10526-150000.1.6.1 * libgfortran5-14.2.0+git10526-150000.1.6.1 * libasan8-debuginfo-14.2.0+git10526-150000.1.6.1 * libtsan2-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * libgomp1-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libhwasan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * libobjc4-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-14.2.0+git10526-150000.1.6.1 * libitm1-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-14.2.0+git10526-150000.1.6.1 * libtsan2-debuginfo-14.2.0+git10526-150000.1.6.1 * libhwasan0-14.2.0+git10526-150000.1.6.1 * libubsan1-14.2.0+git10526-150000.1.6.1 * libstdc++6-locale-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libobjc4-32bit-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-14.2.0+git10526-150000.1.6.1 * libobjc4-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libgfortran5-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libobjc4-14.2.0+git10526-150000.1.6.1 * libgfortran5-14.2.0+git10526-150000.1.6.1 * libasan8-debuginfo-14.2.0+git10526-150000.1.6.1 * libtsan2-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * libgomp1-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libhwasan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * libobjc4-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-14.2.0+git10526-150000.1.6.1 * libitm1-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-14.2.0+git10526-150000.1.6.1 * libtsan2-debuginfo-14.2.0+git10526-150000.1.6.1 * libhwasan0-14.2.0+git10526-150000.1.6.1 * libubsan1-14.2.0+git10526-150000.1.6.1 * libstdc++6-locale-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libobjc4-32bit-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-14.2.0+git10526-150000.1.6.1 * libobjc4-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libgfortran5-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * libobjc4-32bit-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libquadmath0-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-14.2.0+git10526-150000.1.6.1 * libobjc4-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgfortran5-14.2.0+git10526-150000.1.6.1 * libasan8-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libtsan2-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * libgomp1-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-14.2.0+git10526-150000.1.6.1 * libobjc4-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-14.2.0+git10526-150000.1.6.1 * libgomp1-debuginfo-14.2.0+git10526-150000.1.6.1 * libhwasan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-14.2.0+git10526-150000.1.6.1 * libobjc4-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-14.2.0+git10526-150000.1.6.1 * libubsan1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-14.2.0+git10526-150000.1.6.1 * libitm1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-14.2.0+git10526-150000.1.6.1 * libasan8-14.2.0+git10526-150000.1.6.1 * libtsan2-debuginfo-14.2.0+git10526-150000.1.6.1 * libhwasan0-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-14.2.0+git10526-150000.1.6.1 * libubsan1-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-locale-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * libgfortran5-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libobjc4-14.2.0+git10526-150000.1.6.1 * libgfortran5-14.2.0+git10526-150000.1.6.1 * libasan8-debuginfo-14.2.0+git10526-150000.1.6.1 * libtsan2-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * libgomp1-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libgomp1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * libobjc4-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-14.2.0+git10526-150000.1.6.1 * libitm1-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-14.2.0+git10526-150000.1.6.1 * libtsan2-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-14.2.0+git10526-150000.1.6.1 * libstdc++6-locale-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * libhwasan0-14.2.0+git10526-150000.1.6.1 * libhwasan0-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (ppc64le x86_64) * libquadmath0-14.2.0+git10526-150000.1.6.1 * libquadmath0-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * libobjc4-32bit-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-14.2.0+git10526-150000.1.6.1 * libobjc4-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libgfortran5-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libobjc4-14.2.0+git10526-150000.1.6.1 * libgfortran5-14.2.0+git10526-150000.1.6.1 * libasan8-debuginfo-14.2.0+git10526-150000.1.6.1 * libtsan2-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * libgomp1-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libgomp1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * libobjc4-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-14.2.0+git10526-150000.1.6.1 * libitm1-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-14.2.0+git10526-150000.1.6.1 * libtsan2-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-14.2.0+git10526-150000.1.6.1 * libstdc++6-locale-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 x86_64) * libhwasan0-14.2.0+git10526-150000.1.6.1 * libhwasan0-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (ppc64le x86_64) * libquadmath0-14.2.0+git10526-150000.1.6.1 * libquadmath0-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * libobjc4-32bit-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-14.2.0+git10526-150000.1.6.1 * libobjc4-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libgfortran5-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libobjc4-14.2.0+git10526-150000.1.6.1 * libgfortran5-14.2.0+git10526-150000.1.6.1 * libasan8-debuginfo-14.2.0+git10526-150000.1.6.1 * libtsan2-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * libgomp1-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libgomp1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * libobjc4-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-14.2.0+git10526-150000.1.6.1 * libitm1-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-14.2.0+git10526-150000.1.6.1 * libtsan2-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-14.2.0+git10526-150000.1.6.1 * libstdc++6-locale-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64) * libhwasan0-14.2.0+git10526-150000.1.6.1 * libhwasan0-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (ppc64le x86_64) * libquadmath0-14.2.0+git10526-150000.1.6.1 * libquadmath0-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * libobjc4-32bit-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-14.2.0+git10526-150000.1.6.1 * libobjc4-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * libgfortran5-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libquadmath0-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-14.2.0+git10526-150000.1.6.1 * libobjc4-14.2.0+git10526-150000.1.6.1 * libgfortran5-14.2.0+git10526-150000.1.6.1 * libasan8-debuginfo-14.2.0+git10526-150000.1.6.1 * libtsan2-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * libgomp1-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libgomp1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * libobjc4-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-14.2.0+git10526-150000.1.6.1 * libitm1-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-14.2.0+git10526-150000.1.6.1 * libtsan2-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-14.2.0+git10526-150000.1.6.1 * libstdc++6-locale-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * libobjc4-32bit-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-14.2.0+git10526-150000.1.6.1 * libobjc4-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libhwasan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-14.2.0+git10526-150000.1.6.1 * libhwasan0-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libgfortran5-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libquadmath0-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-14.2.0+git10526-150000.1.6.1 * libobjc4-14.2.0+git10526-150000.1.6.1 * libgfortran5-14.2.0+git10526-150000.1.6.1 * libasan8-debuginfo-14.2.0+git10526-150000.1.6.1 * libtsan2-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * libgomp1-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libgomp1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * libobjc4-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-14.2.0+git10526-150000.1.6.1 * libitm1-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-14.2.0+git10526-150000.1.6.1 * libtsan2-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-14.2.0+git10526-150000.1.6.1 * libstdc++6-locale-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * libobjc4-32bit-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-14.2.0+git10526-150000.1.6.1 * libobjc4-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libhwasan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-14.2.0+git10526-150000.1.6.1 * libhwasan0-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libgfortran5-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libobjc4-14.2.0+git10526-150000.1.6.1 * libgfortran5-14.2.0+git10526-150000.1.6.1 * libasan8-debuginfo-14.2.0+git10526-150000.1.6.1 * libtsan2-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * libgomp1-14.2.0+git10526-150000.1.6.1 * libatomic1-14.2.0+git10526-150000.1.6.1 * libhwasan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * libobjc4-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-14.2.0+git10526-150000.1.6.1 * libatomic1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-debuginfo-14.2.0+git10526-150000.1.6.1 * liblsan0-14.2.0+git10526-150000.1.6.1 * libitm1-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-14.2.0+git10526-150000.1.6.1 * libtsan2-debuginfo-14.2.0+git10526-150000.1.6.1 * libhwasan0-14.2.0+git10526-150000.1.6.1 * libubsan1-14.2.0+git10526-150000.1.6.1 * libstdc++6-locale-14.2.0+git10526-150000.1.6.1 * SUSE Enterprise Storage 7.1 (x86_64) * libobjc4-32bit-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-debuginfo-14.2.0+git10526-150000.1.6.1 * libquadmath0-14.2.0+git10526-150000.1.6.1 * libquadmath0-32bit-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-32bit-14.2.0+git10526-150000.1.6.1 * libobjc4-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-pp-32bit-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-14.2.0+git10526-150000.1.6.1 * libubsan1-32bit-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgfortran5-32bit-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-14.2.0+git10526-150000.1.6.1 * libasan8-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libgomp1-32bit-14.2.0+git10526-150000.1.6.1 * libstdc++6-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-14.2.0+git10526-150000.1.6.1 * libatomic1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * libitm1-32bit-debuginfo-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libstdc++6-debuginfo-14.2.0+git10526-150000.1.6.1 * libgcc_s1-debuginfo-14.2.0+git10526-150000.1.6.1 * gcc14-debugsource-14.2.0+git10526-150000.1.6.1 * libgcc_s1-14.2.0+git10526-150000.1.6.1 * gcc14-debuginfo-14.2.0+git10526-150000.1.6.1 * libstdc++6-14.2.0+git10526-150000.1.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1231833 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:31:02 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 01 Nov 2024 16:31:02 -0000 Subject: SUSE-SU-2024:3864-1: important: Security update for apache2 Message-ID: <173047866270.4695.2665984449351109068@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2024:3864-1 Release Date: 2024-11-01T15:06:52Z Rating: important References: * bsc#1228097 Cross-References: * CVE-2024-40725 CVSS scores: * CVE-2024-40725 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-40725 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2024-40725: Fixed source code disclosure of local content (bsc#1228097) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3864=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3864=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3864=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3864=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3864=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-3864=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3864=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3864=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3864=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3864=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3864=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3864=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3864=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3864=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * apache2-worker-debuginfo-2.4.51-150400.6.37.1 * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-devel-2.4.51-150400.6.37.1 * apache2-example-pages-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-event-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-worker-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * apache2-event-debuginfo-2.4.51-150400.6.37.1 * openSUSE Leap 15.4 (noarch) * apache2-doc-2.4.51-150400.6.37.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.37.1 * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-devel-2.4.51-150400.6.37.1 * apache2-example-pages-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-event-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-worker-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * apache2-event-debuginfo-2.4.51-150400.6.37.1 * openSUSE Leap 15.5 (noarch) * apache2-doc-2.4.51-150400.6.37.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-event-debuginfo-2.4.51-150400.6.37.1 * apache2-event-2.4.51-150400.6.37.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-devel-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-worker-2.4.51-150400.6.37.1 * Server Applications Module 15-SP5 (noarch) * apache2-doc-2.4.51-150400.6.37.1 * Server Applications Module 15-SP6 (noarch) * apache2-doc-2.4.51-150400.6.37.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.37.1 * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-devel-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-worker-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.37.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.37.1 * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-devel-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-worker-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.37.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.37.1 * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-devel-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-worker-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * apache2-doc-2.4.51-150400.6.37.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.37.1 * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-devel-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-worker-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.37.1 * SUSE Manager Proxy 4.3 (x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.37.1 * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-devel-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-worker-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * SUSE Manager Proxy 4.3 (noarch) * apache2-doc-2.4.51-150400.6.37.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.37.1 * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-devel-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-worker-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.37.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * apache2-worker-debuginfo-2.4.51-150400.6.37.1 * apache2-prefork-2.4.51-150400.6.37.1 * apache2-debugsource-2.4.51-150400.6.37.1 * apache2-devel-2.4.51-150400.6.37.1 * apache2-debuginfo-2.4.51-150400.6.37.1 * apache2-utils-debuginfo-2.4.51-150400.6.37.1 * apache2-2.4.51-150400.6.37.1 * apache2-prefork-debuginfo-2.4.51-150400.6.37.1 * apache2-worker-2.4.51-150400.6.37.1 * apache2-utils-2.4.51-150400.6.37.1 * SUSE Manager Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.37.1 ## References: * https://www.suse.com/security/cve/CVE-2024-40725.html * https://bugzilla.suse.com/show_bug.cgi?id=1228097 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 1 16:31:06 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 01 Nov 2024 16:31:06 -0000 Subject: SUSE-SU-2024:3863-1: critical: Security update for cups-filters Message-ID: <173047866670.4695.11196798617335825998@smelt2.prg2.suse.org> # Security update for cups-filters Announcement ID: SUSE-SU-2024:3863-1 Release Date: 2024-11-01T15:05:23Z Rating: critical References: * bsc#1230937 * bsc#1231294 Cross-References: * CVE-2024-47076 * CVE-2024-47850 CVSS scores: * CVE-2024-47076 ( SUSE ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H * CVE-2024-47076 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-47076 ( NVD ): 8.6 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N * CVE-2024-47850 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H * CVE-2024-47850 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H * CVE-2024-47850 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for cups-filters fixes the following issues: * CVE-2024-47850: cups-browsed can be abused to initiate remote DDoS against third-party targets (bsc#1231294) * CVE-2024-47076: Fixed lack of input sanitization in cfGetPrinterAttributes5 (bsc#1230937). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3863=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3863=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3863=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3863=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3863=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3863=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3863=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3863=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3863=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3863=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3863=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3863=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3863=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3863=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3863=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3863=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3863=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3863=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3863=1 ## Package List: * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Manager Proxy 4.3 (x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * cups-filters-devel-1.25.0-150200.3.19.2 * cups-filters-debugsource-1.25.0-150200.3.19.2 * cups-filters-debuginfo-1.25.0-150200.3.19.2 * cups-filters-1.25.0-150200.3.19.2 ## References: * https://www.suse.com/security/cve/CVE-2024-47076.html * https://www.suse.com/security/cve/CVE-2024-47850.html * https://bugzilla.suse.com/show_bug.cgi?id=1230937 * https://bugzilla.suse.com/show_bug.cgi?id=1231294 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 4 12:30:14 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 04 Nov 2024 12:30:14 -0000 Subject: SUSE-RU-2024:3897-1: moderate: Recommended update for shadow Message-ID: <173072341401.14191.13428974192399723239@smelt2.prg2.suse.org> # Recommended update for shadow Announcement ID: SUSE-RU-2024:3897-1 Release Date: 2024-11-04T11:09:24Z Rating: moderate References: * bsc#1228337 * bsc#1230972 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has two fixes can now be installed. ## Description: This update for shadow fixes the following issues: * Add useradd warnings when requested UID is outside the default range (bsc#1230972) * Chage -d date vs passwd -S output is off by one (bsc#1228337) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3897=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3897=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3897=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3897=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3897=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3897=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3897=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3897=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3897=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3897=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3897=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3897=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3897=1 ## Package List: * openSUSE Leap 15.4 (noarch) * login_defs-4.8.1-150400.10.24.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * openSUSE Leap 15.5 (noarch) * login_defs-4.8.1-150400.10.24.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * login_defs-4.8.1-150400.10.24.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * login_defs-4.8.1-150400.10.24.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * Basesystem Module 15-SP5 (noarch) * login_defs-4.8.1-150400.10.24.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * login_defs-4.8.1-150400.10.24.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * login_defs-4.8.1-150400.10.24.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * login_defs-4.8.1-150400.10.24.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * login_defs-4.8.1-150400.10.24.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * login_defs-4.8.1-150400.10.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * SUSE Manager Proxy 4.3 (noarch) * login_defs-4.8.1-150400.10.24.1 * SUSE Manager Proxy 4.3 (x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * login_defs-4.8.1-150400.10.24.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * SUSE Manager Server 4.3 (noarch) * login_defs-4.8.1-150400.10.24.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1228337 * https://bugzilla.suse.com/show_bug.cgi?id=1230972 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 4 12:30:30 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 04 Nov 2024 12:30:30 -0000 Subject: SUSE-RU-2024:3891-1: moderate: Recommended update for libkdumpfile Message-ID: <173072343024.14191.5331781401426905931@smelt2.prg2.suse.org> # Recommended update for libkdumpfile Announcement ID: SUSE-RU-2024:3891-1 Release Date: 2024-11-04T09:37:00Z Rating: moderate References: * bsc#1223399 * bsc#1231429 Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has two fixes can now be installed. ## Description: This update for libkdumpfile fixes the following issues: * support for zstd compression (bsc#1231429). * add support for flattened dump files (bsc#1223399). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3891=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3891=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3891=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3891=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3891=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3891=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3891=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3891=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3891=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3891=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3891=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3891=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3891=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * python3-libkdumpfile-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * python3-libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * python3-libkdumpfile-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * python3-libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * python3-libkdumpfile-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * python3-libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * SUSE Manager Proxy 4.3 (x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1223399 * https://bugzilla.suse.com/show_bug.cgi?id=1231429 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 4 12:30:34 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 04 Nov 2024 12:30:34 -0000 Subject: SUSE-RU-2024:3890-1: moderate: Recommended update for wget Message-ID: <173072343426.14191.261784963127632029@smelt2.prg2.suse.org> # Recommended update for wget Announcement ID: SUSE-RU-2024:3890-1 Release Date: 2024-11-04T09:15:16Z Rating: moderate References: * bsc#1204720 * bsc#1231661 Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has two fixes can now be installed. ## Description: This update for wget fixes the following issues: * wget incorrectly truncates long filenames (bsc#1231661). * wget dies writing too long filenames (bsc#1204720). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3890=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3890=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3890=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3890=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3890=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3890=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3890=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3890=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3890=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3890=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3890=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3890=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3890=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3890=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3890=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3890=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3890=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3890=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * openSUSE Leap 15.5 (noarch) * wget-lang-1.20.3-150000.3.23.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Manager Proxy 4.3 (x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1204720 * https://bugzilla.suse.com/show_bug.cgi?id=1231661 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 4 16:30:38 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 04 Nov 2024 16:30:38 -0000 Subject: SUSE-RU-2024:3902-1: moderate: Recommended update for shim Message-ID: <173073783835.28253.10092914629093239041@smelt2.prg2.suse.org> # Recommended update for shim Announcement ID: SUSE-RU-2024:3902-1 Release Date: 2024-11-04T12:16:29Z Rating: moderate References: * bsc#1210382 * bsc#1230316 Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has two fixes can now be installed. ## Description: This update for shim fixes the following issues: * Update shim-install to apply the missing fix for openSUSE Leap (bsc#1210382) * Update shim-install to use the 'removable' way for SL-Micro (bsc#1230316) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3902=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3902=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3902=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3902=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3902=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3902=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3902=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3902=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3902=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3902=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3902=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3902=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3902=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3902=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3902=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3902=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3902=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3902=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3902=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3902=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3902=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3902=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3902=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3902=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3902=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3902=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Manager Proxy 4.3 (x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Manager Server 4.3 (x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * openSUSE Leap 15.3 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * openSUSE Leap Micro 5.5 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * openSUSE Leap 15.5 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * openSUSE Leap 15.6 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * Basesystem Module 15-SP5 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * Basesystem Module 15-SP6 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1210382 * https://bugzilla.suse.com/show_bug.cgi?id=1230316 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 4 20:30:07 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 04 Nov 2024 20:30:07 -0000 Subject: SUSE-RU-2024:3909-1: moderate: Recommended update for open-vm-tools Message-ID: <173075220786.14191.16667459927028206655@smelt2.prg2.suse.org> # Recommended update for open-vm-tools Announcement ID: SUSE-RU-2024:3909-1 Release Date: 2024-11-04T18:46:24Z Rating: moderate References: * bsc#1231826 Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for open-vm-tools fixes the following issues: * convert to obs_scm * Version update 12.5.0 (bsc#1231826). There are no new features in the open- vm-tools 12.5.0 release. This is primarily a maintenance release for updating NetworkManager calls in suspend/resume scripts. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3909=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3909=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3909=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3909=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3909=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3909=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3909=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3909=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3909=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-3909=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3909=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3909=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3909=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3909=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3909=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3909=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3909=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3909=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3909=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3909=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3909=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3909=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3909=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3909=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3909=1 ## Package List: * openSUSE Leap 15.3 (aarch64 x86_64 i586) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * openSUSE Leap 15.3 (x86_64) * open-vm-tools-salt-minion-12.5.0-150300.55.3 * openSUSE Leap Micro 5.5 (x86_64) * open-vm-tools-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * openSUSE Leap 15.5 (aarch64 x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * openSUSE Leap 15.5 (x86_64) * open-vm-tools-salt-minion-12.5.0-150300.55.3 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * open-vm-tools-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Micro 5.3 (x86_64) * open-vm-tools-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * open-vm-tools-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Micro 5.4 (x86_64) * open-vm-tools-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Micro 5.5 (x86_64) * open-vm-tools-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * Basesystem Module 15-SP5 (aarch64 x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * Basesystem Module 15-SP5 (x86_64) * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-salt-minion-12.5.0-150300.55.3 * Desktop Applications Module 15-SP5 (aarch64 x86_64) * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-salt-minion-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * open-vm-tools-salt-minion-12.5.0-150300.55.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * open-vm-tools-salt-minion-12.5.0-150300.55.3 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-salt-minion-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-salt-minion-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * open-vm-tools-salt-minion-12.5.0-150300.55.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-salt-minion-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-salt-minion-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Manager Proxy 4.3 (x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-salt-minion-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Manager Retail Branch Server 4.3 (x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-salt-minion-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Manager Server 4.3 (x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-salt-minion-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Enterprise Storage 7.1 (x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-salt-minion-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Micro 5.1 (x86_64) * open-vm-tools-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Micro 5.2 (x86_64) * open-vm-tools-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * open-vm-tools-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1231826 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 4 20:30:13 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 04 Nov 2024 20:30:13 -0000 Subject: SUSE-RU-2024:3906-1: moderate: Recommended update for numatop Message-ID: <173075221348.14191.6899853451900767443@smelt2.prg2.suse.org> # Recommended update for numatop Announcement ID: SUSE-RU-2024:3906-1 Release Date: 2024-11-04T16:30:48Z Rating: moderate References: * jsc#PED-10899 * jsc#PED-9887 Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains two features can now be installed. ## Description: This update for numatop fixes the following issues: * numatop fix for building with recent gcc * Support for Power11 processors (jsc#PED-9887, jsc#PED-10899) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3906=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3906=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3906=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3906=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3906=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3906=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3906=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3906=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3906=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3906=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3906=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3906=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3906=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3906=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3906=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3906=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3906=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3906=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3906=1 ## Package List: * openSUSE Leap 15.5 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * openSUSE Leap 15.6 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * Basesystem Module 15-SP5 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * Basesystem Module 15-SP6 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Manager Proxy 4.3 (x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Manager Server 4.3 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Enterprise Storage 7.1 (x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 ## References: * https://jira.suse.com/browse/PED-10899 * https://jira.suse.com/browse/PED-9887 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Nov 5 16:30:05 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Tue, 05 Nov 2024 16:30:05 -0000 Subject: SUSE-OU-2024:0801-2: low: Optional update for grpc Message-ID: <173082420594.14191.1895084644462453406@smelt2.prg2.suse.org> # Optional update for grpc Announcement ID: SUSE-OU-2024:0801-2 Release Date: 2024-11-05T13:14:46Z Rating: low References: * bsc#1220732 Affected Products: * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for grpc fixes the following issue: * Add grpc-devel packages (bsc#1220732). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-801=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-801=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-801=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-801=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-801=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-801=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-801=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-801=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libgrpc++1_60-1.60.0-150400.8.5.2 * libre2-11-20240201-150400.9.5.1 * libgrpc++1_60-debuginfo-1.60.0-150400.8.5.2 * grpc-debuginfo-1.60.0-150400.8.5.2 * libgrpc1_60-debuginfo-1.60.0-150400.8.5.2 * grpc-debugsource-1.60.0-150400.8.5.2 * libgrpc37-debuginfo-1.60.0-150400.8.5.2 * libgrpc37-1.60.0-150400.8.5.2 * re2-devel-20240201-150400.9.5.1 * libupb37-1.60.0-150400.8.5.2 * grpc-devel-1.60.0-150400.8.5.2 * libgrpc1_60-1.60.0-150400.8.5.2 * re2-debugsource-20240201-150400.9.5.1 * libre2-11-debuginfo-20240201-150400.9.5.1 * libupb37-debuginfo-1.60.0-150400.8.5.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libgrpc++1_60-1.60.0-150400.8.5.2 * libre2-11-20240201-150400.9.5.1 * libgrpc++1_60-debuginfo-1.60.0-150400.8.5.2 * grpc-debuginfo-1.60.0-150400.8.5.2 * libgrpc1_60-debuginfo-1.60.0-150400.8.5.2 * grpc-debugsource-1.60.0-150400.8.5.2 * libgrpc37-debuginfo-1.60.0-150400.8.5.2 * libgrpc37-1.60.0-150400.8.5.2 * re2-devel-20240201-150400.9.5.1 * libupb37-1.60.0-150400.8.5.2 * grpc-devel-1.60.0-150400.8.5.2 * libgrpc1_60-1.60.0-150400.8.5.2 * re2-debugsource-20240201-150400.9.5.1 * libre2-11-debuginfo-20240201-150400.9.5.1 * libupb37-debuginfo-1.60.0-150400.8.5.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libgrpc++1_60-1.60.0-150400.8.5.2 * libre2-11-20240201-150400.9.5.1 * libgrpc++1_60-debuginfo-1.60.0-150400.8.5.2 * grpc-debuginfo-1.60.0-150400.8.5.2 * libgrpc1_60-debuginfo-1.60.0-150400.8.5.2 * grpc-debugsource-1.60.0-150400.8.5.2 * libgrpc37-debuginfo-1.60.0-150400.8.5.2 * libgrpc37-1.60.0-150400.8.5.2 * re2-devel-20240201-150400.9.5.1 * libupb37-1.60.0-150400.8.5.2 * grpc-devel-1.60.0-150400.8.5.2 * libgrpc1_60-1.60.0-150400.8.5.2 * re2-debugsource-20240201-150400.9.5.1 * libre2-11-debuginfo-20240201-150400.9.5.1 * libupb37-debuginfo-1.60.0-150400.8.5.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libgrpc++1_60-1.60.0-150400.8.5.2 * libre2-11-20240201-150400.9.5.1 * libgrpc++1_60-debuginfo-1.60.0-150400.8.5.2 * grpc-debuginfo-1.60.0-150400.8.5.2 * libgrpc1_60-debuginfo-1.60.0-150400.8.5.2 * grpc-debugsource-1.60.0-150400.8.5.2 * libgrpc37-debuginfo-1.60.0-150400.8.5.2 * libgrpc37-1.60.0-150400.8.5.2 * re2-devel-20240201-150400.9.5.1 * libupb37-1.60.0-150400.8.5.2 * grpc-devel-1.60.0-150400.8.5.2 * libgrpc1_60-1.60.0-150400.8.5.2 * re2-debugsource-20240201-150400.9.5.1 * libre2-11-debuginfo-20240201-150400.9.5.1 * libupb37-debuginfo-1.60.0-150400.8.5.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libgrpc++1_60-1.60.0-150400.8.5.2 * libre2-11-20240201-150400.9.5.1 * libgrpc++1_60-debuginfo-1.60.0-150400.8.5.2 * grpc-debuginfo-1.60.0-150400.8.5.2 * libgrpc1_60-debuginfo-1.60.0-150400.8.5.2 * grpc-debugsource-1.60.0-150400.8.5.2 * libgrpc37-debuginfo-1.60.0-150400.8.5.2 * libgrpc37-1.60.0-150400.8.5.2 * re2-devel-20240201-150400.9.5.1 * libupb37-1.60.0-150400.8.5.2 * grpc-devel-1.60.0-150400.8.5.2 * libgrpc1_60-1.60.0-150400.8.5.2 * re2-debugsource-20240201-150400.9.5.1 * libre2-11-debuginfo-20240201-150400.9.5.1 * libupb37-debuginfo-1.60.0-150400.8.5.2 * SUSE Manager Proxy 4.3 (x86_64) * libgrpc++1_60-1.60.0-150400.8.5.2 * libgrpc++1_60-debuginfo-1.60.0-150400.8.5.2 * libgrpc1_60-debuginfo-1.60.0-150400.8.5.2 * libgrpc37-debuginfo-1.60.0-150400.8.5.2 * libgrpc37-1.60.0-150400.8.5.2 * libupb37-1.60.0-150400.8.5.2 * libgrpc1_60-1.60.0-150400.8.5.2 * libre2-11-20240201-150400.9.5.1 * re2-debugsource-20240201-150400.9.5.1 * libre2-11-debuginfo-20240201-150400.9.5.1 * libupb37-debuginfo-1.60.0-150400.8.5.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libgrpc++1_60-1.60.0-150400.8.5.2 * libgrpc++1_60-debuginfo-1.60.0-150400.8.5.2 * libgrpc1_60-debuginfo-1.60.0-150400.8.5.2 * libgrpc37-debuginfo-1.60.0-150400.8.5.2 * libgrpc37-1.60.0-150400.8.5.2 * libupb37-1.60.0-150400.8.5.2 * libgrpc1_60-1.60.0-150400.8.5.2 * libre2-11-20240201-150400.9.5.1 * re2-debugsource-20240201-150400.9.5.1 * libre2-11-debuginfo-20240201-150400.9.5.1 * libupb37-debuginfo-1.60.0-150400.8.5.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libgrpc++1_60-1.60.0-150400.8.5.2 * libgrpc++1_60-debuginfo-1.60.0-150400.8.5.2 * libgrpc1_60-debuginfo-1.60.0-150400.8.5.2 * libgrpc37-debuginfo-1.60.0-150400.8.5.2 * libgrpc37-1.60.0-150400.8.5.2 * libupb37-1.60.0-150400.8.5.2 * libgrpc1_60-1.60.0-150400.8.5.2 * libre2-11-20240201-150400.9.5.1 * re2-debugsource-20240201-150400.9.5.1 * libre2-11-debuginfo-20240201-150400.9.5.1 * libupb37-debuginfo-1.60.0-150400.8.5.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1220732 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Nov 5 16:30:07 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Tue, 05 Nov 2024 16:30:07 -0000 Subject: SUSE-RU-2024:3914-1: moderate: Recommended update for protobuf Message-ID: <173082420756.14191.5345179346959752530@smelt2.prg2.suse.org> # Recommended update for protobuf Announcement ID: SUSE-RU-2024:3914-1 Release Date: 2024-11-05T12:37:04Z Rating: moderate References: * jsc#PED-3967 Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Development Tools Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * Public Cloud Module 15-SP2 * Public Cloud Module 15-SP3 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.1 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.1 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that contains one feature can now be installed. ## Description: This update for protobuf fixes the following issues: * Build the java part with maven, so that we create artifacts that correspond to upstream distributed ones. * Add maven artifact metadata to the protoc binary * Package also the bom and pom artifacts ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3914=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3914=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3914=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3914=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3914=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3914=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3914=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3914=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-3914=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3914=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3914=1 * Public Cloud Module 15-SP2 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2024-3914=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2024-3914=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-3914=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-3914=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-3914=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-3914=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3914=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3914=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3914=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3914=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libprotobuf20-debuginfo-3.9.2-150200.4.24.1 * libprotobuf20-3.9.2-150200.4.24.1 * libprotobuf-lite20-debuginfo-3.9.2-150200.4.24.1 * libprotoc20-3.9.2-150200.4.24.1 * libprotoc20-debuginfo-3.9.2-150200.4.24.1 * python3-protobuf-3.9.2-150200.4.24.1 * libprotobuf-lite20-3.9.2-150200.4.24.1 * openSUSE Leap 15.5 (x86_64) * libprotoc20-32bit-debuginfo-3.9.2-150200.4.24.1 * libprotobuf20-32bit-3.9.2-150200.4.24.1 * libprotoc20-32bit-3.9.2-150200.4.24.1 * libprotobuf20-32bit-debuginfo-3.9.2-150200.4.24.1 * libprotobuf-lite20-32bit-3.9.2-150200.4.24.1 * libprotobuf-lite20-32bit-debuginfo-3.9.2-150200.4.24.1 * openSUSE Leap 15.5 (noarch) * protobuf-source-3.9.2-150200.4.24.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libprotobuf-lite20-debuginfo-3.9.2-150200.4.24.1 * protobuf-debugsource-3.9.2-150200.4.24.1 * libprotobuf-lite20-3.9.2-150200.4.24.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libprotobuf-lite20-debuginfo-3.9.2-150200.4.24.1 * protobuf-debugsource-3.9.2-150200.4.24.1 * libprotobuf-lite20-3.9.2-150200.4.24.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libprotobuf-lite20-debuginfo-3.9.2-150200.4.24.1 * protobuf-debugsource-3.9.2-150200.4.24.1 * libprotobuf-lite20-3.9.2-150200.4.24.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libprotobuf-lite20-debuginfo-3.9.2-150200.4.24.1 * protobuf-debugsource-3.9.2-150200.4.24.1 * libprotobuf-lite20-3.9.2-150200.4.24.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libprotobuf-lite20-debuginfo-3.9.2-150200.4.24.1 * libprotobuf-lite20-3.9.2-150200.4.24.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libprotobuf-lite20-debuginfo-3.9.2-150200.4.24.1 * libprotobuf20-debuginfo-3.9.2-150200.4.24.1 * libprotobuf20-3.9.2-150200.4.24.1 * libprotobuf-lite20-3.9.2-150200.4.24.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * protobuf-debugsource-3.9.2-150200.4.24.1 * libprotobuf20-debuginfo-3.9.2-150200.4.24.1 * libprotobuf20-3.9.2-150200.4.24.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libprotoc20-debuginfo-3.9.2-150200.4.24.1 * libprotoc20-3.9.2-150200.4.24.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * python2-protobuf-3.9.2-150200.4.24.1 * python3-protobuf-3.9.2-150200.4.24.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * protobuf-debugsource-3.9.2-150200.4.24.1 * python3-protobuf-3.9.2-150200.4.24.1 * Public Cloud Module 15-SP2 (aarch64 ppc64le s390x x86_64) * python3-protobuf-3.9.2-150200.4.24.1 * Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64) * protobuf-debugsource-3.9.2-150200.4.24.1 * python3-protobuf-3.9.2-150200.4.24.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * python3-protobuf-3.9.2-150200.4.24.1 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python3-protobuf-3.9.2-150200.4.24.1 * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64) * protobuf-debugsource-3.9.2-150200.4.24.1 * python3-protobuf-3.9.2-150200.4.24.1 * SUSE Manager Server 4.3 Module 4.3 (aarch64 ppc64le s390x x86_64) * protobuf-debugsource-3.9.2-150200.4.24.1 * SUSE Manager Server 4.3 Module 4.3 (noarch) * protobuf-java-3.9.2-150200.4.24.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libprotobuf-lite20-3.9.2-150200.4.24.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libprotobuf-lite20-debuginfo-3.9.2-150200.4.24.1 * protobuf-debugsource-3.9.2-150200.4.24.1 * libprotobuf-lite20-3.9.2-150200.4.24.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libprotobuf-lite20-debuginfo-3.9.2-150200.4.24.1 * protobuf-debugsource-3.9.2-150200.4.24.1 * libprotobuf-lite20-3.9.2-150200.4.24.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * libprotobuf-lite20-debuginfo-3.9.2-150200.4.24.1 * libprotobuf-lite20-3.9.2-150200.4.24.1 ## References: * https://jira.suse.com/browse/PED-3967 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 6 12:30:14 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Wed, 06 Nov 2024 12:30:14 -0000 Subject: SUSE-SU-2024:3926-1: moderate: Security update for curl Message-ID: <173089621455.14191.13138806821571491937@smelt2.prg2.suse.org> # Security update for curl Announcement ID: SUSE-SU-2024:3926-1 Release Date: 2024-11-06T10:16:06Z Rating: moderate References: * bsc#1232528 Cross-References: * CVE-2024-9681 CVSS scores: * CVE-2024-9681 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-9681 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for curl fixes the following issues: * CVE-2024-9681: Fixed HSTS subdomain overwrites parent cache entry (bsc#1232528) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3926=1 SUSE-SLE- INSTALLER-15-SP4-2024-3926=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3926=1 SUSE- SLE-INSTALLER-15-SP4-2024-3926=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3926=1 SUSE-SLE-INSTALLER-15-SP4-2024-3926=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3926=1 SUSE- SLE-INSTALLER-15-SP4-2024-3926=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3926=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3926=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3926=1 * SUSE Linux Enterprise High Performance Computing 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3926=1 * SUSE Linux Enterprise Server 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3926=1 * SUSE Linux Enterprise Desktop 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3926=1 * SUSE Linux Enterprise High Performance Computing 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3926=1 * SUSE Linux Enterprise Server 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3926=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3926=1 * SUSE Linux Enterprise Desktop 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3926=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3926=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3926=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3926=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3926=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3926=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3926=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3926=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3926=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3926=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3926=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * SUSE Manager Proxy 4.3 (x86_64) * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * libcurl4-32bit-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * libcurl4-32bit-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Manager Server 4.3 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * openSUSE Leap 15.4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-32bit-8.0.1-150400.5.56.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libcurl4-64bit-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-64bit-8.0.1-150400.5.56.1 * libcurl4-64bit-8.0.1-150400.5.56.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * openSUSE Leap 15.5 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-32bit-8.0.1-150400.5.56.1 * SUSE Linux Enterprise High Performance Computing 15 SP4 (aarch64 x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Server 15 SP4 (aarch64 ppc64le s390x x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Desktop 15 SP4 (x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise High Performance Computing 15 SP5 (aarch64 x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Server 15 SP5 (aarch64 ppc64le s390x x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Desktop 15 SP5 (x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * Basesystem Module 15-SP5 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * libcurl4-32bit-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9681.html * https://bugzilla.suse.com/show_bug.cgi?id=1232528 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 7 08:30:30 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Thu, 07 Nov 2024 08:30:30 -0000 Subject: SUSE-RU-2024:3930-1: important: Recommended update for wicked Message-ID: <173096823049.6835.7595979686901674544@smelt2.prg2.suse.org> # Recommended update for wicked Announcement ID: SUSE-RU-2024:3930-1 Release Date: 2024-11-07T05:11:40Z Rating: important References: * bsc#1229555 * bsc#1229745 * bsc#1230911 * bsc#1231060 * jsc#PED-10855 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature and has four fixes can now be installed. ## Description: This update for wicked fixes the following issues: * Update to version 0.6.77 * compat-suse: use iftype in sysctl handling (bsc#1230911) * Always generate the ipv4/ipv6 true|false node * Inherit all, default and interface sysctl settings also for loopback, except for use_tempaddr and accept_dad * Consider only interface specific accept_redirects sysctl settings * Adopt ifsysctl(5) manual page with wicked specific behavior * route: fix family and destination processing (bsc#1231060) * man: improve wicked-config(5) file description * dhcp4: add ignore-rfc3927-1-6 wicked-config(5) option * team: set arp link watcher interval default to 1s * systemd: use `BindsTo=dbus.service` in favor of `Requisite=` (bsc#1229745) * compat-suse: fix use of deprecated `INTERFACETYPE=dummy` (bsc#1229555) * arp: don't set target broadcast hardware address * dbus: don't memcpy empty/NULL array value * ethtool: fix leak and free pause data in ethtool_free ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3930=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3930=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3930=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3930=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3930=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3930=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3930=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3930=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3930=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3930=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3930=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3930=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3930=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Manager Proxy 4.3 (x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1229555 * https://bugzilla.suse.com/show_bug.cgi?id=1229745 * https://bugzilla.suse.com/show_bug.cgi?id=1230911 * https://bugzilla.suse.com/show_bug.cgi?id=1231060 * https://jira.suse.com/browse/PED-10855 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 7 12:30:20 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Thu, 07 Nov 2024 12:30:20 -0000 Subject: SUSE-SU-2024:3941-1: important: Security update for ghostscript Message-ID: <173098262060.14367.13083837606739630357@smelt2.prg2.suse.org> # Security update for ghostscript Announcement ID: SUSE-SU-2024:3941-1 Release Date: 2024-11-07T10:11:36Z Rating: important References: * bsc#1232265 * bsc#1232267 * bsc#1232269 * bsc#1232270 Cross-References: * CVE-2024-46951 * CVE-2024-46953 * CVE-2024-46955 * CVE-2024-46956 CVSS scores: * CVE-2024-46951 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-46953 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-46955 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-46956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities can now be installed. ## Description: This update for ghostscript fixes the following issues: * CVE-2024-46951: Fixed arbitrary code execution via unchecked "Implementation" pointer in "Pattern" color space (bsc#1232265). * CVE-2024-46953: Fixed integer overflow when parsing the page format results in path truncation, path traversal, code execution (bsc#1232267). * CVE-2024-46956: Fixed arbitrary code execution via out of bounds data access in filenameforall (bsc#1232270). * CVE-2024-46955: Fixed out of bounds read when reading color in "Indexed" color space (bsc#1232269). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3941=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3941=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3941=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3941=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3941=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3941=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3941=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3941=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3941=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3941=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3941=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3941=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3941=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3941=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3941=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3941=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3941=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3941=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3941=1 ## Package List: * SUSE Manager Retail Branch Server 4.3 (x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Manager Proxy 4.3 (x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 ## References: * https://www.suse.com/security/cve/CVE-2024-46951.html * https://www.suse.com/security/cve/CVE-2024-46953.html * https://www.suse.com/security/cve/CVE-2024-46955.html * https://www.suse.com/security/cve/CVE-2024-46956.html * https://bugzilla.suse.com/show_bug.cgi?id=1232265 * https://bugzilla.suse.com/show_bug.cgi?id=1232267 * https://bugzilla.suse.com/show_bug.cgi?id=1232269 * https://bugzilla.suse.com/show_bug.cgi?id=1232270 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 11 08:30:11 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 11 Nov 2024 08:30:11 -0000 Subject: SUSE-SU-2024:3963-1: moderate: Security update for java-17-openjdk Message-ID: <173131381187.5045.6267604350823179614@smelt2.prg2.suse.org> # Security update for java-17-openjdk Announcement ID: SUSE-SU-2024:3963-1 Release Date: 2024-11-09T16:39:43Z Rating: moderate References: * bsc#1231702 * bsc#1231711 * bsc#1231716 * bsc#1231719 Cross-References: * CVE-2024-21208 * CVE-2024-21210 * CVE-2024-21217 * CVE-2024-21235 CVSS scores: * CVE-2024-21208 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-21208 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21208 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21210 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-21210 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21210 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21217 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-21217 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21217 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21235 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-21235 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21235 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Legacy Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities can now be installed. ## Description: This update for java-17-openjdk fixes the following issues: * Update to upstream tag jdk-17.0.13+11 (October 2024 CPU) * Security fixes * JDK-8307383: Enhance DTLS connections * JDK-8290367, JDK-8332643: Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property * JDK-8328286, CVE-2024-21208, bsc#1231702: Enhance HTTP client * JDK-8328544, CVE-2024-21210, bsc#1231711: Improve handling of vectorization * JDK-8328726: Better Kerberos support * JDK-8331446, CVE-2024-21217, bsc#1231716: Improve deserialization support * JDK-8332644, CVE-2024-21235, bsc#1231719: Improve graph optimizations * JDK-8335713: Enhance vectorization analysis * Other changes * JDK-7022325: TEST_BUG: test/java/util/zip/ZipFile/ /ReadLongZipFileName.java leaks files if it fails * JDK-7026262: HttpServer: improve handling of finished HTTP exchanges * JDK-7124313: [macosx] Swing Popups should overlap taskbar * JDK-8005885: enhance PrintCodeCache to print more data * JDK-8051959: Add thread and timestamp options to java.security.debug system property * JDK-8170817: G1: Returning MinTLABSize from unsafe_max_tlab_alloc causes TLAB flapping * JDK-8183227: read/write APIs in class os shall return ssize_t * JDK-8193547: Regression automated test '/open/test/jdk/java/ /awt/Toolkit/DesktopProperties/rfe4758438.java' fails * JDK-8222884: ConcurrentClassDescLookup.java times out intermittently * JDK-8233725: ProcessTools.startProcess() has output issues when using an OutputAnalyzer at the same time * JDK-8238169: BasicDirectoryModel getDirectories and DoChangeContents.run can deadlock * JDK-8241550: [macOS] SSLSocketImpl/ReuseAddr.java failed due to "BindException: Address already in use" * JDK-8255898: Test java/awt/FileDialog/FilenameFilterTest/ /FilenameFilterTest.java fails on Mac OS * JDK-8256291: RunThese30M fails "assert(_class_unload ? true : ((((JfrTraceIdBits::load(class_loader_klass)) & ((1 << 4) << 8)) != 0))) failed: invariant" * JDK-8257540: javax/swing/JFileChooser/8041694/bug8041694.java failed with "RuntimeException: The selected directory name is not the expected 'd ' but 'D '." * JDK-8259866: two java.util tests failed with "IOException: There is not enough space on the disk" * JDK-8260633: [macos] java/awt/dnd/MouseEventAfterStartDragTest/ /MouseEventAfterStartDragTest.html test failed * JDK-8261433: Better pkcs11 performance for libpkcs11:C_EncryptInit/libpkcs11:C_DecryptInit * JDK-8263031: HttpClient throws Exception if it receives a Push Promise that is too large * JDK-8265919: RunThese30M fails "assert((!(((((JfrTraceIdBits::load(value)) & ((1 << 4) << 8)) != 0))))) failed: invariant" * JDK-8269428: java/util/concurrent/ConcurrentHashMap/ /ToArray.java timed out * JDK-8269657: Test java/nio/channels/DatagramChannel/ /Loopback.java failed: Unexpected message * JDK-8272232: javax/swing/JTable/4275046/bug4275046.java failed with "Expected value in the cell: 'rededited' but found 'redEDITED'." * JDK-8272558: IR Test Framework README misses some flags * JDK-8272777: Clean up remaining AccessController warnings in test library * JDK-8273216: JCMD does not work across container boundaries with Podman * JDK-8273430: Suspicious duplicate condition in java.util.regex.Grapheme#isExcludedSpacingMark * JDK-8273541: Cleaner Thread creates with normal priority instead of MAX_PRIORITY - 2 * JDK-8275851: Deproblemlist open/test/jdk/javax/swing/ /JComponent/6683775/bug6683775.java * JDK-8276660: Scalability bottleneck in java.security.Provider.getService() * JDK-8277042: add test for 8276036 to compiler/codecache * JDK-8279068: IGV: Update to work with JDK 16 and 17 * JDK-8279164: Disable TLS_ECDH_* cipher suites * JDK-8279222: Incorrect legacyMap.get in java.security.Provider after JDK-8276660 * JDK-8279337: The MToolkit is still referenced in a few places * JDK-8279641: Create manual JTReg tests for Swing accessibility * JDK-8279878: java/awt/font/JNICheck/JNICheck.sh test fails on Ubuntu 21.10 * JDK-8280034: ProblemList jdk/jfr/api/consumer/recordingstream/ /TestOnEvent.java on linux-x64 * JDK-8280392: java/awt/Focus/NonFocusableWindowTest/ /NonfocusableOwnerTest.java failed with "RuntimeException: Test failed." * JDK-8280970: Cleanup dead code in java.security.Provider * JDK-8280982: [Wayland] [XWayland] java.awt.Robot taking screenshots * JDK-8280988: [XWayland] Click on title to request focus test failures * JDK-8280990: [XWayland] XTest emulated mouse click does not bring window to front * JDK-8280993: [XWayland] Popup is not closed on click outside of area controlled by XWayland * JDK-8280994: [XWayland] Drag and Drop does not work in java -> wayland app direction * JDK-8281944: JavaDoc throws java.lang.IllegalStateException: ERRONEOUS * JDK-8282354: Remove dependancy of TestHttpServer, HttpTransaction, HttpCallback from open/test/jdk/ tests * JDK-8282526: Default icon is not painted properly * JDK-8283728: jdk.hotspot.agent: Wrong location for RISCV64ThreadContext.java * JDK-8284316: Support accessibility ManualTestFrame.java for non SwingSet tests * JDK-8284585: PushPromiseContinuation test fails intermittently in timeout * JDK-8285497: Add system property for Java SE specification maintenance version * JDK-8288568: Reduce runtime of java.security microbenchmarks * JDK-8289182: NMT: MemTracker::baseline should return void * JDK-8290966: G1: Record number of PLAB filled and number of direct allocations * JDK-8291760: PipelineLeaksFD.java still fails: More or fewer pipes than expected * JDK-8292044: HttpClient doesn't handle 102 or 103 properly * JDK-8292739: Invalid legacy entries may be returned by Provider.getServices() call * JDK-8292948: JEditorPane ignores font-size styles in external linked css-file * JDK-8293862: javax/swing/JFileChooser/8046391/bug8046391.java failed with 'Cannot invoke "java.awt.Image.getWidth(java.awt.image.ImageObserver)" because "retVal" is null' * JDK-8293872: Make runtime/Thread/ThreadCountLimit.java more robust * JDK-8294148: Support JSplitPane for instructions and test UI * JDK-8294691: dynamicArchive/RelativePath.java is running other test case * JDK-8294994: Update Jarsigner and Keytool i18n tests to validate i18n compliance * JDK-8295111: dpkg appears to have problems resolving symbolically linked native libraries * JDK-8296410: HttpClient throws java.io.IOException: no statuscode in response for HTTP2 * JDK-8296812: sprintf is deprecated in Xcode 14 * JDK-8297878: KEM: Implementation * JDK-8298381: Improve handling of session tickets for multiple SSLContexts * JDK-8298596: vmTestbase/nsk/sysdict/vm/stress/chain/chain008/ /chain008.java fails with "NoClassDefFoundError: Could not initialize class java.util.concurrent.ThreadLocalRandom" * JDK-8298809: Clean up vm/compiler/InterfaceCalls JMH * JDK-8299058: AssertionError in sun.net.httpserver.ServerImpl when connection is idle * JDK-8299254: Support dealing with standard assert macro * JDK-8299378: sprintf is deprecated in Xcode 14 * JDK-8299395: Remove metaprogramming/removeCV.hpp * JDK-8299396: Remove metaprogramming/removeExtent.hpp * JDK-8299397: Remove metaprogramming/isFloatingPoint.hpp * JDK-8299398: Remove metaprogramming/isConst.hpp * JDK-8299399: Remove metaprogramming/isArray.hpp * JDK-8299402: Remove metaprogramming/isVolatile.hpp * JDK-8299479: Remove metaprogramming/decay.hpp * JDK-8299481: Remove metaprogramming/removePointer.hpp * JDK-8299482: Remove metaprogramming/isIntegral.hpp * JDK-8299487: Test java/net/httpclient/whitebox/ /SSLTubeTestDriver.java timed out * JDK-8299635: Hotspot update for deprecated sprintf in Xcode 14 * JDK-8299779: Test tools/jpackage/share/jdk/jpackage/tests/ /MainClassTest.java timed out * JDK-8299813: java/nio/channels/DatagramChannel/Disconnect.java fails with jtreg test timeout due to lost datagram * JDK-8299971: Remove metaprogramming/conditional.hpp * JDK-8299972: Remove metaprogramming/removeReference.hpp * JDK-8300169: Build failure with clang-15 * JDK-8300260: Remove metaprogramming/isSame.hpp * JDK-8300264: Remove metaprogramming/isPointer.hpp * JDK-8300265: Remove metaprogramming/isSigned.hpp * JDK-8300806: Update googletest to v1.13.0 * JDK-8300910: Remove metaprogramming/integralConstant.hpp * JDK-8301132: Test update for deprecated sprintf in Xcode 14 * JDK-8301200: Don't scale timeout stress with timeout factor * JDK-8301274: update for deprecated sprintf for security components * JDK-8301279: update for deprecated sprintf for management components * JDK-8301686: TLS 1.3 handshake fails if server_name doesn't match resuming session * JDK-8301704: Shorten the number of GCs in UnloadingTest.java to verify a class loader not being unloaded * JDK-8302495: update for deprecated sprintf for java.desktop * JDK-8302800: Augment NaN handling tests of FDLIBM methods * JDK-8303216: Prefer ArrayList to LinkedList in sun.net.httpserver.ServerImpl * JDK-8303466: C2: failed: malformed control flow. Limit type made precise with MaxL/MinL * JDK-8303527: update for deprecated sprintf for jdk.hotspot.agent * JDK-8303617: update for deprecated sprintf for jdk.jdwp.agent * JDK-8303830: update for deprecated sprintf for jdk.accessibility * JDK-8303891: Speed up Zip64SizeTest using a small ZIP64 file * JDK-8303920: Avoid calling out to python in DataDescriptorSignatureMissing test * JDK-8303942: os::write should write completely * JDK-8303965: java.net.http.HttpClient should reset the stream if response headers contain malformed header fields * JDK-8304375: jdk/jfr/api/consumer/filestream/TestOrdered.java failed with "Expected at least some events to be out of order! Reuse = false" * JDK-8304962: sun/net/www/http/KeepAliveCache/B5045306.java: java.lang.RuntimeException: Failed: Initial Keep Alive Connection is not being reused * JDK-8304963: HttpServer closes connection after processing HEAD after JDK-7026262 * JDK-8305072: Win32ShellFolder2.compareTo is inconsistent * JDK-8305079: Remove finalize() from compiler/c2/Test719030 * JDK-8305081: Remove finalize() from test/hotspot/jtreg/compiler/runtime/Test8168712 * JDK-8305825: getBounds API returns wrong value resulting in multiple Regression Test Failures on Ubuntu 23.04 * JDK-8305959: x86: Improve itable_stub * JDK-8306583: Add JVM crash check in CDSTestUtils.executeAndLog * JDK-8306929: Avoid CleanClassLoaderDataMetaspaces safepoints when previous versions are shared * JDK-8306946: jdk/test/lib/process/ /ProcessToolsStartProcessTest.java fails with "wrong number of lines in OutputAnalyzer output" * JDK-8307091: A few client tests intermittently throw ConcurrentModificationException * JDK-8307193: Several Swing jtreg tests use class.forName on L&F classes * JDK-8307352: AARCH64: Improve itable_stub * JDK-8307448: Test RedefineSharedClassJFR fail due to wrong assumption * JDK-8307779: Relax the java.awt.Robot specification * JDK-8307848: update for deprecated sprintf for jdk.attach * JDK-8307850: update for deprecated sprintf for jdk.jdi * JDK-8308022: update for deprecated sprintf for java.base * JDK-8308144: Uncontrolled memory consumption in SSLFlowDelegate.Reader * JDK-8308184: Launching java with large number of jars in classpath with java.protocol.handler.pkgs system property set can lead to StackOverflowError * JDK-8308801: update for deprecated sprintf for libnet in java.base * JDK-8308891: TestCDSVMCrash.java needs @requires vm.cds * JDK-8309241: ClassForNameLeak fails intermittently as the class loader hasn't been unloaded * JDK-8309621: [XWayland][Screencast] screen capture failure with sun.java2d.uiScale other than 1 * JDK-8309703: AIX build fails after JDK-8280982 * JDK-8309756: Occasional crashes with pipewire screen capture on Wayland * JDK-8309934: Update GitHub Actions to use JDK 17 for building jtreg * JDK-8310070: Test: javax/net/ssl/DTLS/DTLSWontNegotiateV10.java timed out * JDK-8310108: Skip ReplaceCriticalClassesForSubgraphs when EnableJVMCI is specified * JDK-8310201: Reduce verbose locale output in -XshowSettings launcher option * JDK-8310334: [XWayland][Screencast] screen capture error message in debug * JDK-8310628: GcInfoBuilder.c missing JNI Exception checks * JDK-8310683: Refactor StandardCharset/standard.java to use JUnit * JDK-8311208: Improve CDS Support * JDK-8311666: Disabled tests in test/jdk/sun/java2d/marlin * JDK-8312049: runtime/logging/ClassLoadUnloadTest can be improved * JDK-8312140: jdk/jshell tests failed with JDI socket timeouts * JDK-8312229: Crash involving yield, switch and anonymous classes * JDK-8313256: Exclude failing multicast tests on AIX * JDK-8313394: Array Elements in OldObjectSample event has the incorrect description * JDK-8313674: (fc) java/nio/channels/FileChannel/ /BlockDeviceSize.java should test for more block devices * JDK-8313697: [XWayland][Screencast] consequent getPixelColor calls are slow * JDK-8313873: java/nio/channels/DatagramChannel/ /SendReceiveMaxSize.java fails on AIX due to small default RCVBUF size and different IPv6 Header interpretation * JDK-8313901: [TESTBUG] test/hotspot/jtreg/compiler/codecache/ /CodeCacheFullCountTest.java fails with java.lang.VirtualMachineError * JDK-8314476: TestJstatdPortAndServer.java failed with "java.rmi.NoSuchObjectException: no such object in table" * JDK-8314614: jdk/jshell/ImportTest.java failed with "InternalError: Failed remote listen" * JDK-8314837: 5 compiled/codecache tests ignore VM flags * JDK-8315024: Vector API FP reduction tests should not test for exact equality * JDK-8315362: NMT: summary diff reports threads count incorrectly * JDK-8315422: getSoTimeout() would be in try block in SSLSocketImpl * JDK-8315437: Enable parallelism in vmTestbase/nsk/monitoring/stress/classload tests * JDK-8315442: Enable parallelism in vmTestbase/nsk/monitoring/stress/thread tests * JDK-8315559: Delay TempSymbol cleanup to avoid symbol table churn * JDK-8315576: compiler/codecache/CodeCacheFullCountTest.java fails after JDK-8314837 * JDK-8315651: Stop hiding AIX specific multicast socket errors via NetworkConfiguration (aix) * JDK-8315684: Parallelize sun/security/util/math/TestIntegerModuloP.java * JDK-8315774: Enable parallelism in vmTestbase/gc/g1/unloading tests * JDK-8315804: Open source several Swing JTabbedPane JTextArea JTextField tests * JDK-8315936: Parallelize gc/stress/TestStressG1Humongous.java test * JDK-8315965: Open source various AWT applet tests * JDK-8316104: Open source several Swing SplitPane and RadioButton related tests * JDK-8316193: jdk/jfr/event/oldobject/TestListenerLeak.java java.lang.Exception: Could not find leak * JDK-8316211: Open source several manual applet tests * JDK-8316240: Open source several add/remove MenuBar manual tests * JDK-8316285: Opensource JButton manual tests * JDK-8316306: Open source and convert manual Swing test * JDK-8316328: Test jdk/jfr/event/oldobject/ /TestSanityDefault.java times out for some heap sizes * JDK-8316387: Exclude more failing multicast tests on AIX after JDK-8315651 * JDK-8316389: Open source few AWT applet tests * JDK-8316468: os::write incorrectly handles partial write * JDK-8316973: GC: Make TestDisableDefaultGC use createTestJvm * JDK-8317112: Add screenshot for Frame/DefaultSizeTest.java * JDK-8317228: GC: Make TestXXXHeapSizeFlags use createTestJvm * JDK-8317288: [macos] java/awt/Window/Grab/GrabTest.java: Press on the outside area didn't cause ungrab * JDK-8317316: G1: Make TestG1PercentageOptions use createTestJvm * JDK-8317343: GC: Make TestHeapFreeRatio use createTestJvm * JDK-8317358: G1: Make TestMaxNewSize use createTestJvm * JDK-8317360: Missing null checks in JfrCheckpointManager and JfrStringPool initialization routines * JDK-8317372: Refactor some NumberFormat tests to use JUnit * JDK-8317635: Improve GetClassFields test to verify correctness of field order * JDK-8317831: compiler/codecache/CheckLargePages.java fails on OL 8.8 with unexpected memory string * JDK-8318039: GHA: Bump macOS and Xcode versions * JDK-8318089: Class space not marked as such with NMT when CDS is off * JDK-8318474: Fix memory reporter for thread_count * JDK-8318479: [jmh] the test security.CacheBench failed for multiple threads run * JDK-8318605: Enable parallelism in vmTestbase/nsk/stress/stack tests * JDK-8318696: Do not use LFS64 symbols on Linux * JDK-8318986: Improve GenericWaitBarrier performance * JDK-8319103: Popups that request focus are not shown on Linux with Wayland * JDK-8319197: Exclude hb-subset and hb-style from compilation * JDK-8319406: x86: Shorter movptr(reg, imm) for 32-bit immediates * JDK-8319713: Parallel: Remove PSAdaptiveSizePolicy::should_full_GC * JDK-8320079: The ArabicBox.java test has no control buttons * JDK-8320379: C2: Sort spilling/unspilling sequence for better ld/st merging into ldp/stp on AArch64 * JDK-8320602: Lock contention in SchemaDVFactory.getInstance() * JDK-8320608: Many jtreg printing tests are missing the @printer keyword * JDK-8320655: awt screencast robot spin and sync issues with native libpipewire api * JDK-8320692: Null icon returned for .exe without custom icon * JDK-8320945: problemlist tests failing on latest Windows 11 update * JDK-8321025: Enable Neoverse N1 optimizations for Neoverse V2 * JDK-8321176: [Screencast] make a second attempt on screencast failure * JDK-8321220: JFR: RecordedClass reports incorrect modifiers * JDK-8322008: Exclude some CDS tests from running with -Xshare:off * JDK-8322330: JavadocHelperTest.java OOMEs with Parallel GC and ZGC * JDK-8322726: C2: Unloaded signature class kills argument value * JDK-8322971: KEM.getInstance() should check if a 3rd-party security provider is signed * JDK-8323122: AArch64: Increase itable stub size estimate * JDK-8323584: AArch64: Unnecessary ResourceMark in NativeCall::set_destination_mt_safe * JDK-8323670: A few client tests intermittently throw ConcurrentModificationException * JDK-8323801: tag doesn't strikethrough the text * JDK-8324577: [REDO] - [IMPROVE] OPEN_MAX is no longer the max limit on macOS >= 10.6 for RLIMIT_NOFILE * JDK-8324646: Avoid Class.forName in SecureRandom constructor * JDK-8324648: Avoid NoSuchMethodError when instantiating NativePRNG * JDK-8324668: JDWP process management needs more efficient file descriptor handling * JDK-8324753: [AIX] adjust os_posix after JDK-8318696 * JDK-8324755: Enable parallelism in vmTestbase/gc/gctests/LargeObjects tests * JDK-8324933: ConcurrentHashTable::statistics_calculate synchronization is expensive * JDK-8325022: Incorrect error message on client authentication * JDK-8325179: Race in BasicDirectoryModel.validateFileCache * JDK-8325194: GHA: Add macOS M1 testing * JDK-8325384: sun/security/ssl/SSLSessionImpl/ /ResumptionUpdateBoundValues.java failing intermittently when main thread is a virtual thread * JDK-8325444: GHA: JDK-8325194 causes a regression * JDK-8325567: jspawnhelper without args fails with segfault * JDK-8325620: HTMLReader uses ConvertAction instead of specified CharacterAction for , , * JDK-8325621: Improve jspawnhelper version checks * JDK-8325754: Dead AbstractQueuedSynchronizer$ConditionNodes survive minor garbage collections * JDK-8326106: Write and clear stack trace table outside of safepoint * JDK-8326332: Unclosed inline tags cause misalignment in summary tables * JDK-8326446: The User and System of jdk.CPULoad on Apple M1 are inaccurate * JDK-8326734: text-decoration applied to lost when mixed with or * JDK-8327007: javax/swing/JSpinner/8008657/bug8008657.java fails * JDK-8327137: Add test for ConcurrentModificationException in BasicDirectoryModel * JDK-8327312: [17u] Problem list ReflectionCallerCacheTest.java due to 8324978 * JDK-8327424: ProblemList serviceability/sa/TestJmapCore.java on all platforms with ZGC * JDK-8327650: Test java/nio/channels/DatagramChannel/ /StressNativeSignal.java timed out * JDK-8327787: Convert javax/swing/border/Test4129681.java applet test to main * JDK-8327840: Automate javax/swing/border/Test4129681.java * JDK-8328011: Convert java/awt/Frame/GetBoundsResizeTest/ /GetBoundsResizeTest.java applet test to main * JDK-8328075: Shenandoah: Avoid forwarding when objects don't move in full-GC * JDK-8328110: Allow simultaneous use of PassFailJFrame with split UI and additional windows * JDK-8328115: Convert java/awt/font/TextLayout/ /TestJustification.html applet test to main * JDK-8328158: Convert java/awt/Choice/NonFocusablePopupMenuTest to automatic main test * JDK-8328218: Delete test java/awt/Window/FindOwner/FindOwner.html * JDK-8328234: Remove unused nativeUtils files * JDK-8328238: Convert few closed manual applet tests to main * JDK-8328269: NonFocusablePopupMenuTest.java should be marked as headful * JDK-8328273: sun/management/jmxremote/bootstrap/ /RmiRegistrySslTest.java failed with java.rmi.server.ExportException: Port already in use * JDK-8328560: java/awt/event/MouseEvent/ClickDuringKeypress/ /ClickDuringKeypress.java imports Applet * JDK-8328561: test java/awt/Robot/ManualInstructions/ /ManualInstructions.java isn't used * JDK-8328642: Convert applet test MouseDraggedOutCauseScrollingTest.html to main * JDK-8328647: TestGarbageCollectorMXBean.java fails with C1-only and -Xcomp * JDK-8328896: Fontmetrics for large Fonts has zero width * JDK-8328953: JEditorPane.read throws ChangedCharSetException * JDK-8328999: Update GIFlib to 5.2.2 * JDK-8329004: Update Libpng to 1.6.43 * JDK-8329103: assert(!thread->in_asgct()) failed during multi-mode profiling * JDK-8329109: Threads::print_on() tries to print CPU time for terminated GC threads * JDK-8329126: No native wrappers generated anymore with -XX:-TieredCompilation after JDK-8251462 * JDK-8329134: Reconsider TLAB zapping * JDK-8329510: Update ProblemList for JFileChooser/8194044/FileSystemRootTest.java * JDK-8329559: Test javax/swing/JFrame/bug4419914.java failed because The End and Start buttons are not placed correctly and Tab focus does not move as expected * JDK-8329605: hs errfile generic events - move memory protections and nmethod flushes to separate sections * JDK-8329663: hs_err file event log entry for thread adding/removing should print current thread * JDK-8329667: [macos] Issue with JTree related fix for JDK-8317771 * JDK-8329995: Restricted access to `/proc` can cause JFR initialization to crash * JDK-8330063: Upgrade jQuery to 3.7.1 * JDK-8330524: Linux ppc64le compile warning with clang in os_linux_ppc.cpp * JDK-8330611: AES-CTR vector intrinsic may read out of bounds (x86_64, AVX-512) * JDK-8330615: avoid signed integer overflows in zip_util.c readCen / hashN * JDK-8331011: [XWayland] TokenStorage fails under Security Manager * JDK-8331063: Some HttpClient tests don't report leaks * JDK-8331077: nroff man page update for jar tool * JDK-8331164: createJMHBundle.sh download jars fail when url needed to be redirected * JDK-8331265: Bump update version for OpenJDK: jdk-17.0.13 * JDK-8331331: :tier1 target explanation in doc/testing.md is incorrect * JDK-8331466: Problemlist serviceability/dcmd/gc/ /RunFinalizationTest.java on generic-all * JDK-8331605: jdk/test/lib/TestMutuallyExclusivePlatformPredicates.java test failure * JDK-8331746: Create a test to verify that the cmm id is not ignored * JDK-8331798: Remove unused arg of checkErgonomics() in TestMaxHeapSizeTools.java * JDK-8331885: C2: meet between unloaded and speculative types is not symmetric * JDK-8332008: Enable issuestitle check * JDK-8332113: Update nsk.share.Log to be always verbose * JDK-8332174: Remove 2 (unpaired) RLO Unicode characters in ff_Adlm.xml * JDK-8332248: (fc) java/nio/channels/FileChannel/ /BlockDeviceSize.java failed with RuntimeException * JDK-8332424: Update IANA Language Subtag Registry to Version 2024-05-16 * JDK-8332524: Instead of printing "TLSv1.3," it is showing "TLS13" * JDK-8332898: failure_handler: log directory of commands * JDK-8332936: Test vmTestbase/metaspace/gc/watermark_70_80/ /TestDescription.java fails with no GC's recorded * JDK-8333270: HandlersOnComplexResetUpdate and HandlersOnComplexUpdate tests fail with "Unexpected reference" if timeoutFactor is less than 1/3 * JDK-8333353: Delete extra empty line in CodeBlob.java * JDK-8333398: Uncomment the commented test in test/jdk/java/ /util/jar/JarFile/mrjar/MultiReleaseJarAPI.java * JDK-8333477: Delete extra empty spaces in Makefiles * JDK-8333698: [17u] TestJstatdRmiPort fails after JDK-8333667 * JDK-8333716: Shenandoah: Check for disarmed method before taking the nmethod lock * JDK-8333724: Problem list security/infra/java/security/cert/ /CertPathValidator/certification/CAInterop.java #teliasonerarootcav1 * JDK-8333804: java/net/httpclient/ForbiddenHeadTest.java threw an exception with 0 failures * JDK-8334166: Enable binary check * JDK-8334297: (so) java/nio/channels/SocketChannel/OpenLeak.java should not depend on SecurityManager * JDK-8334332: TestIOException.java fails if run by root * JDK-8334333: MissingResourceCauseTestRun.java fails if run by root * JDK-8334335: [TESTBUG] Backport of 8279164 to 11u & 17u includes elements of JDK-8163327 * JDK-8334339: Test java/nio/file/attribute/ /BasicFileAttributeView/CreationTime.java fails on alinux3 * JDK-8334418: Update IANA Language Subtag Registry to Version 2024-06-14 * JDK-8334482: Shenandoah: Deadlock when safepoint is pending during nmethods iteration * JDK-8334600: TEST java/net/MulticastSocket/IPMulticastIF.java fails on linux-aarch64 * JDK-8334653: ISO 4217 Amendment 177 Update * JDK-8334769: Shenandoah: Move CodeCache_lock close to its use in ShenandoahConcurrentNMethodIterator * JDK-8335536: Fix assertion failure in IdealGraphPrinter when append is true * JDK-8335775: Remove extraneous 's' in comment of rawmonitor.cpp test file * JDK-8335808: update for deprecated sprintf for jfrTypeSetUtils * JDK-8335918: update for deprecated sprintf for jvmti * JDK-8335967: "text-decoration: none" does not work with "A" HTML tags * JDK-8336301: test/jdk/java/nio/channels/ /AsyncCloseAndInterrupt.java leaves around a FIFO file upon test completion * JDK-8336928: GHA: Bundle artifacts removal broken * JDK-8337038: Test java/nio/file/attribute/ /BasicFileAttributeView/CreationTime.java shoud set as /native * JDK-8337283: configure.log is truncated when build dir is on different filesystem * JDK-8337664: Distrust TLS server certificates issued after Oct 2024 and anchored by Entrust Root CAs * JDK-8337669: [17u] Backport of JDK-8284047 missed to delete a file * JDK-8338139: {ClassLoading,Memory}MXBean::isVerbose methods are inconsistent with their setVerbose methods * JDK-8338696: (fs) BasicFileAttributes.creationTime() falls back to epoch if birth time is unavailable (Linux) * JDK-8339869: [21u] Test CreationTime.java fails with UnsatisfiedLinkError after 8334339 * JDK-8341057: Add 2 SSL.com TLS roots * JDK-8341059: Change Entrust TLS distrust date to November 12, 2024 * JDK-8341673: [17u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 17.0.13 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3963=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3963=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3963=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3963=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3963=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3963=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3963=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3963=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3963=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3963=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-3963=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3963=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3963=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3963=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * SUSE Manager Proxy 4.3 (x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-jmods-17.0.13.0-150400.3.48.2 * java-17-openjdk-src-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * openSUSE Leap 15.4 (noarch) * java-17-openjdk-javadoc-17.0.13.0-150400.3.48.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-jmods-17.0.13.0-150400.3.48.2 * java-17-openjdk-src-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * openSUSE Leap 15.5 (noarch) * java-17-openjdk-javadoc-17.0.13.0-150400.3.48.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-jmods-17.0.13.0-150400.3.48.2 * java-17-openjdk-src-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * openSUSE Leap 15.6 (noarch) * java-17-openjdk-javadoc-17.0.13.0-150400.3.48.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 ## References: * https://www.suse.com/security/cve/CVE-2024-21208.html * https://www.suse.com/security/cve/CVE-2024-21210.html * https://www.suse.com/security/cve/CVE-2024-21217.html * https://www.suse.com/security/cve/CVE-2024-21235.html * https://bugzilla.suse.com/show_bug.cgi?id=1231702 * https://bugzilla.suse.com/show_bug.cgi?id=1231711 * https://bugzilla.suse.com/show_bug.cgi?id=1231716 * https://bugzilla.suse.com/show_bug.cgi?id=1231719 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 11 08:30:17 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 11 Nov 2024 08:30:17 -0000 Subject: SUSE-SU-2024:3961-1: important: Security update for apache2 Message-ID: <173131381761.5045.16269385932311020592@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2024:3961-1 Release Date: 2024-11-09T16:37:56Z Rating: important References: * bsc#1216423 Cross-References: * CVE-2023-45802 CVSS scores: * CVE-2023-45802 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45802 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2023-45802: HTTP/2 stream memory not reclaimed right away on RST (bsc#1216423). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3961=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3961=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3961=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3961=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3961=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-3961=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3961=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3961=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3961=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3961=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3961=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3961=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3961=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3961=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-example-pages-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-event-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-event-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * openSUSE Leap 15.4 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-example-pages-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-event-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-event-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * openSUSE Leap 15.5 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-event-debuginfo-2.4.51-150400.6.40.1 * apache2-event-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * Server Applications Module 15-SP5 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * Server Applications Module 15-SP6 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Manager Proxy 4.3 (x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Manager Proxy 4.3 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Manager Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.40.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45802.html * https://bugzilla.suse.com/show_bug.cgi?id=1216423 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 11 12:30:09 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 11 Nov 2024 12:30:09 -0000 Subject: SUSE-RU-2024:3971-1: moderate: Recommended update for mojo-parent Message-ID: <173132820950.14191.11146158682674997142@smelt2.prg2.suse.org> # Recommended update for mojo-parent Announcement ID: SUSE-RU-2024:3971-1 Release Date: 2024-11-11T09:30:14Z Rating: moderate References: Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that can now be installed. ## Description: This update for mojo-parent fixes the following issues: xalan-j2 was updated from version 2.7.2 to 2.7.3: * Security issues fixed: * CVE-2022-34169: Fixed integer truncation issue when processing malicious XSLT stylesheets (bsc#1201684) * Changes and Bugs fixed: * Java 8 is now the minimum requirement * Upgraded to Apache Commons BCEL 6.7.0 * Upgraded to Xerces-J 2.12.2 mojo-parent was updated from version 70 to 82: * Main changes: * Potentially Breaking Changes: * mojo.java.target should be set as "8", without "1." * spotless plugin must be executed by JDK 11 at least * ossrh-snapshots repository was removed from parent * New features and improvements: * Removed SHA-512 checksum for source release artifact * Use only project version as tag for release * Added space before close empty elements in poms by spotless * Using Checkstyle together with Spotless * Introduce spotless for automatic code formatting * Introduce enforcer rule for minimal version of Java and Maven * Use new Plugin Tools report - maven-plugin-report-plugin * Added sisu-maven-plugin * Introduced maven.version property * Execute spotless by JDK 11 at least * Use release options for m-compiler-p with newer JDKs * Allow override of invoker.streamLogsOnFailures * Require Maven 3.9.x at least for releases * Added maven-wrapper-plugin to pluginManagement * Removed ossrh-snapshots repository from MojoHaus parent * Added build-helper-maven-plugin to pluginManagement * Require Maven 3.6.3+ * Updated palantirJavaFormat for spotless - JDK 21 compatible * Added dependencyManagement for maven-shade-plugin * Dropped recommendedJavaBuildVersion property * Format Markdown files with Spotless Plugin * Bugs fixed: * Restore source release distribution in child projects * Rename property maven.version to mavenVersion * minimalMavenBuildVersion should not be overriding by mavenVersion * Use simple checkstyle rules since spotless is executed by default * Use old spotless version only for JDK < 11 * Fixed spotless configuration for markdown * Other changes: * Removed Google search box due to privacy * Put version for mrm-maven-plugin in property * Added streamLogsOnFailures to m-invoker-p * Added property for maven-fluido-skin version * Setup Apache Matomo analytics * Require Maven 3.2.5 * Added SHA-512 hashes * Extract plugin version as variable so child pom can override if needed * Removed issue-tracking as no longer exists * Removed cim report as no longer exists bcel was updated from version 5.2 to 6.10: * Many APIs have been extended * Added riscv64 support * Various bugs were fixed apache-commons-lang3 was updated to version 3.12.0 to 3.16.0: * Included new APIs that are needed by bcel 6.x * Various minor bugs were fixed xerces-j2: * Improved RPM packaging build instructions netty3: * Generate sources with protobuf instead of using pre-generated ones ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3971=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3971=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3971=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3971=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3971=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3971=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3971=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3971=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3971=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3971=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3971=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3971=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3971=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3971=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3971=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3971=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3971=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-3971=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3971=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-3971=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3971=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3971=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Manager Proxy 4.3 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * SUSE Manager Retail Branch Server 4.3 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * SUSE Manager Server 4.3 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * SUSE Enterprise Storage 7.1 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * openSUSE Leap 15.5 (noarch) * xalan-j2-demo-2.7.3-150200.11.7.1 * apache-commons-lang3-javadoc-3.16.0-150200.3.9.2 * xalan-j2-2.7.3-150200.11.7.1 * xerces-j2-javadoc-2.12.2-150200.3.10.2 * xalan-j2-xsltc-2.7.3-150200.11.7.1 * mojo-parent-82-150200.3.10.1 * netty3-javadoc-3.10.6-150200.3.13.2 * netty3-3.10.6-150200.3.13.2 * xerces-j2-demo-2.12.2-150200.3.10.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * xalan-j2-manual-2.7.3-150200.11.7.1 * openSUSE Leap 15.6 (noarch) * xalan-j2-demo-2.7.3-150200.11.7.1 * apache-commons-lang3-javadoc-3.16.0-150200.3.9.2 * xalan-j2-2.7.3-150200.11.7.1 * xerces-j2-javadoc-2.12.2-150200.3.10.2 * xalan-j2-xsltc-2.7.3-150200.11.7.1 * mojo-parent-82-150200.3.10.1 * netty3-javadoc-3.10.6-150200.3.13.2 * netty3-3.10.6-150200.3.13.2 * xerces-j2-demo-2.12.2-150200.3.10.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * xalan-j2-manual-2.7.3-150200.11.7.1 * Basesystem Module 15-SP5 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * Basesystem Module 15-SP6 (noarch) * apache-commons-lang3-3.16.0-150200.3.9.2 * xalan-j2-2.7.3-150200.11.7.1 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * Development Tools Module 15-SP5 (noarch) * apache-commons-lang3-3.16.0-150200.3.9.2 * netty3-3.10.6-150200.3.13.2 * Development Tools Module 15-SP6 (noarch) * netty3-3.10.6-150200.3.13.2 * SUSE Manager Server 4.3 Module 4.3 (noarch) * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 11 12:30:16 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 11 Nov 2024 12:30:16 -0000 Subject: SUSE-RU-2024:1956-2: moderate: Recommended update for google-errorprone, guava Message-ID: <173132821649.14191.8864676495961771731@smelt2.prg2.suse.org> # Recommended update for google-errorprone, guava Announcement ID: SUSE-RU-2024:1956-2 Release Date: 2024-11-11T08:48:42Z Rating: moderate References: Affected Products: * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that can now be installed. ## Description: This update for google-errorprone, guava fixes the following issues: guava: * guava was updated to version 33.1.0: * Changes of version 33.1.0: * Updated our Error Prone dependency to 2.26.1, which includes a JPMS-ready jar of annotations. If you use the Error Prone annotations in a modular build of your own code, you may need to add a requires line for them. * base: Added a Duration overload for Suppliers.memoizeWithExpiration. * base: Deprecated the remaining two overloads of Throwables.propagateIfPossible. They won't be deleted, but we recommend migrating off them. * cache: Fixed a bug that could cause false "recursive load" reports during refresh. * graph: Changed the return types of transitiveClosure() and reachableNodes() to Immutable* types. reachableNodes() already returned an immutable object (even though that was not reflected in the declared return type); transitiveClosure() used to return a mutable object. The old signatures remain available, so this change does not break binary compatibility. * graph: Changed the behavior of views returned by graph accessor methods that take a graph element as input: They now throw IllegalStateException when that element is removed from the graph. * hash: Optimized Checksum-based hash functions for Java 9+. * testing: Exposed FakeTicker Duration methods to Android users. * util.concurrent: Deprecated the constructors of UncheckedExecutionException and ExecutionError that don't accept a cause. We won't remove these constructors, but we recommend migrating off them, as users of those classes often assume that instances will contain a cause. * util.concurrent: Improved the correctness of racy accesses for J2ObjC users. * Changes of version 33.0.0: * This version of guava-android contains some package-private methods whose signature includes the Java 8 Collector API. This is a test to identify any problems before we expose those methods publicly to users. Please report any problems that you encounter. * Changed various classes to catch Exception instead of RuntimeException even when only RuntimeException is theoretically possible. This can help code that throws undeclared exceptions, as some bytecode rewriters (e.g., Robolectric) and languages (e.g., Kotlin) do. * Added an Automatic-Module-Name to failureaccess, Guava's one strong runtime dependency. * reflect: In guava-android only, removed Invokable.getAnnotatedReturnType() and Parameter.getAnnotatedType(). These methods never worked in an Android VM, and to reflect that, they were born @Deprecated, @Beta, and @DoNotCall. They're now preventing us from rolling out some new Android compatibility testing. This is the only binary-incompatible change in this release, and it should have no effect in practice. Still, we bump the major version number to follow Semantic Versioning. * util.concurrent: Changed our implementations to avoid eagerly initializing loggers during class loading. This can help performance, especially under Android. * Changes of version 32.1.3: * Changed Gradle Metadata to include dependency versions directly. This may address "Could not find some-dependency" errors that some users have reported (which might be a result of users' excluding guava-parent). * collect: Changed Multisets.unmodifiableMultiset(set) .removeIf(predicate) to throw an exception always, even if nothing matches predicate. * graph: Fixed the behavior of Graph/ValueGraph views for a node when that node is removed from the graph. * io: Fixed Files.createTempDir and FileBackedOutputStream under Windows services, a rare use case. (The fix actually covers only Java 9+ because Java 8 would require an additional approach. Let us know if you need support under Java 8.) * net: Made MediaType.parse allow and skip over whitespace around the / and = separator tokens in addition to the ; separator, for which it was already being allowed. * util.concurrent: Tweaked Futures.getChecked constructor-selection behavior: The method continues to prefer to call constructors with a String parameter, but now it breaks ties based on whether the constructor has a Throwable parameter. Beyond that, the choice of constructor remains undefined. (For this and other reasons, we discourage the use of getChecked.) * Changes of version 32.1.2: * Removed the section of our Gradle metadata that caused Gradle to report conflicts with listenablefuture. * Changed our Maven project to avoid affecting which version of Mockito our Gradle users see. * collect: Under J2CL, exposed ImmutableList and ImmutableSet methods copyOf and of for JavaScript usage. * net: Optimized InternetDomainName construction. * Changes of version 32.1.1: * Fixed our broken Gradle metadata from 32.1.0. Sorry again for the trouble. If you use Gradle, please still read the release notes from that version: You may still see errors from the new checking that the metadata enables, and the release notes discuss how to fix those errors. * Changes of version 32.1.0: * collect: Tweaked more nullness annotations. * hash: Enhanced crc32c() to use Java's hardware-accelerated implementation where available. * util.concurrent: Added Duration-based default methods to ListeningExecutorService. * Began updating Javadoc to focus less on APIs that have been superseded by additions to the JDK. We're also looking to add more documentation that directs users to JDK equivalents for our APIs. Further PRs welcome! * Fixed some problems with using Guava from a Java Agent. (But we don't test that configuration, and we don't know how well we'll be able to keep it working.) * Fixed BootstrapMethodError when using CacheBuilder from a custom system class loader. (As with the previous item, we're not sure how well we'll be able to keep this use case working.) * Suppressed a harmless unusable-by-js warning seen by users of guava-gwt. * Fix version mismatch in the ant build files. * The binaries are compatible with java 1.8 google-errorprone, google-errorprone-annotations: * google-errorprone and google-errorprone-annotations were updated to version 2.26.1: * Changes of version 2.26.1: * Fixes the module name: from 'com.google.errorprone.annotation' to 'com.google.errorprone.annotations'. Amends the OSGi build not to include 'Automatic-Module-Name' in the MANIFEST.MF for the 'annotations' project. * Changes of version 2.26.0: * The 'annotations' artifact now includes a module-info.java for Java Platform Module System support. * Disabled checks passed to -XepPatchChecks are now ignored, instead of causing a crash. * New checks: * SystemConsoleNull: Null-checking System.console() is not a reliable way to detect if the console is connected to a terminal. * EnumOrdinal: Discourage uses of Enum.ordinal() * Closed issues: * Add module-info.java * 2.19.x: Exception thrown when a disabled check is passed to -XepPatchChecks * Ignore disabled checks passed to -XepPatchChecks * feat: add jpms definition for annotations * Add the 'compile' goal for 'compile-java9' * Changes of version 2.25.0: * New checks: * JUnitIncompatibleType: Detects incompatible types passed to an assertion, similar to TruthIncompatibleType * RedundantSetterCall: Detects fields set twice in the same chained expression. Generalization of previous ProtoRedundantSet check to also handle AutoValue. * Closed issues: * Crash in UnnecessaryStringBuilder * Fix typos * Add support for specifying badEnclosingTypes for BadImport via flags * Some BugPattern docs are missing code examples * Remove incorrect statement from BugPattern index doc * Do not report NonFinalStaticField findings for fields modified in @BeforeAll methods * Changes of version 2.24.1: * Add an assertion to try to help debug * Changes of version 2.24.0: * New checks: * MultipleNullnessAnnotations: Discourage multiple nullness annotations * NullableTypeParameter: Discourage nullness annotations on type parameters * NullableWildcard: Discourage nullness annotations on wildcards * SuperCallToObjectMethod: Generalization of SuperEqualsIsObjectEquals, now covers hashCode * Changes of version 2.23.0: * New checks: DuplicateDateFormatField, NonFinalStaticField, StringCharset, StringFormatWithLiteral, SuperEqualsIsObjectEquals * Bug fixes and improvements * Changes of version 2.22.0: * New checks: * ClosingStandardOutputStreams: Prevents accidentally closing System.{out,err} with try-with-resources * TruthContainsExactlyElementsInUsage: containsExactly is preferred over containsExactlyElementsIn when creating new iterables * UnnecessaryAsync: detects unnecessary use of async primitives in local (and hence single-threaded) scopes * ReturnAtTheEndOfVoidFunction: detects unnecessary return statements at the end of void functions * MultimapKeys: Suggests using keySet() instead of iterating over Multimap.keys(), which does not collapse duplicates * Bug fixes and improvements: * Don't complain about literal IP addresses in AddressSelection * Prevent SuggestedFixes#renameMethod from modifying return type declaration * Fix UnusedVariable false positives for private record parameters * When running in conservative mode, no longer assume that implementations of Map.get, etc. return null * CanIgnoreReturnValueSuggester: Support additional exempting method annotations * UnusedVariable: exclude junit5's @RegisterExtension * Support running all available patch checks * Upgrade java-diff-utils 4.0 -> 4.12 * Flag unused Refaster template parameters * Support @SuppressWarnings("all") * Prevent Refaster UMemberSelect from matching method parameters * MissingDefault : Don't require // fall out comments on expression switches * Skip UnnecessaryLambda findings for usages in enhanced for loops * Fix bug where nested MissingBraces violations' suggested fixes result in broken code * Add support for specifying exemptPrefixes/exemptNames for UnusedVariable via flags * UnusedMethod: Added exempting variable annotations * Changes of version 2.21.1: * Handle overlapping ranges in suppressedRegions * Add AddressSelection to discourage APIs that convert a hostname to a single address * Changes of version 2.21.0: * New Checkers: * AttemptedNegativeZero: Prevents accidental use of -0, which is the same as 0. The floating-point negative zero is -0.0. * ICCProfileGetInstance: Warns on uses of ICC_Profile.getInstance(String), due to JDK-8191622. * MutableGuiceModule: Fields in Guice modules should be final. * NullableOptional: Discourages @Nullable-annotated Optionals. * OverridingMethodInconsistentArgumentNamesChecker: Arguments of overriding method are inconsistent with overridden method. * Fixed issues: * Avoid MemberName IOOBE on lambda parameters inside overriding methods * Improve LockOnNonEnclosingClassLiteral documentation * Security scan reported high CVE for com.google.guava:guava:31.1-jre * Upgrade guava to 32.0.1 * Proposal: checker to prevent other checkers from calling javac methods that changed across JDKs * Add support in ASTHelpersSuggestions for getEnclosedElements * Changes of version 2.20.0: * This release is compatible with early-access builds of JDK 21. * New Checkers: InlineTrivialConstant, UnnecessaryStringBuilder, BanClassLoader, DereferenceWithNullBranch, DoNotUseRuleChain, LockOnNonEnclosingClassLiteral, MissingRefasterAnnotation, NamedLikeContextualKeyword, NonApiType * Fixes issues: * Introduce MissingRefasterAnnotation checker * Fix minor typo in URepeated * Drop unused constant Template#AUTOBOXING_DEFAULT * Introduce command-line flag -XepAllSuggestionsAsWarnings * JDK21 compatibility * Add OSGi runtime metadata to error-prone's MANIFEST.MF files * Use EISOP Checker Framework version 3.34.0-eisop1 * NotJavadoc pattern does not allow Javadoc on module declarations * ErrorProneInjector incorrectly picks up the no-args constructor * Several high CVEs related to dependency com.google.protobuf:protobuf-java:3.19.2 * Upgrade protobuf-java to 3.19.6 * Changes of version 2.19.1: * This release fixes a binary compatibility issue when running on JDK 11 * Changes of version 2.19.0: * New Checkers: NotJavadoc, StringCaseLocaleUsage, UnnecessaryTestMethodPrefix * Fixes issues: * Exclude inner classes annotated with @Nested from ClassCanBeStatic rule * Optimize VisitorState#getSymbolFromName * ClassCanBeStatic: Exclude JUnit @Nested classes * BadImport: flag static import of newInstance methods * Support given for enforcing DirectInvocationOnMock: issue 3396 * Handle yield statement case in ASTHelpers#targetType * Should ASTHelpers.getSymbol(Tree) be annotated with @Nullable? * Fix '@' character in javadoc code snippets * Replace guava cache with caffeine * Discourage APIs locale-dependent APIs like String.to{Lower,Upper}Case * Introduce StringCaseLocaleUsage check * Changes of version 2.18.0: * New Checkers: InjectOnBugCheckers, LabelledBreakTarget, UnusedLabel, YodaCondition * Fixes issues: * @SuppressWarnings("InlineFormatString") doesn't work * Refaster: support method invocation type argument inlining * java.lang.IllegalArgumentException: Cannot edit synthetic AST nodes with specific record constructor * Rename class to match filename * Optimize VisitorState#getSymbolFromName * refactor: refactor bad smell UnusedLabel * LambdaFunctionalInterface crash with IllegalArgumentException when processing an enum constructor taking a lambda * Fix JDK 20-ea build compatibility * UngroupedOverloads: ignore generated constructors * [errorprone 2.17.0] NPE in StatementSwitchToExpressionSwitch.analyzeSwitchTree * StatementSwitchToExpressionSwitch: handle empty statement blocks * StatementSwitchToExpressionSwitch: only trigger on compatible target versions * Fix Finalize bugpattern to match protected finalize() * Make MemoizeConstantVisitorStateLookups check suppressible * Changes of version 2.17.0: * New Checkers: AvoidObjectArrays, Finalize, IgnoredPureGetter, ImpossibleNullComparison, MathAbsoluteNegative, NewFileSystem, StatementSwitchToExpressionSwitch, UnqualifiedYield * Fixed issues: * InvalidParam warning on Javadoc for Java record components * UnusedMethod flags @JsonValue methods as unused * UnusedMethod: Add more JPA lifecycle annotations or make annotations configurable * UnusedMethod: Support additional exempting method annotations * Have InvalidParam support records * Fix -XepDisableAllWarnings flag when passed on its own * ASTHelpersSuggestions does not flag call to packge() on com.sun.tools.javac.code.Symbol.ClassSymbol * @SupressWarnings on record compact constructor causes crash * Changes of version 2.16.0: * New Checkers: ASTHelpersSuggestions, CanIgnoreReturnValueSuggester, LenientFormatStringValidation, UnnecessarilyUsedValue * Fixed issues: * Avoid using non-ASCII Unicode characters outside of comments and literals * NullPointerException thrown during analysis * NPE analysing new style switch statement (2.14.0) * ImmutableChecker handles null types * Drop pre-JDK 11 logic from Refaster's Inliner class * Changes of version 2.15.0: * New Checkers: BuilderReturnThis, CanIgnoreReturnValueSuggester, CannotMockFinalClass, CannotMockFinalMethod, DirectInvocationOnMock, ExtendsObject, MockNotUsedInProduction, NoCanIgnoreReturnValueOnClasses, NullArgumentForNonNullParameter, SelfAlwaysReturnsThis, UnsafeWildcard, UnusedTypeParameter * Changes of version 2.14.0: * New checkers: BanJNDI, EmptyTopLevelDeclaration, ErroneousBitwiseExpression, FuzzyEqualsShouldNotBeUsedInEqualsMethod, Interruption, NullableOnContainingClass * Changes of version 2.13.1: * Fix a crash in UnnecessaryBoxedVariable * Include the unicode character in the diagnostic message * Changes of version 2.13.0: * Handle all annotations with the simple name Generated in -XepDisableWarningsInGeneratedCode * Reconcile BugChecker#isSuppressed with suppression handling in ErrorProneScanner * Fix a bug in enclosingPackage * Improve performance of fix application * Implicitly treat @AutoBuilder setter methods as @CanIgnoreReturnValue. * Remove some obsolete checks (PublicConstructorForAbstractClass, HashCodeToString) * Changes of version 2.12.1: * This release adds an infrastructure optimization to AppliedFix source code processing. * Changes of version 2.12.0: * New checks: BoxedPrimitiveEquality, DoubleBraceInitialization, IgnoredPureGetter, LockOnBoxedPrimitive, IncorrectMainMethod, LongDoubleConversion, RobolectricShadowDirectlyOn, StaticAssignmentOfThrowable, UnnecessaryLongToIntConversion, Varifier * Do not require maven-javadoc-plugin as it's not being used ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-1956=1 ## Package List: * SUSE Manager Server 4.3 Module 4.3 (noarch) * google-errorprone-annotations-2.26.1-150200.5.6.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 11 16:30:02 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 11 Nov 2024 16:30:02 -0000 Subject: SUSE-RU-2024:3974-1: moderate: Recommended update for cosign Message-ID: <173134260243.16141.9571816233083214394@smelt2.prg2.suse.org> # Recommended update for cosign Announcement ID: SUSE-RU-2024:3974-1 Release Date: 2024-11-11T15:26:48Z Rating: moderate References: * jsc#SLE-23879 Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature can now be installed. ## Description: This update for cosign fixes the following issues: cosign was updated to 2.4.0 (jsc#SLE-23879) * Add new bundle support to verify-blob and verify-blob-attestation (#3796) * Adding protobuf bundle support to sign-blob and attest-blob (#3752) * Bump sigstore/sigstore to support email_verified as string or boolean (#3819) * Conformance testing for cosign (#3806) * move incremental builds per commit to GHCR instead of GCR (#3808) * Add support for recording creation timestamp for cosign attest (#3797) * Include SCT verification failure details in error message (#3799) * Set CGO_ENABLED=1 for fixing s390x failed build Update to 2.3.0 (jsc#SLE-23879): * Features * Add PayloadProvider interface to decouple AttestationToPayloadJSON from oci.Signature interface (#3693) * add registry options to cosign save (#3645) * Add debug providers command. (#3728) * Make config layers in ociremote mountable (#3741) * adds tsa cert chain check for env var or tuf targets. (#3600) * add --ca-roots and --ca-intermediates flags to 'cosign verify' (#3464) * add handling of keyless verification for all verify commands (#3761) * Bug Fixes * fix: close attestationFile (#3679) * Set bundleVerified to true after Rekor verification (Resolves #3740) (#3745) * Documentation * Document ImportKeyPair and LoadPrivateKey functions in pkg/cosign (#3776) * add completion subpackages (bash, fish, zsh) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3974=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3974=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3974=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3974=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3974=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3974=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3974=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3974=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3974=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3974=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3974=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3974=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3974=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * cosign-debuginfo-2.4.0-150400.3.23.1 * cosign-2.4.0-150400.3.23.1 * openSUSE Leap 15.4 (noarch) * cosign-fish-completion-2.4.0-150400.3.23.1 * cosign-bash-completion-2.4.0-150400.3.23.1 * cosign-zsh-completion-2.4.0-150400.3.23.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * cosign-2.4.0-150400.3.23.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * cosign-debuginfo-2.4.0-150400.3.23.1 * cosign-2.4.0-150400.3.23.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * cosign-2.4.0-150400.3.23.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * cosign-debuginfo-2.4.0-150400.3.23.1 * cosign-2.4.0-150400.3.23.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * cosign-2.4.0-150400.3.23.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * cosign-2.4.0-150400.3.23.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * cosign-2.4.0-150400.3.23.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * cosign-2.4.0-150400.3.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * cosign-2.4.0-150400.3.23.1 * SUSE Manager Proxy 4.3 (x86_64) * cosign-2.4.0-150400.3.23.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * cosign-2.4.0-150400.3.23.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * cosign-2.4.0-150400.3.23.1 ## References: * https://jira.suse.com/browse/SLE-23879 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 15 12:30:18 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 15 Nov 2024 12:30:18 -0000 Subject: SUSE-RU-2024:3994-1: moderate: Recommended update for rabbitmq-c Message-ID: <173167381864.4943.9931611070496058686@smelt2.prg2.suse.org> # Recommended update for rabbitmq-c Announcement ID: SUSE-RU-2024:3994-1 Release Date: 2024-11-15T08:07:53Z Rating: moderate References: * bsc#1232541 Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for rabbitmq-c fixes the following issue: * Fix default cacert location (bsc#1232541). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3994=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3994=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3994=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3994=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3994=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3994=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3994=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3994=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3994=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3994=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3994=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3994=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3994=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3994=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * SUSE Manager Proxy 4.3 (x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-tools-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * rabbitmq-c-tools-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-tools-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * rabbitmq-c-tools-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1232541 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 15 16:30:05 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 15 Nov 2024 16:30:05 -0000 Subject: SUSE-SU-2024:3999-1: important: Security update for apache2 Message-ID: <173168820526.4790.3763092192565272838@smelt2.prg2.suse.org> # Security update for apache2 Announcement ID: SUSE-SU-2024:3999-1 Release Date: 2024-11-15T13:35:34Z Rating: important References: * bsc#1233165 Cross-References: * CVE-2023-45802 CVSS scores: * CVE-2023-45802 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45802 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2023-45802: Fixed regression with previous fix (bsc#1233165). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3999=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3999=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3999=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3999=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3999=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3999=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3999=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3999=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-3999=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3999=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3999=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3999=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3999=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3999=1 ## Package List: * SUSE Manager Proxy 4.3 (x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Manager Proxy 4.3 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Manager Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-event-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-example-pages-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-event-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * openSUSE Leap 15.4 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-event-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-example-pages-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-event-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * openSUSE Leap 15.5 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-event-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-event-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * Server Applications Module 15-SP5 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * Server Applications Module 15-SP6 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.43.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45802.html * https://bugzilla.suse.com/show_bug.cgi?id=1233165 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:30:05 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:30:05 -0000 Subject: SUSE-SU-2024:4036-1: moderate: Security update for httpcomponents-client, httpcomponents-core Message-ID: <173194740554.4943.12539625151824727640@smelt2.prg2.suse.org> # Security update for httpcomponents-client, httpcomponents-core Announcement ID: SUSE-SU-2024:4036-1 Release Date: 2024-11-18T15:24:16Z Rating: moderate References: * bsc#1177488 Cross-References: * CVE-2020-13956 CVSS scores: * CVE-2020-13956 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N * CVE-2020-13956 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for httpcomponents-client, httpcomponents-core fixes the following issues: httpcomponents-client: \- Update to version 4.5.14 * HTTPCLIENT-2206: Corrected resource de-allocation by fluent response objects. * HTTPCLIENT-2174: URIBuilder to return a new empty list instead of unmodifiable Collections#emptyList. * Don't retry requests in case of NoRouteToHostException. * HTTPCLIENT-2144: RequestBuilder fails to correctly copy charset of requests with form url-encoded body. * PR #269: 4.5.x use array fill and more. \+ Use Arrays.fill(). \+ Remove redundant modifiers. \+ Use Collections.addAll() and Collection.addAll() APIs instead of loops. \+ Remove redundant returns. \+ No need to explicitly declare an array when calling a vararg method. \+ Remote extra semicolons (;). \+ Use a 'L' instead of 'l' to make long literals more readable. * PublicSuffixListParser.parseByType(Reader) allocates but does not use a 256 char StringBuilder. * Incorrect handling of malformed authority component by URIUtils#extractHost (bsc#1177488, CVE-2020-13956). * Avoid updating Content- Length header in a 304 response. * Bug fix: BasicExpiresHandler is annotated as immutable but is not (#239) * HTTPCLIENT-2076: Fixed NPE in LaxExpiresHandler. httpcomponents-core: \- Upgraded to version 4.4.14 * PR #231: 4.4.x Use better map apis and more. \+ Remove redundant modifiers. \+ Use Collections.addAll() API instead of loops. \+ Remove redundant returns. \+ No need to explicitly declare an array when calling a vararg method. \+ Remote extra semicolons (;). * Bug fix: Non-blocking TLSv1.3 connections can end up in an infinite event spin when closed concurrently by the local and the remote endpoints. * HTTPCORE-647: Non-blocking connection terminated due to 'java.io.IOException: Broken pipe' can enter an infinite loop flushing buffered output data. * PR #201, HTTPCORE-634: Fix race condition in AbstractConnPool that can cause internal state corruption when persistent connections are manually removed from the pool. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4036=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4036=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-4036=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-4036=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-4036=1 ## Package List: * openSUSE Leap 15.5 (noarch) * httpcomponents-client-cache-4.5.14-150200.3.9.1 * httpcomponents-core-4.4.14-150200.3.9.1 * httpcomponents-client-4.5.14-150200.3.9.1 * httpcomponents-client-javadoc-4.5.14-150200.3.9.1 * httpcomponents-core-javadoc-4.4.14-150200.3.9.1 * openSUSE Leap 15.6 (noarch) * httpcomponents-client-cache-4.5.14-150200.3.9.1 * httpcomponents-core-4.4.14-150200.3.9.1 * httpcomponents-client-4.5.14-150200.3.9.1 * httpcomponents-client-javadoc-4.5.14-150200.3.9.1 * httpcomponents-core-javadoc-4.4.14-150200.3.9.1 * Development Tools Module 15-SP5 (noarch) * httpcomponents-client-4.5.14-150200.3.9.1 * httpcomponents-core-4.4.14-150200.3.9.1 * Development Tools Module 15-SP6 (noarch) * httpcomponents-client-4.5.14-150200.3.9.1 * httpcomponents-core-4.4.14-150200.3.9.1 * SUSE Manager Server 4.3 Module 4.3 (noarch) * httpcomponents-client-4.5.14-150200.3.9.1 * httpcomponents-core-4.4.14-150200.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2020-13956.html * https://bugzilla.suse.com/show_bug.cgi?id=1177488 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:30:23 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:30:23 -0000 Subject: SUSE-RU-2024:4032-1: moderate: Recommended update for salt Message-ID: <173194742346.4943.18019342774309099115@smelt2.prg2.suse.org> # Recommended update for salt Announcement ID: SUSE-RU-2024:4032-1 Release Date: 2024-11-18T13:31:07Z Rating: moderate References: * bsc#1219041 * bsc#1220357 * bsc#1226141 * bsc#1229109 * bsc#1229539 * bsc#1230322 * jsc#MSQA-863 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature and has six fixes can now be installed. ## Description: This update for salt fixes the following issues: * Fix failing x509 tests with OpenSSL < 1.1 * Avoid explicit reading of /etc/salt/minion (bsc#1220357) * Allow NamedLoaderContexts to be returned from loader * Revert the change making reactor less blocking (bsc#1230322) * Use --cachedir for extension_modules in salt-call (bsc#1226141) * Prevent using SyncWrapper with no reason * Fix the SELinux context for Salt Minion service (bsc#1219041) * Set contextvars as a build requirement for package * Increase warn_until_date date for code we still support * The test_debian test now uses port 80 for ubuntu keyserver * Fix too frequent systemd service restart in test_system test * Avoid crash on wrong output of systemctl version (bsc#1229539) * Improve error handling with different OpenSSL versions * Remove redundant run_func from salt.master.MWorker._handle_aes * Fix cloud minion configuration for multiple masters (bsc#1229109) * Use Pygit2 id instead of deprecated oid in gitfs * Fix few failing tests to work with both Salt and Salt bundle * Skip testing unsupported OpenSSL crypto algorithms ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4032=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4032=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4032=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4032=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4032=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4032=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4032=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4032=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4032=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4032=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4032=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4032=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4032=1 ## Package List: * SUSE Manager Retail Branch Server 4.3 (x86_64) * salt-doc-3006.0-150400.8.69.2 * salt-ssh-3006.0-150400.8.69.2 * salt-master-3006.0-150400.8.69.2 * python3-salt-3006.0-150400.8.69.2 * salt-standalone-formulas-configuration-3006.0-150400.8.69.2 * salt-syndic-3006.0-150400.8.69.2 * salt-minion-3006.0-150400.8.69.2 * salt-proxy-3006.0-150400.8.69.2 * salt-api-3006.0-150400.8.69.2 * salt-cloud-3006.0-150400.8.69.2 * salt-3006.0-150400.8.69.2 * SUSE Manager Retail Branch Server 4.3 (noarch) * salt-fish-completion-3006.0-150400.8.69.2 * salt-zsh-completion-3006.0-150400.8.69.2 * salt-bash-completion-3006.0-150400.8.69.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * salt-doc-3006.0-150400.8.69.2 * salt-ssh-3006.0-150400.8.69.2 * salt-master-3006.0-150400.8.69.2 * python3-salt-3006.0-150400.8.69.2 * salt-standalone-formulas-configuration-3006.0-150400.8.69.2 * salt-syndic-3006.0-150400.8.69.2 * salt-minion-3006.0-150400.8.69.2 * salt-proxy-3006.0-150400.8.69.2 * salt-api-3006.0-150400.8.69.2 * salt-cloud-3006.0-150400.8.69.2 * salt-3006.0-150400.8.69.2 * SUSE Manager Server 4.3 (noarch) * salt-fish-completion-3006.0-150400.8.69.2 * salt-zsh-completion-3006.0-150400.8.69.2 * salt-bash-completion-3006.0-150400.8.69.2 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * salt-doc-3006.0-150400.8.69.2 * salt-ssh-3006.0-150400.8.69.2 * salt-master-3006.0-150400.8.69.2 * python3-salt-3006.0-150400.8.69.2 * salt-standalone-formulas-configuration-3006.0-150400.8.69.2 * salt-syndic-3006.0-150400.8.69.2 * python3-salt-testsuite-3006.0-150400.8.69.1 * salt-transactional-update-3006.0-150400.8.69.2 * salt-minion-3006.0-150400.8.69.2 * salt-proxy-3006.0-150400.8.69.2 * salt-api-3006.0-150400.8.69.2 * salt-cloud-3006.0-150400.8.69.2 * salt-3006.0-150400.8.69.2 * openSUSE Leap 15.4 (noarch) * salt-fish-completion-3006.0-150400.8.69.2 * salt-zsh-completion-3006.0-150400.8.69.2 * salt-bash-completion-3006.0-150400.8.69.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * salt-minion-3006.0-150400.8.69.2 * salt-3006.0-150400.8.69.2 * python3-salt-3006.0-150400.8.69.2 * salt-transactional-update-3006.0-150400.8.69.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * salt-minion-3006.0-150400.8.69.2 * salt-3006.0-150400.8.69.2 * python3-salt-3006.0-150400.8.69.2 * salt-transactional-update-3006.0-150400.8.69.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * salt-minion-3006.0-150400.8.69.2 * salt-3006.0-150400.8.69.2 * python3-salt-3006.0-150400.8.69.2 * salt-transactional-update-3006.0-150400.8.69.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * salt-minion-3006.0-150400.8.69.2 * salt-3006.0-150400.8.69.2 * python3-salt-3006.0-150400.8.69.2 * salt-transactional-update-3006.0-150400.8.69.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * salt-doc-3006.0-150400.8.69.2 * salt-ssh-3006.0-150400.8.69.2 * salt-master-3006.0-150400.8.69.2 * python3-salt-3006.0-150400.8.69.2 * salt-standalone-formulas-configuration-3006.0-150400.8.69.2 * salt-syndic-3006.0-150400.8.69.2 * salt-minion-3006.0-150400.8.69.2 * salt-proxy-3006.0-150400.8.69.2 * salt-api-3006.0-150400.8.69.2 * salt-cloud-3006.0-150400.8.69.2 * salt-3006.0-150400.8.69.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * salt-fish-completion-3006.0-150400.8.69.2 * salt-zsh-completion-3006.0-150400.8.69.2 * salt-bash-completion-3006.0-150400.8.69.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * salt-doc-3006.0-150400.8.69.2 * salt-ssh-3006.0-150400.8.69.2 * salt-master-3006.0-150400.8.69.2 * python3-salt-3006.0-150400.8.69.2 * salt-standalone-formulas-configuration-3006.0-150400.8.69.2 * salt-syndic-3006.0-150400.8.69.2 * salt-minion-3006.0-150400.8.69.2 * salt-proxy-3006.0-150400.8.69.2 * salt-api-3006.0-150400.8.69.2 * salt-cloud-3006.0-150400.8.69.2 * salt-3006.0-150400.8.69.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * salt-fish-completion-3006.0-150400.8.69.2 * salt-zsh-completion-3006.0-150400.8.69.2 * salt-bash-completion-3006.0-150400.8.69.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * salt-minion-3006.0-150400.8.69.2 * salt-doc-3006.0-150400.8.69.2 * salt-3006.0-150400.8.69.2 * python3-salt-3006.0-150400.8.69.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * salt-zsh-completion-3006.0-150400.8.69.2 * salt-bash-completion-3006.0-150400.8.69.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * salt-doc-3006.0-150400.8.69.2 * salt-ssh-3006.0-150400.8.69.2 * salt-master-3006.0-150400.8.69.2 * python3-salt-3006.0-150400.8.69.2 * salt-standalone-formulas-configuration-3006.0-150400.8.69.2 * salt-syndic-3006.0-150400.8.69.2 * salt-transactional-update-3006.0-150400.8.69.2 * salt-minion-3006.0-150400.8.69.2 * salt-proxy-3006.0-150400.8.69.2 * salt-api-3006.0-150400.8.69.2 * salt-cloud-3006.0-150400.8.69.2 * salt-3006.0-150400.8.69.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * salt-fish-completion-3006.0-150400.8.69.2 * salt-zsh-completion-3006.0-150400.8.69.2 * salt-bash-completion-3006.0-150400.8.69.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * salt-doc-3006.0-150400.8.69.2 * salt-ssh-3006.0-150400.8.69.2 * salt-master-3006.0-150400.8.69.2 * python3-salt-3006.0-150400.8.69.2 * salt-standalone-formulas-configuration-3006.0-150400.8.69.2 * salt-syndic-3006.0-150400.8.69.2 * salt-minion-3006.0-150400.8.69.2 * salt-proxy-3006.0-150400.8.69.2 * salt-api-3006.0-150400.8.69.2 * salt-cloud-3006.0-150400.8.69.2 * salt-3006.0-150400.8.69.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * salt-fish-completion-3006.0-150400.8.69.2 * salt-zsh-completion-3006.0-150400.8.69.2 * salt-bash-completion-3006.0-150400.8.69.2 * SUSE Manager Proxy 4.3 (x86_64) * salt-doc-3006.0-150400.8.69.2 * salt-ssh-3006.0-150400.8.69.2 * salt-master-3006.0-150400.8.69.2 * python3-salt-3006.0-150400.8.69.2 * salt-standalone-formulas-configuration-3006.0-150400.8.69.2 * salt-syndic-3006.0-150400.8.69.2 * salt-minion-3006.0-150400.8.69.2 * salt-proxy-3006.0-150400.8.69.2 * salt-api-3006.0-150400.8.69.2 * salt-cloud-3006.0-150400.8.69.2 * salt-3006.0-150400.8.69.2 * SUSE Manager Proxy 4.3 (noarch) * salt-fish-completion-3006.0-150400.8.69.2 * salt-zsh-completion-3006.0-150400.8.69.2 * salt-bash-completion-3006.0-150400.8.69.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219041 * https://bugzilla.suse.com/show_bug.cgi?id=1220357 * https://bugzilla.suse.com/show_bug.cgi?id=1226141 * https://bugzilla.suse.com/show_bug.cgi?id=1229109 * https://bugzilla.suse.com/show_bug.cgi?id=1229539 * https://bugzilla.suse.com/show_bug.cgi?id=1230322 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:30:55 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:30:55 -0000 Subject: SUSE-SU-2024:4029-1: important: Security update for SUSE Manager Salt Bundle Message-ID: <173194745580.4943.2147695859967699365@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-2024:4029-1 Release Date: 2024-11-18T13:29:50Z Rating: important References: * bsc#1219041 * bsc#1220357 * bsc#1222842 * bsc#1226141 * bsc#1226447 * bsc#1226448 * bsc#1226469 * bsc#1227547 * bsc#1228105 * bsc#1228780 * bsc#1229109 * bsc#1229539 * bsc#1229654 * bsc#1229704 * bsc#1229873 * bsc#1229994 * bsc#1229995 * bsc#1229996 * bsc#1230058 * bsc#1230059 * bsc#1230322 * jsc#MSQA-863 Cross-References: * CVE-2024-0397 * CVE-2024-3651 * CVE-2024-37891 * CVE-2024-4032 * CVE-2024-5569 * CVE-2024-6345 * CVE-2024-6923 * CVE-2024-7592 * CVE-2024-8088 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-3651 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3651 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37891 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-5569 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-6345 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8088 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 An update that solves nine vulnerabilities, contains one feature and has 12 security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security fixes on Python 3.11 interpreter: * CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes (bsc#1229873, bsc#1230059) * CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path (bsc#1229704, bsc#1230058) * CVE-2024-6923: Prevent email header injection due to unquoted newlines (bsc#1228780) * CVE-2024-4032: Rearranging definition of private global IP addresses (bsc#1226448) * CVE-2024-0397: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads (bsc#1226447) * Security fixes on Python dependencies: * CVE-2024-5569: zipp: Fixed a Denial of Service (DoS) vulnerability in the jaraco/zipp library (bsc#1227547, bsc#1229996) * CVE-2024-6345: setuptools: Sanitize any VCS URL used for download (bsc#1228105, bsc#1229995) * CVE-2024-3651: idna: Fix a potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842, bsc#1229994) * CVE-2024-37891: urllib3: Added the `Proxy-Authorization` header to the list of headers to strip from requests when redirecting to a different host (bsc#1226469, bsc#1229654) * Other bugs fixed: * Fixed failing x509 tests with OpenSSL < 1.1 * Avoid explicit reading of /etc/salt/minion (bsc#1220357) * Allow NamedLoaderContexts to be returned from loader * Reverted the change making reactor less blocking (bsc#1230322) * Use --cachedir for extension_modules in salt-call (bsc#1226141) * Prevent using SyncWrapper with no reason * Enable post_start_cleanup.sh to work in a transaction * Fixed the SELinux context for Salt Minion service (bsc#1219041) * Increase warn_until_date date for code we still support * Avoid crash on wrong output of systemctl version (bsc#1229539) * Improved error handling with different OpenSSL versions * Fixed cloud Minion configuration for multiple Masters (bsc#1229109) * Use Pygit2 id instead of deprecated oid in gitfs * Added passlib Python module to the bundle ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 zypper in -t patch SUSE-EL-9-CLIENT-TOOLS-2024-4029=1 ## Package List: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-1.47.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-3651.html * https://www.suse.com/security/cve/CVE-2024-37891.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://www.suse.com/security/cve/CVE-2024-5569.html * https://www.suse.com/security/cve/CVE-2024-6345.html * https://www.suse.com/security/cve/CVE-2024-6923.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://www.suse.com/security/cve/CVE-2024-8088.html * https://bugzilla.suse.com/show_bug.cgi?id=1219041 * https://bugzilla.suse.com/show_bug.cgi?id=1220357 * https://bugzilla.suse.com/show_bug.cgi?id=1222842 * https://bugzilla.suse.com/show_bug.cgi?id=1226141 * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 * https://bugzilla.suse.com/show_bug.cgi?id=1226469 * https://bugzilla.suse.com/show_bug.cgi?id=1227547 * https://bugzilla.suse.com/show_bug.cgi?id=1228105 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 * https://bugzilla.suse.com/show_bug.cgi?id=1229109 * https://bugzilla.suse.com/show_bug.cgi?id=1229539 * https://bugzilla.suse.com/show_bug.cgi?id=1229654 * https://bugzilla.suse.com/show_bug.cgi?id=1229704 * https://bugzilla.suse.com/show_bug.cgi?id=1229873 * https://bugzilla.suse.com/show_bug.cgi?id=1229994 * https://bugzilla.suse.com/show_bug.cgi?id=1229995 * https://bugzilla.suse.com/show_bug.cgi?id=1229996 * https://bugzilla.suse.com/show_bug.cgi?id=1230058 * https://bugzilla.suse.com/show_bug.cgi?id=1230059 * https://bugzilla.suse.com/show_bug.cgi?id=1230322 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:31:14 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:31:14 -0000 Subject: SUSE-SU-2024:4026-1: important: Security update for SUSE Manager Salt Bundle Message-ID: <173194747435.4943.14925727579761266494@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-2024:4026-1 Release Date: 2024-11-18T13:29:06Z Rating: important References: * bsc#1219041 * bsc#1220357 * bsc#1222842 * bsc#1226141 * bsc#1226447 * bsc#1226448 * bsc#1226469 * bsc#1227547 * bsc#1228105 * bsc#1228780 * bsc#1229109 * bsc#1229539 * bsc#1229654 * bsc#1229704 * bsc#1229873 * bsc#1229994 * bsc#1229995 * bsc#1229996 * bsc#1230058 * bsc#1230059 * bsc#1230322 * jsc#MSQA-863 Cross-References: * CVE-2024-0397 * CVE-2024-3651 * CVE-2024-37891 * CVE-2024-4032 * CVE-2024-5569 * CVE-2024-6345 * CVE-2024-6923 * CVE-2024-7592 * CVE-2024-8088 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-3651 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3651 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37891 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-5569 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-6345 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8088 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Manager Client Tools for Debian 12 An update that solves nine vulnerabilities, contains one feature and has 12 security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security fixes on Python 3.11 interpreter: * CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes (bsc#1229873, bsc#1230059) * CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path (bsc#1229704, bsc#1230058) * CVE-2024-6923: Prevent email header injection due to unquoted newlines (bsc#1228780) * CVE-2024-4032: Rearranging definition of private global IP addresses (bsc#1226448) * CVE-2024-0397: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads (bsc#1226447) * Security fixes on Python dependencies: * CVE-2024-5569: zipp: Fixed a Denial of Service (DoS) vulnerability in the jaraco/zipp library (bsc#1227547, bsc#1229996) * CVE-2024-6345: setuptools: Sanitize any VCS URL used for download (bsc#1228105, bsc#1229995) * CVE-2024-3651: idna: Fix a potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842, bsc#1229994) * CVE-2024-37891: urllib3: Added the `Proxy-Authorization` header to the list of headers to strip from requests when redirecting to a different host (bsc#1226469, bsc#1229654) * Other bugs fixed: * Fixed failing x509 tests with OpenSSL < 1.1 * Avoid explicit reading of /etc/salt/minion (bsc#1220357) * Allow NamedLoaderContexts to be returned from loader * Reverted the change making reactor less blocking (bsc#1230322) * Use --cachedir for extension_modules in salt-call (bsc#1226141) * Prevent using SyncWrapper with no reason * Enable post_start_cleanup.sh to work in a transaction * Fixed the SELinux context for Salt Minion service (bsc#1219041) * Increase warn_until_date date for code we still support * Avoid crash on wrong output of systemctl version (bsc#1229539) * Improved error handling with different OpenSSL versions * Fixed cloud Minion configuration for multiple Masters (bsc#1229109) * Use Pygit2 id instead of deprecated oid in gitfs * Added passlib Python module to the bundle ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Debian 12 zypper in -t patch SUSE-Debian-12-CLIENT-TOOLS-x86_64-2024-4026=1 ## Package List: * SUSE Manager Client Tools for Debian 12 (amd64) * venv-salt-minion-3006.0-2.23.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-3651.html * https://www.suse.com/security/cve/CVE-2024-37891.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://www.suse.com/security/cve/CVE-2024-5569.html * https://www.suse.com/security/cve/CVE-2024-6345.html * https://www.suse.com/security/cve/CVE-2024-6923.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://www.suse.com/security/cve/CVE-2024-8088.html * https://bugzilla.suse.com/show_bug.cgi?id=1219041 * https://bugzilla.suse.com/show_bug.cgi?id=1220357 * https://bugzilla.suse.com/show_bug.cgi?id=1222842 * https://bugzilla.suse.com/show_bug.cgi?id=1226141 * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 * https://bugzilla.suse.com/show_bug.cgi?id=1226469 * https://bugzilla.suse.com/show_bug.cgi?id=1227547 * https://bugzilla.suse.com/show_bug.cgi?id=1228105 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 * https://bugzilla.suse.com/show_bug.cgi?id=1229109 * https://bugzilla.suse.com/show_bug.cgi?id=1229539 * https://bugzilla.suse.com/show_bug.cgi?id=1229654 * https://bugzilla.suse.com/show_bug.cgi?id=1229704 * https://bugzilla.suse.com/show_bug.cgi?id=1229873 * https://bugzilla.suse.com/show_bug.cgi?id=1229994 * https://bugzilla.suse.com/show_bug.cgi?id=1229995 * https://bugzilla.suse.com/show_bug.cgi?id=1229996 * https://bugzilla.suse.com/show_bug.cgi?id=1230058 * https://bugzilla.suse.com/show_bug.cgi?id=1230059 * https://bugzilla.suse.com/show_bug.cgi?id=1230322 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:31:33 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:31:33 -0000 Subject: SUSE-SU-2024:4025-1: important: Security update for SUSE Manager Salt Bundle Message-ID: <173194749330.4943.8305697838083408682@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-2024:4025-1 Release Date: 2024-11-18T13:28:49Z Rating: important References: * bsc#1219041 * bsc#1220357 * bsc#1222842 * bsc#1226141 * bsc#1226447 * bsc#1226448 * bsc#1226469 * bsc#1227547 * bsc#1228105 * bsc#1228780 * bsc#1229109 * bsc#1229539 * bsc#1229654 * bsc#1229704 * bsc#1229873 * bsc#1229994 * bsc#1229995 * bsc#1229996 * bsc#1230058 * bsc#1230059 * bsc#1230322 * jsc#MSQA-863 Cross-References: * CVE-2024-0397 * CVE-2024-3651 * CVE-2024-37891 * CVE-2024-4032 * CVE-2024-5569 * CVE-2024-6345 * CVE-2024-6923 * CVE-2024-7592 * CVE-2024-8088 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-3651 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3651 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37891 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-5569 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-6345 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8088 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Manager Client Tools for Debian 11 An update that solves nine vulnerabilities, contains one feature and has 12 security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security fixes on Python 3.11 interpreter: * CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes (bsc#1229873, bsc#1230059) * CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path (bsc#1229704, bsc#1230058) * CVE-2024-6923: Prevent email header injection due to unquoted newlines (bsc#1228780) * CVE-2024-4032: Rearranging definition of private global IP addresses (bsc#1226448) * CVE-2024-0397: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads (bsc#1226447) * Security fixes on Python dependencies: * CVE-2024-5569: zipp: Fixed a Denial of Service (DoS) vulnerability in the jaraco/zipp library (bsc#1227547, bsc#1229996) * CVE-2024-6345: setuptools: Sanitize any VCS URL used for download (bsc#1228105, bsc#1229995) * CVE-2024-3651: idna: Fix a potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842, bsc#1229994) * CVE-2024-37891: urllib3: Added the `Proxy-Authorization` header to the list of headers to strip from requests when redirecting to a different host (bsc#1226469, bsc#1229654) * Other bugs fixed: * Fixed failing x509 tests with OpenSSL < 1.1 * Avoid explicit reading of /etc/salt/minion (bsc#1220357) * Allow NamedLoaderContexts to be returned from loader * Reverted the change making reactor less blocking (bsc#1230322) * Use --cachedir for extension_modules in salt-call (bsc#1226141) * Prevent using SyncWrapper with no reason * Enable post_start_cleanup.sh to work in a transaction * Fixed the SELinux context for Salt Minion service (bsc#1219041) * Increase warn_until_date date for code we still support * Avoid crash on wrong output of systemctl version (bsc#1229539) * Improved error handling with different OpenSSL versions * Fixed cloud Minion configuration for multiple Masters (bsc#1229109) * Use Pygit2 id instead of deprecated oid in gitfs * Added passlib Python module to the bundle ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Debian 11 zypper in -t patch SUSE-Debian-11-CLIENT-TOOLS-x86_64-2024-4025=1 ## Package List: * SUSE Manager Client Tools for Debian 11 (amd64) * venv-salt-minion-3006.0-2.61.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-3651.html * https://www.suse.com/security/cve/CVE-2024-37891.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://www.suse.com/security/cve/CVE-2024-5569.html * https://www.suse.com/security/cve/CVE-2024-6345.html * https://www.suse.com/security/cve/CVE-2024-6923.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://www.suse.com/security/cve/CVE-2024-8088.html * https://bugzilla.suse.com/show_bug.cgi?id=1219041 * https://bugzilla.suse.com/show_bug.cgi?id=1220357 * https://bugzilla.suse.com/show_bug.cgi?id=1222842 * https://bugzilla.suse.com/show_bug.cgi?id=1226141 * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 * https://bugzilla.suse.com/show_bug.cgi?id=1226469 * https://bugzilla.suse.com/show_bug.cgi?id=1227547 * https://bugzilla.suse.com/show_bug.cgi?id=1228105 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 * https://bugzilla.suse.com/show_bug.cgi?id=1229109 * https://bugzilla.suse.com/show_bug.cgi?id=1229539 * https://bugzilla.suse.com/show_bug.cgi?id=1229654 * https://bugzilla.suse.com/show_bug.cgi?id=1229704 * https://bugzilla.suse.com/show_bug.cgi?id=1229873 * https://bugzilla.suse.com/show_bug.cgi?id=1229994 * https://bugzilla.suse.com/show_bug.cgi?id=1229995 * https://bugzilla.suse.com/show_bug.cgi?id=1229996 * https://bugzilla.suse.com/show_bug.cgi?id=1230058 * https://bugzilla.suse.com/show_bug.cgi?id=1230059 * https://bugzilla.suse.com/show_bug.cgi?id=1230322 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:31:34 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:31:34 -0000 Subject: SUSE-RU-202410:15284-1: moderate: Recommended update for SUSE Manager Salt Bundle Message-ID: <173194749442.4943.10799327042026347673@smelt2.prg2.suse.org> # Recommended update for SUSE Manager Salt Bundle Announcement ID: SUSE-RU-202410:15284-1 Release Date: 2024-11-18T13:28:32Z Rating: moderate References: * jsc#MSQA-863 Affected Products: * SUSE Manager Client Tools for Ubuntu 24.04 2404 An update that contains one feature can now be installed. ## Description: This update fixes the following issues: * Implementation of Salt Bundle on Ubuntu 24.04 ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Ubuntu 24.04 2404 zypper in -t patch suse-ubu244ct-client-tools-202410-15284=1 ## Package List: * SUSE Manager Client Tools for Ubuntu 24.04 2404 (amd64) * venv-salt-minion-3006.0-2.3.1 ## References: * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:31:54 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:31:54 -0000 Subject: SUSE-SU-202410:15283-1: moderate: Security update for SUSE Manager Salt Bundle Message-ID: <173194751476.4943.13315198299042171659@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-202410:15283-1 Release Date: 2024-11-18T13:26:13Z Rating: moderate References: * bsc#1219041 * bsc#1220357 * bsc#1222842 * bsc#1226141 * bsc#1226447 * bsc#1226448 * bsc#1226469 * bsc#1227547 * bsc#1228105 * bsc#1228780 * bsc#1229109 * bsc#1229539 * bsc#1229654 * bsc#1229704 * bsc#1229873 * bsc#1229994 * bsc#1229995 * bsc#1229996 * bsc#1230058 * bsc#1230059 * bsc#1230322 * jsc#MSQA-863 Cross-References: * CVE-2024-0397 * CVE-2024-3651 * CVE-2024-37891 * CVE-2024-4032 * CVE-2024-5569 * CVE-2024-6345 * CVE-2024-6923 * CVE-2024-7592 * CVE-2024-8088 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-3651 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3651 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37891 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-5569 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-6345 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8088 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Manager Client Tools for Ubuntu 22.04 2204 An update that solves nine vulnerabilities, contains one feature and has 12 security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security fixes on Python 3.11 interpreter: * CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes (bsc#1229873, bsc#1230059) * CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path (bsc#1229704, bsc#1230058) * CVE-2024-6923: Prevent email header injection due to unquoted newlines (bsc#1228780) * CVE-2024-4032: Rearranging definition of private global IP addresses (bsc#1226448) * CVE-2024-0397: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads (bsc#1226447) * Security fixes on Python dependencies: * CVE-2024-5569: zipp: Fixed a Denial of Service (DoS) vulnerability in the jaraco/zipp library (bsc#1227547, bsc#1229996) * CVE-2024-6345: setuptools: Sanitize any VCS URL used for download (bsc#1228105, bsc#1229995) * CVE-2024-3651: idna: Fix a potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842, bsc#1229994) * CVE-2024-37891: urllib3: Added the `Proxy-Authorization` header to the list of headers to strip from requests when redirecting to a different host (bsc#1226469, bsc#1229654) * Other bugs fixed: * Fixed failing x509 tests with OpenSSL < 1.1 * Avoid explicit reading of /etc/salt/minion (bsc#1220357) * Allow NamedLoaderContexts to be returned from loader * Reverted the change making reactor less blocking (bsc#1230322) * Use --cachedir for extension_modules in salt-call (bsc#1226141) * Prevent using SyncWrapper with no reason * Enable post_start_cleanup.sh to work in a transaction * Fixed the SELinux context for Salt Minion service (bsc#1219041) * Increase warn_until_date date for code we still support * Avoid crash on wrong output of systemctl version (bsc#1229539) * Improved error handling with different OpenSSL versions * Fixed cloud Minion configuration for multiple Masters (bsc#1229109) * Use Pygit2 id instead of deprecated oid in gitfs * Added passlib Python module to the bundle ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Ubuntu 22.04 2204 zypper in -t patch suse-ubu224ct-client-tools-202410-15283=1 ## Package List: * SUSE Manager Client Tools for Ubuntu 22.04 2204 (amd64) * venv-salt-minion-3006.0-2.54.3 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-3651.html * https://www.suse.com/security/cve/CVE-2024-37891.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://www.suse.com/security/cve/CVE-2024-5569.html * https://www.suse.com/security/cve/CVE-2024-6345.html * https://www.suse.com/security/cve/CVE-2024-6923.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://www.suse.com/security/cve/CVE-2024-8088.html * https://bugzilla.suse.com/show_bug.cgi?id=1219041 * https://bugzilla.suse.com/show_bug.cgi?id=1220357 * https://bugzilla.suse.com/show_bug.cgi?id=1222842 * https://bugzilla.suse.com/show_bug.cgi?id=1226141 * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 * https://bugzilla.suse.com/show_bug.cgi?id=1226469 * https://bugzilla.suse.com/show_bug.cgi?id=1227547 * https://bugzilla.suse.com/show_bug.cgi?id=1228105 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 * https://bugzilla.suse.com/show_bug.cgi?id=1229109 * https://bugzilla.suse.com/show_bug.cgi?id=1229539 * https://bugzilla.suse.com/show_bug.cgi?id=1229654 * https://bugzilla.suse.com/show_bug.cgi?id=1229704 * https://bugzilla.suse.com/show_bug.cgi?id=1229873 * https://bugzilla.suse.com/show_bug.cgi?id=1229994 * https://bugzilla.suse.com/show_bug.cgi?id=1229995 * https://bugzilla.suse.com/show_bug.cgi?id=1229996 * https://bugzilla.suse.com/show_bug.cgi?id=1230058 * https://bugzilla.suse.com/show_bug.cgi?id=1230059 * https://bugzilla.suse.com/show_bug.cgi?id=1230322 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:32:17 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:32:17 -0000 Subject: SUSE-SU-202410:15282-1: important: Security update for SUSE Manager Salt Bundle Message-ID: <173194753757.4943.4352987833736647472@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-202410:15282-1 Release Date: 2024-11-18T13:26:00Z Rating: important References: * bsc#1219041 * bsc#1220357 * bsc#1222842 * bsc#1226141 * bsc#1226447 * bsc#1226448 * bsc#1226469 * bsc#1227547 * bsc#1228105 * bsc#1228780 * bsc#1229109 * bsc#1229539 * bsc#1229654 * bsc#1229704 * bsc#1229873 * bsc#1229994 * bsc#1229995 * bsc#1229996 * bsc#1230058 * bsc#1230059 * bsc#1230322 * jsc#MSQA-863 Cross-References: * CVE-2024-0397 * CVE-2024-3651 * CVE-2024-37891 * CVE-2024-4032 * CVE-2024-5569 * CVE-2024-6345 * CVE-2024-6923 * CVE-2024-7592 * CVE-2024-8088 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-3651 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3651 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37891 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-5569 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-6345 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8088 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Manager Client Tools for Ubuntu 20.04 2004 An update that solves nine vulnerabilities, contains one feature and has 12 security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security fixes on Python 3.11 interpreter: * CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes (bsc#1229873, bsc#1230059) * CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path (bsc#1229704, bsc#1230058) * CVE-2024-6923: Prevent email header injection due to unquoted newlines (bsc#1228780) * CVE-2024-4032: Rearranging definition of private global IP addresses (bsc#1226448) * CVE-2024-0397: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads (bsc#1226447) * Security fixes on Python dependencies: * CVE-2024-5569: zipp: Fixed a Denial of Service (DoS) vulnerability in the jaraco/zipp library (bsc#1227547, bsc#1229996) * CVE-2024-6345: setuptools: Sanitize any VCS URL used for download (bsc#1228105, bsc#1229995) * CVE-2024-3651: idna: Fix a potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842, bsc#1229994) * CVE-2024-37891: urllib3: Added the `Proxy-Authorization` header to the list of headers to strip from requests when redirecting to a different host (bsc#1226469, bsc#1229654) * Other bugs fixed: * Fixed failing x509 tests with OpenSSL < 1.1 * Avoid explicit reading of /etc/salt/minion (bsc#1220357) * Allow NamedLoaderContexts to be returned from loader * Reverted the change making reactor less blocking (bsc#1230322) * Use --cachedir for extension_modules in salt-call (bsc#1226141) * Prevent using SyncWrapper with no reason * Enable post_start_cleanup.sh to work in a transaction * Fixed the SELinux context for Salt Minion service (bsc#1219041) * Increase warn_until_date date for code we still support * Avoid crash on wrong output of systemctl version (bsc#1229539) * Improved error handling with different OpenSSL versions * Fixed cloud Minion configuration for multiple Masters (bsc#1229109) * Use Pygit2 id instead of deprecated oid in gitfs * Added passlib Python module to the bundle ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Ubuntu 20.04 2004 zypper in -t patch suse-ubu204ct-client-tools-202410-15282=1 ## Package List: * SUSE Manager Client Tools for Ubuntu 20.04 2004 (amd64) * venv-salt-minion-3006.0-2.63.3 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-3651.html * https://www.suse.com/security/cve/CVE-2024-37891.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://www.suse.com/security/cve/CVE-2024-5569.html * https://www.suse.com/security/cve/CVE-2024-6345.html * https://www.suse.com/security/cve/CVE-2024-6923.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://www.suse.com/security/cve/CVE-2024-8088.html * https://bugzilla.suse.com/show_bug.cgi?id=1219041 * https://bugzilla.suse.com/show_bug.cgi?id=1220357 * https://bugzilla.suse.com/show_bug.cgi?id=1222842 * https://bugzilla.suse.com/show_bug.cgi?id=1226141 * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 * https://bugzilla.suse.com/show_bug.cgi?id=1226469 * https://bugzilla.suse.com/show_bug.cgi?id=1227547 * https://bugzilla.suse.com/show_bug.cgi?id=1228105 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 * https://bugzilla.suse.com/show_bug.cgi?id=1229109 * https://bugzilla.suse.com/show_bug.cgi?id=1229539 * https://bugzilla.suse.com/show_bug.cgi?id=1229654 * https://bugzilla.suse.com/show_bug.cgi?id=1229704 * https://bugzilla.suse.com/show_bug.cgi?id=1229873 * https://bugzilla.suse.com/show_bug.cgi?id=1229994 * https://bugzilla.suse.com/show_bug.cgi?id=1229995 * https://bugzilla.suse.com/show_bug.cgi?id=1229996 * https://bugzilla.suse.com/show_bug.cgi?id=1230058 * https://bugzilla.suse.com/show_bug.cgi?id=1230059 * https://bugzilla.suse.com/show_bug.cgi?id=1230322 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:32:40 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:32:40 -0000 Subject: SUSE-SU-2024:4021-1: important: Security update for SUSE Manager Salt Bundle Message-ID: <173194756017.4943.10916856763243585108@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-2024:4021-1 Release Date: 2024-11-18T13:25:47Z Rating: important References: * bsc#1219041 * bsc#1220357 * bsc#1222842 * bsc#1226141 * bsc#1226447 * bsc#1226448 * bsc#1226469 * bsc#1227547 * bsc#1228105 * bsc#1228780 * bsc#1229109 * bsc#1229539 * bsc#1229654 * bsc#1229704 * bsc#1229873 * bsc#1229994 * bsc#1229995 * bsc#1229996 * bsc#1230058 * bsc#1230059 * bsc#1230322 * bsc#1231045 * bsc#1231697 * jsc#MSQA-863 Cross-References: * CVE-2024-0397 * CVE-2024-3651 * CVE-2024-37891 * CVE-2024-4032 * CVE-2024-5569 * CVE-2024-6345 * CVE-2024-6923 * CVE-2024-7592 * CVE-2024-8088 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-3651 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3651 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37891 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-5569 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-6345 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8088 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.0 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Client Tools for SLE 15 * SUSE Manager Client Tools for SLE Micro 5 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 Module 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that solves nine vulnerabilities, contains one feature and has 14 security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security fixes on Python 3.11 interpreter: * CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes (bsc#1229873, bsc#1230059) * CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path (bsc#1229704, bsc#1230058) * CVE-2024-6923: Prevent email header injection due to unquoted newlines (bsc#1228780) * CVE-2024-4032: Rearranging definition of private global IP addresses (bsc#1226448) * CVE-2024-0397: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads (bsc#1226447) * Security fixes on Python dependencies: * CVE-2024-5569: zipp: Fixed a Denial of Service (DoS) vulnerability in the jaraco/zipp library (bsc#1227547, bsc#1229996) * CVE-2024-6345: setuptools: Sanitize any VCS URL used for download (bsc#1228105, bsc#1229995) * CVE-2024-3651: idna: Fix a potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842, bsc#1229994) * CVE-2024-37891: urllib3: Added the `Proxy-Authorization` header to the list of headers to strip from requests when redirecting to a different host (bsc#1226469, bsc#1229654) * Other bugs fixed: * Added passlib Python module to the bundle * Allow NamedLoaderContexts to be returned from loader * Avoid crash on wrong output of systemctl version (bsc#1229539) * Avoid explicit reading of /etc/salt/minion (bsc#1220357) * Enable post_start_cleanup.sh to work in a transaction * Fixed cloud Minion configuration for multiple Masters (bsc#1229109) * Fixed failing x509 tests with OpenSSL < 1.1 * Fixed the SELinux context for Salt Minion service (bsc#1219041) * Fixed too frequent systemd service restart in test_system test * Fixed zyppnotify plugin after latest zypp/libzypp upgrades (bsc#1231697, bsc#1231045) * Improved error handling with different OpenSSL versions * Increase warn_until_date date for code we still support * Prevent using SyncWrapper with no reason * Reverted the change making reactor less blocking (bsc#1230322) * Use --cachedir for extension_modules in salt-call (bsc#1226141) * Use Pygit2 id instead of deprecated oid in gitfs ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-2024-4021=1 * SUSE Manager Client Tools for SLE Micro 5 zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2024-4021=1 * SUSE Manager Proxy 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2024-4021=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-4021=1 ## Package List: * SUSE Manager Client Tools for SLE 15 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-150000.3.67.1 * SUSE Manager Client Tools for SLE Micro 5 (aarch64 s390x x86_64) * venv-salt-minion-3006.0-150000.3.67.1 * SUSE Manager Proxy 4.3 Module 4.3 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-150000.3.67.1 * SUSE Manager Server 4.3 Module 4.3 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-150000.3.67.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-3651.html * https://www.suse.com/security/cve/CVE-2024-37891.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://www.suse.com/security/cve/CVE-2024-5569.html * https://www.suse.com/security/cve/CVE-2024-6345.html * https://www.suse.com/security/cve/CVE-2024-6923.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://www.suse.com/security/cve/CVE-2024-8088.html * https://bugzilla.suse.com/show_bug.cgi?id=1219041 * https://bugzilla.suse.com/show_bug.cgi?id=1220357 * https://bugzilla.suse.com/show_bug.cgi?id=1222842 * https://bugzilla.suse.com/show_bug.cgi?id=1226141 * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 * https://bugzilla.suse.com/show_bug.cgi?id=1226469 * https://bugzilla.suse.com/show_bug.cgi?id=1227547 * https://bugzilla.suse.com/show_bug.cgi?id=1228105 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 * https://bugzilla.suse.com/show_bug.cgi?id=1229109 * https://bugzilla.suse.com/show_bug.cgi?id=1229539 * https://bugzilla.suse.com/show_bug.cgi?id=1229654 * https://bugzilla.suse.com/show_bug.cgi?id=1229704 * https://bugzilla.suse.com/show_bug.cgi?id=1229873 * https://bugzilla.suse.com/show_bug.cgi?id=1229994 * https://bugzilla.suse.com/show_bug.cgi?id=1229995 * https://bugzilla.suse.com/show_bug.cgi?id=1229996 * https://bugzilla.suse.com/show_bug.cgi?id=1230058 * https://bugzilla.suse.com/show_bug.cgi?id=1230059 * https://bugzilla.suse.com/show_bug.cgi?id=1230322 * https://bugzilla.suse.com/show_bug.cgi?id=1231045 * https://bugzilla.suse.com/show_bug.cgi?id=1231697 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:33:01 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:33:01 -0000 Subject: SUSE-SU-2024:4020-1: important: Security update for SUSE Manager Salt Bundle Message-ID: <173194758132.4943.4374882153697853335@smelt2.prg2.suse.org> # Security update for SUSE Manager Salt Bundle Announcement ID: SUSE-SU-2024:4020-1 Release Date: 2024-11-18T13:25:06Z Rating: important References: * bsc#1219041 * bsc#1220357 * bsc#1222842 * bsc#1226141 * bsc#1226447 * bsc#1226448 * bsc#1226469 * bsc#1227547 * bsc#1228105 * bsc#1228780 * bsc#1229109 * bsc#1229539 * bsc#1229654 * bsc#1229704 * bsc#1229873 * bsc#1229994 * bsc#1229995 * bsc#1229996 * bsc#1230058 * bsc#1230059 * bsc#1230322 * bsc#1231045 * bsc#1231697 * jsc#MSQA-863 Cross-References: * CVE-2024-0397 * CVE-2024-3651 * CVE-2024-37891 * CVE-2024-4032 * CVE-2024-5569 * CVE-2024-6345 * CVE-2024-6923 * CVE-2024-7592 * CVE-2024-8088 CVSS scores: * CVE-2024-0397 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L * CVE-2024-3651 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-3651 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-37891 ( SUSE ): 4.4 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-4032 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-5569 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-6345 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-6923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L * CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8088 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise Desktop 12 * SUSE Linux Enterprise Desktop 12 SP1 * SUSE Linux Enterprise Desktop 12 SP2 * SUSE Linux Enterprise Desktop 12 SP3 * SUSE Linux Enterprise Desktop 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 * SUSE Manager Client Tools for SLE 12 An update that solves nine vulnerabilities, contains one feature and has 14 security fixes can now be installed. ## Description: This update fixes the following issues: venv-salt-minion: * Security fixes on Python 3.11 interpreter: * CVE-2024-7592: Fixed quadratic complexity in parsing -quoted cookie values with backslashes (bsc#1229873, bsc#1230059) * CVE-2024-8088: Prevent malformed payload to cause infinite loops in zipfile.Path (bsc#1229704, bsc#1230058) * CVE-2024-6923: Prevent email header injection due to unquoted newlines (bsc#1228780) * CVE-2024-4032: Rearranging definition of private global IP addresses (bsc#1226448) * CVE-2024-0397: ssl.SSLContext.cert_store_stats() and ssl.SSLContext.get_ca_certs() now correctly lock access to the certificate store, when the ssl.SSLContext is shared across multiple threads (bsc#1226447) * Security fixes on Python dependencies: * CVE-2024-5569: zipp: Fixed a Denial of Service (DoS) vulnerability in the jaraco/zipp library (bsc#1227547, bsc#1229996) * CVE-2024-6345: setuptools: Sanitize any VCS URL used for download (bsc#1228105, bsc#1229995) * CVE-2024-3651: idna: Fix a potential DoS via resource consumption via specially crafted inputs to idna.encode() (bsc#1222842, bsc#1229994) * CVE-2024-37891: urllib3: Added the `Proxy-Authorization` header to the list of headers to strip from requests when redirecting to a different host (bsc#1226469, bsc#1229654) * Other bugs fixed: * Added passlib Python module to the bundle * Allow NamedLoaderContexts to be returned from loader * Avoid crash on wrong output of systemctl version (bsc#1229539) * Avoid explicit reading of /etc/salt/minion (bsc#1220357) * Enable post_start_cleanup.sh to work in a transaction * Fixed cloud Minion configuration for multiple Masters (bsc#1229109) * Fixed failing x509 tests with OpenSSL < 1.1 * Fixed the SELinux context for Salt Minion service (bsc#1219041) * Fixed zyppnotify plugin after latest zypp/libzypp upgrades (bsc#1231697, bsc#1231045) * Improved error handling with different OpenSSL versions * Increase warn_until_date date for code we still support * Prevent using SyncWrapper with no reason * Reverted the change making reactor less blocking (bsc#1230322) * Use --cachedir for extension_modules in salt-call (bsc#1226141) * Use Pygit2 id instead of deprecated oid in gitfs ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 12 zypper in -t patch SUSE-SLE-Manager-Tools-12-2024-4020=1 ## Package List: * SUSE Manager Client Tools for SLE 12 (aarch64 ppc64le s390x x86_64) * venv-salt-minion-3006.0-3.65.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0397.html * https://www.suse.com/security/cve/CVE-2024-3651.html * https://www.suse.com/security/cve/CVE-2024-37891.html * https://www.suse.com/security/cve/CVE-2024-4032.html * https://www.suse.com/security/cve/CVE-2024-5569.html * https://www.suse.com/security/cve/CVE-2024-6345.html * https://www.suse.com/security/cve/CVE-2024-6923.html * https://www.suse.com/security/cve/CVE-2024-7592.html * https://www.suse.com/security/cve/CVE-2024-8088.html * https://bugzilla.suse.com/show_bug.cgi?id=1219041 * https://bugzilla.suse.com/show_bug.cgi?id=1220357 * https://bugzilla.suse.com/show_bug.cgi?id=1222842 * https://bugzilla.suse.com/show_bug.cgi?id=1226141 * https://bugzilla.suse.com/show_bug.cgi?id=1226447 * https://bugzilla.suse.com/show_bug.cgi?id=1226448 * https://bugzilla.suse.com/show_bug.cgi?id=1226469 * https://bugzilla.suse.com/show_bug.cgi?id=1227547 * https://bugzilla.suse.com/show_bug.cgi?id=1228105 * https://bugzilla.suse.com/show_bug.cgi?id=1228780 * https://bugzilla.suse.com/show_bug.cgi?id=1229109 * https://bugzilla.suse.com/show_bug.cgi?id=1229539 * https://bugzilla.suse.com/show_bug.cgi?id=1229654 * https://bugzilla.suse.com/show_bug.cgi?id=1229704 * https://bugzilla.suse.com/show_bug.cgi?id=1229873 * https://bugzilla.suse.com/show_bug.cgi?id=1229994 * https://bugzilla.suse.com/show_bug.cgi?id=1229995 * https://bugzilla.suse.com/show_bug.cgi?id=1229996 * https://bugzilla.suse.com/show_bug.cgi?id=1230058 * https://bugzilla.suse.com/show_bug.cgi?id=1230059 * https://bugzilla.suse.com/show_bug.cgi?id=1230322 * https://bugzilla.suse.com/show_bug.cgi?id=1231045 * https://bugzilla.suse.com/show_bug.cgi?id=1231697 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:33:18 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:33:18 -0000 Subject: SUSE-SU-2024:4019-1: important: Security update for SUSE Manager Client Tools Message-ID: <173194759836.4943.6595066930001705118@smelt2.prg2.suse.org> # Security update for SUSE Manager Client Tools Announcement ID: SUSE-SU-2024:4019-1 Release Date: 2024-11-18T13:24:46Z Rating: important References: * bsc#1213933 * bsc#1223142 * bsc#1226759 * bsc#1227341 * bsc#1227578 * bsc#1227606 * bsc#1228424 * bsc#1228685 * bsc#1229108 * bsc#1229432 * bsc#1229437 * bsc#1229501 * bsc#1230136 * bsc#1230139 * bsc#1230285 * bsc#1230288 * bsc#1230745 * bsc#1231157 * bsc#1231206 * jsc#ECO-3319 * jsc#MSQA-863 Cross-References: * CVE-2023-3978 CVSS scores: * CVE-2023-3978 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2023-3978 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 An update that solves one vulnerability, contains two features and has 18 security fixes can now be installed. ## Description: This update fixes the following issues: golang-github-lusitaniae-apache_exporter was updated from version 1.0.1 to 1.0.8: * Security issues fixed: * CVE-2023-3978: Fixed security bug in x/net dependency in version 1.0.2 (bsc#1213933) * Bugs fixed: * Require Go 1.20 when building for RedHat derivatives * Version 1.0.8 (bsc#1227341): * Update prometheus/client_golang to version 1.19.1 * Update x/net to version 0.23.0 * Version 1.0.7: * Update protobuf to version 1.33.0 * Update prometheus/client_golang to version 1.19.0 * Update prometheus/common to version 0.46.0 * Standardize landing page * Version 1.0.6: * Update prometheus/exporter-toolkit to version 0.11.0 * Update prometheus/client_golang to version 1.18.0 * Added User-Agent header * Version 1.0.4: * Update x/crypto to version 0.17.0 * Update alecthomas/kingpin/v2 to version 2.4.0 * Update prometheus/common to version 0.45.0 * Version 1.0.3: * Update prometheus/client_golang to version 1.17.0 * Update x/net 0.17.0 * Version 1.0.1: * Update prometheus/exporter-toolkit to version 0.10.0 * Update prometheus/common to version 0.44.0 * Update prometheus/client_golang to version 1.16.0 scap-security-guide was updated from version 0.1.73 to 0.1.74: * Version 0.1.74 (jsc#ECO-3319): * Added Amazon Linux 2023 product * Introduce new remediation type Kickstart * Make PAM macros more flexible to variables * Remove Debian 10 Product * Remove Red Hat Enterprise Linux 7 product * Update CIS RHEL9 control file to v2.0.0 spacecmd was updated from version 5.0.9-0 to 5.0.10-0: * Version 5.0.10-0: * Speed up softwarechannel_removepackages (bsc#1227606) * Fixed error in 'kickstart_delete' when using wildcards (bsc#1227578) * Spacecmd bootstrap now works with specified port (bsc#1229437) * Fixed sls backup creation as directory with spacecmd (bsc#1230745) uyuni-tools was updated from version 0.1.21-0 to 0.1.23-0: * Version 0.1.23-0: * Ensure namespace is defined in all kubernetes commands * Use SCC credentials to authenticate against registry.suse.com for kubernetes (bsc#1231157) * Fixed namespace usage on mgrctl cp command * Version 0.1.22-0: * Set projectId also for test packages/images * mgradm migration should not pull Confidential Computing and Hub image is replicas == 0 (bsc#1229432, bsc#1230136) * Do not allow SUSE Manager downgrade * Prevent completion issue when /var/log/uyuni-tools.log is missing * Fixed proxy shared volume flag * During migration, exclude mgr-sync configuration file (bsc#1228685) * Migrate from PostgreSQL 14 to PostgreSQL 16 pg_hba.conf and postgresql.conf files (bsc#1231206) * During migration, handle empty autoinstallation path (bsc#1230285) * During migration, handle symlinks (bsc#1230288) * During migration, trust the remote sender's file list (bsc#1228424) * Use SCC flags during podman pull * Restore SELinux permission after migration (bsc#1229501) * Share volumes between containers (bsc#1223142) * Save supportconfig in current directory (bsc#1226759) * Fixed error code handling on reinstallation (bsc#1230139) * Fixed creation of first user and organization * Added missing variable quotes for install vars (bsc#1229108) * Added API login and logout calls to allow persistent login ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 zypper in -t patch SUSE-EL-9-CLIENT-TOOLS-2024-4019=1 ## Package List: * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (aarch64 ppc64le s390x x86_64) * mgrctl-0.1.23-1.11.1 * golang-github-lusitaniae-apache_exporter-1.0.8-1.14.1 * mgrctl-debuginfo-0.1.23-1.11.1 * SUSE Manager Client Tools for RHEL, Liberty and Clones 9 (noarch) * mgrctl-bash-completion-0.1.23-1.11.1 * mgrctl-zsh-completion-0.1.23-1.11.1 * spacecmd-5.0.10-1.41.1 * scap-security-guide-redhat-0.1.74-1.29.1 ## References: * https://www.suse.com/security/cve/CVE-2023-3978.html * https://bugzilla.suse.com/show_bug.cgi?id=1213933 * https://bugzilla.suse.com/show_bug.cgi?id=1223142 * https://bugzilla.suse.com/show_bug.cgi?id=1226759 * https://bugzilla.suse.com/show_bug.cgi?id=1227341 * https://bugzilla.suse.com/show_bug.cgi?id=1227578 * https://bugzilla.suse.com/show_bug.cgi?id=1227606 * https://bugzilla.suse.com/show_bug.cgi?id=1228424 * https://bugzilla.suse.com/show_bug.cgi?id=1228685 * https://bugzilla.suse.com/show_bug.cgi?id=1229108 * https://bugzilla.suse.com/show_bug.cgi?id=1229432 * https://bugzilla.suse.com/show_bug.cgi?id=1229437 * https://bugzilla.suse.com/show_bug.cgi?id=1229501 * https://bugzilla.suse.com/show_bug.cgi?id=1230136 * https://bugzilla.suse.com/show_bug.cgi?id=1230139 * https://bugzilla.suse.com/show_bug.cgi?id=1230285 * https://bugzilla.suse.com/show_bug.cgi?id=1230288 * https://bugzilla.suse.com/show_bug.cgi?id=1230745 * https://bugzilla.suse.com/show_bug.cgi?id=1231157 * https://bugzilla.suse.com/show_bug.cgi?id=1231206 * https://jira.suse.com/browse/ECO-3319 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:33:32 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:33:32 -0000 Subject: SUSE-RU-2024:4016-1: moderate: Recommended update for SUSE Manager Client Tools Message-ID: <173194761227.4943.16671676710382386661@smelt2.prg2.suse.org> # Recommended update for SUSE Manager Client Tools Announcement ID: SUSE-RU-2024:4016-1 Release Date: 2024-11-18T13:24:07Z Rating: moderate References: * bsc#1223142 * bsc#1226759 * bsc#1227578 * bsc#1227606 * bsc#1228424 * bsc#1228685 * bsc#1229108 * bsc#1229432 * bsc#1229437 * bsc#1229501 * bsc#1230136 * bsc#1230139 * bsc#1230285 * bsc#1230288 * bsc#1230745 * bsc#1231157 * bsc#1231206 * jsc#MSQA-863 Affected Products: * SUSE Manager Client Tools for Debian 12 An update that contains one feature and has 17 fixes can now be installed. ## Description: This update fixes the following issues: spacecmd was updated from version 5.0.9-0 to 5.0.10-0: * Version 5.0.10-0: * Speed up softwarechannel_removepackages (bsc#1227606) * Fix error in 'kickstart_delete' when using wildcards (bsc#1227578) * Spacecmd bootstrap now works with specified port (bsc#1229437) * Fix sls backup creation as directory with spacecmd (bsc#1230745) uyuni-tools was updated from version 0.1.21-0 to 0.1.23-0: * Version 0.1.23-0: * Ensure namespace is defined in all kubernetes commands * Use SCC credentials to authenticate against registry.suse.com for kubernetes (bsc#1231157) * Fixed namespace usage on mgrctl cp command * Version 0.1.22-0: * Set projectId also for test packages/images * mgradm migration should not pull Confidential Computing and Hub image is replicas == 0 (bsc#1229432, bsc#1230136) * Do not allow SUSE Manager downgrade * Prevent completion issue when /var/log/uyuni-tools.log is missing * Fixed proxy shared volume flag * During migration, exclude mgr-sync configuration file (bsc#1228685) * Migrate from PostgreSQL 14 to PostgreSQL 16 pg_hba.conf and postgresql.conf files (bsc#1231206) * During migration, handle empty autoinstallation path (bsc#1230285) * During migration, handle symlinks (bsc#1230288) * During migration, trust the remote sender's file list (bsc#1228424) * Use SCC flags during podman pull * Restore SELinux permission after migration (bsc#1229501) * Share volumes between containers (bsc#1223142) * Save supportconfig in current directory (bsc#1226759) * Fixed error code handling on reinstallation (bsc#1230139) * Fixed creation of first user and organization * Added missing variable quotes for install vars (bsc#1229108) * Added API login and logout calls to allow persistent login ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Debian 12 zypper in -t patch SUSE-Debian-12-CLIENT-TOOLS-x86_64-2024-4016=1 ## Package List: * SUSE Manager Client Tools for Debian 12 (all) * spacecmd-5.0.10-3.23.1 * mgrctl-zsh-completion-0.1.23-2.13.1 * mgrctl-fish-completion-0.1.23-2.13.1 * mgrctl-bash-completion-0.1.23-2.13.1 * SUSE Manager Client Tools for Debian 12 (amd64) * mgrctl-0.1.23-2.13.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1223142 * https://bugzilla.suse.com/show_bug.cgi?id=1226759 * https://bugzilla.suse.com/show_bug.cgi?id=1227578 * https://bugzilla.suse.com/show_bug.cgi?id=1227606 * https://bugzilla.suse.com/show_bug.cgi?id=1228424 * https://bugzilla.suse.com/show_bug.cgi?id=1228685 * https://bugzilla.suse.com/show_bug.cgi?id=1229108 * https://bugzilla.suse.com/show_bug.cgi?id=1229432 * https://bugzilla.suse.com/show_bug.cgi?id=1229437 * https://bugzilla.suse.com/show_bug.cgi?id=1229501 * https://bugzilla.suse.com/show_bug.cgi?id=1230136 * https://bugzilla.suse.com/show_bug.cgi?id=1230139 * https://bugzilla.suse.com/show_bug.cgi?id=1230285 * https://bugzilla.suse.com/show_bug.cgi?id=1230288 * https://bugzilla.suse.com/show_bug.cgi?id=1230745 * https://bugzilla.suse.com/show_bug.cgi?id=1231157 * https://bugzilla.suse.com/show_bug.cgi?id=1231206 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:33:38 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:33:38 -0000 Subject: SUSE-RU-2024:4015-1: moderate: Recommended update for SUSE Manager Client Tools Message-ID: <173194761859.4943.6345710198130540898@smelt2.prg2.suse.org> # Recommended update for SUSE Manager Client Tools Announcement ID: SUSE-RU-2024:4015-1 Release Date: 2024-11-18T13:24:01Z Rating: moderate References: * bsc#1227578 * bsc#1227606 * bsc#1229437 * bsc#1230745 * jsc#MSQA-863 Affected Products: * SUSE Manager Client Tools for Debian 11 An update that contains one feature and has four fixes can now be installed. ## Description: This update fixes the following issues: spacecmd was updated from version 5.0.9-0 to 5.0.10-0: * Version 5.0.10-0: * Speed up softwarechannel_removepackages (bsc#1227606) * Fix error in 'kickstart_delete' when using wildcards (bsc#1227578) * Spacecmd bootstrap now works with specified port (bsc#1229437) * Fixed sls backup creation as directory with spacecmd (bsc#1230745) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Debian 11 zypper in -t patch SUSE-Debian-11-CLIENT-TOOLS-x86_64-2024-4015=1 ## Package List: * SUSE Manager Client Tools for Debian 11 (all) * spacecmd-5.0.10-2.50.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1227578 * https://bugzilla.suse.com/show_bug.cgi?id=1227606 * https://bugzilla.suse.com/show_bug.cgi?id=1229437 * https://bugzilla.suse.com/show_bug.cgi?id=1230745 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:33:39 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:33:39 -0000 Subject: SUSE-RU-202410:15280-1: moderate: Recommended update for SUSE Manager Client Tools Message-ID: <173194761972.4943.2672368868249022843@smelt2.prg2.suse.org> # Recommended update for SUSE Manager Client Tools Announcement ID: SUSE-RU-202410:15280-1 Release Date: 2024-11-18T13:23:57Z Rating: moderate References: * jsc#MSQA-863 Affected Products: * SUSE Manager Client Tools for Ubuntu 24.04 2404 An update that contains one feature can now be installed. ## Description: This update fixes the following issues: * Provide prometheus-apache-exporter 1.0.6 * Provide prometheus-exporter-exporter 0.4.0 * Provide prometheus-node-exporter 1.7.0 * Provide prometheus-postgres-exporter 0.15.0 * Provide spacecmd 5.0.10-0 * Provide uyuni-tools 0.1.23-0 ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Ubuntu 24.04 2404 zypper in -t patch suse-ubu244ct-client-tools-202410-15280=1 ## Package List: * SUSE Manager Client Tools for Ubuntu 24.04 2404 (all) * spacecmd-5.0.10-2.3.5 * mgrctl-fish-completion-0.1.23-2.3.5 * mgrctl-bash-completion-0.1.23-2.3.5 * mgrctl-zsh-completion-0.1.23-2.3.5 * SUSE Manager Client Tools for Ubuntu 24.04 2404 (amd64) * prometheus-apache-exporter-1.0.6-1ubuntu0.1 * prometheus-node-exporter-1.7.0-1ubuntu0.1 * mgrctl-0.1.23-2.3.5 * prometheus-exporter-exporter-0.4.0-1ubuntu0.24.04.1 * prometheus-postgres-exporter-0.15.0-1ubuntu0.1 ## References: * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:33:53 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:33:53 -0000 Subject: SUSE-RU-202410:15279-1: moderate: Recommended update for SUSE Manager Client Tools Message-ID: <173194763368.4943.17183622073640031033@smelt2.prg2.suse.org> # Recommended update for SUSE Manager Client Tools Announcement ID: SUSE-RU-202410:15279-1 Release Date: 2024-11-18T13:23:47Z Rating: moderate References: * bsc#1223142 * bsc#1226759 * bsc#1227578 * bsc#1227606 * bsc#1228424 * bsc#1228685 * bsc#1229108 * bsc#1229432 * bsc#1229437 * bsc#1229501 * bsc#1230136 * bsc#1230139 * bsc#1230285 * bsc#1230288 * bsc#1230745 * bsc#1231157 * bsc#1231206 * jsc#ECO-3319 * jsc#MSQA-863 Affected Products: * SUSE Manager Client Tools for Ubuntu 22.04 2204 An update that contains two features and has 17 fixes can now be installed. ## Description: This update fixes the following issues: scap-security-guide: * Updated to 0.1.74 (jsc#ECO-3319) * Add Amazon Linux 2023 product (#12006) * Introduce new remediation type Kickstart (#12144) * Make PAM macros more flexible to variables (#12133) * Remove Debian 10 Product (#12205) * Remove Red Hat Enterprise Linux 7 product (#12093) * Update CIS RHEL9 control file to v2.0.0 (#12067) spacecmd: * Version 5.0.10-0 * Speed up softwarechannel_removepackages (bsc#1227606) * Fix error in 'kickstart_delete' when using wildcards (bsc#1227578) * Spacecmd bootstrap now works with specified port (bsc#1229437) * Fix sls backup creation as directory with spacecmd (bsc#1230745) uyuni-tools: * Version 0.1.23-0 * Ensure namespace is defined in all kubernetes commands * Use SCC credentials to authenticate against registry.suse.com for kubernetes (bsc#1231157) * Fix namespace usage on mgrctl cp command * Version 0.1.22-0 * Set projectId also for test packages/images * mgradm migration should not pull Confidential Computing and Hub image is replicas == 0 (bsc#1229432, bsc#1230136) * Do not allow SUSE Manager downgrade * Prevent completion issue when /var/log/uyuni-tools.log is missing * Fix proxy shared volume flag * During migration, exclude mgr-sync configuration file (bsc#1228685) * Migrate from PostgreSQL 14 to PostgreSQL 16 pg_hba.conf and postgresql.conf files (bsc#1231206) * During migration, handle empty autoinstallation path (bsc#1230285) * During migration, handle symlinks (bsc#1230288) * During migration, trust the remote sender's file list (bsc#1228424) * Use SCC flags during podman pull * Restore SELinux permission after migration (bsc#1229501) * Share volumes between containers (bsc#1223142) * Save supportconfig in current directory (bsc#1226759) * Fix error code handling on reinstallation (bsc#1230139) * Fix creating first user and organization * Add missing variable quotes for install vars (bsc#1229108) * Add API login and logout calls to allow persistent login ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Ubuntu 22.04 2204 zypper in -t patch suse-ubu224ct-client-tools-202410-15279=1 ## Package List: * SUSE Manager Client Tools for Ubuntu 22.04 2204 (all) * mgrctl-fish-completion-0.1.23-2.13.2 * mgrctl-bash-completion-0.1.23-2.13.2 * spacecmd-5.0.10-2.47.2 * scap-security-guide-ubuntu-0.1.74-2.31.2 * mgrctl-zsh-completion-0.1.23-2.13.2 * SUSE Manager Client Tools for Ubuntu 22.04 2204 (amd64) * mgrctl-0.1.23-2.13.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1223142 * https://bugzilla.suse.com/show_bug.cgi?id=1226759 * https://bugzilla.suse.com/show_bug.cgi?id=1227578 * https://bugzilla.suse.com/show_bug.cgi?id=1227606 * https://bugzilla.suse.com/show_bug.cgi?id=1228424 * https://bugzilla.suse.com/show_bug.cgi?id=1228685 * https://bugzilla.suse.com/show_bug.cgi?id=1229108 * https://bugzilla.suse.com/show_bug.cgi?id=1229432 * https://bugzilla.suse.com/show_bug.cgi?id=1229437 * https://bugzilla.suse.com/show_bug.cgi?id=1229501 * https://bugzilla.suse.com/show_bug.cgi?id=1230136 * https://bugzilla.suse.com/show_bug.cgi?id=1230139 * https://bugzilla.suse.com/show_bug.cgi?id=1230285 * https://bugzilla.suse.com/show_bug.cgi?id=1230288 * https://bugzilla.suse.com/show_bug.cgi?id=1230745 * https://bugzilla.suse.com/show_bug.cgi?id=1231157 * https://bugzilla.suse.com/show_bug.cgi?id=1231206 * https://jira.suse.com/browse/ECO-3319 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:34:12 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:34:12 -0000 Subject: SUSE-RU-202410:15278-1: moderate: Recommended update for SUSE Manager Client Tools Message-ID: <173194765278.4943.7511542461390572221@smelt2.prg2.suse.org> # Recommended update for SUSE Manager Client Tools Announcement ID: SUSE-RU-202410:15278-1 Release Date: 2024-11-18T13:23:41Z Rating: moderate References: * bsc#1219041 * bsc#1220357 * bsc#1223142 * bsc#1226141 * bsc#1226759 * bsc#1227578 * bsc#1227606 * bsc#1228424 * bsc#1228685 * bsc#1229108 * bsc#1229109 * bsc#1229432 * bsc#1229437 * bsc#1229501 * bsc#1229539 * bsc#1230136 * bsc#1230139 * bsc#1230285 * bsc#1230288 * bsc#1230322 * bsc#1230745 * bsc#1231157 * bsc#1231206 * jsc#ECO-3319 * jsc#MSQA-863 Affected Products: * SUSE Manager Client Tools for Ubuntu 20.04 2004 An update that contains two features and has 23 fixes can now be installed. ## Description: This update fixes the following issues: salt: * Fix failing x509 tests with OpenSSL < 1.1 * Avoid explicit reading of /etc/salt/minion (bsc#1220357) * Allow NamedLoaderContexts to be returned from loader * Revert the change making reactor less blocking (bsc#1230322) * Use --cachedir for extension_modules in salt-call (bsc#1226141) * Prevent using SyncWrapper with no reason * Fix the SELinux context for Salt Minion service (bsc#1219041) * Set contextvars as a build requirement for package * Increase warn_until_date date for code we still support * The test_debian test now uses port 80 for ubuntu keyserver * Fix too frequent systemd service restart in test_system test * Avoid crash on wrong output of systemctl version (bsc#1229539) * Improve error handling with different OpenSSL versions * Remove redundant run_func from salt.master.MWorker._handle_aes * Fix cloud minion configuration for multiple masters (bsc#1229109) * Use Pygit2 id instead of deprecated oid in gitfs * Fix few failing tests to work with both Salt and Salt bundle * Skip testing unsupported OpenSSL crypto algorithms scap-security-guide: * Updated to 0.1.74 (jsc#ECO-3319) * Add Amazon Linux 2023 product (#12006) * Introduce new remediation type Kickstart (#12144) * Make PAM macros more flexible to variables (#12133) * Remove Debian 10 Product (#12205) * Remove Red Hat Enterprise Linux 7 product (#12093) * Update CIS RHEL9 control file to v2.0.0 (#12067) spacecmd: * Version 5.0.10-0 * Speed up softwarechannel_removepackages (bsc#1227606) * Fix error in 'kickstart_delete' when using wildcards (bsc#1227578) * Spacecmd bootstrap now works with specified port (bsc#1229437) * Fix sls backup creation as directory with spacecmd (bsc#1230745) uyuni-tools: * Version 0.1.23-0 * Ensure namespace is defined in all kubernetes commands * Use SCC credentials to authenticate against registry.suse.com for kubernetes (bsc#1231157) * Fix namespace usage on mgrctl cp command * Version 0.1.22-0 * Set projectId also for test packages/images * mgradm migration should not pull Confidential Computing and Hub image is replicas == 0 (bsc#1229432, bsc#1230136) * Do not allow SUSE Manager downgrade * Prevent completion issue when /var/log/uyuni-tools.log is missing * Fix proxy shared volume flag * During migration, exclude mgr-sync configuration file (bsc#1228685) * Migrate from PostgreSQL 14 to PostgreSQL 16 pg_hba.conf and postgresql.conf files (bsc#1231206) * During migration, handle empty autoinstallation path (bsc#1230285) * During migration, handle symlinks (bsc#1230288) * During migration, trust the remote sender's file list (bsc#1228424) * Use SCC flags during podman pull * Restore SELinux permission after migration (bsc#1229501) * Share volumes between containers (bsc#1223142) * Save supportconfig in current directory (bsc#1226759) * Fix error code handling on reinstallation (bsc#1230139) * Fix creating first user and organization * Add missing variable quotes for install vars (bsc#1229108) * Add API login and logout calls to allow persistent login ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for Ubuntu 20.04 2004 zypper in -t patch suse-ubu204ct-client-tools-202410-15278=1 ## Package List: * SUSE Manager Client Tools for Ubuntu 20.04 2004 (all) * salt-minion-3006.0+ds-1+2.131.2 * mgrctl-fish-completion-0.1.23-2.13.2 * salt-common-3006.0+ds-1+2.131.2 * mgrctl-bash-completion-0.1.23-2.13.2 * spacecmd-5.0.10-2.92.2 * mgrctl-zsh-completion-0.1.23-2.13.2 * scap-security-guide-ubuntu-0.1.74-2.52.2 * SUSE Manager Client Tools for Ubuntu 20.04 2004 (amd64) * mgrctl-0.1.23-2.13.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219041 * https://bugzilla.suse.com/show_bug.cgi?id=1220357 * https://bugzilla.suse.com/show_bug.cgi?id=1223142 * https://bugzilla.suse.com/show_bug.cgi?id=1226141 * https://bugzilla.suse.com/show_bug.cgi?id=1226759 * https://bugzilla.suse.com/show_bug.cgi?id=1227578 * https://bugzilla.suse.com/show_bug.cgi?id=1227606 * https://bugzilla.suse.com/show_bug.cgi?id=1228424 * https://bugzilla.suse.com/show_bug.cgi?id=1228685 * https://bugzilla.suse.com/show_bug.cgi?id=1229108 * https://bugzilla.suse.com/show_bug.cgi?id=1229109 * https://bugzilla.suse.com/show_bug.cgi?id=1229432 * https://bugzilla.suse.com/show_bug.cgi?id=1229437 * https://bugzilla.suse.com/show_bug.cgi?id=1229501 * https://bugzilla.suse.com/show_bug.cgi?id=1229539 * https://bugzilla.suse.com/show_bug.cgi?id=1230136 * https://bugzilla.suse.com/show_bug.cgi?id=1230139 * https://bugzilla.suse.com/show_bug.cgi?id=1230285 * https://bugzilla.suse.com/show_bug.cgi?id=1230288 * https://bugzilla.suse.com/show_bug.cgi?id=1230322 * https://bugzilla.suse.com/show_bug.cgi?id=1230745 * https://bugzilla.suse.com/show_bug.cgi?id=1231157 * https://bugzilla.suse.com/show_bug.cgi?id=1231206 * https://jira.suse.com/browse/ECO-3319 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:34:31 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:34:31 -0000 Subject: SUSE-SU-2024:4011-1: moderate: Security update for SUSE Manager Client Tools Message-ID: <173194767189.4943.3235901500660831052@smelt2.prg2.suse.org> # Security update for SUSE Manager Client Tools Announcement ID: SUSE-SU-2024:4011-1 Release Date: 2024-11-18T13:23:33Z Rating: moderate References: * bsc#1213933 * bsc#1223142 * bsc#1226759 * bsc#1227341 * bsc#1227578 * bsc#1227606 * bsc#1228424 * bsc#1228685 * bsc#1229108 * bsc#1229260 * bsc#1229432 * bsc#1229437 * bsc#1229501 * bsc#1230136 * bsc#1230139 * bsc#1230285 * bsc#1230288 * bsc#1230745 * bsc#1231157 * bsc#1231206 * jsc#MSQA-863 Cross-References: * CVE-2023-3978 CVSS scores: * CVE-2023-3978 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2023-3978 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.0 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Client Tools for SLE 15 * SUSE Manager Client Tools for SLE Micro 5 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 Module 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability, contains one feature and has 19 security fixes can now be installed. ## Description: This update fixes the following issues: golang-github-lusitaniae-apache_exporter: * Security issues fixed: * CVE-2023-3978: Fixed security bug in x/net dependency (bsc#1213933) * Other changes and issues fixed: * Delete unpackaged debug files for RHEL * Do not include source files in the package for RHEL 9 * Require Go 1.20 when building for RedHat derivatives * Drop EnvironmentFile from the service definition * Explicitly unset $ARGS environment variable. Setting environment variables should be done in drop-in systemd configuration files. * Drop go_nostrip macro. It is not needed with current binutils and Go. * Migrate from `disabled` to `manual` source service type * Drop BuildRequires: golang-packaging * Upgrade to version 1.0.8 (bsc#1227341) * Update prometheus/client_golang to version 1.19.1 * Update x/net to version 0.23.0 * Upgrade to version 1.0.7 * Update protobuf to version 1.33.0 * Update prometheus/client_golang to version 1.19.0 * Update prometheus/common to version 0.46.0 * Standardize landing page * Upgrade to version 1.0.6 * Update prometheus/exporter-toolkit to version 0.11.0 * Update prometheus/client_golang to version 1.18.0 * Add User-Agent header * Upgrade to version 1.0.4 * Update x/crypto to version 0.17.0 * Update alecthomas/kingpin/v2 to version 2.4.0 * Update prometheus/common to version 0.45.0 * Upgrade to version 1.0.3 * Update prometheus/client_golang to version 1.17.0 * Update x/net 0.17.0 * Upgrade to version 1.0.1 * Update prometheus/exporter-toolkit to version 0.10.0 * Update prometheus/common to version 0.44.0 * Update prometheus/client_golang to version 1.16.0 golang-github-prometheus-promu: * Require Go >= 1.21 for building * Packaging improvements: * Drop export CGO_ENABLED="0". Use the default unless there is a defined requirement or benefit (bsc#1230623). * Update to version 0.16.0: * Do not discover user/host for reproducible builds * Fix example/prometheus build error * Update to version 0.15.0: * Add linux/riscv64 to default platforms * Use yaml.Unmarshalstrict to validate configuration files spacecmd: * Version 5.0.10-0 * Speed up softwarechannel_removepackages (bsc#1227606) * Fix error in 'kickstart_delete' when using wildcards (bsc#1227578) * Spacecmd bootstrap now works with specified port (bsc#1229437) * Fix sls backup creation as directory with spacecmd (bsc#1230745) uyuni-common-libs: * Version 5.0.5-0 * Enforce directory permissions at repo-sync when creating directories (bsc#1229260) uyuni-tools: * version 0.1.23-0 * Ensure namespace is defined in all kubernetes commands * Use SCC credentials to authenticate against registry.suse.com for kubernetes (bsc#1231157) * Fix namespace usage on mgrctl cp command * version 0.1.22-0 * Set projectId also for test packages/images * mgradm migration should not pull Confidential Computing and Hub image is replicas == 0 (bsc#1229432, bsc#1230136) * Do not allow SUSE Manager downgrade * Prevent completion issue when /var/log/uyuni-tools.log is missing * Fix proxy shared volume flag * During migration, exclude mgr-sync configuration file (bsc#1228685) * Migrate from PostgreSQL 14 to PostgreSQL 16 pg_hba.conf and postgresql.conf files (bsc#1231206) * During migration, handle empty autoinstallation path (bsc#1230285) * During migration, handle symlinks (bsc#1230288) * During migration, trust the remote sender's file list (bsc#1228424) * Use SCC flags during podman pull * Restore SELinux permission after migration (bsc#1229501) * Share volumes between containers (bsc#1223142) * Save supportconfig in current directory (bsc#1226759) * Fix error code handling on reinstallation (bsc#1230139) * Fix creating first user and organization * Add missing variable quotes for install vars (bsc#1229108) * Add API login and logout calls to allow persistent login Changes that only impact SUSE Manager 4.3: mgr-daemon: * Version 4.3.11-0 * Update translation strings spacewalk-client-tools: * Version 4.3.21-0 * Update translation strings ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4011=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4011=1 * SUSE Manager Client Tools for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-2024-4011=1 * SUSE Manager Client Tools for SLE Micro 5 zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2024-4011=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-4011=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-4011=1 * SUSE Manager Proxy 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2024-4011=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-4011=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-promu-0.16.0-150000.3.21.4 * wire-debuginfo-0.6.0-150000.1.17.4 * golang-github-lusitaniae-apache_exporter-debuginfo-1.0.8-150000.1.23.3 * golang-github-lusitaniae-apache_exporter-1.0.8-150000.1.23.3 * wire-0.6.0-150000.1.17.4 * openSUSE Leap 15.5 (noarch) * spacecmd-5.0.10-150000.3.127.3 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-promu-0.16.0-150000.3.21.4 * wire-debuginfo-0.6.0-150000.1.17.4 * golang-github-lusitaniae-apache_exporter-debuginfo-1.0.8-150000.1.23.3 * golang-github-lusitaniae-apache_exporter-1.0.8-150000.1.23.3 * wire-0.6.0-150000.1.17.4 * openSUSE Leap 15.6 (noarch) * spacecmd-5.0.10-150000.3.127.3 * SUSE Manager Client Tools for SLE 15 (aarch64 ppc64le s390x x86_64) * mgrctl-debuginfo-0.1.23-150000.1.13.3 * mgrctl-0.1.23-150000.1.13.3 * golang-github-lusitaniae-apache_exporter-debuginfo-1.0.8-150000.1.23.3 * golang-github-lusitaniae-apache_exporter-1.0.8-150000.1.23.3 * python3-uyuni-common-libs-5.0.5-150000.1.45.3 * SUSE Manager Client Tools for SLE 15 (noarch) * mgrctl-zsh-completion-0.1.23-150000.1.13.3 * python3-spacewalk-client-setup-4.3.21-150000.3.97.4 * python3-spacewalk-check-4.3.21-150000.3.97.4 * spacewalk-client-tools-4.3.21-150000.3.97.4 * mgr-daemon-4.3.11-150000.1.53.5 * spacecmd-5.0.10-150000.3.127.3 * spacewalk-check-4.3.21-150000.3.97.4 * python3-spacewalk-client-tools-4.3.21-150000.3.97.4 * mgrctl-lang-0.1.23-150000.1.13.3 * mgrctl-bash-completion-0.1.23-150000.1.13.3 * spacewalk-client-setup-4.3.21-150000.3.97.4 * SUSE Manager Client Tools for SLE Micro 5 (aarch64 s390x x86_64) * mgrctl-0.1.23-150000.1.13.3 * mgrctl-debuginfo-0.1.23-150000.1.13.3 * SUSE Manager Client Tools for SLE Micro 5 (noarch) * mgrctl-lang-0.1.23-150000.1.13.3 * mgrctl-bash-completion-0.1.23-150000.1.13.3 * mgrctl-zsh-completion-0.1.23-150000.1.13.3 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-promu-0.16.0-150000.3.21.4 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * golang-github-prometheus-promu-0.16.0-150000.3.21.4 * SUSE Manager Proxy 4.3 Module 4.3 (aarch64 ppc64le s390x x86_64) * golang-github-lusitaniae-apache_exporter-1.0.8-150000.1.23.3 * golang-github-lusitaniae-apache_exporter-debuginfo-1.0.8-150000.1.23.3 * SUSE Manager Server 4.3 Module 4.3 (aarch64 ppc64le s390x x86_64) * golang-github-lusitaniae-apache_exporter-1.0.8-150000.1.23.3 * golang-github-lusitaniae-apache_exporter-debuginfo-1.0.8-150000.1.23.3 ## References: * https://www.suse.com/security/cve/CVE-2023-3978.html * https://bugzilla.suse.com/show_bug.cgi?id=1213933 * https://bugzilla.suse.com/show_bug.cgi?id=1223142 * https://bugzilla.suse.com/show_bug.cgi?id=1226759 * https://bugzilla.suse.com/show_bug.cgi?id=1227341 * https://bugzilla.suse.com/show_bug.cgi?id=1227578 * https://bugzilla.suse.com/show_bug.cgi?id=1227606 * https://bugzilla.suse.com/show_bug.cgi?id=1228424 * https://bugzilla.suse.com/show_bug.cgi?id=1228685 * https://bugzilla.suse.com/show_bug.cgi?id=1229108 * https://bugzilla.suse.com/show_bug.cgi?id=1229260 * https://bugzilla.suse.com/show_bug.cgi?id=1229432 * https://bugzilla.suse.com/show_bug.cgi?id=1229437 * https://bugzilla.suse.com/show_bug.cgi?id=1229501 * https://bugzilla.suse.com/show_bug.cgi?id=1230136 * https://bugzilla.suse.com/show_bug.cgi?id=1230139 * https://bugzilla.suse.com/show_bug.cgi?id=1230285 * https://bugzilla.suse.com/show_bug.cgi?id=1230288 * https://bugzilla.suse.com/show_bug.cgi?id=1230745 * https://bugzilla.suse.com/show_bug.cgi?id=1231157 * https://bugzilla.suse.com/show_bug.cgi?id=1231206 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:34:49 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:34:49 -0000 Subject: SUSE-SU-2024:4010-1: moderate: Security update for SUSE Manager Client Tools Message-ID: <173194768956.4943.12537565736485872981@smelt2.prg2.suse.org> # Security update for SUSE Manager Client Tools Announcement ID: SUSE-SU-2024:4010-1 Release Date: 2024-11-18T13:22:18Z Rating: moderate References: * bsc#1213933 * bsc#1223142 * bsc#1226759 * bsc#1227341 * bsc#1227578 * bsc#1227606 * bsc#1228424 * bsc#1228685 * bsc#1229108 * bsc#1229260 * bsc#1229432 * bsc#1229437 * bsc#1229501 * bsc#1230136 * bsc#1230139 * bsc#1230285 * bsc#1230288 * bsc#1230623 * bsc#1230745 * bsc#1231157 * bsc#1231206 * jsc#MSQA-863 Cross-References: * CVE-2023-3978 CVSS scores: * CVE-2023-3978 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2023-3978 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise Desktop 12 * SUSE Linux Enterprise Desktop 12 SP1 * SUSE Linux Enterprise Desktop 12 SP2 * SUSE Linux Enterprise Desktop 12 SP3 * SUSE Linux Enterprise Desktop 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 * SUSE Manager Client Tools for SLE 12 An update that solves one vulnerability, contains one feature and has 20 security fixes can now be installed. ## Description: This update fixes the following issues: golang-github-lusitaniae-apache_exporter: * Security issues fixed: * CVE-2023-3978: Fixed security bug in x/net dependency (bsc#1213933) * Other changes and issues fixed: * Delete unpackaged debug files for RHEL * Do not include source files in the package for RHEL 9 * Require Go 1.20 when building for RedHat derivatives * Drop EnvironmentFile from the service definition * Explicitly unset $ARGS environment variable. Setting environment variables should be done in drop-in systemd configuration files. * Drop go_nostrip macro. It is not needed with current binutils and Go. * Migrate from `disabled` to `manual` source service type * Drop BuildRequires: golang-packaging * Upgrade to version 1.0.8 (bsc#1227341) * Update prometheus/client_golang to version 1.19.1 * Update x/net to version 0.23.0 * Upgrade to version 1.0.7 * Update protobuf to version 1.33.0 * Update prometheus/client_golang to version 1.19.0 * Update prometheus/common to version 0.46.0 * Standardize landing page * Upgrade to version 1.0.6 * Update prometheus/exporter-toolkit to version 0.11.0 * Update prometheus/client_golang to version 1.18.0 * Add User-Agent header * Upgrade to version 1.0.4 * Update x/crypto to version 0.17.0 * Update alecthomas/kingpin/v2 to version 2.4.0 * Update prometheus/common to version 0.45.0 * Upgrade to version 1.0.3 * Update prometheus/client_golang to version 1.17.0 * Update x/net 0.17.0 * Upgrade to version 1.0.1 * Update prometheus/exporter-toolkit to version 0.10.0 * Update prometheus/common to version 0.44.0 * Update prometheus/client_golang to version 1.16.0 golang-github-prometheus-promu: * Require Go >= 1.21 for building * Packaging improvements: * Drop export CGO_ENABLED="0". Use the default unless there is a defined requirement or benefit (bsc#1230623). * Update to version 0.16.0: * Do not discover user/host for reproducible builds * Fix example/prometheus build error * Update to version 0.15.0: * Add linux/riscv64 to default platforms * Use yaml.Unmarshalstrict to validate configuration files spacecmd: * Version 5.0.10-0 * Speed up softwarechannel_removepackages (bsc#1227606) * Fix error in 'kickstart_delete' when using wildcards (bsc#1227578) * Spacecmd bootstrap now works with specified port (bsc#1229437) * Fix sls backup creation as directory with spacecmd (bsc#1230745) uyuni-common-libs: * Version 5.0.5-0 * Enforce directory permissions at repo-sync when creating directories (bsc#1229260) uyuni-tools: * Version 0.1.23-0 * Ensure namespace is defined in all kubernetes commands * Use SCC credentials to authenticate against registry.suse.com for kubernetes (bsc#1231157) * Fix namespace usage on mgrctl cp command * Version 0.1.22-0 * Set projectId also for test packages/images * mgradm migration should not pull Confidential Computing and Hub image is replicas == 0 (bsc#1229432, bsc#1230136) * Do not allow SUSE Manager downgrade * Prevent completion issue when /var/log/uyuni-tools.log is missing * Fix proxy shared volume flag * During migration, exclude mgr-sync configuration file (bsc#1228685) * Migrate from PostgreSQL 14 to PostgreSQL 16 pg_hba.conf and postgresql.conf files (bsc#1231206) * During migration, handle empty autoinstallation path (bsc#1230285) * During migration, handle symlinks (bsc#1230288) * During migration, trust the remote sender's file list (bsc#1228424) * Use SCC flags during podman pull * Restore SELinux permission after migration (bsc#1229501) * Share volumes between containers (bsc#1223142) * Save supportconfig in current directory (bsc#1226759) * Fix error code handling on reinstallation (bsc#1230139) * Fix creating first user and organization * Add missing variable quotes for install vars (bsc#1229108) * Add API login and logout calls to allow persistent login Changes that only impact SUSE Manager 4.3: mgr-daemon: * Version 4.3.11-0 * Update translation strings spacewalk-client-tools: * Version 4.3.21-0 * Update translation strings ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 12 zypper in -t patch SUSE-SLE-Manager-Tools-12-2024-4010=1 ## Package List: * SUSE Manager Client Tools for SLE 12 (aarch64 ppc64le s390x x86_64) * golang-github-lusitaniae-apache_exporter-1.0.8-1.24.3 * mgrctl-0.1.23-1.13.2 * golang-github-prometheus-promu-0.16.0-1.21.3 * mgrctl-debuginfo-0.1.23-1.13.2 * python2-uyuni-common-libs-5.0.5-1.45.2 * SUSE Manager Client Tools for SLE 12 (noarch) * python2-spacewalk-client-setup-4.3.21-52.104.2 * spacecmd-5.0.10-38.150.2 * mgrctl-zsh-completion-0.1.23-1.13.2 * spacewalk-client-tools-4.3.21-52.104.2 * python2-spacewalk-check-4.3.21-52.104.2 * spacewalk-client-setup-4.3.21-52.104.2 * mgr-daemon-4.3.11-1.53.2 * mgrctl-bash-completion-0.1.23-1.13.2 * spacewalk-check-4.3.21-52.104.2 * python2-spacewalk-client-tools-4.3.21-52.104.2 ## References: * https://www.suse.com/security/cve/CVE-2023-3978.html * https://bugzilla.suse.com/show_bug.cgi?id=1213933 * https://bugzilla.suse.com/show_bug.cgi?id=1223142 * https://bugzilla.suse.com/show_bug.cgi?id=1226759 * https://bugzilla.suse.com/show_bug.cgi?id=1227341 * https://bugzilla.suse.com/show_bug.cgi?id=1227578 * https://bugzilla.suse.com/show_bug.cgi?id=1227606 * https://bugzilla.suse.com/show_bug.cgi?id=1228424 * https://bugzilla.suse.com/show_bug.cgi?id=1228685 * https://bugzilla.suse.com/show_bug.cgi?id=1229108 * https://bugzilla.suse.com/show_bug.cgi?id=1229260 * https://bugzilla.suse.com/show_bug.cgi?id=1229432 * https://bugzilla.suse.com/show_bug.cgi?id=1229437 * https://bugzilla.suse.com/show_bug.cgi?id=1229501 * https://bugzilla.suse.com/show_bug.cgi?id=1230136 * https://bugzilla.suse.com/show_bug.cgi?id=1230139 * https://bugzilla.suse.com/show_bug.cgi?id=1230285 * https://bugzilla.suse.com/show_bug.cgi?id=1230288 * https://bugzilla.suse.com/show_bug.cgi?id=1230623 * https://bugzilla.suse.com/show_bug.cgi?id=1230745 * https://bugzilla.suse.com/show_bug.cgi?id=1231157 * https://bugzilla.suse.com/show_bug.cgi?id=1231206 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:34:58 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:34:58 -0000 Subject: SUSE-SU-2024:4009-1: critical: Maintenance update for SUSE Manager 5.0: Server, Proxy and Retail Branch Server Message-ID: <173194769891.4943.7881100757925144170@smelt2.prg2.suse.org> # Maintenance update for SUSE Manager 5.0: Server, Proxy and Retail Branch Server Announcement ID: SUSE-SU-2024:4009-1 Release Date: 2024-11-18T13:21:54Z Rating: critical References: * bsc#1228945 * bsc#1229077 * bsc#1229923 * bsc#1230255 * bsc#1230536 * bsc#1231332 * bsc#1231568 * bsc#1231852 * bsc#1231900 * bsc#1231922 * jsc#MSQA-863 Cross-References: * CVE-2024-47533 * CVE-2024-49502 * CVE-2024-49503 CVSS scores: * CVE-2024-47533 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49502 ( SUSE ): 4.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-49502 ( SUSE ): 3.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N * CVE-2024-49503 ( SUSE ): 4.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-49503 ( SUSE ): 3.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N Affected Products: * SUSE Linux Enterprise Micro 5.5 * SUSE Manager Proxy 5.0 Extension 5.0 * SUSE Manager Retail Branch Server 5.0 Extension 5.0 * SUSE Manager Server 5.0 Extension 5.0 An update that solves three vulnerabilities, contains one feature and has seven security fixes can now be installed. ## Recommended update for SUSE Manager Proxy 5.0 ### Description: This update fixes the following issues: proxy-httpd-image: * Version 5.0.8 * Store Proxy FQDN in rhn.conf for auth token use (bsc#1230255) proxy-salt-broker-image: * Version 5.0.8 * Update for next release proxy-squid-image: * Version 5.0.8 * Update for next release proxy-ssh-image: * Version 5.0.8 * Update for next release proxy-tftpd-image: * Version 5.0.8 * Update for next release ## Recommended update for SUSE Manager Retail Branch Server 5.0 ### Description: This update fixes the following issues: proxy-httpd-image: * Version 5.0.8 * Store Proxy FQDN in rhn.conf for auth token use (bsc#1230255) proxy-salt-broker-image: * Version 5.0.8 * Update for next release proxy-squid-image: * Version 5.0.8 * Update for next release proxy-ssh-image: * Version 5.0.8 * Update for next release proxy-tftpd-image: * Version 5.0.8 * Update for next release ## Security update for SUSE Manager Server 5.0 ### Description: This update fixes the following issues: server-attestation-image: * Version 5.0.6 * Update for next release server-hub-xmlrpc-api-image: * Version 5.0.8 * Update for next release server-image: * Version 5.0.9 * Add HANA and cluster formulas to Server image (bsc#1230536) * Use /etc/krb5.conf.d for all kerberos related configurations (bsc#1229077) * Do not install outdated package "spacewalk-utils-extras" on Server image (bsc#1228945) * Fix package name search when syncing volumes data (bsc#1229923) server-migration-14-16-image: * Version 5.0.9 * Update for next release susemanager-sync-data: * Version 5.0.8-0 * Add SUSE Linux Enterprise 15 SP5 LTSS channel families * Add MicroOS PPC channel family * Set Ubuntu 22.04 to released * Version 5.0.7-0 * Add Ubuntu 24.04 support * Add channel family for SLES 12 SP5 LTSS Extended Security ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 5.0 Extension 5.0 zypper in -t patch SUSE-SUSE-Manager-Proxy-5.0-2024-4009=1 * SUSE Manager Retail Branch Server 5.0 Extension 5.0 zypper in -t patch SUSE-SUSE-Manager-Retail-Branch-Server-5.0-2024-4009=1 * SUSE Manager Server 5.0 Extension 5.0 zypper in -t patch SUSE-SUSE-Manager-Server-5.0-2024-4009=1 ## Package List: * SUSE Manager Proxy 5.0 Extension 5.0 (aarch64) * suse-manager-5.0-aarch64-proxy-ssh-image-5.0.2-7.6.9 * suse-manager-5.0-aarch64-proxy-squid-image-5.0.2-7.6.11 * suse-manager-5.0-aarch64-proxy-httpd-image-5.0.2-7.6.29 * suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.2-7.6.9 * suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.2-7.6.30 * SUSE Manager Proxy 5.0 Extension 5.0 (ppc64le) * suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.2-7.6.30 * suse-manager-5.0-ppc64le-proxy-squid-image-5.0.2-7.6.11 * suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.2-7.6.9 * suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.2-7.6.29 * suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.2-7.6.9 * SUSE Manager Proxy 5.0 Extension 5.0 (s390x) * suse-manager-5.0-s390x-proxy-ssh-image-5.0.2-7.6.9 * suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.2-7.6.30 * suse-manager-5.0-s390x-proxy-httpd-image-5.0.2-7.6.29 * suse-manager-5.0-s390x-proxy-squid-image-5.0.2-7.6.11 * suse-manager-5.0-s390x-proxy-tftpd-image-5.0.2-7.6.9 * SUSE Manager Proxy 5.0 Extension 5.0 (x86_64) * suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.2-7.6.9 * suse-manager-5.0-x86_64-proxy-ssh-image-5.0.2-7.6.9 * suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.2-7.6.30 * suse-manager-5.0-x86_64-proxy-squid-image-5.0.2-7.6.11 * suse-manager-5.0-x86_64-proxy-httpd-image-5.0.2-7.6.29 * SUSE Manager Retail Branch Server 5.0 Extension 5.0 (aarch64) * suse-manager-5.0-aarch64-proxy-ssh-image-5.0.2-7.6.9 * suse-manager-5.0-aarch64-proxy-squid-image-5.0.2-7.6.11 * suse-manager-5.0-aarch64-proxy-httpd-image-5.0.2-7.6.29 * suse-manager-5.0-aarch64-proxy-tftpd-image-5.0.2-7.6.9 * suse-manager-5.0-aarch64-proxy-salt-broker-image-5.0.2-7.6.30 * SUSE Manager Retail Branch Server 5.0 Extension 5.0 (ppc64le) * suse-manager-5.0-ppc64le-proxy-salt-broker-image-5.0.2-7.6.30 * suse-manager-5.0-ppc64le-proxy-squid-image-5.0.2-7.6.11 * suse-manager-5.0-ppc64le-proxy-ssh-image-5.0.2-7.6.9 * suse-manager-5.0-ppc64le-proxy-httpd-image-5.0.2-7.6.29 * suse-manager-5.0-ppc64le-proxy-tftpd-image-5.0.2-7.6.9 * SUSE Manager Retail Branch Server 5.0 Extension 5.0 (s390x) * suse-manager-5.0-s390x-proxy-ssh-image-5.0.2-7.6.9 * suse-manager-5.0-s390x-proxy-salt-broker-image-5.0.2-7.6.30 * suse-manager-5.0-s390x-proxy-httpd-image-5.0.2-7.6.29 * suse-manager-5.0-s390x-proxy-squid-image-5.0.2-7.6.11 * suse-manager-5.0-s390x-proxy-tftpd-image-5.0.2-7.6.9 * SUSE Manager Retail Branch Server 5.0 Extension 5.0 (x86_64) * suse-manager-5.0-x86_64-proxy-tftpd-image-5.0.2-7.6.9 * suse-manager-5.0-x86_64-proxy-ssh-image-5.0.2-7.6.9 * suse-manager-5.0-x86_64-proxy-salt-broker-image-5.0.2-7.6.30 * suse-manager-5.0-x86_64-proxy-squid-image-5.0.2-7.6.11 * suse-manager-5.0-x86_64-proxy-httpd-image-5.0.2-7.6.29 * SUSE Manager Server 5.0 Extension 5.0 (aarch64) * suse-manager-5.0-aarch64-server-image-5.0.2-7.6.32 * suse-manager-5.0-aarch64-server-migration-14-16-image-5.0.2-7.6.25 * suse-manager-5.0-aarch64-server-attestation-image-5.0.2-6.6.9 * suse-manager-5.0-aarch64-server-hub-xmlrpc-api-image-5.0.2-6.6.12 * SUSE Manager Server 5.0 Extension 5.0 (ppc64le) * suse-manager-5.0-ppc64le-server-image-5.0.2-7.6.32 * suse-manager-5.0-ppc64le-server-attestation-image-5.0.2-6.6.9 * suse-manager-5.0-ppc64le-server-hub-xmlrpc-api-image-5.0.2-6.6.12 * suse-manager-5.0-ppc64le-server-migration-14-16-image-5.0.2-7.6.25 * SUSE Manager Server 5.0 Extension 5.0 (s390x) * suse-manager-5.0-s390x-server-migration-14-16-image-5.0.2-7.6.25 * suse-manager-5.0-s390x-server-attestation-image-5.0.2-6.6.9 * suse-manager-5.0-s390x-server-hub-xmlrpc-api-image-5.0.2-6.6.12 * suse-manager-5.0-s390x-server-image-5.0.2-7.6.32 * SUSE Manager Server 5.0 Extension 5.0 (x86_64) * suse-manager-5.0-x86_64-server-image-5.0.2-7.6.32 * suse-manager-5.0-x86_64-server-hub-xmlrpc-api-image-5.0.2-6.6.12 * suse-manager-5.0-x86_64-server-attestation-image-5.0.2-6.6.9 * suse-manager-5.0-x86_64-server-migration-14-16-image-5.0.2-7.6.25 ## References: * https://www.suse.com/security/cve/CVE-2024-47533.html * https://www.suse.com/security/cve/CVE-2024-49502.html * https://www.suse.com/security/cve/CVE-2024-49503.html * https://bugzilla.suse.com/show_bug.cgi?id=1228945 * https://bugzilla.suse.com/show_bug.cgi?id=1229077 * https://bugzilla.suse.com/show_bug.cgi?id=1229923 * https://bugzilla.suse.com/show_bug.cgi?id=1230255 * https://bugzilla.suse.com/show_bug.cgi?id=1230536 * https://bugzilla.suse.com/show_bug.cgi?id=1231332 * https://bugzilla.suse.com/show_bug.cgi?id=1231568 * https://bugzilla.suse.com/show_bug.cgi?id=1231852 * https://bugzilla.suse.com/show_bug.cgi?id=1231900 * https://bugzilla.suse.com/show_bug.cgi?id=1231922 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:35:12 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:35:12 -0000 Subject: SUSE-RU-2024:4008-1: moderate: Maintenance update for SUSE Manager 5.0: Server, Proxy and Retail Branch Server Message-ID: <173194771264.4943.8374665313810478796@smelt2.prg2.suse.org> # Maintenance update for SUSE Manager 5.0: Server, Proxy and Retail Branch Server Announcement ID: SUSE-RU-2024:4008-1 Release Date: 2024-11-18T13:20:34Z Rating: moderate References: * bsc#1223142 * bsc#1226759 * bsc#1228424 * bsc#1228685 * bsc#1229108 * bsc#1229432 * bsc#1229501 * bsc#1230136 * bsc#1230139 * bsc#1230285 * bsc#1230288 * bsc#1231157 * bsc#1231206 * bsc#1231497 * bsc#1231568 * bsc#1232575 * bsc#1232769 * jsc#MSQA-863 Cross-References: * CVE-2024-22037 CVSS scores: * CVE-2024-22037 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L * CVE-2024-22037 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * SUSE Linux Enterprise Micro 5.5 * SUSE Manager Proxy 5.0 Extension 5.0 * SUSE Manager Retail Branch Server 5.0 Extension 5.0 * SUSE Manager Server 5.0 Extension 5.0 An update that solves one vulnerability, contains one feature and has 16 recommended fixes can now be installed. ## Security update for SUSE Manager Proxy 5.0 ### Description: This update fixes the following issues: uyuni-storage-setup: * Version 5.0.3-0 * Do not create partition on extra storage disk * Version 5.0.2-0 * Do not build debuginfo package uyuni-tools: * Security issues fixed: * Version 0.1.24-0 * CVE-2024-22037: Use podman secret to store the database credentials (bsc#1231497) * Bugs fixed: * Version 0.1.26-0 * Ignore all zypper caches during migration (bsc#1232769) * Version 0.1.25-0 * Don't migrate enabled systemd services, recreate them (bsc#1232575) * Version 0.1.24-0 * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568) * Version 0.1.23-0 * Ensure namespace is defined in all kubernetes commands * Use SCC credentials to authenticate against registry.suse.com for kubernetes (bsc#1231157) * Fix namespace usage on mgrctl cp command * Version 0.1.22-0 * Set projectId also for test packages/images * mgradm migration should not pull Confidential Computing and Hub image is replicas == 0 (bsc#1229432, bsc#1230136) * Do not allow SUSE Manager downgrade * Prevent completion issue when /var/log/uyuni-tools.log is missing * Fix proxy shared volume flag * During migration, exclude mgr-sync configuration file (bsc#1228685) * Migrate from PostgreSQL 14 to PostgreSQL 16 pg_hba.conf and postgresql.conf files (bsc#1231206) * During migration, handle empty autoinstallation path (bsc#1230285) * During migration, handle symlinks (bsc#1230288) * During migration, trust the remote sender's file list (bsc#1228424) * Use SCC flags during podman pull * Restore SELinux permission after migration (bsc#1229501) * Share volumes between containers (bsc#1223142) * Save supportconfig in current directory (bsc#1226759) * Fix error code handling on reinstallation (bsc#1230139) * Fix creating first user and organization * Add missing variable quotes for install vars (bsc#1229108) * Add API login and logout calls to allow persistent login How to apply this update: 1. Log in as root user to the SUSE Manager Proxy. 2. Upgrade mgrpxy. 3. If you are in a disconnected environment, upgrade the image packages. 4. Reboot the system. 5. Run `mgrpxy upgrade podman` which will use the default image tags. ## Security update for SUSE Manager Retail Branch Server 5.0 ### Description: This update fixes the following issues: uyuni-storage-setup: * Version 5.0.3-0 * Do not create partition on extra storage disk * Version 5.0.2-0 * Do not build debuginfo package uyuni-tools: * Security issues fixed: * Version 0.1.24-0 * CVE-2024-22037: Use podman secret to store the database credentials (bsc#1231497) * Bugs fixed: * Version 0.1.26-0 * Ignore all zypper caches during migration (bsc#1232769) * Version 0.1.25-0 * Don't migrate enabled systemd services, recreate them (bsc#1232575) * Version 0.1.24-0 * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568) * Version 0.1.23-0 * Ensure namespace is defined in all kubernetes commands * Use SCC credentials to authenticate against registry.suse.com for kubernetes (bsc#1231157) * Fix namespace usage on mgrctl cp command * Version 0.1.22-0 * Set projectId also for test packages/images * mgradm migration should not pull Confidential Computing and Hub image is replicas == 0 (bsc#1229432, bsc#1230136) * Do not allow SUSE Manager downgrade * Prevent completion issue when /var/log/uyuni-tools.log is missing * Fix proxy shared volume flag * During migration, exclude mgr-sync configuration file (bsc#1228685) * Migrate from PostgreSQL 14 to PostgreSQL 16 pg_hba.conf and postgresql.conf files (bsc#1231206) * During migration, handle empty autoinstallation path (bsc#1230285) * During migration, handle symlinks (bsc#1230288) * During migration, trust the remote sender's file list (bsc#1228424) * Use SCC flags during podman pull * Restore SELinux permission after migration (bsc#1229501) * Share volumes between containers (bsc#1223142) * Save supportconfig in current directory (bsc#1226759) * Fix error code handling on reinstallation (bsc#1230139) * Fix creating first user and organization * Add missing variable quotes for install vars (bsc#1229108) * Add API login and logout calls to allow persistent login How to apply this update: 1. Log in as root user to the SUSE Manager Retail Branch Server. 2. Upgrade mgrpxy. 3. If you are in a disconnected environment, upgrade the image packages. 4. Reboot the system. 5. Run `mgrpxy upgrade podman` which will use the default image tags. ## Security update for SUSE Manager Server 5.0 ### Description: This update fixes the following issues: uyuni-storage-setup: * Version 5.0.3-0 * Do not create partition on extra storage disk * Version 5.0.2-0 * Do not build debuginfo package uyuni-tools: * Security issues fixed: * Version 0.1.24-0 * CVE-2024-22037: Use podman secret to store the database credentials (bsc#1231497) * Bugs fixed: * Version 0.1.26-0 * Ignore all zypper caches during migration (bsc#1232769) * Version 0.1.25-0 * Don't migrate enabled systemd services, recreate them (bsc#1232575) * Version 0.1.24-0 * Redact JSESSIONID and pxt-session-cookie values from logs and console output (bsc#1231568) * Version 0.1.23-0 * Ensure namespace is defined in all kubernetes commands * Use SCC credentials to authenticate against registry.suse.com for kubernetes (bsc#1231157) * Fix namespace usage on mgrctl cp command * Version 0.1.22-0 * Set projectId also for test packages/images * mgradm migration should not pull Confidential Computing and Hub image is replicas == 0 (bsc#1229432, bsc#1230136) * Do not allow SUSE Manager downgrade * Prevent completion issue when /var/log/uyuni-tools.log is missing * Fix proxy shared volume flag * During migration, exclude mgr-sync configuration file (bsc#1228685) * Migrate from PostgreSQL 14 to PostgreSQL 16 pg_hba.conf and postgresql.conf files (bsc#1231206) * During migration, handle empty autoinstallation path (bsc#1230285) * During migration, handle symlinks (bsc#1230288) * During migration, trust the remote sender's file list (bsc#1228424) * Use SCC flags during podman pull * Restore SELinux permission after migration (bsc#1229501) * Share volumes between containers (bsc#1223142) * Save supportconfig in current directory (bsc#1226759) * Fix error code handling on reinstallation (bsc#1230139) * Fix creating first user and organization * Add missing variable quotes for install vars (bsc#1229108) * Add API login and logout calls to allow persistent login How to apply this update: 1. Log in as root user to the SUSE Manager Server. 2. Upgrade mgradm and mgrctl. 3. If you are in a disconnected environment, upgrade the image packages. 4. Reboot the system. 5. Run `mgradm upgrade podman` which will use the default image tags. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 5.0 Extension 5.0 zypper in -t patch SUSE-SUSE-Manager-Proxy-5.0-2024-4008=1 * SUSE Manager Retail Branch Server 5.0 Extension 5.0 zypper in -t patch SUSE-SUSE-Manager-Retail-Branch-Server-5.0-2024-4008=1 * SUSE Manager Server 5.0 Extension 5.0 zypper in -t patch SUSE-SUSE-Manager-Server-5.0-2024-4008=1 ## Package List: * SUSE Manager Proxy 5.0 Extension 5.0 (aarch64 ppc64le s390x x86_64) * mgrpxy-0.1.26-150500.3.12.2 * mgrpxy-debuginfo-0.1.26-150500.3.12.2 * uyuni-storage-setup-proxy-5.0.3-150500.12.6.4 * SUSE Manager Proxy 5.0 Extension 5.0 (noarch) * mgrpxy-lang-0.1.26-150500.3.12.2 * mgrpxy-bash-completion-0.1.26-150500.3.12.2 * mgrpxy-zsh-completion-0.1.26-150500.3.12.2 * SUSE Manager Retail Branch Server 5.0 Extension 5.0 (aarch64 ppc64le s390x x86_64) * mgrpxy-0.1.26-150500.3.12.2 * mgrpxy-debuginfo-0.1.26-150500.3.12.2 * uyuni-storage-setup-proxy-5.0.3-150500.12.6.4 * SUSE Manager Retail Branch Server 5.0 Extension 5.0 (noarch) * mgrpxy-lang-0.1.26-150500.3.12.2 * mgrpxy-bash-completion-0.1.26-150500.3.12.2 * mgrpxy-zsh-completion-0.1.26-150500.3.12.2 * SUSE Manager Server 5.0 Extension 5.0 (aarch64 ppc64le s390x x86_64) * mgradm-debuginfo-0.1.26-150500.3.12.2 * mgradm-0.1.26-150500.3.12.2 * uyuni-storage-setup-server-5.0.3-150500.12.6.4 * mgrctl-0.1.26-150500.3.12.2 * mgrctl-debuginfo-0.1.26-150500.3.12.2 * SUSE Manager Server 5.0 Extension 5.0 (noarch) * mgrctl-lang-0.1.26-150500.3.12.2 * mgrctl-bash-completion-0.1.26-150500.3.12.2 * mgradm-zsh-completion-0.1.26-150500.3.12.2 * mgradm-bash-completion-0.1.26-150500.3.12.2 * mgrctl-zsh-completion-0.1.26-150500.3.12.2 * mgradm-lang-0.1.26-150500.3.12.2 ## References: * https://www.suse.com/security/cve/CVE-2024-22037.html * https://bugzilla.suse.com/show_bug.cgi?id=1223142 * https://bugzilla.suse.com/show_bug.cgi?id=1226759 * https://bugzilla.suse.com/show_bug.cgi?id=1228424 * https://bugzilla.suse.com/show_bug.cgi?id=1228685 * https://bugzilla.suse.com/show_bug.cgi?id=1229108 * https://bugzilla.suse.com/show_bug.cgi?id=1229432 * https://bugzilla.suse.com/show_bug.cgi?id=1229501 * https://bugzilla.suse.com/show_bug.cgi?id=1230136 * https://bugzilla.suse.com/show_bug.cgi?id=1230139 * https://bugzilla.suse.com/show_bug.cgi?id=1230285 * https://bugzilla.suse.com/show_bug.cgi?id=1230288 * https://bugzilla.suse.com/show_bug.cgi?id=1231157 * https://bugzilla.suse.com/show_bug.cgi?id=1231206 * https://bugzilla.suse.com/show_bug.cgi?id=1231497 * https://bugzilla.suse.com/show_bug.cgi?id=1231568 * https://bugzilla.suse.com/show_bug.cgi?id=1232575 * https://bugzilla.suse.com/show_bug.cgi?id=1232769 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:35:58 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:35:58 -0000 Subject: SUSE-SU-2024:4007-1: critical: Maintenance update for SUSE Manager 4.3 Release Notes Message-ID: <173194775808.4943.4451029902220029205@smelt2.prg2.suse.org> # Maintenance update for SUSE Manager 4.3 Release Notes Announcement ID: SUSE-SU-2024:4007-1 Release Date: 2024-11-18T13:20:16Z Rating: critical References: * bsc#1146701 * bsc#1211899 * bsc#1212985 * bsc#1217003 * bsc#1217338 * bsc#1217978 * bsc#1218090 * bsc#1219450 * bsc#1219645 * bsc#1219887 * bsc#1221435 * bsc#1221505 * bsc#1223312 * bsc#1223988 * bsc#1224108 * bsc#1224209 * bsc#1225603 * bsc#1225619 * bsc#1225960 * bsc#1226090 * bsc#1226439 * bsc#1226461 * bsc#1226478 * bsc#1226687 * bsc#1226917 * bsc#1227133 * bsc#1227334 * bsc#1227406 * bsc#1227526 * bsc#1227543 * bsc#1227599 * bsc#1227606 * bsc#1227746 * bsc#1228036 * bsc#1228101 * bsc#1228130 * bsc#1228147 * bsc#1228286 * bsc#1228326 * bsc#1228345 * bsc#1228412 * bsc#1228545 * bsc#1228638 * bsc#1228851 * bsc#1228945 * bsc#1229079 * bsc#1229178 * bsc#1229260 * bsc#1229339 * bsc#1231332 * bsc#1231852 * bsc#1231900 * bsc#1231922 * jsc#MSQA-863 Cross-References: * CVE-2024-47533 * CVE-2024-49502 * CVE-2024-49503 CVSS scores: * CVE-2024-47533 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49502 ( SUSE ): 4.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-49502 ( SUSE ): 3.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N * CVE-2024-49503 ( SUSE ): 4.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-49503 ( SUSE ): 3.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves three vulnerabilities, contains one feature and has 50 security fixes can now be installed. ## Recommended update for SUSE Manager Proxy and Retail Branch Server 4.3 ### Description: This update fixes the following issues: release-notes-susemanager-proxy: * Update to SUSE Manager 4.3.14 * Bugs mentioned: bsc#1217003, bsc#1221505, bsc#1225619, bsc#1225960, bsc#1226917 bsc#1227606, bsc#1228036, bsc#1228345, bsc#1228851, bsc#1229079 bsc#1229260, bsc#1229339 ## Security update for SUSE Manager Server 4.3 ### Description: This update fixes the following issues: release-notes-susemanager: * Update to SUSE Manager 4.3.14 * Ubuntu 24.04 support as client * Product migration from RHEL and Clones to SUSE Liberty Linux * POS image templates now produce compressed images * Date format for API endpoints has been changed to ISO-8601 format * Security issues fixed: CVE-2024-47533, CVE-2024-49502, CVE-2024-49503 * Bugs mentioned: bsc#1146701, bsc#1211899, bsc#1212985, bsc#1217003, bsc#1217338 bsc#1217978, bsc#1218090, bsc#1219450, bsc#1219645, bsc#1219887 bsc#1221435, bsc#1221505, bsc#1223312, bsc#1223988, bsc#1224108 bsc#1224209, bsc#1225603, bsc#1225619, bsc#1225960, bsc#1226090 bsc#1226439, bsc#1226461, bsc#1226478, bsc#1226687, bsc#1226917 bsc#1227133, bsc#1227334, bsc#1227406, bsc#1227526, bsc#1227543 bsc#1227599, bsc#1227606, bsc#1227746, bsc#1228036, bsc#1228101 bsc#1228130, bsc#1228147, bsc#1228286, bsc#1228326, bsc#1228345 bsc#1228412, bsc#1228545, bsc#1228638, bsc#1228851, bsc#1228945 bsc#1229079, bsc#1229178, bsc#1229260, bsc#1229339, bsc#1231332 bsc#1231852, bsc#1231922, bsc#1231900 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4007=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4007=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4007=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4007=1 ## Package List: * openSUSE Leap 15.4 (noarch) * release-notes-susemanager-proxy-4.3.14-150400.3.90.1 * release-notes-susemanager-4.3.14-150400.3.122.1 * SUSE Manager Proxy 4.3 (noarch) * release-notes-susemanager-proxy-4.3.14-150400.3.90.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * release-notes-susemanager-proxy-4.3.14-150400.3.90.1 * SUSE Manager Server 4.3 (noarch) * release-notes-susemanager-4.3.14-150400.3.122.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47533.html * https://www.suse.com/security/cve/CVE-2024-49502.html * https://www.suse.com/security/cve/CVE-2024-49503.html * https://bugzilla.suse.com/show_bug.cgi?id=1146701 * https://bugzilla.suse.com/show_bug.cgi?id=1211899 * https://bugzilla.suse.com/show_bug.cgi?id=1212985 * https://bugzilla.suse.com/show_bug.cgi?id=1217003 * https://bugzilla.suse.com/show_bug.cgi?id=1217338 * https://bugzilla.suse.com/show_bug.cgi?id=1217978 * https://bugzilla.suse.com/show_bug.cgi?id=1218090 * https://bugzilla.suse.com/show_bug.cgi?id=1219450 * https://bugzilla.suse.com/show_bug.cgi?id=1219645 * https://bugzilla.suse.com/show_bug.cgi?id=1219887 * https://bugzilla.suse.com/show_bug.cgi?id=1221435 * https://bugzilla.suse.com/show_bug.cgi?id=1221505 * https://bugzilla.suse.com/show_bug.cgi?id=1223312 * https://bugzilla.suse.com/show_bug.cgi?id=1223988 * https://bugzilla.suse.com/show_bug.cgi?id=1224108 * https://bugzilla.suse.com/show_bug.cgi?id=1224209 * https://bugzilla.suse.com/show_bug.cgi?id=1225603 * https://bugzilla.suse.com/show_bug.cgi?id=1225619 * https://bugzilla.suse.com/show_bug.cgi?id=1225960 * https://bugzilla.suse.com/show_bug.cgi?id=1226090 * https://bugzilla.suse.com/show_bug.cgi?id=1226439 * https://bugzilla.suse.com/show_bug.cgi?id=1226461 * https://bugzilla.suse.com/show_bug.cgi?id=1226478 * https://bugzilla.suse.com/show_bug.cgi?id=1226687 * https://bugzilla.suse.com/show_bug.cgi?id=1226917 * https://bugzilla.suse.com/show_bug.cgi?id=1227133 * https://bugzilla.suse.com/show_bug.cgi?id=1227334 * https://bugzilla.suse.com/show_bug.cgi?id=1227406 * https://bugzilla.suse.com/show_bug.cgi?id=1227526 * https://bugzilla.suse.com/show_bug.cgi?id=1227543 * https://bugzilla.suse.com/show_bug.cgi?id=1227599 * https://bugzilla.suse.com/show_bug.cgi?id=1227606 * https://bugzilla.suse.com/show_bug.cgi?id=1227746 * https://bugzilla.suse.com/show_bug.cgi?id=1228036 * https://bugzilla.suse.com/show_bug.cgi?id=1228101 * https://bugzilla.suse.com/show_bug.cgi?id=1228130 * https://bugzilla.suse.com/show_bug.cgi?id=1228147 * https://bugzilla.suse.com/show_bug.cgi?id=1228286 * https://bugzilla.suse.com/show_bug.cgi?id=1228326 * https://bugzilla.suse.com/show_bug.cgi?id=1228345 * https://bugzilla.suse.com/show_bug.cgi?id=1228412 * https://bugzilla.suse.com/show_bug.cgi?id=1228545 * https://bugzilla.suse.com/show_bug.cgi?id=1228638 * https://bugzilla.suse.com/show_bug.cgi?id=1228851 * https://bugzilla.suse.com/show_bug.cgi?id=1228945 * https://bugzilla.suse.com/show_bug.cgi?id=1229079 * https://bugzilla.suse.com/show_bug.cgi?id=1229178 * https://bugzilla.suse.com/show_bug.cgi?id=1229260 * https://bugzilla.suse.com/show_bug.cgi?id=1229339 * https://bugzilla.suse.com/show_bug.cgi?id=1231332 * https://bugzilla.suse.com/show_bug.cgi?id=1231852 * https://bugzilla.suse.com/show_bug.cgi?id=1231900 * https://bugzilla.suse.com/show_bug.cgi?id=1231922 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 18 16:36:41 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 18 Nov 2024 16:36:41 -0000 Subject: SUSE-SU-2024:4006-1: critical: Maintenance update for SUSE Manager 4.3: Server, Proxy and Retail Branch Server Message-ID: <173194780151.4943.1404213259148448720@smelt2.prg2.suse.org> # Maintenance update for SUSE Manager 4.3: Server, Proxy and Retail Branch Server Announcement ID: SUSE-SU-2024:4006-1 Release Date: 2024-11-18T13:20:05Z Rating: critical References: * bsc#1146701 * bsc#1211899 * bsc#1212985 * bsc#1217003 * bsc#1217338 * bsc#1217978 * bsc#1218090 * bsc#1219450 * bsc#1219645 * bsc#1219887 * bsc#1221435 * bsc#1221505 * bsc#1223312 * bsc#1223988 * bsc#1224108 * bsc#1224209 * bsc#1225603 * bsc#1225619 * bsc#1225960 * bsc#1226090 * bsc#1226439 * bsc#1226461 * bsc#1226478 * bsc#1226687 * bsc#1226917 * bsc#1227133 * bsc#1227334 * bsc#1227406 * bsc#1227526 * bsc#1227543 * bsc#1227599 * bsc#1227606 * bsc#1227746 * bsc#1228036 * bsc#1228101 * bsc#1228130 * bsc#1228147 * bsc#1228286 * bsc#1228326 * bsc#1228345 * bsc#1228412 * bsc#1228545 * bsc#1228638 * bsc#1228851 * bsc#1228945 * bsc#1229079 * bsc#1229178 * bsc#1229260 * bsc#1229339 * bsc#1231332 * bsc#1231852 * bsc#1231900 * bsc#1231922 * jsc#MSQA-863 Cross-References: * CVE-2024-47533 * CVE-2024-49502 * CVE-2024-49503 CVSS scores: * CVE-2024-47533 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-49502 ( SUSE ): 4.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-49502 ( SUSE ): 3.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N * CVE-2024-49503 ( SUSE ): 4.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-49503 ( SUSE ): 3.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.0 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Client Tools for SLE 15 * SUSE Manager Client Tools for SLE Micro 5 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 Module 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that solves three vulnerabilities, contains one feature and has 50 security fixes can now be installed. ## Security update for SUSE Manager Proxy and Retail Branch Server 4.3 ### Description: This update fixes the following issues: mgr-daemon: * Version 4.3.11-0 * Update translation strings spacecmd: * Version 4.3.29-0 * Speed up softwarechannel_removepackages (bsc#1227606) spacewalk-backend: * Version 4.3.30-0 * Make ISSv1 timezone independent (bsc#1221505) * reposync: introduce timeout when syncing DEB channels (bsc#1225960) * yum_src: use proper name variable name for subprocess.TimeoutExpired * Check and populate PTF attributes at the time of importing packages (bsc#1225619) * reposync: import GPG keys to RPM DB individually (bsc#1217003) * Add log string to the journal when services are stopped because of insufficient disk space spacewalk-certs-tools: * Version 4.3.26-0 * Fix private key format in jabberd certificate file (bsc#1228851) * Fix parsing Authority Key Identifier when keyid is not prefixed (bsc#1229079) * Support multiple certificates for root-ca-file and server-cert-file spacewalk-client-tools: * Version 4.3.21-0 * Update translation strings spacewalk-proxy: * Version 4.3.19-0 * Allow execute of ssh-keygen command on the Proxy to clean up SSH known_hosts (bsc#1228345) spacewalk-web: * Security issues fixed: * Version 4.3.42-0 * CVE-2024-49503: Escape organization credentials username to mitigate XSS vulnerability (bsc#1231922) * Version 4.3.41-0 * CVE-2024-49502: Validate proxy hostname format and escape proxy username to mitigate XSS vulnerabilities (bsc#1231852) * Bugs fixed: * Version 4.3.40-0 * Fix channel selection using SSM (bsc#1226917) * Fix datetime selection when using maintenance windows (bsc#1228036) susemanager-build-keys: * Extended 2048 bit SUSE SLE 12, 15 GA-SP5 key until 2028. (bsc#1229339) uyuni-common-libs: * Version 4.3.11-0 * Enforce directory permissions at repo-sync when creating directories (bsc#1229260) * Make ISSv1 timezone independent (bsc#1221505) uyuni-proxy-systemd-services: * version 4.3.14-0 * Update to SUSE Manager 4.3.14 How to apply this update: 1. Log in as root user to the SUSE Manager Proxy or Retail Branch Server. 2. Stop the proxy service: `spacewalk-proxy stop` 3. Apply the patch using either zypper patch or YaST Online Update. 4. Start the Spacewalk service: `spacewalk-proxy start` ## Security update for SUSE Manager Server 4.3 ### Description: This update fixes the following issues: cobbler: * Security issues fixed: * CVE-2024-47533: Prevent privilege escalation from none to admin (bsc#1231332) * Other bugs fixed: * Increase start timeout for cobblerd unit (bsc#1219450) * Provide sync_single_system for DHCP modules to improve performance (bsc#1219450) * Add input_string_*, input_boolean, input_int functions to public API * Add new setting for Uyuni authentication endpoint (bsc#1219887) grafana-formula: * Version 0.11.0 * Add SLES 15 SP6 to supported versions (bsc#1228286) inter-server-sync: * Version 0.3.5-0 * Decode boolean values for export (bsc#1228545) saltboot-formula: * Update to version 0.1.1723628891.ffb1da5 * Rework request stop function to avoid unnecessary warnings (bsc#1212985) spacecmd: * Version 4.3.29-0 * Speed up softwarechannel_removepackages (bsc#1227606) spacewalk-backend: * Version 4.3.30-0 * Make ISSv1 timezone independent (bsc#1221505) * reposync: introduce timeout when syncing DEB channels (bsc#1225960) * yum_src: use proper name variable name for subprocess.TimeoutExpired * Check and populate PTF attributes at the time of importing packages (bsc#1225619) * reposync: import GPG keys to RPM DB individually (bsc#1217003) * Add log string to the journal when services are stopped because of insufficient disk space spacewalk-certs-tools: * Version 4.3.26-0 * Fix private key format in jabberd certificate file (bsc#1228851) * Fix parsing Authority Key Identifier when keyid is not prefixed (bsc#1229079) * Support multiple certificates for root-ca-file and server-cert-file spacewalk-client-tools: * Version 4.3.21-0 * Update translation strings spacewalk-config: * Version 4.3.14-0 * Trust the Content-Length header from AJP (bsc#1226439) spacewalk-java: * Version 4.3.82-0 * Limit frontend-log message size (bsc#1231900) * Version 4.3.81-0 * Add detection of Ubuntu 24.04 * Version 4.3.80-0 * Use custom select instead of errata view for better performance (bsc#1225619) * Version 4.3.79-0 * Add info URL for cobbler to clean the system profile (bsc#1219645) * Require correct scap packages for Ubuntu * Require correct scap packages for Debian 12 (bsc#1227746) * Fix finding system_checkin_threshold configuration value on Sytems Overview page (bsc#1224108) * Allow changing base channel to SUSE Liberty Linux LTSS when the system is on Liberty (bsc#1228326) * Implement product migration from RHEL and Clones to SUSE Liberty Linux * Remove system also from proxy SSH known_hosts (bsc#1228345) * Fix NullPointerException when generating subscription matcher input (bsc#1228638) * Allow free products and SUSE Manager Proxy being managed by SUSE Manager Server PAYG * Open bootstrap script directory URL in a new page (bsc#1225603) * Delay package list refresh when Salt was updated (bsc#1217978) * Add SLE Micro 5 to the list of systems which support monitoring (bsc#1227334) * Add all SLE Micro systems to the list of systems which get PTF repositories * Update last sync refresh timestamp only when at least one time products were synced before * Prevent NullPointerException when listing history events without completion time (bsc#1146701) * Autoinstallation: prevent issues with duplicate IP address due to some networks (bsc#1226461) * Improve SQL queries and performance to check for PTF packages (bsc#1225619) * Check the correct Salt package before product migration (bsc#1224209) * Fix the date format output when using the HTTP API to use ISO 8601 format (bsc#1227543) * Fix transactional update check for SL Micro (bsc#1227406) * Improve score comparison in system search to fix ISE (bsc#1228412) * Fix package profile update on CentOS 7 when yum-utils is not installed (bsc#1227133) spacewalk-utils: * Version 4.3.22-0 * Add repositories for Ubuntu 24.04 LTS * Version 4.3.21-0 * Drop unsupported tool spacewalk-final-archive as it is broken and may disclose sensitive information (bsc#1228945) spacewalk-web: * Security issues fixed: * Version 4.3.42-0 * CVE-2024-49503: Escape organization credentials username to mitigate XSS vulnerability (bsc#1231922) * Version 4.3.41-0 * CVE-2024-49502: Validate proxy hostname format and escape proxy username to mitigate XSS vulnerabilities (bsc#1231852) * Bugs fixed: * Version 4.3.40-0 * Fix channel selection using SSM (bsc#1226917) * Fix datetime selection when using maintenance windows (bsc#1228036) susemanager: * Version 4.3.39-0 * Enable bootstrapping for Ubuntu 24.04 LTS * Version 4.3.38-0 * Add missing package python3-ply to bootstrap repo definition (bsc#1228130) * Create special bootstrap data for SUSE Manager Server 4.3 with LTSS updates for Hub scenario (bsc#1211899) * Add LTSS updates to SUSE Manager Proxy 4.3 bootstrap data * Add traditional stack to boostrap repo on sles15sp6 (bsc#1228147) * Change package to libdbus-glib-1-2 on sle15sp6 (bsc#1228147) susemanager-build-keys: * Extended 2048 bit SUSE SLE 12, 15 GA-SP5 key until 2028. (bsc#1229339) susemanager-docs_en: * Documented Ubuntu 24.04 LTS as a supported client OS in Client * SUSE Manager 4.3.14 documentation update * In network ports section, deleted partially outdated image, added port 443 for clients, and removed Cobbler only used internally (bsc#1217338) * Added installer-updates.suse.com to the list of URLs in Installation and Upgrade Guide (bsc#1229178) * Enhanced instructions about the permissions for the IAM role in Public Cloud Guide * Fixed OS minor number in Client Configuration Guide (bsc#1218090) * Added warning about Package Hub (bsc#1221435) * Removed Verify Packages section from Package Management chapter in Client Configuration Guide * Added note about usernames in PAM section in Administration Guide (bsc#1227599) * Updated Content Lifecycle Management (CLM) examples for Red Hat Enterprise Linux 9 (bsc#1226687) * Added VM based proxy installation in Installation and Upgrade Guide * Fixed PostgreSQL name entity * Improved Large Deployments Guide with better tuning values and extra parameters added * Updated lists of SUSE Linux Enterprise hardening profiles in openSCAP chapter in the Administration Guide susemanager-schema: * Version 4.3.27-0 * Introduce new attributes to detect PTF packages (bsc#1225619) susemanager-sls: * Version 4.3.45-0 * Start using DEB822 format for repository sources beginning with Ubuntu 24.04 * Version 4.3.44-0 * Speed-up mgrutil.remove_ssh_known_host runner (bsc#1223312) * Implement product migration from RHEL and clones to SUSE Liberty Linux * Disable transactional-update.timer on SLEM at bootstrap * Explicitly remove old venv-minion environment when updating Python versions * sumautil: properly detect bridge interfaces (bsc#1226461) * Fix typo on directories to clean up when deleting a system (bsc#1228101) * Translate GPG URL if it has server name and client behind proxy (bsc#1223988) * Fix yum-utils package missing on CentOS7 minions (bsc#1227133) * Implement IMDSv2 for AWS instance detection (bsc#1226090) * Fix package profile update on CentOS 7 when yum-utils is not installed (bsc#1227133) * Fix parsing passwords with special characters for PostgreSQL exporter susemanager-sync-data: * Version 4.3.21-0 * Add SLES15-SP5-LTSS channel families * Add MicroOS PPC channel family * Version 4.3.20-0 * Add Ubuntu 24.04 support * Version 4.3.19-0 * Fix CentOS 7 repo urls (bsc#1227526) * Add channel family for SLES 12 SP5 LTSS Extended Security * Implement product migration from RHEL and clones to SUSE Liberty Linux uyuni-common-libs: * Version 4.3.11-0 * Enforce directory permissions at repo-sync when creating directories (bsc#1229260) * Make ISSv1 timezone independent (bsc#1221505) uyuni-reportdb-schema: * Version 4.3.11-0 * Change Errata CVE column to type text as a varchar reaches the maximum (bsc#1226478) How to apply this update: 1. Log in as root user to the SUSE Manager Server. 2. Stop the Spacewalk service: `spacewalk-service stop` 3. Apply the patch using either zypper patch or YaST Online Update. 4. Start the Spacewalk service: `spacewalk-service start` ## Recommended update for SUSE Manager Client Tools ### Description: This update fixes the following issues: uyuni-proxy-systemd-services: * version 4.3.14-0 * Update to SUSE Manager 4.3.14 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE Micro 5 zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2024-4006=1 * SUSE Manager Proxy 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2024-4006=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-4006=1 * SUSE Manager Client Tools for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-2024-4006=1 ## Package List: * SUSE Manager Client Tools for SLE Micro 5 (noarch) * uyuni-proxy-systemd-services-4.3.14-150000.1.27.4 * SUSE Manager Proxy 4.3 Module 4.3 (noarch) * spacewalk-proxy-redirect-4.3.19-150400.3.29.9 * python3-spacewalk-certs-tools-4.3.26-150400.3.36.7 * spacewalk-proxy-package-manager-4.3.19-150400.3.29.9 * spacewalk-client-tools-4.3.21-150400.3.33.11 * uyuni-proxy-systemd-services-4.3.14-150000.1.27.4 * mgr-daemon-4.3.11-150400.3.21.6 * spacewalk-base-minimal-4.3.42-150400.3.52.1 * spacewalk-backend-4.3.30-150400.3.47.16 * spacecmd-4.3.29-150400.3.42.8 * spacewalk-proxy-salt-4.3.19-150400.3.29.9 * python3-spacewalk-client-setup-4.3.21-150400.3.33.11 * python3-spacewalk-client-tools-4.3.21-150400.3.33.11 * spacewalk-certs-tools-4.3.26-150400.3.36.7 * spacewalk-client-setup-4.3.21-150400.3.33.11 * spacewalk-proxy-common-4.3.19-150400.3.29.9 * susemanager-build-keys-15.4.10-150400.3.29.4 * spacewalk-proxy-broker-4.3.19-150400.3.29.9 * susemanager-build-keys-web-15.4.10-150400.3.29.4 * python3-spacewalk-check-4.3.21-150400.3.33.11 * spacewalk-proxy-management-4.3.19-150400.3.29.9 * spacewalk-check-4.3.21-150400.3.33.11 * spacewalk-base-minimal-config-4.3.42-150400.3.52.1 * SUSE Manager Proxy 4.3 Module 4.3 (x86_64) * python3-uyuni-common-libs-4.3.11-150400.3.21.6 * SUSE Manager Server 4.3 Module 4.3 (noarch) * spacewalk-backend-sql-postgresql-4.3.30-150400.3.47.16 * spacewalk-taskomatic-4.3.82-150400.3.96.1 * spacewalk-backend-sql-4.3.30-150400.3.47.16 * spacewalk-java-4.3.82-150400.3.96.1 * susemanager-schema-utility-4.3.27-150400.3.45.11 * spacewalk-backend-config-files-common-4.3.30-150400.3.47.16 * susemanager-schema-4.3.27-150400.3.45.11 * python3-spacewalk-certs-tools-4.3.26-150400.3.36.7 * spacewalk-backend-applet-4.3.30-150400.3.47.16 * spacewalk-java-postgresql-4.3.82-150400.3.96.1 * spacewalk-backend-server-4.3.30-150400.3.47.16 * spacewalk-client-tools-4.3.21-150400.3.33.11 * susemanager-docs_en-pdf-4.3.14-150400.9.66.2 * susemanager-docs_en-4.3.14-150400.9.66.2 * spacewalk-backend-xmlrpc-4.3.30-150400.3.47.16 * spacewalk-backend-package-push-server-4.3.30-150400.3.47.16 * spacewalk-base-minimal-4.3.42-150400.3.52.1 * spacewalk-backend-config-files-4.3.30-150400.3.47.16 * spacewalk-backend-4.3.30-150400.3.47.16 * spacecmd-4.3.29-150400.3.42.8 * spacewalk-base-4.3.42-150400.3.52.1 * python3-spacewalk-client-tools-4.3.21-150400.3.33.11 * spacewalk-backend-config-files-tool-4.3.30-150400.3.47.16 * spacewalk-certs-tools-4.3.26-150400.3.36.7 * spacewalk-backend-iss-export-4.3.30-150400.3.47.16 * spacewalk-html-4.3.42-150400.3.52.1 * susemanager-build-keys-15.4.10-150400.3.29.4 * saltboot-formula-0.1.1723628891.ffb1da5-150400.3.18.4 * spacewalk-utils-4.3.22-150400.3.29.2 * susemanager-build-keys-web-15.4.10-150400.3.29.4 * spacewalk-backend-xml-export-libs-4.3.30-150400.3.47.16 * spacewalk-java-config-4.3.82-150400.3.96.1 * susemanager-sls-4.3.45-150400.3.55.4 * spacewalk-java-lib-4.3.82-150400.3.96.1 * spacewalk-backend-app-4.3.30-150400.3.47.16 * uyuni-config-modules-4.3.45-150400.3.55.4 * spacewalk-backend-iss-4.3.30-150400.3.47.16 * spacewalk-utils-extras-4.3.22-150400.3.29.2 * cobbler-3.3.3-150400.5.52.3 * spacewalk-backend-tools-4.3.30-150400.3.47.16 * susemanager-sync-data-4.3.21-150400.3.35.2 * uyuni-reportdb-schema-4.3.11-150400.3.18.12 * spacewalk-base-minimal-config-4.3.42-150400.3.52.1 * spacewalk-config-4.3.14-150400.3.18.6 * grafana-formula-0.11.0-150400.3.21.4 * SUSE Manager Server 4.3 Module 4.3 (ppc64le s390x x86_64) * susemanager-4.3.39-150400.3.58.5 * inter-server-sync-0.3.5-150400.3.36.13 * python3-uyuni-common-libs-4.3.11-150400.3.21.6 * susemanager-tools-4.3.39-150400.3.58.5 * inter-server-sync-debuginfo-0.3.5-150400.3.36.13 * SUSE Manager Client Tools for SLE 15 (noarch) * uyuni-proxy-systemd-services-4.3.14-150000.1.27.4 ## References: * https://www.suse.com/security/cve/CVE-2024-47533.html * https://www.suse.com/security/cve/CVE-2024-49502.html * https://www.suse.com/security/cve/CVE-2024-49503.html * https://bugzilla.suse.com/show_bug.cgi?id=1146701 * https://bugzilla.suse.com/show_bug.cgi?id=1211899 * https://bugzilla.suse.com/show_bug.cgi?id=1212985 * https://bugzilla.suse.com/show_bug.cgi?id=1217003 * https://bugzilla.suse.com/show_bug.cgi?id=1217338 * https://bugzilla.suse.com/show_bug.cgi?id=1217978 * https://bugzilla.suse.com/show_bug.cgi?id=1218090 * https://bugzilla.suse.com/show_bug.cgi?id=1219450 * https://bugzilla.suse.com/show_bug.cgi?id=1219645 * https://bugzilla.suse.com/show_bug.cgi?id=1219887 * https://bugzilla.suse.com/show_bug.cgi?id=1221435 * https://bugzilla.suse.com/show_bug.cgi?id=1221505 * https://bugzilla.suse.com/show_bug.cgi?id=1223312 * https://bugzilla.suse.com/show_bug.cgi?id=1223988 * https://bugzilla.suse.com/show_bug.cgi?id=1224108 * https://bugzilla.suse.com/show_bug.cgi?id=1224209 * https://bugzilla.suse.com/show_bug.cgi?id=1225603 * https://bugzilla.suse.com/show_bug.cgi?id=1225619 * https://bugzilla.suse.com/show_bug.cgi?id=1225960 * https://bugzilla.suse.com/show_bug.cgi?id=1226090 * https://bugzilla.suse.com/show_bug.cgi?id=1226439 * https://bugzilla.suse.com/show_bug.cgi?id=1226461 * https://bugzilla.suse.com/show_bug.cgi?id=1226478 * https://bugzilla.suse.com/show_bug.cgi?id=1226687 * https://bugzilla.suse.com/show_bug.cgi?id=1226917 * https://bugzilla.suse.com/show_bug.cgi?id=1227133 * https://bugzilla.suse.com/show_bug.cgi?id=1227334 * https://bugzilla.suse.com/show_bug.cgi?id=1227406 * https://bugzilla.suse.com/show_bug.cgi?id=1227526 * https://bugzilla.suse.com/show_bug.cgi?id=1227543 * https://bugzilla.suse.com/show_bug.cgi?id=1227599 * https://bugzilla.suse.com/show_bug.cgi?id=1227606 * https://bugzilla.suse.com/show_bug.cgi?id=1227746 * https://bugzilla.suse.com/show_bug.cgi?id=1228036 * https://bugzilla.suse.com/show_bug.cgi?id=1228101 * https://bugzilla.suse.com/show_bug.cgi?id=1228130 * https://bugzilla.suse.com/show_bug.cgi?id=1228147 * https://bugzilla.suse.com/show_bug.cgi?id=1228286 * https://bugzilla.suse.com/show_bug.cgi?id=1228326 * https://bugzilla.suse.com/show_bug.cgi?id=1228345 * https://bugzilla.suse.com/show_bug.cgi?id=1228412 * https://bugzilla.suse.com/show_bug.cgi?id=1228545 * https://bugzilla.suse.com/show_bug.cgi?id=1228638 * https://bugzilla.suse.com/show_bug.cgi?id=1228851 * https://bugzilla.suse.com/show_bug.cgi?id=1228945 * https://bugzilla.suse.com/show_bug.cgi?id=1229079 * https://bugzilla.suse.com/show_bug.cgi?id=1229178 * https://bugzilla.suse.com/show_bug.cgi?id=1229260 * https://bugzilla.suse.com/show_bug.cgi?id=1229339 * https://bugzilla.suse.com/show_bug.cgi?id=1231332 * https://bugzilla.suse.com/show_bug.cgi?id=1231852 * https://bugzilla.suse.com/show_bug.cgi?id=1231900 * https://bugzilla.suse.com/show_bug.cgi?id=1231922 * https://jira.suse.com/browse/MSQA-863 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Nov 19 12:30:41 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Tue, 19 Nov 2024 12:30:41 -0000 Subject: SUSE-SU-2024:4037-1: important: Security update for bea-stax, xstream Message-ID: <173201944122.4943.4100037185767699013@smelt2.prg2.suse.org> # Security update for bea-stax, xstream Announcement ID: SUSE-SU-2024:4037-1 Release Date: 2024-11-19T08:49:45Z Rating: important References: * bsc#1233085 Cross-References: * CVE-2024-47072 CVSS scores: * CVE-2024-47072 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-47072 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47072 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for bea-stax, xstream fixes the following issues: * CVE-2024-47072: Fixed possible remote denial-of-service via a stack overflow (bsc#1233085). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-4037=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-4037=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4037=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-4037=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4037=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4037=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4037=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4037=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-4037=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4037=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4037=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-4037=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4037=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4037=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4037=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4037=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-4037=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4037=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4037=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4037=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4037=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-4037=1 ## Package List: * Development Tools Module 15-SP6 (noarch) * xstream-1.4.21-150200.3.28.1 * SUSE Manager Server 4.3 Module 4.3 (noarch) * xstream-1.4.21-150200.3.28.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Manager Proxy 4.3 (noarch) * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Manager Server 4.3 (noarch) * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * SUSE Enterprise Storage 7.1 (noarch) * xstream-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * openSUSE Leap 15.5 (noarch) * bea-stax-1.2.0-150200.11.3.1 * xstream-javadoc-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * xstream-benchmark-1.4.21-150200.3.28.1 * xstream-parent-1.4.21-150200.3.28.1 * xstream-1.4.21-150200.3.28.1 * openSUSE Leap 15.6 (noarch) * bea-stax-1.2.0-150200.11.3.1 * xstream-javadoc-1.4.21-150200.3.28.1 * bea-stax-api-1.2.0-150200.11.3.1 * xstream-benchmark-1.4.21-150200.3.28.1 * xstream-parent-1.4.21-150200.3.28.1 * xstream-1.4.21-150200.3.28.1 * Basesystem Module 15-SP5 (noarch) * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * Basesystem Module 15-SP6 (noarch) * bea-stax-api-1.2.0-150200.11.3.1 * bea-stax-1.2.0-150200.11.3.1 * Development Tools Module 15-SP5 (noarch) * xstream-1.4.21-150200.3.28.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47072.html * https://bugzilla.suse.com/show_bug.cgi?id=1233085 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 20 12:30:02 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Wed, 20 Nov 2024 12:30:02 -0000 Subject: SUSE-RU-2024:4039-1: important: Maintenance update for SUSE Manager 5.0: Server, Proxy and Retail Branch Server Message-ID: <173210580254.4943.16694209096299004165@smelt2.prg2.suse.org> # Maintenance update for SUSE Manager 5.0: Server, Proxy and Retail Branch Server Announcement ID: SUSE-RU-2024:4039-1 Release Date: 2024-11-20T10:05:11Z Rating: important References: * jsc#MSQA-895 Affected Products: * SUSE Linux Enterprise Micro 5.5 * SUSE Manager Proxy 5.0 Extension 5.0 * SUSE Manager Retail Branch Server 5.0 Extension 5.0 * SUSE Manager Server 5.0 Extension 5.0 An update that contains one feature can now be installed. ## Recommended update for SUSE Manager Proxy 5.0 ### Description: This update fixes the following issues: uyuni-tools: * Version 0.1.27-0 * Bump the default image tag to 5.0.2 How to apply this update: 1. Log in as root user to the SUSE Manager Proxy. 2. Upgrade mgrpxy. 3. If you are in a disconnected environment, upgrade the image packages. 4. Reboot the system. 5. Run `mgrpxy upgrade podman` which will use the default image tags. ## Recommended update for SUSE Manager Retail Branch Server 5.0 ### Description: This update fixes the following issues: uyuni-tools: * Version 0.1.27-0 * Bump the default image tag to 5.0.2 How to apply this update: 1. Log in as root user to the SUSE Manager Retail Branch Server. 2. Upgrade mgrpxy. 3. If you are in a disconnected environment, upgrade the image packages. 4. Reboot the system. 5. Run `mgrpxy upgrade podman` which will use the default image tags. ## Recommended update for SUSE Manager Server 5.0 ### Description: This update fixes the following issues: uyuni-tools: * Version 0.1.27-0 * Bump the default image tag to 5.0.2 How to apply this update: 1. Log in as root user to the SUSE Manager Server. 2. Upgrade mgradm and mgrctl. 3. If you are in a disconnected environment, upgrade the image packages. 4. Reboot the system. 5. Run `mgradm upgrade podman` which will use the default image tags. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 5.0 Extension 5.0 zypper in -t patch SUSE-SUSE-Manager-Proxy-5.0-2024-4039=1 * SUSE Manager Retail Branch Server 5.0 Extension 5.0 zypper in -t patch SUSE-SUSE-Manager-Retail-Branch-Server-5.0-2024-4039=1 * SUSE Manager Server 5.0 Extension 5.0 zypper in -t patch SUSE-SUSE-Manager-Server-5.0-2024-4039=1 ## Package List: * SUSE Manager Proxy 5.0 Extension 5.0 (aarch64 ppc64le s390x x86_64) * mgrpxy-0.1.27-150500.3.15.2 * mgrpxy-debuginfo-0.1.27-150500.3.15.2 * SUSE Manager Proxy 5.0 Extension 5.0 (noarch) * mgrpxy-zsh-completion-0.1.27-150500.3.15.2 * mgrpxy-bash-completion-0.1.27-150500.3.15.2 * mgrpxy-lang-0.1.27-150500.3.15.2 * SUSE Manager Retail Branch Server 5.0 Extension 5.0 (aarch64 ppc64le s390x x86_64) * mgrpxy-0.1.27-150500.3.15.2 * mgrpxy-debuginfo-0.1.27-150500.3.15.2 * SUSE Manager Retail Branch Server 5.0 Extension 5.0 (noarch) * mgrpxy-zsh-completion-0.1.27-150500.3.15.2 * mgrpxy-bash-completion-0.1.27-150500.3.15.2 * mgrpxy-lang-0.1.27-150500.3.15.2 * SUSE Manager Server 5.0 Extension 5.0 (aarch64 ppc64le s390x x86_64) * mgrctl-debuginfo-0.1.27-150500.3.15.2 * mgradm-debuginfo-0.1.27-150500.3.15.2 * mgrctl-0.1.27-150500.3.15.2 * mgradm-0.1.27-150500.3.15.2 * SUSE Manager Server 5.0 Extension 5.0 (noarch) * mgradm-bash-completion-0.1.27-150500.3.15.2 * mgrctl-bash-completion-0.1.27-150500.3.15.2 * mgradm-lang-0.1.27-150500.3.15.2 * mgradm-zsh-completion-0.1.27-150500.3.15.2 * mgrctl-lang-0.1.27-150500.3.15.2 * mgrctl-zsh-completion-0.1.27-150500.3.15.2 ## References: * https://jira.suse.com/browse/MSQA-895 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Nov 25 08:30:03 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 25 Nov 2024 08:30:03 -0000 Subject: SUSE-RU-2024:4044-1: moderate: Recommended update for hwdata Message-ID: <173252340362.4790.1744652742566528777@smelt2.prg2.suse.org> # Recommended update for hwdata Announcement ID: SUSE-RU-2024:4044-1 Release Date: 2024-11-25T07:29:26Z Rating: moderate References: Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 * SUSE Linux Enterprise Desktop 15 SP1 * SUSE Linux Enterprise Desktop 15 SP2 * SUSE Linux Enterprise Desktop 15 SP3 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP1 * SUSE Linux Enterprise Real Time 15 SP2 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Client Tools for SLE 15 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 Module 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that can now be installed. ## Description: This update for hwdata fixes the following issue: * Version update to v0.389: * Update pci, usb and vendor ids ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-4044=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4044=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4044=1 * SUSE Manager Client Tools for SLE 15 zypper in -t patch SUSE-SLE-Manager-Tools-15-2024-4044=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4044=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4044=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4044=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4044=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-4044=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4044=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4044=1 * SUSE Manager Proxy 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2024-4044=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-4044=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4044=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-4044=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4044=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4044=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4044=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4044=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-4044=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4044=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4044=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-4044=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4044=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4044=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4044=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4044=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-4044=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-4044=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-4044=1 ## Package List: * openSUSE Leap Micro 5.5 (noarch) * hwdata-0.389-150000.3.71.2 * openSUSE Leap 15.5 (noarch) * hwdata-0.389-150000.3.71.2 * openSUSE Leap 15.6 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Manager Client Tools for SLE 15 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Linux Enterprise Micro 5.3 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Linux Enterprise Micro 5.4 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Linux Enterprise Micro 5.5 (noarch) * hwdata-0.389-150000.3.71.2 * Basesystem Module 15-SP5 (noarch) * hwdata-0.389-150000.3.71.2 * Basesystem Module 15-SP6 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Manager Proxy 4.3 Module 4.3 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Manager Server 4.3 Module 4.3 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Manager Proxy 4.3 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Manager Retail Branch Server 4.3 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Manager Server 4.3 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Enterprise Storage 7.1 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Linux Enterprise Micro 5.2 (noarch) * hwdata-0.389-150000.3.71.2 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * hwdata-0.389-150000.3.71.2 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Nov 26 08:30:02 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Tue, 26 Nov 2024 08:30:02 -0000 Subject: SUSE-RU-2024:4059-1: moderate: Recommended update for httpcomponents-asyncclient Message-ID: <173260980265.4943.6843037821439195670@smelt2.prg2.suse.org> # Recommended update for httpcomponents-asyncclient Announcement ID: SUSE-RU-2024:4059-1 Release Date: 2024-11-26T07:20:07Z Rating: moderate References: Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that can now be installed. ## Description: This update for httpcomponents-asyncclient fixes the following issues: * Fixed build issues with javapackages-tools ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4059=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4059=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4059=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-4059=1 ## Package List: * openSUSE Leap 15.4 (noarch) * httpcomponents-asyncclient-parent-4.1.4-150400.3.3.1 * httpcomponents-asyncclient-4.1.4-150400.3.3.1 * httpcomponents-asyncclient-cache-4.1.4-150400.3.3.1 * httpcomponents-asyncclient-javadoc-4.1.4-150400.3.3.1 * openSUSE Leap 15.5 (noarch) * httpcomponents-asyncclient-parent-4.1.4-150400.3.3.1 * httpcomponents-asyncclient-4.1.4-150400.3.3.1 * httpcomponents-asyncclient-cache-4.1.4-150400.3.3.1 * httpcomponents-asyncclient-javadoc-4.1.4-150400.3.3.1 * openSUSE Leap 15.6 (noarch) * httpcomponents-asyncclient-parent-4.1.4-150400.3.3.1 * httpcomponents-asyncclient-4.1.4-150400.3.3.1 * httpcomponents-asyncclient-cache-4.1.4-150400.3.3.1 * httpcomponents-asyncclient-javadoc-4.1.4-150400.3.3.1 * SUSE Manager Server 4.3 Module 4.3 (noarch) * httpcomponents-asyncclient-4.1.4-150400.3.3.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Nov 26 08:30:11 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Tue, 26 Nov 2024 08:30:11 -0000 Subject: SUSE-RU-2024:4055-1: moderate: Recommended update for Jackson Message-ID: <173260981123.4943.17478220432090370118@smelt2.prg2.suse.org> # Recommended update for Jackson Announcement ID: SUSE-RU-2024:4055-1 Release Date: 2024-11-26T05:26:43Z Rating: moderate References: Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that can now be installed. ## Description: This update for Jackson fixes the following issues: jackson-annotations was updated from version 2.16.1 to 2.17.3: * Allow `@JsonAnySetter` on `ElementType.PARAMETER` (for use on constructor parameters) * Build the module-info.java source too (with release=9) jackson-bom was updated from version 2.16.1 to 2.17.3: * Added `jackson-jr-extension-javatime` * Added managed dependency to JUnit5 * Removed unused JUnit5 dependency jackson-core, jackson-databind, jackson-dataformats-binary were updated from version 2.16.1 to 2.17.3: * Various minor bugs have been fixed jackson-modules-base was updated from version 2.16.1 to 2.17.3: * Version update with no changes jackson-parent was updated from version 2.16 to 2.17: * Update to oss-parent 58 (plugin version updates) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4055=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4055=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-4055=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-4055=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-4055=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4055=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-4055=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4055=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4055=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4055=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4055=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-4055=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4055=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4055=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-4055=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4055=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4055=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4055=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4055=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-4055=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4055=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4055=1 ## Package List: * Basesystem Module 15-SP5 (noarch) * jackson-databind-2.17.3-150200.3.23.1 * jackson-annotations-2.17.3-150200.3.19.1 * jackson-core-2.17.3-150200.3.19.1 * Basesystem Module 15-SP6 (noarch) * jackson-databind-2.17.3-150200.3.23.1 * jackson-annotations-2.17.3-150200.3.19.1 * jackson-core-2.17.3-150200.3.19.1 * Development Tools Module 15-SP5 (noarch) * jackson-dataformat-cbor-2.17.3-150200.3.18.1 * Development Tools Module 15-SP6 (noarch) * jackson-dataformat-cbor-2.17.3-150200.3.18.1 * SUSE Manager Server 4.3 Module 4.3 (noarch) * jackson-module-paranamer-2.17.3-150200.5.16.1 * jackson-modules-base-2.17.3-150200.5.16.1 * jackson-parent-2.17-150200.3.13.1 * jackson-module-guice-2.17.3-150200.5.16.1 * jackson-core-2.17.3-150200.3.19.1 * jackson-module-blackbird-2.17.3-150200.5.16.1 * jackson-module-no-ctor-deser-2.17.3-150200.5.16.1 * jackson-module-osgi-2.17.3-150200.5.16.1 * jackson-databind-2.17.3-150200.3.23.1 * jackson-annotations-2.17.3-150200.3.19.1 * jackson-module-jaxb-annotations-2.17.3-150200.5.16.1 * jackson-module-mrbean-2.17.3-150200.5.16.1 * jackson-module-afterburner-2.17.3-150200.5.16.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * jackson-databind-2.17.3-150200.3.23.1 * jackson-dataformat-cbor-2.17.3-150200.3.18.1 * jackson-annotations-2.17.3-150200.3.19.1 * jackson-core-2.17.3-150200.3.19.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * jackson-core-2.17.3-150200.3.19.1 * jackson-databind-2.17.3-150200.3.23.1 * jackson-annotations-2.17.3-150200.3.19.1 * jackson-databind-javadoc-2.17.3-150200.3.23.1 * jackson-core-javadoc-2.17.3-150200.3.19.1 * jackson-dataformat-cbor-2.17.3-150200.3.18.1 * jackson-annotations-javadoc-2.17.3-150200.3.19.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * jackson-databind-2.17.3-150200.3.23.1 * jackson-dataformat-cbor-2.17.3-150200.3.18.1 * jackson-annotations-2.17.3-150200.3.19.1 * jackson-core-2.17.3-150200.3.19.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * jackson-databind-2.17.3-150200.3.23.1 * jackson-dataformat-cbor-2.17.3-150200.3.18.1 * jackson-annotations-2.17.3-150200.3.19.1 * jackson-core-2.17.3-150200.3.19.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * jackson-databind-2.17.3-150200.3.23.1 * jackson-dataformat-cbor-2.17.3-150200.3.18.1 * jackson-annotations-2.17.3-150200.3.19.1 * jackson-core-2.17.3-150200.3.19.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * jackson-databind-2.17.3-150200.3.23.1 * jackson-dataformat-cbor-2.17.3-150200.3.18.1 * jackson-annotations-2.17.3-150200.3.19.1 * jackson-core-2.17.3-150200.3.19.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * jackson-core-2.17.3-150200.3.19.1 * jackson-databind-2.17.3-150200.3.23.1 * jackson-annotations-2.17.3-150200.3.19.1 * jackson-databind-javadoc-2.17.3-150200.3.23.1 * jackson-core-javadoc-2.17.3-150200.3.19.1 * jackson-dataformat-cbor-2.17.3-150200.3.18.1 * jackson-annotations-javadoc-2.17.3-150200.3.19.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * jackson-databind-2.17.3-150200.3.23.1 * jackson-dataformat-cbor-2.17.3-150200.3.18.1 * jackson-annotations-2.17.3-150200.3.19.1 * jackson-core-2.17.3-150200.3.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * jackson-databind-2.17.3-150200.3.23.1 * jackson-dataformat-cbor-2.17.3-150200.3.18.1 * jackson-annotations-2.17.3-150200.3.19.1 * jackson-core-2.17.3-150200.3.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * jackson-core-2.17.3-150200.3.19.1 * jackson-databind-2.17.3-150200.3.23.1 * jackson-annotations-2.17.3-150200.3.19.1 * jackson-databind-javadoc-2.17.3-150200.3.23.1 * jackson-core-javadoc-2.17.3-150200.3.19.1 * jackson-dataformat-cbor-2.17.3-150200.3.18.1 * jackson-annotations-javadoc-2.17.3-150200.3.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * jackson-databind-2.17.3-150200.3.23.1 * jackson-dataformat-cbor-2.17.3-150200.3.18.1 * jackson-annotations-2.17.3-150200.3.19.1 * jackson-core-2.17.3-150200.3.19.1 * SUSE Manager Proxy 4.3 (noarch) * jackson-databind-2.17.3-150200.3.23.1 * jackson-annotations-2.17.3-150200.3.19.1 * jackson-core-2.17.3-150200.3.19.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * jackson-databind-2.17.3-150200.3.23.1 * jackson-annotations-2.17.3-150200.3.19.1 * jackson-core-2.17.3-150200.3.19.1 * SUSE Manager Server 4.3 (noarch) * jackson-databind-2.17.3-150200.3.23.1 * jackson-annotations-2.17.3-150200.3.19.1 * jackson-core-2.17.3-150200.3.19.1 * SUSE Enterprise Storage 7.1 (noarch) * jackson-core-2.17.3-150200.3.19.1 * jackson-databind-2.17.3-150200.3.23.1 * jackson-annotations-2.17.3-150200.3.19.1 * jackson-databind-javadoc-2.17.3-150200.3.23.1 * jackson-core-javadoc-2.17.3-150200.3.19.1 * jackson-dataformat-cbor-2.17.3-150200.3.18.1 * jackson-annotations-javadoc-2.17.3-150200.3.19.1 * openSUSE Leap 15.5 (noarch) * jackson-module-paranamer-2.17.3-150200.5.16.1 * jackson-parent-2.17-150200.3.13.1 * jackson-module-no-ctor-deser-2.17.3-150200.5.16.1 * jackson-databind-javadoc-2.17.3-150200.3.23.1 * jackson-core-javadoc-2.17.3-150200.3.19.1 * jackson-module-mrbean-2.17.3-150200.5.16.1 * jackson-annotations-javadoc-2.17.3-150200.3.19.1 * jackson-dataformat-smile-2.17.3-150200.3.18.1 * jackson-modules-base-2.17.3-150200.5.16.1 * jackson-core-2.17.3-150200.3.19.1 * jackson-dataformats-binary-2.17.3-150200.3.18.1 * jackson-annotations-2.17.3-150200.3.19.1 * jackson-bom-2.17.3-150200.3.16.1 * jackson-module-jaxb-annotations-2.17.3-150200.5.16.1 * jackson-modules-base-javadoc-2.17.3-150200.5.16.1 * jackson-module-guice-2.17.3-150200.5.16.1 * jackson-dataformats-binary-javadoc-2.17.3-150200.3.18.1 * jackson-module-blackbird-2.17.3-150200.5.16.1 * jackson-module-osgi-2.17.3-150200.5.16.1 * jackson-databind-2.17.3-150200.3.23.1 * jackson-dataformat-cbor-2.17.3-150200.3.18.1 * jackson-module-afterburner-2.17.3-150200.5.16.1 * openSUSE Leap 15.6 (noarch) * jackson-module-paranamer-2.17.3-150200.5.16.1 * jackson-parent-2.17-150200.3.13.1 * jackson-module-no-ctor-deser-2.17.3-150200.5.16.1 * jackson-databind-javadoc-2.17.3-150200.3.23.1 * jackson-core-javadoc-2.17.3-150200.3.19.1 * jackson-module-mrbean-2.17.3-150200.5.16.1 * jackson-annotations-javadoc-2.17.3-150200.3.19.1 * jackson-dataformat-smile-2.17.3-150200.3.18.1 * jackson-modules-base-2.17.3-150200.5.16.1 * jackson-core-2.17.3-150200.3.19.1 * jackson-dataformats-binary-2.17.3-150200.3.18.1 * jackson-annotations-2.17.3-150200.3.19.1 * jackson-bom-2.17.3-150200.3.16.1 * jackson-module-jaxb-annotations-2.17.3-150200.5.16.1 * jackson-modules-base-javadoc-2.17.3-150200.5.16.1 * jackson-module-guice-2.17.3-150200.5.16.1 * jackson-dataformats-binary-javadoc-2.17.3-150200.3.18.1 * jackson-module-blackbird-2.17.3-150200.5.16.1 * jackson-module-osgi-2.17.3-150200.5.16.1 * jackson-databind-2.17.3-150200.3.23.1 * jackson-dataformat-cbor-2.17.3-150200.3.18.1 * jackson-module-afterburner-2.17.3-150200.5.16.1 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Nov 26 08:30:16 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Tue, 26 Nov 2024 08:30:16 -0000 Subject: SUSE-SU-2024:4054-1: moderate: Security update for javapackages-tools, xmlgraphics-batik, xmlgraphics-commons, xmlgraphics-fop Message-ID: <173260981623.4943.2956339715492158430@smelt2.prg2.suse.org> # Security update for javapackages-tools, xmlgraphics-batik, xmlgraphics- commons, xmlgraphics-fop Announcement ID: SUSE-SU-2024:4054-1 Release Date: 2024-11-26T05:06:51Z Rating: moderate References: * bsc#1231347 * bsc#1231428 Cross-References: * CVE-2024-28168 CVSS scores: * CVE-2024-28168 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-28168 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:L * CVE-2024-28168 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for javapackages-tools, xmlgraphics-batik, xmlgraphics-commons, xmlgraphics-fop fixes the following issues: xmlgraphics-fop was updated from version 2.8 to 2.10: * Security issues fixed: * CVE-2024-28168: Fixed improper restriction of XML External Entity (XXE) reference (bsc#1231428) * Upstream changes and bugs fixed: * Version 2.10: * footnote-body ignores rl-tb writing mode * SVG tspan content is displayed out of place * Added new schema to handle pdf/a and pdfa/ua * Correct fop version at runtime * NoSuchElementException when using font with no family name * Resolve classpath for binary distribution * Switch to spotbugs * Set an automatic module name * Rename packages to avoid conflicts with modules * Resize table only for multicolumn page * Missing jars in servlet * Optimise performance of PNG with alpha using raw loader * basic-link not navigating to corresponding footnote * Added option to sign PDF * Added secure processing for XSL input * Allow sections which need security permissions to be run when AllPermission denied in caller code * Remove unused PDFStructElem * Remove space generated by fo:wrapper * Reset content length for table changing ipd * Added alt text to PDF signature * Allow change of resource level for SVG in AFP * Exclude shape not in clipping path for AFP * Only support 1 column for redo of layout without page pos only * Switch to Jakarta servlet API * NPE when list item is split alongside an ipd change * Added mandatory MODCA triplet to AFP * Redo layout for multipage columns * Added image mask option for AFP * Skip written block ipds inside float * Allow curly braces for src url * Missing content for last page with change ipd * Added warning when different pdf languages are used * Only restart line manager when there is a linebreak for blocklayout * Version 2.9: * Values in PDF Number Trees must be indirect references * Do not delete files on syntax errors using command line * Surrogate pair edge-case causes Exception * Reset character spacing * SVG text containing certain glyphs isn't rendered * Remove duplicate classes from maven classpath * Allow use of page position only on redo of layout * Failure to render multi-block itemBody alongside float * Update to PDFBox 2.0.27 * NPE if link destination is missing with accessibility * Make property cache thread safe * Font size was rounded to 0 for AFP TTF * Cannot process a SVG using mvn jars * Remove serializer jar * Allow creating a PDF 2.0 document * Text missing after page break inside table inline * IllegalArgumentException for list in a table * Table width may be too wide when layout width changes * NPE when using broken link and PDF 1.5 * Allow XMP at PDF page level * Symbol font was not being mapped to unicode * Correct font differences table for Chrome * Link against Java 8 API * Added support for font-selection-strategy=character-by-character * Merge form fields in external PDFs * Fixed test for Java 11 xmlgraphics-batik was updated from version 1.17 to 1.18: * PNG transcoder references nonexistent class * Set offset to 0 if missing in stop tag * Validate throws NPE * Fixed missing arabic characters * Animated rotate tranform ignores y-origin at exactly 270 degrees * Set an automatic module name * Ignore inkscape properties * Switch to spotbugs * Allow source and target resolution configuration xmlgraphics-commons was updated from version 2.8 to 2.10: * Fixed test for Java 11 * Allow XMP at PDF page level * Allow source resolution configuration * Added new schema to handle pdf/a and pdfa/ua * Set an automatic module name * Switch to spotbugs * Do not use a singleton for ImageImplRegistry javapackages-tools was updated from version 6.3.0 to 6.3.4: * Version 6.3.4: * A corner case when which is not present * Remove dependency on which * Simplify after the which -> type -p change * jpackage_script: Remove pointless assignment when %java_home is unset * Don't export JAVA_HOME (bsc#1231347) * Version 6.3.2: * Search for JAVACMD under JAVA_HOME only if it's set * Obsolete set_jvm and set_jvm_dirs functions * Drop unneeded _set_java_home function * Remove JAVA_HOME check from check_java_env function * Bump codecov/codecov-action from 2.0.2 to 4.6.0 * Bump actions/setup-python from 4 to 5 * Bump actions/checkout from 2 to 4 * Added custom dependabot config * Remove the test for JAVA_HOME and error if it is not set * java-functions: Remove unneeded local variables * Fixed build status shield * Version 6.3.1: * Allow missing components with abs2rel * Fixed tests with python 3.4 * Sync spec file from Fedora * Drop default JRE/JDK * Fixed the use of java-functions in scripts * Test that we don't bomb on * Test variable expansion in artifactId * Interpolate properties also in the current artifact * Rewrite abs2rel in shell * Use asciidoctor instead of asciidoc * Fixed incompatibility with RPM 4.20 * Reproducible exclusions order in maven metadata * Do not bomb on construct * Make maven_depmap order of aliases reproducible ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4054=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4054=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4054=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4054=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-4054=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-4054=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-4054=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4054=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-4054=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4054=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4054=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4054=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4054=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-4054=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4054=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4054=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-4054=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4054=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4054=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4054=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4054=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-4054=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * openSUSE Leap 15.5 (noarch) * xmlgraphics-batik-svgpp-1.18-150200.4.10.2 * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * xmlgraphics-batik-javadoc-1.18-150200.4.10.2 * xmlgraphics-batik-ttf2svg-1.18-150200.4.10.2 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-batik-squiggle-1.18-150200.4.10.2 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-javadoc-2.10-150200.3.10.2 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-rasterizer-1.18-150200.4.10.2 * xmlgraphics-batik-css-1.18-150200.4.10.2 * xmlgraphics-batik-demo-1.18-150200.4.10.2 * xmlgraphics-batik-slideshow-1.18-150200.4.10.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * openSUSE Leap 15.6 (noarch) * xmlgraphics-batik-svgpp-1.18-150200.4.10.2 * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * xmlgraphics-batik-javadoc-1.18-150200.4.10.2 * xmlgraphics-batik-ttf2svg-1.18-150200.4.10.2 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-batik-squiggle-1.18-150200.4.10.2 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-javadoc-2.10-150200.3.10.2 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-rasterizer-1.18-150200.4.10.2 * xmlgraphics-batik-css-1.18-150200.4.10.2 * xmlgraphics-batik-demo-1.18-150200.4.10.2 * xmlgraphics-batik-slideshow-1.18-150200.4.10.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * Basesystem Module 15-SP5 (noarch) * python3-javapackages-6.3.4-150200.3.15.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * Basesystem Module 15-SP6 (noarch) * python3-javapackages-6.3.4-150200.3.15.1 * Development Tools Module 15-SP5 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * Development Tools Module 15-SP6 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * javapackages-local-6.3.4-150200.3.15.1 * SUSE Package Hub 15 15-SP6 (noarch) * xmlgraphics-batik-css-1.18-150200.4.10.2 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 * SUSE Manager Proxy 4.3 (x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Manager Proxy 4.3 (noarch) * python3-javapackages-6.3.4-150200.3.15.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * python3-javapackages-6.3.4-150200.3.15.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Manager Server 4.3 (noarch) * python3-javapackages-6.3.4-150200.3.15.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * javapackages-filesystem-6.3.4-150200.3.15.1 * javapackages-tools-6.3.4-150200.3.15.1 * SUSE Enterprise Storage 7.1 (noarch) * javapackages-ivy-6.3.4-150200.3.15.1 * javapackages-gradle-6.3.4-150200.3.15.1 * python3-javapackages-6.3.4-150200.3.15.1 * xmlgraphics-fop-2.10-150200.13.10.1 * xmlgraphics-commons-2.10-150200.3.10.2 * xmlgraphics-batik-1.18-150200.4.10.2 * javapackages-local-6.3.4-150200.3.15.1 * xmlgraphics-batik-css-1.18-150200.4.10.2 ## References: * https://www.suse.com/security/cve/CVE-2024-28168.html * https://bugzilla.suse.com/show_bug.cgi?id=1231347 * https://bugzilla.suse.com/show_bug.cgi?id=1231428 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Nov 26 08:30:20 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Tue, 26 Nov 2024 08:30:20 -0000 Subject: SUSE-SU-2024:4053-1: important: Security update for ucode-intel Message-ID: <173260982017.4943.5845539635713567992@smelt2.prg2.suse.org> # Security update for ucode-intel Announcement ID: SUSE-SU-2024:4053-1 Release Date: 2024-11-26T03:37:12Z Rating: important References: * bsc#1233313 Cross-References: * CVE-2024-21820 * CVE-2024-21853 * CVE-2024-23918 * CVE-2024-23984 * CVE-2024-24968 CVSS scores: * CVE-2024-21820 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N * CVE-2024-21820 ( SUSE ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N * CVE-2024-21820 ( NVD ): 8.5 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-21820 ( NVD ): 7.2 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:N * CVE-2024-21853 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-21853 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-21853 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-21853 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23918 ( SUSE ): 8.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-23918 ( SUSE ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-23918 ( NVD ): 8.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-23918 ( NVD ): 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-23984 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-23984 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-23984 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-23984 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N * CVE-2024-24968 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-24968 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H * CVE-2024-24968 ( NVD ): 5.6 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-24968 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities can now be installed. ## Description: This update for ucode-intel fixes the following issues: * Intel CPU Microcode was updated to the 20241112 release (bsc#1233313) * CVE-2024-21853: Faulty finite state machines (FSMs) in the hardware logic in some 4th and 5th Generation Intel Xeon Processors may allow an authorized user to potentially enable denial of service via local access. * CVE-2024-23918: Improper conditions check in some Intel Xeon processor memory controller configurations when using Intel SGX may allow a privileged user to potentially enable escalation of privilege via local access. * CVE-2024-21820: Incorrect default permissions in some Intel Xeon processor memory controller configurations when using Intel SGX may allow a privileged user to potentially enable escalation of privilege via local access. * CVE-2024-24968: Improper finite state machines (FSMs) in hardware logic in some Intel Processors may allow an privileged user to potentially enable a denial of service via local access. * CVE-2024-23984: Observable discrepancy in RAPL interface for some Intel Processors may allow a privileged user to potentially enable information disclosure via local access. * Update for functional issues. New Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ADL | C0 | 06-97-02/07 | 00000036 | 00000037 | Core Gen12 | ADL | H0 | 06-97-05/07 | 00000036 | 00000037 | Core Gen12 | ADL | L0 | 06-9a-03/80 | 00000434 | 00000435 | Core Gen12 | ADL | R0 | 06-9a-04/80 | 00000434 | 00000435 | Core Gen12 | EMR-SP | A0 | 06-cf-01/87 | 21000230 | 21000283 | Xeon Scalable Gen5 | EMR-SP | A1 | 06-cf-02/87 | 21000230 | 21000283 | Xeon Scalable Gen5 | MTL | C0 | 06-aa-04/e6 | 0000001f | 00000020 | Core? Ultra Processor | RPL-H/P/PX 6+8 | J0 | 06-ba-02/e0 | 00004122 | 00004123 | Core Gen13 | RPL-HX/S | C0 | 06-bf-02/07 | 00000036 | 00000037 | Core Gen13/Gen14 | RPL-S | H0 | 06-bf-05/07 | 00000036 | 00000037 | Core Gen13/Gen14 | RPL-U 2+8 | Q0 | 06-ba-03/e0 | 00004122 | 00004123 | Core Gen13 | SPR-SP | E3 | 06-8f-06/87 | 2b0005c0 | 2b000603 | Xeon Scalable Gen4 | SPR-SP | E4/S2 | 06-8f-07/87 | 2b0005c0 | 2b000603 | Xeon Scalable Gen4 | SPR-SP | E5/S3 | 06-8f-08/87 | 2b0005c0 | 2b000603 | Xeon Scalable Gen4 New Disclosures Updated in Prior Releases: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | ICL-D | B0 | 06-6c-01/10 | 010002b0 | N/A | Xeon D-17xx/D-18xx, D-27xx/D-28xx | ICX-SP | Dx/M1 | 06-6a-06/87 | 0d0003e7 | N/A | Xeon Scalable Gen3 * Intel CPU Microcode was updated to the 20241029 release Update for functional issues. Updated Platforms: | Processor | Stepping | F-M-S/PI | Old Ver | New Ver | Products |:---------------|:---------|:------------|:---------|:---------|:--------- | RPL-E/HX/S | B0 | 06-b7-01/32 | 00000129 | 0000012b | Core Gen13/Gen14 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-4053=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4053=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4053=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4053=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4053=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4053=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4053=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-4053=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4053=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4053=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4053=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-4053=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4053=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4053=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4053=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4053=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-4053=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4053=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4053=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-4053=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4053=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4053=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4053=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4053=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-4053=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-4053=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-4053=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-4053=1 ## Package List: * openSUSE Leap Micro 5.5 (x86_64) * ucode-intel-20241112-150200.50.1 * openSUSE Leap 15.5 (x86_64) * ucode-intel-20241112-150200.50.1 * openSUSE Leap 15.6 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * ucode-intel-20241112-150200.50.1 * Basesystem Module 15-SP5 (x86_64) * ucode-intel-20241112-150200.50.1 * Basesystem Module 15-SP6 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Manager Proxy 4.3 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Manager Server 4.3 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Enterprise Storage 7.1 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * ucode-intel-20241112-150200.50.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * ucode-intel-20241112-150200.50.1 ## References: * https://www.suse.com/security/cve/CVE-2024-21820.html * https://www.suse.com/security/cve/CVE-2024-21853.html * https://www.suse.com/security/cve/CVE-2024-23918.html * https://www.suse.com/security/cve/CVE-2024-23984.html * https://www.suse.com/security/cve/CVE-2024-24968.html * https://bugzilla.suse.com/show_bug.cgi?id=1233313 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Nov 26 12:30:07 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Tue, 26 Nov 2024 12:30:07 -0000 Subject: SUSE-RU-2024:4068-1: moderate: Recommended update for automake Message-ID: <173262420765.13579.2550235549787592859@smelt2.prg2.suse.org> # Recommended update for automake Announcement ID: SUSE-RU-2024:4068-1 Release Date: 2024-11-26T11:22:19Z Rating: moderate References: * bsc#1232532 Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for automake fixes the following issue: * check python major version and use imp or importlib accordingly (bsc#1232532). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4068=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4068=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4068=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4068=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-4068=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4068=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4068=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4068=1 * SUSE Linux Enterprise Server 15 SP2 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4068=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-4068=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4068=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4068=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-4068=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4068=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4068=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4068=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4068=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-4068=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4068=1 ## Package List: * openSUSE Leap 15.6 (noarch) * automake-1.15.1-150000.4.13.2 * Basesystem Module 15-SP5 (noarch) * automake-1.15.1-150000.4.13.2 * Basesystem Module 15-SP6 (noarch) * automake-1.15.1-150000.4.13.2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS (noarch) * automake-1.15.1-150000.4.13.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * automake-1.15.1-150000.4.13.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * automake-1.15.1-150000.4.13.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * automake-1.15.1-150000.4.13.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * automake-1.15.1-150000.4.13.2 * SUSE Linux Enterprise Server 15 SP2 LTSS (noarch) * automake-1.15.1-150000.4.13.2 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * automake-1.15.1-150000.4.13.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * automake-1.15.1-150000.4.13.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * automake-1.15.1-150000.4.13.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * automake-1.15.1-150000.4.13.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * automake-1.15.1-150000.4.13.2 * SUSE Manager Proxy 4.3 (noarch) * automake-1.15.1-150000.4.13.2 * SUSE Manager Retail Branch Server 4.3 (noarch) * automake-1.15.1-150000.4.13.2 * SUSE Manager Server 4.3 (noarch) * automake-1.15.1-150000.4.13.2 * SUSE Enterprise Storage 7.1 (noarch) * automake-1.15.1-150000.4.13.2 * openSUSE Leap 15.5 (noarch) * automake-1.15.1-150000.4.13.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1232532 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Nov 26 12:30:38 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Tue, 26 Nov 2024 12:30:38 -0000 Subject: SUSE-RU-2024:4061-1: moderate: Recommended update for rubygem-nokogiri Message-ID: <173262423811.13579.15623162271635075170@smelt2.prg2.suse.org> # Recommended update for rubygem-nokogiri Announcement ID: SUSE-RU-2024:4061-1 Release Date: 2024-11-26T08:39:26Z Rating: moderate References: * bsc#1213999 Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for rubygem-nokogiri fixes the following issues: * Only report mismatching libxml2 version if the runtime version is older than the build versin (bsc#1213999) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4061=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4061=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4061=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4061=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4061=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4061=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4061=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4061=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4061=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4061=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4061=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4061=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4061=1 ## Package List: * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * ruby2.5-rubygem-nokogiri-debuginfo-1.8.5-150400.14.6.1 * rubygem-nokogiri-debugsource-1.8.5-150400.14.6.1 * ruby2.5-rubygem-nokogiri-1.8.5-150400.14.6.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * ruby2.5-rubygem-nokogiri-debuginfo-1.8.5-150400.14.6.1 * ruby2.5-rubygem-nokogiri-testsuite-1.8.5-150400.14.6.1 * ruby2.5-rubygem-nokogiri-1.8.5-150400.14.6.1 * ruby2.5-rubygem-nokogiri-doc-1.8.5-150400.14.6.1 * rubygem-nokogiri-debugsource-1.8.5-150400.14.6.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-nokogiri-debuginfo-1.8.5-150400.14.6.1 * ruby2.5-rubygem-nokogiri-testsuite-1.8.5-150400.14.6.1 * ruby2.5-rubygem-nokogiri-1.8.5-150400.14.6.1 * ruby2.5-rubygem-nokogiri-doc-1.8.5-150400.14.6.1 * rubygem-nokogiri-debugsource-1.8.5-150400.14.6.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-nokogiri-debuginfo-1.8.5-150400.14.6.1 * ruby2.5-rubygem-nokogiri-testsuite-1.8.5-150400.14.6.1 * ruby2.5-rubygem-nokogiri-1.8.5-150400.14.6.1 * ruby2.5-rubygem-nokogiri-doc-1.8.5-150400.14.6.1 * rubygem-nokogiri-debugsource-1.8.5-150400.14.6.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-nokogiri-debuginfo-1.8.5-150400.14.6.1 * rubygem-nokogiri-debugsource-1.8.5-150400.14.6.1 * ruby2.5-rubygem-nokogiri-1.8.5-150400.14.6.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-nokogiri-debuginfo-1.8.5-150400.14.6.1 * rubygem-nokogiri-debugsource-1.8.5-150400.14.6.1 * ruby2.5-rubygem-nokogiri-1.8.5-150400.14.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * ruby2.5-rubygem-nokogiri-debuginfo-1.8.5-150400.14.6.1 * rubygem-nokogiri-debugsource-1.8.5-150400.14.6.1 * ruby2.5-rubygem-nokogiri-1.8.5-150400.14.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * ruby2.5-rubygem-nokogiri-debuginfo-1.8.5-150400.14.6.1 * rubygem-nokogiri-debugsource-1.8.5-150400.14.6.1 * ruby2.5-rubygem-nokogiri-1.8.5-150400.14.6.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * ruby2.5-rubygem-nokogiri-debuginfo-1.8.5-150400.14.6.1 * rubygem-nokogiri-debugsource-1.8.5-150400.14.6.1 * ruby2.5-rubygem-nokogiri-1.8.5-150400.14.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * ruby2.5-rubygem-nokogiri-debuginfo-1.8.5-150400.14.6.1 * rubygem-nokogiri-debugsource-1.8.5-150400.14.6.1 * ruby2.5-rubygem-nokogiri-1.8.5-150400.14.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * ruby2.5-rubygem-nokogiri-debuginfo-1.8.5-150400.14.6.1 * rubygem-nokogiri-debugsource-1.8.5-150400.14.6.1 * ruby2.5-rubygem-nokogiri-1.8.5-150400.14.6.1 * SUSE Manager Proxy 4.3 (x86_64) * ruby2.5-rubygem-nokogiri-debuginfo-1.8.5-150400.14.6.1 * rubygem-nokogiri-debugsource-1.8.5-150400.14.6.1 * ruby2.5-rubygem-nokogiri-1.8.5-150400.14.6.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * ruby2.5-rubygem-nokogiri-debuginfo-1.8.5-150400.14.6.1 * rubygem-nokogiri-debugsource-1.8.5-150400.14.6.1 * ruby2.5-rubygem-nokogiri-1.8.5-150400.14.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1213999 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 27 16:32:36 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Wed, 27 Nov 2024 16:32:36 -0000 Subject: SUSE-SU-2024:4078-1: important: Security update for glib2 Message-ID: <173272515646.29122.7527908168695640629@smelt2.prg2.suse.org> # Security update for glib2 Announcement ID: SUSE-SU-2024:4078-1 Release Date: 2024-11-27T12:53:48Z Rating: important References: * bsc#1233282 Cross-References: * CVE-2024-52533 CVSS scores: * CVE-2024-52533 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-52533 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H * CVE-2024-52533 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for glib2 fixes the following issues: * CVE-2024-52533: Fixed a single byte buffer overflow (bsc#1233282). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4078=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-4078=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4078=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4078=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4078=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4078=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4078=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-4078=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4078=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4078=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4078=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4078=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4078=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4078=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4078=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4078=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4078=1 ## Package List: * openSUSE Leap 15.4 (noarch) * glib2-lang-2.70.5-150400.3.17.1 * gio-branding-upstream-2.70.5-150400.3.17.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * glib2-tests-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * glib2-doc-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * glib2-tests-devel-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * glib2-devel-static-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * openSUSE Leap 15.4 (x86_64) * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-32bit-2.70.5-150400.3.17.1 * glib2-devel-32bit-2.70.5-150400.3.17.1 * glib2-devel-32bit-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * glib2-tools-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * glib2-tools-32bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libgmodule-2_0-0-64bit-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-64bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-64bit-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-64bit-2.70.5-150400.3.17.1 * libgio-2_0-0-64bit-debuginfo-2.70.5-150400.3.17.1 * glib2-devel-64bit-2.70.5-150400.3.17.1 * glib2-devel-64bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-64bit-2.70.5-150400.3.17.1 * libgobject-2_0-0-64bit-2.70.5-150400.3.17.1 * glib2-tools-64bit-debuginfo-2.70.5-150400.3.17.1 * glib2-tools-64bit-2.70.5-150400.3.17.1 * libgio-2_0-0-64bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-64bit-2.70.5-150400.3.17.1 * libglib-2_0-0-64bit-debuginfo-2.70.5-150400.3.17.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * openSUSE Leap 15.5 (noarch) * glib2-lang-2.70.5-150400.3.17.1 * gio-branding-upstream-2.70.5-150400.3.17.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * glib2-tests-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * glib2-doc-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * glib2-tests-devel-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * glib2-devel-static-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * openSUSE Leap 15.5 (x86_64) * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-32bit-2.70.5-150400.3.17.1 * glib2-devel-32bit-2.70.5-150400.3.17.1 * glib2-devel-32bit-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * glib2-tools-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * glib2-tools-32bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * Basesystem Module 15-SP5 (noarch) * glib2-lang-2.70.5-150400.3.17.1 * Basesystem Module 15-SP5 (x86_64) * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * glib2-lang-2.70.5-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * glib2-lang-2.70.5-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * glib2-debugsource-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * glib2-lang-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * glib2-lang-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * glib2-lang-2.70.5-150400.3.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * SUSE Manager Proxy 4.3 (x86_64) * glib2-debugsource-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * SUSE Manager Proxy 4.3 (noarch) * glib2-lang-2.70.5-150400.3.17.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * glib2-debugsource-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * glib2-lang-2.70.5-150400.3.17.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * glib2-devel-debuginfo-2.70.5-150400.3.17.1 * libgmodule-2_0-0-2.70.5-150400.3.17.1 * glib2-debugsource-2.70.5-150400.3.17.1 * libgthread-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgthread-2_0-0-2.70.5-150400.3.17.1 * libgobject-2_0-0-2.70.5-150400.3.17.1 * glib2-tools-2.70.5-150400.3.17.1 * glib2-tools-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-2.70.5-150400.3.17.1 * libgmodule-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgio-2_0-0-2.70.5-150400.3.17.1 * glib2-devel-2.70.5-150400.3.17.1 * libgio-2_0-0-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-debuginfo-2.70.5-150400.3.17.1 * SUSE Manager Server 4.3 (noarch) * glib2-lang-2.70.5-150400.3.17.1 * SUSE Manager Server 4.3 (x86_64) * libgio-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-2.70.5-150400.3.17.1 * libgio-2_0-0-32bit-2.70.5-150400.3.17.1 * libgmodule-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-2.70.5-150400.3.17.1 * libgobject-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 * libglib-2_0-0-32bit-debuginfo-2.70.5-150400.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2024-52533.html * https://bugzilla.suse.com/show_bug.cgi?id=1233282 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Nov 27 20:30:03 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Wed, 27 Nov 2024 20:30:03 -0000 Subject: SUSE-RU-2024:4085-1: moderate: Recommended update for sapconf Message-ID: <173273940381.13579.2250834678308928093@smelt2.prg2.suse.org> # Recommended update for sapconf Announcement ID: SUSE-RU-2024:4085-1 Release Date: 2024-11-27T17:44:39Z Rating: moderate References: * bsc#1232373 Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * Server Applications Module 15-SP5 * Server Applications Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for sapconf fixes the following issue: * version update from 5.0.7 to 5.0.8 * starting with 15SP5 change setting of transparent hugepages (THP) from 'never' to 'madvise' because of updated SAP notes (2131662, 2684254, 2031375) (bsc#1232373). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4085=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4085=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4085=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-4085=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-4085=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4085=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4085=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4085=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4085=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4085=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4085=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4085=1 ## Package List: * openSUSE Leap 15.4 (noarch) * sapconf-5.0.8-150400.16.7.2 * openSUSE Leap 15.5 (noarch) * sapconf-5.0.8-150400.16.7.2 * openSUSE Leap 15.6 (noarch) * sapconf-5.0.8-150400.16.7.2 * Server Applications Module 15-SP5 (noarch) * sapconf-5.0.8-150400.16.7.2 * Server Applications Module 15-SP6 (noarch) * sapconf-5.0.8-150400.16.7.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * sapconf-5.0.8-150400.16.7.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * sapconf-5.0.8-150400.16.7.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * sapconf-5.0.8-150400.16.7.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * sapconf-5.0.8-150400.16.7.2 * SUSE Manager Proxy 4.3 (noarch) * sapconf-5.0.8-150400.16.7.2 * SUSE Manager Retail Branch Server 4.3 (noarch) * sapconf-5.0.8-150400.16.7.2 * SUSE Manager Server 4.3 (noarch) * sapconf-5.0.8-150400.16.7.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1232373 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 28 16:32:43 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Thu, 28 Nov 2024 16:32:43 -0000 Subject: SUSE-SU-2024:4107-1: important: Security update for python-waitress Message-ID: <173281156310.13386.13831195699920799997@smelt2.prg2.suse.org> # Security update for python-waitress Announcement ID: SUSE-SU-2024:4107-1 Release Date: 2024-11-28T15:13:29Z Rating: important References: * bsc#1232554 Cross-References: * CVE-2024-49769 CVSS scores: * CVE-2024-49769 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-49769 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49769 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-49769 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python-waitress fixes the following issues: * CVE-2024-49769: Fixed a denial of service caused by incorrect connection clean up (bsc#1232554) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-4107=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4107=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4107=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4107=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-4107=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-4107=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4107=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-4107=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4107=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4107=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4107=1 * SUSE Linux Enterprise Server 15 SP2 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4107=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-4107=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4107=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4107=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-4107=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4107=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4107=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4107=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4107=1 ## Package List: * SUSE Enterprise Storage 7.1 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * openSUSE Leap 15.5 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * Basesystem Module 15-SP5 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * Basesystem Module 15-SP6 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Package Hub 15 15-SP5 (noarch) * python2-waitress-1.4.3-150000.3.9.1 * SUSE Package Hub 15 15-SP6 (noarch) * python2-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise Server 15 SP2 LTSS (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Manager Proxy 4.3 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * python3-waitress-1.4.3-150000.3.9.1 * SUSE Manager Server 4.3 (noarch) * python3-waitress-1.4.3-150000.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-49769.html * https://bugzilla.suse.com/show_bug.cgi?id=1232554 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 28 16:32:46 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Thu, 28 Nov 2024 16:32:46 -0000 Subject: SUSE-SU-2024:4106-1: critical: Security update for tomcat Message-ID: <173281156691.13386.8154424010891549251@smelt2.prg2.suse.org> # Security update for tomcat Announcement ID: SUSE-SU-2024:4106-1 Release Date: 2024-11-28T15:11:06Z Rating: critical References: * bsc#1233434 Cross-References: * CVE-2024-52316 CVSS scores: * CVE-2024-52316 ( SUSE ): 10.0 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-52316 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-52316 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Server 4.3 * Web and Scripting Module 15-SP5 * Web and Scripting Module 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for tomcat fixes the following issues: * Update to Tomcat 9.0.97 * Fixed CVEs: * CVE-2024-52316: If the Jakarta Authentication fails with an exception, set a 500 status (bsc#1233434) * Catalina * Add: Add support for the new Servlet API method HttpServletResponse.sendEarlyHints(). (markt) * Add: 55470: Add debug logging that reports the class path when a ClassNotFoundException occurs in the digester or the web application class loader. Based on a patch by Ralf Hauser. (markt) * Update: 69374: Properly separate between table header and body in DefaultServlet's listing. (michaelo) * Update: 69373: Make DefaultServlet's HTML listing file last modified rendering better (flexible). (michaelo) * Update: Improve HTML output of DefaultServlet. (michaelo) * Code: Refactor RateLimitFilter to use FilterBase as the base class. The primary advantage for doing this is less code to process init-param values. (markt) * Update: 69370: DefaultServlet's HTML listing uses incorrect labels. (michaelo) * Fix: Avoid NPE in CrawlerSessionManagerValve for partially mapped requests. (remm) * Fix: Add missing WebDAV Lock-Token header in the response when locking a folder. (remm) * Fix: Invalid WebDAV lock requests should be rejected with 400. (remm) * Fix: Fix regression in WebDAV when attempting to unlock a collection. (remm) * Fix: Verify that destination is not locked for a WebDAV copy operation. (remm) * Fix: Send 415 response to WebDAV MKCOL operations that include a request body since this is optional and unsupported. (remm) * Fix: Enforce DAV: namespace on WebDAV XML elements. (remm) * Fix: Do not allow a new WebDAV lock on a child resource if a parent collection is locked (RFC 4918 section 6.1). (remm) * Fix: WebDAV Delete should remove any existing lock on successfully deleted resources. (remm) * Update: Remove WebDAV lock null support in accordance with RFC 4918 section 7.3 and annex D. Instead, a lock on a non-existing resource will create an empty file locked with a regular lock. (remm) * Update: Rewrite implementation of WebDAV shared locks to comply with RFC 4918. (remm) * Update: Implement WebDAV If header using code from the Apache Jackrabbit project. (remm) * Add: Add PropertyStore interface in the WebDAV Servlet, to allow implementation of dead properties storage. The store used can be configured using the 'propertyStore' init parameter of the WebDAV servlet. A simple non-persistent implementation is used if no custom store is configured. (remm) * Update: Implement WebDAV PROPPATCH method using the newly added PropertyStore. (remm) * Fix: Cache not found results when searching for web application class loader resources. This addresses performance problems caused by components such as java.sql.DriverManager which, in some circumstances, will search for the same class repeatedly. In a large web application this can cause performance problems. The size of the cache can be controlled via the new notFoundClassResourceCacheSize on the StandardContext. (markt) * Fix: Stop after INITIALIZED state should be a noop since it is possible for subcomponents to be in FAILED after init. (remm) * Fix: Fix incorrect web resource cache size calculations when there are concurrent PUT and DELETE requests for the same resource. (markt) * Add: Add debug logging for the web resource cache so the current size can be tracked as resources are added and removed. (markt) * Update: Replace legacy WebDAV opaquelocktoken: scheme for lock tokens with urn:uuid: as recommended by RFC 4918, and remove secret init parameter. (remm) * Fix: Concurrent reads and writes (e.g. GET and PUT / DELETE) for the same path caused corruption of the FileResource where some of the fields were set as if the file exists and some as set as if it does not. This resulted in inconsistent metadata. (markt) * Fix: 69415: Ensure that the ExpiresFilter only sets cache headers on GET and HEAD requests. Also skip requests where the application has set Cache-Control: no-store. (markt) * Fix: 69419: Improve the performance of ServletRequest.getAttribute() when there are multiple levels of nested includes. Based on a patch provided by John Engebretson. (markt) * Add: All applications to send an early hints informational response by calling HttpServletResponse.sendError() with a status code of 103. (schultz) * Fix: Ensure that the Jakarta Authentication CallbackHandler only creates one GenericPrincipal in the Subject. (markt) * Fix: If the Jakarta Authentication process fails with an Exception, explicitly set the HTTP response status to 500 as the ServerAuthContext may not have set it. (markt) * Fix: When persisting the Jakarta Authentication provider configuration, create any necessary parent directories that don't already exist. (markt) * Fix: Correct the logic used to detect errors when deleting temporary files associated with persisting the Jakarta Authentication provider configuration. (markt) * Fix: When processing Jakarta Authentication callbacks, don't overwrite a Principal obtained from the PasswordValidationCallback with null if the CallerPrincipalCallback does not provide a Principal. (markt) * Fix: Avoid store config backup loss when storing one configuration more than once per second. (remm) * Fix: 69359: WebdavServlet duplicates getRelativePath() method from super class with incorrect Javadoc. (michaelo) * Fix: 69360: Inconsistent DELETE behavior between WebdavServlet and DefaultServlet. (michaelo) * Fix: Make WebdavServlet properly return the Allow header when deletion of a resource is not allowed. (michaelo) * Fix: Add log warning if non wildcard mappings are used with the WebdavServlet. (remm) * Fix: 69361: Ensure that the order of entries in a multi-status response to a WebDAV is consistent with the order in which resources were processed. (markt) * Fix: 69362: Provide a better multi-status response when deleting a collection via WebDAV fails. Empty directories that cannot be deleted will now be included in the response. (markt) * Fix: 69363: Use getPathPrefix() consistently in the WebDAV servlet to ensure that the correct path is used when the WebDAV servlet is mounted at a sub-path within the web application. (markt) * Fix: Improve performance of ApplicationHttpRequest.parseParameters(). Based on sample code and test cases provided by John Engebretson. (markt) * Add: Add support for RFC 8297 (Early Hints). Applications can use this feature by casting the HttpServletResponse to org.apache.catalina.connector.Reponse and then calling the method void sendEarlyHints(). This method will be added to the Servlet API (removing the need for the cast) in Servlet 6.2 onwards. (markt) * Fix: 69214: Do not reject a CORS request that uses POST but does not include a content-type header. Tomcat now correctly processes this as a simple CORS request. Based on a patch suggested by thebluemountain. (markt) * Fix: Refactor SpnegoAuthenticator so it uses Subject.callAs() rather than Subject.doAs() when available. (markt) * Coyote * Fix: Return null SSL session id on zero length byte array returned from the SSL implementation. (remm) * Fix: Skip OpenSSLConf with BoringSSL since it is unsupported. (remm) * Fix: Create the HttpParser in Http11Processor if it is not present on the AbstractHttp11Protocol to provide better lifecycle robustness for regular HTTP/1.1. The new behavior was introduced on a previous refactoring to improve HTTP/2 performance. (remm) * Fix: OpenSSLContext will now throw a KeyManagementException if something is known to have gone wrong in the init method, which is the behavior documented by javax.net.ssl.SSLContext.init. This makes error handling more consistent. (remm) * Fix: 69316: Ensure that FastHttpDateFormat#getCurrentDate() (used to generate Date headers for HTTP responses) generates the correct string for the given input. Prior to this change, the output may have been wrong by one second in some cases. Pull request #751 provided by Chenjp. (markt) * Add: Add server and serverRemoveAppProvidedValues to the list of attributes the HTTP/2 protocol will inherit from the HTTP/1.1 connector it is nested within. (markt) * Fix: Avoid possible crashes when using Apache Tomcat Native, caused by destroying SSLContext objects through GC after APR has been terminated. (remm) * Fix: Improve HTTP/2 handling of trailer fields for requests. Trailer fields no longer need to be received before the headers of the subsequent stream nor are trailer fields for an in-progress stream swallowed if the Connector is paused before the trailer fields are received. (markt) * Fix: Ensure the request and response are not recycled too soon for an HTTP/2 stream when a stream level error is detected during the processing of incoming HTTP/2 frames. This could lead to incorrect processing times appearing in the access log. (markt) * Fix: Fix 69320, a regression in the fix for 69302 that meant the HTTP/2 processing was likely to be broken for all clients once any client sent an HTTP/2 reset frame. (markt) * Fix: Correct a regression in the fix for non-blocking reads of chunked request bodies that caused InputStream.available() to return a non-zero value when there was no data to read. In some circumstances this could cause a blocking read to block waiting for more data rather than return the data it had already received. (markt) * Add: Add a new attribute cookiesWithoutEquals to the Rfc6265CookieProcessor. The default behaviour is unchanged. (markt) * Fix: Ensure that Tomcat sends a TLS close_notify message after receiving one from the client when using the OpenSSLImplementation. (markt) * Fix: 69301: Fix trailer headers replacing non-trailer headers when writing response headers to the access log. Based on a patch and test case provided by hypnoce. (markt) * Fix: 69302: If an HTTP/2 client resets a stream before the request body is fully written, ensure that any ReadListener is notified via a call to ReadListener.onErrror(). (markt) * Fix: Correct regressions in the refactoring that added recycling of the coyote request and response to the HTTP/2 processing. (markt) * Add: Add OpenSSL integration using the FFM API rather than Tomcat Native. OpenSSL support may be enabled by adding the org.apache.catalina.core.OpenSSLLifecycleListener listener on the Server element when using Java 22 or later. (remm) * Fix: Ensure that HTTP/2 stream input buffers are only created when there is a request body to be read. (markt) * Code: Refactor creation of HttpParser instances from the Processor level to the Protocol level since the parser configuration depends on the protocol and the parser is, otherwise, stateless. (markt) * Add: Align HTTP/2 with HTTP/1.1 and recycle the container internal request and response processing objects by default. This behaviour can be controlled via the new discardRequestsAndResponses attribute on the HTTP/2 upgrade protocol. (markt) * Jasper * Fix: Add back tag release method as deprecated in the runtime for compatibility with old generated code. (remm) * Fix: 69399: Fix regression caused by the improvement 69333 which caused the tag release to be called when using tag pooling, and to be skipped when not using it. Patch submitted by Michal Sobkiewicz. (remm) * Fix: 69381: Improve method lookup performance in expression language. When the required method has no arguments there is no need to consider casting or coercion and the method lookup process can be simplified. Based on pull request #770 by John Engebretson. * Fix: 69382: Improve the performance of the JSP include action by re-using results of relatively expensive method calls in the generated code rather than repeating them. Patch provided by John Engebretson. (markt) * Fix: 69398: Avoid unnecessary object allocation in PageContextImpl. Based on a suggestion by John Engebretson. (markt) * Fix: 69406: When using StringInterpreterEnum, do not throw an IllegalArgumentException when an invalid Enum is encountered. Instead, resolve the value at runtime. Patch provided by John Engebretson. (markt) * Fix: 69429: Optimise EL evaluation of method parameters for methods that do not accept any parameters. Patch provided by John Engebretson. (markt) * Fix: 69333: Remove unnecessary code from generated JSPs. (markt) * Fix: 69338: Improve the performance of processing expressions that include AND or OR operations with more than two operands and expressions that use not empty. (markt) * Fix: 69348: Reduce memory consumption in ELContext by using lazy initialization for the data structure used to track lambda arguments. (markt) * Fix: Switch the TldScanner back to logging detailed scan results at debug level rather than trace level. (markt) * Web applications * Fix: The manager webapp will now be able to access certificates again when OpenSSL is used. (remm) * Fix: Documentation. Align the logging configuration documentation with the current defaults. (markt) * WebSocket * Fix: If a blocking message write exceeds the timeout, don't attempt the write again before throwing the exception. (markt) * Fix: An EncodeException being thrown during a message write should not automatically cause the connection to close. The application should handle the exception and make the decision whether or not to close the connection. (markt) * jdbc-pool * Fix: 69255: Correct a regression in the fix for 69206 that meant exceptions executing statements were wrapped in a java.lang.reflect.UndeclaredThrowableException rather than the application seeing the original SQLException. Fixed by pull request #744 provided by Michael Clarke. (markt) * Fix: 69279: Correct a regression in the fix for 69206 that meant that methods that previously returned a null ResultSet were returning a proxy with a null delegate. Fixed by pull request #745 provided by Huub de Beer. (markt) * Fix: 69206: Ensure statements returned from Statement methods executeQuery(), getResultSet() and getGeneratedKeys() are correctly wrapped before being returned to the caller. Based on pull request #742 provided by Michael Clarke. * Other * Update: Switch from DigiCert ONE to ssl.com eSigner for code signing. (markt) * Update: Update Byte Buddy to 1.15.10. (markt) * Update: Update CheckStyle to 10.20.0. (markt) * Add: Improvements to German translations. (remm) * Add: Improvements to French translations. (remm) * Add: Improvements to Japanese translations by tak7iji. (markt) * Add: Improvements to Chinese translations by Ch_jp. (markt) * Add: Exclude the tomcat-coyote-ffm.jar from JAR scanning by default. (markt) * Fix: Change the default log handler level to ALL so log messages are not dropped by default if a logger is configured to use trace (FINEST) level logging. (markt) * Update: Update Hamcrest to 3.0. (markt) * Update: Update EasyMock to 5.4.0. (markt) * Update: Update Byte Buddy to 1.15.0. (markt) * Update: Update CheckStyle to 10.18.0. (markt) * Update: Update the internal fork of Apache Commons BCEL to 6.10.0. (markt) * Add: Improvements to Spanish translations by Fernando. (markt) * Add: Improvements to French translations. (remm) * Add: Improvements to Japanese translations by tak7iji. (markt) * Fix: Fix packaging regression with missing osgi information following addition of the test-only build target. (remm) * Update: Update Tomcat Native to 1.3.1. (markt) * Update: Update Byte Buddy to 1.14.18. (markt) * Add: Improvements to French translations. (remm) * Add: Improvements to Japanese translations by tak7iji. (markt) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2024-4106=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4106=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-4106=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4106=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4106=1 * SUSE Linux Enterprise Server 15 SP2 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4106=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-4106=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4106=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4106=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-4106=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4106=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4106=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-4106=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4106=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4106=1 * Web and Scripting Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP5-2024-4106=1 ## Package List: * Web and Scripting Module 15-SP6 (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Linux Enterprise Server 15 SP2 LTSS (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Manager Server 4.3 (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * SUSE Enterprise Storage 7.1 (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * openSUSE Leap 15.5 (noarch) * tomcat-javadoc-9.0.97-150200.71.1 * tomcat-jsvc-9.0.97-150200.71.1 * tomcat-docs-webapp-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-webapps-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-embed-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * openSUSE Leap 15.6 (noarch) * tomcat-javadoc-9.0.97-150200.71.1 * tomcat-jsvc-9.0.97-150200.71.1 * tomcat-docs-webapp-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-webapps-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-embed-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 * Web and Scripting Module 15-SP5 (noarch) * tomcat-webapps-9.0.97-150200.71.1 * tomcat-el-3_0-api-9.0.97-150200.71.1 * tomcat-9.0.97-150200.71.1 * tomcat-servlet-4_0-api-9.0.97-150200.71.1 * tomcat-jsp-2_3-api-9.0.97-150200.71.1 * tomcat-lib-9.0.97-150200.71.1 * tomcat-admin-webapps-9.0.97-150200.71.1 ## References: * https://www.suse.com/security/cve/CVE-2024-52316.html * https://bugzilla.suse.com/show_bug.cgi?id=1233434 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Nov 28 16:32:53 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Thu, 28 Nov 2024 16:32:53 -0000 Subject: SUSE-RU-2024:4102-1: moderate: Recommended update for yast2-auth-server Message-ID: <173281157336.13386.17271156722093741477@smelt2.prg2.suse.org> # Recommended update for yast2-auth-server Announcement ID: SUSE-RU-2024:4102-1 Release Date: 2024-11-28T12:52:46Z Rating: moderate References: * bsc#1207831 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for yast2-auth-server fixes the following issues: * Version update v4.4.1 * Fix y2log path in popup messages (bsc#1207831). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4102=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4102=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4102=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4102=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4102=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4102=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4102=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4102=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4102=1 ## Package List: * openSUSE Leap 15.4 (noarch) * yast2-auth-server-4.4.1-150400.3.3.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * yast2-auth-server-4.4.1-150400.3.3.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * yast2-auth-server-4.4.1-150400.3.3.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * yast2-auth-server-4.4.1-150400.3.3.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * yast2-auth-server-4.4.1-150400.3.3.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * yast2-auth-server-4.4.1-150400.3.3.2 * SUSE Manager Proxy 4.3 (noarch) * yast2-auth-server-4.4.1-150400.3.3.2 * SUSE Manager Retail Branch Server 4.3 (noarch) * yast2-auth-server-4.4.1-150400.3.3.2 * SUSE Manager Server 4.3 (noarch) * yast2-auth-server-4.4.1-150400.3.3.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1207831 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 29 20:30:13 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 29 Nov 2024 20:30:13 -0000 Subject: SUSE-SU-2024:4117-1: important: Security update for webkit2gtk3 Message-ID: <173291221397.13380.4779620614209771900@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2024:4117-1 Release Date: 2024-11-29T16:23:46Z Rating: important References: * bsc#1232747 * bsc#1233631 * bsc#1233632 Cross-References: * CVE-2024-44185 * CVE-2024-44296 * CVE-2024-44308 * CVE-2024-44309 * CVE-2044-44244 CVSS scores: * CVE-2024-44185 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44185 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44296 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-44296 ( SUSE ): 4.2 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-44296 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-44296 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-44308 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-44308 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-44308 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-44309 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-44309 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-44309 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * Development Tools Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.46.3 (bsc#1232747), including fixes for: * CVE-2024-44308: Fixed arbitrary code execution by not allocating DFG register after a slow path (bsc#1233631). * CVE-2024-44309: Fixed a data isolation bypass vulnerability (bsc#1233632). * CVE-2024-44244: Processing maliciously crafted web content may lead to an unexpected process crash. * CVE-2024-44296: Processing maliciously crafted web content may prevent Content Security Policy from being enforced. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4117=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4117=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-4117=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4117=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-4117=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-4117=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4117=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4117=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4117=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4117=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4117=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4117=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4117=1 ## Package List: * SUSE Manager Server 4.3 (noarch) * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 * openSUSE Leap 15.4 (noarch) * WebKitGTK-6.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.1-lang-2.46.3-150400.4.97.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * webkit2gtk3-minibrowser-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-debugsource-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-2.46.3-150400.4.97.1 * webkit2gtk4-debugsource-2.46.3-150400.4.97.1 * webkit2gtk4-minibrowser-2.46.3-150400.4.97.1 * webkit2gtk4-devel-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk4-minibrowser-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-6_0-2.46.3-150400.4.97.1 * webkit2gtk3-minibrowser-debuginfo-2.46.3-150400.4.97.1 * webkit-jsc-4.1-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-minibrowser-2.46.3-150400.4.97.1 * webkit2gtk3-devel-2.46.3-150400.4.97.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-2.46.3-150400.4.97.1 * typelib-1_0-WebKit-6_0-2.46.3-150400.4.97.1 * webkitgtk-6_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_1-2.46.3-150400.4.97.1 * webkit-jsc-4-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_1-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 * webkit-jsc-4-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * webkit-jsc-4.1-debuginfo-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-2.46.3-150400.4.97.1 * webkit-jsc-6.0-2.46.3-150400.4.97.1 * webkit-jsc-6.0-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * openSUSE Leap 15.4 (x86_64) * libwebkit2gtk-4_1-0-32bit-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-32bit-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-32bit-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-32bit-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.3-150400.4.97.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-64bit-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-64bit-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-64bit-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-64bit-2.46.3-150400.4.97.1 * openSUSE Leap 15.5 (noarch) * WebKitGTK-6.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.1-lang-2.46.3-150400.4.97.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * webkit2gtk3-minibrowser-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-debugsource-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-2.46.3-150400.4.97.1 * webkit2gtk4-debugsource-2.46.3-150400.4.97.1 * webkit2gtk4-minibrowser-2.46.3-150400.4.97.1 * webkit2gtk4-devel-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk4-minibrowser-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-6_0-2.46.3-150400.4.97.1 * webkit2gtk3-minibrowser-debuginfo-2.46.3-150400.4.97.1 * webkit-jsc-4.1-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-minibrowser-2.46.3-150400.4.97.1 * webkit2gtk3-devel-2.46.3-150400.4.97.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-2.46.3-150400.4.97.1 * typelib-1_0-WebKit-6_0-2.46.3-150400.4.97.1 * webkitgtk-6_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_1-2.46.3-150400.4.97.1 * webkit-jsc-4-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_1-2.46.3-150400.4.97.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 * webkit-jsc-4-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-2.46.3-150400.4.97.1 * webkit-jsc-4.1-debuginfo-2.46.3-150400.4.97.1 * webkit-jsc-6.0-2.46.3-150400.4.97.1 * webkit-jsc-6.0-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * openSUSE Leap 15.5 (x86_64) * libwebkit2gtk-4_1-0-32bit-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-32bit-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-32bit-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-32bit-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.3-150400.4.97.1 * Basesystem Module 15-SP5 (noarch) * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 * Desktop Applications Module 15-SP5 (noarch) * WebKitGTK-4.1-lang-2.46.3-150400.4.97.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libwebkit2gtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_1-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk3-debugsource-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_1-2.46.3-150400.4.97.1 * webkit2gtk3-devel-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-2.46.3-150400.4.97.1 * Development Tools Module 15-SP5 (noarch) * WebKitGTK-6.0-lang-2.46.3-150400.4.97.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * webkitgtk-6_0-injected-bundles-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk4-debugsource-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-debuginfo-2.46.3-150400.4.97.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * WebKitGTK-6.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.1-lang-2.46.3-150400.4.97.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-debugsource-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-2.46.3-150400.4.97.1 * webkit2gtk4-debugsource-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk3-devel-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-2.46.3-150400.4.97.1 * webkitgtk-6_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_1-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_1-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * WebKitGTK-6.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.1-lang-2.46.3-150400.4.97.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-debugsource-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-2.46.3-150400.4.97.1 * webkit2gtk4-debugsource-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk3-devel-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-2.46.3-150400.4.97.1 * webkitgtk-6_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_1-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_1-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * WebKitGTK-6.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.1-lang-2.46.3-150400.4.97.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-debugsource-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-2.46.3-150400.4.97.1 * webkit2gtk4-debugsource-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk3-devel-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-2.46.3-150400.4.97.1 * webkitgtk-6_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_1-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_1-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * WebKitGTK-6.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.1-lang-2.46.3-150400.4.97.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-debugsource-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-2.46.3-150400.4.97.1 * webkit2gtk4-debugsource-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk3-devel-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-2.46.3-150400.4.97.1 * webkitgtk-6_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_1-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_1-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * WebKitGTK-6.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * WebKitGTK-4.1-lang-2.46.3-150400.4.97.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-debugsource-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-2.46.3-150400.4.97.1 * webkit2gtk4-debugsource-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk3-devel-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_1-0-2.46.3-150400.4.97.1 * webkitgtk-6_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_1-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_1-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_1-injected-bundles-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-2.46.3-150400.4.97.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_1-0-2.46.3-150400.4.97.1 * libwebkitgtk-6_0-4-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * SUSE Manager Proxy 4.3 (noarch) * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * SUSE Manager Proxy 4.3 (x86_64) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * WebKitGTK-4.0-lang-2.46.3-150400.4.97.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libjavascriptcoregtk-4_0-18-2.46.3-150400.4.97.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-2.46.3-150400.4.97.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2-4_0-2.46.3-150400.4.97.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.3-150400.4.97.1 * libwebkit2gtk-4_0-37-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-debugsource-2.46.3-150400.4.97.1 * typelib-1_0-JavaScriptCore-4_0-2.46.3-150400.4.97.1 * webkit2gtk3-soup2-devel-2.46.3-150400.4.97.1 ## References: * https://www.suse.com/security/cve/CVE-2024-44185.html * https://www.suse.com/security/cve/CVE-2024-44296.html * https://www.suse.com/security/cve/CVE-2024-44308.html * https://www.suse.com/security/cve/CVE-2024-44309.html * https://www.suse.com/security/cve/CVE-2044-44244.html * https://bugzilla.suse.com/show_bug.cgi?id=1232747 * https://bugzilla.suse.com/show_bug.cgi?id=1233631 * https://bugzilla.suse.com/show_bug.cgi?id=1233632 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Nov 29 20:30:20 2024 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 29 Nov 2024 20:30:20 -0000 Subject: SUSE-SU-2024:4116-1: important: Security update for xen Message-ID: <173291222004.13380.14837015617441634844@smelt2.prg2.suse.org> # Security update for xen Announcement ID: SUSE-SU-2024:4116-1 Release Date: 2024-11-29T16:06:18Z Rating: important References: * bsc#1232542 * bsc#1232622 * bsc#1232624 Cross-References: * CVE-2024-45818 * CVE-2024-45819 CVSS scores: * CVE-2024-45818 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-45818 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-45819 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N * CVE-2024-45819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2024-45818: Fixed deadlock in x86 HVM standard VGA handling (XSA-463) (bsc#1232622). * CVE-2024-45819: Fixed libxl data leaks to PVH guests via ACPI tables (XSA-464) (bsc#1232624). Bug fixes: * Remove usage of net-tools-deprecated from supportconfig plugin (bsc#1232542). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-4116=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4116=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-4116=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4116=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-4116=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4116=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4116=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4116=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4116=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4116=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4116=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-4116=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4116=1 ## Package List: * openSUSE Leap 15.4 (aarch64 x86_64 i586) * xen-tools-domU-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-devel-4.16.6_06-150400.4.65.1 * xen-libs-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * openSUSE Leap 15.4 (x86_64) * xen-libs-32bit-debuginfo-4.16.6_06-150400.4.65.1 * xen-libs-32bit-4.16.6_06-150400.4.65.1 * openSUSE Leap 15.4 (aarch64 x86_64) * xen-tools-4.16.6_06-150400.4.65.1 * xen-4.16.6_06-150400.4.65.1 * xen-tools-debuginfo-4.16.6_06-150400.4.65.1 * xen-doc-html-4.16.6_06-150400.4.65.1 * openSUSE Leap 15.4 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_06-150400.4.65.1 * openSUSE Leap 15.4 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.16.6_06-150400.4.65.1 * xen-libs-64bit-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * xen-libs-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise Micro 5.3 (x86_64) * xen-libs-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * xen-libs-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise Micro 5.4 (x86_64) * xen-libs-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * xen-tools-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-devel-4.16.6_06-150400.4.65.1 * xen-4.16.6_06-150400.4.65.1 * xen-libs-4.16.6_06-150400.4.65.1 * xen-tools-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * xen-tools-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-devel-4.16.6_06-150400.4.65.1 * xen-4.16.6_06-150400.4.65.1 * xen-libs-4.16.6_06-150400.4.65.1 * xen-tools-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * xen-tools-domU-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-libs-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * xen-tools-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-devel-4.16.6_06-150400.4.65.1 * xen-4.16.6_06-150400.4.65.1 * xen-libs-4.16.6_06-150400.4.65.1 * xen-tools-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * xen-tools-xendomains-wait-disk-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * xen-tools-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-devel-4.16.6_06-150400.4.65.1 * xen-4.16.6_06-150400.4.65.1 * xen-libs-4.16.6_06-150400.4.65.1 * xen-tools-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_06-150400.4.65.1 * SUSE Manager Proxy 4.3 (x86_64) * xen-tools-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-devel-4.16.6_06-150400.4.65.1 * xen-4.16.6_06-150400.4.65.1 * xen-libs-4.16.6_06-150400.4.65.1 * xen-tools-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Manager Proxy 4.3 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_06-150400.4.65.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * xen-tools-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-devel-4.16.6_06-150400.4.65.1 * xen-4.16.6_06-150400.4.65.1 * xen-libs-4.16.6_06-150400.4.65.1 * xen-tools-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_06-150400.4.65.1 * SUSE Manager Server 4.3 (x86_64) * xen-tools-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-debuginfo-4.16.6_06-150400.4.65.1 * xen-tools-domU-4.16.6_06-150400.4.65.1 * xen-libs-debuginfo-4.16.6_06-150400.4.65.1 * xen-devel-4.16.6_06-150400.4.65.1 * xen-4.16.6_06-150400.4.65.1 * xen-libs-4.16.6_06-150400.4.65.1 * xen-tools-4.16.6_06-150400.4.65.1 * xen-debugsource-4.16.6_06-150400.4.65.1 * SUSE Manager Server 4.3 (noarch) * xen-tools-xendomains-wait-disk-4.16.6_06-150400.4.65.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45818.html * https://www.suse.com/security/cve/CVE-2024-45819.html * https://bugzilla.suse.com/show_bug.cgi?id=1232542 * https://bugzilla.suse.com/show_bug.cgi?id=1232622 * https://bugzilla.suse.com/show_bug.cgi?id=1232624 -------------- next part -------------- An HTML attachment was scrubbed... URL: