From null at suse.de Mon Jan 6 08:30:04 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 06 Jan 2025 08:30:04 -0000 Subject: SUSE-RU-2025:0014-1: important: Recommended update for python3-Flask Message-ID: <173615220428.16729.10140628067495958942@smelt2.prg2.suse.org> # Recommended update for python3-Flask Announcement ID: SUSE-RU-2025:0014-1 Release Date: 2025-01-06T06:29:32Z Rating: important References: * bsc#1233954 Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for python3-Flask fixes the following issues: * Use alternatives for /usr/bin/flask to avoid conflict with python311-Flask package (bsc#1233954) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-14=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-14=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-14=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-14=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-14=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-14=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-14=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-14=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-14=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-14=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2025-14=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-14=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-14=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-14=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-14=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-14=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * python3-Flask-1.0.4-150400.10.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * python3-Flask-1.0.4-150400.10.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * python3-Flask-1.0.4-150400.10.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * python3-Flask-1.0.4-150400.10.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python3-Flask-1.0.4-150400.10.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * python3-Flask-1.0.4-150400.10.1 * SUSE Manager Proxy 4.3 (noarch) * python3-Flask-1.0.4-150400.10.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * python3-Flask-1.0.4-150400.10.1 * SUSE Manager Server 4.3 (noarch) * python3-Flask-1.0.4-150400.10.1 * openSUSE Leap 15.4 (noarch) * python3-Flask-doc-1.0.4-150400.10.1 * python3-Flask-1.0.4-150400.10.1 * openSUSE Leap 15.5 (noarch) * python3-Flask-doc-1.0.4-150400.10.1 * python3-Flask-1.0.4-150400.10.1 * openSUSE Leap 15.6 (noarch) * python3-Flask-doc-1.0.4-150400.10.1 * python3-Flask-1.0.4-150400.10.1 * Basesystem Module 15-SP6 (noarch) * python3-Flask-1.0.4-150400.10.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python3-Flask-1.0.4-150400.10.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python3-Flask-1.0.4-150400.10.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * python3-Flask-1.0.4-150400.10.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1233954 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Mon Jan 6 12:30:15 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Mon, 06 Jan 2025 12:30:15 -0000 Subject: SUSE-SU-2025:0016-1: important: Security update for python-Jinja2 Message-ID: <173616661511.16706.12843733432011383895@smelt2.prg2.suse.org> # Security update for python-Jinja2 Announcement ID: SUSE-SU-2025:0016-1 Release Date: 2025-01-06T09:02:52Z Rating: important References: * bsc#1234809 Cross-References: * CVE-2024-56326 CVSS scores: * CVE-2024-56326 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56326 ( NVD ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-56326 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Public Cloud Module 12 * SUSE Linux Enterprise Desktop 12 * SUSE Linux Enterprise Desktop 12 SP1 * SUSE Linux Enterprise Desktop 12 SP2 * SUSE Linux Enterprise Desktop 12 SP3 * SUSE Linux Enterprise Desktop 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP2 * SUSE Linux Enterprise High Performance Computing 12 SP3 * SUSE Linux Enterprise High Performance Computing 12 SP4 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 * SUSE Linux Enterprise Server 12 SP1 * SUSE Linux Enterprise Server 12 SP2 * SUSE Linux Enterprise Server 12 SP3 * SUSE Linux Enterprise Server 12 SP4 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 * SUSE Linux Enterprise Server for SAP Applications 12 SP1 * SUSE Linux Enterprise Server for SAP Applications 12 SP2 * SUSE Linux Enterprise Server for SAP Applications 12 SP3 * SUSE Linux Enterprise Server for SAP Applications 12 SP4 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Server for the Raspberry Pi 12-SP2 * SUSE Manager Client Tools for SLE 12 An update that solves one vulnerability can now be installed. ## Description: This update for python-Jinja2 fixes the following issues: * CVE-2024-56326: sandbox breakout through indirect reference to format method in template file. (bsc#1234809) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Client Tools for SLE 12 zypper in -t patch SUSE-SLE-Manager-Tools-12-2025-16=1 * Public Cloud Module 12 zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2025-16=1 ## Package List: * SUSE Manager Client Tools for SLE 12 (noarch) * python-Jinja2-2.8-19.31.1 * python3-Jinja2-2.8-19.31.1 * Public Cloud Module 12 (noarch) * python-Jinja2-2.8-19.31.1 * python3-Jinja2-2.8-19.31.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56326.html * https://bugzilla.suse.com/show_bug.cgi?id=1234809 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 7 12:30:04 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Tue, 07 Jan 2025 12:30:04 -0000 Subject: SUSE-SU-2025:0029-1: important: Security update for python-Jinja2 Message-ID: <173625300419.16729.11584672698457240943@smelt2.prg2.suse.org> # Security update for python-Jinja2 Announcement ID: SUSE-SU-2025:0029-1 Release Date: 2025-01-07T10:42:30Z Rating: important References: * bsc#1234809 Cross-References: * CVE-2024-56326 CVSS scores: * CVE-2024-56326 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56326 ( NVD ): 5.4 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-56326 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python-Jinja2 fixes the following issues: * CVE-2024-56326: Fixed sandbox breakout through indirect reference to format method (bsc#1234809) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-29=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-29=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-29=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-29=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-29=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-29=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-29=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-29=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-29=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-29=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-29=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-29=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-29=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-29=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2025-29=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2025-29=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-29=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-29=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-29=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-29=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-29=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-29=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-29=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-29=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-29=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-29=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-29=1 ## Package List: * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Manager Proxy 4.3 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Manager Server 4.3 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Enterprise Storage 7.1 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * openSUSE Leap Micro 5.5 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * openSUSE Leap 15.5 (noarch) * python-Jinja2-emacs-2.10.1-150000.3.18.1 * python-Jinja2-vim-2.10.1-150000.3.18.1 * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * Basesystem Module 15-SP6 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * python3-Jinja2-2.10.1-150000.3.18.1 ## References: * https://www.suse.com/security/cve/CVE-2024-56326.html * https://bugzilla.suse.com/show_bug.cgi?id=1234809 -------------- next part -------------- An HTML attachment was scrubbed... URL: From 2024verobeach at gmail.com Tue Jan 7 18:37:41 2025 From: 2024verobeach at gmail.com (Robert Martin) Date: Tue, 7 Jan 2025 13:37:41 -0500 Subject: SUSE-SU-2025:0029-1: important: Security update for python-Jinja2 In-Reply-To: <173625300419.16729.11584672698457240943@smelt2.prg2.suse.org> References: <173625300419.16729.11584672698457240943@smelt2.prg2.suse.org> Message-ID: Remove me from your list immediately and permanently On Tue, Jan 7, 2025, 7:32?AM SUSE-MANAGER-UPDATES wrote: > Security update for python-Jinja2 > Announcement ID: SUSE-SU-2025:0029-1 > Release Date: 2025-01-07T10:42:30Z > Rating: important > References: > > - bsc#1234809 > > Cross-References: > > - CVE-2024-56326 > > > CVSS scores: > > - CVE-2024-56326 ( SUSE ): 8.1 > CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H > - CVE-2024-56326 ( NVD ): 5.4 > CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X > - CVE-2024-56326 ( NVD ): 7.8 > CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H > > Affected Products: > > - Basesystem Module 15-SP6 > - openSUSE Leap 15.5 > - openSUSE Leap Micro 5.5 > - SUSE Enterprise Storage 7.1 > - SUSE Linux Enterprise Desktop 15 SP4 LTSS > - SUSE Linux Enterprise Desktop 15 SP6 > - SUSE Linux Enterprise High Performance Computing 15 SP3 > - SUSE Linux Enterprise High Performance Computing 15 SP4 > - SUSE Linux Enterprise High Performance Computing 15 SP5 > - SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 > - SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 > - SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 > - SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 > - SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 > - SUSE Linux Enterprise Micro 5.1 > - SUSE Linux Enterprise Micro 5.2 > - SUSE Linux Enterprise Micro 5.3 > - SUSE Linux Enterprise Micro 5.4 > - SUSE Linux Enterprise Micro 5.5 > - SUSE Linux Enterprise Micro for Rancher 5.2 > - SUSE Linux Enterprise Micro for Rancher 5.3 > - SUSE Linux Enterprise Micro for Rancher 5.4 > - SUSE Linux Enterprise Real Time 15 SP6 > - SUSE Linux Enterprise Server 15 SP3 > - SUSE Linux Enterprise Server 15 SP3 LTSS > - SUSE Linux Enterprise Server 15 SP4 > - SUSE Linux Enterprise Server 15 SP4 LTSS > - SUSE Linux Enterprise Server 15 SP5 > - SUSE Linux Enterprise Server 15 SP5 LTSS > - SUSE Linux Enterprise Server 15 SP6 > - SUSE Linux Enterprise Server for SAP Applications 15 SP3 > - SUSE Linux Enterprise Server for SAP Applications 15 SP4 > - SUSE Linux Enterprise Server for SAP Applications 15 SP5 > - SUSE Linux Enterprise Server for SAP Applications 15 SP6 > - SUSE Manager Proxy 4.3 > - SUSE Manager Retail Branch Server 4.3 > - SUSE Manager Server 4.3 > > An update that solves one vulnerability can now be installed. > Description: > > This update for python-Jinja2 fixes the following issues: > > - CVE-2024-56326: Fixed sandbox breakout through indirect reference to > format method (bsc#1234809) > > Patch Instructions: > > To install this SUSE update use the SUSE recommended installation methods > like YaST online_update or "zypper patch". > Alternatively you can run the command listed for your product: > > - SUSE Linux Enterprise Desktop 15 SP4 LTSS > zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-29=1 > - SUSE Linux Enterprise Server 15 SP3 LTSS > zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-29=1 > - SUSE Linux Enterprise Server 15 SP4 LTSS > zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-29=1 > - SUSE Linux Enterprise Server 15 SP5 LTSS > zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-29=1 > - SUSE Linux Enterprise Server for SAP Applications 15 SP3 > zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-29=1 > - SUSE Linux Enterprise Server for SAP Applications 15 SP4 > zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-29=1 > - SUSE Linux Enterprise Server for SAP Applications 15 SP5 > zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-29=1 > - SUSE Manager Proxy 4.3 > zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-29=1 > - SUSE Manager Retail Branch Server 4.3 > zypper in -t patch > SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.3-2025-29=1 > - SUSE Manager Server 4.3 > zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-29=1 > - SUSE Enterprise Storage 7.1 > zypper in -t patch SUSE-Storage-7.1-2025-29=1 > - SUSE Linux Enterprise Micro 5.1 > zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-29=1 > - SUSE Linux Enterprise Micro 5.2 > zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-29=1 > - SUSE Linux Enterprise Micro for Rancher 5.2 > zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-29=1 > - openSUSE Leap Micro 5.5 > zypper in -t patch openSUSE-Leap-Micro-5.5-2025-29=1 > - openSUSE Leap 15.5 > zypper in -t patch openSUSE-SLE-15.5-2025-29=1 > - SUSE Linux Enterprise Micro for Rancher 5.3 > zypper in -t patch SUSE-SLE-Micro-5.3-2025-29=1 > - SUSE Linux Enterprise Micro 5.3 > zypper in -t patch SUSE-SLE-Micro-5.3-2025-29=1 > - SUSE Linux Enterprise Micro for Rancher 5.4 > zypper in -t patch SUSE-SLE-Micro-5.4-2025-29=1 > - SUSE Linux Enterprise Micro 5.4 > zypper in -t patch SUSE-SLE-Micro-5.4-2025-29=1 > - SUSE Linux Enterprise Micro 5.5 > zypper in -t patch SUSE-SLE-Micro-5.5-2025-29=1 > - Basesystem Module 15-SP6 > zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-29=1 > - SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 > zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-29=1 > - SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 > zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-29=1 > - SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 > zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-29=1 > - SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 > zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-29=1 > - SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 > zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-29=1 > > Package List: > > - SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Manager Proxy 4.3 (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Manager Retail Branch Server 4.3 (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Manager Server 4.3 (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Enterprise Storage 7.1 (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Linux Enterprise Micro 5.1 (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Linux Enterprise Micro 5.2 (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - openSUSE Leap Micro 5.5 (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - openSUSE Leap 15.5 (noarch) > - python-Jinja2-emacs-2.10.1-150000.3.18.1 > - python-Jinja2-vim-2.10.1-150000.3.18.1 > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Linux Enterprise Micro 5.3 (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Linux Enterprise Micro 5.4 (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Linux Enterprise Micro 5.5 (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - Basesystem Module 15-SP6 (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 > (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 > (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 > (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 > (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > - SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 > (noarch) > - python3-Jinja2-2.10.1-150000.3.18.1 > > References: > > - https://www.suse.com/security/cve/CVE-2024-56326.html > - https://bugzilla.suse.com/show_bug.cgi?id=1234809 > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 10 08:30:13 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 10 Jan 2025 08:30:13 -0000 Subject: SUSE-SU-2025:0058-1: important: Security update for tomcat Message-ID: <173649781315.16706.11150767922558111505@smelt2.prg2.suse.org> # Security update for tomcat Announcement ID: SUSE-SU-2025:0058-1 Release Date: 2025-01-10T07:35:34Z Rating: important References: * bsc#1233435 * bsc#1234663 * bsc#1234664 Cross-References: * CVE-2024-50379 * CVE-2024-52317 * CVE-2024-54677 CVSS scores: * CVE-2024-50379 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50379 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50379 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-52317 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-52317 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-52317 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-54677 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-54677 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54677 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Server 4.3 * Web and Scripting Module 15-SP6 An update that solves three vulnerabilities can now be installed. ## Description: This update for tomcat fixes the following issues: Update to Tomcat 9.0.98 * Fixed CVEs: * CVE-2024-54677: DoS in examples web application (bsc#1234664) * CVE-2024-50379: RCE due to TOCTOU issue in JSP compilation (bsc#1234663) * CVE-2024-52317: Request/response mix-up with HTTP/2 (bsc#1233435) * Catalina * Add: Add option to serve resources from subpath only with WebDAV Servlet like with DefaultServlet. (michaelo) * Fix: Add special handling for the protocols attribute of SSLHostConfig in storeconfig. (remm) * Fix: 69442: Fix case sensitive check on content-type when parsing request parameters. (remm) * Code: Refactor duplicate code for extracting media type and subtype from content-type into a single method. (markt) * Fix: Compatibility of generated embedded code with components where constructors or property related methods throw a checked exception. (remm) * Fix: The previous fix for inconsistent resource metadata during concurrent reads and writes was incomplete. (markt) * Fix: 69444: Ensure that the javax.servlet.error.message request attribute is set when an application defined error page is called. (markt) * Fix: Avoid quotes for numeric values in the JSON generated by the status servlet. (remm) * Add: Add strong ETag support for the WebDAV and default servlet, which can be enabled by using the useStrongETags init parameter with a value set to true. The ETag generated will be a SHA-1 checksum of the resource content. (remm) * Fix: Use client locale for directory listings. (remm) * Fix: 69439: Improve the handling of multiple Cache-Control headers in the ExpiresFilter. Based on pull request #777 by Chenjp. (markt) * Fix: 69447: Update the support for caching classes the web application class loader cannot find to take account of classes loaded from external repositories. Prior to this fix, these classes could be incorrectly marked as not found. (markt) * Fix: 69466: Rework handling of HEAD requests. Headers explicitly set by users will not be removed and any header present in a HEAD request will also be present in the equivalent GET request. There may be some headers, as per RFC 9110, section 9.3.2, that are present in a GET request that are not present in the equivalent HEAD request. (markt) * Fix: 69471: Log instances of CloseNowException caught by ApplicationDispatcher.invoke() at debug level rather than error level as they are very likely to have been caused by a client disconnection or similar I/O issue. (markt) * Add: Add a test case for the fix for 69442. Also refactor references to application/x-www-form-urlencoded. Based on pull request #779 by Chenjp. (markt) * Fix: 69476: Catch possible ISE when trying to report PUT failure in the DefaultServlet. (remm) * Add: Add support for RateLimit header fields for HTTP (draft) in the RateLimitFilter. Based on pull request #775 provided by Chenjp. (markt) * Add: #787: Add regression tests for 69478. Pull request provided by Thomas Krisch. (markt) * Fix: The default servlet now rejects HTTP range requests when two or more of the requested ranges overlap. Based on pull request #782 provided by Chenjp. (markt) * Fix: Enhance Content-Range verification for partial PUT requests handled by the default servlet. Provided by Chenjp in pull request #778. (markt) * Fix: Harmonize DataSourceStore lookup in the global resources to optionally avoid the comp/env prefix which is usually not used there. (remm) * Fix: As required by RFC 9110, the HTTP Range header will now only be processed for GET requests. Based on pull request #790 provided by Chenjp. (markt) * Fix: Deprecate the useAcceptRanges initialisation parameter for the default servlet. It will be removed in Tomcat 12 onwards where it will effectively be hard coded to true. (markt) * Add: Add DataSource based property storage for the WebdavServlet. (remm) * Coyote * Fix: Align encodedSolidusHandling with the Servlet specification. If the pass-through mode is used, any %25 sequences will now also be passed through to avoid errors and/or corruption when the application decodes the path. (markt) * Jasper * Fix: Further optimise EL evaluation of method parameters. Patch provided by Paolo B. (markt) * Fix: Follow-up to the fix for 69381. Apply the optimisation for method lookup performance in expression language to an additional location. (markt) * Web applications * Fix: Documentation. Remove references to the ResourceParams element. Support for ResourceParams was removed in Tomcat 5.5.x. (markt) * Fix: Documentation. 69477: Correct name of attribute for RemoteIPFilter. The attribute is internalProxies rather than allowedInternalProxies. Pull request #786 (markt) * Fix: Examples. Fix broken links when Servlet Request Info example is called via a URL that includes a pathInfo component. (markt) * Fix: Examples. Expand the obfuscation of session cookie values in the request header example to JSON responses. (markt) * Add: Examples. Add the ability to delete session attributes in the servlet session example. (markt) * Add: Examples. Add a hard coded limit of 10 attributes per session for the servlet session example. (markt) * Add: Examples. Add the ability to delete session attributes and add a hard coded limit of 10 attributes per session for the JSP form authentication example. (markt) * Add: Examples. Limit the shopping cart example to only allow adding the pre- defined items to the cart. (markt) * Fix: Examples. Remove JSP calendar example. (markt) * Other * Fix: 69465: Fix warnings during native image compilation using the Tomcat embedded JARs. (markt) * Update: Update Tomcat's fork of Commons DBCP to 2.13.0. (markt) * Update: Update EasyMock to 5.5.0. (markt) * Update: Update Checkstyle to 10.20.2. (markt) * Update: Update BND to 7.1.0. (markt) * Add: Improvements to French translations. (remm) * Add: Improvements to Korean translations. (markt) * Add: Improvements to Chinese translations. (markt) * Add: Improvements to Japanese translations by tak7iji. (markt) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-58=1 * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2025-58=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-58=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-58=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-58=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-58=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-58=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-58=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-58=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-58=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-58=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-58=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-58=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-58=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-58=1 ## Package List: * openSUSE Leap 15.6 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-docs-webapp-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-embed-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * tomcat-jsvc-9.0.98-150200.74.1 * tomcat-javadoc-9.0.98-150200.74.1 * Web and Scripting Module 15-SP6 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Manager Server 4.3 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 * SUSE Enterprise Storage 7.1 (noarch) * tomcat-jsp-2_3-api-9.0.98-150200.74.1 * tomcat-servlet-4_0-api-9.0.98-150200.74.1 * tomcat-admin-webapps-9.0.98-150200.74.1 * tomcat-lib-9.0.98-150200.74.1 * tomcat-9.0.98-150200.74.1 * tomcat-webapps-9.0.98-150200.74.1 * tomcat-el-3_0-api-9.0.98-150200.74.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50379.html * https://www.suse.com/security/cve/CVE-2024-52317.html * https://www.suse.com/security/cve/CVE-2024-54677.html * https://bugzilla.suse.com/show_bug.cgi?id=1233435 * https://bugzilla.suse.com/show_bug.cgi?id=1234663 * https://bugzilla.suse.com/show_bug.cgi?id=1234664 -------------- next part -------------- An HTML attachment was scrubbed... URL: From 2024verobeach at gmail.com Fri Jan 10 13:40:40 2025 From: 2024verobeach at gmail.com (Robert Martin) Date: Fri, 10 Jan 2025 08:40:40 -0500 Subject: SUSE-SU-2025:0058-1: important: Security update for tomcat In-Reply-To: <173649781315.16706.11150767922558111505@smelt2.prg2.suse.org> References: <173649781315.16706.11150767922558111505@smelt2.prg2.suse.org> Message-ID: Remove me from your list immediately and permanently. Robert Martin On Fri, Jan 10, 2025, 3:34?AM SUSE-MANAGER-UPDATES wrote: > Security update for tomcat > Announcement ID: SUSE-SU-2025:0058-1 > Release Date: 2025-01-10T07:35:34Z > Rating: important > References: > > - bsc#1233435 > - bsc#1234663 > - bsc#1234664 > > Cross-References: > > - CVE-2024-50379 > > - CVE-2024-52317 > > - CVE-2024-54677 > > > CVSS scores: > > - CVE-2024-50379 ( SUSE ): 8.5 > CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N > - CVE-2024-50379 ( SUSE ): 7.0 > CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H > - CVE-2024-50379 ( NVD ): 9.8 > CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H > - CVE-2024-52317 ( SUSE ): 6.9 > CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N > - CVE-2024-52317 ( SUSE ): 6.5 > CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N > - CVE-2024-52317 ( NVD ): 6.5 > CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N > - CVE-2024-54677 ( SUSE ): 8.7 > CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N > - CVE-2024-54677 ( SUSE ): 7.5 > CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H > - CVE-2024-54677 ( NVD ): 5.3 > CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L > > Affected Products: > > - openSUSE Leap 15.6 > - SUSE Enterprise Storage 7.1 > - SUSE Linux Enterprise High Performance Computing 15 SP3 > - SUSE Linux Enterprise High Performance Computing 15 SP4 > - SUSE Linux Enterprise High Performance Computing 15 SP5 > - SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 > - SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 > - SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 > - SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 > - SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 > - SUSE Linux Enterprise Server 15 SP3 > - SUSE Linux Enterprise Server 15 SP3 LTSS > - SUSE Linux Enterprise Server 15 SP4 > - SUSE Linux Enterprise Server 15 SP4 LTSS > - SUSE Linux Enterprise Server 15 SP5 > - SUSE Linux Enterprise Server 15 SP5 LTSS > - SUSE Linux Enterprise Server 15 SP6 > - SUSE Linux Enterprise Server for SAP Applications 15 SP3 > - SUSE Linux Enterprise Server for SAP Applications 15 SP4 > - SUSE Linux Enterprise Server for SAP Applications 15 SP5 > - SUSE Linux Enterprise Server for SAP Applications 15 SP6 > - SUSE Manager Server 4.3 > - Web and Scripting Module 15-SP6 > > An update that solves three vulnerabilities can now be installed. > Description: > > This update for tomcat fixes the following issues: > > Update to Tomcat 9.0.98 > > - Fixed CVEs: > - CVE-2024-54677: DoS in examples web application (bsc#1234664) > - CVE-2024-50379: RCE due to TOCTOU issue in JSP compilation > (bsc#1234663) > - CVE-2024-52317: Request/response mix-up with HTTP/2 (bsc#1233435) > - Catalina > - Add: Add option to serve resources from subpath only with WebDAV > Servlet like with DefaultServlet. (michaelo) > - Fix: Add special handling for the protocols attribute of > SSLHostConfig in storeconfig. (remm) > - Fix: 69442: Fix case sensitive check on content-type when parsing > request parameters. (remm) > - Code: Refactor duplicate code for extracting media type and subtype > from content-type into a single method. (markt) > - Fix: Compatibility of generated embedded code with components where > constructors or property related methods throw a checked exception. (remm) > - Fix: The previous fix for inconsistent resource metadata during > concurrent reads and writes was incomplete. (markt) > - Fix: 69444: Ensure that the javax.servlet.error.message request > attribute is set when an application defined error page is called. (markt) > - Fix: Avoid quotes for numeric values in the JSON generated by the > status servlet. (remm) > - Add: Add strong ETag support for the WebDAV and default servlet, > which can be enabled by using the useStrongETags init parameter with a > value set to true. The ETag generated will be a SHA-1 checksum of the > resource content. (remm) > - Fix: Use client locale for directory listings. (remm) > - Fix: 69439: Improve the handling of multiple Cache-Control headers > in the ExpiresFilter. Based on pull request #777 by Chenjp. (markt) > - Fix: 69447: Update the support for caching classes the web > application class loader cannot find to take account of classes loaded from > external repositories. Prior to this fix, these classes could be > incorrectly marked as not found. (markt) > - Fix: 69466: Rework handling of HEAD requests. Headers explicitly set > by users will not be removed and any header present in a HEAD request will > also be present in the equivalent GET request. There may be some headers, > as per RFC 9110, section 9.3.2, that are present in a GET request that are > not present in the equivalent HEAD request. (markt) > - Fix: 69471: Log instances of CloseNowException caught by > ApplicationDispatcher.invoke() at debug level rather than error level as > they are very likely to have been caused by a client disconnection or > similar I/O issue. (markt) > - Add: Add a test case for the fix for 69442. Also refactor references > to application/x-www-form-urlencoded. Based on pull request #779 by Chenjp. > (markt) > - Fix: 69476: Catch possible ISE when trying to report PUT failure in > the DefaultServlet. (remm) > - Add: Add support for RateLimit header fields for HTTP (draft) in the > RateLimitFilter. Based on pull request #775 provided by Chenjp. (markt) > - Add: #787: Add regression tests for 69478. Pull request provided by > Thomas Krisch. (markt) > - Fix: The default servlet now rejects HTTP range requests when two or > more of the requested ranges overlap. Based on pull request #782 provided > by Chenjp. (markt) > - Fix: Enhance Content-Range verification for partial PUT requests > handled by the default servlet. Provided by Chenjp in pull request #778. > (markt) > - Fix: Harmonize DataSourceStore lookup in the global resources to > optionally avoid the comp/env prefix which is usually not used there. (remm) > - Fix: As required by RFC 9110, the HTTP Range header will now only be > processed for GET requests. Based on pull request #790 provided by Chenjp. > (markt) > - Fix: Deprecate the useAcceptRanges initialisation parameter for the > default servlet. It will be removed in Tomcat 12 onwards where it will > effectively be hard coded to true. (markt) > - Add: Add DataSource based property storage for the WebdavServlet. > (remm) > - Coyote > - Fix: Align encodedSolidusHandling with the Servlet specification. If > the pass-through mode is used, any %25 sequences will now also be passed > through to avoid errors and/or corruption when the application decodes the > path. (markt) > - Jasper > - Fix: Further optimise EL evaluation of method parameters. Patch > provided by Paolo B. (markt) > - Fix: Follow-up to the fix for 69381. Apply the optimisation for > method lookup performance in expression language to an additional location. > (markt) > - Web applications > - Fix: Documentation. Remove references to the ResourceParams element. > Support for ResourceParams was removed in Tomcat 5.5.x. (markt) > - Fix: Documentation. 69477: Correct name of attribute for > RemoteIPFilter. The attribute is internalProxies rather than > allowedInternalProxies. Pull request #786 (markt) > - Fix: Examples. Fix broken links when Servlet Request Info example is > called via a URL that includes a pathInfo component. (markt) > - Fix: Examples. Expand the obfuscation of session cookie values in > the request header example to JSON responses. (markt) > - Add: Examples. Add the ability to delete session attributes in the > servlet session example. (markt) > - Add: Examples. Add a hard coded limit of 10 attributes per session > for the servlet session example. (markt) > - Add: Examples. Add the ability to delete session attributes and add > a hard coded limit of 10 attributes per session for the JSP form > authentication example. (markt) > - Add: Examples. Limit the shopping cart example to only allow adding > the pre-defined items to the cart. (markt) > - Fix: Examples. Remove JSP calendar example. (markt) > - Other > - Fix: 69465: Fix warnings during native image compilation using the > Tomcat embedded JARs. (markt) > - Update: Update Tomcat's fork of Commons DBCP to 2.13.0. (markt) > - Update: Update EasyMock to 5.5.0. (markt) > - Update: Update Checkstyle to 10.20.2. (markt) > - Update: Update BND to 7.1.0. (markt) > - Add: Improvements to French translations. (remm) > - Add: Improvements to Korean translations. (markt) > - Add: Improvements to Chinese translations. (markt) > - Add: Improvements to Japanese translations by tak7iji. (markt) > > Patch Instructions: > > To install this SUSE update use the SUSE recommended installation methods > like YaST online_update or "zypper patch". > Alternatively you can run the command listed for your product: > > - openSUSE Leap 15.6 > zypper in -t patch openSUSE-SLE-15.6-2025-58=1 > - Web and Scripting Module 15-SP6 > zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2025-58=1 > - SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 > zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-58=1 > - SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 > zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-58=1 > - SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 > zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-58=1 > - SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 > zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-58=1 > - SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 > zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-58=1 > - SUSE Linux Enterprise Server 15 SP3 LTSS > zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-58=1 > - SUSE Linux Enterprise Server 15 SP4 LTSS > zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-58=1 > - SUSE Linux Enterprise Server 15 SP5 LTSS > zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-58=1 > - SUSE Linux Enterprise Server for SAP Applications 15 SP3 > zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-58=1 > - SUSE Linux Enterprise Server for SAP Applications 15 SP4 > zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-58=1 > - SUSE Linux Enterprise Server for SAP Applications 15 SP5 > zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-58=1 > - SUSE Manager Server 4.3 > zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-58=1 > - SUSE Enterprise Storage 7.1 > zypper in -t patch SUSE-Storage-7.1-2025-58=1 > > Package List: > > - openSUSE Leap 15.6 (noarch) > - tomcat-jsp-2_3-api-9.0.98-150200.74.1 > - tomcat-docs-webapp-9.0.98-150200.74.1 > - tomcat-admin-webapps-9.0.98-150200.74.1 > - tomcat-embed-9.0.98-150200.74.1 > - tomcat-lib-9.0.98-150200.74.1 > - tomcat-servlet-4_0-api-9.0.98-150200.74.1 > - tomcat-9.0.98-150200.74.1 > - tomcat-webapps-9.0.98-150200.74.1 > - tomcat-el-3_0-api-9.0.98-150200.74.1 > - tomcat-jsvc-9.0.98-150200.74.1 > - tomcat-javadoc-9.0.98-150200.74.1 > - Web and Scripting Module 15-SP6 (noarch) > - tomcat-jsp-2_3-api-9.0.98-150200.74.1 > - tomcat-servlet-4_0-api-9.0.98-150200.74.1 > - tomcat-admin-webapps-9.0.98-150200.74.1 > - tomcat-lib-9.0.98-150200.74.1 > - tomcat-9.0.98-150200.74.1 > - tomcat-webapps-9.0.98-150200.74.1 > - tomcat-el-3_0-api-9.0.98-150200.74.1 > - SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 > (noarch) > - tomcat-jsp-2_3-api-9.0.98-150200.74.1 > - tomcat-servlet-4_0-api-9.0.98-150200.74.1 > - tomcat-admin-webapps-9.0.98-150200.74.1 > - tomcat-lib-9.0.98-150200.74.1 > - tomcat-9.0.98-150200.74.1 > - tomcat-webapps-9.0.98-150200.74.1 > - tomcat-el-3_0-api-9.0.98-150200.74.1 > - SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 > (noarch) > - tomcat-jsp-2_3-api-9.0.98-150200.74.1 > - tomcat-servlet-4_0-api-9.0.98-150200.74.1 > - tomcat-admin-webapps-9.0.98-150200.74.1 > - tomcat-lib-9.0.98-150200.74.1 > - tomcat-9.0.98-150200.74.1 > - tomcat-webapps-9.0.98-150200.74.1 > - tomcat-el-3_0-api-9.0.98-150200.74.1 > - SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 > (noarch) > - tomcat-jsp-2_3-api-9.0.98-150200.74.1 > - tomcat-servlet-4_0-api-9.0.98-150200.74.1 > - tomcat-admin-webapps-9.0.98-150200.74.1 > - tomcat-lib-9.0.98-150200.74.1 > - tomcat-9.0.98-150200.74.1 > - tomcat-webapps-9.0.98-150200.74.1 > - tomcat-el-3_0-api-9.0.98-150200.74.1 > - SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 > (noarch) > - tomcat-jsp-2_3-api-9.0.98-150200.74.1 > - tomcat-servlet-4_0-api-9.0.98-150200.74.1 > - tomcat-admin-webapps-9.0.98-150200.74.1 > - tomcat-lib-9.0.98-150200.74.1 > - tomcat-9.0.98-150200.74.1 > - tomcat-webapps-9.0.98-150200.74.1 > - tomcat-el-3_0-api-9.0.98-150200.74.1 > - SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 > (noarch) > - tomcat-jsp-2_3-api-9.0.98-150200.74.1 > - tomcat-servlet-4_0-api-9.0.98-150200.74.1 > - tomcat-admin-webapps-9.0.98-150200.74.1 > - tomcat-lib-9.0.98-150200.74.1 > - tomcat-9.0.98-150200.74.1 > - tomcat-webapps-9.0.98-150200.74.1 > - tomcat-el-3_0-api-9.0.98-150200.74.1 > - SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) > - tomcat-jsp-2_3-api-9.0.98-150200.74.1 > - tomcat-servlet-4_0-api-9.0.98-150200.74.1 > - tomcat-admin-webapps-9.0.98-150200.74.1 > - tomcat-lib-9.0.98-150200.74.1 > - tomcat-9.0.98-150200.74.1 > - tomcat-webapps-9.0.98-150200.74.1 > - tomcat-el-3_0-api-9.0.98-150200.74.1 > - SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) > - tomcat-jsp-2_3-api-9.0.98-150200.74.1 > - tomcat-servlet-4_0-api-9.0.98-150200.74.1 > - tomcat-admin-webapps-9.0.98-150200.74.1 > - tomcat-lib-9.0.98-150200.74.1 > - tomcat-9.0.98-150200.74.1 > - tomcat-webapps-9.0.98-150200.74.1 > - tomcat-el-3_0-api-9.0.98-150200.74.1 > - SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) > - tomcat-jsp-2_3-api-9.0.98-150200.74.1 > - tomcat-servlet-4_0-api-9.0.98-150200.74.1 > - tomcat-admin-webapps-9.0.98-150200.74.1 > - tomcat-lib-9.0.98-150200.74.1 > - tomcat-9.0.98-150200.74.1 > - tomcat-webapps-9.0.98-150200.74.1 > - tomcat-el-3_0-api-9.0.98-150200.74.1 > - SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) > - tomcat-jsp-2_3-api-9.0.98-150200.74.1 > - tomcat-servlet-4_0-api-9.0.98-150200.74.1 > - tomcat-admin-webapps-9.0.98-150200.74.1 > - tomcat-lib-9.0.98-150200.74.1 > - tomcat-9.0.98-150200.74.1 > - tomcat-webapps-9.0.98-150200.74.1 > - tomcat-el-3_0-api-9.0.98-150200.74.1 > - SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) > - tomcat-jsp-2_3-api-9.0.98-150200.74.1 > - tomcat-servlet-4_0-api-9.0.98-150200.74.1 > - tomcat-admin-webapps-9.0.98-150200.74.1 > - tomcat-lib-9.0.98-150200.74.1 > - tomcat-9.0.98-150200.74.1 > - tomcat-webapps-9.0.98-150200.74.1 > - tomcat-el-3_0-api-9.0.98-150200.74.1 > - SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) > - tomcat-jsp-2_3-api-9.0.98-150200.74.1 > - tomcat-servlet-4_0-api-9.0.98-150200.74.1 > - tomcat-admin-webapps-9.0.98-150200.74.1 > - tomcat-lib-9.0.98-150200.74.1 > - tomcat-9.0.98-150200.74.1 > - tomcat-webapps-9.0.98-150200.74.1 > - tomcat-el-3_0-api-9.0.98-150200.74.1 > - SUSE Manager Server 4.3 (noarch) > - tomcat-jsp-2_3-api-9.0.98-150200.74.1 > - tomcat-servlet-4_0-api-9.0.98-150200.74.1 > - tomcat-admin-webapps-9.0.98-150200.74.1 > - tomcat-lib-9.0.98-150200.74.1 > - tomcat-9.0.98-150200.74.1 > - tomcat-webapps-9.0.98-150200.74.1 > - tomcat-el-3_0-api-9.0.98-150200.74.1 > - SUSE Enterprise Storage 7.1 (noarch) > - tomcat-jsp-2_3-api-9.0.98-150200.74.1 > - tomcat-servlet-4_0-api-9.0.98-150200.74.1 > - tomcat-admin-webapps-9.0.98-150200.74.1 > - tomcat-lib-9.0.98-150200.74.1 > - tomcat-9.0.98-150200.74.1 > - tomcat-webapps-9.0.98-150200.74.1 > - tomcat-el-3_0-api-9.0.98-150200.74.1 > > References: > > - https://www.suse.com/security/cve/CVE-2024-50379.html > - https://www.suse.com/security/cve/CVE-2024-52317.html > - https://www.suse.com/security/cve/CVE-2024-54677.html > - https://bugzilla.suse.com/show_bug.cgi?id=1233435 > - https://bugzilla.suse.com/show_bug.cgi?id=1234663 > - https://bugzilla.suse.com/show_bug.cgi?id=1234664 > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From 2024verobeach at gmail.com Fri Jan 10 13:41:16 2025 From: 2024verobeach at gmail.com (Robert Martin) Date: Fri, 10 Jan 2025 08:41:16 -0500 Subject: SUSE-SU-2025:0058-1: important: Security update for tomcat In-Reply-To: References: <173649781315.16706.11150767922558111505@smelt2.prg2.suse.org> Message-ID: Remove me from your list immediately and permanently. Robert Martin On Fri, Jan 10, 2025, 8:40?AM Robert Martin <2024verobeach at gmail.com> wrote: > Remove me from your list immediately and permanently. Robert Martin > > On Fri, Jan 10, 2025, 3:34?AM SUSE-MANAGER-UPDATES wrote: > >> Security update for tomcat >> Announcement ID: SUSE-SU-2025:0058-1 >> Release Date: 2025-01-10T07:35:34Z >> Rating: important >> References: >> >> - bsc#1233435 >> - bsc#1234663 >> - bsc#1234664 >> >> Cross-References: >> >> - CVE-2024-50379 >> >> - CVE-2024-52317 >> >> - CVE-2024-54677 >> >> >> CVSS scores: >> >> - CVE-2024-50379 ( SUSE ): 8.5 >> CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N >> - CVE-2024-50379 ( SUSE ): 7.0 >> CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H >> - CVE-2024-50379 ( NVD ): 9.8 >> CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H >> - CVE-2024-52317 ( SUSE ): 6.9 >> CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N >> - CVE-2024-52317 ( SUSE ): 6.5 >> CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N >> - CVE-2024-52317 ( NVD ): 6.5 >> CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N >> - CVE-2024-54677 ( SUSE ): 8.7 >> CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N >> - CVE-2024-54677 ( SUSE ): 7.5 >> CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H >> - CVE-2024-54677 ( NVD ): 5.3 >> CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L >> >> Affected Products: >> >> - openSUSE Leap 15.6 >> - SUSE Enterprise Storage 7.1 >> - SUSE Linux Enterprise High Performance Computing 15 SP3 >> - SUSE Linux Enterprise High Performance Computing 15 SP4 >> - SUSE Linux Enterprise High Performance Computing 15 SP5 >> - SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 >> - SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 >> - SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 >> - SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 >> - SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 >> - SUSE Linux Enterprise Server 15 SP3 >> - SUSE Linux Enterprise Server 15 SP3 LTSS >> - SUSE Linux Enterprise Server 15 SP4 >> - SUSE Linux Enterprise Server 15 SP4 LTSS >> - SUSE Linux Enterprise Server 15 SP5 >> - SUSE Linux Enterprise Server 15 SP5 LTSS >> - SUSE Linux Enterprise Server 15 SP6 >> - SUSE Linux Enterprise Server for SAP Applications 15 SP3 >> - SUSE Linux Enterprise Server for SAP Applications 15 SP4 >> - SUSE Linux Enterprise Server for SAP Applications 15 SP5 >> - SUSE Linux Enterprise Server for SAP Applications 15 SP6 >> - SUSE Manager Server 4.3 >> - Web and Scripting Module 15-SP6 >> >> An update that solves three vulnerabilities can now be installed. >> Description: >> >> This update for tomcat fixes the following issues: >> >> Update to Tomcat 9.0.98 >> >> - Fixed CVEs: >> - CVE-2024-54677: DoS in examples web application (bsc#1234664) >> - CVE-2024-50379: RCE due to TOCTOU issue in JSP compilation >> (bsc#1234663) >> - CVE-2024-52317: Request/response mix-up with HTTP/2 (bsc#1233435) >> - Catalina >> - Add: Add option to serve resources from subpath only with WebDAV >> Servlet like with DefaultServlet. (michaelo) >> - Fix: Add special handling for the protocols attribute of >> SSLHostConfig in storeconfig. (remm) >> - Fix: 69442: Fix case sensitive check on content-type when parsing >> request parameters. (remm) >> - Code: Refactor duplicate code for extracting media type and subtype >> from content-type into a single method. (markt) >> - Fix: Compatibility of generated embedded code with components where >> constructors or property related methods throw a checked exception. (remm) >> - Fix: The previous fix for inconsistent resource metadata during >> concurrent reads and writes was incomplete. (markt) >> - Fix: 69444: Ensure that the javax.servlet.error.message request >> attribute is set when an application defined error page is called. (markt) >> - Fix: Avoid quotes for numeric values in the JSON generated by the >> status servlet. (remm) >> - Add: Add strong ETag support for the WebDAV and default servlet, >> which can be enabled by using the useStrongETags init parameter with a >> value set to true. The ETag generated will be a SHA-1 checksum of the >> resource content. (remm) >> - Fix: Use client locale for directory listings. (remm) >> - Fix: 69439: Improve the handling of multiple Cache-Control headers >> in the ExpiresFilter. Based on pull request #777 by Chenjp. (markt) >> - Fix: 69447: Update the support for caching classes the web >> application class loader cannot find to take account of classes loaded from >> external repositories. Prior to this fix, these classes could be >> incorrectly marked as not found. (markt) >> - Fix: 69466: Rework handling of HEAD requests. Headers explicitly >> set by users will not be removed and any header present in a HEAD request >> will also be present in the equivalent GET request. There may be some >> headers, as per RFC 9110, section 9.3.2, that are present in a GET request >> that are not present in the equivalent HEAD request. (markt) >> - Fix: 69471: Log instances of CloseNowException caught by >> ApplicationDispatcher.invoke() at debug level rather than error level as >> they are very likely to have been caused by a client disconnection or >> similar I/O issue. (markt) >> - Add: Add a test case for the fix for 69442. Also refactor >> references to application/x-www-form-urlencoded. Based on pull request #779 >> by Chenjp. (markt) >> - Fix: 69476: Catch possible ISE when trying to report PUT failure in >> the DefaultServlet. (remm) >> - Add: Add support for RateLimit header fields for HTTP (draft) in >> the RateLimitFilter. Based on pull request #775 provided by Chenjp. (markt) >> - Add: #787: Add regression tests for 69478. Pull request provided by >> Thomas Krisch. (markt) >> - Fix: The default servlet now rejects HTTP range requests when two >> or more of the requested ranges overlap. Based on pull request #782 >> provided by Chenjp. (markt) >> - Fix: Enhance Content-Range verification for partial PUT requests >> handled by the default servlet. Provided by Chenjp in pull request #778. >> (markt) >> - Fix: Harmonize DataSourceStore lookup in the global resources to >> optionally avoid the comp/env prefix which is usually not used there. (remm) >> - Fix: As required by RFC 9110, the HTTP Range header will now only >> be processed for GET requests. Based on pull request #790 provided by >> Chenjp. (markt) >> - Fix: Deprecate the useAcceptRanges initialisation parameter for the >> default servlet. It will be removed in Tomcat 12 onwards where it will >> effectively be hard coded to true. (markt) >> - Add: Add DataSource based property storage for the WebdavServlet. >> (remm) >> - Coyote >> - Fix: Align encodedSolidusHandling with the Servlet specification. >> If the pass-through mode is used, any %25 sequences will now also be passed >> through to avoid errors and/or corruption when the application decodes the >> path. (markt) >> - Jasper >> - Fix: Further optimise EL evaluation of method parameters. Patch >> provided by Paolo B. (markt) >> - Fix: Follow-up to the fix for 69381. Apply the optimisation for >> method lookup performance in expression language to an additional location. >> (markt) >> - Web applications >> - Fix: Documentation. Remove references to the ResourceParams >> element. Support for ResourceParams was removed in Tomcat 5.5.x. (markt) >> - Fix: Documentation. 69477: Correct name of attribute for >> RemoteIPFilter. The attribute is internalProxies rather than >> allowedInternalProxies. Pull request #786 (markt) >> - Fix: Examples. Fix broken links when Servlet Request Info example >> is called via a URL that includes a pathInfo component. (markt) >> - Fix: Examples. Expand the obfuscation of session cookie values in >> the request header example to JSON responses. (markt) >> - Add: Examples. Add the ability to delete session attributes in the >> servlet session example. (markt) >> - Add: Examples. Add a hard coded limit of 10 attributes per session >> for the servlet session example. (markt) >> - Add: Examples. Add the ability to delete session attributes and add >> a hard coded limit of 10 attributes per session for the JSP form >> authentication example. (markt) >> - Add: Examples. Limit the shopping cart example to only allow adding >> the pre-defined items to the cart. (markt) >> - Fix: Examples. Remove JSP calendar example. (markt) >> - Other >> - Fix: 69465: Fix warnings during native image compilation using the >> Tomcat embedded JARs. (markt) >> - Update: Update Tomcat's fork of Commons DBCP to 2.13.0. (markt) >> - Update: Update EasyMock to 5.5.0. (markt) >> - Update: Update Checkstyle to 10.20.2. (markt) >> - Update: Update BND to 7.1.0. (markt) >> - Add: Improvements to French translations. (remm) >> - Add: Improvements to Korean translations. (markt) >> - Add: Improvements to Chinese translations. (markt) >> - Add: Improvements to Japanese translations by tak7iji. (markt) >> >> Patch Instructions: >> >> To install this SUSE update use the SUSE recommended installation methods >> like YaST online_update or "zypper patch". >> Alternatively you can run the command listed for your product: >> >> - openSUSE Leap 15.6 >> zypper in -t patch openSUSE-SLE-15.6-2025-58=1 >> - Web and Scripting Module 15-SP6 >> zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2025-58=1 >> - SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 >> zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-58=1 >> - SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 >> zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-58=1 >> - SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 >> zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-58=1 >> - SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 >> zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-58=1 >> - SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 >> zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-58=1 >> - SUSE Linux Enterprise Server 15 SP3 LTSS >> zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-58=1 >> - SUSE Linux Enterprise Server 15 SP4 LTSS >> zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-58=1 >> - SUSE Linux Enterprise Server 15 SP5 LTSS >> zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-58=1 >> - SUSE Linux Enterprise Server for SAP Applications 15 SP3 >> zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-58=1 >> - SUSE Linux Enterprise Server for SAP Applications 15 SP4 >> zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-58=1 >> - SUSE Linux Enterprise Server for SAP Applications 15 SP5 >> zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-58=1 >> - SUSE Manager Server 4.3 >> zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-58=1 >> - SUSE Enterprise Storage 7.1 >> zypper in -t patch SUSE-Storage-7.1-2025-58=1 >> >> Package List: >> >> - openSUSE Leap 15.6 (noarch) >> - tomcat-jsp-2_3-api-9.0.98-150200.74.1 >> - tomcat-docs-webapp-9.0.98-150200.74.1 >> - tomcat-admin-webapps-9.0.98-150200.74.1 >> - tomcat-embed-9.0.98-150200.74.1 >> - tomcat-lib-9.0.98-150200.74.1 >> - tomcat-servlet-4_0-api-9.0.98-150200.74.1 >> - tomcat-9.0.98-150200.74.1 >> - tomcat-webapps-9.0.98-150200.74.1 >> - tomcat-el-3_0-api-9.0.98-150200.74.1 >> - tomcat-jsvc-9.0.98-150200.74.1 >> - tomcat-javadoc-9.0.98-150200.74.1 >> - Web and Scripting Module 15-SP6 (noarch) >> - tomcat-jsp-2_3-api-9.0.98-150200.74.1 >> - tomcat-servlet-4_0-api-9.0.98-150200.74.1 >> - tomcat-admin-webapps-9.0.98-150200.74.1 >> - tomcat-lib-9.0.98-150200.74.1 >> - tomcat-9.0.98-150200.74.1 >> - tomcat-webapps-9.0.98-150200.74.1 >> - tomcat-el-3_0-api-9.0.98-150200.74.1 >> - SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 >> (noarch) >> - tomcat-jsp-2_3-api-9.0.98-150200.74.1 >> - tomcat-servlet-4_0-api-9.0.98-150200.74.1 >> - tomcat-admin-webapps-9.0.98-150200.74.1 >> - tomcat-lib-9.0.98-150200.74.1 >> - tomcat-9.0.98-150200.74.1 >> - tomcat-webapps-9.0.98-150200.74.1 >> - tomcat-el-3_0-api-9.0.98-150200.74.1 >> - SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 >> (noarch) >> - tomcat-jsp-2_3-api-9.0.98-150200.74.1 >> - tomcat-servlet-4_0-api-9.0.98-150200.74.1 >> - tomcat-admin-webapps-9.0.98-150200.74.1 >> - tomcat-lib-9.0.98-150200.74.1 >> - tomcat-9.0.98-150200.74.1 >> - tomcat-webapps-9.0.98-150200.74.1 >> - tomcat-el-3_0-api-9.0.98-150200.74.1 >> - SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 >> (noarch) >> - tomcat-jsp-2_3-api-9.0.98-150200.74.1 >> - tomcat-servlet-4_0-api-9.0.98-150200.74.1 >> - tomcat-admin-webapps-9.0.98-150200.74.1 >> - tomcat-lib-9.0.98-150200.74.1 >> - tomcat-9.0.98-150200.74.1 >> - tomcat-webapps-9.0.98-150200.74.1 >> - tomcat-el-3_0-api-9.0.98-150200.74.1 >> - SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 >> (noarch) >> - tomcat-jsp-2_3-api-9.0.98-150200.74.1 >> - tomcat-servlet-4_0-api-9.0.98-150200.74.1 >> - tomcat-admin-webapps-9.0.98-150200.74.1 >> - tomcat-lib-9.0.98-150200.74.1 >> - tomcat-9.0.98-150200.74.1 >> - tomcat-webapps-9.0.98-150200.74.1 >> - tomcat-el-3_0-api-9.0.98-150200.74.1 >> - SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 >> (noarch) >> - tomcat-jsp-2_3-api-9.0.98-150200.74.1 >> - tomcat-servlet-4_0-api-9.0.98-150200.74.1 >> - tomcat-admin-webapps-9.0.98-150200.74.1 >> - tomcat-lib-9.0.98-150200.74.1 >> - tomcat-9.0.98-150200.74.1 >> - tomcat-webapps-9.0.98-150200.74.1 >> - tomcat-el-3_0-api-9.0.98-150200.74.1 >> - SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) >> - tomcat-jsp-2_3-api-9.0.98-150200.74.1 >> - tomcat-servlet-4_0-api-9.0.98-150200.74.1 >> - tomcat-admin-webapps-9.0.98-150200.74.1 >> - tomcat-lib-9.0.98-150200.74.1 >> - tomcat-9.0.98-150200.74.1 >> - tomcat-webapps-9.0.98-150200.74.1 >> - tomcat-el-3_0-api-9.0.98-150200.74.1 >> - SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) >> - tomcat-jsp-2_3-api-9.0.98-150200.74.1 >> - tomcat-servlet-4_0-api-9.0.98-150200.74.1 >> - tomcat-admin-webapps-9.0.98-150200.74.1 >> - tomcat-lib-9.0.98-150200.74.1 >> - tomcat-9.0.98-150200.74.1 >> - tomcat-webapps-9.0.98-150200.74.1 >> - tomcat-el-3_0-api-9.0.98-150200.74.1 >> - SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) >> - tomcat-jsp-2_3-api-9.0.98-150200.74.1 >> - tomcat-servlet-4_0-api-9.0.98-150200.74.1 >> - tomcat-admin-webapps-9.0.98-150200.74.1 >> - tomcat-lib-9.0.98-150200.74.1 >> - tomcat-9.0.98-150200.74.1 >> - tomcat-webapps-9.0.98-150200.74.1 >> - tomcat-el-3_0-api-9.0.98-150200.74.1 >> - SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) >> - tomcat-jsp-2_3-api-9.0.98-150200.74.1 >> - tomcat-servlet-4_0-api-9.0.98-150200.74.1 >> - tomcat-admin-webapps-9.0.98-150200.74.1 >> - tomcat-lib-9.0.98-150200.74.1 >> - tomcat-9.0.98-150200.74.1 >> - tomcat-webapps-9.0.98-150200.74.1 >> - tomcat-el-3_0-api-9.0.98-150200.74.1 >> - SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) >> - tomcat-jsp-2_3-api-9.0.98-150200.74.1 >> - tomcat-servlet-4_0-api-9.0.98-150200.74.1 >> - tomcat-admin-webapps-9.0.98-150200.74.1 >> - tomcat-lib-9.0.98-150200.74.1 >> - tomcat-9.0.98-150200.74.1 >> - tomcat-webapps-9.0.98-150200.74.1 >> - tomcat-el-3_0-api-9.0.98-150200.74.1 >> - SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) >> - tomcat-jsp-2_3-api-9.0.98-150200.74.1 >> - tomcat-servlet-4_0-api-9.0.98-150200.74.1 >> - tomcat-admin-webapps-9.0.98-150200.74.1 >> - tomcat-lib-9.0.98-150200.74.1 >> - tomcat-9.0.98-150200.74.1 >> - tomcat-webapps-9.0.98-150200.74.1 >> - tomcat-el-3_0-api-9.0.98-150200.74.1 >> - SUSE Manager Server 4.3 (noarch) >> - tomcat-jsp-2_3-api-9.0.98-150200.74.1 >> - tomcat-servlet-4_0-api-9.0.98-150200.74.1 >> - tomcat-admin-webapps-9.0.98-150200.74.1 >> - tomcat-lib-9.0.98-150200.74.1 >> - tomcat-9.0.98-150200.74.1 >> - tomcat-webapps-9.0.98-150200.74.1 >> - tomcat-el-3_0-api-9.0.98-150200.74.1 >> - SUSE Enterprise Storage 7.1 (noarch) >> - tomcat-jsp-2_3-api-9.0.98-150200.74.1 >> - tomcat-servlet-4_0-api-9.0.98-150200.74.1 >> - tomcat-admin-webapps-9.0.98-150200.74.1 >> - tomcat-lib-9.0.98-150200.74.1 >> - tomcat-9.0.98-150200.74.1 >> - tomcat-webapps-9.0.98-150200.74.1 >> - tomcat-el-3_0-api-9.0.98-150200.74.1 >> >> References: >> >> - https://www.suse.com/security/cve/CVE-2024-50379.html >> - https://www.suse.com/security/cve/CVE-2024-52317.html >> - https://www.suse.com/security/cve/CVE-2024-54677.html >> - https://bugzilla.suse.com/show_bug.cgi?id=1233435 >> - https://bugzilla.suse.com/show_bug.cgi?id=1234663 >> - https://bugzilla.suse.com/show_bug.cgi?id=1234664 >> >> -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 10 20:30:13 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 10 Jan 2025 20:30:13 -0000 Subject: SUSE-SU-2025:0071-1: important: Security update for dnsmasq Message-ID: <173654101328.13899.17123406331427666039@smelt2.prg2.suse.org> # Security update for dnsmasq Announcement ID: SUSE-SU-2025:0071-1 Release Date: 2025-01-10T16:54:52Z Rating: important References: * bsc#1200344 * bsc#1207174 * bsc#1209358 * bsc#1214884 * bsc#1219823 * bsc#1219826 Cross-References: * CVE-2023-28450 * CVE-2023-50387 * CVE-2023-50868 CVSS scores: * CVE-2023-28450 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2023-28450 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-50387 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-50387 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-50868 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves three vulnerabilities and has three security fixes can now be installed. ## Description: This update for dnsmasq fixes the following issues: * Version update to 2.90: * CVE-2023-50387: Fixed a Denial Of Service while trying to validate specially crafted DNSSEC responses. (bsc#1219823) * CVE-2023-50868: Fixed a Denial Of Service while trying to validate specially crafted DNSSEC responses. (bsc#1219826) * CVE-2023-28450: Default maximum EDNS.0 UDP packet size should be 1232. (bsc#1209358) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-71=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-71=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-71=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-71=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-71=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-71=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-71=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-71=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-71=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-71=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-71=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-71=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-71=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-71=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2025-71=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-71=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-71=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-71=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-71=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-71=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-71=1 ## Package List: * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Manager Proxy 4.3 (x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * dnsmasq-utils-debuginfo-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-utils-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * dnsmasq-utils-debuginfo-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-utils-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * dnsmasq-debuginfo-2.90-150400.16.3.1 * dnsmasq-debugsource-2.90-150400.16.3.1 * dnsmasq-2.90-150400.16.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-28450.html * https://www.suse.com/security/cve/CVE-2023-50387.html * https://www.suse.com/security/cve/CVE-2023-50868.html * https://bugzilla.suse.com/show_bug.cgi?id=1200344 * https://bugzilla.suse.com/show_bug.cgi?id=1207174 * https://bugzilla.suse.com/show_bug.cgi?id=1209358 * https://bugzilla.suse.com/show_bug.cgi?id=1214884 * https://bugzilla.suse.com/show_bug.cgi?id=1219823 * https://bugzilla.suse.com/show_bug.cgi?id=1219826 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 10 20:30:16 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 10 Jan 2025 20:30:16 -0000 Subject: SUSE-SU-2025:0070-1: important: Security update for gstreamer Message-ID: <173654101603.13899.13349184123008837844@smelt2.prg2.suse.org> # Security update for gstreamer Announcement ID: SUSE-SU-2025:0070-1 Release Date: 2025-01-10T16:52:54Z Rating: important References: * bsc#1234449 Cross-References: * CVE-2024-47606 CVSS scores: * CVE-2024-47606 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47606 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47606 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for gstreamer fixes the following issues: * CVE-2024-47606: Fixed an integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes. (boo#1234449) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-70=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-70=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-70=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-70=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-70=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-70=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-70=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-70=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-70=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-70=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-70=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-70=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-70=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-utils-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * typelib-1_0-Gst-1_0-1.20.1-150400.3.3.1 * gstreamer-utils-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * gstreamer-devel-1.20.1-150400.3.3.1 * openSUSE Leap 15.4 (x86_64) * typelib-1_0-Gst-1_0-32bit-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-32bit-debuginfo-1.20.1-150400.3.3.1 * gstreamer-32bit-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-32bit-1.20.1-150400.3.3.1 * gstreamer-devel-32bit-1.20.1-150400.3.3.1 * gstreamer-32bit-1.20.1-150400.3.3.1 * openSUSE Leap 15.4 (noarch) * gstreamer-lang-1.20.1-150400.3.3.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libgstreamer-1_0-0-64bit-1.20.1-150400.3.3.1 * gstreamer-64bit-1.20.1-150400.3.3.1 * gstreamer-devel-64bit-1.20.1-150400.3.3.1 * gstreamer-64bit-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-64bit-debuginfo-1.20.1-150400.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-utils-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * typelib-1_0-Gst-1_0-1.20.1-150400.3.3.1 * gstreamer-utils-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * gstreamer-devel-1.20.1-150400.3.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * gstreamer-lang-1.20.1-150400.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-utils-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * typelib-1_0-Gst-1_0-1.20.1-150400.3.3.1 * gstreamer-utils-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * gstreamer-devel-1.20.1-150400.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * gstreamer-lang-1.20.1-150400.3.3.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-utils-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * typelib-1_0-Gst-1_0-1.20.1-150400.3.3.1 * gstreamer-utils-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * gstreamer-devel-1.20.1-150400.3.3.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * gstreamer-lang-1.20.1-150400.3.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-utils-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * typelib-1_0-Gst-1_0-1.20.1-150400.3.3.1 * gstreamer-utils-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * gstreamer-devel-1.20.1-150400.3.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * gstreamer-lang-1.20.1-150400.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-utils-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * typelib-1_0-Gst-1_0-1.20.1-150400.3.3.1 * gstreamer-utils-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * gstreamer-devel-1.20.1-150400.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * gstreamer-lang-1.20.1-150400.3.3.1 * SUSE Manager Proxy 4.3 (x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-utils-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * typelib-1_0-Gst-1_0-1.20.1-150400.3.3.1 * gstreamer-utils-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * gstreamer-devel-1.20.1-150400.3.3.1 * SUSE Manager Proxy 4.3 (noarch) * gstreamer-lang-1.20.1-150400.3.3.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-utils-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * typelib-1_0-Gst-1_0-1.20.1-150400.3.3.1 * gstreamer-utils-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * gstreamer-devel-1.20.1-150400.3.3.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * gstreamer-lang-1.20.1-150400.3.3.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libgstreamer-1_0-0-1.20.1-150400.3.3.1 * gstreamer-1.20.1-150400.3.3.1 * gstreamer-debugsource-1.20.1-150400.3.3.1 * gstreamer-utils-1.20.1-150400.3.3.1 * gstreamer-debuginfo-1.20.1-150400.3.3.1 * typelib-1_0-Gst-1_0-1.20.1-150400.3.3.1 * gstreamer-utils-debuginfo-1.20.1-150400.3.3.1 * libgstreamer-1_0-0-debuginfo-1.20.1-150400.3.3.1 * gstreamer-devel-1.20.1-150400.3.3.1 * SUSE Manager Server 4.3 (noarch) * gstreamer-lang-1.20.1-150400.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47606.html * https://bugzilla.suse.com/show_bug.cgi?id=1234449 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 10 20:30:23 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 10 Jan 2025 20:30:23 -0000 Subject: SUSE-SU-2025:0069-1: important: Security update for gstreamer-plugins-base Message-ID: <173654102339.13899.13994812068360489652@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-base Announcement ID: SUSE-SU-2025:0069-1 Release Date: 2025-01-10T16:52:17Z Rating: important References: * bsc#1234415 * bsc#1234450 * bsc#1234453 * bsc#1234455 * bsc#1234456 * bsc#1234459 * bsc#1234460 Cross-References: * CVE-2024-47538 * CVE-2024-47541 * CVE-2024-47542 * CVE-2024-47600 * CVE-2024-47607 * CVE-2024-47615 * CVE-2024-47835 CVSS scores: * CVE-2024-47538 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47538 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47538 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47541 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47541 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-47541 ( NVD ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47541 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47542 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47542 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47542 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47600 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47600 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47600 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47607 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47607 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47607 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47615 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47615 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47615 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47835 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47835 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves seven vulnerabilities can now be installed. ## Description: This update for gstreamer-plugins-base fixes the following issues: * CVE-2024-47538: Fixed a stack-buffer overflow in vorbis_handle_identification_packet. (bsc#1234415) * CVE-2024-47835: Fixed a NULL-pointer dereference in LRC subtitle parser. (bsc#1234450) * CVE-2024-47600: Fixed an out-of-bounds read in gst-discoverer-1.0 commandline tool. (bsc#1234453) * CVE-2024-47615: Fixed an out-of-bounds write in Ogg demuxer. (bsc#1234456) * CVE-2024-47541: Fixed an out-of-bounds write in SSA subtitle parser. (bsc#1234459) * CVE-2024-47542: Fixed an ID3v2 parser out-of-bounds read and NULL-pointer dereference. (bsc#1234460) * CVE-2024-47607: Fixed a stack buffer-overflow in Opus decoder. (bsc#1234455) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-69=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-69=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-69=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-69=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-69=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-69=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-69=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-69=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-69=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-69=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-69=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-69=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-69=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstApp-1_0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstAudio-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstVideo-1_0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstTag-1_0-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstPbutils-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstGL-1_0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstSdp-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstAllocators-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstGLX11-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtsp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-1.20.1-150400.3.11.1 * openSUSE Leap 15.4 (x86_64) * libgstriff-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * libgstapp-1_0-0-32bit-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-32bit-1.20.1-150400.3.11.1 * libgstapp-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * libgstfft-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-32bit-1.20.1-150400.3.11.1 * libgstgl-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-32bit-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-32bit-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-32bit-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-32bit-1.20.1-150400.3.11.1 * gstreamer-plugins-base-32bit-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-32bit-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * libgstriff-1_0-0-32bit-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-32bit-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * libgstfft-1_0-0-32bit-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-32bit-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * libgstgl-1_0-0-32bit-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-32bit-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-32bit-debuginfo-1.20.1-150400.3.11.1 * openSUSE Leap 15.4 (noarch) * gstreamer-plugins-base-lang-1.20.1-150400.3.11.1 * openSUSE Leap 15.4 (aarch64_ilp32) * gstreamer-plugins-base-64bit-1.20.1-150400.3.11.1 * libgstapp-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstapp-1_0-0-64bit-1.20.1-150400.3.11.1 * libgstfft-1_0-0-64bit-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstgl-1_0-0-64bit-1.20.1-150400.3.11.1 * gstreamer-plugins-base-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstfft-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-64bit-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-64bit-1.20.1-150400.3.11.1 * libgsttag-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-64bit-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-64bit-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-64bit-1.20.1-150400.3.11.1 * libgstriff-1_0-0-64bit-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-64bit-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstriff-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-64bit-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-64bit-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-64bit-1.20.1-150400.3.11.1 * libgstgl-1_0-0-64bit-debuginfo-1.20.1-150400.3.11.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstApp-1_0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstAudio-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstVideo-1_0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstTag-1_0-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstPbutils-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstGL-1_0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstSdp-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstAllocators-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstGLX11-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtsp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-1.20.1-150400.3.11.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * gstreamer-plugins-base-lang-1.20.1-150400.3.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstApp-1_0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstAudio-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstVideo-1_0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstTag-1_0-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstPbutils-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstGL-1_0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstSdp-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstAllocators-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstGLX11-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtsp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-1.20.1-150400.3.11.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * gstreamer-plugins-base-lang-1.20.1-150400.3.11.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstApp-1_0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstAudio-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstVideo-1_0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstTag-1_0-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstPbutils-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstGL-1_0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstSdp-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstAllocators-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstGLX11-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtsp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-1.20.1-150400.3.11.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * gstreamer-plugins-base-lang-1.20.1-150400.3.11.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstApp-1_0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstAudio-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstVideo-1_0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstTag-1_0-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstPbutils-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstGL-1_0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstSdp-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstAllocators-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstGLX11-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtsp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-1.20.1-150400.3.11.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * gstreamer-plugins-base-lang-1.20.1-150400.3.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstApp-1_0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstAudio-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstVideo-1_0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstTag-1_0-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstPbutils-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstGL-1_0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstSdp-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstAllocators-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstGLX11-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtsp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-1.20.1-150400.3.11.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * gstreamer-plugins-base-lang-1.20.1-150400.3.11.1 * SUSE Manager Proxy 4.3 (x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstApp-1_0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstAudio-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstVideo-1_0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstTag-1_0-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstPbutils-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstGL-1_0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstSdp-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstAllocators-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstGLX11-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtsp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-1.20.1-150400.3.11.1 * SUSE Manager Proxy 4.3 (noarch) * gstreamer-plugins-base-lang-1.20.1-150400.3.11.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstApp-1_0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstAudio-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstVideo-1_0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstTag-1_0-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstPbutils-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstGL-1_0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstSdp-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstAllocators-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstGLX11-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtsp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-1.20.1-150400.3.11.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * gstreamer-plugins-base-lang-1.20.1-150400.3.11.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * gstreamer-plugins-base-1.20.1-150400.3.11.1 * libgstapp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstApp-1_0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debugsource-1.20.1-150400.3.11.1 * libgstriff-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstAudio-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-1.20.1-150400.3.11.1 * libgstgl-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstvideo-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstVideo-1_0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgsttag-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstTag-1_0-1.20.1-150400.3.11.1 * libgsttag-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstPbutils-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-1.20.1-150400.3.11.1 * typelib-1_0-GstGL-1_0-1.20.1-150400.3.11.1 * libgstriff-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLWayland-1_0-1.20.1-150400.3.11.1 * libgstrtp-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstrtsp-1_0-0-1.20.1-150400.3.11.1 * libgstapp-1_0-0-1.20.1-150400.3.11.1 * gstreamer-plugins-base-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstSdp-1_0-1.20.1-150400.3.11.1 * libgstfft-1_0-0-debuginfo-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-debuginfo-1.20.1-150400.3.11.1 * gstreamer-plugins-base-devel-1.20.1-150400.3.11.1 * libgstgl-1_0-0-1.20.1-150400.3.11.1 * libgstpbutils-1_0-0-1.20.1-150400.3.11.1 * libgstaudio-1_0-0-debuginfo-1.20.1-150400.3.11.1 * typelib-1_0-GstGLEGL-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstAllocators-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstGLX11-1_0-1.20.1-150400.3.11.1 * typelib-1_0-GstRtsp-1_0-1.20.1-150400.3.11.1 * libgstallocators-1_0-0-1.20.1-150400.3.11.1 * libgstsdp-1_0-0-1.20.1-150400.3.11.1 * SUSE Manager Server 4.3 (noarch) * gstreamer-plugins-base-lang-1.20.1-150400.3.11.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47538.html * https://www.suse.com/security/cve/CVE-2024-47541.html * https://www.suse.com/security/cve/CVE-2024-47542.html * https://www.suse.com/security/cve/CVE-2024-47600.html * https://www.suse.com/security/cve/CVE-2024-47607.html * https://www.suse.com/security/cve/CVE-2024-47615.html * https://www.suse.com/security/cve/CVE-2024-47835.html * https://bugzilla.suse.com/show_bug.cgi?id=1234415 * https://bugzilla.suse.com/show_bug.cgi?id=1234450 * https://bugzilla.suse.com/show_bug.cgi?id=1234453 * https://bugzilla.suse.com/show_bug.cgi?id=1234455 * https://bugzilla.suse.com/show_bug.cgi?id=1234456 * https://bugzilla.suse.com/show_bug.cgi?id=1234459 * https://bugzilla.suse.com/show_bug.cgi?id=1234460 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 10 20:30:25 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 10 Jan 2025 20:30:25 -0000 Subject: SUSE-RU-2025:0068-1: moderate: Recommended update for scap-security-guide Message-ID: <173654102581.13899.1275285409691148681@smelt2.prg2.suse.org> # Recommended update for scap-security-guide Announcement ID: SUSE-RU-2025:0068-1 Release Date: 2025-01-10T16:51:29Z Rating: moderate References: * bsc#1230361 * jsc#ECO-3319 Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.0 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Client Tools for SLE Micro 5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature and has one fix can now be installed. ## Description: This update for scap-security-guide fixes the following issues: * replace two date injections by SOURCE_DATE_EPOCH to make reproducible. (bsc#1230361) * updated to 0.1.75 (jsc#ECO-3319) * Add new product kylinserver10 * Create OL10 product * Update PCI-DSS control file for version 4.0.1 * Add Ism profile for ol8, ol9 * Release SLMicro5 product * Various updates for SLE 12/15 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-68=1 * SUSE Manager Client Tools for SLE Micro 5 zypper in -t patch SUSE-SLE-Manager-Tools-For-Micro-5-2025-68=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-68=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-68=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-68=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-68=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-68=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-68=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-68=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-68=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-68=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-68=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-68=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-68=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-68=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-68=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-68=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-68=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-68=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-68=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-68=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-68=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-68=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-68=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2025-68=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-68=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2025-68=1 ## Package List: * openSUSE Leap 15.6 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Manager Client Tools for SLE Micro 5 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * Basesystem Module 15-SP6 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Manager Proxy 4.3 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Manager Server 4.3 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Enterprise Storage 7.1 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * scap-security-guide-0.1.75-150000.1.89.1 * scap-security-guide-debian-0.1.75-150000.1.89.1 * scap-security-guide-redhat-0.1.75-150000.1.89.1 * scap-security-guide-ubuntu-0.1.75-150000.1.89.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1230361 * https://jira.suse.com/browse/ECO-3319 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 10 20:30:45 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 10 Jan 2025 20:30:45 -0000 Subject: SUSE-SU-2025:0067-1: important: Security update for gstreamer-plugins-good Message-ID: <173654104518.13899.13689608009274525081@smelt2.prg2.suse.org> # Security update for gstreamer-plugins-good Announcement ID: SUSE-SU-2025:0067-1 Release Date: 2025-01-10T16:48:43Z Rating: important References: * bsc#1234414 * bsc#1234417 * bsc#1234421 * bsc#1234424 * bsc#1234425 * bsc#1234426 * bsc#1234427 * bsc#1234428 * bsc#1234432 * bsc#1234433 * bsc#1234434 * bsc#1234435 * bsc#1234436 * bsc#1234439 * bsc#1234440 * bsc#1234446 * bsc#1234447 * bsc#1234449 * bsc#1234462 * bsc#1234473 * bsc#1234476 * bsc#1234477 Cross-References: * CVE-2024-47530 * CVE-2024-47537 * CVE-2024-47539 * CVE-2024-47543 * CVE-2024-47544 * CVE-2024-47545 * CVE-2024-47546 * CVE-2024-47596 * CVE-2024-47597 * CVE-2024-47598 * CVE-2024-47599 * CVE-2024-47601 * CVE-2024-47602 * CVE-2024-47603 * CVE-2024-47606 * CVE-2024-47613 * CVE-2024-47774 * CVE-2024-47775 * CVE-2024-47776 * CVE-2024-47777 * CVE-2024-47778 * CVE-2024-47834 CVSS scores: * CVE-2024-47530 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-47530 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-47537 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47537 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47537 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47539 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47539 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47539 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47543 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47543 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47543 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47544 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47544 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47544 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47545 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47545 ( NVD ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47545 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47546 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47546 ( NVD ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47546 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47596 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47596 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47596 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47597 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47597 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47597 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47598 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47598 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47598 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47599 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47599 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47599 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47601 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47601 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47601 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47602 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47602 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47603 ( NVD ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47603 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47606 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47606 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47606 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47613 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47613 ( NVD ): 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47613 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47774 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47774 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47774 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47775 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47775 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47775 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47776 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47776 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47776 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47777 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47777 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47777 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H * CVE-2024-47778 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47778 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47778 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47834 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47834 ( NVD ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47834 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 22 vulnerabilities can now be installed. ## Description: This update for gstreamer-plugins-good fixes the following issues: * CVE-2024-47530: Fixed an uninitialized stack memory in Matroska/WebM demuxer. (boo#1234421) * CVE-2024-47537: Fixed an out-of-bounds write in isomp4/qtdemux.c. (boo#1234414) * CVE-2024-47539: Fixed an out-of-bounds write in convert_to_s334_1a. (boo#1234417) * CVE-2024-47543: Fixed an out-of-bounds write in qtdemux_parse_container. (boo#1234462) * CVE-2024-47544: Fixed a NULL-pointer dereferences in MP4/MOV demuxer CENC handling. (boo#1234473) * CVE-2024-47545: Fixed an integer underflow in FOURCC_strf parsing leading to out-of-bounds read. (boo#1234476) * CVE-2024-47546: Fixed an integer underflow in extract_cc_from_data leading to out-of-bounds read. (boo#1234477) * CVE-2024-47596: Fixed an integer underflow in MP4/MOV demuxer that can lead to out-of-bounds reads. (boo#1234424) * CVE-2024-47597: Fixed an out-of-bounds reads in MP4/MOV demuxer sample table parser (boo#1234425) * CVE-2024-47598: Fixed MP4/MOV sample table parser out-of-bounds read. (boo#1234426) * CVE-2024-47599: Fixed insufficient error handling in JPEG decoder that can lead to NULL-pointer dereferences. (boo#1234427) * CVE-2024-47601: Fixed a NULL-pointer dereference in Matroska/WebM demuxer. (boo#1234428) * CVE-2024-47602: Fixed a NULL-pointer dereferences and out-of-bounds reads in Matroska/WebM demuxer. (boo#1234432) * CVE-2024-47603: Fixed a NULL-pointer dereference in Matroska/WebM demuxer. (boo#1234433) * CVE-2024-47606: Avoid integer overflow when allocating sysmem. (bsc#1234449) * CVE-2024-47606: Fixed an integer overflows in MP4/MOV demuxer and memory allocator that can lead to out-of-bounds writes. (boo#1234449) * CVE-2024-47613: Fixed a NULL-pointer dereference in gdk-pixbuf decoder. (boo#1234447) * CVE-2024-47774: Fixed an integer overflow in AVI subtitle parser that leads to out-of-bounds reads. (boo#1234446) * CVE-2024-47775: Fixed various out-of-bounds reads in WAV parser. (boo#1234434) * CVE-2024-47776: Fixed various out-of-bounds reads in WAV parser. (boo#1234435) * CVE-2024-47777: Fixed various out-of-bounds reads in WAV parser. (boo#1234436) * CVE-2024-47778: Fixed various out-of-bounds reads in WAV parser. (boo#1234439) * CVE-2024-47834: Fixed a use-after-free in the Matroska demuxer that can cause crashes for certain input files. (boo#1234440) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-67=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-67=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-67=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-67=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-67=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-67=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-67=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-67=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-67=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * gstreamer-plugins-good-gtk-debuginfo-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debugsource-1.20.1-150400.3.9.1 * gstreamer-plugins-good-qtqml-debuginfo-1.20.1-150400.3.9.1 * gstreamer-plugins-good-1.20.1-150400.3.9.1 * gstreamer-plugins-good-extra-debuginfo-1.20.1-150400.3.9.1 * gstreamer-plugins-good-jack-1.20.1-150400.3.9.1 * gstreamer-plugins-good-qtqml-1.20.1-150400.3.9.1 * gstreamer-plugins-good-extra-1.20.1-150400.3.9.1 * gstreamer-plugins-good-gtk-1.20.1-150400.3.9.1 * gstreamer-plugins-good-jack-debuginfo-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debuginfo-1.20.1-150400.3.9.1 * openSUSE Leap 15.4 (x86_64) * gstreamer-plugins-good-jack-32bit-debuginfo-1.20.1-150400.3.9.1 * gstreamer-plugins-good-32bit-1.20.1-150400.3.9.1 * gstreamer-plugins-good-32bit-debuginfo-1.20.1-150400.3.9.1 * gstreamer-plugins-good-extra-32bit-debuginfo-1.20.1-150400.3.9.1 * gstreamer-plugins-good-jack-32bit-1.20.1-150400.3.9.1 * gstreamer-plugins-good-extra-32bit-1.20.1-150400.3.9.1 * openSUSE Leap 15.4 (noarch) * gstreamer-plugins-good-lang-1.20.1-150400.3.9.1 * openSUSE Leap 15.4 (aarch64_ilp32) * gstreamer-plugins-good-jack-64bit-1.20.1-150400.3.9.1 * gstreamer-plugins-good-extra-64bit-debuginfo-1.20.1-150400.3.9.1 * gstreamer-plugins-good-64bit-1.20.1-150400.3.9.1 * gstreamer-plugins-good-extra-64bit-1.20.1-150400.3.9.1 * gstreamer-plugins-good-64bit-debuginfo-1.20.1-150400.3.9.1 * gstreamer-plugins-good-jack-64bit-debuginfo-1.20.1-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * gstreamer-plugins-good-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debugsource-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debuginfo-1.20.1-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * gstreamer-plugins-good-lang-1.20.1-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * gstreamer-plugins-good-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debugsource-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debuginfo-1.20.1-150400.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * gstreamer-plugins-good-lang-1.20.1-150400.3.9.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * gstreamer-plugins-good-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debugsource-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debuginfo-1.20.1-150400.3.9.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * gstreamer-plugins-good-lang-1.20.1-150400.3.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * gstreamer-plugins-good-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debugsource-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debuginfo-1.20.1-150400.3.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * gstreamer-plugins-good-lang-1.20.1-150400.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * gstreamer-plugins-good-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debugsource-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debuginfo-1.20.1-150400.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * gstreamer-plugins-good-lang-1.20.1-150400.3.9.1 * SUSE Manager Proxy 4.3 (x86_64) * gstreamer-plugins-good-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debugsource-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debuginfo-1.20.1-150400.3.9.1 * SUSE Manager Proxy 4.3 (noarch) * gstreamer-plugins-good-lang-1.20.1-150400.3.9.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * gstreamer-plugins-good-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debugsource-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debuginfo-1.20.1-150400.3.9.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * gstreamer-plugins-good-lang-1.20.1-150400.3.9.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * gstreamer-plugins-good-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debugsource-1.20.1-150400.3.9.1 * gstreamer-plugins-good-debuginfo-1.20.1-150400.3.9.1 * SUSE Manager Server 4.3 (noarch) * gstreamer-plugins-good-lang-1.20.1-150400.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-47530.html * https://www.suse.com/security/cve/CVE-2024-47537.html * https://www.suse.com/security/cve/CVE-2024-47539.html * https://www.suse.com/security/cve/CVE-2024-47543.html * https://www.suse.com/security/cve/CVE-2024-47544.html * https://www.suse.com/security/cve/CVE-2024-47545.html * https://www.suse.com/security/cve/CVE-2024-47546.html * https://www.suse.com/security/cve/CVE-2024-47596.html * https://www.suse.com/security/cve/CVE-2024-47597.html * https://www.suse.com/security/cve/CVE-2024-47598.html * https://www.suse.com/security/cve/CVE-2024-47599.html * https://www.suse.com/security/cve/CVE-2024-47601.html * https://www.suse.com/security/cve/CVE-2024-47602.html * https://www.suse.com/security/cve/CVE-2024-47603.html * https://www.suse.com/security/cve/CVE-2024-47606.html * https://www.suse.com/security/cve/CVE-2024-47613.html * https://www.suse.com/security/cve/CVE-2024-47774.html * https://www.suse.com/security/cve/CVE-2024-47775.html * https://www.suse.com/security/cve/CVE-2024-47776.html * https://www.suse.com/security/cve/CVE-2024-47777.html * https://www.suse.com/security/cve/CVE-2024-47778.html * https://www.suse.com/security/cve/CVE-2024-47834.html * https://bugzilla.suse.com/show_bug.cgi?id=1234414 * https://bugzilla.suse.com/show_bug.cgi?id=1234417 * https://bugzilla.suse.com/show_bug.cgi?id=1234421 * https://bugzilla.suse.com/show_bug.cgi?id=1234424 * https://bugzilla.suse.com/show_bug.cgi?id=1234425 * https://bugzilla.suse.com/show_bug.cgi?id=1234426 * https://bugzilla.suse.com/show_bug.cgi?id=1234427 * https://bugzilla.suse.com/show_bug.cgi?id=1234428 * https://bugzilla.suse.com/show_bug.cgi?id=1234432 * https://bugzilla.suse.com/show_bug.cgi?id=1234433 * https://bugzilla.suse.com/show_bug.cgi?id=1234434 * https://bugzilla.suse.com/show_bug.cgi?id=1234435 * https://bugzilla.suse.com/show_bug.cgi?id=1234436 * https://bugzilla.suse.com/show_bug.cgi?id=1234439 * https://bugzilla.suse.com/show_bug.cgi?id=1234440 * https://bugzilla.suse.com/show_bug.cgi?id=1234446 * https://bugzilla.suse.com/show_bug.cgi?id=1234447 * https://bugzilla.suse.com/show_bug.cgi?id=1234449 * https://bugzilla.suse.com/show_bug.cgi?id=1234462 * https://bugzilla.suse.com/show_bug.cgi?id=1234473 * https://bugzilla.suse.com/show_bug.cgi?id=1234476 * https://bugzilla.suse.com/show_bug.cgi?id=1234477 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 14 16:30:31 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Tue, 14 Jan 2025 16:30:31 -0000 Subject: SUSE-SU-2025:0096-1: important: Security update for webkit2gtk3 Message-ID: <173687223146.29410.17440863025552588372@smelt2.prg2.suse.org> # Security update for webkit2gtk3 Announcement ID: SUSE-SU-2025:0096-1 Release Date: 2025-01-14T14:13:16Z Rating: important References: * bsc#1234851 Cross-References: * CVE-2024-40866 * CVE-2024-44185 * CVE-2024-44187 * CVE-2024-44308 * CVE-2024-44309 * CVE-2024-54479 * CVE-2024-54502 * CVE-2024-54505 * CVE-2024-54508 * CVE-2024-54534 CVSS scores: * CVE-2024-40866 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-40866 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-44185 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-44185 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44185 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-44187 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-44187 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-44308 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-44308 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-44308 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-44309 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-44309 ( NVD ): 6.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L * CVE-2024-44309 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-54479 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-54479 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54479 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54479 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54502 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-54502 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54502 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54502 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54505 ( SUSE ): 5.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-54505 ( SUSE ): 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H * CVE-2024-54505 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-54505 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54508 ( SUSE ): 7.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-54508 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-54508 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54508 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-54534 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-54534 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-54534 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-54534 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for webkit2gtk3 fixes the following issues: Update to version 2.46.5 (bsc#1234851): Security fixes: * CVE-2024-54479: Processing maliciously crafted web content may lead to an unexpected process crash * CVE-2024-54502: Processing maliciously crafted web content may lead to an unexpected process crash * CVE-2024-54505: Processing maliciously crafted web content may lead to memory corruption * CVE-2024-54508: Processing maliciously crafted web content may lead to an unexpected process crash * CVE-2024-54534: Processing maliciously crafted web content may lead to memory corruption Other fixes: * Fix the build with GBM and release logs disabled. * Fix several crashes and rendering issues. * Improve memory consumption and performance of Canvas getImageData. * Fix preserve-3D intersection rendering. * Fix video dimensions since GStreamer 1.24.9. * Fix the HTTP-based remote Web Inspector not loading in Chromium. * Fix content filters not working on about:blank iframes. * Fix several crashes and rendering issues. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-96=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-96=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-96=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-96=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-96=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-96=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-96=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-96=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-96=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-96=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-96=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-96=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-96=1 ## Package List: * SUSE Manager Server 4.3 (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * openSUSE Leap 15.4 (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-6.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-4.1-lang-2.46.5-150400.4.103.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * webkitgtk-6_0-injected-bundles-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-minibrowser-debuginfo-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-minibrowser-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * webkit-jsc-4.1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-minibrowser-debuginfo-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-minibrowser-2.46.5-150400.4.103.1 * webkit2gtk3-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * webkit2gtk4-devel-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * typelib-1_0-WebKitWebProcessExtension-6_0-2.46.5-150400.4.103.1 * webkit-jsc-4-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150400.4.103.1 * webkit-jsc-6.0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150400.4.103.1 * webkit-jsc-6.0-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-devel-2.46.5-150400.4.103.1 * webkit2gtk4-debugsource-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150400.4.103.1 * webkit2gtk4-minibrowser-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk4-minibrowser-2.46.5-150400.4.103.1 * typelib-1_0-WebKit-6_0-2.46.5-150400.4.103.1 * webkitgtk-6_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * webkit-jsc-4-debuginfo-2.46.5-150400.4.103.1 * webkit-jsc-4.1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-6_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * openSUSE Leap 15.4 (x86_64) * libjavascriptcoregtk-4_1-0-32bit-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-32bit-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-32bit-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-32bit-debuginfo-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-32bit-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-32bit-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-32bit-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-32bit-debuginfo-2.46.5-150400.4.103.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libwebkit2gtk-4_0-37-64bit-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-64bit-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-64bit-debuginfo-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-64bit-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-64bit-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-64bit-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-64bit-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-64bit-debuginfo-2.46.5-150400.4.103.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-6.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-4.1-lang-2.46.5-150400.4.103.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * webkitgtk-6_0-injected-bundles-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150400.4.103.1 * webkit2gtk4-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-devel-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-6.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-4.1-lang-2.46.5-150400.4.103.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * webkitgtk-6_0-injected-bundles-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150400.4.103.1 * webkit2gtk4-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-devel-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-6.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-4.1-lang-2.46.5-150400.4.103.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * webkitgtk-6_0-injected-bundles-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150400.4.103.1 * webkit2gtk4-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-devel-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-6.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-4.1-lang-2.46.5-150400.4.103.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * webkitgtk-6_0-injected-bundles-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150400.4.103.1 * webkit2gtk4-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-devel-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-6.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-4.1-lang-2.46.5-150400.4.103.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * webkitgtk-6_0-injected-bundles-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150400.4.103.1 * webkit2gtk4-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-devel-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-6.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-4.1-lang-2.46.5-150400.4.103.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * webkitgtk-6_0-injected-bundles-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150400.4.103.1 * webkit2gtk4-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-devel-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-6.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-4.1-lang-2.46.5-150400.4.103.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * webkitgtk-6_0-injected-bundles-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150400.4.103.1 * webkit2gtk4-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-devel-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-6.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-4.1-lang-2.46.5-150400.4.103.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * webkitgtk-6_0-injected-bundles-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150400.4.103.1 * webkit2gtk4-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-devel-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-6.0-lang-2.46.5-150400.4.103.1 * WebKitGTK-4.1-lang-2.46.5-150400.4.103.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * webkitgtk-6_0-injected-bundles-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * libwebkitgtk-6_0-4-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_1-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-6_0-1-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * libwebkit2gtk-4_1-0-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-2.46.5-150400.4.103.1 * webkit2gtk-4_1-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_1-2.46.5-150400.4.103.1 * webkit2gtk4-debugsource-2.46.5-150400.4.103.1 * webkit2gtk3-devel-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_1-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_1-0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * SUSE Manager Proxy 4.3 (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * SUSE Manager Proxy 4.3 (x86_64) * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * WebKitGTK-4.0-lang-2.46.5-150400.4.103.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * webkit2gtk-4_0-injected-bundles-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-debugsource-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-debuginfo-2.46.5-150400.4.103.1 * webkit2gtk3-soup2-devel-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2WebExtension-4_0-2.46.5-150400.4.103.1 * libwebkit2gtk-4_0-37-2.46.5-150400.4.103.1 * typelib-1_0-JavaScriptCore-4_0-2.46.5-150400.4.103.1 * typelib-1_0-WebKit2-4_0-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-debuginfo-2.46.5-150400.4.103.1 * libjavascriptcoregtk-4_0-18-2.46.5-150400.4.103.1 * webkit2gtk-4_0-injected-bundles-2.46.5-150400.4.103.1 ## References: * https://www.suse.com/security/cve/CVE-2024-40866.html * https://www.suse.com/security/cve/CVE-2024-44185.html * https://www.suse.com/security/cve/CVE-2024-44187.html * https://www.suse.com/security/cve/CVE-2024-44308.html * https://www.suse.com/security/cve/CVE-2024-44309.html * https://www.suse.com/security/cve/CVE-2024-54479.html * https://www.suse.com/security/cve/CVE-2024-54502.html * https://www.suse.com/security/cve/CVE-2024-54505.html * https://www.suse.com/security/cve/CVE-2024-54508.html * https://www.suse.com/security/cve/CVE-2024-54534.html * https://bugzilla.suse.com/show_bug.cgi?id=1234851 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 12:30:51 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Wed, 15 Jan 2025 12:30:51 -0000 Subject: SUSE-SU-2025:0122-1: important: Security update for rsync Message-ID: <173694425105.18685.15057469330084284751@smelt2.prg2.suse.org> # Security update for rsync Announcement ID: SUSE-SU-2025:0122-1 Release Date: 2025-01-15T09:09:53Z Rating: important References: * bsc#1234101 * bsc#1234102 * bsc#1234103 * bsc#1234104 Cross-References: * CVE-2024-12085 * CVE-2024-12086 * CVE-2024-12087 * CVE-2024-12088 CVSS scores: * CVE-2024-12085 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-12085 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-12086 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12086 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-12086 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N * CVE-2024-12087 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-12087 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-12087 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-12088 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities can now be installed. ## Description: This update for rsync fixes the following issues: * CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. (bsc#1234101) * CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. (bsc#1234102) * CVE-2024-12087: arbitrary file overwrite possible on clients when symlink syncing is enabled. (bsc#1234103) * CVE-2024-12088: bypass of the --safe-links flag may allow the placement of unsafe symlinks in a client. (bsc#1234104) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2025-122=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-122=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-122=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-122=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-122=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-122=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-122=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-122=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-122=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-122=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2025-122=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2025-122=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-122=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-122=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-122=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-122=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-122=1 ## Package List: * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Manager Proxy 4.3 (x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12085.html * https://www.suse.com/security/cve/CVE-2024-12086.html * https://www.suse.com/security/cve/CVE-2024-12087.html * https://www.suse.com/security/cve/CVE-2024-12088.html * https://bugzilla.suse.com/show_bug.cgi?id=1234101 * https://bugzilla.suse.com/show_bug.cgi?id=1234102 * https://bugzilla.suse.com/show_bug.cgi?id=1234103 * https://bugzilla.suse.com/show_bug.cgi?id=1234104 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 15 16:30:36 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Wed, 15 Jan 2025 16:30:36 -0000 Subject: SUSE-SU-2025:0122-2: important: Security update for rsync Message-ID: <173695863683.20886.11895952145216618347@smelt2.prg2.suse.org> # Security update for rsync Announcement ID: SUSE-SU-2025:0122-2 Release Date: 2025-01-15T14:55:54Z Rating: important References: * bsc#1234101 * bsc#1234102 * bsc#1234103 * bsc#1234104 Cross-References: * CVE-2024-12085 * CVE-2024-12086 * CVE-2024-12087 * CVE-2024-12088 CVSS scores: * CVE-2024-12085 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-12085 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-12086 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12086 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-12086 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N * CVE-2024-12087 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-12087 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-12087 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-12088 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities can now be installed. ## Description: This update for rsync fixes the following issues: NOTE: This update was retracted as one of the fixes was broken. A new update will be issued. * CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. (bsc#1234101) * CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. (bsc#1234102) * CVE-2024-12087: arbitrary file overwrite possible on clients when symlink syncing is enabled. (bsc#1234103) * CVE-2024-12088: bypass of the --safe-links flag may allow the placement of unsafe symlinks in a client. (bsc#1234104) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2025-122=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-122=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-122=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2025-122=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-122=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-122=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-122=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-122=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-122=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-122=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2025-122=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2025-122=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-122=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-122=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-122=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-122=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-122=1 ## Package List: * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Manager Proxy 4.3 (x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * rsync-3.2.3-150400.3.12.1 * rsync-debuginfo-3.2.3-150400.3.12.1 * rsync-debugsource-3.2.3-150400.3.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12085.html * https://www.suse.com/security/cve/CVE-2024-12086.html * https://www.suse.com/security/cve/CVE-2024-12087.html * https://www.suse.com/security/cve/CVE-2024-12088.html * https://bugzilla.suse.com/show_bug.cgi?id=1234101 * https://bugzilla.suse.com/show_bug.cgi?id=1234102 * https://bugzilla.suse.com/show_bug.cgi?id=1234103 * https://bugzilla.suse.com/show_bug.cgi?id=1234104 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 16 16:30:35 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Thu, 16 Jan 2025 16:30:35 -0000 Subject: SUSE-SU-2025:0144-1: important: Security update for git Message-ID: <173704503527.29714.3766249022353694156@smelt2.prg2.suse.org> # Security update for git Announcement ID: SUSE-SU-2025:0144-1 Release Date: 2025-01-16T13:30:38Z Rating: important References: * bsc#1235600 * bsc#1235601 Cross-References: * CVE-2024-50349 * CVE-2024-52006 CVSS scores: * CVE-2024-50349 ( SUSE ): 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-50349 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-52006 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-52006 ( NVD ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for git fixes the following issues: * CVE-2024-50349: Passwords for trusted sites could be sent to untrusted sites (bsc#1235600). * CVE-2024-52006: Carriage Returns via the credential protocol to credential helpers (bsc#1235601). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-144=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-144=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-144=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-144=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-144=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-144=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-144=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-144=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-144=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-144=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-144=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-144=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-144=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-144=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-144=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-144=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-144=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-credential-libsecret-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-credential-libsecret-debuginfo-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-credential-gnome-keyring-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-credential-gnome-keyring-debuginfo-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * git-p4-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * openSUSE Leap 15.3 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * git-doc-2.35.3-150300.10.48.1 * SUSE Manager Proxy 4.3 (x86_64) * git-debuginfo-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * git-debuginfo-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * git-debuginfo-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * git-web-2.35.3-150300.10.48.1 * git-email-2.35.3-150300.10.48.1 * git-gui-2.35.3-150300.10.48.1 * git-2.35.3-150300.10.48.1 * perl-Git-2.35.3-150300.10.48.1 * git-daemon-2.35.3-150300.10.48.1 * git-debugsource-2.35.3-150300.10.48.1 * git-core-2.35.3-150300.10.48.1 * git-svn-2.35.3-150300.10.48.1 * git-debuginfo-2.35.3-150300.10.48.1 * git-core-debuginfo-2.35.3-150300.10.48.1 * git-cvs-2.35.3-150300.10.48.1 * git-arch-2.35.3-150300.10.48.1 * gitk-2.35.3-150300.10.48.1 * git-daemon-debuginfo-2.35.3-150300.10.48.1 * SUSE Enterprise Storage 7.1 (noarch) * git-doc-2.35.3-150300.10.48.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50349.html * https://www.suse.com/security/cve/CVE-2024-52006.html * https://bugzilla.suse.com/show_bug.cgi?id=1235600 * https://bugzilla.suse.com/show_bug.cgi?id=1235601 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Thu Jan 16 20:30:38 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Thu, 16 Jan 2025 20:30:38 -0000 Subject: SUSE-RU-2025:0148-1: moderate: Recommended update for cryptsetup Message-ID: <173705943870.771.18211330506498365587@smelt2.prg2.suse.org> # Recommended update for cryptsetup Announcement ID: SUSE-RU-2025:0148-1 Release Date: 2025-01-16T16:01:27Z Rating: moderate References: * bsc#1234273 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for cryptsetup fixes the following issue: * luksFormat succeeds despite creating corrupt device (bsc#1234273). * Add a better warning if luksFormat ends with image without any space for data. * Print warning early if LUKS container is too small for activation. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-148=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-148=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-148=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-148=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-148=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-148=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-148=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-148=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-148=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-148=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-148=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-148=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-148=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-148=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-148=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-148=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-148=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * cryptsetup-2.4.3-150400.3.6.2 * cryptsetup-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-ssh-2.4.3-150400.3.6.2 * libcryptsetup12-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-2.4.3-150400.3.6.2 * libcryptsetup12-hmac-2.4.3-150400.3.6.2 * libcryptsetup-devel-2.4.3-150400.3.6.2 * cryptsetup-ssh-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-debugsource-2.4.3-150400.3.6.2 * openSUSE Leap 15.4 (noarch) * cryptsetup-lang-2.4.3-150400.3.6.2 * openSUSE Leap 15.4 (x86_64) * libcryptsetup12-hmac-32bit-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-debuginfo-2.4.3-150400.3.6.2 * openSUSE Leap 15.4 (aarch64_ilp32) * libcryptsetup12-hmac-64bit-2.4.3-150400.3.6.2 * libcryptsetup12-64bit-2.4.3-150400.3.6.2 * libcryptsetup12-64bit-debuginfo-2.4.3-150400.3.6.2 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * cryptsetup-2.4.3-150400.3.6.2 * cryptsetup-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-2.4.3-150400.3.6.2 * libcryptsetup12-hmac-2.4.3-150400.3.6.2 * cryptsetup-debugsource-2.4.3-150400.3.6.2 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * cryptsetup-2.4.3-150400.3.6.2 * cryptsetup-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-2.4.3-150400.3.6.2 * libcryptsetup12-hmac-2.4.3-150400.3.6.2 * cryptsetup-debugsource-2.4.3-150400.3.6.2 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * cryptsetup-2.4.3-150400.3.6.2 * cryptsetup-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-2.4.3-150400.3.6.2 * libcryptsetup12-hmac-2.4.3-150400.3.6.2 * cryptsetup-debugsource-2.4.3-150400.3.6.2 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * cryptsetup-2.4.3-150400.3.6.2 * cryptsetup-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-2.4.3-150400.3.6.2 * libcryptsetup12-hmac-2.4.3-150400.3.6.2 * cryptsetup-debugsource-2.4.3-150400.3.6.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * cryptsetup-2.4.3-150400.3.6.2 * cryptsetup-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-2.4.3-150400.3.6.2 * libcryptsetup12-hmac-2.4.3-150400.3.6.2 * cryptsetup-debugsource-2.4.3-150400.3.6.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * cryptsetup-2.4.3-150400.3.6.2 * cryptsetup-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-ssh-2.4.3-150400.3.6.2 * libcryptsetup12-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-2.4.3-150400.3.6.2 * libcryptsetup12-hmac-2.4.3-150400.3.6.2 * libcryptsetup-devel-2.4.3-150400.3.6.2 * cryptsetup-ssh-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-debugsource-2.4.3-150400.3.6.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * cryptsetup-lang-2.4.3-150400.3.6.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libcryptsetup12-hmac-32bit-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-debuginfo-2.4.3-150400.3.6.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * cryptsetup-2.4.3-150400.3.6.2 * cryptsetup-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-ssh-2.4.3-150400.3.6.2 * libcryptsetup12-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-2.4.3-150400.3.6.2 * libcryptsetup12-hmac-2.4.3-150400.3.6.2 * libcryptsetup-devel-2.4.3-150400.3.6.2 * cryptsetup-ssh-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-debugsource-2.4.3-150400.3.6.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * cryptsetup-lang-2.4.3-150400.3.6.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libcryptsetup12-hmac-32bit-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-debuginfo-2.4.3-150400.3.6.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * cryptsetup-2.4.3-150400.3.6.2 * cryptsetup-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-ssh-2.4.3-150400.3.6.2 * libcryptsetup12-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-2.4.3-150400.3.6.2 * libcryptsetup12-hmac-2.4.3-150400.3.6.2 * libcryptsetup-devel-2.4.3-150400.3.6.2 * cryptsetup-ssh-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-debugsource-2.4.3-150400.3.6.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * cryptsetup-lang-2.4.3-150400.3.6.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * libcryptsetup12-hmac-32bit-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-debuginfo-2.4.3-150400.3.6.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * cryptsetup-2.4.3-150400.3.6.2 * cryptsetup-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-ssh-2.4.3-150400.3.6.2 * libcryptsetup12-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-2.4.3-150400.3.6.2 * libcryptsetup12-hmac-2.4.3-150400.3.6.2 * libcryptsetup-devel-2.4.3-150400.3.6.2 * cryptsetup-ssh-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-debugsource-2.4.3-150400.3.6.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * cryptsetup-lang-2.4.3-150400.3.6.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * libcryptsetup12-hmac-32bit-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-debuginfo-2.4.3-150400.3.6.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * cryptsetup-2.4.3-150400.3.6.2 * cryptsetup-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-ssh-2.4.3-150400.3.6.2 * libcryptsetup12-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-2.4.3-150400.3.6.2 * libcryptsetup12-hmac-2.4.3-150400.3.6.2 * libcryptsetup-devel-2.4.3-150400.3.6.2 * cryptsetup-ssh-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-debugsource-2.4.3-150400.3.6.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * cryptsetup-lang-2.4.3-150400.3.6.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libcryptsetup12-hmac-32bit-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-debuginfo-2.4.3-150400.3.6.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * cryptsetup-2.4.3-150400.3.6.2 * cryptsetup-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-ssh-2.4.3-150400.3.6.2 * libcryptsetup12-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-2.4.3-150400.3.6.2 * libcryptsetup12-hmac-2.4.3-150400.3.6.2 * libcryptsetup-devel-2.4.3-150400.3.6.2 * cryptsetup-ssh-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-debugsource-2.4.3-150400.3.6.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * cryptsetup-lang-2.4.3-150400.3.6.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * libcryptsetup12-hmac-32bit-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-debuginfo-2.4.3-150400.3.6.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * cryptsetup-2.4.3-150400.3.6.2 * cryptsetup-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-ssh-2.4.3-150400.3.6.2 * libcryptsetup12-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-2.4.3-150400.3.6.2 * libcryptsetup12-hmac-2.4.3-150400.3.6.2 * libcryptsetup-devel-2.4.3-150400.3.6.2 * cryptsetup-ssh-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-debugsource-2.4.3-150400.3.6.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * cryptsetup-lang-2.4.3-150400.3.6.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libcryptsetup12-hmac-32bit-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-debuginfo-2.4.3-150400.3.6.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * cryptsetup-2.4.3-150400.3.6.2 * cryptsetup-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-ssh-2.4.3-150400.3.6.2 * libcryptsetup12-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-2.4.3-150400.3.6.2 * libcryptsetup12-hmac-2.4.3-150400.3.6.2 * libcryptsetup-devel-2.4.3-150400.3.6.2 * cryptsetup-ssh-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-debugsource-2.4.3-150400.3.6.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * cryptsetup-lang-2.4.3-150400.3.6.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * libcryptsetup12-hmac-32bit-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-debuginfo-2.4.3-150400.3.6.2 * SUSE Manager Proxy 4.3 (x86_64) * cryptsetup-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-2.4.3-150400.3.6.2 * cryptsetup-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-ssh-2.4.3-150400.3.6.2 * libcryptsetup12-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-2.4.3-150400.3.6.2 * libcryptsetup12-hmac-2.4.3-150400.3.6.2 * libcryptsetup12-hmac-32bit-2.4.3-150400.3.6.2 * libcryptsetup-devel-2.4.3-150400.3.6.2 * cryptsetup-ssh-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-debugsource-2.4.3-150400.3.6.2 * SUSE Manager Proxy 4.3 (noarch) * cryptsetup-lang-2.4.3-150400.3.6.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * cryptsetup-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-2.4.3-150400.3.6.2 * cryptsetup-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-ssh-2.4.3-150400.3.6.2 * libcryptsetup12-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-2.4.3-150400.3.6.2 * libcryptsetup12-hmac-2.4.3-150400.3.6.2 * libcryptsetup12-hmac-32bit-2.4.3-150400.3.6.2 * libcryptsetup-devel-2.4.3-150400.3.6.2 * cryptsetup-ssh-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-debugsource-2.4.3-150400.3.6.2 * SUSE Manager Retail Branch Server 4.3 (noarch) * cryptsetup-lang-2.4.3-150400.3.6.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * cryptsetup-2.4.3-150400.3.6.2 * cryptsetup-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-ssh-2.4.3-150400.3.6.2 * libcryptsetup12-debuginfo-2.4.3-150400.3.6.2 * libcryptsetup12-2.4.3-150400.3.6.2 * libcryptsetup12-hmac-2.4.3-150400.3.6.2 * libcryptsetup-devel-2.4.3-150400.3.6.2 * cryptsetup-ssh-debuginfo-2.4.3-150400.3.6.2 * cryptsetup-debugsource-2.4.3-150400.3.6.2 * SUSE Manager Server 4.3 (noarch) * cryptsetup-lang-2.4.3-150400.3.6.2 * SUSE Manager Server 4.3 (x86_64) * libcryptsetup12-hmac-32bit-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-2.4.3-150400.3.6.2 * libcryptsetup12-32bit-debuginfo-2.4.3-150400.3.6.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1234273 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 16:31:16 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 17 Jan 2025 16:31:16 -0000 Subject: SUSE-SU-2025:0162-1: important: Security update for redis Message-ID: <173713147661.14478.4773946593940235171@smelt2.prg2.suse.org> # Security update for redis Announcement ID: SUSE-SU-2025:0162-1 Release Date: 2025-01-17T14:39:48Z Rating: important References: * bsc#1235387 Cross-References: * CVE-2024-46981 CVSS scores: * CVE-2024-46981 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-46981 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-46981 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for redis fixes the following issues: * CVE-2024-46981: Fixed a bug where lua scripts can be used to manipulate the garbage collector, leading to remote code execution. (bsc#1235387) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-162=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-162=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-162=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-162=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-162=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-162=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-162=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-162=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-162=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-162=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-162=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-162=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Manager Proxy 4.3 (x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * redis-6.2.6-150400.3.31.1 * redis-debugsource-6.2.6-150400.3.31.1 * redis-debuginfo-6.2.6-150400.3.31.1 ## References: * https://www.suse.com/security/cve/CVE-2024-46981.html * https://bugzilla.suse.com/show_bug.cgi?id=1235387 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 17 20:30:53 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 17 Jan 2025 20:30:53 -0000 Subject: SUSE-SU-2025:0165-1: important: Security update for rsync Message-ID: <173714585365.29714.14795834536055896069@smelt2.prg2.suse.org> # Security update for rsync Announcement ID: SUSE-SU-2025:0165-1 Release Date: 2025-01-17T16:09:35Z Rating: important References: * bsc#1234101 * bsc#1234102 * bsc#1234103 * bsc#1234104 * bsc#1235475 * bsc#1235895 Cross-References: * CVE-2024-12085 * CVE-2024-12086 * CVE-2024-12087 * CVE-2024-12088 * CVE-2024-12747 CVSS scores: * CVE-2024-12085 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-12085 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-12086 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-12086 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-12086 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N * CVE-2024-12087 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-12087 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-12087 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-12088 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12088 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2024-12747 ( SUSE ): 7.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N * CVE-2024-12747 ( SUSE ): 6.3 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2024-12747 ( NVD ): 5.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves five vulnerabilities and has one security fix can now be installed. ## Description: This update for rsync fixes the following issues: * CVE-2024-12085: leak of uninitialized stack data on the server leading to possible ASLR bypass. (bsc#1234101) * CVE-2024-12086: leak of a client machine's file contents through the processing of checksum data. (bsc#1234102) * CVE-2024-12087: arbitrary file overwrite possible on clients when symlink syncing is enabled. (bsc#1234103) * CVE-2024-12088: bypass of the --safe-links flag may allow the placement of unsafe symlinks in a client. (bsc#1234104) * CVE-2024-12747: Fixed a race condition in rsync handling symbolic links. (bsc#1235475) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-165=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-165=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-165=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-165=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-165=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-165=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-165=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-165=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-165=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-165=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-165=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-165=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-165=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-165=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-165=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-165=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-165=1 ## Package List: * SUSE Manager Retail Branch Server 4.3 (x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 * SUSE Manager Proxy 4.3 (x86_64) * rsync-debuginfo-3.2.3-150400.3.17.1 * rsync-debugsource-3.2.3-150400.3.17.1 * rsync-3.2.3-150400.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2024-12085.html * https://www.suse.com/security/cve/CVE-2024-12086.html * https://www.suse.com/security/cve/CVE-2024-12087.html * https://www.suse.com/security/cve/CVE-2024-12088.html * https://www.suse.com/security/cve/CVE-2024-12747.html * https://bugzilla.suse.com/show_bug.cgi?id=1234101 * https://bugzilla.suse.com/show_bug.cgi?id=1234102 * https://bugzilla.suse.com/show_bug.cgi?id=1234103 * https://bugzilla.suse.com/show_bug.cgi?id=1234104 * https://bugzilla.suse.com/show_bug.cgi?id=1235475 * https://bugzilla.suse.com/show_bug.cgi?id=1235895 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 21 12:30:25 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Tue, 21 Jan 2025 12:30:25 -0000 Subject: SUSE-SU-2025:0196-1: moderate: Security update for dhcp Message-ID: <173746262584.6933.2802486983534640199@smelt2.prg2.suse.org> # Security update for dhcp Announcement ID: SUSE-SU-2025:0196-1 Release Date: 2025-01-21T08:35:24Z Rating: moderate References: * bsc#1192020 Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one security fix can now be installed. ## Description: This update for dhcp fixes the following issues: * Fixed dhcp not starting in case group nogroup is missing (bsc#1192020) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-196=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-196=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-196=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2025-196=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-196=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-196=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-196=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-196=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-196=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-196=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-196=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-196=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-196=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-196=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-196=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-196=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-196=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-196=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-196=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-doc-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise Micro 5.5 (aarch64) * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Manager Proxy 4.3 (x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * dhcp-4.3.6.P1-150000.6.22.1 * dhcp-client-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-client-4.3.6.P1-150000.6.22.1 * dhcp-devel-4.3.6.P1-150000.6.22.1 * dhcp-relay-4.3.6.P1-150000.6.22.1 * dhcp-debugsource-4.3.6.P1-150000.6.22.1 * dhcp-server-debuginfo-4.3.6.P1-150000.6.22.1 * dhcp-server-4.3.6.P1-150000.6.22.1 * dhcp-relay-debuginfo-4.3.6.P1-150000.6.22.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1192020 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 21 16:33:44 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Tue, 21 Jan 2025 16:33:44 -0000 Subject: SUSE-SU-2025:0203-1: important: Security update for the Linux Kernel Message-ID: <173747722495.28678.12761755079841487752@smelt2.prg2.suse.org> # Security update for the Linux Kernel Announcement ID: SUSE-SU-2025:0203-1 Release Date: 2025-01-21T13:58:43Z Rating: important References: * bsc#1170891 * bsc#1173139 * bsc#1185010 * bsc#1190358 * bsc#1190428 * bsc#1209798 * bsc#1215304 * bsc#1222878 * bsc#1228466 * bsc#1230697 * bsc#1232436 * bsc#1233070 * bsc#1233642 * bsc#1234281 * bsc#1234282 * bsc#1234846 * bsc#1234853 * bsc#1234891 * bsc#1234921 * bsc#1234960 * bsc#1234963 * bsc#1235004 * bsc#1235035 * bsc#1235054 * bsc#1235056 * bsc#1235061 * bsc#1235073 * bsc#1235220 * bsc#1235224 * bsc#1235246 * bsc#1235507 Cross-References: * CVE-2021-47202 * CVE-2022-49035 * CVE-2024-41087 * CVE-2024-50154 * CVE-2024-53095 * CVE-2024-53142 * CVE-2024-53146 * CVE-2024-53156 * CVE-2024-53173 * CVE-2024-53179 * CVE-2024-53206 * CVE-2024-53214 * CVE-2024-53239 * CVE-2024-53240 * CVE-2024-53241 * CVE-2024-56539 * CVE-2024-56548 * CVE-2024-56570 * CVE-2024-56598 * CVE-2024-56604 * CVE-2024-56605 * CVE-2024-56619 * CVE-2024-8805 CVSS scores: * CVE-2021-47202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47202 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49035 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49035 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49035 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41087 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-50154 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-50154 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53095 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53095 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53142 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-53142 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53146 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53146 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-53156 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53156 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53156 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53173 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53173 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53179 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53179 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53206 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-53206 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-53206 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53214 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53214 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53239 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-53239 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53241 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-53241 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-56539 ( SUSE ): 8.6 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56539 ( SUSE ): 8.0 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-56548 ( SUSE ): 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56548 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56570 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-56570 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-56598 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56598 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56604 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56604 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56605 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56605 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56619 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56619 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8805 ( NVD ): 8.8 CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Availability Extension 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Live Patching 15-SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves 23 vulnerabilities and has eight security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP4 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-41087: Fix double free on error (bsc#1228466). * CVE-2024-53095: smb: client: Fix use-after-free of network namespace (bsc#1233642). * CVE-2024-53146: NFSD: Prevent a potential integer overflow (bsc#1234853). * CVE-2024-53156: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service() (bsc#1234846). * CVE-2024-53173: NFSv4.0: Fix a use-after-free problem in the asynchronous open() (bsc#1234891). * CVE-2024-53179: smb: client: fix use-after-free of signing key (bsc#1234921). * CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability (bsc#1235004). * CVE-2024-53239: ALSA: 6fire: Release resources at card release (bsc#1235054). * CVE-2024-53240: xen/netfront: fix crash when removing device (bsc#1234281). * CVE-2024-53241: x86/xen: use new hypercall functions instead of hypercall page (XSA-466 bsc#1234282). * CVE-2024-56539: wifi: mwifiex: Fix memcpy() field-spanning write warning in mwifiex_config_scan() (bsc#1234963). * CVE-2024-56548: hfsplus: do not query the device logical block size multiple times (bsc#1235073). * CVE-2024-56570: ovl: Filter invalid inodes with missing lookup function (bsc#1235035). * CVE-2024-56598: jfs: array-index-out-of-bounds fix in dtReadFirst (bsc#1235220). * CVE-2024-56604: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in rfcomm_sock_alloc() (bsc#1235056). * CVE-2024-56605: Bluetooth: L2CAP: do not leave dangling sk pointer on error in l2cap_sock_create() (bsc#1235061). * CVE-2024-56619: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry() (bsc#1235224). * CVE-2024-8805: Bluetooth: hci_event: Align BR/EDR JUST_WORKS paring with LE (bsc#1230697). The following non-security bugs were fixed: * Drop a couple of block layer git-fixes (bsc#1170891 bsc#1173139) * KVM: x86: fix sending PV IPI (git-fixes). * fixup "rpm: support gz and zst compression methods" once more (bsc#1190428, bsc#1190358) * idpf: add support for SW triggered interrupts (bsc#1235507). * idpf: enable WB_ON_ITR (bsc#1235507). * idpf: trigger SW interrupt when exiting wb_on_itr mode (bsc#1235507). * kernel-binary: do not BuildIgnore m4. It is actually needed for regenerating zconf when it is not up-to-date due to merge. * net: mana: Increase the DEF_RX_BUFFERS_PER_QUEUE to 1024 (bsc#1235246). * rpm/kernel-binary.spec.in: Fix build regression The previous fix forgot to take over grep -c option that broke the conditional expression * scsi: storvsc: Do not flag MAINTENANCE_IN return of SRB_STATUS_DATA_OVERRUN as an error (git-fixes). * smb: client: fix TCP timers deadlock after rmmod (git-fixes) [hcarvalho: this fixes issue discussed in bsc#1233642]. * supported.conf: add bsc1185010 dependency * supported.conf: hyperv_drm (jsc#sle-19733) * usb: roles: Call try_module_get() from usb_role_switch_find_by_fwnode() (git-fixes). * usb: typec: tps6598x: Fix return value check in tps6598x_probe() (git- fixes). * x86/bug: Merge annotate_reachable() into _BUG_FLAGS() asm (git-fixes). * x86/fpu/xsave: Handle compacted offsets correctly with supervisor states (git-fixes). * x86/fpu/xstate: Fix the ARCH_REQ_XCOMP_PERM implementation (git-fixes). * x86/fpu: Remove unused supervisor only offsets (git-fixes). * x86/kvm: Do not use pv tlb/ipi/sched_yield if on 1 vCPU (git-fixes). * x86/mce/inject: Avoid out-of-bounds write when setting flags (git-fixes). * x86/mce: Allow instrumentation during task work queueing (git-fixes). * x86/mce: Mark mce_end() noinstr (git-fixes). * x86/mce: Mark mce_panic() noinstr (git-fixes). * x86/mce: Mark mce_read_aux() noinstr (git-fixes). * x86/mm: Flush global TLB when switching to trampoline page-table (git- fixes). * x86/sgx: Free backing memory after faulting the enclave page (git-fixes). * x86/sgx: Silence softlockup detection when releasing large enclaves (git- fixes). * x86/uaccess: Move variable into switch case statement (git-fixes). * x86: Annotate call_on_stack() (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-203=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-203=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-203=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-203=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-203=1 * SUSE Linux Enterprise Live Patching 15-SP4 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP4-2025-203=1 Please note that this is the initial kernel livepatch without fixes itself, this package is later updated by separate standalone kernel livepatch updates. * SUSE Linux Enterprise High Availability Extension 15 SP4 zypper in -t patch SUSE-SLE-Product-HA-15-SP4-2025-203=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-203=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-203=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-203=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-203=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-203=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-203=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-203=1 ## Package List: * openSUSE Leap 15.4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (noarch) * kernel-source-5.14.21-150400.24.147.1 * kernel-macros-5.14.21-150400.24.147.1 * kernel-devel-5.14.21-150400.24.147.1 * kernel-source-vanilla-5.14.21-150400.24.147.1 * kernel-docs-html-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (nosrc ppc64le x86_64) * kernel-debug-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (ppc64le x86_64) * kernel-debug-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-debug-debugsource-5.14.21-150400.24.147.1 * kernel-debug-debuginfo-5.14.21-150400.24.147.1 * kernel-debug-devel-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (aarch64 ppc64le x86_64) * kernel-kvmsmall-devel-5.14.21-150400.24.147.1 * kernel-kvmsmall-debuginfo-5.14.21-150400.24.147.1 * kernel-kvmsmall-debugsource-5.14.21-150400.24.147.1 * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * kernel-default-base-rebuild-5.14.21-150400.24.147.1.150400.24.72.1 * kernel-kvmsmall-devel-debuginfo-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * kernel-syms-5.14.21-150400.24.147.1 * gfs2-kmp-default-debuginfo-5.14.21-150400.24.147.1 * kernel-obs-build-debugsource-5.14.21-150400.24.147.1 * reiserfs-kmp-default-5.14.21-150400.24.147.1 * kselftests-kmp-default-debuginfo-5.14.21-150400.24.147.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-devel-5.14.21-150400.24.147.1 * kernel-default-debugsource-5.14.21-150400.24.147.1 * kernel-obs-qa-5.14.21-150400.24.147.1 * kernel-default-optional-debuginfo-5.14.21-150400.24.147.1 * kernel-default-optional-5.14.21-150400.24.147.1 * kernel-default-livepatch-5.14.21-150400.24.147.1 * dlm-kmp-default-5.14.21-150400.24.147.1 * kernel-default-devel-debuginfo-5.14.21-150400.24.147.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.147.1 * cluster-md-kmp-default-5.14.21-150400.24.147.1 * ocfs2-kmp-default-5.14.21-150400.24.147.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * kselftests-kmp-default-5.14.21-150400.24.147.1 * kernel-default-extra-debuginfo-5.14.21-150400.24.147.1 * kernel-default-extra-5.14.21-150400.24.147.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.147.1 * kernel-obs-build-5.14.21-150400.24.147.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.147.1 * gfs2-kmp-default-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_147-default-1-150400.9.3.1 * kernel-livepatch-5_14_21-150400_24_147-default-debuginfo-1-150400.9.3.1 * kernel-livepatch-SLE15-SP4_Update_35-debugsource-1-150400.9.3.1 * kernel-default-livepatch-devel-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (aarch64 nosrc ppc64le x86_64) * kernel-kvmsmall-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.147.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (nosrc) * dtb-aarch64-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (aarch64) * cluster-md-kmp-64kb-5.14.21-150400.24.147.1 * gfs2-kmp-64kb-5.14.21-150400.24.147.1 * dtb-allwinner-5.14.21-150400.24.147.1 * gfs2-kmp-64kb-debuginfo-5.14.21-150400.24.147.1 * reiserfs-kmp-64kb-5.14.21-150400.24.147.1 * kernel-64kb-extra-debuginfo-5.14.21-150400.24.147.1 * dtb-freescale-5.14.21-150400.24.147.1 * dtb-amd-5.14.21-150400.24.147.1 * dtb-amlogic-5.14.21-150400.24.147.1 * reiserfs-kmp-64kb-debuginfo-5.14.21-150400.24.147.1 * dlm-kmp-64kb-debuginfo-5.14.21-150400.24.147.1 * kselftests-kmp-64kb-5.14.21-150400.24.147.1 * dtb-apm-5.14.21-150400.24.147.1 * kernel-64kb-extra-5.14.21-150400.24.147.1 * dtb-qcom-5.14.21-150400.24.147.1 * dtb-arm-5.14.21-150400.24.147.1 * dlm-kmp-64kb-5.14.21-150400.24.147.1 * dtb-lg-5.14.21-150400.24.147.1 * kernel-64kb-optional-debuginfo-5.14.21-150400.24.147.1 * ocfs2-kmp-64kb-debuginfo-5.14.21-150400.24.147.1 * cluster-md-kmp-64kb-debuginfo-5.14.21-150400.24.147.1 * dtb-cavium-5.14.21-150400.24.147.1 * dtb-apple-5.14.21-150400.24.147.1 * dtb-mediatek-5.14.21-150400.24.147.1 * ocfs2-kmp-64kb-5.14.21-150400.24.147.1 * dtb-broadcom-5.14.21-150400.24.147.1 * dtb-exynos-5.14.21-150400.24.147.1 * dtb-xilinx-5.14.21-150400.24.147.1 * dtb-marvell-5.14.21-150400.24.147.1 * kernel-64kb-debugsource-5.14.21-150400.24.147.1 * kselftests-kmp-64kb-debuginfo-5.14.21-150400.24.147.1 * kernel-64kb-devel-5.14.21-150400.24.147.1 * dtb-nvidia-5.14.21-150400.24.147.1 * dtb-rockchip-5.14.21-150400.24.147.1 * kernel-64kb-optional-5.14.21-150400.24.147.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.147.1 * dtb-sprd-5.14.21-150400.24.147.1 * kernel-64kb-debuginfo-5.14.21-150400.24.147.1 * dtb-renesas-5.14.21-150400.24.147.1 * dtb-hisilicon-5.14.21-150400.24.147.1 * dtb-altera-5.14.21-150400.24.147.1 * dtb-socionext-5.14.21-150400.24.147.1 * dtb-amazon-5.14.21-150400.24.147.1 * openSUSE Leap 15.4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.147.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.147.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.147.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 nosrc s390x x86_64) * kernel-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * kernel-default-debugsource-5.14.21-150400.24.147.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Live Patching 15-SP4 (nosrc) * kernel-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Live Patching 15-SP4 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150400_24_147-default-debuginfo-1-150400.9.3.1 * kernel-default-livepatch-devel-5.14.21-150400.24.147.1 * kernel-livepatch-5_14_21-150400_24_147-default-1-150400.9.3.1 * kernel-livepatch-SLE15-SP4_Update_35-debugsource-1-150400.9.3.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-debugsource-5.14.21-150400.24.147.1 * kernel-default-livepatch-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (aarch64 ppc64le s390x x86_64) * gfs2-kmp-default-debuginfo-5.14.21-150400.24.147.1 * ocfs2-kmp-default-debuginfo-5.14.21-150400.24.147.1 * cluster-md-kmp-default-debuginfo-5.14.21-150400.24.147.1 * dlm-kmp-default-debuginfo-5.14.21-150400.24.147.1 * cluster-md-kmp-default-5.14.21-150400.24.147.1 * ocfs2-kmp-default-5.14.21-150400.24.147.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-debugsource-5.14.21-150400.24.147.1 * gfs2-kmp-default-5.14.21-150400.24.147.1 * dlm-kmp-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Availability Extension 15 SP4 (nosrc) * kernel-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.147.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-64kb-devel-5.14.21-150400.24.147.1 * kernel-64kb-debugsource-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-syms-5.14.21-150400.24.147.1 * kernel-obs-build-debugsource-5.14.21-150400.24.147.1 * reiserfs-kmp-default-5.14.21-150400.24.147.1 * kernel-obs-build-5.14.21-150400.24.147.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-devel-5.14.21-150400.24.147.1 * kernel-default-debugsource-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * kernel-source-5.14.21-150400.24.147.1 * kernel-macros-5.14.21-150400.24.147.1 * kernel-devel-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.147.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-64kb-devel-5.14.21-150400.24.147.1 * kernel-64kb-debugsource-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 nosrc x86_64) * kernel-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-syms-5.14.21-150400.24.147.1 * kernel-obs-build-debugsource-5.14.21-150400.24.147.1 * reiserfs-kmp-default-5.14.21-150400.24.147.1 * kernel-obs-build-5.14.21-150400.24.147.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-devel-5.14.21-150400.24.147.1 * kernel-default-debugsource-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * kernel-source-5.14.21-150400.24.147.1 * kernel-macros-5.14.21-150400.24.147.1 * kernel-devel-5.14.21-150400.24.147.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 nosrc) * kernel-64kb-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64) * kernel-64kb-debuginfo-5.14.21-150400.24.147.1 * kernel-64kb-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-64kb-devel-5.14.21-150400.24.147.1 * kernel-64kb-debugsource-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-syms-5.14.21-150400.24.147.1 * kernel-obs-build-debugsource-5.14.21-150400.24.147.1 * reiserfs-kmp-default-5.14.21-150400.24.147.1 * kernel-obs-build-5.14.21-150400.24.147.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-devel-5.14.21-150400.24.147.1 * kernel-default-debugsource-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * kernel-source-5.14.21-150400.24.147.1 * kernel-macros-5.14.21-150400.24.147.1 * kernel-devel-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch nosrc) * kernel-docs-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.147.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (nosrc ppc64le x86_64) * kernel-default-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-syms-5.14.21-150400.24.147.1 * kernel-obs-build-debugsource-5.14.21-150400.24.147.1 * reiserfs-kmp-default-5.14.21-150400.24.147.1 * kernel-obs-build-5.14.21-150400.24.147.1 * reiserfs-kmp-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-devel-5.14.21-150400.24.147.1 * kernel-default-debugsource-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * kernel-source-5.14.21-150400.24.147.1 * kernel-macros-5.14.21-150400.24.147.1 * kernel-devel-5.14.21-150400.24.147.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch nosrc) * kernel-docs-5.14.21-150400.24.147.1 * SUSE Manager Proxy 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.147.1 * SUSE Manager Proxy 4.3 (x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-syms-5.14.21-150400.24.147.1 * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-devel-5.14.21-150400.24.147.1 * kernel-default-debugsource-5.14.21-150400.24.147.1 * SUSE Manager Proxy 4.3 (noarch) * kernel-source-5.14.21-150400.24.147.1 * kernel-macros-5.14.21-150400.24.147.1 * kernel-devel-5.14.21-150400.24.147.1 * SUSE Manager Retail Branch Server 4.3 (nosrc x86_64) * kernel-default-5.14.21-150400.24.147.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-devel-5.14.21-150400.24.147.1 * kernel-default-debugsource-5.14.21-150400.24.147.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * kernel-macros-5.14.21-150400.24.147.1 * kernel-devel-5.14.21-150400.24.147.1 * SUSE Manager Server 4.3 (nosrc ppc64le s390x x86_64) * kernel-default-5.14.21-150400.24.147.1 * SUSE Manager Server 4.3 (ppc64le x86_64) * kernel-default-base-5.14.21-150400.24.147.1.150400.24.72.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * kernel-default-devel-debuginfo-5.14.21-150400.24.147.1 * kernel-syms-5.14.21-150400.24.147.1 * kernel-default-debuginfo-5.14.21-150400.24.147.1 * kernel-default-devel-5.14.21-150400.24.147.1 * kernel-default-debugsource-5.14.21-150400.24.147.1 * SUSE Manager Server 4.3 (noarch) * kernel-source-5.14.21-150400.24.147.1 * kernel-macros-5.14.21-150400.24.147.1 * kernel-devel-5.14.21-150400.24.147.1 * SUSE Manager Server 4.3 (nosrc s390x) * kernel-zfcpdump-5.14.21-150400.24.147.1 * SUSE Manager Server 4.3 (s390x) * kernel-zfcpdump-debugsource-5.14.21-150400.24.147.1 * kernel-zfcpdump-debuginfo-5.14.21-150400.24.147.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47202.html * https://www.suse.com/security/cve/CVE-2022-49035.html * https://www.suse.com/security/cve/CVE-2024-41087.html * https://www.suse.com/security/cve/CVE-2024-50154.html * https://www.suse.com/security/cve/CVE-2024-53095.html * https://www.suse.com/security/cve/CVE-2024-53142.html * https://www.suse.com/security/cve/CVE-2024-53146.html * https://www.suse.com/security/cve/CVE-2024-53156.html * https://www.suse.com/security/cve/CVE-2024-53173.html * https://www.suse.com/security/cve/CVE-2024-53179.html * https://www.suse.com/security/cve/CVE-2024-53206.html * https://www.suse.com/security/cve/CVE-2024-53214.html * https://www.suse.com/security/cve/CVE-2024-53239.html * https://www.suse.com/security/cve/CVE-2024-53240.html * https://www.suse.com/security/cve/CVE-2024-53241.html * https://www.suse.com/security/cve/CVE-2024-56539.html * https://www.suse.com/security/cve/CVE-2024-56548.html * https://www.suse.com/security/cve/CVE-2024-56570.html * https://www.suse.com/security/cve/CVE-2024-56598.html * https://www.suse.com/security/cve/CVE-2024-56604.html * https://www.suse.com/security/cve/CVE-2024-56605.html * https://www.suse.com/security/cve/CVE-2024-56619.html * https://www.suse.com/security/cve/CVE-2024-8805.html * https://bugzilla.suse.com/show_bug.cgi?id=1170891 * https://bugzilla.suse.com/show_bug.cgi?id=1173139 * https://bugzilla.suse.com/show_bug.cgi?id=1185010 * https://bugzilla.suse.com/show_bug.cgi?id=1190358 * https://bugzilla.suse.com/show_bug.cgi?id=1190428 * https://bugzilla.suse.com/show_bug.cgi?id=1209798 * https://bugzilla.suse.com/show_bug.cgi?id=1215304 * https://bugzilla.suse.com/show_bug.cgi?id=1222878 * https://bugzilla.suse.com/show_bug.cgi?id=1228466 * https://bugzilla.suse.com/show_bug.cgi?id=1230697 * https://bugzilla.suse.com/show_bug.cgi?id=1232436 * https://bugzilla.suse.com/show_bug.cgi?id=1233070 * https://bugzilla.suse.com/show_bug.cgi?id=1233642 * https://bugzilla.suse.com/show_bug.cgi?id=1234281 * https://bugzilla.suse.com/show_bug.cgi?id=1234282 * https://bugzilla.suse.com/show_bug.cgi?id=1234846 * https://bugzilla.suse.com/show_bug.cgi?id=1234853 * https://bugzilla.suse.com/show_bug.cgi?id=1234891 * https://bugzilla.suse.com/show_bug.cgi?id=1234921 * https://bugzilla.suse.com/show_bug.cgi?id=1234960 * https://bugzilla.suse.com/show_bug.cgi?id=1234963 * https://bugzilla.suse.com/show_bug.cgi?id=1235004 * https://bugzilla.suse.com/show_bug.cgi?id=1235035 * https://bugzilla.suse.com/show_bug.cgi?id=1235054 * https://bugzilla.suse.com/show_bug.cgi?id=1235056 * https://bugzilla.suse.com/show_bug.cgi?id=1235061 * https://bugzilla.suse.com/show_bug.cgi?id=1235073 * https://bugzilla.suse.com/show_bug.cgi?id=1235220 * https://bugzilla.suse.com/show_bug.cgi?id=1235224 * https://bugzilla.suse.com/show_bug.cgi?id=1235246 * https://bugzilla.suse.com/show_bug.cgi?id=1235507 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 21 16:35:26 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Tue, 21 Jan 2025 16:35:26 -0000 Subject: SUSE-SU-2025:0200-1: important: Security update for pam_u2f Message-ID: <173747732699.28678.5751317801810498558@smelt2.prg2.suse.org> # Security update for pam_u2f Announcement ID: SUSE-SU-2025:0200-1 Release Date: 2025-01-21T12:50:27Z Rating: important References: * bsc#1233517 * bsc#1235961 Cross-References: * CVE-2025-23013 CVSS scores: * CVE-2025-23013 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2025-23013 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-23013 ( NVD ): 7.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for pam_u2f fixes the following issues: * CVE-2025-23013: Fixed problematic PAM_IGNORE return values in `pam_sm_authenticate()` (bsc#1233517) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-200=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-200=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-200=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-200=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-200=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-200=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-200=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-200=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-200=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-200=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-200=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-200=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-200=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-200=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-200=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-200=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-200=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Manager Proxy 4.3 (x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * pam_u2f-debuginfo-1.2.0-150400.4.5.1 * pam_u2f-1.2.0-150400.4.5.1 * pam_u2f-debugsource-1.2.0-150400.4.5.1 ## References: * https://www.suse.com/security/cve/CVE-2025-23013.html * https://bugzilla.suse.com/show_bug.cgi?id=1233517 * https://bugzilla.suse.com/show_bug.cgi?id=1235961 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 21 20:30:10 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Tue, 21 Jan 2025 20:30:10 -0000 Subject: SUSE-RU-2025:0212-1: moderate: Recommended update for tpm2.0-abrmd Message-ID: <173749141035.28789.2304067842441034954@smelt2.prg2.suse.org> # Recommended update for tpm2.0-abrmd Announcement ID: SUSE-RU-2025:0212-1 Release Date: 2025-01-21T16:06:18Z Rating: moderate References: * bsc#1231071 Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for tpm2.0-abrmd fixes the following issues: * make sure that udev workers have finished before daemon-reload (bsc#1231071) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-212=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-212=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-212=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-212=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-212=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-212=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-212=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-212=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-212=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-212=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-212=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-212=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-212=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-212=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-212=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-212=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-212=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-212=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-212=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * tpm2.0-abrmd-debugsource-2.4.0-150400.3.3.1 * tpm2.0-abrmd-debuginfo-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-debuginfo-2.4.0-150400.3.3.1 * tpm2.0-abrmd-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-2.4.0-150400.3.3.1 * tpm2.0-abrmd-devel-2.4.0-150400.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * tpm2.0-abrmd-debugsource-2.4.0-150400.3.3.1 * tpm2.0-abrmd-debuginfo-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-debuginfo-2.4.0-150400.3.3.1 * tpm2.0-abrmd-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-2.4.0-150400.3.3.1 * tpm2.0-abrmd-devel-2.4.0-150400.3.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * tpm2.0-abrmd-debugsource-2.4.0-150400.3.3.1 * tpm2.0-abrmd-debuginfo-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-debuginfo-2.4.0-150400.3.3.1 * tpm2.0-abrmd-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-2.4.0-150400.3.3.1 * tpm2.0-abrmd-devel-2.4.0-150400.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * tpm2.0-abrmd-debugsource-2.4.0-150400.3.3.1 * tpm2.0-abrmd-debuginfo-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-debuginfo-2.4.0-150400.3.3.1 * tpm2.0-abrmd-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-2.4.0-150400.3.3.1 * tpm2.0-abrmd-devel-2.4.0-150400.3.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * tpm2.0-abrmd-debugsource-2.4.0-150400.3.3.1 * tpm2.0-abrmd-debuginfo-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-debuginfo-2.4.0-150400.3.3.1 * tpm2.0-abrmd-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-2.4.0-150400.3.3.1 * tpm2.0-abrmd-devel-2.4.0-150400.3.3.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * tpm2.0-abrmd-debugsource-2.4.0-150400.3.3.1 * tpm2.0-abrmd-debuginfo-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-debuginfo-2.4.0-150400.3.3.1 * tpm2.0-abrmd-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-2.4.0-150400.3.3.1 * tpm2.0-abrmd-devel-2.4.0-150400.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * tpm2.0-abrmd-debugsource-2.4.0-150400.3.3.1 * tpm2.0-abrmd-debuginfo-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-debuginfo-2.4.0-150400.3.3.1 * tpm2.0-abrmd-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-2.4.0-150400.3.3.1 * tpm2.0-abrmd-devel-2.4.0-150400.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * tpm2.0-abrmd-debugsource-2.4.0-150400.3.3.1 * tpm2.0-abrmd-debuginfo-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-debuginfo-2.4.0-150400.3.3.1 * tpm2.0-abrmd-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-2.4.0-150400.3.3.1 * tpm2.0-abrmd-devel-2.4.0-150400.3.3.1 * SUSE Manager Proxy 4.3 (x86_64) * tpm2.0-abrmd-debugsource-2.4.0-150400.3.3.1 * tpm2.0-abrmd-debuginfo-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-debuginfo-2.4.0-150400.3.3.1 * tpm2.0-abrmd-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-2.4.0-150400.3.3.1 * tpm2.0-abrmd-devel-2.4.0-150400.3.3.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * tpm2.0-abrmd-debugsource-2.4.0-150400.3.3.1 * tpm2.0-abrmd-debuginfo-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-debuginfo-2.4.0-150400.3.3.1 * tpm2.0-abrmd-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-2.4.0-150400.3.3.1 * tpm2.0-abrmd-devel-2.4.0-150400.3.3.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * tpm2.0-abrmd-debugsource-2.4.0-150400.3.3.1 * tpm2.0-abrmd-debuginfo-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-debuginfo-2.4.0-150400.3.3.1 * tpm2.0-abrmd-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-2.4.0-150400.3.3.1 * tpm2.0-abrmd-devel-2.4.0-150400.3.3.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * tpm2.0-abrmd-debugsource-2.4.0-150400.3.3.1 * tpm2.0-abrmd-debuginfo-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-debuginfo-2.4.0-150400.3.3.1 * tpm2.0-abrmd-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-2.4.0-150400.3.3.1 * tpm2.0-abrmd-devel-2.4.0-150400.3.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * tpm2.0-abrmd-debugsource-2.4.0-150400.3.3.1 * tpm2.0-abrmd-debuginfo-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-debuginfo-2.4.0-150400.3.3.1 * tpm2.0-abrmd-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-2.4.0-150400.3.3.1 * tpm2.0-abrmd-devel-2.4.0-150400.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * tpm2.0-abrmd-debugsource-2.4.0-150400.3.3.1 * tpm2.0-abrmd-debuginfo-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-debuginfo-2.4.0-150400.3.3.1 * tpm2.0-abrmd-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-2.4.0-150400.3.3.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * tpm2.0-abrmd-debugsource-2.4.0-150400.3.3.1 * tpm2.0-abrmd-debuginfo-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-debuginfo-2.4.0-150400.3.3.1 * tpm2.0-abrmd-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-2.4.0-150400.3.3.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * tpm2.0-abrmd-debugsource-2.4.0-150400.3.3.1 * tpm2.0-abrmd-debuginfo-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-debuginfo-2.4.0-150400.3.3.1 * tpm2.0-abrmd-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-2.4.0-150400.3.3.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * tpm2.0-abrmd-debugsource-2.4.0-150400.3.3.1 * tpm2.0-abrmd-debuginfo-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-debuginfo-2.4.0-150400.3.3.1 * tpm2.0-abrmd-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-2.4.0-150400.3.3.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * tpm2.0-abrmd-debugsource-2.4.0-150400.3.3.1 * tpm2.0-abrmd-debuginfo-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-debuginfo-2.4.0-150400.3.3.1 * tpm2.0-abrmd-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-2.4.0-150400.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * tpm2.0-abrmd-debugsource-2.4.0-150400.3.3.1 * tpm2.0-abrmd-debuginfo-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-debuginfo-2.4.0-150400.3.3.1 * tpm2.0-abrmd-2.4.0-150400.3.3.1 * libtss2-tcti-tabrmd0-2.4.0-150400.3.3.1 * tpm2.0-abrmd-devel-2.4.0-150400.3.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1231071 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 22 08:30:17 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Wed, 22 Jan 2025 08:30:17 -0000 Subject: SUSE-RU-2025:0219-1: important: Recommended update for lttng-tools Message-ID: <173753461758.6933.1229254039107555092@smelt2.prg2.suse.org> # Recommended update for lttng-tools Announcement ID: SUSE-RU-2025:0219-1 Release Date: 2025-01-22T06:15:53Z Rating: important References: * bsc#1234266 Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.3 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for lttng-tools fixes the following issues: * Fix lttng-sessiond segfault during session destruction (bsc#1234266) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-219=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-219=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2025-219=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-219=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-219=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-219=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-219=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-219=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-219=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-219=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-219=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-219=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-219=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-219=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-219=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-219=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-219=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-219=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-219=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-219=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le x86_64 i586) * liblttng-ctl0-debuginfo-2.12.2-150300.3.9.1 * lttng-tools-debugsource-2.12.2-150300.3.9.1 * liblttng-ctl0-2.12.2-150300.3.9.1 * lttng-tools-devel-2.12.2-150300.3.9.1 * lttng-tools-2.12.2-150300.3.9.1 * lttng-tools-debuginfo-2.12.2-150300.3.9.1 * openSUSE Leap 15.6 (aarch64 ppc64le x86_64) * liblttng-ctl0-debuginfo-2.12.2-150300.3.9.1 * lttng-tools-debugsource-2.12.2-150300.3.9.1 * liblttng-ctl0-2.12.2-150300.3.9.1 * lttng-tools-devel-2.12.2-150300.3.9.1 * lttng-tools-2.12.2-150300.3.9.1 * lttng-tools-debuginfo-2.12.2-150300.3.9.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * liblttng-ctl0-debuginfo-2.12.2-150300.3.9.1 * lttng-tools-debugsource-2.12.2-150300.3.9.1 * liblttng-ctl0-2.12.2-150300.3.9.1 * lttng-tools-2.12.2-150300.3.9.1 * lttng-tools-debuginfo-2.12.2-150300.3.9.1 * Basesystem Module 15-SP6 (aarch64 ppc64le x86_64) * lttng-tools-debugsource-2.12.2-150300.3.9.1 * liblttng-ctl0-debuginfo-2.12.2-150300.3.9.1 * lttng-tools-debuginfo-2.12.2-150300.3.9.1 * liblttng-ctl0-2.12.2-150300.3.9.1 * Development Tools Module 15-SP6 (x86_64) * lttng-tools-debugsource-2.12.2-150300.3.9.1 * lttng-tools-2.12.2-150300.3.9.1 * lttng-tools-devel-2.12.2-150300.3.9.1 * lttng-tools-debuginfo-2.12.2-150300.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * lttng-tools-debugsource-2.12.2-150300.3.9.1 * liblttng-ctl0-debuginfo-2.12.2-150300.3.9.1 * lttng-tools-debuginfo-2.12.2-150300.3.9.1 * liblttng-ctl0-2.12.2-150300.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * lttng-tools-devel-2.12.2-150300.3.9.1 * lttng-tools-2.12.2-150300.3.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * lttng-tools-debugsource-2.12.2-150300.3.9.1 * liblttng-ctl0-debuginfo-2.12.2-150300.3.9.1 * lttng-tools-debuginfo-2.12.2-150300.3.9.1 * liblttng-ctl0-2.12.2-150300.3.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * lttng-tools-devel-2.12.2-150300.3.9.1 * lttng-tools-2.12.2-150300.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * lttng-tools-debugsource-2.12.2-150300.3.9.1 * liblttng-ctl0-debuginfo-2.12.2-150300.3.9.1 * lttng-tools-debuginfo-2.12.2-150300.3.9.1 * liblttng-ctl0-2.12.2-150300.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * lttng-tools-devel-2.12.2-150300.3.9.1 * lttng-tools-2.12.2-150300.3.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * lttng-tools-debugsource-2.12.2-150300.3.9.1 * liblttng-ctl0-debuginfo-2.12.2-150300.3.9.1 * lttng-tools-debuginfo-2.12.2-150300.3.9.1 * liblttng-ctl0-2.12.2-150300.3.9.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * lttng-tools-devel-2.12.2-150300.3.9.1 * lttng-tools-2.12.2-150300.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * lttng-tools-debugsource-2.12.2-150300.3.9.1 * liblttng-ctl0-debuginfo-2.12.2-150300.3.9.1 * lttng-tools-debuginfo-2.12.2-150300.3.9.1 * liblttng-ctl0-2.12.2-150300.3.9.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * lttng-tools-devel-2.12.2-150300.3.9.1 * lttng-tools-2.12.2-150300.3.9.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le x86_64) * lttng-tools-debugsource-2.12.2-150300.3.9.1 * liblttng-ctl0-debuginfo-2.12.2-150300.3.9.1 * lttng-tools-debuginfo-2.12.2-150300.3.9.1 * liblttng-ctl0-2.12.2-150300.3.9.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (x86_64) * lttng-tools-devel-2.12.2-150300.3.9.1 * lttng-tools-2.12.2-150300.3.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le x86_64) * lttng-tools-debugsource-2.12.2-150300.3.9.1 * liblttng-ctl0-debuginfo-2.12.2-150300.3.9.1 * lttng-tools-debuginfo-2.12.2-150300.3.9.1 * liblttng-ctl0-2.12.2-150300.3.9.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * lttng-tools-devel-2.12.2-150300.3.9.1 * lttng-tools-2.12.2-150300.3.9.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le x86_64) * lttng-tools-debugsource-2.12.2-150300.3.9.1 * liblttng-ctl0-debuginfo-2.12.2-150300.3.9.1 * lttng-tools-debuginfo-2.12.2-150300.3.9.1 * liblttng-ctl0-2.12.2-150300.3.9.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * lttng-tools-devel-2.12.2-150300.3.9.1 * lttng-tools-2.12.2-150300.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * lttng-tools-debugsource-2.12.2-150300.3.9.1 * liblttng-ctl0-debuginfo-2.12.2-150300.3.9.1 * lttng-tools-debuginfo-2.12.2-150300.3.9.1 * liblttng-ctl0-2.12.2-150300.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * lttng-tools-devel-2.12.2-150300.3.9.1 * lttng-tools-2.12.2-150300.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * lttng-tools-debugsource-2.12.2-150300.3.9.1 * liblttng-ctl0-debuginfo-2.12.2-150300.3.9.1 * lttng-tools-debuginfo-2.12.2-150300.3.9.1 * liblttng-ctl0-2.12.2-150300.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * lttng-tools-devel-2.12.2-150300.3.9.1 * lttng-tools-2.12.2-150300.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * lttng-tools-debugsource-2.12.2-150300.3.9.1 * liblttng-ctl0-debuginfo-2.12.2-150300.3.9.1 * lttng-tools-debuginfo-2.12.2-150300.3.9.1 * liblttng-ctl0-2.12.2-150300.3.9.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * lttng-tools-devel-2.12.2-150300.3.9.1 * lttng-tools-2.12.2-150300.3.9.1 * SUSE Manager Proxy 4.3 (x86_64) * lttng-tools-debugsource-2.12.2-150300.3.9.1 * liblttng-ctl0-debuginfo-2.12.2-150300.3.9.1 * lttng-tools-debuginfo-2.12.2-150300.3.9.1 * liblttng-ctl0-2.12.2-150300.3.9.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * lttng-tools-debugsource-2.12.2-150300.3.9.1 * liblttng-ctl0-debuginfo-2.12.2-150300.3.9.1 * lttng-tools-debuginfo-2.12.2-150300.3.9.1 * liblttng-ctl0-2.12.2-150300.3.9.1 * SUSE Manager Server 4.3 (ppc64le x86_64) * lttng-tools-debugsource-2.12.2-150300.3.9.1 * liblttng-ctl0-debuginfo-2.12.2-150300.3.9.1 * lttng-tools-debuginfo-2.12.2-150300.3.9.1 * liblttng-ctl0-2.12.2-150300.3.9.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * lttng-tools-debugsource-2.12.2-150300.3.9.1 * liblttng-ctl0-debuginfo-2.12.2-150300.3.9.1 * lttng-tools-debuginfo-2.12.2-150300.3.9.1 * liblttng-ctl0-2.12.2-150300.3.9.1 * SUSE Enterprise Storage 7.1 (x86_64) * lttng-tools-devel-2.12.2-150300.3.9.1 * lttng-tools-2.12.2-150300.3.9.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1234266 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 22 12:30:05 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Wed, 22 Jan 2025 12:30:05 -0000 Subject: SUSE-FU-2025:0223-1: low: Feature update for zypper, libzypp Message-ID: <173754900567.3041.5137971440175852997@smelt2.prg2.suse.org> # Feature update for zypper, libzypp Announcement ID: SUSE-FU-2025:0223-1 Release Date: 2025-01-22T11:31:13Z Rating: low References: * jsc#PED-11268 Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature can now be installed. ## Description: This update for zypper, libzypp fixes the following issues: * info: Allow to query a specific version (jsc#PED-11268) To query for a specific version simply append "-" or "--" to the "" pattern. Note that the edition part must always match exactly. * version 1.14.79 ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-223=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-223=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-223=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-223=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2025-223=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-223=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-223=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-223=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-223=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-223=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-223=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-223=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libzypp-debugsource-17.35.16-150400.3.107.1 * zypper-debuginfo-1.14.79-150400.3.70.1 * zypper-debugsource-1.14.79-150400.3.70.1 * libzypp-debuginfo-17.35.16-150400.3.107.1 * zypper-1.14.79-150400.3.70.1 * libzypp-devel-doc-17.35.16-150400.3.107.1 * libzypp-devel-17.35.16-150400.3.107.1 * libzypp-17.35.16-150400.3.107.1 * openSUSE Leap 15.4 (noarch) * zypper-aptitude-1.14.79-150400.3.70.1 * zypper-log-1.14.79-150400.3.70.1 * zypper-needs-restarting-1.14.79-150400.3.70.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * zypper-debuginfo-1.14.79-150400.3.70.1 * zypper-debugsource-1.14.79-150400.3.70.1 * libzypp-debuginfo-17.35.16-150400.3.107.1 * zypper-1.14.79-150400.3.70.1 * libzypp-debugsource-17.35.16-150400.3.107.1 * libzypp-17.35.16-150400.3.107.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * zypper-needs-restarting-1.14.79-150400.3.70.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * zypper-debuginfo-1.14.79-150400.3.70.1 * zypper-debugsource-1.14.79-150400.3.70.1 * libzypp-debuginfo-17.35.16-150400.3.107.1 * zypper-1.14.79-150400.3.70.1 * libzypp-debugsource-17.35.16-150400.3.107.1 * libzypp-17.35.16-150400.3.107.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * zypper-needs-restarting-1.14.79-150400.3.70.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * zypper-debuginfo-1.14.79-150400.3.70.1 * zypper-debugsource-1.14.79-150400.3.70.1 * libzypp-debuginfo-17.35.16-150400.3.107.1 * zypper-1.14.79-150400.3.70.1 * libzypp-debugsource-17.35.16-150400.3.107.1 * libzypp-17.35.16-150400.3.107.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * zypper-needs-restarting-1.14.79-150400.3.70.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * zypper-debuginfo-1.14.79-150400.3.70.1 * zypper-debugsource-1.14.79-150400.3.70.1 * libzypp-debuginfo-17.35.16-150400.3.107.1 * zypper-1.14.79-150400.3.70.1 * libzypp-debugsource-17.35.16-150400.3.107.1 * libzypp-17.35.16-150400.3.107.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * zypper-needs-restarting-1.14.79-150400.3.70.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libzypp-debugsource-17.35.16-150400.3.107.1 * zypper-debuginfo-1.14.79-150400.3.70.1 * zypper-debugsource-1.14.79-150400.3.70.1 * libzypp-debuginfo-17.35.16-150400.3.107.1 * zypper-1.14.79-150400.3.70.1 * libzypp-devel-17.35.16-150400.3.107.1 * libzypp-17.35.16-150400.3.107.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * zypper-log-1.14.79-150400.3.70.1 * zypper-needs-restarting-1.14.79-150400.3.70.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libzypp-debugsource-17.35.16-150400.3.107.1 * zypper-debuginfo-1.14.79-150400.3.70.1 * zypper-debugsource-1.14.79-150400.3.70.1 * libzypp-debuginfo-17.35.16-150400.3.107.1 * zypper-1.14.79-150400.3.70.1 * libzypp-devel-17.35.16-150400.3.107.1 * libzypp-17.35.16-150400.3.107.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * zypper-log-1.14.79-150400.3.70.1 * zypper-needs-restarting-1.14.79-150400.3.70.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libzypp-debugsource-17.35.16-150400.3.107.1 * zypper-debuginfo-1.14.79-150400.3.70.1 * zypper-debugsource-1.14.79-150400.3.70.1 * libzypp-debuginfo-17.35.16-150400.3.107.1 * zypper-1.14.79-150400.3.70.1 * libzypp-devel-17.35.16-150400.3.107.1 * libzypp-17.35.16-150400.3.107.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * zypper-log-1.14.79-150400.3.70.1 * zypper-needs-restarting-1.14.79-150400.3.70.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libzypp-debugsource-17.35.16-150400.3.107.1 * zypper-debuginfo-1.14.79-150400.3.70.1 * zypper-debugsource-1.14.79-150400.3.70.1 * libzypp-debuginfo-17.35.16-150400.3.107.1 * zypper-1.14.79-150400.3.70.1 * libzypp-devel-17.35.16-150400.3.107.1 * libzypp-17.35.16-150400.3.107.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * zypper-log-1.14.79-150400.3.70.1 * zypper-needs-restarting-1.14.79-150400.3.70.1 * SUSE Manager Proxy 4.3 (x86_64) * libzypp-debugsource-17.35.16-150400.3.107.1 * zypper-debuginfo-1.14.79-150400.3.70.1 * zypper-debugsource-1.14.79-150400.3.70.1 * libzypp-debuginfo-17.35.16-150400.3.107.1 * zypper-1.14.79-150400.3.70.1 * libzypp-devel-17.35.16-150400.3.107.1 * libzypp-17.35.16-150400.3.107.1 * SUSE Manager Proxy 4.3 (noarch) * zypper-log-1.14.79-150400.3.70.1 * zypper-needs-restarting-1.14.79-150400.3.70.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libzypp-debugsource-17.35.16-150400.3.107.1 * zypper-debuginfo-1.14.79-150400.3.70.1 * zypper-debugsource-1.14.79-150400.3.70.1 * libzypp-debuginfo-17.35.16-150400.3.107.1 * zypper-1.14.79-150400.3.70.1 * libzypp-devel-17.35.16-150400.3.107.1 * libzypp-17.35.16-150400.3.107.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * zypper-log-1.14.79-150400.3.70.1 * zypper-needs-restarting-1.14.79-150400.3.70.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libzypp-debugsource-17.35.16-150400.3.107.1 * zypper-debuginfo-1.14.79-150400.3.70.1 * zypper-debugsource-1.14.79-150400.3.70.1 * libzypp-debuginfo-17.35.16-150400.3.107.1 * zypper-1.14.79-150400.3.70.1 * libzypp-devel-17.35.16-150400.3.107.1 * libzypp-17.35.16-150400.3.107.1 * SUSE Manager Server 4.3 (noarch) * zypper-log-1.14.79-150400.3.70.1 * zypper-needs-restarting-1.14.79-150400.3.70.1 ## References: * https://jira.suse.com/browse/PED-11268 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Fri Jan 24 20:31:28 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Fri, 24 Jan 2025 20:31:28 -0000 Subject: SUSE-SU-2025:0233-1: important: Security update for nodejs18 Message-ID: <173775068838.30301.4089872671019358197@smelt2.prg2.suse.org> # Security update for nodejs18 Announcement ID: SUSE-SU-2025:0233-1 Release Date: 2025-01-24T16:05:13Z Rating: important References: * bsc#1236250 * bsc#1236258 Cross-References: * CVE-2025-22150 * CVE-2025-23085 CVSS scores: * CVE-2025-22150 ( SUSE ): 7.4 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-22150 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-22150 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2025-23085 ( SUSE ): 5.1 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2025-23085 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for nodejs18 fixes the following issues: Update to 18.20.6: * CVE-2025-23085: Fixed HTTP2 memory leak on premature close and ERR_PROTO (bsc#1236250) * CVE-2025-22150: Fixed insufficiently random values used when defining the boundary for a multipart/form-data request in undici (bsc#1236258) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-233=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-233=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-233=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-233=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-233=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-233=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-233=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-233=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-233=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-233=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * nodejs18-devel-18.20.6-150400.9.33.1 * nodejs18-debugsource-18.20.6-150400.9.33.1 * corepack18-18.20.6-150400.9.33.1 * npm18-18.20.6-150400.9.33.1 * nodejs18-18.20.6-150400.9.33.1 * nodejs18-debuginfo-18.20.6-150400.9.33.1 * openSUSE Leap 15.4 (noarch) * nodejs18-docs-18.20.6-150400.9.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * nodejs18-devel-18.20.6-150400.9.33.1 * nodejs18-debugsource-18.20.6-150400.9.33.1 * npm18-18.20.6-150400.9.33.1 * nodejs18-18.20.6-150400.9.33.1 * nodejs18-debuginfo-18.20.6-150400.9.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * nodejs18-docs-18.20.6-150400.9.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * nodejs18-devel-18.20.6-150400.9.33.1 * nodejs18-debugsource-18.20.6-150400.9.33.1 * npm18-18.20.6-150400.9.33.1 * nodejs18-18.20.6-150400.9.33.1 * nodejs18-debuginfo-18.20.6-150400.9.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * nodejs18-docs-18.20.6-150400.9.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * nodejs18-devel-18.20.6-150400.9.33.1 * nodejs18-debugsource-18.20.6-150400.9.33.1 * npm18-18.20.6-150400.9.33.1 * nodejs18-18.20.6-150400.9.33.1 * nodejs18-debuginfo-18.20.6-150400.9.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * nodejs18-docs-18.20.6-150400.9.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * nodejs18-devel-18.20.6-150400.9.33.1 * nodejs18-debugsource-18.20.6-150400.9.33.1 * npm18-18.20.6-150400.9.33.1 * nodejs18-18.20.6-150400.9.33.1 * nodejs18-debuginfo-18.20.6-150400.9.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * nodejs18-docs-18.20.6-150400.9.33.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * nodejs18-devel-18.20.6-150400.9.33.1 * nodejs18-debugsource-18.20.6-150400.9.33.1 * npm18-18.20.6-150400.9.33.1 * nodejs18-18.20.6-150400.9.33.1 * nodejs18-debuginfo-18.20.6-150400.9.33.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * nodejs18-docs-18.20.6-150400.9.33.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * nodejs18-devel-18.20.6-150400.9.33.1 * nodejs18-debugsource-18.20.6-150400.9.33.1 * npm18-18.20.6-150400.9.33.1 * nodejs18-18.20.6-150400.9.33.1 * nodejs18-debuginfo-18.20.6-150400.9.33.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * nodejs18-docs-18.20.6-150400.9.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * nodejs18-devel-18.20.6-150400.9.33.1 * nodejs18-debugsource-18.20.6-150400.9.33.1 * npm18-18.20.6-150400.9.33.1 * nodejs18-18.20.6-150400.9.33.1 * nodejs18-debuginfo-18.20.6-150400.9.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * nodejs18-docs-18.20.6-150400.9.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * nodejs18-devel-18.20.6-150400.9.33.1 * nodejs18-debugsource-18.20.6-150400.9.33.1 * npm18-18.20.6-150400.9.33.1 * nodejs18-18.20.6-150400.9.33.1 * nodejs18-debuginfo-18.20.6-150400.9.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * nodejs18-docs-18.20.6-150400.9.33.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * nodejs18-devel-18.20.6-150400.9.33.1 * nodejs18-debugsource-18.20.6-150400.9.33.1 * npm18-18.20.6-150400.9.33.1 * nodejs18-18.20.6-150400.9.33.1 * nodejs18-debuginfo-18.20.6-150400.9.33.1 * SUSE Manager Server 4.3 (noarch) * nodejs18-docs-18.20.6-150400.9.33.1 ## References: * https://www.suse.com/security/cve/CVE-2025-22150.html * https://www.suse.com/security/cve/CVE-2025-23085.html * https://bugzilla.suse.com/show_bug.cgi?id=1236250 * https://bugzilla.suse.com/show_bug.cgi?id=1236258 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Tue Jan 28 20:30:09 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Tue, 28 Jan 2025 20:30:09 -0000 Subject: SUSE-RU-2025:0272-1: important: Recommended update for hplip Message-ID: <173809620904.1459.5191558266290739934@smelt2.prg2.suse.org> # Recommended update for hplip Announcement ID: SUSE-RU-2025:0272-1 Release Date: 2025-01-28T17:44:07Z Rating: important References: * bsc#1209401 * bsc#1214399 * bsc#1225777 * bsc#1234745 * jsc#PED-11978 * jsc#PED-5846 Cross-References: * CVE-2020-6923 CVSS scores: * CVE-2020-6923 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2020-6923 ( NVD ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability, contains two features and has three fixes can now be installed. ## Description: This update for hplip fixes the following issues: This update for hplip fixes the following issues: Update to hplip 3.24.4 (jsc#PED-5846) * Added support for new printers: * HP OfficeJet 8120 All-in-One series * HP OfficeJet Pro 8120 All-in-One series * HP OfficeJet 8130 All-in-One series * HP OfficeJet Pro 8130 All-in-One series * HP OfficeJet Pro 9720 Series * HP OfficeJet Pro 9730 Series * HP OfficeJet Pro 9130b series * HP OfficeJet Pro 9120b series * HP OfficeJet Pro 9110b series * HP Color LaserJet Enterprise Flow MFP X58045z * HP Color LaserJet Enterprise Flow MFP X58045zs * HP Color LaserJet Enterprise MFP X58045dn * HP Color LaserJet Enterprise MFP X58045 * HP LaserJet Pro P1106 plus * HP LaserJet Pro P1108 plus * HP LaserJet Tank MFP 1602a * HP LaserJet Tank MFP 1602w * HP LaserJet Tank MFP 1604w * HP LaserJet Tank MFP 2602dn * HP LaserJet Tank MFP 2602sdn * HP LaserJet Tank MFP 2602sdw * HP LaserJet Tank MFP 2602dw * HP LaserJet Tank MFP 2604dw * HP LaserJet Tank MFP 2604sdw * HP LaserJet Tank MFP 2603dw * HP LaserJet Tank MFP 2603sdw * HP LaserJet Tank MFP 2605sdw * HP LaserJet Tank MFP 2606dn * HP LaserJet Tank MFP 2606sdn * HP LaserJet Tank MFP 2606sdw * HP LaserJet Tank MFP 2606dw * HP LaserJet Tank MFP 2606dc * HP LaserJet Tank MFP 1005 * HP LaserJet Tank MFP 1005w * HP LaserJet Tank MFP 1005nw * HP LaserJet Tank 1502a * HP LaserJet Tank 1502w * HP LaserJet Tank 1504w * HP LaserJet Tank 2502dw * HP LaserJet Tank 2502dn * HP LaserJet Tank 2504dw * HP LaserJet Tank 2503dw * HP LaserJet Tank 2506dw * HP LaserJet Tank 2506d * HP LaserJet Tank 2506dn * HP LaserJet Tank 1020 * HP LaserJet Tank 1020w * HP LaserJet Tank 1020nw * HP LaserJet Pro 4001ne * HP LaserJet Pro 4001n * HP LaserJet Pro 4001dne * HP LaserJet Pro 4001dn * HP LaserJet Pro 4001dwe * HP LaserJet Pro 4001dw * HP LaserJet Pro 4001d * HP LaserJet Pro 4001de * HP LaserJet Pro 4002ne * HP LaserJet Pro 4002n * HP LaserJet Pro 4002dne * HP LaserJet Pro 4002dn * HP LaserJet Pro 4002dwe * HP LaserJet Pro 4002dw * HP LaserJet Pro 4002d * HP LaserJet Pro 4002de * HP LaserJet Pro 4003dn * HP LaserJet Pro 4003dw * HP LaserJet Pro 4003n * HP LaserJet Pro 4003d * HP LaserJet Pro 4004d * HP LaserJet Pro 4004dn * HP LaserJet Pro 4004dw * HP LaserJet Pro MFP 4101dwe * HP LaserJet Pro MFP 4101dw * HP LaserJet Pro MFP 4101fdn * HP LaserJet Pro MFP 4101fdne * HP LaserJet Pro MFP 4101fdw * HP LaserJet Pro MFP 4101fdwe * HP LaserJet Pro MFP 4102dwe * HP LaserJet Pro MFP 4102dw * HP LaserJet Pro MFP 4102fdn * HP LaserJet Pro MFP 4102fdw * HP LaserJet Pro MFP 4102fdwe * HP LaserJet Pro MFP 4102fdne * HP LaserJet Pro MFP 4102fnw * HP LaserJet Pro MFP 4102fnwe * HP LaserJet Pro MFP 4103dw * HP LaserJet Pro MFP 4103dn * HP LaserJet Pro MFP 4103fdn * HP LaserJet Pro MFP 4103fdw * HP LaserJet Pro MFP 4104dw * HP LaserJet Pro MFP 4104fdw * HP LaserJet Pro MFP 4104fdn * HP ScanJet Pro 3600 f1 * HP ScanJet Pro N4600 fnw1 * HP ScanJet Pro 2600 f1 * HP ScanJet Enterprise Flow N6600 fnw1 * HP Color LaserJet Managed MFP E785dn * HP Color LaserJet Managed MFP E78523dn * HP Color LaserJet Managed MFP E78528dn * HP Color LaserJet Managed MFP E786dn * HP Color LaserJet Managed MFP E786 Core Printer * HP Color LaserJet Managed MFP E78625dn * HP Color LaserJet Managed FlowMFP E786z * HP Color LaserJet Managed Flow MFP E78625z * HP Color LaserJet Managed MFP E78630dn * HP Color LaserJet Managed Flow MFP E78630z * HP Color LaserJet Managed MFP E78635dn * HP Color LaserJet Managed Flow MFP E78635z * HP LaserJet Managed MFP E731dn * HP LaserJet Managed MFP E731 Core Printer * HP LaserJet Managed MFP E73130dn * HP LaserJet Managed Flow MFP E731z * HP LaserJet Managed Flow MFP E73130z * HP LaserJet Managed MFP E73135dn * HP LaserJet Managed Flow MFP E73135z * HP LaserJet Managed MFP E73140dn * HP LaserJet Managed Flow MFP E73140z * HP Color LaserJet Managed MFP E877dn * HP Color LaserJet Managed MFP E877 Core Printer * HP Color LaserJet Managed MFP E87740dn * HP Color LaserJet Managed Flow MFP E877z * HP Color LaserJet Managed Flow MFP E87740z * HP Color LaserJet Managed MFP E87750dn * HP Color LaserJet Managed Flow MFP E87750z * HP Color LaserJet Managed MFP E87760dn * HP Color LaserJet Managed Flow MFP E87760z * HP Color LaserJet Managed MFP E87770dn * HP Color LaserJet Managed Flow MFP E87770z * HP LaserJet Managed MFP E826dn * HP LaserJet Managed MFP E826 Core Printer * HP LaserJet Managed MFP E82650dn * HP LaserJet Managed Flow MFP E826z * HP LaserJet Managed Flow MFP E82650z * HP LaserJet Managed MFP E82660dn * HP LaserJet Managed Flow MFP E82660z * HP LaserJet Managed MFP E82670dn * HP LaserJet Managed Flow MFP E82670z * HP LaserJet Managed MFP E730dn * HP LaserJet Managed MFP E73025dn * HP LaserJet Managed MFP E73030dn * HP LaserJet Pro MFP 3101fdwe * HP LaserJet Pro MFP 3101fdw * HP LaserJet Pro MFP 3102fdwe * HP LaserJet Pro MFP 3102fdw * HP LaserJet Pro MFP 3103fdw * HP LaserJet Pro MFP 3104fdw * HP LaserJet Pro MFP 3101fdne * HP LaserJet Pro MFP 3101fdn * HP LaserJet Pro MFP 3102fdne * HP LaserJet Pro MFP 3102fdn * HP LaserJet Pro MFP 3103fdn * HP LaserJet Pro MFP 3104fdn * HP LaserJet Pro 3001dwe * HP LaserJet Pro 3001dw * HP LaserJet Pro 3002dwe * HP LaserJet Pro 3002dw * HP LaserJet Pro 3003dw * HP LaserJet Pro 3004dw * HP LaserJet Pro 3001dne * HP LaserJet Pro 3001dn * HP LaserJet Pro 3002dne * HP LaserJet Pro 3002dn * HP LaserJet Pro 3003dn * HP LaserJet Pro 3004dn * HP Smart Tank 520_540 series * HP Smart Tank 580-590 series * HP Smart Tank 5100 series * HP Smart Tank 210-220 series * HP Color LaserJet Enterprise 6700dn * HP Color LaserJet Enterprise 6700 * HP Color LaserJet Enterprise 6701dn * HP Color LaserJet Enterprise 6701 * HP Color LaserJet Enterprise X654dn * HP Color LaserJet Enterprise X65455dn * HP Color LaserJet Enterprise X654 * HP Color LaserJet Enterprise X65465dn * HP Color LaserJet Enterprise X654 65 PPM * HP Color LaserJet Enterprise X654 55 to 65ppm License * HP Color LaserJet Enterprise X654 Down License * HP Color LaserJet Enterprise MFP 6800dn * HP Color LaserJet Enterprise Flow MFP 6800zf * HP Color LaserJet Enterprise Flow MFP 6800zfsw * HP Color LaserJet Enterprise Flow MFP 6800zfw+ * HP Color LaserJet Enterprise MFP 6800 * HP Color LaserJet Enterprise MFP 6801 * HP Color LaserJet Enterprise MFP 6801 zfsw * HP Color LaserJet Enterprise Flow MFP 6801zfw+ * HP Color LaserJet Enterprise MFP X677 55 to 65ppm License * HP Color LaserJet Enterprise MFP X677 65ppm * HP Color LaserJet Enterprise MFP X677s * HP Color LaserJet Enterprise Flow MFP X677z * HP Color LaserJet Enterprise MFP X67765dn * HP Color LaserJet Enterprise Flow MFP X67765zs * HP Color LaserJet Enterprise Flow MFP X67765z+ * HP Color LaserJet Enterprise MFP X677 * HP Color LaserJet Enterprise MFP X67755dn * HP Color LaserJet Enterprise Flow MFP X67755zs * HP Color LaserJet Enterprise Flow MFP X67755z+ * HP Color LaserJet Enterprise MFP X677dn * HP Color LaserJet Enterprise Flow MFP X677zs * HP Color LaserJet Enterprise Flow MFP X677z+ * HP Color LaserJet Enterprise 5700dn * HP Color LaserJet Enterprise 5700 * HP Color LaserJet Enterprise X55745dn * HP Color LaserJet Enterprise X55745 * HP Color LaserJet Enterprise MFP 5800dn * HP Color LaserJet Enterprise MFP 5800f * HP Color LaserJet Enterprise Flow MFP 5800zf * HP Color LaserJet Enterprise MFP 5800 * HP Color LaserJet Enterprise MFP X57945 * HP Color LaserJet Enterprise Flow MFP X57945zs * HP Color LaserJet Enterprise MFP X57945dn * HP Color LaserJet Enterprise Flow MFP X57945z * HP Color LaserJet Pro MFP 4301fdne * HP Color LaserJet Pro MFP 4301fdwe * HP Color LaserJet Pro MFP 4301cdwe * HP Color LaserJet Pro MFP 4301cfdne * HP Color LaserJet Pro MFP 4301cfdwe * HP Color LaserJet Pro MFP 4302dwe * HP Color LaserJet Pro MFP 4302fdne * HP Color LaserJet Pro MFP 4302fdwe * HP Color LaserJet Pro MFP 4302cdwe * HP Color LaserJet Pro MFP 4302fdn * HP Color LaserJet Pro MFP 4302fdw * HP Color LaserJet Pro MFP 4303dw * HP Color LaserJet Pro MFP 4303fdn * HP Color LaserJet Pro MFP 4303fdw * HP Color LaserJet Pro MFP 4303cdw * HP Color LaserJet Pro MFP 4303cfdn * HP Color LaserJet Pro MFP 4303cfdw * HP Color LaserJet Pro 4201dne * HP Color LaserJet Pro 4201dwe * HP Color LaserJet Pro 4201cdne * HP Color LaserJet Pro 4201cdwe * HP Color LaserJet Pro 4202dne * HP Color LaserJet Pro 4202dwe * HP Color LaserJet Pro 4202dn * HP Color LaserJet Pro 4202dw * HP Color LaserJet Pro 4203dn * HP Color LaserJet Pro 4203dw * HP Color LaserJet Pro 4203cdn * HP Color LaserJet Pro 4203cdw * HP DeskJet 2800 All-in-One Printer series * HP DeskJet 2800e All-in-One Printer series * HP DeskJet Ink Advantage 2800 All-in-One Printer series * HP DeskJet 4200 All-in-One Printer series * HP DeskJet 4200e All-in-One Printer series * HP DeskJet Ink Advantage 4200 All-in-One Printer series * HP DeskJet Ink Advantage Ultra 4900 All-in-One Printer series * HP OfficeJet Pro 9130b series * HP OfficeJet Pro 9120b series * HP OfficeJet Pro 9110b series * HP Color LaserJet Enterprise Flow MFP X58045z * HP Color LaserJet Enterprise Flow MFP X58045zs * HP Color LaserJet Enterprise MFP X58045dn??? * HP Color LaserJet Enterprise MFP X58045 * HP LaserJet Pro P1106 plus * HP LaserJet Pro P1108 plus * HP OfficeJet 8120 All-in-One series * HP OfficeJet Pro 8120 All-in-One series * HP OfficeJet 8130 All-in-One series * HP OfficeJet Pro 8130 All-in-One series * HP OfficeJet Pro 9720 Series * HP OfficeJet Pro 9730 Series * Bug fixes: * hpmud: sanitize printer serial number (bsc#1209401, lp#2012262) * hppsfilter: booklet printing: change insecure fixed /tmp file paths (bsc#1214399) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-272=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-272=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-272=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-272=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-272=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-272=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-272=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-272=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-272=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-272=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-272=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-272=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * hplip-3.24.4-150400.3.17.1 * hplip-scan-utils-debuginfo-3.24.4-150400.3.17.1 * hplip-sane-debuginfo-3.24.4-150400.3.17.1 * hplip-hpijs-debuginfo-3.24.4-150400.3.17.1 * hplip-sane-3.24.4-150400.3.17.1 * hplip-hpijs-3.24.4-150400.3.17.1 * hplip-scan-utils-3.24.4-150400.3.17.1 * hplip-devel-3.24.4-150400.3.17.1 * hplip-debuginfo-3.24.4-150400.3.17.1 * hplip-debugsource-3.24.4-150400.3.17.1 * hplip-udev-rules-3.24.4-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * hplip-3.24.4-150400.3.17.1 * hplip-sane-debuginfo-3.24.4-150400.3.17.1 * hplip-hpijs-debuginfo-3.24.4-150400.3.17.1 * hplip-sane-3.24.4-150400.3.17.1 * hplip-hpijs-3.24.4-150400.3.17.1 * hplip-devel-3.24.4-150400.3.17.1 * hplip-debuginfo-3.24.4-150400.3.17.1 * hplip-debugsource-3.24.4-150400.3.17.1 * hplip-udev-rules-3.24.4-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * hplip-3.24.4-150400.3.17.1 * hplip-sane-debuginfo-3.24.4-150400.3.17.1 * hplip-hpijs-debuginfo-3.24.4-150400.3.17.1 * hplip-sane-3.24.4-150400.3.17.1 * hplip-hpijs-3.24.4-150400.3.17.1 * hplip-devel-3.24.4-150400.3.17.1 * hplip-debuginfo-3.24.4-150400.3.17.1 * hplip-debugsource-3.24.4-150400.3.17.1 * hplip-udev-rules-3.24.4-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * hplip-3.24.4-150400.3.17.1 * hplip-sane-debuginfo-3.24.4-150400.3.17.1 * hplip-hpijs-debuginfo-3.24.4-150400.3.17.1 * hplip-sane-3.24.4-150400.3.17.1 * hplip-hpijs-3.24.4-150400.3.17.1 * hplip-devel-3.24.4-150400.3.17.1 * hplip-debuginfo-3.24.4-150400.3.17.1 * hplip-debugsource-3.24.4-150400.3.17.1 * hplip-udev-rules-3.24.4-150400.3.17.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * hplip-3.24.4-150400.3.17.1 * hplip-sane-debuginfo-3.24.4-150400.3.17.1 * hplip-hpijs-debuginfo-3.24.4-150400.3.17.1 * hplip-sane-3.24.4-150400.3.17.1 * hplip-hpijs-3.24.4-150400.3.17.1 * hplip-devel-3.24.4-150400.3.17.1 * hplip-debuginfo-3.24.4-150400.3.17.1 * hplip-debugsource-3.24.4-150400.3.17.1 * hplip-udev-rules-3.24.4-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * hplip-3.24.4-150400.3.17.1 * hplip-sane-debuginfo-3.24.4-150400.3.17.1 * hplip-hpijs-debuginfo-3.24.4-150400.3.17.1 * hplip-sane-3.24.4-150400.3.17.1 * hplip-hpijs-3.24.4-150400.3.17.1 * hplip-devel-3.24.4-150400.3.17.1 * hplip-debuginfo-3.24.4-150400.3.17.1 * hplip-debugsource-3.24.4-150400.3.17.1 * hplip-udev-rules-3.24.4-150400.3.17.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * hplip-3.24.4-150400.3.17.1 * hplip-sane-debuginfo-3.24.4-150400.3.17.1 * hplip-hpijs-debuginfo-3.24.4-150400.3.17.1 * hplip-sane-3.24.4-150400.3.17.1 * hplip-hpijs-3.24.4-150400.3.17.1 * hplip-devel-3.24.4-150400.3.17.1 * hplip-debuginfo-3.24.4-150400.3.17.1 * hplip-debugsource-3.24.4-150400.3.17.1 * hplip-udev-rules-3.24.4-150400.3.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * hplip-3.24.4-150400.3.17.1 * hplip-sane-debuginfo-3.24.4-150400.3.17.1 * hplip-hpijs-debuginfo-3.24.4-150400.3.17.1 * hplip-sane-3.24.4-150400.3.17.1 * hplip-hpijs-3.24.4-150400.3.17.1 * hplip-devel-3.24.4-150400.3.17.1 * hplip-debuginfo-3.24.4-150400.3.17.1 * hplip-debugsource-3.24.4-150400.3.17.1 * hplip-udev-rules-3.24.4-150400.3.17.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * hplip-3.24.4-150400.3.17.1 * hplip-sane-debuginfo-3.24.4-150400.3.17.1 * hplip-hpijs-debuginfo-3.24.4-150400.3.17.1 * hplip-sane-3.24.4-150400.3.17.1 * hplip-hpijs-3.24.4-150400.3.17.1 * hplip-devel-3.24.4-150400.3.17.1 * hplip-debuginfo-3.24.4-150400.3.17.1 * hplip-debugsource-3.24.4-150400.3.17.1 * hplip-udev-rules-3.24.4-150400.3.17.1 * SUSE Manager Proxy 4.3 (x86_64) * hplip-sane-debuginfo-3.24.4-150400.3.17.1 * hplip-hpijs-debuginfo-3.24.4-150400.3.17.1 * hplip-sane-3.24.4-150400.3.17.1 * hplip-hpijs-3.24.4-150400.3.17.1 * hplip-debuginfo-3.24.4-150400.3.17.1 * hplip-devel-3.24.4-150400.3.17.1 * hplip-debugsource-3.24.4-150400.3.17.1 * hplip-udev-rules-3.24.4-150400.3.17.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * hplip-sane-debuginfo-3.24.4-150400.3.17.1 * hplip-hpijs-debuginfo-3.24.4-150400.3.17.1 * hplip-sane-3.24.4-150400.3.17.1 * hplip-hpijs-3.24.4-150400.3.17.1 * hplip-debuginfo-3.24.4-150400.3.17.1 * hplip-devel-3.24.4-150400.3.17.1 * hplip-debugsource-3.24.4-150400.3.17.1 * hplip-udev-rules-3.24.4-150400.3.17.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * hplip-sane-debuginfo-3.24.4-150400.3.17.1 * hplip-hpijs-debuginfo-3.24.4-150400.3.17.1 * hplip-sane-3.24.4-150400.3.17.1 * hplip-hpijs-3.24.4-150400.3.17.1 * hplip-debuginfo-3.24.4-150400.3.17.1 * hplip-devel-3.24.4-150400.3.17.1 * hplip-debugsource-3.24.4-150400.3.17.1 * hplip-udev-rules-3.24.4-150400.3.17.1 ## References: * https://www.suse.com/security/cve/CVE-2020-6923.html * https://bugzilla.suse.com/show_bug.cgi?id=1209401 * https://bugzilla.suse.com/show_bug.cgi?id=1214399 * https://bugzilla.suse.com/show_bug.cgi?id=1225777 * https://bugzilla.suse.com/show_bug.cgi?id=1234745 * https://jira.suse.com/browse/PED-11978 * https://jira.suse.com/browse/PED-5846 -------------- next part -------------- An HTML attachment was scrubbed... URL: From null at suse.de Wed Jan 29 12:30:09 2025 From: null at suse.de (SUSE-MANAGER-UPDATES) Date: Wed, 29 Jan 2025 12:30:09 -0000 Subject: SUSE-SU-2025:0282-1: important: Security update for nginx Message-ID: <173815380901.24850.6457178158256958957@smelt2.prg2.suse.org> # Security update for nginx Announcement ID: SUSE-SU-2025:0282-1 Release Date: 2025-01-29T08:04:15Z Rating: important References: * bsc#1216171 * bsc#1229155 Cross-References: * CVE-2023-44487 * CVE-2024-7347 CVSS scores: * CVE-2023-44487 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-44487 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7347 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-7347 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-7347 ( NVD ): 5.7 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-7347 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-7347 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves two vulnerabilities can now be installed. ## Description: This update for nginx fixes the following issues: * CVE-2023-44487: Mitigate HTTP/2 Rapid Reset Attack (bsc#1216171) * CVE-2024-7347: Fixed worker crashes on special crafted mp4 files containing invalid chunk information (bsc#1229155) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-282=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-282=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-282=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-282=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-282=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-282=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-282=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-282=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-282=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-282=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-282=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-282=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * openSUSE Leap 15.4 (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Manager Proxy 4.3 (x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Manager Proxy 4.3 (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * nginx-source-1.21.5-150400.3.6.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * nginx-1.21.5-150400.3.6.1 * nginx-debuginfo-1.21.5-150400.3.6.1 * nginx-debugsource-1.21.5-150400.3.6.1 * SUSE Manager Server 4.3 (noarch) * nginx-source-1.21.5-150400.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-44487.html * https://www.suse.com/security/cve/CVE-2024-7347.html * https://bugzilla.suse.com/show_bug.cgi?id=1216171 * https://bugzilla.suse.com/show_bug.cgi?id=1229155 -------------- next part -------------- An HTML attachment was scrubbed... URL: