openSUSE Security Update: Security update for wpa_supplicant
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2020:2053-1
Rating:             moderate
References:         #1131644 #1131868 #1131870 #1131871 #1131872 
                    #1131874 #1133640 #1144443 #1150934 #1156920 
                    #1166933 #1167331 #930077 #930078 #930079 
                    
Cross-References:   CVE-2015-4141 CVE-2015-4142 CVE-2015-4143
                    CVE-2015-8041 CVE-2017-13077 CVE-2017-13078
                    CVE-2017-13079 CVE-2017-13080 CVE-2017-13081
                    CVE-2017-13082 CVE-2017-13086 CVE-2017-13087
                    CVE-2017-13088 CVE-2018-14526 CVE-2019-11555
                    CVE-2019-13377 CVE-2019-16275 CVE-2019-9494
                    CVE-2019-9495 CVE-2019-9497 CVE-2019-9498
                    CVE-2019-9499
Affected Products:
                    openSUSE Leap 15.1
______________________________________________________________________________

   An update that fixes 22 vulnerabilities is now available.

Description:

   This update for wpa_supplicant fixes the following issues:

   Security issue fixed:

   - CVE-2019-16275: Fixed an AP mode PMF disconnection protection bypass
     (bsc#1150934).

   Non-security issues fixed:

   - Enable SAE support (jsc#SLE-14992).
   - Limit P2P_DEVICE name to appropriate ifname size.
   - Fix wicked wlan (bsc#1156920)
   - Restore fi.epitest.hostap.WPASupplicant.service (bsc#1167331)
   - With v2.9 fi.epitest.hostap.WPASupplicant.service is obsolete
     (bsc#1167331)
   - Fix WLAN config on boot with wicked. (bsc#1166933)
   - Update to 2.9 release:
      * SAE changes
        - disable use of groups using Brainpool curves
        - improved protection against side channel attacks
   [https://w1.fi/security/2019-6/
      * EAP-pwd changes
        - disable use of groups using Brainpool curves
        - allow the set of groups to be configured (eap_pwd_groups)
        - improved protection against side channel attacks
   [https://w1.fi/security/2019-6/
      * fixed FT-EAP initial mobility domain association using PMKSA caching
        (disabled by default for backwards compatibility; can be enabled with
        ft_eap_pmksa_caching=1)
      * fixed a regression in OpenSSL 1.1+ engine loading
      * added validation of RSNE in (Re)Association Response frames
      * fixed DPP bootstrapping URI parser of channel list
      * extended EAP-SIM/AKA fast re-authentication to allow use with FILS
      * extended ca_cert_blob to support PEM format
      * improved robustness of P2P Action frame scheduling
      * added support for EAP-SIM/AKA using anonymous@realm identity
      * fixed Hotspot 2.0 credential selection based on roaming consortium to
        ignore credentials without a specific EAP method
      * added experimental support for EAP-TEAP peer (RFC 7170)
      * added experimental support for EAP-TLS peer with TLS v1.3
      * fixed a regression in WMM parameter configuration for a TDLS peer
      * fixed a regression in operation with drivers that offload 802.1X
        4-way handshake
      * fixed an ECDH operation corner case with OpenSSL
      * SAE changes
        - added support for SAE Password Identifier
        - changed default configuration to enable only groups 19, 20, 21
   (i.e., disable groups 25 and 26) and disable all unsuitable groups
   completely based on REVmd changes
        - do not regenerate PWE unnecessarily when the AP uses the
   anti-clogging token mechanisms
        - fixed some association cases where both SAE and FT-SAE were enabled
          on both the station and the selected AP
        - started to prefer FT-SAE over SAE AKM if both are enabled
        - started to prefer FT-SAE over FT-PSK if both are enabled
        - fixed FT-SAE when SAE PMKSA caching is used
        - reject use of unsuitable groups based on new implementation
   guidance in REVmd (allow only FFC groups with prime >= 3072 bits and ECC
   groups with prime >= 256)
        - minimize timing and memory use differences in PWE derivation
   [https://w1.fi/security/2019-1/ (CVE-2019-9494, bsc#1131868)
      * EAP-pwd changes
        - minimize timing and memory use differences in PWE derivation
   [https://w1.fi/security/2019-2/ (CVE-2019-9495, bsc#1131870)
        - verify server scalar/element [https://w1.fi/security/2019-4/
   (CVE-2019-9497, CVE-2019-9498, CVE-2019-9499, bsc#1131874, bsc#1131872,
   bsc#1131871, bsc#1131644)
        - fix message reassembly issue with unexpected fragment
   [https://w1.fi/security/2019-5/ (CVE-2019-11555, bsc#1133640)
        - enforce rand,mask generation rules more strictly
        - fix a memory leak in PWE derivation
        - disallow ECC groups with a prime under 256 bits (groups 25, 26, and
   27)
        - SAE/EAP-pwd side-channel attack update
   [https://w1.fi/security/2019-6/ (CVE-2019-13377, bsc#1144443)
      * fixed CONFIG_IEEE80211R=y (FT) build without CONFIG_FILS=y
      * Hotspot 2.0 changes
        - do not indicate release number that is higher than the one AP
   supports
        - added support for release number 3
        - enable PMF automatically for network profiles created from
   credentials
      * fixed OWE network profile saving
      * fixed DPP network profile saving
      * added support for RSN operating channel validation (CONFIG_OCV=y and
        network profile parameter ocv=1)
      * added Multi-AP backhaul STA support
      * fixed build with LibreSSL
      * number of MKA/MACsec fixes and extensions
      * extended domain_match and domain_suffix_match to allow list of values
      * fixed dNSName matching in domain_match and domain_suffix_match when
        using wolfSSL
      * started to prefer FT-EAP-SHA384 over WPA-EAP-SUITE-B-192 AKM if both
        are enabled
      * extended nl80211 Connect and external authentication to support SAE,
        FT-SAE, FT-EAP-SHA384
      * fixed KEK2 derivation for FILS+FT
      * extended client_cert file to allow loading of a chain of PEM encoded
        certificates
      * extended beacon reporting functionality
      * extended D-Bus interface with number of new properties
      * fixed a regression in FT-over-DS with mac80211-based drivers
      * OpenSSL: allow systemwide policies to be overridden
      * extended driver flags indication for separate 802.1X and PSK 4-way
        handshake offload capability
      * added support for random P2P Device/Interface Address use
      * extended PEAP to derive EMSK to enable use with ERP/FILS
      * extended WPS to allow SAE configuration to be added automatically for
        PSK (wps_cred_add_sae=1)
      * removed support for the old D-Bus interface (CONFIG_CTRL_IFACE_DBUS)
      * extended domain_match and domain_suffix_match to allow list of values
      * added a RSN workaround for misbehaving PMF APs that advertise
        IGTK/BIP KeyID using incorrect byte order
      * fixed PTK rekeying with FILS and FT
      * fixed WPA packet number reuse with replayed messages and key
        reinstallation [https://w1.fi/security/2017-1/ (CVE-2017-13077,
        CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081,
        CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
      * fixed unauthenticated EAPOL-Key decryption in wpa_supplicant
        [https://w1.fi/security/2018-1/ (CVE-2018-14526)
      * added support for FILS (IEEE 802.11ai) shared key authentication
      * added support for OWE (Opportunistic Wireless Encryption, RFC 8110;
        and transition mode defined by WFA)
      * added support for DPP (Wi-Fi Device Provisioning Protocol)
      * added support for RSA 3k key case with Suite B 192-bit level
      * fixed Suite B PMKSA caching not to update PMKID during each 4-way
        handshake
      * fixed EAP-pwd pre-processing with PasswordHashHash
      * added EAP-pwd client support for salted passwords
      * fixed a regression in TDLS prohibited bit validation
      * started to use estimated throughput to avoid undesired signal
        strength based roaming decision
      * MACsec/MKA:
        - new macsec_linux driver interface support for the Linux kernel
   macsec module
        - number of fixes and extensions
      * added support for external persistent storage of PMKSA cache
        (PMKSA_GET/PMKSA_ADD control interface commands; and
        MESH_PMKSA_GET/MESH_PMKSA_SET for the mesh case)
      * fixed mesh channel configuration pri/sec switch case
      * added support for beacon report
      * large number of other fixes, cleanup, and extensions
      * added support for randomizing local address for GAS queries
        (gas_rand_mac_addr parameter)
      * fixed EAP-SIM/AKA/AKA' ext auth cases within TLS tunnel
      * added option for using random WPS UUID (auto_uuid=1)
      * added SHA256-hash support for OCSP certificate matching
      * fixed EAP-AKA' to add AT_KDF into Synchronization-Failure
      * fixed a regression in RSN pre-authentication candidate selection
      * added option to configure allowed group management cipher suites
        (group_mgmt network profile parameter)
      * removed all PeerKey functionality
      * fixed nl80211 AP and mesh mode configuration regression with Linux
        4.15 and newer
      * added ap_isolate configuration option for AP mode
      * added support for nl80211 to offload 4-way handshake into the driver
      * added support for using wolfSSL cryptographic library
      * SAE
        - added support for configuring SAE password separately of the WPA2
   PSK/passphrase
        - fixed PTK and EAPOL-Key integrity and key-wrap algorithm selection
   for SAE; note: this is not backwards compatible, i.e., both the AP and
   station side implementations will need to be update at the same time to
   maintain interoperability
        - added support for Password Identifier
        - fixed FT-SAE PMKID matching
      * Hotspot 2.0
        - added support for fetching of Operator Icon Metadata ANQP-element
        - added support for Roaming Consortium Selection element
        - added support for Terms and Conditions
        - added support for OSEN connection in a shared RSN BSS
        - added support for fetching Venue URL information
      * added support for using OpenSSL 1.1.1
      * FT
        - disabled PMKSA caching with FT since it is not fully functional
        - added support for SHA384 based AKM
        - added support for BIP ciphers BIP-CMAC-256, BIP-GMAC-128,
   BIP-GMAC-256 in addition to previously supported BIP-CMAC-128
        - fixed additional IE inclusion in Reassociation Request frame when
   using FT protocol

   - Changed service-files for start after network (systemd-networkd).

   This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.1:

      zypper in -t patch openSUSE-2020-2053=1



Package List:

   - openSUSE Leap 15.1 (i586 x86_64):

      wpa_supplicant-2.9-lp151.5.10.1
      wpa_supplicant-debuginfo-2.9-lp151.5.10.1
      wpa_supplicant-debugsource-2.9-lp151.5.10.1
      wpa_supplicant-gui-2.9-lp151.5.10.1
      wpa_supplicant-gui-debuginfo-2.9-lp151.5.10.1


References:

   https://www.suse.com/security/cve/CVE-2015-4141.html
   https://www.suse.com/security/cve/CVE-2015-4142.html
   https://www.suse.com/security/cve/CVE-2015-4143.html
   https://www.suse.com/security/cve/CVE-2015-8041.html
   https://www.suse.com/security/cve/CVE-2017-13077.html
   https://www.suse.com/security/cve/CVE-2017-13078.html
   https://www.suse.com/security/cve/CVE-2017-13079.html
   https://www.suse.com/security/cve/CVE-2017-13080.html
   https://www.suse.com/security/cve/CVE-2017-13081.html
   https://www.suse.com/security/cve/CVE-2017-13082.html
   https://www.suse.com/security/cve/CVE-2017-13086.html
   https://www.suse.com/security/cve/CVE-2017-13087.html
   https://www.suse.com/security/cve/CVE-2017-13088.html
   https://www.suse.com/security/cve/CVE-2018-14526.html
   https://www.suse.com/security/cve/CVE-2019-11555.html
   https://www.suse.com/security/cve/CVE-2019-13377.html
   https://www.suse.com/security/cve/CVE-2019-16275.html
   https://www.suse.com/security/cve/CVE-2019-9494.html
   https://www.suse.com/security/cve/CVE-2019-9495.html
   https://www.suse.com/security/cve/CVE-2019-9497.html
   https://www.suse.com/security/cve/CVE-2019-9498.html
   https://www.suse.com/security/cve/CVE-2019-9499.html
   https://bugzilla.suse.com/1131644
   https://bugzilla.suse.com/1131868
   https://bugzilla.suse.com/1131870
   https://bugzilla.suse.com/1131871
   https://bugzilla.suse.com/1131872
   https://bugzilla.suse.com/1131874
   https://bugzilla.suse.com/1133640
   https://bugzilla.suse.com/1144443
   https://bugzilla.suse.com/1150934
   https://bugzilla.suse.com/1156920
   https://bugzilla.suse.com/1166933
   https://bugzilla.suse.com/1167331
   https://bugzilla.suse.com/930077
   https://bugzilla.suse.com/930078
   https://bugzilla.suse.com/930079
_______________________________________________
openSUSE Security Announce mailing list -- security-announce@lists.opensuse.org
To unsubscribe, email security-announce-leave@lists.opensuse.org
List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette
List Archives: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/

openSUSE: 2020:2053-1 moderate: wpa_supplicant

November 26, 2020
An update that fixes 22 vulnerabilities is now available.

Description

This update for wpa_supplicant fixes the following issues: Security issue fixed: - CVE-2019-16275: Fixed an AP mode PMF disconnection protection bypass (bsc#1150934). Non-security issues fixed: - Enable SAE support (jsc#SLE-14992). - Limit P2P_DEVICE name to appropriate ifname size. - Fix wicked wlan (bsc#1156920) - Restore fi.epitest.hostap.WPASupplicant.service (bsc#1167331) - With v2.9 fi.epitest.hostap.WPASupplicant.service is obsolete (bsc#1167331) - Fix WLAN config on boot with wicked. (bsc#1166933) - Update to 2.9 release: * SAE changes - disable use of groups using Brainpool curves - improved protection against side channel attacks [https://w1.fi/security/2019-6/ * EAP-pwd changes - disable use of groups using Brainpool curves - allow the set of groups to be configured (eap_pwd_groups) - improved protection against side channel attacks [https://w1.fi/security/2019-6/ * fixed FT-EAP initial mobility domain association using PMKSA caching (disabled by default for backwards compatibility; can be enabled with ft_eap_pmksa_caching=1) * fixed a regression in OpenSSL 1.1+ engine loading * added validation of RSNE in (Re)Association Response frames * fixed DPP bootstrapping URI parser of channel list * extended EAP-SIM/AKA fast re-authentication to allow use with FILS * extended ca_cert_blob to support PEM format * improved robustness of P2P Action frame scheduling * added support for EAP-SIM/AKA using anonymous@realm identity * fixed Hotspot 2.0 credential selection based on roaming consortium to ignore credentials without a specific EAP method * added experimental support for EAP-TEAP peer (RFC 7170) * added experimental support for EAP-TLS peer with TLS v1.3 * fixed a regression in WMM parameter configuration for a TDLS peer * fixed a regression in operation with drivers that offload 802.1X 4-way handshake * fixed an ECDH operation corner case with OpenSSL * SAE changes - added support for SAE Password Identifier - changed default configuration to enable only groups 19, 20, 21 (i.e., disable groups 25 and 26) and disable all unsuitable groups completely based on REVmd changes - do not regenerate PWE unnecessarily when the AP uses the anti-clogging token mechanisms - fixed some association cases where both SAE and FT-SAE were enabled on both the station and the selected AP - started to prefer FT-SAE over SAE AKM if both are enabled - started to prefer FT-SAE over FT-PSK if both are enabled - fixed FT-SAE when SAE PMKSA caching is used - reject use of unsuitable groups based on new implementation guidance in REVmd (allow only FFC groups with prime >= 3072 bits and ECC groups with prime >= 256) - minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-1/ (CVE-2019-9494, bsc#1131868) * EAP-pwd changes - minimize timing and memory use differences in PWE derivation [https://w1.fi/security/2019-2/ (CVE-2019-9495, bsc#1131870) - verify server scalar/element [https://w1.fi/security/2019-4/ (CVE-2019-9497, CVE-2019-9498, CVE-2019-9499, bsc#1131874, bsc#1131872, bsc#1131871, bsc#1131644) - fix message reassembly issue with unexpected fragment [https://w1.fi/security/2019-5/ (CVE-2019-11555, bsc#1133640) - enforce rand,mask generation rules more strictly - fix a memory leak in PWE derivation - disallow ECC groups with a prime under 256 bits (groups 25, 26, and 27) - SAE/EAP-pwd side-channel attack update [https://w1.fi/security/2019-6/ (CVE-2019-13377, bsc#1144443) * fixed CONFIG_IEEE80211R=y (FT) build without CONFIG_FILS=y * Hotspot 2.0 changes - do not indicate release number that is higher than the one AP supports - added support for release number 3 - enable PMF automatically for network profiles created from credentials * fixed OWE network profile saving * fixed DPP network profile saving * added support for RSN operating channel validation (CONFIG_OCV=y and network profile parameter ocv=1) * added Multi-AP backhaul STA support * fixed build with LibreSSL * number of MKA/MACsec fixes and extensions * extended domain_match and domain_suffix_match to allow list of values * fixed dNSName matching in domain_match and domain_suffix_match when using wolfSSL * started to prefer FT-EAP-SHA384 over WPA-EAP-SUITE-B-192 AKM if both are enabled * extended nl80211 Connect and external authentication to support SAE, FT-SAE, FT-EAP-SHA384 * fixed KEK2 derivation for FILS+FT * extended client_cert file to allow loading of a chain of PEM encoded certificates * extended beacon reporting functionality * extended D-Bus interface with number of new properties * fixed a regression in FT-over-DS with mac80211-based drivers * OpenSSL: allow systemwide policies to be overridden * extended driver flags indication for separate 802.1X and PSK 4-way handshake offload capability * added support for random P2P Device/Interface Address use * extended PEAP to derive EMSK to enable use with ERP/FILS * extended WPS to allow SAE configuration to be added automatically for PSK (wps_cred_add_sae=1) * removed support for the old D-Bus interface (CONFIG_CTRL_IFACE_DBUS) * extended domain_match and domain_suffix_match to allow list of values * added a RSN workaround for misbehaving PMF APs that advertise IGTK/BIP KeyID using incorrect byte order * fixed PTK rekeying with FILS and FT * fixed WPA packet number reuse with replayed messages and key reinstallation [https://w1.fi/security/2017-1/ (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088) * fixed unauthenticated EAPOL-Key decryption in wpa_supplicant [https://w1.fi/security/2018-1/ (CVE-2018-14526) * added support for FILS (IEEE 802.11ai) shared key authentication * added support for OWE (Opportunistic Wireless Encryption, RFC 8110; and transition mode defined by WFA) * added support for DPP (Wi-Fi Device Provisioning Protocol) * added support for RSA 3k key case with Suite B 192-bit level * fixed Suite B PMKSA caching not to update PMKID during each 4-way handshake * fixed EAP-pwd pre-processing with PasswordHashHash * added EAP-pwd client support for salted passwords * fixed a regression in TDLS prohibited bit validation * started to use estimated throughput to avoid undesired signal strength based roaming decision * MACsec/MKA: - new macsec_linux driver interface support for the Linux kernel macsec module - number of fixes and extensions * added support for external persistent storage of PMKSA cache (PMKSA_GET/PMKSA_ADD control interface commands; and MESH_PMKSA_GET/MESH_PMKSA_SET for the mesh case) * fixed mesh channel configuration pri/sec switch case * added support for beacon report * large number of other fixes, cleanup, and extensions * added support for randomizing local address for GAS queries (gas_rand_mac_addr parameter) * fixed EAP-SIM/AKA/AKA' ext auth cases within TLS tunnel * added option for using random WPS UUID (auto_uuid=1) * added SHA256-hash support for OCSP certificate matching * fixed EAP-AKA' to add AT_KDF into Synchronization-Failure * fixed a regression in RSN pre-authentication candidate selection * added option to configure allowed group management cipher suites (group_mgmt network profile parameter) * removed all PeerKey functionality * fixed nl80211 AP and mesh mode configuration regression with Linux 4.15 and newer * added ap_isolate configuration option for AP mode * added support for nl80211 to offload 4-way handshake into the driver * added support for using wolfSSL cryptographic library * SAE - added support for configuring SAE password separately of the WPA2 PSK/passphrase - fixed PTK and EAPOL-Key integrity and key-wrap algorithm selection for SAE; note: this is not backwards compatible, i.e., both the AP and station side implementations will need to be update at the same time to maintain interoperability - added support for Password Identifier - fixed FT-SAE PMKID matching * Hotspot 2.0 - added support for fetching of Operator Icon Metadata ANQP-element - added support for Roaming Consortium Selection element - added support for Terms and Conditions - added support for OSEN connection in a shared RSN BSS - added support for fetching Venue URL information * added support for using OpenSSL 1.1.1 * FT - disabled PMKSA caching with FT since it is not fully functional - added support for SHA384 based AKM - added support for BIP ciphers BIP-CMAC-256, BIP-GMAC-128, BIP-GMAC-256 in addition to previously supported BIP-CMAC-128 - fixed additional IE inclusion in Reassociation Request frame when using FT protocol - Changed service-files for start after network (systemd-networkd). This update was imported from the SUSE:SLE-15:Update update project.

 

Patch

Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2020-2053=1


Package List

- openSUSE Leap 15.1 (i586 x86_64): wpa_supplicant-2.9-lp151.5.10.1 wpa_supplicant-debuginfo-2.9-lp151.5.10.1 wpa_supplicant-debugsource-2.9-lp151.5.10.1 wpa_supplicant-gui-2.9-lp151.5.10.1 wpa_supplicant-gui-debuginfo-2.9-lp151.5.10.1


References

https://www.suse.com/security/cve/CVE-2015-4141.html https://www.suse.com/security/cve/CVE-2015-4142.html https://www.suse.com/security/cve/CVE-2015-4143.html https://www.suse.com/security/cve/CVE-2015-8041.html https://www.suse.com/security/cve/CVE-2017-13077.html https://www.suse.com/security/cve/CVE-2017-13078.html https://www.suse.com/security/cve/CVE-2017-13079.html https://www.suse.com/security/cve/CVE-2017-13080.html https://www.suse.com/security/cve/CVE-2017-13081.html https://www.suse.com/security/cve/CVE-2017-13082.html https://www.suse.com/security/cve/CVE-2017-13086.html https://www.suse.com/security/cve/CVE-2017-13087.html https://www.suse.com/security/cve/CVE-2017-13088.html https://www.suse.com/security/cve/CVE-2018-14526.html https://www.suse.com/security/cve/CVE-2019-11555.html https://www.suse.com/security/cve/CVE-2019-13377.html https://www.suse.com/security/cve/CVE-2019-16275.html https://www.suse.com/security/cve/CVE-2019-9494.html https://www.suse.com/security/cve/CVE-2019-9495.html https://www.suse.com/security/cve/CVE-2019-9497.html https://www.suse.com/security/cve/CVE-2019-9498.html https://www.suse.com/security/cve/CVE-2019-9499.html https://bugzilla.suse.com/1131644 https://bugzilla.suse.com/1131868 https://bugzilla.suse.com/1131870 https://bugzilla.suse.com/1131871 https://bugzilla.suse.com/1131872 https://bugzilla.suse.com/1131874 https://bugzilla.suse.com/1133640 https://bugzilla.suse.com/1144443 https://bugzilla.suse.com/1150934 https://bugzilla.suse.com/1156920 https://bugzilla.suse.com/1166933 https://bugzilla.suse.com/1167331 https://bugzilla.suse.com/930077 https://bugzilla.suse.com/930078 https://bugzilla.suse.com/930079 openSUSE Security Announce mailing list -- security-announce@lists.opensuse.org To unsubscribe, email security-announce-leave@lists.opensuse.org List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette List Archives: https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/


Severity
Announcement ID: openSUSE-SU-2020:2053-1
Rating: moderate
Affected Products: openSUSE Leap 15.1

Related News

19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved