Explore top 10 tips to secure your open-source projects now. Read More
×
This update fixes the following issues: ansible: - The support level for ansible is l2, not l3 dracut-saltboot: - Force installation of libexpat.so.1 (bsc#1188846) - Use kernel parameters from PXE formula also for local boot golang-github-prometheus-prometheus: - Provide and reload firewalld configuration only for: + openSUSE Leap 15.0, 15.1, 15.2 + SUSE Linux Enterprise 15, 15 SP1, 15 SP2 - Upgrade to upstream version 2.27.1 (jsc#SLE-18254) + Bugfix: * SECURITY: Fix arbitrary redirects under the /new endpoint (CVE-2021-29622, bsc#1186242) * UI: Provide errors instead of blank page on TSDB Status Page. #8654 #8659 * TSDB: Do not panic when writing very large records to the WAL. #8790 * TSDB: Avoid panic when mmaped memory is referenced after the file is closed. #8723
#1175478 #1186242 #1186508 #1186581 #1186650
#1188846 SLE-18254
Cross- CVE-2021-27962 CVE-2021-28146 CVE-2021-28147
CVE-2021-28148 CVE-2021-29622
CVSS scores:
CVE-2021-27962 (NVD) : 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
CVE-2021-27962 (SUSE): 6.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CVE-2021-28148 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVE-2021-29622 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Affected Products:
SUSE Manager Tools 15
https://www.suse.com/security/cve/CVE-2021-27962.html
https://www.suse.com/security/cve/CVE-2021-28146.html
https://www.suse.com/security/cve/CVE-2021-28147.html
https://www.suse.com/security/cve/CVE-2021-28148.html
Get the latest Linux and open source security news straight to your inbox.