Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

DEBIAN: 2022:4823-1 Important: Security Patch for WindRiver Development Kit

suse
Calendar Grey December 3, 2021
Dist Suse Esm H88
SUSE Patch Release for SUMA Client Tools addresses 5 vulnerabilities, improves functionalities, and includes essential setup guidelines.
An update that solves 6 vulnerabilities, contains four features and has 27 fixes is now available

Summary

This update fixes the following issues: dracut-saltboot: - Fix dependencies of python libs (bsc#1188846) - Update to version 0.1.1628156312.dbd0dec - Force installation of libexpat.so.1 (bsc#1188846) - Update to version 0.1.1627546504.96a0b3e - Use kernel parameters from PXE formula also for local boot golang-github-prometheus-prometheus: - Provide and reload firewalld configuration only for: + openSUSE Leap 15.0, 15.1, 15.2 + SUSE SLE15, SLE15 SP1, SLE15 SP2 - Refresh patches + Changed: - Upgrade to upstream version 2.27.1 (jsc#SLE-18254) + Bugfix: * SECURITY: Fix arbitrary redirects under the /new endpoint (CVE-2021-29622, bsc#1186242) - Upgrade to upstream version 2.27.0 + Features: * Promtool: Retroactive rule evaluation functionality. #7675

Topics%20covered

Topics Covered

security advisory moderate update security fix suse client tools api permissions

References

#1164192 #1167586 #1168327 #1170823 #1173103

#1173692 #1175478 #1180650 #1181223 #1184659

#1185131 #1186242 #1186287 #1186310 #1186508

#1186581 #1186650 #1186674 #1186738 #1187787

#1187813 #1188042 #1188170 #1188259 #1188647

#1188846 #1188977 #1189040 #1190265 #1190446

#1190512 #1191412 #1191448 ECO-3212 SLE-18028

SLE-18033 SLE-18254

Cross- CVE-2021-21996 CVE-2021-27962 CVE-2021-28146

CVE-2021-28147 CVE-2021-28148 CVE-2021-29622

CVSS scores:

CVE-2021-21996 (SUSE): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

CVE-2021-27962 (NVD) : 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

CVE-2021-27962 (SUSE): 6.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

CVE-2021-28147 (SUSE): 6.8 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2021:3908-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate update security fix suse client tools api permissions

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here