Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
100
security advisorymoderateupdate# openSUSE 15.6 SUSE-SU-2026-0458-4 security-update Moderate Risk
An update that solves five vulnerabilities and contains one feature can now be installed.. # Security update for govulncheck-vulndb Announcement ID: SUSE-SU-2026:0354-1 Release Date: 2026-01-30T18:33:39Z Rating: moderate References: * jsc#PED-11136 Cross-References: * CVE-2025-61726 * CVE-2025-61728 * CVE-2025-61730 * CVE-2025-61731 * CVE-2025-68119 CVSS scores: * CVE-2025-61726 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-61726 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-61726 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-61728 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-61728 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-61728 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-61730 ( SUSE ): 2.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2025-61730 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2025-61730 ( NVD ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2025-61731 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-61731 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-61731 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-68119 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-68119 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-68119 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 An update that solves five vulnerabilities and contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20260128T190828 2026-01-28T19:08:28Z (jsc#PED-11136): Go CVE Numbering Authority IDs added or updatedwith aliases: * GO-2026-4338 CVE-2025-68119 CVE-2025-68119 * GO-2026-4339 CVE-2025-61731 CVE-2025-61731 * GO-2026-4340 CVE-2025-61730 CVE-2025-61730 * GO-2026-4341 CVE-2025-61726 CVE-2025-61726 * GO-2026-4342 CVE-2025-61728 CVE-2025-61728 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2026-354=1 ## Package List: * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20260128T190828-150000.1.143.1 ## References: * https://www.suse.com/security/cve/CVE-2025-61726.html * https://www.suse.com/security/cve/CVE-2025-61728.html * https://www.suse.com/security/cve/CVE-2025-61730.html * https://www.suse.com/security/cve/CVE-2025-61731.html * https://www.suse.com/security/cve/CVE-2025-68119.html * https://jira.suse.com/browse/PED-11136 . Fixes five issues and adds feature in govulncheck-vulndb for openSUSE. Moderate severity update available. Install urgently.. govulncheck-vulndb , security advisory , openSUSE. . LinuxSecurity.com Team
Feb 02, 2026
SuSE
100
security advisorymoderateupdateSUSE: 2022:3915-1 Moderate: Vsftpd Bugfix and Feature Update
An update that contains security fixes and contains one feature can now be installed. . SUSE Security Update: Security update for vsftpd ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3915-1 Rating: moderate References: #1196918 SLE-24275 Affected Products: SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Module for Server Applications 15-SP4 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3 openSUSE Leap 15.4 ______________________________________________________________________________ An update that contains security fixes and contains one feature can now be installed. Description: This update for vsftpd fixes the following issues: Bugfixes: - Removed unsupported systemd hardening options (bsc#1196918). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-3915=1 - SUSE Linux Enterprise Module for Server Applications 15-SP4: zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2022-3915=1 Package List: - openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64): vsftpd-3.0.5-150400.3.6.1 vsftpd-debuginfo-3.0.5-150400.3.6.1 vsftpd-debugsource-3.0.5-150400.3.6.1 - SUSE Linux Enterprise Module for Server Applications 15-SP4 (aarch64 ppc64le s390x x86_64): vsftpd-3.0.5-150400.3.6.1 vsftpd-debuginfo-3.0.5-150400.3.6.1 vsftpd-debugsource-3.0.5-150400.3.6.1 References: https://bugzilla.suse.com/1196918 . SUSE Security Update for openssl with Announcement ID: SUSE-SU-2022:3920-1 and Rating: high.. SUSE Linux Update,vSFTPD Security Patch,SUSE Bugfix. . LinuxSecurity.com Team
Nov 08, 2022
SuSE
100
security advisorymoderateupdateSUSE 15-SP4: SUSE-SU-2022:3198-1 Moderate: Archive_Tar Fix
An update that fixes one vulnerability, contains one feature is now available. . SUSE Security Update: Security update for php8-pear ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:3198-1 Rating: moderate References: SLE-24728 Cross-References: CVE-2021-32610 CVSS scores: CVE-2021-32610 (NVD) : 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N Affected Products: SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Module for Web Scripting 15-SP4 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3 ______________________________________________________________________________ An update that fixes one vulnerability, contains one feature is now available. Description: This update for php8-pear fixes the following issues: - Add php8-pear to SLE15-SP4 (jsc#SLE-24728) - Update to 1.10.21 - PEAR 1.10.13 * unsupported protocol - use --force to continue * Add $this operator to _determineIfPowerpc calls - Update to 1.10.20 - Archive_Tar 1.4.14 * Properly fix symbolic link path traversal (CVE-2021-32610) - Archive_Tar 1.4.13 * Relative symlinks failing (out-of path file extraction) - Archive_Tar 1.4.12 - Archive_Tar 1.4.11 - Archive_Tar 1.4.10 * Fix block padding when the file buffer length is a multiple of 512 and smaller than Archive_Tar buffer length * Don't try to copy username/groupname in chroot jail - provides and obsoletes php7-pear-Archive_Tar, former location of PEAR/Archive/Tar.php - Update to version 1.10.19 - PEAR 1.10.12 * adjust dependencies based on new releases - XML_Util 1.4.5 * fix Trying to access array offset on value of type int - Update to version 1.10.18 - Remove pear-cacheid-array-check.patch (upstreamed) - Contents of .filemap are now sorted internally - Sort contents of .filemap to make build reproducible - Recommend php7-openssl to allow https sources to be used - Modify metadata_dir for system configuration only - Add /var/lib/pear directory where xml files are stored - Cleanup %files section - Only use the GPG keys of Chuck Burgess. Extracted from the Release Manager public keys. - Add release versions of PEAR modules - Install metadata files (registry, filemap, channels, ...) in /var/lib/pear/ instead of /usr/share/php7/PEAR/ - Update to version 1.10.17 Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Module for Web Scripting 15-SP4: zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP4-2022-3198=1 Package List: - SUSE Linux Enterprise Module for Web Scripting 15-SP4 (noarch): php8-pear-1.10.21-150400.9.3.1 php8-pecl-1.10.21-150400.9.3.1 References: https://www.suse.com/security/cve/CVE-2021-32610.html . SUSE Security Announcement: Latest php8-pear update addresses security flaws and introduces enhancements. Detailed installation guidelines included.. SUSE Linux, php8-pear update, enterprise security, security announcement. . LinuxSecurity.com Team
Sep 08, 2022
SuSE
100
security advisorymoderateupdateSUSE: 2022:15036-1 Moderate: Client Tools Patch for CVE-2022-22967
An update that solves one vulnerability, contains one feature and has 10 fixes is now available. . SUSE Security Update: Security update for SUSE Manager Client Tools ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:15036-1 Rating: moderate References: #1195895 #1197288 #1198489 #1198744 #1199372 #1200163 #1200566 #1200591 #1201003 #1201082 #1202259 ECO-3319 Cross-References: CVE-2022-22967 CVSS scores: CVE-2022-22967 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-22967 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: SUSE Manager Ubuntu 20.04-CLIENT-TOOLS ______________________________________________________________________________ An update that solves one vulnerability, contains one feature and has 10 fixes is now available. Description: This update fixes the following issues: salt: - Put missing dpkgnotify pkgset beacon plugin to the salt-minion package (bsc#1202259) - Add support for gpgautoimport in zypperpkg module - Update Salt to work with Jinja > = and = 23.0.0 (bsc#1201082) - Add support for name, pkgs and diff_attr parameters to upgrade function for zypper and yum (bsc#1198489) - Fix ownership of salt thin directory when using the Salt Bundle - Set default target for pip from VENV_PIP_TARGET environment variable - Normalize package names once with pkg.installed/removed using yum (bsc#1195895) - Save log to logfile with docker.build - Use Salt Bundle in dockermod - Ignore erros on reading license files with dpkg_lowpkg (bsc#1197288) - Fix PAM auth issue due missing check for PAM_ACCT_MGM return value (CVE-2022-22967) (bsc#1200566) scap-security-guide: - Fix the build for RHEL 7 and clones (python-setuptools is used) - Fix the build for RHEL 9 and clones - convert one bashemitter to new jinja method. (bsc#1200163) - Add python3-setuptools for all builds (so it is also used on debian and centos flavors) - Updated to 0.1.62 (jsc#ECO-3319) - Update rhel8 stig to v1r6 - OL7 STIG v2r7 update - Initial definition of ANSSI BP28 minmal profile for SLE - Updated to 0.1.61 (jsc#ECO-3319) - Stop building PCI-DSS-centric XCCDF benchmark for RHEL 7 - Introduce OL9 product - Implement handling of logical expressions in platform definitions - Bump disk size constraints to 7gb to avoid occasional disk fulls failures. spacecmd: - Version 4.3.14-1 * Fix missing argument on system_listmigrationtargets (bsc#1201003) * Show correct help on calling kickstart_importjson with no arguments * Fix tracebacks on spacecmd kickstart_export (bsc#1200591) * Change proxy container config default filename to end with tar.gz * Update translation strings Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Manager Ubuntu 20.04-CLIENT-TOOLS: zypper in -t patch suse-ubu204ct-client-tools-202208-15036=1 Package List: - SUSE Manager Ubuntu 20.04-CLIENT-TOOLS (all): salt-common-3004+ds-1+2.82.1 salt-minion-3004+ds-1+2.82.1 scap-security-guide-ubuntu-0.1.62-2.21.1 spacecmd-4.3.14-2.48.1 References: https://www.suse.com/security/cve/CVE-2022-22967.html https://bugzilla.suse.com/1195895 https://bugzilla.suse.com/1197288 https://bugzilla.suse.com/1198489 https://bugzilla.suse.com/1198744 https://bugzilla.suse.com/1199372 https://bugzilla.suse.com/1200163 https://bugzilla.suse.com/1200566 https://bugzilla.suse.com/1200591 https://bugzilla.suse.com/1201003 https://bugzilla.suse.com/1201082 https://bugzilla.suse.com/1202259 . SUSE Security Patch for Client Applications addressesvulnerabilities and brings enhancements. Discover the latest updates and improvements.. SUSE Manager Clients, Security Update, Package Fixes. . LinuxSecurity.com Team
Sep 08, 2022
SuSE
100
security advisorymoderateupdateSUSE Manager Client Tools Update: 11 Fixes and 1 Feature
An update that solves 11 vulnerabilities, contains one feature and has 17 fixes is now available. . SUSE Security Update: Security Beta update for SUSE Manager Client Tools ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:14734-1 Rating: moderate References: #1099976 #1171257 #1172110 #1174855 #1176293 #1177474 #1179831 #1180101 #1180818 #1181290 #1181347 #1181368 #1181550 #1181556 #1181557 #1181558 #1181559 #1181560 #1181561 #1181562 #1181563 #1181564 #1181565 #1182281 #1182293 #1182740 #1185092 #1185281 ECO-3212 Cross-References: CVE-2020-28243 CVE-2020-28972 CVE-2020-35662 CVE-2021-25281 CVE-2021-25282 CVE-2021-25283 CVE-2021-25284 CVE-2021-3144 CVE-2021-3148 CVE-2021-31607 CVE-2021-3197 CVSS scores: CVE-2020-28243 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2020-28243 (SUSE): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2020-28972 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2020-28972 (SUSE): 7.3 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVE-2020-35662 (NVD) : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2020-35662 (SUSE): 9.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L CVE-2021-25281 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-25281 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-25282 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H CVE-2021-25282 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-25283 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-25283 (SUSE): 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-25284 (NVD) : 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N CVE-2021-25284 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2021-3144 (NVD) : 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2021-3144 (SUSE): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2021-3148 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-3148 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-31607 (NVD) : 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-31607 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-3197 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-3197 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: SUSE Manager Ubuntu 20.04-CLIENT-TOOLS-BETA ______________________________________________________________________________ An update that solves 11 vulnerabilities, contains one feature and has 17 fixes is now available. Description: This update fixes the following issues: salt: - Update to Salt release version 3002.2 (jsc#ECO-3212) - Drop support for Python2. Obsoletes `python2-salt` package - Virt module updates * network: handle missing ipv4 netmask attribute * more network support * PCI/USB host devices passthrough support - Set distro requirement to oldest supported version in requirements/base.txt - Bring missing part of async batch implementation back - Always require python3-distro (bsc#1182293) - Remove deprecated warning that breaks minion execution when "server_id_use_crc" opts is missing (Revert - Remove msgpack < 1.0.0 from base requirements (bsc#1176293) - Msgpack support for version > = 1.0.0 (bsc#1171257) - Fix issue parsing errors inansiblegate state module - Prevent command injection in the snapper module (bsc#1185281) (CVE-2021-31607) - Transactional_update: detect recursion in the executor - Add subpackage salt-transactional-update - Remove duplicate directories from specfile - Improvements on "ansiblegate" module (bsc#1185092): * New methods: ansible.targets / ansible.discover_playbooks - Add support for Alibaba Cloud Linux 2 (Aliyun Linux) - Regression fix of salt-ssh on processing targets - Update target fix for salt-ssh and avoiding race condition on salt-ssh event processing (bsc#1179831, bsc#1182281) - Add notify beacon for Debian/Ubuntu systems - Fix zmq bug that causes salt-call to freeze (bsc#1181368) - Add core grains support for AlmaLinux - Allow vendor change option with zypper - Virt: virtual network backports to Salt 3000 - Prevent breaking Ansible filter modules (bsc#1177474) - Only require python-certifi for CentOS7 - Fix race conditions for corner cases when handling SIGTERM by minion (bsc#1172110) - Implementation of suse_ip execution module to prevent issues with network.managed (bsc#1099976) - Fix recursion false detection in payload (bsc#1180101) - Add sleep on exception handling on minion connection attempt to the master (bsc#1174855) - Allows for the VMware provider to handle CPU and memory hot-add in newer versions of the software. (bsc#1181347) - Always require python-certifi (used by salt.ext.tornado) - Exclude SLE 12 from requiring python-certifi - Do not crash when unexpected cmd output at listing patches (bsc#1181290) - Fix behavior for "onlyif/unless" when multiple conditions (bsc#1180818) - Fix regression on cmd.run when passing tuples as cmd (bsc#1182740) - Allow extra_filerefs as sanitized kwargs for SSH client - Fix errors with virt.update - Fix for multiple for security issues (CVE-2020-28243) (CVE-2020-28972) (CVE-2020-35662) (CVE-2021-3148) (CVE-2021-3144) (CVE-2021-25281) (CVE-2021-25282) (CVE-2021-25283) (CVE-2021-25284) (CVE-2021-3197) (bsc#1181550) (bsc#1181556) (bsc#1181557) (bsc#1181558) (bsc#1181559) (bsc#1181560) (bsc#1181561) (bsc#1181562) (bsc#1181563) (bsc#1181564) (bsc#1181565) - Virt: search for grub.xen path - Xen spicevmc, DNS SRV records backports: Fix virtual network generated DNS XML for SRV records Don't add spicevmc channel to xen VMs - Virt UEFI fix: virt.update when efi=True - Revert wrong zypper patch to support vendorchanges flags on pkg.install spacecmd: - Rename system migration to system transfer - Rename SP to product migration Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Manager Ubuntu 20.04-CLIENT-TOOLS-BETA: zypper in -t patch suse-ubu204ct-client-tools-beta-202105-14734=1 Package List: - SUSE Manager Ubuntu 20.04-CLIENT-TOOLS-BETA (all): salt-common-3002.2+ds-1+2.27.1 salt-minion-3002.2+ds-1+2.27.1 spacecmd-4.2.8-2.18.1 References: https://www.suse.com/security/cve/CVE-2020-28243.html https://www.suse.com/security/cve/CVE-2020-28972.html https://www.suse.com/security/cve/CVE-2020-35662.html https://www.suse.com/security/cve/CVE-2021-25281.html https://www.suse.com/security/cve/CVE-2021-25282.html https://www.suse.com/security/cve/CVE-2021-25283.html https://www.suse.com/security/cve/CVE-2021-25284.html https://www.suse.com/security/cve/CVE-2021-3144.html https://www.suse.com/security/cve/CVE-2021-3148.html https://www.suse.com/security/cve/CVE-2021-31607.html https://www.suse.com/security/cve/CVE-2021-3197.html https://bugzilla.suse.com/1099976 https://bugzilla.suse.com/1171257 https://bugzilla.suse.com/1172110 https://bugzilla.suse.com/1174855 https://bugzilla.suse.com/1176293 https://bugzilla.suse.com/1177474 https://bugzilla.suse.com/1179831 https://bugzilla.suse.com/1180101 https://bugzilla.suse.com/1180818 https://bugzilla.suse.com/1181290 https://bugzilla.suse.com/1181347 https://bugzilla.suse.com/1181368 https://bugzilla.suse.com/1181550 https://bugzilla.suse.com/1181556 https://bugzilla.suse.com/1181557 https://bugzilla.suse.com/1181558 https://bugzilla.suse.com/1181559 https://bugzilla.suse.com/1181560 https://bugzilla.suse.com/1181561 https://bugzilla.suse.com/1181562 https://bugzilla.suse.com/1181563 https://bugzilla.suse.com/1181564 https://bugzilla.suse.com/1181565 https://bugzilla.suse.com/1182281 https://bugzilla.suse.com/1182293 https://bugzilla.suse.com/1182740 https://bugzilla.suse.com/1185092 https://bugzilla.suse.com/1185281 . A recent security update addresses 11 flaws in SUSE Manager Client Utilities, accompanied by 17 critical enhancements.. SUSE Manager Tools Update, Security Fix SUSE, Vulnerability Patch SUSE, Client Tools Security, SUSE Security Release. . LinuxSecurity.com Team
May 21, 2021
SuSE
100
security advisorymoderateupdateSUSE: 2020:3749-1 Moderate: Mitigation for aarch64 Speculation
An update that solves one vulnerability, contains one feature and has 7 fixes is now available. . SUSE Security Update: Security update for gcc7 ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:3749-1 Rating: moderate References: #1150164 #1161913 #1167939 #1172798 #1178577 #1178614 #1178624 #1178675 SLE-12209 Cross-References: CVE-2020-13844 Affected Products: SUSE Linux Enterprise Server for SAP 15 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Module for Development Tools 15-SP3 SUSE Linux Enterprise Module for Development Tools 15-SP2 SUSE Linux Enterprise Module for Development Tools 15-SP1 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Module for Basesystem 15-SP2 SUSE Linux Enterprise Module for Basesystem 15-SP1 SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise High Performance Computing 15-ESPOS ______________________________________________________________________________ An update that solves one vulnerability, contains one feature and has 7 fixes is now available. Description: This update for gcc7 fixes the following issues: - CVE-2020-13844: Added mitigation for aarch64 Straight Line Speculation issue (bsc#1172798) - Enable fortran for the nvptx offload compiler. - Update README.First-for.SuSE.packagers - avoid assembler errors with AVX512 gather and scatter instructions when using -masm=intel. - Backport the aarch64 -moutline-atomics feature and accumulated fixes but not its default enabling. [jsc#SLE-12209, bsc#1167939] - Fixed 32bit libgnat.so link. [bsc#1178675] - Fixed memcpy miscompilation on aarch64. [bsc#1178624, bsc#1178577] - Fixed debug line info for try/catch. [bsc#1178614] - Remove -mbranch-protection=standard (aarch64 flag) when gcc7 is used to build gcc7 (ie when ada is enabled) - Fixed corruption of pass private -> aux via DF. [gcc#94148] - Fixed debug information issue with inlined functions and passed by reference arguments. [gcc#93888] - Fixed binutils release date detection issue. - Fixed register allocation issue with exception handling code on s390x. [bsc#1161913] - Fixed miscompilation of some atomic code on aarch64. [bsc#1150164] Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server for SAP 15: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2020-3749=1 - SUSE Linux Enterprise Server 15-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-2020-3749=1 - SUSE Linux Enterprise Module for Development Tools 15-SP3: zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP3-2020-3749=1 - SUSE Linux Enterprise Module for Development Tools 15-SP2: zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP2-2020-3749=1 - SUSE Linux Enterprise Module for Development Tools 15-SP1: zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP1-2020-3749=1 - SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2020-3749=1 - SUSE Linux Enterprise Module for Basesystem 15-SP2: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP2-2020-3749=1 - SUSE Linux Enterprise Module for Basesystem 15-SP1: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-3749=1 - SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2020-3749=1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patchSUSE-SLE-Product-HPC-15-2020-3749=1 Package List: - SUSE Linux Enterprise Server for SAP 15 (ppc64le x86_64): cpp7-7.5.0+r278197-4.19.2 cpp7-debuginfo-7.5.0+r278197-4.19.2 gcc7-7.5.0+r278197-4.19.2 gcc7-ada-7.5.0+r278197-4.19.2 gcc7-ada-debuginfo-7.5.0+r278197-4.19.2 gcc7-c++-7.5.0+r278197-4.19.2 gcc7-c++-debuginfo-7.5.0+r278197-4.19.2 gcc7-debuginfo-7.5.0+r278197-4.19.2 gcc7-debugsource-7.5.0+r278197-4.19.2 gcc7-fortran-7.5.0+r278197-4.19.2 gcc7-fortran-debuginfo-7.5.0+r278197-4.19.2 gcc7-locale-7.5.0+r278197-4.19.2 gcc7-objc-7.5.0+r278197-4.19.2 gcc7-objc-debuginfo-7.5.0+r278197-4.19.2 libada7-7.5.0+r278197-4.19.2 libada7-debuginfo-7.5.0+r278197-4.19.2 libasan4-7.5.0+r278197-4.19.2 libasan4-debuginfo-7.5.0+r278197-4.19.2 libgfortran4-7.5.0+r278197-4.19.2 libgfortran4-debuginfo-7.5.0+r278197-4.19.2 libstdc++6-devel-gcc7-7.5.0+r278197-4.19.2 libubsan0-7.5.0+r278197-4.19.2 libubsan0-debuginfo-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise Server for SAP 15 (noarch): gcc7-info-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise Server for SAP 15 (x86_64): cross-nvptx-gcc7-7.5.0+r278197-4.19.2 cross-nvptx-newlib7-devel-7.5.0+r278197-4.19.2 gcc7-32bit-7.5.0+r278197-4.19.2 gcc7-c++-32bit-7.5.0+r278197-4.19.2 gcc7-fortran-32bit-7.5.0+r278197-4.19.2 libasan4-32bit-7.5.0+r278197-4.19.2 libasan4-32bit-debuginfo-7.5.0+r278197-4.19.2 libcilkrts5-32bit-7.5.0+r278197-4.19.2 libcilkrts5-32bit-debuginfo-7.5.0+r278197-4.19.2 libcilkrts5-7.5.0+r278197-4.19.2 libcilkrts5-debuginfo-7.5.0+r278197-4.19.2 libgfortran4-32bit-7.5.0+r278197-4.19.2 libgfortran4-32bit-debuginfo-7.5.0+r278197-4.19.2 libstdc++6-devel-gcc7-32bit-7.5.0+r278197-4.19.2 libubsan0-32bit-7.5.0+r278197-4.19.2 libubsan0-32bit-debuginfo-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise Server 15-LTSS (aarch64 s390x): cpp7-7.5.0+r278197-4.19.2 cpp7-debuginfo-7.5.0+r278197-4.19.2 gcc7-7.5.0+r278197-4.19.2 gcc7-ada-7.5.0+r278197-4.19.2 gcc7-ada-debuginfo-7.5.0+r278197-4.19.2 gcc7-c++-7.5.0+r278197-4.19.2 gcc7-c++-debuginfo-7.5.0+r278197-4.19.2 gcc7-debuginfo-7.5.0+r278197-4.19.2 gcc7-debugsource-7.5.0+r278197-4.19.2 gcc7-fortran-7.5.0+r278197-4.19.2 gcc7-fortran-debuginfo-7.5.0+r278197-4.19.2 gcc7-locale-7.5.0+r278197-4.19.2 gcc7-objc-7.5.0+r278197-4.19.2 gcc7-objc-debuginfo-7.5.0+r278197-4.19.2 libada7-7.5.0+r278197-4.19.2 libada7-debuginfo-7.5.0+r278197-4.19.2 libasan4-7.5.0+r278197-4.19.2 libasan4-debuginfo-7.5.0+r278197-4.19.2 libgfortran4-7.5.0+r278197-4.19.2 libgfortran4-debuginfo-7.5.0+r278197-4.19.2 libstdc++6-devel-gcc7-7.5.0+r278197-4.19.2 libubsan0-7.5.0+r278197-4.19.2 libubsan0-debuginfo-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise Server 15-LTSS (noarch): gcc7-info-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise Module for Development Tools 15-SP3 (aarch64 ppc64le s390x x86_64): gcc7-ada-7.5.0+r278197-4.19.2 gcc7-ada-debuginfo-7.5.0+r278197-4.19.2 gcc7-debuginfo-7.5.0+r278197-4.19.2 gcc7-debugsource-7.5.0+r278197-4.19.2 gcc7-locale-7.5.0+r278197-4.19.2 gcc7-objc-7.5.0+r278197-4.19.2 gcc7-objc-debuginfo-7.5.0+r278197-4.19.2 libada7-7.5.0+r278197-4.19.2 libada7-debuginfo-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise Module for Development Tools 15-SP3 (noarch): gcc7-info-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise Module for Development Tools 15-SP3 (x86_64): cross-nvptx-gcc7-7.5.0+r278197-4.19.2 cross-nvptx-newlib7-devel-7.5.0+r278197-4.19.2 gcc7-32bit-7.5.0+r278197-4.19.2 gcc7-c++-32bit-7.5.0+r278197-4.19.2 gcc7-fortran-32bit-7.5.0+r278197-4.19.2 libasan4-32bit-7.5.0+r278197-4.19.2 libasan4-32bit-debuginfo-7.5.0+r278197-4.19.2 libcilkrts5-32bit-7.5.0+r278197-4.19.2 libcilkrts5-32bit-debuginfo-7.5.0+r278197-4.19.2 libstdc++6-devel-gcc7-32bit-7.5.0+r278197-4.19.2 libubsan0-32bit-7.5.0+r278197-4.19.2 libubsan0-32bit-debuginfo-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise Module for Development Tools 15-SP2 (aarch64 ppc64le s390x x86_64): gcc7-ada-7.5.0+r278197-4.19.2 gcc7-ada-debuginfo-7.5.0+r278197-4.19.2 gcc7-debuginfo-7.5.0+r278197-4.19.2 gcc7-debugsource-7.5.0+r278197-4.19.2 gcc7-locale-7.5.0+r278197-4.19.2 gcc7-objc-7.5.0+r278197-4.19.2 gcc7-objc-debuginfo-7.5.0+r278197-4.19.2 libada7-7.5.0+r278197-4.19.2 libada7-debuginfo-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise Module for Development Tools 15-SP2 (x86_64): cross-nvptx-gcc7-7.5.0+r278197-4.19.2 cross-nvptx-newlib7-devel-7.5.0+r278197-4.19.2 gcc7-32bit-7.5.0+r278197-4.19.2 gcc7-c++-32bit-7.5.0+r278197-4.19.2 gcc7-fortran-32bit-7.5.0+r278197-4.19.2 libasan4-32bit-7.5.0+r278197-4.19.2 libasan4-32bit-debuginfo-7.5.0+r278197-4.19.2 libcilkrts5-32bit-7.5.0+r278197-4.19.2 libcilkrts5-32bit-debuginfo-7.5.0+r278197-4.19.2 libstdc++6-devel-gcc7-32bit-7.5.0+r278197-4.19.2 libubsan0-32bit-7.5.0+r278197-4.19.2 libubsan0-32bit-debuginfo-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise Module for Development Tools 15-SP2 (noarch): gcc7-info-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise Module for Development Tools 15-SP1 (aarch64 ppc64le s390x x86_64): gcc7-ada-7.5.0+r278197-4.19.2 gcc7-ada-debuginfo-7.5.0+r278197-4.19.2 gcc7-debuginfo-7.5.0+r278197-4.19.2 gcc7-debugsource-7.5.0+r278197-4.19.2 gcc7-locale-7.5.0+r278197-4.19.2 gcc7-objc-7.5.0+r278197-4.19.2 gcc7-objc-debuginfo-7.5.0+r278197-4.19.2 libada7-7.5.0+r278197-4.19.2 libada7-debuginfo-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise Module for Development Tools 15-SP1 (x86_64): cross-nvptx-gcc7-7.5.0+r278197-4.19.2 cross-nvptx-newlib7-devel-7.5.0+r278197-4.19.2 gcc7-32bit-7.5.0+r278197-4.19.2 gcc7-c++-32bit-7.5.0+r278197-4.19.2 gcc7-fortran-32bit-7.5.0+r278197-4.19.2 libasan4-32bit-7.5.0+r278197-4.19.2 libasan4-32bit-debuginfo-7.5.0+r278197-4.19.2 libcilkrts5-32bit-7.5.0+r278197-4.19.2 libcilkrts5-32bit-debuginfo-7.5.0+r278197-4.19.2 libstdc++6-devel-gcc7-32bit-7.5.0+r278197-4.19.2 libubsan0-32bit-7.5.0+r278197-4.19.2 libubsan0-32bit-debuginfo-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise Module for Development Tools 15-SP1 (noarch): gcc7-info-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (aarch64 ppc64le s390x x86_64): cpp7-7.5.0+r278197-4.19.2 cpp7-debuginfo-7.5.0+r278197-4.19.2 gcc7-7.5.0+r278197-4.19.2 gcc7-c++-7.5.0+r278197-4.19.2 gcc7-c++-debuginfo-7.5.0+r278197-4.19.2 gcc7-debuginfo-7.5.0+r278197-4.19.2 gcc7-debugsource-7.5.0+r278197-4.19.2 gcc7-fortran-7.5.0+r278197-4.19.2 gcc7-fortran-debuginfo-7.5.0+r278197-4.19.2 libasan4-7.5.0+r278197-4.19.2 libasan4-debuginfo-7.5.0+r278197-4.19.2 libgfortran4-7.5.0+r278197-4.19.2 libgfortran4-debuginfo-7.5.0+r278197-4.19.2 libstdc++6-devel-gcc7-7.5.0+r278197-4.19.2 libubsan0-7.5.0+r278197-4.19.2 libubsan0-debuginfo-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (x86_64): libcilkrts5-7.5.0+r278197-4.19.2 libcilkrts5-debuginfo-7.5.0+r278197-4.19.2 libgfortran4-32bit-7.5.0+r278197-4.19.2 libgfortran4-32bit-debuginfo-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise Module for Basesystem 15-SP2 (aarch64 ppc64le s390x x86_64): cpp7-7.5.0+r278197-4.19.2 cpp7-debuginfo-7.5.0+r278197-4.19.2 gcc7-7.5.0+r278197-4.19.2 gcc7-c++-7.5.0+r278197-4.19.2 gcc7-c++-debuginfo-7.5.0+r278197-4.19.2 gcc7-debuginfo-7.5.0+r278197-4.19.2 gcc7-debugsource-7.5.0+r278197-4.19.2 gcc7-fortran-7.5.0+r278197-4.19.2 gcc7-fortran-debuginfo-7.5.0+r278197-4.19.2 libasan4-7.5.0+r278197-4.19.2 libasan4-debuginfo-7.5.0+r278197-4.19.2 libgfortran4-7.5.0+r278197-4.19.2 libgfortran4-debuginfo-7.5.0+r278197-4.19.2 libstdc++6-devel-gcc7-7.5.0+r278197-4.19.2 libubsan0-7.5.0+r278197-4.19.2 libubsan0-debuginfo-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise Module for Basesystem 15-SP2 (x86_64): libcilkrts5-7.5.0+r278197-4.19.2 libcilkrts5-debuginfo-7.5.0+r278197-4.19.2 libgfortran4-32bit-7.5.0+r278197-4.19.2 libgfortran4-32bit-debuginfo-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise Module for Basesystem 15-SP1 (aarch64 ppc64le s390x x86_64): cpp7-7.5.0+r278197-4.19.2 cpp7-debuginfo-7.5.0+r278197-4.19.2 gcc7-7.5.0+r278197-4.19.2 gcc7-c++-7.5.0+r278197-4.19.2 gcc7-c++-debuginfo-7.5.0+r278197-4.19.2 gcc7-debuginfo-7.5.0+r278197-4.19.2 gcc7-debugsource-7.5.0+r278197-4.19.2 gcc7-fortran-7.5.0+r278197-4.19.2 gcc7-fortran-debuginfo-7.5.0+r278197-4.19.2 libasan4-7.5.0+r278197-4.19.2 libasan4-debuginfo-7.5.0+r278197-4.19.2 libgfortran4-7.5.0+r278197-4.19.2 libgfortran4-debuginfo-7.5.0+r278197-4.19.2 libstdc++6-devel-gcc7-7.5.0+r278197-4.19.2 libubsan0-7.5.0+r278197-4.19.2 libubsan0-debuginfo-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise Module for Basesystem 15-SP1 (x86_64): libcilkrts5-7.5.0+r278197-4.19.2 libcilkrts5-debuginfo-7.5.0+r278197-4.19.2 libgfortran4-32bit-7.5.0+r278197-4.19.2 libgfortran4-32bit-debuginfo-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64): cpp7-7.5.0+r278197-4.19.2 cpp7-debuginfo-7.5.0+r278197-4.19.2 gcc7-7.5.0+r278197-4.19.2 gcc7-ada-7.5.0+r278197-4.19.2 gcc7-ada-debuginfo-7.5.0+r278197-4.19.2 gcc7-c++-7.5.0+r278197-4.19.2 gcc7-c++-debuginfo-7.5.0+r278197-4.19.2 gcc7-debuginfo-7.5.0+r278197-4.19.2 gcc7-debugsource-7.5.0+r278197-4.19.2 gcc7-fortran-7.5.0+r278197-4.19.2 gcc7-fortran-debuginfo-7.5.0+r278197-4.19.2 gcc7-locale-7.5.0+r278197-4.19.2 gcc7-objc-7.5.0+r278197-4.19.2 gcc7-objc-debuginfo-7.5.0+r278197-4.19.2 libada7-7.5.0+r278197-4.19.2 libada7-debuginfo-7.5.0+r278197-4.19.2 libasan4-7.5.0+r278197-4.19.2 libasan4-debuginfo-7.5.0+r278197-4.19.2 libgfortran4-7.5.0+r278197-4.19.2 libgfortran4-debuginfo-7.5.0+r278197-4.19.2 libstdc++6-devel-gcc7-7.5.0+r278197-4.19.2 libubsan0-7.5.0+r278197-4.19.2 libubsan0-debuginfo-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise High Performance Computing 15-LTSS (x86_64): cross-nvptx-gcc7-7.5.0+r278197-4.19.2 cross-nvptx-newlib7-devel-7.5.0+r278197-4.19.2 gcc7-32bit-7.5.0+r278197-4.19.2 gcc7-c++-32bit-7.5.0+r278197-4.19.2 gcc7-fortran-32bit-7.5.0+r278197-4.19.2 libasan4-32bit-7.5.0+r278197-4.19.2 libasan4-32bit-debuginfo-7.5.0+r278197-4.19.2 libcilkrts5-32bit-7.5.0+r278197-4.19.2 libcilkrts5-32bit-debuginfo-7.5.0+r278197-4.19.2 libcilkrts5-7.5.0+r278197-4.19.2 libcilkrts5-debuginfo-7.5.0+r278197-4.19.2 libgfortran4-32bit-7.5.0+r278197-4.19.2 libgfortran4-32bit-debuginfo-7.5.0+r278197-4.19.2 libstdc++6-devel-gcc7-32bit-7.5.0+r278197-4.19.2 libubsan0-32bit-7.5.0+r278197-4.19.2 libubsan0-32bit-debuginfo-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch): gcc7-info-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64): cpp7-7.5.0+r278197-4.19.2 cpp7-debuginfo-7.5.0+r278197-4.19.2 gcc7-7.5.0+r278197-4.19.2 gcc7-ada-7.5.0+r278197-4.19.2 gcc7-ada-debuginfo-7.5.0+r278197-4.19.2 gcc7-c++-7.5.0+r278197-4.19.2 gcc7-c++-debuginfo-7.5.0+r278197-4.19.2 gcc7-debuginfo-7.5.0+r278197-4.19.2 gcc7-debugsource-7.5.0+r278197-4.19.2 gcc7-fortran-7.5.0+r278197-4.19.2 gcc7-fortran-debuginfo-7.5.0+r278197-4.19.2 gcc7-locale-7.5.0+r278197-4.19.2 gcc7-objc-7.5.0+r278197-4.19.2 gcc7-objc-debuginfo-7.5.0+r278197-4.19.2 libada7-7.5.0+r278197-4.19.2 libada7-debuginfo-7.5.0+r278197-4.19.2 libasan4-7.5.0+r278197-4.19.2 libasan4-debuginfo-7.5.0+r278197-4.19.2 libgfortran4-7.5.0+r278197-4.19.2 libgfortran4-debuginfo-7.5.0+r278197-4.19.2 libstdc++6-devel-gcc7-7.5.0+r278197-4.19.2 libubsan0-7.5.0+r278197-4.19.2 libubsan0-debuginfo-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (x86_64): cross-nvptx-gcc7-7.5.0+r278197-4.19.2 cross-nvptx-newlib7-devel-7.5.0+r278197-4.19.2 gcc7-32bit-7.5.0+r278197-4.19.2 gcc7-c++-32bit-7.5.0+r278197-4.19.2 gcc7-fortran-32bit-7.5.0+r278197-4.19.2 libasan4-32bit-7.5.0+r278197-4.19.2 libasan4-32bit-debuginfo-7.5.0+r278197-4.19.2 libcilkrts5-32bit-7.5.0+r278197-4.19.2 libcilkrts5-32bit-debuginfo-7.5.0+r278197-4.19.2 libcilkrts5-7.5.0+r278197-4.19.2 libcilkrts5-debuginfo-7.5.0+r278197-4.19.2 libgfortran4-32bit-7.5.0+r278197-4.19.2 libgfortran4-32bit-debuginfo-7.5.0+r278197-4.19.2 libstdc++6-devel-gcc7-32bit-7.5.0+r278197-4.19.2 libubsan0-32bit-7.5.0+r278197-4.19.2 libubsan0-32bit-debuginfo-7.5.0+r278197-4.19.2 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch): gcc7-info-7.5.0+r278197-4.19.2 References: https://www.suse.com/security/cve/CVE-2020-13844.html https://bugzilla.suse.com/1150164 https://bugzilla.suse.com/1161913 https://bugzilla.suse.com/1167939 https://bugzilla.suse.com/1172798 https://bugzilla.suse.com/1178577 https://bugzilla.suse.com/1178614 https://bugzilla.suse.com/1178624 https://bugzilla.suse.com/1178675 . SUSE has released a security update for gcc7, whichtackles a single vulnerability and includes seven important corrections categorized with moderate severity.. SUSE Linux, gcc7 Fix, Security Update. . LinuxSecurity.com Team
Dec 10, 2020
SuSE
100
security advisorymoderatebug fixSUSE: 2020:3326-1 Moderate: Linux Kernel Security Update
An update that solves 7 vulnerabilities, contains one feature and has 47 fixes is now available. . SUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:3326-1 Rating: moderate References: #1055014 #1058115 #1061843 #1065600 #1065729 #1066382 #1077428 #1112178 #1114648 #1131277 #1134760 #1157424 #1163592 #1167030 #1170415 #1171558 #1172538 #1173432 #1174748 #1175520 #1175721 #1176354 #1176485 #1176560 #1176723 #1176907 #1176946 #1177086 #1177101 #1177271 #1177281 #1177410 #1177411 #1177470 #1177719 #1177740 #1177749 #1177750 #1177753 #1177754 #1177755 #1177766 #1177855 #1177856 #1177861 #1178003 #1178027 #1178166 #1178185 #1178187 #1178188 #1178202 #1178234 #1178330 SLE-10886 Cross-References: CVE-2020-0430 CVE-2020-14351 CVE-2020-16120 CVE-2020-25285 CVE-2020-25656 CVE-2020-25705 CVE-2020-8694 Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP5 SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Live Patching 12-SP5 SUSE Linux Enterprise High Availability 12-SP5 ______________________________________________________________________________ An update that solves 7 vulnerabilities, contains one feature and has 47 fixes is now available. Description: The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bug fixes. The following security bugs were fixed: - CVE-2020-25656: Fixed a concurrency use-after-free in vt_do_kdgkb_ioctl (bnc#1177766). - CVE-2020-25285: Fixed arace condition between hugetlb sysctl handlers in mm/hugetlb.c (bnc#1176485). - CVE-2020-0430: Fixed an OOB read in skb_headlen of /include/linux/skbuff.h (bnc#1176723). - CVE-2020-14351: Fixed a race in the perf_mmap_close() function (bsc#1177086). - CVE-2020-16120: Fixed a permissions issue in ovl_path_open() (bsc#1177470). - CVE-2020-8694: Restricted energy meter to root access (bsc#1170415). - CVE-2020-25705: A ICMP global rate limiting side-channel was removed which could lead to e.g. the SADDNS attack (bsc#1175721) The following non-security bugs were fixed: - ACPI: dock: fix enum-conversion warning (git-fixes). - ALSA: bebob: potential info leak in hwdep_read() (git-fixes). - ALSA: compress_offload: remove redundant initialization (git-fixes). - ALSA: core: init: use DECLARE_COMPLETION_ONSTACK() macro (git-fixes). - ALSA: core: pcm: simplify locking for timers (git-fixes). - ALSA: core: timer: clarify operator precedence (git-fixes). - ALSA: core: timer: remove redundant assignment (git-fixes). - ALSA: ctl: Workaround for lockdep warning wrt card-> ctl_files_rwlock (git-fixes). - ALSA: hda: auto_parser: remove shadowed variable declaration (git-fixes). - ALSA: hda - Do not register a cb func if it is registered already (git-fixes). - ALSA: hda/realtek - Add mute Led support for HP Elitebook 845 G7 (git-fixes). - ALSA: hda/realtek: Enable audio jacks of ASUS D700SA with ALC887 (git-fixes). - ALSA: hda/realtek - The front Mic on a HP machine does not work (git-fixes). - ALSA: hda: use semicolons rather than commas to separate statements (git-fixes). - ALSA: mixart: Correct comment wrt obsoleted tasklet usage (git-fixes). - ALSA: rawmidi: (cosmetic) align function parameters (git-fixes). - ALSA: seq: oss: Avoid mutex lock for a long-time ioctl (git-fixes). - ALSA: usb-audio: Add mixer support for Pioneer DJ DJM-250MK2 (git-fixes). - ALSA: usb-audio: endpoint.c: fix repeated word'there' (git-fixes). - ALSA: usb-audio: fix spelling mistake "Frequence" -> "Frequency" (git-fixes). - ASoC: qcom: lpass-cpu: fix concurrency issue (git-fixes). - ASoC: qcom: lpass-platform: fix memory leak (git-fixes). - ath10k: check idx validity in __ath10k_htt_rx_ring_fill_n() (git-fixes). - ath10k: Fix the size used in a 'dma_free_coherent()' call in an error handling path (git-fixes). - ath10k: provide survey info as accumulated data (git-fixes). - ath6kl: prevent potential array overflow in ath6kl_add_new_sta() (git-fixes). - ath6kl: wmi: prevent a shift wrapping bug in ath6kl_wmi_delete_pstream_cmd() (git-fixes). - ath9k: Fix potential out of bounds in ath9k_htc_txcompletion_cb() (git-fixes). - ath9k: hif_usb: fix race condition between usb_get_urb() and usb_kill_anchored_urbs() (git-fixes). - blk-mq: order adding requests to hctx-> dispatch and checking SCHED_RESTART (bsc#1177750). - block: ensure bdi-> io_pages is always initialized (bsc#1177749). - Bluetooth: MGMT: Fix not checking if BT_HS is enabled (git-fixes). - Bluetooth: Only mark socket zapped after unlocking (git-fixes). - bnxt: do not enable NAPI until rings are ready (networking-stable-20_09_11). - bnxt_en: Check for zero dir entries in NVRAM (networking-stable-20_09_11). - brcm80211: fix possible memleak in brcmf_proto_msgbuf_attach (git-fixes). - brcmfmac: check ndev pointer (git-fixes). - brcmsmac: fix memory leak in wlc_phy_attach_lcnphy (git-fixes). - btrfs: do not force read-only after error in drop snapshot (bsc#1176354). - btrfs: qgroup: fix qgroup meta rsv leak for subvolume operations (bsc#1177856). - btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode (bsc#1177855). - btrfs: remove root usage from can_overcommit (bsc#1131277). - btrfs: take overcommit into account in inc_block_group_ro (bsc#1176560). - btrfs: tree-checker: fix false alert caused by legacy btrfs root item (bsc#1177861). - can: c_can: reg_map_{c,d}_can: mark as __maybe_unused (git-fixes). - can: flexcan: flexcan_chip_stop(): add error handling and propagate error value (git-fixes). - can: softing: softing_card_shutdown(): add braces around empty body in an 'if' statement (git-fixes). - ceph: fix memory leak in ceph_cleanup_snapid_map() (bsc#1178234). - ceph: map snapid to anonymous bdev ID (bsc#1178234). - ceph: promote to unsigned long long before shifting (bsc#1178187). - clk: at91: clk-main: update key before writing AT91_CKGR_MOR (git-fixes). - clk: at91: remove the checking of parent_name (git-fixes). - clk: bcm2835: add missing release if devm_clk_hw_register fails (git-fixes). - clk: imx8mq: Fix usdhc parents order (git-fixes). - coredump: fix crash when umh is disabled (bsc#1177753). - crypto: algif_skcipher - EBUSY on aio should be an error (git-fixes). - crypto: ccp - fix error handling (git-fixes). - crypto: ixp4xx - Fix the size used in a 'dma_free_coherent()' call (git-fixes). - crypto: mediatek - Fix wrong return value in mtk_desc_ring_alloc() (git-fixes). - crypto: omap-sham - fix digcnt register handling with export/import (git-fixes). - cxl: Rework error message for incompatible slots (bsc#1055014 git-fixes). - cypto: mediatek - fix leaks in mtk_desc_ring_alloc (git-fixes). - device property: Do not clear secondary pointer for shared primary firmware node (git-fixes). - device property: Keep secondary firmware node secondary by type (git-fixes). - Disable ipa-clones dump for KMP builds (bsc#1178330) The feature is not really useful for KMP, and rather confusing, so let's disable it at building out-of-tree codes - dmaengine: dma-jz4780: Fix race in jz4780_dma_tx_status (git-fixes). - drm/gma500: fix error check (git-fixes). - drm/msm: Drop debug print in _dpu_crtc_setup_lm_bounds() (git-fixes). - EDAC/i5100: Fix error handling order in i5100_init_one() (bsc#1112178). -eeprom: at25: set minimum read/write access stride to 1 (git-fixes). - Fix use after free in get_capset_info callback (git-fixes). - gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY (networking-stable-20_08_24). - gtp: add GTPA_LINK info to msg sent to userspace (networking-stable-20_09_11). - HID: roccat: add bounds checking in kone_sysfs_write_settings() (git-fixes). - HID: wacom: Avoid entering wacom_wac_pen_report for pad / battery (git-fixes). - i2c: imx: Fix external abort on interrupt in exit paths (git-fixes). - ibmveth: Identify ingress large send packets (bsc#1178185 ltc#188897). - ibmveth: Switch order of ibmveth_helper calls (bsc#1061843 git-fixes). - ibmvnic: fix ibmvnic_set_mac (bsc#1066382 ltc#160943 git-fixes). - ibmvnic: save changed mac address to adapter-> mac_addr (bsc#1134760 ltc#177449 git-fixes). - iio:accel:bma180: Fix use of true when should be iio_shared_by enum (git-fixes). - iio:adc:max1118 Fix alignment of timestamp and data leak issues (git-fixes). - iio:adc:ti-adc0832 Fix alignment issue with timestamp (git-fixes). - iio:adc:ti-adc12138 Fix alignment issue with timestamp (git-fixes). - iio:dac:ad5592r: Fix use of true for IIO_SHARED_BY_TYPE (git-fixes). - iio:gyro:itg3200: Fix timestamp alignment and prevent data leak (git-fixes). - iio:light:si1145: Fix timestamp alignment and prevent data leak (git-fixes). - iio:magn:hmc5843: Fix passing true where iio_shared_by enum required (git-fixes). - ima: Remove semicolon at the end of ima_get_binary_runtime_size() (git-fixes). - Input: ep93xx_keypad - fix handling of platform_get_irq() error (git-fixes). - Input: imx6ul_tsc - clean up some errors in imx6ul_tsc_resume() (git-fixes). - Input: omap4-keypad - fix handling of platform_get_irq() error (git-fixes). - Input: sun4i-ps2 - fix handling of platform_get_irq() error (git-fixes). - Input: twl4030_keypad - fix handling of platform_get_irq() error (git-fixes). - iomap: Make sure iomap_end is called after iomap_begin (bsc#1177754). - ip: fix tos reflection in ack and reset packets (networking-stable-20_09_24). - ipv4: Restore flowi4_oif update before call to xfrm_lookup_route (git-fixes). - iwlwifi: mvm: split a print to avoid a WARNING in ROC (git-fixes). - kbuild: enforce -Werror=return-type (bsc#1177281). - libceph: clear con-> out_msg on Policy::stateful_server faults (bsc#1178188). - lib/crc32.c: fix trivial typo in preprocessor condition (git-fixes). - livepatch: Test if -fdump-ipa-clones is really available As of now we add -fdump-ipa-clones unconditionally. It does not cause a trouble if the kernel is build with the supported toolchain. Otherwise it could fail easily. Do the correct thing and test for the availability. - mac80211: handle lack of sband-> bitrates in rates (git-fixes). - mailbox: avoid timer start from callback (git-fixes). - media: ati_remote: sanity check for both endpoints (git-fixes). - media: bdisp: Fix runtime PM imbalance on error (git-fixes). - media: exynos4-is: Fix a reference count leak due to pm_runtime_get_sync (git-fixes). - media: exynos4-is: Fix a reference count leak (git-fixes). - media: exynos4-is: Fix several reference count leaks due to pm_runtime_get_sync (git-fixes). - media: firewire: fix memory leak (git-fixes). - media: m5mols: Check function pointer in m5mols_sensor_power (git-fixes). - media: media/pci: prevent memory leak in bttv_probe (git-fixes). - media: omap3isp: Fix memleak in isp_probe (git-fixes). - media: platform: fcp: Fix a reference count leak (git-fixes). - media: platform: s3c-camif: Fix runtime PM imbalance on error (git-fixes). - media: platform: sti: hva: Fix runtime PM imbalance on error (git-fixes). - media: Revert "media: exynos4-is: Add missed check for pinctrl_lookup_state()" (git-fixes). - media: s5p-mfc: Fix a reference count leak (git-fixes). - media:saa7134: avoid a shift overflow (git-fixes). - media: st-delta: Fix reference count leak in delta_run_work (git-fixes). - media: sti: Fix reference count leaks (git-fixes). - media: tc358743: initialize variable (git-fixes). - media: ti-vpe: Fix a missing check and reference count leak (git-fixes). - media: tuner-simple: fix regression in simple_set_radio_freq (git-fixes). - media: usbtv: Fix refcounting mixup (git-fixes). - media: uvcvideo: Ensure all probed info is returned to v4l2 (git-fixes). - media: vsp1: Fix runtime PM imbalance on error (git-fixes). - memory: fsl-corenet-cf: Fix handling of platform_get_irq() error (git-fixes). - memory: omap-gpmc: Fix a couple off by ones (git-fixes). - mic: vop: copy data to kernel space then write to io memory (git-fixes). - misc: mic: scif: Fix error handling path (git-fixes). - misc: rtsx: Fix memory leak in rtsx_pci_probe (git-fixes). - misc: vop: add round_up(x,4) for vring_size to avoid kernel panic (git-fixes). - mlx5 PPC ringsize workaround (bsc#1173432). - mlx5: remove support for ib_get_vector_affinity (bsc#1174748). - mmc: sdhci-of-esdhc: set timeout to max before tuning (git-fixes). - mmc: sdio: Check for CISTPL_VERS_1 buffer size (git-fixes). - mtd: lpddr: fix excessive stack usage with clang (git-fixes). - mtd: mtdoops: Do not write panic data twice (git-fixes). - mwifiex: do not call del_timer_sync() on uninitialized timer (git-fixes). - mwifiex: Do not use GFP_KERNEL in atomic context (git-fixes). - mwifiex: fix double free (git-fixes). - mwifiex: remove function pointer check (git-fixes). - mwifiex: Remove unnecessary braces from HostCmd_SET_SEQ_NO_BSS_INFO (git-fixes). - net: disable netpoll on fresh napis (networking-stable-20_09_11). - net: fec: Fix phy_device lookup for phy_reset_after_clk_enable() (git-fixes). - net: fec: Fix PHY init after phy_reset_after_clk_enable() (git-fixes). - net: Fix potential wrong skb-> protocol inskb_vlan_untag() (networking-stable-20_08_24). - net: hns: Fix memleak in hns_nic_dev_probe (networking-stable-20_09_11). - net: ipv6: fix kconfig dependency warning for IPV6_SEG6_HMAC (networking-stable-20_09_24). - netlabel: fix problems with mapping removal (networking-stable-20_09_11). - net/mlx5e: Take common TIR context settings into a function (bsc#1177740). - net/mlx5e: Turn on HW tunnel offload in all TIRs (bsc#1177740). - net: phy: Avoid NPD upon phy_detach() when driver is unbound (networking-stable-20_09_24). - net: qrtr: fix usage of idr in port assignment to socket (networking-stable-20_08_24). - net: systemport: Fix memleak in bcm_sysport_probe (networking-stable-20_09_11). - net: usb: dm9601: Add USB ID of Keenetic Plus DSL (networking-stable-20_09_11). - net: usb: qmi_wwan: add Cellient MPL200 card (git-fixes). - net: usb: rtl8150: set random MAC address when set_ethernet_addr() fails (git-fixes). - nfc: Ensure presence of NFC_ATTR_FIRMWARE_NAME attribute in nfc_genl_fw_download() (git-fixes). - nl80211: fix non-split wiphy information (git-fixes). - NTB: hw: amd: fix an issue about leak system resources (git-fixes). - nvme: do not update disk info for multipathed device (bsc#1171558). - nvme-rdma: fix crash due to incorrect cqe (bsc#1174748). - nvme-rdma: fix crash when connect rejected (bsc#1174748). - perf/x86/amd: Fix sampling Large Increment per Cycle events (bsc#1114648). - perf/x86: Fix n_pair for cancelled txn (bsc#1114648). - powerpc: Fix undetected data corruption with P9N DD2.1 VSX CI load emulation (bsc#1065729). - powerpc/hwirq: Remove stale forward irq_chip declaration (bsc#1065729). - powerpc/icp-hv: Fix missing of_node_put() in success path (bsc#1065729). - powerpc/irq: Drop forward declaration of struct irqaction (bsc#1065729). - powerpc/perf/hv-gpci: Fix starting index value (bsc#1065729). - powerpc/powernv/dump: Fix race while processing OPAL dump(bsc#1065729). - powerpc/powernv/elog: Fix race while processing OPAL error log event (bsc#1065729). - powerpc/pseries: explicitly reschedule during drmem_lmb list traversal (bsc#1077428 ltc#163882 git-fixes). - powerpc/pseries: Fix missing of_node_put() in rng_init() (bsc#1065729). - pwm: lpss: Add range limit check for the base_unit register value (git-fixes). - pwm: lpss: Fix off by one error in base_unit math in pwm_lpss_prepare() (git-fixes). - ring-buffer: Return 0 on success from ring_buffer_resize() (git-fixes). - rtl8xxxu: prevent potential memory leak (git-fixes). - scsi: ibmvfc: Fix error return in ibmvfc_probe() (bsc#1065729). - scsi: ibmvscsi: Fix potential race after loss of transport (bsc#1178166 ltc#188226). - sctp: not disable bh in the whole sctp_get_port_local() (networking-stable-20_09_11). - tg3: Fix soft lockup when tg3_reset_task() fails (networking-stable-20_09_11). - tipc: fix memory leak caused by tipc_buf_append() (git-fixes). - tipc: fix shutdown() of connectionless socket (networking-stable-20_09_11). - tipc: fix shutdown() of connection oriented socket (networking-stable-20_09_24). - tipc: fix the skb_unshare() in tipc_buf_append() (git-fixes). - tipc: fix uninit skb-> data in tipc_nl_compat_dumpit() (networking-stable-20_08_24). - tipc: use skb_unshare() instead in tipc_buf_append() (networking-stable-20_09_24). - tty: ipwireless: fix error handling (git-fixes). - tty: serial: fsl_lpuart: fix lpuart32_poll_get_char (git-fixes). - usb: cdc-acm: add quirk to blacklist ETAS ES58X devices (git-fixes). - usb: cdc-acm: handle broken union descriptors (git-fixes). - usb: cdc-wdm: Make wdm_flush() interruptible and add wdm_fsync() (git-fixes). - usb: core: Solve race condition in anchor cleanup functions (git-fixes). - usb: dwc2: Fix INTR OUT transfers in DDMA mode (git-fixes). - usb: dwc2: Fix parameter type in function pointer prototype (git-fixes). -usb: dwc3: core: add phy cleanup for probe error handling (git-fixes). - usb: dwc3: core: do not trigger runtime pm when remove driver (git-fixes). - usb: dwc3: ep0: Fix ZLP for OUT ep0 requests (git-fixes). - usb: gadget: f_ncm: allow using NCM in SuperSpeed Plus gadgets (git-fixes). - usb: gadget: f_ncm: fix ncm_bitrate for SuperSpeed and above (git-fixes). - usb: gadget: function: printer: fix use-after-free in __lock_acquire (git-fixes). - usb: gadget: u_ether: enable qmult on SuperSpeed Plus as well (git-fixes). - usb: host: fsl-mph-dr-of: check return of dma_set_mask() (git-fixes). - usb: ohci: Default to per-port over-current protection (git-fixes). - usb: serial: qcserial: fix altsetting probing (git-fixes). - vfs: fix FIGETBSZ ioctl on an overlayfs file (bsc#1178202). - video: fbdev: sis: fix null ptr dereference (git-fixes). - video: fbdev: vga16fb: fix setting of pixclock because a pass-by-value error (git-fixes). - VMCI: check return value of get_user_pages_fast() for errors (git-fixes). - w1: mxc_w1: Fix timeout resolution problem leading to bus error (git-fixes). - watchdog: iTCO_wdt: Export vendorsupport (bsc#1177101). - watchdog: iTCO_wdt: Make ICH_RES_IO_SMI optional (bsc#1177101). - wcn36xx: Fix reported 802.11n rx_highest rate wcn3660/wcn3680 (git-fixes). - writeback: Avoid skipping inode writeback (bsc#1177755). - writeback: Fix sync livelock due to b_dirty_time processing (bsc#1177755). - writeback: Protect inode-> i_io_list with inode-> i_lock (bsc#1177755). - x86/apic: Unify duplicated local apic timer clockevent initialization (bsc#1112178). - x86/fpu: Allow multiple bits in clearcpuid= parameter (bsc#1112178). - xen/blkback: use lateeoi irq binding (XSA-332 bsc#1177411). - xen/events: add a new "late EOI" evtchn framework (XSA-332 bsc#1177411). - xen/events: add a proper barrier to 2-level uevent unmasking (XSA-332 bsc#1177411). - xen/events: avoid removing anevent channel while handling it (XSA-331 bsc#1177410). - xen/events: block rogue events for some time (XSA-332 bsc#1177411). - xen/events: defer eoi in case of excessive number of events (XSA-332 bsc#1177411). - xen/events: do not use chip_data for legacy IRQs (XSA-332 bsc#1065600). - xen/events: fix race in evtchn_fifo_unmask() (XSA-332 bsc#1177411). - xen/events: switch user event channels to lateeoi model (XSA-332 bsc#1177411). - xen/events: use a common cpu hotplug hook for event channels (XSA-332 bsc#1177411). - xen/gntdev.c: Mark pages as dirty (bsc#1065600). - xen/netback: use lateeoi irq binding (XSA-332 bsc#1177411). - xen/pciback: use lateeoi irq binding (XSA-332 bsc#1177411). - xen/scsiback: use lateeoi irq binding (XSA-332 bsc#1177411). - xen: XEN uses irqdesc::irq_data_common::handler_data to store a per interrupt XEN data pointer which contains XEN specific information (XSA-332 bsc#1065600). - xfs: avoid infinite loop when cancelling CoW blocks after writeback failure (bsc#1178027). - xfs: don't update mtime on COW faults (bsc#1167030). - xfs: limit entries returned when counting fsmap records (git-fixes). Special Instructions and Notes: Please reboot the system after installing this update. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Workstation Extension 12-SP5: zypper in -t patch SUSE-SLE-WE-12-SP5-2020-3326=1 - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-3326=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-3326=1 - SUSE Linux Enterprise Live Patching 12-SP5: zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2020-3326=1 - SUSE Linux Enterprise High Availability 12-SP5: zypper in -t patch SUSE-SLE-HA-12-SP5-2020-3326=1 Package List: - SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64): kernel-default-debuginfo-4.12.14-122.51.2 kernel-default-debugsource-4.12.14-122.51.2 kernel-default-extra-4.12.14-122.51.2 kernel-default-extra-debuginfo-4.12.14-122.51.2 - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): kernel-obs-build-4.12.14-122.51.2 kernel-obs-build-debugsource-4.12.14-122.51.2 - SUSE Linux Enterprise Software Development Kit 12-SP5 (noarch): kernel-docs-4.12.14-122.51.2 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): kernel-default-4.12.14-122.51.2 kernel-default-base-4.12.14-122.51.2 kernel-default-base-debuginfo-4.12.14-122.51.2 kernel-default-debuginfo-4.12.14-122.51.2 kernel-default-debugsource-4.12.14-122.51.2 kernel-default-devel-4.12.14-122.51.2 kernel-syms-4.12.14-122.51.2 - SUSE Linux Enterprise Server 12-SP5 (x86_64): kernel-default-devel-debuginfo-4.12.14-122.51.2 - SUSE Linux Enterprise Server 12-SP5 (noarch): kernel-devel-4.12.14-122.51.2 kernel-macros-4.12.14-122.51.2 kernel-source-4.12.14-122.51.2 - SUSE Linux Enterprise Server 12-SP5 (s390x): kernel-default-man-4.12.14-122.51.2 - SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64): kernel-default-debuginfo-4.12.14-122.51.2 kernel-default-debugsource-4.12.14-122.51.2 kernel-default-kgraft-4.12.14-122.51.2 kernel-default-kgraft-devel-4.12.14-122.51.2 kgraft-patch-4_12_14-122_51-default-1-8.5.2 - SUSE Linux Enterprise High Availability 12-SP5 (ppc64le s390x x86_64): cluster-md-kmp-default-4.12.14-122.51.2 cluster-md-kmp-default-debuginfo-4.12.14-122.51.2 dlm-kmp-default-4.12.14-122.51.2 dlm-kmp-default-debuginfo-4.12.14-122.51.2 gfs2-kmp-default-4.12.14-122.51.2 gfs2-kmp-default-debuginfo-4.12.14-122.51.2 kernel-default-debuginfo-4.12.14-122.51.2 kernel-default-debugsource-4.12.14-122.51.2 ocfs2-kmp-default-4.12.14-122.51.2 ocfs2-kmp-default-debuginfo-4.12.14-122.51.2 References: https://www.suse.com/security/cve/CVE-2020-0430.html https://www.suse.com/security/cve/CVE-2020-14351.html https://www.suse.com/security/cve/CVE-2020-16120.html https://www.suse.com/security/cve/CVE-2020-25285.html https://www.suse.com/security/cve/CVE-2020-25656.html https://www.suse.com/security/cve/CVE-2020-25705.html https://www.suse.com/security/cve/CVE-2020-8694.html https://bugzilla.suse.com/1055014 https://bugzilla.suse.com/1058115 https://bugzilla.suse.com/1061843 https://bugzilla.suse.com/1065600 https://bugzilla.suse.com/1065729 https://bugzilla.suse.com/1066382 https://bugzilla.suse.com/1077428 https://bugzilla.suse.com/1112178 https://bugzilla.suse.com/1114648 https://bugzilla.suse.com/1131277 https://bugzilla.suse.com/1134760 https://bugzilla.suse.com/1157424 https://bugzilla.suse.com/1163592 https://bugzilla.suse.com/1167030 https://bugzilla.suse.com/1170415 https://bugzilla.suse.com/1171558 https://bugzilla.suse.com/1172538 https://bugzilla.suse.com/1173432 https://bugzilla.suse.com/1174748 https://bugzilla.suse.com/1175520 https://bugzilla.suse.com/1175721 https://bugzilla.suse.com/1176354 https://bugzilla.suse.com/1176485 https://bugzilla.suse.com/1176560 https://bugzilla.suse.com/1176723 https://bugzilla.suse.com/1176907 https://bugzilla.suse.com/1176946 https://bugzilla.suse.com/1177086 https://bugzilla.suse.com/1177101 https://bugzilla.suse.com/1177271 https://bugzilla.suse.com/1177281 https://bugzilla.suse.com/1177410 https://bugzilla.suse.com/1177411 https://bugzilla.suse.com/1177470 https://bugzilla.suse.com/1177719 https://bugzilla.suse.com/1177740 https://bugzilla.suse.com/1177749 https://bugzilla.suse.com/1177750 https://bugzilla.suse.com/1177753 https://bugzilla.suse.com/1177754 https://bugzilla.suse.com/1177755 https://bugzilla.suse.com/1177766 https://bugzilla.suse.com/1177855 https://bugzilla.suse.com/1177856 https://bugzilla.suse.com/1177861 https://bugzilla.suse.com/1178003 https://bugzilla.suse.com/1178027 https://bugzilla.suse.com/1178166 https://bugzilla.suse.com/1178185 https://bugzilla.suse.com/1178187 https://bugzilla.suse.com/1178188 https://bugzilla.suse.com/1178202 https://bugzilla.suse.com/1178234 https://bugzilla.suse.com/1178330 . Keep informed on the most recent SUSE Linux kernel security patch release, tackling several vulnerabilities and corrective measures.. SUSE Update, Kernel Security, Bug Fix, Linux Kernel Update, SUSE Advisory. . LinuxSecurity.com Team
Nov 13, 2020
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!