Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -1 articles for you...
100
security advisorymoderatedenial of serviceSUSE: Wireshark Moderate Kafka DOS Advisory 2025:4413-1
An update that solves two vulnerabilities can now be installed.. # Security update for wireshark Announcement ID: SUSE-SU-2025:4413-1 Release Date: 2025-12-16T11:40:06Z Rating: moderate References: * bsc#1254108 * bsc#1254472 Cross-References: * CVE-2025-13499 * CVE-2025-13946 CVSS scores: * CVE-2025-13499 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2025-13499 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H * CVE-2025-13499 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-13499 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-13946 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2025-13946 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves two vulnerabilities can now be installed. ## Description: This update for wireshark fixes the following issues: * CVE-2025-13499: Fixed Kafka dissector crash due to a malformed packet (bsc#1254108). * CVE-2025-13946: Fixed MEGACO dissector infinite loop that allows a denial of service (bsc#1254472). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-4413=1 ## Package List: * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * wireshark-debuginfo-3.6.24-150000.3.127.1 * wireshark-debugsource-3.6.24-150000.3.127.1 ## References: * https://www.suse.com/security/cve/CVE-2025-13499.html * https://www.suse.com/security/cve/CVE-2025-13946.html *https://bugzilla.suse.com/show_bug.cgi?id=1254108 * https://bugzilla.suse.com/show_bug.cgi?id=1254472 . Wireshark receives a moderate security update addressing two vulnerabilities, enhancing system stability and protection.. wireshark security update,SUSE wireshark update,moderate security advisory. . LinuxSecurity.com Team
Dec 16, 2025
SuSE
202
security advisorysecurity updatevulnerabilityopenSUSE: 2022:0040-1 Important: Kafka Security Advisory
An update that solves 5 vulnerabilities and has two fixes is now available. . openSUSE Security Update: Security update for kafka ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:0040-1 Rating: important References: #1190587 #1190839 #1193662 #1193930 #1194842 #1194843 #1194844 Cross-References: CVE-2021-4104 CVE-2021-43565 CVE-2022-23302 CVE-2022-23305 CVE-2022-23307 CVSS scores: CVE-2021-4104 (NVD) : 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-4104 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2021-43565 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-23302 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-23302 (SUSE): 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2022-23305 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-23305 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-23307 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP2 openSUSE Leap 15.3 ______________________________________________________________________________ An update that solves 5 vulnerabilities and has two fixes is now available. Description: This update for kafka, kafka-kit fixes following issues: - Remove JDBCAppender, JMSSink, chainsaw from log4j jars during build to prevent bsc#1194842, CVE-2022-23302, bsc#1194843, CVE-2022-23305, bsc#1194844, CVE-2022-23307 - Rebuild with kafka-kit change to Remove JMSAppender from log4j jars during build to prevent bsc#1193662, CVE-2021-4104 Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaSTonline_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-40=1 - openSUSE Backports SLE-15-SP2: zypper in -t patch openSUSE-2022-40=1 Package List: - openSUSE Leap 15.3 (x86_64): kubevirt-container-disk-0.45.0-8.7.1 kubevirt-container-disk-debuginfo-0.45.0-8.7.1 kubevirt-manifests-0.45.0-8.7.1 kubevirt-tests-0.45.0-8.7.1 kubevirt-tests-debuginfo-0.45.0-8.7.1 kubevirt-virt-api-0.45.0-8.7.1 kubevirt-virt-api-debuginfo-0.45.0-8.7.1 kubevirt-virt-controller-0.45.0-8.7.1 kubevirt-virt-controller-debuginfo-0.45.0-8.7.1 kubevirt-virt-handler-0.45.0-8.7.1 kubevirt-virt-handler-debuginfo-0.45.0-8.7.1 kubevirt-virt-launcher-0.45.0-8.7.1 kubevirt-virt-launcher-debuginfo-0.45.0-8.7.1 kubevirt-virt-operator-0.45.0-8.7.1 kubevirt-virt-operator-debuginfo-0.45.0-8.7.1 kubevirt-virtctl-0.45.0-8.7.1 kubevirt-virtctl-debuginfo-0.45.0-8.7.1 obs-service-kubevirt_containers_meta-0.45.0-8.7.1 - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64): kafka-source-2.1.0-bp152.2.3.1 - openSUSE Backports SLE-15-SP2 (x86_64): kafka-kit-2.1.0-bp152.2.3.1 References: https://www.suse.com/security/cve/CVE-2021-4104.html https://www.suse.com/security/cve/CVE-2021-43565.html https://www.suse.com/security/cve/CVE-2022-23302.html https://www.suse.com/security/cve/CVE-2022-23305.html https://www.suse.com/security/cve/CVE-2022-23307.html https://bugzilla.suse.com/1190587 https://bugzilla.suse.com/1190839 https://bugzilla.suse.com/1193662 https://bugzilla.suse.com/1193930 https://bugzilla.suse.com/1194842 https://bugzilla.suse.com/1194843 https://bugzilla.suse.com/1194844 . This critical patch resolves 7 vulnerabilities in the messaging framework. Implement recommended measures to enhance protection.. openSUSE Security Update,kafkapatch,security vulnerabilities,openSUSE fixes,update information. . Severity: Important. LinuxSecurity.com Team
Feb 17, 2022
•Important
OpenSUSE
202
security advisorysecurity issueimportant updateopenSUSE: 2022:0038-1 Important: Kafka Security Issue Details
An update that fixes four vulnerabilities is now available. . openSUSE Security Update: Security update for kafka ______________________________________________________________________________ Announcement ID: openSUSE-SU-2022:0038-1 Rating: important References: #1193662 #1194842 #1194843 #1194844 Cross-References: CVE-2021-4104 CVE-2022-23302 CVE-2022-23305 CVE-2022-23307 CVSS scores: CVE-2021-4104 (NVD) : 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-4104 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2022-23302 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-23302 (SUSE): 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2022-23305 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-23305 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-23307 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP3 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for kafka, kafka-kit fixes following issues: - Remove JDBCAppender, JMSSink, chainsaw from log4j jars during build to prevent bsc#1194842, CVE-2022-23302, bsc#1194843, CVE-2022-23305, bsc#1194844, CVE-2022-23307 - Rebuild with kafka-kit change to Remove JMSAppender from log4j jars during build to prevent bsc#1193662, CVE-2021-4104 Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP3: zypper in -t patch openSUSE-2022-38=1 Package List: - openSUSE Backports SLE-15-SP3(aarch64 i586 ppc64le s390x x86_64): kafka-source-2.1.0-bp153.2.6.1 - openSUSE Backports SLE-15-SP3 (x86_64): kafka-kit-2.1.0-bp153.2.6.1 References: https://www.suse.com/security/cve/CVE-2021-4104.html https://www.suse.com/security/cve/CVE-2022-23302.html https://www.suse.com/security/cve/CVE-2022-23305.html https://www.suse.com/security/cve/CVE-2022-23307.html https://bugzilla.suse.com/1193662 https://bugzilla.suse.com/1194842 https://bugzilla.suse.com/1194843 https://bugzilla.suse.com/1194844 . openSUSE has released a security patch for Kafka, addressing several critical vulnerabilities and outlining the steps for installation.. openSUSE Security Update,Kafka vulnerabilities,secure Kafka installation,openSUSE patches. . Severity: Important. LinuxSecurity.com Team
Feb 16, 2022
•Important
OpenSUSE
100
security advisoryremote code executionSQL injectionSUSE: 2022:0355-1 Important: Elasticsearch And Kafka Security Fixes
An update that fixes four vulnerabilities is now available. . SUSE Security Update: Security update for elasticsearch, elasticsearch-kit, kafka, kafka-kit, logstash, openstack-monasca-agent, openstack-monasca-log-metrics, openstack-monasca-log-persister, openstack-monasca-log-transformer, openstack-monasca-persister-java, openstack-monasca-persister-java-kit, openstack-monasca-thresh, openstack-monasca-thresh-kit, spark, spark-kit, venv-openstack-monasca, zookeeper, zookeeper-kit ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:0355-1 Rating: important References: #1193662 #1194842 #1194843 #1194844 Cross-References: CVE-2021-4104 CVE-2022-23302 CVE-2022-23305 CVE-2022-23307 CVSS scores: CVE-2021-4104 (NVD) : 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2021-4104 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2022-23302 (NVD) : 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-23302 (SUSE): 6.6 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H CVE-2022-23305 (NVD) : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-23305 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2022-23307 (SUSE): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: HPE Helion Openstack 8 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 ______________________________________________________________________________ An update that fixes four vulnerabilities is now available. Description: This update for elasticsearch, elasticsearch-kit, kafka, kafka-kit, logstash, openstack-monasca-agent, openstack-monasca-log-metrics, openstack-monasca-log-persister, openstack-monasca-log-transformer, openstack-monasca-persister-java,openstack-monasca-persister-java-kit, openstack-monasca-thresh, openstack-monasca-thresh-kit, spark, spark-kit, venv-openstack-monasca, zookeeper, zookeeper-kit fixes the following issues: - CVE-2021-4104: Fixed remote code execution through JMS API via the ldap JNDI parser (bsc#1193662). - CVE-2022-23302: Fixed remote code execution in Log4j 1.x when application is configured to use JMSSink (bsc#1194842). - CVE-2022-23305: Fixed SQL injection in Log4j 1.x when application is configured to use JDBCAppender (bsc#1194843). - CVE-2022-23307: Fixed deserialization flaw in the Chainsaw component of Log4j 1 that could lead to malicious code execution (bsc#1194844). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2022-355=1 - SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2022-355=1 - HPE Helion Openstack 8: zypper in -t patch HPE-Helion-OpenStack-8-2022-355=1 Package List: - SUSE OpenStack Cloud Crowbar 8 (noarch): elasticsearch-2.4.2-5.6.1 openstack-monasca-agent-2.2.6~dev4-3.27.1 openstack-monasca-log-metrics-0.0.1-3.3.1 openstack-monasca-log-persister-0.0.1-5.3.1 openstack-monasca-log-transformer-0.0.1-4.3.1 openstack-monasca-persister-java-1.7.1~a0~dev2-3.9.1 openstack-monasca-thresh-2.1.1-4.6.1 python-monasca-agent-2.2.6~dev4-3.27.1 spark-1.6.3-8.12.1 zookeeper-server-3.4.10-3.15.1 - SUSE OpenStack Cloud Crowbar 8 (x86_64): kafka-0.10.2.2-5.12.1 logstash-2.4.1-5.10.1 storm-1.2.3-3.11.2 storm-nimbus-1.2.3-3.11.2 storm-supervisor-1.2.3-3.11.2 - SUSE OpenStack Cloud 8 (noarch): elasticsearch-2.4.2-5.6.1 openstack-monasca-agent-2.2.6~dev4-3.27.1 openstack-monasca-log-metrics-0.0.1-3.3.1 openstack-monasca-log-persister-0.0.1-5.3.1 openstack-monasca-log-transformer-0.0.1-4.3.1 openstack-monasca-persister-java-1.7.1~a0~dev2-3.9.1 openstack-monasca-thresh-2.1.1-4.6.1 python-monasca-agent-2.2.6~dev4-3.27.1 spark-1.6.3-8.12.1 venv-openstack-aodh-x86_64-5.1.1~dev7-12.40.1 venv-openstack-barbican-x86_64-5.0.2~dev3-12.41.1 venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.38.1 venv-openstack-cinder-x86_64-11.2.3~dev29-14.42.1 venv-openstack-designate-x86_64-5.0.3~dev7-12.39.1 venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.36.1 venv-openstack-glance-x86_64-15.0.3~dev3-12.39.1 venv-openstack-heat-x86_64-9.0.8~dev22-12.43.1 venv-openstack-horizon-x86_64-12.0.5~dev6-14.46.1 venv-openstack-ironic-x86_64-9.1.8~dev8-12.41.1 venv-openstack-keystone-x86_64-12.0.4~dev11-11.43.1 venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.40.1 venv-openstack-manila-x86_64-5.1.1~dev5-12.45.1 venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.36.1 venv-openstack-monasca-x86_64-2.2.2~dev1-11.43.1 venv-openstack-murano-x86_64-4.0.2~dev2-12.36.1 venv-openstack-neutron-x86_64-11.0.9~dev69-13.46.1 venv-openstack-nova-x86_64-16.1.9~dev92-11.44.1 venv-openstack-octavia-x86_64-1.0.6~dev3-12.41.1 venv-openstack-sahara-x86_64-7.0.5~dev4-11.40.1 venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.31.1 venv-openstack-trove-x86_64-8.0.2~dev2-11.40.1 zookeeper-server-3.4.10-3.15.1 - SUSE OpenStack Cloud 8 (x86_64): kafka-0.10.2.2-5.12.1 logstash-2.4.1-5.10.1 storm-1.2.3-3.11.2 storm-nimbus-1.2.3-3.11.2 storm-supervisor-1.2.3-3.11.2 - HPE Helion Openstack 8 (noarch): elasticsearch-2.4.2-5.6.1 openstack-monasca-agent-2.2.6~dev4-3.27.1 openstack-monasca-log-metrics-0.0.1-3.3.1 openstack-monasca-log-persister-0.0.1-5.3.1 openstack-monasca-log-transformer-0.0.1-4.3.1 openstack-monasca-persister-java-1.7.1~a0~dev2-3.9.1 openstack-monasca-thresh-2.1.1-4.6.1 python-monasca-agent-2.2.6~dev4-3.27.1 spark-1.6.3-8.12.1 venv-openstack-aodh-x86_64-5.1.1~dev7-12.40.1 venv-openstack-barbican-x86_64-5.0.2~dev3-12.41.1 venv-openstack-ceilometer-x86_64-9.0.8~dev7-12.38.1 venv-openstack-cinder-x86_64-11.2.3~dev29-14.42.1 venv-openstack-designate-x86_64-5.0.3~dev7-12.39.1 venv-openstack-freezer-x86_64-5.0.0.0~xrc2~dev2-10.36.1 venv-openstack-glance-x86_64-15.0.3~dev3-12.39.1 venv-openstack-heat-x86_64-9.0.8~dev22-12.43.1 venv-openstack-horizon-hpe-x86_64-12.0.5~dev6-14.46.1 venv-openstack-ironic-x86_64-9.1.8~dev8-12.41.1 venv-openstack-keystone-x86_64-12.0.4~dev11-11.43.1 venv-openstack-magnum-x86_64-5.0.2_5.0.2_5.0.2~dev31-11.40.1 venv-openstack-manila-x86_64-5.1.1~dev5-12.45.1 venv-openstack-monasca-ceilometer-x86_64-1.5.1_1.5.1_1.5.1~dev3-8.36.1 venv-openstack-monasca-x86_64-2.2.2~dev1-11.43.1 venv-openstack-murano-x86_64-4.0.2~dev2-12.36.1 venv-openstack-neutron-x86_64-11.0.9~dev69-13.46.1 venv-openstack-nova-x86_64-16.1.9~dev92-11.44.1 venv-openstack-octavia-x86_64-1.0.6~dev3-12.41.1 venv-openstack-sahara-x86_64-7.0.5~dev4-11.40.1 venv-openstack-swift-x86_64-2.15.2_2.15.2_2.15.2~dev32-11.31.1 venv-openstack-trove-x86_64-8.0.2~dev2-11.40.1 zookeeper-server-3.4.10-3.15.1 - HPE Helion Openstack 8 (x86_64): kafka-0.10.2.2-5.12.1 logstash-2.4.1-5.10.1 storm-1.2.3-3.11.2 storm-nimbus-1.2.3-3.11.2 storm-supervisor-1.2.3-3.11.2 References: https://www.suse.com/security/cve/CVE-2021-4104.html https://www.suse.com/security/cve/CVE-2022-23302.html https://www.suse.com/security/cve/CVE-2022-23305.html https://www.suse.com/security/cve/CVE-2022-23307.html https://bugzilla.suse.com/1193662 https://bugzilla.suse.com/1194842 https://bugzilla.suse.com/1194843 https://bugzilla.suse.com/1194844 . Keep your SUSE systems secure and efficient by updating Elasticsearch, Kafka, and Logstash to fix critical vulnerabilities with these detailed instructions. SUSE Security Update, Elasticsearch Patch, Kafka Vulnerabilities, Logstash Fix. . Severity: Important. LinuxSecurity.com Team
Feb 09, 2022
•Important
SuSE
202
security advisorysoftware updatebug fixopenSUSE: 2021:1631-1 Critical Security Update for Kafka Released
An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for kafka ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:1631-1 Rating: important References: #1193662 Cross-References: CVE-2021-4104 CVSS scores: CVE-2021-4104 (SUSE): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This security update of kafka fixes the following issue: - CVE-2021-4104: Remove JMSAppender from log4j jars during build to prevent bsc#1193662, Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP3: zypper in -t patch openSUSE-2021-1631=1 Package List: - openSUSE Backports SLE-15-SP3 (aarch64 i586 ppc64le s390x x86_64): kafka-source-2.1.0-bp153.2.3.1 - openSUSE Backports SLE-15-SP3 (x86_64): kafka-kit-2.1.0-bp153.2.3.1 References: https://www.suse.com/security/cve/CVE-2021-4104.html https://bugzilla.suse.com/1193662 . The latest security patch for Kafka on openSUSE addresses severe vulnerabilities and implements essential corrections.. openSUSE Security, Kafka Update, Security Patch, Software Fix, Vulnerability Management. . Severity: Important. LinuxSecurity.com Team
Dec 28, 2021
•Important
OpenSUSE
100
security advisoryupdateimportantSUSE OpenStack 8: 2018:3563-1 Important: Kafka Data Loss Alert
An update that solves one vulnerability and has three fixes is now available. . SUSE Security Update: Security update for ardana-monasca, ardana-spark, kafka, kafka-kit, openstack-monasca-api ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:3563-1 Rating: important References: #1094851 #1094971 #1102662 #1102920 Cross-References: CVE-2018-1288 Affected Products: SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud 8 HPE Helion Openstack 8 ______________________________________________________________________________ An update that solves one vulnerability and has three fixes is now available. Description: This update for ardana-monasca, ardana-spark, kafka, kafka-kit, openstack-monasca-api fixes the following issues: This update for ardana-monasca to version 8.0+git.1535031421.9262a47 fixes these issues: - Requests Apache to reload on change (bsc#1102662) - Avoids managing non-Monasca users (bsc#1102662) - Line up perms on storm.conf to match rpm (bsc#1094971) This update for ardana-spark to version 8.0+git.1532114050.04654a8 fixes this issue: - Only set log dir perms on legacy install (bsc#1094851) This update for kafka to version 0.10.2.2 fixes this security issue: - CVE-2018-1288: Authenticated Kafka users may have performed action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss (bsc#1102920). This update for kafka to version 0.10.2.2 fixes these non-security issues: - set internal.leave.group.on.close to false in KafkaStreams - Improve message for Kafka failed startup with non-Kafka data in data.dirs - add max_number _of_retries to exponential backoff strategy - Mute logger for reflections.org at the warn level in system tests - Kafka connect: error with special characters in connector name - streams taskgets stuck after re-balance due to LockException - CachingSessionStore doesn't use the default keySerde. - RocksDBSessionStore doesn't use default aggSerde. - Recommended values for Connect transformations contain the wrong class name - Kafka broker fails to start if a topic containing dot in its name is marked for delete but hasn't been deleted during previous uptime - GlobalKTable does not checkpoint offsets after restoring state - Log cleaning can increase message size and cause cleaner to crash with buffer overflow - Some socket connections not closed after restart of Kafka Streams - Distributed Herder Deadlocks on Shutdown - Log cleaner fails due to large offset in segment file - StreamsKafkaClient should not use StreamsConfig.POLL_MS_CONFIG - Refactor kafkatest docker support - ducktape kafka service: do not assume Service contains num_nodes - Using _DUCKTAPE_OPTIONS has no effect on executing tests - Connect WorkerSinkTask out of order offset commit can lead to inconsistent state - RocksDB segments not removed when store is closed causes re-initialization to fail - FetchMetadata creates unneeded Strings on instantiation - SourceTask#stop() not called after exception raised in poll() - Sink connectors that explicitly 'resume' topic partitions can resume a paused task - GlobalStateManagerImpl should not write offsets of in-memory stores in checkpoint file - Source KTable checkpoint is not correct - ConnectSchema#equals() broken for array-typed default values This update for openstack-monasca-api to version 2.2.1~dev24 fixes these issues: - devstack: download storm from archive.apache.org - Backport tempest test robustness improvements - 1724543-fixed kafka partition creation error in devstack installation - Fix:No alarms created if metric name in alarm def. expr. is mix case - Zuul: Remove project name - Run against Pike requirements Patch Instructions: To install this SUSESecurity Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2018-2523=1 - SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2018-2523=1 - HPE Helion Openstack 8: zypper in -t patch HPE-Helion-OpenStack-8-2018-2523=1 Package List: - SUSE OpenStack Cloud Crowbar 8 (noarch): openstack-monasca-api-2.2.1~dev24-3.6.1 python-monasca-api-2.2.1~dev24-3.6.1 - SUSE OpenStack Cloud Crowbar 8 (x86_64): kafka-0.10.2.2-5.6.1 - SUSE OpenStack Cloud 8 (noarch): ardana-monasca-8.0+git.1535031421.9262a47-3.12.1 ardana-spark-8.0+git.1534267176.a5f3a22-3.6.1 openstack-monasca-api-2.2.1~dev24-3.6.1 python-monasca-api-2.2.1~dev24-3.6.1 - SUSE OpenStack Cloud 8 (x86_64): kafka-0.10.2.2-5.6.1 - HPE Helion Openstack 8 (noarch): ardana-monasca-8.0+git.1535031421.9262a47-3.12.1 ardana-spark-8.0+git.1534267176.a5f3a22-3.6.1 openstack-monasca-api-2.2.1~dev24-3.6.1 python-monasca-api-2.2.1~dev24-3.6.1 - HPE Helion Openstack 8 (x86_64): kafka-0.10.2.2-5.6.1 References: https://www.suse.com/security/cve/CVE-2018-1288.html https://bugzilla.suse.com/1094851 https://bugzilla.suse.com/1094971 https://bugzilla.suse.com/1102662 https://bugzilla.suse.com/1102920 _______________________________________________ sle-security-updates mailing list
Oct 30, 2018
•Important
SuSE
100
security advisorymoderateSUSESUSE: 2018:2536-1 Moderate: Grafana, Kafka, Logstash Security Fixes
An update that solves three vulnerabilities and has 5 fixes is now available. . SUSE Security Update: Security update for grafana, kafka, logstash and monasca-installer ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:2536-1 Rating: moderate References: #1086909 #1090192 #1090343 #1090849 #1094448 #1095603 #1096985 #1102920 Cross-References: CVE-2018-12099 CVE-2018-1288 CVE-2018-3817 Affected Products: SUSE OpenStack Cloud 7 ______________________________________________________________________________ An update that solves three vulnerabilities and has 5 fixes is now available. Description: This update for grafana, kafka, logstash and monasca-installer fixes the following issues: The following security issues have been fixed: grafana: - CVE-2018-12099: Fix Cross-Site-Scripting (XSS) vulnerabilities in dashboard links. (bsc#1096985) kafka: - CVE-2018-1288: Authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss. (bsc#1102920) logstash: - CVE-2018-3817: Fix potential leak of sensitive data when logging warnings about deprecated options. (bsc#1090849) Additionally, the following non-security issues have been fixed: monasca-installer: - Add complete set of elasticsearch performance tunables. - Update to version Build_20180427_14.04 (bsc#1090192, bsc#1090343) - Fix bad elasticsearch-curator configuration. (bsc#1090192) - Enable bootstrap.memory_lock for Elasticsearch. (bsc#1090343) logstash: - Declare Gemfile as config to prevent loss of installed plugins when updating. - Stop installing prebuilt jruby for non-x86. kafka: - Update to version 0.10.2.2 (bsc#1102920, CVE-2018-1288) - Add noreplace directive for /etc/kafka/server.properties. - Reducepackage ownership of tmpfiles.d to bare minium. (SLE12 SP2) - Set log rotation options. (bsc#1094448) - Disable jmxremote debugging. (bsc#1095603) - Increase open file limits. (bsc#1086909) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2018-1771=1 Package List: - SUSE OpenStack Cloud 7 (x86_64): grafana-4.5.1-1.8.1 kafka-0.10.2.2-5.1 logstash-2.4.1-5.1 - SUSE OpenStack Cloud 7 (noarch): monasca-installer-20180608_12.47-9.1 References: https://www.suse.com/security/cve/CVE-2018-12099.html https://www.suse.com/security/cve/CVE-2018-1288.html https://www.suse.com/security/cve/CVE-2018-3817.html https://bugzilla.suse.com/1086909 https://bugzilla.suse.com/1090192 https://bugzilla.suse.com/1090343 https://bugzilla.suse.com/1090849 https://bugzilla.suse.com/1094448 https://bugzilla.suse.com/1095603 https://bugzilla.suse.com/1096985 https://bugzilla.suse.com/1102920 . SUSE security update resolves critical issues in grafana, kafka, logstash, and monasca-installer software.. SUSE Update, Grafana Security, Kafka Issues, Logstash Fixes. . LinuxSecurity.com Team
Aug 28, 2018
SuSE
100
security advisorymoderatesecurity issueSUSE: 2018:2317-1 Moderate: Multiple Security Issues Resolved
An update that solves two vulnerabilities and has 5 fixes is now available. . SUSE Security Update: Security update for grafana, kafka, logstash, openstack-monasca-installer ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:2317-1 Rating: moderate References: #1090336 #1090849 #1094448 #1095603 #1096985 #1097847 #1101366 Cross-References: CVE-2018-12099 CVE-2018-3817 Affected Products: SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud 8 HPE Helion Openstack 8 ______________________________________________________________________________ An update that solves two vulnerabilities and has 5 fixes is now available. Description: This update for grafana, kafka, logstash, openstack-monasca-installer fixes the following issues: Security issues fixed: - CVE-2018-12099: grafana: Fix XSS vulnerabilities in dashboard links (bsc#1096985). - CVE-2018-3817: logstash: Fix inadvertently logging of sensitive information (bsc#1090849). Bug fixes: - bsc#1095603: Disable jmxremote debugging. - bsc#1097847: Make time series database schema setup conditional. - bsc#1094448: Set log rotation options. - bsc#1090336: Add complete set of elasticsearch performance tunables. - bsc#1101366: Fix build issues with s390x, ppc64le and aarch64. - Fix various spec errors affecting Leap 15 and Tumbleweed Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2018-1553=1 - SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2018-1553=1 - HPE Helion Openstack 8: zypper in -t patch HPE-Helion-OpenStack-8-2018-1553=1 PackageList: - SUSE OpenStack Cloud Crowbar 8 (noarch): openstack-monasca-installer-20180622_15.06-3.6.1 - SUSE OpenStack Cloud Crowbar 8 (x86_64): grafana-4.5.1-4.3.1 grafana-debuginfo-4.5.1-4.3.1 grafana-debugsource-4.5.1-4.3.1 kafka-0.9.0.1-5.3.1 logstash-2.4.1-5.4.1 - SUSE OpenStack Cloud 8 (noarch): openstack-monasca-installer-20180622_15.06-3.6.1 - SUSE OpenStack Cloud 8 (x86_64): grafana-4.5.1-4.3.1 grafana-debuginfo-4.5.1-4.3.1 grafana-debugsource-4.5.1-4.3.1 kafka-0.9.0.1-5.3.1 logstash-2.4.1-5.4.1 - HPE Helion Openstack 8 (noarch): openstack-monasca-installer-20180622_15.06-3.6.1 - HPE Helion Openstack 8 (x86_64): grafana-4.5.1-4.3.1 grafana-debuginfo-4.5.1-4.3.1 grafana-debugsource-4.5.1-4.3.1 kafka-0.9.0.1-5.3.1 logstash-2.4.1-5.4.1 References: https://www.suse.com/security/cve/CVE-2018-12099.html https://www.suse.com/security/cve/CVE-2018-3817.html https://bugzilla.suse.com/1090336 https://bugzilla.suse.com/1090849 https://bugzilla.suse.com/1094448 https://bugzilla.suse.com/1095603 https://bugzilla.suse.com/1096985 https://bugzilla.suse.com/1097847 https://bugzilla.suse.com/1101366 . The SUSE Security Update resolves various vulnerabilities affecting grafana, kafka, logstash, and openstack-monasca-installer.. SUSE OpenStack, Grafana Security, Kafka Update, Logstash Fix, OpenStack Installer. . LinuxSecurity.com Team
Aug 14, 2018
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!