Explore top 10 tips to secure your open-source projects now. Read More
×An update that solves one vulnerability can now be installed.. # python312-3.12.10-4.1 on GA media Announcement ID: openSUSE-SU-2025:15163-1 Rating: moderate Cross-References: * CVE-2025-4516 CVSS scores: * CVE-2025-4516 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2025-4516 ( SUSE ): 5.9 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the python312-3.12.10-4.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * python312 3.12.10-4.1 * python312-32bit 3.12.10-4.1 * python312-curses 3.12.10-4.1 * python312-dbm 3.12.10-4.1 * python312-idle 3.12.10-4.1 * python312-tk 3.12.10-4.1 * python312-x86-64-v3 3.12.10-4.1 ## References: * https://www.suse.com/security/cve/CVE-2025-4516.html . The python312-3.12.10-4.1 package on openSUSE has received critical security patches to mitigate moderate vulnerabilities affecting overall system integrity.. openSUSE Security Updates, python Update, OpenSUSE Tumbleweed, Python314 Patch. . LinuxSecurity.com Team
* bsc#1237429 Cross-References: * CVE-2025-26595 . # Security update for libxkbfile Announcement ID: SUSE-SU-2025:0758-1 Release Date: 2025-02-28T18:23:41Z Rating: moderate References: * bsc#1237429 Cross-References: * CVE-2025-26595 CVSS scores: * CVE-2025-26595 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-26595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2025-26595 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for libxkbfile fixes the following issues: * CVE-2025-26595: Fixed bufferoverflow in XkbVModMaskText() (bsc#1237429). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-758=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-758=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-758=1 * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-758=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-758=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-758=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-758=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-758=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2025-758=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2025-758=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2025-758=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-758=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2025-758=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-758=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-758=1 * SUSE Linux Enterprise HighPerformance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-758=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-758=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libxkbfile-devel-1.0.9-150000.3.3.1 * libxkbfile1-1.0.9-150000.3.3.1 * libxkbfile1-debuginfo-1.0.9-150000.3.3.1 * libxkbfile-debugsource-1.0.9-150000.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libxkbfile-devel-1.0.9-150000.3.3.1 * libxkbfile1-1.0.9-150000.3.3.1 * libxkbfile1-debuginfo-1.0.9-150000.3.3.1 * libxkbfile-debugsource-1.0.9-150000.3.3.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * libxkbfile-devel-1.0.9-150000.3.3.1 * libxkbfile1-1.0.9-150000.3.3.1 * libxkbfile1-debuginfo-1.0.9-150000.3.3.1 * libxkbfile-debugsource-1.0.9-150000.3.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * libxkbfile-devel-1.0.9-150000.3.3.1 * libxkbfile1-1.0.9-150000.3.3.1 * libxkbfile1-debuginfo-1.0.9-150000.3.3.1 * libxkbfile-debugsource-1.0.9-150000.3.3.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libxkbfile-devel-1.0.9-150000.3.3.1 * libxkbfile1-1.0.9-150000.3.3.1 * libxkbfile1-debuginfo-1.0.9-150000.3.3.1 * libxkbfile-debugsource-1.0.9-150000.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libxkbfile-devel-1.0.9-150000.3.3.1 * libxkbfile1-1.0.9-150000.3.3.1 * libxkbfile1-debuginfo-1.0.9-150000.3.3.1 * libxkbfile-debugsource-1.0.9-150000.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libxkbfile-devel-1.0.9-150000.3.3.1 * libxkbfile1-1.0.9-150000.3.3.1 * libxkbfile1-debuginfo-1.0.9-150000.3.3.1 * libxkbfile-debugsource-1.0.9-150000.3.3.1 * SUSELinux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libxkbfile-devel-1.0.9-150000.3.3.1 * libxkbfile1-1.0.9-150000.3.3.1 * libxkbfile1-debuginfo-1.0.9-150000.3.3.1 * libxkbfile-debugsource-1.0.9-150000.3.3.1 * SUSE Manager Proxy 4.3 (x86_64) * libxkbfile-devel-1.0.9-150000.3.3.1 * libxkbfile1-1.0.9-150000.3.3.1 * libxkbfile1-debuginfo-1.0.9-150000.3.3.1 * libxkbfile-debugsource-1.0.9-150000.3.3.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libxkbfile-devel-1.0.9-150000.3.3.1 * libxkbfile1-1.0.9-150000.3.3.1 * libxkbfile1-debuginfo-1.0.9-150000.3.3.1 * libxkbfile-debugsource-1.0.9-150000.3.3.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libxkbfile-devel-1.0.9-150000.3.3.1 * libxkbfile1-1.0.9-150000.3.3.1 * libxkbfile1-debuginfo-1.0.9-150000.3.3.1 * libxkbfile-debugsource-1.0.9-150000.3.3.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libxkbfile-devel-1.0.9-150000.3.3.1 * libxkbfile1-1.0.9-150000.3.3.1 * libxkbfile1-debuginfo-1.0.9-150000.3.3.1 * libxkbfile-debugsource-1.0.9-150000.3.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libxkbfile-devel-1.0.9-150000.3.3.1 * libxkbfile1-1.0.9-150000.3.3.1 * libxkbfile1-debuginfo-1.0.9-150000.3.3.1 * libxkbfile-debugsource-1.0.9-150000.3.3.1 * openSUSE Leap 15.6 (x86_64) * libxkbfile1-32bit-debuginfo-1.0.9-150000.3.3.1 * libxkbfile1-32bit-1.0.9-150000.3.3.1 * libxkbfile-devel-32bit-1.0.9-150000.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libxkbfile-devel-1.0.9-150000.3.3.1 * libxkbfile1-1.0.9-150000.3.3.1 * libxkbfile1-debuginfo-1.0.9-150000.3.3.1 * libxkbfile-debugsource-1.0.9-150000.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libxkbfile-devel-1.0.9-150000.3.3.1 * libxkbfile1-1.0.9-150000.3.3.1 * libxkbfile1-debuginfo-1.0.9-150000.3.3.1 * libxkbfile-debugsource-1.0.9-150000.3.3.1 * SUSE LinuxEnterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libxkbfile-devel-1.0.9-150000.3.3.1 * libxkbfile1-1.0.9-150000.3.3.1 * libxkbfile1-debuginfo-1.0.9-150000.3.3.1 * libxkbfile-debugsource-1.0.9-150000.3.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libxkbfile-devel-1.0.9-150000.3.3.1 * libxkbfile1-1.0.9-150000.3.3.1 * libxkbfile1-debuginfo-1.0.9-150000.3.3.1 * libxkbfile-debugsource-1.0.9-150000.3.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-26595.html * https://bugzilla.suse.com/show_bug.cgi?id=1237429 . A new advisory for Libxkbfile highlights a moderate vulnerability due to buffer overflow. Users should apply suggested patch methods to maintain security.. SUSE Updates, libxkbfile, patch instructions. . LinuxSecurity.com Team
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-5297 http://linux.oracle.com/errata/ELSA-2024-5297.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: edk2-ovmf-20220126gitbb1bba3d77-13.el8_10.2.noarch.rpm aarch64: edk2-aarch64-20220126gitbb1bba3d77-13.el8_10.2.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//edk2-20220126gitbb1bba3d77-13.el8_10.2.src.rpm Related CVEs: CVE-2023-45236 CVE-2023-45237 CVE-2024-1298 Description of changes: [20220126gitbb1bba3d77-13.el8_10.2] [20220126gitbb1bba3d77-13.el8_10.1] - edk2-MdeModulePkg-Change-use-of-EFI_D_-to-DEBUG_.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-MdeModulePkg-Potential-UINT32-overflow-in-S3-ResumeC.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-MdePkg-Apply-uncrustify-changes.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-NetworkPkg-Apply-uncrustify-changes.p2.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Rename-RdRandGenerateEntropy-to-g.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Remove-ArchGetSupportedRngAlgorit.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Documentation-include-parameter-c.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Check-before-advertising-Cpu-Rng-.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Add-AArch64-RawAlgorithm-support-.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Add-debug-warning-for-NULL-PcdCpu.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Rename-AArch64-RngDxe.c.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Add-Arm-support-of-RngDxe.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Correctly-update-mAvailableAlgoAr.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Conditionally-install-EFI_RNG_PRO.patch [RHEL-21854 RHEL-21856 RHEL-40099] -edk2-MdeModulePkg-Duplicate-BaseRngLibTimerLib-to-MdeModu.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-MdePkg-Add-deprecated-warning-to-BaseRngLibTimer.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-SecurityPkg.dec-Move-PcdCpuRngSupportedA.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-MdePkg-DxeRngLib-Request-raw-algorithm-instead-of-de.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-MdePkg-Rng-Add-GUID-to-describe-Arm-Rndr-Rng-algorit.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-MdeModulePkg-Rng-Add-GUID-to-describe-unsafe-Rng-alg.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-MdePkg-Rng-Add-GetRngGuid-to-RngLib.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Use-GetRngGuid-when-probing-RngLi.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-Simplify-Rng-algorithm-selection-.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-NetworkPkg-SECURITY-PATCH-CVE-2023-45237.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-MdePkg-BaseRngLib-Add-a-smoketest-for-RDRAND-and-che.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-SecurityPkg-RngDxe-add-rng-test.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-OvmfPkg-wire-up-RngDxe.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-CryptoPkg-Test-call-ProcessLibraryConstructorList.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-MdePkg-X86UnitTestHost-set-rdrand-cpuid-bit.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-NetworkPkg-TcpDxe-SECURITY-PATCH-CVE-2023-45236.patch [RHEL-21854 RHEL-21856 RHEL-40099] - edk2-NetworkPkg-TcpDxe-Fixed-system-stuck-on-PXE-boot-flo.patch [RHEL-21854 RHEL-21856 RHEL-40099] - Resolves: RHEL-21854 (CVE-2023-45236 edk2: Predictable TCP Initial Sequence Numbers [rhel-8]) - Resolves: RHEL-21856 (CVE-2023-45237 edk2: Use of a Weak PseudoRandom Number Generator [rhel-8]) - Resolves: RHEL-40099 (CVE-2024-1298 edk2: Temporary DoS vulnerability [rhel-8.10.z]) _______________________________________________ El-errata mailinglist
New libarchive packages are available for Slackware 15.0 and -current to fix a security issue. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] libarchive (SSA:2024-116-01) New libarchive packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/libarchive-3.7.3-i586-2_slack15.0.txz: Rebuilt. Patched an out-of-bound error in the rar e8 filter that could allow for the execution of arbitrary code. Thanks to gmgf for the heads-up. For more information, see: https://github.com/advisories/GHSA-2jc9-36w4-pmqw https://www.cve.org/CVERecord?id=CVE-2024-26256 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 15.0: Updated package for Slackware x86_64 15.0: Updated package for Slackware -current: Updated package for Slackware x86_64 -current: MD5 signatures: +-------------+ Slackware 15.0 package: 52740a0d6b013049b82d69ed3f84b8be libarchive-3.7.3-i586-2_slack15.0.txz Slackware x86_64 15.0 package: 182956f6064878e1f981297c3cf21d63 libarchive-3.7.3-x86_64-2_slack15.0.txz Slackware -current package: 360dd49a8f464b91f1f484f2c3cd5973 l/libarchive-3.7.3-i586-2.txz Slackware x86_64 -current package: e557e74eda420e85669c2cc7eb9b2500 l/libarchive-3.7.3-x86_64-2.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg libarchive-3.7.3-i586-2_slack15.0.txz +-----+ . Fresh libarchive updates for Slackware 15.0 tackle a significant security vulnerability. It is advisable to upgrade to reduce potential threats.. libarchive packages, out-of-bounds fix, slackware security. .Severity: Important. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-0786 https://linux.oracle.com/errata/ELSA-2024-0786.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: nss-3.90.0-6.el8_9.i686.rpm nss-3.90.0-6.el8_9.x86_64.rpm nss-devel-3.90.0-6.el8_9.i686.rpm nss-devel-3.90.0-6.el8_9.x86_64.rpm nss-softokn-3.90.0-6.el8_9.i686.rpm nss-softokn-3.90.0-6.el8_9.x86_64.rpm nss-softokn-devel-3.90.0-6.el8_9.i686.rpm nss-softokn-devel-3.90.0-6.el8_9.x86_64.rpm nss-softokn-freebl-3.90.0-6.el8_9.i686.rpm nss-softokn-freebl-3.90.0-6.el8_9.x86_64.rpm nss-softokn-freebl-devel-3.90.0-6.el8_9.i686.rpm nss-softokn-freebl-devel-3.90.0-6.el8_9.x86_64.rpm nss-sysinit-3.90.0-6.el8_9.x86_64.rpm nss-tools-3.90.0-6.el8_9.x86_64.rpm nss-util-3.90.0-6.el8_9.i686.rpm nss-util-3.90.0-6.el8_9.x86_64.rpm nss-util-devel-3.90.0-6.el8_9.i686.rpm nss-util-devel-3.90.0-6.el8_9.x86_64.rpm aarch64: nss-3.90.0-6.el8_9.aarch64.rpm nss-devel-3.90.0-6.el8_9.aarch64.rpm nss-softokn-3.90.0-6.el8_9.aarch64.rpm nss-softokn-devel-3.90.0-6.el8_9.aarch64.rpm nss-softokn-freebl-3.90.0-6.el8_9.aarch64.rpm nss-softokn-freebl-devel-3.90.0-6.el8_9.aarch64.rpm nss-sysinit-3.90.0-6.el8_9.aarch64.rpm nss-tools-3.90.0-6.el8_9.aarch64.rpm nss-util-3.90.0-6.el8_9.aarch64.rpm nss-util-devel-3.90.0-6.el8_9.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates//nss-3.90.0-6.el8_9.src.rpm Related CVEs: CVE-2023-6135 Description of changes: [3.90.0-6] - Fix ecc DER wrapping. [3.90.0-5] - Pick up validated constant time implementations of p256, p384, and p521 from upsream - More Fips indicator changes _______________________________________________ El-errata mailing list
An update that fixes one vulnerability is now available. . openSUSE Security Update: Security update for deepin-compressor ______________________________________________________________________________ Announcement ID: openSUSE-SU-2023:0424-1 Rating: moderate References: #1218428 Cross-References: CVE-2023-50255 Affected Products: openSUSE Backports SLE-15-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for deepin-compressor fixes the following issues: - CVE-2023-50255: Fix Zip Path Traversal (boo#1218428) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP4: zypper in -t patch openSUSE-2023-424=1 Package List: - openSUSE Backports SLE-15-SP4 (aarch64 ppc64le s390x x86_64): deepin-compressor-5.12.2-bp154.2.3.1 - openSUSE Backports SLE-15-SP4 (noarch): deepin-compressor-lang-5.12.2-bp154.2.3.1 References: https://www.suse.com/security/cve/CVE-2023-50255.html https://bugzilla.suse.com/1218428 . This update addresses a critical security flaw in deepin-compressor for openSUSE by fixing a zip directory traversal issue.. openSUSE Updates, Deepin-Compressor Security, Zip Path Issue. . LinuxSecurity.com Team
* bsc#1209243 * bsc#1212444 * bsc#1215595 * jsc#PED-5199 * jsc#PED-6799 . # Security update for libreoffice Announcement ID: SUSE-SU-2023:4648-1 Rating: moderate References: * bsc#1209243 * bsc#1212444 * bsc#1215595 * jsc#PED-5199 * jsc#PED-6799 * jsc#PED-6800 Cross-References: * CVE-2023-1183 CVSS scores: * CVE-2023-1183 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N * CVE-2023-1183 ( NVD ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves one vulnerability, contains three features and has two security fixes can now be installed. ## Description: This update for fixes the following issues: libreoffice was updated rom 7.5.4.1 to 7.6.2.1 (jsc#PED-6799, jsc#PED-6800): * For the highlights of changes of version 7.6 please consult the official release notes: * https://wiki.documentfoundation.org/ReleaseNotes/7.6 * You can check for each minor release notes here: * https://wiki.documentfoundation.org/Releases/7.6.2/RC1 * https://wiki.documentfoundation.org/Releases/7.6.1/RC2 * https://wiki.documentfoundation.org/Releases/7.6.1/RC1 * https://wiki.documentfoundation.org/Releases/7.6.0/RC3 * https://wiki.documentfoundation.org/Releases/7.6.0/RC2 * https://wiki.documentfoundation.org/Releases/7.6.0/RC1 * Security issues fixed: * CVE-2023-1183, Fixed arbitrary file write in LibreOffice Base (bsc#1212444, bsc#1209243) * Updated bundled dependencies: * boost version update from 1_80_0 to 1_82_0 * curl version update from 8.0.1 to 8.2.1 * icu4c-data version update from 72_1 to 73_2 * icu4c version update from 72_1 to 73_2 * pdfium version update from 5408 to 5778 * poppler version update from 22.12.0 to 23.06.0 * poppler-data version update from 0.4.11to 0.4.12 * skia version from m103-b301ff025004c9cd82816c86c547588e6c24b466 to skia-m111-a31e897fb3dcbc96b2b40999751611d029bf5404 * New bundled dependencies: * graphite2-minimal-1.3.14.tgz * harfbuzz-8.0.0.tar.xz * New build dependencies: * frozen-devel * liborcus-0_18-0 * libixion * mdds-2_1 * New runtime dependencies: * `libreoffice-draw` requires `libreoffice-impress` (bsc#1215595) frozen was implemented: * New Libreoffice package dependency libixion was updated to version 0.18.1: * Updated to 0.18.1: * Fixed a 32-bit Linux build issue as discovered on Debian, due to a clash on two 32-bit unsigned integer types being used with std::variant. * Updated to 0.18.0: * Removed the formula_model_access interface from model_context, and switched to using model_context directly everywhere. * Revised formula_tokens_t type to remove use of std::unique_ptr for each formula_token instance. This should improve memory locality when iterating through an array of formula token values. A similar change has also been made to lexer_tokens_t and lexer_token types. * Added 41 built-in functions * Added support for multi-sheet references in Excel A1 and Excel R1C1 grammers. liborcus was updated to version 0.18.1: * Updated to 0.18.1: * sax parser: * added support for optionally skipping multiple BOM's in the beginning of XML stream. This affects all XML-based file format filters such as xls-xml (aka Excel 2003 XML). * xml-map: * fixed a bug where an XML document consisting of simple single-column records were not properly converted to sheet data * xls-xml: * fixed a bug where the filter would always pass border color even when it was not set * buildsystem: * added new configure switches --without-benchmark and --without-doc-example to optinally skip building of these two directories mdds-2_1 was implemented: * New Libreoffice package dependency ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or"zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2023-4648=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2023-4648=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch) * libetonyek-devel-doc-0.1.10-10.11.2 * frozen-devel-1.1.1-8.3.3 * mdds-2_1-devel-2.1.1-8.3.3 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * libixion-debugsource-0.18.1-21.3.3 * liborcus-debugsource-0.18.1-18.3.3 * liborcus-devel-0.18.1-18.3.3 * liborcus-0_18-0-0.18.1-18.3.3 * libetonyek-devel-0.1.10-10.11.2 * liborcus-0_18-0-debuginfo-0.18.1-18.3.3 * libetonyek-debugsource-0.1.10-10.11.2 * libetonyek-0_1-1-0.1.10-10.11.2 * libixion-0_18-0-debuginfo-0.18.1-21.3.3 * libixion-0_18-0-0.18.1-21.3.3 * libixion-devel-0.18.1-21.3.3 * SUSE Linux Enterprise Software Development Kit 12 SP5 (x86_64) * libreoffice-debugsource-7.6.2.1-48.47.6 * libreoffice-sdk-debuginfo-7.6.2.1-48.47.6 * libreoffice-sdk-7.6.2.1-48.47.6 * libreoffice-debuginfo-7.6.2.1-48.47.6 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * libreoffice-debugsource-7.6.2.1-48.47.6 * libreoffice-draw-debuginfo-7.6.2.1-48.47.6 * libreoffice-librelogo-7.6.2.1-48.47.6 * libreoffice-base-drivers-postgresql-debuginfo-7.6.2.1-48.47.6 * libreoffice-impress-debuginfo-7.6.2.1-48.47.6 * libreoffice-pyuno-7.6.2.1-48.47.6 * libreoffice-writer-extensions-7.6.2.1-48.47.6 * libetonyek-0_1-1-0.1.10-10.11.2 * libixion-0_18-0-0.18.1-21.3.3 * libreoffice-writer-7.6.2.1-48.47.6 * libreoffice-debuginfo-7.6.2.1-48.47.6 * libreoffice-writer-debuginfo-7.6.2.1-48.47.6 * libreoffice-calc-debuginfo-7.6.2.1-48.47.6 * libreoffice-draw-7.6.2.1-48.47.6 * libixion-0_18-0-debuginfo-0.18.1-21.3.3 * libreoffice-calc-extensions-7.6.2.1-48.47.6 * libreoffice-gtk3-7.6.2.1-48.47.6 * liborcus-0_18-0-debuginfo-0.18.1-18.3.3 *libreoffice-base-debuginfo-7.6.2.1-48.47.6 * libreoffice-math-debuginfo-7.6.2.1-48.47.6 * libreoffice-pyuno-debuginfo-7.6.2.1-48.47.6 * libreoffice-gtk3-debuginfo-7.6.2.1-48.47.6 * libreoffice-mailmerge-7.6.2.1-48.47.6 * libetonyek-debugsource-0.1.10-10.11.2 * libreoffice-calc-7.6.2.1-48.47.6 * libreoffice-base-drivers-postgresql-7.6.2.1-48.47.6 * libreoffice-base-7.6.2.1-48.47.6 * libetonyek-0_1-1-debuginfo-0.1.10-10.11.2 * libreoffice-officebean-debuginfo-7.6.2.1-48.47.6 * libreoffice-filters-optional-7.6.2.1-48.47.6 * libreoffice-gnome-debuginfo-7.6.2.1-48.47.6 * libreoffice-impress-7.6.2.1-48.47.6 * libixion-debugsource-0.18.1-21.3.3 * liborcus-debugsource-0.18.1-18.3.3 * libreoffice-officebean-7.6.2.1-48.47.6 * liborcus-0_18-0-0.18.1-18.3.3 * libreoffice-7.6.2.1-48.47.6 * libreoffice-math-7.6.2.1-48.47.6 * libreoffice-gnome-7.6.2.1-48.47.6 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (noarch) * libreoffice-l10n-fi-7.6.2.1-48.47.6 * libreoffice-l10n-da-7.6.2.1-48.47.6 * libreoffice-l10n-zh_CN-7.6.2.1-48.47.6 * libreoffice-l10n-ro-7.6.2.1-48.47.6 * libreoffice-l10n-bg-7.6.2.1-48.47.6 * libreoffice-l10n-de-7.6.2.1-48.47.6 * libreoffice-l10n-sk-7.6.2.1-48.47.6 * libreoffice-l10n-ja-7.6.2.1-48.47.6 * libreoffice-l10n-nn-7.6.2.1-48.47.6 * libreoffice-l10n-zu-7.6.2.1-48.47.6 * libreoffice-icon-themes-7.6.2.1-48.47.6 * libreoffice-l10n-uk-7.6.2.1-48.47.6 * libreoffice-l10n-gu-7.6.2.1-48.47.6 * libreoffice-l10n-zh_TW-7.6.2.1-48.47.6 * libreoffice-l10n-nb-7.6.2.1-48.47.6 * libreoffice-l10n-af-7.6.2.1-48.47.6 * libreoffice-l10n-cs-7.6.2.1-48.47.6 * libreoffice-l10n-hr-7.6.2.1-48.47.6 * libreoffice-l10n-lt-7.6.2.1-48.47.6 * libreoffice-l10n-pl-7.6.2.1-48.47.6 * libreoffice-l10n-it-7.6.2.1-48.47.6 * libreoffice-l10n-ar-7.6.2.1-48.47.6 * libreoffice-l10n-en-7.6.2.1-48.47.6 * libreoffice-l10n-es-7.6.2.1-48.47.6 * libreoffice-l10n-ko-7.6.2.1-48.47.6 * libreoffice-l10n-pt_PT-7.6.2.1-48.47.6 * libreoffice-l10n-fr-7.6.2.1-48.47.6 *libreoffice-l10n-hi-7.6.2.1-48.47.6 * libreoffice-l10n-hu-7.6.2.1-48.47.6 * libreoffice-l10n-sv-7.6.2.1-48.47.6 * libreoffice-l10n-ca-7.6.2.1-48.47.6 * libreoffice-l10n-nl-7.6.2.1-48.47.6 * libreoffice-branding-upstream-7.6.2.1-48.47.6 * libreoffice-l10n-pt_BR-7.6.2.1-48.47.6 * libreoffice-l10n-ru-7.6.2.1-48.47.6 * libreoffice-l10n-xh-7.6.2.1-48.47.6 ## References: * https://www.suse.com/security/cve/CVE-2023-1183.html * https://bugzilla.suse.com/show_bug.cgi?id=1209243 * https://bugzilla.suse.com/show_bug.cgi?id=1212444 * https://bugzilla.suse.com/show_bug.cgi?id=1215595 * * * . Latest LibreOffice update resolves a moderate security issue for SUSE Linux users, enhancing overall performance and stability.. SUSE Update, LibreOffice Security, Software Patch, Linux Advisory. . Severity: Important. LinuxSecurity.com Team
* bsc#1216588 Cross-References: * CVE-2023-46137 . # Security update for python3-Twisted Announcement ID: SUSE-SU-2023:4607-1 Rating: moderate References: * bsc#1216588 Cross-References: * CVE-2023-46137 CVSS scores: * CVE-2023-46137 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2023-46137 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP4 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for python3-Twisted fixes the following issues: * CVE-2023-46137: Fixed issue inside serializing pipelined HTTP requests. (bsc#1216588) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2023-4607=1 openSUSE-SLE-15.4-2023-4607=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-4607=1 * Server Applications Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP4-2023-4607=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2023-4607=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python3-Twisted-22.2.0-150400.15.1 *python-Twisted-doc-22.2.0-150400.15.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python3-Twisted-22.2.0-150400.15.1 * Server Applications Module 15-SP4 (aarch64 ppc64le s390x x86_64) * python3-Twisted-22.2.0-150400.15.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python3-Twisted-22.2.0-150400.15.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46137.html * https://bugzilla.suse.com/show_bug.cgi?id=1216588 . An important patch for python3-Twisted has been deployed to address serious HTTP processing flaws in SUSE 15.4 and 15.5.. SUSE update, python3-Twisted security, HTTP requests fix, openSUSE vulnerability. . LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.