Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Stay Secure with the Latest Linux Advisories

Debianlts Large Esm H800
Debian LTS

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Calendar White Jun 05, 2026
Important
Debianlts Large Esm H900
Debian LTS

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

Calendar White Jun 05, 2026
Critical
Suse Large Esm H900
SuSE

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H800
SuSE

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

Calendar White Jun 05, 2026
Important
Suse Large Esm H900
SuSE

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Calendar White Jun 05, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -7 articles for you...
172
Ls Advisories Ubuntu Esm H240
Price Tag 1security advisorycritical threatinformation disclosure

Ubuntu 23.04 & 22.04 LTS USN-6241-1 Critical: OpenStack Info Exposure

OpenStack could be made to expose sensitive information.. ========================================================================== Ubuntu Security Notice USN-6241-1 July 24, 2023 cinder, ironic, nova, python-glance-store, python-os-brick vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.04 - Ubuntu 22.04 LTS Summary: OpenStack could be made to expose sensitive information. Software Description: - cinder: OpenStack storage service - ironic: Openstack bare metal provisioning service - nova: OpenStack Compute cloud infrastructure - python-glance-store: OpenStack Image Service store library - python-os-brick: Library for managing local volume attaches Details: Jan Wasilewski and Gorka Eguileor discovered that OpenStack incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes, please see the upstream advisory and the other links below for more information: https://discourse.ubuntu.com/t/cve-2023-2088-for-charmed-openstack/37051 Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.04: python3-cinder 2:22.0.0-0ubuntu1.3 python3-glance-store 4.3.0-0ubuntu1.3 python3-ironic 1:21.4.0-0ubuntu1.1 python3-nova 3:27.0.0-0ubuntu1.3 python3-os-brick 6.2.0-0ubuntu2.3 Ubuntu 22.04 LTS: python3-cinder 2:20.2.0-0ubuntu1.1 python3-glance-store 3.0.0-0ubuntu1.3 python3-ironic 1:20.1.0-0ubuntu1.1 python3-nova 3:25.1.1-0ubuntu1.1 python3-os-brick 5.2.2-0ubuntu1.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6241-1 CVE-2023-2088 Package Information: https://launchpad.net/ubuntu/+source/cinder/2:22.0.0-0ubuntu1.3 https://launchpad.net/ubuntu/+source/ironic/1:21.4.0-0ubuntu1.1 https://launchpad.net/ubuntu/+source/nova/3:27.0.0-0ubuntu1.3 https://launchpad.net/ubuntu/+source/python-glance-store/4.3.0-0ubuntu1.3 https://launchpad.net/ubuntu/+source/python-os-brick/6.2.0-0ubuntu2.3 https://launchpad.net/ubuntu/+source/cinder/2:20.2.0-0ubuntu1.1 https://launchpad.net/ubuntu/+source/ironic/1:20.1.0-0ubuntu1.1 https://launchpad.net/ubuntu/+source/nova/3:25.1.1-0ubuntu1.1 https://launchpad.net/ubuntu/+source/python-glance-store/3.0.0-0ubuntu1.3 https://launchpad.net/ubuntu/+source/python-os-brick/5.2.2-0ubuntu1.2 . Important revision for Ubuntu 23.04 and 22.04 LTS tackles OpenStack vulnerabilities that risk disclosing private data.. OpenStack Vulnerability, Ubuntu Update, Information Disclosure Risk, Security Notice, Ubuntu LTS Advisory. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Jul 24, 2023 Critical Ubuntu
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderate severitydoS threat

SUSE: 2021:1962-1 Moderate: OpenStack DoS and Security Fixes

An update that fixes 23 vulnerabilities, contains two features is now available. . SUSE Security Update: Security update for ardana-neutron, ardana-swift, cassandra, crowbar-openstack, grafana, kibana, openstack-dashboard, openstack-ironic, openstack-neutron, openstack-neutron-gbp, openstack-nova, python-Django1, python-py, python-pysaml2, python-xmlschema, rubygem-activerecord-session_store, venv-openstack-keystone ______________________________________________________________________________ Announcement ID: SUSE-SU-2021:1962-1 Rating: moderate References: #1044849 #1048688 #1115960 #1148383 #1170657 #1171909 #1172409 #1172450 #1174583 #1178243 #1179805 #1181277 #1181278 #1181689 #1181690 #1182317 #1182433 #1183174 #1183803 #1184148 #1185623 #1186608 #1186611 SOC-10357 SOC-11453 Cross-References: CVE-2017-11481 CVE-2017-11499 CVE-2018-18623 CVE-2018-18624 CVE-2018-18625 CVE-2018-19039 CVE-2019-15043 CVE-2019-25025 CVE-2020-10743 CVE-2020-11110 CVE-2020-12052 CVE-2020-13379 CVE-2020-17516 CVE-2020-24303 CVE-2020-29651 CVE-2021-21238 CVE-2021-21239 CVE-2021-23336 CVE-2021-27358 CVE-2021-28658 CVE-2021-31542 CVE-2021-33203 CVE-2021-33571 CVSS scores: CVE-2017-11481 (NVD) : 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE-2017-11481 (SUSE): 5.4 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVE-2017-11499 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2017-11499 (SUSE): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2018-18623 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE-2018-18623 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE-2018-18624 (NVD) : 6.1CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE-2018-18624 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE-2018-18625 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE-2018-18625 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE-2018-19039 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2018-19039 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2019-15043 (NVD) : 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2019-15043 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H CVE-2019-25025 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2019-25025 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2020-10743 (NVD) : 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2020-10743 (SUSE): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N CVE-2020-11110 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE-2020-11110 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE-2020-12052 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE-2020-12052 (SUSE): 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N CVE-2020-13379 (NVD) : 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H CVE-2020-13379 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2020-17516 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2020-17516 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2020-24303 (NVD) : 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVE-2020-24303 (SUSE): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVE-2020-29651 (NVD) : 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2020-29651 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2021-21238 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2021-21238 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2021-21239 (NVD) : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2021-21239 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N CVE-2021-23336 (NVD) : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H CVE-2021-23336 (SUSE): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:H CVE-2021-27358 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-27358 (SUSE): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2021-28658 (NVD) : 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2021-28658 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVE-2021-31542 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVE-2021-31542 (SUSE): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVE-2021-33571 (SUSE): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: SUSE OpenStack Cloud Crowbar 9 SUSE OpenStack Cloud 9 ______________________________________________________________________________ An update that fixes 23 vulnerabilities, contains two features is now available. Description: This update for ardana-neutron, ardana-swift, cassandra, crowbar-openstack, grafana, kibana, openstack-dashboard, openstack-ironic, openstack-neutron, openstack-neutron-gbp, openstack-nova, python-Django1, python-py, python-pysaml2, python-xmlschema, rubygem-activerecord-session_store, venv-openstack-keystone contains the following fixes: Security fixes included in this update: cassandra: - CVE-2020-17516: Fixed an issue where encryption between nodes was not enforced correctly for certain internode_encryption settings (bsc#1181689) grafana: - CVE-2018-18623, CVE-2018-18624, CVE-2018-18625: Fixed multiple cross site scripting vulnerabilities in the dashboard. (bsc#1172450) - CVE-2021-27358: Fixed a denial of service via remote API call. (bsc#1183803) - CVE-2019-15043: Fixed a denial of service by an unauthenticated user in the snapshot HTTP API (bsc#1148383) - CVE-2020-13379: Fixed an information leak to unauthenticated users. (bsc#1172409) - CVE-2020-12052: Fixed a cross site scripting vulnerability with the annotation popup (bsc#1170657) - CVE-2018-19039: Fixed an issue where a privileged user could exfiltrate files (bsc#1115960) - CVE-2020-11110: Fixed a stored cross site scripting vulnerability. (bsc#1174583) - CVE-2020-24303: Fixed a cross site scripting vulnerability in a query alias for ElasticSearch datasources (bsc#1178243) kibana: - CVE-2017-11499: Fixed a vulnerability in nodejs, related to the HashTable implementation, which could cause a denial of service. (bsc#1044849) - CVE-2017-11481: Fixed a cross site scripting vulnerability via via URL fields. (bsc#1044849) - CVE-2020-10743: Fixed a clickjacking issue because X-Frame-Option was not used by default. (bsc#1171909) python-Django: - CVE-2021-23336: Fixed a web cache poisoning via django.utils.http.limited_parse_qsl(). (bsc#1182433) - CVE-2021-28658: Fixed a directory traversal via uploaded files. (bsc#1184148) - CVE-2021-31542: Fixed a directory traversal via uploaded files with suitably crafted file names. (bsc#1185623) - CVE-2021-33203: Fixed potential path-traversal via admindocs' TemplateDetailView. (bsc#1186608) - CVE-2021-33571: Tighten validator checks to not allow leading zeros in IPv4 addresses, which potentially leads to further attacks. (bsc#1186611) python-py: - CVE-2020-29651: Fixed a denial of service via regular expressions. (bsc#1179805) python-pysaml2: - CVE-2021-21238: Fixed improper verification of cryptographic signatures for signed SAML documents. (bsc#1181277) - CVE-2021-21239: Fixed improper verification of cryptographic signatures when using CryptoBackendXmlSec1(). (bsc#1181278) rubygem-activerecord-session_store: - CVE-2019-25025: Fixed a timing attacks targeting the session id which could allow an attack to hijack sessions. (bsc#1183174) Non-security changes included in this update: Changes in ardana-neutron: - Update to version 9.0+git.1615223676.777f0b3: * Allow users to stop monitoring rootwrap daemon (bsc#1182317) Changes in ardana-swift: - Update to version 9.0+git.1618235096.90974ed: * Run swiftlm-scan in the UTC timezone (bsc#1181690) Changes in cassandra: - update to 3.11.10 (bsc#1181689, CVE-2020-17516) * Fix digest computation for queries with fetched but non queried columns (CASSANDRA-15962) * Reduce amount of allocations during batch statement execution (CASSANDRA-16201) * Update jflex-1.6.0.jar to match upstream (CASSANDRA-16393) * Fix DecimalDeserializer#toString OOM (CASSANDRA-14925) * Rate limit validation compactions using compaction_throughput_mb_per_sec (CASSANDRA-16161) * SASI's `max_compaction_flush_memory_in_mb` settings over 100GB revert to default of 1GB (CASSANDRA-16071) * Prevent unbounded number of pending flushing tasks (CASSANDRA-16261) * Improve empty hint file handling during startup (CASSANDRA-16162) * Allow empty string in collections with COPY FROM in cqlsh (CASSANDRA-16372) * Fix skipping on pre-3.0 created compact storage sstables due to missing primary key liveness (CASSANDRA-16226) * Extend the exclusion of replica filtering protection to other indices instead of just SASI (CASSANDRA-16311) * Synchronize transaction logs for JBOD (CASSANDRA-16225) *Fix the counting of cells per partition (CASSANDRA-16259) * Fix serial read/non-applying CAS linearizability (CASSANDRA-12126) * Avoid potential NPE in JVMStabilityInspector (CASSANDRA-16294) * Improved check of num_tokens against the length of initial_token (CASSANDRA-14477) * Fix a race condition on ColumnFamilyStore and TableMetrics (CASSANDRA-16228) * Remove the SEPExecutor blocking behavior (CASSANDRA-16186) * Fix invalid cell value skipping when reading from disk (CASSANDRA-16223) * Prevent invoking enable/disable gossip when not in NORMAL (CASSANDRA-16146) * Wait for schema agreement when bootstrapping (CASSANDRA-15158) * Fix the histogram merge of the table metrics (CASSANDRA-16259) * Synchronize Keyspace instance store/clear (CASSANDRA-16210) * Fix ColumnFilter to avoid querying cells of unselected complex columns (CASSANDRA-15977) * Fix memory leak in CompressedChunkReader (CASSANDRA-15880) * Don't attempt value skipping with mixed version cluster (CASSANDRA-15833) * Avoid failing compactions with very large partitions (CASSANDRA-15164) * Make sure LCS handles duplicate sstable added/removed notifications correctly (CASSANDRA-14103) * Fix OOM when terminating repair session (CASSANDRA-15902) * Avoid marking shutting down nodes as up after receiving gossip shutdown message (CASSANDRA-16094) * Check SSTables for latest version before dropping compact storage (CASSANDRA-16063) * Handle unexpected columns due to schema races (CASSANDRA-15899) * Add flag to ignore unreplicated keyspaces during repair (CASSANDRA-15160) * Package tools/bin scripts as executable (CASSANDRA-16151) * Fixed a NullPointerException when calling nodetool enablethrift (CASSANDRA-16127) * Correctly interpret SASI's `max_compaction_flush_memory_in_mb` setting in megabytes not bytes (CASSANDRA-16071) * Fix short read protection for GROUP BY queries (CASSANDRA-15459) *Frozen RawTuple is not annotated with frozen in the toString method (CASSANDRA-15857) Merged from 3.0: * Use IF NOT EXISTS for index and UDT create statements in snapshot schema files (CASSANDRA-13935) * Fix gossip shutdown order (CASSANDRA-15816) * Remove broken 'defrag-on-read' optimization (CASSANDRA-15432) * Check for endpoint collision with hibernating nodes (CASSANDRA-14599) * Operational improvements and hardening for replica filtering protection (CASSANDRA-15907) * stop_paranoid disk failure policy is ignored on CorruptSSTableException after node is up (CASSANDRA-15191) * Forbid altering UDTs used in partition keys (CASSANDRA-15933) * Fix empty/null json string representation (CASSANDRA-15896) * 3.x fails to start if commit log has range tombstones from a column which is also deleted (CASSANDRA-15970) * Handle difference in timestamp precision between java8 and java11 in LogFIle.java (CASSANDRA-16050) Merged from 2.2: * Fix CQL parsing of collections when the column type is reversed (CASSANDRA-15814) * Only allow strings to be passed to JMX authentication (CASSANDRA-16077) * Fix cqlsh output when fetching all rows in batch mode (CASSANDRA-15905) * Upgrade Jackson to 2.9.10 (CASSANDRA-15867) * Fix CQL formatting of read command restrictions for slow query log (CASSANDRA-15503) * Allow sstableloader to use SSL on the native port (CASSANDRA-14904) * Backport CASSANDRA-12189: escape string literals (CASSANDRA-15948) * Avoid hinted handoff per-host throttle being arounded to 0 in large cluster (CASSANDRA-15859) * Avoid emitting empty range tombstones from RangeTombstoneList (CASSANDRA-15924) * Avoid thread starvation, and improve compare-and-swap performance, in the slab allocators (CASSANDRA-15922) * Add token to tombstone warning and error messages (CASSANDRA-15890) * Fixed range read concurrency factor computation and capped as 10 times tpc cores(CASSANDRA-15752) * Catch exception on bootstrap resume and init native transport (CASSANDRA-15863) * Fix replica-side filtering returning stale data with CL > ONE (CASSANDRA-8272, CASSANDRA-8273) * Fix duplicated row on 2.x upgrades when multi-rows range tombstones interact with collection ones (CASSANDRA-15805) * Rely on snapshotted session infos on StreamResultFuture.maybeComplete to avoid race conditions (CASSANDRA-15667) * EmptyType doesn't override writeValue so could attempt to write bytes when expected not to (CASSANDRA-15790) * Fix index queries on partition key columns when some partitions contains only static data (CASSANDRA-13666) * Avoid creating duplicate rows during major upgrades (CASSANDRA-15789) * liveDiskSpaceUsed and totalDiskSpaceUsed get corrupted if IndexSummaryRedistribution gets interrupted (CASSANDRA-15674) * Fix Debian init start/stop (CASSANDRA-15770) * Fix infinite loop on index query paging in tables with clustering (CASSANDRA-14242) * Fix chunk index overflow due to large sstable with small chunk length (CASSANDRA-15595) * Allow selecting static column only when querying static index (CASSANDRA-14242) * cqlsh return non-zero status when STDIN CQL fails (CASSANDRA-15623) * Don't skip sstables in slice queries based only on local min/max/deletion timestamp (CASSANDRA-15690) * Memtable memory allocations may deadlock (CASSANDRA-15367) * Run evictFromMembership in GossipStage (CASSANDRA-15592) * Fix nomenclature of allow and deny lists (CASSANDRA-15862) * Remove generated files from source artifact (CASSANDRA-15849) * Remove duplicated tools binaries from tarballs (CASSANDRA-15768) * Duplicate results with DISTINCT queries in mixed mode (CASSANDRA-15501) * Disable JMX rebinding (CASSANDRA-15653) * Fix writing of snapshot manifest when the table has table-backed secondary indexes (CASSANDRA-10968) * Fix parse error in cqlshCOPY FROM and formatting for map of blobs (CASSANDRA-15679) * Fix Commit log replays when static column clustering keys are collections (CASSANDRA-14365) * Fix Red Hat init script on newer systemd versions (CASSANDRA-15273) * Allow EXTRA_CLASSPATH to work on tar/source installations (CASSANDRA-15567) * Fix bad UDT sstable metadata serialization headers written by C* 3.0 on upgrade and in sstablescrub (CASSANDRA-15035) * Fix nodetool compactionstats showing extra pending task for TWCS - patch implemented (CASSANDRA-15409) * Fix SELECT JSON formatting for the "duration" type (CASSANDRA-15075) * Fix LegacyLayout to have same behavior as 2.x when handling unknown column names (CASSANDRA-15081) * Update nodetool help stop output (CASSANDRA-15401) * Run in-jvm upgrade dtests in circleci (CASSANDRA-15506) * Include updates to static column in mutation size calculations (CASSANDRA-15293) * Fix point-in-time recoevery ignoring timestamp of updates to static columns (CASSANDRA-15292) * GC logs are also put under $CASSANDRA_LOG_DIR (CASSANDRA-14306) * Fix sstabledump's position key value when partitions have multiple rows (CASSANDRA-14721) * Avoid over-scanning data directories in LogFile.verify() (CASSANDRA-15364) * Bump generations and document changes to system_distributed and system_traces in 3.0, 3.11 (CASSANDRA-15441) * Fix system_traces creation timestamp; optimise system keyspace upgrades (CASSANDRA-15398) * Fix various data directory prefix matching issues (CASSANDRA-13974) * Minimize clustering values in metadata collector (CASSANDRA-15400) * Avoid over-trimming of results in mixed mode clusters (CASSANDRA-15405) * validate value sizes in LegacyLayout (CASSANDRA-15373) * Ensure that tracing doesn't break connections in 3.x/4.0 mixed mode by default (CASSANDRA-15385) * Make sure index summary redistribution does not start when compactions arepaused (CASSANDRA-15265) * Ensure legacy rows have primary key livenessinfo when they contain illegal cells (CASSANDRA-15365) * Fix race condition when setting bootstrap flags (CASSANDRA-14878) * Fix NativeLibrary.tryOpenDirectory callers for Windows (CASSANDRA-15426) * Fix SELECT JSON output for empty blobs (CASSANDRA-15435) * In-JVM DTest: Set correct internode message version for upgrade test (CASSANDRA-15371) * In-JVM DTest: Support NodeTool in dtest (CASSANDRA-15429) * Fix NativeLibrary.tryOpenDirectory callers for Windows (CASSANDRA-15426) * Fix SASI non-literal string comparisons (range operators) (CASSANDRA-15169) * Make sure user defined compaction transactions are always closed (CASSANDRA-15123) * Fix cassandra-env.sh to use $CASSANDRA_CONF to find cassandra-jaas.config (CASSANDRA-14305) * Fixed nodetool cfstats printing index name twice (CASSANDRA-14903) * Add flag to disable SASI indexes, and warnings on creation (CASSANDRA-14866) * Add ability to cap max negotiable protocol version (CASSANDRA-15193) * Gossip tokens on startup if available (CASSANDRA-15335) * Fix resource leak in CompressedSequentialWriter (CASSANDRA-15340) * Fix bad merge that reverted CASSANDRA-14993 (CASSANDRA-15289) * Fix LegacyLayout RangeTombstoneList IndexOutOfBoundsException when upgrading and RangeTombstone bounds are asymmetric (CASSANDRA-15172) * Fix NPE when using allocate_tokens_for_keyspace on new DC/rack (CASSANDRA-14952) * Filter sstables earlier when running cleanup (CASSANDRA-15100) * Use mean row count instead of mean column count for index selectivity calculation (CASSANDRA-15259) * Avoid updating unchanged gossip states (CASSANDRA-15097) * Prevent recreation of previously dropped columns with a different kind (CASSANDRA-14948) * Prevent client requests from blocking on executor task queue (CASSANDRA-15013) * Toughen up column drop/recreate typevalidations (CASSANDRA-15204) * LegacyLayout should handle paging states that cross a collection column (CASSANDRA-15201) * Prevent RuntimeException when username or password is empty/null (CASSANDRA-15198) * Multiget thrift query returns null records after digest mismatch (CASSANDRA-14812) * Skipping illegal legacy cells can break reverse iteration of indexed partitions (CASSANDRA-15178) * Handle paging states serialized with a different version than the session's (CASSANDRA-15176) * Throw IOE instead of asserting on unsupporter peer versions (CASSANDRA-15066) * Update token metadata when handling MOVING/REMOVING_TOKEN events (CASSANDRA-15120) * Add ability to customize cassandra log directory using $CASSANDRA_LOG_DIR (CASSANDRA-15090) * Skip cells with illegal column names when reading legacy sstables (CASSANDRA-15086) * Fix assorted gossip races and add related runtime checks (CASSANDRA-15059) * Fix mixed mode partition range scans with limit (CASSANDRA-15072) * cassandra-stress works with frozen collections: list and set (CASSANDRA-14907) * Fix handling FS errors on writing and reading flat files - LogTransaction and hints (CASSANDRA-15053) * Avoid double closing the iterator to avoid overcounting the number of requests (CASSANDRA-15058) * Improve `nodetool status -r` speed (CASSANDRA-14847) * Improve merkle tree size and time on heap (CASSANDRA-14096) * Add missing commands to nodetool_completion (CASSANDRA-14916) * Anti-compaction temporarily corrupts sstable state for readers (CASSANDRA-15004) * Catch non-IOException in FileUtils.close to make sure that all resources are closed (CASSANDRA-15225) * Handle exceptions during authentication/authorization (CASSANDRA-15041) * Support cross version messaging in in-jvm upgrade dtests (CASSANDRA-15078) * Fix index summary redistribution cancellation (CASSANDRA-15045) * Fixinginvalid CQL in security documentation (CASSANDRA-15020) * Allow instance class loaders to be garbage collected for inJVM dtest (CASSANDRA-15170) * Add support for network topology and query tracing for inJVM dtest (CASSANDRA-15319) * Correct sstable sorting for garbagecollect and levelled compaction (CASSANDRA-14870) * Severe concurrency issues in STCS,DTCS,TWCS,TMD.Topology,TypeParser * Add a script to make running the cqlsh tests in cassandra repo easier (CASSANDRA-14951) * If SizeEstimatesRecorder misses a 'onDropTable' notification, the size_estimates table will never be cleared for that table. (CASSANDRA-14905) * Counters fail to increment in 2.1/2.2 to 3.X mixed version clusters (CASSANDRA-14958) * Streaming needs to synchronise access to LifecycleTransaction (CASSANDRA-14554) * Fix cassandra-stress write hang with default options (CASSANDRA-14616) * Differentiate between slices and RTs when decoding legacy bounds (CASSANDRA-14919) * Netty epoll IOExceptions caused by unclean client disconnects being logged at INFO (CASSANDRA-14909) * Unfiltered.isEmpty conflicts with Row extends AbstractCollection.isEmpty (CASSANDRA-14588) * RangeTombstoneList doesn't properly clean up mergeable or superseded rts in some cases (CASSANDRA-14894) * Fix handling of collection tombstones for dropped columns from legacy sstables (CASSANDRA-14912) * Throw exception if Columns serialized subset encode more columns than possible (CASSANDRA-14591) * Drop/add column name with different Kind can result in corruption (CASSANDRA-14843) * Fix missing rows when reading 2.1 SSTables with static columns in 3.0 (CASSANDRA-14873) * Move TWCS message 'No compaction necessary for bucket size' to Trace level (CASSANDRA-14884) * Sstable min/max metadata can cause data loss (CASSANDRA-14861) * Dropped columns can cause reverse sstable iteration to return prematurely (CASSANDRA-14838) * Legacy sstables with multi block range tombstones create invalid bound sequences (CASSANDRA-14823) * Expand range tombstone validation checks to multiple interim request stages (CASSANDRA-14824) * Reverse order reads can return incomplete results (CASSANDRA-14803) * Avoid calling iter.next() in a loop when notifying indexers about range tombstones (CASSANDRA-14794) * Fix purging semi-expired RT boundaries in reversed iterators (CASSANDRA-14672) * DESC order reads can fail to return the last Unfiltered in the partition (CASSANDRA-14766) * Fix corrupted collection deletions for dropped columns in 3.0 2.{1,2} messages (CASSANDRA-14568) * Fix corrupted static collection deletions in 3.0 2.{1,2} messages (CASSANDRA-14568) * Handle failures in parallelAllSSTableOperation (cleanup/upgradesstables/etc) (CASSANDRA-14657) * Improve TokenMetaData cache populating performance avoid long locking (CASSANDRA-14660) * Backport: Flush netty client messages immediately (not by default) (CASSANDRA-13651) * Fix static column order for SELECT * wildcard queries (CASSANDRA-14638) * sstableloader should use discovered broadcast address to connect intra-cluster (CASSANDRA-14522) * Fix reading columns with non-UTF names from schema (CASSANDRA-14468) * Don't enable client transports when bootstrap is pending (CASSANDRA-14525) * MigrationManager attempts to pull schema from different major version nodes (CASSANDRA-14928) * Fix incorrect cqlsh results when selecting same columns multiple times (CASSANDRA-13262) * Returns null instead of NaN or Infinity in JSON strings (CASSANDRA-14377) * Paged Range Slice queries with DISTINCT can drop rows from results (CASSANDRA-14956) Changes in crowbar-openstack: - Update to version 6.0+git.1616146717.a89ae0f4e: * monasca: restart Kibana on update (bsc#1044849) Changes in grafana - Add CVE-2021-27358.patch (bsc#1183803, CVE-2021-27358) * Prevent unauthenticated remote attackers from causing a DoS through the snapshots API. Changes in kibana: - Ensure /etc/sysconfig/kibana is present - Update to Kibana 4.6.6 (bsc#1044849, CVE-2017-11499, ESA-2017-14, ESA-2017-16) * [4.6] ignore forked code for babel transpile build phase (#13483) * Allow more than match queries in custom filters (#8614) (#10857) * [state] don't make extra $location.replace() calls (#9954) * [optimizer] move to querystring-browser package for up-to-date api * [state/unhashUrl] use encode-uri-query to generate cleanly encoded urls * server: refactor log_interceptor to be more DRY (#9617) * server: downgrade ECANCELED logs to debug (#9616) * server: do not treat logged warnings as errors (#8746) (#9610) * [server/logger] downgrade EPIPE errors to debug level (#9023) * Add basepath when redirecting from a trailling slash (#9035) * [es/kibanaIndex] use unmapped_type rather than ignore_unmapped (#8968) * [server/shortUrl] validate urls before shortening them - Add CVE-2017-11481.patch (bsc#1044849, CVE-2017-11481) * This fixes an XSS vulnerability in URL fields - Remove %dir declaration from /opt/kibana/optimize to ensure no files owned by root end up in there - Exclude /opt/kibana/optimize from %fdupes - Restart service on upgrade - Do not copy LICENSE.txt and README.txt to /opt/kibana - Fix rpmlint warnings/errors - Switch to explicit patch application - Fix source URL - Fix logic for systemd/systemv detection - Add 0001-Configurable-custom-response-headers-for-server.patch (bsc#1171909, CVE-2020-10743) - Added kibana.yml symlink (bsc#1048688, FATE#323204) Changes in openstack-dashboard: - Update to version horizon-14.1.1.dev11: * Consume tempest-horizon from PyPI release Changes in openstack-ironic: - Update to version ironic-11.1.5.dev17: * Remove lower-constraintsjob Changes in openstack-ironic: - Update to version ironic-11.1.5.dev17: * Remove lower-constraints job Changes in openstack-neutron: - Update to version neutron-13.0.8.dev164: * Schedule networks to new segments if needed - Update to version neutron-13.0.8.dev162: * Fix invalid JSON generated by quota details - Update to version neutron-13.0.8.dev160: * Fix deletion of rfp interfaces when router is re-enabled - Update to version neutron-13.0.8.dev159: * [OVS FW] Allow egress ICMPv6 only for know addresses * [OVS FW] Clean conntrack entries with mark == CT\_MARK\_INVALID - Update to version neutron-13.0.8.dev155: * Fix removal of dvr-src mac flows when non-gateway port on router is deleted - Update to version neutron-13.0.8.dev153: * Add some wait time between stopping and starting again ovsdb monitor * Workaround for TCP checksum issue with ovs-dpdk and veth pair - Update to version neutron-13.0.8.dev149: * Fix wrong packet\_type set for IPv6 GRE tunnels in OVS - Update to version neutron-13.0.8.dev148: * Fix losses of ovs flows when ovs is restarted Changes in openstack-neutron: - Update to version neutron-13.0.8.dev164: * Schedule networks to new segments if needed - Update to version neutron-13.0.8.dev162: * Fix invalid JSON generated by quota details - Update to version neutron-13.0.8.dev160: * Fix deletion of rfp interfaces when router is re-enabled - Update to version neutron-13.0.8.dev159: * [OVS FW] Allow egress ICMPv6 only for know addresses * [OVS FW] Clean conntrack entries with mark == CT\_MARK\_INVALID - Update to version neutron-13.0.8.dev155: * Fix removal of dvr-src mac flows when non-gateway port on router is deleted - Update to version neutron-13.0.8.dev153: * Add some wait time between stopping and starting again ovsdb monitor * Workaround for TCP checksum issue with ovs-dpdk and veth pair - Update to versionneutron-13.0.8.dev149: * Fix wrong packet\_type set for IPv6 GRE tunnels in OVS - Update to version neutron-13.0.8.dev148: * Fix losses of ovs flows when ovs is restarted Changes in openstack-neutron-gbp: - Update to version group-based-policy-12.0.1.dev29: * gbp-validate: Tenant and resource level scoping 2014.2.0rc1 - Update to version group-based-policy-12.0.1.dev27: * Import data\_utils from the new location - Update to version group-based-policy-12.0.1.dev26: * Add SNAT port's Mac Address to the host\_snat\_ips dictionary - Update to version group-based-policy-12.0.1.dev25: * Add support for victoria 2014.2.rc1 - Update to version group-based-policy-12.0.1.dev24: * Fix deletion of SVI networks - Update to version group-based-policy-12.0.1.dev23: * Allow per-port qos configuration on dhcp port 2014.2rc1 - Update to version group-based-policy-12.0.1.dev22: * Add connectivity parameter to driver * [AIM] Fix ERSPAN extension 2014.2.rc1 - Update to version group-based-policy-12.0.1.dev19: * Fix exception with cleanup 2014.2.0rc1 - Update to version group-based-policy-12.0.1.dev18: * Add workaround to get\_subnets Changes in openstack-nova: - Update to version nova-18.3.1.dev82: * [stable-only] gate: Pin CEPH\_RELEASE to nautilus in LM hook * Change default num\_retries for glance to 3 Changes in openstack-nova: - Update to version nova-18.3.1.dev82: * [stable-only] gate: Pin CEPH\_RELEASE to nautilus in LM hook * Change default num\_retries for glance to 3 Changes in python-Django1: - Add CVE-2021-33203.patch (bsc#1186608, CVE-2021-33203) * Fixed potential path-traversal via admindocs' TemplateDetailView. - Add CVE-2021-33571.patch (bsc#1186611, CVE-2021-33571) * Prevented leading zeros in IPv4 addresses. - Add CVE-2021-31542.patch (bsc#1185623, CVE-2021-31542) * Fixed CVE-2021-31542 -- Tightened path and file name sanitation in fileuploads. - Add CVE-2021-28658.patch (bsc#1184148, CVE-2021-28658) * Fixed potential directory-traversal via uploaded files - Add CVE-2021-23336.patch (bsc#1182433, CVE-2021-23336) * Fixed web cache poisoning via django.utils.http.limited_parse_qsl() Changes in python-py: - Add CVE-2020-29651.patch ((bsc#1179805, CVE-2020-29651) * svnwc: fix regular expression vulnerable to DoS in blame functionality Changes in python-pysaml2: - Fix patches (SOC-11453) * 0005-Fix-CVE-2021-21238-SAML-XML-Signature-wrapping.patch - rename saml2.xml to saml2.samlxml to avoid overriding the xml module in the system module path - add missing __init__.py files - add missing saml2/data package to setup.py * 0007-Make-previous-commits-python2-compatible.patch so as not to - Adjust to saml2.xml to saml2.samlxml changes - Fix a few more syntax errors and Python2-isms. - Fix CVE-2021-21238, bsc#1181277 with 0002-Strengthen-XSW-tests.patch , 0003-Fix-the-parser-to-not-break-on-ePTID-AttributeValues.patch , 0004-Add-xsd-schemas.patch , 0005-Fix-CVE-2021-21238-SAML-XML-Signature-wrapping.patch . This adds a dependency on python-xmlschema, which depends on python-elementpath, thus both need to be added for this to work. The used python-xmlschema needs to support the sandbox argument which was added in 1.2.0 and refined in 1.2.1, but that version doesn't support python2, so a patched version that does both is needed. Add 0007-Make-previous-commits-python2-compatible.patch to not add a dependency on reportlib_resources and make other changes python2 compatible. . Fix CVE-2021-21239, bsc#1181278 with 0006-Fix-CVE-2021-21239-Restrict-the-key-data-that-xmlsec.patch Changes in python-xmlschema: - Add 3 patches to backport sandbox argument, which is needed by a security fix in python-pysaml2 and one patch to make backport python2 compatible. - Upstream url changed - Addrpmlintrc to make it work on Leap 42.3 - Update to 1.0.18: * Fix for *ModelVisitor.iter_unordered_content()* * Fixed default converter, AbderaConverter and JsonMLConverter for xs:anyType decode * Fixed validation tests with all converters * Added UnorderedConverter to validation tests - Update to 1.0.17: * Enhancement of validation-only speed (~15%) * Added *is_valid()* and *iter_errors()* to module API - Update to 1.0.16: * Improved XMLResource class for working with compressed files * Fix for validation with XSD wildcards and 'lax' process content * Fix ambiguous items validation for xs:choice and xs:sequence models - Handle UnicodeDecodeErrors during build process - Update to 1.0.15: * Improved XPath 2.0 bindings * Added logging for schema initialization and building (handled with argument loglevel) * Update encoding of collapsed contents with a new model based reordering method * Removed XLink namespace from meta-schema (loaded from a fallback location like XHTML) * Fixed half of failed W3C instance tests (remain 255 over 15344 tests) - Initial commit, needed by pytest 5.1.2 Changes in python-elementpath: - Update to 1.3.1: * Improved schema proxy * Improved XSD type matching using paths * Cached parent path for XPathContext (only Python 3) * Improve typed selection with TypedAttribute and TypedElement named-tuples * Add iter_results to XPathContext * Remove XMLSchemaProxy from package * Fix descendant shortcut operator '//' * Fix text() function * Fix typed select of '(name)' token * Fix 24-hour time for DateTime - Skip test_hashing to fix 32bit builds - Initial commit needed by python-xmlschema Changes in rubygem-activerecord-session_store: - added CVE-2019-25025.patch (CVE-2019-25025, bsc#1183174) * This requires CVE-2019-16782.patch to be included in rubygem-actionpack-4_2 to work correctly. Changes in venv-openstack-keystone - Add python-xmlschema and python-elementpath for new python-pysaml2 version. Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 9: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2021-1962=1 - SUSE OpenStack Cloud 9: zypper in -t patch SUSE-OpenStack-Cloud-9-2021-1962=1 Package List: - SUSE OpenStack Cloud Crowbar 9 (noarch): crowbar-openstack-6.0+git.1616146717.a89ae0f4e-3.34.4 openstack-dashboard-14.1.1~dev11-3.24.6 openstack-ironic-11.1.5~dev17-3.25.5 openstack-ironic-api-11.1.5~dev17-3.25.5 openstack-ironic-conductor-11.1.5~dev17-3.25.5 openstack-neutron-13.0.8~dev164-3.37.4 openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4 openstack-neutron-gbp-12.0.1~dev29-3.25.3 openstack-neutron-ha-tool-13.0.8~dev164-3.37.4 openstack-neutron-l3-agent-13.0.8~dev164-3.37.4 openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4 openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4 openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4 openstack-neutron-metering-agent-13.0.8~dev164-3.37.4 openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4 openstack-neutron-server-13.0.8~dev164-3.37.4 openstack-nova-18.3.1~dev82-3.37.6 openstack-nova-api-18.3.1~dev82-3.37.6 openstack-nova-cells-18.3.1~dev82-3.37.6 openstack-nova-compute-18.3.1~dev82-3.37.6 openstack-nova-conductor-18.3.1~dev82-3.37.6 openstack-nova-console-18.3.1~dev82-3.37.6 openstack-nova-novncproxy-18.3.1~dev82-3.37.6 openstack-nova-placement-api-18.3.1~dev82-3.37.6 openstack-nova-scheduler-18.3.1~dev82-3.37.6 openstack-nova-serialproxy-18.3.1~dev82-3.37.6 openstack-nova-vncproxy-18.3.1~dev82-3.37.6 python-Django1-1.11.29-3.25.1 python-elementpath-1.3.1-1.3.2 python-horizon-14.1.1~dev11-3.24.6 python-ironic-11.1.5~dev17-3.25.5 python-neutron-13.0.8~dev164-3.37.4 python-neutron-gbp-12.0.1~dev29-3.25.3 python-nova-18.3.1~dev82-3.37.6 python-openstack_auth-14.1.1~dev11-3.24.6 python-py-1.5.4-3.3.2 python-pysaml2-4.5.0-4.6.2 python-xmlschema-1.0.18-1.3.2 - SUSE OpenStack Cloud Crowbar 9 (x86_64): cassandra-3.11.10-3.3.3 cassandra-debuginfo-3.11.10-3.3.3 cassandra-debugsource-3.11.10-3.3.3 cassandra-tools-3.11.10-3.3.3 grafana-6.7.4-3.23.2 grafana-debuginfo-6.7.4-3.23.2 kibana-4.6.6-4.9.2 kibana-debuginfo-4.6.6-4.9.2 ruby2.1-rubygem-activerecord-session_store-0.1.2-4.3.2 - SUSE OpenStack Cloud 9 (noarch): ardana-neutron-9.0+git.1615223676.777f0b3-3.25.2 ardana-swift-9.0+git.1618235096.90974ed-3.10.2 openstack-dashboard-14.1.1~dev11-3.24.6 openstack-ironic-11.1.5~dev17-3.25.5 openstack-ironic-api-11.1.5~dev17-3.25.5 openstack-ironic-conductor-11.1.5~dev17-3.25.5 openstack-neutron-13.0.8~dev164-3.37.4 openstack-neutron-dhcp-agent-13.0.8~dev164-3.37.4 openstack-neutron-gbp-12.0.1~dev29-3.25.3 openstack-neutron-ha-tool-13.0.8~dev164-3.37.4 openstack-neutron-l3-agent-13.0.8~dev164-3.37.4 openstack-neutron-linuxbridge-agent-13.0.8~dev164-3.37.4 openstack-neutron-macvtap-agent-13.0.8~dev164-3.37.4 openstack-neutron-metadata-agent-13.0.8~dev164-3.37.4 openstack-neutron-metering-agent-13.0.8~dev164-3.37.4 openstack-neutron-openvswitch-agent-13.0.8~dev164-3.37.4 openstack-neutron-server-13.0.8~dev164-3.37.4 openstack-nova-18.3.1~dev82-3.37.6 openstack-nova-api-18.3.1~dev82-3.37.6 openstack-nova-cells-18.3.1~dev82-3.37.6 openstack-nova-compute-18.3.1~dev82-3.37.6 openstack-nova-conductor-18.3.1~dev82-3.37.6 openstack-nova-console-18.3.1~dev82-3.37.6 openstack-nova-novncproxy-18.3.1~dev82-3.37.6 openstack-nova-placement-api-18.3.1~dev82-3.37.6 openstack-nova-scheduler-18.3.1~dev82-3.37.6 openstack-nova-serialproxy-18.3.1~dev82-3.37.6 openstack-nova-vncproxy-18.3.1~dev82-3.37.6 python-Django1-1.11.29-3.25.1 python-elementpath-1.3.1-1.3.2 python-horizon-14.1.1~dev11-3.24.6 python-ironic-11.1.5~dev17-3.25.5 python-neutron-13.0.8~dev164-3.37.4 python-neutron-gbp-12.0.1~dev29-3.25.3 python-nova-18.3.1~dev82-3.37.6 python-openstack_auth-14.1.1~dev11-3.24.6 python-py-1.5.4-3.3.2 python-pysaml2-4.5.0-4.6.2 python-xmlschema-1.0.18-1.3.2 venv-openstack-barbican-x86_64-7.0.1~dev24-3.23.1 venv-openstack-cinder-x86_64-13.0.10~dev20-3.26.1 venv-openstack-designate-x86_64-7.0.2~dev2-3.23.1 venv-openstack-glance-x86_64-17.0.1~dev30-3.21.1 venv-openstack-heat-x86_64-11.0.4~dev4-3.23.1 venv-openstack-horizon-x86_64-14.1.1~dev11-4.27.3 venv-openstack-ironic-x86_64-11.1.5~dev17-4.21.2 venv-openstack-keystone-x86_64-14.2.1~dev4-3.24.3 venv-openstack-magnum-x86_64-7.2.1~dev1-4.23.1 venv-openstack-manila-x86_64-7.4.2~dev60-3.29.1 venv-openstack-monasca-ceilometer-x86_64-1.8.2~dev3-3.23.2 venv-openstack-monasca-x86_64-2.7.1~dev10-3.21.1 venv-openstack-neutron-x86_64-13.0.8~dev164-6.27.3 venv-openstack-nova-x86_64-18.3.1~dev82-3.27.3 venv-openstack-octavia-x86_64-3.2.3~dev7-4.23.1 venv-openstack-sahara-x86_64-9.0.2~dev15-3.23.1 venv-openstack-swift-x86_64-2.19.2~dev48-2.18.1 - SUSE OpenStack Cloud 9 (x86_64): cassandra-3.11.10-3.3.3 cassandra-debuginfo-3.11.10-3.3.3 cassandra-debugsource-3.11.10-3.3.3 cassandra-tools-3.11.10-3.3.3 grafana-6.7.4-3.23.2 grafana-debuginfo-6.7.4-3.23.2 kibana-4.6.6-4.9.2 kibana-debuginfo-4.6.6-4.9.2 References: https://www.suse.com/security/cve/CVE-2017-11481.html https://www.suse.com/security/cve/CVE-2017-11499.html https://www.suse.com/security/cve/CVE-2018-18623.html https://www.suse.com/security/cve/CVE-2018-18624.html https://www.suse.com/security/cve/CVE-2018-18625.html https://www.suse.com/security/cve/CVE-2018-19039.html https://www.suse.com/security/cve/CVE-2019-15043.html https://www.suse.com/security/cve/CVE-2019-25025.html https://www.suse.com/security/cve/CVE-2020-10743.html https://www.suse.com/security/cve/CVE-2020-11110.html https://www.suse.com/security/cve/CVE-2020-12052.html https://www.suse.com/security/cve/CVE-2020-13379.html https://www.suse.com/security/cve/CVE-2020-17516.html https://www.suse.com/security/cve/CVE-2020-24303.html https://www.suse.com/security/cve/CVE-2020-29651.html https://www.suse.com/security/cve/CVE-2021-21238.html https://www.suse.com/security/cve/CVE-2021-21239.html https://www.suse.com/security/cve/CVE-2021-23336.html https://www.suse.com/security/cve/CVE-2021-27358.html https://www.suse.com/security/cve/CVE-2021-28658.html https://www.suse.com/security/cve/CVE-2021-31542.html https://www.suse.com/security/cve/CVE-2021-33203.html https://www.suse.com/security/cve/CVE-2021-33571.html https://bugzilla.suse.com/1044849 https://bugzilla.suse.com/1048688 https://bugzilla.suse.com/1115960 https://bugzilla.suse.com/1148383 https://bugzilla.suse.com/1170657 https://bugzilla.suse.com/1171909 https://bugzilla.suse.com/1172409 https://bugzilla.suse.com/1172450 https://bugzilla.suse.com/1174583 https://bugzilla.suse.com/1178243 https://bugzilla.suse.com/1179805 https://bugzilla.suse.com/1181277 https://bugzilla.suse.com/1181278 https://bugzilla.suse.com/1181689 https://bugzilla.suse.com/1181690 https://bugzilla.suse.com/1182317 https://bugzilla.suse.com/1182433 https://bugzilla.suse.com/1183174 https://bugzilla.suse.com/1183803 https://bugzilla.suse.com/1184148 https://bugzilla.suse.com/1185623 https://bugzilla.suse.com/1186608 https://bugzilla.suse.com/1186611 . This release resolves 15 vulnerabilities found in multiple libraries, enhancing the overall safety of the system.. OpenStack Security Update, SUSE Cloud Advisory, Package Vulnerability Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jun 11, 2021 Important SuSE
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here