Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -4 articles for you...
100
security advisorySuSEsoftware updateSUSE: Git Python Important Security Update Advisory 2025:03012-1
* bsc#1212476 * bsc#1216545 * bsc#1218588 * bsc#1218664 * bsc#1243197 . # security update for git, git-lfs, obs-scm-bridge, python-PyYAML Announcement ID: SUSE-SU-2025:03012-1 Release Date: 2025-08-29T00:08:05Z Rating: important References: * bsc#1212476 * bsc#1216545 * bsc#1218588 * bsc#1218664 * bsc#1243197 * bsc#1245938 * bsc#1245939 * bsc#1245942 * bsc#1245943 * bsc#1245946 Cross-References: * CVE-2025-27613 * CVE-2025-27614 * CVE-2025-46835 * CVE-2025-48384 * CVE-2025-48385 CVSS scores: * CVE-2025-27613 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-27613 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2025-27613 ( NVD ): 3.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N * CVE-2025-27614 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-27614 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-27614 ( NVD ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2025-46835 ( SUSE ): 6.7 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2025-46835 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N * CVE-2025-46835 ( NVD ): 8.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:L * CVE-2025-48384 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-48384 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-48384 ( NVD ): 8.0 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H * CVE-2025-48385 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-48385 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2025-48385 ( NVD ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X Affected Products: * Basesystem Module 15-SP6 * BasesystemModule 15-SP7 * Development Tools Module 15-SP6 * Development Tools Module 15-SP7 * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * Python 3 Module 15-SP7 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Desktop 15 SP7 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Real Time 15 SP7 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server 15 SP7 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP7 An update that solves five vulnerabilities and has five security fixes can now be installed. ## Description: This update for git, git-lfs, obs-scm-bridge, python-PyYAML fixes the following issues: git was updated from version 2.43.0 to 2.51.0 (bsc#1243197): * Security issues fixed: * CVE-2025-27613 Fixed arbitrary writable file creation and truncation in Gitk(bsc#1245938) * CVE-2025-27614 Fixed arbitrary script execution via repository clonation in gitk(bsc#1245939) * CVE-2025-46835 Fixed arbitrary writable file creation in Git GUI when untrusted repository is cloned (bsc#1245942) * CVE-2025-48384 Fixed the unintentional execution of a script after checkout due to CRLF transforming (bsc#1245943) * CVE-2025-48385 Fixed arbitrary code execution due to protocol injection via fetching advertised bundle(bsc#1245946) * Other changes and bugs fixed: * Other changes and bugs fixed: * Added SHA256 support (bsc#1243197) * Git moved to /usr/libexec/git/git and updated AppArmor profile accordingly (bsc#1218588) * gitweb AppArmor profile: allow reading etc/gitweb-common.conf (bsc#1218664) * Do not replace apparmor configuration (bsc#1216545) * Fixed the Python version required (bsc#1212476) * Version Updates Release Notes: * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.51.0.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.50.1.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.50.0.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.49.0.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.48.1.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.48.0.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.47.1.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.47.0.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.46.2.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.46.1.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.46.0.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.45.3.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.45.2.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.45.1.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.45.0.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.44.0.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.3.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.2.adoc * https://raw.githubusercontent.com/git/git/master/Documentation/RelNotes/2.43.1.adoc git-lfs is included in version 3.7.0. python-PyYAML was updated from version 6.0.1 to 6.0.2: * Added support for Cython 3.x and Python 3.13 obs-scm-bridge was updated from version 0.5.4 to 0.7.4: * New Features and Improvements: * Manifest File Support: Support has been added for a `_manifest file`, which serves as a successor to the `_subdirs` file. * Control Over Git Information: A new noobsinfo query parameter was added to hide git information in source andbinary files. * Enhanced Submodule Handling: The system now records the configured branch of submodules and stays on that branch during checkout. * Git SHA Tracking: In project mode, the tool now uses git SHA sums instead of md5sum to track package sources. * SSH URL Support: ssh:// SCM URLs can now be used. * Improved Error Messages: Error reporting for invalid files within package subdirectories has been improved. * Standardized Config Location: In project mode, the _config file is now always located in the top-level directory, even when using subdirs. * Reduced Unnecessary Changes: In project mode, unnecessary modifications to the package meta URL are now avoided. * Limit Asset Handling: A new mechanism has been introduced to limit how assets are handled. * Branch Information Export: The trackingbranch is now exported to scmsync.obsinfo. * Bugs fixed: * Syntax Fix: A syntax issue was corrected. * Git Submodule Parsing: The .gitsubmodule parser was fixed to correctly handle files that contain a mix of spaces and tabs. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2025-3012=1 openSUSE-SLE-15.6-2025-3012=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2025-3012=1 * Basesystem Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP7-2025-3012=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2025-3012=1 * Development Tools Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP7-2025-3012=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2025-3012=1 * Python 3 Module 15-SP7 zypper in -t patch SUSE-SLE-Module-Python3-15-SP7-2025-3012=1 ## Package List: *openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python311-PyYAML-debuginfo-6.0.2-150600.10.3.1 * perl-Git-2.51.0-150600.3.12.1 * python-PyYAML-debugsource-6.0.2-150600.10.3.1 * python311-PyYAML-6.0.2-150600.10.3.1 * git-email-2.51.0-150600.3.12.1 * git-core-debuginfo-2.51.0-150600.3.12.1 * git-lfs-3.7.0-150600.13.3.1 * git-core-2.51.0-150600.3.12.1 * git-gui-2.51.0-150600.3.12.1 * git-p4-2.51.0-150600.3.12.1 * git-cvs-2.51.0-150600.3.12.1 * git-credential-libsecret-debuginfo-2.51.0-150600.3.12.1 * git-2.51.0-150600.3.12.1 * git-daemon-2.51.0-150600.3.12.1 * git-arch-2.51.0-150600.3.12.1 * gitk-2.51.0-150600.3.12.1 * git-web-2.51.0-150600.3.12.1 * git-debuginfo-2.51.0-150600.3.12.1 * git-svn-2.51.0-150600.3.12.1 * git-debugsource-2.51.0-150600.3.12.1 * git-credential-libsecret-2.51.0-150600.3.12.1 * git-daemon-debuginfo-2.51.0-150600.3.12.1 * openSUSE Leap 15.6 (noarch) * git-doc-2.51.0-150600.3.12.1 * obs-scm-bridge-0.7.4-150600.14.4.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * git-debugsource-2.51.0-150600.3.12.1 * git-core-2.51.0-150600.3.12.1 * git-core-debuginfo-2.51.0-150600.3.12.1 * git-debuginfo-2.51.0-150600.3.12.1 * Basesystem Module 15-SP7 (aarch64 ppc64le s390x x86_64) * git-debugsource-2.51.0-150600.3.12.1 * git-core-2.51.0-150600.3.12.1 * git-core-debuginfo-2.51.0-150600.3.12.1 * git-debuginfo-2.51.0-150600.3.12.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * git-arch-2.51.0-150600.3.12.1 * git-gui-2.51.0-150600.3.12.1 * gitk-2.51.0-150600.3.12.1 * perl-Git-2.51.0-150600.3.12.1 * git-web-2.51.0-150600.3.12.1 * git-debugsource-2.51.0-150600.3.12.1 * git-cvs-2.51.0-150600.3.12.1 * git-debuginfo-2.51.0-150600.3.12.1 * git-daemon-debuginfo-2.51.0-150600.3.12.1 * git-2.51.0-150600.3.12.1 * git-email-2.51.0-150600.3.12.1 * git-daemon-2.51.0-150600.3.12.1 *git-svn-2.51.0-150600.3.12.1 * git-lfs-3.7.0-150600.13.3.1 * Development Tools Module 15-SP6 (noarch) * git-doc-2.51.0-150600.3.12.1 * obs-scm-bridge-0.7.4-150600.14.4.1 * Development Tools Module 15-SP7 (aarch64 ppc64le s390x x86_64) * git-arch-2.51.0-150600.3.12.1 * git-gui-2.51.0-150600.3.12.1 * gitk-2.51.0-150600.3.12.1 * perl-Git-2.51.0-150600.3.12.1 * git-web-2.51.0-150600.3.12.1 * git-debugsource-2.51.0-150600.3.12.1 * git-cvs-2.51.0-150600.3.12.1 * git-debuginfo-2.51.0-150600.3.12.1 * git-daemon-debuginfo-2.51.0-150600.3.12.1 * git-2.51.0-150600.3.12.1 * git-email-2.51.0-150600.3.12.1 * git-daemon-2.51.0-150600.3.12.1 * git-svn-2.51.0-150600.3.12.1 * git-lfs-3.7.0-150600.13.3.1 * Development Tools Module 15-SP7 (noarch) * git-doc-2.51.0-150600.3.12.1 * obs-scm-bridge-0.7.4-150600.14.4.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python311-PyYAML-6.0.2-150600.10.3.1 * python-PyYAML-debugsource-6.0.2-150600.10.3.1 * python311-PyYAML-debuginfo-6.0.2-150600.10.3.1 * Python 3 Module 15-SP7 (aarch64 ppc64le s390x x86_64) * python311-PyYAML-6.0.2-150600.10.3.1 * python-PyYAML-debugsource-6.0.2-150600.10.3.1 * python311-PyYAML-debuginfo-6.0.2-150600.10.3.1 ## References: * https://www.suse.com/security/cve/CVE-2025-27613.html * https://www.suse.com/security/cve/CVE-2025-27614.html * https://www.suse.com/security/cve/CVE-2025-46835.html * https://www.suse.com/security/cve/CVE-2025-48384.html * https://www.suse.com/security/cve/CVE-2025-48385.html * https://bugzilla.suse.com/show_bug.cgi?id=1212476 * https://bugzilla.suse.com/show_bug.cgi?id=1216545 * https://bugzilla.suse.com/show_bug.cgi?id=1218588 * https://bugzilla.suse.com/show_bug.cgi?id=1218664 * https://bugzilla.suse.com/show_bug.cgi?id=1243197 * https://bugzilla.suse.com/show_bug.cgi?id=1245938 * https://bugzilla.suse.com/show_bug.cgi?id=1245939 * https://bugzilla.suse.com/show_bug.cgi?id=1245942 *https://bugzilla.suse.com/show_bug.cgi?id=1245943 * https://bugzilla.suse.com/show_bug.cgi?id=1245946 . Discussing key enhancements for Git and Python libraries in SUSE to resolve significant security vulnerabilities.. SUSE security, Git update, Python security, software patch, SUSE vulnerabilities. . Severity: Important. LinuxSecurity.com Team
Aug 29, 2025
•Important
SuSE
100
security advisoryupdate instructionsapache2SUSE Manager 4.3: Important Security Update and Fixes Overview
* bsc#1191143 * bsc#1204235 * bsc#1207012 * bsc#1207532 * bsc#1210928 . # Maintenance update for SUSE Manager 4.3: Server, Proxy and Retail Branch Server Announcement ID: SUSE-SU-2023:4737-1 Rating: important References: * bsc#1191143 * bsc#1204235 * bsc#1207012 * bsc#1207532 * bsc#1210928 * bsc#1210930 * bsc#1211355 * bsc#1211560 * bsc#1211649 * bsc#1212695 * bsc#1212904 * bsc#1213469 * bsc#1214186 * bsc#1214471 * bsc#1214601 * bsc#1214759 * bsc#1215209 * bsc#1215514 * bsc#1215949 * bsc#1216030 * bsc#1216041 * bsc#1216085 * bsc#1216128 * bsc#1216380 * bsc#1216506 * bsc#1216555 * bsc#1216690 * bsc#1216754 * bsc#1217038 * bsc#1217223 * bsc#1217224 * jsc#MSQA-708 * jsc#SUMA-282 Cross-References: * CVE-2023-22644 CVSS scores: * CVE-2023-22644 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Public Cloud Module 15-SP4 * Public Cloud Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 Module 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that solves one vulnerability, contains two features and has 30 security fixes can now be installed. ## Recommended update for SUSE Manager Proxy and Retail Branch Server 4.3 ### Description: This update fixes the following issues: spacecmd: * Version 4.3.25-1 * Update translation strings spacewalk-backend: * Version 4.3.25-1 * Use the new apache2-mod_wsgi package name * Set stricter file permissions for config file * Add table statistics and options to the support config database output * Add CLM data collection tospacewalk-debug spacewalk-client-tools: * Version 4.3.17-1 * Update translation strings spacewalk-proxy: * Version 4.3.17-1 * Use the new apache2-mod_wsgi package name spacewalk-web: * Version 4.3.36-1 * Safeguard request URLs against tempering (bsc#1216754) * Improve datetimepicker input formatting * Improve logging to better capture third-party library issues * Simplify and modernize password generation logic * Update webpack to 5.88.2 * Handle new message from subscription-matcher (bsc#1216506) * Add sanity checks for FQDNs in proxy configuration dialog * Add option to filter packages by build time in CLM (jsc#SUMA-282) susemanager-tftpsync-recv: * Version 4.3.9-1 * Use the new apache2-mod_wsgi package name * Build with Python 3 and clean up references to Python 2 How to apply this update: 1. Log in as root user to the SUSE Manager Proxy or Retail Branch Server. 2. Stop the proxy service: `spacewalk-proxy stop` 3. Apply the patch using either zypper patch or YaST Online Update. 4. Start the Spacewalk service: `spacewalk-proxy start` ## Security update for SUSE Manager Server 4.3 ### Description: This update fixes the following issues: billing-data-service: * Version 4.3.2-1 * Relax dependency to csp-billing-adapter-service inter-server-sync: * Version 0.3.1 * Require at least Go 1.20 for building SUSE packages spacecmd: * Version 4.3.25-1 * Update translation strings spacewalk-backend: * Version 4.3.25-1 * Use the new apache2-mod_wsgi package name * Set stricter file permissions for config file * Add table statistics and options to the support config database output * Add CLM data collection to spacewalk-debug spacewalk-client-tools: * Version 4.3.17-1 * Update translation strings spacewalk-java: * Version 4.3.69-1 * Security fixes: * CVE-2023-22644: Sanitize token before logging it (bsc#1210930) * CVE-2023-22644: Fix permissions for logfiles (bsc#1210928) * CVE-2023-22644: Log potential sensitive information only in debug mode (bsc#1210928) *Non security fixes: * Include in API response reboot_suggested and restart_suggested booleans * Fix filter ID comparison when attaching filters to a CLM project (bsc#1215949) * Fix validation of lists with empty defaults in formulas (bsc#1216555) * Safeguard request URLs against tempering (bsc#1216754) * Improve logging to better capture third-party library issues * Fix issue of non-installed package listed as errata package update candidates (bsc#1212904) * Fix issue with reporting database query pagination * Update tomcat jars to version greater than 9.0.75 * Fix notification messages email content (bsc#1216041) * Look for the PAYG CA certificate location in different order to find and import the correct one (bsc#1214759) * Add salt-api socket timeout to abort stuck taskomatic jobs (bsc#1211649) * Fix SUSE Linux Enterprise Micro PAYG detection * Wait for lock to execute SCC sync task (bsc#1216030) * Fix url pointing to SCC (bsc#1216690) * Prevent download when a PAYG Server is not compliant * Fix system.provisionSystem xmlrpc endpoint to calculate host properly (bsc#1215209) * Include "uuid" as system search xmlrpc results (bsc#1216380) * Prevent losing Remote Command action result if returned JSON cannot be parsed * Add PAYG info to UI and rest API * Add management restrictions to SUMA PAYG when dealing with BYOS instances when no SCC credentials are set * Fix issue where bad SCC credentials were preventing other credentials to refresh (bsc#1211355) * Fix conversion to string if branchid is numeric in PXEEvent * Fix token validation for shared (public) child channels (bsc#1216128) * Prevent NullPointerException in updateSystemInfo (bsc#1217224) * Update SCC REST call to register systems in bulk * Enhance hardware data sent to SCC by memory * Fix FQDN machine name mapping on proxy configuration * Fix NullPointerException when creating PXE config for an unmanaged profile (bsc#1217223) * Add option to filter packages by build time in CLM (jsc#SUMA-282) * Consider server id whenremoving invalid erratas from rhnSet (bsc#1204235,bsc#1207012,bsc#1211560) * Fix createSystemRecord XML-RPC API call so the Cobbler UID is persisted (bsc#1207532) spacewalk-search: * Version 4.3.10-1 * Include "uuid" as system search result attribute (bsc#1216380) spacewalk-web: * Version 4.3.36-1 * Safeguard request URLs against tempering (bsc#1216754) * Improve datetimepicker input formatting * Improve logging to better capture third-party library issues * Simplify and modernize password generation logic * Update webpack to 5.88.2 * Handle new message from subscription-matcher (bsc#1216506) * Add sanity checks for FQDNs in proxy configuration dialog * Add option to filter packages by build time in CLM (jsc#SUMA-282) subscription-matcher: * Version 0.33 * Added missing part numbers (bsc#1216506) * Ignore subscriptions without any associated products (bsc#1216506) * Update Guava to version 32.0 susemanager: * Version 4.3.33-1 * Add bootstrap repository data for SUSE Linux Enterprise Micro 5.5 (bsc#1217038) susemanager-docs_en: * Add SUSE Liberty Linux versions 7 and 8 to the supported features matrix in the Client Configuration Guide * Add support for SUSE Linux Enterprise Micro 5.5 and openSUSE Leap Micro 5.5 clients to the Installation and Upgrade Guide, and to the Client Configuration Guide * Update Twitter handle reference in documentation user interface * Update feature table and add legend in the Configuration Management section of the Client Configuration Guide * Fix parameter name in the Register clients section of the Client Configuration Guide * Fix links to HTML output of SUSE Linux Enterprise Server 15 SP4 documentation * Add note about using short hostname in the Quick Start: SAP guide (bsc#1212695) * Mention the option to install Prometheus on Retail branch servers (bsc#1191143) * Fix link loop and clarify some server upgrade description details in the Installation and Upgrade Guide (bsc#1214471) * SUSE Manager 4.3 is based on SUSE Linux Enterprise 15SP4; update the installation procedure (bsc#1213469) susemanager-schema: * Version 4.3.22-1 * Drop special versioned schema files * Add unique index for rhnpackagechangelogdata table susemanager-sls: * Version 4.3.37-1 * Disable dnf_rhui_plugin as it breaks our susemanagerplugin (bsc#1214601) * Fix susemanagerplugin to not overwrite header fields set by other plugins * Let the DNF plugin log when a token was set * Retry loading of pillars from DB on connection error (bsc#1214186) * Recognize squashfs build results from KIWI (bsc#1216085) susemanager-sync-data: * Version 4.3.14-1 * SUSE Linux Enterprise 15 SP4 Long Term Service Pack Support (LTSS) * Extended Service Pack Overlay Support (ESPOS) for High Performance Computing 15 SP5 * Long Term Service Pack Support (LTSS) for High Performance Computing 15 SP5 * Update Open Enterprise Server to 2023.4 (bsc#1215514) uyuni-reportdb-schema: * Version 4.3.8-1 * Provide reportdb upgrade schema path structure How to apply this update: 1. Log in as root user to the SUSE Manager Server. 2. Stop the Spacewalk service: `spacewalk-service stop` 3. Apply the patch using either zypper patch or YaST Online Update. 4. Start the Spacewalk service: `spacewalk-service start` ## Recommended update for apache2-mod_wsgi ### Description: This update fixes the following issues: apache2-mod_wsgi: * Ensure the binaries are included in SUSE Manager Server ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2023-4737=1 openSUSE-SLE-15.4-2023-4737=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-4737=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2023-4737=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2023-4737=1 * SUSE Manager Proxy 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Proxy-4.3-2023-4737=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2023-4737=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * apache2-mod_wsgi-debugsource-4.7.1-150400.3.9.4 * apache2-mod_wsgi-4.7.1-150400.3.9.4 * apache2-mod_wsgi-debuginfo-4.7.1-150400.3.9.4 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * apache2-mod_wsgi-debugsource-4.7.1-150400.3.9.4 * apache2-mod_wsgi-4.7.1-150400.3.9.4 * apache2-mod_wsgi-debuginfo-4.7.1-150400.3.9.4 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * apache2-mod_wsgi-debugsource-4.7.1-150400.3.9.4 * apache2-mod_wsgi-4.7.1-150400.3.9.4 * apache2-mod_wsgi-debuginfo-4.7.1-150400.3.9.4 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-mod_wsgi-debugsource-4.7.1-150400.3.9.4 * apache2-mod_wsgi-4.7.1-150400.3.9.4 * apache2-mod_wsgi-debuginfo-4.7.1-150400.3.9.4 * SUSE Manager Proxy 4.3 Module 4.3 (x86_64) * apache2-mod_wsgi-debugsource-4.7.1-150400.3.9.4 * apache2-mod_wsgi-4.7.1-150400.3.9.4 * apache2-mod_wsgi-debuginfo-4.7.1-150400.3.9.4 * SUSE Manager Proxy 4.3 Module 4.3 (noarch) * spacecmd-4.3.25-150400.3.30.5 * python3-spacewalk-client-tools-4.3.17-150400.3.21.6 * spacewalk-proxy-redirect-4.3.17-150400.3.23.5 * spacewalk-client-setup-4.3.17-150400.3.21.6 * python3-spacewalk-check-4.3.17-150400.3.21.6 * spacewalk-proxy-broker-4.3.17-150400.3.23.5 * spacewalk-proxy-common-4.3.17-150400.3.23.5 * spacewalk-backend-4.3.25-150400.3.33.7 * spacewalk-proxy-salt-4.3.17-150400.3.23.5 * spacewalk-check-4.3.17-150400.3.21.6 * spacewalk-proxy-management-4.3.17-150400.3.23.5 * spacewalk-proxy-package-manager-4.3.17-150400.3.23.5 * python3-spacewalk-client-setup-4.3.17-150400.3.21.6 * spacewalk-client-tools-4.3.17-150400.3.21.6 * spacewalk-base-minimal-4.3.36-150400.3.36.7 * susemanager-tftpsync-recv-4.3.9-150400.3.9.5 * spacewalk-base-minimal-config-4.3.36-150400.3.36.7 * SUSE ManagerServer 4.3 Module 4.3 (ppc64le s390x x86_64) * apache2-mod_wsgi-debugsource-4.7.1-150400.3.9.4 * apache2-mod_wsgi-debuginfo-4.7.1-150400.3.9.4 * inter-server-sync-0.3.1-150400.3.24.5 * susemanager-tools-4.3.33-150400.3.42.4 * susemanager-4.3.33-150400.3.42.4 * apache2-mod_wsgi-4.7.1-150400.3.9.4 * inter-server-sync-debuginfo-0.3.1-150400.3.24.5 * SUSE Manager Server 4.3 Module 4.3 (noarch) * spacewalk-backend-config-files-tool-4.3.25-150400.3.33.7 * spacewalk-search-4.3.10-150400.3.15.4 * python3-spacewalk-client-tools-4.3.17-150400.3.21.6 * susemanager-sync-data-4.3.14-150400.3.17.5 * spacewalk-backend-config-files-common-4.3.25-150400.3.33.7 * susemanager-docs_en-pdf-4.3-150400.9.50.5 * spacewalk-backend-sql-postgresql-4.3.25-150400.3.33.7 * spacewalk-base-4.3.36-150400.3.36.7 * susemanager-schema-4.3.22-150400.3.30.5 * spacewalk-backend-iss-4.3.25-150400.3.33.7 * spacewalk-taskomatic-4.3.69-150400.3.69.5 * susemanager-docs_en-4.3-150400.9.50.5 * susemanager-sls-4.3.37-150400.3.37.5 * spacewalk-client-tools-4.3.17-150400.3.21.6 * spacecmd-4.3.25-150400.3.30.5 * spacewalk-html-4.3.36-150400.3.36.7 * spacewalk-backend-xmlrpc-4.3.25-150400.3.33.7 * susemanager-schema-utility-4.3.22-150400.3.30.5 * spacewalk-backend-iss-export-4.3.25-150400.3.33.7 * spacewalk-base-minimal-config-4.3.36-150400.3.36.7 * spacewalk-backend-xml-export-libs-4.3.25-150400.3.33.7 * spacewalk-java-config-4.3.69-150400.3.69.5 * spacewalk-backend-config-files-4.3.25-150400.3.33.7 * spacewalk-backend-sql-4.3.25-150400.3.33.7 * uyuni-reportdb-schema-4.3.8-150400.3.9.6 * spacewalk-java-4.3.69-150400.3.69.5 * spacewalk-backend-server-4.3.25-150400.3.33.7 * subscription-matcher-0.33-150400.3.16.3 * spacewalk-java-lib-4.3.69-150400.3.69.5 * spacewalk-base-minimal-4.3.36-150400.3.36.7 * spacewalk-java-postgresql-4.3.69-150400.3.69.5 * billing-data-service-4.3.2-150400.10.12.5 * spacewalk-backend-tools-4.3.25-150400.3.33.7 * spacewalk-backend-applet-4.3.25-150400.3.33.7 *spacewalk-backend-4.3.25-150400.3.33.7 * uyuni-config-modules-4.3.37-150400.3.37.5 * spacewalk-backend-package-push-server-4.3.25-150400.3.33.7 * spacewalk-backend-app-4.3.25-150400.3.33.7 ## References: * https://www.suse.com/security/cve/CVE-2023-22644.html * https://bugzilla.suse.com/show_bug.cgi?id=1191143 * https://bugzilla.suse.com/show_bug.cgi?id=1204235 * https://bugzilla.suse.com/show_bug.cgi?id=1207012 * https://bugzilla.suse.com/show_bug.cgi?id=1207532 * https://bugzilla.suse.com/show_bug.cgi?id=1210928 * https://bugzilla.suse.com/show_bug.cgi?id=1210930 * https://bugzilla.suse.com/show_bug.cgi?id=1211355 * https://bugzilla.suse.com/show_bug.cgi?id=1211560 * https://bugzilla.suse.com/show_bug.cgi?id=1211649 * https://bugzilla.suse.com/show_bug.cgi?id=1212695 * https://bugzilla.suse.com/show_bug.cgi?id=1212904 * https://bugzilla.suse.com/show_bug.cgi?id=1213469 * https://bugzilla.suse.com/show_bug.cgi?id=1214186 * https://bugzilla.suse.com/show_bug.cgi?id=1214471 * https://bugzilla.suse.com/show_bug.cgi?id=1214601 * https://bugzilla.suse.com/show_bug.cgi?id=1214759 * https://bugzilla.suse.com/show_bug.cgi?id=1215209 * https://bugzilla.suse.com/show_bug.cgi?id=1215514 * https://bugzilla.suse.com/show_bug.cgi?id=1215949 * https://bugzilla.suse.com/show_bug.cgi?id=1216030 * https://bugzilla.suse.com/show_bug.cgi?id=1216041 * https://bugzilla.suse.com/show_bug.cgi?id=1216085 * https://bugzilla.suse.com/show_bug.cgi?id=1216128 * https://bugzilla.suse.com/show_bug.cgi?id=1216380 * https://bugzilla.suse.com/show_bug.cgi?id=1216506 * https://bugzilla.suse.com/show_bug.cgi?id=1216555 * https://bugzilla.suse.com/show_bug.cgi?id=1216690 * https://bugzilla.suse.com/show_bug.cgi?id=1216754 * https://bugzilla.suse.com/show_bug.cgi?id=1217038 * https://bugzilla.suse.com/show_bug.cgi?id=1217223 * https://bugzilla.suse.com/show_bug.cgi?id=1217224 * * . Critical upkeep instructions for SUSE Manager 4.3 targeting diverse issues and bolstering security across solutions.. SUSEManager, Security Update, Maintenance Release, SUSE Linux, Patch Instructions. . Severity: Important. LinuxSecurity.com Team
Dec 14, 2023
•Important
SuSE
87
security advisorydenial of servicedebianDebian DSA-5318-1: LAVA Denial of Service Vulnerability Resolved
Igor Ponomarev discovered that LAVA, a continuous integration system for deploying operating systems onto physical and virtual hardware for running tests, was suspectible to denial of service via recursive XML entity expansion. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5318-1
Jan 13, 2023
•Important
Debian
89
security advisoryFedoracritical updateFedora 36: 2022-abc123xyz Critical: Python Various CVE Addressing
Rebuild for CVE-2022-{24675,28327,29526} in golang and other go ecosystem CVEs --- This contains the result from the mass rebuild in F35 for all packages that require `golang` and provide binaries to mitigate the following CVEs: `golang` itself: - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode - CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar -. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-3969b64d4b 2022-07-17 00:57:11.020145 --------------------------------------------------------------------------------Name : golang-github-nxadm-tail Product : Fedora 35 Version : 1.4.6 Release : 4.fc35 URL : https://github.com/nxadm/tail Summary : Read from continously updated files (tail -f) Description : Go package for reading from continously updated files (tail -f). --------------------------------------------------------------------------------Update Information: Rebuild for CVE-2022-{24675,28327,29526} in golang and other go ecosystem CVEs --- This contains the result from the mass rebuild in F35 for all packages that require `golang` and provide binaries to mitigate the following CVEs: `golang` itself: - CVE-2022-24675 golang: encoding/pem: fix stack overflow in Decode -CVE-2022-28327 golang: crypto/elliptic: panic caused by oversized scalar -CVE-2022-29526 golang: syscall: faccessat checks wrong group (There are some Go CVEs that are a little bit older that will also be mitigated by the rebuild for packages that haven't been updated recently) CVEs in other golang libraries that affect a subset of Go packages: - CVE-2022-21698 golang-github-prometheus-client: prometheus/client_golang: Denial of service using InstrumentHandlerCounter - CVE-2022-1996 go-restful: Authorization Bypass Through User-Controlled Key ---- Initial import for golang-github-a8m-envsubst Resolves: rhbz#2074406 ---- Initial package Resolves: rhbz#2074438 ----Update to v3.14.0 (close rhbz#2105612) ---- Fix merge ---- Update to 1.22.1 - Close: rhbz#2077577 --------------------------------------------------------------------------------ChangeLog: * Sat Jul 9 2022 Maxwell G - 1.4.6-4 - Rebuild for CVE-2022-{24675,28327,29526} in golang --------------------------------------------------------------------------------References: [ 1 ] Bug #2074406 - Review Request: golang-github-a8m-envsubst - Environment variables substitution for Go https://bugzilla.redhat.com/show_bug.cgi?id=2074406 [ 2 ] Bug #2074438 - Review Request: golang-github-goccy-yaml - YAML support for the Go language https://bugzilla.redhat.com/show_bug.cgi?id=2074438 [ 3 ] Bug #2077577 - powerline-go-1.22.1 is available https://bugzilla.redhat.com/show_bug.cgi?id=2077577 [ 4 ] Bug #2105612 - golang-github-task-3.14.0 is available https://bugzilla.redhat.com/show_bug.cgi?id=2105612 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-3969b64d4b' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jul 16, 2022
•Critical
Fedora
89
security advisorysoftware updateFedora CoreFedora Core 4 FEDORA-2005-493 Critical: Qt Library Update
Updated package.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2005-493 2005-06-30 ---------------------------------------------------------------------Product : Fedora Core 4 Name : qt Version : 3.3.4 Release : 15.1 Summary : The shared library for the Qt GUI toolkit. Description : Qt is a GUI software toolkit which simplifies the task of writing and maintaining GUI (Graphical User Interface) applications for the X Window System. Qt is written in C++ and is fully object-oriented. This package contains the shared library needed to run qt applications, as well as the README files for qt. ---------------------------------------------------------------------* Wed Jun 29 2005 Than Ngo 1:3.3.4-15.1 - apply patch to fix Rendering for Punjabii, thanks to Trolltech #156504 - add better fix for #156977, thanks to trolltech - apply patch to fix keyReleaseEvent problem #156572 * Tue May 24 2005 Than Ngo 1:3.3.4-15 - add better fix for #156977, thanks to trolltech ---------------------------------------------------------------------This update can be downloaded from: cde488f937a17d87c84b56ed15346db3 SRPMS/qt-3.3.4-15.1.src.rpm fad9a2695122d393efdb9f197a71be2b ppc/qt-3.3.4-15.1.ppc.rpm 0abb7f868d730fc1700d0f6b57186552 ppc/qt-config-3.3.4-15.1.ppc.rpm e42ef7c60c30c723c843615826fb86d1 ppc/qt-devel-3.3.4-15.1.ppc.rpm 1e13975eba4ac02f9b9203e158fa1385 ppc/qt-ODBC-3.3.4-15.1.ppc.rpm 967d85eeca0b3c75e27b13db368affde ppc/qt-MySQL-3.3.4-15.1.ppc.rpm 84157b0a0d5ac62aec928d7f291d4406 ppc/qt-PostgreSQL-3.3.4-15.1.ppc.rpm 70879781c00e56559465c6168a50757f ppc/qt-designer-3.3.4-15.1.ppc.rpm 7b96fe2e52bc6018348ee41846be3ece ppc/debug/qt-debuginfo-3.3.4-15.1.ppc.rpm 5d2ac9150169301f8a8a3d3a6a0796c5 ppc/qt-3.3.4-15.1.ppc64.rpm c60c15d1ffc8e275fe98381ddb540305 x86_64/qt-3.3.4-15.1.x86_64.rpm 758ae0e33b2de65fe035da3d66495c8f x86_64/qt-config-3.3.4-15.1.x86_64.rpm bdb4a282e7450653fc86e18941a9b1b5 x86_64/qt-devel-3.3.4-15.1.x86_64.rpm 940efa150446038ee658db4c6885f196 x86_64/qt-ODBC-3.3.4-15.1.x86_64.rpm 06fcce9bbe92f781c6ff4abea452b8f3 x86_64/qt-MySQL-3.3.4-15.1.x86_64.rpm 0d5de3e068c54204d76d01b32ac9aa3b x86_64/qt-PostgreSQL-3.3.4-15.1.x86_64.rpm d0876c96dde913075ecf4bf6d7c4e96f x86_64/qt-designer-3.3.4-15.1.x86_64.rpm 4a4812f206c79035da34210b806d0919 x86_64/debug/qt-debuginfo-3.3.4-15.1.x86_64.rpm fab913809a664acdaae0977b2041adc7 x86_64/qt-3.3.4-15.1.i386.rpm fab913809a664acdaae0977b2041adc7 i386/qt-3.3.4-15.1.i386.rpm b5760029368d1dd68d1d286cb58df159 i386/qt-config-3.3.4-15.1.i386.rpm 15fc45148e2a2c8ac98eadb26cafda69 i386/qt-devel-3.3.4-15.1.i386.rpm b728e23e5baf00681b0d5b3e034d5a83 i386/qt-ODBC-3.3.4-15.1.i386.rpm e19188e23ea8aeae75a4a0a1dad23483 i386/qt-MySQL-3.3.4-15.1.i386.rpm f624729ec0f9c605dc2117be40ae52e4 i386/qt-PostgreSQL-3.3.4-15.1.i386.rpm ad30bd5345dd41a24608ae27303482dc i386/qt-designer-3.3.4-15.1.i386.rpm 85102652fcd3be3c8fbbd50751369e6d i386/debug/qt-debuginfo-3.3.4-15.1.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. -----------------------------------------------------------------------fedora-announce-list mailing list
Jun 30, 2005
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!