Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 0 articles for you...
172
security advisoryUbuntuimportantUbuntu 22.04 LTS Linux-Nvidia-Tegra-IGX Key Privilege Escalation USN-8279-3
Several security issues were fixed in the Linux kernel.. ========================================================================== Ubuntu Security Notice USN-8279-3 May 25, 2026 linux-nvidia-tegra-igx vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux-nvidia-tegra-igx: Linux kernel for NVIDIA Tegra IGX systems Details: It was discovered that the Linux kernel algif_aead module did not properly handle in-place cryptographic operations. This flaw is known as Copy Fail. A local attacker could use this to escalate privileges, or possibly escape a container. (CVE-2026-31431) Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Ethernet bonding driver; - SMB network file system; - Netfilter; - io_uring subsystem; - Packet sockets; - TLS protocol; (CVE-2024-35862, CVE-2024-50060, CVE-2026-23274, CVE-2026-23351, CVE-2026-31419, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS linux-image-5.15.0-1049-nvidia-tegra-igx 5.15.0-1049.49 linux-image-5.15.0-1049-nvidia-tegra-igx-rt 5.15.0-1049.49 linux-image-nvidia-tegra-igx 5.15.0.1049.51 linux-image-nvidia-tegra-igx-5.15 5.15.0.1049.51 linux-image-nvidia-tegra-igx-rt 5.15.0.1049.51 linux-image-nvidia-tegra-igx-rt-5.15 5.15.0.1049.51 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third partykernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://ubuntu.com/security/notices/USN-8279-3 https://ubuntu.com/security/notices/USN-8279-2 https://ubuntu.com/security/notices/USN-8279-1 CVE-2024-35862, CVE-2024-50060, CVE-2026-23274, CVE-2026-23351, CVE-2026-31419, CVE-2026-31431, CVE-2026-31504, CVE-2026-31533, CVE-2026-43033, CVE-2026-43077, CVE-2026-43078 Package Information: https://launchpad.net/ubuntu/+source/linux-nvidia-tegra-igx/5.15.0-1049.49 . Multiple security fixes for Linux kernel in Ubuntu improve system protection. Update promptly to safeguard against attacks.. NVIDIA Tegra IGX Debian Kernel Security. . Severity: Important. LinuxSecurity.com Team
May 25, 2026
•Important
Ubuntu
100
security advisorySuSEimportantSUSE: PostgreSQL Important Memory Oversight Privilege Fix 2025:4364-1
* bsc#1253332 * bsc#1253333 Cross-References: * CVE-2025-12817 . # Security update for postgresql17, postgresql18 Announcement ID: SUSE-SU-2025:4364-1 Release Date: 2025-12-11T10:12:53Z Rating: important References: * bsc#1253332 * bsc#1253333 Cross-References: * CVE-2025-12817 * CVE-2025-12818 CVSS scores: * CVE-2025-12817 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2025-12817 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2025-12817 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2025-12818 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2025-12818 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2025-12818 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.3 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP5 LTSS * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Proxy 4.3 LTS * SUSE Manager Retail Branch Server 4.3 * SUSE ManagerRetail Branch Server 4.3 LTS * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 LTS An update that solves two vulnerabilities can now be installed. ## Description: This update for postgresql17, postgresql18 fixes the following issues: Changes in postgresql18: * Fix build with uring for post SLE15 code streams. Update to 18.1: * https://www.postgresql.org/about/news/postgresql-181-177-1611-1515-1420-and-1323-released-3171/ * https://www.postgresql.org/docs/release/18.1/ * bsc#1253332, CVE-2025-12817: Missing check for CREATE privileges on the schema in CREATE STATISTICS allowed table owners to create statistics in any schema, potentially leading to unexpected naming conflicts. * bsc#1253333, CVE-2025-12818: Several places in libpq were not sufficiently careful about computing the required size of a memory allocation. Sufficiently large inputs could cause integer overflow, resulting in an undersized buffer, which would then lead to writing past the end of the buffer. * pg_config --libs returns -lnuma so we need to require it. Update to 18.0: * https://www.postgresql.org/about/news/postgresql-18-released-3142/ * https://www.postgresql.org/docs/18/release-18.html Changes in postgresql17: Update to 17.7: * https://www.postgresql.org/about/news/postgresql-181-177-1611-1515-1420-and-1323-released-3171/ * https://www.postgresql.org/docs/release/17.7/ * bsc#1253332, CVE-2025-12817: Missing check for CREATE privileges on the schema in CREATE STATISTICS allowed table owners to create statistics in any schema, potentially leading to unexpected naming conflicts. * bsc#1253333, CVE-2025-12818: Several places in libpq were not sufficiently careful about computing the required size of a memory allocation. Sufficiently large inputs could cause integer overflow, resulting in an undersized buffer, which would then lead to writing past the end of the buffer. * switch library to pg 18 ## Patch Instructions: To install this SUSEupdate use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2025-4364=1 * SUSE Linux Enterprise Server 15 SP5 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP5-LTSS-2025-4364=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2025-4364=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2025-4364=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP5-2025-4364=1 * SUSE Manager Proxy 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-LTS-2025-4364=1 * SUSE Manager Retail Branch Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-LTS-2025-4364=1 * SUSE Manager Server 4.3 LTS zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-LTS-2025-4364=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2025-4364=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-4364=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2025-4364=1 * openSUSE Leap 15.5 zypper in -t patch SUSE-2025-4364=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-4364=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2025-4364=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2025-4364=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-ESPOS-2025-4364=1 * SUSE Linux Enterprise High PerformanceComputing LTSS 15 SP5 zypper in -t patch SUSE-SLE-Product-HPC-15-SP5-LTSS-2025-4364=1 * SUSE Linux Enterprise Server 15 SP3 LTSS zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-4364=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64) * postgresql18-debuginfo-18.1-150200.5.3.1 * libecpg6-18.1-150200.5.3.1 * postgresql17-debuginfo-17.7-150200.5.19.1 * libecpg6-debuginfo-18.1-150200.5.3.1 * postgresql17-debugsource-17.7-150200.5.19.1 * libpq5-18.1-150200.5.3.1 * postgresql18-debugsource-18.1-150200.5.3.1 * libpq5-debuginfo-18.1-150200.5.3.1 * SUSE Linux Enterprise Server 15 SP4 LTSS (noarch) * postgresql-docs-18-150400.4.21.2 * postgresql-server-18-150400.4.21.2 * postgresql-pltcl-18-150400.4.21.2 * postgresql-18-150400.4.21.2 * postgresql-plperl-18-150400.4.21.2 * postgresql-llvmjit-devel-18-150400.4.21.2 * postgresql-contrib-18-150400.4.21.2 * postgresql-plpython-18-150400.4.21.2 * postgresql-llvmjit-18-150400.4.21.2 * postgresql-devel-18-150400.4.21.2 * postgresql-server-devel-18-150400.4.21.2 * SUSE Linux Enterprise Server 15 SP4 LTSS (x86_64) * libpq5-32bit-debuginfo-18.1-150200.5.3.1 * libpq5-32bit-18.1-150200.5.3.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (aarch64 ppc64le s390x x86_64) * libecpg6-18.1-150200.5.3.1 * postgresql17-plperl-debuginfo-17.7-150200.5.19.1 * postgresql17-plperl-17.7-150200.5.19.1 * postgresql17-llvmjit-17.7-150200.5.19.1 * postgresql18-debugsource-18.1-150200.5.3.1 * libpq5-debuginfo-18.1-150200.5.3.1 * postgresql17-debuginfo-17.7-150200.5.19.1 * postgresql17-server-devel-debuginfo-17.7-150200.5.19.1 * libpq5-18.1-150200.5.3.1 * postgresql17-pltcl-17.7-150200.5.19.1 * postgresql17-pltcl-debuginfo-17.7-150200.5.19.1 * postgresql17-llvmjit-devel-17.7-150200.5.19.1 * postgresql17-server-17.7-150200.5.19.1 * postgresql17-plpython-17.7-150200.5.19.1 *postgresql17-server-debuginfo-17.7-150200.5.19.1 * postgresql17-17.7-150200.5.19.1 * postgresql17-contrib-debuginfo-17.7-150200.5.19.1 * postgresql17-devel-debuginfo-17.7-150200.5.19.1 * postgresql17-devel-17.7-150200.5.19.1 * postgresql17-contrib-17.7-150200.5.19.1 * libecpg6-debuginfo-18.1-150200.5.3.1 * postgresql17-debugsource-17.7-150200.5.19.1 * postgresql18-debuginfo-18.1-150200.5.3.1 * postgresql17-server-devel-17.7-150200.5.19.1 * postgresql17-plpython-debuginfo-17.7-150200.5.19.1 * SUSE Linux Enterprise Server 15 SP5 LTSS (noarch) * postgresql-plpython-18-150500.10.12.2 * postgresql-18-150500.10.12.2 * postgresql-plperl-18-150500.10.12.2 * postgresql-devel-18-150500.10.12.2 * postgresql-server-18-150500.10.12.2 * postgresql-docs-18-150500.10.12.2 * postgresql17-docs-17.7-150200.5.19.1 * postgresql-contrib-18-150500.10.12.2 * postgresql-pltcl-18-150500.10.12.2 * postgresql-server-devel-18-150500.10.12.2 * SUSE Linux Enterprise Server 15 SP5 LTSS (x86_64) * libpq5-32bit-debuginfo-18.1-150200.5.3.1 * libpq5-32bit-18.1-150200.5.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * postgresql18-debuginfo-18.1-150200.5.3.1 * libecpg6-18.1-150200.5.3.1 * postgresql17-debuginfo-17.7-150200.5.19.1 * libecpg6-debuginfo-18.1-150200.5.3.1 * postgresql17-debugsource-17.7-150200.5.19.1 * libpq5-18.1-150200.5.3.1 * postgresql18-debugsource-18.1-150200.5.3.1 * libpq5-debuginfo-18.1-150200.5.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * postgresql-plperl-18-150300.10.30.2 * postgresql-server-18-150300.10.30.2 * postgresql-docs-18-150300.10.30.2 * postgresql-plpython-18-150300.10.30.2 * postgresql-devel-18-150300.10.30.2 * postgresql-server-devel-18-150300.10.30.2 * postgresql-pltcl-18-150300.10.30.2 * postgresql-contrib-18-150300.10.30.2 * postgresql-18-150300.10.30.2 * SUSE Linux Enterprise Serverfor SAP Applications 15 SP4 (ppc64le x86_64) * postgresql18-debuginfo-18.1-150200.5.3.1 * libecpg6-18.1-150200.5.3.1 * postgresql17-debuginfo-17.7-150200.5.19.1 * libecpg6-debuginfo-18.1-150200.5.3.1 * postgresql17-debugsource-17.7-150200.5.19.1 * libpq5-18.1-150200.5.3.1 * postgresql18-debugsource-18.1-150200.5.3.1 * libpq5-debuginfo-18.1-150200.5.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * postgresql-docs-18-150400.4.21.2 * postgresql-server-18-150400.4.21.2 * postgresql-pltcl-18-150400.4.21.2 * postgresql-18-150400.4.21.2 * postgresql-plperl-18-150400.4.21.2 * postgresql-llvmjit-devel-18-150400.4.21.2 * postgresql-contrib-18-150400.4.21.2 * postgresql-plpython-18-150400.4.21.2 * postgresql-llvmjit-18-150400.4.21.2 * postgresql-devel-18-150400.4.21.2 * postgresql-server-devel-18-150400.4.21.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libpq5-32bit-debuginfo-18.1-150200.5.3.1 * libpq5-32bit-18.1-150200.5.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libecpg6-18.1-150200.5.3.1 * postgresql17-plperl-debuginfo-17.7-150200.5.19.1 * postgresql17-plperl-17.7-150200.5.19.1 * postgresql17-llvmjit-17.7-150200.5.19.1 * postgresql18-debugsource-18.1-150200.5.3.1 * libpq5-debuginfo-18.1-150200.5.3.1 * postgresql17-debuginfo-17.7-150200.5.19.1 * postgresql17-server-devel-debuginfo-17.7-150200.5.19.1 * libpq5-18.1-150200.5.3.1 * postgresql17-pltcl-17.7-150200.5.19.1 * postgresql17-pltcl-debuginfo-17.7-150200.5.19.1 * postgresql17-llvmjit-devel-17.7-150200.5.19.1 * postgresql17-server-17.7-150200.5.19.1 * postgresql17-plpython-17.7-150200.5.19.1 * postgresql17-server-debuginfo-17.7-150200.5.19.1 * postgresql17-17.7-150200.5.19.1 * postgresql17-contrib-debuginfo-17.7-150200.5.19.1 * postgresql17-devel-debuginfo-17.7-150200.5.19.1 * postgresql17-devel-17.7-150200.5.19.1 * postgresql17-contrib-17.7-150200.5.19.1 * libecpg6-debuginfo-18.1-150200.5.3.1 * postgresql17-debugsource-17.7-150200.5.19.1 * postgresql18-debuginfo-18.1-150200.5.3.1 * postgresql17-server-devel-17.7-150200.5.19.1 * postgresql17-plpython-debuginfo-17.7-150200.5.19.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (noarch) * postgresql-plpython-18-150500.10.12.2 * postgresql-18-150500.10.12.2 * postgresql-plperl-18-150500.10.12.2 * postgresql-devel-18-150500.10.12.2 * postgresql-server-18-150500.10.12.2 * postgresql-docs-18-150500.10.12.2 * postgresql17-docs-17.7-150200.5.19.1 * postgresql-contrib-18-150500.10.12.2 * postgresql-pltcl-18-150500.10.12.2 * postgresql-server-devel-18-150500.10.12.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (x86_64) * libpq5-32bit-debuginfo-18.1-150200.5.3.1 * libpq5-32bit-18.1-150200.5.3.1 * SUSE Manager Proxy 4.3 LTS (x86_64) * libecpg6-18.1-150200.5.3.1 * libecpg6-debuginfo-18.1-150200.5.3.1 * libpq5-32bit-debuginfo-18.1-150200.5.3.1 * libpq5-18.1-150200.5.3.1 * libpq5-debuginfo-18.1-150200.5.3.1 * libpq5-32bit-18.1-150200.5.3.1 * SUSE Manager Proxy 4.3 LTS (noarch) * postgresql-docs-18-150400.4.21.2 * postgresql-server-18-150400.4.21.2 * postgresql-pltcl-18-150400.4.21.2 * postgresql-18-150400.4.21.2 * postgresql-plperl-18-150400.4.21.2 * postgresql-contrib-18-150400.4.21.2 * postgresql-plpython-18-150400.4.21.2 * postgresql-devel-18-150400.4.21.2 * postgresql-server-devel-18-150400.4.21.2 * SUSE Manager Retail Branch Server 4.3 LTS (x86_64) * libecpg6-18.1-150200.5.3.1 * libecpg6-debuginfo-18.1-150200.5.3.1 * libpq5-32bit-debuginfo-18.1-150200.5.3.1 * libpq5-18.1-150200.5.3.1 * libpq5-debuginfo-18.1-150200.5.3.1 * libpq5-32bit-18.1-150200.5.3.1 * SUSE Manager Retail Branch Server 4.3 LTS (noarch) * postgresql-docs-18-150400.4.21.2 * postgresql-server-18-150400.4.21.2 *postgresql-pltcl-18-150400.4.21.2 * postgresql-18-150400.4.21.2 * postgresql-plperl-18-150400.4.21.2 * postgresql-contrib-18-150400.4.21.2 * postgresql-plpython-18-150400.4.21.2 * postgresql-devel-18-150400.4.21.2 * postgresql-server-devel-18-150400.4.21.2 * SUSE Manager Server 4.3 LTS (ppc64le s390x x86_64) * libecpg6-debuginfo-18.1-150200.5.3.1 * libecpg6-18.1-150200.5.3.1 * libpq5-18.1-150200.5.3.1 * libpq5-debuginfo-18.1-150200.5.3.1 * SUSE Manager Server 4.3 LTS (noarch) * postgresql-docs-18-150400.4.21.2 * postgresql-server-18-150400.4.21.2 * postgresql-pltcl-18-150400.4.21.2 * postgresql-18-150400.4.21.2 * postgresql17-docs-17.7-150200.5.19.1 * postgresql-plperl-18-150400.4.21.2 * postgresql-contrib-18-150400.4.21.2 * postgresql-plpython-18-150400.4.21.2 * postgresql-devel-18-150400.4.21.2 * postgresql-server-devel-18-150400.4.21.2 * SUSE Manager Server 4.3 LTS (s390x) * postgresql18-debuginfo-18.1-150200.5.3.1 * postgresql17-devel-17.7-150200.5.19.1 * postgresql17-server-17.7-150200.5.19.1 * postgresql17-contrib-17.7-150200.5.19.1 * postgresql17-debuginfo-17.7-150200.5.19.1 * postgresql17-plperl-debuginfo-17.7-150200.5.19.1 * postgresql17-plperl-17.7-150200.5.19.1 * postgresql17-plpython-17.7-150200.5.19.1 * postgresql17-server-debuginfo-17.7-150200.5.19.1 * postgresql17-server-devel-17.7-150200.5.19.1 * postgresql17-17.7-150200.5.19.1 * postgresql17-debugsource-17.7-150200.5.19.1 * postgresql17-server-devel-debuginfo-17.7-150200.5.19.1 * postgresql17-pltcl-17.7-150200.5.19.1 * postgresql18-debugsource-18.1-150200.5.3.1 * postgresql17-pltcl-debuginfo-17.7-150200.5.19.1 * postgresql17-contrib-debuginfo-17.7-150200.5.19.1 * postgresql17-devel-debuginfo-17.7-150200.5.19.1 * postgresql17-plpython-debuginfo-17.7-150200.5.19.1 * SUSE Manager Server 4.3 LTS (x86_64) * libpq5-32bit-debuginfo-18.1-150200.5.3.1 * libpq5-32bit-18.1-150200.5.3.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * postgresql18-debuginfo-18.1-150200.5.3.1 * libecpg6-18.1-150200.5.3.1 * postgresql17-debuginfo-17.7-150200.5.19.1 * libecpg6-debuginfo-18.1-150200.5.3.1 * postgresql17-debugsource-17.7-150200.5.19.1 * libpq5-18.1-150200.5.3.1 * postgresql18-debugsource-18.1-150200.5.3.1 * libpq5-debuginfo-18.1-150200.5.3.1 * SUSE Enterprise Storage 7.1 (noarch) * postgresql-plperl-18-150300.10.30.2 * postgresql-server-18-150300.10.30.2 * postgresql-docs-18-150300.10.30.2 * postgresql-plpython-18-150300.10.30.2 * postgresql-devel-18-150300.10.30.2 * postgresql-server-devel-18-150300.10.30.2 * postgresql-pltcl-18-150300.10.30.2 * postgresql-contrib-18-150300.10.30.2 * postgresql-18-150300.10.30.2 * openSUSE Leap 15.3 (noarch) * postgresql-plperl-18-150300.10.30.2 * postgresql-server-18-150300.10.30.2 * postgresql-docs-18-150300.10.30.2 * postgresql-plpython-18-150300.10.30.2 * postgresql-llvmjit-18-150300.10.30.2 * postgresql-devel-18-150300.10.30.2 * postgresql-server-devel-18-150300.10.30.2 * postgresql-pltcl-18-150300.10.30.2 * postgresql-contrib-18-150300.10.30.2 * postgresql-18-150300.10.30.2 * postgresql-test-18-150300.10.30.2 * postgresql-llvmjit-devel-18-150300.10.30.2 * openSUSE Leap 15.4 (noarch) * postgresql-docs-18-150400.4.21.2 * postgresql-server-18-150400.4.21.2 * postgresql-pltcl-18-150400.4.21.2 * postgresql-18-150400.4.21.2 * postgresql-plperl-18-150400.4.21.2 * postgresql-llvmjit-devel-18-150400.4.21.2 * postgresql-contrib-18-150400.4.21.2 * postgresql-plpython-18-150400.4.21.2 * postgresql-test-18-150400.4.21.2 * postgresql-llvmjit-18-150400.4.21.2 * postgresql-devel-18-150400.4.21.2 * postgresql-server-devel-18-150400.4.21.2 * openSUSE Leap 15.5 (noarch) * postgresql-plpython-18-150500.10.12.2 * postgresql-18-150500.10.12.2 * postgresql-plperl-18-150500.10.12.2 *postgresql-devel-18-150500.10.12.2 * postgresql-server-18-150500.10.12.2 * postgresql-docs-18-150500.10.12.2 * postgresql-contrib-18-150500.10.12.2 * postgresql-pltcl-18-150500.10.12.2 * postgresql-test-18-150500.10.12.2 * postgresql-server-devel-18-150500.10.12.2 * postgresql-llvmjit-devel-18-150500.10.12.2 * postgresql-llvmjit-18-150500.10.12.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * postgresql18-debuginfo-18.1-150200.5.3.1 * libecpg6-18.1-150200.5.3.1 * postgresql17-debuginfo-17.7-150200.5.19.1 * libecpg6-debuginfo-18.1-150200.5.3.1 * postgresql17-debugsource-17.7-150200.5.19.1 * libpq5-18.1-150200.5.3.1 * postgresql18-debugsource-18.1-150200.5.3.1 * libpq5-debuginfo-18.1-150200.5.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * postgresql-plperl-18-150300.10.30.2 * postgresql-server-18-150300.10.30.2 * postgresql-docs-18-150300.10.30.2 * postgresql-plpython-18-150300.10.30.2 * postgresql-devel-18-150300.10.30.2 * postgresql-server-devel-18-150300.10.30.2 * postgresql-pltcl-18-150300.10.30.2 * postgresql-contrib-18-150300.10.30.2 * postgresql-18-150300.10.30.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * postgresql18-debuginfo-18.1-150200.5.3.1 * libecpg6-18.1-150200.5.3.1 * postgresql17-debuginfo-17.7-150200.5.19.1 * libecpg6-debuginfo-18.1-150200.5.3.1 * postgresql17-debugsource-17.7-150200.5.19.1 * libpq5-18.1-150200.5.3.1 * postgresql18-debugsource-18.1-150200.5.3.1 * libpq5-debuginfo-18.1-150200.5.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * postgresql-docs-18-150400.4.21.2 * postgresql-server-18-150400.4.21.2 * postgresql-pltcl-18-150400.4.21.2 * postgresql-18-150400.4.21.2 * postgresql-plperl-18-150400.4.21.2 * postgresql-llvmjit-devel-18-150400.4.21.2 *postgresql-contrib-18-150400.4.21.2 * postgresql-plpython-18-150400.4.21.2 * postgresql-llvmjit-18-150400.4.21.2 * postgresql-devel-18-150400.4.21.2 * postgresql-server-devel-18-150400.4.21.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libpq5-32bit-debuginfo-18.1-150200.5.3.1 * libpq5-32bit-18.1-150200.5.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * postgresql18-debuginfo-18.1-150200.5.3.1 * libecpg6-18.1-150200.5.3.1 * postgresql17-debuginfo-17.7-150200.5.19.1 * libecpg6-debuginfo-18.1-150200.5.3.1 * postgresql17-debugsource-17.7-150200.5.19.1 * libpq5-18.1-150200.5.3.1 * postgresql18-debugsource-18.1-150200.5.3.1 * libpq5-debuginfo-18.1-150200.5.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * postgresql-docs-18-150400.4.21.2 * postgresql-server-18-150400.4.21.2 * postgresql-pltcl-18-150400.4.21.2 * postgresql-18-150400.4.21.2 * postgresql-plperl-18-150400.4.21.2 * postgresql-llvmjit-devel-18-150400.4.21.2 * postgresql-contrib-18-150400.4.21.2 * postgresql-plpython-18-150400.4.21.2 * postgresql-llvmjit-18-150400.4.21.2 * postgresql-devel-18-150400.4.21.2 * postgresql-server-devel-18-150400.4.21.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libpq5-32bit-debuginfo-18.1-150200.5.3.1 * libpq5-32bit-18.1-150200.5.3.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (aarch64 x86_64) * libecpg6-18.1-150200.5.3.1 * postgresql17-plperl-debuginfo-17.7-150200.5.19.1 * postgresql17-plperl-17.7-150200.5.19.1 * postgresql18-debugsource-18.1-150200.5.3.1 * libpq5-debuginfo-18.1-150200.5.3.1 * postgresql17-debuginfo-17.7-150200.5.19.1 * postgresql17-server-devel-debuginfo-17.7-150200.5.19.1 * libpq5-18.1-150200.5.3.1 * postgresql17-pltcl-17.7-150200.5.19.1 * postgresql17-pltcl-debuginfo-17.7-150200.5.19.1 *postgresql17-server-17.7-150200.5.19.1 * postgresql17-plpython-17.7-150200.5.19.1 * postgresql17-server-debuginfo-17.7-150200.5.19.1 * postgresql17-17.7-150200.5.19.1 * postgresql17-contrib-debuginfo-17.7-150200.5.19.1 * postgresql17-devel-debuginfo-17.7-150200.5.19.1 * postgresql17-devel-17.7-150200.5.19.1 * postgresql17-contrib-17.7-150200.5.19.1 * libecpg6-debuginfo-18.1-150200.5.3.1 * postgresql17-debugsource-17.7-150200.5.19.1 * postgresql18-debuginfo-18.1-150200.5.3.1 * postgresql17-server-devel-17.7-150200.5.19.1 * postgresql17-plpython-debuginfo-17.7-150200.5.19.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (noarch) * postgresql-plpython-18-150500.10.12.2 * postgresql-18-150500.10.12.2 * postgresql-plperl-18-150500.10.12.2 * postgresql-devel-18-150500.10.12.2 * postgresql-server-18-150500.10.12.2 * postgresql-docs-18-150500.10.12.2 * postgresql17-docs-17.7-150200.5.19.1 * postgresql-contrib-18-150500.10.12.2 * postgresql-pltcl-18-150500.10.12.2 * postgresql-server-devel-18-150500.10.12.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 (x86_64) * libpq5-32bit-debuginfo-18.1-150200.5.3.1 * libpq5-32bit-18.1-150200.5.3.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (aarch64 x86_64) * libecpg6-18.1-150200.5.3.1 * postgresql17-plperl-debuginfo-17.7-150200.5.19.1 * postgresql17-plperl-17.7-150200.5.19.1 * postgresql18-debugsource-18.1-150200.5.3.1 * libpq5-debuginfo-18.1-150200.5.3.1 * postgresql17-debuginfo-17.7-150200.5.19.1 * postgresql17-server-devel-debuginfo-17.7-150200.5.19.1 * libpq5-18.1-150200.5.3.1 * postgresql17-pltcl-17.7-150200.5.19.1 * postgresql17-pltcl-debuginfo-17.7-150200.5.19.1 * postgresql17-server-17.7-150200.5.19.1 * postgresql17-plpython-17.7-150200.5.19.1 * postgresql17-server-debuginfo-17.7-150200.5.19.1 * postgresql17-17.7-150200.5.19.1 *postgresql17-contrib-debuginfo-17.7-150200.5.19.1 * postgresql17-devel-debuginfo-17.7-150200.5.19.1 * postgresql17-devel-17.7-150200.5.19.1 * postgresql17-contrib-17.7-150200.5.19.1 * libecpg6-debuginfo-18.1-150200.5.3.1 * postgresql17-debugsource-17.7-150200.5.19.1 * postgresql18-debuginfo-18.1-150200.5.3.1 * postgresql17-server-devel-17.7-150200.5.19.1 * postgresql17-plpython-debuginfo-17.7-150200.5.19.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (noarch) * postgresql-plpython-18-150500.10.12.2 * postgresql-18-150500.10.12.2 * postgresql-plperl-18-150500.10.12.2 * postgresql-devel-18-150500.10.12.2 * postgresql-server-18-150500.10.12.2 * postgresql-docs-18-150500.10.12.2 * postgresql17-docs-17.7-150200.5.19.1 * postgresql-contrib-18-150500.10.12.2 * postgresql-pltcl-18-150500.10.12.2 * postgresql-server-devel-18-150500.10.12.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 (x86_64) * libpq5-32bit-debuginfo-18.1-150200.5.3.1 * libpq5-32bit-18.1-150200.5.3.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64) * postgresql18-debuginfo-18.1-150200.5.3.1 * libecpg6-18.1-150200.5.3.1 * postgresql17-debuginfo-17.7-150200.5.19.1 * libecpg6-debuginfo-18.1-150200.5.3.1 * postgresql17-debugsource-17.7-150200.5.19.1 * libpq5-18.1-150200.5.3.1 * postgresql18-debugsource-18.1-150200.5.3.1 * libpq5-debuginfo-18.1-150200.5.3.1 * SUSE Linux Enterprise Server 15 SP3 LTSS (noarch) * postgresql-plperl-18-150300.10.30.2 * postgresql-server-18-150300.10.30.2 * postgresql-docs-18-150300.10.30.2 * postgresql-plpython-18-150300.10.30.2 * postgresql-devel-18-150300.10.30.2 * postgresql-server-devel-18-150300.10.30.2 * postgresql-pltcl-18-150300.10.30.2 * postgresql-contrib-18-150300.10.30.2 * postgresql-18-150300.10.30.2 ## References: * https://www.suse.com/security/cve/CVE-2025-12817.html *https://www.suse.com/security/cve/CVE-2025-12818.html * https://bugzilla.suse.com/show_bug.cgi?id=1253332 * https://bugzilla.suse.com/show_bug.cgi?id=1253333 . PostgreSQL update for SUSE addresses critical privilege and memory issues, enhancing security and functionality.. PostgreSQL security update,SUSE advisory,Memory allocation protection,Privileges check fix. . Severity: Important. LinuxSecurity.com Team
Dec 11, 2025
•Important
SuSE
197
security advisorycriticaldebianDebian 11: DLA-4055-1 Critical: trafficserver cache poisoning issue
Multiple vulnerabilities were fixed in trafficserver, a caching proxy server. CVE-2024-38479 . ------------------------------------------------------------------------- Debian LTS Advisory DLA-4055-1
Feb 16, 2025
•Critical
Debian LTS
98
security advisoryMySQLRed Hat EnterpriseRed Hat Enterprise: RHSA-2023-2621-01 Important MySQL Security Advisory
An update for mysql is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: mysql security update Advisory ID: RHSA-2023:2621-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2023:2621 Issue date: 2023-05-09 CVE Names: CVE-2022-21594 CVE-2022-21599 CVE-2022-21604 CVE-2022-21608 CVE-2022-21611 CVE-2022-21617 CVE-2022-21625 CVE-2022-21632 CVE-2022-21633 CVE-2022-21637 CVE-2022-21640 CVE-2022-39400 CVE-2022-39408 CVE-2022-39410 CVE-2023-21836 CVE-2023-21863 CVE-2023-21864 CVE-2023-21865 CVE-2023-21867 CVE-2023-21868 CVE-2023-21869 CVE-2023-21870 CVE-2023-21871 CVE-2023-21873 CVE-2023-21874 CVE-2023-21875 CVE-2023-21876 CVE-2023-21877 CVE-2023-21878 CVE-2023-21879 CVE-2023-21880 CVE-2023-21881 CVE-2023-21882 CVE-2023-21883 CVE-2023-21887 CVE-2023-21912 CVE-2023-21917 ==================================================================== 1. Summary: An update for mysql is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64 Red HatEnterprise Linux CRB (v. 9) - aarch64, ppc64le, s390x, x86_64 3. Description: MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon (mysqld) and many client programs and libraries. The following packages have been upgraded to a later upstream version: mysql (8.0.32). (BZ#2177731, BZ#2177732) Security Fix(es): * mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2023) (CVE-2023-21912) * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21594) * mysql: Server: Stored Procedure unspecified vulnerability (CPU Oct 2022) (CVE-2022-21599) * mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21604) * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21608) * mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21611) * mysql: Server: Connection Handling unspecified vulnerability (CPU Oct 2022) (CVE-2022-21617) * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21625) * mysql: Server: Security: Privileges unspecified vulnerability (CPU Oct 2022) (CVE-2022-21632) * mysql: Server: Replication unspecified vulnerability (CPU Oct 2022) (CVE-2022-21633) * mysql: InnoDB unspecified vulnerability (CPU Oct 2022) (CVE-2022-21637) * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-21640) * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39400) * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39408) * mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) (CVE-2022-39410) * mysql: Server: DML unspecified vulnerability (CPU Jan 2023) (CVE-2023-21836) * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21863) * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21864) * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21865) * mysql: Server: Optimizer unspecifiedvulnerability (CPU Jan 2023) (CVE-2023-21867) * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21868) * mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21869) * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21870) * mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21871) * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21873) * mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2023) (CVE-2023-21875) * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21876) * mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21877) * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21878) * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21879) * mysql: InnoDB unspecified vulnerability (CPU Jan 2023) (CVE-2023-21880) * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21881) * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21883) * mysql: Server: GIS unspecified vulnerability (CPU Jan 2023) (CVE-2023-21887) * mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2023) (CVE-2023-21917) * mysql: Server: Thread Pooling unspecified vulnerability (CPU Jan 2023) (CVE-2023-21874) * mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) (CVE-2023-21882) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 After installing this update, the MySQL server daemon (mysqld) will be restarted automatically. 5. Bugs fixed (https://bugzilla.redhat.com/): 2142861 - CVE-2022-21594 mysql: Server: Optimizer unspecified vulnerability(CPU Oct 2022) 2142863 - CVE-2022-21599 mysql: Server: Stored Procedure unspecified vulnerability (CPU Oct 2022) 2142865 - CVE-2022-21604 mysql: InnoDB unspecified vulnerability (CPU Oct 2022) 2142868 - CVE-2022-21608 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) 2142869 - CVE-2022-21611 mysql: InnoDB unspecified vulnerability (CPU Oct 2022) 2142870 - CVE-2022-21617 mysql: Server: Connection Handling unspecified vulnerability (CPU Oct 2022) 2142871 - CVE-2022-21625 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) 2142872 - CVE-2022-21632 mysql: Server: Security: Privileges unspecified vulnerability (CPU Oct 2022) 2142873 - CVE-2022-21633 mysql: Server: Replication unspecified vulnerability (CPU Oct 2022) 2142875 - CVE-2022-21637 mysql: InnoDB unspecified vulnerability (CPU Oct 2022) 2142877 - CVE-2022-21640 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) 2142879 - CVE-2022-39400 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) 2142880 - CVE-2022-39408 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) 2142881 - CVE-2022-39410 mysql: Server: Optimizer unspecified vulnerability (CPU Oct 2022) 2162268 - CVE-2023-21836 mysql: Server: DML unspecified vulnerability (CPU Jan 2023) 2162270 - CVE-2023-21863 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) 2162271 - CVE-2023-21864 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) 2162272 - CVE-2023-21865 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) 2162274 - CVE-2023-21867 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) 2162275 - CVE-2023-21868 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) 2162276 - CVE-2023-21869 mysql: InnoDB unspecified vulnerability (CPU Jan 2023) 2162277 - CVE-2023-21870 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) 2162278 - CVE-2023-21871 mysql: InnoDB unspecified vulnerability (CPU Jan 2023) 2162280 - CVE-2023-21873 mysql: Server: Optimizer unspecifiedvulnerability (CPU Jan 2023) 2162281 - CVE-2023-21874 mysql: Server: Thread Pooling unspecified vulnerability (CPU Jan 2023) 2162282 - CVE-2023-21875 mysql: Server: Security: Encryption unspecified vulnerability (CPU Jan 2023) 2162283 - CVE-2023-21876 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) 2162284 - CVE-2023-21877 mysql: InnoDB unspecified vulnerability (CPU Jan 2023) 2162285 - CVE-2023-21878 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) 2162286 - CVE-2023-21879 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) 2162287 - CVE-2023-21880 mysql: InnoDB unspecified vulnerability (CPU Jan 2023) 2162288 - CVE-2023-21881 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) 2162289 - CVE-2023-21882 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) 2162290 - CVE-2023-21883 mysql: Server: Optimizer unspecified vulnerability (CPU Jan 2023) 2162291 - CVE-2023-21887 mysql: Server: GIS unspecified vulnerability (CPU Jan 2023) 2188110 - CVE-2023-21912 mysql: Server: Security: Privileges unspecified vulnerability (CPU Apr 2023) 2188112 - CVE-2023-21917 mysql: Server: Optimizer unspecified vulnerability (CPU Apr 2023) 6. Package List: Red Hat Enterprise Linux AppStream (v.9): Source: mysql-8.0.32-1.el9_2.src.rpm aarch64: mysql-8.0.32-1.el9_2.aarch64.rpm mysql-common-8.0.32-1.el9_2.aarch64.rpm mysql-debuginfo-8.0.32-1.el9_2.aarch64.rpm mysql-debugsource-8.0.32-1.el9_2.aarch64.rpm mysql-devel-debuginfo-8.0.32-1.el9_2.aarch64.rpm mysql-errmsg-8.0.32-1.el9_2.aarch64.rpm mysql-libs-debuginfo-8.0.32-1.el9_2.aarch64.rpm mysql-server-8.0.32-1.el9_2.aarch64.rpm mysql-server-debuginfo-8.0.32-1.el9_2.aarch64.rpm mysql-test-debuginfo-8.0.32-1.el9_2.aarch64.rpm ppc64le: mysql-8.0.32-1.el9_2.ppc64le.rpm mysql-common-8.0.32-1.el9_2.ppc64le.rpm mysql-debuginfo-8.0.32-1.el9_2.ppc64le.rpm mysql-debugsource-8.0.32-1.el9_2.ppc64le.rpm mysql-devel-debuginfo-8.0.32-1.el9_2.ppc64le.rpm mysql-errmsg-8.0.32-1.el9_2.ppc64le.rpm mysql-libs-debuginfo-8.0.32-1.el9_2.ppc64le.rpm mysql-server-8.0.32-1.el9_2.ppc64le.rpm mysql-server-debuginfo-8.0.32-1.el9_2.ppc64le.rpm mysql-test-debuginfo-8.0.32-1.el9_2.ppc64le.rpm s390x: mysql-8.0.32-1.el9_2.s390x.rpm mysql-common-8.0.32-1.el9_2.s390x.rpm mysql-debuginfo-8.0.32-1.el9_2.s390x.rpm mysql-debugsource-8.0.32-1.el9_2.s390x.rpm mysql-devel-debuginfo-8.0.32-1.el9_2.s390x.rpm mysql-errmsg-8.0.32-1.el9_2.s390x.rpm mysql-libs-debuginfo-8.0.32-1.el9_2.s390x.rpm mysql-server-8.0.32-1.el9_2.s390x.rpm mysql-server-debuginfo-8.0.32-1.el9_2.s390x.rpm mysql-test-debuginfo-8.0.32-1.el9_2.s390x.rpm x86_64: mysql-8.0.32-1.el9_2.x86_64.rpm mysql-common-8.0.32-1.el9_2.x86_64.rpm mysql-debuginfo-8.0.32-1.el9_2.x86_64.rpm mysql-debugsource-8.0.32-1.el9_2.x86_64.rpm mysql-devel-debuginfo-8.0.32-1.el9_2.x86_64.rpm mysql-errmsg-8.0.32-1.el9_2.x86_64.rpm mysql-libs-debuginfo-8.0.32-1.el9_2.x86_64.rpm mysql-server-8.0.32-1.el9_2.x86_64.rpm mysql-server-debuginfo-8.0.32-1.el9_2.x86_64.rpm mysql-test-debuginfo-8.0.32-1.el9_2.x86_64.rpm Red Hat Enterprise Linux CRB (v.9): aarch64: mysql-debuginfo-8.0.32-1.el9_2.aarch64.rpm mysql-debugsource-8.0.32-1.el9_2.aarch64.rpm mysql-devel-8.0.32-1.el9_2.aarch64.rpm mysql-devel-debuginfo-8.0.32-1.el9_2.aarch64.rpm mysql-libs-8.0.32-1.el9_2.aarch64.rpm mysql-libs-debuginfo-8.0.32-1.el9_2.aarch64.rpm mysql-server-debuginfo-8.0.32-1.el9_2.aarch64.rpm mysql-test-8.0.32-1.el9_2.aarch64.rpm mysql-test-debuginfo-8.0.32-1.el9_2.aarch64.rpm ppc64le: mysql-debuginfo-8.0.32-1.el9_2.ppc64le.rpm mysql-debugsource-8.0.32-1.el9_2.ppc64le.rpm mysql-devel-8.0.32-1.el9_2.ppc64le.rpm mysql-devel-debuginfo-8.0.32-1.el9_2.ppc64le.rpm mysql-libs-8.0.32-1.el9_2.ppc64le.rpm mysql-libs-debuginfo-8.0.32-1.el9_2.ppc64le.rpm mysql-server-debuginfo-8.0.32-1.el9_2.ppc64le.rpm mysql-test-8.0.32-1.el9_2.ppc64le.rpm mysql-test-debuginfo-8.0.32-1.el9_2.ppc64le.rpm s390x: mysql-debuginfo-8.0.32-1.el9_2.s390x.rpm mysql-debugsource-8.0.32-1.el9_2.s390x.rpm mysql-devel-8.0.32-1.el9_2.s390x.rpm mysql-devel-debuginfo-8.0.32-1.el9_2.s390x.rpm mysql-libs-8.0.32-1.el9_2.s390x.rpm mysql-libs-debuginfo-8.0.32-1.el9_2.s390x.rpm mysql-server-debuginfo-8.0.32-1.el9_2.s390x.rpm mysql-test-8.0.32-1.el9_2.s390x.rpm mysql-test-debuginfo-8.0.32-1.el9_2.s390x.rpm x86_64: mysql-debuginfo-8.0.32-1.el9_2.x86_64.rpm mysql-debugsource-8.0.32-1.el9_2.x86_64.rpm mysql-devel-8.0.32-1.el9_2.x86_64.rpm mysql-devel-debuginfo-8.0.32-1.el9_2.x86_64.rpm mysql-libs-8.0.32-1.el9_2.x86_64.rpm mysql-libs-debuginfo-8.0.32-1.el9_2.x86_64.rpm mysql-server-debuginfo-8.0.32-1.el9_2.x86_64.rpm mysql-test-8.0.32-1.el9_2.x86_64.rpm mysql-test-debuginfo-8.0.32-1.el9_2.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7.References: https://access.redhat.com/security/cve/CVE-2022-21594 https://access.redhat.com/security/cve/CVE-2022-21599 https://access.redhat.com/security/cve/CVE-2022-21604 https://access.redhat.com/security/cve/CVE-2022-21608 https://access.redhat.com/security/cve/CVE-2022-21611 https://access.redhat.com/security/cve/CVE-2022-21617 https://access.redhat.com/security/cve/CVE-2022-21625 https://access.redhat.com/security/cve/CVE-2022-21632 https://access.redhat.com/security/cve/CVE-2022-21633 https://access.redhat.com/security/cve/CVE-2022-21637 https://access.redhat.com/security/cve/CVE-2022-21640 https://access.redhat.com/security/cve/CVE-2022-39400 https://access.redhat.com/security/cve/CVE-2022-39408 https://access.redhat.com/security/cve/CVE-2022-39410 https://access.redhat.com/security/cve/CVE-2023-21836 https://access.redhat.com/security/cve/CVE-2023-21863 https://access.redhat.com/security/cve/CVE-2023-21864 https://access.redhat.com/security/cve/CVE-2023-21865 https://access.redhat.com/security/cve/CVE-2023-21867 https://access.redhat.com/security/cve/CVE-2023-21868 https://access.redhat.com/security/cve/CVE-2023-21869 https://access.redhat.com/security/cve/CVE-2023-21870 https://access.redhat.com/security/cve/CVE-2023-21871 https://access.redhat.com/security/cve/CVE-2023-21873 https://access.redhat.com/security/cve/CVE-2023-21874 https://access.redhat.com/security/cve/CVE-2023-21875 https://access.redhat.com/security/cve/CVE-2023-21876 https://access.redhat.com/security/cve/CVE-2023-21877 https://access.redhat.com/security/cve/CVE-2023-21878 https://access.redhat.com/security/cve/CVE-2023-21879 https://access.redhat.com/security/cve/CVE-2023-21880 https://access.redhat.com/security/cve/CVE-2023-21881 https://access.redhat.com/security/cve/CVE-2023-21882 https://access.redhat.com/security/cve/CVE-2023-21883 https://access.redhat.com/security/cve/CVE-2023-21887 https://access.redhat.com/security/cve/CVE-2023-21912 https://access.redhat.com/security/cve/CVE-2023-21917 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZFo2A9zjgjWX9erEAQivjA//VQxDSWYh7V9mx6KvxoAp4HvMiXXqONbt AzMad98uA79hBfmq9eLmohUaLxffi63pAjTkyYYrpwVHAqoTMmb9iWOKgfY6iWgV uKjn0aPPhhZkSRLqYFFsNAjSz31FrYVPV3BUip02bgRZNNqx2/RoPi59JIs1yP46 +GyaCP1tw6yXcyJSXV+fEJPkXjByVkPW2o0ROJLHfvVP1x9+L5PHBagdkZqP28OJ zWjD3ktd+k6ablR+Mgsdxzhyjk7fimqPFCgqlCl/JzTylBXkxhNBp33IdJoAzvwd RMWvMiotfTP2CTuUMqyGE4UkCEfoxY+yNVJp0waoSpOhuAophkf32OI5Zsh+wg5c kH55+u6To2uCdvXuwr3mZWfK1Md4EisThnf2b/U+Dz6ED9joZhG2NxeiUe4kI8dC ZLHcYUdSJL/wI3qAfPYfGuOEXA2APaYfZgw7tQxWkvAO/r/DQ1cScS0uzkh6LVPe z8S4e/Eix30VPqefUAeR1gawfdd8wyAEa/oDRl+w9ZkFPv/mvIUbFYiC8E+jpIUq yjfys6hf9t+4BivhRIAFWicWsiaNhVymeSH22xzKD9oJKPZr8wnCMthamqkSFCC8 n8ew1LOOsVKZ5hvN7zHjlyVcsPUAspfUk727/FW9Kts2oJaK3O0t4J5F4JGwz8LQ cfWIMaYqf6g=6uK9 -----END PGP SIGNATURE----- -- RHSA-announce mailing list
May 09, 2023
•Important
Red Hat
219
security advisorymoderatesecurity issueRocky Linux 8 RLSA-2022:1546 Moderate Polkit Security Update
Moderate: polkit security update. \{'type': 'Security', 'shortCode': 'RL', 'name': 'RLSA-2022:1546', 'synopsis': 'Moderate: polkit security update', 'severity': 'Moderate', 'topic': 'An update for polkit is now available for Rocky Linux 8.\nRocky Linux Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.', 'description': 'The polkit packages provide a component for controlling system-wide privileges. This component provides a uniform and organized way for non-privileged processes to communicate with privileged ones.\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.', 'solution': None, 'affectedProducts': ['Rocky Linux 8'], 'fixes': ['2007534'], 'cves': ['Red Hat:::https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4115.json:::CVE-2021-4115'], 'references': [], 'publishedAt': '2022-04-28T02:04:04.121574Z', 'rpms': ['polkit-0.115-13.el8_5.2.aarch64.rpm', 'polkit-0.115-13.el8_5.2.src.rpm', 'polkit-0.115-13.el8_5.2.x86_64.rpm', 'polkit-debuginfo-0.115-13.el8_5.2.aarch64.rpm', 'polkit-debuginfo-0.115-13.el8_5.2.i686.rpm', 'polkit-debuginfo-0.115-13.el8_5.2.x86_64.rpm', 'polkit-debugsource-0.115-13.el8_5.2.aarch64.rpm', 'polkit-debugsource-0.115-13.el8_5.2.i686.rpm', 'polkit-debugsource-0.115-13.el8_5.2.x86_64.rpm', 'polkit-devel-0.115-13.el8_5.2.aarch64.rpm', 'polkit-devel-0.115-13.el8_5.2.i686.rpm', 'polkit-devel-0.115-13.el8_5.2.x86_64.rpm', 'polkit-docs-0.115-13.el8_5.2.noarch.rpm', 'polkit-libs-0.115-13.el8_5.2.aarch64.rpm', 'polkit-libs-0.115-13.el8_5.2.i686.rpm', 'polkit-libs-0.115-13.el8_5.2.x86_64.rpm', 'polkit-libs-debuginfo-0.115-13.el8_5.2.aarch64.rpm', 'polkit-libs-debuginfo-0.115-13.el8_5.2.i686.rpm','polkit-libs-debuginfo-0.115-13.el8_5.2.x86_64.rpm']}\. A substantial polkit security patch has been released for Rocky Linux 8. Safeguard your system to mitigate possible vulnerabilities.. Rocky Linux Security Update, Polkit Advisory, System Privilege Control. . LinuxSecurity.com Team
Sep 02, 2022
Rocky Linux
98
security advisoryRed Hat Enterprise LinuximportantRed Hat Enterprise Linux 7: RHSA-2021-2303-01 Critical: Privilege Risks
An update for microcode_ctl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: microcode_ctl security, bug fix and enhancement update Advisory ID: RHSA-2021:2303-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2021:2303 Issue date: 2021-06-08 CVE Names: CVE-2020-24489 CVE-2020-24511 CVE-2020-24512 CVE-2020-24513 ==================================================================== 1. Summary: An update for microcode_ctl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Server AUS (v. 7.6) - x86_64 Red Hat Enterprise Linux Server E4S (v. 7.6) - x86_64 Red Hat Enterprise Linux Server TUS (v. 7.6) - x86_64 3. Description: The microcode_ctl packages provide microcode updates for Intel. Security Fix(es): * hw: vt-d related privilege escalation (CVE-2020-24489) * hw: improper isolation of shared resources in some Intel Processors(CVE-2020-24511) * hw: observable timing discrepancy in some Intel Processors(CVE-2020-24512) * hw: information disclosure on some Intel Atom processors (CVE-2020-24513) Bug Fix(es) and Enhancement(s): * Update Intel CPU microcode to microcode-20210525 release 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. For details on how to apply this update,refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1962650 - CVE-2020-24489 hw: vt-d related privilege escalation 1962666 - CVE-2020-24513 hw: information disclosure on some Intel Atom processors1962702 - CVE-2020-24511 hw: improper isolation of shared resources in some Intel Processors1962722 - CVE-2020-24512 hw: observable timing discrepancy in some Intel Processors 6. Package List: Red Hat Enterprise Linux Server AUS (v. 7.6): Source: microcode_ctl-2.1-47.21.el7_6.src.rpm x86_64: microcode_ctl-2.1-47.21.el7_6.x86_64.rpm microcode_ctl-debuginfo-2.1-47.21.el7_6.x86_64.rpm Red Hat Enterprise Linux Server E4S (v. 7.6): Source: microcode_ctl-2.1-47.21.el7_6.src.rpm x86_64: microcode_ctl-2.1-47.21.el7_6.x86_64.rpm microcode_ctl-debuginfo-2.1-47.21.el7_6.x86_64.rpm Red Hat Enterprise Linux Server TUS (v. 7.6): Source: microcode_ctl-2.1-47.21.el7_6.src.rpm x86_64: microcode_ctl-2.1-47.21.el7_6.x86_64.rpm microcode_ctl-debuginfo-2.1-47.21.el7_6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-24489 https://access.redhat.com/security/cve/CVE-2020-24511 https://access.redhat.com/security/cve/CVE-2020-24512 https://access.redhat.com/security/cve/CVE-2020-24513 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2021 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPGv1 iQIVAwUBYMAkptzjgjWX9erEAQjQaxAAiXuFV2AZ5UNVNR29EFFEaHsHDTLaeYNm ibgw81yBpSZopPqtVYoznk9JAYc2YSrgbq0/BxC+rWHRTGPom5lZumlkqc+Nkjon sGx6SXU5q9M/nPutM/p5afTXNaHbZVQojjeP9VIpF1qz94JRcJisrumAW/sS27/v Ie6wqizvXNJZq30FOmgAq3vSXJpvakZYrBZoRvdm3MUx3rqiy/Sn62VtexeJoWJf 7BVF9y24rn2r9BuG6QNKGnYTxuUHAfcTAy5laJZ7EWdpEXcSZG6SV6x40Zdg6TaV 8x6PFSbvb2woGvWfFr5so9I92X1z9MCh4vQ5hmPnoHHREXpDKcDjvmfnStNkKD3F kOvf99Ph7E4Th/NhFwAczspiZEJYbvZ7ZenKQwWd2lGnEzFdPU5g5c3n+WVyN1qZ psD/uZlryQyIUyvRPowGppm/vJfyIiDKr+yUpq3AGscs9ASpnH6120ClaQx3KutT gpUbnKDxAW7UMlg5V4A9y5jJBgW8cZGH4qKc9KeDOj1MOjOhrfClInKhfqqY6YF1 8ulHpTKFyXzFjKBST1PKhCQQ2HhG74GoG147R0yHZw+9T0+o3ovlEQTxD2yVgGua 7LQ/vJotdgvBEaYoWTz6WwphiYQpFbbyQ6E0qplPVJMMmFKhDpNKS+ama5CHnfUF 6I3FlLzt1EU=YG8p -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Jun 08, 2021
•Important
Red Hat
172
security advisoryupdateauthenticationUbuntu 19.04: USN-4037-1 Moderate: Policykit Desktop Action Privileges
A security improvement has been made to policykit-desktop-privileges.. =========================================================================Ubuntu Security Notice USN-4037-1 June 25, 2019 policykit-desktop-privileges update ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.04 - Ubuntu 18.10 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: A security improvement has been made to policykit-desktop-privileges. Software Description: - policykit-desktop-privileges: run common desktop actions without password Details: The policykit-desktop-privileges Startup Disk Creator policy allowed administrative users to overwrite disks. As a security improvement, this operation now requires authentication. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: policykit-desktop-privileges 0.20ubuntu19.04.1 Ubuntu 18.10: policykit-desktop-privileges 0.20ubuntu18.10.1 Ubuntu 18.04 LTS: policykit-desktop-privileges 0.20ubuntu18.04.1 Ubuntu 16.04 LTS: policykit-desktop-privileges 0.20ubuntu16.04.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-4037-1 https://bugs.launchpad.net/ubuntu/+source/policykit-desktop-privileges/+bug/1832337 Package Information: https://launchpad.net/ubuntu/+source/policykit-desktop-privileges/0.20ubuntu19.04.1 https://launchpad.net/ubuntu/+source/policykit-desktop-privileges/0.20ubuntu18.10.1 https://launchpad.net/ubuntu/+source/policykit-desktop-privileges/0.20ubuntu18.04.1 https://launchpad.net/ubuntu/+source/policykit-desktop-privileges/0.20ubuntu16.04.1 . Alert announcement USN-4037-1 regarding policykit enhancement strengthens user verification for graphical operations.. Policykit Privileges Update, Ubuntu Security Notice, AuthenticationImprovement, Security Updates. . LinuxSecurity.com Team
Jun 25, 2019
Ubuntu
202
security advisoryDoSkernel patchopenSUSE 13.2: 2016:3061-1 Critical Update for Kernel Security Issues
An update that solves 12 vulnerabilities and has 8 fixes is An update that solves 12 vulnerabilities and has 8 fixes is An update that solves 12 vulnerabilities and has 8 fixes is now available. now available.. openSUSE Security Update: Security update for the Linux Kernel ______________________________________________________________________________ Announcement ID: openSUSE-SU-2016:3061-1 Rating: important References: #1001486 #1004517 #1007615 #1008833 #1010040 #1010150 #1010467 #1010475 #1010478 #1010501 #1010502 #1010711 #1010716 #1011685 #1012754 #934067 #990384 #993739 #999577 #999907 Cross-References: CVE-2015-8962 CVE-2015-8963 CVE-2016-7042 CVE-2016-7910 CVE-2016-7911 CVE-2016-7913 CVE-2016-7914 CVE-2016-7916 CVE-2016-8633 CVE-2016-8646 CVE-2016-8655 CVE-2016-9555 Affected Products: openSUSE 13.2 ______________________________________________________________________________ An update that solves 12 vulnerabilities and has 8 fixes is now available. Description: The openSUSE 13.2 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2015-8962: Double free vulnerability in the sg_common_write function in drivers/scsi/sg.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (memory corruption and system crash) by detaching a device during an SG_IO ioctl call (bnc#1010501). - CVE-2015-8963: Race condition in kernel/events/core.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) by leveraging incorrect handling of an swevent data structure during a CPU unplug operation (bnc#1010502). - CVE-2016-7042: The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU CompilerCollection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allowed local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file (bnc#1004517). - CVE-2016-7910: Use-after-free vulnerability in the disk_seqf_stop function in block/genhd.c in the Linux kernel allowed local users to gain privileges by leveraging the execution of a certain stop operation even if the corresponding start operation had failed (bnc#1010716). - CVE-2016-7911: Race condition in the get_task_ioprio function in block/ioprio.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via a crafted ioprio_get system call (bnc#1010711). - CVE-2016-7913: The xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c in the Linux kernel allowed local users to gain privileges or cause a denial of service (use-after-free) via vectors involving omission of the firmware name from a certain data structure (bnc#1010478). - CVE-2016-7914: The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel did not check whether a slot is a leaf, which allowed local users to obtain sensitive information from kernel memory or cause a denial of service (invalid pointer dereference and out-of-bounds read) via an application that uses associative-array data structures, as demonstrated by the keyutils test suite (bnc#1010475). - CVE-2016-7916: Race condition in the environ_read function in fs/proc/base.c in the Linux kernel allowed local users to obtain sensitive information from kernel memory by reading a /proc/*/environ file during a process-setup time interval in which environment-variable copying is incomplete (bnc#1010467). - CVE-2016-8633: drivers/firewire/net.c in the Linux kernel before 4.8.7, in certain unusual hardware configurations,allowed remote attackers to execute arbitrary code via crafted fragmented packets (bnc#1008833). - CVE-2016-8646: The hash_accept function in crypto/algif_hash.c in the Linux kernel allowed local users to cause a denial of service (OOPS) by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data (bnc#1010150). - CVE-2016-8655: A race condition in the af_packet packet_set_ring function could be used by local attackers to crash the kernel or gain privileges (bsc#1012754). - CVE-2016-9555: The sctp_sf_ootb function in net/sctp/sm_statefuns.c in the Linux kernel lacks chunk-length checking for the first chunk, which allowed remote attackers to cause a denial of service (out-of-bounds slab access) or possibly have unspecified other impact via crafted SCTP data (bnc#1011685). The following non-security bugs were fixed: - bna: Add synchronization for tx ring (bsc#993739). - bonding: set carrier off for devices created through netlink (bsc#999577). - btrfs: fix extent tree corruption due to relocation (bsc#990384). - introduce NETIF_F_GSO_ENCAP_ALL helper mask (bsc#1001486). - ipv6: send NEWLINK on RA managed/otherconf changes (bsc#934067). - ipv6: send only one NEWLINK when RA causes changes (bsc#934067). - tunnels: Remove encapsulation offloads on decap (bsc#1001486). - usbhid: add ATEN CS962 to list of quirky devices (bsc#1007615). - vmxnet3: Wake queue from reset work (bsc#999907). Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 13.2: zypper in -t patch openSUSE-2016-1431=1 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 13.2 (i686 x86_64): kernel-debug-3.16.7-53.1 kernel-debug-base-3.16.7-53.1 kernel-debug-base-debuginfo-3.16.7-53.1 kernel-debug-debuginfo-3.16.7-53.1 kernel-debug-debugsource-3.16.7-53.1 kernel-debug-devel-3.16.7-53.1 kernel-debug-devel-debuginfo-3.16.7-53.1 kernel-desktop-3.16.7-53.1 kernel-desktop-base-3.16.7-53.1 kernel-desktop-base-debuginfo-3.16.7-53.1 kernel-desktop-debuginfo-3.16.7-53.1 kernel-desktop-debugsource-3.16.7-53.1 kernel-desktop-devel-3.16.7-53.1 kernel-ec2-base-debuginfo-3.16.7-53.1 kernel-ec2-debuginfo-3.16.7-53.1 kernel-ec2-debugsource-3.16.7-53.1 kernel-vanilla-3.16.7-53.1 kernel-vanilla-debuginfo-3.16.7-53.1 kernel-vanilla-debugsource-3.16.7-53.1 kernel-vanilla-devel-3.16.7-53.1 kernel-xen-3.16.7-53.1 kernel-xen-base-3.16.7-53.1 kernel-xen-base-debuginfo-3.16.7-53.1 kernel-xen-debuginfo-3.16.7-53.1 kernel-xen-debugsource-3.16.7-53.1 kernel-xen-devel-3.16.7-53.1 - openSUSE 13.2 (i586 x86_64): bbswitch-0.8-3.26.1 bbswitch-debugsource-0.8-3.26.1 bbswitch-kmp-default-0.8_k3.16.7_53-3.26.1 bbswitch-kmp-default-debuginfo-0.8_k3.16.7_53-3.26.1 bbswitch-kmp-desktop-0.8_k3.16.7_53-3.26.1 bbswitch-kmp-desktop-debuginfo-0.8_k3.16.7_53-3.26.1 bbswitch-kmp-xen-0.8_k3.16.7_53-3.26.1 bbswitch-kmp-xen-debuginfo-0.8_k3.16.7_53-3.26.1 cloop-2.639-14.26.1 cloop-debuginfo-2.639-14.26.1 cloop-debugsource-2.639-14.26.1 cloop-kmp-default-2.639_k3.16.7_53-14.26.1 cloop-kmp-default-debuginfo-2.639_k3.16.7_53-14.26.1 cloop-kmp-desktop-2.639_k3.16.7_53-14.26.1 cloop-kmp-desktop-debuginfo-2.639_k3.16.7_53-14.26.1 cloop-kmp-xen-2.639_k3.16.7_53-14.26.1 cloop-kmp-xen-debuginfo-2.639_k3.16.7_53-14.26.1 crash-7.0.8-26.1 crash-debuginfo-7.0.8-26.1 crash-debugsource-7.0.8-26.1 crash-devel-7.0.8-26.1 crash-doc-7.0.8-26.1 crash-eppic-7.0.8-26.1 crash-eppic-debuginfo-7.0.8-26.1 crash-gcore-7.0.8-26.1 crash-gcore-debuginfo-7.0.8-26.1 crash-kmp-default-7.0.8_k3.16.7_53-26.1 crash-kmp-default-debuginfo-7.0.8_k3.16.7_53-26.1 crash-kmp-desktop-7.0.8_k3.16.7_53-26.1 crash-kmp-desktop-debuginfo-7.0.8_k3.16.7_53-26.1 crash-kmp-xen-7.0.8_k3.16.7_53-26.1 crash-kmp-xen-debuginfo-7.0.8_k3.16.7_53-26.1 hdjmod-debugsource-1.28-18.27.1 hdjmod-kmp-default-1.28_k3.16.7_53-18.27.1 hdjmod-kmp-default-debuginfo-1.28_k3.16.7_53-18.27.1 hdjmod-kmp-desktop-1.28_k3.16.7_53-18.27.1 hdjmod-kmp-desktop-debuginfo-1.28_k3.16.7_53-18.27.1 hdjmod-kmp-xen-1.28_k3.16.7_53-18.27.1 hdjmod-kmp-xen-debuginfo-1.28_k3.16.7_53-18.27.1 ipset-6.23-26.1 ipset-debuginfo-6.23-26.1 ipset-debugsource-6.23-26.1 ipset-devel-6.23-26.1 ipset-kmp-default-6.23_k3.16.7_53-26.1 ipset-kmp-default-debuginfo-6.23_k3.16.7_53-26.1 ipset-kmp-desktop-6.23_k3.16.7_53-26.1 ipset-kmp-desktop-debuginfo-6.23_k3.16.7_53-26.1 ipset-kmp-xen-6.23_k3.16.7_53-26.1 ipset-kmp-xen-debuginfo-6.23_k3.16.7_53-26.1 kernel-default-3.16.7-53.1 kernel-default-base-3.16.7-53.1 kernel-default-base-debuginfo-3.16.7-53.1 kernel-default-debuginfo-3.16.7-53.1 kernel-default-debugsource-3.16.7-53.1 kernel-default-devel-3.16.7-53.1 kernel-ec2-3.16.7-53.1 kernel-ec2-base-3.16.7-53.1 kernel-ec2-devel-3.16.7-53.1 kernel-obs-build-3.16.7-53.2 kernel-obs-build-debugsource-3.16.7-53.2 kernel-obs-qa-3.16.7-53.1 kernel-syms-3.16.7-53.1 libipset3-6.23-26.1 libipset3-debuginfo-6.23-26.1 pcfclock-0.44-260.26.1 pcfclock-debuginfo-0.44-260.26.1 pcfclock-debugsource-0.44-260.26.1 pcfclock-kmp-default-0.44_k3.16.7_53-260.26.1 pcfclock-kmp-default-debuginfo-0.44_k3.16.7_53-260.26.1 pcfclock-kmp-desktop-0.44_k3.16.7_53-260.26.1 pcfclock-kmp-desktop-debuginfo-0.44_k3.16.7_53-260.26.1 python-virtualbox-5.0.30-62.1 python-virtualbox-debuginfo-5.0.30-62.1 vhba-kmp-debugsource-20140629-2.26.1 vhba-kmp-default-20140629_k3.16.7_53-2.26.1 vhba-kmp-default-debuginfo-20140629_k3.16.7_53-2.26.1 vhba-kmp-desktop-20140629_k3.16.7_53-2.26.1 vhba-kmp-desktop-debuginfo-20140629_k3.16.7_53-2.26.1 vhba-kmp-xen-20140629_k3.16.7_53-2.26.1 vhba-kmp-xen-debuginfo-20140629_k3.16.7_53-2.26.1 virtualbox-5.0.30-62.1 virtualbox-debuginfo-5.0.30-62.1 virtualbox-debugsource-5.0.30-62.1 virtualbox-devel-5.0.30-62.1 virtualbox-guest-kmp-default-5.0.30_k3.16.7_53-62.1 virtualbox-guest-kmp-default-debuginfo-5.0.30_k3.16.7_53-62.1 virtualbox-guest-kmp-desktop-5.0.30_k3.16.7_53-62.1 virtualbox-guest-kmp-desktop-debuginfo-5.0.30_k3.16.7_53-62.1 virtualbox-guest-tools-5.0.30-62.1 virtualbox-guest-tools-debuginfo-5.0.30-62.1 virtualbox-guest-x11-5.0.30-62.1 virtualbox-guest-x11-debuginfo-5.0.30-62.1 virtualbox-host-kmp-default-5.0.30_k3.16.7_53-62.1 virtualbox-host-kmp-default-debuginfo-5.0.30_k3.16.7_53-62.1 virtualbox-host-kmp-desktop-5.0.30_k3.16.7_53-62.1 virtualbox-host-kmp-desktop-debuginfo-5.0.30_k3.16.7_53-62.1 virtualbox-qt-5.0.30-62.1 virtualbox-qt-debuginfo-5.0.30-62.1 virtualbox-websrv-5.0.30-62.1 virtualbox-websrv-debuginfo-5.0.30-62.1 xen-debugsource-4.4.4_05-55.1 xen-devel-4.4.4_05-55.1 xen-libs-4.4.4_05-55.1 xen-libs-debuginfo-4.4.4_05-55.1 xen-tools-domU-4.4.4_05-55.1 xen-tools-domU-debuginfo-4.4.4_05-55.1 xtables-addons-2.6-28.1 xtables-addons-debuginfo-2.6-28.1 xtables-addons-debugsource-2.6-28.1 xtables-addons-kmp-default-2.6_k3.16.7_53-28.1 xtables-addons-kmp-default-debuginfo-2.6_k3.16.7_53-28.1 xtables-addons-kmp-desktop-2.6_k3.16.7_53-28.1 xtables-addons-kmp-desktop-debuginfo-2.6_k3.16.7_53-28.1 xtables-addons-kmp-xen-2.6_k3.16.7_53-28.1 xtables-addons-kmp-xen-debuginfo-2.6_k3.16.7_53-28.1 - openSUSE 13.2 (x86_64): xen-4.4.4_05-55.1 xen-doc-html-4.4.4_05-55.1 xen-kmp-default-4.4.4_05_k3.16.7_53-55.1 xen-kmp-default-debuginfo-4.4.4_05_k3.16.7_53-55.1 xen-kmp-desktop-4.4.4_05_k3.16.7_53-55.1 xen-kmp-desktop-debuginfo-4.4.4_05_k3.16.7_53-55.1 xen-libs-32bit-4.4.4_05-55.1 xen-libs-debuginfo-32bit-4.4.4_05-55.1 xen-tools-4.4.4_05-55.1 xen-tools-debuginfo-4.4.4_05-55.1 - openSUSE 13.2 (noarch): kernel-devel-3.16.7-53.1 kernel-docs-3.16.7-53.2 kernel-macros-3.16.7-53.1 kernel-source-3.16.7-53.1 kernel-source-vanilla-3.16.7-53.1 virtualbox-guest-desktop-icons-5.0.30-62.1 virtualbox-host-source-5.0.30-62.1 - openSUSE 13.2 (i586): bbswitch-kmp-pae-0.8_k3.16.7_53-3.26.1 bbswitch-kmp-pae-debuginfo-0.8_k3.16.7_53-3.26.1 cloop-kmp-pae-2.639_k3.16.7_53-14.26.1 cloop-kmp-pae-debuginfo-2.639_k3.16.7_53-14.26.1 crash-kmp-pae-7.0.8_k3.16.7_53-26.1 crash-kmp-pae-debuginfo-7.0.8_k3.16.7_53-26.1 hdjmod-kmp-pae-1.28_k3.16.7_53-18.27.1 hdjmod-kmp-pae-debuginfo-1.28_k3.16.7_53-18.27.1 ipset-kmp-pae-6.23_k3.16.7_53-26.1 ipset-kmp-pae-debuginfo-6.23_k3.16.7_53-26.1 pcfclock-kmp-pae-0.44_k3.16.7_53-260.26.1 pcfclock-kmp-pae-debuginfo-0.44_k3.16.7_53-260.26.1 vhba-kmp-pae-20140629_k3.16.7_53-2.26.1 vhba-kmp-pae-debuginfo-20140629_k3.16.7_53-2.26.1 virtualbox-guest-kmp-pae-5.0.30_k3.16.7_53-62.1 virtualbox-guest-kmp-pae-debuginfo-5.0.30_k3.16.7_53-62.1 virtualbox-host-kmp-pae-5.0.30_k3.16.7_53-62.1 virtualbox-host-kmp-pae-debuginfo-5.0.30_k3.16.7_53-62.1 xtables-addons-kmp-pae-2.6_k3.16.7_53-28.1 xtables-addons-kmp-pae-debuginfo-2.6_k3.16.7_53-28.1 - openSUSE 13.2 (i686): kernel-pae-3.16.7-53.1 kernel-pae-base-3.16.7-53.1 kernel-pae-base-debuginfo-3.16.7-53.1 kernel-pae-debuginfo-3.16.7-53.1 kernel-pae-debugsource-3.16.7-53.1 kernel-pae-devel-3.16.7-53.1 References: https://www.suse.com/security/cve/CVE-2015-8962.html https://www.suse.com/security/cve/CVE-2015-8963.html https://www.suse.com/security/cve/CVE-2016-7042.html https://www.suse.com/security/cve/CVE-2016-7910.html https://www.suse.com/security/cve/CVE-2016-7911.html https://www.suse.com/security/cve/CVE-2016-7913.html https://www.suse.com/security/cve/CVE-2016-7914.html https://www.suse.com/security/cve/CVE-2016-7916.html https://www.suse.com/security/cve/CVE-2016-8633.html https://www.suse.com/security/cve/CVE-2016-8646.html https://www.suse.com/security/cve/CVE-2016-8655.html https://www.suse.com/security/cve/CVE-2016-9555.html https://bugzilla.suse.com/show_bug.cgi?id=1001486 https://bugzilla.suse.com/show_bug.cgi?id=1004517 https://bugzilla.suse.com/show_bug.cgi?id=1007615 https://bugzilla.suse.com/show_bug.cgi?id=1008833 https://bugzilla.suse.com/show_bug.cgi?id=1010040 https://bugzilla.suse.com/show_bug.cgi?id=1010150 https://bugzilla.suse.com/show_bug.cgi?id=1010467 https://bugzilla.suse.com/show_bug.cgi?id=1010475 https://bugzilla.suse.com/show_bug.cgi?id=1010478 https://bugzilla.suse.com/show_bug.cgi?id=1010501 https://bugzilla.suse.com/show_bug.cgi?id=1010502 https://bugzilla.suse.com/show_bug.cgi?id=1010711 https://bugzilla.suse.com/show_bug.cgi?id=1010716 https://bugzilla.suse.com/show_bug.cgi?id=1011685 https://bugzilla.suse.com/show_bug.cgi?id=1012754 https://bugzilla.suse.com/show_bug.cgi?id=934067 https://bugzilla.suse.com/show_bug.cgi?id=990384 https://bugzilla.suse.com/993739 https://bugzilla.suse.com/show_bug.cgi?id=999577 https://bugzilla.suse.com/show_bug.cgi?id=999907 . A recent security patch for openSUSE 13.2 Kernel resolves 12 vulnerabilities aimed at reducing the risk of local privilege elevation and denial of service (DoS) concerns.. openSUSE Security Updates, Linux Kernel Fixes, Privilege Escalation Patches, DoS Issues. . Severity: Important. LinuxSecurity.com Team
Dec 08, 2016
•Important
OpenSUSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!