Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
100
security advisorysecurity fiximportantSUSE: 2023:3768-1 Important: Proxy Httpd Security Update Released
The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/manager/4.3/proxy-httpd ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:3768-1 Container Tags : suse/manager/4.3/proxy-httpd:4.3.9 , suse/manager/4.3/proxy-httpd:4.3.9.9.40.7 , suse/manager/4.3/proxy-httpd:latest , suse/manager/4.3/proxy-httpd:susemanager-4.3.9 , suse/manager/4.3/proxy-httpd:susemanager-4.3.9.9.40.7 Container Release : 9.40.7 Severity : important Type : security References : 1206480 1206684 1210557 1211427 1212101 1213915 1214052 1214460 1215427 1216664 CVE-2023-4039 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:4458-1 Released: Thu Nov 16 14:38:48 2023 Summary: Security update for gcc13 Type: security Severity: important References: 1206480,1206684,1210557,1211427,1212101,1213915,1214052,1214460,1215427,1216664,CVE-2023-4039 This update for gcc13 fixes the following issues: This update ship the GCC 13.2 compiler suite and its base libraries. The compiler base libraries are provided for all SUSE Linux Enterprise 15 versions and replace the same named GCC 12 ones. The new compilers for C, C++, and Fortran are provided for SUSE Linux Enterprise 15 SP4 and SP5, and provided in the 'Development Tools' module. The Go, D, Ada and Modula 2 language compiler parts are available unsupported via the PackageHub repositories. To use gcc13 compilers use: - install 'gcc13' or 'gcc13-c++' or one of the other 'gcc13-COMPILER' frontend packages. - override your Makefile to use CC=gcc-13, CXX=g++-13 and similar overrides for the other languages. For a full changelog with all new GCC13features, check out https://gcc.gnu.org/gcc-13/changes.html Detailed changes: * CVE-2023-4039: Fixed -fstack-protector issues on aarch64 with variable length stack allocations. (bsc#1214052) - Work around third party app crash during C++ standard library initialization. [bsc#1216664] - Fixed that GCC13 fails to compile some packages with error: unrecognizable insn (bsc#1215427) - Bump included newlib to version 4.3.0. - Update to GCC trunk head (r13-5254-g05b9868b182bb9) - Redo floatn fixinclude pick-up to simply keep what is there. - Turn cross compiler to s390x to a glibc cross. [bsc#1214460] - Also handle -static-pie in the default-PIE specs - Fixed missed optimization in Skia resulting in Firefox crashes when building with LTO. [bsc#1212101] - Make libstdc++6-devel packages own their directories since they can be installed standalone. [bsc#1211427] - Add new x86-related intrinsics (amxcomplexintrin.h). - RISC-V: Add support for inlining subword atomic operations - Use --enable-link-serialization rather that --enable-link-mutex, the benefit of the former one is that the linker jobs are not holding tokens of the make's jobserver. - Add cross-bpf packages. See https://gcc.gnu.org/wiki/BPFBackEnd for the general state of BPF with GCC. - Add bootstrap conditional to allow --without=bootstrap to be specified to speed up local builds for testing. - Bump included newlib to version 4.3.0. - Also package libhwasan_preinit.o on aarch64. - Configure external timezone database provided by the timezone package. Make libstdc++6 recommend timezone to get a fully working std::chrono. Install timezone when running the testsuite. - Package libhwasan_preinit.o on x86_64. - Fixed unwinding on aarch64 with pointer signing. [bsc#1206684] - Enable PRU flavour for gcc13 - update floatn fixinclude pickup to check each header separately (bsc#1206480) - Redo floatn fixinclude pick-up to simply keep what is there. - Bump libgo SONAME to libgo22. - Do not package libhwasan for biarch (32-bitarchitecture) as the extension depends on 64-bit pointers. - Adjust floatn fixincludes guard to work with SLE12 and earlier SLE15. - Depend on at least LLVM 13 for GCN cross compiler. - Update embedded newlib to version 4.2.0 - Allow cross-pru-gcc12-bootstrap for armv7l architecture. PRU architecture is used for real-time MCUs embedded into TI armv7l and aarch64 SoCs. We need to have cross-pru-gcc12 for armv7l in order to build both host applications and PRU firmware during the same build. The following package changes have been done: - libgcc_s1-13.2.1+git7813-150000.1.6.1 updated - libstdc++6-13.2.1+git7813-150000.1.6.1 updated . Critical update for suse/manager/4.3/proxy-httpd addressing significant vulnerabilities has been released.. suse manager, container update, security patches, important advisory, proxy-httpd. . Severity: Important. LinuxSecurity.com Team
Nov 18, 2023
•Important
SuSE
100
security advisoryimportantsecurity patchSUSE: 2023:4721-2 Important Update For Proxy HTTPD Security Patch
The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/manager/4.3/proxy-httpd ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:3696-1 Container Tags : suse/manager/4.3/proxy-httpd:4.3.9 , suse/manager/4.3/proxy-httpd:4.3.9.9.40.2 , suse/manager/4.3/proxy-httpd:latest , suse/manager/4.3/proxy-httpd:susemanager-4.3.9 , suse/manager/4.3/proxy-httpd:susemanager-4.3.9.9.40.2 Container Release : 9.40.2 Severity : important Type : security References : 1204270 1204270 1211047 1211047 1211145 1211145 1211270 1211270 1211912 1211912 1212168 1212168 1212507 1212507 1213132 1213132 1213376 1213376 1213469 1213469 1213680 1213680 1213689 1213689 1214041 1214041 1214121 1214121 1214463 1214463 1214553 1214553 1214746 1214746 1215027 1215027 1215120 1215120 1215157 1215412 1215412 1215514 1215514 1216411 1216411 1216661 1216661 CVE-2023-34049 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:4385-1 Released: Thu Nov 9 03:30:32 2023 Summary: Maintenance update for SUSE Manager 4.3: Server, Proxy and Retail Branch Server Type: recommended Severity: important References: 1204270,1211047,1211145,1211270,1211912,1212168,1212507,1213132,1213376,1213469,1213680,1213689,1214041,1214121,1214463,1214553,1214746,1215027,1215120,1215412,1215514,1216411,1216661 Maintenance update for SUSE Manager 4.3: Server, Proxy and Retail Branch Server This is a codestream only update ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:4412-1 Released: Thu Nov 9 03:49:51 2023 Summary: Maintenance update for SUSE Manager 4.3.9 Release Notes Type: security Severity: moderate References: 1204270,1211047,1211145,1211270,1211912,1212168,1212507,1213132,1213376,1213469,1213680,1213689,1214041,1214121,1214463,1214553,1214746,1215027,1215120,1215157,1215412,1215514,1216411,1216661,CVE-2023-34049 Maintenance update for SUSE Manager 4.3.9 Release Notes: This is a codestream only update The following package changes have been done: - release-notes-susemanager-proxy-4.3.9-150400.3.69.1 updated - apache2-mod_wsgi-4.7.1-150400.3.7.7 updated - spacewalk-backend-4.3.24-150400.3.30.16 updated - python3-spacewalk-client-tools-4.3.16-150400.3.18.13 updated - spacewalk-client-tools-4.3.16-150400.3.18.13 updated . The SUSE Container Update Advisory emphasizes critical upgrades for suse/manager/4.3/proxy-httpd aimed at bolstering system security.. SUSE Manager Update, Proxy HTTPD Security, Container Advisory. . Severity: Important. LinuxSecurity.com Team
Nov 10, 2023
•Important
SuSE
100
security advisorycriticalimportantSUSE: 2023:3168-1 Important: Proxy HTTPD Security Patch
The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/manager/4.3/proxy-httpd ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:3168-1 Container Tags : suse/manager/4.3/proxy-httpd:4.3.8 , suse/manager/4.3/proxy-httpd:4.3.8.9.37.2 , suse/manager/4.3/proxy-httpd:latest , suse/manager/4.3/proxy-httpd:susemanager-4.3.8 , suse/manager/4.3/proxy-httpd:susemanager-4.3.8.9.37.2 Container Release : 9.37.2 Severity : important Type : security References : 1158763 1186606 1193948 1194038 1194609 1194900 1195391 1201519 1204844 1205161 1206627 1207330 1207330 1207778 1207805 1208194 1208692 1208692 1209741 1210702 1210740 1210935 1210935 1211079 1211525 1211525 1211576 1211874 1211874 1211884 1211884 1212246 1212246 1212434 1212730 1212730 1212814 1212814 1212827 1212827 1212856 1212856 1212943 1212943 1213009 1213009 1213077 1213077 1213185 1213189 1213231 1213240 1213288 1213288 1213441 1213445 1213445 1213469 1213472 1213517 1213557 1213575 1213673 1213675 1213675 1213716 1213716 1213853 1213873 1213880 1213880 1214002 1214002 1214025 1214052 1214054 1214071 1214121 1214121 1214124 1214124 1214140 1214187 1214187 1214266 1214266 1214280 1214280 1214290 1214458 1214692 1214768 1214796 1214797 1214889 1214889 1214982 1214982 1215352 1215352 1215362 1215362 1215373 1215413 1215413 1215497 1215497 1215756 1215756 CVE-2023-20897 CVE-2023-20898 CVE-2023-29409 CVE-2023-29409 CVE-2023-36054 CVE-2023-3817 CVE-2023-39615 CVE-2023-4016 CVE-2023-40217 CVE-2023-4039 CVE-2023-4156 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3217-1 Released: Mon Aug 7 16:51:10 2023 Summary: Recommended update for cryptsetup Type: recommended Severity: moderate References: 1211079 This update for cryptsetup fixes the following issues: - Handle system with low memory and no swap space (bsc#1211079) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3275-1 Released: Fri Aug 11 10:19:36 2023 Summary: Recommended update for apparmor Type: recommended Severity: moderate References: 1213472 This update for apparmor fixes the following issues: - Add pam_apparmor README (bsc#1213472) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3285-1 Released: Fri Aug 11 10:30:38 2023 Summary: Recommended update for shadow Type: recommended Severity: moderate References: 1206627,1213189 This update for shadow fixes the following issues: - Prevent lock files from remaining after power interruptions (bsc#1213189) - Add --prefix support to passwd, chpasswd and chage (bsc#1206627) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3286-1 Released: Fri Aug 11 10:32:03 2023 Summary: Recommended update for util-linux Type: recommended Severity: moderate References: 1194038,1194900 This update for util-linux fixes the following issues: - Fix blkid for floppy drives (bsc#1194900) - Fix rpmbuild %checks fail when @ in the directory path (bsc#1194038) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3330-1 Released: Wed Aug 16 08:59:33 2023 Summary: Recommended update for python-pyasn1 Type: recommended Severity: important References: 1207805 Thisupdate for python-pyasn1 fixes the following issues: - To avoid users of this package having to recompile bytecode files, change the mtime of any __init__.py. (bsc#1207805) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3363-1 Released: Fri Aug 18 14:54:16 2023 Summary: Security update for krb5 Type: security Severity: important References: 1214054,CVE-2023-36054 This update for krb5 fixes the following issues: - CVE-2023-36054: Fixed a DoS that could be triggered by an authenticated remote user. (bsc#1214054) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3397-1 Released: Wed Aug 23 18:35:56 2023 Summary: Security update for openssl-1_1 Type: security Severity: moderate References: 1213517,1213853,CVE-2023-3817 This update for openssl-1_1 fixes the following issues: - CVE-2023-3817: Fixed a potential DoS due to excessive time spent checking DH q parameter value. (bsc#1213853) - Don't pass zero length input to EVP_Cipher because s390x assembler optimized AES cannot handle zero size. (bsc#1213517) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3410-1 Released: Thu Aug 24 06:56:32 2023 Summary: Recommended update for audit Type: recommended Severity: moderate References: 1201519,1204844 This update for audit fixes the following issues: - Create symbolic link from /sbin/audisp-syslog to /usr/sbin/audisp-syslog (bsc#1201519) - Fix rules not loaded when restarting auditd.service (bsc#1204844) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3440-1 Released: Mon Aug 28 08:57:10 2023 Summary: Security update for gawk Type: security Severity: low References: 1214025,CVE-2023-4156 This update for gawk fixes the following issues: - CVE-2023-4156: Fix a heap out of bound read by validating the index into argument list.(bsc#1214025) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3451-1 Released: Mon Aug 28 12:15:22 2023 Summary: Recommended update for systemd Type: recommended Severity: moderate References: 1186606,1194609,1208194,1209741,1210702,1211576,1212434,1213185,1213575,1213873 This update for systemd fixes the following issues: - Fix reboot and shutdown issues by getting only active MD arrays (bsc#1211576, bsc#1212434, bsc#1213575) - Decrease devlink priority for iso disks (bsc#1213185) - Do not ignore mount point paths longer than 255 characters (bsc#1208194) - Refuse hibernation if there's no possible way to resume (bsc#1186606) - Update 'korean' and 'arabic' keyboard layouts (bsc#1210702) - Drop some entries no longer needed by YaST (bsc#1194609) - The 'systemd --user' instances get their own session keyring instead of the user default one (bsc#1209741) - Dynamically allocate receive buffer to handle large amount of mounts (bsc#1213873) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3468-1 Released: Tue Aug 29 09:22:18 2023 Summary: Recommended update for python3 Type: recommended Severity: low References: This update for python3 fixes the following issue: - Rename sources in preparation of python3.11 (jsc#PED-68) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3472-1 Released: Tue Aug 29 10:55:16 2023 Summary: Security update for procps Type: security Severity: low References: 1214290,CVE-2023-4016 This update for procps fixes the following issues: - CVE-2023-4016: Fixed ps buffer overflow (bsc#1214290). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3486-1 Released: Tue Aug 29 14:25:23 2023 Summary: Recommended update for lvm2 Type: recommended Severity: moderate References: 1214071 This update for lvm2 fixes the following issues: - blkdeactivate callswrong mountpoint cmd (bsc#1214071) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3514-1 Released: Fri Sep 1 15:48:52 2023 Summary: Recommended update for libzypp, zypper Type: recommended Severity: moderate References: 1158763,1210740,1213231,1213557,1213673 This update for libzypp, zypper fixes the following issues: - Fix occasional isue with downloading very small files (bsc#1213673) - Fix negative ZYPP_LOCK_TIMEOUT not waiting forever (bsc#1213231) - Fix OES synchronization issues when cookie file has mode 0600 (bsc#1158763) - Don't cleanup orphaned dirs if read-only mode was promised (bsc#1210740) - Revised explanation of --force-resolution in man page (bsc#1213557) - Print summary hint if policies were violated due to --force-resolution (bsc#1213557) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3611-1 Released: Fri Sep 15 09:28:36 2023 Summary: Recommended update for sysuser-tools Type: recommended Severity: moderate References: 1195391,1205161,1207778,1213240,1214140 This update for sysuser-tools fixes the following issues: - Update to version 3.2 - Always create a system group of the same name as the system user (bsc#1205161, bsc#1207778, bsc#1213240) - Add 'quilt setup' friendly hint to %sysusers_requires usage - Use append so if a pre file already exists it isn't overridden - Invoke bash for bash scripts (bsc#1195391) - Remove all systemd requires not supported on SLE15 (bsc#1214140) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3661-1 Released: Mon Sep 18 21:44:09 2023 Summary: Security update for gcc12 Type: security Severity: important References: 1214052,CVE-2023-4039 This update for gcc12 fixes the following issues: - CVE-2023-4039: Fixed incorrect stack protector for C99 VLAs on Aarch64 (bsc#1214052). ----------------------------------------------------------------- Advisory ID:SUSE-SU-2023:3699-1 Released: Wed Sep 20 11:02:50 2023 Summary: Security update for libxml2 Type: security Severity: important References: 1214768,CVE-2023-39615 This update for libxml2 fixes the following issues: - CVE-2023-39615: Fixed crafted xml can cause global buffer overflow (bsc#1214768). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3828-1 Released: Wed Sep 27 19:07:38 2023 Summary: Security update for python3 Type: security Severity: important References: 1214692,CVE-2023-40217 This update for python3 fixes the following issues: - CVE-2023-40217: Fixed TLS handshake bypass on closed sockets (bsc#1214692). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3856-1 Released: Thu Sep 28 09:42:16 2023 Summary: Recommended update for apparmor Type: recommended Severity: moderate References: 1214458 This update for apparmor fixes the following issues: - Update zgrep profile to allow egrep helper use (bsc#1214458) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3861-1 Released: Thu Sep 28 13:37:55 2023 Summary: Maintenance update for SUSE Manager 4.3: Server, Proxy and Retail Branch Server Type: security Severity: important References: 1207330,1208692,1210935,1211525,1211874,1211884,1212246,1212730,1212814,1212827,1212856,1212943,1213009,1213077,1213288,1213445,1213675,1213716,1213880,1214002,1214121,1214124,1214187,1214266,1214280,1214889,1214982,1215352,1215362,1215373,1215413,1215497,1215756,CVE-2023-29409 This is a codestream only update ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3885-1 Released: Thu Sep 28 13:51:58 2023 Summary: Maintenance update for SUSE Manager 4.3.8 Release Notes Type: security Severity: important References: 1193948,1207330,1208692,1210935,1211525,1211874,1211884,1212246,1212730,1212814,1212827,1212856,1212943,1213009,1213077,1213288,1213441,1213445,1213469,1213675,1213716,1213880,1214002,1214121,1214124,1214187,1214266,1214280,1214796,1214797,1214889,1214982,1215352,1215362,1215413,1215497,1215756,CVE-2023-20897,CVE-2023-20898,CVE-2023-29409 Maintenance update for SUSE Manager 4.3.8 Release Notes: This is a codestream only update The following package changes have been done: - libuuid1-2.37.2-150400.8.20.1 updated - libudev1-249.16-150400.8.33.1 updated - libsmartcols1-2.37.2-150400.8.20.1 updated - libblkid1-2.37.2-150400.8.20.1 updated - libaudit1-3.0.6-150400.4.13.1 updated - libfdisk1-2.37.2-150400.8.20.1 updated - libgcc_s1-12.3.0+git1204-150000.1.16.1 updated - libstdc++6-12.3.0+git1204-150000.1.16.1 updated - libxml2-2-2.9.14-150400.5.22.1 updated - libsystemd0-249.16-150400.8.33.1 updated - libopenssl1_1-1.1.1l-150400.7.53.1 updated - libopenssl1_1-hmac-1.1.1l-150400.7.53.1 updated - libprocps7-3.3.15-150000.7.34.1 updated - procps-3.3.15-150000.7.34.1 updated - libmount1-2.37.2-150400.8.20.1 updated - krb5-1.19.2-150400.3.6.1 updated - login_defs-4.8.1-150400.10.9.1 updated - shadow-4.8.1-150400.10.9.1 updated - libzypp-17.31.20-150400.3.40.1 updated - sysuser-shadow-3.2-150400.3.5.3 updated - zypper-1.14.63-150400.3.29.1 updated - util-linux-2.37.2-150400.8.20.1 updated - libapparmor1-3.0.4-150400.5.9.1 updated - libdevmapper1_03-2.03.05_1.02.163-150400.188.1 updated - release-notes-susemanager-proxy-4.3.8-150400.3.61.2 updated - python3-base-3.6.15-150300.10.51.1 updated - libpython3_6m1_0-3.6.15-150300.10.51.1 updated - libcryptsetup12-2.4.3-150400.3.3.1 updated - libcryptsetup12-hmac-2.4.3-150400.3.3.1 updated - gawk-4.2.1-150000.3.3.1 updated - python3-3.6.15-150300.10.51.1 updated - systemd-249.16-150400.8.33.1 updated - python3-uyuni-common-libs-4.3.9-150400.3.15.13 updated - python3-pyasn1-0.4.2-150000.3.5.1 updated - python3-ordered-set-4.0.2-150400.8.34 updated -python3-pyudev-0.22.0+git.1642212208.d5630bf-150400.5.50 updated - python3-libxml2-2.9.14-150400.5.22.1 updated - python3-gobject-3.42.2-150400.10.23 updated - python3-dmidecode-3.12.2-150400.18.64 updated - python3-pyOpenSSL-21.0.0-150400.7.62 updated - spacewalk-backend-4.3.23-150400.3.27.19 updated . New SUSE Container Update Advisory for proxy-nginx, featuring critical updates for improved security in deployment environments.. SUSE Manager, Container Update, Security Patch, Proxy HTTPD, Important Fixes. . Severity: Important. LinuxSecurity.com Team
Sep 28, 2023
•Important
SuSE
100
security advisorysecurity issueupdateSUSE: 2023:2514-1 Critical: Proxy Httpd Security Update
The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/manager/4.3/proxy-httpd ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:2514-1 Container Tags : suse/manager/4.3/proxy-httpd:4.3.7 , suse/manager/4.3/proxy-httpd:4.3.7.9.34.1 , suse/manager/4.3/proxy-httpd:latest , suse/manager/4.3/proxy-httpd:susemanager-4.3.7 , suse/manager/4.3/proxy-httpd:susemanager-4.3.7.9.34.1 Container Release : 9.34.1 Severity : critical Type : security References : 1089497 1175823 1175823 1179747 1179747 1195380 1195380 1201337 1201337 1201627 1202234 1204089 1204089 1207330 1207330 1207417 1207534 1207550 1207550 1207691 1207691 1207941 1207941 1208528 1208528 1208577 1208577 1208612 1208612 1208720 1208720 1208721 1208984 1208984 1209156 1209156 1209229 1209565 1210004 1210011 1210011 1210103 1210103 1210394 1210394 1210406 1210406 1210456 1210456 1210475 1210475 1210659 1210659 1210834 1210834 1210957 1210957 1210994 1210994 1210999 1211062 1211062 1211261 1211261 1211276 1211276 1211330 1211330 1211418 1211419 1211469 1211469 1211621 1211621 1211650 1211650 1211713 1211713 1211828 1211897 1211897 1211929 1211929 1212032 1212032 1212126 1212187 1212187 1212222 1212222 1212260 1212550 1212550 1212588 1212588 1212623 1212700 1212700 1212770 1212770 1212771 1212771 1213237 1213432 1213432 1213487 CVE-2022-4304 CVE-2023-2183 CVE-2023-2602 CVE-2023-2603 CVE-2023-2801 CVE-2023-3128 CVE-2023-31484 CVE-2023-32001 CVE-2023-3446 CVE-2023-34969 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2625-1 Released: Fri Jun 23 17:16:11 2023 Summary: Recommended update for gcc12 Type: recommended Severity: moderate References: This update for gcc12 fixes the following issues: - Update to GCC 12.3 release, 0c61aa720e62f1baf0bfd178e283, git1204 * includes regression and other bug fixes - Speed up builds with --enable-link-serialization. - Update embedded newlib to version 4.2.0 ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2648-1 Released: Tue Jun 27 09:52:35 2023 Summary: Security update for openssl-1_1 Type: security Severity: moderate References: 1201627,1207534,CVE-2022-4304 This update for openssl-1_1 fixes the following issues: - CVE-2022-4304: Reworked the fix for the Timing-Oracle in RSA decryption. The previous fix for this timing side channel turned out to cause a severe 2-3x performance regression in the typical use case (bsc#1207534). - Update further expiring certificates that affect the testsuite (bsc#1201627). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2649-1 Released: Tue Jun 27 10:01:13 2023 Summary: Recommended update for hwdata Type: recommended Severity: moderate References: This update for hwdata fixes the following issues: - update to 0.371: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2742-1 Released: Fri Jun 30 11:40:56 2023 Summary: Recommended update for autoyast2, libzypp, yast2-pkg-bindings, yast2-update, zypper Type: recommended Severity: moderate References: 1202234,1209565,1211261,1212187,1212222 This update for yast2-pkg-bindings fixes the following issues: libzypp was updated toversion 17.31.14 (22): - Curl: trim all custom headers (bsc#1212187) HTTP/2 RFC 9113 forbids fields ending with a space. So we make sure all custom headers are trimmed. This also includes headers returned by URL-Resolver plugins. - build: honor libproxy.pc's includedir (bsc#1212222) zypper was updated to version 1.14.61: - targetos: Add an error note if XPath:/product/register/target is not defined in /etc/products.d/baseproduct (bsc#1211261) - targetos: Update help and man page (bsc#1211261) yast2-pkg-bindings, autoyast: - Added a new option for rebuilding the RPM database (--rebuilddb) (bsc#1209565) - Selected products are not installed after resetting the package manager internally (bsc#1202234) yast2-update: - Rebuild the RPM database during upgrade (--rebuilddb) (bsc#1209565) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2765-1 Released: Mon Jul 3 20:28:14 2023 Summary: Security update for libcap Type: security Severity: moderate References: 1211418,1211419,CVE-2023-2602,CVE-2023-2603 This update for libcap fixes the following issues: - CVE-2023-2602: Fixed improper memory release in libcap/psx/psx.c:__wrap_pthread_create() (bsc#1211418). - CVE-2023-2603: Fixed an integer overflow or wraparound in libcap/cap_alloc.c:_libcap_strdup() (bsc#1211419). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2772-1 Released: Tue Jul 4 09:54:23 2023 Summary: Recommended update for libzypp, zypper Type: recommended Severity: moderate References: 1211261,1212187,1212222 This update for libzypp, zypper fixes the following issues: libzypp was updated to version 17.31.14 (22): - Curl: trim all custom headers (bsc#1212187) HTTP/2 RFC 9113 forbids fields ending with a space. So we make sure all custom headers are trimmed. This also includes headers returned by URL-Resolver plugins. - build: honor libproxy.pc's includedir (bsc#1212222) zypper was updated to version 1.14.61: -targetos: Add an error note if XPath:/product/register/target is not defined in /etc/products.d/baseproduct (bsc#1211261) - targetos: Update help and man page (bsc#1211261) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2800-1 Released: Mon Jul 10 07:35:22 2023 Summary: Recommended update for openssl-1_1 Type: recommended Severity: moderate References: 1212623 This update for openssl-1_1 fixes the following issues: - Check the OCSP RESPONSE in openssl s_client command and terminate connection if a revoked certificate is found. [bsc#1212623] ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2827-1 Released: Fri Jul 14 11:27:47 2023 Summary: Recommended update for libxml2 Type: recommended Severity: moderate References: This update for libxml2 fixes the following issues: - Build also for modern python version (jsc#PED-68) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2847-1 Released: Mon Jul 17 08:40:42 2023 Summary: Recommended update for audit Type: recommended Severity: moderate References: 1210004 This update for audit fixes the following issues: - Check for AF_UNIX unnamed sockets (bsc#1210004) - Enable livepatching on main library on x86_64 ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2855-1 Released: Mon Jul 17 16:35:21 2023 Summary: Recommended update for openldap2 Type: recommended Severity: moderate References: 1212260 This update for openldap2 fixes the following issues: - libldap2 crashes on ldap_sasl_bind_s (bsc#1212260) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2877-1 Released: Wed Jul 19 09:43:42 2023 Summary: Security update for dbus-1 Type: security Severity: moderate References: 1212126,CVE-2023-34969 This update for dbus-1 fixes the following issues: -CVE-2023-34969: Fixed a possible dbus-daemon crash by an unprivileged users (bsc#1212126). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2882-1 Released: Wed Jul 19 11:49:39 2023 Summary: Security update for perl Type: security Severity: important References: 1210999,CVE-2023-31484 This update for perl fixes the following issues: - CVE-2023-31484: Enable TLS cert verification in CPAN (bsc#1210999). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2885-1 Released: Wed Jul 19 16:58:43 2023 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1208721,1209229,1211828 This update for glibc fixes the following issues: - getlogin_r: fix missing fallback if loginuid is unset (bsc#1209229, BZ #30235) - Exclude static archives from preparation for live patching (bsc#1208721) - resolv_conf: release lock on allocation failure (bsc#1211828, BZ #30527) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2891-1 Released: Wed Jul 19 21:14:33 2023 Summary: Security update for curl Type: security Severity: moderate References: 1213237,CVE-2023-32001 This update for curl fixes the following issues: - CVE-2023-32001: Fixed TOCTOU race condition (bsc#1213237). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:2918-1 Released: Thu Jul 20 12:00:17 2023 Summary: Recommended update for gpgme Type: recommended Severity: moderate References: 1089497 This update for gpgme fixes the following issues: gpgme: - Address failure handling issues when using gpg 2.2.6 via gpgme, as used by libzypp (bsc#1089497) libassuan: - Version upgrade to 2.5.5 in LTSS to address gpgme new requirements ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:2962-1 Released: Tue Jul 25 09:34:53 2023 Summary: Security update foropenssl-1_1 Type: security Severity: moderate References: 1213487,CVE-2023-3446 This update for openssl-1_1 fixes the following issues: - CVE-2023-3446: Fixed DH_check() excessive time with over sized modulus (bsc#1213487). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3133-1 Released: Wed Aug 2 09:15:22 2023 Summary: Maintenance update for SUSE Manager 4.3: Server, Proxy and Retail Branch Server Type: recommended Severity: moderate References: 1175823,1179747,1195380,1201337,1204089,1207330,1207417,1207550,1207691,1207941,1208528,1208577,1208612,1208720,1208984,1209156,1210011,1210103,1210394,1210406,1210456,1210475,1210659,1210834,1210957,1210994,1211062,1211276,1211330,1211469,1211621,1211650,1211713,1211897,1211929,1212032,1212550,1212588,1212700,1212770,1212771,1213432 Maintenance update for SUSE Manager 4.3: Server, Proxy and Retail Branch Server This is a codestream only update ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3136-1 Released: Wed Aug 2 09:16:10 2023 Summary: Maintenance update for SUSE Manager 4.3.7 Release Notes Type: security Severity: critical References: 1175823,1179747,1195380,1201337,1204089,1207330,1207550,1207691,1207941,1208528,1208577,1208612,1208720,1208984,1209156,1210011,1210103,1210394,1210406,1210456,1210475,1210659,1210834,1210957,1210994,1211062,1211276,1211330,1211469,1211621,1211650,1211713,1211897,1211929,1212032,1212550,1212588,1212700,1212770,1212771,1213432,CVE-2023-2183,CVE-2023-2801,CVE-2023-3128 Maintenance update for SUSE Manager 4.3.7 Release Notes: This is a codestream only update The following package changes have been done: - libldap-data-2.4.46-150200.14.17.1 updated - glibc-2.31-150300.52.2 updated - perl-base-5.26.1-150300.17.14.1 updated - libcap2-2.63-150400.3.3.1 updated - libaudit1-3.0.6-150400.4.10.1 updated - libgcc_s1-12.3.0+git1204-150000.1.10.1 updated - libassuan0-2.5.5-150000.4.5.2 updated -libstdc++6-12.3.0+git1204-150000.1.10.1 updated - libxml2-2-2.9.14-150400.5.19.1 updated - libopenssl1_1-1.1.1l-150400.7.48.1 updated - libopenssl1_1-hmac-1.1.1l-150400.7.48.1 updated - libprotobuf-lite20-3.9.2-150200.4.21.1 updated - libldap-2_4-2-2.4.46-150200.14.17.1 updated - libcurl4-8.0.1-150400.5.26.1 updated - libzypp-17.31.14-150400.3.35.1 updated - zypper-1.14.61-150400.3.24.1 updated - curl-8.0.1-150400.5.26.1 updated - libdbus-1-3-1.12.2-150400.18.8.1 updated - release-notes-susemanager-proxy-4.3.7-150400.3.58.1 updated - dbus-1-1.12.2-150400.18.8.1 updated - hwdata-0.371-150000.3.62.1 updated - python3-libxml2-2.9.14-150400.5.19.1 updated - spacewalk-backend-4.3.22-150400.3.24.6 updated . SUSE Container Update Notification regarding suse/manager/4.3/proxy-httpd tackles severe security vulnerabilities alongside necessary enhancements.. SUSE Manager, Security Update, Container Advisory. . Severity: Critical. LinuxSecurity.com Team
Aug 03, 2023
•Critical
SuSE
100
security advisorysecurity updateupdateSUSE: 2023:330-1 Important Security Advisory for Proxy HTTPD
The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/manager/4.3/proxy-httpd ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:330-1 Container Tags : suse/manager/4.3/proxy-httpd:4.3.4 , suse/manager/4.3/proxy-httpd:4.3.4.9.25.2 , suse/manager/4.3/proxy-httpd:latest Container Release : 9.25.2 Severity : important Type : security References : 1172110 1172179 1175622 1177460 1179584 1179962 1186011 1187028 1188882 1191857 1191925 1194038 1194394 1195455 1195624 1195979 1196205 1196729 1197027 1198168 1198356 1198358 1198903 1198944 1199147 1199157 1199467 1199523 1199629 1199646 1199656 1199659 1199662 1199663 1199679 1199714 1199726 1199727 1199779 1199817 1199874 1199950 1199984 1199998 1200169 1200276 1200296 1200347 1200480 1200532 1200573 1200581 1200591 1200606 1200629 1200707 1200723 1200801 1201003 1201142 1201189 1201210 1201220 1201224 1201260 1201411 1201476 1201498 1201589 1201606 1201607 1201626 1201753 1201782 1201788 1201788 1201842 1201893 1201913 1201918 1202093 1202150 1202217 1202271 1202272 1202367 1202455 1202464 1202602 1202728 1202729 1202785 1202805 1202899 1203026 1203049 1203056 1203169 1203274 1203283 1203287 1203288 1203385 1203406 1203422 1203449 1203451 1203478 1203478 1203484 1203532 1203532 1203564 1203580 1203585 1203588 1203599 1203611 1203611 1203633 1203652 1203685 1203698 1203826 1203884 1204029 1204032 1204061 1204126 1204186 1204195 1204235 1204270 1204330 1204437 1204444 1204517 1204519 1204541 1204585 1204651 1204699 1204712 1204715 1204867 1204879 1204932 1204944 1205000 1205000 1205012 1205040 1205207 1205212 1205255 1205339 1205350 1205470 1205489 1205502 1205523 1205644 1205646 1205663 1205749 1205754 1205890 1205919 1205943 1205976 1206055 1206160 1206168 1206186 1206249 1206276 1206294 1206308 1206309 1206336 1206337 1206375 1206412 1206470 1206579 1206613 1206666 1206667 1206799 1207136 1207182 1207247 1207250 1207251 1207264 1207533 1207534 1207536 1207538 944832 CVE-2006-20001 CVE-2021-41411 CVE-2021-42740 CVE-2021-43138 CVE-2022-0860 CVE-2022-1415 CVE-2022-31129 CVE-2022-36760 CVE-2022-37436 CVE-2022-40897 CVE-2022-4304 CVE-2022-43551 CVE-2022-43552 CVE-2022-4415 CVE-2022-4415 CVE-2022-4450 CVE-2022-46908 CVE-2022-47629 CVE-2023-0215 CVE-2023-0286 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:2136-1 Released: Mon Jun 20 13:45:31 2022 Summary: Recommended update for SUSE Manager 4.3 Release Notes Type: recommended Severity: low References: This update for SUSE Manager 4.3 Release Notes provides the following additions: Release notes for SUSE Manager: - Update to SUSE Manager 4.3.0.1 * Workarounds for some known issues. Release notes for SUSE Manager proxy: - Update to SUSE Manager 4.3.0.1 * Workaround for an upgrade issue of SUSE Manager Proxy 4.2 based on JeOS image to 4.3. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3182-1 Released: Thu Sep 8 09:40:09 2022 Summary: Recommended update for SUSEManager 4.3.1 Release Notes Type: recommended Severity: moderate References: 1172179,1179962,1186011,1187028,1191925,1194394,1195455,1198356,1198358,1198944,1199147,1199157,1199523,1199629,1199646,1199656,1199659,1199662,1199663,1199679,1199714,1199727,1199779,1199817,1199874,1199950,1199984,1199998,1200276,1200347,1200532,1200591,1200606,1200707,1201003,1201142,1201189,1201224,1201411,1201498,1201782,1201842 This update for SUSE Manager 4.3.1 Release Notes fixes the following issues: Release notes for SUSE Manager: - Update to SUSE Manager 4.3.1 * GPG key handling in SUSE Manager * Disabling locally defined repositories * Bugs mentioned bsc#1172179, bsc#1179962, bsc#1186011, bsc#1187028, bsc#1191925, bsc#1194394, bsc#1195455, bsc#1198356, bsc#1198358, bsc#1198944, bsc#1199147, bsc#1199157, bsc#1199523, bsc#1199629, bsc#1199646, bsc#1199656, bsc#1199659, bsc#1199662, bsc#1199663, bsc#1199679, bsc#1199714, bsc#1199727, bsc#1199779, bsc#1199817, bsc#1199874, bsc#1199950, bsc#1199984, bsc#1199998, bsc#1200276, bsc#1200347, bsc#1200532, bsc#1200591, bsc#1200606, bsc#1200707, bsc#1201003, bsc#1201142, bsc#1201189, bsc#1201224, bsc#1201411, bsc#1201498, bsc#1201782, bsc#1201842 Release notes for SUSE Manager Proxy: - Update to SUSE Manager 4.3.1 * Bugs mentioned bsc#1199659, bsc#1199679, bsc#1200591, bsc#1201003, bsc#1201142 ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3761-1 Released: Wed Oct 26 10:58:50 2022 Summary: Security update for release-notes-susemanager, release-notes-susemanager-proxy Type: security Severity: moderate References: 1191857,1195624,1196729,1197027,1198168,1198903,1199726,1200480,1200573,1200629,1201210,1201220,1201260,1201589,1201626,1201753,1201788,1201913,1201918,1202271,1202272,1202367,1202455,1202464,1202602,1202728,1202729,1202805,1202899,1203026,1203049,1203056,1203169,1203287,1203288,1203385,1203406,1203422,1203449,1203478,1203484,1203564,1203585,1203611,CVE-2021-41411,CVE-2021-42740,CVE-2021-43138,CVE-2022-0860,CVE-2022-31129 This update for release-notes-susemanager, release-notes-susemanager-proxy fixes the following issues: Release notes for SUSE Manager: - Update to SUSE Manager 4.3.2 * Containerized proxy and RBS are now fully supported * HTTP API is now fully supported * Ubuntu 22.04 is now supported as a client * Cobbler has been upgraded to version 3.3.3 which also includes building ISOs with UEFI support * pip support has been added for the Salt Bundle * Prometheus exporter for Apache has been upgraded to 0.10.0 * CVEs fixed: CVE-2021-41411, CVE-2021-42740, CVE-2021-43138, CVE-2022-0860, CVE-2022-31129 * Bugs mentioned: bsc#1191857, bsc#1195624, bsc#1196729, bsc#1197027, bsc#1198168 bsc#1198903, bsc#1199726, bsc#1200480, bsc#1200573, bsc#1200629 bsc#1201210, bsc#1201220, bsc#1201260, bsc#1201626, bsc#1201753 bsc#1201788, bsc#1201913, bsc#1201918, bsc#1202271, bsc#1202272 bsc#1202367, bsc#1202455, bsc#1202464, bsc#1202602, bsc#1202728 bsc#1202729, bsc#1202805, bsc#1202899, bsc#1203026, bsc#1203049 bsc#1203056, bsc#1203169, bsc#1203287, bsc#1203288, bsc#1203385 bsc#1203406, bsc#1203422, bsc#1203449, bsc#1203478, bsc#1203484 bsc#1203564, bsc#1203585, bsc#1203611 Release notes for SUSE Manager Proxy: - Update to SUSE Manager 4.3.2 * Containerized proxy and RBS are now fully supported * CVEs fixed: CVE-2021-42740, CVE-2021-43138, CVE-2022-31129 * Bugs mentioned: bsc#1198168, bsc#1198903, bsc#1200480, bsc#1201589, bsc#1201788 bsc#1203287, bsc#1203288, bsc#1203585 ----------------------------------------------------------------- AdvisoryID: SUSE-RU-2022:4422-1 Released: Tue Dec 13 08:26:22 2022 Summary: Recommended update for SUSE Manager 4.3.3 Release Notes Type: recommended Severity: moderate References: 1200169,1200296,1201476,1201606,1201607,1201788,1201893,1202093,1202217,1202785,1203283,1203451,1203532,1203580,1203588,1203599,1203611,1203633,1203685,1203698,1203884,1204029,1204061,1204195,1204437,1204444,1204517,1204519,1204541,1204651,1204699,1205212,1205339,1205470 This update for SUSE Manager 4.3.3 Release Notes provides the following additions: Release Notes for SUSE Manager: - Revision 4.3.3 - Bugs mentioned: bsc#1200169, bsc#1200296, bsc#1201476, bsc#1201606, bsc#1201607 bsc#1201788, bsc#1201893, bsc#1202093, bsc#1202217, bsc#1202785 bsc#1203283, bsc#1203451, bsc#1203532, bsc#1203580, bsc#1203588 bsc#1203599, bsc#1203611, bsc#1203633, bsc#1203685, bsc#1203698 bsc#1203884, bsc#1204029, bsc#1204061, bsc#1204195, bsc#1204437 bsc#1204444, bsc#1204517, bsc#1204519, bsc#1204541, bsc#1204651 bsc#1204699, bsc#1205212, bsc#1205339, bsc#1205470 Release Notes for SUSE Manager Proxy: - Revision 4.3.3 - Bugs mentioned: bsc#1201893, bsc#1203283, bsc#1204517, bsc#1205212, bsc#1205339 ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4597-1 Released: Wed Dec 21 10:13:11 2022 Summary: Security update for curl Type: security Severity: important References: 1206308,1206309,CVE-2022-43551,CVE-2022-43552 This update for curl fixes the following issues: - CVE-2022-43552: HTTP Proxy deny use-after-free (bsc#1206309). - CVE-2022-43551: Fixed HSTS bypass via IDN (bsc#1206308). ----------------------------------------------------------------- Advisory ID: SUSE-feature-2022:4601-1 Released: Wed Dec 21 12:23:59 2022 Summary: Feature update for GNOME 41 Type: feature Severity: moderate References: 1175622,1179584,1188882,1196205,1200581,1203274,1204867,944832 This update for GNOME 41 fixes the followingissues: atkmm1_6: - Version update from 2.28.1 to 2.28.3 (jsc#PED-2235): * Meson build: Avoid unnecessary configuration warnings * Meson build: Perl is not required by new versions of mm-common * Meson build: Require meson > = 0.55.0 * Meson build: Specify 'check' option in run_command(). Will be necessary with future versions of Meson. * Require atk > = 2.12.0 Not a new requirement, but previously it was not specified in configure.ac and meson.build * Support building with Visual Studio 2022 eog: - Version update from 41.1 to 41.2 (jsc#PED-2235): * eog-window: use correct type for display_profile * Fix discovery of Evince for multi-page images evince: - Version update 41.3 to 41.4 (jsc#PED-2235): * shell: Fix failures when thumbnail extraction takes too long * Fix build with meson 0.60.0 and newer evolution: - Ensure evolution-devel is forward compatible with evolution-data-server-devel in a same major version (jsc#PED-2235) evolution-data-center: - Version update from 3.42.4 to 3.42.5 (jsc#PED-2235): * Google OAuth out-of-band (oob) flow will be deprecated folks: - Version update 0.15.3 to 0.15.5 (jsc#PED-2235): * vapi: Add missing generic type argument * Fix docs build against newer eds version * Fix build against newer eds version * Remove volatile keyword from tests gcr: - Version update 3.41.0 to 3.41.1 (jsc#PED-2235): * Add G_SPAWN_CLOEXEC_PIPES flag to all the g_spawn commands * Add gi-docgen dependency which is needed by the docs * Fix build with meson 0.60.0 and newer * Fix build without systemd * Several CI fixes geocode-glib: - Version update from 3.26.2 to 3.26.4 (jsc#PED-2235): * Fix to a test data file not being installed, and a bug fix for a bug in the libsoup3 port * Add support for libsoup 3.x gjs: - Version update from 1.70.1 to 1.70.2 (jsc#PED-2235): * Build and compatibility fixes backported from the development branch * Reverse order of running-from-source checks - Require xorg-x11-Xvfb for proper package build(bsc#1203274) glib2: - Version update from 2.70.4 to 2.70.5 (jsc#PED-2235): * Bugs fixed: glgo#GNOME/GLib#2620, glgo#GNOME/GLib!2537, glgo#GNOME/GLib!2555 * Split gtk-docs from -devel package, these are not needed during building projects using glib2 gnome-control-center: - Fix the size of logo icon in About system (bsc#1200581) - Version update from 41.4 to 41.7 (jsc#PED-2235): * Cellular: Remove duplicate line from .desktop * Info: Allow changing 'Device Name' by pressing 'Enter' * Info: Remove trailing space after CPU name * Keyboard: Fix crash resetting all keyboard shortcuts * Keyboard: Fix leaks * Network: Fix saving passwords for non-wifi connections * Network: Fix critical when opening VPN details page * Wacom: Fix leaks gnome-desktop: - Version update from 41.2 to 41.8 (jsc#PED-2235): * Version increase but no actual changes gnome-music: - Version update from 41.0 to 41.1 (jsc#PED-2235): * Ensure the correct album is played * Fix build with meson 0.61.0 and newer * Fix crash on empty selection * Fix incorrect playlist import * Fix time displayed in RTL languages * Improve async queue work * Make random shuffle actually random * Make shuffle random * Speed increase on first startup on larger collections * Time is reversed in RTL gnome-remote-desktop: - Version update from 41.2 to 41.3 (jsc#PED-2235): * Add Icelandic translation gnome-session: - Clear error messages that can be ignored because expected to happen for GDM sessions (bsc#1204867) - Add fix for gnome-session to exit immediately when lost name on bus (bsc#1175622, bsc#1188882) gnome-shell: - Disable offline update suggestion before shutdown/reboot in SLE and openSUSE Leap (bsc#944832) - Version update from 41.4 to 41.9 (jsc#PED-2235): * Allow extension updates with only Extension Manager installed * Allow more intermediate icon sizes in app grid * Disable workspace switching while in search. * Do not create systemd scope for D-Bus activated apps * Fix calendar to correctlyalign world clocks header in RTL * Fix drag placeholder position in dash in RTL locales * Fix edge case where windows stay dimmed after a modal is closed * Fix feedback when turning on a11y features by keyboard * Fix focus tracking in magnifier on wayland * Fix fractional timezone offsets in world clock * Fix glitches in overview transition * Fix logging in with realmd * Fix memory leak * Fix opening device settings for enterprise WPA networks * Fix programatically set scrollview fade * Fix regression in ibus support * Fix unresponsive top bar in overview when in fullscreen * Handle monitor changes during startup animation * Hide overview after 'Show Details' from app context menu * Improve Belgian on-screen keyboard layout * Improve CSS shadow appearance * Make sure startup animation completes * Misc. bug fixes and cleanups * Only close messages via delete key if they can be closed * Respect IM hint for candidates list in on-screen keyboard gnome-software: - Disable offline update feature in SUSE Linux Enterprise and openSUSE Leap (bsc#944832) - Version update from 41.4 to 41.5 (jsc#PED-2235): * Added several appstream-related fixed * Disable scroll-by-mouse-wheel on featured carousel * Ensure details page shows app provided on command line gnome-terminal: - Version update from 3.42.2 to 3.42.3 (jsc#PED-2235): * Fix build with meson 0.61.0 and newer * window: Use a normal menu for the popup menu gnome-user-docs: - Version update from 41.1 to 41.5 (jsc#PED-2235): * Added missing icon for network-wired-symbolic gspell: - Version update from 1.8.4 to 1.10.0 (jsc#PED-2235): * Build: distribute more files in tarballs * Documentation improvements gtkmm3: - Version update from 3.24.5 to 3.24.6 (jsc#PED-2235): * Build with Meson: MSVC build: Support Visual Studio 2022 * Check if Perl is required for building documentation * Don't use deprecated python3.path() and execute (..., gui_app...) * GTK: TreeValueProxy: Declare copy constructor =default, avoiding warnings from the claing++ compiler * Object::_release_c_instance(): Unref orphan managed widgets * SizeGroup demo: Set active items in the combo boxs, so something is shown * Specify 'check' option in run_command() gtk-vnc: - Version update from 1.3.0 to 1.3.1 (jsc#PED-2235): * Add 'check' arg to meson run_command() * Fix invalid use of subprojects with meson * Support ZRLE encoding for zero size alpha cursors gupnp-av: - Version update from 0.12.11 to 0.14.1 (jsc#PED-2235): * Add utility function to format GDateTime to the iso variant DIDL expects * Allow to be used as a subproject * Drop autotools * Fix stripping @refID * Fix unsetting subtitleFileType * Make Feature derivable again * Obsolete code removal. * Port to modern GObject * Remove hand-written ref-counting, use RcBox/AtomicRcBox instead. * Switch to meson build system, following upstream - Rename libgupnp-av-1_0-2 subpackage to libgupnp-av-1_0-3, correcting the package name to match the provided library - Conflict with the wrongly provided libgupnp-av-1_0-2 gvfs: - Version update from 1.48.1 to 1.48.2 (jsc#PED-2235): * sftp: Adapt on new OpenSSH password prompts * smb: Rework anonymous handling to avoid EINVAL * smb: Ignore EINVAL for kerberos/ccache login libgsf: - Version update from 1.14.48 to 1.14.50 (jsc#PED-2235): * Fix error handling problem when writing ole files * Fix problems with non-western text in OLE properties * Use g_date_time_new_from_iso8601 and g_date_time_format_iso8601 when available libmediaart: - Version update from 1.9.5 to 1.9.6 (jsc#PED-2235): * build: Add introspection/vapi/tests options * build: Use library() to optionally build a static library libnma: - Version update from 1.8.32 to 1.8.40 (jsc#PED-2235): * Ad-Hoc networks now default to using WPA2 instead of WEP * Add possibility of building libnma-gtk4 library with Gtk4 support * Do not allow setting empty 802.1x domain for EAP TLS * Fixed keyboard accelerator for certificatechooser * Fixed libnma-gtk4 version of mobile-wizard * Include OWE wireless security option * The GtkBuilder files for Gtk4 are now included in the release tarball * WEP is no longer provided as an option for connecting to hidden networks due to its deprecated status - New sub-packages libnma-gtk4-0, typelib-1_0-NMA4-1_0 and libnma-gtk4-devel - Split out documentation files in own docs sub-package libnotify: - Version update from 0.7.10 to 0.7.12 (jsc#PED-2235): * Delete unused notifynotification.xml * Fix potential build errors with old glib version we require * docs/notify-send: Add --transient option to manpage * notification: Bookend calling NotifyActionCallback with temporary reference * notification: Include sender-pid hint by default if not provided * notify-send: Add debug message about server not supporting persistence * notify-send: Add explicit option to create transient notifications * notify-send: Add support for boolean hints * notify-send: Move server capabilities check to a separate function * notify-send: Support passing any hint value, by parsing variant strings libpeas: - Version update from 1.30.0 to 1.32.0 (jsc#PED-2235): * Icon licenses have been corrected * Parallel build system operation fixes * Use gi-docgen for documentation * Various build warnings squashed * Various GIR data that should not have been exported was removed - Stop packaging the demo files/sub-package librsvg: - Version update from 2.52.6 to 2.52.9 (jsc#PED-2235): * Catch circular references when rendering patterns * Fix regressions when computing element geometries * Fix regression outputting all text as paths libsecret: - Version update from 0.20.4 to 0.20.5 (jsc#PED-2235): * Add bash-completion for secret-tool * Add locking capabilities to secret tool * Add support for TPM2 based secret storage * Create default collection after DBus.Error.UnknownObject * Detect local storage in snaps in the same way as flatpaks * Drop autotools-based build * GIannotation and documentation fixes * Port documentation to gi-docgen * Use G_GNUC_NULL_TERMINATED where appropriate collection, methods, prompt: Port to GTask * secret-file-backend: Avoid closing the same file descriptor twice mutter: - Version update from 41.5 to 41.9 (jsc#PED-2235): * Fix '--replace option' * Fix missing root window properties after XWayland start * Fix night light without GAMMA_LUT property * KMS: Survive missing GAMMA_LUT property * wayland: Fix rotation transform * Misc. bug fixes nautilus: - Version update from 41.2 to 41.5(jsc#PED-2235): * Drag-and-drop bugfixes * HighContrast style fixes orca: - Version update from 41.1 to 41.3 (jsc#PED-2235): * Add more event-flood detection and handling for improved performance * Fix bug causing accessing preferences to fail for Esperanto * Web: Fix bug causing widgets descending from off-screen label elements to be skipped over * Web: Fix presentation of the FluentUI react dialog (and any other dialog which has an ARIA document-role descendant) * WebKitGtk: Fail gracefully when structural navigation commands are used in WebKitGtk 2.36.x python-cairo: - Add python3-cairo to SUSE Linux Enterprise Micro 5.3 as it is now required by python3-gobject-cairo python-gobject: - Add dependency on python-cairo to python-gobject-cairo: The introspection wrapper needs pycairo (bsc#1179584) - Version update from 3.42.0 to 3.42.2 (jsc#PED-2235): * Add a workaround for a PyPy 3.9+ bug when threads are used * Do not error out for unknown scopes * Prompt an error instead of crashing when marshaling unsupported fundamental types in some cases * Fix a crash/refcounting error in case marshaling a hash table fails * Fix crashes when marshaling zero terminated arrays for certain item types * Implement DynamicImporter.find_spec() to silence deprecation warning * Make the test suite pass again with PyPy * Some test/CI fixes * gtk overrides: Do not override Treeview.enable_model_drag_xx for GTK4 * gtk overrides:restore Gtk.ListStore.insert_with_valuesv with newer GTK4 * interface: Fix leak when overriding GInterfaceInfo * setup.py: look up pycairo headers without importing the module trackers-python: - Allow system calls used by gstreamer (bsc#1196205) - Version update from 3.2.2 to 3.2.1 (jsc#PED-2235): * Backport seccomp rules for rseq and mbind syscalls vala: - Version update from 0.54.6 to 0.54.8 (jsc#PED-2235): * Add missing TraverseVisitor.visit_data_type() * Add support for 'copy_/free_function' metadata for compact classes * Catch and throw possible inner error of lock statements * Clear SemanticAnalyzer.current_{symbol,source_file} when not needed anymore * Don't count instance-parameter when checking for backwards closure reference * Fix a few binding errors * Free empty stack list for code contexts * Handle duplicated and unnamed symbols. * Improve UI parsing and handling of nested objects and properties * Make sure to drop our 'trap' jump target in case of an error * Move dynamic property errors to semantic analyzer pass * Require lvalue access of delegate target/destroy 'fields' * Show source location when reporting deprecations * Transform assignment of an array element as needed * manual: Update from wiki.gnome.org * parser: Improve handling of nullable VarType in with-statement * parser: Reduce the source reference of main block method to its beginning xdg-desktop-portal-gnome: - Version update from 0.54.6 to 0.54.8 (jsc#PED-2235): * Properly bind property in Lockdown portal ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4628-1 Released: Wed Dec 28 09:23:13 2022 Summary: Security update for sqlite3 Type: security Severity: moderate References: 1206337,CVE-2022-46908 This update for sqlite3 fixes the following issues: - CVE-2022-46908: Properly implement the azProhibitedFunctions protection mechanism, when relying on --safe for execution of an untrusted CLI script(bsc#1206337). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4629-1 Released: Wed Dec 28 09:24:07 2022 Summary: Security update for systemd Type: security Severity: important References: 1200723,1205000,CVE-2022-4415 This update for systemd fixes the following issues: - CVE-2022-4415: Fixed systemd-coredump that did not respect the fs.suid_dumpable kernel setting (bsc#1205000). Bug fixes: - Support by-path devlink for multipath nvme block devices (bsc#1200723). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:25-1 Released: Thu Jan 5 09:51:41 2023 Summary: Recommended update for timezone Type: recommended Severity: moderate References: 1177460 This update for timezone fixes the following issues: Version update from 2022f to 2022g (bsc#1177460): - In the Mexican state of Chihuahua: * The border strip near the US will change to agree with nearby US locations on 2022-11-30. * The strip's western part, represented by Ciudad Juarez, switches from -06 all year to -07/-06 with US DST rules, like El Paso, TX. * The eastern part, represented by Ojinaga, will observe US DST next year, like Presidio, TX. * A new Zone America/Ciudad_Juarez splits from America/Ojinaga. - Much of Greenland, represented by America/Nuuk, stops observing winter time after March 2023, so its daylight saving time becomes standard time. - Changes for pre-1996 northern Canada - Update to past DST transition in Colombia (1993), Singapore (1981) - 'timegm' is now supported by default ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:45-1 Released: Mon Jan 9 10:32:26 2023 Summary: Recommended update for libxml2 Type: recommended Severity: moderate References: 1204585 This update for libxml2 fixes the following issues: - Add W3C conformance tests to the testsuite (bsc#1204585): * Added file xmlts20080827.tar.gz ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:46-1 Released: Mon Jan 9 10:35:21 2023 Summary: Recommended update for hwdata Type: recommended Severity: moderate References: This update for hwdata fixes the following issues: - Update pci, usb and vendor ids ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:48-1 Released: Mon Jan 9 10:37:54 2023 Summary: Recommended update for libtirpc Type: recommended Severity: moderate References: 1199467 This update for libtirpc fixes the following issues: - Consider /proc/sys/net/ipv4/ip_local_reserved_ports, before binding to a random port (bsc#1199467) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:50-1 Released: Mon Jan 9 10:42:21 2023 Summary: Recommended update for shadow Type: recommended Severity: moderate References: 1205502 This update for shadow fixes the following issues: - Fix issue with user id field that cannot be interpreted (bsc#1205502) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:56-1 Released: Mon Jan 9 11:13:43 2023 Summary: Security update for libksba Type: security Severity: moderate References: 1206579,CVE-2022-47629 This update for libksba fixes the following issues: - CVE-2022-47629: Fixed an integer overflow vulnerability in the CRL signature parser (bsc#1206579). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:159-1 Released: Thu Jan 26 18:21:56 2023 Summary: Security update for python-setuptools Type: security Severity: moderate References: 1206667,CVE-2022-40897 This update for python-setuptools fixes the following issues: - CVE-2022-40897: Fixed an excessive CPU usage that could be triggered by fetching a malicious HTML document (bsc#1206667). ----------------------------------------------------------------- AdvisoryID: SUSE-RU-2023:177-1 Released: Thu Jan 26 20:57:35 2023 Summary: Recommended update for util-linux Type: recommended Severity: moderate References: 1194038,1205646 This update for util-linux fixes the following issues: - Fix tests not passing when '@' character is in build path: Fixes rpmbuild %checks fail when @ in the directory path (bsc#1194038). - libuuid continuous clock handling for time based UUIDs: Prevent use of the new libuuid ABI by uuidd %post before update of libuuid1 (bsc#1205646). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:178-1 Released: Thu Jan 26 20:58:21 2023 Summary: Recommended update for openssl-1_1 Type: recommended Severity: moderate References: 1207182 This update for openssl-1_1 fixes the following issues: - FIPS: Add Pair-wise Consistency Test when generating DH key [bsc#1207182] ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:181-1 Released: Thu Jan 26 21:55:43 2023 Summary: Recommended update for procps Type: recommended Severity: low References: 1206412 This update for procps fixes the following issues: - Improve memory handling/usage (bsc#1206412) - Make sure that correct library version is installed (bsc#1206412) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:188-1 Released: Fri Jan 27 12:07:19 2023 Summary: Recommended update for zlib Type: recommended Severity: important References: 1203652 This update for zlib fixes the following issues: - Follow up fix for bug bsc#1203652 due to libxml2 issues ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:201-1 Released: Fri Jan 27 15:24:15 2023 Summary: Security update for systemd Type: security Severity: moderate References: 1204944,1205000,1207264,CVE-2022-4415 This update for systemd fixes the following issues: - CVE-2022-4415: Fixed an issue whereusers could access coredumps with changed uid, gid or capabilities (bsc#1205000). Non-security fixes: - Enabled the pstore service (jsc#PED-2663). - Fixed an issue accessing TPM when secure boot is enabled (bsc#1204944). - Fixed an issue where a pamd file could get accidentally overwritten after an update (bsc#1207264). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:311-1 Released: Tue Feb 7 17:36:32 2023 Summary: Security update for openssl-1_1 Type: security Severity: important References: 1207533,1207534,1207536,1207538,CVE-2022-4304,CVE-2022-4450,CVE-2023-0215,CVE-2023-0286 This update for openssl-1_1 fixes the following issues: - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address (bsc#1207533). - CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF() (bsc#1207536). - CVE-2022-4450: Fixed double free after calling PEM_read_bio_ex() (bsc#1207538). - CVE-2022-4304: Fixed timing Oracle in RSA Decryption (bsc#1207534). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:322-1 Released: Wed Feb 8 16:19:37 2023 Summary: Security update for apache2 Type: security Severity: important References: 1207247,1207250,1207251,CVE-2006-20001,CVE-2022-36760,CVE-2022-37436 This update for apache2 fixes the following issues: - CVE-2022-37436: Fixed an issue in mod_proxy where a malicious backend could cause the response headers to be truncated early, resulting in some headers being incorporated into the response body (bsc#1207251). - CVE-2022-36760: Fixed an issue in mod_proxy_ajp that could allow request smuggling attacks (bsc#1207250). - CVE-2006-20001: Fixed an issue in mod_proxy_ajp where a request header could cause memory corruption (bsc#1207247). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:345-1 Released: Fri Feb 10 15:06:27 2023 Summary: Maintenance update for SUSE Manager 4.3:Server, Proxy and Retail Branch Server Type: security Severity: important References: 1172110,1195979,1200801,1202150,1203478,1203532,1203826,1204032,1204126,1204186,1204235,1204270,1204330,1204712,1204715,1204879,1204932,1205012,1205040,1205207,1205255,1205350,1205489,1205523,1205644,1205663,1205749,1205754,1205890,1205919,1205943,1205976,1206055,1206160,1206168,1206186,1206249,1206276,1206294,1206336,1206375,1206470,1206613,1206666,1206799,1207136,CVE-2022-1415 Maintenance update for SUSE Manager 4.3: Server, Proxy and Retail Branch Server This is a codestream only update The following package changes have been done: - libtirpc-netconfig-1.2.6-150300.3.17.1 updated - libuuid1-2.37.2-150400.8.14.1 updated - libudev1-249.14-150400.8.19.1 updated - libsmartcols1-2.37.2-150400.8.14.1 updated - libblkid1-2.37.2-150400.8.14.1 updated - libfdisk1-2.37.2-150400.8.14.1 updated - libz1-1.2.11-150000.3.39.1 updated - libsqlite3-0-3.39.3-150000.3.20.1 updated - libksba8-1.3.5-150000.4.6.1 updated - libglib-2_0-0-2.70.5-150400.3.3.1 updated - libxml2-2-2.9.14-150400.5.13.1 updated - libsystemd0-249.14-150400.8.19.1 updated - libopenssl1_1-1.1.1l-150400.7.22.1 updated - libopenssl1_1-hmac-1.1.1l-150400.7.22.1 updated - libprocps7-3.3.15-150000.7.28.1 updated - procps-3.3.15-150000.7.28.1 updated - libmount1-2.37.2-150400.8.14.1 updated - login_defs-4.8.1-150400.10.3.1 updated - libtirpc3-1.2.6-150300.3.17.1 updated - libcurl4-7.79.1-150400.5.12.1 updated - shadow-4.8.1-150400.10.3.1 updated - util-linux-2.37.2-150400.8.14.1 updated - timezone-2022g-150000.75.18.1 updated - curl-7.79.1-150400.5.12.1 updated - libgmodule-2_0-0-2.70.5-150400.3.3.1 updated - libgobject-2_0-0-2.70.5-150400.3.3.1 updated - release-notes-susemanager-proxy-4.3.3-150400.3.12.3 added - python3-uyuni-common-libs-4.3.7-150400.3.9.4 updated - hwdata-0.365-150000.3.54.1 updated - apache2-utils-2.4.51-150400.6.6.1 updated - systemd-249.14-150400.8.19.1 updated - gio-branding-SLE-15-150400.27.2.1 updated - libgio-2_0-0-2.70.5-150400.3.3.1updated - glib2-tools-2.70.5-150400.3.3.1 updated - python3-setuptools-44.1.1-150400.3.3.1 updated - apache2-2.4.51-150400.6.6.1 updated - apache2-prefork-2.4.51-150400.6.6.1 updated - python3-gobject-3.42.2-150400.3.3.2 updated - python3-rhnlib-4.3.5-150400.3.3.3 updated - spacewalk-backend-4.3.18-150400.3.12.5 updated - python3-libxml2-2.9.14-150400.5.13.1 updated - python3-spacewalk-client-tools-4.3.14-150400.3.12.5 updated - spacewalk-client-tools-4.3.14-150400.3.12.5 updated - mgr-push-4.3.5-150400.3.3.5 updated - python3-mgr-push-4.3.5-150400.3.3.5 updated - spacewalk-proxy-package-manager-4.3.14-150400.3.11.4 updated - spacewalk-proxy-common-4.3.14-150400.3.11.4 updated - spacewalk-proxy-broker-4.3.14-150400.3.11.4 updated - susemanager-tftpsync-recv-4.3.8-150400.3.6.4 updated - spacewalk-proxy-redirect-4.3.14-150400.3.11.4 updated . SUSE Container Security Notification for suse/manager/4.3/proxy-nginx. Includes crucial security enhancements and bug fixes.. SUSE Manager Update, Proxy HTTPD Security, Linux Security Patches. . Severity: Important. LinuxSecurity.com Team
Feb 11, 2023
•Important
SuSE
100
security advisorycriticalsuse managerSUSE: 2022:2727-1 Critical: Proxy HTTPD Security Update
The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/manager/4.3/proxy-httpd ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:2727-1 Container Tags : suse/manager/4.3/proxy-httpd:4.3.2 , suse/manager/4.3/proxy-httpd:4.3.2.9.10.1 , suse/manager/4.3/proxy-httpd:latest Container Release : 9.10.1 Severity : critical Type : security References : 1047178 1121365 1180995 1182983 1189282 1189802 1190651 1190653 1190700 1190888 1191020 1191857 1193859 1195624 1195773 1196729 1197027 1198168 1198471 1198472 1198523 1198752 1198903 1199140 1199492 1199726 1199895 1200480 1200573 1200629 1200800 1200993 1201092 1201210 1201220 1201260 1201293 1201576 1201589 1201626 1201638 1201680 1201753 1201783 1201788 1201913 1201918 1201942 1201972 1202117 1202148 1202271 1202272 1202367 1202455 1202464 1202602 1202624 1202728 1202729 1202805 1202870 1202899 1203018 1203026 1203046 1203049 1203056 1203069 1203169 1203287 1203288 1203385 1203406 1203422 1203438 1203449 1203478 1203484 1203564 1203585 1203611 1203649 1204244 1204357 1204366 1204367 CVE-2017-6512 CVE-2021-28861 CVE-2021-36690 CVE-2021-41411 CVE-2021-42740 CVE-2021-43138 CVE-2021-46828 CVE-2022-0860 CVE-2022-31129 CVE-2022-31252 CVE-2022-3515 CVE-2022-35737 CVE-2022-40303 CVE-2022-40304 CVE-2022-40674 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID:SUSE-RU-2022:2796-1 Released: Fri Aug 12 14:34:31 2022 Summary: Recommended update for jitterentropy Type: recommended Severity: moderate References: This update for jitterentropy fixes the following issues: jitterentropy is included in version 3.4.0 (jsc#SLE-24941): This is a FIPS 140-3 / NIST 800-90b compliant userspace jitter entropy generator library, used by other FIPS libraries. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3127-1 Released: Wed Sep 7 04:36:10 2022 Summary: Recommended update for libtirpc Type: recommended Severity: moderate References: 1198752,1200800 This update for libtirpc fixes the following issues: - Exclude ipv6 addresses in client protocol version 2 code (bsc#1200800) - Fix memory leak in params.r_addr assignement (bsc#1198752) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3215-1 Released: Thu Sep 8 15:58:27 2022 Summary: Recommended update for rpm Type: recommended Severity: moderate References: This update for rpm fixes the following issues: - Support Ed25519 RPM signatures [jsc#SLE-24714] ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3220-1 Released: Fri Sep 9 04:30:52 2022 Summary: Recommended update for libzypp, zypper Type: recommended Severity: moderate References: 1199895,1200993,1201092,1201576,1201638 This update for libzypp, zypper fixes the following issues: libzypp: - Improve handling of package locks, allowing to reset the status of its initial state (bsc#1199895) - Fix issues when receiving exceptions from curl_easy_cleanup (bsc#1201092) - Don't auto-flag kernel-firmware as 'reboot-needed' (bsc#1200993) - Remove Medianetwork and its dependent code. First reason for this is that MediaNetwork was just meant as a way to test the new CURL based downloaded. Second the Provide API is going to completely replace the current media backend. zypper: -Truncate the 'Name' column when using `zypper lr`, if the table is wider than the terminal (bsc#1201638) - Reject install/remove modifier without argument (bsc#1201576) - zypper-download: Handle unresolvable arguments as errors- Put signing key supplying repository name in quotes ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3262-1 Released: Tue Sep 13 15:34:29 2022 Summary: Recommended update for gcc11 Type: recommended Severity: moderate References: 1199140 This update for gcc11 ships some missing 32bit libraries for s390x. (bsc#1199140) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3271-1 Released: Wed Sep 14 06:45:39 2022 Summary: Security update for perl Type: security Severity: moderate References: 1047178,CVE-2017-6512 This update for perl fixes the following issues: - CVE-2017-6512: Fixed File::Path rmtree/remove_tree race condition (bsc#1047178). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3304-1 Released: Mon Sep 19 11:43:25 2022 Summary: Recommended update for libassuan Type: recommended Severity: moderate References: This update for libassuan fixes the following issues: - Add a timeout for writing to a SOCKS5 proxy - Add workaround for a problem with LD_LIBRARY_PATH on newer systems - Fix issue in the logging code - Fix some build trivialities - Upgrade autoconf ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3305-1 Released: Mon Sep 19 11:45:57 2022 Summary: Security update for libtirpc Type: security Severity: important References: 1201680,CVE-2021-46828 This update for libtirpc fixes the following issues: - CVE-2021-46828: Fixed denial of service vulnerability with lots of connections (bsc#1201680). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3307-1 Released: Mon Sep 19 13:26:512022 Summary: Security update for sqlite3 Type: security Severity: moderate References: 1189802,1195773,1201783,CVE-2021-36690,CVE-2022-35737 This update for sqlite3 fixes the following issues: - CVE-2022-35737: Fixed an array-bounds overflow if billions of bytes are used in a string argument to a C API (bnc#1201783). - CVE-2021-36690: Fixed an issue with the SQLite Expert extension when a column has no collating sequence (bsc#1189802). - Package the Tcl bindings here again so that we only ship one copy of SQLite (bsc#1195773). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3328-1 Released: Wed Sep 21 12:48:56 2022 Summary: Recommended update for jitterentropy Type: recommended Severity: moderate References: 1202870 This update for jitterentropy fixes the following issues: - Hide the non-GNUC constructs that are library internal from the exported header, to make it usable in builds with strict C99 compliance. (bsc#1202870) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3353-1 Released: Fri Sep 23 15:23:40 2022 Summary: Security update for permissions Type: security Severity: moderate References: 1203018,CVE-2022-31252 This update for permissions fixes the following issues: - CVE-2022-31252: Fixed chkstat group controlled paths (bsc#1203018). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3452-1 Released: Wed Sep 28 12:13:43 2022 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1201942 This update for glibc fixes the following issues: - Reversing calculation of __x86_shared_non_temporal_threshold (bsc#1201942) - powerpc: Optimized memcmp for power10 (jsc#PED-987) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3489-1 Released: Sat Oct 1 13:35:24 2022 Summary: Security update for expat Type: security Severity: important References: 1203438,CVE-2022-40674 This update for expat fixes the following issues: - CVE-2022-40674: Fixed use-after-free in the doContent function in xmlparse.c (bsc#1203438). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3521-1 Released: Tue Oct 4 14:18:56 2022 Summary: Recommended update for lvm2 Type: recommended Severity: critical References: 1198523 This update for lvm2 fixes the following issues: - Add additional check in the package to prevent removal of device-mapper library files during install (bsc#1198523) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3544-1 Released: Thu Oct 6 13:48:42 2022 Summary: Security update for python3 Type: security Severity: important References: 1202624,CVE-2021-28861 This update for python3 fixes the following issues: - CVE-2021-28861: Fixed an open redirection vulnerability in the HTTP server when an URI path starts with // (bsc#1202624). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3551-1 Released: Fri Oct 7 17:03:55 2022 Summary: Recommended update for libgcrypt Type: recommended Severity: moderate References: 1182983,1190700,1191020,1202117 This update for libgcrypt fixes the following issues: - FIPS: Fixed gpg/gpg2 gets out of core handler in FIPS mode while typing Tab key to Auto-Completion. [bsc#1182983] - FIPS: Ported libgcrypt to use jitterentropy [bsc#1202117, jsc#SLE-24941] * Enable the jitter based entropy generator by default in random.conf * Update the internal jitterentropy to version 3.4.0 - FIPS: Get most of the entropy from rndjent_poll [bsc#1202117] - FIPS: Check keylength in gcry_fips_indicator_kdf() [bsc#1190700] * Consider approved keylength greater or equal to 112 bits. - FIPS: Zeroize buffer and digest in check_binary_integrity()[bsc#1191020] ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3555-1 Released: Mon Oct 10 14:05:12 2022 Summary: Recommended update for aaa_base Type: recommended Severity: important References: 1199492 This update for aaa_base fixes the following issues: - The wrapper rootsh is not a restricted shell. (bsc#1199492) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3564-1 Released: Tue Oct 11 16:15:57 2022 Summary: Recommended update for libzypp, zypper Type: recommended Severity: critical References: 1189282,1201972,1203649 This update for libzypp, zypper fixes the following issues: libzypp: - Enable 'zck' support for SUSE Linux Enterprise 15 Service Pack 4 and newer (bsc#1189282) - Fix regression leading to `-allow-vendor-change` and `no-allow-vendor-change` options being ignored (bsc#1201972) - Remove migration code that is no longer needed (bsc#1203649) - Store logrotate files in vendor specif directory '/usr/etc/logrotate.d' if so defined zypper: - Fix contradiction in the man page: `--download-in-advance` option is the default behavior - Fix regression leading to `-allow-vendor-change` and `no-allow-vendor-change` options being ignored (bsc#1201972) - Fix tests to use locale 'C.UTF-8' rather than 'en_US' - Make sure 'up' respects solver related CLI options (bsc#1201972) - Remove unneeded code to compute the PPP status because it is now auto established - Store logrotate files in vendor specif directory '/usr/etc/logrotate.d' if so defined ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3663-1 Released: Wed Oct 19 19:05:21 2022 Summary: Recommended update for openssl-1_1 Type: recommended Severity: moderate References: 1121365,1180995,1190651,1190653,1190888,1193859,1198471,1198472,1201293,1202148,1203046,1203069 This update for openssl-1_1 fixes the following issues: - FIPS: Default to RFC-7919 groups for genparamand dhparam - FIPS: list only FIPS approved digest and public key algorithms [bsc#1121365, bsc#1190888, bsc#1193859, bsc#1198471, bsc#1198472] - FIPS: Add KAT for the RAND_DRBG implementation [bsc#1203069] - FIPS: openssl: RAND api should call into FIPS DRBG [bsc#1201293] * The FIPS_drbg implementation is not FIPS validated anymore. To provide backwards compatibility for applications that need FIPS compliant RNG number generation and use FIPS_drbg_generate, this function was re-wired to call the FIPS validated DRBG instance instead through the RAND_bytes() call. - FIPS: Fix minor memory leaks by FIPS patch [bsc#1203046] - FIPS: OpenSSL: Port openssl to use jitterentropy [bsc#1202148, jsc#SLE-24941] libcrypto.so now requires libjitterentropy3 library. - FIPS: OpenSSL Provide a service-level indicator [bsc#1190651] - FIPS: Add zeroization of temporary variables to the hmac integrity function FIPSCHECK_verify(). [bsc#1190653] ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3670-1 Released: Thu Oct 20 10:44:13 2022 Summary: Recommended update for zchunk Type: recommended Severity: moderate References: 1204244 This update for zchunk fixes the following issues: - Make sure to ship libzck1 to Micro 5.3 (bsc#1204244) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3683-1 Released: Fri Oct 21 11:48:39 2022 Summary: Security update for libksba Type: security Severity: critical References: 1204357,CVE-2022-3515 This update for libksba fixes the following issues: - CVE-2022-3515: Fixed a possible overflow in the TLV parser (bsc#1204357). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3692-1 Released: Fri Oct 21 16:15:07 2022 Summary: Security update for libxml2 Type: security Severity: important References: 1204366,1204367,CVE-2022-40303,CVE-2022-40304 This update for libxml2 fixes the following issues: - CVE-2022-40303: Fixed integer overflows with XML_PARSE_HUGE (bsc#1204366). - CVE-2022-40304: Fixed dict corruption caused by entity reference cycles (bsc#1204367). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3750-1 Released: Wed Oct 26 10:45:25 2022 Summary: Maintenance update for SUSE Manager 4.3: Server and Proxy Type: security Severity: moderate References: 1191857,1195624,1196729,1197027,1198168,1198903,1199726,1200480,1200573,1200629,1201210,1201220,1201260,1201589,1201626,1201753,1201788,1201913,1201918,1202271,1202272,1202367,1202455,1202464,1202602,1202728,1202729,1202805,1202899,1203026,1203049,1203056,1203169,1203287,1203288,1203385,1203406,1203422,1203449,1203478,1203484,1203564,1203585,1203611,CVE-2021-41411,CVE-2021-42740,CVE-2021-43138,CVE-2022-0860,CVE-2022-31129 Maintenance update for SUSE Manager 4.3: Server and Proxy The following package changes have been done: - libtirpc-netconfig-1.2.6-150300.3.14.1 updated - glibc-2.31-150300.41.1 updated - perl-base-5.26.1-150300.17.11.1 updated - libgcrypt20-1.9.4-150400.6.5.1 updated - libgcrypt20-hmac-1.9.4-150400.6.5.1 updated - libsqlite3-0-3.39.3-150000.3.17.1 updated - libjitterentropy3-3.4.0-150000.1.6.1 added - libgcc_s1-11.3.0+git1637-150000.1.11.2 updated - libksba8-1.3.5-150000.4.3.1 updated - libassuan0-2.5.5-150000.4.3.1 updated - libstdc++6-11.3.0+git1637-150000.1.11.2 updated - libxml2-2-2.9.14-150400.5.10.1 updated - libopenssl1_1-1.1.1l-150400.7.10.5 updated - libopenssl1_1-hmac-1.1.1l-150400.7.10.5 updated - libzck1-1.1.16-150400.3.2.1 added - libtirpc3-1.2.6-150300.3.14.1 updated - permissions-20201225-150400.5.11.1 updated - libzypp-17.31.2-150400.3.9.1 updated - zypper-1.14.57-150400.3.9.1 updated - aaa_base-84.87+git20180409.04c9dae-150300.10.3.1 updated - libdevmapper1_03-1.02.163-150400.178.1 updated - libexpat1-2.4.4-150400.3.9.1 updated - libpython3_6m1_0-3.6.15-150300.10.30.1 updated - python3-base-3.6.15-150300.10.30.1 updated -python3-3.6.15-150300.10.30.1 updated - python3-uyuni-common-libs-4.3.6-150400.3.6.4 updated - python3-rpm-4.14.3-150300.49.1 updated - spacewalk-backend-4.3.16-150400.3.6.8 updated - python3-libxml2-2.9.14-150400.5.10.1 updated - python3-spacewalk-client-tools-4.3.12-150400.3.6.6 updated - spacewalk-client-tools-4.3.12-150400.3.6.6 updated - susemanager-tftpsync-recv-4.3.7-150400.3.3.3 updated . Urgent security patch released for SUSE Manager 4.3 Proxy HTTPD, fixing numerous vulnerabilities with comprehensive detailed release notes.. suse manager, security update, proxy-httpd, container advisory, critical security. . Severity: Critical. LinuxSecurity.com Team
Oct 26, 2022
•Critical
SuSE
100
security advisorysecurity issueimportantSUSE: 2022:871-1 Important: Proxy HTTPD Security Updates Included
The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/manager/4.3/proxy-httpd ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:871-1 Container Tags : suse/manager/4.3/proxy-httpd:4.3.0-public-beta , suse/manager/4.3/proxy-httpd:4.3.0-public-beta.2.23 , suse/manager/4.3/proxy-httpd:beta , suse/manager/4.3/proxy-httpd:latest Container Release : 2.23 Severity : important Type : security References : 1153625 1191157 1194883 1195251 1195258 1195628 1196093 1196107 1196332 1196647 1197004 1197024 1197459 1198062 1198237 CVE-2018-25032 CVE-2021-22570 CVE-2022-1271 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-httpd was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2019:2993-1 Released: Mon Nov 18 11:52:23 2019 Summary: Recommended update for tftp Type: recommended Severity: moderate References: 1153625 This update for tftp fixes the following issues: - Add tftp.socket requirement to the service unit section. (bsc#1153625) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1040-1 Released: Wed Mar 30 09:40:58 2022 Summary: Security update for protobuf Type: security Severity: moderate References: 1195258,CVE-2021-22570 This update for protobuf fixes the following issues: - CVE-2021-22570: Fix incorrect parsing of nullchar in the proto symbol (bsc#1195258). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1047-1 Released: Wed Mar 30 16:20:56 2022 Summary: Recommended update for pam Type: recommended Severity: moderate References: 1196093,1197024 This update for pamfixes the following issues: - Define _pam_vendordir as the variable is needed by systemd and others. (bsc#1196093) - Between allocating the variable 'ai' and free'ing them, there are two 'return NO' were we don't free this variable. This patch inserts freaddrinfo() calls before the 'return NO;'s. (bsc#1197024) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1061-1 Released: Wed Mar 30 18:27:06 2022 Summary: Security update for zlib Type: security Severity: important References: 1197459,CVE-2018-25032 This update for zlib fixes the following issues: - CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1099-1 Released: Mon Apr 4 12:53:05 2022 Summary: Recommended update for aaa_base Type: recommended Severity: moderate References: 1194883 This update for aaa_base fixes the following issues: - Set net.ipv4.ping_group_range to allow ICMP ping (bsc#1194883) - Include all fixes and changes for systemwide inputrc to remove the 8 bit escape sequence which interfere with UTF-8 multi byte characters as well as support the vi mode of readline library ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1158-1 Released: Tue Apr 12 14:44:43 2022 Summary: Security update for xz Type: security Severity: important References: 1198062,CVE-2022-1271 This update for xz fixes the following issues: - CVE-2022-1271: Fixed an incorrect escaping of malicious filenames (ZDI-CAN-16587). (bsc#1198062) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1204-1 Released: Thu Apr 14 12:15:55 2022 Summary: Recommended update for hwdata Type: recommended Severity: moderate References: 1196332 This update for hwdata fixes the following issues: - Updated pci, usb and vendor ids(bsc#1196332) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1281-1 Released: Wed Apr 20 12:26:38 2022 Summary: Recommended update for libtirpc Type: recommended Severity: moderate References: 1196647 This update for libtirpc fixes the following issues: - Add option to enforce connection via protocol version 2 first (bsc#1196647) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1374-1 Released: Mon Apr 25 15:02:13 2022 Summary: Recommended update for openldap2 Type: recommended Severity: moderate References: 1191157,1197004 This update for openldap2 fixes the following issues: - allow specification of max/min TLS version with TLS1.3 (bsc#1191157) - libldap was able to be out of step with openldap in some cases which could cause incorrect installations and symbol resolution failures. openldap2 and libldap now are locked to their related release versions. (bsc#1197004) - restore CLDAP functionality in CLI tools (jsc#PM-3288) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1409-1 Released: Tue Apr 26 12:54:57 2022 Summary: Recommended update for gcc11 Type: recommended Severity: moderate References: 1195628,1196107 This update for gcc11 fixes the following issues: - Add a list of Obsoletes to libstdc++6-pp-gcc11 so updates from packages provided by older GCC work. Add a requires from that package to the corresponding libstc++6 package to keep those at the same version. [bsc#1196107] - Fixed memory corruption when creating dependences with the D language frontend. - Add gcc11-PIE, similar to gcc-PIE but affecting gcc11 [bsc#1195628] - Put libstdc++6-pp Requires on the shared library and drop to Recommends. ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1438-1 Released: Wed Apr 27 15:27:19 2022 Summary: Recommended update for systemd-presets-common-SUSE Type: recommended Severity: low References: 1195251 This update for systemd-presets-common-SUSE fixes the following issue: - enable vgauthd service for VMWare by default (bsc#1195251) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1439-1 Released: Wed Apr 27 16:08:04 2022 Summary: Recommended update for binutils Type: recommended Severity: moderate References: 1198237 This update for binutils fixes the following issues: - The official name IBM z16 for IBM zSeries arch14 is recognized. (bsc#1198237) The following package changes have been done: - spacewalk-proxy-html-4.3.2-150400.1.4 added - filesystem-15.0-11.8.1 updated - libldap-data-2.4.46-150200.14.5.1 updated - libtirpc-netconfig-1.2.6-150300.3.3.1 updated - libssh-config-0.9.6-150400.1.2 updated - libzstd1-1.5.0-150400.1.58 updated - libuuid1-2.37.2-150400.6.12 updated - libudev1-249.11-150400.5.4 updated - libsmartcols1-2.37.2-150400.6.12 updated - libsepol1-3.1-150400.1.54 updated - libeconf0-0.4.4+git20220104.962774f-150400.1.26 updated - libcom_err2-1.46.4-150400.1.66 updated - libbz2-1-1.0.8-150400.1.105 updated - libblkid1-2.37.2-150400.6.12 updated - libaudit1-3.0.6-150400.1.35 updated - libgcrypt20-1.9.4-150400.4.1 updated - libgcrypt20-hmac-1.9.4-150400.4.1 updated - libfdisk1-2.37.2-150400.6.12 updated - libz1-1.2.11-150000.3.30.1 updated - liblzma5-5.2.3-150000.4.7.1 updated - libopenssl1_1-1.1.1l-150400.4.7 updated - libopenssl1_1-hmac-1.1.1l-150400.4.7 updated - libelf1-0.185-150400.3.22 updated - libselinux1-3.1-150400.1.54 updated - libxml2-2-2.9.12-150400.3.1 updated - libsystemd0-249.11-150400.5.4 updated - libyaml-cpp0_6-0.6.3-150400.2.1 updated - libreadline7-7.0-150400.25.10 updated - libdw1-0.185-150400.3.22 updated - libsemanage1-3.1-150400.1.51 updated - libmount1-2.37.2-150400.6.12 updated - krb5-1.19.2-150400.1.6 updated - bash-4.4-150400.25.10 updated - bash-sh-4.4-150400.25.10 updated - libssh4-0.9.6-150400.1.2 updated - login_defs-4.8.1-150400.8.42 updated -cpio-2.13-150400.1.84 updated - libprotobuf-lite20-3.9.2-4.12.1 updated - libldap-2_4-2-2.4.46-150200.14.5.1 updated - libtirpc3-1.2.6-150300.3.3.1 updated - sles-release-15.4-150400.51.3 updated - rpm-config-SUSE-1-150400.12.25 updated - permissions-20201225-150400.2.1 updated - libgpgme11-1.16.0-150400.1.73 updated - pam-1.3.0-150000.6.55.3 updated - libsolv-tools-0.7.22-150400.1.1 updated - shadow-4.8.1-150400.8.42 updated - libzypp-17.30.0-150400.1.1 updated - sysuser-shadow-3.1-150400.1.19 updated - zypper-1.14.52-150400.1.3 updated - system-group-hardware-20170617-150400.22.17 updated - util-linux-2.37.2-150400.6.12 updated - aaa_base-84.87+git20180409.04c9dae-3.57.1 updated - openssl-1_1-1.1.1l-150400.4.7 updated - bzip2-1.0.8-150400.1.114 updated - curl-7.79.1-150400.2.2 updated - kbd-legacy-2.4.0-150400.3.2 updated - libapparmor1-3.0.4-150400.3.1 updated - libatomic1-11.2.1+git610-150000.1.6.6 updated - libctf-nobfd0-2.37-150100.7.29.1 updated - libdbus-1-3-1.12.2-150400.16.50 updated - libdevmapper1_03-1.02.163-150400.15.85 updated - libexpat1-2.4.4-150400.2.17 updated - libgmodule-2_0-0-2.70.4-150400.1.2 updated - libgobject-2_0-0-2.70.4-150400.1.2 updated - libgomp1-11.2.1+git610-150000.1.6.6 updated - libitm1-11.2.1+git610-150000.1.6.6 updated - liblsan0-11.2.1+git610-150000.1.6.6 updated - libseccomp2-2.5.3-150400.2.2 updated - libtsan0-11.2.1+git610-150000.1.6.6 updated - libwrap0-7.6-1.433 added - linux-glibc-devel-5.14-150400.4.37 updated - openssl-1.1.1l-150400.1.3 updated - python-rpm-macros-20220106.80d3756-150400.1.37 updated - selinux-tools-3.1-150400.1.62 updated - sudo-1.9.9-150400.2.3 updated - system-user-wwwrun-20170617-150400.22.26 updated - systemd-presets-common-SUSE-15-150100.8.12.1 updated - xz-5.2.3-150000.4.7.1 updated - kbd-2.4.0-150400.3.2 updated - libgudev-1_0-0-237-150400.1.3 updated - libcryptsetup12-2.4.3-150400.1.98 updated - libcryptsetup12-hmac-2.4.3-150400.1.98 updated - shared-mime-info-2.1-150400.3.3 updated - uyuni-base-common-4.3.2-150400.1.13 updated -libctf0-2.37-150100.7.29.1 updated - binutils-2.37-150100.7.29.1 updated - dbus-1-1.12.2-150400.16.50 updated - tar-1.34-150400.1.4 updated - python3-uyuni-common-libs-4.3.4-150400.1.8 updated - python3-ordered-set-4.0.2-150400.1.2 updated - hwdata-0.357-150000.3.42.1 updated - apache2-utils-2.4.51-150400.4.3 updated - susemanager-build-keys-15.3.5-150400.1.2 updated - policycoreutils-3.1-150400.1.3 updated - systemd-249.11-150400.6.3 updated - gio-branding-SLE-15-150400.25.5 updated - libgio-2_0-0-2.70.4-150400.1.2 updated - glib2-tools-2.70.4-150400.1.2 updated - python3-pyudev-0.22.0+git.1642212208.d5630bf-150400.1.30 updated - susemanager-build-keys-web-15.3.5-150400.1.2 updated - tftp-5.2-5.3.1 added - logrotate-3.18.1-150400.1.6 updated - girepository-1_0-1.70.0-150400.2.7 updated - libgirepository-1_0-1-1.70.0-150400.2.7 updated - python3-setuptools-44.1.1-150400.1.2 updated - apache2-2.4.51-150400.4.3 updated - apache2-prefork-2.4.51-150400.4.3 updated - python3-gobject-3.42.0-150400.1.44 updated - spacewalk-base-minimal-4.3.12-150400.1.11 updated - apache2-mod_wsgi-4.7.1-150400.1.48 updated - spacewalk-ssl-cert-check-4.3.2-150400.1.15 updated - python3-pyOpenSSL-20.0.1-150400.1.2 updated - spacewalk-base-minimal-config-4.3.12-150400.1.11 updated - python3-rhnlib-4.3.4-150400.1.7 updated - spacewalk-backend-4.3.10-150400.1.26 updated - python3-libxml2-2.9.12-150400.3.2 updated - python3-dmidecode-3.12.2-150400.12.2 updated - python3-spacewalk-client-tools-4.3.9-150400.1.31 updated - spacewalk-client-tools-4.3.9-150400.1.31 updated - python3-spacewalk-certs-tools-4.3.11-150400.1.7 updated - spacewalk-certs-tools-4.3.11-150400.1.7 updated - mgr-push-4.3.4-150400.1.16 updated - python3-mgr-push-4.3.4-150400.1.16 updated - spacewalk-proxy-package-manager-4.3.8-150400.1.11 updated - spacewalk-proxy-common-4.3.8-150400.1.11 updated - spacewalk-proxy-broker-4.3.8-150400.1.11 updated - susemanager-tftpsync-recv-4.3.6-150400.1.3 added - spacewalk-proxy-redirect-4.3.8-150400.1.11 updated - less-590-150400.1.45removed - vim-8.0.1568-5.17.1 removed - vim-data-common-8.0.1568-5.17.1 removed . SUSE Container Update addresses critical patches for manager/4.3/proxy-httpd, ensuring enhanced security measures.. SUSE Container Update, Proxy HTTPD Security, Manager Patches, Container Advisory. . Severity: Important. LinuxSecurity.com Team
May 05, 2022
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!