Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -2 articles for you...
100
security advisorymoderatesecurity updateSUSE 4.3 Proxy Squid Update: Moderate Severity for CVE-2023-50495
The container suse/manager/4.3/proxy-squid was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/manager/4.3/proxy-squid ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:4229-1 Container Tags : suse/manager/4.3/proxy-squid:4.3.10 , suse/manager/4.3/proxy-squid:4.3.10.9.42.4 , suse/manager/4.3/proxy-squid:latest , suse/manager/4.3/proxy-squid:susemanager-4.3.10 , suse/manager/4.3/proxy-squid:susemanager-4.3.10.9.42.4 Container Release : 9.42.4 Severity : moderate Type : security References : 1201384 1218014 CVE-2023-50495 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-squid was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:4891-1 Released: Mon Dec 18 16:31:49 2023 Summary: Security update for ncurses Type: security Severity: moderate References: 1201384,1218014,CVE-2023-50495 This update for ncurses fixes the following issues: - CVE-2023-50495: Fixed a segmentation fault via _nc_wrap_entry() (bsc#1218014) - Modify reset command to avoid altering clocal if the terminal uses a modem (bsc#1201384) The following package changes have been done: - libncurses6-6.1-150000.5.20.1 updated - terminfo-base-6.1-150000.5.20.1 updated - ncurses-utils-6.1-150000.5.20.1 updated . Update announcement for SUSE Manager 4.3 Proxy Squid addressing CVE-2023-50496 classified as moderately severe.. SUSE Manager, Proxy Squid, Security Update, Container Advisory, ncurses. . LinuxSecurity.com Team
Dec 20, 2023
SuSE
100
security advisorysecurity issuemoderate severitySUSE: 2023:3898-1 moderate: Security vulnerability in Proxy Squid
The container suse/manager/4.3/proxy-squid was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/manager/4.3/proxy-squid ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:3898-1 Container Tags : suse/manager/4.3/proxy-squid:4.3.9 , suse/manager/4.3/proxy-squid:4.3.9.9.39.10 , suse/manager/4.3/proxy-squid:latest , suse/manager/4.3/proxy-squid:susemanager-4.3.9 , suse/manager/4.3/proxy-squid:susemanager-4.3.9.9.39.10 Container Release : 9.39.10 Severity : moderate Type : security References : 1216129 CVE-2023-45322 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-squid was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:4537-1 Released: Thu Nov 23 09:34:08 2023 Summary: Security update for libxml2 Type: security Severity: moderate References: 1216129,CVE-2023-45322 This update for libxml2 fixes the following issues: - CVE-2023-45322: Fixed a use-after-free in xmlUnlinkNode() in tree.c (bsc#1216129). The following package changes have been done: - libxml2-2-2.9.14-150400.5.25.1 updated . Keep up-to-date with the SUSE Container Security Announcement regarding suse/manager/4.3/proxy-squid, along with key updates that are crucial.. SUSE Container Update, Proxy Squid Security, libxml2 Fixes, Container Security Advisory. . LinuxSecurity.com Team
Nov 24, 2023
SuSE
100
security advisorydenial of serviceimportantSUSE: 2023:3840-1 Important Proxy Squid Security Update
The container suse/manager/4.3/proxy-squid was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/manager/4.3/proxy-squid ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:3840-1 Container Tags : suse/manager/4.3/proxy-squid:4.3.9 , suse/manager/4.3/proxy-squid:4.3.9.9.39.8 , suse/manager/4.3/proxy-squid:latest , suse/manager/4.3/proxy-squid:susemanager-4.3.9 , suse/manager/4.3/proxy-squid:susemanager-4.3.9.9.39.8 Container Release : 9.39.8 Severity : important Type : security References : 1216922 CVE-2023-5678 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-squid was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:4524-1 Released: Tue Nov 21 17:51:28 2023 Summary: Security update for openssl-1_1 Type: security Severity: important References: 1216922,CVE-2023-5678 This update for openssl-1_1 fixes the following issues: - CVE-2023-5678: Fixed generating and checking of excessively long X9.42 DH keys that resulted in a possible Denial of Service (bsc#1216922). The following package changes have been done: - libopenssl1_1-1.1.1l-150400.7.60.2 updated - libopenssl1_1-hmac-1.1.1l-150400.7.60.2 updated . Crucial announcement regarding SUSE Container 'suse/manager/4.3/proxy-squid' tackles a security vulnerability and enhances operational reliability.. SUSE Container, Proxy Squid, Security Update, OpenSSL, Advisory. . Severity: Important. LinuxSecurity.com Team
Nov 23, 2023
•Important
SuSE
100
security advisorysecurity updateimportantSUSE: 2023:3170-1 Important: Proxy Squid Security Update
The container suse/manager/4.3/proxy-squid was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/manager/4.3/proxy-squid ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:3170-1 Container Tags : suse/manager/4.3/proxy-squid:4.3.8 , suse/manager/4.3/proxy-squid:4.3.8.9.36.1 , suse/manager/4.3/proxy-squid:latest , suse/manager/4.3/proxy-squid:susemanager-4.3.8 , suse/manager/4.3/proxy-squid:susemanager-4.3.8.9.36.1 Container Release : 9.36.1 Severity : important Type : security References : 1186606 1194038 1194609 1194900 1195391 1201519 1204844 1205161 1206627 1207778 1208194 1209741 1210702 1211576 1212434 1213185 1213189 1213240 1213517 1213575 1213853 1213873 1214052 1214054 1214140 1214768 CVE-2023-36054 CVE-2023-3817 CVE-2023-39615 CVE-2023-4039 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-squid was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3285-1 Released: Fri Aug 11 10:30:38 2023 Summary: Recommended update for shadow Type: recommended Severity: moderate References: 1206627,1213189 This update for shadow fixes the following issues: - Prevent lock files from remaining after power interruptions (bsc#1213189) - Add --prefix support to passwd, chpasswd and chage (bsc#1206627) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3286-1 Released: Fri Aug 11 10:32:03 2023 Summary: Recommended update for util-linux Type: recommended Severity: moderate References: 1194038,1194900 This update for util-linux fixes the following issues: - Fix blkid for floppy drives (bsc#1194900) - Fix rpmbuild %checks fail when @ in the directory path(bsc#1194038) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3363-1 Released: Fri Aug 18 14:54:16 2023 Summary: Security update for krb5 Type: security Severity: important References: 1214054,CVE-2023-36054 This update for krb5 fixes the following issues: - CVE-2023-36054: Fixed a DoS that could be triggered by an authenticated remote user. (bsc#1214054) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3397-1 Released: Wed Aug 23 18:35:56 2023 Summary: Security update for openssl-1_1 Type: security Severity: moderate References: 1213517,1213853,CVE-2023-3817 This update for openssl-1_1 fixes the following issues: - CVE-2023-3817: Fixed a potential DoS due to excessive time spent checking DH q parameter value. (bsc#1213853) - Don't pass zero length input to EVP_Cipher because s390x assembler optimized AES cannot handle zero size. (bsc#1213517) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3410-1 Released: Thu Aug 24 06:56:32 2023 Summary: Recommended update for audit Type: recommended Severity: moderate References: 1201519,1204844 This update for audit fixes the following issues: - Create symbolic link from /sbin/audisp-syslog to /usr/sbin/audisp-syslog (bsc#1201519) - Fix rules not loaded when restarting auditd.service (bsc#1204844) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3451-1 Released: Mon Aug 28 12:15:22 2023 Summary: Recommended update for systemd Type: recommended Severity: moderate References: 1186606,1194609,1208194,1209741,1210702,1211576,1212434,1213185,1213575,1213873 This update for systemd fixes the following issues: - Fix reboot and shutdown issues by getting only active MD arrays (bsc#1211576, bsc#1212434, bsc#1213575) - Decrease devlink priority for iso disks (bsc#1213185) - Do not ignore mount point paths longer than 255 characters(bsc#1208194) - Refuse hibernation if there's no possible way to resume (bsc#1186606) - Update 'korean' and 'arabic' keyboard layouts (bsc#1210702) - Drop some entries no longer needed by YaST (bsc#1194609) - The 'systemd --user' instances get their own session keyring instead of the user default one (bsc#1209741) - Dynamically allocate receive buffer to handle large amount of mounts (bsc#1213873) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3611-1 Released: Fri Sep 15 09:28:36 2023 Summary: Recommended update for sysuser-tools Type: recommended Severity: moderate References: 1195391,1205161,1207778,1213240,1214140 This update for sysuser-tools fixes the following issues: - Update to version 3.2 - Always create a system group of the same name as the system user (bsc#1205161, bsc#1207778, bsc#1213240) - Add 'quilt setup' friendly hint to %sysusers_requires usage - Use append so if a pre file already exists it isn't overridden - Invoke bash for bash scripts (bsc#1195391) - Remove all systemd requires not supported on SLE15 (bsc#1214140) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3661-1 Released: Mon Sep 18 21:44:09 2023 Summary: Security update for gcc12 Type: security Severity: important References: 1214052,CVE-2023-4039 This update for gcc12 fixes the following issues: - CVE-2023-4039: Fixed incorrect stack protector for C99 VLAs on Aarch64 (bsc#1214052). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3699-1 Released: Wed Sep 20 11:02:50 2023 Summary: Security update for libxml2 Type: security Severity: important References: 1214768,CVE-2023-39615 This update for libxml2 fixes the following issues: - CVE-2023-39615: Fixed crafted xml can cause global buffer overflow (bsc#1214768). The following package changes have been done: - libuuid1-2.37.2-150400.8.20.1 updated - libsmartcols1-2.37.2-150400.8.20.1 updated -libblkid1-2.37.2-150400.8.20.1 updated - libaudit1-3.0.6-150400.4.13.1 updated - libfdisk1-2.37.2-150400.8.20.1 updated - libgcc_s1-12.3.0+git1204-150000.1.16.1 updated - libstdc++6-12.3.0+git1204-150000.1.16.1 updated - libxml2-2-2.9.14-150400.5.22.1 updated - libsystemd0-249.16-150400.8.33.1 updated - libopenssl1_1-1.1.1l-150400.7.53.1 updated - libopenssl1_1-hmac-1.1.1l-150400.7.53.1 updated - libmount1-2.37.2-150400.8.20.1 updated - krb5-1.19.2-150400.3.6.1 updated - login_defs-4.8.1-150400.10.9.1 updated - shadow-4.8.1-150400.10.9.1 updated - sysuser-shadow-3.2-150400.3.5.3 updated - util-linux-2.37.2-150400.8.20.1 updated . SUSE Container Notification for Proxy Squid includes critical security enhancements and resolutions for various packages detected.. SUSE Manager, Proxy Squid Update, Important Security Fixes. . Severity: Important. LinuxSecurity.com Team
Sep 28, 2023
•Important
SuSE
100
security advisorysecurity updateimportantSUSE: 2023:334-1 Important: Proxy Squid Security Update
The container suse/manager/4.3/proxy-squid was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/manager/4.3/proxy-squid ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:334-1 Container Tags : suse/manager/4.3/proxy-squid:4.3.4 , suse/manager/4.3/proxy-squid:4.3.4.9.22.1 , suse/manager/4.3/proxy-squid:latest Container Release : 9.22.1 Severity : important Type : security References : 1177460 1194038 1199467 1200723 1203652 1204585 1204944 1205000 1205000 1205502 1205646 1206308 1206309 1206337 1207182 1207264 1207533 1207534 1207536 1207538 CVE-2022-4304 CVE-2022-43551 CVE-2022-43552 CVE-2022-4415 CVE-2022-4415 CVE-2022-4450 CVE-2022-46908 CVE-2023-0215 CVE-2023-0286 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-squid was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4597-1 Released: Wed Dec 21 10:13:11 2022 Summary: Security update for curl Type: security Severity: important References: 1206308,1206309,CVE-2022-43551,CVE-2022-43552 This update for curl fixes the following issues: - CVE-2022-43552: HTTP Proxy deny use-after-free (bsc#1206309). - CVE-2022-43551: Fixed HSTS bypass via IDN (bsc#1206308). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4628-1 Released: Wed Dec 28 09:23:13 2022 Summary: Security update for sqlite3 Type: security Severity: moderate References: 1206337,CVE-2022-46908 This update for sqlite3 fixes the following issues: - CVE-2022-46908: Properly implement the azProhibitedFunctions protection mechanism, when relying on --safe for execution of an untrusted CLI script(bsc#1206337). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4629-1 Released: Wed Dec 28 09:24:07 2022 Summary: Security update for systemd Type: security Severity: important References: 1200723,1205000,CVE-2022-4415 This update for systemd fixes the following issues: - CVE-2022-4415: Fixed systemd-coredump that did not respect the fs.suid_dumpable kernel setting (bsc#1205000). Bug fixes: - Support by-path devlink for multipath nvme block devices (bsc#1200723). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:25-1 Released: Thu Jan 5 09:51:41 2023 Summary: Recommended update for timezone Type: recommended Severity: moderate References: 1177460 This update for timezone fixes the following issues: Version update from 2022f to 2022g (bsc#1177460): - In the Mexican state of Chihuahua: * The border strip near the US will change to agree with nearby US locations on 2022-11-30. * The strip's western part, represented by Ciudad Juarez, switches from -06 all year to -07/-06 with US DST rules, like El Paso, TX. * The eastern part, represented by Ojinaga, will observe US DST next year, like Presidio, TX. * A new Zone America/Ciudad_Juarez splits from America/Ojinaga. - Much of Greenland, represented by America/Nuuk, stops observing winter time after March 2023, so its daylight saving time becomes standard time. - Changes for pre-1996 northern Canada - Update to past DST transition in Colombia (1993), Singapore (1981) - 'timegm' is now supported by default ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:45-1 Released: Mon Jan 9 10:32:26 2023 Summary: Recommended update for libxml2 Type: recommended Severity: moderate References: 1204585 This update for libxml2 fixes the following issues: - Add W3C conformance tests to the testsuite (bsc#1204585): * Added file xmlts20080827.tar.gz ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:48-1 Released: Mon Jan 9 10:37:54 2023 Summary: Recommended update for libtirpc Type: recommended Severity: moderate References: 1199467 This update for libtirpc fixes the following issues: - Consider /proc/sys/net/ipv4/ip_local_reserved_ports, before binding to a random port (bsc#1199467) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:50-1 Released: Mon Jan 9 10:42:21 2023 Summary: Recommended update for shadow Type: recommended Severity: moderate References: 1205502 This update for shadow fixes the following issues: - Fix issue with user id field that cannot be interpreted (bsc#1205502) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:177-1 Released: Thu Jan 26 20:57:35 2023 Summary: Recommended update for util-linux Type: recommended Severity: moderate References: 1194038,1205646 This update for util-linux fixes the following issues: - Fix tests not passing when '@' character is in build path: Fixes rpmbuild %checks fail when @ in the directory path (bsc#1194038). - libuuid continuous clock handling for time based UUIDs: Prevent use of the new libuuid ABI by uuidd %post before update of libuuid1 (bsc#1205646). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:178-1 Released: Thu Jan 26 20:58:21 2023 Summary: Recommended update for openssl-1_1 Type: recommended Severity: moderate References: 1207182 This update for openssl-1_1 fixes the following issues: - FIPS: Add Pair-wise Consistency Test when generating DH key [bsc#1207182] ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:188-1 Released: Fri Jan 27 12:07:19 2023 Summary: Recommended update for zlib Type: recommended Severity: important References: 1203652 This update for zlib fixes thefollowing issues: - Follow up fix for bug bsc#1203652 due to libxml2 issues ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:201-1 Released: Fri Jan 27 15:24:15 2023 Summary: Security update for systemd Type: security Severity: moderate References: 1204944,1205000,1207264,CVE-2022-4415 This update for systemd fixes the following issues: - CVE-2022-4415: Fixed an issue where users could access coredumps with changed uid, gid or capabilities (bsc#1205000). Non-security fixes: - Enabled the pstore service (jsc#PED-2663). - Fixed an issue accessing TPM when secure boot is enabled (bsc#1204944). - Fixed an issue where a pamd file could get accidentally overwritten after an update (bsc#1207264). ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:311-1 Released: Tue Feb 7 17:36:32 2023 Summary: Security update for openssl-1_1 Type: security Severity: important References: 1207533,1207534,1207536,1207538,CVE-2022-4304,CVE-2022-4450,CVE-2023-0215,CVE-2023-0286 This update for openssl-1_1 fixes the following issues: - CVE-2023-0286: Fixed X.400 address type confusion in X.509 GENERAL_NAME_cmp for x400Address (bsc#1207533). - CVE-2023-0215: Fixed use-after-free following BIO_new_NDEF() (bsc#1207536). - CVE-2022-4450: Fixed double free after calling PEM_read_bio_ex() (bsc#1207538). - CVE-2022-4304: Fixed timing Oracle in RSA Decryption (bsc#1207534). The following package changes have been done: - libtirpc-netconfig-1.2.6-150300.3.17.1 updated - libuuid1-2.37.2-150400.8.14.1 updated - libsmartcols1-2.37.2-150400.8.14.1 updated - libblkid1-2.37.2-150400.8.14.1 updated - libfdisk1-2.37.2-150400.8.14.1 updated - libz1-1.2.11-150000.3.39.1 updated - libsqlite3-0-3.39.3-150000.3.20.1 updated - libxml2-2-2.9.14-150400.5.13.1 updated - libsystemd0-249.14-150400.8.19.1 updated - libopenssl1_1-1.1.1l-150400.7.22.1 updated - libopenssl1_1-hmac-1.1.1l-150400.7.22.1 updated -libmount1-2.37.2-150400.8.14.1 updated - login_defs-4.8.1-150400.10.3.1 updated - libtirpc3-1.2.6-150300.3.17.1 updated - libcurl4-7.79.1-150400.5.12.1 updated - shadow-4.8.1-150400.10.3.1 updated - util-linux-2.37.2-150400.8.14.1 updated - timezone-2022g-150000.75.18.1 updated . Critical SUSE Proxy Squid container update includes important security patches against various threats.. SUSE Manager, Security Update, Proxy Squid, Container Advisory. . Severity: Important. LinuxSecurity.com Team
Feb 11, 2023
•Important
SuSE
100
security advisorysecurity issueupdateSUSE: 2022:3376-1 Important Security Fix for Proxy Squid
The container suse/manager/4.3/proxy-squid was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/manager/4.3/proxy-squid ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:3376-1 Container Tags : suse/manager/4.3/proxy-squid:4.3.3 , suse/manager/4.3/proxy-squid:4.3.3.9.19.1 , suse/manager/4.3/proxy-squid:latest Container Release : 9.19.1 Severity : important Type : security References : 1177460 1190651 1198165 1201959 1202324 1203652 1204179 1204211 1204649 1204968 1205126 1205156 CVE-2022-3821 CVE-2022-42898 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-squid was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3961-1 Released: Mon Nov 14 07:33:50 2022 Summary: Recommended update for zlib Type: recommended Severity: important References: 1203652 This update for zlib fixes the following issues: - Fix updating strm.adler with inflate() if DFLTCC is used (bsc#1203652) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:3974-1 Released: Mon Nov 14 15:39:20 2022 Summary: Recommended update for util-linux Type: recommended Severity: moderate References: 1201959,1204211 This update for util-linux fixes the following issues: - Fix file conflict during upgrade (bsc#1204211) - libuuid improvements (bsc#1201959, PED-1150): libuuid: Fix range when parsing UUIDs. Improve cache handling for short running applications-increment the cache size over runtime. Implement continuous clock handling for time based UUIDs. Check clock value from clock file to provide seamless libuuid. ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:3999-1 Released: Tue Nov15 17:08:04 2022 Summary: Security update for systemd Type: security Severity: moderate References: 1204179,1204968,CVE-2022-3821 This update for systemd fixes the following issues: - CVE-2022-3821: Fixed buffer overrun in format_timespan() function (bsc#1204968). - Import commit 0cd50eedcc0692c1f907b24424215f8db7d3b428 * 0469b9f2bc pstore: do not try to load all known pstore modules * ad05f54439 pstore: Run after modules are loaded * ccad817445 core: Add trigger limit for path units * 281d818fe3 core/mount: also add default before dependency for automount mount units * ffe5b4afa8 logind: fix crash in logind on user-specified message string - Document udev naming scheme (bsc#1204179) - Make 'sle15-sp3' net naming scheme still available for backward compatibility reason ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:4066-1 Released: Fri Nov 18 10:43:00 2022 Summary: Recommended update for timezone Type: recommended Severity: important References: 1177460,1202324,1204649,1205156 This update for timezone fixes the following issues: Update timezone version from 2022a to 2022f (bsc#1177460, bsc#1204649, bsc#1205156): - Mexico will no longer observe DST except near the US border - Chihuahua moves to year-round -06 on 2022-10-30 - Fiji no longer observes DST - In vanguard form, GMT is now a Zone and Etc/GMT a link - zic now supports links to links, and vanguard form uses this - Simplify four Ontario zones - Fix a Y2438 bug when reading TZif data - Enable 64-bit time_t on 32-bit glibc platforms - Omit large-file support when no longer needed - Jordan and Syria switch from +02/+03 with DST to year-round +03 - Palestine transitions are now Saturdays at 02:00 - Simplify three Ukraine zones into one - Improve tzselect on intercontinental Zones - Chile's DST is delayed by a week in September 2022 (bsc#1202324) - Iran no longer observes DST after 2022 - Rename Europe/Kiev to Europe/Kyiv - New `zic -R` command option - Vanguard formnow uses %z ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:4135-1 Released: Mon Nov 21 00:13:40 2022 Summary: Recommended update for libeconf Type: recommended Severity: moderate References: 1198165 This update for libeconf fixes the following issues: - Update to version 0.4.6+git - econftool: Parsing error: Reporting file and line nr. --delimeters=spaces accepting all kind of spaces for delimiter. - libeconf: Parse files correctly on space characters (1198165) - Update to version 0.4.5+git - econftool: New call 'syntax' for checking the configuration files only. Returns an error string with line number if error. New options '--comment' and '--delimeters' ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4153-1 Released: Mon Nov 21 14:34:09 2022 Summary: Security update for krb5 Type: security Severity: important References: 1205126,CVE-2022-42898 This update for krb5 fixes the following issues: - CVE-2022-42898: Fixed integer overflow in PAC parsing (bsc#1205126). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:4212-1 Released: Thu Nov 24 15:53:48 2022 Summary: Recommended update for openssl-1_1 Type: recommended Severity: moderate References: 1190651 This update for openssl-1_1 fixes the following issues: - FIPS: Mark PBKDF2 with key shorter than 112 bits as non-approved (bsc#1190651) - FIPS: Consider RSA siggen/sigver with PKCS1 padding also approved (bsc#1190651) - FIPS: Return the correct indicator for a given EC group order bits (bsc#1190651) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:4256-1 Released: Mon Nov 28 12:36:32 2022 Summary: Recommended update for gcc12 Type: recommended Severity: moderate References: This update for gcc12 fixes the following issues: This update ship the GCC 12 compiler suite and its baselibraries. The compiler baselibraries are provided for all SUSE Linux Enterprise 15 versions and replace the same named GCC 11 ones. The new compilers for C, C++, and Fortran are provided for SUSE Linux Enterprise 15 SP3 and SP4, and provided in the 'Development Tools' module. The Go, D and Ada language compiler parts are available unsupported via the PackageHub repositories. To use gcc12 compilers use: - install 'gcc12' or 'gcc12-c++' or one of the other 'gcc12-COMPILER' frontend packages. - override your Makefile to use CC=gcc12, CXX=g++12 and similar overrides for the other languages. For a full changelog with all new GCC12 features, check out https://gcc.gnu.org/gcc-12/changes.html The following package changes have been done: - libuuid1-2.37.2-150400.8.8.1 updated - libsmartcols1-2.37.2-150400.8.8.1 updated - libeconf0-0.4.6+git20220427.3016f4e-150400.3.3.1 updated - libblkid1-2.37.2-150400.8.8.1 updated - libfdisk1-2.37.2-150400.8.8.1 updated - libz1-1.2.11-150000.3.36.1 updated - libgcc_s1-12.2.1+git416-150000.1.5.1 updated - libstdc++6-12.2.1+git416-150000.1.5.1 updated - libsystemd0-249.12-150400.8.13.1 updated - libopenssl1_1-1.1.1l-150400.7.16.1 updated - libopenssl1_1-hmac-1.1.1l-150400.7.16.1 updated - libmount1-2.37.2-150400.8.8.1 updated - krb5-1.19.2-150400.3.3.1 updated - util-linux-2.37.2-150400.8.8.1 updated - timezone-2022f-150000.75.15.1 updated . This notice details security enhancements for SUSE Manager Container version 4.3, focusing on urgent vulnerabilities and required fixes.. SUSE Manager, Proxy Squid, Important Updates. . Severity: Important. LinuxSecurity.com Team
Dec 14, 2022
•Important
SuSE
100
security advisoryimportantsuseSUSE: 2022:873-1 Important: Proxy Squid Security Fixes Applied
The container suse/manager/4.3/proxy-squid was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/manager/4.3/proxy-squid ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:873-1 Container Tags : suse/manager/4.3/proxy-squid:4.3.0-public-beta , suse/manager/4.3/proxy-squid:4.3.0-public-beta.2.14 , suse/manager/4.3/proxy-squid:beta , suse/manager/4.3/proxy-squid:latest Container Release : 2.14 Severity : important Type : security References : 1191157 1194883 1196093 1196275 1196406 1196647 1197004 1197024 1197459 1198062 CVE-2018-25032 CVE-2022-1271 ----------------------------------------------------------------- The container suse/manager/4.3/proxy-squid was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:936-1 Released: Tue Mar 22 18:10:17 2022 Summary: Recommended update for filesystem and systemd-rpm-macros Type: recommended Severity: moderate References: 1196275,1196406 This update for filesystem and systemd-rpm-macros fixes the following issues: filesystem: - Add path /lib/modprobe.d (bsc#1196275, jsc#SLE-20639) systemd-rpm-macros: - Make %_modprobedir point to /lib/modprobe.d (bsc#1196275, bsc#1196406) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1047-1 Released: Wed Mar 30 16:20:56 2022 Summary: Recommended update for pam Type: recommended Severity: moderate References: 1196093,1197024 This update for pam fixes the following issues: - Define _pam_vendordir as the variable is needed by systemd and others. (bsc#1196093) - Between allocating the variable 'ai' and free'ing them, there are two 'return NO' were we don't free this variable. This patch inserts freaddrinfo() calls before the 'return NO;'s.(bsc#1197024) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1061-1 Released: Wed Mar 30 18:27:06 2022 Summary: Security update for zlib Type: security Severity: important References: 1197459,CVE-2018-25032 This update for zlib fixes the following issues: - CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1099-1 Released: Mon Apr 4 12:53:05 2022 Summary: Recommended update for aaa_base Type: recommended Severity: moderate References: 1194883 This update for aaa_base fixes the following issues: - Set net.ipv4.ping_group_range to allow ICMP ping (bsc#1194883) - Include all fixes and changes for systemwide inputrc to remove the 8 bit escape sequence which interfere with UTF-8 multi byte characters as well as support the vi mode of readline library ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:1158-1 Released: Tue Apr 12 14:44:43 2022 Summary: Security update for xz Type: security Severity: important References: 1198062,CVE-2022-1271 This update for xz fixes the following issues: - CVE-2022-1271: Fixed an incorrect escaping of malicious filenames (ZDI-CAN-16587). (bsc#1198062) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1281-1 Released: Wed Apr 20 12:26:38 2022 Summary: Recommended update for libtirpc Type: recommended Severity: moderate References: 1196647 This update for libtirpc fixes the following issues: - Add option to enforce connection via protocol version 2 first (bsc#1196647) ----------------------------------------------------------------- Advisory ID: SUSE-RU-2022:1374-1 Released: Mon Apr 25 15:02:13 2022 Summary: Recommended update for openldap2 Type: recommended Severity: moderate References: 1191157,1197004 This update for openldap2 fixes the followingissues: - allow specification of max/min TLS version with TLS1.3 (bsc#1191157) - libldap was able to be out of step with openldap in some cases which could cause incorrect installations and symbol resolution failures. openldap2 and libldap now are locked to their related release versions. (bsc#1197004) - restore CLDAP functionality in CLI tools (jsc#PM-3288) The following package changes have been done: - filesystem-15.0-11.8.1 updated - libldap-data-2.4.46-150200.14.5.1 updated - libtirpc-netconfig-1.2.6-150300.3.3.1 updated - libssh-config-0.9.6-150400.1.2 updated - libzstd1-1.5.0-150400.1.58 updated - libuuid1-2.37.2-150400.6.12 updated - libsmartcols1-2.37.2-150400.6.12 updated - libsepol1-3.1-150400.1.54 updated - libeconf0-0.4.4+git20220104.962774f-150400.1.26 updated - libcom_err2-1.46.4-150400.1.66 updated - libbz2-1-1.0.8-150400.1.105 updated - libblkid1-2.37.2-150400.6.12 updated - libaudit1-3.0.6-150400.1.35 updated - libgcrypt20-1.9.4-150400.4.1 updated - libgcrypt20-hmac-1.9.4-150400.4.1 updated - libfdisk1-2.37.2-150400.6.12 updated - libz1-1.2.11-150000.3.30.1 updated - liblzma5-5.2.3-150000.4.7.1 updated - libopenssl1_1-1.1.1l-150400.4.7 updated - libopenssl1_1-hmac-1.1.1l-150400.4.7 updated - libelf1-0.185-150400.3.22 updated - libselinux1-3.1-150400.1.54 updated - libxml2-2-2.9.12-150400.3.1 updated - libsystemd0-249.11-150400.5.4 updated - libreadline7-7.0-150400.25.10 updated - libdw1-0.185-150400.3.22 updated - libsemanage1-3.1-150400.1.51 updated - libmount1-2.37.2-150400.6.12 updated - krb5-1.19.2-150400.1.6 updated - bash-4.4-150400.25.10 updated - bash-sh-4.4-150400.25.10 updated - libssh4-0.9.6-150400.1.2 updated - login_defs-4.8.1-150400.8.42 updated - cpio-2.13-150400.1.84 updated - libldap-2_4-2-2.4.46-150200.14.5.1 updated - libtirpc3-1.2.6-150300.3.3.1 updated - sles-release-15.4-150400.51.3 updated - rpm-config-SUSE-1-150400.12.25 updated - permissions-20201225-150400.2.1 updated - pam-1.3.0-150000.6.55.3 updated - shadow-4.8.1-150400.8.42 updated -sysuser-shadow-3.1-150400.1.19 updated - system-group-hardware-20170617-150400.22.17 updated - util-linux-2.37.2-150400.6.12 updated - aaa_base-84.87+git20180409.04c9dae-3.57.1 updated - libexpat1-2.4.4-150400.2.17 updated - libnettle8-3.7.3-150400.2.19 updated - libtdb1-1.4.4-150400.1.7 updated - squid-5.4.1-150400.1.13 updated . SUSE Container Upgrade Notification for suse/manager/4.3/proxy-squid, delivering essential patches for significant security risks.. SUSE Manager Container Update, Security Patches, Proxy Squid Updates. . Severity: Important. LinuxSecurity.com Team
May 05, 2022
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!