Stay Vigilant with Timely Linux Security Advisories

Loading...

security advisorymoderatevulnerability

openSUSE Tumbleweed regclient Moderate Threat CVE-2026-33814 2026-10763-1

An update that solves one vulnerability can now be installed.. # regclient-0.11.4-1.1 on GA media Announcement ID: openSUSE-SU-2026:10763-1 Rating: moderate Cross-References: * CVE-2026-33814 CVSS scores: * CVE-2026-33814 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Tumbleweed An update that solves one vulnerability can now be installed. ## Description: These are all security issues fixed in the regclient-0.11.4-1.1 package on the GA media of openSUSE Tumbleweed. ## Package List: * openSUSE Tumbleweed: * regclient 0.11.4-1.1 * regclient-bash-completion 0.11.4-1.1 * regclient-fish-completion 0.11.4-1.1 * regclient-zsh-completion 0.11.4-1.1 ## References: * https://www.suse.com/security/cve/CVE-2026-33814.html . An update has been released for openSUSE Tumbleweed addressing a moderate security issue in regclient.. openSUSE Tumbleweed, regclient update, moderate security issue. . LinuxSecurity.com Team

May 14, 2026 OpenSUSE

security advisorysecurity issuesoftware update

SUSE: 2024:3251-1 Important: Kernel Security Updates for Multiple Issues

* bsc#1082555 * bsc#1190317 * bsc#1196516 * bsc#1205462 * bsc#1210629 . # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:3251-1 Rating: important References: * bsc#1082555 * bsc#1190317 * bsc#1196516 * bsc#1205462 * bsc#1210629 * bsc#1214285 * bsc#1216834 * bsc#1221252 * bsc#1222335 * bsc#1222387 * bsc#1222808 * bsc#1223074 * bsc#1223803 * bsc#1224479 * bsc#1224579 * bsc#1224640 * bsc#1224896 * bsc#1224923 * bsc#1224984 * bsc#1225190 * bsc#1225223 * bsc#1225483 * bsc#1225508 * bsc#1225578 * bsc#1226323 * bsc#1226629 * bsc#1226653 * bsc#1226754 * bsc#1226798 * bsc#1226801 * bsc#1226885 * bsc#1227069 * bsc#1227623 * bsc#1227820 * bsc#1227996 * bsc#1228065 * bsc#1228247 * bsc#1228410 * bsc#1228427 * bsc#1228449 * bsc#1228466 * bsc#1228467 * bsc#1228482 * bsc#1228485 * bsc#1228487 * bsc#1228493 * bsc#1228495 * bsc#1228501 * bsc#1228513 * bsc#1228516 * bsc#1228576 * bsc#1228579 * bsc#1228667 * bsc#1228706 * bsc#1228709 * bsc#1228720 * bsc#1228727 * bsc#1228733 * bsc#1228801 * bsc#1228850 * bsc#1228959 * bsc#1228964 * bsc#1228966 * bsc#1228967 * bsc#1228982 * bsc#1228989 * bsc#1229154 * bsc#1229156 * bsc#1229222 * bsc#1229229 * bsc#1229290 * bsc#1229292 * bsc#1229301 * bsc#1229309 * bsc#1229327 * bsc#1229345 * bsc#1229346 * bsc#1229347 * bsc#1229357 * bsc#1229358 * bsc#1229359 * bsc#1229381 * bsc#1229382 * bsc#1229386 * bsc#1229388 * bsc#1229392 * bsc#1229395 * bsc#1229398 * bsc#1229399 * bsc#1229400 * bsc#1229407 * bsc#1229457 * bsc#1229462 * bsc#1229482 * bsc#1229489 * bsc#1229490 * bsc#1229495 * bsc#1229497 * bsc#1229500 * bsc#1229503 * bsc#1229516 * bsc#1229526 * bsc#1229531 * bsc#1229535 * bsc#1229536 * bsc#1229540 * bsc#1229604 * bsc#1229623 * bsc#1229624 * bsc#1229630 * bsc#1229632 * bsc#1229657 * bsc#1229658 * bsc#1229664 * bsc#1229707 * bsc#1229756 *bsc#1229759 * bsc#1229761 * bsc#1229767 * bsc#1229784 * bsc#1229787 * bsc#1229851 Cross-References: * CVE-2021-4440 * CVE-2021-47257 * CVE-2021-47289 * CVE-2021-47341 * CVE-2021-47373 * CVE-2021-47425 * CVE-2021-47549 * CVE-2022-48751 * CVE-2022-48769 * CVE-2022-48786 * CVE-2022-48822 * CVE-2022-48865 * CVE-2022-48875 * CVE-2022-48896 * CVE-2022-48899 * CVE-2022-48905 * CVE-2022-48910 * CVE-2022-48919 * CVE-2022-48920 * CVE-2022-48925 * CVE-2022-48930 * CVE-2022-48931 * CVE-2022-48938 * CVE-2023-2176 * CVE-2023-52708 * CVE-2023-52893 * CVE-2023-52901 * CVE-2023-52907 * CVE-2024-26668 * CVE-2024-26677 * CVE-2024-26812 * CVE-2024-26851 * CVE-2024-27011 * CVE-2024-35915 * CVE-2024-35933 * CVE-2024-35965 * CVE-2024-36013 * CVE-2024-36270 * CVE-2024-36286 * CVE-2024-38618 * CVE-2024-38662 * CVE-2024-39489 * CVE-2024-40984 * CVE-2024-41012 * CVE-2024-41016 * CVE-2024-41020 * CVE-2024-41035 * CVE-2024-41062 * CVE-2024-41068 * CVE-2024-41087 * CVE-2024-41097 * CVE-2024-41098 * CVE-2024-42077 * CVE-2024-42082 * CVE-2024-42090 * CVE-2024-42101 * CVE-2024-42106 * CVE-2024-42110 * CVE-2024-42148 * CVE-2024-42155 * CVE-2024-42157 * CVE-2024-42158 * CVE-2024-42162 * CVE-2024-42226 * CVE-2024-42228 * CVE-2024-42232 * CVE-2024-42236 * CVE-2024-42240 * CVE-2024-42244 * CVE-2024-42246 * CVE-2024-42259 * CVE-2024-42271 * CVE-2024-42280 * CVE-2024-42281 * CVE-2024-42284 * CVE-2024-42285 * CVE-2024-42286 * CVE-2024-42287 * CVE-2024-42288 * CVE-2024-42289 * CVE-2024-42301 * CVE-2024-42309 * CVE-2024-42310 * CVE-2024-42312 * CVE-2024-42322 * CVE-2024-43819 * CVE-2024-43831 * CVE-2024-43839 * CVE-2024-43853 * CVE-2024-43854 * CVE-2024-43856 * CVE-2024-43861 * CVE-2024-43863 * CVE-2024-43866 * CVE-2024-43871 * CVE-2024-43872 * CVE-2024-43879 * CVE-2024-43882 * CVE-2024-43883 * CVE-2024-43892 * CVE-2024-43893 *CVE-2024-43900 * CVE-2024-43902 * CVE-2024-43905 * CVE-2024-43907 CVSS scores: * CVE-2021-4440 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L * CVE-2021-47257 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47341 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47373 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2021-47425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2021-47549 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48751 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48769 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48786 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H * CVE-2022-48822 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48822 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48865 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48865 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48875 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48875 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48896 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48899 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48899 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48905 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48910 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2022-48910 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48919 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48919 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48919 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48920 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2022-48920 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48920 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48925 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48930 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48930 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48931 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48931 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-48938 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-48938 ( SUSE ): 6.6 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48938 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2176 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-2176 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52708 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52893 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52901 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26668 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26677 ( SUSE ): 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26812 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26851 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-27011 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35915 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35933 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35965 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36270 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36270 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-36286 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-38618 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38662 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-38662 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-39489 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-39489 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-40984 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41012 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41012 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41016 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-41020 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-41020 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H * CVE-2024-41035 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41062 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41062 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41068 ( SUSE ): 3.3CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-41087 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41087 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41097 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41097 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41098 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41098 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42077 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42082 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42082 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42090 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42090 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42101 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42101 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42106 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42110 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42148 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42148 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42155 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-42155 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42155 ( NVD ): 1.9 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N * CVE-2024-42157 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42157 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-42158 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42158 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N *CVE-2024-42162 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42162 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42226 ( SUSE ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42226 ( NVD ): 4.6 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42228 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42228 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42232 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42232 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42236 ( SUSE ): 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N * CVE-2024-42236 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-42236 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42240 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42240 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42244 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42244 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42244 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42246 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42246 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42259 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-42259 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H * CVE-2024-42259 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42271 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42271 ( SUSE): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42271 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42280 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42280 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42281 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42284 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42284 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42285 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42285 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42286 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42286 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42287 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42287 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42288 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42288 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42289 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42289 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42301 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42301 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42309 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42309 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42310 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42310 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42312 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-42322 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43819 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43831 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43839 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43853 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43854 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43856 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43861 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43863 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43863 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43866 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43871 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43871 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43872 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43882 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43882 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43883 ( SUSE ): 5.4 CVSS:4.0/AV:P/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-43883 ( SUSE ): 6.4 CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43892 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43892 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43892 ( NVD ): 4.7CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43893 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43893 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43900 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43900 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-43902 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43902 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43902 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43905 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43905 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43905 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43907 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-43907 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-43907 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Availability Extension 12 SP5 * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 An update that solves 105 vulnerabilities and has 17 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security bugfixes. The following security bugs were fixed: * CVE-2024-35965: Fix not validating setsockopt user input (bsc#1224579). * CVE-2024-35933: Fixed build regression (bsc#1224640). * CVE-2024-43883:Do not drop references before new references are gained (bsc#1229707). * CVE-2024-41062: Sync sock recv cb and release (bsc#1228576). * CVE-2024-42259: Fix Virtual Memory mapping boundaries calculation (bsc#1229156) * CVE-2024-43861: Fix memory leak for not ip packets (bsc#1229500). * CVE-2024-43863: Fix a deadlock in dma buf fence polling (bsc#1229497) * CVE-2024-41087: Fix double free on error (bsc#1228466). * CVE-2024-43907: Fix the null pointer dereference in apply_state_adjust_rules (bsc#1229787). * CVE-2024-43905: Fix the null pointer dereference for vega10_hwmgr (bsc#1229784). * CVE-2024-43893: Check uartclk for zero to avoid divide by zero (bsc#1229759). * CVE-2024-43900: Avoid use-after-free in load_firmware_cb() (bsc#1229756). * CVE-2024-43902: Add null checker before passing variables (bsc#1229767). * CVE-2022-48920: Get rid of warning on transaction commit when using flushoncommit (bsc#1229658). * CVE-2024-26812: Struct virqfd kABI workaround (bsc#1222808). * CVE-2024-43882: Fixed ToCToU between perm check and set-uid/gid usage. (bsc#1229503) * CVE-2024-43866: Always drain health in shutdown callback (bsc#1229495). * CVE-2022-48910: Ensure we call ipv6_mc_down() at most once (bsc#1229632) * CVE-2023-52893: Fix null-deref in gsmi_get_variable (bsc#1229535) * CVE-2024-42155: Wipe copies of protected- and secure-keys (bsc#1228733). * CVE-2022-48875: Initialize struct pn533_out_arg properly (bsc#1229516). * CVE-2023-52907: Wait for out_urb's completion in pn533_usb_send_frame() (bsc#1229526). * CVE-2024-43871: Fix memory leakage caused by driver API devm_free_percpu() (bsc#1229490) * CVE-2024-42158: Use kfree_sensitive() to fix Coccinelle warnings (bsc#1228720). * CVE-2024-43872: Fix soft lockup under heavy CEQE load (bsc#1229489) * CVE-2024-39489: Fix memleak in seg6_hmac_init_algo (bsc#1227623) * CVE-2024-42226: Prevent potential failure in handle_tx_event() for Transfer events without TRB (bsc#1228709). *CVE-2024-42236: Prevent OOB read/write in usb_string_copy() (bsc#1228964). * CVE-2024-42244: Fix crash on resume (bsc#1228967). * CVE-2024-43879: Handle 2x996 RU allocation in cfg80211_calculate_bitrate_he() (bsc#1229482). * CVE-2024-27011: Fix memleak in map from abort path (bsc#1223803). * CVE-2024-36013: Fix slab-use-after-free in l2cap_connect() (bsc#1225578). * CVE-2024-41020: Fix fcntl/close race recovery compat path (bsc#1228427). * CVE-2024-41012: Remove locks reliably when fcntl/close race is detected (bsc#1228247). * CVE-2024-26668: Reject configurations that cause integer overflow (bsc#1222335). * CVE-2024-43819: Reject memory region operations for ucontrol VMs (bsc#1229290). * CVE-2024-42157: Wipe sensitive data on failure (bsc#1228727). * CVE-2021-47341: Fix use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio (bsc#1224923). * CVE-2024-43839: Adjust 'name' buf size of bna_tcb and bna_ccb structures (bsc#1229301). * CVE-2022-48769: Avoid EFIv2 runtime services on Apple x86 machines (bsc#1226629). * CVE-2024-43856: Fix call order in dmam_free_coherent (bsc#1229346). * CVE-2024-36286: Acquire rcu_read_lock() in instance_destroy_rcu() (bsc#1226801) * CVE-2024-26851: Add protection for bmp length out of range (bsc#1223074) * CVE-2024-40984: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." (bsc#1227820). * CVE-2024-26677: Blacklist e7870cf13d20 (" Fix delayed ACKs to not set the reference serial number") (bsc#1222387) * CVE-2024-42280: Fix a use after free in hfcmulti_tx() (bsc#1229388) * CVE-2024-42284: Return non-zero value from tipc_udp_addr2str() on error (bsc#1229382) * CVE-2024-42312: Always initialize i_uid/i_gid (bsc#1229357) * CVE-2024-42310: Fix null pointer dereference in cdv_intel_lvds_get_modes (bsc#1229358) * CVE-2024-42309: Fix null pointer dereference in psb_intel_lvds_get_modes (bsc#1229359) * CVE-2024-43854: Initialize integrity buffer to zero before writingit to media (bsc#1229345) * CVE-2024-42322: Properly dereference pe in ip_vs_add_service (bsc#1229347) * CVE-2024-42301: Fix the array out-of-bounds risk (bsc#1229407). * CVE-2024-42285: Fix a use-after-free related to destroying CM IDs (bsc#1229381) * CVE-2024-43831: Handle invalid decoder vsi (bsc#1229309). * CVE-2024-42281: Fix a segment issue when downgrading gso_size (bsc#1229386). * CVE-2024-42271: Fixed a use after free in iucv_sock_close(). (bsc#1229400) * CVE-2024-38618: Set lower bound of start tick time (bsc#1226754). * CVE-2024-41035: Fix duplicate endpoint bug by clearing reserved bits in the descriptor (bsc#1228485) * CVE-2024-42162: Account for stopped queues when reading NIC stats (bsc#1228706). * CVE-2023-52708: Fix error handling in mmc_spi_probe() (bsc#1225483). * CVE-2021-47549: Fix UAF in sata_fsl_port_stop when rmmod sata_fsl (bsc#1225508). * CVE-2021-47373: Fix potential VPE leak on error (bsc#1225190). * CVE-2021-47425: Fix resource leak in reconfiguration device addition (bsc#1225223). * CVE-2024-42246: Remap EPERM in case of connection failure in xs_tcp_setup_socket (bsc#1228989). * CVE-2024-41098: Fix null pointer dereference on error (bsc#1228467). * CVE-2021-4440: Drop USERGS_SYSRET64 paravirt call ( bsc#1227069). * CVE-2022-48786: Remove vsock from connected table when connect is interrupted by a signal (bsc#1227996). * CVE-2024-42232: Fixed a race between delayed_work() and ceph_monc_stop(). (bsc#1228959) * CVE-2024-35915: Fix uninit-value in nci_dev_up and nci_ntf_packet (bsc#1224479). * CVE-2024-38662: Cover verifier checks for mutating sockmap/sockhash (bsc#1226885). * CVE-2024-42110: Move ntb_netdev_rx_handler() to call netif_rx() from __netif_rx() (bsc#1228501). * CVE-2024-42148: Fix multiple UBSAN array-index-out-of-bounds (bsc#1228487). * CVE-2024-42106: Initialize pad field in struct inet_diag_req_v2 (bsc#1228493). * CVE-2022-48865: Fix kernel panic when enabling bearer(bsc#1228065). * CVE-2024-41068: Fix sclp_init() cleanup on failure (bsc#1228579). * CVE-2024-42082: Remove WARN() from __xdp_reg_mem_model() (bsc#1228482). * CVE-2024-42090: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER (bsc#1228449). * CVE-2024-42101: Fix null pointer dereference in nouveau_connector_get_modes (bsc#1228495). * CVE-2024-42228: Using uninitialized value *size when calling amdgpu_vce_cs_reloc (bsc#1228667). * CVE-2021-47257: fix null deref in parse dev addr (bsc#1224896). The following non-security bugs were fixed: * arm64: ACPI: NUMA: initialize all values of acpi_early_node_map to (git- fixes) * Bluetooth: L2CAP: Fix deadlock (git-fixes). * btrfs: fix processing of delayed tree block refs during backref walking (bsc#1228982). * btrfs: Remove unused op_key var from add_delayed_refs (bsc#1228982). * cgroup/cpuset: Prevent UAF in proc_cpuset_show() (bsc#1228801). * char: tpm: Protect tpm_pm_suspend with locks (bsc#1082555). * cpu/SMT: Enable SMT only if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). * fuse: Initialize beyond-EOF page contents before setting uptodate (bsc#1229457). * genirq: Delay deactivation in free_irq() (git-fixes). * genirq: Make sure the initial affinity is not empty (git-fixes). * genirq/generic_chip: Make irq_remove_generic_chip() irqdomain aware (git- fixes). * genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask() (git- fixes). * genirq/irqdesc: Do not try to remove non-existing sysfs files (git-fixes). * genirq/irqdomain: Check pointer in irq_domain_alloc_irqs_hierarchy() (git- fixes). * genirq/msi: Activate Multi-MSI early when MSI_FLAG_ACTIVATE_EARLY is set (git-fixes). * genirq/msi: Ensure deactivation on teardown (git-fixes). * genirq/proc: Reject invalid affinity masks (again) (git-fixes). * gss_krb5: Fix the error handling path for crypto_sync_skcipher_setkey (git- fixes). * ip6_tunnel: Fix broken GRO(bsc#1226323). * irqdomain: Drop bogus fwspec-mapping error handling (git-fixes). * irqdomain: Fix association race (git-fixes). * irqdomain: Fix domain registration race (git-fixes). * irqdomain: Fix mapping-creation race (git-fixes). * irqdomain: Fixed unbalanced fwnode get and put (git-fixes). * irqdomain: Look for existing mapping only once (git-fixes). * irqdomain: Refactor __irq_domain_alloc_irqs() (git-fixes). * kABI: do not change return type of tpm_tis_update_timeouts (bsc#1082555). * kABI: do not rename tpm_do_selftest, tpm_pcr_read_dev, and tpm1_getcap (bsc#1082555). * kABI: Do not rename tpm_getcap (bsc#1082555). * kABI: genirq: Delay deactivation in free_irq() (kabi git-fixes). * kABI: Hide the new last_cc member in a hole in struct tpm_chip (bsc#1082555). * kABI: Instead of changing the pcr argument type add a local variable of the desired type, and assign it from the actual argument (bsc#1082555). * kABI: no need to store the tpm long long duration in tpm_chip struct, it is an arbitrary hardcoded value (bsc#1082555). * kABI: re-export tpm2_calc_ordinal_duration (bsc#1082555). * kABI: tpm-interface: Hide new include from genksyms (bsc#1082555). * kABI: tpm2-space: Do not add buf_size to struct tpm_space (bsc#1082555). * kabi/severities: Ignore tpm_transmit_cmd and tpm_tis_core_init (bsc#1082555). * KVM: s390: Do not report unusabled IDs via KVM_CAP_MAX_VCPU_ID (git-fixes bsc#1229222). * memcg: protect concurrent access to mem_cgroup_idr (git-fixes). * net: mana: Fix doorbell out of order violation and avoid unnecessary doorbell rings (bsc#1229154). * net: mana: Fix race on per-CQ variable napi work_done (bsc#1229154). * netfilter: nf_conntrack_h323: restore boundary check correctness (bsc#1223074) * netfilter: nf_ct_h323: Convert CHECK_BOUND macro to function (bsc#1223074) * netfilter: nf_ct_h323: Extend nf_h323_error_boundary to work on bits as well (bsc#1223074) * netfilter: nf_ct_h323: Out Of Bound Read inNetfilter Conntrack (bsc#1223074) * nfc: nci: Fix handling of zero-length payload packets in nci_rx_work() (git- fixes). * nfc: nci: Fix kcov check in nci_rx_work() (git-fixes). * nfc: nci: Fix uninit-value in nci_rx_work (git-fixes). * powerpc/topology: Check if a core is online (bsc#1214285 bsc#1205462 ltc#200161 ltc#200588 git-fixes). * s390/uv: Panic for set and remove shared access UVC errors (git-fixes bsc#1229229). * scsi: target: core: Silence the message about unknown VPD pages (bsc#1221252 bsc#1229462). * tpm_tis_core: Turn on the TPM before probing IRQ's (bsc#1082555). * tpm_tis: Add a check for invalid status (bsc#1082555). * tpm_tis: Explicitly check for error code (bsc#1082555). * tpm_tis: Fix an error handling path in 'tpm_tis_core_init()' (bsc#1082555). * tpm_tis: Resend command to recover from data transfer errors (bsc#1082555). * tpm_tis: reserve chip for duration of tpm_tis_core_init (bsc#1082555). * tpm_tis: Use tpm_chip_{start,stop} decoration inside tpm_tis_resume (bsc#1082555). * tpm, tpm_tis: Avoid cache incoherency in test for interrupts (bsc#1082555). * tpm, tpm_tis: Claim locality before writing interrupt registers (bsc#1082555). * tpm, tpm_tis: Claim locality before writing TPM_INT_ENABLE register (bsc#1082555). * tpm, tpm_tis: Claim locality when interrupts are reenabled on resume (bsc#1082555). * tpm, tpm_tis: correct tpm_tis_flags enumeration values (bsc#1082555). * tpm, tpm_tis: Decorate tpm_get_timeouts() with request_locality() (bsc#1082555). * tpm, tpm_tis: Decorate tpm_tis_gen_interrupt() with request_locality() (bsc#1082555). * tpm, tpm_tis: Disable interrupts if tpm_tis_probe_irq() failed (bsc#1082555). * tpm, tpm_tis: Do not skip reset of original interrupt vector (bsc#1082555). * tpm, tpm_tis: Extend locality handling to TPM2 in tpm_tis_gen_interrupt() (bsc#1082555). * tpm, tpm_tis: Only handle supported interrupts (bsc#1082555). * tpm, tpm_tis: Reserve locality intpm_tis_resume() (bsc#1082555). * tpm, tpm: Implement usage counter for locality (bsc#1082555). * tpm, tpmrm: Mark tpmrm_write as static (bsc#1082555). * tpm: access command header through struct in tpm_try_transmit() (bsc#1082555). * tpm: Actually fail on TPM errors during "get random" (bsc#1082555). * tpm: Add a flag to indicate TPM power is managed by firmware (bsc#1082555). * tpm: add ptr to the tpm_space struct to file_priv (bsc#1082555). * tpm: add support for nonblocking operation (bsc#1082555). * tpm: add support for partial reads (bsc#1082555). * tpm: add tpm_auto_startup() into tpm-interface.c (bsc#1082555). * tpm: add tpm_calc_ordinal_duration() wrapper (bsc#1082555). * tpm: Allow system suspend to continue when TPM suspend fails (bsc#1082555). * tpm: clean up tpm_try_transmit() error handling flow (bsc#1082555). * tpm: declare struct tpm_header (bsc#1082555). * tpm: do not return bool from update_timeouts (bsc#1082555). * tpm: encapsulate tpm_dev_transmit() (bsc#1082555). * tpm: factor out tpm 1.x duration calculation to tpm1-cmd.c (bsc#1082555). * tpm: factor out tpm 1.x pm suspend flow into tpm1-cmd.c (bsc#1082555). * tpm: factor out tpm_get_timeouts() (bsc#1082555). * tpm: factor out tpm_startup function (bsc#1082555). * tpm: factor out tpm1_get_random into tpm1-cmd.c (bsc#1082555). * tpm: fix an invalid condition in tpm_common_poll (bsc#1082555). * tpm: fix Atmel TPM crash caused by too frequent queries (bsc#1082555). * tpm: Fix buffer access in tpm2_get_tpm_pt() (bsc#1082555). * tpm: fix buffer type in tpm_transmit_cmd (bsc#1082555). * tpm: fix byte order related arithmetic inconsistency in tpm_getcap() (bsc#1082555). * tpm: Fix error handling in async work (bsc#1082555). * tpm: fix invalid locking in NONBLOCKING mode (bsc#1082555). * tpm: fix invalid return value in pubek_show() (bsc#1082555). * tpm: fix NPE on probe for missing device (bsc#1082555). * tpm: Fix null pointer dereference on chip register error path(bsc#1082555). * tpm: Fix TIS locality timeout problems (bsc#1082555). * tpm: Handle negative priv-> response_len in tpm_common_read() (bsc#1082555). * tpm: introduce tpm_chip_start() and tpm_chip_stop() (bsc#1082555). * tpm: migrate pubek_show to struct tpm_buf (bsc#1082555). * tpm: migrate tpm2_get_random() to use struct tpm_buf (bsc#1082555). * tpm: migrate tpm2_get_tpm_pt() to use struct tpm_buf (bsc#1082555). * tpm: migrate tpm2_probe() to use struct tpm_buf (bsc#1082555). * tpm: migrate tpm2_shutdown() to use struct tpm_buf (bsc#1082555). * tpm: move TPM 1.2 code of tpm_pcr_extend() to tpm1_pcr_extend() (bsc#1082555). * tpm: move tpm 1.x selftest code from tpm-interface.c tpm1-cmd.c (bsc#1082555). * tpm: move TPM space code out of tpm_transmit() (bsc#1082555). * tpm: move tpm_getcap to tpm1-cmd.c (bsc#1082555). * tpm: move tpm_validate_commmand() to tpm2-space.c (bsc#1082555). * tpm: move tpm1_pcr_extend to tpm1-cmd.c (bsc#1082555). * tpm: Prevent hwrng from activating during resume (bsc#1082555). * tpm: print tpm2_commit_space() error inside tpm2_commit_space() (bsc#1082555). * tpm: remove @flags from tpm_transmit() (bsc#1082555). * tpm: remove @space from tpm_transmit() (bsc#1082555). * tpm: remove struct tpm_pcrextend_in (bsc#1082555). * tpm: Remove tpm_dev_wq_lock (bsc#1082555). * tpm: remove TPM_TRANSMIT_UNLOCKED flag (bsc#1082555). * tpm: rename tpm_chip_find_get() to tpm_find_get_ops() (bsc#1082555). * tpm: replace TPM_TRANSMIT_RAW with TPM_TRANSMIT_NESTED (bsc#1082555). * tpm: Replace WARN_ONCE() with dev_err_once() in tpm_tis_status() (bsc#1082555). * tpm: return 0 from pcrs_show() when tpm1_pcr_read() fails (bsc#1082555). * tpm: Revert "tpm_tis_core: Set TPM_CHIP_FLAG_IRQ before probing for interrupts" (bsc#1082555). * tpm: Revert "tpm_tis_core: Turn on the TPM before probing IRQ's" (bsc#1082555). * tpm: Revert "tpm_tis: reserve chip for duration of tpm_tis_core_init" (bsc#1082555). * tpm: take TPM chip powergating out of tpm_transmit() (bsc#1082555). * tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak (bsc#1082555). * tpm: tpm_tis: Add the missed acpi_put_table() to fix memory leak (bsc#1082555). * tpm: tpm_vtpm_proxy: fix a race condition in /dev/vtpmx creation (bsc#1082555). * tpm: tpm1_bios_measurements_next should increase position index (bsc#1082555). * tpm: tpm1: rewrite tpm1_get_random() using tpm_buf structure (bsc#1082555). * tpm: turn on TPM on suspend for TPM 1.x (bsc#1082555). * tpm: Unify the mismatching TPM space buffer sizes (bsc#1082555). * tpm: use tpm_buf in tpm_transmit_cmd() as the IO parameter (bsc#1082555). * tpm: use tpm_msleep() value as max delay (bsc#1082555). * tpm: use tpm_try_get_ops() in tpm-sysfs.c (bsc#1082555). * tpm: use u32 instead of int for PCR index (bsc#1082555). * tpm: vtpm_proxy: Avoid reading host log when using a virtual device (bsc#1082555). * tpm: vtpm_proxy: Prevent userspace from sending driver command (bsc#1082555). * tpm: Wrap the buffer from the caller to tpm_buf in tpm_send() (bsc#1082555). * tpm/tpm_crb: Fix error message in __crb_relinquish_locality() (bsc#1082555). * tpm1: implement tpm1_pcr_read_dev() using tpm_buf structure (bsc#1082555). * tpm1: reimplement SAVESTATE using tpm_buf (bsc#1082555). * tpm1: reimplement tpm1_continue_selftest() using tpm_buf (bsc#1082555). * tpm1: rename tpm1_pcr_read_dev to tpm1_pcr_read() (bsc#1082555). * tpm2: add longer timeouts for creation commands (bsc#1082555). * vfio/pci: fix potential memory leak in vfio_intx_enable() (git-fixes). * vsock: correct removal of socket from the list (bsc#1227996). * xfs: fix getfsmap reporting past the last rt extent (git-fixes). * xfs: Fix the owner setting issue for rmap query in xfs fsmap (git-fixes). * xfs: fix uninitialized variable access (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE updateuse the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2024-3251=1 SUSE-SLE- SERVER-12-SP5-2024-3251=1 * SUSE Linux Enterprise High Availability Extension 12 SP5 zypper in -t patch SUSE-SLE-HA-12-SP5-2024-3251=1 * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-3251=1 * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3251=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3251=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3251=1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 zypper in -t patch SUSE-SLE-WE-12-SP5-2024-3251=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * kernel-default-devel-4.12.14-122.228.1 * cluster-md-kmp-default-debuginfo-4.12.14-122.228.1 * gfs2-kmp-default-debuginfo-4.12.14-122.228.1 * ocfs2-kmp-default-4.12.14-122.228.1 * kernel-default-debuginfo-4.12.14-122.228.1 * kernel-default-base-4.12.14-122.228.1 * kernel-syms-4.12.14-122.228.1 * kernel-default-debugsource-4.12.14-122.228.1 * dlm-kmp-default-4.12.14-122.228.1 * cluster-md-kmp-default-4.12.14-122.228.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.228.1 * kernel-default-base-debuginfo-4.12.14-122.228.1 * dlm-kmp-default-debuginfo-4.12.14-122.228.1 * gfs2-kmp-default-4.12.14-122.228.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (nosrc ppc64le x86_64) * kernel-default-4.12.14-122.228.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * kernel-devel-4.12.14-122.228.1 * kernel-macros-4.12.14-122.228.1 *kernel-source-4.12.14-122.228.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.228.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (ppc64le s390x x86_64) * cluster-md-kmp-default-debuginfo-4.12.14-122.228.1 * gfs2-kmp-default-debuginfo-4.12.14-122.228.1 * ocfs2-kmp-default-4.12.14-122.228.1 * kernel-default-debuginfo-4.12.14-122.228.1 * kernel-default-debugsource-4.12.14-122.228.1 * dlm-kmp-default-4.12.14-122.228.1 * cluster-md-kmp-default-4.12.14-122.228.1 * ocfs2-kmp-default-debuginfo-4.12.14-122.228.1 * dlm-kmp-default-debuginfo-4.12.14-122.228.1 * gfs2-kmp-default-4.12.14-122.228.1 * SUSE Linux Enterprise High Availability Extension 12 SP5 (nosrc) * kernel-default-4.12.14-122.228.1 * SUSE Linux Enterprise Live Patching 12-SP5 (nosrc) * kernel-default-4.12.14-122.228.1 * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kernel-default-debugsource-4.12.14-122.228.1 * kernel-default-kgraft-devel-4.12.14-122.228.1 * kernel-default-kgraft-4.12.14-122.228.1 * kernel-default-debuginfo-4.12.14-122.228.1 * kgraft-patch-4_12_14-122_228-default-1-8.3.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch nosrc) * kernel-docs-4.12.14-122.228.2 * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * kernel-obs-build-debugsource-4.12.14-122.228.2 * kernel-obs-build-4.12.14-122.228.2 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 nosrc x86_64) * kernel-default-4.12.14-122.228.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * kernel-default-devel-4.12.14-122.228.1 * kernel-syms-4.12.14-122.228.1 * kernel-default-base-4.12.14-122.228.1 * kernel-default-debugsource-4.12.14-122.228.1 * kernel-default-base-debuginfo-4.12.14-122.228.1 * kernel-default-debuginfo-4.12.14-122.228.1 * SUSE LinuxEnterprise High Performance Computing 12 SP5 (noarch) * kernel-devel-4.12.14-122.228.1 * kernel-macros-4.12.14-122.228.1 * kernel-source-4.12.14-122.228.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.228.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64 nosrc) * kernel-default-4.12.14-122.228.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * kernel-default-devel-4.12.14-122.228.1 * kernel-syms-4.12.14-122.228.1 * kernel-default-base-4.12.14-122.228.1 * kernel-default-debugsource-4.12.14-122.228.1 * kernel-default-base-debuginfo-4.12.14-122.228.1 * kernel-default-debuginfo-4.12.14-122.228.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * kernel-devel-4.12.14-122.228.1 * kernel-macros-4.12.14-122.228.1 * kernel-source-4.12.14-122.228.1 * SUSE Linux Enterprise Server 12 SP5 (s390x) * kernel-default-man-4.12.14-122.228.1 * SUSE Linux Enterprise Server 12 SP5 (x86_64) * kernel-default-devel-debuginfo-4.12.14-122.228.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (nosrc) * kernel-default-4.12.14-122.228.1 * SUSE Linux Enterprise Workstation Extension 12 12-SP5 (x86_64) * kernel-default-extra-4.12.14-122.228.1 * kernel-default-extra-debuginfo-4.12.14-122.228.1 * kernel-default-debugsource-4.12.14-122.228.1 * kernel-default-debuginfo-4.12.14-122.228.1 ## References: * https://www.suse.com/security/cve/CVE-2021-4440.html * https://www.suse.com/security/cve/CVE-2021-47257.html * https://www.suse.com/security/cve/CVE-2021-47289.html * https://www.suse.com/security/cve/CVE-2021-47341.html * https://www.suse.com/security/cve/CVE-2021-47373.html * https://www.suse.com/security/cve/CVE-2021-47425.html * https://www.suse.com/security/cve/CVE-2021-47549.html * https://www.suse.com/security/cve/CVE-2022-48751.html * https://www.suse.com/security/cve/CVE-2022-48769.html *https://www.suse.com/security/cve/CVE-2022-48786.html * https://www.suse.com/security/cve/CVE-2022-48822.html * https://www.suse.com/security/cve/CVE-2022-48865.html * https://www.suse.com/security/cve/CVE-2022-48875.html * https://www.suse.com/security/cve/CVE-2022-48896.html * https://www.suse.com/security/cve/CVE-2022-48899.html * https://www.suse.com/security/cve/CVE-2022-48905.html * https://www.suse.com/security/cve/CVE-2022-48910.html * https://www.suse.com/security/cve/CVE-2022-48919.html * https://www.suse.com/security/cve/CVE-2022-48920.html * https://www.suse.com/security/cve/CVE-2022-48925.html * https://www.suse.com/security/cve/CVE-2022-48930.html * https://www.suse.com/security/cve/CVE-2022-48931.html * https://www.suse.com/security/cve/CVE-2022-48938.html * https://www.suse.com/security/cve/CVE-2023-2176.html * https://www.suse.com/security/cve/CVE-2023-52708.html * https://www.suse.com/security/cve/CVE-2023-52893.html * https://www.suse.com/security/cve/CVE-2023-52901.html * https://www.suse.com/security/cve/CVE-2023-52907.html * https://www.suse.com/security/cve/CVE-2024-26668.html * https://www.suse.com/security/cve/CVE-2024-26677.html * https://www.suse.com/security/cve/CVE-2024-26812.html * https://www.suse.com/security/cve/CVE-2024-26851.html * https://www.suse.com/security/cve/CVE-2024-27011.html * https://www.suse.com/security/cve/CVE-2024-35915.html * https://www.suse.com/security/cve/CVE-2024-35933.html * https://www.suse.com/security/cve/CVE-2024-35965.html * https://www.suse.com/security/cve/CVE-2024-36013.html * https://www.suse.com/security/cve/CVE-2024-36270.html * https://www.suse.com/security/cve/CVE-2024-36286.html * https://www.suse.com/security/cve/CVE-2024-38618.html * https://www.suse.com/security/cve/CVE-2024-38662.html * https://www.suse.com/security/cve/CVE-2024-39489.html * https://www.suse.com/security/cve/CVE-2024-40984.html * https://www.suse.com/security/cve/CVE-2024-41012.html *https://www.suse.com/security/cve/CVE-2024-41016.html * https://www.suse.com/security/cve/CVE-2024-41020.html * https://www.suse.com/security/cve/CVE-2024-41035.html * https://www.suse.com/security/cve/CVE-2024-41062.html * https://www.suse.com/security/cve/CVE-2024-41068.html * https://www.suse.com/security/cve/CVE-2024-41087.html * https://www.suse.com/security/cve/CVE-2024-41097.html * https://www.suse.com/security/cve/CVE-2024-41098.html * https://www.suse.com/security/cve/CVE-2024-42077.html * https://www.suse.com/security/cve/CVE-2024-42082.html * https://www.suse.com/security/cve/CVE-2024-42090.html * https://www.suse.com/security/cve/CVE-2024-42101.html * https://www.suse.com/security/cve/CVE-2024-42106.html * https://www.suse.com/security/cve/CVE-2024-42110.html * https://www.suse.com/security/cve/CVE-2024-42148.html * https://www.suse.com/security/cve/CVE-2024-42155.html * https://www.suse.com/security/cve/CVE-2024-42157.html * https://www.suse.com/security/cve/CVE-2024-42158.html * https://www.suse.com/security/cve/CVE-2024-42162.html * https://www.suse.com/security/cve/CVE-2024-42226.html * https://www.suse.com/security/cve/CVE-2024-42228.html * https://www.suse.com/security/cve/CVE-2024-42232.html * https://www.suse.com/security/cve/CVE-2024-42236.html * https://www.suse.com/security/cve/CVE-2024-42240.html * https://www.suse.com/security/cve/CVE-2024-42244.html * https://www.suse.com/security/cve/CVE-2024-42246.html * https://www.suse.com/security/cve/CVE-2024-42259.html * https://www.suse.com/security/cve/CVE-2024-42271.html * https://www.suse.com/security/cve/CVE-2024-42280.html * https://www.suse.com/security/cve/CVE-2024-42281.html * https://www.suse.com/security/cve/CVE-2024-42284.html * https://www.suse.com/security/cve/CVE-2024-42285.html * https://www.suse.com/security/cve/CVE-2024-42286.html * https://www.suse.com/security/cve/CVE-2024-42287.html * https://www.suse.com/security/cve/CVE-2024-42288.html *https://www.suse.com/security/cve/CVE-2024-42289.html * https://www.suse.com/security/cve/CVE-2024-42301.html * https://www.suse.com/security/cve/CVE-2024-42309.html * https://www.suse.com/security/cve/CVE-2024-42310.html * https://www.suse.com/security/cve/CVE-2024-42312.html * https://www.suse.com/security/cve/CVE-2024-42322.html * https://www.suse.com/security/cve/CVE-2024-43819.html * https://www.suse.com/security/cve/CVE-2024-43831.html * https://www.suse.com/security/cve/CVE-2024-43839.html * https://www.suse.com/security/cve/CVE-2024-43853.html * https://www.suse.com/security/cve/CVE-2024-43854.html * https://www.suse.com/security/cve/CVE-2024-43856.html * https://www.suse.com/security/cve/CVE-2024-43861.html * https://www.suse.com/security/cve/CVE-2024-43863.html * https://www.suse.com/security/cve/CVE-2024-43866.html * https://www.suse.com/security/cve/CVE-2024-43871.html * https://www.suse.com/security/cve/CVE-2024-43872.html * https://www.suse.com/security/cve/CVE-2024-43879.html * https://www.suse.com/security/cve/CVE-2024-43882.html * https://www.suse.com/security/cve/CVE-2024-43883.html * https://www.suse.com/security/cve/CVE-2024-43892.html * https://www.suse.com/security/cve/CVE-2024-43893.html * https://www.suse.com/security/cve/CVE-2024-43900.html * https://www.suse.com/security/cve/CVE-2024-43902.html * https://www.suse.com/security/cve/CVE-2024-43905.html * https://www.suse.com/security/cve/CVE-2024-43907.html * https://bugzilla.suse.com/show_bug.cgi?id=1082555 * https://bugzilla.suse.com/show_bug.cgi?id=1190317 * https://bugzilla.suse.com/show_bug.cgi?id=1196516 * https://bugzilla.suse.com/show_bug.cgi?id=1205462 * https://bugzilla.suse.com/show_bug.cgi?id=1210629 * https://bugzilla.suse.com/show_bug.cgi?id=1214285 * https://bugzilla.suse.com/show_bug.cgi?id=1216834 * https://bugzilla.suse.com/show_bug.cgi?id=1221252 * https://bugzilla.suse.com/show_bug.cgi?id=1222335 * https://bugzilla.suse.com/show_bug.cgi?id=1222387 *https://bugzilla.suse.com/show_bug.cgi?id=1222808 * https://bugzilla.suse.com/show_bug.cgi?id=1223074 * https://bugzilla.suse.com/show_bug.cgi?id=1223803 * https://bugzilla.suse.com/show_bug.cgi?id=1224479 * https://bugzilla.suse.com/show_bug.cgi?id=1224579 * https://bugzilla.suse.com/show_bug.cgi?id=1224640 * https://bugzilla.suse.com/show_bug.cgi?id=1224896 * https://bugzilla.suse.com/show_bug.cgi?id=1224923 * https://bugzilla.suse.com/show_bug.cgi?id=1224984 * https://bugzilla.suse.com/show_bug.cgi?id=1225190 * https://bugzilla.suse.com/show_bug.cgi?id=1225223 * https://bugzilla.suse.com/show_bug.cgi?id=1225483 * https://bugzilla.suse.com/show_bug.cgi?id=1225508 * https://bugzilla.suse.com/show_bug.cgi?id=1225578 * https://bugzilla.suse.com/show_bug.cgi?id=1226323 * https://bugzilla.suse.com/show_bug.cgi?id=1226629 * https://bugzilla.suse.com/show_bug.cgi?id=1226653 * https://bugzilla.suse.com/show_bug.cgi?id=1226754 * https://bugzilla.suse.com/show_bug.cgi?id=1226798 * https://bugzilla.suse.com/show_bug.cgi?id=1226801 * https://bugzilla.suse.com/show_bug.cgi?id=1226885 * https://bugzilla.suse.com/show_bug.cgi?id=1227069 * https://bugzilla.suse.com/show_bug.cgi?id=1227623 * https://bugzilla.suse.com/show_bug.cgi?id=1227820 * https://bugzilla.suse.com/show_bug.cgi?id=1227996 * https://bugzilla.suse.com/show_bug.cgi?id=1228065 * https://bugzilla.suse.com/show_bug.cgi?id=1228247 * https://bugzilla.suse.com/show_bug.cgi?id=1228410 * https://bugzilla.suse.com/show_bug.cgi?id=1228427 * https://bugzilla.suse.com/show_bug.cgi?id=1228449 * https://bugzilla.suse.com/show_bug.cgi?id=1228466 * https://bugzilla.suse.com/show_bug.cgi?id=1228467 * https://bugzilla.suse.com/show_bug.cgi?id=1228482 * https://bugzilla.suse.com/show_bug.cgi?id=1228485 * https://bugzilla.suse.com/show_bug.cgi?id=1228487 * https://bugzilla.suse.com/show_bug.cgi?id=1228493 * https://bugzilla.suse.com/show_bug.cgi?id=1228495 *https://bugzilla.suse.com/show_bug.cgi?id=1228501 * https://bugzilla.suse.com/show_bug.cgi?id=1228513 * https://bugzilla.suse.com/show_bug.cgi?id=1228516 * https://bugzilla.suse.com/show_bug.cgi?id=1228576 * https://bugzilla.suse.com/show_bug.cgi?id=1228579 * https://bugzilla.suse.com/show_bug.cgi?id=1228667 * https://bugzilla.suse.com/show_bug.cgi?id=1228706 * https://bugzilla.suse.com/show_bug.cgi?id=1228709 * https://bugzilla.suse.com/show_bug.cgi?id=1228720 * https://bugzilla.suse.com/show_bug.cgi?id=1228727 * https://bugzilla.suse.com/show_bug.cgi?id=1228733 * https://bugzilla.suse.com/show_bug.cgi?id=1228801 * https://bugzilla.suse.com/show_bug.cgi?id=1228850 * https://bugzilla.suse.com/show_bug.cgi?id=1228959 * https://bugzilla.suse.com/show_bug.cgi?id=1228964 * https://bugzilla.suse.com/show_bug.cgi?id=1228966 * https://bugzilla.suse.com/show_bug.cgi?id=1228967 * https://bugzilla.suse.com/show_bug.cgi?id=1228982 * https://bugzilla.suse.com/show_bug.cgi?id=1228989 * https://bugzilla.suse.com/show_bug.cgi?id=1229154 * https://bugzilla.suse.com/show_bug.cgi?id=1229156 * https://bugzilla.suse.com/show_bug.cgi?id=1229222 * https://bugzilla.suse.com/show_bug.cgi?id=1229229 * https://bugzilla.suse.com/show_bug.cgi?id=1229290 * https://bugzilla.suse.com/show_bug.cgi?id=1229292 * https://bugzilla.suse.com/show_bug.cgi?id=1229301 * https://bugzilla.suse.com/show_bug.cgi?id=1229309 * https://bugzilla.suse.com/show_bug.cgi?id=1229327 * https://bugzilla.suse.com/show_bug.cgi?id=1229345 * https://bugzilla.suse.com/show_bug.cgi?id=1229346 * https://bugzilla.suse.com/show_bug.cgi?id=1229347 * https://bugzilla.suse.com/show_bug.cgi?id=1229357 * https://bugzilla.suse.com/show_bug.cgi?id=1229358 * https://bugzilla.suse.com/show_bug.cgi?id=1229359 * https://bugzilla.suse.com/show_bug.cgi?id=1229381 * https://bugzilla.suse.com/show_bug.cgi?id=1229382 * https://bugzilla.suse.com/show_bug.cgi?id=1229386 *https://bugzilla.suse.com/show_bug.cgi?id=1229388 * https://bugzilla.suse.com/show_bug.cgi?id=1229392 * https://bugzilla.suse.com/show_bug.cgi?id=1229395 * https://bugzilla.suse.com/show_bug.cgi?id=1229398 * https://bugzilla.suse.com/show_bug.cgi?id=1229399 * https://bugzilla.suse.com/show_bug.cgi?id=1229400 * https://bugzilla.suse.com/show_bug.cgi?id=1229407 * https://bugzilla.suse.com/show_bug.cgi?id=1229457 * https://bugzilla.suse.com/show_bug.cgi?id=1229462 * https://bugzilla.suse.com/show_bug.cgi?id=1229482 * https://bugzilla.suse.com/show_bug.cgi?id=1229489 * https://bugzilla.suse.com/show_bug.cgi?id=1229490 * https://bugzilla.suse.com/show_bug.cgi?id=1229495 * https://bugzilla.suse.com/show_bug.cgi?id=1229497 * https://bugzilla.suse.com/show_bug.cgi?id=1229500 * https://bugzilla.suse.com/show_bug.cgi?id=1229503 * https://bugzilla.suse.com/show_bug.cgi?id=1229516 * https://bugzilla.suse.com/show_bug.cgi?id=1229526 * https://bugzilla.suse.com/show_bug.cgi?id=1229531 * https://bugzilla.suse.com/show_bug.cgi?id=1229535 * https://bugzilla.suse.com/show_bug.cgi?id=1229536 * https://bugzilla.suse.com/show_bug.cgi?id=1229540 * https://bugzilla.suse.com/show_bug.cgi?id=1229604 * https://bugzilla.suse.com/show_bug.cgi?id=1229623 * https://bugzilla.suse.com/show_bug.cgi?id=1229624 * https://bugzilla.suse.com/show_bug.cgi?id=1229630 * https://bugzilla.suse.com/show_bug.cgi?id=1229632 * https://bugzilla.suse.com/show_bug.cgi?id=1229657 * https://bugzilla.suse.com/show_bug.cgi?id=1229658 * https://bugzilla.suse.com/show_bug.cgi?id=1229664 * https://bugzilla.suse.com/show_bug.cgi?id=1229707 * https://bugzilla.suse.com/show_bug.cgi?id=1229756 * https://bugzilla.suse.com/show_bug.cgi?id=1229759 * https://bugzilla.suse.com/show_bug.cgi?id=1229761 * https://bugzilla.suse.com/show_bug.cgi?id=1229767 * https://bugzilla.suse.com/show_bug.cgi?id=1229784 * https://bugzilla.suse.com/show_bug.cgi?id=1229787 *https://bugzilla.suse.com/show_bug.cgi?id=1229851 . This patch release addresses multiple concerns in the SUSE kernel, encompassing urgent security flaw corrections. Update immediately.. Linux Kernel Security, SUSE Updates, Kernel Bugfixes, SUSE Security Advisory. . Severity: Important. LinuxSecurity.com Team

Sep 16, 2024 •Important SuSE

security advisorysecurity issueupdate

SUSE: 2024:3152-1 Important: MozillaFirefox Security Issues

* bsc#1229821 Cross-References: * CVE-2024-8381 * CVE-2024-8382 . # Security update for MozillaFirefox Announcement ID: SUSE-SU-2024:3152-1 Rating: important References: * bsc#1229821 Cross-References: * CVE-2024-8381 * CVE-2024-8382 * CVE-2024-8383 * CVE-2024-8384 * CVE-2024-8385 * CVE-2024-8386 * CVE-2024-8387 CVSS scores: * CVE-2024-8381 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L * CVE-2024-8381 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8382 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-8382 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-8383 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-8383 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-8384 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-8384 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8385 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-8385 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8386 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-8386 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-8387 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-8387 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves seven vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: * Update to Firefox Extended Support Release 128.2.0 ESR (bsc#1229821) * CVE-2024-8381: Type confusion when looking up a property name in a 'with' block * CVE-2024-8382: Internal event interfaceswere exposed to web content when browser EventHandler listener callbacks ran * CVE-2024-8383: Firefox did not ask before openings news: links in an external application * CVE-2024-8384: Garbage collection could mis-color cross-compartment objects in OOM conditions * CVE-2024-8385: WASM type confusion involving ArrayTypes * CVE-2024-8386: SelectElements could be shown over another site if popups are allowed * CVE-2024-8387: Memory safety bugs fixed in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2024-3152=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3152=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3152=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-3152=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-128.2.0-112.225.1 * MozillaFirefox-debuginfo-128.2.0-112.225.1 * SUSE Linux Enterprise Software Development Kit 12 SP5 (noarch) * MozillaFirefox-devel-128.2.0-112.225.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * MozillaFirefox-debugsource-128.2.0-112.225.1 * MozillaFirefox-128.2.0-112.225.1 * MozillaFirefox-translations-common-128.2.0-112.225.1 * MozillaFirefox-debuginfo-128.2.0-112.225.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * MozillaFirefox-devel-128.2.0-112.225.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debugsource-128.2.0-112.225.1 *MozillaFirefox-128.2.0-112.225.1 * MozillaFirefox-translations-common-128.2.0-112.225.1 * MozillaFirefox-debuginfo-128.2.0-112.225.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * MozillaFirefox-devel-128.2.0-112.225.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * MozillaFirefox-debugsource-128.2.0-112.225.1 * MozillaFirefox-128.2.0-112.225.1 * MozillaFirefox-translations-common-128.2.0-112.225.1 * MozillaFirefox-debuginfo-128.2.0-112.225.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * MozillaFirefox-devel-128.2.0-112.225.1 ## References: * https://www.suse.com/security/cve/CVE-2024-8381.html * https://www.suse.com/security/cve/CVE-2024-8382.html * https://www.suse.com/security/cve/CVE-2024-8383.html * https://www.suse.com/security/cve/CVE-2024-8384.html * https://www.suse.com/security/cve/CVE-2024-8385.html * https://www.suse.com/security/cve/CVE-2024-8386.html * https://www.suse.com/security/cve/CVE-2024-8387.html * https://bugzilla.suse.com/show_bug.cgi?id=1229821 . Get essential notifications for MozillaFirefox aimed at fixing vulnerabilities and boosting efficiency. Key updates are part of this release.. MozillaFirefox Updates, SUSE Security Advisory, Important Security Fixes, MozillaFirefox Security. . Severity: Important. LinuxSecurity.com Team

Sep 06, 2024 •Important SuSE

security advisorysecurity issueSUSE

SUSE: 2023:4452-1 Critical: Nginx Buffer Overflow Vulnerability

* bsc#1207399 * bsc#1214357 * bsc#1216424 Cross-References: . # Security update for apache2 Announcement ID: SUSE-SU-2023:4451-1 Rating: important References: * bsc#1207399 * bsc#1214357 * bsc#1216424 Cross-References: * CVE-2023-31122 CVSS scores: * CVE-2023-31122 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-31122 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 * SUSE Linux Enterprise Software Development Kit 12 SP5 An update that solves one vulnerability and has two security fixes can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2023-31122: Fixed an out of bounds read in mod_macro (bsc#1216424). Non-security fixes: * Fixed the content type handling in mod_proxy_http2 (bsc#1214357). * Fixed a floating point exception crash (bsc#1207399). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Software Development Kit 12 SP5 zypper in -t patch SUSE-SLE-SDK-12-SP5-2023-4451=1 * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-4451=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-4451=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2023-4451=1 ## Package List: * SUSE Linux Enterprise Software Development Kit 12 SP5 (aarch64 ppc64le s390x x86_64) * apache2-debugsource-2.4.51-35.35.1 * apache2-debuginfo-2.4.51-35.35.1 * apache2-tls13-debugsource-2.4.51-35.35.1 * apache2-tls13-debuginfo-2.4.51-35.35.1 *apache2-tls13-devel-2.4.51-35.35.1 * apache2-devel-2.4.51-35.35.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * apache2-debugsource-2.4.51-35.35.1 * apache2-debuginfo-2.4.51-35.35.1 * apache2-tls13-worker-2.4.51-35.35.1 * apache2-tls13-example-pages-2.4.51-35.35.1 * apache2-2.4.51-35.35.1 * apache2-prefork-debuginfo-2.4.51-35.35.1 * apache2-prefork-2.4.51-35.35.1 * apache2-tls13-2.4.51-35.35.1 * apache2-tls13-prefork-debuginfo-2.4.51-35.35.1 * apache2-tls13-utils-2.4.51-35.35.1 * apache2-tls13-debugsource-2.4.51-35.35.1 * apache2-example-pages-2.4.51-35.35.1 * apache2-tls13-prefork-2.4.51-35.35.1 * apache2-tls13-worker-debuginfo-2.4.51-35.35.1 * apache2-tls13-debuginfo-2.4.51-35.35.1 * apache2-utils-2.4.51-35.35.1 * apache2-worker-2.4.51-35.35.1 * apache2-worker-debuginfo-2.4.51-35.35.1 * apache2-utils-debuginfo-2.4.51-35.35.1 * apache2-tls13-utils-debuginfo-2.4.51-35.35.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * apache2-tls13-doc-2.4.51-35.35.1 * apache2-doc-2.4.51-35.35.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * apache2-debugsource-2.4.51-35.35.1 * apache2-debuginfo-2.4.51-35.35.1 * apache2-tls13-worker-2.4.51-35.35.1 * apache2-tls13-example-pages-2.4.51-35.35.1 * apache2-2.4.51-35.35.1 * apache2-prefork-debuginfo-2.4.51-35.35.1 * apache2-prefork-2.4.51-35.35.1 * apache2-tls13-2.4.51-35.35.1 * apache2-tls13-prefork-debuginfo-2.4.51-35.35.1 * apache2-tls13-utils-2.4.51-35.35.1 * apache2-tls13-debugsource-2.4.51-35.35.1 * apache2-example-pages-2.4.51-35.35.1 * apache2-tls13-prefork-2.4.51-35.35.1 * apache2-tls13-worker-debuginfo-2.4.51-35.35.1 * apache2-tls13-debuginfo-2.4.51-35.35.1 * apache2-utils-2.4.51-35.35.1 * apache2-worker-2.4.51-35.35.1 * apache2-worker-debuginfo-2.4.51-35.35.1 * apache2-utils-debuginfo-2.4.51-35.35.1 *apache2-tls13-utils-debuginfo-2.4.51-35.35.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * apache2-tls13-doc-2.4.51-35.35.1 * apache2-doc-2.4.51-35.35.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * apache2-debugsource-2.4.51-35.35.1 * apache2-debuginfo-2.4.51-35.35.1 * apache2-tls13-worker-2.4.51-35.35.1 * apache2-tls13-example-pages-2.4.51-35.35.1 * apache2-2.4.51-35.35.1 * apache2-prefork-debuginfo-2.4.51-35.35.1 * apache2-prefork-2.4.51-35.35.1 * apache2-tls13-2.4.51-35.35.1 * apache2-tls13-prefork-debuginfo-2.4.51-35.35.1 * apache2-tls13-utils-2.4.51-35.35.1 * apache2-tls13-debugsource-2.4.51-35.35.1 * apache2-example-pages-2.4.51-35.35.1 * apache2-tls13-prefork-2.4.51-35.35.1 * apache2-tls13-worker-debuginfo-2.4.51-35.35.1 * apache2-tls13-debuginfo-2.4.51-35.35.1 * apache2-utils-2.4.51-35.35.1 * apache2-worker-2.4.51-35.35.1 * apache2-worker-debuginfo-2.4.51-35.35.1 * apache2-utils-debuginfo-2.4.51-35.35.1 * apache2-tls13-utils-debuginfo-2.4.51-35.35.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) * apache2-tls13-doc-2.4.51-35.35.1 * apache2-doc-2.4.51-35.35.1 ## References: * https://www.suse.com/security/cve/CVE-2023-31122.html * https://bugzilla.suse.com/show_bug.cgi?id=1207399 * https://bugzilla.suse.com/show_bug.cgi?id=1214357 * https://bugzilla.suse.com/show_bug.cgi?id=1216424 . Crucial security patch for apache2 addresses severe threats and weaknesses in SUSE Linux Enterprise.. SUSE Apache2 Update, Security Fixes, Patch Instructions. . Severity: Important. LinuxSecurity.com Team

Nov 15, 2023 •Important SuSE

security advisorybuffer overflowimportant

SUSE: 2020:2920-1 Important: Fix For php7 Cookie Security Issue

An update that solves one vulnerability and has one errata is now available. . SUSE Security Update: Security update for php7 ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:2920-1 Rating: important References: #1173786 #1177352 Cross-References: CVE-2020-7070 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP5 SUSE Linux Enterprise Module for Web Scripting 12 ______________________________________________________________________________ An update that solves one vulnerability and has one errata is now available. Description: This update for php7 fixes the following issues: - CVE-2020-7070: Fixed an issue where percent-encoded cookies could have been used to overwrite existing prefixed cookie names (bsc#1177352). - Added tmpfiles.d for php-fpm to provide a base for a socket (bsc#1173786) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2020-2920=1 - SUSE Linux Enterprise Module for Web Scripting 12: zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2020-2920=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): php7-debuginfo-7.0.7-50.102.1 php7-debugsource-7.0.7-50.102.1 php7-devel-7.0.7-50.102.1 - SUSE Linux Enterprise Module for Web Scripting 12 (aarch64 ppc64le s390x x86_64): apache2-mod_php7-7.0.7-50.102.1 apache2-mod_php7-debuginfo-7.0.7-50.102.1 php7-7.0.7-50.102.1 php7-bcmath-7.0.7-50.102.1 php7-bcmath-debuginfo-7.0.7-50.102.1 php7-bz2-7.0.7-50.102.1 php7-bz2-debuginfo-7.0.7-50.102.1 php7-calendar-7.0.7-50.102.1 php7-calendar-debuginfo-7.0.7-50.102.1 php7-ctype-7.0.7-50.102.1 php7-ctype-debuginfo-7.0.7-50.102.1 php7-curl-7.0.7-50.102.1 php7-curl-debuginfo-7.0.7-50.102.1 php7-dba-7.0.7-50.102.1 php7-dba-debuginfo-7.0.7-50.102.1 php7-debuginfo-7.0.7-50.102.1 php7-debugsource-7.0.7-50.102.1 php7-dom-7.0.7-50.102.1 php7-dom-debuginfo-7.0.7-50.102.1 php7-enchant-7.0.7-50.102.1 php7-enchant-debuginfo-7.0.7-50.102.1 php7-exif-7.0.7-50.102.1 php7-exif-debuginfo-7.0.7-50.102.1 php7-fastcgi-7.0.7-50.102.1 php7-fastcgi-debuginfo-7.0.7-50.102.1 php7-fileinfo-7.0.7-50.102.1 php7-fileinfo-debuginfo-7.0.7-50.102.1 php7-fpm-7.0.7-50.102.1 php7-fpm-debuginfo-7.0.7-50.102.1 php7-ftp-7.0.7-50.102.1 php7-ftp-debuginfo-7.0.7-50.102.1 php7-gd-7.0.7-50.102.1 php7-gd-debuginfo-7.0.7-50.102.1 php7-gettext-7.0.7-50.102.1 php7-gettext-debuginfo-7.0.7-50.102.1 php7-gmp-7.0.7-50.102.1 php7-gmp-debuginfo-7.0.7-50.102.1 php7-iconv-7.0.7-50.102.1 php7-iconv-debuginfo-7.0.7-50.102.1 php7-imap-7.0.7-50.102.1 php7-imap-debuginfo-7.0.7-50.102.1 php7-intl-7.0.7-50.102.1 php7-intl-debuginfo-7.0.7-50.102.1 php7-json-7.0.7-50.102.1 php7-json-debuginfo-7.0.7-50.102.1 php7-ldap-7.0.7-50.102.1 php7-ldap-debuginfo-7.0.7-50.102.1 php7-mbstring-7.0.7-50.102.1 php7-mbstring-debuginfo-7.0.7-50.102.1 php7-mcrypt-7.0.7-50.102.1 php7-mcrypt-debuginfo-7.0.7-50.102.1 php7-mysql-7.0.7-50.102.1 php7-mysql-debuginfo-7.0.7-50.102.1 php7-odbc-7.0.7-50.102.1 php7-odbc-debuginfo-7.0.7-50.102.1 php7-opcache-7.0.7-50.102.1 php7-opcache-debuginfo-7.0.7-50.102.1 php7-openssl-7.0.7-50.102.1 php7-openssl-debuginfo-7.0.7-50.102.1 php7-pcntl-7.0.7-50.102.1 php7-pcntl-debuginfo-7.0.7-50.102.1 php7-pdo-7.0.7-50.102.1 php7-pdo-debuginfo-7.0.7-50.102.1 php7-pgsql-7.0.7-50.102.1 php7-pgsql-debuginfo-7.0.7-50.102.1 php7-phar-7.0.7-50.102.1 php7-phar-debuginfo-7.0.7-50.102.1 php7-posix-7.0.7-50.102.1 php7-posix-debuginfo-7.0.7-50.102.1 php7-pspell-7.0.7-50.102.1 php7-pspell-debuginfo-7.0.7-50.102.1 php7-shmop-7.0.7-50.102.1 php7-shmop-debuginfo-7.0.7-50.102.1 php7-snmp-7.0.7-50.102.1 php7-snmp-debuginfo-7.0.7-50.102.1 php7-soap-7.0.7-50.102.1 php7-soap-debuginfo-7.0.7-50.102.1 php7-sockets-7.0.7-50.102.1 php7-sockets-debuginfo-7.0.7-50.102.1 php7-sqlite-7.0.7-50.102.1 php7-sqlite-debuginfo-7.0.7-50.102.1 php7-sysvmsg-7.0.7-50.102.1 php7-sysvmsg-debuginfo-7.0.7-50.102.1 php7-sysvsem-7.0.7-50.102.1 php7-sysvsem-debuginfo-7.0.7-50.102.1 php7-sysvshm-7.0.7-50.102.1 php7-sysvshm-debuginfo-7.0.7-50.102.1 php7-tokenizer-7.0.7-50.102.1 php7-tokenizer-debuginfo-7.0.7-50.102.1 php7-wddx-7.0.7-50.102.1 php7-wddx-debuginfo-7.0.7-50.102.1 php7-xmlreader-7.0.7-50.102.1 php7-xmlreader-debuginfo-7.0.7-50.102.1 php7-xmlrpc-7.0.7-50.102.1 php7-xmlrpc-debuginfo-7.0.7-50.102.1 php7-xmlwriter-7.0.7-50.102.1 php7-xmlwriter-debuginfo-7.0.7-50.102.1 php7-xsl-7.0.7-50.102.1 php7-xsl-debuginfo-7.0.7-50.102.1 php7-zip-7.0.7-50.102.1 php7-zip-debuginfo-7.0.7-50.102.1 php7-zlib-7.0.7-50.102.1 php7-zlib-debuginfo-7.0.7-50.102.1 - SUSE Linux Enterprise Module for Web Scripting 12 (noarch): php7-pear-7.0.7-50.102.1 php7-pear-Archive_Tar-7.0.7-50.102.1 References: https://www.suse.com/security/cve/CVE-2020-7070.html https://bugzilla.suse.com/1173786 https://bugzilla.suse.com/1177352 _______________________________________________ sle-security-updates mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. http://lists.suse.com/mailman/listinfo/sle-security-updates . The latest SUSE enhancements for php7 tackle severe vulnerabilities relatedto session management and encryption standards. Stay informed about safety protocols.. SUSE PHP7 Security Update, Cookie Overwrite Issue, Important Security Advisory. . Severity: Important. LinuxSecurity.com Team

Oct 14, 2020 •Important SuSE

security advisorysecurity updateimportant

SUSE: 2021:3856-1 Critical: Python-3_6_9-Security Patch Update

An update that fixes 11 vulnerabilities is now available. An update that fixes 11 vulnerabilities is now available. An update that fixes 11 vulnerabilities is now available.. SUSE Security Update: Security update for java-1_7_0-openjdk ______________________________________________________________________________ Announcement ID: SUSE-SU-2014:1422-1 Rating: important References: #901242 Cross-References: CVE-2014-6457 CVE-2014-6502 CVE-2014-6504 CVE-2014-6506 CVE-2014-6511 CVE-2014-6512 CVE-2014-6513 CVE-2014-6517 CVE-2014-6519 CVE-2014-6531 CVE-2014-6558 Affected Products: SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Desktop 12 ______________________________________________________________________________ An update that fixes 11 vulnerabilities is now available. Description: OpenJDK was updated to icedtea 2.5.3 (OpenJDK 7u71) fixing security issues and bugs. * Security: - S8015256: Better class accessibility - S8022783, CVE-2014-6504: Optimize C2 optimizations - S8035162: Service printing service - S8035781: Improve equality for annotations - S8036805: Correct linker method lookup. - S8036810: Correct linker field lookup - S8036936: Use local locales - S8037066, CVE-2014-6457: Secure transport layer - S8037846, CVE-2014-6558: Ensure streaming of input cipher streams - S8038364: Use certificate exceptions correctly - S8038899: Safer safepoints - S8038903: More native monitor monitoring - S8038908: Make Signature more robust - S8038913: Bolster XML support - S8039509, CVE-2014-6512: Wrap sockets more thoroughly - S8039533, CVE-2014-6517: Higher resolution resolvers - S8041540, CVE-2014-6511: Better use of pages in font processing - S8041529: Better parameterization of parameter lists - S8041545: Better validation of generated rasters - S8041564, CVE-2014-6506: Improved management of logger resources - S8041717, CVE-2014-6519: Issue with class file parser - S8042609, CVE-2014-6513: Limit splashiness of splash images - S8042797, CVE-2014-6502: Avoid strawberries in LogRecord - S8044274, CVE-2014-6531: Proper property processing * Backports: - S4963723: Implement SHA-224 - S7044060: Need to support NSA Suite B Cryptography algorithms - S7122142: (ann) Race condition between isAnnotationPresent and getAnnotations - S7160837: DigestOutputStream does not turn off digest calculation when "close()" is called - S8006935: Need to take care of long secret keys in HMAC/PRF computation - S8012637: Adjust CipherInputStream class to work in AEAD/GCM mode - S8028192: Use of PKCS11-NSS provider in FIPS mode broken - S8038000: java.awt.image.RasterFormatException: Incorrect scanline stride - S8039396: NPE when writing a class descriptor object to a custom ObjectOutputStream - S8042603: 'SafepointPollOffset' was not declared in static member function 'static bool Arguments::check_vm_args_consistency()' - S8042850: Extra unused entries in ICU ScriptCodes enum - S8052162: REGRESSION: sun/java2d/cmm/ColorConvertOp tests fail since 7u71 b01 - S8053963: (dc) Use DatagramChannel.receive() instead of read() in connect() - S8055176: 7u71 l10n resource file translation update * Bugfixes: - PR1988: C++ Interpreter should no longer be used on ppc64 - PR1989: Make jdk_generic_profile.sh handle missing programs better and be more verbose - PR1992, RH735336: Support retrieving proxy settings on GNOME 3.12.2 - PR2000: Synchronise HEAD tarball paths with release branch paths - PR2002: Fix references to hotspot.map following PR2000 - PR2003: --disable-system-gtk option broken by refactoring in PR1736 - PR2009: Checksum of policy JAR files changes on every build - PR2014: Use version from hotspot.map to create tarball filename - PR2015: Update hotspot.map documentation in INSTALL - PR2025: LCMS_CFLAGS and LCMS_LIBSshould not be used unless SYSTEM_LCMS is enabled - RH1015432: java-1.7.0-openjdk: Fails on PPC with StackOverflowError (revised comprehensive fix) * CACAO - PR2030, G453612, CA172: ARM hardfloat support for CACAO * AArch64 port - AArch64 C2 instruct for smull - Add frame anchor fences. - Add MacroAssembler::maybe_isb() - Add missing instruction synchronization barriers and cache flushes. - Add support for a few simple intrinsics - Add support for builtin crc32 instructions - Add support for Neon implementation of CRC32 - All address constants are 48 bits in size. - array load must only read 32 bits - Define uabs(). Use it everywhere an absolute value is wanted. - Fast string comparison - Fast String.equals() - Fix register usage in generate_verify_oop(). - Fix thinko in Atomic::xchg_ptr. - Fix typo in fsqrts - Improve C1 performance improvements in ic_cache checks - Performance improvement and ease of use changes pulled from upstream - Remove obsolete C1 patching code. - Replace hotspot jtreg test suite with tests from jdk7u - S8024648: 7141246 breaks Zero port - Save intermediate state before removing C1 patching code. - Unwind native AArch64 frames. - Use 2- and 3-instruction immediate form of movoop and mov_metadata in C2-generated code. - Various concurrency fixes. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12: zypper in -t patch SUSE-SLE-SERVER-12-2014-68 - SUSE Linux Enterprise Desktop 12: zypper in -t patch SUSE-SLE-DESKTOP-12-2014-68 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Server 12 (ppc64le s390x x86_64): java-1_7_0-openjdk-1.7.0.71-6.2 java-1_7_0-openjdk-debuginfo-1.7.0.71-6.2 java-1_7_0-openjdk-debugsource-1.7.0.71-6.2 java-1_7_0-openjdk-demo-1.7.0.71-6.2 java-1_7_0-openjdk-demo-debuginfo-1.7.0.71-6.2 java-1_7_0-openjdk-devel-1.7.0.71-6.2 java-1_7_0-openjdk-devel-debuginfo-1.7.0.71-6.2 java-1_7_0-openjdk-headless-1.7.0.71-6.2 java-1_7_0-openjdk-headless-debuginfo-1.7.0.71-6.2 - SUSE Linux Enterprise Desktop 12 (x86_64): java-1_7_0-openjdk-1.7.0.71-6.2 java-1_7_0-openjdk-debuginfo-1.7.0.71-6.2 java-1_7_0-openjdk-debugsource-1.7.0.71-6.2 java-1_7_0-openjdk-headless-1.7.0.71-6.2 java-1_7_0-openjdk-headless-debuginfo-1.7.0.71-6.2 References: https://www.suse.com/security/cve/CVE-2014-6457.html https://www.suse.com/security/cve/CVE-2014-6502.html https://www.suse.com/security/cve/CVE-2014-6504.html https://www.suse.com/security/cve/CVE-2014-6506.html https://www.suse.com/security/cve/CVE-2014-6511.html https://www.suse.com/security/cve/CVE-2014-6512.html https://www.suse.com/security/cve/CVE-2014-6513.html https://www.suse.com/security/cve/CVE-2014-6517.html https://www.suse.com/security/cve/CVE-2014-6519.html https://www.suse.com/security/cve/CVE-2014-6531.html https://www.suse.com/security/cve/CVE-2014-6558.html https://bugzilla.suse.com/show_bug.cgi?id=901242 . SUSE Security Announcement: java-1_8_0-openjdk addresses 9 security vulnerabilities with essential enhancements and upgrades.. SUSE Security Update, java-1_7_0-openjdk, critical security issues, software fixes, Java maintenance. . Severity: Critical. LinuxSecurity.com Team

Nov 13, 2014 •Critical SuSE

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Explore Latest Linux Security advisories

openSUSE Tumbleweed regclient Moderate Threat CVE-2026-33814 2026-10763-1

SUSE: 2024:3251-1 Important: Kernel Security Updates for Multiple Issues

SUSE: 2024:3152-1 Important: MozillaFirefox Security Issues

SUSE: 2023:4452-1 Critical: Nginx Buffer Overflow Vulnerability

SUSE: 2020:2920-1 Important: Fix For php7 Cookie Security Issue

SUSE: 2021:3856-1 Critical: Python-3_6_9-Security Patch Update

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Ubuntu 25.10 kmod Critical Algif_aead Privilege Escalation USN-8226-1

Ubuntu 26.04 LTS nginx Critical Denial of Service 2026-42945

Ubuntu 26.04 Docker Critical Security Threats USN-8230-1 CVE-2026-33747

Debian OpenSSH Critical DSA-6204-1 CVE-2026-3497 Remote DoS Execution

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Stay Secure with the Latest Linux Advisories

Debian Dovecot High Severity Service Disruption Info Leak Flaw DLA-4617-1

Debian 11 gsasl Critical DoS Threat Advisory DLA-4618-1 CVE-2026-48829

SUSE MozillaThunderbird Important Memory Safety Fix Advisory 2026-2271-1

SUSE Linux Micro 6.0 Ignition Key HTTP Transport Loop Patch 2026-21987-1

SUSE Linux Micro 6.0 Important Libzypp Libsolv Security Update 2026-21988-1

SUSE Google-Guest-Agent Important Security Update 2026-21989-1

SUSE Linux Micro Important Salt Multi-Linux Manager Vuln 2026-21990-1

SUSE Linux Micro Critical Ignition Patch CVE-2026-33814

SUSE Linux Micro 6.1 Security Update for libzypp libsolv Key 2026-21992-1

Refine advisories

severity

Topics

Distro

Published Date

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Explore Latest Linux Security advisories

Get the latest News and Insights

Community Poll

What got you started with Linux?

Trending News

Search Topics

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!