Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 4 articles for you...
100
security advisorydenial of serviceprivilege escalationSUSE: 2024:3662-1 important: Kernel Live Patch fix for access issues
* bsc#1210619 * bsc#1220145 * bsc#1220537 * bsc#1222685 * bsc#1223059 . # Security update for the Linux Kernel (Live Patch 54 for SLE 12 SP5) Announcement ID: SUSE-SU-2024:3662-1 Release Date: 2024-10-16T14:03:47Z Rating: important References: * bsc#1210619 * bsc#1220145 * bsc#1220537 * bsc#1222685 * bsc#1223059 * bsc#1223363 * bsc#1223514 * bsc#1223681 * bsc#1223683 * bsc#1225013 * bsc#1225202 * bsc#1225211 * bsc#1225310 * bsc#1226325 * bsc#1228573 Cross-References: * CVE-2021-46955 * CVE-2021-47378 * CVE-2021-47383 * CVE-2022-48651 * CVE-2023-1829 * CVE-2023-6546 * CVE-2024-23307 * CVE-2024-26828 * CVE-2024-26852 * CVE-2024-26923 * CVE-2024-26930 * CVE-2024-27398 * CVE-2024-35950 * CVE-2024-36964 * CVE-2024-41059 CVSS scores: * CVE-2021-46955 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2021-47378 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47383 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-1829 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6546 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26828 ( SUSE ): 7.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H * CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26930 ( NVD ): 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-27398 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35950 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves 15 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_201 fixes several issues. The following security issues were fixed: * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2021-47378: Destroy cm id before destroy qp to avoid use after free (bsc#1225202). * CVE-2024-27398: Fixed use-after-free bugs caused by sco_sock_timeout (bsc#1225013). * CVE-2024-35950: drm/client: Fully protect modes with dev-> mode_config.mutex (bsc#1225310). * CVE-2021-47383: Fixed out-of-bound vmalloc access in imageblit (bsc#1225211). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). * CVE-2024-26930: Fixed double free of the ha-> vp_map pointer (bsc#1223681). * CVE-2024-26828: Fixed underflow in parse_server_interfaces() (bsc#1223363). * CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets (bsc#1220537). * CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86 and ARM md, raid, raid5 modules (bsc#1220145). * CVE-2024-26852:Fixed use-after-free in ip6_route_mpath_notify() (bsc#1223059). * CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset skb-> mac_header (bsc#1223514). * CVE-2023-6546: Fixed a race condition in the GSM 0710 tty multiplexor via the GSMIOC_SETCONF ioctl that could lead to local privilege escalation (bsc#1222685). * CVE-2023-1829: Fixed a use-after-free vulnerability in the control index filter (tcindex) (bsc#1210619). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2024-3662=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) * kgraft-patch-4_12_14-122_201-default-8-8.10.1 ## References: * https://www.suse.com/security/cve/CVE-2021-46955.html * https://www.suse.com/security/cve/CVE-2021-47378.html * https://www.suse.com/security/cve/CVE-2021-47383.html * https://www.suse.com/security/cve/CVE-2022-48651.html * https://www.suse.com/security/cve/CVE-2023-1829.html * https://www.suse.com/security/cve/CVE-2023-6546.html * https://www.suse.com/security/cve/CVE-2024-23307.html * https://www.suse.com/security/cve/CVE-2024-26828.html * https://www.suse.com/security/cve/CVE-2024-26852.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-26930.html * https://www.suse.com/security/cve/CVE-2024-27398.html * https://www.suse.com/security/cve/CVE-2024-35950.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://bugzilla.suse.com/show_bug.cgi?id=1210619 * https://bugzilla.suse.com/show_bug.cgi?id=1220145 * https://bugzilla.suse.com/show_bug.cgi?id=1220537 * https://bugzilla.suse.com/show_bug.cgi?id=1222685 *https://bugzilla.suse.com/show_bug.cgi?id=1223059 * https://bugzilla.suse.com/show_bug.cgi?id=1223363 * https://bugzilla.suse.com/show_bug.cgi?id=1223514 * https://bugzilla.suse.com/show_bug.cgi?id=1223681 * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225013 * https://bugzilla.suse.com/show_bug.cgi?id=1225202 * https://bugzilla.suse.com/show_bug.cgi?id=1225211 * https://bugzilla.suse.com/show_bug.cgi?id=1225310 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 . Important security patch released for the SUSE Linux Kernel addressing critical vulnerabilities such as privilege escalation and service disruption.. SUSE Linux Kernel Update, Security Patch for SLE, Privilege Escalation Fixes, Live Patching for Linux, Kernel Security Update. . Severity: Important. LinuxSecurity.com Team
Oct 16, 2024
•Important
SuSE
100
security advisoryimportantSUSESUSE: 2024:1262-2 critical: kernel vulnerabilities addressed
* bsc#1222309 * bsc#1222310 * bsc#1222311 * bsc#1222312 * bsc#1222442 . # Security update for xorg-x11-server Announcement ID: SUSE-SU-2024:1261-1 Rating: important References: * bsc#1222309 * bsc#1222310 * bsc#1222311 * bsc#1222312 * bsc#1222442 Cross-References: * CVE-2024-31080 * CVE-2024-31081 * CVE-2024-31082 * CVE-2024-31083 CVSS scores: * CVE-2024-31080 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-31081 ( SUSE ): 7.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-31082 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H * CVE-2024-31083 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for xorg-x11-server fixes the following issues: * CVE-2024-31080: Fixed ProcXIGetSelectedEvents to use unswapped length (bsc#1222309). * CVE-2024-31081: Fixed ProcXIPassiveGrabDevice to use unswapped length to send reply (bsc#1222310). * CVE-2024-31082: FixedProcAppleDRICreatePixmap to use unswapped length to send reply (bsc#1222311). * CVE-2024-31083: Fixed refcounting of glyphs during ProcRenderAddGlyphs (bsc#1222312). Other fixes: \- Fixed regression for security fix for CVE-2024-31083 when using Android Studio (bnc#1222442) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1261=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1261=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1261=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1261=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1261=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1261=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1261=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1261=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-1261=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.96.1 * xorg-x11-server-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-1.20.3-150200.22.5.96.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.96.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.96.1 *xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.96.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.96.1 * xorg-x11-server-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-1.20.3-150200.22.5.96.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.96.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.96.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * xorg-x11-server-debuginfo-1.20.3-150200.22.5.96.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.96.1 * xorg-x11-server-wayland-1.20.3-150200.22.5.96.1 * xorg-x11-server-wayland-debuginfo-1.20.3-150200.22.5.96.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.96.1 * xorg-x11-server-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-1.20.3-150200.22.5.96.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.96.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.96.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.96.1 * xorg-x11-server-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-1.20.3-150200.22.5.96.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.96.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.96.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.96.1 * xorg-x11-server-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-1.20.3-150200.22.5.96.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.96.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.96.1 * SUSE Linux EnterpriseServer for SAP Applications 15 SP3 (ppc64le x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.96.1 * xorg-x11-server-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-1.20.3-150200.22.5.96.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.96.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.96.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * xorg-x11-server-debuginfo-1.20.3-150200.22.5.96.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.96.1 * xorg-x11-server-wayland-1.20.3-150200.22.5.96.1 * xorg-x11-server-wayland-debuginfo-1.20.3-150200.22.5.96.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * xorg-x11-server-sdk-1.20.3-150200.22.5.96.1 * xorg-x11-server-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-1.20.3-150200.22.5.96.1 * xorg-x11-server-debugsource-1.20.3-150200.22.5.96.1 * xorg-x11-server-debuginfo-1.20.3-150200.22.5.96.1 * xorg-x11-server-extra-debuginfo-1.20.3-150200.22.5.96.1 ## References: * https://www.suse.com/security/cve/CVE-2024-31080.html * https://www.suse.com/security/cve/CVE-2024-31081.html * https://www.suse.com/security/cve/CVE-2024-31082.html * https://www.suse.com/security/cve/CVE-2024-31083.html * https://bugzilla.suse.com/show_bug.cgi?id=1222309 * https://bugzilla.suse.com/show_bug.cgi?id=1222310 * https://bugzilla.suse.com/show_bug.cgi?id=1222311 * https://bugzilla.suse.com/show_bug.cgi?id=1222312 * https://bugzilla.suse.com/show_bug.cgi?id=1222442 . Essential xorg-x11-server patch addresses various significant vulnerabilities to uphold system security. SUSE Update, Xorg Security, Software Patch, System Integrity. . Severity: Important. LinuxSecurity.com Team
Apr 12, 2024
•Important
SuSE
100
security advisorymoderatecpioSUSE: 2024:0825-1 Moderate: cpio Extraction Fix with Security Updates
* bsc#1218571 * bsc#1219238 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 . # Security update for cpio Announcement ID: SUSE-SU-2024:0825-1 Rating: moderate References: * bsc#1218571 * bsc#1219238 Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that has two security fixes can now be installed. ## Description: This update for cpio fixes the following issues: * Fixed cpio not extracting correctly when using --no-absolute-filenames option the security fix for CVE-2023-7207 (bsc#1218571, bsc#1219238) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-825=1 * SUSE Linux Enterprise Server 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-825=1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 zypper in -t patch SUSE-SLE-SERVER-12-SP5-2024-825=1 ## Package List: * SUSE Linux Enterprise High Performance Computing 12 SP5 (aarch64 x86_64) * cpio-2.11-36.21.1 * cpio-debuginfo-2.11-36.21.1 * cpio-debugsource-2.11-36.21.1 * SUSE Linux Enterprise High Performance Computing 12 SP5 (noarch) * cpio-lang-2.11-36.21.1 * SUSE Linux Enterprise Server 12 SP5 (aarch64 ppc64le s390x x86_64) * cpio-2.11-36.21.1 * cpio-debuginfo-2.11-36.21.1 * cpio-debugsource-2.11-36.21.1 * SUSE Linux Enterprise Server 12 SP5 (noarch) * cpio-lang-2.11-36.21.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (ppc64le x86_64) * cpio-2.11-36.21.1 * cpio-debuginfo-2.11-36.21.1 * cpio-debugsource-2.11-36.21.1 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 (noarch) *cpio-lang-2.11-36.21.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1218571 * https://bugzilla.suse.com/show_bug.cgi?id=1219238 . Important patch released for cpio in SUSE Enterprise solutions tackling several problems related to setup and configuration.. cpio Security Update, SUSE Linux Patch, Enterprise Server Fix. . Severity: Important. LinuxSecurity.com Team
Mar 08, 2024
•Important
SuSE
100
security advisoryimportantSUSESUSE 12-SP3 & 12-SP2: 2022:4485-1 Critical Update for xorg-x11-server
An update that solves 6 vulnerabilities and has one errata is now available. . SUSE Security Update: Security update for xorg-x11-server ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:4485-1 Rating: important References: #1205874 #1205875 #1205876 #1205877 #1205878 #1205879 #1206017 Cross-References: CVE-2022-4283 CVE-2022-46340 CVE-2022-46341 CVE-2022-46342 CVE-2022-46343 CVE-2022-46344 CVSS scores: CVE-2022-4283 (SUSE): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-46340 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H CVE-2022-46341 (SUSE): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H CVE-2022-46342 (SUSE): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-46343 (SUSE): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L CVE-2022-46344 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N Affected Products: SUSE Linux Enterprise Server 12-SP2-BCL SUSE Linux Enterprise Server 12-SP3-BCL ______________________________________________________________________________ An update that solves 6 vulnerabilities and has one errata is now available. Description: This update for xorg-x11-server fixes the following issues: - CVE-2022-46340: Server XTestSwapFakeInput stack overflow (bsc#1205874) - CVE-2022-46341: Server XIPassiveUngrabDevice out-of-bounds access (bsc#1205877) - CVE-2022-46342: Server XvdiSelectVideoNotify use-after-free (bsc#1205879) - CVE-2022-46343: Server ScreenSaverSetAttributes use-after-free (bsc#1205878) - CVE-2022-46344: Server XIChangeProperty out-of-bounds access (bsc#1205876) - CVE-2022-4283: Reset the radio_groups pointer to NULL after freeing it (bsc#1206017) - Xi: return an error from XI propertychanges if verification failed (bsc#1205875) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Server 12-SP3-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2022-4485=1 - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2022-4485=1 Package List: - SUSE Linux Enterprise Server 12-SP3-BCL (x86_64): xorg-x11-server-7.6_1.18.3-76.57.1 xorg-x11-server-debuginfo-7.6_1.18.3-76.57.1 xorg-x11-server-debugsource-7.6_1.18.3-76.57.1 xorg-x11-server-extra-7.6_1.18.3-76.57.1 xorg-x11-server-extra-debuginfo-7.6_1.18.3-76.57.1 - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): xorg-x11-server-7.6_1.18.3-76.57.1 xorg-x11-server-debuginfo-7.6_1.18.3-76.57.1 xorg-x11-server-debugsource-7.6_1.18.3-76.57.1 xorg-x11-server-extra-7.6_1.18.3-76.57.1 xorg-x11-server-extra-debuginfo-7.6_1.18.3-76.57.1 References: https://www.suse.com/security/cve/CVE-2022-4283.html https://www.suse.com/security/cve/CVE-2022-46340.html https://www.suse.com/security/cve/CVE-2022-46341.html https://www.suse.com/security/cve/CVE-2022-46342.html https://www.suse.com/security/cve/CVE-2022-46343.html https://www.suse.com/security/cve/CVE-2022-46344.html https://bugzilla.suse.com/1205874 https://bugzilla.suse.com/1205875 https://bugzilla.suse.com/1205876 https://bugzilla.suse.com/1205877 https://bugzilla.suse.com/1205878 https://bugzilla.suse.com/1205879 https://bugzilla.suse.com/1206017 . Critical SUSE update for xorg-x11-server fixing several issues with detailed patching instructions provided.. SUSE Security Update,xorg-x11-server,patching instructions,server issues,update guidance. . Severity: Important. LinuxSecurity.com Team
Dec 14, 2022
•Important
SuSE
100
security advisoryupdatesoftware patchSUSE: 2022:2189-1 Important: Mariadb Security Fix for Several Issues
An update that fixes 25 vulnerabilities is now available. . SUSE Security Update: Security update for mariadb ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2189-1 Rating: important References: #1198603 #1198604 #1198605 #1198606 #1198607 #1198609 #1198610 #1198611 #1198612 #1198613 #1198628 #1198629 #1198630 #1198631 #1198632 #1198633 #1198634 #1198635 #1198636 #1198637 #1198638 #1198639 #1198640 #1199928 Cross-References: CVE-2021-46669 CVE-2022-21427 CVE-2022-27376 CVE-2022-27377 CVE-2022-27378 CVE-2022-27379 CVE-2022-27380 CVE-2022-27381 CVE-2022-27382 CVE-2022-27383 CVE-2022-27384 CVE-2022-27386 CVE-2022-27387 CVE-2022-27444 CVE-2022-27445 CVE-2022-27446 CVE-2022-27447 CVE-2022-27448 CVE-2022-27449 CVE-2022-27451 CVE-2022-27452 CVE-2022-27455 CVE-2022-27456 CVE-2022-27457 CVE-2022-27458 CVSS scores: CVE-2021-46669 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-21427 (NVD) : 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVE-2022-27376 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27376 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27377 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27377 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27378 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27378 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27379 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27379 (SUSE): 7.1CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27380 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27380 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27381 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27381 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27382 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27382 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27383 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27383 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27384 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27384 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27386 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27386 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27387 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27387 (SUSE): 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H CVE-2022-27444 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27444 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27445 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27445 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27446 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27446 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27447 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27447 (SUSE): 7.1CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27448 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27448 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27449 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27449 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27451 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27451 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27452 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27452 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27455 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27455 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27456 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27456 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27457 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27457 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H CVE-2022-27458 (NVD) : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2022-27458 (SUSE): 7.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H Affected Products: SUSE Enterprise Storage 7 SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS SUSE Linux Enterprise Server 15-SP2-BCL SUSE Linux Enterprise Server 15-SP2-LTSS SUSE Linux Enterprise Server for SAP 15-SP2 SUSE Manager Proxy 4.1 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 ______________________________________________________________________________ An update that fixes 25 vulnerabilities is now available. Description: This update for mariadb fixes the following issues: Update to 10.4.25 (bsc#1199928): - CVE-2021-46669 (bsc#1199928) - CVE-2022-21427 (bsc#1199928) - CVE-2022-27376 (bsc#1198628) - CVE-2022-27377 (bsc#1198603) - CVE-2022-27378 (bsc#1198604) - CVE-2022-27379 (bsc#1198605) - CVE-2022-27380 (bsc#1198606) - CVE-2022-27381 (bsc#1198607) - CVE-2022-27382 (bsc#1198609) - CVE-2022-27383 (bsc#1198610) - CVE-2022-27384 (bsc#1198611) - CVE-2022-27386 (bsc#1198612) - CVE-2022-27387 (bsc#1198613) - CVE-2022-27444 (bsc#1198634) - CVE-2022-27445 (bsc#1198629) - CVE-2022-27446 (bsc#1198630) - CVE-2022-27447 (bsc#1198631) - CVE-2022-27448 (bsc#1198632) - CVE-2022-27449 (bsc#1198633) - CVE-2022-27451 (bsc#1198639) - CVE-2022-27452 (bsc#1198640) - CVE-2022-27455 (bsc#1198638) - CVE-2022-27456 (bsc#1198635) - CVE-2022-27457 (bsc#1198636) - CVE-2022-27458 (bsc#1198637) External refernences: - https://mariadb.com/docs/release-notes/community-server/old-releases/release-notes-mariadb-10-4-series/mariadb-10425-release-notes - https://mariadb.com/docs/release-notes/community-server/changelogs/changelogs-mariadb-10-4-series/mariadb-10425-changelog Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-2189=1 - SUSE Manager Retail Branch Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-2189=1 - SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-2189=1 - SUSE Linux Enterprise Server for SAP 15-SP2: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-2189=1 - SUSE Linux Enterprise Server 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-2189=1 - SUSE Linux Enterprise Server 15-SP2-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-2189=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-2189=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-2189=1 - SUSE Enterprise Storage 7: zypper in -t patch SUSE-Storage-7-2022-2189=1 Package List: - SUSE Manager Server 4.1 (ppc64le s390x x86_64): libmariadbd-devel-10.4.25-150200.3.28.1 libmariadbd19-10.4.25-150200.3.28.1 libmariadbd19-debuginfo-10.4.25-150200.3.28.1 mariadb-10.4.25-150200.3.28.1 mariadb-client-10.4.25-150200.3.28.1 mariadb-client-debuginfo-10.4.25-150200.3.28.1 mariadb-debuginfo-10.4.25-150200.3.28.1 mariadb-debugsource-10.4.25-150200.3.28.1 mariadb-tools-10.4.25-150200.3.28.1 mariadb-tools-debuginfo-10.4.25-150200.3.28.1 - SUSE Manager Server 4.1 (noarch): mariadb-errormessages-10.4.25-150200.3.28.1 - SUSE Manager Retail Branch Server 4.1 (noarch): mariadb-errormessages-10.4.25-150200.3.28.1 - SUSE Manager Retail Branch Server 4.1 (x86_64): libmariadbd-devel-10.4.25-150200.3.28.1 libmariadbd19-10.4.25-150200.3.28.1 libmariadbd19-debuginfo-10.4.25-150200.3.28.1 mariadb-10.4.25-150200.3.28.1 mariadb-client-10.4.25-150200.3.28.1 mariadb-client-debuginfo-10.4.25-150200.3.28.1 mariadb-debuginfo-10.4.25-150200.3.28.1 mariadb-debugsource-10.4.25-150200.3.28.1 mariadb-tools-10.4.25-150200.3.28.1 mariadb-tools-debuginfo-10.4.25-150200.3.28.1 - SUSE Manager Proxy 4.1 (x86_64): libmariadbd-devel-10.4.25-150200.3.28.1 libmariadbd19-10.4.25-150200.3.28.1 libmariadbd19-debuginfo-10.4.25-150200.3.28.1 mariadb-10.4.25-150200.3.28.1 mariadb-client-10.4.25-150200.3.28.1 mariadb-client-debuginfo-10.4.25-150200.3.28.1 mariadb-debuginfo-10.4.25-150200.3.28.1 mariadb-debugsource-10.4.25-150200.3.28.1 mariadb-tools-10.4.25-150200.3.28.1 mariadb-tools-debuginfo-10.4.25-150200.3.28.1 - SUSE Manager Proxy 4.1 (noarch): mariadb-errormessages-10.4.25-150200.3.28.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (ppc64le x86_64): libmariadbd-devel-10.4.25-150200.3.28.1 libmariadbd19-10.4.25-150200.3.28.1 libmariadbd19-debuginfo-10.4.25-150200.3.28.1 mariadb-10.4.25-150200.3.28.1 mariadb-client-10.4.25-150200.3.28.1 mariadb-client-debuginfo-10.4.25-150200.3.28.1 mariadb-debuginfo-10.4.25-150200.3.28.1 mariadb-debugsource-10.4.25-150200.3.28.1 mariadb-tools-10.4.25-150200.3.28.1 mariadb-tools-debuginfo-10.4.25-150200.3.28.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (noarch): mariadb-errormessages-10.4.25-150200.3.28.1 - SUSE Linux Enterprise Server 15-SP2-LTSS (aarch64 ppc64le s390x x86_64): libmariadbd-devel-10.4.25-150200.3.28.1 libmariadbd19-10.4.25-150200.3.28.1 libmariadbd19-debuginfo-10.4.25-150200.3.28.1 mariadb-10.4.25-150200.3.28.1 mariadb-client-10.4.25-150200.3.28.1 mariadb-client-debuginfo-10.4.25-150200.3.28.1 mariadb-debuginfo-10.4.25-150200.3.28.1 mariadb-debugsource-10.4.25-150200.3.28.1 mariadb-tools-10.4.25-150200.3.28.1 mariadb-tools-debuginfo-10.4.25-150200.3.28.1 - SUSE Linux Enterprise Server 15-SP2-LTSS (noarch): mariadb-errormessages-10.4.25-150200.3.28.1 - SUSE Linux Enterprise Server 15-SP2-BCL (noarch): mariadb-errormessages-10.4.25-150200.3.28.1 - SUSE Linux Enterprise Server 15-SP2-BCL (x86_64): libmariadbd-devel-10.4.25-150200.3.28.1 libmariadbd19-10.4.25-150200.3.28.1 libmariadbd19-debuginfo-10.4.25-150200.3.28.1 mariadb-10.4.25-150200.3.28.1 mariadb-client-10.4.25-150200.3.28.1 mariadb-client-debuginfo-10.4.25-150200.3.28.1 mariadb-debuginfo-10.4.25-150200.3.28.1 mariadb-debugsource-10.4.25-150200.3.28.1 mariadb-tools-10.4.25-150200.3.28.1 mariadb-tools-debuginfo-10.4.25-150200.3.28.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (aarch64 x86_64): libmariadbd-devel-10.4.25-150200.3.28.1 libmariadbd19-10.4.25-150200.3.28.1 libmariadbd19-debuginfo-10.4.25-150200.3.28.1 mariadb-10.4.25-150200.3.28.1 mariadb-client-10.4.25-150200.3.28.1 mariadb-client-debuginfo-10.4.25-150200.3.28.1 mariadb-debuginfo-10.4.25-150200.3.28.1 mariadb-debugsource-10.4.25-150200.3.28.1 mariadb-tools-10.4.25-150200.3.28.1 mariadb-tools-debuginfo-10.4.25-150200.3.28.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch): mariadb-errormessages-10.4.25-150200.3.28.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (aarch64 x86_64): libmariadbd-devel-10.4.25-150200.3.28.1 libmariadbd19-10.4.25-150200.3.28.1 libmariadbd19-debuginfo-10.4.25-150200.3.28.1 mariadb-10.4.25-150200.3.28.1 mariadb-client-10.4.25-150200.3.28.1 mariadb-client-debuginfo-10.4.25-150200.3.28.1 mariadb-debuginfo-10.4.25-150200.3.28.1 mariadb-debugsource-10.4.25-150200.3.28.1 mariadb-tools-10.4.25-150200.3.28.1 mariadb-tools-debuginfo-10.4.25-150200.3.28.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch): mariadb-errormessages-10.4.25-150200.3.28.1 - SUSE Enterprise Storage 7 (aarch64 x86_64): libmariadbd-devel-10.4.25-150200.3.28.1 libmariadbd19-10.4.25-150200.3.28.1 libmariadbd19-debuginfo-10.4.25-150200.3.28.1 mariadb-10.4.25-150200.3.28.1 mariadb-client-10.4.25-150200.3.28.1 mariadb-client-debuginfo-10.4.25-150200.3.28.1 mariadb-debuginfo-10.4.25-150200.3.28.1 mariadb-debugsource-10.4.25-150200.3.28.1 mariadb-tools-10.4.25-150200.3.28.1 mariadb-tools-debuginfo-10.4.25-150200.3.28.1 - SUSE Enterprise Storage 7 (noarch): mariadb-errormessages-10.4.25-150200.3.28.1 References: https://www.suse.com/security/cve/CVE-2021-46669.html https://www.suse.com/security/cve/CVE-2022-21427.html https://www.suse.com/security/cve/CVE-2022-27376.html https://www.suse.com/security/cve/CVE-2022-27377.html https://www.suse.com/security/cve/CVE-2022-27378.html https://www.suse.com/security/cve/CVE-2022-27379.html https://www.suse.com/security/cve/CVE-2022-27380.html https://www.suse.com/security/cve/CVE-2022-27381.html https://www.suse.com/security/cve/CVE-2022-27382.html https://www.suse.com/security/cve/CVE-2022-27383.html https://www.suse.com/security/cve/CVE-2022-27384.html https://www.suse.com/security/cve/CVE-2022-27386.html https://www.suse.com/security/cve/CVE-2022-27387.html https://www.suse.com/security/cve/CVE-2022-27444.html https://www.suse.com/security/cve/CVE-2022-27445.html https://www.suse.com/security/cve/CVE-2022-27446.html https://www.suse.com/security/cve/CVE-2022-27447.html https://www.suse.com/security/cve/CVE-2022-27448.html https://www.suse.com/security/cve/CVE-2022-27449.html https://www.suse.com/security/cve/CVE-2022-27451.html https://www.suse.com/security/cve/CVE-2022-27452.html https://www.suse.com/security/cve/CVE-2022-27455.html https://www.suse.com/security/cve/CVE-2022-27456.html https://www.suse.com/security/cve/CVE-2022-27457.html https://www.suse.com/security/cve/CVE-2022-27458.html https://bugzilla.suse.com/1198603 https://bugzilla.suse.com/1198604 https://bugzilla.suse.com/1198605 https://bugzilla.suse.com/1198606 https://bugzilla.suse.com/1198607 https://bugzilla.suse.com/1198609 https://bugzilla.suse.com/1198610 https://bugzilla.suse.com/1198611 https://bugzilla.suse.com/1198612 https://bugzilla.suse.com/1198613 https://bugzilla.suse.com/1198628 https://bugzilla.suse.com/1198629 https://bugzilla.suse.com/1198630 https://bugzilla.suse.com/1198631 https://bugzilla.suse.com/1198632 https://bugzilla.suse.com/1198633 https://bugzilla.suse.com/1198634 https://bugzilla.suse.com/1198635 https://bugzilla.suse.com/1198636 https://bugzilla.suse.com/1198637 https://bugzilla.suse.com/1198638 https://bugzilla.suse.com/1198639 https://bugzilla.suse.com/1198640 https://bugzilla.suse.com/1199928 . A critical update from SUSE has been released for postgresql, addressing several vulnerabilities successfully.. SUSE Update, Mariadb Support, Open Source Patch, Linux Security Fixes. . Severity: Important. LinuxSecurity.com Team
Jun 27, 2022
•Important
SuSE
89
security advisorycriticalFedoraFedora 35: FEDORA-2022-a9bd17092d Critical OpenVPN Server Fix
This is a maintenance release of OpenVPN 2.5 with a security fix when used in server mode ([CVE-2022-0547]()). The other changes are available in [Changes.rst](https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst).. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-a9bd17092d 2022-03-17 15:45:21.893781 --------------------------------------------------------------------------------Name : openvpn Product : Fedora 35 Version : 2.5.6 Release : 1.fc35 URL : Summary : A full-featured TLS VPN solution Description : OpenVPN is a robust and highly flexible tunneling application that uses all of the encryption, authentication, and certification features of the OpenSSL library to securely tunnel IP networks over a single UDP or TCP port. It can use the Marcus Franz Xaver Johannes Oberhumers LZO library for compression. --------------------------------------------------------------------------------Update Information: This is a maintenance release of OpenVPN 2.5 with a security fix when used in server mode ([CVE-2022-0547]()). The other changes are available in [Changes.rst](https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst). **NOTE** Please read the CVE description carefully if you use authentication plug-ins with a server configuration. --------------------------------------------------------------------------------ChangeLog: * Wed Mar 16 2022 David Sommerseth - 2.5.6-1 - Update to upstream OpenVPN 2.5.6 - Fixes CVE-2022-0547 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-a9bd17092d' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used bythe Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Mar 17, 2022
•Critical
Fedora
202
security advisorymoderatesecurity issueopenSUSE Leap 15.2 Advisory: 2021:0300-1 Moderate Mumble Security Risk
An update that contains security fixes can now be installed. . openSUSE Security Update: Security update for mumble ______________________________________________________________________________ Announcement ID: openSUSE-SU-2021:0300-1 Rating: moderate References: #1180068 #1182123 Affected Products: openSUSE Leap 15.2 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for mumble fixes the following issues: mumble was updated to 1.3.4: * Fix use of outdated (non-existent) notification icon names * Fix Security vulnerability caused by allowing non http/https URL schemes in public server list (boo#1182123) * Server: Fix Exit status for actions like --version or --supw * Fix packet loss & audio artifacts caused by OCB2 XEX* mitigation - update apparmor profiles to get warning free again on 15.2 - use abstractions for ssl files - allow inet dgram sockets as mumble can also work via udp - allow netlink socket (probably for dbus) - properly allow lsb_release again - add support for optional local include - start murmurd directly as user mumble-server it gets rid of the dac_override/setgid/setuid/chown permissions Update to upstream version 1.3.3 Client: * Fixed: Chatbox invisble (zero height) (#4388) * Fixed: Handling of invalid packet sizes (#4394) * Fixed: Race-condition leading to loss of shortcuts (#4430) * Fixed: Link in About dialog is now clickable again (#4454) * Fixed: Sizing issues in ACL-Editor (#4455) * Improved: PulseAudio now always samples at 48 kHz (#4449) Server: * Fixed: Crash due to problems when using PostgreSQL (#4370) * Fixed: Handling of invalid package sizes (#4392) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.2: zypper in -t patch openSUSE-2021-300=1 Package List: - openSUSE Leap 15.2 (i586 x86_64): mumble-1.3.4-lp152.2.6.1 mumble-debuginfo-1.3.4-lp152.2.6.1 mumble-debugsource-1.3.4-lp152.2.6.1 mumble-server-1.3.4-lp152.2.6.1 mumble-server-debuginfo-1.3.4-lp152.2.6.1 - openSUSE Leap 15.2 (x86_64): mumble-32bit-1.3.4-lp152.2.6.1 mumble-32bit-debuginfo-1.3.4-lp152.2.6.1 References: https://bugzilla.suse.com/1180068 https://bugzilla.suse.com/1182123 . This release targets stability enhancements in Mumble for openSUSE Leap 15.2, incorporating essential fixes and upgrades.. Mumble Security Update, openSUSE Leap 15.2, update 2021, security fixes, audio application. . LinuxSecurity.com Team
Feb 16, 2021
OpenSUSE
89
security advisoryFedoraDoSFedora 32 FEDORA-2021-32d0068851 Critical: coturn DoS Security Fixes
Coturn 4.5.2 memory - Add prometheus metrics - Delete trailing whitespace in example configuration files - Add architecture ppc64le to travis build - Fix misleading option in doc (prometheus) - Allow RFC6062 TCP relay data to look like TLS - Add support for proxy protocol V1 - Print full date and time in. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-32d0068851 2021-01-20 01:26:41.922085 --------------------------------------------------------------------------------Name : coturn Product : Fedora 32 Version : 4.5.2 Release : 1.fc32 URL : https://github.com/coturn/coturn/ Summary : TURN/STUN & ICE Server Description : The Coturn TURN Server is a VoIP media traffic NAT traversal server and gateway. It can be used as a general-purpose network traffic TURN server/gateway, too. This implementation also includes some extra features. Supported RFCs: TURN specs: - RFC 5766 - base TURN specs - RFC 6062 - TCP relaying TURN extension - RFC 6156 - IPv6 extension for TURN - Experimental DTLS support as client protocol. STUN specs: - RFC 3489 - "classic" STUN - RFC 5389 - base "new" STUN specs - RFC 5769 - test vectors for STUN protocol testing - RFC 5780 - NAT behavior discovery support The implementation fully supports the following client-to-TURN-server protocols: - UDP (per RFC 5766) - TCP (per RFC 5766 and RFC 6062) - TLS (per RFC 5766 and RFC 6062); TLS1.0/TLS1.1/TLS1.2 - DTLS (experimental non-standard feature) Supported relay protocols: - UDP (per RFC 5766) - TCP (per RFC 6062) Supported user databases (for user repository, with passwords or keys, if authentication is required): - SQLite - MySQL - PostgreSQL - Redis Redis can also be used for status and statistics storage and notification. Supported TURN authentication mechanisms: - long-term - TURN REST API (a modification of the long-term mechanism, for time-limited secret-based authentication,for WebRTC applications) The load balancing can be implemented with the following tools (either one or a combination of them): - network load-balancer server - DNS-based load balancing - built-in ALTERNATE-SERVER mechanism. --------------------------------------------------------------------------------Update Information: Coturn 4.5.2 ============ - Fix null pointer dereference in case of out of memory - Add prometheus metrics - Delete trailing whitespace in example configuration files - Add architecture ppc64le to travis build - Fix misleading option in doc (prometheus) - Allow RFC6062 TCP relay data to look like TLS - Add support for proxy protocol V1 - Print full date and time in logs - Add new options: "new-log-timestamp" and "new-log-timestamp-format" -Do not use FIPS and remove hardcode `OPENSSL_VERSION_NUMBER` with LibreSSL -Add ACME redirect url - Support of `--acme-redirect ` - Fix acme security, redundancy, consistency - Disable binding request logging to avoid DoS attacks (Breaking change!) - Add new `--log-binding` option to enable binding request logging - Fix stale-nonce documentation - Version number is changed to semver 2.0 - pkg-config, and various cleanups in configure file -Add systemd notification for better systemd integration - Fix: Null pointer dereference on tcp_client_input_handler_rfc6062data function - Fix: use-after-free vulnerability on write_to_peerchannel function - Fix: use-after-free vulnerability on write_client_connection function - Little refactoring prometheus - Fix c++ support - Simplify - Remove session id/allocation labels - Remove per session metrics - Fix CVE-2020-26262 - Fix ipv6 ::1 loopback check - Not allow allocate peer address 0.0.0.0/8 and ::/128 - For more details see the github securityadvisory: https://github.com/coturn/coturn/security/advisories/GHSA-6g6j-r9rf-cm7p --------------------------------------------------------------------------------ChangeLog: * Mon Jan 11 2021 Robert Scheck - 4.5.2-1 - Upgrade to 4.5.2 (#1914861) * Sun Sep 27 2020 Christian Glombek - 4.5.1.3-3 - Rebuilt for libevent 2.1.12 soname bump * Mon Jul 27 2020 Fedora Release Engineering - 4.5.1.3-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild --------------------------------------------------------------------------------References: [ 1 ] Bug #1915045 - CVE-2020-26262 coturn: Loopback access control bypass https://bugzilla.redhat.com/show_bug.cgi?id=1915045 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-32d0068851' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list --
Jan 19, 2021
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!