Explore top 10 tips to secure your open-source projects now. Read More
×New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] mozilla-thunderbird (SSA:2025-162-01) New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/mozilla-thunderbird-128.11.1esr-i686-1_slack15.0.txz: Upgraded. This release contains security fixes and improvements. For more information, see: https://www.thunderbird.net/en-US/thunderbird/128.11.1esr/releasenotes/ https://www.mozilla.org/en-US/security/advisories/mfsa2025-49/ https://www.cve.org/CVERecord?id=CVE-2025-5986 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/mozilla-thunderbird-128.11.1esr-i686-1_slack15.0.txz Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/mozilla-thunderbird-128.11.1esr-x86_64-1_slack15.0.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/xap/mozilla-thunderbird-128.11.1esr-i686-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/xap/mozilla-thunderbird-128.11.1esr-x86_64-1.txz MD5 signatures: +-------------+ Slackware 15.0 package: b2f516512c1520e01c6aaf40d180ef51 mozilla-thunderbird-128.11.1esr-i686-1_slack15.0.txz Slackware x86_64 15.0 package: cd2cf389cd42ae5afe9142df3a2a7d24 mozilla-thunderbird-128.11.1esr-x86_64-1_slack15.0.txz Slackware -current package: 7b5707d87d1060209db3a94bf7e53473 xap/mozilla-thunderbird-128.11.1esr-i686-1.txz Slackware x86_64 -current package: 5c39d965bfb89e08950125cc765cc2df xap/mozilla-thunderbird-128.11.1esr-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg mozilla-thunderbird-128.11.1esr-i686-1_slack15.0.txz +-----+ . New mozilla-thunderbird packages are now available for Slackware 15.0 to resolve security issues effectively.. Mozilla Thunderbird, Slackware Security, Package Update. . Severity: Critical. LinuxSecurity.com Team
* bsc#1228714 * bsc#1232818 * bsc#1235218 * bsc#1238788 * bsc#1238790 . # Security update for the Linux Kernel (Live Patch 45 for SLE 15 SP3) Announcement ID: SUSE-SU-2025:1262-1 Release Date: 2025-04-15T08:03:51Z Rating: important References: * bsc#1228714 * bsc#1232818 * bsc#1235218 * bsc#1238788 * bsc#1238790 Cross-References: * CVE-2022-49014 * CVE-2022-49563 * CVE-2022-49564 * CVE-2024-41090 * CVE-2024-56600 CVSS scores: * CVE-2022-49014 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49014 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49563 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49563 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49563 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2022-49564 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2022-49564 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2022-49564 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-41090 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H * CVE-2024-56600 ( SUSE ): 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-56600 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56600 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-56600 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.3 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise Live Patching 15-SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves five vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.3.18-150300_59_164 fixes severalissues. The following security issues were fixed: * CVE-2022-49014: net: tun: Fix use-after-free in tun_detach() (bsc#1232818). * CVE-2022-49563: crypto: qat - add param check for RSA (bsc#1238788). * CVE-2022-49564: crypto: qat - add param check for DH (bsc#1238790). * CVE-2024-41090: tap: add missing verification for short frame (bsc#1228714). * CVE-2024-56600: net: inet6: do not leave a dangling sk pointer in inet6_create() (bsc#1235218). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2025-1262=1 * SUSE Linux Enterprise Live Patching 15-SP3 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP3-2025-1262=1 ## Package List: * openSUSE Leap 15.3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_164-default-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_164-default-debuginfo-12-150300.2.1 * kernel-livepatch-SLE15-SP3_Update_45-debugsource-12-150300.2.1 * openSUSE Leap 15.3 (x86_64) * kernel-livepatch-5_3_18-150300_59_164-preempt-12-150300.2.1 * kernel-livepatch-5_3_18-150300_59_164-preempt-debuginfo-12-150300.2.1 * SUSE Linux Enterprise Live Patching 15-SP3 (ppc64le s390x x86_64) * kernel-livepatch-5_3_18-150300_59_164-default-12-150300.2.1 ## References: * https://www.suse.com/security/cve/CVE-2022-49014.html * https://www.suse.com/security/cve/CVE-2022-49563.html * https://www.suse.com/security/cve/CVE-2022-49564.html * https://www.suse.com/security/cve/CVE-2024-41090.html * https://www.suse.com/security/cve/CVE-2024-56600.html * https://bugzilla.suse.com/show_bug.cgi?id=1228714 * https://bugzilla.suse.com/show_bug.cgi?id=1232818 * https://bugzilla.suse.com/show_bug.cgi?id=1235218 * https://bugzilla.suse.com/show_bug.cgi?id=1238788 * https://bugzilla.suse.com/show_bug.cgi?id=1238790 . The latest release ofthe Linux Kernel rectifies essential vulnerabilities and offers detailed instructions for SUSE users regarding the installation process.. Linux Kernel, SUSE Linux, security updates, important patch, system vulnerabilities. . Severity: Important. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-1673 http://linux.oracle.com/errata/ELSA-2025-1673.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable LinuxNetwork: x86_64: mecab-0.996-2.module+el8.10.0+90521+d5cc5c65.x86_64.rpm mecab-devel-0.996-2.module+el8.10.0+90521+d5cc5c65.x86_64.rpm mecab-ipadic-2.7.0.20070801-17.0.1.module+el8.10.0+90521+d5cc5c65.x86_64.rpm mecab-ipadic-EUCJP-2.7.0.20070801-17.0.1.module+el8.10.0+90521+d5cc5c65.x86_64.rpm mysql-8.0.41-1.module+el8.10.0+90521+d5cc5c65.x86_64.rpm mysql-common-8.0.41-1.module+el8.10.0+90521+d5cc5c65.x86_64.rpm mysql-devel-8.0.41-1.module+el8.10.0+90521+d5cc5c65.x86_64.rpm mysql-errmsg-8.0.41-1.module+el8.10.0+90521+d5cc5c65.x86_64.rpm mysql-libs-8.0.41-1.module+el8.10.0+90521+d5cc5c65.x86_64.rpm mysql-server-8.0.41-1.module+el8.10.0+90521+d5cc5c65.x86_64.rpm mysql-test-8.0.41-1.module+el8.10.0+90521+d5cc5c65.x86_64.rpm aarch64: mecab-0.996-2.module+el8.10.0+90521+d5cc5c65.aarch64.rpm mecab-devel-0.996-2.module+el8.10.0+90521+d5cc5c65.aarch64.rpm mecab-ipadic-2.7.0.20070801-17.0.1.module+el8.10.0+90521+d5cc5c65.aarch64.rpm mecab-ipadic-EUCJP-2.7.0.20070801-17.0.1.module+el8.10.0+90521+d5cc5c65.aarch64.rpm mysql-8.0.41-1.module+el8.10.0+90521+d5cc5c65.aarch64.rpm mysql-common-8.0.41-1.module+el8.10.0+90521+d5cc5c65.aarch64.rpm mysql-devel-8.0.41-1.module+el8.10.0+90521+d5cc5c65.aarch64.rpm mysql-errmsg-8.0.41-1.module+el8.10.0+90521+d5cc5c65.aarch64.rpm mysql-libs-8.0.41-1.module+el8.10.0+90521+d5cc5c65.aarch64.rpm mysql-server-8.0.41-1.module+el8.10.0+90521+d5cc5c65.aarch64.rpm mysql-test-8.0.41-1.module+el8.10.0+90521+d5cc5c65.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//mecab-0.996-2.module+el8.10.0+90521+d5cc5c65.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//mecab-ipadic-2.7.0.20070801-17.0.1.module+el8.10.0+90521+d5cc5c65.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//mysql-8.0.41-1.module+el8.10.0+90521+d5cc5c65.src.rpm RelatedCVEs: CVE-2024-5535 CVE-2024-7264 CVE-2024-11053 CVE-2024-21193 CVE-2024-21194 CVE-2024-21196 CVE-2024-21197 CVE-2024-21198 CVE-2024-21199 CVE-2024-21201 CVE-2024-21203 CVE-2024-21212 CVE-2024-21213 CVE-2024-21218 CVE-2024-21219 CVE-2024-21230 CVE-2024-21231 CVE-2024-21236 CVE-2024-21237 CVE-2024-21238 CVE-2024-21239 CVE-2024-21241 CVE-2024-21247 CVE-2024-37371 CVE-2025-21490 CVE-2025-21491 CVE-2025-21494 CVE-2025-21497 CVE-2025-21500 CVE-2025-21501 CVE-2025-21503 CVE-2025-21504 CVE-2025-21505 CVE-2025-21518 CVE-2025-21519 CVE-2025-21520 CVE-2025-21521 CVE-2025-21522 CVE-2025-21523 CVE-2025-21525 CVE-2025-21529 CVE-2025-21531 CVE-2025-21534 CVE-2025-21536 CVE-2025-21540 CVE-2025-21543 CVE-2025-21546 CVE-2025-21555 CVE-2025-21559 Description of changes: mecab [0.996-2.12] - Bump version for 'mysql' module rebuild We are moving the 'mecab-devel' RPM from the 'buildroot' repo to the 'AppStream' repo - Resolves: #2180411 mecab-ipadic [2.7.0.20070801-17.0.1] - Rename the LICENSE.Fedora to LICENSE.oracle [2.7.0.20070801-17] - Bump the release - Resolves: RHEL-24525 mysql [8.0.41-1] - Update to MySQL 8.0.41 _______________________________________________ El-errata mailing list
* bsc#1227320 * bsc#1227700 * bsc#1236783 Cross-References: . # Security update for the Linux Kernel (Live Patch 53 for SLE 12 SP5) Announcement ID: SUSE-SU-2025:0667-1 Release Date: 2025-02-24T08:33:25Z Rating: important References: * bsc#1227320 * bsc#1227700 * bsc#1236783 Cross-References: * CVE-2021-47511 * CVE-2024-35789 * CVE-2024-53104 CVSS scores: * CVE-2021-47511 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47511 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-35789 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53104 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53104 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-53104 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Live Patching 12-SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 4.12.14-122_194 fixes several issues. The following security issues were fixed: * CVE-2024-35789: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (bsc#1227320). * CVE-2021-47511: ALSA: pcm: oss: fix negative period/buffer sizes (bsc#1227700). * CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format (bsc#1236783). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 12-SP5 zypper in -t patch SUSE-SLE-Live-Patching-12-SP5-2025-667=1 ## Package List: * SUSE Linux Enterprise Live Patching 12-SP5 (ppc64le s390x x86_64) *kgraft-patch-4_12_14-122_194-default-14-2.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47511.html * https://www.suse.com/security/cve/CVE-2024-35789.html * https://www.suse.com/security/cve/CVE-2024-53104.html * https://bugzilla.suse.com/show_bug.cgi?id=1227320 * https://bugzilla.suse.com/show_bug.cgi?id=1227700 * https://bugzilla.suse.com/show_bug.cgi?id=1236783 . Kernel Live Patch 53 for SUSE Linux Enterprise 12 SP5 resolves various vulnerabilities and includes guidance for applying the updates.. Linux Kernel Update, SUSE Security Patch, Live Patching, Kernel Fixes, Enterprise Server Security. . Severity: Important. LinuxSecurity.com Team
The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-8495 http://linux.oracle.com/errata/ELSA-2024-8495.html The following updated rpms for Oracle Linux 7 have been uploaded to the Unbreakable Linux Network: x86_64: postgresql-9.2.24-9.0.1.el7_9.i686.rpm postgresql-9.2.24-9.0.1.el7_9.x86_64.rpm postgresql-contrib-9.2.24-9.0.1.el7_9.x86_64.rpm postgresql-devel-9.2.24-9.0.1.el7_9.i686.rpm postgresql-devel-9.2.24-9.0.1.el7_9.x86_64.rpm postgresql-docs-9.2.24-9.0.1.el7_9.x86_64.rpm postgresql-libs-9.2.24-9.0.1.el7_9.i686.rpm postgresql-libs-9.2.24-9.0.1.el7_9.x86_64.rpm postgresql-plperl-9.2.24-9.0.1.el7_9.x86_64.rpm postgresql-plpython-9.2.24-9.0.1.el7_9.x86_64.rpm postgresql-pltcl-9.2.24-9.0.1.el7_9.x86_64.rpm postgresql-server-9.2.24-9.0.1.el7_9.x86_64.rpm postgresql-static-9.2.24-9.0.1.el7_9.i686.rpm postgresql-static-9.2.24-9.0.1.el7_9.x86_64.rpm postgresql-test-9.2.24-9.0.1.el7_9.x86_64.rpm postgresql-upgrade-9.2.24-9.0.1.el7_9.x86_64.rpm SRPMS: http://oss.oracle.com/ol7/SRPMS-updates//postgresql-9.2.24-9.0.1.el7_9.src.rpm Related CVEs: CVE-2024-7348 Description of changes: [9.2.24-9.0.1] - Backport fix for CVE-2023-7348 [Orabug: 37220738] - Adds restriction on non-system views _______________________________________________ El-errata mailing list
* bsc#1223683 * bsc#1225099 * bsc#1225739 * bsc#1225819 * bsc#1227471 . # Security update for the Linux Kernel (Live Patch 15 for SLE 15 SP5) Announcement ID: SUSE-SU-2024:3840-1 Release Date: 2024-10-30T21:46:10Z Rating: important References: * bsc#1223683 * bsc#1225099 * bsc#1225739 * bsc#1225819 * bsc#1227471 * bsc#1228349 * bsc#1228573 * bsc#1228786 Cross-References: * CVE-2021-47598 * CVE-2023-52752 * CVE-2023-52846 * CVE-2024-26923 * CVE-2024-36899 * CVE-2024-40909 * CVE-2024-40954 * CVE-2024-41059 CVSS scores: * CVE-2021-47598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2021-47598 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26923 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40909 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41059 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-41059 ( NVD ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 Anupdate that solves eight vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 5.14.21-150500_55_68 fixes several issues. The following security issues were fixed: * CVE-2021-47598: sch_cake: do not call cake_destroy() from cake_init() (bsc#1227471). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-41059: hfsplus: fix uninit-value in copy_name (bsc#1228573). * CVE-2024-40909: bpf: Fix a potential use-after-free in bpf_link_free() (bsc#1228349). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-26923: Fixed false-positive lockdep splat for spin_lock() in __unix_gc() (bsc#1223683). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3840=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-3840=1 ## Package List: * openSUSE Leap 15.5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_68-default-5-150500.11.6.1 * kernel-livepatch-SLE15-SP5_Update_15-debugsource-5-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-5-150500.11.6.1 * SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64) * kernel-livepatch-5_14_21-150500_55_68-default-5-150500.11.6.1 * kernel-livepatch-SLE15-SP5_Update_15-debugsource-5-150500.11.6.1 * kernel-livepatch-5_14_21-150500_55_68-default-debuginfo-5-150500.11.6.1 ## References: * https://www.suse.com/security/cve/CVE-2021-47598.html *https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-26923.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-40909.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-41059.html * https://bugzilla.suse.com/show_bug.cgi?id=1223683 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1227471 * https://bugzilla.suse.com/show_bug.cgi?id=1228349 * https://bugzilla.suse.com/show_bug.cgi?id=1228573 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 . Urgent security patch for Linux Kernel Live Update 15 targeting multiple significant vulnerabilities in SUSE Enterprise platforms.. SUSE Linux Enterprise, Kernel Update, Security Fix, Live Patching, Important Issues. . Severity: Important. LinuxSecurity.com Team
* bsc#1228256 * bsc#1228257 Cross-References: * CVE-2024-1737 . # Security update for bind Announcement ID: SUSE-SU-2024:2810-1 Rating: important References: * bsc#1228256 * bsc#1228257 Cross-References: * CVE-2024-1737 * CVE-2024-1975 CVSS scores: * CVE-2024-1737 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-1975 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for bind fixes the following issues: * CVE-2024-1737: It is possible to craft excessively large numbers of resource record types for a given owner name, which has the effect of slowing down database processing. This has been addressed by adding a configurable limit to the number of records that can be stored per name and type in a cache or zone database. The default is 100, which can be tuned with the new max- types-per-name option. (bsc#1228256) * CVE-2024-1975: Validating DNS messages signed using the SIG(0) protocol (RFC 2931) could cause excessive CPU load, leading to a denial-of-service condition. Support for SIG(0) message validation was removed from this version of named. (bsc#1228257) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for yourproduct: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-2810=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-2810=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2810=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2810=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2810=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-2810=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * libirs-devel-9.16.6-150300.22.47.1 * libirs1601-9.16.6-150300.22.47.1 * bind-debuginfo-9.16.6-150300.22.47.1 * bind-chrootenv-9.16.6-150300.22.47.1 * bind-utils-9.16.6-150300.22.47.1 * libirs1601-debuginfo-9.16.6-150300.22.47.1 * libns1604-9.16.6-150300.22.47.1 * libdns1605-debuginfo-9.16.6-150300.22.47.1 * bind-utils-debuginfo-9.16.6-150300.22.47.1 * libisc1606-9.16.6-150300.22.47.1 * libbind9-1600-debuginfo-9.16.6-150300.22.47.1 * libisc1606-debuginfo-9.16.6-150300.22.47.1 * bind-devel-9.16.6-150300.22.47.1 * bind-9.16.6-150300.22.47.1 * libbind9-1600-9.16.6-150300.22.47.1 * libdns1605-9.16.6-150300.22.47.1 * libisccc1600-9.16.6-150300.22.47.1 * libisccfg1600-debuginfo-9.16.6-150300.22.47.1 * libns1604-debuginfo-9.16.6-150300.22.47.1 * libisccfg1600-9.16.6-150300.22.47.1 * bind-debugsource-9.16.6-150300.22.47.1 * libisccc1600-debuginfo-9.16.6-150300.22.47.1 * openSUSE Leap 15.3 (noarch) * python3-bind-9.16.6-150300.22.47.1 * bind-doc-9.16.6-150300.22.47.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libdns1605-9.16.6-150300.22.47.1 * libirs1601-debuginfo-9.16.6-150300.22.47.1 * libirs-devel-9.16.6-150300.22.47.1 * libirs1601-9.16.6-150300.22.47.1 *libisccfg1600-debuginfo-9.16.6-150300.22.47.1 * libisccfg1600-9.16.6-150300.22.47.1 * bind-debugsource-9.16.6-150300.22.47.1 * libisc1606-debuginfo-9.16.6-150300.22.47.1 * libdns1605-debuginfo-9.16.6-150300.22.47.1 * bind-debuginfo-9.16.6-150300.22.47.1 * libisc1606-9.16.6-150300.22.47.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * libirs-devel-9.16.6-150300.22.47.1 * libirs1601-9.16.6-150300.22.47.1 * bind-debuginfo-9.16.6-150300.22.47.1 * bind-chrootenv-9.16.6-150300.22.47.1 * bind-utils-9.16.6-150300.22.47.1 * libirs1601-debuginfo-9.16.6-150300.22.47.1 * libns1604-9.16.6-150300.22.47.1 * libdns1605-debuginfo-9.16.6-150300.22.47.1 * bind-utils-debuginfo-9.16.6-150300.22.47.1 * libisc1606-9.16.6-150300.22.47.1 * libbind9-1600-debuginfo-9.16.6-150300.22.47.1 * libisc1606-debuginfo-9.16.6-150300.22.47.1 * bind-devel-9.16.6-150300.22.47.1 * bind-9.16.6-150300.22.47.1 * libbind9-1600-9.16.6-150300.22.47.1 * libdns1605-9.16.6-150300.22.47.1 * libisccc1600-9.16.6-150300.22.47.1 * libisccfg1600-debuginfo-9.16.6-150300.22.47.1 * libns1604-debuginfo-9.16.6-150300.22.47.1 * libisccfg1600-9.16.6-150300.22.47.1 * bind-debugsource-9.16.6-150300.22.47.1 * libisccc1600-debuginfo-9.16.6-150300.22.47.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * python3-bind-9.16.6-150300.22.47.1 * bind-doc-9.16.6-150300.22.47.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * libirs-devel-9.16.6-150300.22.47.1 * libirs1601-9.16.6-150300.22.47.1 * bind-debuginfo-9.16.6-150300.22.47.1 * bind-chrootenv-9.16.6-150300.22.47.1 * bind-utils-9.16.6-150300.22.47.1 * libirs1601-debuginfo-9.16.6-150300.22.47.1 * libns1604-9.16.6-150300.22.47.1 * libdns1605-debuginfo-9.16.6-150300.22.47.1 * bind-utils-debuginfo-9.16.6-150300.22.47.1 * libisc1606-9.16.6-150300.22.47.1 *libbind9-1600-debuginfo-9.16.6-150300.22.47.1 * libisc1606-debuginfo-9.16.6-150300.22.47.1 * bind-devel-9.16.6-150300.22.47.1 * bind-9.16.6-150300.22.47.1 * libbind9-1600-9.16.6-150300.22.47.1 * libdns1605-9.16.6-150300.22.47.1 * libisccc1600-9.16.6-150300.22.47.1 * libisccfg1600-debuginfo-9.16.6-150300.22.47.1 * libns1604-debuginfo-9.16.6-150300.22.47.1 * libisccfg1600-9.16.6-150300.22.47.1 * bind-debugsource-9.16.6-150300.22.47.1 * libisccc1600-debuginfo-9.16.6-150300.22.47.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * python3-bind-9.16.6-150300.22.47.1 * bind-doc-9.16.6-150300.22.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * libirs-devel-9.16.6-150300.22.47.1 * libirs1601-9.16.6-150300.22.47.1 * bind-debuginfo-9.16.6-150300.22.47.1 * bind-chrootenv-9.16.6-150300.22.47.1 * bind-utils-9.16.6-150300.22.47.1 * libirs1601-debuginfo-9.16.6-150300.22.47.1 * libns1604-9.16.6-150300.22.47.1 * libdns1605-debuginfo-9.16.6-150300.22.47.1 * bind-utils-debuginfo-9.16.6-150300.22.47.1 * libisc1606-9.16.6-150300.22.47.1 * libbind9-1600-debuginfo-9.16.6-150300.22.47.1 * libisc1606-debuginfo-9.16.6-150300.22.47.1 * bind-devel-9.16.6-150300.22.47.1 * bind-9.16.6-150300.22.47.1 * libbind9-1600-9.16.6-150300.22.47.1 * libdns1605-9.16.6-150300.22.47.1 * libisccc1600-9.16.6-150300.22.47.1 * libisccfg1600-debuginfo-9.16.6-150300.22.47.1 * libns1604-debuginfo-9.16.6-150300.22.47.1 * libisccfg1600-9.16.6-150300.22.47.1 * bind-debugsource-9.16.6-150300.22.47.1 * libisccc1600-debuginfo-9.16.6-150300.22.47.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * python3-bind-9.16.6-150300.22.47.1 * bind-doc-9.16.6-150300.22.47.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * libirs-devel-9.16.6-150300.22.47.1 * libirs1601-9.16.6-150300.22.47.1 * bind-debuginfo-9.16.6-150300.22.47.1 *bind-chrootenv-9.16.6-150300.22.47.1 * bind-utils-9.16.6-150300.22.47.1 * libirs1601-debuginfo-9.16.6-150300.22.47.1 * libns1604-9.16.6-150300.22.47.1 * libdns1605-debuginfo-9.16.6-150300.22.47.1 * bind-utils-debuginfo-9.16.6-150300.22.47.1 * libisc1606-9.16.6-150300.22.47.1 * libbind9-1600-debuginfo-9.16.6-150300.22.47.1 * libisc1606-debuginfo-9.16.6-150300.22.47.1 * bind-devel-9.16.6-150300.22.47.1 * bind-9.16.6-150300.22.47.1 * libbind9-1600-9.16.6-150300.22.47.1 * libdns1605-9.16.6-150300.22.47.1 * libisccc1600-9.16.6-150300.22.47.1 * libisccfg1600-debuginfo-9.16.6-150300.22.47.1 * libns1604-debuginfo-9.16.6-150300.22.47.1 * libisccfg1600-9.16.6-150300.22.47.1 * bind-debugsource-9.16.6-150300.22.47.1 * libisccc1600-debuginfo-9.16.6-150300.22.47.1 * SUSE Enterprise Storage 7.1 (noarch) * python3-bind-9.16.6-150300.22.47.1 * bind-doc-9.16.6-150300.22.47.1 ## References: * https://www.suse.com/security/cve/CVE-2024-1737.html * https://www.suse.com/security/cve/CVE-2024-1975.html * https://bugzilla.suse.com/show_bug.cgi?id=1228256 * https://bugzilla.suse.com/show_bug.cgi?id=1228257 . Crucial patches for bind resolve severe vulnerabilities related to DNS query verification and resource record constraints.. bind updates,SUSE advisory,DoS mitigation,SUSE security. . Severity: Critical. LinuxSecurity.com Team
Several security issues were fixed in ClickHouse.. ========================================================================== Ubuntu Security Notice USN-6933-1 July 31, 2024 clickhouse vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: Several security issues were fixed in ClickHouse. Software Description: - clickhouse: column-oriented database system (cli client) Details: It was discovered that ClickHouse incorrectly handled memory, leading to a heap out-of-bounds data read. An attacker could possibly use this issue to cause a denial of service, or leak sensitive information. (CVE-2021-42387, CVE-2021-41388) It was discovered that ClickHouse incorrectly handled memory, leading to a heap-based buffer overflow. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2021-43304, CVE-2021-43305) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS clickhouse-common 18.16.1+ds-7ubuntu0.1 clickhouse-server 18.16.1+ds-7ubuntu0.1 clickhouse-tools 18.16.1+ds-7ubuntu0.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6933-1 CVE-2021-42387, CVE-2021-42388, CVE-2021-43304, CVE-2021-43305 Package Information: https://launchpad.net/ubuntu/+source/clickhouse/18.16.1+ds-7ubuntu0.1 . Ubuntu 20.04 LTS ClickHouse upgrade addresses memory management vulnerabilities that pose security risks.. ClickHouse Security Update, Ubuntu ClickHouse Patch, Memory Management Issues. . Severity: Critical. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.