Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 2 articles for you...
100
security advisorymoderatesecurity fixSUSE: 2023:3822-2 Moderate Security Fix for Supportutils Available
* bsc#1181477 * bsc#1196933 * bsc#1204942 * bsc#1205533 * bsc#1206402 . # Security update for supportutils Announcement ID: SUSE-SU-2023:3822-2 Rating: moderate References: * bsc#1181477 * bsc#1196933 * bsc#1204942 * bsc#1205533 * bsc#1206402 * bsc#1206608 * bsc#1207543 * bsc#1207598 * bsc#1208928 * bsc#1209979 * bsc#1210015 * bsc#1210950 * bsc#1211598 * bsc#1211599 * bsc#1213127 * jsc#PED-1703 Cross-References: * CVE-2022-45154 CVSS scores: * CVE-2022-45154 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2022-45154 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L Affected Products: * SUSE Linux Enterprise Micro 5.5 An update that solves one vulnerability, contains one feature and has 14 security fixes can now be installed. ## Description: This update for supportutils fixes the following issues: Security fixes: * CVE-2022-45154: Removed iSCSI passwords (bsc#1207598). Other Fixes: * Changes in version 3.1.26 * powerpc plugin to collect the slots and active memory (bsc#1210950) * A Cleartext Storage of Sensitive Information vulnerability CVE-2022-45154 * supportconfig: collect BPF information (pr#154) * Added additional iscsi information (pr#155) * Added run time detection (bsc#1213127) * Changes for supportutils version 3.1.25 * Removed iSCSI passwords CVE-2022-45154 (bsc#1207598) * powerpc: Collect lsslot,amsstat, and opal elogs (pr#149) * powerpc: collect invscout logs (pr#150) * powerpc: collect RMC status logs (pr#151) * Added missing nvme nbft commands (bsc#1211599) * Fixed invalid nvme commands (bsc#1211598) * Added missing podman information (PED-1703, bsc#1181477) * Removed dependency on sysfstools * Check for systool use (bsc#1210015) * Added selinux checking (bsc#1209979) * Updated SLES_VER matrix * Fixed missing status detail for apparmor (bsc#1196933) * Corrected invalid argument list in docker.txt (bsc#1206608) * Applies limit equally to sar data and text files (bsc#1207543) * Collects hwinfo hardware logs(bsc#1208928) * Collects lparnumascore logs (issue#148) * Add dependency to `numactl` on ppc64le and `s390x`, this enforces that `numactl --hardware` data is provided in supportconfigs * Changes to supportconfig.rc version 3.1.11-35 * Corrected _sanitize_file to include iscsi.conf and others (bsc#1206402) * Changes to supportconfig version 3.1.11-46.4 * Added plymouth_info * Changes to getappcore version 1.53.02 * The location of chkbin was updated earlier. This documents that change (bsc#1205533, bsc#1204942) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2023-3822=1 ## Package List: * SUSE Linux Enterprise Micro 5.5 (noarch) * supportutils-3.1.26-150300.7.35.21.1 ## References: * https://www.suse.com/security/cve/CVE-2022-45154.html * https://bugzilla.suse.com/show_bug.cgi?id=1181477 * https://bugzilla.suse.com/show_bug.cgi?id=1196933 * https://bugzilla.suse.com/show_bug.cgi?id=1204942 * https://bugzilla.suse.com/show_bug.cgi?id=1205533 * https://bugzilla.suse.com/show_bug.cgi?id=1206402 * https://bugzilla.suse.com/show_bug.cgi?id=1206608 * https://bugzilla.suse.com/show_bug.cgi?id=1207543 * https://bugzilla.suse.com/show_bug.cgi?id=1207598 * https://bugzilla.suse.com/show_bug.cgi?id=1208928 * https://bugzilla.suse.com/show_bug.cgi?id=1209979 * https://bugzilla.suse.com/show_bug.cgi?id=1210015 * https://bugzilla.suse.com/show_bug.cgi?id=1210950 * https://bugzilla.suse.com/show_bug.cgi?id=1211598 * https://bugzilla.suse.com/show_bug.cgi?id=1211599 * https://bugzilla.suse.com/show_bug.cgi?id=1213127 * . Minor security enhancement for support-tools, addressing multiple concerns and weaknesses within SUSE Linux Enterprise.. Supportutils Update, SUSE Security, Patch Management, Software Fixes. . LinuxSecurity.com Team
Oct 18, 2023
SuSE
100
security advisoryimportantglibcSUSE: 2023:3176-1 Important Toolbox Security Update Details
The container suse/sle-micro/5.4/toolbox was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sle-micro/5.4/toolbox ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2023:3176-1 Container Tags : suse/sle-micro/5.4/toolbox:12.1 , suse/sle-micro/5.4/toolbox:12.1-4.2.114 , suse/sle-micro/5.4/toolbox:latest Container Release : 4.2.114 Severity : important Type : security References : 1181477 1196933 1204942 1205533 1206402 1206608 1207543 1207598 1208928 1209979 1210015 1210950 1211598 1211599 1211829 1212819 1212910 1213127 1214458 1214692 CVE-2022-45154 CVE-2023-40217 ----------------------------------------------------------------- The container suse/sle-micro/5.4/toolbox was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3814-1 Released: Wed Sep 27 18:08:17 2023 Summary: Recommended update for glibc Type: recommended Severity: moderate References: 1211829,1212819,1212910 This update for glibc fixes the following issues: - nscd: Fix netlink cache invalidation if epoll is used (bsc#1212910, BZ #29415) - Restore lookup of IPv4 mapped addresses in files database (bsc#1212819, BZ #25457) - elf: Remove excessive p_align check on PT_LOAD segments (bsc#1211829, BZ #28688) - elf: Properly align PT_LOAD segments (bsc#1211829, BZ #28676) - ld.so: Always use MAP_COPY to map the first segment (BZ #30452) - add GB18030-2022 charmap (jsc#PED-4908, BZ #30243) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3822-1 Released: Wed Sep 27 18:40:14 2023 Summary: Security update for supportutils Type: security Severity: moderate References: 1181477,1196933,1204942,1205533,1206402,1206608,1207543,1207598,1208928,1209979,1210015,1210950,1211598,1211599,1213127,CVE-2022-45154 This update for supportutils fixes the following issues: Security fixes: - CVE-2022-45154: Removed iSCSI passwords (bsc#1207598). Other Fixes: - Changes in version 3.1.26 + powerpc plugin to collect the slots and active memory (bsc#1210950) + A Cleartext Storage of Sensitive Information vulnerability CVE-2022-45154 + supportconfig: collect BPF information (pr#154) + Added additional iscsi information (pr#155) - Added run time detection (bsc#1213127) - Changes for supportutils version 3.1.25 + Removed iSCSI passwords CVE-2022-45154 (bsc#1207598) + powerpc: Collect lsslot,amsstat, and opal elogs (pr#149) + powerpc: collect invscout logs (pr#150) + powerpc: collect RMC status logs (pr#151) + Added missing nvme nbft commands (bsc#1211599) + Fixed invalid nvme commands (bsc#1211598) + Added missing podman information (PED-1703, bsc#1181477) + Removed dependency on sysfstools + Check for systool use (bsc#1210015) + Added selinux checking (bsc#1209979) + Updated SLES_VER matrix - Fixed missing status detail for apparmor (bsc#1196933) - Corrected invalid argument list in docker.txt (bsc#1206608) - Applies limit equally to sar data and text files (bsc#1207543) - Collects hwinfo hardware logs (bsc#1208928) - Collects lparnumascore logs (issue#148) - Add dependency to `numactl` on ppc64le and `s390x`, this enforces that `numactl --hardware` data is provided in supportconfigs - Changes to supportconfig.rc version 3.1.11-35 + Corrected _sanitize_file to include iscsi.conf and others (bsc#1206402) - Changes to supportconfig version 3.1.11-46.4 + Added plymouth_info - Changes to getappcore version 1.53.02 + The location of chkbin was updated earlier. This documents that change (bsc#1205533, bsc#1204942) ----------------------------------------------------------------- Advisory ID: SUSE-SU-2023:3828-1 Released: Wed Sep 27 19:07:382023 Summary: Security update for python3 Type: security Severity: important References: 1214692,CVE-2023-40217 This update for python3 fixes the following issues: - CVE-2023-40217: Fixed TLS handshake bypass on closed sockets (bsc#1214692). ----------------------------------------------------------------- Advisory ID: SUSE-RU-2023:3856-1 Released: Thu Sep 28 09:42:16 2023 Summary: Recommended update for apparmor Type: recommended Severity: moderate References: 1214458 This update for apparmor fixes the following issues: - Update zgrep profile to allow egrep helper use (bsc#1214458) The following package changes have been done: - glibc-locale-base-2.31-150300.58.1 updated - glibc-locale-2.31-150300.58.1 updated - libapparmor1-3.0.4-150400.5.9.1 updated - libpython3_6m1_0-3.6.15-150300.10.51.1 updated - python3-base-3.6.15-150300.10.51.1 updated - supportutils-3.1.26-150300.7.35.21.1 updated - sysfsutils-2.1.0-3.3.1 removed . SUSE Container Enhancement Notification: suse/sle-micro/5.5/toolbox Enhancement Notification ID : SUSE-CE-2023:4278. SUSE, Toolbox Update, Python3 Fix, Security Advisory, AppArmor Update. . Severity: Important. LinuxSecurity.com Team
Sep 29, 2023
•Important
SuSE
202
security advisorysecurity fixmoderate severityopenSUSE 15.4/15.5: 2023:3822-1 Moderate: Supportutils Security Fix
This update for supportutils fixes the following issues: Security fixes:. # Security update for supportutils Announcement ID: SUSE-SU-2023:3822-1 Rating: moderate References: * #1181477 * #1196933 * #1204942 * #1205533 * #1206402 * #1206608 * #1207543 * #1207598 * #1208928 * #1209979 * #1210015 * #1210950 * #1211598 * #1211599 * #1213127 * PED-1703 Cross-References: * CVE-2022-45154 CVSS scores: * CVE-2022-45154 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2022-45154 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L Affected Products: * Basesystem Module 15-SP4 * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves onevulnerability, contains one feature and has 14 security fixes can now be installed. ## Description: This update for supportutils fixes the following issues: Security fixes: * CVE-2022-45154: Removed iSCSI passwords (bsc#1207598). Other Fixes: * Changes in version 3.1.26 * powerpc plugin to collect the slots and active memory (bsc#1210950) * A Cleartext Storage of Sensitive Information vulnerability CVE-2022-45154 * supportconfig: collect BPF information (pr#154) * Added additional iscsi information (pr#155) * Added run time detection (bsc#1213127) * Changes for supportutils version 3.1.25 * Removed iSCSI passwords CVE-2022-45154 (bsc#1207598) * powerpc: Collect lsslot,amsstat, and opal elogs (pr#149) * powerpc: collect invscout logs (pr#150) * powerpc: collect RMC status logs (pr#151) * Added missing nvme nbft commands (bsc#1211599) * Fixed invalid nvme commands (bsc#1211598) * Added missing podman information (PED-1703, bsc#1181477) * Removed dependency on sysfstools * Check for systool use (bsc#1210015) * Added selinux checking (bsc#1209979) * Updated SLES_VER matrix * Fixed missing status detail for apparmor (bsc#1196933) * Corrected invalid argument list in docker.txt (bsc#1206608) * Applies limit equally to sar data and text files (bsc#1207543) * Collects hwinfo hardware logs (bsc#1208928) * Collects lparnumascore logs (issue#148) * Add dependency to `numactl` on ppc64le and `s390x`, this enforces that `numactl --hardware` data is provided in supportconfigs * Changes to supportconfig.rc version 3.1.11-35 * Corrected _sanitize_file to include iscsi.conf and others (bsc#1206402) * Changes to supportconfig version 3.1.11-46.4 * Added plymouth_info * Changes to getappcore version 1.53.02 * The location of chkbin was updated earlier. This documents that change (bsc#1205533, bsc#1204942) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run thecommand listed for your product: * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-3822=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2023-3822=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2023-3822=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2023-3822=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2023-3822=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2023-3822=1 * Basesystem Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-3822=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-3822=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-3822=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-3822=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-3822=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-3822=1 * SUSE Manager Proxy 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-3822=1 * SUSE Manager Retail Branch Server 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.2-2023-3822=1 * SUSE Manager Server 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-3822=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2023-3822=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2023-3822=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-3822=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-3822=1 ## Package List: * openSUSE Leap 15.4 (noarch) * supportutils-3.1.26-150300.7.35.21.1 * openSUSE Leap15.5 (noarch) * supportutils-3.1.26-150300.7.35.21.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * supportutils-3.1.26-150300.7.35.21.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * supportutils-3.1.26-150300.7.35.21.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * supportutils-3.1.26-150300.7.35.21.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * supportutils-3.1.26-150300.7.35.21.1 * Basesystem Module 15-SP4 (noarch) * supportutils-3.1.26-150300.7.35.21.1 * Basesystem Module 15-SP5 (noarch) * supportutils-3.1.26-150300.7.35.21.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (noarch) * supportutils-3.1.26-150300.7.35.21.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * supportutils-3.1.26-150300.7.35.21.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * supportutils-3.1.26-150300.7.35.21.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * supportutils-3.1.26-150300.7.35.21.1 * SUSE Manager Proxy 4.2 (noarch) * supportutils-3.1.26-150300.7.35.21.1 * SUSE Manager Retail Branch Server 4.2 (noarch) * supportutils-3.1.26-150300.7.35.21.1 * SUSE Manager Server 4.2 (noarch) * supportutils-3.1.26-150300.7.35.21.1 * SUSE Enterprise Storage 7.1 (noarch) * supportutils-3.1.26-150300.7.35.21.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * supportutils-3.1.26-150300.7.35.21.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * supportutils-3.1.26-150300.7.35.21.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) * supportutils-3.1.26-150300.7.35.21.1 ## References: * https://www.suse.com/security/cve/CVE-2022-45154.html * https://bugzilla.suse.com/show_bug.cgi?id=1181477 * https://bugzilla.suse.com/show_bug.cgi?id=1196933 * https://bugzilla.suse.com/show_bug.cgi?id=1204942 * https://bugzilla.suse.com/show_bug.cgi?id=1205533 * https://bugzilla.suse.com/show_bug.cgi?id=1206402 * https://bugzilla.suse.com/show_bug.cgi?id=1206608 * https://bugzilla.suse.com/show_bug.cgi?id=1207543 *https://bugzilla.suse.com/show_bug.cgi?id=1207598 * https://bugzilla.suse.com/show_bug.cgi?id=1208928 * https://bugzilla.suse.com/show_bug.cgi?id=1209979 * https://bugzilla.suse.com/show_bug.cgi?id=1210015 * https://bugzilla.suse.com/show_bug.cgi?id=1210950 * https://bugzilla.suse.com/show_bug.cgi?id=1211598 * https://bugzilla.suse.com/show_bug.cgi?id=1211599 * https://bugzilla.suse.com/show_bug.cgi?id=1213127 * . The latest supportutils revision addresses the security vulnerability CVE-2022-45154 categorized with moderate severity affecting openSUSE systems. Ensure you update immediately.. openSUSE Supportutils Update, Security Fix, System Update. . LinuxSecurity.com Team
Sep 27, 2023
OpenSUSE
100
security advisoryupdatebug fixSUSE: 2022:4594-1 Moderate: Supportutils Security Update Details
An update that contains security fixes can now be installed. . SUSE Security Update: Security update for supportutils ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:4594-1 Rating: moderate References: #1184689 #1188086 #1192252 #1192648 #1197428 #1200330 #1202269 #1202337 #1202417 #1203818 Affected Products: SUSE CaaS Platform 4.0 SUSE Enterprise Storage 6 SUSE Enterprise Storage 7 SUSE Linux Enterprise High Performance Computing 15-ESPOS SUSE Linux Enterprise High Performance Computing 15-LTSS SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server 15-SP1-BCL SUSE Linux Enterprise Server 15-SP1-LTSS SUSE Linux Enterprise Server 15-SP2-BCL SUSE Linux Enterprise Server 15-SP2-LTSS SUSE Linux Enterprise Server for SAP 15 SUSE Linux Enterprise Server for SAP 15-SP1 SUSE Linux Enterprise Server for SAP 15-SP2 SUSE Manager Proxy 4.1 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for supportutils fixes the following issues: Security issues fixed: - Passwords correctly removed from email.txt, updates.txt and fs-iscsi.txt (bsc#1203818) Bugfixes: - Added lifecycle information - Fixed KVM virtualization detection on bare metal (bsc#1184689) - Added logging using journalctl (bsc#1200330) - Get current sar data before collecting files (bsc#1192648) - Collects everything in /etc/multipath/ (bsc#1192252) - Collects power management information in hardware.txt (bsc#1197428) - Checks for suseconnect-ng or SUSEConnect packages (bsc#1202337) - Fixed conf_files and conf_text_files so y2log is gathered (bsc#1202269) - Update to nvme_info and block_info (bsc#1202417) - Added includedir directories from /etc/sudoers (bsc#1188086) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Manager Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-4594=1 - SUSE Manager Retail Branch Server 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-4594=1 - SUSE Manager Proxy 4.1: zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-4594=1 - SUSE Linux Enterprise Server for SAP 15-SP2: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2022-4594=1 - SUSE Linux Enterprise Server for SAP 15-SP1: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2022-4594=1 - SUSE Linux Enterprise Server for SAP 15: zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-2022-4594=1 - SUSE Linux Enterprise Server 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-4594=1 - SUSE Linux Enterprise Server 15-SP2-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-BCL-2022-4594=1 - SUSE Linux Enterprise Server 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-4594=1 - SUSE Linux Enterprise Server 15-SP1-BCL: zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-BCL-2022-4594=1 - SUSELinux Enterprise Server 15-LTSS: zypper in -t patch SUSE-SLE-Product-SLES-15-2022-4594=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-4594=1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-4594=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-4594=1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-4594=1 - SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4594=1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-4594=1 - SUSE Enterprise Storage 7: zypper in -t patch SUSE-Storage-7-2022-4594=1 - SUSE Enterprise Storage 6: zypper in -t patch SUSE-Storage-6-2022-4594=1 - SUSE CaaS Platform 4.0: To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. Package List: - SUSE Manager Server 4.1 (noarch): supportutils-3.1.21-150000.5.44.1 - SUSE Manager Retail Branch Server 4.1 (noarch): supportutils-3.1.21-150000.5.44.1 - SUSE Manager Proxy 4.1 (noarch): supportutils-3.1.21-150000.5.44.1 - SUSE Linux Enterprise Server for SAP 15-SP2 (noarch): supportutils-3.1.21-150000.5.44.1 - SUSE Linux Enterprise Server for SAP 15-SP1 (noarch): supportutils-3.1.21-150000.5.44.1 - SUSE Linux Enterprise Server for SAP 15 (noarch): supportutils-3.1.21-150000.5.44.1 - SUSE Linux Enterprise Server 15-SP2-LTSS (noarch): supportutils-3.1.21-150000.5.44.1 - SUSE Linux Enterprise Server 15-SP2-BCL (noarch): supportutils-3.1.21-150000.5.44.1 - SUSE Linux Enterprise Server 15-SP1-LTSS (noarch): supportutils-3.1.21-150000.5.44.1 - SUSE Linux Enterprise Server 15-SP1-BCL (noarch): supportutils-3.1.21-150000.5.44.1 - SUSE Linux Enterprise Server 15-LTSS (noarch): supportutils-3.1.21-150000.5.44.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (noarch): supportutils-3.1.21-150000.5.44.1 - SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (noarch): supportutils-3.1.21-150000.5.44.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (noarch): supportutils-3.1.21-150000.5.44.1 - SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (noarch): supportutils-3.1.21-150000.5.44.1 - SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch): supportutils-3.1.21-150000.5.44.1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch): supportutils-3.1.21-150000.5.44.1 - SUSE Enterprise Storage 7 (noarch): supportutils-3.1.21-150000.5.44.1 - SUSE Enterprise Storage 6 (noarch): supportutils-3.1.21-150000.5.44.1 - SUSE CaaS Platform 4.0 (noarch): supportutils-3.1.21-150000.5.44.1 References: https://bugzilla.suse.com/1184689 https://bugzilla.suse.com/1188086 https://bugzilla.suse.com/1192252 https://bugzilla.suse.com/1192648 https://bugzilla.suse.com/1197428 https://bugzilla.suse.com/1200330 https://bugzilla.suse.com/1202269 https://bugzilla.suse.com/1202337 https://bugzilla.suse.com/1202417 https://bugzilla.suse.com/1203818 . SUSE Security Update 2022:4594-1 tackles vulnerabilities in supportutils across multiple distributions, classified with moderate risk.. SUSE Linux Enterprise, Supportutils Update, Security Fix, SLES Patch. . LinuxSecurity.com Team
Dec 20, 2022
SuSE
100
security advisorymoderatesecurity fixSUSE Linux Enterprise: 2022:4294-1 Moderate: Supportutils Security Fix
An update that contains security fixes can now be installed. . SUSE Security Update: Security update for supportutils ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:4294-1 Rating: moderate References: #1203818 Affected Products: SUSE Linux Enterprise Server 12-SP2-BCL SUSE Linux Enterprise Server 12-SP3-BCL SUSE Linux Enterprise Server 12-SP4-LTSS SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP 12-SP4 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 9 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for supportutils fixes the following issues: Security issues fixed: - Passwords correctly removed from email.txt, updates.txt and fs-iscsi.txt (bsc#1203818) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 9: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2022-4294=1 - SUSE OpenStack Cloud 9: zypper in -t patch SUSE-OpenStack-Cloud-9-2022-4294=1 - SUSE Linux Enterprise Server for SAP 12-SP4: zypper in -t patch SUSE-SLE-SAP-12-SP4-2022-4294=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-4294=1 - SUSE Linux Enterprise Server 12-SP4-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2022-4294=1 - SUSE Linux Enterprise Server 12-SP3-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2022-4294=1 - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2022-4294=1 PackageList: - SUSE OpenStack Cloud Crowbar 9 (noarch): supportutils-3.0.10-95.51.1 - SUSE OpenStack Cloud 9 (noarch): supportutils-3.0.10-95.51.1 - SUSE Linux Enterprise Server for SAP 12-SP4 (noarch): supportutils-3.0.10-95.51.1 - SUSE Linux Enterprise Server 12-SP5 (noarch): supportutils-3.0.10-95.51.1 - SUSE Linux Enterprise Server 12-SP4-LTSS (noarch): supportutils-3.0.10-95.51.1 - SUSE Linux Enterprise Server 12-SP3-BCL (noarch): supportutils-3.0.10-95.51.1 - SUSE Linux Enterprise Server 12-SP2-BCL (noarch): supportutils-3.0.10-95.51.1 References: https://bugzilla.suse.com/1203818 . The latest enhancement for supportutils addresses vulnerabilities associated with password management in SUSE Linux environments.. SUSE Linux, Security Update, Supportutils Fixes, System Security. . LinuxSecurity.com Team
Nov 29, 2022
SuSE
100
security advisorymoderateupdate processSUSE: 2022:4289-1 Critical Security Update for PkgKit Software
An update that contains security fixes can now be installed. . SUSE Security Update: Security update for supportutils ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:4278-1 Rating: moderate References: #1184689 #1188086 #1192252 #1192648 #1197428 #1200330 #1202269 #1202337 #1202417 #1203818 Affected Products: SUSE Enterprise Storage 7.1 SUSE Linux Enterprise Desktop 15-SP3 SUSE Linux Enterprise Desktop 15-SP4 SUSE Linux Enterprise High Performance Computing 15-SP3 SUSE Linux Enterprise High Performance Computing 15-SP4 SUSE Linux Enterprise Micro 5.1 SUSE Linux Enterprise Micro 5.2 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Module for Basesystem 15-SP3 SUSE Linux Enterprise Module for Basesystem 15-SP4 SUSE Linux Enterprise Server 15-SP3 SUSE Linux Enterprise Server 15-SP4 SUSE Linux Enterprise Server for SAP Applications 15-SP3 SUSE Linux Enterprise Server for SAP Applications 15-SP4 SUSE Manager Proxy 4.2 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.2 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.2 SUSE Manager Server 4.3 openSUSE Leap 15.3 openSUSE Leap 15.4 openSUSE Leap Micro 5.2 openSUSE Leap Micro 5.3 ______________________________________________________________________________ An update that contains security fixes can now be installed. Description: This update for supportutils fixes the following issues: Security issues fixed: - Passwordscorrectly removed from email.txt, updates.txt and fs-iscsi.txt (bsc#1203818) Bug fixes: - Added lifecycle information - Fixed KVM virtualization detection on bare metal (bsc#1184689) - Added logging using journalctl (bsc#1200330) - Get current sar data before collecting files (bsc#1192648) - Collects everything in /etc/multipath/ (bsc#1192252) - Collects power management information in hardware.txt (bsc#1197428) - Checks for suseconnect-ng or SUSEConnect packages (bsc#1202337) - Fixed conf_files and conf_text_files so y2log is gathered (bsc#1202269) - Update to nvme_info and block_info (bsc#1202417) - Added includedir directories from /etc/sudoers (bsc#1188086) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap Micro 5.3: zypper in -t patch openSUSE-Leap-Micro-5.3-2022-4278=1 - openSUSE Leap Micro 5.2: zypper in -t patch openSUSE-Leap-Micro-5.2-2022-4278=1 - openSUSE Leap 15.4: zypper in -t patch openSUSE-SLE-15.4-2022-4278=1 - openSUSE Leap 15.3: zypper in -t patch openSUSE-SLE-15.3-2022-4278=1 - SUSE Linux Enterprise Module for Basesystem 15-SP4: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2022-4278=1 - SUSE Linux Enterprise Module for Basesystem 15-SP3: zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP3-2022-4278=1 - SUSE Linux Enterprise Micro 5.3: zypper in -t patch SUSE-SLE-Micro-5.3-2022-4278=1 - SUSE Linux Enterprise Micro 5.2: zypper in -t patch SUSE-SUSE-MicroOS-5.2-2022-4278=1 - SUSE Linux Enterprise Micro 5.1: zypper in -t patch SUSE-SUSE-MicroOS-5.1-2022-4278=1 Package List: - openSUSE Leap Micro 5.3 (noarch): supportutils-3.1.21-150300.7.35.15.1 - openSUSE Leap Micro 5.2 (noarch): supportutils-3.1.21-150300.7.35.15.1 - openSUSE Leap 15.4(noarch): supportutils-3.1.21-150300.7.35.15.1 - openSUSE Leap 15.3 (noarch): supportutils-3.1.21-150300.7.35.15.1 - SUSE Linux Enterprise Module for Basesystem 15-SP4 (noarch): supportutils-3.1.21-150300.7.35.15.1 - SUSE Linux Enterprise Module for Basesystem 15-SP3 (noarch): supportutils-3.1.21-150300.7.35.15.1 - SUSE Linux Enterprise Micro 5.3 (noarch): supportutils-3.1.21-150300.7.35.15.1 - SUSE Linux Enterprise Micro 5.2 (noarch): supportutils-3.1.21-150300.7.35.15.1 - SUSE Linux Enterprise Micro 5.1 (noarch): supportutils-3.1.21-150300.7.35.15.1 References: https://bugzilla.suse.com/1184689 https://bugzilla.suse.com/1188086 https://bugzilla.suse.com/1192252 https://bugzilla.suse.com/1192648 https://bugzilla.suse.com/1197428 https://bugzilla.suse.com/1200330 https://bugzilla.suse.com/1202269 https://bugzilla.suse.com/1202337 https://bugzilla.suse.com/1202417 https://bugzilla.suse.com/1203818 . The latest security patch for supportutils resolves numerous vulnerabilities affecting a range of SUSE offerings; please adhere to the installation instructions provided.. SUSE Security, Supportutils Update, System Patching, Moderate Severity, Patch Installation. . LinuxSecurity.com Team
Nov 29, 2022
SuSE
202
security advisoryexploitthreatopenSUSE Leap 42.3: Security Update 2019:1351-1 Critical Exploit Fix
An update that solves 5 vulnerabilities and has 5 fixes is now available.. openSUSE Security Update: Security update for hostinfo, supportutils ______________________________________________________________________________ Announcement ID: openSUSE-SU-2019:1351-1 Rating: important References: #1054979 #1099498 #1115245 #1117751 #1117776 #1118460 #1118462 #1118463 #1125623 #1125666 Cross-References: CVE-2018-19636 CVE-2018-19637 CVE-2018-19638 CVE-2018-19639 CVE-2018-19640 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________ An update that solves 5 vulnerabilities and has 5 fixes is now available. Description: This update for hostinfo, supportutils fixes the following issues: Security issues fixed for supportutils: - CVE-2018-19640: Fixed an issue where users could kill arbitrary processes (bsc#1118463). - CVE-2018-19638: Fixed an issue where users could overwrite arbitrary log files (bsc#1118460). - CVE-2018-19639: Fixed a code execution if run with -v (bsc#1118462). - CVE-2018-19637: Fixed an issue where static temporary filename could allow overwriting of files (bsc#1117776). - CVE-2018-19636: Fixed a local root exploit via inclusion of attacker controlled shell script (bsc#1117751). Other issues fixed for supportutils: - Fixed invalid exit code commands (bsc#1125666) - SUSE separation in supportconfig (bsc#1125623) - Clarified supportconfig(8) -x option (bsc#1115245) - supportconfig: 3.0.127 - btrfs filesystem usage - List products.d - Dump lsof errors - Added ha commands for corosync - Dumped find errors in ib_info Issues fixed in hostinfo: - Removed extra kernel install dates (bsc#1099498) - Resolved network bond issue (bsc#1054979) This update was imported from the SUSE:SLE-12:Update update project. Patch Instructions: To installthis openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2019-1351=1 Package List: - openSUSE Leap 42.3 (noarch): hostinfo-1.0.1-21.3.1 References: https://www.suse.com/security/cve/CVE-2018-19636.html https://www.suse.com/security/cve/CVE-2018-19637.html https://www.suse.com/security/cve/CVE-2018-19638.html https://www.suse.com/security/cve/CVE-2018-19639.html https://www.suse.com/security/cve/CVE-2018-19640.html https://bugzilla.suse.com/1054979 https://bugzilla.suse.com/1099498 https://bugzilla.suse.com/1115245 https://bugzilla.suse.com/1117751 https://bugzilla.suse.com/1117776 https://bugzilla.suse.com/1118460 https://bugzilla.suse.com/1118462 https://bugzilla.suse.com/1118463 https://bugzilla.suse.com/1125623 https://bugzilla.suse.com/1125666 -- . A fresh update for openSUSE addresses vital vulnerabilities within hostinfo and supportutils applications. Discover the details!. openSUSE Update, Hostinfo Security, Supportutils Fixes. . Severity: Important. LinuxSecurity.com Team
May 08, 2019
•Important
OpenSUSE
100
security advisorysecurity issueupdateSUSE: 2019:1122-1 Important: Hostinfo And Supportutils Security Update
An update that solves 5 vulnerabilities and has 5 fixes is now available. . SUSE Security Update: Security update for hostinfo, supportutils ______________________________________________________________________________ Announcement ID: SUSE-SU-2019:1122-1 Rating: important References: #1054979 #1099498 #1115245 #1117751 #1117776 #1118460 #1118462 #1118463 #1125623 #1125666 Cross-References: CVE-2018-19636 CVE-2018-19637 CVE-2018-19638 CVE-2018-19639 CVE-2018-19640 Affected Products: SUSE OpenStack Cloud 7 SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Server 12-SP4 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP2-LTSS SUSE Linux Enterprise Server 12-SP2-BCL SUSE Linux Enterprise Server 12-SP1-LTSS SUSE Linux Enterprise Server 12-LTSS SUSE Linux Enterprise Desktop 12-SP4 SUSE Linux Enterprise Desktop 12-SP3 SUSE Enterprise Storage 4 SUSE CaaS Platform ALL ______________________________________________________________________________ An update that solves 5 vulnerabilities and has 5 fixes is now available. Description: This update for hostinfo, supportutils fixes the following issues: Security issues fixed for supportutils: - CVE-2018-19640: Fixed an issue where users could kill arbitrary processes (bsc#1118463). - CVE-2018-19638: Fixed an issue where users could overwrite arbitrary log files (bsc#1118460). - CVE-2018-19639: Fixed a code execution if run with -v (bsc#1118462). - CVE-2018-19637: Fixed an issue where static temporary filename could allow overwriting of files (bsc#1117776). - CVE-2018-19636: Fixed a local root exploit via inclusion of attacker controlled shell script(bsc#1117751). Other issues fixed for supportutils: - Fixed invalid exit code commands (bsc#1125666) - SUSE separation in supportconfig (bsc#1125623) - Clarified supportconfig(8) -x option (bsc#1115245) - supportconfig: 3.0.127 - btrfs filesystem usage - List products.d - Dump lsof errors - Added ha commands for corosync - Dumped find errors in ib_info Issues fixed in hostinfo: - Removed extra kernel install dates (bsc#1099498) - Resolved network bond issue (bsc#1054979) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2019-1122=1 - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2019-1122=1 - SUSE Linux Enterprise Server 12-SP4: zypper in -t patch SUSE-SLE-SERVER-12-SP4-2019-1122=1 - SUSE Linux Enterprise Server 12-SP3: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2019-1122=1 - SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2019-1122=1 - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2019-1122=1 - SUSE Linux Enterprise Server 12-SP1-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP1-2019-1122=1 - SUSE Linux Enterprise Server 12-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-2019-1122=1 - SUSE Linux Enterprise Desktop 12-SP4: zypper in -t patch SUSE-SLE-DESKTOP-12-SP4-2019-1122=1 - SUSE Linux Enterprise Desktop 12-SP3: zypper in -t patch SUSE-SLE-DESKTOP-12-SP3-2019-1122=1 - SUSE Enterprise Storage 4: zypper in -t patch SUSE-Storage-4-2019-1122=1 - SUSE CaaS Platform ALL: To install this update, use the SUSE CaaS Platform Velum dashboard. It will inform you if it detects new updates and let youthen trigger updating of the complete cluster in a controlled way. Package List: - SUSE OpenStack Cloud 7 (noarch): hostinfo-1.0.1-19.5.1 supportutils-3.0-95.21.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (noarch): hostinfo-1.0.1-19.5.1 supportutils-3.0-95.21.1 - SUSE Linux Enterprise Server 12-SP4 (noarch): hostinfo-1.0.1-19.5.1 supportutils-3.0-95.21.1 - SUSE Linux Enterprise Server 12-SP3 (noarch): hostinfo-1.0.1-19.5.1 supportutils-3.0-95.21.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (noarch): hostinfo-1.0.1-19.5.1 supportutils-3.0-95.21.1 - SUSE Linux Enterprise Server 12-SP2-BCL (noarch): hostinfo-1.0.1-19.5.1 supportutils-3.0-95.21.1 - SUSE Linux Enterprise Server 12-SP1-LTSS (noarch): hostinfo-1.0.1-19.5.1 supportutils-3.0-95.21.1 - SUSE Linux Enterprise Server 12-LTSS (noarch): hostinfo-1.0.1-19.5.1 supportutils-3.0-95.21.1 - SUSE Linux Enterprise Desktop 12-SP4 (noarch): supportutils-3.0-95.21.1 - SUSE Linux Enterprise Desktop 12-SP3 (noarch): supportutils-3.0-95.21.1 - SUSE Enterprise Storage 4 (noarch): hostinfo-1.0.1-19.5.1 supportutils-3.0-95.21.1 - SUSE CaaS Platform ALL (noarch): supportutils-3.0-95.21.1 References: https://www.suse.com/security/cve/CVE-2018-19636.html https://www.suse.com/security/cve/CVE-2018-19637.html https://www.suse.com/security/cve/CVE-2018-19638.html https://www.suse.com/security/cve/CVE-2018-19639.html https://www.suse.com/security/cve/CVE-2018-19640.html https://bugzilla.suse.com/1054979 https://bugzilla.suse.com/1099498 https://bugzilla.suse.com/1115245 https://bugzilla.suse.com/1117751 https://bugzilla.suse.com/1117776 https://bugzilla.suse.com/1118460 https://bugzilla.suse.com/1118462 https://bugzilla.suse.com/1118463 https://bugzilla.suse.com/1125623 https://bugzilla.suse.com/1125666 _______________________________________________ sle-security-updates mailing list
Apr 30, 2019
•Important
SuSE
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!