Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 44 Transmission 4.1.2 Important Clickjacking Fix CVE-2026-38978

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 libre 4.8.1 Critical Update Details for Real-Time Communication

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 NextCloud Update Denial of Service JSON Tampering 2026-30881a5be7

Calendar White Jun 05, 2026
Important
Fedora Large Esm H800
Fedora

Fedora 44 python-starlette Security Fix for CVE-2026-48710

Calendar White Jun 05, 2026
Critical
Fedora Large Esm H900
Fedora

Fedora 44 perl-Cpanel-JSON-XS Moderate Denial of Service CVE-2026-9516

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 rubygem-yard High Path Traversal Fix Vuln 2026-acefc1fe48

Calendar White Jun 05, 2026
high
Fedora Large Esm H800
Fedora

Fedora 44 Rust Sequoia Sop Low-Severity Fix Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-sq Low Threat Security Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-wot Low Severity Security Fix 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -3 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisoryimportantmemory leak

SUSE Linux Kernel Update: 2024:0910-1 Important Security Fix

* bsc#1194869 * bsc#1206453 * bsc#1209412 * bsc#1213456 * bsc#1216776 . # Security update for the Linux Kernel Announcement ID: SUSE-SU-2024:0910-1 Rating: important References: * bsc#1194869 * bsc#1206453 * bsc#1209412 * bsc#1213456 * bsc#1216776 * bsc#1217927 * bsc#1218195 * bsc#1218216 * bsc#1218450 * bsc#1218527 * bsc#1218663 * bsc#1218915 * bsc#1219126 * bsc#1219127 * bsc#1219141 * bsc#1219146 * bsc#1219295 * bsc#1219443 * bsc#1219653 * bsc#1219827 * bsc#1219835 * bsc#1219839 * bsc#1219840 * bsc#1219934 * bsc#1220003 * bsc#1220009 * bsc#1220021 * bsc#1220030 * bsc#1220106 * bsc#1220140 * bsc#1220187 * bsc#1220238 * bsc#1220240 * bsc#1220241 * bsc#1220243 * bsc#1220250 * bsc#1220251 * bsc#1220253 * bsc#1220254 * bsc#1220255 * bsc#1220257 * bsc#1220267 * bsc#1220277 * bsc#1220317 * bsc#1220326 * bsc#1220328 * bsc#1220330 * bsc#1220335 * bsc#1220344 * bsc#1220348 * bsc#1220350 * bsc#1220364 * bsc#1220392 * bsc#1220393 * bsc#1220398 * bsc#1220409 * bsc#1220444 * bsc#1220457 * bsc#1220459 * bsc#1220649 * bsc#1220796 * bsc#1220825 * jsc#PED-7618 Cross-References: * CVE-2019-25162 * CVE-2021-46923 * CVE-2021-46924 * CVE-2021-46932 * CVE-2023-28746 * CVE-2023-5197 * CVE-2023-52340 * CVE-2023-52429 * CVE-2023-52439 * CVE-2023-52443 * CVE-2023-52445 * CVE-2023-52447 * CVE-2023-52448 * CVE-2023-52449 * CVE-2023-52451 * CVE-2023-52452 * CVE-2023-52456 * CVE-2023-52457 * CVE-2023-52463 * CVE-2023-52464 * CVE-2023-52475 * CVE-2023-52478 * CVE-2023-6817 * CVE-2024-0607 * CVE-2024-1151 * CVE-2024-23849 * CVE-2024-23850 * CVE-2024-23851 * CVE-2024-25744 * CVE-2024-26585 * CVE-2024-26586 * CVE-2024-26589 * CVE-2024-26591 * CVE-2024-26593 * CVE-2024-26595 * CVE-2024-26598 * CVE-2024-26602 *CVE-2024-26603 * CVE-2024-26622 CVSS scores: * CVE-2019-25162 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2021-46923 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46924 ( SUSE ): 4.3 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2021-46932 ( SUSE ): 2.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N * CVE-2023-5197 ( SUSE ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-5197 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-52340 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52429 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52439 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52439 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52443 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52443 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52445 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52445 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52447 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52448 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52449 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52451 ( SUSE ): 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H * CVE-2023-52452 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52456 ( SUSE ): 4.0 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52457 ( SUSE ): 4.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L * CVE-2023-52463 ( SUSE ): 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-52464 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-52475 ( SUSE ): 6.3 CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52478 ( SUSE ): 5.8 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2023-6817 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2023-6817 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-0607 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L * CVE-2024-0607 ( NVD ): 6.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H * CVE-2024-1151 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23849 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-23849 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23850 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H * CVE-2024-23851 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-25744 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26585 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26586 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26589 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26591 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26593 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26595 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-26598 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-26602 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2024-26603 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H *CVE-2024-26622 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Live Patching 15-SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Real Time Module 15-SP5 An update that solves 39 vulnerabilities, contains one feature and has 23 security fixes can now be installed. ## Description: The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: * CVE-2019-25162: Fixed a potential use after free (bsc#1220409). * CVE-2021-46923: Fixed reference leakage in fs/mount_setattr (bsc#1220457). * CVE-2021-46924: Fixed fix memory leak in device probe and remove (bsc#1220459) * CVE-2021-46932: Fixed missing work initialization before device registration (bsc#1220444) * CVE-2023-28746: Fixed Register File Data Sampling (bsc#1213456). * CVE-2023-5197: Fixed se-after-free due to addition and removal of rules from chain bindings within the same transaction (bsc#1218216). * CVE-2023-52340: Fixed ICMPv6 “Packet Too Big” packets force a DoS of the Linux kernel by forcing 100% CPU (bsc#1219295). * CVE-2023-52429: Fixed potential DoS in dm_table_create in drivers/md/dm- table.c (bsc#1219827). * CVE-2023-52439: Fixed use-after-free in uio_open (bsc#1220140). * CVE-2023-52443: Fixed crash when parsed profile name is empty (bsc#1220240). * CVE-2023-52445: Fixed use after free on context disconnection (bsc#1220241). * CVE-2023-52447: Fixed map_fd_put_ptr() signature kABI workaround (bsc#1220251). * CVE-2023-52448: Fixed kernel NULL pointer dereference in gfs2_rgrp_dump (bsc#1220253). * CVE-2023-52449: Fixed gluebi NULL pointer dereference caused by ftl notifier (bsc#1220238). * CVE-2023-52451: Fixed access beyond end of drmem array (bsc#1220250). * CVE-2023-52452: Fixed Fix accesses to uninit stack slots (bsc#1220257). * CVE-2023-52456: Fixed tx statemachine deadlock (bsc#1220364). * CVE-2023-52457: Fixed skipped resource freeing if pm_runtime_resume_and_get() failed (bsc#1220350). * CVE-2023-52463: Fixed null pointer dereference in efivarfs (bsc#1220328). * CVE-2023-52464: Fixed possible out-of-bounds string access (bsc#1220330) * CVE-2023-52475: Fixed use-after-free in powermate_config_complete (bsc#1220649) * CVE-2023-52478: Fixed kernel crash on receiver USB disconnect (bsc#1220796) * CVE-2023-6817: Fixed use-after-free in nft_pipapo_walk (bsc#1218195). * CVE-2024-0607: Fixed 64-bit load issue in nft_byteorder_eval() (bsc#1218915). * CVE-2024-1151: Fixed unlimited number of recursions from action sets (bsc#1219835). * CVE-2024-23849: Fixed array-index-out-of-bounds in rds_cmsg_recv (bsc#1219127). * CVE-2024-23850: Fixed double free of anonymous device after snapshot creation failure (bsc#1219126). * CVE-2024-23851: Fixed crash in copy_params in drivers/md/dm-ioctl.c (bsc#1219146). * CVE-2024-25744: Fixed Security issue with int 80 interrupt vector (bsc#1217927). * CVE-2024-26585: Fixed race between tx work scheduling and socket close (bsc#1220187). * CVE-2024-26586: Fixed stack corruption (bsc#1220243). * CVE-2024-26589: Fixed out of bounds read due to variable offset alu on PTR_TO_FLOW_KEYS (bsc#1220255). * CVE-2024-26591: Fixed re-attachment branch in bpf_tracing_prog_attach (bsc#1220254). * CVE-2024-26593: Fixed block process call transactions (bsc#1220009). * CVE-2024-26595: Fixed NULL pointer dereference in error path (bsc#1220344). * CVE-2024-26598: Fixed potential UAF in LPI translation cache (bsc#1220326). * CVE-2024-26602: Fixed overall slowdowns with sys_membarrier (bsc1220398). * CVE-2024-26603: Fixed infinite loop via #PFhandling (bsc#1220335). * CVE-2024-26622: Fixed UAF write bug in tomoyo_write_control() (bsc#1220825). The following non-security bugs were fixed: * acpi: apei: set memory failure flags as mf_action_required on synchronous events (git-fixes). * acpi: button: add lid disable dmi quirk for nextbook ares 8a (git-fixes). * acpi: extlog: fix null pointer dereference check (git-fixes). * acpi: resource: add asus model s5402za to quirks (git-fixes). * acpi: resource: skip irq override on asus expertbook b1502cba (git-fixes). * acpi: resource: skip irq override on asus expertbook b2402cba (git-fixes). * acpi: video: add backlight=native dmi quirk for apple imac11,3 (git-fixes). * acpi: video: add backlight=native dmi quirk for apple imac12,1 and imac12,2 (git-fixes). * acpi: video: add backlight=native dmi quirk for lenovo thinkpad x131e (3371 amd version) (git-fixes). * acpi: video: add quirk for the colorful x15 at 23 laptop (git-fixes). * add reference to recently released cve * afs: fix the usage of read_seqbegin_or_lock() in afs_find_server*() (git- fixes). * afs: fix the usage of read_seqbegin_or_lock() in afs_lookup_volume_rcu() (git-fixes). * afs: hide silly-rename files from userspace (git-fixes). * afs: increase buffer size in afs_update_volume_status() (git-fixes). * ahci: asm1166: correct count of reported ports (git-fixes). * alsa: drop leftover snd-rtctimer stuff from makefile (git-fixes). * alsa: firewire-lib: fix to check cycle continuity (git-fixes). * alsa: hda/conexant: add quirk for sws js201d (git-fixes). * alsa: hda/realtek: apply headset jack quirk for non-bass alc287 thinkpads (git-fixes). * alsa: hda/realtek: cs35l41: fix device id / model name (git-fixes). * alsa: hda/realtek: cs35l41: fix order and duplicates in quirks table (git- fixes). * alsa: hda/realtek: enable headset mic on vaio vjfe-adl (git-fixes). * alsa: hda/realtek: enable mute led on hp laptop 14-fq0xxx (git-fixes). * alsa: hda/realtek: fix mute/micmute led for hp mt645 (git-fixes). * alsa: hda/realtek: fix mute/micmute leds for hp zbook power (git-fixes). * alsa: hda/realtek: fix the external mic not being recognised for acer swift 1 sf114-32 (git-fixes). * alsa: usb-audio: add a quirk for yamaha yit-w12tx transmitter (git-fixes). * alsa: usb-audio: add delay quirk for motu m series 2nd revision (git-fixes). * alsa: usb-audio: add quirk for rode nt-usb+ (git-fixes). * alsa: usb-audio: check presence of valid altsetting control (git-fixes). * alsa: usb-audio: ignore clock selector errors for single connection (git- fixes). * alsa: usb-audio: more relaxed check of midi jack names (git-fixes). * alsa: usb-audio: sort quirk table entries (git-fixes). * arm64: entry: fix arm64_workaround_speculative_unpriv_load (bsc#1219443) * arm64: entry: preserve/restore x29 even for compat tasks (bsc#1219443) * arm64: entry: simplify tramp_alias macro and tramp_exit routine (bsc#1219443) * arm64: errata: add cortex-a510 speculative unprivileged load (bsc#1219443) enable workaround. * arm64: errata: add cortex-a520 speculative unprivileged load (bsc#1219443) enable workaround without kabi break. * arm64: errata: mitigate ampere1 erratum ac03_cpu_38 at stage-2 (git-fixes) enable ampere_erratum_ac03_cpu_38 workaround without kabi break * arm64: irq: set the correct node for shadow call stack (git-fixes) * arm64: irq: set the correct node for vmap stack (git-fixes) * arm64: rename arm64_workaround_2966298 (bsc#1219443) * arm64: subscribe microsoft azure cobalt 100 to arm neoverse n2 errata (git- fixes) * asoc: doc: fix undefined snd_soc_dapm_nopm argument (git-fixes). * asoc: rt5645: fix deadlock in rt5645_jack_detect_work() (git-fixes). * asoc: sof: ipc3: fix message bounds on ipc ops (git-fixes). * asoc: sunxi: sun4i-spdif: add support for allwinner h616 (git-fixes). * atm: idt77252: fix a memleak in open_card_ubr0 (git-fixes). *bluetooth: avoid potential use-after-free in hci_error_reset (git-fixes). * bluetooth: enforce validation on max value of connection interval (git- fixes). * bluetooth: hci_event: fix handling of hci_ev_io_capa_request (git-fixes). * bluetooth: hci_event: fix wrongly recorded wakeup bd_addr (git-fixes). * bluetooth: hci_sync: check the correct flag before starting a scan (git- fixes). * bluetooth: hci_sync: fix accept_list when attempting to suspend (git-fixes). * bluetooth: l2cap: fix possible multiple reject send (git-fixes). * bluetooth: qca: fix wrong event type for patch config command (git-fixes). * bpf: fix verification of indirect var-off stack access (git-fixes). * bpf: guard stack limits against 32bit overflow (git-fixes). * bpf: minor logging improvement (bsc#1220257). * bus: moxtet: add spi device table (git-fixes). * cachefiles: fix memory leak in cachefiles_add_cache() (bsc#1220267). * can: j1939: fix uaf in j1939_sk_match_filter during setsockopt(so_j1939_filter) (git-fixes). * crypto: api - disallow identical driver names (git-fixes). * crypto: ccp - fix null pointer dereference in __sev_platform_shutdown_locked (git-fixes). * crypto: octeontx2 - fix cptvf driver cleanup (git-fixes). * crypto: stm32/crc32 - fix parsing list of devices (git-fixes). * dmaengine: fsl-qdma: fix a memory leak related to the queue command dma (git-fixes). * dmaengine: fsl-qdma: fix soc may hang on 16 byte unaligned read (git-fixes). * dmaengine: fsl-qdma: increase size of 'irq_name' (git-fixes). * dmaengine: fsl-qdma: init irq after reg initialization (git-fixes). * dmaengine: ptdma: use consistent dma masks (git-fixes). * dmaengine: shdma: increase size of 'dev_id' (git-fixes). * dmaengine: ti: edma: add some null pointer checks to the edma_probe (git- fixes). * driver core: fix device_link_flag_is_sync_state_only() (git-fixes). * drm/amd/display: fix memory leak in dm_sw_fini() (git-fixes). *drm/amd/display: fix possible buffer overflow in 'find_dcfclk_for_voltage()' (git-fixes). * drm/amd/display: fix possible null dereference on device remove/driver unload (git-fixes). * drm/amd/display: increase frame-larger-than for all display_mode_vba files (git-fixes). * drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz (git-fixes). * drm/amd/display: preserve original aspect ratio in create stream (git- fixes). * drm/amdgpu/display: initialize gamma correction mode variable in dcn30_get_gamcor_current() (git-fixes). * drm/amdgpu: reset gpu for s3 suspend abort case (git-fixes). * drm/amdgpu: skip to program gfxdec registers for suspend abort (git-fixes). * drm/buddy: fix range bias (git-fixes). * drm/crtc: fix uninitialized variable use even harder (git-fixes). * drm/i915/gvt: fix uninitialized variable in handle_mmio() (git-fixes). * drm/msm/dp: return correct colorimetry for dp_test_dynamic_range_cea case (git-fixes). * drm/msm/dpu: check for valid hw_pp in dpu_encoder_helper_phys_cleanup (git- fixes). * drm/msms/dp: fixed link clock divider bits be over written in bpc unknown case (git-fixes). * drm/prime: support page array > = 4gb (git-fixes). * drm/syncobj: call drm_syncobj_fence_add_wait when wait_available flag is set (git-fixes). * drm/ttm: fix an invalid freeing on already freed page in error path (git- fixes). * drop bcm5974 input patch causing a regression (bsc#1220030) * efi/capsule-loader: fix incorrect allocation size (git-fixes). * efi: do not add memblocks for soft-reserved memory (git-fixes). * efi: runtime: fix potential overflow of soft-reserved region size (git- fixes). * fbcon: always restore the old font data in fbcon_do_set_font() (git-fixes). * fbdev: savage: error out if pixclock equals zero (git-fixes). * fbdev: sis: error out if pixclock equals zero (git-fixes). * firewire: core: send bus reset promptly on gap count error (git-fixes). * fs:dlm: fix build with config_ipv6 disabled (git-fixes). * fs:jfs:ubsan:array-index-out-of-bounds in dbadjtree (git-fixes). * gpio: 74x164: enable output pins after registers are reset (git-fixes). * gpio: fix resource unwinding order in error path (git-fixes). * gpiolib: acpi: ignore touchpad wakeup on gpd g1619-04 (git-fixes). * gpiolib: fix the error path order in gpiochip_add_data_with_key() (git- fixes). * hid: apple: add 2021 magic keyboard fn key mapping (git-fixes). * hid: apple: add support for the 2021 magic keyboard (git-fixes). * hid: wacom: do not register input devices until after hid_hw_start (git- fixes). * hid: wacom: generic: avoid reporting a serial of '0' to userspace (git- fixes). * hwmon: (aspeed-pwm-tacho) mutex for tach reading (git-fixes). * hwmon: (coretemp) enlarge per package core count limit (git-fixes). * hwmon: (coretemp) fix bogus core_id to attr name mapping (git-fixes). * hwmon: (coretemp) fix out-of-bounds memory access (git-fixes). * i2c: i801: fix block process call transactions (git-fixes). * i2c: i801: remove i801_set_block_buffer_mode (git-fixes). * i2c: imx: add timer for handling the stop condition (git-fixes). * i2c: imx: when being a target, mark the last read as processed (git-fixes). * i3c: master: cdns: update maximum prescaler value for i2c clock (git-fixes). * ib/hfi1: fix a memleak in init_credit_return (git-fixes) * ib/hfi1: fix sdma.h tx-> num_descs off-by-one error (git-fixes) * iio: accel: bma400: fix a compilation problem (git-fixes). * iio: adc: ad7091r: set alert bit in config register (git-fixes). * iio: core: fix memleak in iio_device_register_sysfs (git-fixes). * iio: hid-sensor-als: return 0 for hid_usage_sensor_time_timestamp (git- fixes). * iio: magnetometer: rm3100: add boundary check for the value read from rm3100_reg_tmrc (git-fixes). * input: iqs269a - switch to define_simple_dev_pm_ops() and pm_sleep_ptr() (git-fixes). * input: xpad - addlenovo legion go controllers (git-fixes). * irqchip/irq-brcmstb-l2: add write memory barrier before exit (git-fixes). * jfs: fix array-index-out-of-bounds in dbadjtree (git-fixes). * jfs: fix array-index-out-of-bounds in dinewext (git-fixes). * jfs: fix slab-out-of-bounds read in dtsearch (git-fixes). * jfs: fix uaf in jfs_evict_inode (git-fixes). * kbuild: fix changing elf file type for output of gen_btf for big endian (git-fixes). * kvm: s390: fix cc for successful pqap (git-fixes bsc#1219839). * kvm: s390: fix setting of fpc register (git-fixes bsc#1220392). * kvm: s390: vsie: fix race during shadow creation (git-fixes bsc#1220393). * kvm: vmx: move verw closer to vmentry for mds mitigation (git-fixes). * kvm: vmx: use bt+jnc, i.e. eflags.cf to select vmresume vs. vmlaunch (git- fixes). * lan78xx: enable auto speed configuration for lan7850 if no eeprom is detected (git-fixes). * leds: trigger: panic: do not register panic notifier if creating the trigger failed (git-fixes). * lib/stackdepot: add depot_fetch_stack helper (jsc-ped#7423). * lib/stackdepot: add refcount for records (jsc-ped#7423). * lib/stackdepot: fix first entry having a 0-handle (jsc-ped#7423). * lib/stackdepot: move stack_record struct definition into the header (jsc- ped#7423). * libsubcmd: fix memory leak in uniq() (git-fixes). * media: ddbridge: fix an error code problem in ddb_probe (git-fixes). * media: ir_toy: fix a memleak in irtoy_tx (git-fixes). * media: rc: bpf attach/detach requires write permission (git-fixes). * media: rockchip: rga: fix swizzling for rgb formats (git-fixes). * media: stk1160: fixed high volume of stk1160_dbg messages (git-fixes). * mfd: syscon: fix null pointer dereference in of_syscon_register() (git- fixes). * mm,page_owner: display all stacks and their count (jsc-ped#7423). * mm,page_owner: filter out stacks by a threshold (jsc-ped#7423). * mm,page_owner: implement the tracking of the stacks count(jsc-ped#7423). * mm,page_owner: maintain own list of stack_records structs (jsc-ped#7423). * mm,page_owner: update documentation regarding page_owner_stacks (jsc- ped#7423). * mm/hwpoison: fix unpoison_memory() (bsc#1218663). * mm/hwpoison: mf_mutex for soft offline and unpoison (bsc#1218663). * mm/hwpoison: remove mf_msg_buddy_2nd and mf_msg_poisoned_huge (bsc#1218663). * mm: memory-failure: fix potential unexpected return value from unpoison_memory() (git-fixes). * mmc: core: fix emmc initialization with 1-bit bus connection (git-fixes). * mmc: core: use mrq.sbc in close-ended ffu (git-fixes). * mmc: mmc_spi: remove custom dma mapped buffers (git-fixes). * mmc: sdhci-xenon: add timeout for phy init complete (git-fixes). * mmc: sdhci-xenon: fix phy init clock stability (git-fixes). * mmc: slot-gpio: allow non-sleeping gpio ro (git-fixes). * modpost: trim leading spaces when processing source files list (git-fixes). * mtd: spinand: gigadevice: fix the get ecc status issue (git-fixes). * net: usb: dm9601: fix wrong return value in dm9601_mdio_read (git-fixes). * netfs, fscache: prevent oops in fscache_put_cache() (bsc#1220003). * nilfs2: fix data corruption in dsync block recovery for small block sizes (git-fixes). * nilfs2: replace warn_ons for invalid dat metadata block requests (git- fixes). * nouveau/svm: fix kvcalloc() argument order (git-fixes). * nouveau: fix function cast warnings (git-fixes). * ntfs: check overflow when iterating attr_records (git-fixes). * ntfs: fix use-after-free in ntfs_attr_find() (git-fixes). * nvme-fabrics: fix i/o connect error handling (git-fixes). * nvme-host: fix the updating of the firmware version (git-fixes). * pci/aer: decode requester id when no error info found (git-fixes). * pci: add no pm reset quirk for nvidia spectrum devices (git-fixes). * pci: add pci_header_type_mfd definition (bsc#1220021). * pci: fix 64gt/s effective data rate calculation (git-fixes). *pci: only override amd usb controller if required (git-fixes). * pci: switchtec: fix stdev_release() crash after surprise hot remove (git- fixes). * platform/x86: thinkpad_acpi: only update profile if successfully converted (git-fixes). * platform/x86: touchscreen_dmi: add info for the teclast x16 plus tablet (git-fixes). * platform/x86: touchscreen_dmi: allow partial (prefix) matches for acpi names (git-fixes). * pm: core: remove unnecessary (void *) conversions (git-fixes). * pm: runtime: have devm_pm_runtime_enable() handle pm_runtime_dont_use_autosuspend() (git-fixes). * pnp: acpi: fix fortify warning (git-fixes). * power: supply: bq27xxx-i2c: do not free non existing irq (git-fixes). * powerpc/64: set task pt_regs-> link to the lr value on scv entry (bsc#1194869). * powerpc/powernv: fix fortify source warnings in opal-prd.c (bsc#1194869). * powerpc/pseries: add a clear modifier to ibm,pa/pi-features parser (bsc#1220348). * powerpc/pseries: rework lppaca_shared_proc() to avoid debug_preempt (bsc#1194869). * powerpc/pseries: set cpu_ftr_dbell according to ibm,pi-features (bsc#1220348). * powerpc/watchpoint: disable pagefaults when getting user instruction (bsc#1194869). * powerpc/watchpoints: annotate atomic context in more places (bsc#1194869). * powerpc/watchpoints: disable preemption in thread_change_pc() (bsc#1194869). * powerpc: add crtsavres.o to always-y instead of extra-y (bsc#1194869). * powerpc: do not include lppaca.h in paca.h (bsc#1194869). * pstore/ram: fix crash when setting number of cpus to an odd number (git- fixes). * ras/amd/atl: add mi300 row retirement support (jsc#ped-7618). * ras/amd/atl: fix bit overflow in denorm_addr_df4_np2() (git-fixes). * ras: introduce a fru memory poison manager (jsc#ped-7618). * rdma/bnxt_re: add a missing check in bnxt_qplib_query_srq (git-fixes) * rdma/bnxt_re: return error for srq resize (git-fixes) * rdma/core: fix uninit-valueaccess in ib_get_eth_speed() (bsc#1219934). * rdma/core: get ib width and speed from netdev (bsc#1219934). * rdma/irdma: add ae for too many rnrs (git-fixes) * rdma/irdma: fix kasan issue with tasklet (git-fixes) * rdma/irdma: set the cq read threshold for gen 1 (git-fixes) * rdma/irdma: validate max_send_wr and max_recv_wr (git-fixes) * rdma/qedr: fix qedr_create_user_qp error flow (git-fixes) * rdma/srpt: fix function pointer cast warnings (git-fixes) * rdma/srpt: support specifying the srpt_service_guid parameter (git-fixes) * refresh patches.suse/dm_blk_ioctl-implement-path-failover-for-sg_io. (bsc#1216776, bsc#1220277) * regulator: core: only increment use_count when enable_count changes (git- fixes). * regulator: pwm-regulator: add validity checks in continuous .get_voltage (git-fixes). * revert "drm/amd/display: increased min_dcfclk_mhz and min_fclk_mhz" (git- fixes). * revert "drm/amd/pm: resolve reboot exception for si oland" (git-fixes). * revert "drm/amd: flush any delayed gfxoff on suspend entry" (git-fixes). * rpm/kernel-binary.spec.in: install scripts/gdb when enabled in config (bsc#1219653) they are put into -devel subpackage. and a proper link to /usr/share/gdb/auto-load/ is created. * s390/qeth: fix potential loss of l3-ip@ in case of network issues (git-fixes bsc#1219840). * s390: use the correct count for __iowrite64_copy() (git-fixes bsc#1220317). * sched/membarrier: reduce the ability to hammer on sys_membarrier (git- fixes). * scsi: core: move scsi_host_busy() out of host lock for waking up eh handler (git-fixes). * scsi: core: move scsi_host_busy() out of host lock if it is for per-command (git-fixes). * scsi: fnic: move fnic_fnic_flush_tx() to a work queue (git-fixes bsc#1219141). * scsi: hisi_sas: prevent parallel flr and controller reset (git-fixes). * scsi: ibmvfc: limit max hw queues by num_online_cpus() (bsc#1220106). * scsi: ibmvfc: open-code reset loop fortarget reset (bsc#1220106). * scsi: isci: fix an error code problem in isci_io_request_build() (git- fixes). * scsi: lpfc: add condition to delete ndlp object after sending bls_rjt to an abts (bsc#1220021). * scsi: lpfc: allow lpfc_plogi_confirm_nport() logic to execute for fabric nodes (bsc#1220021). * scsi: lpfc: change lpfc_vport fc_flag member into a bitmask (bsc#1220021). * scsi: lpfc: change lpfc_vport load_flag member into a bitmask (bsc#1220021). * scsi: lpfc: change nlp state statistic counters into atomic_t (bsc#1220021). * scsi: lpfc: copyright updates for 14.4.0.0 patches (bsc#1220021). * scsi: lpfc: fix failure to delete vports when discovery is in progress (bsc#1220021). * scsi: lpfc: fix possible memory leak in lpfc_rcv_padisc() (bsc#1220021). * scsi: lpfc: initialize status local variable in lpfc_sli4_repost_sgl_list() (bsc#1220021). * scsi: lpfc: move handling of reset congestion statistics events (bsc#1220021). * scsi: lpfc: protect vport fc_nodes list with an explicit spin lock (bsc#1220021). * scsi: lpfc: remove d_id swap log message from trace event logger (bsc#1220021). * scsi: lpfc: remove nlp_rcv_plogi early return during rscn processing for ndlps (bsc#1220021). * scsi: lpfc: remove shost_lock protection for fc_host_port shost apis (bsc#1220021). * scsi: lpfc: replace deprecated strncpy() with strscpy() (bsc#1220021). * scsi: lpfc: save fpin frequency statistics upon receipt of peer cgn notifications (bsc#1220021). * scsi: lpfc: update lpfc version to 14.4.0.0 (bsc#1220021). * scsi: lpfc: use pci_header_type_mfd instead of literal (bsc#1220021). * scsi: lpfc: use sg_dma_len() api to get struct scatterlist's length (bsc#1220021). * scsi: mpi3mr: refresh sdev queue depth after controller reset (git-fixes). * scsi: revert "scsi: fcoe: fix potential deadlock on &fip-> ctlr_lock" (git- fixes bsc#1219141). * serial: 8250: remove serial_rs485 sanitization fromem485 (git-fixes). * spi-mxs: fix chipselect glitch (git-fixes). * spi: hisi-sfc-v3xx: return irq_none if no interrupts were detected (git- fixes). * spi: ppc4xx: drop write-only variable (git-fixes). * spi: sh-msiof: avoid integer overflow in constants (git-fixes). * staging: iio: ad5933: fix type mismatch regression (git-fixes). * supported.conf: remove external flag from ibm supported modules. (bsc#1209412) * tcp: fix tcp_mtup_probe_success vs wrong snd_cwnd (bsc#1218450). * tomoyo: fix uaf write bug in tomoyo_write_control() (git-fixes). * topology/sysfs: add format parameter to macro defining "show" functions for proc (jsc#ped-7618). * topology/sysfs: add ppin in sysfs under cpu topology (jsc#ped-7618). * tty: allow tiocslcktrmios with cap_checkpoint_restore (git-fixes). * ubsan: array-index-out-of-bounds in dtsplitroot (git-fixes). * usb: cdns3: fix memory double free when handle zero packet (git-fixes). * usb: cdns3: fixed memory use after free at cdns3_gadget_ep_disable() (git- fixes). * usb: cdns3: modify the return value of cdns_set_active () to void when config_pm_sleep is disabled (git-fixes). * usb: cdns3: put the cdns set active part outside the spin lock (git-fixes). * usb: cdns: readd old api (git-fixes). * usb: cdnsp: blocked some cdns3 specific code (git-fixes). * usb: cdnsp: fixed issue with incorrect detecting cdnsp family controllers (git-fixes). * usb: dwc3: gadget: do not disconnect if not started (git-fixes). * usb: dwc3: gadget: handle ep0 request dequeuing properly (git-fixes). * usb: dwc3: gadget: ignore end transfer delay on teardown (git-fixes). * usb: dwc3: gadget: queue pm runtime idle on disconnect event (git-fixes). * usb: dwc3: gadget: refactor ep0 forced stall/restart into a separate api (git-fixes). * usb: dwc3: gadget: submit endxfer command if delayed during disconnect (git- fixes). * usb: dwc3: host: set xhci_sg_trb_cache_size_quirk (git-fixes). * usb:f_mass_storage: forbid async queue when shutdown happen (git-fixes). * usb: gadget: core: add missing kerneldoc for vbus_work (git-fixes). * usb: gadget: core: adjust uevent timing on gadget unbind (git-fixes). * usb: gadget: core: help prevent panic during uvc unconfigure (git-fixes). * usb: gadget: core: remove unbalanced mutex_unlock in usb_gadget_activate (git-fixes). * usb: gadget: f_hid: fix report descriptor allocation (git-fixes). * usb: gadget: fix obscure lockdep violation for udc_mutex (git-fixes). * usb: gadget: fix use-after-free read in usb_udc_uevent() (git-fixes). * usb: gadget: fsl_qe_udc: validate endpoint index for ch9 udc (git-fixes). * usb: gadget: ncm: avoid dropping datagrams of properly parsed ntbs (git- fixes). * usb: gadget: udc: core: offload usb_udc_vbus_handler processing (git-fixes). * usb: gadget: udc: core: prevent soft_connect_store() race (git-fixes). * usb: gadget: udc: handle gadget_connect failure during bind operation (git- fixes). * usb: hub: check for alternate port before enabling a_alt_hnp_support (bsc#1218527). * usb: hub: replace hardcoded quirk value with bit() macro (git-fixes). * usb: roles: do not get/set_role() when usb_role_switch is unregistered (git- fixes). * usb: roles: fix null pointer issue when put module's reference (git-fixes). * usb: serial: cp210x: add id for imst im871a-usb (git-fixes). * usb: serial: option: add fibocom fm101-gl variant (git-fixes). * usb: serial: qcserial: add new usb-id for dell wireless dw5826e (git-fixes). * watchdog: it87_wdt: keep wdtctrl bit 3 unmodified for it8784/it8786 (git- fixes). * wifi: ath11k: fix registration of 6ghz-only phy without the full channel range (git-fixes). * wifi: ath9k: fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() (git-fixes). * wifi: cfg80211: fix missing interfaces when dumping (git-fixes). * wifi: cfg80211: fix rcu dereference in __cfg80211_bss_update (git-fixes). * wifi: cfg80211: free beacon_ies when overridden from hidden bss (git-fixes). * wifi: iwlwifi: fix some error codes (git-fixes). * wifi: iwlwifi: mvm: avoid baid size integer overflow (git-fixes). * wifi: iwlwifi: uninitialized variable in iwl_acpi_get_ppag_table() (git- fixes). * wifi: mac80211: adding missing drv_mgd_complete_tx() call (git-fixes). * wifi: mac80211: fix race condition on enabling fast-xmit (git-fixes). * wifi: nl80211: reject iftype change with mesh id change (git-fixes). * wifi: rt2x00: restart beacon queue when hardware reset (git-fixes). * wifi: rtl8xxxu: add additional usb ids for rtl8192eu devices (git-fixes). * wifi: rtlwifi: rtl8723{be,ae}: using calculate_bit_shift() (git-fixes). * wifi: wext-core: fix -wstringop-overflow warning in ioctl_standard_iw_point() (git-fixes). * x86/asm: add _asm_rip() macro for x86-64 (%rip) suffix (git-fixes). * x86/bugs: add asm helpers for executing verw (git-fixes). * x86/bugs: use alternative() instead of mds_user_clear static key (git- fixes). also add mds_user_clear to kabi severities since it's strictly mitigation related so should be low risk. * x86/cpu: x86_feature_intel_ppin finally had a cpuid bit (jsc#ped-7618). * x86/entry_32: add verw just before userspace transition (git-fixes). * x86/entry_64: add verw just before userspace transition (git-fixes). * x86/mm: fix memory encryption features advertisement (bsc#1206453). * xfs: remove unused fields from struct xbtree_ifakeroot (git-fixes). * xfs: short circuit xfs_growfs_data_private() if delta is zero (git-fixes). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-910=1openSUSE-SLE-15.5-2024-910=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-910=1 * SUSE Linux Enterprise Live Patching 15-SP5 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-910=1 * SUSE Real Time Module 15-SP5 zypper in -t patch SUSE-SLE-Module-RT-15-SP5-2024-910=1 ## Package List: * openSUSE Leap 15.5 (noarch) * kernel-source-rt-5.14.21-150500.13.38.1 * kernel-devel-rt-5.14.21-150500.13.38.1 * openSUSE Leap 15.5 (x86_64) * kernel-rt_debug-vdso-5.14.21-150500.13.38.1 * kernel-rt-devel-5.14.21-150500.13.38.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.38.1 * cluster-md-kmp-rt-5.14.21-150500.13.38.1 * kernel-livepatch-SLE15-SP5-RT_Update_11-debugsource-1-150500.11.3.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.38.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-livepatch-5.14.21-150500.13.38.1 * reiserfs-kmp-rt-debuginfo-5.14.21-150500.13.38.1 * kselftests-kmp-rt-debuginfo-5.14.21-150500.13.38.1 * kselftests-kmp-rt-5.14.21-150500.13.38.1 * kernel-rt-extra-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-debuginfo-5.14.21-150500.13.38.1 * kernel-livepatch-5_14_21-150500_13_38-rt-debuginfo-1-150500.11.3.1 * kernel-rt-extra-5.14.21-150500.13.38.1 * reiserfs-kmp-rt-5.14.21-150500.13.38.1 * gfs2-kmp-rt-5.14.21-150500.13.38.1 * ocfs2-kmp-rt-5.14.21-150500.13.38.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-optional-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-vdso-5.14.21-150500.13.38.1 * kernel-rt-optional-5.14.21-150500.13.38.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.38.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.38.1 * kernel-rt_debug-devel-5.14.21-150500.13.38.1 * kernel-syms-rt-5.14.21-150500.13.38.1 * dlm-kmp-rt-5.14.21-150500.13.38.1 *kernel-rt-livepatch-devel-5.14.21-150500.13.38.1 * kernel-rt_debug-debuginfo-5.14.21-150500.13.38.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.38.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-debugsource-5.14.21-150500.13.38.1 * kernel-rt_debug-livepatch-devel-5.14.21-150500.13.38.1 * kernel-livepatch-5_14_21-150500_13_38-rt-1-150500.11.3.1 * openSUSE Leap 15.5 (nosrc x86_64) * kernel-rt_debug-5.14.21-150500.13.38.1 * kernel-rt-5.14.21-150500.13.38.1 * SUSE Linux Enterprise Micro 5.5 (nosrc x86_64) * kernel-rt-5.14.21-150500.13.38.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * kernel-rt-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-debugsource-5.14.21-150500.13.38.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * kernel-source-rt-5.14.21-150500.13.38.1 * SUSE Linux Enterprise Live Patching 15-SP5 (x86_64) * kernel-livepatch-SLE15-SP5-RT_Update_11-debugsource-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_13_38-rt-1-150500.11.3.1 * kernel-livepatch-5_14_21-150500_13_38-rt-debuginfo-1-150500.11.3.1 * SUSE Real Time Module 15-SP5 (x86_64) * kernel-rt_debug-vdso-5.14.21-150500.13.38.1 * kernel-rt-devel-5.14.21-150500.13.38.1 * ocfs2-kmp-rt-debuginfo-5.14.21-150500.13.38.1 * cluster-md-kmp-rt-5.14.21-150500.13.38.1 * kernel-rt_debug-devel-debuginfo-5.14.21-150500.13.38.1 * dlm-kmp-rt-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-debuginfo-5.14.21-150500.13.38.1 * gfs2-kmp-rt-5.14.21-150500.13.38.1 * ocfs2-kmp-rt-5.14.21-150500.13.38.1 * gfs2-kmp-rt-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-devel-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-vdso-5.14.21-150500.13.38.1 * kernel-rt-vdso-debuginfo-5.14.21-150500.13.38.1 * kernel-rt_debug-vdso-debuginfo-5.14.21-150500.13.38.1 * kernel-rt_debug-devel-5.14.21-150500.13.38.1 * kernel-syms-rt-5.14.21-150500.13.38.1 * dlm-kmp-rt-5.14.21-150500.13.38.1 *kernel-rt_debug-debuginfo-5.14.21-150500.13.38.1 * kernel-rt_debug-debugsource-5.14.21-150500.13.38.1 * cluster-md-kmp-rt-debuginfo-5.14.21-150500.13.38.1 * kernel-rt-debugsource-5.14.21-150500.13.38.1 * SUSE Real Time Module 15-SP5 (noarch) * kernel-source-rt-5.14.21-150500.13.38.1 * kernel-devel-rt-5.14.21-150500.13.38.1 * SUSE Real Time Module 15-SP5 (nosrc x86_64) * kernel-rt_debug-5.14.21-150500.13.38.1 * kernel-rt-5.14.21-150500.13.38.1 ## References: * https://www.suse.com/security/cve/CVE-2019-25162.html * https://www.suse.com/security/cve/CVE-2021-46923.html * https://www.suse.com/security/cve/CVE-2021-46924.html * https://www.suse.com/security/cve/CVE-2021-46932.html * https://www.suse.com/security/cve/CVE-2023-28746.html * https://www.suse.com/security/cve/CVE-2023-5197.html * https://www.suse.com/security/cve/CVE-2023-52340.html * https://www.suse.com/security/cve/CVE-2023-52429.html * https://www.suse.com/security/cve/CVE-2023-52439.html * https://www.suse.com/security/cve/CVE-2023-52443.html * https://www.suse.com/security/cve/CVE-2023-52445.html * https://www.suse.com/security/cve/CVE-2023-52447.html * https://www.suse.com/security/cve/CVE-2023-52448.html * https://www.suse.com/security/cve/CVE-2023-52449.html * https://www.suse.com/security/cve/CVE-2023-52451.html * https://www.suse.com/security/cve/CVE-2023-52452.html * https://www.suse.com/security/cve/CVE-2023-52456.html * https://www.suse.com/security/cve/CVE-2023-52457.html * https://www.suse.com/security/cve/CVE-2023-52463.html * https://www.suse.com/security/cve/CVE-2023-52464.html * https://www.suse.com/security/cve/CVE-2023-52475.html * https://www.suse.com/security/cve/CVE-2023-52478.html * https://www.suse.com/security/cve/CVE-2023-6817.html * https://www.suse.com/security/cve/CVE-2024-0607.html * https://www.suse.com/security/cve/CVE-2024-1151.html * https://www.suse.com/security/cve/CVE-2024-23849.html *https://www.suse.com/security/cve/CVE-2024-23850.html * https://www.suse.com/security/cve/CVE-2024-23851.html * https://www.suse.com/security/cve/CVE-2024-25744.html * https://www.suse.com/security/cve/CVE-2024-26585.html * https://www.suse.com/security/cve/CVE-2024-26586.html * https://www.suse.com/security/cve/CVE-2024-26589.html * https://www.suse.com/security/cve/CVE-2024-26591.html * https://www.suse.com/security/cve/CVE-2024-26593.html * https://www.suse.com/security/cve/CVE-2024-26595.html * https://www.suse.com/security/cve/CVE-2024-26598.html * https://www.suse.com/security/cve/CVE-2024-26602.html * https://www.suse.com/security/cve/CVE-2024-26603.html * https://www.suse.com/security/cve/CVE-2024-26622.html * https://bugzilla.suse.com/show_bug.cgi?id=1194869 * https://bugzilla.suse.com/show_bug.cgi?id=1206453 * https://bugzilla.suse.com/show_bug.cgi?id=1209412 * https://bugzilla.suse.com/show_bug.cgi?id=1213456 * https://bugzilla.suse.com/show_bug.cgi?id=1216776 * https://bugzilla.suse.com/show_bug.cgi?id=1217927 * https://bugzilla.suse.com/show_bug.cgi?id=1218195 * https://bugzilla.suse.com/show_bug.cgi?id=1218216 * https://bugzilla.suse.com/show_bug.cgi?id=1218450 * https://bugzilla.suse.com/show_bug.cgi?id=1218527 * https://bugzilla.suse.com/show_bug.cgi?id=1218663 * https://bugzilla.suse.com/show_bug.cgi?id=1218915 * https://bugzilla.suse.com/show_bug.cgi?id=1219126 * https://bugzilla.suse.com/show_bug.cgi?id=1219127 * https://bugzilla.suse.com/show_bug.cgi?id=1219141 * https://bugzilla.suse.com/show_bug.cgi?id=1219146 * https://bugzilla.suse.com/show_bug.cgi?id=1219295 * https://bugzilla.suse.com/show_bug.cgi?id=1219443 * https://bugzilla.suse.com/show_bug.cgi?id=1219653 * https://bugzilla.suse.com/show_bug.cgi?id=1219827 * https://bugzilla.suse.com/show_bug.cgi?id=1219835 * https://bugzilla.suse.com/show_bug.cgi?id=1219839 * https://bugzilla.suse.com/show_bug.cgi?id=1219840 *https://bugzilla.suse.com/show_bug.cgi?id=1219934 * https://bugzilla.suse.com/show_bug.cgi?id=1220003 * https://bugzilla.suse.com/show_bug.cgi?id=1220009 * https://bugzilla.suse.com/show_bug.cgi?id=1220021 * https://bugzilla.suse.com/show_bug.cgi?id=1220030 * https://bugzilla.suse.com/show_bug.cgi?id=1220106 * https://bugzilla.suse.com/show_bug.cgi?id=1220140 * https://bugzilla.suse.com/show_bug.cgi?id=1220187 * https://bugzilla.suse.com/show_bug.cgi?id=1220238 * https://bugzilla.suse.com/show_bug.cgi?id=1220240 * https://bugzilla.suse.com/show_bug.cgi?id=1220241 * https://bugzilla.suse.com/show_bug.cgi?id=1220243 * https://bugzilla.suse.com/show_bug.cgi?id=1220250 * https://bugzilla.suse.com/show_bug.cgi?id=1220251 * https://bugzilla.suse.com/show_bug.cgi?id=1220253 * https://bugzilla.suse.com/show_bug.cgi?id=1220254 * https://bugzilla.suse.com/show_bug.cgi?id=1220255 * https://bugzilla.suse.com/show_bug.cgi?id=1220257 * https://bugzilla.suse.com/show_bug.cgi?id=1220267 * https://bugzilla.suse.com/show_bug.cgi?id=1220277 * https://bugzilla.suse.com/show_bug.cgi?id=1220317 * https://bugzilla.suse.com/show_bug.cgi?id=1220326 * https://bugzilla.suse.com/show_bug.cgi?id=1220328 * https://bugzilla.suse.com/show_bug.cgi?id=1220330 * https://bugzilla.suse.com/show_bug.cgi?id=1220335 * https://bugzilla.suse.com/show_bug.cgi?id=1220344 * https://bugzilla.suse.com/show_bug.cgi?id=1220348 * https://bugzilla.suse.com/show_bug.cgi?id=1220350 * https://bugzilla.suse.com/show_bug.cgi?id=1220364 * https://bugzilla.suse.com/show_bug.cgi?id=1220392 * https://bugzilla.suse.com/show_bug.cgi?id=1220393 * https://bugzilla.suse.com/show_bug.cgi?id=1220398 * https://bugzilla.suse.com/show_bug.cgi?id=1220409 * https://bugzilla.suse.com/show_bug.cgi?id=1220444 * https://bugzilla.suse.com/show_bug.cgi?id=1220457 * https://bugzilla.suse.com/show_bug.cgi?id=1220459 * https://bugzilla.suse.com/show_bug.cgi?id=1220649 *https://bugzilla.suse.com/show_bug.cgi?id=1220796 * https://bugzilla.suse.com/show_bug.cgi?id=1220825 . This critical security notice highlights several weaknesses in the Linux kernel. Prompt action is necessary.. Linux Kernel Update, SUSE Security Advisory, Kernel Bug Fixes, SUSE Updates. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Mar 15, 2024 Important SuSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorybuffer overflowmoderate severity

SUSE SLE Micro 5.3 Toolbox Security Update: Moderate Severity

The container suse/sle-micro/5.3/toolbox was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sle-micro/5.3/toolbox ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2022:3271-1 Container Tags : suse/sle-micro/5.3/toolbox:11.1 , suse/sle-micro/5.3/toolbox:11.1-5.2.49 , suse/sle-micro/5.3/toolbox:latest Container Release : 5.2.49 Severity : moderate Type : security References : 1201064 CVE-2022-2211 ----------------------------------------------------------------- The container suse/sle-micro/5.3/toolbox was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2022:4308-1 Released: Thu Dec 1 15:51:19 2022 Summary: Security update for virt-v2v Type: security Severity: moderate References: 1201064,CVE-2022-2211 This update for virt-v2v fixes the following issues: - CVE-2022-2211: Fixed buffer overflow in get_keys (bsc#1201064). The following package changes have been done: - tar-1.34-150000.3.22.3 updated . SUSE Container Security Update Advisory for suse/sle-micro/5.3/toolbox contains critical patches and enhancements essential for system integrity and protection.. SUSE, toolbox, container update, security advisory, buffer overflow. . LinuxSecurity.com Team

Calendar 2 Dec 02, 2022 SuSE
Banner 4 1028x280 1708121825 1771600306
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorycritical issueupdate

SUSE: 2022:2289-1 Important: MozillaFirefox Critical Security Threats

An update that fixes 9 vulnerabilities is now available. . SUSE Security Update: Security update for MozillaFirefox ______________________________________________________________________________ Announcement ID: SUSE-SU-2022:2289-1 Rating: important References: #1200793 Cross-References: CVE-2022-2200 CVE-2022-31744 CVE-2022-34468 CVE-2022-34470 CVE-2022-34472 CVE-2022-34478 CVE-2022-34479 CVE-2022-34481 CVE-2022-34484 Affected Products: HPE Helion Openstack 8 SUSE Linux Enterprise Server 12-SP2-BCL SUSE Linux Enterprise Server 12-SP3-BCL SUSE Linux Enterprise Server 12-SP3-LTSS SUSE Linux Enterprise Server 12-SP4-LTSS SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server for SAP 12-SP3 SUSE Linux Enterprise Server for SAP 12-SP4 SUSE Linux Enterprise Server for SAP Applications 12-SP5 SUSE Linux Enterprise Software Development Kit 12-SP5 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 ______________________________________________________________________________ An update that fixes 9 vulnerabilities is now available. Description: This update for MozillaFirefox fixes the following issues: Update to Firefox Extended Support Release 91.11.0 ESR (MFSA 2022-25) (bsc#1200793): - CVE-2022-2200: Undesired attributes could be set as part of prototype pollution (bmo#1771381) - CVE-2022-31744: CSP bypass enabling stylesheet injection (bmo#1757604) - CVE-2022-34468: CSP sandbox header without `allow-scripts` can be bypassed via retargeted javascript: URI (bmo#1768537) - CVE-2022-34470: Use-after-free in nsSHistory (bmo#1765951) - CVE-2022-34472:Unavailable PAC file resulted in OCSP requests being blocked (bmo#1770123) - CVE-2022-34478: Microsoft protocols can be attacked if a user accepts a prompt (bmo#1773717) - CVE-2022-34479: A popup window could be resized in a way to overlay the address bar with web content (bmo#1745595) - CVE-2022-34481: Potential integer overflow in ReplaceElementsAt (bmo#1497246) - CVE-2022-34484: Memory safety bugs fixed in Firefox 102 and Firefox ESR 91.11 (bmo#1763634, bmo#1772651) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 9: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2022-2289=1 - SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2022-2289=1 - SUSE OpenStack Cloud 9: zypper in -t patch SUSE-OpenStack-Cloud-9-2022-2289=1 - SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2022-2289=1 - SUSE Linux Enterprise Software Development Kit 12-SP5: zypper in -t patch SUSE-SLE-SDK-12-SP5-2022-2289=1 - SUSE Linux Enterprise Server for SAP 12-SP4: zypper in -t patch SUSE-SLE-SAP-12-SP4-2022-2289=1 - SUSE Linux Enterprise Server for SAP 12-SP3: zypper in -t patch SUSE-SLE-SAP-12-SP3-2022-2289=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-2289=1 - SUSE Linux Enterprise Server 12-SP4-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2022-2289=1 - SUSE Linux Enterprise Server 12-SP3-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2022-2289=1 - SUSE Linux Enterprise Server 12-SP3-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2022-2289=1 - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2022-2289=1 - HPE Helion Openstack8: zypper in -t patch HPE-Helion-OpenStack-8-2022-2289=1 Package List: - SUSE OpenStack Cloud Crowbar 9 (x86_64): MozillaFirefox-91.11.0-112.119.1 MozillaFirefox-debuginfo-91.11.0-112.119.1 MozillaFirefox-debugsource-91.11.0-112.119.1 MozillaFirefox-devel-91.11.0-112.119.1 MozillaFirefox-translations-common-91.11.0-112.119.1 - SUSE OpenStack Cloud Crowbar 8 (x86_64): MozillaFirefox-91.11.0-112.119.1 MozillaFirefox-debuginfo-91.11.0-112.119.1 MozillaFirefox-debugsource-91.11.0-112.119.1 MozillaFirefox-devel-91.11.0-112.119.1 MozillaFirefox-translations-common-91.11.0-112.119.1 - SUSE OpenStack Cloud 9 (x86_64): MozillaFirefox-91.11.0-112.119.1 MozillaFirefox-debuginfo-91.11.0-112.119.1 MozillaFirefox-debugsource-91.11.0-112.119.1 MozillaFirefox-devel-91.11.0-112.119.1 MozillaFirefox-translations-common-91.11.0-112.119.1 - SUSE OpenStack Cloud 8 (x86_64): MozillaFirefox-91.11.0-112.119.1 MozillaFirefox-debuginfo-91.11.0-112.119.1 MozillaFirefox-debugsource-91.11.0-112.119.1 MozillaFirefox-devel-91.11.0-112.119.1 MozillaFirefox-translations-common-91.11.0-112.119.1 - SUSE Linux Enterprise Software Development Kit 12-SP5 (aarch64 ppc64le s390x x86_64): MozillaFirefox-debuginfo-91.11.0-112.119.1 MozillaFirefox-debugsource-91.11.0-112.119.1 MozillaFirefox-devel-91.11.0-112.119.1 - SUSE Linux Enterprise Server for SAP 12-SP4 (ppc64le x86_64): MozillaFirefox-91.11.0-112.119.1 MozillaFirefox-debuginfo-91.11.0-112.119.1 MozillaFirefox-debugsource-91.11.0-112.119.1 MozillaFirefox-devel-91.11.0-112.119.1 MozillaFirefox-translations-common-91.11.0-112.119.1 - SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64): MozillaFirefox-91.11.0-112.119.1 MozillaFirefox-debuginfo-91.11.0-112.119.1 MozillaFirefox-debugsource-91.11.0-112.119.1 MozillaFirefox-devel-91.11.0-112.119.1 MozillaFirefox-translations-common-91.11.0-112.119.1 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): MozillaFirefox-91.11.0-112.119.1 MozillaFirefox-debuginfo-91.11.0-112.119.1 MozillaFirefox-debugsource-91.11.0-112.119.1 MozillaFirefox-devel-91.11.0-112.119.1 MozillaFirefox-translations-common-91.11.0-112.119.1 - SUSE Linux Enterprise Server 12-SP4-LTSS (aarch64 ppc64le s390x x86_64): MozillaFirefox-91.11.0-112.119.1 MozillaFirefox-debuginfo-91.11.0-112.119.1 MozillaFirefox-debugsource-91.11.0-112.119.1 MozillaFirefox-devel-91.11.0-112.119.1 MozillaFirefox-translations-common-91.11.0-112.119.1 - SUSE Linux Enterprise Server 12-SP3-LTSS (aarch64 ppc64le s390x x86_64): MozillaFirefox-91.11.0-112.119.1 MozillaFirefox-debuginfo-91.11.0-112.119.1 MozillaFirefox-debugsource-91.11.0-112.119.1 MozillaFirefox-devel-91.11.0-112.119.1 MozillaFirefox-translations-common-91.11.0-112.119.1 - SUSE Linux Enterprise Server 12-SP3-BCL (x86_64): MozillaFirefox-91.11.0-112.119.1 MozillaFirefox-debuginfo-91.11.0-112.119.1 MozillaFirefox-debugsource-91.11.0-112.119.1 MozillaFirefox-devel-91.11.0-112.119.1 MozillaFirefox-translations-common-91.11.0-112.119.1 - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): MozillaFirefox-91.11.0-112.119.1 MozillaFirefox-debuginfo-91.11.0-112.119.1 MozillaFirefox-debugsource-91.11.0-112.119.1 MozillaFirefox-devel-91.11.0-112.119.1 MozillaFirefox-translations-common-91.11.0-112.119.1 - HPE Helion Openstack 8 (x86_64): MozillaFirefox-91.11.0-112.119.1 MozillaFirefox-debuginfo-91.11.0-112.119.1 MozillaFirefox-debugsource-91.11.0-112.119.1 MozillaFirefox-devel-91.11.0-112.119.1 MozillaFirefox-translations-common-91.11.0-112.119.1 References: https://www.suse.com/security/cve/CVE-2022-2200.html https://www.suse.com/security/cve/CVE-2022-31744.html https://www.suse.com/security/cve/CVE-2022-34468.html https://www.suse.com/security/cve/CVE-2022-34470.html https://www.suse.com/security/cve/CVE-2022-34472.html https://www.suse.com/security/cve/CVE-2022-34478.html https://www.suse.com/security/cve/CVE-2022-34479.html https://www.suse.com/security/cve/CVE-2022-34481.html https://www.suse.com/security/cve/CVE-2022-34484.html https://bugzilla.suse.com/1200793 . SUSE has released a crucial security patch for MozillaFirefox, addressing 9 significant vulnerabilities impacting multiple SUSE versions.. MozillaFirefox Patch, SUSE Update, Security Fix, OpenStack Vulnerability, Linux Server Security. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jul 06, 2022 Important SuSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorymoderatemoderate severity

SUSE: 2021:66-1 Moderate: Security Patch for OpenSSL Issues

The container suse/sle15 was updated. The following patches have been included in this update:. SUSE Container Update Advisory: suse/sle15 ----------------------------------------------------------------- Container Advisory ID : SUSE-CU-2021:66-1 Container Tags : suse/sle15:15.2 , suse/sle15:15.2.8.2.862 Container Release : 8.2.862 Severity : moderate Type : security References : 1182331 1182333 1182959 CVE-2021-23840 CVE-2021-23841 ----------------------------------------------------------------- The container suse/sle15 was updated. The following patches have been included in this update: ----------------------------------------------------------------- Advisory ID: SUSE-SU-2021:754-1 Released: Tue Mar 9 17:10:49 2021 Summary: Security update for openssl-1_1 Type: security Severity: moderate References: 1182331,1182333,1182959,CVE-2021-23840,CVE-2021-23841 This update for openssl-1_1 fixes the following issues: - CVE-2021-23840: Fixed an Integer overflow in CipherUpdate (bsc#1182333) - CVE-2021-23841: Fixed a Null pointer dereference in X509_issuer_and_serial_hash() (bsc#1182331) - Fixed unresolved error codes in FIPS (bsc#1182959). . SUSE Container Update Notification provides essential security enhancements for suse/sle15, addressing vulnerabilities categorized with moderate severity that have been successfully resolved.. SUSE Container Update, OpenSSL Security, SUSE/SLE15 Patching, Container Vulnerabilities. . LinuxSecurity.com Team

Calendar 2 Mar 10, 2021 SuSE
Banner 4 1028x280 1708121825 1771600306
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorysecurity issueupdate

SUSE: 2020:3765-1 Important: Python Directory Traversal Exploit

An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for python ______________________________________________________________________________ Announcement ID: SUSE-SU-2020:3765-1 Rating: important References: #1176262 Cross-References: CVE-2019-20916 Affected Products: SUSE OpenStack Cloud Crowbar 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 7 SUSE Linux Enterprise Workstation Extension 12-SP5 SUSE Linux Enterprise Server for SAP 12-SP4 SUSE Linux Enterprise Server for SAP 12-SP3 SUSE Linux Enterprise Server for SAP 12-SP2 SUSE Linux Enterprise Server 12-SP5 SUSE Linux Enterprise Server 12-SP4-LTSS SUSE Linux Enterprise Server 12-SP3-LTSS SUSE Linux Enterprise Server 12-SP3-BCL SUSE Linux Enterprise Server 12-SP2-LTSS SUSE Linux Enterprise Server 12-SP2-BCL SUSE Enterprise Storage 5 HPE Helion Openstack 8 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python fixes the following issues: - Fixed a directory traversal in _download_http_url() (bsc#1176262 CVE-2019-20916) Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE OpenStack Cloud Crowbar 9: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2020-3765=1 - SUSE OpenStack Cloud Crowbar 8: zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-3765=1 - SUSE OpenStackCloud 9: zypper in -t patch SUSE-OpenStack-Cloud-9-2020-3765=1 - SUSE OpenStack Cloud 8: zypper in -t patch SUSE-OpenStack-Cloud-8-2020-3765=1 - SUSE OpenStack Cloud 7: zypper in -t patch SUSE-OpenStack-Cloud-7-2020-3765=1 - SUSE Linux Enterprise Workstation Extension 12-SP5: zypper in -t patch SUSE-SLE-WE-12-SP5-2020-3765=1 - SUSE Linux Enterprise Server for SAP 12-SP4: zypper in -t patch SUSE-SLE-SAP-12-SP4-2020-3765=1 - SUSE Linux Enterprise Server for SAP 12-SP3: zypper in -t patch SUSE-SLE-SAP-12-SP3-2020-3765=1 - SUSE Linux Enterprise Server for SAP 12-SP2: zypper in -t patch SUSE-SLE-SAP-12-SP2-2020-3765=1 - SUSE Linux Enterprise Server 12-SP5: zypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-3765=1 - SUSE Linux Enterprise Server 12-SP4-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2020-3765=1 - SUSE Linux Enterprise Server 12-SP3-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP3-2020-3765=1 - SUSE Linux Enterprise Server 12-SP3-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2020-3765=1 - SUSE Linux Enterprise Server 12-SP2-LTSS: zypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-3765=1 - SUSE Linux Enterprise Server 12-SP2-BCL: zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-3765=1 - SUSE Enterprise Storage 5: zypper in -t patch SUSE-Storage-5-2020-3765=1 - HPE Helion Openstack 8: zypper in -t patch HPE-Helion-OpenStack-8-2020-3765=1 Package List: - SUSE OpenStack Cloud Crowbar 9 (noarch): python-doc-2.7.17-28.59.1 python-doc-pdf-2.7.17-28.59.1 - SUSE OpenStack Cloud Crowbar 9 (x86_64): libpython2_7-1_0-2.7.17-28.59.1 libpython2_7-1_0-32bit-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-32bit-2.7.17-28.59.1 python-2.7.17-28.59.1 python-32bit-2.7.17-28.59.1 python-base-2.7.17-28.59.1 python-base-32bit-2.7.17-28.59.1 python-base-debuginfo-2.7.17-28.59.1 python-base-debuginfo-32bit-2.7.17-28.59.1 python-base-debugsource-2.7.17-28.59.1 python-curses-2.7.17-28.59.1 python-curses-debuginfo-2.7.17-28.59.1 python-debuginfo-2.7.17-28.59.1 python-debuginfo-32bit-2.7.17-28.59.1 python-debugsource-2.7.17-28.59.1 python-demo-2.7.17-28.59.1 python-devel-2.7.17-28.59.1 python-gdbm-2.7.17-28.59.1 python-gdbm-debuginfo-2.7.17-28.59.1 python-idle-2.7.17-28.59.1 python-tk-2.7.17-28.59.1 python-tk-debuginfo-2.7.17-28.59.1 python-xml-2.7.17-28.59.1 python-xml-debuginfo-2.7.17-28.59.1 - SUSE OpenStack Cloud Crowbar 8 (noarch): python-doc-2.7.17-28.59.1 python-doc-pdf-2.7.17-28.59.1 - SUSE OpenStack Cloud Crowbar 8 (x86_64): libpython2_7-1_0-2.7.17-28.59.1 libpython2_7-1_0-32bit-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-32bit-2.7.17-28.59.1 python-2.7.17-28.59.1 python-32bit-2.7.17-28.59.1 python-base-2.7.17-28.59.1 python-base-32bit-2.7.17-28.59.1 python-base-debuginfo-2.7.17-28.59.1 python-base-debuginfo-32bit-2.7.17-28.59.1 python-base-debugsource-2.7.17-28.59.1 python-curses-2.7.17-28.59.1 python-curses-debuginfo-2.7.17-28.59.1 python-debuginfo-2.7.17-28.59.1 python-debuginfo-32bit-2.7.17-28.59.1 python-debugsource-2.7.17-28.59.1 python-demo-2.7.17-28.59.1 python-devel-2.7.17-28.59.1 python-gdbm-2.7.17-28.59.1 python-gdbm-debuginfo-2.7.17-28.59.1 python-idle-2.7.17-28.59.1 python-tk-2.7.17-28.59.1 python-tk-debuginfo-2.7.17-28.59.1 python-xml-2.7.17-28.59.1 python-xml-debuginfo-2.7.17-28.59.1 - SUSE OpenStack Cloud 9 (x86_64): libpython2_7-1_0-2.7.17-28.59.1 libpython2_7-1_0-32bit-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-32bit-2.7.17-28.59.1 python-2.7.17-28.59.1 python-32bit-2.7.17-28.59.1 python-base-2.7.17-28.59.1 python-base-32bit-2.7.17-28.59.1 python-base-debuginfo-2.7.17-28.59.1 python-base-debuginfo-32bit-2.7.17-28.59.1 python-base-debugsource-2.7.17-28.59.1 python-curses-2.7.17-28.59.1 python-curses-debuginfo-2.7.17-28.59.1 python-debuginfo-2.7.17-28.59.1 python-debuginfo-32bit-2.7.17-28.59.1 python-debugsource-2.7.17-28.59.1 python-demo-2.7.17-28.59.1 python-devel-2.7.17-28.59.1 python-gdbm-2.7.17-28.59.1 python-gdbm-debuginfo-2.7.17-28.59.1 python-idle-2.7.17-28.59.1 python-tk-2.7.17-28.59.1 python-tk-debuginfo-2.7.17-28.59.1 python-xml-2.7.17-28.59.1 python-xml-debuginfo-2.7.17-28.59.1 - SUSE OpenStack Cloud 9 (noarch): python-doc-2.7.17-28.59.1 python-doc-pdf-2.7.17-28.59.1 - SUSE OpenStack Cloud 8 (x86_64): libpython2_7-1_0-2.7.17-28.59.1 libpython2_7-1_0-32bit-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-32bit-2.7.17-28.59.1 python-2.7.17-28.59.1 python-32bit-2.7.17-28.59.1 python-base-2.7.17-28.59.1 python-base-32bit-2.7.17-28.59.1 python-base-debuginfo-2.7.17-28.59.1 python-base-debuginfo-32bit-2.7.17-28.59.1 python-base-debugsource-2.7.17-28.59.1 python-curses-2.7.17-28.59.1 python-curses-debuginfo-2.7.17-28.59.1 python-debuginfo-2.7.17-28.59.1 python-debuginfo-32bit-2.7.17-28.59.1 python-debugsource-2.7.17-28.59.1 python-demo-2.7.17-28.59.1 python-devel-2.7.17-28.59.1 python-gdbm-2.7.17-28.59.1 python-gdbm-debuginfo-2.7.17-28.59.1 python-idle-2.7.17-28.59.1 python-tk-2.7.17-28.59.1 python-tk-debuginfo-2.7.17-28.59.1 python-xml-2.7.17-28.59.1 python-xml-debuginfo-2.7.17-28.59.1 - SUSE OpenStack Cloud 8 (noarch): python-doc-2.7.17-28.59.1 python-doc-pdf-2.7.17-28.59.1 - SUSE OpenStackCloud 7 (s390x x86_64): libpython2_7-1_0-2.7.17-28.59.1 libpython2_7-1_0-32bit-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-32bit-2.7.17-28.59.1 python-2.7.17-28.59.1 python-32bit-2.7.17-28.59.1 python-base-2.7.17-28.59.1 python-base-32bit-2.7.17-28.59.1 python-base-debuginfo-2.7.17-28.59.1 python-base-debuginfo-32bit-2.7.17-28.59.1 python-base-debugsource-2.7.17-28.59.1 python-curses-2.7.17-28.59.1 python-curses-debuginfo-2.7.17-28.59.1 python-debuginfo-2.7.17-28.59.1 python-debuginfo-32bit-2.7.17-28.59.1 python-debugsource-2.7.17-28.59.1 python-demo-2.7.17-28.59.1 python-devel-2.7.17-28.59.1 python-gdbm-2.7.17-28.59.1 python-gdbm-debuginfo-2.7.17-28.59.1 python-idle-2.7.17-28.59.1 python-tk-2.7.17-28.59.1 python-tk-debuginfo-2.7.17-28.59.1 python-xml-2.7.17-28.59.1 python-xml-debuginfo-2.7.17-28.59.1 - SUSE OpenStack Cloud 7 (noarch): python-doc-2.7.17-28.59.1 python-doc-pdf-2.7.17-28.59.1 - SUSE Linux Enterprise Workstation Extension 12-SP5 (x86_64): python-base-debuginfo-2.7.17-28.59.1 python-base-debugsource-2.7.17-28.59.1 python-devel-2.7.17-28.59.1 - SUSE Linux Enterprise Server for SAP 12-SP4 (ppc64le x86_64): libpython2_7-1_0-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-2.7.17-28.59.1 python-2.7.17-28.59.1 python-base-2.7.17-28.59.1 python-base-debuginfo-2.7.17-28.59.1 python-base-debugsource-2.7.17-28.59.1 python-curses-2.7.17-28.59.1 python-curses-debuginfo-2.7.17-28.59.1 python-debuginfo-2.7.17-28.59.1 python-debugsource-2.7.17-28.59.1 python-demo-2.7.17-28.59.1 python-devel-2.7.17-28.59.1 python-gdbm-2.7.17-28.59.1 python-gdbm-debuginfo-2.7.17-28.59.1 python-idle-2.7.17-28.59.1 python-tk-2.7.17-28.59.1 python-tk-debuginfo-2.7.17-28.59.1 python-xml-2.7.17-28.59.1 python-xml-debuginfo-2.7.17-28.59.1 - SUSE Linux Enterprise Server for SAP 12-SP4 (x86_64): libpython2_7-1_0-32bit-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-32bit-2.7.17-28.59.1 python-32bit-2.7.17-28.59.1 python-base-32bit-2.7.17-28.59.1 python-base-debuginfo-32bit-2.7.17-28.59.1 python-debuginfo-32bit-2.7.17-28.59.1 - SUSE Linux Enterprise Server for SAP 12-SP4 (noarch): python-doc-2.7.17-28.59.1 python-doc-pdf-2.7.17-28.59.1 - SUSE Linux Enterprise Server for SAP 12-SP3 (ppc64le x86_64): libpython2_7-1_0-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-2.7.17-28.59.1 python-2.7.17-28.59.1 python-base-2.7.17-28.59.1 python-base-debuginfo-2.7.17-28.59.1 python-base-debugsource-2.7.17-28.59.1 python-curses-2.7.17-28.59.1 python-curses-debuginfo-2.7.17-28.59.1 python-debuginfo-2.7.17-28.59.1 python-debugsource-2.7.17-28.59.1 python-demo-2.7.17-28.59.1 python-devel-2.7.17-28.59.1 python-gdbm-2.7.17-28.59.1 python-gdbm-debuginfo-2.7.17-28.59.1 python-idle-2.7.17-28.59.1 python-tk-2.7.17-28.59.1 python-tk-debuginfo-2.7.17-28.59.1 python-xml-2.7.17-28.59.1 python-xml-debuginfo-2.7.17-28.59.1 - SUSE Linux Enterprise Server for SAP 12-SP3 (x86_64): libpython2_7-1_0-32bit-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-32bit-2.7.17-28.59.1 python-32bit-2.7.17-28.59.1 python-base-32bit-2.7.17-28.59.1 python-base-debuginfo-32bit-2.7.17-28.59.1 python-debuginfo-32bit-2.7.17-28.59.1 - SUSE Linux Enterprise Server for SAP 12-SP3 (noarch): python-doc-2.7.17-28.59.1 python-doc-pdf-2.7.17-28.59.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (ppc64le x86_64): libpython2_7-1_0-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-2.7.17-28.59.1 python-2.7.17-28.59.1 python-base-2.7.17-28.59.1 python-base-debuginfo-2.7.17-28.59.1 python-base-debugsource-2.7.17-28.59.1 python-curses-2.7.17-28.59.1 python-curses-debuginfo-2.7.17-28.59.1 python-debuginfo-2.7.17-28.59.1 python-debugsource-2.7.17-28.59.1 python-demo-2.7.17-28.59.1 python-devel-2.7.17-28.59.1 python-gdbm-2.7.17-28.59.1 python-gdbm-debuginfo-2.7.17-28.59.1 python-idle-2.7.17-28.59.1 python-tk-2.7.17-28.59.1 python-tk-debuginfo-2.7.17-28.59.1 python-xml-2.7.17-28.59.1 python-xml-debuginfo-2.7.17-28.59.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (x86_64): libpython2_7-1_0-32bit-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-32bit-2.7.17-28.59.1 python-32bit-2.7.17-28.59.1 python-base-32bit-2.7.17-28.59.1 python-base-debuginfo-32bit-2.7.17-28.59.1 python-debuginfo-32bit-2.7.17-28.59.1 - SUSE Linux Enterprise Server for SAP 12-SP2 (noarch): python-doc-2.7.17-28.59.1 python-doc-pdf-2.7.17-28.59.1 - SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64): libpython2_7-1_0-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-2.7.17-28.59.1 python-2.7.17-28.59.1 python-base-2.7.17-28.59.1 python-base-debuginfo-2.7.17-28.59.1 python-base-debugsource-2.7.17-28.59.1 python-curses-2.7.17-28.59.1 python-curses-debuginfo-2.7.17-28.59.1 python-debuginfo-2.7.17-28.59.1 python-debugsource-2.7.17-28.59.1 python-demo-2.7.17-28.59.1 python-devel-2.7.17-28.59.1 python-gdbm-2.7.17-28.59.1 python-gdbm-debuginfo-2.7.17-28.59.1 python-idle-2.7.17-28.59.1 python-tk-2.7.17-28.59.1 python-tk-debuginfo-2.7.17-28.59.1 python-xml-2.7.17-28.59.1 python-xml-debuginfo-2.7.17-28.59.1 - SUSE Linux Enterprise Server 12-SP5 (s390x x86_64): libpython2_7-1_0-32bit-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-32bit-2.7.17-28.59.1 python-32bit-2.7.17-28.59.1 python-base-32bit-2.7.17-28.59.1 python-base-debuginfo-32bit-2.7.17-28.59.1 python-debuginfo-32bit-2.7.17-28.59.1 -SUSE Linux Enterprise Server 12-SP5 (noarch): python-doc-2.7.17-28.59.1 python-doc-pdf-2.7.17-28.59.1 - SUSE Linux Enterprise Server 12-SP4-LTSS (aarch64 ppc64le s390x x86_64): libpython2_7-1_0-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-2.7.17-28.59.1 python-2.7.17-28.59.1 python-base-2.7.17-28.59.1 python-base-debuginfo-2.7.17-28.59.1 python-base-debugsource-2.7.17-28.59.1 python-curses-2.7.17-28.59.1 python-curses-debuginfo-2.7.17-28.59.1 python-debuginfo-2.7.17-28.59.1 python-debugsource-2.7.17-28.59.1 python-demo-2.7.17-28.59.1 python-devel-2.7.17-28.59.1 python-gdbm-2.7.17-28.59.1 python-gdbm-debuginfo-2.7.17-28.59.1 python-idle-2.7.17-28.59.1 python-tk-2.7.17-28.59.1 python-tk-debuginfo-2.7.17-28.59.1 python-xml-2.7.17-28.59.1 python-xml-debuginfo-2.7.17-28.59.1 - SUSE Linux Enterprise Server 12-SP4-LTSS (s390x x86_64): libpython2_7-1_0-32bit-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-32bit-2.7.17-28.59.1 python-32bit-2.7.17-28.59.1 python-base-32bit-2.7.17-28.59.1 python-base-debuginfo-32bit-2.7.17-28.59.1 python-debuginfo-32bit-2.7.17-28.59.1 - SUSE Linux Enterprise Server 12-SP4-LTSS (noarch): python-doc-2.7.17-28.59.1 python-doc-pdf-2.7.17-28.59.1 - SUSE Linux Enterprise Server 12-SP3-LTSS (aarch64 ppc64le s390x x86_64): libpython2_7-1_0-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-2.7.17-28.59.1 python-2.7.17-28.59.1 python-base-2.7.17-28.59.1 python-base-debuginfo-2.7.17-28.59.1 python-base-debugsource-2.7.17-28.59.1 python-curses-2.7.17-28.59.1 python-curses-debuginfo-2.7.17-28.59.1 python-debuginfo-2.7.17-28.59.1 python-debugsource-2.7.17-28.59.1 python-demo-2.7.17-28.59.1 python-devel-2.7.17-28.59.1 python-gdbm-2.7.17-28.59.1 python-gdbm-debuginfo-2.7.17-28.59.1 python-idle-2.7.17-28.59.1 python-tk-2.7.17-28.59.1 python-tk-debuginfo-2.7.17-28.59.1 python-xml-2.7.17-28.59.1 python-xml-debuginfo-2.7.17-28.59.1 - SUSE Linux Enterprise Server 12-SP3-LTSS (s390x x86_64): libpython2_7-1_0-32bit-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-32bit-2.7.17-28.59.1 python-32bit-2.7.17-28.59.1 python-base-32bit-2.7.17-28.59.1 python-base-debuginfo-32bit-2.7.17-28.59.1 python-debuginfo-32bit-2.7.17-28.59.1 - SUSE Linux Enterprise Server 12-SP3-LTSS (noarch): python-doc-2.7.17-28.59.1 python-doc-pdf-2.7.17-28.59.1 - SUSE Linux Enterprise Server 12-SP3-BCL (x86_64): libpython2_7-1_0-2.7.17-28.59.1 libpython2_7-1_0-32bit-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-32bit-2.7.17-28.59.1 python-2.7.17-28.59.1 python-32bit-2.7.17-28.59.1 python-base-2.7.17-28.59.1 python-base-32bit-2.7.17-28.59.1 python-base-debuginfo-2.7.17-28.59.1 python-base-debuginfo-32bit-2.7.17-28.59.1 python-base-debugsource-2.7.17-28.59.1 python-curses-2.7.17-28.59.1 python-curses-debuginfo-2.7.17-28.59.1 python-debuginfo-2.7.17-28.59.1 python-debuginfo-32bit-2.7.17-28.59.1 python-debugsource-2.7.17-28.59.1 python-demo-2.7.17-28.59.1 python-devel-2.7.17-28.59.1 python-gdbm-2.7.17-28.59.1 python-gdbm-debuginfo-2.7.17-28.59.1 python-idle-2.7.17-28.59.1 python-tk-2.7.17-28.59.1 python-tk-debuginfo-2.7.17-28.59.1 python-xml-2.7.17-28.59.1 python-xml-debuginfo-2.7.17-28.59.1 - SUSE Linux Enterprise Server 12-SP3-BCL (noarch): python-doc-2.7.17-28.59.1 python-doc-pdf-2.7.17-28.59.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (ppc64le s390x x86_64): libpython2_7-1_0-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-2.7.17-28.59.1 python-2.7.17-28.59.1 python-base-2.7.17-28.59.1 python-base-debuginfo-2.7.17-28.59.1 python-base-debugsource-2.7.17-28.59.1 python-curses-2.7.17-28.59.1 python-curses-debuginfo-2.7.17-28.59.1 python-debuginfo-2.7.17-28.59.1 python-debugsource-2.7.17-28.59.1 python-demo-2.7.17-28.59.1 python-devel-2.7.17-28.59.1 python-gdbm-2.7.17-28.59.1 python-gdbm-debuginfo-2.7.17-28.59.1 python-idle-2.7.17-28.59.1 python-tk-2.7.17-28.59.1 python-tk-debuginfo-2.7.17-28.59.1 python-xml-2.7.17-28.59.1 python-xml-debuginfo-2.7.17-28.59.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (s390x x86_64): libpython2_7-1_0-32bit-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-32bit-2.7.17-28.59.1 python-32bit-2.7.17-28.59.1 python-base-32bit-2.7.17-28.59.1 python-base-debuginfo-32bit-2.7.17-28.59.1 python-debuginfo-32bit-2.7.17-28.59.1 - SUSE Linux Enterprise Server 12-SP2-LTSS (noarch): python-doc-2.7.17-28.59.1 python-doc-pdf-2.7.17-28.59.1 - SUSE Linux Enterprise Server 12-SP2-BCL (x86_64): libpython2_7-1_0-2.7.17-28.59.1 libpython2_7-1_0-32bit-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-32bit-2.7.17-28.59.1 python-2.7.17-28.59.1 python-32bit-2.7.17-28.59.1 python-base-2.7.17-28.59.1 python-base-32bit-2.7.17-28.59.1 python-base-debuginfo-2.7.17-28.59.1 python-base-debuginfo-32bit-2.7.17-28.59.1 python-base-debugsource-2.7.17-28.59.1 python-curses-2.7.17-28.59.1 python-curses-debuginfo-2.7.17-28.59.1 python-debuginfo-2.7.17-28.59.1 python-debuginfo-32bit-2.7.17-28.59.1 python-debugsource-2.7.17-28.59.1 python-demo-2.7.17-28.59.1 python-gdbm-2.7.17-28.59.1 python-gdbm-debuginfo-2.7.17-28.59.1 python-idle-2.7.17-28.59.1 python-tk-2.7.17-28.59.1 python-tk-debuginfo-2.7.17-28.59.1 python-xml-2.7.17-28.59.1 python-xml-debuginfo-2.7.17-28.59.1 - SUSE Linux Enterprise Server 12-SP2-BCL (noarch): python-doc-2.7.17-28.59.1 python-doc-pdf-2.7.17-28.59.1 - SUSE Enterprise Storage 5 (aarch64 x86_64): libpython2_7-1_0-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-2.7.17-28.59.1 python-2.7.17-28.59.1 python-base-2.7.17-28.59.1 python-base-debuginfo-2.7.17-28.59.1 python-base-debugsource-2.7.17-28.59.1 python-curses-2.7.17-28.59.1 python-curses-debuginfo-2.7.17-28.59.1 python-debuginfo-2.7.17-28.59.1 python-debugsource-2.7.17-28.59.1 python-demo-2.7.17-28.59.1 python-devel-2.7.17-28.59.1 python-gdbm-2.7.17-28.59.1 python-gdbm-debuginfo-2.7.17-28.59.1 python-idle-2.7.17-28.59.1 python-strict-tls-check-2.7.17-28.59.1 python-tk-2.7.17-28.59.1 python-tk-debuginfo-2.7.17-28.59.1 python-xml-2.7.17-28.59.1 python-xml-debuginfo-2.7.17-28.59.1 - SUSE Enterprise Storage 5 (noarch): python-doc-2.7.17-28.59.1 python-doc-pdf-2.7.17-28.59.1 - SUSE Enterprise Storage 5 (x86_64): libpython2_7-1_0-32bit-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-32bit-2.7.17-28.59.1 python-32bit-2.7.17-28.59.1 python-base-32bit-2.7.17-28.59.1 python-base-debuginfo-32bit-2.7.17-28.59.1 python-debuginfo-32bit-2.7.17-28.59.1 - HPE Helion Openstack 8 (noarch): python-doc-2.7.17-28.59.1 python-doc-pdf-2.7.17-28.59.1 - HPE Helion Openstack 8 (x86_64): libpython2_7-1_0-2.7.17-28.59.1 libpython2_7-1_0-32bit-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-2.7.17-28.59.1 libpython2_7-1_0-debuginfo-32bit-2.7.17-28.59.1 python-2.7.17-28.59.1 python-32bit-2.7.17-28.59.1 python-base-2.7.17-28.59.1 python-base-32bit-2.7.17-28.59.1 python-base-debuginfo-2.7.17-28.59.1 python-base-debuginfo-32bit-2.7.17-28.59.1 python-base-debugsource-2.7.17-28.59.1 python-curses-2.7.17-28.59.1 python-curses-debuginfo-2.7.17-28.59.1 python-debuginfo-2.7.17-28.59.1 python-debuginfo-32bit-2.7.17-28.59.1 python-debugsource-2.7.17-28.59.1 python-demo-2.7.17-28.59.1 python-devel-2.7.17-28.59.1 python-gdbm-2.7.17-28.59.1 python-gdbm-debuginfo-2.7.17-28.59.1 python-idle-2.7.17-28.59.1 python-tk-2.7.17-28.59.1 python-tk-debuginfo-2.7.17-28.59.1 python-xml-2.7.17-28.59.1 python-xml-debuginfo-2.7.17-28.59.1 References: https://www.suse.com/security/cve/CVE-2019-20916.html https://bugzilla.suse.com/1176262 . Acknowledge the significant vulnerability present in Python that impacts various SUSE releases, requiring immediate attention with this urgent patch.. SUSE Python Security, Directory Traversal Issue, Important Security Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Dec 11, 2020 Important SuSE
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorysecurity updatelocal privilege escalation

SUSE 10.1: 2006-027 Moderate: Cron Local Privilege Escalation Risk

Vixie Cron is the default CRON daemon in all SUSE Linux based Vixie Cron is the default CRON daemon in all SUSE Linux based distributions. distributions. The code in do_command.c in Vixie cron does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits.. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ______________________________________________________________________________ SUSE Security Announcement Package: cron Announcement ID: SUSE-SA:2006:027 Date: Wed, 31 May 2006 15:00:00 +0000 Affected Products: SUSE LINUX 10.1 SUSE LINUX 10.0 SUSE LINUX 9.3 SUSE LINUX 9.2 SUSE LINUX 9.1 SuSE Linux Desktop 1.0 SuSE Linux Enterprise Server 8 SUSE SLES 9 UnitedLinux 1.0 Vulnerability Type: local privilege escalation Severity (1-10): 7 SUSE Default Package: yes Cross-References: CVE-2006-2607 Content of This Advisory: 1) Security Vulnerability Resolved: local privilege escalation using cron Problem Description 2) Solution or Work-Around 3) Special Instructions and Notes 4) Package Location and Checksums 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. 6) Authenticity Verification and Additional Information ______________________________________________________________________________ 1) Problem Description and Brief Discussion Vixie Cron is the default CRON daemon in all SUSE Linux based distributions. The code in do_command.c in Vixie cron does not check the returncode of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits. This problem is known to affect only distributions with Linux 2.6 kernels, but the package was updated for all distributions for completeness. This problem is tracked by the Mitre CVE ID CVE-2006-2607. 2) Solution or Work-Around There is no known workaround, please install the update packages. 3) Special Instructions and Notes Please restart cron after the update. 4) Package Location and Checksums The preferred method for installing security updates is to use the YaST Online Update (YOU) tool. YOU detects which updates are required and automatically performs the necessary steps to verify and install them. Alternatively, download the update packages for your distribution manually and verify their integrity by the methods listed in Section 6 of this announcement. Then install the packages using the command rpm -Fhv to apply the update, replacing with the filename of the downloaded RPM package. x86 Platform: SUSE LINUX 10.1: e497e8d493f1b94c0891af1026be4d0a SUSE LINUX 10.0: a7daa9be8f6d1f3d5b87904e934ee235 SUSE LINUX 9.3: feabbd699c9504dc4cf0bf0ba91e6f2d SUSE LINUX 9.2: 0979cea40c43166044c66364b148101b SUSE LINUX 9.1: e140f798e6146f52ca2621a6ef678a45 Power PC Platform: SUSE LINUX 10.1: 0b0550667503fc422ae7601b4cb513e6 SUSE LINUX 10.0: 711aeec2e8bfcb02835478e3c5bc62c8 x86-64 Platform: SUSE LINUX 10.1: 01885af8563e8f2e093b7741e0e7ee95 SUSE LINUX 10.0: 3716db1e6d608fc4714b8ac137c94059 SUSE LINUX 9.3: 4287461b019ece311e32082fd87bc0a9 SUSE LINUX 9.2: 574294ae7f583add41bd45774988cb4e SUSE LINUX 9.1: 6b26840c02592f7978d841f99743371d Sources: SUSE LINUX 10.1: f43d85f87f2571b7a72c580f40027abd SUSE LINUX 10.0: 78ea0581677076016e90b109e6154b12 SUSE LINUX 9.3: 9a1b7e7f96f6daaa2ce77f922ff9df9a SUSE LINUX 9.2: 26adb41a9c1beb796184323a0c0fed8a SUSE LINUX 9.1: 84e82588b2fcd45ff23e02502acbc8d2 c0aa0ac7fb31ae24da6404b0e0cdc218 Our maintenance customers are notified individually. The packages are offered for installation from the maintenance web: UnitedLinux 1.0 SUSE SLES 9 SuSE Linux Desktop 1.0 SuSE Linux Enterprise Server 8 ______________________________________________________________________________ 5) Pending Vulnerabilities, Solutions, and Work-Arounds: See SUSE Security Summary Report. ______________________________________________________________________________ 6) Authenticity Verification and Additional Information - Announcement authenticity verification: SUSE security announcements are published via mailing lists and on Web sites. The authenticity and integrity of a SUSE security announcement is guaranteed by a cryptographic signature in each announcement. All SUSE security announcements are published with a valid signature. To verify the signature of the announcement, save it as text into a file and run the command gpg --verify replacing with the name of the file where you saved the announcement. The output for a valid signature looks like: gpg: Signature made using RSA key ID 3D25D3D9 gpg: Good signature from "SuSE Security Team " where is replaced by the date the document was signed. If the security team's key is not contained in your key ring, you can import it from the first installation CD. To import the key, use the command gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc - Package authenticity verification: SUSE update packages are available on many mirror FTP servers all over the world. While this service is considered valuableand important to the free and open source software community, the authenticity and the integrity of a package needs to be verified to ensure that it has not been tampered with. There are two verification methods that can be used independently from each other to prove the authenticity of a downloaded file or RPM package: 1) Using the internal gpg signatures of the rpm package 2) MD5 checksums as provided in this announcement 1) The internal rpm package signatures provide an easy way to verify the authenticity of an RPM package. Use the command rpm -v --checksig to verify the signature of the package, replacing with the filename of the RPM package downloaded. The package is unmodified if it contains a valid signature from This email address is being protected from spambots. You need JavaScript enabled to view it. with the key ID 9C800ACA. This key is automatically imported into the RPM database (on RPMv4-based distributions) and the gpg key ring of 'root' during installation. You can also find it on the first installation CD and at the end of this announcement. 2) If you need an alternative means of verification, use the md5sum command to verify the authenticity of the packages. Execute the command md5sum after you downloaded the file from a SUSE FTP server or its mirrors. Then compare the resulting md5sum with the one that is listed in the SUSE security announcement. Because the announcement containing the checksums is cryptographically signed (by This email address is being protected from spambots. You need JavaScript enabled to view it.), the checksums show proof of the authenticity of the package if the signature of the announcement is valid. Note that the md5 sums published in the SUSE Security Announcements are valid for the respective packages only. Newer versions of these packages cannot be verified. - SUSE runs two security mailing lists to which any interested party may subscribe: This email address is being protected from spambots. You need JavaScript enabled to view it. - General Linux and SUSE securitydiscussion. All SUSE security announcements are sent to this list. To subscribe, send an e-mail to . This email address is being protected from spambots. You need JavaScript enabled to view it. - SUSE's announce-only mailing list. Only SUSE's security announcements are sent to this list. To subscribe, send an e-mail to . For general information or the frequently asked questions (FAQ), send mail to or . ==================================================================== SUSE's security contact is or . The public key is listed below. ==================================================================== . Critical update for SUSE to fix local privilege escalation issue in Vixie Cron. Ensure systems are protected now.. SUSE Update, Local Privilege Escalation, Vixie Cron Issue. . Severity: Important. LinuxSecurity.com Team

Calendar 2 May 31, 2006 Important SuSE
Banner 4 1028x280 1708121825 1771600306
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here