openSUSE Recommended Update: Recommended update for keepassxc ______________________________________________________________________________ Announcement ID: openSUSE-RU-2024:0368-1 Rating: low References: #1228824 Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for keepassxc fixes the following issues: - drop runtime dependency on update-desktop-files Patch Instructions: To install this openSUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2024-368=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64): keepassxc-2.7.9-bp156.2.6.1 - openSUSE Backports SLE-15-SP6 (noarch): keepassxc-lang-2.7.9-bp156.2.6.1 References: https://bugzilla.suse.com/1228824 openSUSE Recommended Update: Recommended update for keepassxc ______________________________________________________________________________ Announcement ID: openSUSE-RU-2024:0369-1 Rating: low References: #1228824 Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for keepassxc fixes the following issues: - drop runtime dependency on update-desktop-files Patch Instructions: To install this openSUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-369=1 Package List: - openSUSE Backports SLE-15-SP5 (aarch64 i586 ppc64le s390x x86_64): keepassxc-2.7.9-bp155.2.15.1 - openSUSE Backports SLE-15-SP5 (noarch): keepassxc-lang-2.7.9-bp155.2.15.1 References: https://bugzilla.suse.com/1228824 * CVE-2023-45802 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45802 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2023-45802: Fixed regression with previous fix (bsc#1233165). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3999=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3999=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3999=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3999=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3999=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3999=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3999=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3999=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-3999=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3999=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3999=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3999=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3999=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3999=1 ## Package List: * SUSE Manager Proxy 4.3 (x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Manager Proxy 4.3 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Manager Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-event-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-example-pages-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-event-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * openSUSE Leap 15.4 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-event-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-example-pages-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-event-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * openSUSE Leap 15.5 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-event-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-event-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * Server Applications Module 15-SP5 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * Server Applications Module 15-SP6 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * apache2-doc-2.4.51-150400.6.43.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * apache2-utils-2.4.51-150400.6.43.1 * apache2-prefork-2.4.51-150400.6.43.1 * apache2-prefork-debuginfo-2.4.51-150400.6.43.1 * apache2-devel-2.4.51-150400.6.43.1 * apache2-worker-debuginfo-2.4.51-150400.6.43.1 * apache2-2.4.51-150400.6.43.1 * apache2-utils-debuginfo-2.4.51-150400.6.43.1 * apache2-worker-2.4.51-150400.6.43.1 * apache2-debuginfo-2.4.51-150400.6.43.1 * apache2-debugsource-2.4.51-150400.6.43.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.43.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45802.html * https://bugzilla.suse.com/show_bug.cgi?id=1233165 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for rabbitmq-c fixes the following issue: * Fix default cacert location (bsc#1232541). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3993=1 openSUSE-SLE-15.6-2024-3993=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-3993=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * librabbitmq-devel-0.13.0-150600.3.3.2 * librabbitmq4-0.13.0-150600.3.3.2 * librabbitmq4-debuginfo-0.13.0-150600.3.3.2 * rabbitmq-c-tools-debuginfo-0.13.0-150600.3.3.2 * rabbitmq-c-tools-0.13.0-150600.3.3.2 * rabbitmq-c-debuginfo-0.13.0-150600.3.3.2 * rabbitmq-c-debugsource-0.13.0-150600.3.3.2 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * librabbitmq-devel-0.13.0-150600.3.3.2 * librabbitmq4-0.13.0-150600.3.3.2 * librabbitmq4-debuginfo-0.13.0-150600.3.3.2 * rabbitmq-c-debuginfo-0.13.0-150600.3.3.2 * rabbitmq-c-debugsource-0.13.0-150600.3.3.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1232541 * Server Applications Module 15-SP5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for rabbitmq-c fixes the following issue: * Fix default cacert location (bsc#1232541). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3994=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3994=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3994=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3994=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3994=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3994=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3994=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3994=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3994=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3994=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3994=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3994=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3994=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3994=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * SUSE Manager Proxy 4.3 (x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-tools-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * rabbitmq-c-tools-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-tools-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * rabbitmq-c-tools-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * librabbitmq-devel-0.10.0-150300.5.9.2 * rabbitmq-c-debuginfo-0.10.0-150300.5.9.2 * rabbitmq-c-debugsource-0.10.0-150300.5.9.2 * librabbitmq4-debuginfo-0.10.0-150300.5.9.2 * librabbitmq4-0.10.0-150300.5.9.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1232541 * CVE-2024-50602 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-50602 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for python3-wxPython fixes the following issues: * CVE-2024-50602: Fixed a denial of service in the vendored libexpat's XML_ResumeParser function (bsc#1232590). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3997=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3997=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3997=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3997=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3997=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python3-wxPython-debugsource-4.1.1-150400.10.1 * python3-wxPython-4.1.1-150400.10.1 * python3-wxPython-lang-4.1.1-150400.10.1 * python3-wxPython-debuginfo-4.1.1-150400.10.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python3-wxPython-debugsource-4.1.1-150400.10.1 * python3-wxPython-4.1.1-150400.10.1 * python3-wxPython-lang-4.1.1-150400.10.1 * python3-wxPython-debuginfo-4.1.1-150400.10.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python3-wxPython-debugsource-4.1.1-150400.10.1 * python3-wxPython-4.1.1-150400.10.1 * python3-wxPython-lang-4.1.1-150400.10.1 * python3-wxPython-debuginfo-4.1.1-150400.10.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * python3-wxPython-debugsource-4.1.1-150400.10.1 * python3-wxPython-4.1.1-150400.10.1 * python3-wxPython-debuginfo-4.1.1-150400.10.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * python3-wxPython-debugsource-4.1.1-150400.10.1 * python3-wxPython-4.1.1-150400.10.1 * python3-wxPython-debuginfo-4.1.1-150400.10.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50602.html * https://bugzilla.suse.com/show_bug.cgi?id=1232590 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update of drbd rebuilds it with the correct secure boot signing key. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3991=1 openSUSE-SLE-15.6-2024-3991=1 * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2024-3991=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * drbd-9.1.16-150600.5.2.1 * drbd-debugsource-9.1.16-150600.5.2.1 * drbd-kmp-default-debuginfo-9.1.16_k6.4.0_150600.23.25-150600.5.2.1 * drbd-kmp-default-9.1.16_k6.4.0_150600.23.25-150600.5.2.1 * openSUSE Leap 15.6 (aarch64) * drbd-kmp-64kb-debuginfo-9.1.16_k6.4.0_150600.23.25-150600.5.2.1 * drbd-kmp-64kb-9.1.16_k6.4.0_150600.23.25-150600.5.2.1 * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * drbd-9.1.16-150600.5.2.1 * drbd-debugsource-9.1.16-150600.5.2.1 * drbd-kmp-default-debuginfo-9.1.16_k6.4.0_150600.23.25-150600.5.2.1 * drbd-kmp-default-9.1.16_k6.4.0_150600.23.25-150600.5.2.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1233228 * Desktop Applications Module 15-SP5 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 An update that has one fix can now be installed. ## Description: This update for libvdpau fixes the following issues: * Add libvdpau1-32bit to Desktop Applications 15-SP5 and 15-SP6 (bsc#1233046) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3992=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3992=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-3992=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-3992=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3992=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libvdpau-devel-1.1.1-150000.3.6.1 * libvdpau-debugsource-1.1.1-150000.3.6.1 * libvdpau1-debuginfo-1.1.1-150000.3.6.1 * libvdpau_trace1-debuginfo-1.1.1-150000.3.6.1 * libvdpau_trace1-1.1.1-150000.3.6.1 * libvdpau1-1.1.1-150000.3.6.1 * openSUSE Leap 15.5 (x86_64) * libvdpau1-32bit-debuginfo-1.1.1-150000.3.6.1 * libvdpau-devel-32bit-1.1.1-150000.3.6.1 * libvdpau1-32bit-1.1.1-150000.3.6.1 * libvdpau_trace1-32bit-1.1.1-150000.3.6.1 * libvdpau_trace1-32bit-debuginfo-1.1.1-150000.3.6.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libvdpau-devel-1.1.1-150000.3.6.1 * libvdpau-debugsource-1.1.1-150000.3.6.1 * libvdpau1-debuginfo-1.1.1-150000.3.6.1 * libvdpau_trace1-debuginfo-1.1.1-150000.3.6.1 * libvdpau_trace1-1.1.1-150000.3.6.1 * libvdpau1-1.1.1-150000.3.6.1 * openSUSE Leap 15.6 (x86_64) * libvdpau1-32bit-debuginfo-1.1.1-150000.3.6.1 * libvdpau-devel-32bit-1.1.1-150000.3.6.1 * libvdpau1-32bit-1.1.1-150000.3.6.1 * libvdpau_trace1-32bit-1.1.1-150000.3.6.1 * libvdpau_trace1-32bit-debuginfo-1.1.1-150000.3.6.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libvdpau1-debuginfo-1.1.1-150000.3.6.1 * libvdpau-debugsource-1.1.1-150000.3.6.1 * libvdpau1-1.1.1-150000.3.6.1 * libvdpau-devel-1.1.1-150000.3.6.1 * Desktop Applications Module 15-SP5 (x86_64) * libvdpau1-32bit-1.1.1-150000.3.6.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libvdpau1-debuginfo-1.1.1-150000.3.6.1 * libvdpau-debugsource-1.1.1-150000.3.6.1 * libvdpau1-1.1.1-150000.3.6.1 * libvdpau-devel-1.1.1-150000.3.6.1 * Desktop Applications Module 15-SP6 (x86_64) * libvdpau1-32bit-1.1.1-150000.3.6.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * libvdpau1-1.1.1-150000.3.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1233046 This update for nodejs16 fixes the following issues: * Fix unit tests with OpenSSL 3.1 (bsc#1232756) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3990=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * corepack16-16.20.2-150400.3.39.1 * npm16-16.20.2-150400.3.39.1 * nodejs16-devel-16.20.2-150400.3.39.1 * nodejs16-debugsource-16.20.2-150400.3.39.1 * nodejs16-debuginfo-16.20.2-150400.3.39.1 * nodejs16-16.20.2-150400.3.39.1 * openSUSE Leap 15.4 (noarch) * nodejs16-docs-16.20.2-150400.3.39.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1232756 * CVE-2024-9341 ( SUSE ): 5.8 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-9341 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9341 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9407 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-9407 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9407 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N * CVE-2024-9675 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2024-9675 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-9675 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-9676 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-9676 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-9676 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 An update that solves four vulnerabilities and has one security fix can now be installed. ## Description: This update for buildah fixes the following issues: * CVE-2024-9676: Fixed github.com/containers/storage : symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) (bsc#1231698): * CVE-2024-9675: VUL-0: CVE-2024-9675: buildah,podman: buildah: cache arbitrary directory mount (bsc#1231499): * CVE-2024-9407: Fixed improper input validation in bind-propagation Option of Dockerfile RUN --mount Instruction (bsc#1231208) * CVE-2024-9341: Fixed FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library (bsc#1231230) * Using networking slirp4netns as default instead of pasta on SLE (bsc#1232522). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3988=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3988=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3988=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3988=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3988=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * buildah-1.35.4-150400.3.33.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * buildah-1.35.4-150400.3.33.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * buildah-1.35.4-150400.3.33.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * buildah-1.35.4-150400.3.33.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * buildah-1.35.4-150400.3.33.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9341.html * https://www.suse.com/security/cve/CVE-2024-9407.html * https://www.suse.com/security/cve/CVE-2024-9675.html * https://www.suse.com/security/cve/CVE-2024-9676.html * https://bugzilla.suse.com/show_bug.cgi?id=1231208 * https://bugzilla.suse.com/show_bug.cgi?id=1231230 * https://bugzilla.suse.com/show_bug.cgi?id=1231499 * https://bugzilla.suse.com/show_bug.cgi?id=1231698 * https://bugzilla.suse.com/show_bug.cgi?id=1232522 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 * SUSE Package Hub 15 15-SP6 An update that has one fix can now be installed. ## Description: This update for strongswan fixes the following issue: * FIPS: start selftest on s390x was not working due to empty hmac file (bsc#1232922) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3982=1 openSUSE-SLE-15.6-2024-3982=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3982=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3982=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-3982=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * strongswan-sqlite-debuginfo-5.9.12-150600.3.2.1 * strongswan-nm-5.9.12-150600.3.2.1 * strongswan-mysql-5.9.12-150600.3.2.1 * strongswan-debuginfo-5.9.12-150600.3.2.1 * strongswan-debugsource-5.9.12-150600.3.2.1 * strongswan-5.9.12-150600.3.2.1 * strongswan-ipsec-5.9.12-150600.3.2.1 * strongswan-ipsec-debuginfo-5.9.12-150600.3.2.1 * strongswan-libs0-5.9.12-150600.3.2.1 * strongswan-libs0-debuginfo-5.9.12-150600.3.2.1 * strongswan-sqlite-5.9.12-150600.3.2.1 * strongswan-hmac-5.9.12-150600.3.2.1 * strongswan-mysql-debuginfo-5.9.12-150600.3.2.1 * strongswan-nm-debuginfo-5.9.12-150600.3.2.1 * openSUSE Leap 15.6 (noarch) * strongswan-doc-5.9.12-150600.3.2.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * strongswan-debuginfo-5.9.12-150600.3.2.1 * strongswan-debugsource-5.9.12-150600.3.2.1 * strongswan-5.9.12-150600.3.2.1 * strongswan-ipsec-5.9.12-150600.3.2.1 * strongswan-ipsec-debuginfo-5.9.12-150600.3.2.1 * strongswan-libs0-5.9.12-150600.3.2.1 * strongswan-libs0-debuginfo-5.9.12-150600.3.2.1 * strongswan-hmac-5.9.12-150600.3.2.1 * Basesystem Module 15-SP6 (noarch) * strongswan-doc-5.9.12-150600.3.2.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * strongswan-nm-5.9.12-150600.3.2.1 * strongswan-nm-debuginfo-5.9.12-150600.3.2.1 * strongswan-debugsource-5.9.12-150600.3.2.1 * strongswan-debuginfo-5.9.12-150600.3.2.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * strongswan-nm-5.9.12-150600.3.2.1 * strongswan-nm-debuginfo-5.9.12-150600.3.2.1 * strongswan-debugsource-5.9.12-150600.3.2.1 * strongswan-debuginfo-5.9.12-150600.3.2.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1232922 openSUSE Security Update: Security update for python-PyPDF2 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0367-1 Rating: moderate References: #1198588 Cross-References: CVE-2022-24859 Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python-PyPDF2 fixes the following issues: - CVE-2022-24859: Fixed infinite loop vulnerability (boo#1198588) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-367=1 Package List: - openSUSE Backports SLE-15-SP5 (noarch): python3-PyPDF2-1.26.0-bp155.3.3.1 References: https://www.suse.com/security/cve/CVE-2022-24859.html https://bugzilla.suse.com/1198588 * CVE-2024-45817 ( SUSE ): 6.9 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-45817 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-45818 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-45818 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-45819 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N * CVE-2024-45819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves three vulnerabilities and has two security fixes can now be installed. ## Description: This update for xen fixes the following issues: Security issues fixed: * CVE-2024-45818: xen: Deadlock in x86 HVM standard VGA handling (bsc#1232622) * CVE-2024-45819: xen: libxl leaks data to PVH guests via ACPI tables (bsc#1232624) * CVE-2024-45817: xen: x86: Deadlock in vlapic_error() (bsc#1230366) Non-security issues fixed: * Removed usage of net-tools-deprecated from supportconfig plugin (bsc#1232542) * Upstream bug fixes (bsc#1027519) ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3980=1 openSUSE-SLE-15.5-2024-3980=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3980=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3980=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3980=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3980=1 ## Package List: * openSUSE Leap 15.5 (aarch64 x86_64 i586) * xen-tools-domU-4.17.5_06-150500.3.42.1 * xen-tools-domU-debuginfo-4.17.5_06-150500.3.42.1 * xen-devel-4.17.5_06-150500.3.42.1 * xen-debugsource-4.17.5_06-150500.3.42.1 * xen-libs-4.17.5_06-150500.3.42.1 * xen-libs-debuginfo-4.17.5_06-150500.3.42.1 * openSUSE Leap 15.5 (x86_64) * xen-libs-32bit-4.17.5_06-150500.3.42.1 * xen-libs-32bit-debuginfo-4.17.5_06-150500.3.42.1 * openSUSE Leap 15.5 (aarch64 x86_64) * xen-tools-debuginfo-4.17.5_06-150500.3.42.1 * xen-4.17.5_06-150500.3.42.1 * xen-doc-html-4.17.5_06-150500.3.42.1 * xen-tools-4.17.5_06-150500.3.42.1 * openSUSE Leap 15.5 (noarch) * xen-tools-xendomains-wait-disk-4.17.5_06-150500.3.42.1 * openSUSE Leap 15.5 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.17.5_06-150500.3.42.1 * xen-libs-64bit-4.17.5_06-150500.3.42.1 * openSUSE Leap Micro 5.5 (x86_64) * xen-debugsource-4.17.5_06-150500.3.42.1 * xen-libs-4.17.5_06-150500.3.42.1 * xen-libs-debuginfo-4.17.5_06-150500.3.42.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * xen-debugsource-4.17.5_06-150500.3.42.1 * xen-libs-4.17.5_06-150500.3.42.1 * xen-libs-debuginfo-4.17.5_06-150500.3.42.1 * Basesystem Module 15-SP5 (x86_64) * xen-tools-domU-4.17.5_06-150500.3.42.1 * xen-libs-4.17.5_06-150500.3.42.1 * xen-debugsource-4.17.5_06-150500.3.42.1 * xen-tools-domU-debuginfo-4.17.5_06-150500.3.42.1 * xen-libs-debuginfo-4.17.5_06-150500.3.42.1 * Server Applications Module 15-SP5 (x86_64) * xen-4.17.5_06-150500.3.42.1 * xen-tools-debuginfo-4.17.5_06-150500.3.42.1 * xen-devel-4.17.5_06-150500.3.42.1 * xen-debugsource-4.17.5_06-150500.3.42.1 * xen-tools-4.17.5_06-150500.3.42.1 * Server Applications Module 15-SP5 (noarch) * xen-tools-xendomains-wait-disk-4.17.5_06-150500.3.42.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45817.html * https://www.suse.com/security/cve/CVE-2024-45818.html * https://www.suse.com/security/cve/CVE-2024-45819.html * https://bugzilla.suse.com/show_bug.cgi?id=1027519 * https://bugzilla.suse.com/show_bug.cgi?id=1230366 * https://bugzilla.suse.com/show_bug.cgi?id=1232542 * https://bugzilla.suse.com/show_bug.cgi?id=1232622 * https://bugzilla.suse.com/show_bug.cgi?id=1232624 openSUSE Security Update: Security update for python-PyPDF2 ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0366-1 Rating: moderate References: #1198588 Cross-References: CVE-2022-24859 Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python-PyPDF2 fixes the following issues: - CVE-2022-24859: Fixed infinite loop vulnerability (boo#1198588) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2024-366=1 Package List: - openSUSE Backports SLE-15-SP6 (noarch): python3-PyPDF2-1.26.0-bp156.4.3.1 References: https://www.suse.com/security/cve/CVE-2022-24859.html https://bugzilla.suse.com/1198588 * CVE-2024-45818 ( SUSE ): 8.2 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H * CVE-2024-45818 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H * CVE-2024-45819 ( SUSE ): 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:L/SI:N/SA:N * CVE-2024-45819 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N Affected Products: * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for xen fixes the following issues: * CVE-2024-45818: Fixed deadlock in x86 HVM standard VGA handling (XSA-463) (bsc#1232622). * CVE-2024-45819: Fixed libxl data leaks to PVH guests via ACPI tables (XSA-464) (bsc#1232624). Bug fixes: * Remove usage of net-tools-deprecated from supportconfig plugin (bsc#1232542). ## Special Instructions and Notes: * Please reboot the system after installing this update. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3977=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3977=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3977=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3977=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3977=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3977=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3977=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3977=1 ## Package List: * openSUSE Leap 15.3 (aarch64 x86_64 i586) * xen-debugsource-4.14.6_22-150300.3.84.1 * xen-devel-4.14.6_22-150300.3.84.1 * xen-tools-domU-4.14.6_22-150300.3.84.1 * xen-libs-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-4.14.6_22-150300.3.84.1 * xen-tools-domU-debuginfo-4.14.6_22-150300.3.84.1 * openSUSE Leap 15.3 (x86_64) * xen-libs-32bit-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-32bit-4.14.6_22-150300.3.84.1 * openSUSE Leap 15.3 (aarch64 x86_64) * xen-doc-html-4.14.6_22-150300.3.84.1 * xen-tools-4.14.6_22-150300.3.84.1 * xen-4.14.6_22-150300.3.84.1 * xen-tools-debuginfo-4.14.6_22-150300.3.84.1 * openSUSE Leap 15.3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_22-150300.3.84.1 * openSUSE Leap 15.3 (aarch64_ilp32) * xen-libs-64bit-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-64bit-4.14.6_22-150300.3.84.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * xen-4.14.6_22-150300.3.84.1 * xen-debugsource-4.14.6_22-150300.3.84.1 * xen-devel-4.14.6_22-150300.3.84.1 * xen-tools-domU-4.14.6_22-150300.3.84.1 * xen-tools-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-4.14.6_22-150300.3.84.1 * xen-tools-4.14.6_22-150300.3.84.1 * xen-tools-domU-debuginfo-4.14.6_22-150300.3.84.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_22-150300.3.84.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * xen-4.14.6_22-150300.3.84.1 * xen-debugsource-4.14.6_22-150300.3.84.1 * xen-devel-4.14.6_22-150300.3.84.1 * xen-tools-domU-4.14.6_22-150300.3.84.1 * xen-tools-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-4.14.6_22-150300.3.84.1 * xen-tools-4.14.6_22-150300.3.84.1 * xen-tools-domU-debuginfo-4.14.6_22-150300.3.84.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_22-150300.3.84.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * xen-4.14.6_22-150300.3.84.1 * xen-debugsource-4.14.6_22-150300.3.84.1 * xen-devel-4.14.6_22-150300.3.84.1 * xen-tools-domU-4.14.6_22-150300.3.84.1 * xen-tools-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-4.14.6_22-150300.3.84.1 * xen-tools-4.14.6_22-150300.3.84.1 * xen-tools-domU-debuginfo-4.14.6_22-150300.3.84.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_22-150300.3.84.1 * SUSE Enterprise Storage 7.1 (x86_64) * xen-4.14.6_22-150300.3.84.1 * xen-debugsource-4.14.6_22-150300.3.84.1 * xen-devel-4.14.6_22-150300.3.84.1 * xen-tools-domU-4.14.6_22-150300.3.84.1 * xen-tools-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-4.14.6_22-150300.3.84.1 * xen-tools-4.14.6_22-150300.3.84.1 * xen-tools-domU-debuginfo-4.14.6_22-150300.3.84.1 * SUSE Enterprise Storage 7.1 (noarch) * xen-tools-xendomains-wait-disk-4.14.6_22-150300.3.84.1 * SUSE Linux Enterprise Micro 5.1 (x86_64) * xen-debugsource-4.14.6_22-150300.3.84.1 * xen-libs-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-4.14.6_22-150300.3.84.1 * SUSE Linux Enterprise Micro 5.2 (x86_64) * xen-debugsource-4.14.6_22-150300.3.84.1 * xen-libs-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-4.14.6_22-150300.3.84.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * xen-debugsource-4.14.6_22-150300.3.84.1 * xen-libs-debuginfo-4.14.6_22-150300.3.84.1 * xen-libs-4.14.6_22-150300.3.84.1 ## References: * https://www.suse.com/security/cve/CVE-2024-45818.html * https://www.suse.com/security/cve/CVE-2024-45819.html * https://bugzilla.suse.com/show_bug.cgi?id=1232542 * https://bugzilla.suse.com/show_bug.cgi?id=1232622 * https://bugzilla.suse.com/show_bug.cgi?id=1232624 This update for mysql-connector-java fixes the following issues: * Added alias to mysql:mysql-connector-java ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3975=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3975=1 ## Package List: * openSUSE Leap 15.5 (noarch) * mysql-connector-java-8.4.0-150200.3.27.1 * openSUSE Leap 15.6 (noarch) * mysql-connector-java-8.4.0-150200.3.27.1 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature can now be installed. ## Description: This update for cosign fixes the following issues: cosign was updated to 2.4.0 (jsc#SLE-23879) * Add new bundle support to verify-blob and verify-blob-attestation (#3796) * Adding protobuf bundle support to sign-blob and attest-blob (#3752) * Bump sigstore/sigstore to support email_verified as string or boolean (#3819) * Conformance testing for cosign (#3806) * move incremental builds per commit to GHCR instead of GCR (#3808) * Add support for recording creation timestamp for cosign attest (#3797) * Include SCT verification failure details in error message (#3799) * Set CGO_ENABLED=1 for fixing s390x failed build Update to 2.3.0 (jsc#SLE-23879): * Features * Add PayloadProvider interface to decouple AttestationToPayloadJSON from oci.Signature interface (#3693) * add registry options to cosign save (#3645) * Add debug providers command. (#3728) * Make config layers in ociremote mountable (#3741) * adds tsa cert chain check for env var or tuf targets. (#3600) * add --ca-roots and --ca-intermediates flags to 'cosign verify' (#3464) * add handling of keyless verification for all verify commands (#3761) * Bug Fixes * fix: close attestationFile (#3679) * Set bundleVerified to true after Rekor verification (Resolves #3740) (#3745) * Documentation * Document ImportKeyPair and LoadPrivateKey functions in pkg/cosign (#3776) * add completion subpackages (bash, fish, zsh) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3974=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3974=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3974=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3974=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3974=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3974=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3974=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3974=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3974=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3974=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3974=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3974=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3974=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * cosign-debuginfo-2.4.0-150400.3.23.1 * cosign-2.4.0-150400.3.23.1 * openSUSE Leap 15.4 (noarch) * cosign-fish-completion-2.4.0-150400.3.23.1 * cosign-bash-completion-2.4.0-150400.3.23.1 * cosign-zsh-completion-2.4.0-150400.3.23.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * cosign-2.4.0-150400.3.23.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * cosign-debuginfo-2.4.0-150400.3.23.1 * cosign-2.4.0-150400.3.23.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * cosign-2.4.0-150400.3.23.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * cosign-debuginfo-2.4.0-150400.3.23.1 * cosign-2.4.0-150400.3.23.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * cosign-2.4.0-150400.3.23.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * cosign-2.4.0-150400.3.23.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * cosign-2.4.0-150400.3.23.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * cosign-2.4.0-150400.3.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * cosign-2.4.0-150400.3.23.1 * SUSE Manager Proxy 4.3 (x86_64) * cosign-2.4.0-150400.3.23.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * cosign-2.4.0-150400.3.23.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * cosign-2.4.0-150400.3.23.1 ## References: * https://jira.suse.com/browse/SLE-23879 * Version update to v1.2 * Change the shutdown behavior so that EGLExtPlatformExports::unloadEGLExternalPlatform is called while the internal EGLDisplays are still valid. * Added a meson.build file to generate the pkg-config file. It's also set up so that you can use eglexternalplatform as a Meson subproject. * Interface supported on 560.* and later drivers. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3967=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3967=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3967=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * eglexternalplatform-devel-1.2-150400.3.3.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * eglexternalplatform-devel-1.2-150400.3.3.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * eglexternalplatform-devel-1.2-150400.3.3.2 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Server 15 SP6 An update that can now be installed. ## Description: This update for spack fixes the following issues: * spack was updated from version 0.21.2 to 0.21.3: * Bugs fixed: * Forward compatibility with Spack 0.23 packages with language dependencies. * Forward compatibility with `urllib` from Python 3.12.6+. * Bump archspec to 0.2.5-dev for better aarch64 support. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3969=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3969=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3969=1 * HPC Module 15-SP5 zypper in -t patch SUSE-SLE-Module-HPC-15-SP5-2024-3969=1 * HPC Module 15-SP6 zypper in -t patch SUSE-SLE-Module-HPC-15-SP6-2024-3969=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3969=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3969=1 ## Package List: * openSUSE Leap 15.4 (noarch) * spack-info-0.21.3-150400.18.1 * spack-recipes-0.21.3-150400.18.1 * spack-0.21.3-150400.18.1 * spack-man-0.21.3-150400.18.1 * openSUSE Leap 15.5 (noarch) * spack-info-0.21.3-150400.18.1 * spack-0.21.3-150400.18.1 * spack-man-0.21.3-150400.18.1 * spack-recipes-0.21.3-150400.18.1 * openSUSE Leap 15.6 (noarch) * spack-info-0.21.3-150400.18.1 * spack-0.21.3-150400.18.1 * spack-man-0.21.3-150400.18.1 * spack-recipes-0.21.3-150400.18.1 * HPC Module 15-SP5 (noarch) * spack-info-0.21.3-150400.18.1 * spack-0.21.3-150400.18.1 * spack-man-0.21.3-150400.18.1 * spack-recipes-0.21.3-150400.18.1 * HPC Module 15-SP6 (noarch) * spack-info-0.21.3-150400.18.1 * spack-0.21.3-150400.18.1 * spack-man-0.21.3-150400.18.1 * spack-recipes-0.21.3-150400.18.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * spack-info-0.21.3-150400.18.1 * spack-0.21.3-150400.18.1 * spack-man-0.21.3-150400.18.1 * spack-recipes-0.21.3-150400.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * spack-info-0.21.3-150400.18.1 * spack-0.21.3-150400.18.1 * spack-man-0.21.3-150400.18.1 * spack-recipes-0.21.3-150400.18.1 This update for spack fixes the following issues: * spack was updated from version 0.21.2 to 0.21.3: * Bugs fixed: * Forward compatibility with Spack 0.23 packages with language dependencies. * Forward compatibility with `urllib` from Python 3.12.6+. * Bump archspec to 0.2.5-dev for better aarch64 support. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3970=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3970=1 ## Package List: * openSUSE Leap 15.3 (noarch) * spack-recipes-0.21.3-150300.18.1 * spack-man-0.21.3-150300.18.1 * spack-0.21.3-150300.18.1 * spack-info-0.21.3-150300.18.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * spack-man-0.21.3-150300.18.1 * spack-recipes-0.21.3-150300.18.1 * spack-0.21.3-150300.18.1 * spack-info-0.21.3-150300.18.1 * Basesystem Module 15-SP6 * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 An update that can now be installed. ## Description: This update for mojo-parent fixes the following issues: xalan-j2 was updated from version 2.7.2 to 2.7.3: * Security issues fixed: * CVE-2022-34169: Fixed integer truncation issue when processing malicious XSLT stylesheets (bsc#1201684) * Changes and Bugs fixed: * Java 8 is now the minimum requirement * Upgraded to Apache Commons BCEL 6.7.0 * Upgraded to Xerces-J 2.12.2 mojo-parent was updated from version 70 to 82: * Main changes: * Potentially Breaking Changes: * mojo.java.target should be set as "8", without "1." * spotless plugin must be executed by JDK 11 at least * ossrh-snapshots repository was removed from parent * New features and improvements: * Removed SHA-512 checksum for source release artifact * Use only project version as tag for release * Added space before close empty elements in poms by spotless * Using Checkstyle together with Spotless * Introduce spotless for automatic code formatting * Introduce enforcer rule for minimal version of Java and Maven * Use new Plugin Tools report - maven-plugin-report-plugin * Added sisu-maven-plugin * Introduced maven.version property * Execute spotless by JDK 11 at least * Use release options for m-compiler-p with newer JDKs * Allow override of invoker.streamLogsOnFailures * Require Maven 3.9.x at least for releases * Added maven-wrapper-plugin to pluginManagement * Removed ossrh-snapshots repository from MojoHaus parent * Added build-helper-maven-plugin to pluginManagement * Require Maven 3.6.3+ * Updated palantirJavaFormat for spotless - JDK 21 compatible * Added dependencyManagement for maven-shade-plugin * Dropped recommendedJavaBuildVersion property * Format Markdown files with Spotless Plugin * Bugs fixed: * Restore source release distribution in child projects * Rename property maven.version to mavenVersion * minimalMavenBuildVersion should not be overriding by mavenVersion * Use simple checkstyle rules since spotless is executed by default * Use old spotless version only for JDK < 11 * Fixed spotless configuration for markdown * Other changes: * Removed Google search box due to privacy * Put version for mrm-maven-plugin in property * Added streamLogsOnFailures to m-invoker-p * Added property for maven-fluido-skin version * Setup Apache Matomo analytics * Require Maven 3.2.5 * Added SHA-512 hashes * Extract plugin version as variable so child pom can override if needed * Removed issue-tracking as no longer exists * Removed cim report as no longer exists bcel was updated from version 5.2 to 6.10: * Many APIs have been extended * Added riscv64 support * Various bugs were fixed apache-commons-lang3 was updated to version 3.12.0 to 3.16.0: * Included new APIs that are needed by bcel 6.x * Various minor bugs were fixed xerces-j2: * Improved RPM packaging build instructions netty3: * Generate sources with protobuf instead of using pre-generated ones ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3971=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3971=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3971=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3971=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3971=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3971=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3971=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3971=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3971=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3971=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3971=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3971=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3971=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3971=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3971=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3971=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3971=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-3971=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3971=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-3971=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3971=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3971=1 ## Package List: * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Manager Proxy 4.3 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * SUSE Manager Retail Branch Server 4.3 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * SUSE Manager Server 4.3 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * SUSE Enterprise Storage 7.1 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * openSUSE Leap 15.5 (noarch) * xalan-j2-demo-2.7.3-150200.11.7.1 * apache-commons-lang3-javadoc-3.16.0-150200.3.9.2 * xalan-j2-2.7.3-150200.11.7.1 * xerces-j2-javadoc-2.12.2-150200.3.10.2 * xalan-j2-xsltc-2.7.3-150200.11.7.1 * mojo-parent-82-150200.3.10.1 * netty3-javadoc-3.10.6-150200.3.13.2 * netty3-3.10.6-150200.3.13.2 * xerces-j2-demo-2.12.2-150200.3.10.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * xalan-j2-manual-2.7.3-150200.11.7.1 * openSUSE Leap 15.6 (noarch) * xalan-j2-demo-2.7.3-150200.11.7.1 * apache-commons-lang3-javadoc-3.16.0-150200.3.9.2 * xalan-j2-2.7.3-150200.11.7.1 * xerces-j2-javadoc-2.12.2-150200.3.10.2 * xalan-j2-xsltc-2.7.3-150200.11.7.1 * mojo-parent-82-150200.3.10.1 * netty3-javadoc-3.10.6-150200.3.13.2 * netty3-3.10.6-150200.3.13.2 * xerces-j2-demo-2.12.2-150200.3.10.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * xalan-j2-manual-2.7.3-150200.11.7.1 * Basesystem Module 15-SP5 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * Basesystem Module 15-SP6 (noarch) * apache-commons-lang3-3.16.0-150200.3.9.2 * xalan-j2-2.7.3-150200.11.7.1 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * Development Tools Module 15-SP5 (noarch) * apache-commons-lang3-3.16.0-150200.3.9.2 * netty3-3.10.6-150200.3.13.2 * Development Tools Module 15-SP6 (noarch) * netty3-3.10.6-150200.3.13.2 * SUSE Manager Server 4.3 Module 4.3 (noarch) * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * xalan-j2-2.7.3-150200.11.7.1 * netty3-3.10.6-150200.3.13.2 * bcel-6.10.0-150200.11.6.2 * xerces-j2-2.12.2-150200.3.10.2 * apache-commons-lang3-3.16.0-150200.3.9.2 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has two fixes can now be installed. ## Description: This update for s390-tools fixes the following issue: * Amended the *_configure scripts to update again SUSE's specific file (bsc#1232474, bsc#1216257). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3972=1 openSUSE-SLE-15.6-2024-3972=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3972=1 ## Package List: * openSUSE Leap 15.6 (s390x x86_64) * s390-tools-debugsource-2.31.0-150600.8.12.3 * s390-tools-debuginfo-2.31.0-150600.8.12.3 * s390-tools-2.31.0-150600.8.12.3 * openSUSE Leap 15.6 (s390x) * s390-tools-chreipl-fcp-mpath-2.31.0-150600.8.12.3 * s390-tools-hmcdrvfs-2.31.0-150600.8.12.3 * s390-tools-hmcdrvfs-debuginfo-2.31.0-150600.8.12.3 * libekmfweb1-2.31.0-150600.8.12.3 * osasnmpd-debuginfo-2.31.0-150600.8.12.3 * libekmfweb1-debuginfo-2.31.0-150600.8.12.3 * libkmipclient1-debuginfo-2.31.0-150600.8.12.3 * libekmfweb1-devel-2.31.0-150600.8.12.3 * libkmipclient1-2.31.0-150600.8.12.3 * s390-tools-zdsfs-debuginfo-2.31.0-150600.8.12.3 * s390-tools-zdsfs-2.31.0-150600.8.12.3 * osasnmpd-2.31.0-150600.8.12.3 * libkmipclient1-devel-2.31.0-150600.8.12.3 * openSUSE Leap 15.6 (noarch) * s390-tools-genprotimg-data-2.31.0-150600.8.12.3 * Basesystem Module 15-SP6 (s390x) * s390-tools-chreipl-fcp-mpath-2.31.0-150600.8.12.3 * s390-tools-hmcdrvfs-2.31.0-150600.8.12.3 * s390-tools-hmcdrvfs-debuginfo-2.31.0-150600.8.12.3 * libekmfweb1-2.31.0-150600.8.12.3 * osasnmpd-debuginfo-2.31.0-150600.8.12.3 * libekmfweb1-debuginfo-2.31.0-150600.8.12.3 * libkmipclient1-debuginfo-2.31.0-150600.8.12.3 * libekmfweb1-devel-2.31.0-150600.8.12.3 * libkmipclient1-2.31.0-150600.8.12.3 * s390-tools-zdsfs-debuginfo-2.31.0-150600.8.12.3 * s390-tools-zdsfs-2.31.0-150600.8.12.3 * osasnmpd-2.31.0-150600.8.12.3 * Basesystem Module 15-SP6 (s390x x86_64) * s390-tools-debugsource-2.31.0-150600.8.12.3 * s390-tools-debuginfo-2.31.0-150600.8.12.3 * s390-tools-2.31.0-150600.8.12.3 * Basesystem Module 15-SP6 (noarch) * s390-tools-genprotimg-data-2.31.0-150600.8.12.3 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1216257 * https://bugzilla.suse.com/show_bug.cgi?id=1232474 * CVE-2023-45802 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45802 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 * SUSE Package Hub 15 15-SP5 An update that solves one vulnerability can now be installed. ## Description: This update for apache2 fixes the following issues: * CVE-2023-45802: HTTP/2 stream memory not reclaimed right away on RST (bsc#1216423). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3961=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3961=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3961=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3961=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3961=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-3961=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3961=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3961=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3961=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3961=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3961=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3961=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3961=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3961=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-example-pages-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-event-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-event-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * openSUSE Leap 15.4 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-example-pages-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-event-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-event-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * openSUSE Leap 15.5 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-event-debuginfo-2.4.51-150400.6.40.1 * apache2-event-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * Server Applications Module 15-SP5 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * Server Applications Module 15-SP6 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Manager Proxy 4.3 (x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Manager Proxy 4.3 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.40.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * apache2-devel-2.4.51-150400.6.40.1 * apache2-utils-debuginfo-2.4.51-150400.6.40.1 * apache2-worker-debuginfo-2.4.51-150400.6.40.1 * apache2-debugsource-2.4.51-150400.6.40.1 * apache2-2.4.51-150400.6.40.1 * apache2-utils-2.4.51-150400.6.40.1 * apache2-prefork-2.4.51-150400.6.40.1 * apache2-worker-2.4.51-150400.6.40.1 * apache2-debuginfo-2.4.51-150400.6.40.1 * apache2-prefork-debuginfo-2.4.51-150400.6.40.1 * SUSE Manager Server 4.3 (noarch) * apache2-doc-2.4.51-150400.6.40.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45802.html * https://bugzilla.suse.com/show_bug.cgi?id=1216423 * CVE-2024-21208 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-21208 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21208 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21210 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-21210 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21210 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21217 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-21217 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21217 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21235 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-21235 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21235 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Legacy Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities can now be installed. ## Description: This update for java-17-openjdk fixes the following issues: * Update to upstream tag jdk-17.0.13+11 (October 2024 CPU) * Security fixes * JDK-8307383: Enhance DTLS connections * JDK-8290367, JDK-8332643: Update default value and extend the scope of com.sun.jndi.ldap.object.trustSerialData system property * JDK-8328286, CVE-2024-21208, bsc#1231702: Enhance HTTP client * JDK-8328544, CVE-2024-21210, bsc#1231711: Improve handling of vectorization * JDK-8328726: Better Kerberos support * JDK-8331446, CVE-2024-21217, bsc#1231716: Improve deserialization support * JDK-8332644, CVE-2024-21235, bsc#1231719: Improve graph optimizations * JDK-8335713: Enhance vectorization analysis * Other changes * JDK-7022325: TEST_BUG: test/java/util/zip/ZipFile/ /ReadLongZipFileName.java leaks files if it fails * JDK-7026262: HttpServer: improve handling of finished HTTP exchanges * JDK-7124313: [macosx] Swing Popups should overlap taskbar * JDK-8005885: enhance PrintCodeCache to print more data * JDK-8051959: Add thread and timestamp options to java.security.debug system property * JDK-8170817: G1: Returning MinTLABSize from unsafe_max_tlab_alloc causes TLAB flapping * JDK-8183227: read/write APIs in class os shall return ssize_t * JDK-8193547: Regression automated test '/open/test/jdk/java/ /awt/Toolkit/DesktopProperties/rfe4758438.java' fails * JDK-8222884: ConcurrentClassDescLookup.java times out intermittently * JDK-8233725: ProcessTools.startProcess() has output issues when using an OutputAnalyzer at the same time * JDK-8238169: BasicDirectoryModel getDirectories and DoChangeContents.run can deadlock * JDK-8241550: [macOS] SSLSocketImpl/ReuseAddr.java failed due to "BindException: Address already in use" * JDK-8255898: Test java/awt/FileDialog/FilenameFilterTest/ /FilenameFilterTest.java fails on Mac OS * JDK-8256291: RunThese30M fails "assert(_class_unload ? true : ((((JfrTraceIdBits::load(class_loader_klass)) & ((1 << 4) << 8)) != 0))) failed: invariant" * JDK-8257540: javax/swing/JFileChooser/8041694/bug8041694.java failed with "RuntimeException: The selected directory name is not the expected 'd ' but 'D '." * JDK-8259866: two java.util tests failed with "IOException: There is not enough space on the disk" * JDK-8260633: [macos] java/awt/dnd/MouseEventAfterStartDragTest/ /MouseEventAfterStartDragTest.html test failed * JDK-8261433: Better pkcs11 performance for libpkcs11:C_EncryptInit/libpkcs11:C_DecryptInit * JDK-8263031: HttpClient throws Exception if it receives a Push Promise that is too large * JDK-8265919: RunThese30M fails "assert((!(((((JfrTraceIdBits::load(value)) & ((1 << 4) << 8)) != 0))))) failed: invariant" * JDK-8269428: java/util/concurrent/ConcurrentHashMap/ /ToArray.java timed out * JDK-8269657: Test java/nio/channels/DatagramChannel/ /Loopback.java failed: Unexpected message * JDK-8272232: javax/swing/JTable/4275046/bug4275046.java failed with "Expected value in the cell: 'rededited' but found 'redEDITED'." * JDK-8272558: IR Test Framework README misses some flags * JDK-8272777: Clean up remaining AccessController warnings in test library * JDK-8273216: JCMD does not work across container boundaries with Podman * JDK-8273430: Suspicious duplicate condition in java.util.regex.Grapheme#isExcludedSpacingMark * JDK-8273541: Cleaner Thread creates with normal priority instead of MAX_PRIORITY - 2 * JDK-8275851: Deproblemlist open/test/jdk/javax/swing/ /JComponent/6683775/bug6683775.java * JDK-8276660: Scalability bottleneck in java.security.Provider.getService() * JDK-8277042: add test for 8276036 to compiler/codecache * JDK-8279068: IGV: Update to work with JDK 16 and 17 * JDK-8279164: Disable TLS_ECDH_* cipher suites * JDK-8279222: Incorrect legacyMap.get in java.security.Provider after JDK-8276660 * JDK-8279337: The MToolkit is still referenced in a few places * JDK-8279641: Create manual JTReg tests for Swing accessibility * JDK-8279878: java/awt/font/JNICheck/JNICheck.sh test fails on Ubuntu 21.10 * JDK-8280034: ProblemList jdk/jfr/api/consumer/recordingstream/ /TestOnEvent.java on linux-x64 * JDK-8280392: java/awt/Focus/NonFocusableWindowTest/ /NonfocusableOwnerTest.java failed with "RuntimeException: Test failed." * JDK-8280970: Cleanup dead code in java.security.Provider * JDK-8280982: [Wayland] [XWayland] java.awt.Robot taking screenshots * JDK-8280988: [XWayland] Click on title to request focus test failures * JDK-8280990: [XWayland] XTest emulated mouse click does not bring window to front * JDK-8280993: [XWayland] Popup is not closed on click outside of area controlled by XWayland * JDK-8280994: [XWayland] Drag and Drop does not work in java -> wayland app direction * JDK-8281944: JavaDoc throws java.lang.IllegalStateException: ERRONEOUS * JDK-8282354: Remove dependancy of TestHttpServer, HttpTransaction, HttpCallback from open/test/jdk/ tests * JDK-8282526: Default icon is not painted properly * JDK-8283728: jdk.hotspot.agent: Wrong location for RISCV64ThreadContext.java * JDK-8284316: Support accessibility ManualTestFrame.java for non SwingSet tests * JDK-8284585: PushPromiseContinuation test fails intermittently in timeout * JDK-8285497: Add system property for Java SE specification maintenance version * JDK-8288568: Reduce runtime of java.security microbenchmarks * JDK-8289182: NMT: MemTracker::baseline should return void * JDK-8290966: G1: Record number of PLAB filled and number of direct allocations * JDK-8291760: PipelineLeaksFD.java still fails: More or fewer pipes than expected * JDK-8292044: HttpClient doesn't handle 102 or 103 properly * JDK-8292739: Invalid legacy entries may be returned by Provider.getServices() call * JDK-8292948: JEditorPane ignores font-size styles in external linked css-file * JDK-8293862: javax/swing/JFileChooser/8046391/bug8046391.java failed with 'Cannot invoke "java.awt.Image.getWidth(java.awt.image.ImageObserver)" because "retVal" is null' * JDK-8293872: Make runtime/Thread/ThreadCountLimit.java more robust * JDK-8294148: Support JSplitPane for instructions and test UI * JDK-8294691: dynamicArchive/RelativePath.java is running other test case * JDK-8294994: Update Jarsigner and Keytool i18n tests to validate i18n compliance * JDK-8295111: dpkg appears to have problems resolving symbolically linked native libraries * JDK-8296410: HttpClient throws java.io.IOException: no statuscode in response for HTTP2 * JDK-8296812: sprintf is deprecated in Xcode 14 * JDK-8297878: KEM: Implementation * JDK-8298381: Improve handling of session tickets for multiple SSLContexts * JDK-8298596: vmTestbase/nsk/sysdict/vm/stress/chain/chain008/ /chain008.java fails with "NoClassDefFoundError: Could not initialize class java.util.concurrent.ThreadLocalRandom" * JDK-8298809: Clean up vm/compiler/InterfaceCalls JMH * JDK-8299058: AssertionError in sun.net.httpserver.ServerImpl when connection is idle * JDK-8299254: Support dealing with standard assert macro * JDK-8299378: sprintf is deprecated in Xcode 14 * JDK-8299395: Remove metaprogramming/removeCV.hpp * JDK-8299396: Remove metaprogramming/removeExtent.hpp * JDK-8299397: Remove metaprogramming/isFloatingPoint.hpp * JDK-8299398: Remove metaprogramming/isConst.hpp * JDK-8299399: Remove metaprogramming/isArray.hpp * JDK-8299402: Remove metaprogramming/isVolatile.hpp * JDK-8299479: Remove metaprogramming/decay.hpp * JDK-8299481: Remove metaprogramming/removePointer.hpp * JDK-8299482: Remove metaprogramming/isIntegral.hpp * JDK-8299487: Test java/net/httpclient/whitebox/ /SSLTubeTestDriver.java timed out * JDK-8299635: Hotspot update for deprecated sprintf in Xcode 14 * JDK-8299779: Test tools/jpackage/share/jdk/jpackage/tests/ /MainClassTest.java timed out * JDK-8299813: java/nio/channels/DatagramChannel/Disconnect.java fails with jtreg test timeout due to lost datagram * JDK-8299971: Remove metaprogramming/conditional.hpp * JDK-8299972: Remove metaprogramming/removeReference.hpp * JDK-8300169: Build failure with clang-15 * JDK-8300260: Remove metaprogramming/isSame.hpp * JDK-8300264: Remove metaprogramming/isPointer.hpp * JDK-8300265: Remove metaprogramming/isSigned.hpp * JDK-8300806: Update googletest to v1.13.0 * JDK-8300910: Remove metaprogramming/integralConstant.hpp * JDK-8301132: Test update for deprecated sprintf in Xcode 14 * JDK-8301200: Don't scale timeout stress with timeout factor * JDK-8301274: update for deprecated sprintf for security components * JDK-8301279: update for deprecated sprintf for management components * JDK-8301686: TLS 1.3 handshake fails if server_name doesn't match resuming session * JDK-8301704: Shorten the number of GCs in UnloadingTest.java to verify a class loader not being unloaded * JDK-8302495: update for deprecated sprintf for java.desktop * JDK-8302800: Augment NaN handling tests of FDLIBM methods * JDK-8303216: Prefer ArrayList to LinkedList in sun.net.httpserver.ServerImpl * JDK-8303466: C2: failed: malformed control flow. Limit type made precise with MaxL/MinL * JDK-8303527: update for deprecated sprintf for jdk.hotspot.agent * JDK-8303617: update for deprecated sprintf for jdk.jdwp.agent * JDK-8303830: update for deprecated sprintf for jdk.accessibility * JDK-8303891: Speed up Zip64SizeTest using a small ZIP64 file * JDK-8303920: Avoid calling out to python in DataDescriptorSignatureMissing test * JDK-8303942: os::write should write completely * JDK-8303965: java.net.http.HttpClient should reset the stream if response headers contain malformed header fields * JDK-8304375: jdk/jfr/api/consumer/filestream/TestOrdered.java failed with "Expected at least some events to be out of order! Reuse = false" * JDK-8304962: sun/net/www/http/KeepAliveCache/B5045306.java: java.lang.RuntimeException: Failed: Initial Keep Alive Connection is not being reused * JDK-8304963: HttpServer closes connection after processing HEAD after JDK-7026262 * JDK-8305072: Win32ShellFolder2.compareTo is inconsistent * JDK-8305079: Remove finalize() from compiler/c2/Test719030 * JDK-8305081: Remove finalize() from test/hotspot/jtreg/compiler/runtime/Test8168712 * JDK-8305825: getBounds API returns wrong value resulting in multiple Regression Test Failures on Ubuntu 23.04 * JDK-8305959: x86: Improve itable_stub * JDK-8306583: Add JVM crash check in CDSTestUtils.executeAndLog * JDK-8306929: Avoid CleanClassLoaderDataMetaspaces safepoints when previous versions are shared * JDK-8306946: jdk/test/lib/process/ /ProcessToolsStartProcessTest.java fails with "wrong number of lines in OutputAnalyzer output" * JDK-8307091: A few client tests intermittently throw ConcurrentModificationException * JDK-8307193: Several Swing jtreg tests use class.forName on L&F classes * JDK-8307352: AARCH64: Improve itable_stub * JDK-8307448: Test RedefineSharedClassJFR fail due to wrong assumption * JDK-8307779: Relax the java.awt.Robot specification * JDK-8307848: update for deprecated sprintf for jdk.attach * JDK-8307850: update for deprecated sprintf for jdk.jdi * JDK-8308022: update for deprecated sprintf for java.base * JDK-8308144: Uncontrolled memory consumption in SSLFlowDelegate.Reader * JDK-8308184: Launching java with large number of jars in classpath with java.protocol.handler.pkgs system property set can lead to StackOverflowError * JDK-8308801: update for deprecated sprintf for libnet in java.base * JDK-8308891: TestCDSVMCrash.java needs @requires vm.cds * JDK-8309241: ClassForNameLeak fails intermittently as the class loader hasn't been unloaded * JDK-8309621: [XWayland][Screencast] screen capture failure with sun.java2d.uiScale other than 1 * JDK-8309703: AIX build fails after JDK-8280982 * JDK-8309756: Occasional crashes with pipewire screen capture on Wayland * JDK-8309934: Update GitHub Actions to use JDK 17 for building jtreg * JDK-8310070: Test: javax/net/ssl/DTLS/DTLSWontNegotiateV10.java timed out * JDK-8310108: Skip ReplaceCriticalClassesForSubgraphs when EnableJVMCI is specified * JDK-8310201: Reduce verbose locale output in -XshowSettings launcher option * JDK-8310334: [XWayland][Screencast] screen capture error message in debug * JDK-8310628: GcInfoBuilder.c missing JNI Exception checks * JDK-8310683: Refactor StandardCharset/standard.java to use JUnit * JDK-8311208: Improve CDS Support * JDK-8311666: Disabled tests in test/jdk/sun/java2d/marlin * JDK-8312049: runtime/logging/ClassLoadUnloadTest can be improved * JDK-8312140: jdk/jshell tests failed with JDI socket timeouts * JDK-8312229: Crash involving yield, switch and anonymous classes * JDK-8313256: Exclude failing multicast tests on AIX * JDK-8313394: Array Elements in OldObjectSample event has the incorrect description * JDK-8313674: (fc) java/nio/channels/FileChannel/ /BlockDeviceSize.java should test for more block devices * JDK-8313697: [XWayland][Screencast] consequent getPixelColor calls are slow * JDK-8313873: java/nio/channels/DatagramChannel/ /SendReceiveMaxSize.java fails on AIX due to small default RCVBUF size and different IPv6 Header interpretation * JDK-8313901: [TESTBUG] test/hotspot/jtreg/compiler/codecache/ /CodeCacheFullCountTest.java fails with java.lang.VirtualMachineError * JDK-8314476: TestJstatdPortAndServer.java failed with "java.rmi.NoSuchObjectException: no such object in table" * JDK-8314614: jdk/jshell/ImportTest.java failed with "InternalError: Failed remote listen" * JDK-8314837: 5 compiled/codecache tests ignore VM flags * JDK-8315024: Vector API FP reduction tests should not test for exact equality * JDK-8315362: NMT: summary diff reports threads count incorrectly * JDK-8315422: getSoTimeout() would be in try block in SSLSocketImpl * JDK-8315437: Enable parallelism in vmTestbase/nsk/monitoring/stress/classload tests * JDK-8315442: Enable parallelism in vmTestbase/nsk/monitoring/stress/thread tests * JDK-8315559: Delay TempSymbol cleanup to avoid symbol table churn * JDK-8315576: compiler/codecache/CodeCacheFullCountTest.java fails after JDK-8314837 * JDK-8315651: Stop hiding AIX specific multicast socket errors via NetworkConfiguration (aix) * JDK-8315684: Parallelize sun/security/util/math/TestIntegerModuloP.java * JDK-8315774: Enable parallelism in vmTestbase/gc/g1/unloading tests * JDK-8315804: Open source several Swing JTabbedPane JTextArea JTextField tests * JDK-8315936: Parallelize gc/stress/TestStressG1Humongous.java test * JDK-8315965: Open source various AWT applet tests * JDK-8316104: Open source several Swing SplitPane and RadioButton related tests * JDK-8316193: jdk/jfr/event/oldobject/TestListenerLeak.java java.lang.Exception: Could not find leak * JDK-8316211: Open source several manual applet tests * JDK-8316240: Open source several add/remove MenuBar manual tests * JDK-8316285: Opensource JButton manual tests * JDK-8316306: Open source and convert manual Swing test * JDK-8316328: Test jdk/jfr/event/oldobject/ /TestSanityDefault.java times out for some heap sizes * JDK-8316387: Exclude more failing multicast tests on AIX after JDK-8315651 * JDK-8316389: Open source few AWT applet tests * JDK-8316468: os::write incorrectly handles partial write * JDK-8316973: GC: Make TestDisableDefaultGC use createTestJvm * JDK-8317112: Add screenshot for Frame/DefaultSizeTest.java * JDK-8317228: GC: Make TestXXXHeapSizeFlags use createTestJvm * JDK-8317288: [macos] java/awt/Window/Grab/GrabTest.java: Press on the outside area didn't cause ungrab * JDK-8317316: G1: Make TestG1PercentageOptions use createTestJvm * JDK-8317343: GC: Make TestHeapFreeRatio use createTestJvm * JDK-8317358: G1: Make TestMaxNewSize use createTestJvm * JDK-8317360: Missing null checks in JfrCheckpointManager and JfrStringPool initialization routines * JDK-8317372: Refactor some NumberFormat tests to use JUnit * JDK-8317635: Improve GetClassFields test to verify correctness of field order * JDK-8317831: compiler/codecache/CheckLargePages.java fails on OL 8.8 with unexpected memory string * JDK-8318039: GHA: Bump macOS and Xcode versions * JDK-8318089: Class space not marked as such with NMT when CDS is off * JDK-8318474: Fix memory reporter for thread_count * JDK-8318479: [jmh] the test security.CacheBench failed for multiple threads run * JDK-8318605: Enable parallelism in vmTestbase/nsk/stress/stack tests * JDK-8318696: Do not use LFS64 symbols on Linux * JDK-8318986: Improve GenericWaitBarrier performance * JDK-8319103: Popups that request focus are not shown on Linux with Wayland * JDK-8319197: Exclude hb-subset and hb-style from compilation * JDK-8319406: x86: Shorter movptr(reg, imm) for 32-bit immediates * JDK-8319713: Parallel: Remove PSAdaptiveSizePolicy::should_full_GC * JDK-8320079: The ArabicBox.java test has no control buttons * JDK-8320379: C2: Sort spilling/unspilling sequence for better ld/st merging into ldp/stp on AArch64 * JDK-8320602: Lock contention in SchemaDVFactory.getInstance() * JDK-8320608: Many jtreg printing tests are missing the @printer keyword * JDK-8320655: awt screencast robot spin and sync issues with native libpipewire api * JDK-8320692: Null icon returned for .exe without custom icon * JDK-8320945: problemlist tests failing on latest Windows 11 update * JDK-8321025: Enable Neoverse N1 optimizations for Neoverse V2 * JDK-8321176: [Screencast] make a second attempt on screencast failure * JDK-8321220: JFR: RecordedClass reports incorrect modifiers * JDK-8322008: Exclude some CDS tests from running with -Xshare:off * JDK-8322330: JavadocHelperTest.java OOMEs with Parallel GC and ZGC * JDK-8322726: C2: Unloaded signature class kills argument value * JDK-8322971: KEM.getInstance() should check if a 3rd-party security provider is signed * JDK-8323122: AArch64: Increase itable stub size estimate * JDK-8323584: AArch64: Unnecessary ResourceMark in NativeCall::set_destination_mt_safe * JDK-8323670: A few client tests intermittently throw ConcurrentModificationException * JDK-8323801: <s> tag doesn't strikethrough the text * JDK-8324577: [REDO] - [IMPROVE] OPEN_MAX is no longer the max limit on macOS >= 10.6 for RLIMIT_NOFILE * JDK-8324646: Avoid Class.forName in SecureRandom constructor * JDK-8324648: Avoid NoSuchMethodError when instantiating NativePRNG * JDK-8324668: JDWP process management needs more efficient file descriptor handling * JDK-8324753: [AIX] adjust os_posix after JDK-8318696 * JDK-8324755: Enable parallelism in vmTestbase/gc/gctests/LargeObjects tests * JDK-8324933: ConcurrentHashTable::statistics_calculate synchronization is expensive * JDK-8325022: Incorrect error message on client authentication * JDK-8325179: Race in BasicDirectoryModel.validateFileCache * JDK-8325194: GHA: Add macOS M1 testing * JDK-8325384: sun/security/ssl/SSLSessionImpl/ /ResumptionUpdateBoundValues.java failing intermittently when main thread is a virtual thread * JDK-8325444: GHA: JDK-8325194 causes a regression * JDK-8325567: jspawnhelper without args fails with segfault * JDK-8325620: HTMLReader uses ConvertAction instead of specified CharacterAction for <b>, <i>, <u> * JDK-8325621: Improve jspawnhelper version checks * JDK-8325754: Dead AbstractQueuedSynchronizer$ConditionNodes survive minor garbage collections * JDK-8326106: Write and clear stack trace table outside of safepoint * JDK-8326332: Unclosed inline tags cause misalignment in summary tables * JDK-8326446: The User and System of jdk.CPULoad on Apple M1 are inaccurate * JDK-8326734: text-decoration applied to <span> lost when mixed with <u> or <s> * JDK-8327007: javax/swing/JSpinner/8008657/bug8008657.java fails * JDK-8327137: Add test for ConcurrentModificationException in BasicDirectoryModel * JDK-8327312: [17u] Problem list ReflectionCallerCacheTest.java due to 8324978 * JDK-8327424: ProblemList serviceability/sa/TestJmapCore.java on all platforms with ZGC * JDK-8327650: Test java/nio/channels/DatagramChannel/ /StressNativeSignal.java timed out * JDK-8327787: Convert javax/swing/border/Test4129681.java applet test to main * JDK-8327840: Automate javax/swing/border/Test4129681.java * JDK-8328011: Convert java/awt/Frame/GetBoundsResizeTest/ /GetBoundsResizeTest.java applet test to main * JDK-8328075: Shenandoah: Avoid forwarding when objects don't move in full-GC * JDK-8328110: Allow simultaneous use of PassFailJFrame with split UI and additional windows * JDK-8328115: Convert java/awt/font/TextLayout/ /TestJustification.html applet test to main * JDK-8328158: Convert java/awt/Choice/NonFocusablePopupMenuTest to automatic main test * JDK-8328218: Delete test java/awt/Window/FindOwner/FindOwner.html * JDK-8328234: Remove unused nativeUtils files * JDK-8328238: Convert few closed manual applet tests to main * JDK-8328269: NonFocusablePopupMenuTest.java should be marked as headful * JDK-8328273: sun/management/jmxremote/bootstrap/ /RmiRegistrySslTest.java failed with java.rmi.server.ExportException: Port already in use * JDK-8328560: java/awt/event/MouseEvent/ClickDuringKeypress/ /ClickDuringKeypress.java imports Applet * JDK-8328561: test java/awt/Robot/ManualInstructions/ /ManualInstructions.java isn't used * JDK-8328642: Convert applet test MouseDraggedOutCauseScrollingTest.html to main * JDK-8328647: TestGarbageCollectorMXBean.java fails with C1-only and -Xcomp * JDK-8328896: Fontmetrics for large Fonts has zero width * JDK-8328953: JEditorPane.read throws ChangedCharSetException * JDK-8328999: Update GIFlib to 5.2.2 * JDK-8329004: Update Libpng to 1.6.43 * JDK-8329103: assert(!thread->in_asgct()) failed during multi-mode profiling * JDK-8329109: Threads::print_on() tries to print CPU time for terminated GC threads * JDK-8329126: No native wrappers generated anymore with -XX:-TieredCompilation after JDK-8251462 * JDK-8329134: Reconsider TLAB zapping * JDK-8329510: Update ProblemList for JFileChooser/8194044/FileSystemRootTest.java * JDK-8329559: Test javax/swing/JFrame/bug4419914.java failed because The End and Start buttons are not placed correctly and Tab focus does not move as expected * JDK-8329605: hs errfile generic events - move memory protections and nmethod flushes to separate sections * JDK-8329663: hs_err file event log entry for thread adding/removing should print current thread * JDK-8329667: [macos] Issue with JTree related fix for JDK-8317771 * JDK-8329995: Restricted access to `/proc` can cause JFR initialization to crash * JDK-8330063: Upgrade jQuery to 3.7.1 * JDK-8330524: Linux ppc64le compile warning with clang in os_linux_ppc.cpp * JDK-8330611: AES-CTR vector intrinsic may read out of bounds (x86_64, AVX-512) * JDK-8330615: avoid signed integer overflows in zip_util.c readCen / hashN * JDK-8331011: [XWayland] TokenStorage fails under Security Manager * JDK-8331063: Some HttpClient tests don't report leaks * JDK-8331077: nroff man page update for jar tool * JDK-8331164: createJMHBundle.sh download jars fail when url needed to be redirected * JDK-8331265: Bump update version for OpenJDK: jdk-17.0.13 * JDK-8331331: :tier1 target explanation in doc/testing.md is incorrect * JDK-8331466: Problemlist serviceability/dcmd/gc/ /RunFinalizationTest.java on generic-all * JDK-8331605: jdk/test/lib/TestMutuallyExclusivePlatformPredicates.java test failure * JDK-8331746: Create a test to verify that the cmm id is not ignored * JDK-8331798: Remove unused arg of checkErgonomics() in TestMaxHeapSizeTools.java * JDK-8331885: C2: meet between unloaded and speculative types is not symmetric * JDK-8332008: Enable issuestitle check * JDK-8332113: Update nsk.share.Log to be always verbose * JDK-8332174: Remove 2 (unpaired) RLO Unicode characters in ff_Adlm.xml * JDK-8332248: (fc) java/nio/channels/FileChannel/ /BlockDeviceSize.java failed with RuntimeException * JDK-8332424: Update IANA Language Subtag Registry to Version 2024-05-16 * JDK-8332524: Instead of printing "TLSv1.3," it is showing "TLS13" * JDK-8332898: failure_handler: log directory of commands * JDK-8332936: Test vmTestbase/metaspace/gc/watermark_70_80/ /TestDescription.java fails with no GC's recorded * JDK-8333270: HandlersOnComplexResetUpdate and HandlersOnComplexUpdate tests fail with "Unexpected reference" if timeoutFactor is less than 1/3 * JDK-8333353: Delete extra empty line in CodeBlob.java * JDK-8333398: Uncomment the commented test in test/jdk/java/ /util/jar/JarFile/mrjar/MultiReleaseJarAPI.java * JDK-8333477: Delete extra empty spaces in Makefiles * JDK-8333698: [17u] TestJstatdRmiPort fails after JDK-8333667 * JDK-8333716: Shenandoah: Check for disarmed method before taking the nmethod lock * JDK-8333724: Problem list security/infra/java/security/cert/ /CertPathValidator/certification/CAInterop.java #teliasonerarootcav1 * JDK-8333804: java/net/httpclient/ForbiddenHeadTest.java threw an exception with 0 failures * JDK-8334166: Enable binary check * JDK-8334297: (so) java/nio/channels/SocketChannel/OpenLeak.java should not depend on SecurityManager * JDK-8334332: TestIOException.java fails if run by root * JDK-8334333: MissingResourceCauseTestRun.java fails if run by root * JDK-8334335: [TESTBUG] Backport of 8279164 to 11u & 17u includes elements of JDK-8163327 * JDK-8334339: Test java/nio/file/attribute/ /BasicFileAttributeView/CreationTime.java fails on alinux3 * JDK-8334418: Update IANA Language Subtag Registry to Version 2024-06-14 * JDK-8334482: Shenandoah: Deadlock when safepoint is pending during nmethods iteration * JDK-8334600: TEST java/net/MulticastSocket/IPMulticastIF.java fails on linux-aarch64 * JDK-8334653: ISO 4217 Amendment 177 Update * JDK-8334769: Shenandoah: Move CodeCache_lock close to its use in ShenandoahConcurrentNMethodIterator * JDK-8335536: Fix assertion failure in IdealGraphPrinter when append is true * JDK-8335775: Remove extraneous 's' in comment of rawmonitor.cpp test file * JDK-8335808: update for deprecated sprintf for jfrTypeSetUtils * JDK-8335918: update for deprecated sprintf for jvmti * JDK-8335967: "text-decoration: none" does not work with "A" HTML tags * JDK-8336301: test/jdk/java/nio/channels/ /AsyncCloseAndInterrupt.java leaves around a FIFO file upon test completion * JDK-8336928: GHA: Bundle artifacts removal broken * JDK-8337038: Test java/nio/file/attribute/ /BasicFileAttributeView/CreationTime.java shoud set as /native * JDK-8337283: configure.log is truncated when build dir is on different filesystem * JDK-8337664: Distrust TLS server certificates issued after Oct 2024 and anchored by Entrust Root CAs * JDK-8337669: [17u] Backport of JDK-8284047 missed to delete a file * JDK-8338139: {ClassLoading,Memory}MXBean::isVerbose methods are inconsistent with their setVerbose methods * JDK-8338696: (fs) BasicFileAttributes.creationTime() falls back to epoch if birth time is unavailable (Linux) * JDK-8339869: [21u] Test CreationTime.java fails with UnsatisfiedLinkError after 8334339 * JDK-8341057: Add 2 SSL.com TLS roots * JDK-8341059: Change Entrust TLS distrust date to November 12, 2024 * JDK-8341673: [17u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 17.0.13 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3963=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3963=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3963=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3963=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3963=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3963=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3963=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3963=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3963=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3963=1 * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-3963=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3963=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3963=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3963=1 ## Package List: * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * SUSE Manager Proxy 4.3 (x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-jmods-17.0.13.0-150400.3.48.2 * java-17-openjdk-src-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * openSUSE Leap 15.4 (noarch) * java-17-openjdk-javadoc-17.0.13.0-150400.3.48.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-jmods-17.0.13.0-150400.3.48.2 * java-17-openjdk-src-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * openSUSE Leap 15.5 (noarch) * java-17-openjdk-javadoc-17.0.13.0-150400.3.48.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-jmods-17.0.13.0-150400.3.48.2 * java-17-openjdk-src-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * openSUSE Leap 15.6 (noarch) * java-17-openjdk-javadoc-17.0.13.0-150400.3.48.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * java-17-openjdk-headless-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-debugsource-17.0.13.0-150400.3.48.2 * java-17-openjdk-devel-17.0.13.0-150400.3.48.2 * java-17-openjdk-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-headless-debuginfo-17.0.13.0-150400.3.48.2 * java-17-openjdk-demo-17.0.13.0-150400.3.48.2 * java-17-openjdk-17.0.13.0-150400.3.48.2 ## References: * https://www.suse.com/security/cve/CVE-2024-21208.html * https://www.suse.com/security/cve/CVE-2024-21210.html * https://www.suse.com/security/cve/CVE-2024-21217.html * https://www.suse.com/security/cve/CVE-2024-21235.html * https://bugzilla.suse.com/show_bug.cgi?id=1231702 * https://bugzilla.suse.com/show_bug.cgi?id=1231711 * https://bugzilla.suse.com/show_bug.cgi?id=1231716 * https://bugzilla.suse.com/show_bug.cgi?id=1231719 * CVE-2024-50602 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-50602 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-50602 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python-wxPython fixes the following issues: Security issue fixed: * CVE-2024-50602: Fixed a denial of service in the vendored libexpat's XML_ResumeParser function (bsc#1232590). Non-security issues fixed: * rebuilt for python 3.11 (bsc#1228252). * add repack script, do not include packaging/ dir in sources * Reduce complexity by not rewriting subpackages at all. * Appease factory-auto bot about package src name. * Add additional patches fixing the situation with Python 3.10 compatibility. * Split out the TW python3 flavors into multibuild using the python_subpackage_only mechanism: Multiple python3 flavors sequentially require too much space and time in one build. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3964=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3964=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python311-wxPython-debugsource-4.1.1-150400.3.8.1 * python311-wxPython-lang-4.1.1-150400.3.8.1 * python311-wxPython-debuginfo-4.1.1-150400.3.8.1 * python311-wxPython-4.1.1-150400.3.8.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python311-wxPython-debugsource-4.1.1-150400.3.8.1 * python311-wxPython-lang-4.1.1-150400.3.8.1 * python311-wxPython-debuginfo-4.1.1-150400.3.8.1 * python311-wxPython-4.1.1-150400.3.8.1 ## References: * https://www.suse.com/security/cve/CVE-2024-50602.html * https://bugzilla.suse.com/show_bug.cgi?id=1228252 * https://bugzilla.suse.com/show_bug.cgi?id=1232590 openSUSE Optional Update: Optional update for python3-djangorestframework, python3-djangorestframework-simplejwt, python3-pytest-django ______________________________________________________________________________ Announcement ID: openSUSE-OU-2024:0365-1 Rating: moderate References: #1177205 Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python3-djangorestframework, python3-djangorestframework-simplejwt, python3-pytest-django fixes the following issues: This update ships: - python3-pytest-django: in version 3.9.0 - python3-djangorestframework: in version 3.11.2. - python3-djangorestframework-simplejwt: in version 4.6.0 Patch Instructions: To install this openSUSE Optional Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2024-365=1 Package List: - openSUSE Backports SLE-15-SP6 (noarch): python3-djangorestframework-3.11.2-bp156.5.1 python3-djangorestframework-simplejwt-4.6.0-bp156.4.1 python3-pytest-django-3.9.0-bp156.4.1 References: https://www.suse.com/security/cve/CVE-2020-25626.html https://bugzilla.suse.com/1177205 openSUSE Security Update: Security update for virtualbox ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0364-1 Rating: important References: #1231225 #1231735 #1231736 #1231737 #1231738 Cross-References: CVE-2024-21248 CVE-2024-21259 CVE-2024-21263 CVE-2024-21273 Affected Products: openSUSE Backports SLE-15-SP6 openSUSE Leap 15.6 ______________________________________________________________________________ An update that solves four vulnerabilities and has one errata is now available. Description: This update for virtualbox fixes the following issues: Update to release 7.1.4: * NAT: Fixed DHCP problems with certain guests when domain is empty * VMSVGA: Improved flickering, black screen and other screen update issues with recent Linux kernels * Linux Guest Additions: Introduce initial support for kernel 6.12 * EFI: Added missing LsiLogic MPT SCSI driver again to fix booting from devices attached to this device if the EFI firmware is used (7.1.0 regression) * EFI: Restored broken network boot support (7.1.0 regression) * Adressed CVE-2024-21248 [boo#1231735], CVE-2024-21273 [boo#1231736], CVE-2024-21259 [boo#1231737], CVE-2024-21263 [boo#1231738] - Make the Extension Pack work with our compiler flags and RT_NOEXCEPT choices. [boo#1231225] Update to release 7.1: * The GUI now offers a selection between Basic and Experienced user level with reduced or full UI functionality. * VRDE: If user does not set up TLS with custom certificates, enable it with self-signed certificate, including issuing a new one before the old one expires * NAT: New engine with IPv6 support. * Linux host and guest: Added Wayland support for Clipboard sharing. - Changed license from Gpl-2.0 to Gpl-3.0 Version bump to VirtualBox 7.0.20 (released July 16 2024 by Oracle)) This is a maintenance release. The following items were fixed and/or added: - TPM: Fixed errors appearing the event viewer with Windows guests - macOS Hosts: Fixed passing USB devices to the VM (bug #21218) - Audio: Fixed recording with HDA emulation after newer Windows 10 / 11 guests got rebooted - USB: Fixed a deadlock in OHCI triggered when saving the current state of a VM or taking a snapshot (bug #22059) - Linux Guest and Host: Introduced initial support for OpenSuse 15.6 kernel - Linux Guest and Host: Introduced initial support for RHEL 9.5 kernel (bug #22099) - Guest Additions: Shared Clipboard: Fixed issue when extra new lines were pasted when copying text between Win and X11 (bug #21716) - UEFI Secure Boot: Add new Microsoft certificates to list for new VMs Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.6: zypper in -t patch openSUSE-2024-364=1 - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2024-364=1 Package List: - openSUSE Leap 15.6 (x86_64): python3-virtualbox-7.1.4-lp156.2.4.1 python3-virtualbox-debuginfo-7.1.4-lp156.2.4.1 virtualbox-7.1.4-lp156.2.4.1 virtualbox-debuginfo-7.1.4-lp156.2.4.1 virtualbox-debugsource-7.1.4-lp156.2.4.1 virtualbox-devel-7.1.4-lp156.2.4.1 virtualbox-guest-tools-7.1.4-lp156.2.4.1 virtualbox-guest-tools-debuginfo-7.1.4-lp156.2.4.1 virtualbox-kmp-debugsource-7.1.4-lp156.2.4.1 virtualbox-kmp-default-7.1.4_k6.4.0_150600.23.25-lp156.2.4.1 virtualbox-kmp-default-debuginfo-7.1.4_k6.4.0_150600.23.25-lp156.2.4.1 virtualbox-qt-7.1.4-lp156.2.4.1 virtualbox-qt-debuginfo-7.1.4-lp156.2.4.1 virtualbox-vnc-7.1.4-lp156.2.4.1 virtualbox-websrv-7.1.4-lp156.2.4.1 virtualbox-websrv-debuginfo-7.1.4-lp156.2.4.1 - openSUSE Leap 15.6 (noarch): virtualbox-guest-desktop-icons-7.1.4-lp156.2.4.1 virtualbox-guest-source-7.1.4-lp156.2.4.1 virtualbox-host-source-7.1.4-lp156.2.4.1 - openSUSE Backports SLE-15-SP6 (aarch64 ppc64le x86_64): kbuild-0.1.9998+svn3613-bp156.2.3.1 kbuild-debuginfo-0.1.9998+svn3613-bp156.2.3.1 kbuild-debugsource-0.1.9998+svn3613-bp156.2.3.1 References: https://www.suse.com/security/cve/CVE-2024-21248.html https://www.suse.com/security/cve/CVE-2024-21259.html https://www.suse.com/security/cve/CVE-2024-21263.html https://www.suse.com/security/cve/CVE-2024-21273.html https://bugzilla.suse.com/1231225 https://bugzilla.suse.com/1231735 https://bugzilla.suse.com/1231736 https://bugzilla.suse.com/1231737 https://bugzilla.suse.com/1231738 openSUSE Recommended Update: Recommended update for AusweisApp ______________________________________________________________________________ Announcement ID: openSUSE-RU-2024:0360-1 Rating: moderate References: #1231686 Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for AusweisApp fixes the following issues: - Enforce use of legacy OpenSSL API to be able to use smartcards. - New upstream release + Version 2.2.2 - Visual adjustments and optimization of the graphical user interface. - Optimization of accessibility and keyboard operability. - Addition of the Android ABIs armeabi-v7a and x86_64 in addition to arm64-v8a in the SDK. - New upstream release + Version 2.2.1 - Visual adjustments and optimization of the graphical user interface. - Optimization of accessibility and keyboard usability. - Prevention of the display of external content in the graphical user interface. - Support for smartphones with Android 15 where optimized memory management has been activated. - Support for 16 KB page sizes on Android. - Stabilization of the iOS SDK during fast restarts. - Correction of the behavior when using Qt 6.6.3. - Avoidance of a log file within the container in the container SDK. - Update of the Android NDK to r27b (27.1.12297006). - Update of the Android SDK Platform to Android 15 (API level 35). - Update of OpenSSL to version 3.3.2. - Add missing libQt6Svg6 runtime dependency to Requires - New upstream release + Version 2.2.0 - Visual adjustments and optimization of the graphical user interface. - Display of the old and new device name when using "Smartphone as card reader" if the name of a device has changed. - An information page has been added at the end of an authentication before forwarding to the service provider. - Increased the time allowed to respond to card commands on Android to support badges that have switched to a safe slow mode after too many incorrect CAN entries. - Improved accessibility options. - Support for Android 8 has been discontinued. - The "Smartphone as card reader" function now requires at least version 2.1.0. - Support for ChromeOS has been added. - Support for key lengths smaller than 3000 bits has been discontinued. - Changelog added to the documentation for the SDK. - Functional extension of the SDK (see changelog). - Update of Qt to version 6.7.2. - Update of OpenSSL to version 3.3.1. Patch Instructions: To install this openSUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2024-360=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 ppc64le s390x x86_64): AusweisApp-2.2.2-bp156.5.1 References: https://bugzilla.suse.com/1231686 openSUSE Recommended Update: Recommended update for opi ______________________________________________________________________________ Announcement ID: openSUSE-RU-2024:0359-1 Rating: moderate References: Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that has 0 recommended fixes can now be installed. Description: This update for opi fixes the following issues: - Version 5.4.0 * Show key ID when importing or deleting package signing keys * Add option to install google-chrome-canary - Version 5.3.0 * Fix tests for new zypper version * fix doblue slash in packman repo url * Add Plugin to install Libation Patch Instructions: To install this openSUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2024-359=1 Package List: - openSUSE Backports SLE-15-SP6 (noarch): opi-5.4.0-bp156.2.9.1 References: openSUSE Recommended Update: Recommended update for kanidm ______________________________________________________________________________ Announcement ID: openSUSE-RU-2024:0361-1 Rating: moderate References: Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that has 0 recommended fixes can now be installed. Description: This update for kanidm fixes the following issues: - Update to version 1.4.0~git2.770efa8: * Resolve incorrect handling of rhost in pam (#3171) - Update to version 1.4.0~git1.c297c3f: * Docker makefile latest * Release 1.4.0 * chore: Made oauth2 scopes required in CLI (#3165) * More "choosing a domain" revision (#3161) * Update missing inputmode numeric when adding a new TOTP. (#3160) * Improve OAuth2 authorisation ux (#3158) * Fix attribute scim sync attribute naming (#3159) * Change to text input and use numeric mode for TOTP prompts. (#3154) * Fix release note date and typos (#3153) * Release 1.4.0-pre * Release Notes (#3149) * Remove WASM (#3148) * Rewrite "choosing a domain", add other considerations (#3147) * Harmonize UI and remove unused css (#3033) * ripping out some extra packages (#3146) * OAuth2 Device flow foundations (#3098) * htmx by default (#3145) * Support reloading via systemd (#3144) * Chore: Refactor Groups to be more generic (#3136) * 20241024 1271 cert reload on SIGHUP (#3140) * Update docs, improve locking (#3141) * 2856 - use tags for containers on build (#3139) * Fix image when too smol (#3138) * yale's rabbit-hole-chasing-htmx-fixing-megapatch (#3135) * ipinfo should be single value (#3137) * Tidy the reauth ui (#3130) * Add missing schemas to get OpenAPI validation to pass. (#3129) * Change some OperationError into HTTP Bad Request (400). (#3125) * Bump the all group with 11 updates (#3127) * Bump the all group in /pykanidm with 5 updates (#3128) * Fill in some Swagger API docs for a few v1 endpoints. (#3126) * Diagram Improvements in Book (#3124) * Fix passkey auth flow redirects (#3123) * Improve handling of inaccesible shadow file (#3122) * Log HTTP Not Found (404) as info log level. (#3119) * more errors for the people (#3121) * 20241017 unixd home (#3113) * 20241017 3107 token ttl (#3114) * docs: Update kanidm_ppa instructions for new repo logic (#3117) * fix(lint) minor lint fix for unnecessary match use (#3118) * Totp input changes (#3115) * Add the strict flag on client creates for developers (#3111) * Working scim entry get for person (#3088) * Add nss testframework and fallback when daemon offline (#3093) * Improve deb packaging, add aarch64 (#3083) * Cache buster buster (#3091) * fix(http): status content type should be JSON (#3096) * Bump the all group across 1 directory with 7 updates (#3106) * Bump the all group across 1 directory with 10 updates (#3103) * 20241012 attr name SCIM fix (#3102) * Scim add EntryReference (#3079) * Bump the all group across 1 directory with 3 updates (#3094) * Fix Increment Replication Post Upgrade (#3089) * Remove white background from square logo (#3087) * Add support for group extension (#3081) * 20240921 ssh keys and unix password in credential update session (#3056) * Fix landing and redirect URLs for GitLab, add some useful links (#3055) * [htmx] Make it harder to miss the save button on the cred update page (#3013) * Add example Outline config (#3076) * 20240925 cleanups (#3060) * Add instructions for unlinking Homebrew Rust on macOS (#3085) * Don't reprompt for login when no session exists in cli (#3082) * Make good on some TechDebt (#3084) * Feat: Adding POSIX Password fallback (#3067) * Bump the all group across 1 directory with 13 updates (#3080) * Complete the implementation of the posix account cache (#3041) * 20240926 tech debt (#3066) * Fix migration of last mod cid (#3065) * Increase totp secret size (#3061) * Bump mozilla-actions/sccache-action from 0.0.5 to 0.0.6 in the all group (#3075) * Improve pipe handling on linux (#3069) * reformat oauth2 URL list, highlight legacy bits (#3062) * scim_proto: fix incorrect language tag (#3064) * Add ownCloud example config (#3059) * Add example config for JetBrains Hub / YouTrack (#3058) * Bump the all group with 8 updates (#3053) * Bump the all group in /pykanidm with 3 updates (#3054) * Document basic authenticating GitLab to Kanidm (#3050) * fix(doc): updating docker container ref (#3049) * Resolve incorrect SCIM Sync serialisation (#3047) * CLI image error nicening (#3037) * Add rfc7009 and rfc7662 metadata to oidc discovery (#3046) * More openapi tweaks (#3038) * Bump the all group with 6 updates (#3044) * Bump the all group in /pykanidm with 3 updates (#3043) * fix(docs): make it clearer that bearer auth is a thing (#3031) * implements additional traits for filter types (#3036) * 20240810 SCIM entry basic (#3032) * CreatedAt/ModifiedAt fix (#3034) * Pykanidm fixes (#3030) * 20240906 Attribute as an Enum Type (#3025) * Bump the all group with 9 updates (#3029) * Bump the all group in /pykanidm with 4 updates (#3028) * Credentials page/Self cred update flow UI improvements (#3012) * 20240828 Support Larger Images, Allow Custom Domain Icons (#3016) * MemberOf in search implies DirectMemberOf (#3024) * fix(kanidm): don't allow empty string fields on CLI (#3018) * Bump cryptography from 42.0.4 to 43.0.1 in /pykanidm in the pip group (#3023) * generate completions for elvish and fish (#3015) * Bump the all group with 4 updates (#3021) * Bump the all group in /pykanidm with 3 updates (#3022) * 20240820 SCIM value (#2992) * fix(daemon): handling IPv6 addresses in healthcheck (#3004) * fix(webui): Javascript errors after server-side update blocking login. Fixed after cache invalidating (#3011) * OAuth2 Token Type (#3008) * Bump the all group in /pykanidm with 4 updates (#3007) * Bump the all group with 8 updates (#3006) * Spattering of oauth2 stuff (#3000) * Doc multi instance (#2997) * Expose group rename (#2999) * feat: self cred update flow (#2995) * Better Error Message (#2998) * Add missing group for application admin (#2991) * enforcen den clippen (#2990) * 20240817 group mail acp (#2982) * 20240810 application passwords (#2968) * Bump the all group with 17 updates (#2986) * Bump the all group in /pykanidm with 3 updates (#2985) * Mail substr index (#2981) * Doc format, add api-token section (#2975) * [HTMX] small profile improvements (#2974) * Foundations of pam/nss multi resolver * TLS, no seriously. (#2963) * Update suse.md to avoid Authentication token manipulation error (#2973) * Add Alpine Linux installation instructions (#2871) * Bump the all group across 1 directory with 10 updates (#2966) * [HTMX] User settings (#2929) * Bump the all group in /pykanidm with 2 updates (#2965) * Docs updates (#2961) * Bump aiohttp from 3.10.0 to 3.10.2 in /pykanidm in the pip group (#2962) * Prevent bug in pam (#2960) * Improve migration error message (#2959) * Fix incorrect logic in cred update flow (#2956) * Docker-and-docs-fixes (#2954) * Bump the all group in /pykanidm with 5 updates (#2952) * Bump the all group with 10 updates (#2953) * Added orca flag to extend privileged authentication expiry (#2949) * In honour of SebaT, error on db lock acq timeout (#2947) * Add measurement of lock acquisition (#2946) * [htmx] Credential Update page (#2897) * Update to 1.4.0-dev (#2943) Patch Instructions: To install this openSUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2024-361=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 x86_64): kanidm-1.4.0~git2.770efa8-bp156.7.1 kanidm-clients-1.4.0~git2.770efa8-bp156.7.1 kanidm-docs-1.4.0~git2.770efa8-bp156.7.1 kanidm-server-1.4.0~git2.770efa8-bp156.7.1 kanidm-unixd-clients-1.4.0~git2.770efa8-bp156.7.1 References: openSUSE Recommended Update: Recommended update for stressapptest ______________________________________________________________________________ Announcement ID: openSUSE-RU-2024:0362-1 Rating: moderate References: #1227462 Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that has one recommended fix can now be installed. Description: This update for stressapptest fixes the following issues: - Configure with --enable-default-optimizations to get the tool compiled with correct definitions (boo#1227462). - Update to v1.0.11 * Bugfixes and compiler compatibility updates. * LoongArch, MIPS support * aarch64 vector instruction support Patch Instructions: To install this openSUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2024-362=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64): stressapptest-1.0.11-bp156.5.3.1 References: https://bugzilla.suse.com/1227462 openSUSE Security Update: Security update for qbittorrent ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0358-1 Rating: moderate References: #1232731 Cross-References: CVE-2024-51774 Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for qbittorrent fixes the following issues: - Update to version 5.0.1 (fixes boo#1232731 CVE-2024-51774) Added features: * Add "Simple pread/pwrite" disk IO type Bug fixes: * Don't ignore SSL errors (boo#1232731 CVE-2024-51774) * Don't try to apply Mark-of-the-Web to nonexistent files * Disable "Move to trash" option by default * Disable the ability to create torrents with a piece size of 256MiB * Allow to choose Qt style * Always notify user about duplicate torrent * Correctly handle "torrent finished after move" event * Correctly apply filename filter when `!qB` extension is enabled * Improve color scheme change detection * Fix button state for SSL certificate check Web UI: * Fix CSS that results in hidden torrent list in some browsers * Use proper text color to highlight items in all filter lists * Fix 'rename files' dialog cannot be opened more than once * Fix UI of Advanced Settings to show all settings * Free resources allocated by web session once it is destructed Search: * Import correct libraries Other changes: * Sync flag icons with upstream Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2024-358=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 ppc64le s390x x86_64): qbittorrent-5.0.1-bp156.3.6.1 qbittorrent-nox-5.0.1-bp156.3.6.1 References: https://www.suse.com/security/cve/CVE-2024-51774.html https://bugzilla.suse.com/1232731 * CVE-2024-21208 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-21208 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21208 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21210 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-21210 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21210 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-21217 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-21217 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21217 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-21235 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-21235 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-21235 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for java-21-openjdk fixes the following issues: * Update to upstream tag jdk-21.0.5+13 (October 2024 CPU) * Security fixes * JDK-8307383: Enhance DTLS connections * JDK-8311208: Improve CDS Support * JDK-8328286, CVE-2024-21208, bsc#1231702: Enhance HTTP client * JDK-8328544, CVE-2024-21210, bsc#1231711: Improve handling of vectorization * JDK-8328726: Better Kerberos support * JDK-8331446, CVE-2024-21217, bsc#1231716: Improve deserialization support * JDK-8332644, CVE-2024-21235, bsc#1231719: Improve graph optimizations * JDK-8335713: Enhance vectorization analysis * Other changes * JDK-6355567: AdobeMarkerSegment causes failure to read valid JPEG * JDK-6967482: TAB-key does not work in JTables after selecting details-view in JFileChooser * JDK-7022325: TEST_BUG: test/java/util/zip/ZipFile/ /ReadLongZipFileName.java leaks files if it fails * JDK-8051959: Add thread and timestamp options to java.security.debug system property * JDK-8073061: (fs) Files.copy(foo, bar, REPLACE_EXISTING) deletes bar even if foo is not readable * JDK-8166352: FilePane.createDetailsView() removes JTable TAB, SHIFT-TAB functionality * JDK-8170817: G1: Returning MinTLABSize from unsafe_max_tlab_alloc causes TLAB flapping * JDK-8211847: [aix] java/lang/ProcessHandle/InfoTest.java fails: "reported cputime less than expected" * JDK-8211854: [aix] java/net/ServerSocket/ /AcceptInheritHandle.java fails: read times out * JDK-8222884: ConcurrentClassDescLookup.java times out intermittently * JDK-8238169: BasicDirectoryModel getDirectories and DoChangeContents.run can deadlock * JDK-8241550: [macOS] SSLSocketImpl/ReuseAddr.java failed due to "BindException: Address already in use" * JDK-8242564: javadoc crashes:: class cast exception com.sun.tools.javac.code.Symtab$6 * JDK-8260633: [macos] java/awt/dnd/MouseEventAfterStartDragTest/ /MouseEventAfterStartDragTest.html test failed * JDK-8261433: Better pkcs11 performance for libpkcs11:C_EncryptInit/libpkcs11:C_DecryptInit * JDK-8269428: java/util/concurrent/ConcurrentHashMap/ /ToArray.java timed out * JDK-8269657: Test java/nio/channels/DatagramChannel/ /Loopback.java failed: Unexpected message * JDK-8280120: [IR Framework] Add attribute to @IR to enable/disable IR matching based on the architecture * JDK-8280392: java/awt/Focus/NonFocusableWindowTest/ /NonfocusableOwnerTest.java failed with "RuntimeException: Test failed." * JDK-8280988: [XWayland] Click on title to request focus test failures * JDK-8280990: [XWayland] XTest emulated mouse click does not bring window to front * JDK-8283223: gc/stringdedup/TestStringDeduplicationFullGC.java #Parallel failed with "RuntimeException: String verification failed" * JDK-8287325: AArch64: fix virtual threads with -XX:UseBranchProtection=pac-ret * JDK-8291809: Convert compiler/c2/cr7200264/TestSSE2IntVect.java to IR verification test * JDK-8294148: Support JSplitPane for instructions and test UI * JDK-8299058: AssertionError in sun.net.httpserver.ServerImpl when connection is idle * JDK-8299487: Test java/net/httpclient/whitebox/ /SSLTubeTestDriver.java timed out * JDK-8299790: os::print_hex_dump is racy * JDK-8299813: java/nio/channels/DatagramChannel/Disconnect.java fails with jtreg test timeout due to lost datagram * JDK-8301686: TLS 1.3 handshake fails if server_name doesn't match resuming session * JDK-8303920: Avoid calling out to python in DataDescriptorSignatureMissing test * JDK-8305072: Win32ShellFolder2.compareTo is inconsistent * JDK-8305825: getBounds API returns wrong value resulting in multiple Regression Test Failures on Ubuntu 23.04 * JDK-8307193: Several Swing jtreg tests use class.forName on L&F classes * JDK-8307352: AARCH64: Improve itable_stub * JDK-8307778: com/sun/jdi/cds tests fail with jtreg's Virtual test thread factory * JDK-8307788: vmTestbase/gc/gctests/LargeObjects/large003/ /TestDescription.java timed out * JDK-8308286: Fix clang warnings in linux code * JDK-8308660: C2 compilation hits 'node must be dead' assert * JDK-8309067: gtest/AsyncLogGtest.java fails again in stderrOutput_vm * JDK-8309621: [XWayland][Screencast] screen capture failure with sun.java2d.uiScale other than 1 * JDK-8309685: Fix -Wconversion warnings in assembler and register code * JDK-8309894: compiler/vectorapi/ /VectorLogicalOpIdentityTest.java fails on SVE system with UseSVE=0 * JDK-8310072: JComboBox/DisabledComboBoxFontTestAuto: Enabled and disabled ComboBox does not match in these LAFs: GTK+ * JDK-8310108: Skip ReplaceCriticalClassesForSubgraphs when EnableJVMCI is specified * JDK-8310201: Reduce verbose locale output in -XshowSettings launcher option * JDK-8310334: [XWayland][Screencast] screen capture error message in debug * JDK-8310628: GcInfoBuilder.c missing JNI Exception checks * JDK-8310683: Refactor StandardCharset/standard.java to use JUnit * JDK-8310906: Fix -Wconversion warnings in runtime, oops and some code header files. * JDK-8311306: Test com/sun/management/ThreadMXBean/ /ThreadCpuTimeArray.java failed: out of expected range * JDK-8311666: Disabled tests in test/jdk/sun/java2d/marlin * JDK-8311989: Test java/lang/Thread/virtual/Reflection.java timed out * JDK-8312049: runtime/logging/ClassLoadUnloadTest can be improved * JDK-8312111: open/test/jdk/java/awt/Robot/ModifierRobotKey/ /ModifierRobotKeyTest.java fails on ubuntu 23.04 * JDK-8312140: jdk/jshell tests failed with JDI socket timeouts * JDK-8312200: Fix Parse::catch_call_exceptions memory leak * JDK-8312229: Crash involving yield, switch and anonymous classes * JDK-8313674: (fc) java/nio/channels/FileChannel/ /BlockDeviceSize.java should test for more block devices * JDK-8313697: [XWayland][Screencast] consequent getPixelColor calls are slow * JDK-8313983: jmod create --target-platform should replace existing ModuleTarget attribute * JDK-8314163: os::print_hex_dump prints incorrectly for big endian platforms and unit sizes larger than 1 * JDK-8314225: SIGSEGV in JavaThread::is_lock_owned * JDK-8314515: java/util/concurrent/SynchronousQueue/ /Fairness.java failed with "Error: fair=false i=8 j=0" * JDK-8314614: jdk/jshell/ImportTest.java failed with "InternalError: Failed remote listen" * JDK-8315024: Vector API FP reduction tests should not test for exact equality * JDK-8315031: YoungPLABSize and OldPLABSize not aligned by ObjectAlignmentInBytes * JDK-8315422: getSoTimeout() would be in try block in SSLSocketImpl * JDK-8315505: CompileTask timestamp printed can overflow * JDK-8315576: compiler/codecache/CodeCacheFullCountTest.java fails after JDK-8314837 * JDK-8315804: Open source several Swing JTabbedPane JTextArea JTextField tests * JDK-8315923: pretouch_memory by atomic-add-0 fragments huge pages unexpectedly * JDK-8315965: Open source various AWT applet tests * JDK-8315969: compiler/rangechecks/ /TestRangeCheckHoistingScaledIV.java: make flagless * JDK-8316104: Open source several Swing SplitPane and RadioButton related tests * JDK-8316131: runtime/cds/appcds/TestParallelGCWithCDS.java fails with JNI error * JDK-8316193: jdk/jfr/event/oldobject/TestListenerLeak.java java.lang.Exception: Could not find leak * JDK-8316211: Open source several manual applet tests * JDK-8316240: Open source several add/remove MenuBar manual tests * JDK-8316285: Opensource JButton manual tests * JDK-8316306: Open source and convert manual Swing test * JDK-8316328: Test jdk/jfr/event/oldobject/ /TestSanityDefault.java times out for some heap sizes * JDK-8316361: C2: assert(!failure) failed: Missed optimization opportunity in PhaseIterGVN with -XX:VerifyIterativeGVN=10 * JDK-8316389: Open source few AWT applet tests * JDK-8316756: C2 EA fails with "missing memory path" when encountering unsafe_arraycopy stub call * JDK-8317112: Add screenshot for Frame/DefaultSizeTest.java * JDK-8317128: java/nio/file/Files/CopyAndMove.java failed with AccessDeniedException * JDK-8317240: Promptly free OopMapEntry after fail to insert the entry to OopMapCache * JDK-8317288: [macos] java/awt/Window/Grab/GrabTest.java: Press on the outside area didn't cause ungrab * JDK-8317299: safepoint scalarization doesn't keep track of the depth of the JVM state * JDK-8317360: Missing null checks in JfrCheckpointManager and JfrStringPool initialization routines * JDK-8317372: Refactor some NumberFormat tests to use JUnit * JDK-8317446: ProblemList gc/arguments/TestNewSizeFlags.java on macosx-aarch64 in Xcomp * JDK-8317449: ProblemList serviceability/jvmti/stress/ /StackTrace/NotSuspended/ /GetStackTraceNotSuspendedStressTest.java on several platforms * JDK-8317635: Improve GetClassFields test to verify correctness of field order * JDK-8317696: Fix compilation with clang-16 * JDK-8317738: CodeCacheFullCountTest failed with "VirtualMachineError: Out of space in CodeCache for method handle intrinsic" * JDK-8317831: compiler/codecache/CheckLargePages.java fails on OL 8.8 with unexpected memory string * JDK-8318071: IgnoreUnrecognizedVMOptions flag still causes failure in ArchiveHeapTestClass * JDK-8318479: [jmh] the test security.CacheBench failed for multiple threads run * JDK-8318605: Enable parallelism in vmTestbase/nsk/stress/stack tests * JDK-8319197: Exclude hb-subset and hb-style from compilation * JDK-8319406: x86: Shorter movptr(reg, imm) for 32-bit immediates * JDK-8319773: Avoid inflating monitors when installing hash codes for LM_LIGHTWEIGHT * JDK-8319793: C2 compilation fails with "Bad graph detected in build_loop_late" after JDK-8279888 * JDK-8319817: Charset constructor should make defensive copy of aliases * JDK-8319818: Address GCC 13.2.0 warnings (stringop-overflow and dangling-pointer) * JDK-8320079: The ArabicBox.java test has no control buttons * JDK-8320212: Disable GCC stringop-overflow warning for affected files * JDK-8320379: C2: Sort spilling/unspilling sequence for better ld/st merging into ldp/stp on AArch64 * JDK-8320602: Lock contention in SchemaDVFactory.getInstance() * JDK-8320608: Many jtreg printing tests are missing the @printer keyword * JDK-8320655: awt screencast robot spin and sync issues with native libpipewire api * JDK-8320675: PrinterJob/SecurityDialogTest.java hangs * JDK-8320945: problemlist tests failing on latest Windows 11 update * JDK-8321025: Enable Neoverse N1 optimizations for Neoverse V2 * JDK-8321176: [Screencast] make a second attempt on screencast failure * JDK-8321206: Make Locale related system properties `StaticProperty` * JDK-8321220: JFR: RecordedClass reports incorrect modifiers * JDK-8321278: C2: Partial peeling fails with assert "last_peel <\- first_not_peeled" * JDK-8321509: False positive in get_trampoline fast path causes crash * JDK-8321933: TestCDSVMCrash.java spawns two processes * JDK-8322008: Exclude some CDS tests from running with -Xshare:off * JDK-8322062: com/sun/jdi/JdwpAllowTest.java does not performs negative testing with prefix length * JDK-8322330: JavadocHelperTest.java OOMEs with Parallel GC and ZGC * JDK-8322726: C2: Unloaded signature class kills argument value * JDK-8322743: C2: prevent lock region elimination in OSR compilation * JDK-8322766: Micro bench SSLHandshake should use default algorithms * JDK-8322881: java/nio/file/Files/CopyMoveVariations.java fails with AccessDeniedException due to permissions of files in /tmp * JDK-8322971: KEM.getInstance() should check if a 3rd-party security provider is signed * JDK-8322996: BoxLockNode creation fails with assert(reg < CHUNK_SIZE) failed: sanity * JDK-8323122: AArch64: Increase itable stub size estimate * JDK-8323196: jdk/jfr/api/consumer/filestream/TestOrdered.java failed with "Events are not ordered! Reuse = false" * JDK-8323274: C2: array load may float above range check * JDK-8323552: AbstractMemorySegmentImpl#mismatch returns -1 when comparing distinct areas of the same instance of MemorySegment * JDK-8323577: C2 SuperWord: remove AlignVector restrictions on IR tests added in JDK-8305055 * JDK-8323584: AArch64: Unnecessary ResourceMark in NativeCall::set_destination_mt_safe * JDK-8323670: A few client tests intermittently throw ConcurrentModificationException * JDK-8323682: C2: guard check is not generated in Arrays.copyOfRange intrinsic when allocation is eliminated by EA * JDK-8323782: Race: Thread::interrupt vs. AbstractInterruptibleChannel.begin * JDK-8323801: <s> tag doesn't strikethrough the text * JDK-8323972: C2 compilation fails with assert(!x->as_Loop()->is_loop_nest_inner_loop()) failed: loop was transformed * JDK-8324174: assert(m->is_entered(current)) failed: invariant * JDK-8324577: [REDO] - [IMPROVE] OPEN_MAX is no longer the max limit on macOS >= 10.6 for RLIMIT_NOFILE * JDK-8324580: SIGFPE on THP initialization on kernels < 4.10 * JDK-8324641: [IR Framework] Add Setup method to provide custom arguments and set fields * JDK-8324668: JDWP process management needs more efficient file descriptor handling * JDK-8324755: Enable parallelism in vmTestbase/gc/gctests/LargeObjects tests * JDK-8324781: runtime/Thread/TestAlwaysPreTouchStacks.java failed with Expected a higher ratio between stack committed and reserved * JDK-8324808: Manual printer tests have no Pass/Fail buttons, instructions close set 3 * JDK-8324969: C2: prevent elimination of unbalanced coarsened locking regions * JDK-8324983: Race in CompileBroker::possibly_add_compiler_threads * JDK-8325022: Incorrect error message on client authentication * JDK-8325037: x86: enable and fix hotspot/jtreg/compiler/vectorization/TestRoundVectFloat.java * JDK-8325083: jdk/incubator/vector/Double512VectorTests.java crashes in Assembler::vex_prefix_and_encode * JDK-8325179: Race in BasicDirectoryModel.validateFileCache * JDK-8325218: gc/parallel/TestAlwaysPreTouchBehavior.java fails * JDK-8325382: (fc) FileChannel.transferTo throws IOException when position equals size * JDK-8325384: sun/security/ssl/SSLSessionImpl/ /ResumptionUpdateBoundValues.java failing intermittently when main thread is a virtual thread * JDK-8325469: Freeze/Thaw code can crash in the presence of OSR frames * JDK-8325494: C2: Broken graph after not skipping CastII node anymore for Assertion Predicates after JDK-8309902 * JDK-8325520: Vector loads and stores with indices and masks incorrectly compiled * JDK-8325542: CTW: Runner can produce negative StressSeed * JDK-8325587: Shenandoah: ShenandoahLock should allow blocking in VM * JDK-8325616: JFR ZGC Allocation Stall events should record stack traces * JDK-8325620: HTMLReader uses ConvertAction instead of specified CharacterAction for <b>, <i>, <u> * JDK-8325754: Dead AbstractQueuedSynchronizer$ConditionNodes survive minor garbage collections * JDK-8325763: Revert properties: vm.opt.x.* * JDK-8326106: Write and clear stack trace table outside of safepoint * JDK-8326129: Java Record Pattern Match leads to infinite loop * JDK-8326332: Unclosed inline tags cause misalignment in summary tables * JDK-8326717: Disable stringop-overflow in shenandoahLock.cpp * JDK-8326734: text-decoration applied to <span> lost when mixed with <u> or <s> * JDK-8327007: javax/swing/JSpinner/8008657/bug8008657.java fails * JDK-8327040: Problemlist ActionListenerCalledTwiceTest.java test failing in macos14 * JDK-8327137: Add test for ConcurrentModificationException in BasicDirectoryModel * JDK-8327401: Some jtreg tests fail on Wayland without any tracking bug * JDK-8327423: C2 remove_main_post_loops: check if main-loop belongs to pre-loop, not just assert * JDK-8327424: ProblemList serviceability/sa/TestJmapCore.java on all platforms with ZGC * JDK-8327501: Common ForkJoinPool prevents class unloading in some cases * JDK-8327650: Test java/nio/channels/DatagramChannel/ /StressNativeSignal.java timed out * JDK-8327787: Convert javax/swing/border/Test4129681.java applet test to main * JDK-8327840: Automate javax/swing/border/Test4129681.java * JDK-8327990: [macosx-aarch64] Various tests fail with -XX:+AssertWXAtThreadSync * JDK-8328011: Convert java/awt/Frame/GetBoundsResizeTest/ /GetBoundsResizeTest.java applet test to main * JDK-8328075: Shenandoah: Avoid forwarding when objects don't move in full-GC * JDK-8328110: Allow simultaneous use of PassFailJFrame with split UI and additional windows * JDK-8328115: Convert java/awt/font/TextLayout/ /TestJustification.html applet test to main * JDK-8328158: Convert java/awt/Choice/NonFocusablePopupMenuTest to automatic main test * JDK-8328218: Delete test java/awt/Window/FindOwner/FindOwner.html * JDK-8328234: Remove unused nativeUtils files * JDK-8328238: Convert few closed manual applet tests to main * JDK-8328269: NonFocusablePopupMenuTest.java should be marked as headful * JDK-8328273: sun/management/jmxremote/bootstrap/ /RmiRegistrySslTest.java failed with java.rmi.server.ExportException: Port already in use * JDK-8328366: Thread.setContextClassloader from thread in FJP commonPool task no longer works after JDK-8327501 * JDK-8328560: java/awt/event/MouseEvent/ClickDuringKeypress/ /ClickDuringKeypress.java imports Applet * JDK-8328561: test java/awt/Robot/ManualInstructions/ /ManualInstructions.java isn't used * JDK-8328642: Convert applet test MouseDraggedOutCauseScrollingTest.html to main * JDK-8328647: TestGarbageCollectorMXBean.java fails with C1-only and -Xcomp * JDK-8328697: SubMenuShowTest and SwallowKeyEvents tests stabilization * JDK-8328785: IOException: Symbol not found: C_GetInterface for PKCS11 interface prior to V3.0 * JDK-8328896: Fontmetrics for large Fonts has zero width * JDK-8328953: JEditorPane.read throws ChangedCharSetException * JDK-8328999: Update GIFlib to 5.2.2 * JDK-8329004: Update Libpng to 1.6.43 * JDK-8329088: Stack chunk thawing races with concurrent GC stack iteration * JDK-8329103: assert(!thread->in_asgct()) failed during multi-mode profiling * JDK-8329126: No native wrappers generated anymore with -XX:-TieredCompilation after JDK-8251462 * JDK-8329134: Reconsider TLAB zapping * JDK-8329258: TailCall should not use frame pointer register for jump target * JDK-8329510: Update ProblemList for JFileChooser/8194044/FileSystemRootTest.java * JDK-8329559: Test javax/swing/JFrame/bug4419914.java failed because The End and Start buttons are not placed correctly and Tab focus does not move as expected * JDK-8329665: fatal error: memory leak: allocating without ResourceMark * JDK-8329667: [macos] Issue with JTree related fix for JDK-8317771 * JDK-8329995: Restricted access to `/proc` can cause JFR initialization to crash * JDK-8330027: Identity hashes of archived objects must be based on a reproducible random seed * JDK-8330063: Upgrade jQuery to 3.7.1 * JDK-8330133: libj2pkcs11.so crashes on some pkcs#11 v3.0 libraries * JDK-8330146: assert(!_thread->is_in_any_VTMS_transition()) failed * JDK-8330520: linux clang build fails in os_linux.cpp with static_assert with no message is a C++17 extension * JDK-8330576: ZYoungCompactionLimit should have range check * JDK-8330611: AES-CTR vector intrinsic may read out of bounds (x86_64, AVX-512) * JDK-8330748: ByteArrayOutputStream.writeTo(OutputStream) pins carrier * JDK-8330814: Cleanups for KeepAliveCache tests * JDK-8330819: C2 SuperWord: bad dominance after pre-loop limit adjustment with base that has CastLL after pre-loop * JDK-8330849: Add test to verify memory usage with recursive locking * JDK-8330981: ZGC: Should not dedup strings in the finalizer graph * JDK-8331011: [XWayland] TokenStorage fails under Security Manager * JDK-8331063: Some HttpClient tests don't report leaks * JDK-8331077: nroff man page update for jar tool * JDK-8331142: Add test for number of loader threads in BasicDirectoryModel * JDK-8331153: JFR: Improve logging of jdk/jfr/api/consumer/filestream/TestOrdered.java * JDK-8331164: createJMHBundle.sh download jars fail when url needed to be redirected * JDK-8331266: Bump update version for OpenJDK: jdk-21.0.5 * JDK-8331405: Shenandoah: Optimize ShenandoahLock with TTAS * JDK-8331411: Shenandoah: Reconsider spinning duration in ShenandoahLock * JDK-8331421: ubsan: vmreg.cpp checking error member call on misaligned address * JDK-8331495: Limit BasicDirectoryModel/LoaderThreadCount.java to Windows only * JDK-8331518: Tests should not use the "Classpath" exception form of the legal header * JDK-8331572: Allow using OopMapCache outside of STW GC phases * JDK-8331573: Rename CollectedHeap::is_gc_active to be explicitly about STW GCs * JDK-8331575: C2: crash when ConvL2I is split thru phi at LongCountedLoop * JDK-8331605: jdk/test/lib/TestMutuallyExclusivePlatformPredicates.java test failure * JDK-8331626: unsafe.cpp:162:38: runtime error in index_oop_from_field_offset_long - applying non-zero offset 4563897424 to null pointer * JDK-8331714: Make OopMapCache installation lock-free * JDK-8331731: ubsan: relocInfo.cpp:155:30: runtime error: applying non-zero offset to null pointer * JDK-8331746: Create a test to verify that the cmm id is not ignored * JDK-8331771: ZGC: Remove OopMapCacheAlloc_lock ordering workaround * JDK-8331789: ubsan: deoptimization.cpp:403:29: runtime error: load of value 208, which is not a valid value for type 'bool' * JDK-8331798: Remove unused arg of checkErgonomics() in TestMaxHeapSizeTools.java * JDK-8331854: ubsan: copy.hpp:218:10: runtime error: addition of unsigned offset to 0x7fc2b4024518 overflowed to 0x7fc2b4024510 * JDK-8331863: DUIterator_Fast used before it is constructed * JDK-8331885: C2: meet between unloaded and speculative types is not symmetric * JDK-8331931: JFR: Avoid loading regex classes during startup * JDK-8331999: BasicDirectoryModel/LoaderThreadCount.java frequently fails on Windows in CI * JDK-8332008: Enable issuestitle check * JDK-8332113: Update nsk.share.Log to be always verbose * JDK-8332154: Memory leak in SynchronousQueue * JDK-8332174: Remove 2 (unpaired) RLO Unicode characters in ff_Adlm.xml * JDK-8332248: (fc) java/nio/channels/FileChannel/ /BlockDeviceSize.java failed with RuntimeException * JDK-8332424: Update IANA Language Subtag Registry to Version 2024-05-16 * JDK-8332431: NullPointerException in JTable of SwingSet2 * JDK-8332473: ubsan: growableArray.hpp:290:10: runtime error: null pointer passed as argument 1, which is declared to never be null * JDK-8332490: JMH org.openjdk.bench.java.util.zip .InflaterInputStreams.inflaterInputStreamRead OOM * JDK-8332499: Gtest codestrings.validate_vm fail on linux x64 when hsdis is present * JDK-8332524: Instead of printing "TLSv1.3," it is showing "TLS13" * JDK-8332589: ubsan: unix/native/libjava/ProcessImpl_md.c:562:5: runtime error: null pointer passed as argument 2, which is declared to never be null * JDK-8332675: test/hotspot/jtreg/gc/testlibrary/Helpers.java compileClass javadoc does not match after 8321812 * JDK-8332699: ubsan: jfrEventSetting.inline.hpp:31:43: runtime error: index 163 out of bounds for type 'jfrNativeEventSetting [162]' * JDK-8332717: ZGC: Division by zero in heuristics * JDK-8332720: ubsan: instanceKlass.cpp:3550:76: runtime error: member call on null pointer of type 'struct Array' * JDK-8332818: ubsan: archiveHeapLoader.cpp:70:27: runtime error: applying non-zero offset 18446744073707454464 to null pointer * JDK-8332825: ubsan: guardedMemory.cpp:35:11: runtime error: null pointer passed as argument 2, which is declared to never be null * JDK-8332885: Clarify failure_handler self-tests * JDK-8332894: ubsan: vmError.cpp:2090:26: runtime error: division by zero * JDK-8332898: failure_handler: log directory of commands * JDK-8332903: ubsan: opto/output.cpp:1002:18: runtime error: load of value 171, which is not a valid value for type 'bool' * JDK-8332904: ubsan ppc64le: c1_LIRGenerator_ppc.cpp:581:21: runtime error: signed integer overflow: 9223372036854775807 + 1 cannot be represented in type 'long int' * JDK-8332905: C2 SuperWord: bad AD file, with RotateRightV and first operand not a pack * JDK-8332920: C2: Partial Peeling is wrongly applied for CmpU with negative limit * JDK-8332935: Crash: assert(*lastPtr != 0) failed: Mismatched JNINativeInterface tables, check for new entries * JDK-8332936: Test vmTestbase/metaspace/gc/watermark_70_80/ /TestDescription.java fails with no GC's recorded * JDK-8332959: C2: ZGC fails with 'Incorrect load shift' when invoking Object.clone() reflectively on an array * JDK-8333088: ubsan: shenandoahAdaptiveHeuristics.cpp:245:44: runtime error: division by zero * JDK-8333093: Incorrect comment in zAddress_aarch64.cpp * JDK-8333099: Missing check for is_LoadVector in StoreNode::Identity * JDK-8333149: ubsan : memset on nullptr target detected in jvmtiEnvBase.cpp get_object_monitor_usage * JDK-8333178: ubsan: jvmti_tools.cpp:149:16: runtime error: null pointer passed as argument 2, which is declared to never be null * JDK-8333270: HandlersOnComplexResetUpdate and HandlersOnComplexUpdate tests fail with "Unexpected reference" if timeoutFactor is less than 1/3 * JDK-8333277: ubsan: mlib_ImageScanPoly.c:292:43: runtime error: division by zero * JDK-8333353: Delete extra empty line in CodeBlob.java * JDK-8333354: ubsan: frame.inline.hpp:91:25: and src/hotspot/share/runtime/frame.inline.hpp:88:29: runtime error: member call on null pointer of type 'const struct SmallRegisterMap' * JDK-8333361: ubsan,test : libHeapMonitorTest.cpp:518:9: runtime error: null pointer passed as argument 2, which is declared to never be null * JDK-8333363: ubsan: instanceKlass.cpp: runtime error: member call on null pointer of type 'struct AnnotationArray' * JDK-8333366: C2: CmpU3Nodes are not pushed back to worklist in PhaseCCP leading to non-fixpoint assertion failure * JDK-8333398: Uncomment the commented test in test/jdk/java/ /util/jar/JarFile/mrjar/MultiReleaseJarAPI.java * JDK-8333462: Performance regression of new DecimalFormat() when compare to jdk11 * JDK-8333477: Delete extra empty spaces in Makefiles * JDK-8333542: Breakpoint in parallel code does not work * JDK-8333622: ubsan: relocInfo_x86.cpp:101:56: runtime error: pointer index expression with base (-1) overflowed * JDK-8333639: ubsan: cppVtables.cpp:81:55: runtime error: index 14 out of bounds for type 'long int [1]' * JDK-8333652: RISC-V: compiler/vectorapi/ /VectorGatherMaskFoldingTest.java fails when using RVV * JDK-8333716: Shenandoah: Check for disarmed method before taking the nmethod lock * JDK-8333724: Problem list security/infra/java/security/cert/ /CertPathValidator/certification/CAInterop.java #teliasonerarootcav1 * JDK-8333804: java/net/httpclient/ForbiddenHeadTest.java threw an exception with 0 failures * JDK-8333887: ubsan: unsafe.cpp:247:13: runtime error: store to null pointer of type 'volatile int' * JDK-8334078: RISC-V: TestIntVect.java fails after JDK-8332153 when running without RVV * JDK-8334123: log the opening of Type 1 fonts * JDK-8334166: Enable binary check * JDK-8334239: Introduce macro for ubsan method/function exclusions * JDK-8334297: (so) java/nio/channels/SocketChannel/OpenLeak.java should not depend on SecurityManager * JDK-8334332: TestIOException.java fails if run by root * JDK-8334333: MissingResourceCauseTestRun.java fails if run by root * JDK-8334339: Test java/nio/file/attribute/ /BasicFileAttributeView/CreationTime.java fails on alinux3 * JDK-8334418: Update IANA Language Subtag Registry to Version 2024-06-14 * JDK-8334421: assert(!oldbox->is_unbalanced()) failed: this should not be called for unbalanced region * JDK-8334482: Shenandoah: Deadlock when safepoint is pending during nmethods iteration * JDK-8334592: ProblemList serviceability/jvmti/stress/ /StackTrace/NotSuspended/ /GetStackTraceNotSuspendedStressTest.java in jdk21 on all platforms * JDK-8334594: Generational ZGC: Deadlock after OopMap rewrites in 8331572 * JDK-8334600: TEST java/net/MulticastSocket/IPMulticastIF.java fails on linux-aarch64 * JDK-8334618: ubsan: support setting additional ubsan check options * JDK-8334653: ISO 4217 Amendment 177 Update * JDK-8334769: Shenandoah: Move CodeCache_lock close to its use in ShenandoahConcurrentNMethodIterator * JDK-8334867: Add back assertion from JDK-8325494 * JDK-8335007: Inline OopMapCache table * JDK-8335134: Test com/sun/jdi/BreakpointOnClassPrepare.java timeout * JDK-8335150: Test LogGeneratedClassesTest.java fails on rpmbuild mock enviroment * JDK-8335237: ubsan: vtableStubs.hpp is_vtable_stub exclude from ubsan checks * JDK-8335283: Build failure due to 'no_sanitize' attribute directive ignored * JDK-8335409: Can't allocate and retain memory from resource area in frame::oops_interpreted_do oop closure after 8329665 * JDK-8335493: check_gc_overhead_limit should reset SoftRefPolicy::_should_clear_all_soft_refs * JDK-8335536: Fix assertion failure in IdealGraphPrinter when append is true * JDK-8335743: jhsdb jstack cannot print some information on the waiting thread * JDK-8335775: Remove extraneous 's' in comment of rawmonitor.cpp test file * JDK-8335904: Fix invalid comment in ShenandoahLock * JDK-8335967: "text-decoration: none" does not work with "A" HTML tags * JDK-8336284: Test TestClhsdbJstackLock.java/ TestJhsdbJstackLock.java fails with -Xcomp after JDK-8335743 * JDK-8336301: test/jdk/java/nio/channels/ /AsyncCloseAndInterrupt.java leaves around a FIFO file upon test completion * JDK-8336342: Fix known X11 library locations in sysroot * JDK-8336343: Add more known sysroot library locations for ALSA * JDK-8336926: jdk/internal/util/ReferencedKeyTest.java can fail with ConcurrentModificationException * JDK-8336928: GHA: Bundle artifacts removal broken * JDK-8337038: Test java/nio/file/attribute/ /BasicFileAttributeView/CreationTime.java shoud set as /native * JDK-8337283: configure.log is truncated when build dir is on different filesystem * JDK-8337622: IllegalArgumentException in java.lang.reflect.Field.get * JDK-8337664: Distrust TLS server certificates issued after Oct 2024 and anchored by Entrust Root CAs * JDK-8338139: {ClassLoading,Memory}MXBean::isVerbose methods are inconsistent with their setVerbose methods * JDK-8338286: GHA: Demote x86_32 to hotspot build only * JDK-8338696: (fs) BasicFileAttributes.creationTime() falls back to epoch if birth time is unavailable (Linux) * JDK-8339869: [21u] Test CreationTime.java fails with UnsatisfiedLinkError after 8334339 * JDK-8341057: Add 2 SSL.com TLS roots * JDK-8341059: Change Entrust TLS distrust date to November 12, 2024 * JDK-8341674: [21u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 21.0.5 * JDK-8341989: [21u] Back out JDK-8327501 and JDK-8328366 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3954=1 openSUSE-SLE-15.6-2024-3954=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3954=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * java-21-openjdk-src-21.0.5.0-150600.3.6.3 * java-21-openjdk-jmods-21.0.5.0-150600.3.6.3 * java-21-openjdk-21.0.5.0-150600.3.6.3 * java-21-openjdk-headless-debuginfo-21.0.5.0-150600.3.6.3 * java-21-openjdk-demo-21.0.5.0-150600.3.6.3 * java-21-openjdk-devel-21.0.5.0-150600.3.6.3 * java-21-openjdk-debuginfo-21.0.5.0-150600.3.6.3 * java-21-openjdk-headless-21.0.5.0-150600.3.6.3 * java-21-openjdk-devel-debuginfo-21.0.5.0-150600.3.6.3 * java-21-openjdk-debugsource-21.0.5.0-150600.3.6.3 * openSUSE Leap 15.6 (noarch) * java-21-openjdk-javadoc-21.0.5.0-150600.3.6.3 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * java-21-openjdk-21.0.5.0-150600.3.6.3 * java-21-openjdk-headless-debuginfo-21.0.5.0-150600.3.6.3 * java-21-openjdk-demo-21.0.5.0-150600.3.6.3 * java-21-openjdk-devel-21.0.5.0-150600.3.6.3 * java-21-openjdk-debuginfo-21.0.5.0-150600.3.6.3 * java-21-openjdk-headless-21.0.5.0-150600.3.6.3 * java-21-openjdk-devel-debuginfo-21.0.5.0-150600.3.6.3 * java-21-openjdk-debugsource-21.0.5.0-150600.3.6.3 ## References: * https://www.suse.com/security/cve/CVE-2024-21208.html * https://www.suse.com/security/cve/CVE-2024-21210.html * https://www.suse.com/security/cve/CVE-2024-21217.html * https://www.suse.com/security/cve/CVE-2024-21235.html * https://bugzilla.suse.com/show_bug.cgi?id=1231702 * https://bugzilla.suse.com/show_bug.cgi?id=1231711 * https://bugzilla.suse.com/show_bug.cgi?id=1231716 * https://bugzilla.suse.com/show_bug.cgi?id=1231719 * CVE-2024-9287 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2024-9287 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2024-9287 ( NVD ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * Public Cloud Module 15-SP4 * Python 3 Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python311 fixes the following issues: * CVE-2024-9287: Fixed quoted path names provided when creating a virtual environment (bsc#1232241). Bug fixes: * Drop .pyc files from docdir for reproducible builds (bsc#1230906). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3957=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3957=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-3957=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-3957=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python311-debugsource-3.11.10-150400.9.38.2 * python311-curses-3.11.10-150400.9.38.2 * python311-tk-debuginfo-3.11.10-150400.9.38.2 * python311-tk-3.11.10-150400.9.38.2 * python311-testsuite-debuginfo-3.11.10-150400.9.38.2 * python311-doc-devhelp-3.11.10-150400.9.38.1 * python311-doc-3.11.10-150400.9.38.1 * python311-dbm-3.11.10-150400.9.38.2 * python311-curses-debuginfo-3.11.10-150400.9.38.2 * python311-debuginfo-3.11.10-150400.9.38.2 * python311-testsuite-3.11.10-150400.9.38.2 * libpython3_11-1_0-debuginfo-3.11.10-150400.9.38.2 * libpython3_11-1_0-3.11.10-150400.9.38.2 * python311-idle-3.11.10-150400.9.38.2 * python311-3.11.10-150400.9.38.2 * python311-core-debugsource-3.11.10-150400.9.38.2 * python311-devel-3.11.10-150400.9.38.2 * python311-dbm-debuginfo-3.11.10-150400.9.38.2 * python311-base-3.11.10-150400.9.38.2 * python311-base-debuginfo-3.11.10-150400.9.38.2 * python311-tools-3.11.10-150400.9.38.2 * openSUSE Leap 15.4 (x86_64) * python311-32bit-3.11.10-150400.9.38.2 * python311-32bit-debuginfo-3.11.10-150400.9.38.2 * libpython3_11-1_0-32bit-3.11.10-150400.9.38.2 * python311-base-32bit-3.11.10-150400.9.38.2 * python311-base-32bit-debuginfo-3.11.10-150400.9.38.2 * libpython3_11-1_0-32bit-debuginfo-3.11.10-150400.9.38.2 * openSUSE Leap 15.4 (aarch64_ilp32) * python311-64bit-debuginfo-3.11.10-150400.9.38.2 * libpython3_11-1_0-64bit-3.11.10-150400.9.38.2 * libpython3_11-1_0-64bit-debuginfo-3.11.10-150400.9.38.2 * python311-64bit-3.11.10-150400.9.38.2 * python311-base-64bit-3.11.10-150400.9.38.2 * python311-base-64bit-debuginfo-3.11.10-150400.9.38.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python311-debugsource-3.11.10-150400.9.38.2 * python311-curses-3.11.10-150400.9.38.2 * python311-tk-debuginfo-3.11.10-150400.9.38.2 * python311-tk-3.11.10-150400.9.38.2 * python311-testsuite-debuginfo-3.11.10-150400.9.38.2 * python311-doc-devhelp-3.11.10-150400.9.38.1 * python311-doc-3.11.10-150400.9.38.1 * python311-dbm-3.11.10-150400.9.38.2 * python311-curses-debuginfo-3.11.10-150400.9.38.2 * python311-debuginfo-3.11.10-150400.9.38.2 * python311-testsuite-3.11.10-150400.9.38.2 * libpython3_11-1_0-debuginfo-3.11.10-150400.9.38.2 * libpython3_11-1_0-3.11.10-150400.9.38.2 * python311-3.11.10-150400.9.38.2 * python311-idle-3.11.10-150400.9.38.2 * python311-core-debugsource-3.11.10-150400.9.38.2 * python311-devel-3.11.10-150400.9.38.2 * python311-dbm-debuginfo-3.11.10-150400.9.38.2 * python311-base-3.11.10-150400.9.38.2 * python311-base-debuginfo-3.11.10-150400.9.38.2 * python311-tools-3.11.10-150400.9.38.2 * openSUSE Leap 15.5 (x86_64) * python311-32bit-3.11.10-150400.9.38.2 * python311-32bit-debuginfo-3.11.10-150400.9.38.2 * libpython3_11-1_0-32bit-3.11.10-150400.9.38.2 * python311-base-32bit-3.11.10-150400.9.38.2 * python311-base-32bit-debuginfo-3.11.10-150400.9.38.2 * libpython3_11-1_0-32bit-debuginfo-3.11.10-150400.9.38.2 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * libpython3_11-1_0-3.11.10-150400.9.38.2 * python311-base-3.11.10-150400.9.38.2 * python311-3.11.10-150400.9.38.2 * Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python311-debugsource-3.11.10-150400.9.38.2 * python311-curses-3.11.10-150400.9.38.2 * python311-curses-debuginfo-3.11.10-150400.9.38.2 * python311-dbm-debuginfo-3.11.10-150400.9.38.2 * python311-tk-debuginfo-3.11.10-150400.9.38.2 * libpython3_11-1_0-3.11.10-150400.9.38.2 * python311-tk-3.11.10-150400.9.38.2 * python311-base-3.11.10-150400.9.38.2 * python311-debuginfo-3.11.10-150400.9.38.2 * python311-base-debuginfo-3.11.10-150400.9.38.2 * python311-doc-devhelp-3.11.10-150400.9.38.1 * python311-tools-3.11.10-150400.9.38.2 * python311-doc-3.11.10-150400.9.38.1 * python311-3.11.10-150400.9.38.2 * python311-dbm-3.11.10-150400.9.38.2 * python311-idle-3.11.10-150400.9.38.2 * python311-core-debugsource-3.11.10-150400.9.38.2 * libpython3_11-1_0-debuginfo-3.11.10-150400.9.38.2 * python311-devel-3.11.10-150400.9.38.2 ## References: * https://www.suse.com/security/cve/CVE-2024-9287.html * https://bugzilla.suse.com/show_bug.cgi?id=1230906 * https://bugzilla.suse.com/show_bug.cgi?id=1232241 * CVE-2024-9287 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2024-9287 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2024-9287 ( NVD ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python311 fixes the following issues: * CVE-2024-9287: Fixed quoted path names provided when creating a virtual environment (bsc#1232241). Bug fixes: * Drop .pyc files from docdir for reproducible builds (bsc#1230906). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3958=1 openSUSE-SLE-15.6-2024-3958=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3958=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-3958=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python311-tk-debuginfo-3.11.10-150600.3.9.2 * python311-debuginfo-3.11.10-150600.3.9.2 * python311-doc-devhelp-3.11.10-150600.3.9.3 * python311-base-3.11.10-150600.3.9.2 * python311-3.11.10-150600.3.9.2 * python311-dbm-debuginfo-3.11.10-150600.3.9.2 * libpython3_11-1_0-3.11.10-150600.3.9.2 * python311-core-debugsource-3.11.10-150600.3.9.2 * python311-tk-3.11.10-150600.3.9.2 * python311-doc-3.11.10-150600.3.9.3 * python311-testsuite-debuginfo-3.11.10-150600.3.9.2 * python311-dbm-3.11.10-150600.3.9.2 * python311-curses-3.11.10-150600.3.9.2 * python311-base-debuginfo-3.11.10-150600.3.9.2 * python311-idle-3.11.10-150600.3.9.2 * python311-debugsource-3.11.10-150600.3.9.2 * python311-devel-3.11.10-150600.3.9.2 * python311-tools-3.11.10-150600.3.9.2 * libpython3_11-1_0-debuginfo-3.11.10-150600.3.9.2 * python311-curses-debuginfo-3.11.10-150600.3.9.2 * python311-testsuite-3.11.10-150600.3.9.2 * openSUSE Leap 15.6 (x86_64) * python311-32bit-debuginfo-3.11.10-150600.3.9.2 * python311-base-32bit-debuginfo-3.11.10-150600.3.9.2 * libpython3_11-1_0-32bit-debuginfo-3.11.10-150600.3.9.2 * libpython3_11-1_0-32bit-3.11.10-150600.3.9.2 * python311-base-32bit-3.11.10-150600.3.9.2 * python311-32bit-3.11.10-150600.3.9.2 * openSUSE Leap 15.6 (aarch64_ilp32) * libpython3_11-1_0-64bit-debuginfo-3.11.10-150600.3.9.2 * python311-64bit-3.11.10-150600.3.9.2 * libpython3_11-1_0-64bit-3.11.10-150600.3.9.2 * python311-base-64bit-3.11.10-150600.3.9.2 * python311-base-64bit-debuginfo-3.11.10-150600.3.9.2 * python311-64bit-debuginfo-3.11.10-150600.3.9.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python311-core-debugsource-3.11.10-150600.3.9.2 * libpython3_11-1_0-3.11.10-150600.3.9.2 * python311-base-3.11.10-150600.3.9.2 * libpython3_11-1_0-debuginfo-3.11.10-150600.3.9.2 * python311-base-debuginfo-3.11.10-150600.3.9.2 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python311-idle-3.11.10-150600.3.9.2 * python311-tk-debuginfo-3.11.10-150600.3.9.2 * python311-debuginfo-3.11.10-150600.3.9.2 * python311-dbm-debuginfo-3.11.10-150600.3.9.2 * python311-core-debugsource-3.11.10-150600.3.9.2 * python311-curses-debuginfo-3.11.10-150600.3.9.2 * python311-debugsource-3.11.10-150600.3.9.2 * python311-devel-3.11.10-150600.3.9.2 * python311-dbm-3.11.10-150600.3.9.2 * python311-tools-3.11.10-150600.3.9.2 * python311-3.11.10-150600.3.9.2 * python311-curses-3.11.10-150600.3.9.2 * python311-tk-3.11.10-150600.3.9.2 ## References: * https://www.suse.com/security/cve/CVE-2024-9287.html * https://bugzilla.suse.com/show_bug.cgi?id=1230906 * https://bugzilla.suse.com/show_bug.cgi?id=1232241 * CVE-2024-9287 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2024-9287 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2024-9287 ( NVD ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green Affected Products: * openSUSE Leap 15.6 * Python 3 Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python312 fixes the following issues: * CVE-2024-9287: Fixed quoted path names provided when creating a virtual environment (bsc#1232241). Bug fixes: * Drop .pyc files from docdir for reproducible builds (bsc#1230906). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3959=1 openSUSE-SLE-15.6-2024-3959=1 * Python 3 Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-3959=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * python312-3.12.7-150600.3.9.1 * python312-curses-debuginfo-3.12.7-150600.3.9.1 * python312-dbm-3.12.7-150600.3.9.1 * python312-idle-3.12.7-150600.3.9.1 * python312-testsuite-3.12.7-150600.3.9.1 * libpython3_12-1_0-3.12.7-150600.3.9.1 * python312-tk-3.12.7-150600.3.9.1 * python312-base-3.12.7-150600.3.9.1 * python312-base-debuginfo-3.12.7-150600.3.9.1 * python312-dbm-debuginfo-3.12.7-150600.3.9.1 * python312-tools-3.12.7-150600.3.9.1 * libpython3_12-1_0-debuginfo-3.12.7-150600.3.9.1 * python312-doc-devhelp-3.12.7-150600.3.9.1 * python312-testsuite-debuginfo-3.12.7-150600.3.9.1 * python312-curses-3.12.7-150600.3.9.1 * python312-devel-3.12.7-150600.3.9.1 * python312-tk-debuginfo-3.12.7-150600.3.9.1 * python312-core-debugsource-3.12.7-150600.3.9.1 * python312-debugsource-3.12.7-150600.3.9.1 * python312-doc-3.12.7-150600.3.9.1 * python312-debuginfo-3.12.7-150600.3.9.1 * openSUSE Leap 15.6 (x86_64) * python312-base-32bit-debuginfo-3.12.7-150600.3.9.1 * libpython3_12-1_0-32bit-3.12.7-150600.3.9.1 * python312-base-32bit-3.12.7-150600.3.9.1 * python312-32bit-debuginfo-3.12.7-150600.3.9.1 * python312-32bit-3.12.7-150600.3.9.1 * libpython3_12-1_0-32bit-debuginfo-3.12.7-150600.3.9.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libpython3_12-1_0-64bit-debuginfo-3.12.7-150600.3.9.1 * python312-64bit-3.12.7-150600.3.9.1 * python312-base-64bit-debuginfo-3.12.7-150600.3.9.1 * python312-base-64bit-3.12.7-150600.3.9.1 * python312-64bit-debuginfo-3.12.7-150600.3.9.1 * libpython3_12-1_0-64bit-3.12.7-150600.3.9.1 * Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64) * python312-tk-debuginfo-3.12.7-150600.3.9.1 * python312-curses-3.12.7-150600.3.9.1 * libpython3_12-1_0-debuginfo-3.12.7-150600.3.9.1 * python312-3.12.7-150600.3.9.1 * python312-core-debugsource-3.12.7-150600.3.9.1 * python312-curses-debuginfo-3.12.7-150600.3.9.1 * python312-dbm-3.12.7-150600.3.9.1 * python312-base-debuginfo-3.12.7-150600.3.9.1 * python312-base-3.12.7-150600.3.9.1 * python312-idle-3.12.7-150600.3.9.1 * python312-tk-3.12.7-150600.3.9.1 * python312-debugsource-3.12.7-150600.3.9.1 * libpython3_12-1_0-3.12.7-150600.3.9.1 * python312-dbm-debuginfo-3.12.7-150600.3.9.1 * python312-devel-3.12.7-150600.3.9.1 * python312-tools-3.12.7-150600.3.9.1 * python312-debuginfo-3.12.7-150600.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9287.html * https://bugzilla.suse.com/show_bug.cgi?id=1230906 * https://bugzilla.suse.com/show_bug.cgi?id=1232241 * CVE-2024-41311 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-41311 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-41311 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N Affected Products: * Desktop Applications Module 15-SP5 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves one vulnerability can now be installed. ## Description: This update for libheif fixes the following issues: * CVE-2024-41311: Fixed out-of-bounds read and write in ImageOverlay:parse() due to decoding a heif file containing an overlay image with forged offsets (bsc#1231714). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3960=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3960=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3960=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3960=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3960=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-3960=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-3960=1 ## Package List: * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * gdk-pixbuf-loader-libheif-1.12.0-150400.3.14.1 * libheif-devel-1.12.0-150400.3.14.1 * libheif-debugsource-1.12.0-150400.3.14.1 * gdk-pixbuf-loader-libheif-debuginfo-1.12.0-150400.3.14.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * gdk-pixbuf-loader-libheif-1.12.0-150400.3.14.1 * libheif-devel-1.12.0-150400.3.14.1 * libheif-debugsource-1.12.0-150400.3.14.1 * gdk-pixbuf-loader-libheif-debuginfo-1.12.0-150400.3.14.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libheif1-1.12.0-150400.3.14.1 * libheif-debugsource-1.12.0-150400.3.14.1 * gdk-pixbuf-loader-libheif-debuginfo-1.12.0-150400.3.14.1 * libheif1-debuginfo-1.12.0-150400.3.14.1 * gdk-pixbuf-loader-libheif-1.12.0-150400.3.14.1 * libheif-devel-1.12.0-150400.3.14.1 * openSUSE Leap 15.4 (x86_64) * libheif1-32bit-1.12.0-150400.3.14.1 * libheif1-32bit-debuginfo-1.12.0-150400.3.14.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libheif1-64bit-1.12.0-150400.3.14.1 * libheif1-64bit-debuginfo-1.12.0-150400.3.14.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libheif1-1.12.0-150400.3.14.1 * libheif-debugsource-1.12.0-150400.3.14.1 * gdk-pixbuf-loader-libheif-debuginfo-1.12.0-150400.3.14.1 * libheif1-debuginfo-1.12.0-150400.3.14.1 * gdk-pixbuf-loader-libheif-1.12.0-150400.3.14.1 * libheif-devel-1.12.0-150400.3.14.1 * openSUSE Leap 15.5 (x86_64) * libheif1-32bit-1.12.0-150400.3.14.1 * libheif1-32bit-debuginfo-1.12.0-150400.3.14.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libheif1-1.12.0-150400.3.14.1 * libheif-debugsource-1.12.0-150400.3.14.1 * gdk-pixbuf-loader-libheif-debuginfo-1.12.0-150400.3.14.1 * libheif1-debuginfo-1.12.0-150400.3.14.1 * gdk-pixbuf-loader-libheif-1.12.0-150400.3.14.1 * libheif-devel-1.12.0-150400.3.14.1 * openSUSE Leap 15.6 (x86_64) * libheif1-32bit-1.12.0-150400.3.14.1 * libheif1-32bit-debuginfo-1.12.0-150400.3.14.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libheif1-1.12.0-150400.3.14.1 * libheif1-debuginfo-1.12.0-150400.3.14.1 * libheif-debugsource-1.12.0-150400.3.14.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libheif1-1.12.0-150400.3.14.1 * libheif1-debuginfo-1.12.0-150400.3.14.1 * libheif-debugsource-1.12.0-150400.3.14.1 ## References: * https://www.suse.com/security/cve/CVE-2024-41311.html * https://bugzilla.suse.com/show_bug.cgi?id=1231714 openSUSE Security Update: Security update for chromium ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0356-1 Rating: important References: #1232843 Cross-References: CVE-2024-10826 CVE-2024-10827 Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for chromium fixes the following issues: Chromium 130.0.6723.116 (boo#1232843) - CVE-2024-10826: Use after free in Family Experiences - CVE-2024-10827: Use after free in Serial Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-356=1 Package List: - openSUSE Backports SLE-15-SP5 (aarch64 x86_64): chromedriver-130.0.6723.116-bp155.2.138.1 chromium-130.0.6723.116-bp155.2.138.1 References: https://www.suse.com/security/cve/CVE-2024-10826.html https://www.suse.com/security/cve/CVE-2024-10827.html https://bugzilla.suse.com/1232843 openSUSE Security Update: Security update for chromium ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0357-1 Rating: important References: #1232843 Cross-References: CVE-2024-10826 CVE-2024-10827 Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for chromium fixes the following issues: Chromium 130.0.6723.116 (boo#1232843) - CVE-2024-10826: Use after free in Family Experiences - CVE-2024-10827: Use after free in Serial Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2024-357=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 x86_64): chromedriver-130.0.6723.116-bp156.2.50.1 chromium-130.0.6723.116-bp156.2.50.1 References: https://www.suse.com/security/cve/CVE-2024-10826.html https://www.suse.com/security/cve/CVE-2024-10827.html https://bugzilla.suse.com/1232843 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for yast2-bootloader fixes the following issues: * Sync warning text from s390 secure boot to be identical in installation proposal and on running system (bsc#1219989) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3951=1 openSUSE-SLE-15.6-2024-3951=1 * SUSE Linux Enterprise High Performance Computing 15 SP6 zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2024-3951=1 * SUSE Linux Enterprise Server 15 SP6 zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2024-3951=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2024-3951=1 * SUSE Linux Enterprise Desktop 15 SP6 zypper in -t patch SUSE-SLE-INSTALLER-15-SP6-2024-3951=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3951=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * yast2-bootloader-4.6.8-150600.3.3.1 * SUSE Linux Enterprise High Performance Computing 15 SP6 (aarch64 x86_64) * yast2-bootloader-4.6.8-150600.3.3.1 * SUSE Linux Enterprise Server 15 SP6 (aarch64 ppc64le s390x x86_64) * yast2-bootloader-4.6.8-150600.3.3.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 (ppc64le x86_64) * yast2-bootloader-4.6.8-150600.3.3.1 * SUSE Linux Enterprise Desktop 15 SP6 (x86_64) * yast2-bootloader-4.6.8-150600.3.3.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * yast2-bootloader-4.6.8-150600.3.3.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1219989 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for libproxy fixes the following issue: * (fix) Remove white space in key value for libproxy (bsc#1228999). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3952=1 openSUSE-SLE-15.6-2024-3952=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3952=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libproxy1-debuginfo-0.5.3-150600.4.3.2 * libpxbackend-1_0-0.5.3-150600.4.3.2 * libproxy-tools-debuginfo-0.5.3-150600.4.3.2 * libproxy-client-debugsource-0.5.3-150600.4.3.2 * libproxy-tools-0.5.3-150600.4.3.2 * libproxy1-0.5.3-150600.4.3.2 * libpxbackend-1_0-mini-0.5.3-150600.4.3.2 * libpxbackend-1_0-debuginfo-0.5.3-150600.4.3.2 * libproxy-devel-0.5.3-150600.4.3.2 * typelib-1_0-Libproxy-1_0-0.5.3-150600.4.3.2 * libproxy-backend-debugsource-0.5.3-150600.4.3.2 * libpxbackend-1_0-mini-debuginfo-0.5.3-150600.4.3.2 * openSUSE Leap 15.6 (noarch) * libproxy-devel-doc-0.5.3-150600.4.3.2 * openSUSE Leap 15.6 (x86_64) * libpxbackend-1_0-32bit-0.5.3-150600.4.3.2 * libproxy1-32bit-debuginfo-0.5.3-150600.4.3.2 * libpxbackend-1_0-32bit-debuginfo-0.5.3-150600.4.3.2 * libproxy1-32bit-0.5.3-150600.4.3.2 * openSUSE Leap 15.6 (aarch64_ilp32) * libproxy1-64bit-debuginfo-0.5.3-150600.4.3.2 * libpxbackend-1_0-64bit-debuginfo-0.5.3-150600.4.3.2 * libpxbackend-1_0-64bit-0.5.3-150600.4.3.2 * libproxy1-64bit-0.5.3-150600.4.3.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libproxy1-debuginfo-0.5.3-150600.4.3.2 * libpxbackend-1_0-0.5.3-150600.4.3.2 * libproxy-client-debugsource-0.5.3-150600.4.3.2 * libproxy1-0.5.3-150600.4.3.2 * libpxbackend-1_0-debuginfo-0.5.3-150600.4.3.2 * libproxy-devel-0.5.3-150600.4.3.2 * libproxy-backend-debugsource-0.5.3-150600.4.3.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1228999 * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for firewalld fixes the following issues: * Add firewalld-zsh-completion and firewalld-bash-completion to Basesystem_15-SP6 (bsc#1231793) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3953=1 openSUSE-SLE-15.6-2024-3953=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3953=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-3953=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3953=1 ## Package List: * openSUSE Leap 15.6 (noarch) * firewalld-zsh-completion-2.0.1-150600.3.2.1 * firewalld-lang-2.0.1-150600.3.2.1 * python3-firewall-2.0.1-150600.3.2.1 * firewalld-2.0.1-150600.3.2.1 * firewalld-test-2.0.1-150600.3.2.1 * firewall-applet-2.0.1-150600.3.2.1 * firewall-config-2.0.1-150600.3.2.1 * firewall-macros-2.0.1-150600.3.2.1 * firewalld-bash-completion-2.0.1-150600.3.2.1 * Basesystem Module 15-SP6 (noarch) * firewalld-zsh-completion-2.0.1-150600.3.2.1 * firewalld-lang-2.0.1-150600.3.2.1 * python3-firewall-2.0.1-150600.3.2.1 * firewalld-2.0.1-150600.3.2.1 * firewalld-bash-completion-2.0.1-150600.3.2.1 * Desktop Applications Module 15-SP6 (noarch) * firewall-applet-2.0.1-150600.3.2.1 * firewall-config-2.0.1-150600.3.2.1 * Development Tools Module 15-SP6 (noarch) * firewall-macros-2.0.1-150600.3.2.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1231793 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 An update that has one fix can now be installed. ## Description: This update for PackageKit fixes the following issues: * zypp: Mark the correct packages to-be-installed (bsc#1227389) ## Special Instructions and Notes: ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3947=1 openSUSE-SLE-15.6-2024-3947=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-3947=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-3947=1 ## Package List: * openSUSE Leap 15.6 (noarch) * PackageKit-lang-1.2.8-150600.4.8.2 * PackageKit-branding-upstream-1.2.8-150600.4.8.2 * PackageKit-branding-SLE-12.0-150600.22.7.3 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * PackageKit-backend-dnf-1.2.8-150600.4.8.2 * typelib-1_0-PackageKitGlib-1_0-1.2.8-150600.4.8.2 * libpackagekit-glib2-18-debuginfo-1.2.8-150600.4.8.2 * PackageKit-gtk3-module-debuginfo-1.2.8-150600.4.8.2 * libpackagekit-glib2-devel-1.2.8-150600.4.8.2 * PackageKit-gstreamer-plugin-debuginfo-1.2.8-150600.4.8.2 * PackageKit-gtk3-module-1.2.8-150600.4.8.2 * PackageKit-backend-zypp-debuginfo-1.2.8-150600.4.8.2 * PackageKit-backend-dnf-debuginfo-1.2.8-150600.4.8.2 * PackageKit-backend-zypp-1.2.8-150600.4.8.2 * PackageKit-devel-debuginfo-1.2.8-150600.4.8.2 * PackageKit-devel-1.2.8-150600.4.8.2 * PackageKit-debuginfo-1.2.8-150600.4.8.2 * libpackagekit-glib2-18-1.2.8-150600.4.8.2 * PackageKit-gstreamer-plugin-1.2.8-150600.4.8.2 * PackageKit-debugsource-1.2.8-150600.4.8.2 * PackageKit-1.2.8-150600.4.8.2 * openSUSE Leap 15.6 (x86_64) * libpackagekit-glib2-devel-32bit-1.2.8-150600.4.8.2 * libpackagekit-glib2-18-32bit-1.2.8-150600.4.8.2 * libpackagekit-glib2-18-32bit-debuginfo-1.2.8-150600.4.8.2 * openSUSE Leap 15.6 (aarch64_ilp32) * libpackagekit-glib2-devel-64bit-1.2.8-150600.4.8.2 * libpackagekit-glib2-18-64bit-1.2.8-150600.4.8.2 * libpackagekit-glib2-18-64bit-debuginfo-1.2.8-150600.4.8.2 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * typelib-1_0-PackageKitGlib-1_0-1.2.8-150600.4.8.2 * libpackagekit-glib2-18-debuginfo-1.2.8-150600.4.8.2 * libpackagekit-glib2-devel-1.2.8-150600.4.8.2 * PackageKit-backend-zypp-debuginfo-1.2.8-150600.4.8.2 * PackageKit-backend-zypp-1.2.8-150600.4.8.2 * PackageKit-devel-debuginfo-1.2.8-150600.4.8.2 * PackageKit-devel-1.2.8-150600.4.8.2 * PackageKit-debuginfo-1.2.8-150600.4.8.2 * libpackagekit-glib2-18-1.2.8-150600.4.8.2 * PackageKit-debugsource-1.2.8-150600.4.8.2 * PackageKit-1.2.8-150600.4.8.2 * Desktop Applications Module 15-SP6 (noarch) * PackageKit-lang-1.2.8-150600.4.8.2 * PackageKit-branding-SLE-12.0-150600.22.7.3 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * PackageKit-gtk3-module-debuginfo-1.2.8-150600.4.8.2 * PackageKit-gtk3-module-1.2.8-150600.4.8.2 * PackageKit-gstreamer-plugin-debuginfo-1.2.8-150600.4.8.2 * PackageKit-debuginfo-1.2.8-150600.4.8.2 * PackageKit-gstreamer-plugin-1.2.8-150600.4.8.2 * PackageKit-debugsource-1.2.8-150600.4.8.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1227389 * CVE-2024-7409 ( SUSE ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-7409 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-7409 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8354 ( SUSE ): 5.7 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8354 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8354 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8354 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8612 ( SUSE ): 2.0 CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-8612 ( SUSE ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N * CVE-2024-8612 ( NVD ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that solves three vulnerabilities can now be installed. ## Description: This update for qemu fixes the following issues: * CVE-2024-8354: Fixed assertion failure in usb_ep_get() (bsc#1230834). * CVE-2024-8612: Fixed nformation leak in virtio devices (bsc#1230915). * CVE-2024-7409: Fixed denial of service via improper synchronization in QEMU NBD Server during socket closure (bsc#1229007). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3948=1 openSUSE-SLE-15.5-2024-3948=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3948=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3948=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3948=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3948=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3948=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * qemu-block-gluster-7.1.0-150500.49.24.1 * qemu-audio-jack-7.1.0-150500.49.24.1 * qemu-ksm-7.1.0-150500.49.24.1 * qemu-block-dmg-7.1.0-150500.49.24.1 * qemu-ivshmem-tools-7.1.0-150500.49.24.1 * qemu-block-dmg-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-oss-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.24.1 * qemu-tools-debuginfo-7.1.0-150500.49.24.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.24.1 * qemu-block-nfs-7.1.0-150500.49.24.1 * qemu-ui-spice-app-7.1.0-150500.49.24.1 * qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.24.1 * qemu-chardev-baum-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-dbus-7.1.0-150500.49.24.1 * qemu-linux-user-debuginfo-7.1.0-150500.49.24.1 * qemu-x86-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-spice-7.1.0-150500.49.24.1 * qemu-accel-tcg-x86-7.1.0-150500.49.24.1 * qemu-hw-usb-host-7.1.0-150500.49.24.1 * qemu-extra-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-alsa-debuginfo-7.1.0-150500.49.24.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-usb-host-debuginfo-7.1.0-150500.49.24.1 * qemu-accel-qtest-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-alsa-7.1.0-150500.49.24.1 * qemu-hw-usb-smartcard-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.24.1 * qemu-block-ssh-7.1.0-150500.49.24.1 * qemu-vhost-user-gpu-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.24.1 * qemu-guest-agent-7.1.0-150500.49.24.1 * qemu-s390x-debuginfo-7.1.0-150500.49.24.1 * qemu-ppc-7.1.0-150500.49.24.1 * qemu-linux-user-debugsource-7.1.0-150500.49.24.1 * qemu-debugsource-7.1.0-150500.49.24.1 * qemu-ui-opengl-7.1.0-150500.49.24.1 * qemu-linux-user-7.1.0-150500.49.24.1 * qemu-ui-dbus-debuginfo-7.1.0-150500.49.24.1 * qemu-extra-7.1.0-150500.49.24.1 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.24.1 * qemu-audio-pa-7.1.0-150500.49.24.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.24.1 * qemu-tools-7.1.0-150500.49.24.1 * qemu-block-nfs-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-oss-7.1.0-150500.49.24.1 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.24.1 * qemu-ppc-debuginfo-7.1.0-150500.49.24.1 * qemu-headless-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.24.1 * qemu-arm-debuginfo-7.1.0-150500.49.24.1 * qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.24.1 * qemu-block-ssh-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-jack-debuginfo-7.1.0-150500.49.24.1 * qemu-arm-7.1.0-150500.49.24.1 * qemu-lang-7.1.0-150500.49.24.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.24.1 * qemu-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.24.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-spice-core-7.1.0-150500.49.24.1 * qemu-audio-dbus-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-usb-redirect-7.1.0-150500.49.24.1 * qemu-hw-display-qxl-7.1.0-150500.49.24.1 * qemu-audio-dbus-7.1.0-150500.49.24.1 * qemu-audio-pa-debuginfo-7.1.0-150500.49.24.1 * qemu-block-curl-7.1.0-150500.49.24.1 * qemu-chardev-spice-7.1.0-150500.49.24.1 * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-curses-7.1.0-150500.49.24.1 * qemu-ui-gtk-7.1.0-150500.49.24.1 * qemu-ui-curses-debuginfo-7.1.0-150500.49.24.1 * qemu-accel-qtest-7.1.0-150500.49.24.1 * qemu-chardev-baum-7.1.0-150500.49.24.1 * qemu-7.1.0-150500.49.24.1 * qemu-block-iscsi-7.1.0-150500.49.24.1 * qemu-x86-7.1.0-150500.49.24.1 * qemu-s390x-7.1.0-150500.49.24.1 * qemu-block-iscsi-debuginfo-7.1.0-150500.49.24.1 * qemu-block-gluster-debuginfo-7.1.0-150500.49.24.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.24.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.24.1 * openSUSE Leap 15.5 (s390x x86_64 i586) * qemu-kvm-7.1.0-150500.49.24.1 * openSUSE Leap 15.5 (noarch) * qemu-sgabios-8-150500.49.24.1 * qemu-ipxe-1.0.0+-150500.49.24.1 * qemu-microvm-7.1.0-150500.49.24.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.24.1 * qemu-SLOF-7.1.0-150500.49.24.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.24.1 * qemu-skiboot-7.1.0-150500.49.24.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * qemu-block-rbd-7.1.0-150500.49.24.1 * qemu-block-rbd-debuginfo-7.1.0-150500.49.24.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.24.1 * qemu-tools-7.1.0-150500.49.24.1 * qemu-ui-spice-core-7.1.0-150500.49.24.1 * qemu-hw-usb-redirect-7.1.0-150500.49.24.1 * qemu-hw-display-qxl-7.1.0-150500.49.24.1 * qemu-audio-spice-7.1.0-150500.49.24.1 * qemu-block-curl-7.1.0-150500.49.24.1 * qemu-chardev-spice-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.24.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.24.1 * qemu-tools-debuginfo-7.1.0-150500.49.24.1 * qemu-7.1.0-150500.49.24.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.24.1 * qemu-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.24.1 * qemu-guest-agent-7.1.0-150500.49.24.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.24.1 * qemu-debugsource-7.1.0-150500.49.24.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-opengl-7.1.0-150500.49.24.1 * openSUSE Leap Micro 5.5 (x86_64) * qemu-accel-tcg-x86-7.1.0-150500.49.24.1 * qemu-x86-debuginfo-7.1.0-150500.49.24.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.24.1 * qemu-x86-7.1.0-150500.49.24.1 * openSUSE Leap Micro 5.5 (noarch) * qemu-sgabios-8-150500.49.24.1 * qemu-ipxe-1.0.0+-150500.49.24.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.24.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.24.1 * openSUSE Leap Micro 5.5 (s390x) * qemu-s390x-debuginfo-7.1.0-150500.49.24.1 * qemu-s390x-7.1.0-150500.49.24.1 * openSUSE Leap Micro 5.5 (aarch64) * qemu-arm-debuginfo-7.1.0-150500.49.24.1 * qemu-arm-7.1.0-150500.49.24.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.24.1 * qemu-tools-7.1.0-150500.49.24.1 * qemu-ui-spice-core-7.1.0-150500.49.24.1 * qemu-hw-usb-redirect-7.1.0-150500.49.24.1 * qemu-hw-display-qxl-7.1.0-150500.49.24.1 * qemu-audio-spice-7.1.0-150500.49.24.1 * qemu-block-curl-7.1.0-150500.49.24.1 * qemu-chardev-spice-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.24.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.24.1 * qemu-tools-debuginfo-7.1.0-150500.49.24.1 * qemu-7.1.0-150500.49.24.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.24.1 * qemu-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-vga-7.1.0-150500.49.24.1 * qemu-guest-agent-7.1.0-150500.49.24.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.24.1 * qemu-debugsource-7.1.0-150500.49.24.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-opengl-7.1.0-150500.49.24.1 * SUSE Linux Enterprise Micro 5.5 (aarch64) * qemu-arm-debuginfo-7.1.0-150500.49.24.1 * qemu-arm-7.1.0-150500.49.24.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * qemu-sgabios-8-150500.49.24.1 * qemu-ipxe-1.0.0+-150500.49.24.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.24.1 * qemu-SLOF-7.1.0-150500.49.24.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.24.1 * SUSE Linux Enterprise Micro 5.5 (ppc64le) * qemu-ppc-debuginfo-7.1.0-150500.49.24.1 * qemu-ppc-7.1.0-150500.49.24.1 * SUSE Linux Enterprise Micro 5.5 (s390x) * qemu-s390x-debuginfo-7.1.0-150500.49.24.1 * qemu-s390x-7.1.0-150500.49.24.1 * SUSE Linux Enterprise Micro 5.5 (x86_64) * qemu-accel-tcg-x86-7.1.0-150500.49.24.1 * qemu-x86-debuginfo-7.1.0-150500.49.24.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.24.1 * qemu-x86-7.1.0-150500.49.24.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * qemu-debuginfo-7.1.0-150500.49.24.1 * qemu-tools-debuginfo-7.1.0-150500.49.24.1 * qemu-debugsource-7.1.0-150500.49.24.1 * qemu-tools-7.1.0-150500.49.24.1 * SUSE Package Hub 15 15-SP5 (noarch) * qemu-sgabios-8-150500.49.24.1 * qemu-microvm-7.1.0-150500.49.24.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.24.1 * qemu-SLOF-7.1.0-150500.49.24.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.24.1 * qemu-skiboot-7.1.0-150500.49.24.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * qemu-extra-7.1.0-150500.49.24.1 * qemu-block-nfs-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-oss-7.1.0-150500.49.24.1 * qemu-block-gluster-7.1.0-150500.49.24.1 * qemu-audio-jack-7.1.0-150500.49.24.1 * qemu-block-dmg-7.1.0-150500.49.24.1 * qemu-extra-debuginfo-7.1.0-150500.49.24.1 * qemu-ivshmem-tools-7.1.0-150500.49.24.1 * qemu-block-dmg-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-oss-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.24.1 * qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-jack-debuginfo-7.1.0-150500.49.24.1 * qemu-accel-qtest-7.1.0-150500.49.24.1 * qemu-accel-qtest-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-usb-smartcard-7.1.0-150500.49.24.1 * qemu-vhost-user-gpu-7.1.0-150500.49.24.1 * qemu-block-nfs-7.1.0-150500.49.24.1 * qemu-debuginfo-7.1.0-150500.49.24.1 * qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.24.1 * qemu-block-gluster-debuginfo-7.1.0-150500.49.24.1 * qemu-debugsource-7.1.0-150500.49.24.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x) * qemu-accel-tcg-x86-7.1.0-150500.49.24.1 * qemu-audio-alsa-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-alsa-7.1.0-150500.49.24.1 * qemu-audio-pa-7.1.0-150500.49.24.1 * qemu-x86-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-pa-debuginfo-7.1.0-150500.49.24.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.24.1 * qemu-x86-7.1.0-150500.49.24.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le) * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.24.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le x86_64) * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.24.1 * qemu-s390x-debuginfo-7.1.0-150500.49.24.1 * qemu-s390x-7.1.0-150500.49.24.1 * SUSE Package Hub 15 15-SP5 (aarch64 s390x x86_64) * qemu-ppc-debuginfo-7.1.0-150500.49.24.1 * qemu-ppc-7.1.0-150500.49.24.1 * SUSE Package Hub 15 15-SP5 (ppc64le s390x x86_64) * qemu-arm-debuginfo-7.1.0-150500.49.24.1 * qemu-arm-7.1.0-150500.49.24.1 * SUSE Package Hub 15 15-SP5 (s390x) * qemu-hw-display-virtio-vga-7.1.0-150500.49.24.1 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-spice-app-7.1.0-150500.49.24.1 * qemu-chardev-spice-7.1.0-150500.49.24.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-spice-core-7.1.0-150500.49.24.1 * qemu-hw-usb-redirect-7.1.0-150500.49.24.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-qxl-7.1.0-150500.49.24.1 * qemu-ui-opengl-7.1.0-150500.49.24.1 * qemu-ui-gtk-7.1.0-150500.49.24.1 * qemu-audio-spice-7.1.0-150500.49.24.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * qemu-chardev-baum-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-dbus-7.1.0-150500.49.24.1 * qemu-audio-dbus-debuginfo-7.1.0-150500.49.24.1 * qemu-ksm-7.1.0-150500.49.24.1 * qemu-audio-dbus-7.1.0-150500.49.24.1 * qemu-block-curl-7.1.0-150500.49.24.1 * qemu-hw-usb-host-7.1.0-150500.49.24.1 * qemu-block-rbd-7.1.0-150500.49.24.1 * qemu-block-rbd-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-curses-7.1.0-150500.49.24.1 * qemu-block-ssh-debuginfo-7.1.0-150500.49.24.1 * qemu-guest-agent-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-curses-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-usb-host-debuginfo-7.1.0-150500.49.24.1 * qemu-lang-7.1.0-150500.49.24.1 * qemu-chardev-baum-7.1.0-150500.49.24.1 * qemu-7.1.0-150500.49.24.1 * qemu-block-curl-debuginfo-7.1.0-150500.49.24.1 * qemu-block-ssh-7.1.0-150500.49.24.1 * qemu-block-iscsi-7.1.0-150500.49.24.1 * qemu-debuginfo-7.1.0-150500.49.24.1 * qemu-guest-agent-7.1.0-150500.49.24.1 * qemu-block-iscsi-debuginfo-7.1.0-150500.49.24.1 * qemu-debugsource-7.1.0-150500.49.24.1 * qemu-ui-dbus-debuginfo-7.1.0-150500.49.24.1 * Server Applications Module 15-SP5 (aarch64) * qemu-arm-debuginfo-7.1.0-150500.49.24.1 * qemu-arm-7.1.0-150500.49.24.1 * Server Applications Module 15-SP5 (aarch64 ppc64le x86_64) * qemu-hw-display-virtio-vga-7.1.0-150500.49.24.1 * qemu-ui-spice-app-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-opengl-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-spice-app-7.1.0-150500.49.24.1 * qemu-chardev-spice-7.1.0-150500.49.24.1 * qemu-audio-spice-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-gtk-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-spice-core-7.1.0-150500.49.24.1 * qemu-hw-usb-redirect-7.1.0-150500.49.24.1 * qemu-chardev-spice-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.24.1 * qemu-ui-spice-core-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-qxl-7.1.0-150500.49.24.1 * qemu-ui-opengl-7.1.0-150500.49.24.1 * qemu-ui-gtk-7.1.0-150500.49.24.1 * qemu-audio-spice-7.1.0-150500.49.24.1 * Server Applications Module 15-SP5 (noarch) * qemu-sgabios-8-150500.49.24.1 * qemu-ipxe-1.0.0+-150500.49.24.1 * qemu-seabios-1.16.0_0_gd239552-150500.49.24.1 * qemu-SLOF-7.1.0-150500.49.24.1 * qemu-vgabios-1.16.0_0_gd239552-150500.49.24.1 * qemu-skiboot-7.1.0-150500.49.24.1 * Server Applications Module 15-SP5 (ppc64le) * qemu-ppc-debuginfo-7.1.0-150500.49.24.1 * qemu-ppc-7.1.0-150500.49.24.1 * Server Applications Module 15-SP5 (s390x x86_64) * qemu-kvm-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.24.1 * qemu-hw-display-virtio-gpu-7.1.0-150500.49.24.1 * Server Applications Module 15-SP5 (s390x) * qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.24.1 * qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.24.1 * qemu-s390x-debuginfo-7.1.0-150500.49.24.1 * qemu-s390x-7.1.0-150500.49.24.1 * Server Applications Module 15-SP5 (x86_64) * qemu-accel-tcg-x86-7.1.0-150500.49.24.1 * qemu-audio-alsa-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-alsa-7.1.0-150500.49.24.1 * qemu-audio-pa-7.1.0-150500.49.24.1 * qemu-x86-debuginfo-7.1.0-150500.49.24.1 * qemu-audio-pa-debuginfo-7.1.0-150500.49.24.1 * qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.24.1 * qemu-x86-7.1.0-150500.49.24.1 ## References: * https://www.suse.com/security/cve/CVE-2024-7409.html * https://www.suse.com/security/cve/CVE-2024-8354.html * https://www.suse.com/security/cve/CVE-2024-8612.html * https://bugzilla.suse.com/show_bug.cgi?id=1229007 * https://bugzilla.suse.com/show_bug.cgi?id=1230834 * https://bugzilla.suse.com/show_bug.cgi?id=1230915 * CVE-2024-0132 ( SUSE ): 8.9 CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H * CVE-2024-0132 ( SUSE ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-0132 ( NVD ): 9.0 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H * CVE-2024-0132 ( NVD ): 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H * CVE-2024-0133 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N * CVE-2024-0133 ( SUSE ): 4.7 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N * CVE-2024-0133 ( NVD ): 4.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N * CVE-2024-0133 ( NVD ): 3.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:N * CVE-2024-10005 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-10006 ( NVD ): 8.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2024-10086 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-10452 ( SUSE ): 2.1 CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-10452 ( SUSE ): 2.2 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N * CVE-2024-10452 ( NVD ): 2.2 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N * CVE-2024-39720 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-39720 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-39720 ( NVD ): 8.2 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H * CVE-2024-46872 ( NVD ): 4.6 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2024-47401 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-50052 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N * CVE-2024-50354 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8185 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-8185 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-8185 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves 12 vulnerabilities and contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: * Update to version 0.0.20241104T154416 2024-11-04T15:44:16Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3233 CVE-2024-46872 GHSA-762g-9p7f-mrww * GO-2024-3234 CVE-2024-47401 GHSA-762v-rq7q-ff97 * GO-2024-3235 CVE-2024-50052 GHSA-g376-m3h3-mj4r * GO-2024-3237 CVE-2024-0133 GHSA-f748-7hpg-88ch * GO-2024-3239 CVE-2024-0132 GHSA-mjjw-553x-87pq * GO-2024-3240 CVE-2024-10452 GHSA-66c4-2g2v-54qw * GO-2024-3241 CVE-2024-10006 GHSA-5c4w-8hhh-3c3h * GO-2024-3242 CVE-2024-10086 GHSA-99wr-c2px-grmh * GO-2024-3243 CVE-2024-10005 GHSA-chgm-7r52-whjj * Update to version 0.0.20241101T215616 2024-11-01T21:56:16Z. Refs jsc#PED-11136 Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3244 CVE-2024-50354 GHSA-cph5-3pgr-c82g * GO-2024-3245 CVE-2024-39720 * GO-2024-3246 CVE-2024-8185 GHSA-g233-2p4r-3q7v ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3950=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3950=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3950=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3950=1 ## Package List: * SUSE Package Hub 15 15-SP6 (noarch) * govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1 * openSUSE Leap 15.5 (noarch) * govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1 * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1 * SUSE Package Hub 15 15-SP5 (noarch) * govulncheck-vulndb-0.0.20241104T154416-150000.1.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-0132.html * https://www.suse.com/security/cve/CVE-2024-0133.html * https://www.suse.com/security/cve/CVE-2024-10005.html * https://www.suse.com/security/cve/CVE-2024-10006.html * https://www.suse.com/security/cve/CVE-2024-10086.html * https://www.suse.com/security/cve/CVE-2024-10452.html * https://www.suse.com/security/cve/CVE-2024-39720.html * https://www.suse.com/security/cve/CVE-2024-46872.html * https://www.suse.com/security/cve/CVE-2024-47401.html * https://www.suse.com/security/cve/CVE-2024-50052.html * https://www.suse.com/security/cve/CVE-2024-50354.html * https://www.suse.com/security/cve/CVE-2024-8185.html * https://jira.suse.com/browse/PED-11136 * CVE-2024-9287 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2024-9287 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2024-9287 ( NVD ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green Affected Products: * Legacy Module 15-SP5 * openSUSE Leap 15.3 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python39 fixes the following issues: * CVE-2024-9287: Fixed quoted path names provided when creating a virtual environment (bsc#1232241). Bug fixes: * Drop .pyc files from docdir for reproducible builds (bsc#1230906). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3945=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3945=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3945=1 * Legacy Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-3945=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * python39-devel-3.9.20-150300.4.55.2 * python39-base-debuginfo-3.9.20-150300.4.55.2 * libpython3_9-1_0-3.9.20-150300.4.55.2 * python39-testsuite-3.9.20-150300.4.55.2 * python39-dbm-3.9.20-150300.4.55.1 * python39-tk-debuginfo-3.9.20-150300.4.55.1 * python39-base-3.9.20-150300.4.55.2 * python39-curses-debuginfo-3.9.20-150300.4.55.1 * python39-tk-3.9.20-150300.4.55.1 * libpython3_9-1_0-debuginfo-3.9.20-150300.4.55.2 * python39-testsuite-debuginfo-3.9.20-150300.4.55.2 * python39-debuginfo-3.9.20-150300.4.55.1 * python39-idle-3.9.20-150300.4.55.1 * python39-tools-3.9.20-150300.4.55.2 * python39-3.9.20-150300.4.55.1 * python39-debugsource-3.9.20-150300.4.55.1 * python39-core-debugsource-3.9.20-150300.4.55.2 * python39-curses-3.9.20-150300.4.55.1 * python39-dbm-debuginfo-3.9.20-150300.4.55.1 * python39-doc-3.9.20-150300.4.55.1 * python39-doc-devhelp-3.9.20-150300.4.55.1 * openSUSE Leap 15.3 (x86_64) * libpython3_9-1_0-32bit-debuginfo-3.9.20-150300.4.55.2 * libpython3_9-1_0-32bit-3.9.20-150300.4.55.2 * python39-32bit-3.9.20-150300.4.55.1 * python39-base-32bit-3.9.20-150300.4.55.2 * python39-32bit-debuginfo-3.9.20-150300.4.55.1 * python39-base-32bit-debuginfo-3.9.20-150300.4.55.2 * openSUSE Leap 15.3 (aarch64_ilp32) * python39-base-64bit-3.9.20-150300.4.55.2 * python39-base-64bit-debuginfo-3.9.20-150300.4.55.2 * libpython3_9-1_0-64bit-3.9.20-150300.4.55.2 * python39-64bit-3.9.20-150300.4.55.1 * libpython3_9-1_0-64bit-debuginfo-3.9.20-150300.4.55.2 * python39-64bit-debuginfo-3.9.20-150300.4.55.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python39-devel-3.9.20-150300.4.55.2 * python39-base-debuginfo-3.9.20-150300.4.55.2 * libpython3_9-1_0-3.9.20-150300.4.55.2 * python39-testsuite-3.9.20-150300.4.55.2 * python39-dbm-3.9.20-150300.4.55.1 * python39-tk-debuginfo-3.9.20-150300.4.55.1 * python39-base-3.9.20-150300.4.55.2 * python39-curses-debuginfo-3.9.20-150300.4.55.1 * python39-tk-3.9.20-150300.4.55.1 * libpython3_9-1_0-debuginfo-3.9.20-150300.4.55.2 * python39-testsuite-debuginfo-3.9.20-150300.4.55.2 * python39-debuginfo-3.9.20-150300.4.55.1 * python39-idle-3.9.20-150300.4.55.1 * python39-tools-3.9.20-150300.4.55.2 * python39-3.9.20-150300.4.55.1 * python39-debugsource-3.9.20-150300.4.55.1 * python39-core-debugsource-3.9.20-150300.4.55.2 * python39-curses-3.9.20-150300.4.55.1 * python39-dbm-debuginfo-3.9.20-150300.4.55.1 * python39-doc-3.9.20-150300.4.55.1 * python39-doc-devhelp-3.9.20-150300.4.55.1 * openSUSE Leap 15.5 (x86_64) * libpython3_9-1_0-32bit-debuginfo-3.9.20-150300.4.55.2 * libpython3_9-1_0-32bit-3.9.20-150300.4.55.2 * python39-32bit-3.9.20-150300.4.55.1 * python39-base-32bit-3.9.20-150300.4.55.2 * python39-32bit-debuginfo-3.9.20-150300.4.55.1 * python39-base-32bit-debuginfo-3.9.20-150300.4.55.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python39-devel-3.9.20-150300.4.55.2 * python39-base-debuginfo-3.9.20-150300.4.55.2 * libpython3_9-1_0-3.9.20-150300.4.55.2 * python39-testsuite-3.9.20-150300.4.55.2 * python39-dbm-3.9.20-150300.4.55.1 * python39-tk-debuginfo-3.9.20-150300.4.55.1 * python39-base-3.9.20-150300.4.55.2 * python39-curses-debuginfo-3.9.20-150300.4.55.1 * python39-tk-3.9.20-150300.4.55.1 * libpython3_9-1_0-debuginfo-3.9.20-150300.4.55.2 * python39-testsuite-debuginfo-3.9.20-150300.4.55.2 * python39-debuginfo-3.9.20-150300.4.55.1 * python39-idle-3.9.20-150300.4.55.1 * python39-tools-3.9.20-150300.4.55.2 * python39-3.9.20-150300.4.55.1 * python39-debugsource-3.9.20-150300.4.55.1 * python39-core-debugsource-3.9.20-150300.4.55.2 * python39-curses-3.9.20-150300.4.55.1 * python39-dbm-debuginfo-3.9.20-150300.4.55.1 * python39-doc-3.9.20-150300.4.55.1 * python39-doc-devhelp-3.9.20-150300.4.55.1 * openSUSE Leap 15.6 (x86_64) * libpython3_9-1_0-32bit-debuginfo-3.9.20-150300.4.55.2 * libpython3_9-1_0-32bit-3.9.20-150300.4.55.2 * python39-32bit-3.9.20-150300.4.55.1 * python39-base-32bit-3.9.20-150300.4.55.2 * python39-32bit-debuginfo-3.9.20-150300.4.55.1 * python39-base-32bit-debuginfo-3.9.20-150300.4.55.2 * Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python39-base-3.9.20-150300.4.55.2 * python39-3.9.20-150300.4.55.1 * python39-curses-3.9.20-150300.4.55.1 * libpython3_9-1_0-3.9.20-150300.4.55.2 * python39-dbm-3.9.20-150300.4.55.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9287.html * https://bugzilla.suse.com/show_bug.cgi?id=1230906 * https://bugzilla.suse.com/show_bug.cgi?id=1232241 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that contains one feature can now be installed. ## Description: This update for supermin fixes the following issues: * Detect the correct kernel on aarch64 (jsc#PED-10545) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3946=1 openSUSE-SLE-15.6-2024-3946=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-3946=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * supermin-5.3.3-150600.3.3.1 * supermin-debugsource-5.3.3-150600.3.3.1 * supermin-debuginfo-5.3.3-150600.3.3.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * supermin-5.3.3-150600.3.3.1 * supermin-debugsource-5.3.3-150600.3.3.1 * supermin-debuginfo-5.3.3-150600.3.3.1 ## References: * https://jira.suse.com/browse/PED-10545 * CVE-2024-34155 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34155 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-34156 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34156 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34158 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34158 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves three vulnerabilities, contains one feature and has one security fix can now be installed. ## Description: This update for go1.23-openssl fixes the following issues: This update ships go1.23-openssl version 1.23.2.2. (jsc#SLE-18320) * go1.23.2 (released 2024-10-01) includes fixes to the compiler, cgo, the runtime, and the maps, os, os/exec, time, and unique packages. * go#69119 os: double close pidfd if caller uses pidfd updated by os.StartProcess * go#69156 maps: segmentation violation in maps.Clone * go#69219 cmd/cgo: alignment issue with int128 inside of a struct * go#69240 unique: fatal error: found pointer to free object * go#69333 runtime,time: timer.Stop returns false even when no value is read from the channel * go#69383 unique: large string still referenced, after interning only a small substring * go#69402 os/exec: resource leak on exec failure * go#69511 cmd/compile: mysterious crashes and non-determinism with range over * Update to version 1.23.1.1 cut from the go1.23-fips-release branch at the revision tagged go1.23.1-1-openssl-fips. * Update to Go 1.23.1 (#238) * go1.23.1 (released 2024-09-05) includes security fixes to the encoding/gob, go/build/constraint, and go/parser packages, as well as bug fixes to the compiler, the go command, the runtime, and the database/sql, go/types, os, runtime/trace, and unique packages. CVE-2024-34155 CVE-2024-34156 CVE-2024-34158: * go#69143 go#69138 bsc#1230252 security: fix CVE-2024-34155 go/parser: stack exhaustion in all Parse* functions * go#69145 go#69139 bsc#1230253 security: fix CVE-2024-34156 encoding/gob: stack exhaustion in Decoder.Decode * go#69149 go#69141 bsc#1230254 security: fix CVE-2024-34158 go/build/constraint: stack exhaustion in Parse * go#68812 os: TestChtimes failures * go#68894 go/types: 'under' panics on Alias type * go#68905 cmd/compile: error in Go 1.23.0 with generics, type aliases and indexing * go#68907 os: CopyFS overwrites existing file in destination. * go#68973 cmd/cgo: aix c-archive corrupting stack * go#68992 unique: panic when calling unique.Make with string casted as any * go#68994 cmd/go: any invocation creates read-only telemetry configuration file under GOMODCACHE * go#68995 cmd/go: multi-arch build via qemu fails to exec go binary * go#69041 database/sql: panic in database/sql.(*connRequestSet).deleteIndex * go#69087 runtime/trace: crash during traceAdvance when collecting call stack for cgo-calling goroutine * go#69094 cmd/go: breaking change in 1.23rc2 with version constraints in GOPATH mode * go1.23 (released 2024-08-13) is a major release of Go. go1.23.x minor releases will be provided through August 2025. https://github.com/golang/go/wiki/Go-Release-Cycle go1.23 arrives six months after go1.22. Most of its changes are in the implementation of the toolchain, runtime, and libraries. As always, the release maintains the Go 1 promise of compatibility. We expect almost all Go programs to continue to compile and run as before. * Language change: Go 1.23 makes the (Go 1.22) "range-over-func" experiment a part of the language. The "range" clause in a "for-range" loop now accepts iterator functions of the following types: func(func() bool) func(func(K) bool) func(func(K, V) bool) as range expressions. Calls of the iterator argument function produce the iteration values for the "for-range" loop. For details see the iter package documentation and the language spec. For motivation see the 2022 "range-over-func" discussion. * Language change: Go 1.23 includes preview support for generic type aliases. Building the toolchain with GOEXPERIMENT=aliastypeparams enables this feature within a package. (Using generic alias types across package boundaries is not yet supported.) * Opt-in Telemetry: Starting in Go 1.23, the Go toolchain can collect usage and breakage statistics that help the Go team understand how the Go toolchain is used and how well it is working. We refer to these statistics as Go telemetry. Go telemetry is an opt-in system, controlled by the go telemetry command. By default, the toolchain programs collect statistics in counter files that can be inspected locally but are otherwise unused (go telemetry local). To help us keep Go working well and understand Go usage, please consider opting in to Go telemetry by running go telemetry on. In that mode, anonymous counter reports are uploaded to telemetry.go.dev weekly, where they are aggregated into graphs and also made available for download by any Go contributors or users wanting to analyze the data. See "Go Telemetry" for more details about the Go Telemetry system. * go command: Setting the GOROOT_FINAL environment variable no longer has an effect (#62047). Distributions that install the go command to a location other than $GOROOT/bin/go should install a symlink instead of relocating or copying the go binary. * go command: The new go env -changed flag causes the command to print only those settings whose effective value differs from the default value that would be obtained in an empty environment with no prior uses of the -w flag. * go command: The new go mod tidy -diff flag causes the command not to modify the files but instead print the necessary changes as a unified diff. It exits with a non-zero code if updates are needed. * go command: The go list -m -json command now includes new Sum and GoModSum fields. This is similar to the existing behavior of the go mod download -json command. * go command: The new godebug directive in go.mod and go.work declares a GODEBUG setting to apply for the work module or workspace in use. * go vet: The go vet subcommand now includes the stdversion analyzer, which flags references to symbols that are too new for the version of Go in effect in the referring file. (The effective version is determined by the go directive in the file's enclosing go.mod file, and by any //go:build constraints in the file.) For example, it will report a diagnostic for a reference to the reflect.TypeFor function (introduced in go1.22) from a file in a module whose go.mod file specifies go 1.21. * cgo: cmd/cgo supports the new -ldflags flag for passing flags to the C linker. The go command uses it automatically, avoiding "argument list too long" errors with a very large CGO_LDFLAGS. * go trace: The trace tool now better tolerates partially broken traces by attempting to recover what trace data it can. This functionality is particularly helpful when viewing a trace that was collected during a program crash, since the trace data leading up to the crash will now be recoverable under most circumstances. * Runtime: The traceback printed by the runtime after an unhandled panic or other fatal error now indents the second and subsequent lines of the error message (for example, the argument to panic) by a single tab, so that it can be unambiguously distinguished from the stack trace of the first goroutine. See go#64590 for discussion. * Compiler: The build time overhead to building with Profile Guided Optimization has been reduced significantly. Previously, large builds could see 100%+ build time increase from enabling PGO. In Go 1.23, overhead should be in the single digit percentages. * Compiler: The compiler in Go 1.23 can now overlap the stack frame slots of local variables accessed in disjoint regions of a function, which reduces stack usage for Go applications. * Compiler: For 386 and amd64, the compiler will use information from PGO to align certain hot blocks in loops. This improves performance an additional 1-1.5% at a cost of an additional 0.1% text and binary size. This is currently only implemented on 386 and amd64 because it has not shown an improvement on other platforms. Hot block alignment can be disabled with -gcflags=[<packages>=]-d=alignhot=0. * Linker: The linker now disallows using a //go:linkname directive to refer to internal symbols in the standard library (including the runtime) that are not marked with //go:linkname on their definitions. Similarly, the linker disallows references to such symbols from assembly code. For backward compatibility, existing usages of //go:linkname found in a large open-source code corpus remain supported. Any new references to standard library internal symbols will be disallowed. * Linker: A linker command line flag -checklinkname=0 can be used to disable this check, for debugging and experimenting purposes. * Linker: When building a dynamically linked ELF binary (including PIE binary), the new -bindnow flag enables immediate function binding. * Standard library changes: * timer: 1.23 makes two significant changes to the implementation of time.Timer and time.Ticker. First, Timers and Tickers that are no longer referred to by the program become eligible for garbage collection immediately, even if their Stop methods have not been called. Earlier versions of Go did not collect unstopped Timers until after they had fired and never collected unstopped Tickers. Second, the timer channel associated with a Timer or Ticker is now unbuffered, with capacity 0. The main effect of this change is that Go now guarantees that for any call to a Reset or Stop method, no stale values prepared before that call will be sent or received after the call. Earlier versions of Go used channels with a one- element buffer, making it difficult to use Reset and Stop correctly. A visible effect of this change is that len and cap of timer channels now returns 0 instead of 1, which may affect programs that poll the length to decide whether a receive on the timer channel will succeed. Such code should use a non-blocking receive instead. These new behaviors are only enabled when the main Go program is in a module with a go.mod go line using Go 1.23.0 or later. When Go 1.23 builds older programs, the old behaviors remain in effect. The new GODEBUG setting asynctimerchan=1 can be used to revert back to asynchronous channel behaviors even when a program names Go 1.23.0 or later in its go.mod file. * unique: The new unique package provides facilities for canonicalizing values (like "interning" or "hash-consing"). Any value of comparable type may be canonicalized with the new Make[T] function, which produces a reference to a canonical copy of the value in the form of a Handle[T]. Two Handle[T] are equal if and only if the values used to produce the handles are equal, allowing programs to deduplicate values and reduce their memory footprint. Comparing two Handle[T] values is efficient, reducing down to a simple pointer comparison. * iter: The new iter package provides the basic definitions for working with user-defined iterators. * slices: The slices package adds several functions that work with iterators: * All returns an iterator over slice indexes and values. * Values returns an iterator over slice elements. * Backward returns an iterator that loops over a slice backward. * Collect collects values from an iterator into a new slice. * AppendSeq appends values from an iterator to an existing slice. * Sorted collects values from an iterator into a new slice, and then sorts the slice. * SortedFunc is like Sorted but with a comparison function. * SortedStableFunc is like SortFunc but uses a stable sort algorithm. * Chunk returns an iterator over consecutive sub-slices of up to n elements of a slice. * maps: The maps package adds several functions that work with iterators: * All returns an iterator over key-value pairs from a map. * Keys returns an iterator over keys in a map. * Values returns an iterator over values in a map. * Insert adds the key-value pairs from an iterator to an existing map. * Collect collects key-value pairs from an iterator into a new map and returns it. * structs: The new structs package provides types for struct fields that modify properties of the containing struct type such as memory layout. In this release, the only such type is HostLayout which indicates that a structure with a field of that type has a layout that conforms to host platform expectations. * Minor changes to the standard library: As always, there are various minor changes and updates to the library, made with the Go 1 promise of compatibility in mind. * archive/tar: If the argument to FileInfoHeader implements the new FileInfoNames interface, then the interface methods will be used to set the Uname/Gname of the file header. This allows applications to override the system-dependent Uname/Gname lookup. * crypto/tls: The TLS client now supports the Encrypted Client Hello draft specification. This feature can be enabled by setting the Config.EncryptedClientHelloConfigList field to an encoded ECHConfigList for the host that is being connected to. * crypto/tls: The QUICConn type used by QUIC implementations includes new events reporting on the state of session resumption, and provides a way for the QUIC layer to add data to session tickets and session cache entries. * crypto/tls: 3DES cipher suites were removed from the default list used when Config.CipherSuites is nil. The default can be reverted by adding tls3des=1 to the GODEBUG environment variable. * crypto/tls: The experimental post-quantum key exchange mechanism X25519Kyber768Draft00 is now enabled by default when Config.CurvePreferences is nil. The default can be reverted by adding tlskyber=0 to the GODEBUG environment variable. * crypto/tls: Go 1.23 changed the behavior of X509KeyPair and LoadX509KeyPair to populate the Certificate.Leaf field of the returned Certificate. The new x509keypairleaf GODEBUG setting is added for this behavior. * crypto/x509: CreateCertificateRequest now correctly supports RSA-PSS signature algorithms. * crypto/x509: CreateCertificateRequest and CreateRevocationList now verify the generated signature using the signer's public key. If the signature is invalid, an error is returned. This has been the behavior of CreateCertificate since Go 1.16. * crypto/x509: The x509sha1 GODEBUG setting will be removed in the next Go major release (Go 1.24). This will mean that crypto/x509 will no longer support verifying signatures on certificates that use SHA-1 based signature algorithms. * crypto/x509: The new ParseOID function parses a dot-encoded ASN.1 Object Identifier string. The OID type now implements the encoding.BinaryMarshaler, encoding.BinaryUnmarshaler, encoding.TextMarshaler, encoding.TextUnmarshaler interfaces. database/sql * crypto/x509: Errors returned by driver.Valuer implementations are now wrapped for improved error handling during operations like DB.Query, DB.Exec, and DB.QueryRow. * debug/elf: The debug/elf package now defines PT_OPENBSD_NOBTCFI. This ProgType is used to disable Branch Tracking Control Flow Integrity (BTCFI) enforcement on OpenBSD binaries. * debug/elf: Now defines the symbol type constants STT_RELC, STT_SRELC, and STT_GNU_IFUNC. * encoding/binary The new Encode and Decode functions are byte slice equivalents to Read and Write. Append allows marshaling multiple data into the same byte slice. * go/ast: The new Preorder function returns a convenient iterator over all the nodes of a syntax tree. * go/types: The Func type, which represents a function or method symbol, now has a Func.Signature method that returns the function's type, which is always a Signature. * go/types: The Alias type now has an Rhs method that returns the type on the right-hand side of its declaration: given type A = B, the Rhs of A is B. (go#66559) * go/types: The methods Alias.Origin, Alias.SetTypeParams, Alias.TypeParams, and Alias.TypeArgs have been added. They are needed for generic alias types. * go/types: By default, go/types now produces Alias type nodes for type aliases. This behavior can be controlled by the GODEBUG gotypesalias flag. Its default has changed from 0 in Go 1.22 to 1 in Go 1.23. * math/rand/v2: The Uint function and Rand.Uint method have been added. They were inadvertently left out of Go 1.22. * math/rand/v2: The new ChaCha8.Read method implements the io.Reader interface. * net: The new type KeepAliveConfig permits fine-tuning the keep-alive options for TCP connections, via a new TCPConn.SetKeepAliveConfig method and new KeepAliveConfig fields for Dialer and ListenConfig. * net: The DNSError type now wraps errors caused by timeouts or cancellation. For example, errors.Is(someDNSErr, context.DeadlineExceedeed) will now report whether a DNS error was caused by a timeout. * net: The new GODEBUG setting netedns0=0 disables sending EDNS0 additional headers on DNS requests, as they reportedly break the DNS server on some modems. * net/http: Cookie now preserves double quotes surrounding a cookie value. The new Cookie.Quoted field indicates whether the Cookie.Value was originally quoted. * net/http: The new Request.CookiesNamed method retrieves all cookies that match the given name. * net/http: The new Cookie.Partitioned field identifies cookies with the Partitioned attribute. * net/http: The patterns used by ServeMux now allow one or more spaces or tabs after the method name. Previously, only a single space was permitted. * net/http: The new ParseCookie function parses a Cookie header value and returns all the cookies which were set in it. Since the same cookie name can appear multiple times the returned Values can contain more than one value for a given key. * net/http: The new ParseSetCookie function parses a Set-Cookie header value and returns a cookie. It returns an error on syntax error. * net/http: ServeContent, ServeFile, and ServeFileFS now remove the Cache- Control, Content-Encoding, Etag, and Last-Modified headers when serving an error. These headers usually apply to the non-error content, but not to the text of errors. * net/http: Middleware which wraps a ResponseWriter and applies on-the-fly encoding, such as Content-Encoding: gzip, will not function after this change. The previous behavior of ServeContent, ServeFile, and ServeFileFS may be restored by setting GODEBUG=httpservecontentkeepheaders=1. Note that middleware which changes the size of the served content (such as by compressing it) already does not function properly when ServeContent handles a Range request. On-the-fly compression should use the Transfer-Encoding header instead of Content-Encoding. * net/http: For inbound requests, the new Request.Pattern field contains the ServeMux pattern (if any) that matched the request. This field is not set when GODEBUG=httpmuxgo121=1 is set. * net/http/httptest: The new NewRequestWithContext method creates an incoming request with a context.Context. * net/netip: In Go 1.22 and earlier, using reflect.DeepEqual to compare an Addr holding an IPv4 address to one holding the IPv4-mapped IPv6 form of that address incorrectly returned true, even though the Addr values were different when comparing with == or Addr.Compare. This bug is now fixed and all three approaches now report the same result. * os: The Stat function now sets the ModeSocket bit for files that are Unix sockets on Windows. These files are identified by having a reparse tag set to IO_REPARSE_TAG_AF_UNIX. * os: On Windows, the mode bits reported by Lstat and Stat for reparse points changed. Mount points no longer have ModeSymlink set, and reparse points that are not symlinks, Unix sockets, or dedup files now always have ModeIrregular set. This behavior is controlled by the winsymlink setting. For Go 1.23, it defaults to winsymlink=1. Previous versions default to winsymlink=0. * os: The CopyFS function copies an io/fs.FS into the local filesystem. * os: On Windows, Readlink no longer tries to normalize volumes to drive letters, which was not always even possible. This behavior is controlled by the winreadlinkvolume setting. For Go 1.23, it defaults to winreadlinkvolume=1. Previous versions default to winreadlinkvolume=0. * os: On Linux with pidfd support (generally Linux v5.4+), Process-related functions and methods use pidfd (rather than PID) internally, eliminating potential mistargeting when a PID is reused by the OS. Pidfd support is fully transparent to a user, except for additional process file descriptors that a process may have. * path/filepath: The new Localize function safely converts a slash-separated path into an operating system path. * path/filepath: On Windows, EvalSymlinks no longer evaluates mount points, which was a source of many inconsistencies and bugs. This behavior is controlled by the winsymlink setting. For Go 1.23, it defaults to winsymlink=1. Previous versions default to winsymlink=0. * path/filepath: On Windows, EvalSymlinks no longer tries to normalize volumes to drive letters, which was not always even possible. This behavior is controlled by the winreadlinkvolume setting. For Go 1.23, it defaults to winreadlinkvolume=1. Previous versions default to winreadlinkvolume=0. * reflect: The new methods synonymous with the methods of the same name in Value are added to Type: * Type.OverflowComplex * Type.OverflowFloat * Type.OverflowInt * Type.OverflowUint * reflect: The new SliceAt function is analogous to NewAt, but for slices. * reflect: The Value.Pointer and Value.UnsafePointer methods now support values of kind String. * reflect: The new methods Value.Seq and Value.Seq2 return sequences that iterate over the value as though it were used in a for/range loop. The new methods Type.CanSeq and Type.CanSeq2 report whether calling Value.Seq and Value.Seq2, respectively, will succeed without panicking. * runtime/debug: The SetCrashOutput function allows the user to specify an alternate file to which the runtime should write its fatal crash report. It may be used to construct an automated reporting mechanism for all unexpected crashes, not just those in goroutines that explicitly use recover. * runtime/pprof: The maximum stack depth for alloc, mutex, block, threadcreate and goroutine profiles has been raised from 32 to 128 frames. * runtime/trace: The runtime now explicitly flushes trace data when a program crashes due to an uncaught panic. This means that more complete trace data will be available in a trace if the program crashes while tracing is active. * slices: The Repeat function returns a new slice that repeats the provided slice the given number of times. * sync: The Map.Clear method deletes all the entries, resulting in an empty Map. It is analogous to clear. * sync/atomic: The new And and Or operators apply a bitwise AND or OR to the given input, returning the old value. * syscall: The syscall package now defines WSAENOPROTOOPT on Windows. * syscall: The GetsockoptInt function is now supported on Windows. * testing/fstest: TestFS now returns a structured error that can be unwrapped (via method Unwrap() []error). This allows inspecting errors using errors.Is or errors.As. * text/template: Templates now support the new "else with" action, which reduces template complexity in some use cases. * time: Parse and ParseInLocation now return an error if the time zone offset is out of range. * unicode/utf16: The RuneLen function returns the number of 16-bit words in the UTF-16 encoding of the rune. It returns -1 if the rune is not a valid value to encode in UTF-16. * Port: Darwin: As announced in the Go 1.22 release notes, Go 1.23 requires macOS 11 Big Sur or later; support for previous versions has been discontinued. * Port: Linux: Go 1.23 is the last release that requires Linux kernel version 2.6.32 or later. Go 1.24 will require Linux kernel version 3.17 or later, with an exception that systems running 3.10 or later will continue to be supported if the kernel has been patched to support the getrandom system call. * Port: OpenBSD: Go 1.23 adds experimental support for OpenBSD on 64-bit RISC-V (GOOS=openbsd, GOARCH=riscv64). * Port: ARM64: Go 1.23 introduces a new GOARM64 environment variable, which specifies the minimum target version of the ARM64 architecture at compile time. Allowed values are v8.{0-9} and v9.{0-5}. This may be followed by an option specifying extensions implemented by target hardware. Valid options are ,lse and ,crypto. The GOARM64 environment variable defaults to v8.0. * Port: RISC-V: Go 1.23 introduces a new GORISCV64 environment variable, which selects the RISC-V user-mode application profile for which to compile. Allowed values are rva20u64 and rva22u64. The GORISCV64 environment variable defaults to rva20u64. * Port: Wasm: The go_wasip1_wasm_exec script in GOROOT/misc/wasm has dropped support for versions of wasmtime < 14.0.0. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3937=1 openSUSE-SLE-15.6-2024-3937=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3937=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * go1.23-openssl-debuginfo-1.23.2.2-150600.13.3.1 * go1.23-openssl-doc-1.23.2.2-150600.13.3.1 * go1.23-openssl-1.23.2.2-150600.13.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.23-openssl-race-1.23.2.2-150600.13.3.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.23-openssl-debuginfo-1.23.2.2-150600.13.3.1 * go1.23-openssl-doc-1.23.2.2-150600.13.3.1 * go1.23-openssl-1.23.2.2-150600.13.3.1 * go1.23-openssl-race-1.23.2.2-150600.13.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-34155.html * https://www.suse.com/security/cve/CVE-2024-34156.html * https://www.suse.com/security/cve/CVE-2024-34158.html * https://bugzilla.suse.com/show_bug.cgi?id=1229122 * https://bugzilla.suse.com/show_bug.cgi?id=1230252 * https://bugzilla.suse.com/show_bug.cgi?id=1230253 * https://bugzilla.suse.com/show_bug.cgi?id=1230254 * https://jira.suse.com/browse/SLE-18320 * CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-45289 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-45289 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2023-45290 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24783 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-24783 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-24784 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-24785 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-24787 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-24788 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-24789 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-24789 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N * CVE-2024-24790 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L * CVE-2024-24790 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-24791 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34155 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34155 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-34156 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34156 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34158 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-34158 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Affected Products: * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 14 vulnerabilities, contains two features and has two security fixes can now be installed. ## Description: This update for go1.22-openssl fixes the following issues: This update ships go1.22-openssl 1.22.7.1 (jsc#SLE-18320) * Update to version 1.22.7.1 cut from the go1.22-fips-release branch at the revision tagged go1.22.7-1-openssl-fips. * Update to Go 1.22.7 (#229) * go1.22.7 (released 2024-09-05) includes security fixes to the encoding/gob, go/build/constraint, and go/parser packages, as well as bug fixes to the fix command and the runtime. CVE-2024-34155 CVE-2024-34156 CVE-2024-34158: \- go#69142 go#69138 bsc#1230252 security: fix CVE-2024-34155 go/parser: stack exhaustion in all Parse* functions (CVE-2024-34155) \- go#69144 go#69139 bsc#1230253 security: fix CVE-2024-34156 encoding/gob: stack exhaustion in Decoder.Decode (CVE-2024-34156) \- go#69148 go#69141 bsc#1230254 security: fix CVE-2024-34158 go/build/constraint: stack exhaustion in Parse (CVE-2024-34158) \- go#68811 os: TestChtimes failures \- go#68825 cmd/fix: fails to run on modules whose go directive value is in "1.n.m" format introduced in Go 1.21.0 \- go#68972 cmd/cgo: aix c-archive corrupting stack * go1.22.6 (released 2024-08-06) includes fixes to the go command, the compiler, the linker, the trace command, the covdata command, and the bytes, go/types, and os/exec packages. * go#68594 cmd/compile: internal compiler error with zero-size types * go#68546 cmd/trace/v2: pprof profiles always empty * go#68492 cmd/covdata: too many open files due to defer f.Close() in for loop * go#68475 bytes: IndexByte can return -4294967295 when memory usage is above 2^31 on js/wasm * go#68370 go/types: assertion failure in recent range statement checking logic * go#68331 os/exec: modifications to Path ignored when *Cmd is created using Command with an absolute path on Windows * go#68230 cmd/compile: inconsistent integer arithmetic result on Go 1.22+arm64 with/without -race * go#68222 cmd/go: list with -export and -covermode=atomic fails to build * go#68198 cmd/link: issues with Xcode 16 beta * Update to version 1.22.5.3 cut from the go1.22-fips-release branch at the revision tagged go1.22.5-3-openssl-fips. * Only load openssl if fips == "1" Avoid loading openssl whenever GOLANG_FIPS is not 1. Previously only an unset variable would cause the library load to be skipped, but users may also expect to be able to set eg. GOLANG_FIPS=0 in environments without openssl. * Update to version 1.22.5.2 cut from the go1.22-fips-release branch at the revision tagged go1.22.5-2-openssl-fips. * Only load OpenSSL when in FIPS mode * Update to version 1.22.5.1 cut from the go1.22-fips-release branch at the revision tagged go1.22.5-1-openssl-fips. * Update to go1.22.5 * go1.22.5 (released 2024-07-02) includes security fixes to the net/http package, as well as bug fixes to the compiler, cgo, the go command, the linker, the runtime, and the crypto/tls, go/types, net, net/http, and os/exec packages. CVE-2024-24791: * go#68200 go#67555 bsc#1227314 security: fix CVE CVE-2024-24791 net/http: expect: 100-continue handling is broken in various ways * go#65983 cmd/compile: hash of unhashable type * go#65994 crypto/tls: segfault when calling tlsrsakex.IncNonDefault() * go#66598 os/exec: calling Cmd.Start after setting Cmd.Path manually to absolute path without ".exe" no longer implicitly adds ".exe" in Go 1.22 * go#67298 runtime: "fatal: morestack on g0" on amd64 after upgrade to Go 1.21, stale bounds * go#67715 cmd/cgo/internal/swig,cmd/go,x/build: swig cgo tests incompatible with C++ toolchain on builders * go#67798 cmd/compile: internal compiler error: unexpected type: <nil> (<nil>) in for-range * go#67820 cmd/compile: package- level variable initialization with constant dependencies doesn't match order specified in Go spec * go#67850 go/internal/gccgoimporter: go building failing with gcc 14.1.0 * go#67934 net: go DNS resolver fails to connect to local DNS server * go#67945 cmd/link: using -fuzz with test that links with cgo on darwin causes linker failure * go#68052 cmd/go: go list -u -m all fails loading module retractions: module requires go >= 1.N+1 (running go 1.N) * go#68122 cmd/link: runtime.mach_vm_region_trampoline: unsupported dynamic relocation for symbol libc_mach_task_self_ (type=29 (R_GOTPCREL) stype=46 (SDYNIMPORT)) * Update to version 1.22.4.1 cut from the go1.22-fips-release branch at the revision tagged go1.22.4-1-openssl-fips. * Update to go1.22.4 * go1.22.4 (released 2024-06-04) includes security fixes to the archive/zip and net/netip packages, as well as bug fixes to the compiler, the go command, the linker, the runtime, and the os package. CVE-2024-24789 CVE-2024-24790: * go#67554 go#66869 bsc#1225973 security: fix CVE-2024-24789 archive/zip: EOCDR comment length handling is inconsistent with other ZIP implementations * go#67682 go#67680 bsc#1225974 security: fix CVE-2024-24790 net/netip: unexpected behavior from Is methods for IPv4-mapped IPv6 addresses * go#67188 runtime/metrics: /memory/classes/heap/unused:bytes spikes * go#67212 cmd/compile: SIGBUS unaligned access on mips64 via qemu-mips64 * go#67236 cmd/go: mod tidy reports toolchain not available with 'go 1.21' * go#67258 runtime: unexpected fault address 0 * go#67311 cmd/go: TestScript/gotoolchain_issue66175 fails on tip locally * go#67314 cmd/go,cmd/link: TestScript/build_issue48319 and TestScript/build_plugin_reproducible failing on LUCI gotip-darwin-amd64-longtest builder due to non-reproducible LC_UUID * go#67352 crypto/x509: TestPlatformVerifier failures on Windows due to broken connections * go#67460 cmd/compile: internal compiler error: panic with range over integer value * go#67527 cmd/link: panic: machorelocsect: size mismatch * go#67650 runtime: SIGSEGV after performing clone(CLONE_PARENT) via C constructor prior to runtime start * go#67696 os: RemoveAll susceptible to symlink race * Update to version 1.22.3.3 cut from the go1.22-fips-release branch at the revision tagged go1.22.3-3-openssl-fips. * config: update openssl backend (#201) * Update to version 1.22.3.2 cut from the go1.22-fips-release branch at the revision tagged go1.22.3-2-openssl-fips. * patches: restore signature of HashSign/HashVerify (#199) * Update to version 1.22.3.1 cut from the go1.22-fips-release branch at the revision tagged go1.22.3-1-openssl-fips. * Update to go1.22.3 * fix: rename patch file * Backport change https://go-review.googlesource.com/c/go/+/554615 to Go1.22 (#193) runtime: crash asap and extend total sleep time for slow machine in test Running with few threads usually does not need 500ms to crash, so let it crash as soon as possible. While the test may caused more time on slow machine, try to expand the sleep time in test. * cmd/go: re-enable CGO for Go toolchain commands (#190) * crypto/ecdsa: Restore HashSign and HashVerify (#189) * go1.22.3 (released 2024-05-07) includes security fixes to the go command and the net package, as well as bug fixes to the compiler, the runtime, and the net/http package. CVE-2024-24787 CVE-2024-24788: * go#67122 go#67119 bsc#1224017 security: fix CVE-2024-24787 cmd/go: arbitrary code execution during build on darwin * go#67040 go#66754 bsc#1224018 security: fix CVE-2024-24788 net: high cpu usage in extractExtendedRCode * go#67018 cmd/compile: Go 1.22.x failed to be bootstrapped from 386 to ppc64le * go#67017 cmd/compile: changing a hot concrete method to interface method triggers a PGO ICE * go#66886 runtime: deterministic fallback hashes across process boundary * go#66698 net/http: TestRequestLimit/h2 becomes significantly more expensive and slower after x/net(a)v0.23.0 * Update to version 1.22.2.1 cut from the go1.22-fips-release branch at the revision tagged go1.22.2-1-openssl-fips. * Update to go1.22.2 * go1.22.2 (released 2024-04-03) includes a security fix to the net/http package, as well as bug fixes to the compiler, the go command, the linker, and the encoding/gob, go/types, net/http, and runtime/trace packages. CVE-2023-45288: * go#66298 go#65051 bsc#1221400 security: fix CVE-2023-45288 net/http, x/net/http2: close connections when receiving too many headers * go#65858 cmd/compile: unreachable panic with GODEBUG=gotypesalias=1 * go#66060 cmd/link: RISC-V external link, failed to find text symbol for HI20 relocation * go#66076 cmd/compile: out-of-bounds panic with uint32 conversion and modulus operation in Go 1.22.0 on arm64 * go#66134 cmd/compile: go test . results in CLOSURE ... <unknown line number>: internal compiler error: assertion failed * go#66137 cmd/go: go 1.22.0: go test throws errors when processing folders not listed in coverpkg argument * go#66178 cmd/compile: ICE: panic: interface conversion: ir.Node is _ir.ConvExpr, not_ ir.IndexExpr * go#66201 runtime/trace: v2 traces contain an incorrect timestamp scaling factor on Windows * go#66255 net/http: http2 round tripper nil pointer dereference causes panic causing deadlock * go#66256 cmd/go: git shallow fetches broken at CL 556358 * go#66273 crypto/x509: Certificate no longer encodable using encoding/gob in Go1.22 * go#66412 cmd/link: bad carrier sym for symbol runtime.elf_savegpr0.args_stackmap on ppc64le * Update to version 1.22.1.2 cut from the go1.22-fips-release branch at the revision tagged go1.22.1-2-openssl-fips. * config: Update openssl v2 module (#178) * Remove subpackage go1.x-openssl-libstd for compiled shared object libstd.so. * Continue to build experimental libstd only on go1.x Tumbleweed. * Removal fixes build errors on go1.x-openssl Factory and ALP. * Use of libstd.so is experimental and not recommended for general use, Go currently has no ABI. * Feature go build -buildmode=shared is deprecated by upstream, but not yet removed. * Initial package go1.22-openssl version 1.22.1.1 cut from the go1.22-fips- release branch at the revision tagged go1.22.1-1-openssl-fips. * Go upstream merged branch dev.boringcrypto in go1.19+. * In go1.x enable BoringCrypto via GOEXPERIMENT=boringcrypto. * In go1.x-openssl enable FIPS mode (or boring mode as the package is named) either via an environment variable GOLANG_FIPS=1 or by virtue of booting the host in FIPS mode. * When the operating system is operating in FIPS mode, Go applications which import crypto/tls/fipsonly limit operations to the FIPS ciphersuite. * go1.x-openssl is delivered as two large patches to go1.x applying necessary modifications from the golang-fips/go GitHub project for the Go crypto library to use OpenSSL as the external cryptographic library in a FIPS compliant way. * go1.x-openssl modifies the crypto/* packages to use OpenSSL for cryptographic operations. * go1.x-openssl uses dlopen() to call into OpenSSL. * SUSE RPM packaging introduces a fourth version digit go1.x.y.z corresponding to the golang-fips/go patchset tagged revision. * Patchset improvements can be updated independently of upstream Go maintenance releases. * go1.22.1 (released 2024-03-05) includes security fixes to the crypto/x509, html/template, net/http, net/http/cookiejar, and net/mail packages, as well as bug fixes to the compiler, the go command, the runtime, the trace command, and the go/types and net/http packages. CVE-2023-45289 CVE-2023-45290 CVE-2024-24783 CVE-2024-24784 CVE-2024-24785: * go#65831 go#65390 bsc#1220999 security: fix CVE-2024-24783 crypto/x509: Verify panics on certificates with an unknown public key algorithm * go#65849 go#65083 bsc#1221002 security: fix CVE-2024-24784 net/mail: comments in display names are incorrectly handled * go#65850 go#65383 bsc#1221001 security: fix CVE-2023-45290 net/http: memory exhaustion in Request.ParseMultipartForm * go#65859 go#65065 bsc#1221000 security: fix CVE-2023-45289 net/http, net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect * go#65969 go#65697 bsc#1221003 security: fix CVE-2024-24785 html/template: errors returned from MarshalJSON methods may break template escaping * go#65352 cmd/go: go generate fails silently when run on a package in a nested workspace module * go#65471 internal/testenv: TestHasGoBuild failures on the LUCI noopt builders * go#65474 internal/testenv: support LUCI mobile builders in testenv tests * go#65577 cmd/trace/v2: goroutine analysis page doesn't identify goroutines consistently * go#65618 cmd/compile: Go 1.22 build fails with 1.21 PGO profile on internal/saferio change * go#65619 cmd/compile: Go 1.22 changes support for modules that declare go 1.0 * go#65641 cmd/cgo/internal/testsanitizers,x/build: LUCI clang15 builders failing * go#65644 runtime: crash in race detector when execution tracer reads from CPU profile buffer * go#65728 go/types: nil pointer dereference in Alias.Underlying() * go#65759 net/http: context cancellation can leave HTTP client with deadlocked HTTP/1.1 connections in Go1.22 * go#65760 runtime: Go 1.22.0 fails to build from source on armv7 Alpine Linux * go#65818 runtime: go1.22.0 test with -race will SIGSEGV or SIGBUS or Bad Pointer * go#65852 cmd/go: "missing ziphash" error with go.work * go#65883 runtime: scheduler sometimes starves a runnable goroutine on wasm platforms * bsc#1219988 ensure VERSION file is present in GOROOT as required by go tool dist and go tool distpack * go1.22 (released 2024-02-06) is a major release of Go. go1.22.x minor releases will be provided through February 2024. https://github.com/golang/go/wiki/Go-Release-Cycle go1.22 arrives six months after go1.21. Most of its changes are in the implementation of the toolchain, runtime, and libraries. As always, the release maintains the Go 1 promise of compatibility. We expect almost all Go programs to continue to compile and run as before. * Language change: go1.22 makes two changes to for loops. Previously, the variables declared by a for loop were created once and updated by each iteration. In go1.22, each iteration of the loop creates new variables, to avoid accidental sharing bugs. The transition support tooling described in the proposal continues to work in the same way it did in Go 1.21. * Language change: For loops may now range over integers * Language change: go1.22 includes a preview of a language change we are considering for a future version of Go: range-over-function iterators. Building with GOEXPERIMENT=rangefunc enables this feature. * go command: Commands in workspaces can now use a vendor directory containing the dependencies of the workspace. The directory is created by go work vendor, and used by build commands when the -mod flag is set to vendor, which is the default when a workspace vendor directory is present. Note that the vendor directory's contents for a workspace are different from those of a single module: if the directory at the root of a workspace also contains one of the modules in the workspace, its vendor directory can contain the dependencies of either the workspace or of the module, but not both. * go get is no longer supported outside of a module in the legacy GOPATH mode (that is, with GO111MODULE=off). Other build commands, such as go build and go test, will continue to work indefinitely for legacy GOPATH programs. * go mod init no longer attempts to import module requirements from configuration files for other vendoring tools (such as Gopkg.lock). * go test -cover now prints coverage summaries for covered packages that do not have their own test files. Prior to Go 1.22 a go test -cover run for such a package would report: ? mymod/mypack [no test files] and now with go1.22, functions in the package are treated as uncovered: mymod/mypack coverage: 0.0% of statements Note that if a package contains no executable code at all, we can't report a meaningful coverage percentage; for such packages the go tool will continue to report that there are no test files. * trace: The trace tool's web UI has been gently refreshed as part of the work to support the new tracer, resolving several issues and improving the readability of various sub-pages. The web UI now supports exploring traces in a thread-oriented view. The trace viewer also now displays the full duration of all system calls. These improvements only apply for viewing traces produced by programs built with go1.22 or newer. A future release will bring some of these improvements to traces produced by older version of * vet: References to loop variables The behavior of the vet tool has changed to match the new semantics (see above) of loop variables in go1.22. When analyzing a file that requires go1.22 or newer (due to its go.mod file or a per-file build constraint), vetcode> no longer reports references to loop variables from within a function literal that might outlive the iteration of the loop. In Go 1.22, loop variables are created anew for each iteration, so such references are no longer at risk of using a variable after it has been updated by the loop. * vet: New warnings for missing values after append The vet tool now reports calls to append that pass no values to be appended to the slice, such as slice = append(slice). Such a statement has no effect, and experience has shown that is nearly always a mistake. * vet: New warnings for deferring time.Since The vet tool now reports a non- deferred call to time.Since(t) within a defer statement. This is equivalent to calling time.Now().Sub(t) before the defer statement, not when the deferred function is called. In nearly all cases, the correct code requires deferring the time.Since call. * vet: New warnings for mismatched key-value pairs in log/slog calls The vet tool now reports invalid arguments in calls to functions and methods in the structured logging package, log/slog, that accept alternating key/value pairs. It reports calls where an argument in a key position is neither a string nor a slog.Attr, and where a final key is missing its value. * runtime: The runtime now keeps type-based garbage collection metadata nearer to each heap object, improving the CPU performance (latency or throughput) of Go programs by 1-3%. This change also reduces the memory overhead of the majority Go programs by approximately 1% by deduplicating redundant metadata. Some programs may see a smaller improvement because this change adjusts the size class boundaries of the memory allocator, so some objects may be moved up a size class. A consequence of this change is that some objects' addresses that were previously always aligned to a 16 byte (or higher) boundary will now only be aligned to an 8 byte boundary. Some programs that use assembly instructions that require memory addresses to be more than 8-byte aligned and rely on the memory allocator's previous alignment behavior may break, but we expect such programs to be rare. Such programs may be built with GOEXPERIMENT=noallocheaders to revert to the old metadata layout and restore the previous alignment behavior, but package owners should update their assembly code to avoid the alignment assumption, as this workaround will be removed in a future release. * runtime: On the windows/amd64 port, programs linking or loading Go libraries built with -buildmode=c-archive or -buildmode=c-shared can now use the SetUnhandledExceptionFilter Win32 function to catch exceptions not handled by the Go runtime. Note that this was already supported on the windows/386 port. * compiler: Profile-guided Optimization (PGO) builds can now devirtualize a higher proportion of calls than previously possible. Most programs from a representative set of Go programs now see between 2 and 14% improvement from enabling PGO. * compiler: The compiler now interleaves devirtualization and inlining, so interface method calls are better optimized. * compiler: go1.22 also includes a preview of an enhanced implementation of the compiler's inlining phase that uses heuristics to boost inlinability at call sites deemed "important" (for example, in loops) and discourage inlining at call sites deemed "unimportant" (for example, on panic paths). Building with GOEXPERIMENT=newinliner enables the new call-site heuristics; see issue #61502 for more info and to provide feedback. * linker: The linker's -s and -w flags are now behave more consistently across all platforms. The -w flag suppresses DWARF debug information generation. The -s flag suppresses symbol table generation. The -s flag also implies the -w flag, which can be negated with -w=0. That is, -s -w=0 will generate a binary with DWARF debug information generation but without the symbol table. * linker: On ELF platforms, the -B linker flag now accepts a special form: with -B gobuildid, the linker will generate a GNU build ID (the ELF NT_GNU_BUILD_ID note) derived from the Go build ID. * linker: On Windows, when building with -linkmode=internal, the linker now preserves SEH information from C object files by copying the .pdata and .xdata sections into the final binary. This helps with debugging and profiling binaries using native tools, such as WinDbg. Note that until now, C functions' SEH exception handlers were not being honored, so this change may cause some programs to behave differently. -linkmode=external is not affected by this change, as external linkers already preserve SEH information. * bootstrap: As mentioned in the Go 1.20 release notes, go1.22 now requires the final point release of Go 1.20 or later for bootstrap. We expect that Go 1.24 will require the final point release of go1.22 or later for bootstrap. * core library: New math/rand/v2 package: go1.22 includes the first “v2” package in the standard library, math/rand/v2. The changes compared to math/rand are detailed in proposal go#61716. The most important changes are: * The Read method, deprecated in math/rand, was not carried forward for math/rand/v2. (It remains available in math/rand.) The vast majority of calls to Read should use crypto/rand’s Read instead. Otherwise a custom Read can be constructed using the Uint64 method. * The global generator accessed by top-level functions is unconditionally randomly seeded. Because the API guarantees no fixed sequence of results, optimizations like per-thread random generator states are now possible. * The Source interface now has a single Uint64 method; there is no Source64 interface. * Many methods now use faster algorithms that were not possible to adopt in math/rand because they changed the output streams. * The Intn, Int31, Int31n, Int63, and Int64n top-level functions and methods from math/rand are spelled more idiomatically in math/rand/v2: IntN, Int32, Int32N, Int64, and Int64N. There are also new top-level functions and methods Uint32, Uint32N, Uint64, Uint64N, Uint, and UintN. * The new generic function N is like Int64N or Uint64N but works for any integer type. For example a random duration from 0 up to 5 minutes is rand.N(5*time.Minute). * The Mitchell & Reeds LFSR generator provided by math/rand’s Source has been replaced by two more modern pseudo-random generator sources: ChaCha8 PCG. ChaCha8 is a new, cryptographically strong random number generator roughly similar to PCG in efficiency. ChaCha8 is the algorithm used for the top-level functions in math/rand/v2. As of go1.22, math/rand's top-level functions (when not explicitly seeded) and the Go runtime also use ChaCha8 for randomness. * We plan to include an API migration tool in a future release, likely Go 1.23. * core library: New go/version package: The new go/version package implements functions for validating and comparing Go version strings. * core library: Enhanced routing patterns: HTTP routing in the standard library is now more expressive. The patterns used by net/http.ServeMux have been enhanced to accept methods and wildcards. This change breaks backwards compatibility in small ways, some obvious—patterns with "{" and "}" behave differently— and some less so—treatment of escaped paths has been improved. The change is controlled by a GODEBUG field named httpmuxgo121. Set httpmuxgo121=1 to restore the old behavior. * Minor changes to the library As always, there are various minor changes and updates to the library, made with the Go 1 promise of compatibility in mind. There are also various performance improvements, not enumerated here. * archive/tar: The new method Writer.AddFS adds all of the files from an fs.FS to the archive. * archive/zip: The new method Writer.AddFS adds all of the files from an fs.FS to the archive. * bufio: When a SplitFunc returns ErrFinalToken with a nil token, Scanner will now stop immediately. Previously, it would report a final empty token before stopping, which was usually not desired. Callers that do want to report a final empty token can do so by returning []byte{} rather than nil. * cmp: The new function Or returns the first in a sequence of values that is not the zero value. * crypto/tls: ConnectionState.ExportKeyingMaterial will now return an error unless TLS 1.3 is in use, or the extended_master_secret extension is supported by both the server and client. crypto/tls has supported this extension since Go 1.20. This can be disabled with the tlsunsafeekm=1 GODEBUG setting. * crypto/tls: By default, the minimum version offered by crypto/tls servers is now TLS 1.2 if not specified with config.MinimumVersion, matching the behavior of crypto/tls clients. This change can be reverted with the tls10server=1 GODEBUG setting. * crypto/tls: By default, cipher suites without ECDHE support are no longer offered by either clients or servers during pre-TLS 1.3 handshakes. This change can be reverted with the tlsrsakex=1 GODEBUG setting. * crypto/x509: The new CertPool.AddCertWithConstraint method can be used to add customized constraints to root certificates to be applied during chain building. * crypto/x509: On Android, root certificates will now be loaded from /data/misc/keychain/certs-added as well as /system/etc/security/cacerts. * crypto/x509: A new type, OID, supports ASN.1 Object Identifiers with individual components larger than 31 bits. A new field which uses this type, Policies, is added to the Certificate struct, and is now populated during parsing. Any OIDs which cannot be represented using a asn1.ObjectIdentifier will appear in Policies, but not in the old PolicyIdentifiers field. When calling CreateCertificate, the Policies field is ignored, and policies are taken from the PolicyIdentifiers field. Using the x509usepolicies=1 GODEBUG setting inverts this, populating certificate policies from the Policies field, and ignoring the PolicyIdentifiers field. We may change the default value of x509usepolicies in Go 1.23, making Policies the default field for marshaling. * database/sql: The new Null[T] type provide a way to scan nullable columns for any column types. * debug/elf: Constant R_MIPS_PC32 is defined for use with MIPS64 systems. Additional R_LARCH_* constants are defined for use with LoongArch systems. * encoding: The new methods AppendEncode and AppendDecode added to each of the Encoding types in the packages encoding/base32, encoding/base64, and encoding/hex simplify encoding and decoding from and to byte slices by taking care of byte slice buffer management. * encoding: The methods base32.Encoding.WithPadding and base64.Encoding.WithPadding now panic if the padding argument is a negative value other than NoPadding. * encoding/json: Marshaling and encoding functionality now escapes '\b' and '\f' characters as \b and \f instead of \u0008 and \u000c. * go/ast: The following declarations related to syntactic identifier resolution are now deprecated: Ident.Obj, Object, Scope, File.Scope, File.Unresolved, Importer, Package, NewPackage. In general, identifiers cannot be accurately resolved without type information. Consider, for example, the identifier K in T{K: ""}: it could be the name of a local variable if T is a map type, or the name of a field if T is a struct type. New programs should use the go/types package to resolve identifiers; see Object, Info.Uses, and Info.Defs for details. * go/ast: The new ast.Unparen function removes any enclosing parentheses from an expression. * go/types: The new Alias type represents type aliases. Previously, type aliases were not represented explicitly, so a reference to a type alias was equivalent to spelling out the aliased type, and the name of the alias was lost. The new representation retains the intermediate Alias. This enables improved error reporting (the name of a type alias can be reported), and allows for better handling of cyclic type declarations involving type aliases. In a future release, Alias types will also carry type parameter information. The new function Unalias returns the actual type denoted by an Alias type (or any other Type for that matter). * go/types: Because Alias types may break existing type switches that do not know to check for them, this functionality is controlled by a GODEBUG field named gotypesalias. With gotypesalias=0, everything behaves as before, and Alias types are never created. With gotypesalias=1, Alias types are created and clients must expect them. The default is gotypesalias=0. In a future release, the default will be changed to gotypesalias=1. Clients of go/types are urged to adjust their code as soon as possible to work with gotypesalias=1 to eliminate problems early. * go/types: The Info struct now exports the FileVersions map which provides per-file Go version information. * go/types: The new helper method PkgNameOf returns the local package name for the given import declaration. * go/types: The implementation of SizesFor has been adjusted to compute the same type sizes as the compiler when the compiler argument for SizesFor is "gc". The default Sizes implementation used by the type checker is now types.SizesFor("gc", "amd64"). * go/types: The start position (Pos) of the lexical environment block (Scope) that represents a function body has changed: it used to start at the opening curly brace of the function body, but now starts at the function's func token. * html/template: Javascript template literals may now contain Go template actions, and parsing a template containing one will no longer return ErrJSTemplate. Similarly the GODEBUG setting jstmpllitinterp no longer has any effect. * io: The new SectionReader.Outer method returns the ReaderAt, offset, and size passed to NewSectionReader. * log/slog: The new SetLogLoggerLevel function controls the level for the bridge between the `slog` and `log` packages. It sets the minimum level for calls to the top-level `slog` logging functions, and it sets the level for calls to `log.Logger` that go through `slog`. * math/big: The new method Rat.FloatPrec computes the number of fractional decimal digits required to represent a rational number accurately as a floating-point number, and whether accurate decimal representation is possible in the first place. * net: When io.Copy copies from a TCPConn to a UnixConn, it will now use Linux's splice(2) system call if possible, using the new method TCPConn.WriteTo. * net: The Go DNS Resolver, used when building with "-tags=netgo", now searches for a matching name in the Windows hosts file, located at %SystemRoot%\System32\drivers\etc\hosts, before making a DNS query. * net/http: The new functions ServeFileFS, FileServerFS, and NewFileTransportFS are versions of the existing ServeFile, FileServer, and NewFileTransport, operating on an fs.FS. * net/http: The HTTP server and client now reject requests and responses containing an invalid empty Content-Length header. The previous behavior may be restored by setting GODEBUG field httplaxcontentlength=1. * net/http: The new method Request.PathValue returns path wildcard values from a request and the new method Request.SetPathValue sets path wildcard values on a request. * net/http/cgi: When executing a CGI process, the PATH_INFO variable is now always set to the empty string or a value starting with a / character, as required by RFC 3875. It was previously possible for some combinations of Handler.Root and request URL to violate this requirement. * net/netip: The new AddrPort.Compare method compares two AddrPorts. * os: On Windows, the Stat function now follows all reparse points that link to another named entity in the system. It was previously only following IO_REPARSE_TAG_SYMLINK and IO_REPARSE_TAG_MOUNT_POINT reparse points. * os: On Windows, passing O_SYNC to OpenFile now causes write operations to go directly to disk, equivalent to O_SYNC on Unix platforms. * os: On Windows, the ReadDir, File.ReadDir, File.Readdir, and File.Readdirnames functions now read directory entries in batches to reduce the number of system calls, improving performance up to 30%. * os: When io.Copy copies from a File to a net.UnixConn, it will now use Linux's sendfile(2) system call if possible, using the new method File.WriteTo. * os/exec: On Windows, LookPath now ignores empty entries in %PATH%, and returns ErrNotFound (instead of ErrNotExist) if no executable file extension is found to resolve an otherwise-unambiguous name. * os/exec: On Windows, Command and Cmd.Start no longer call LookPath if the path to the executable is already absolute and has an executable file extension. In addition, Cmd.Start no longer writes the resolved extension back to the Path field, so it is now safe to call the String method concurrently with a call to Start. * reflect: The Value.IsZero method will now return true for a floating-point or complex negative zero, and will return true for a struct value if a blank field (a field named _) somehow has a non-zero value. These changes make IsZero consistent with comparing a value to zero using the language == operator. * reflect: The PtrTo function is deprecated, in favor of PointerTo. * reflect: The new function TypeFor returns the Type that represents the type argument T. Previously, to get the reflect.Type value for a type, one had to use reflect.TypeOf((*T)(nil)).Elem(). This may now be written as reflect.TypeForT. * runtime/metrics: Four new histogram metrics /sched/pauses/stopping/gc:seconds, /sched/pauses/stopping/other:seconds, /sched/pauses/total/gc:seconds, and /sched/pauses/total/other:seconds provide additional details about stop-the-world pauses. The "stopping" metrics report the time taken from deciding to stop the world until all goroutines are stopped. The "total" metrics report the time taken from deciding to stop the world until it is started again. * runtime/metrics: The /gc/pauses:seconds metric is deprecated, as it is equivalent to the new /sched/pauses/total/gc:seconds metric. * runtime/metrics: /sync/mutex/wait/total:seconds now includes contention on runtime-internal locks in addition to sync.Mutex and sync.RWMutex. * runtime/pprof: Mutex profiles now scale contention by the number of goroutines blocked on the mutex. This provides a more accurate representation of the degree to which a mutex is a bottleneck in a Go program. For instance, if 100 goroutines are blocked on a mutex for 10 milliseconds, a mutex profile will now record 1 second of delay instead of 10 milliseconds of delay. * runtime/pprof: Mutex profiles also now include contention on runtime- internal locks in addition to sync.Mutex and sync.RWMutex. Contention on runtime-internal locks is always reported at runtime._LostContendedRuntimeLock. A future release will add complete stack traces in these cases. * runtime/pprof: CPU profiles on Darwin platforms now contain the process's memory map, enabling the disassembly view in the pprof tool. * runtime/trace: The execution tracer has been completely overhauled in this release, resolving several long-standing issues and paving the way for new use-cases for execution traces. * runtime/trace: Execution traces now use the operating system's clock on most platforms (Windows excluded) so it is possible to correlate them with traces produced by lower-level components. Execution traces no longer depend on the reliability of the platform's clock to produce a correct trace. Execution traces are now partitioned regularly on-the-fly and as a result may be processed in a streamable way. Execution traces now contain complete durations for all system calls. Execution traces now contain information about the operating system threads that goroutines executed on. The latency impact of starting and stopping execution traces has been dramatically reduced. Execution traces may now begin or end during the garbage collection mark phase. * runtime/trace: To allow Go developers to take advantage of these improvements, an experimental trace reading package is available at golang.org/x/exp/trace . Note that this package only works on traces produced by programs built with go1.22 at the moment. Please try out the package and provide feedback on the corresponding proposal issue. * runtime/trace: If you experience any issues with the new execution tracer implementation, you may switch back to the old implementation by building your Go program with GOEXPERIMENT=noexectracer2. If you do, please file an issue, otherwise this option will be removed in a future release. * slices: The new function Concat concatenates multiple slices. * slices: Functions that shrink the size of a slice (Delete, DeleteFunc, Compact, CompactFunc, and Replace) now zero the elements between the new length and the old length. * slices: Insert now always panics if the argument i is out of range. Previously it did not panic in this situation if there were no elements to be inserted. * syscall: The syscall package has been frozen since Go 1.4 and was marked as deprecated in Go 1.11, causing many editors to warn about any use of the package. However, some non-deprecated functionality requires use of the syscall package, such as the os/exec.Cmd.SysProcAttr field. To avoid unnecessary complaints on such code, the syscall package is no longer marked as deprecated. The package remains frozen to most new functionality, and new code remains encouraged to use golang.org/x/sys/unix or golang.org/x/sys/windows where possible. * syscall: On Linux, the new SysProcAttr.PidFD field allows obtaining a PID FD when starting a child process via StartProcess or os/exec. * syscall: On Windows, passing O_SYNC to Open now causes write operations to go directly to disk, equivalent to O_SYNC on Unix platforms. * testing/slogtest: The new Run function uses sub-tests to run test cases, providing finer-grained control. * Ports: Darwin: On macOS on 64-bit x86 architecture (the darwin/amd64 port), the Go toolchain now generates position-independent executables (PIE) by default. Non-PIE binaries can be generated by specifying the -buildmode=exe build flag. On 64-bit ARM-based macOS (the darwin/arm64 port), the Go toolchain already generates PIE by default. go1.22 is the last release that will run on macOS 10.15 Catalina. Go 1.23 will require macOS 11 Big Sur or later. * Ports: Arm: The GOARM environment variable now allows you to select whether to use software or hardware floating point. Previously, valid GOARM values were 5, 6, or 7. Now those same values can be optionally followed by ,softfloat or ,hardfloat to select the floating-point implementation. This new option defaults to softfloat for version 5 and hardfloat for versions 6 and 7. * Ports: Loong64: The loong64 port now supports passing function arguments and results using registers. The linux/loong64 port now supports the address sanitizer, memory sanitizer, new-style linker relocations, and the plugin build mode. * OpenBSD go1.22 adds an experimental port to OpenBSD on big-endian 64-bit PowerPC (openbsd/ppc64). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3938=1 SUSE-2024-3938=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3938=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * go1.22-openssl-doc-1.22.7.1-150600.13.3.1 * go1.22-openssl-1.22.7.1-150600.13.3.1 * go1.22-openssl-debuginfo-1.22.7.1-150600.13.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * go1.22-openssl-race-1.22.7.1-150600.13.3.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * go1.22-openssl-doc-1.22.7.1-150600.13.3.1 * go1.22-openssl-race-1.22.7.1-150600.13.3.1 * go1.22-openssl-1.22.7.1-150600.13.3.1 * go1.22-openssl-debuginfo-1.22.7.1-150600.13.3.1 ## References: * https://www.suse.com/security/cve/CVE-2023-45288.html * https://www.suse.com/security/cve/CVE-2023-45289.html * https://www.suse.com/security/cve/CVE-2023-45290.html * https://www.suse.com/security/cve/CVE-2024-24783.html * https://www.suse.com/security/cve/CVE-2024-24784.html * https://www.suse.com/security/cve/CVE-2024-24785.html * https://www.suse.com/security/cve/CVE-2024-24787.html * https://www.suse.com/security/cve/CVE-2024-24788.html * https://www.suse.com/security/cve/CVE-2024-24789.html * https://www.suse.com/security/cve/CVE-2024-24790.html * https://www.suse.com/security/cve/CVE-2024-24791.html * https://www.suse.com/security/cve/CVE-2024-34155.html * https://www.suse.com/security/cve/CVE-2024-34156.html * https://www.suse.com/security/cve/CVE-2024-34158.html * https://bugzilla.suse.com/show_bug.cgi?id=1218424 * https://bugzilla.suse.com/show_bug.cgi?id=1219988 * https://bugzilla.suse.com/show_bug.cgi?id=1220999 * https://bugzilla.suse.com/show_bug.cgi?id=1221000 * https://bugzilla.suse.com/show_bug.cgi?id=1221001 * https://bugzilla.suse.com/show_bug.cgi?id=1221002 * https://bugzilla.suse.com/show_bug.cgi?id=1221003 * https://bugzilla.suse.com/show_bug.cgi?id=1221400 * https://bugzilla.suse.com/show_bug.cgi?id=1224017 * https://bugzilla.suse.com/show_bug.cgi?id=1224018 * https://bugzilla.suse.com/show_bug.cgi?id=1225973 * https://bugzilla.suse.com/show_bug.cgi?id=1225974 * https://bugzilla.suse.com/show_bug.cgi?id=1227314 * https://bugzilla.suse.com/show_bug.cgi?id=1230252 * https://bugzilla.suse.com/show_bug.cgi?id=1230253 * https://bugzilla.suse.com/show_bug.cgi?id=1230254 * https://jira.suse.com/browse/PED-1962 * https://jira.suse.com/browse/SLE-18320 * CVE-2024-20697 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-20697 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-48958 ( SUSE ): 7.1 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-48958 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-48958 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-48958 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for libarchive fixes the following issues: * CVE-2024-20697: Fixed Out of bounds Remote Code Execution Vulnerability (bsc#1225972). * CVE-2024-48958: Fixed out-of-bounds access via a crafted archive file in execute_filter_delta function (bsc#1231624). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3940=1 openSUSE-SLE-15.6-2024-3940=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3940=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3940=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * bsdtar-3.7.2-150600.3.9.1 * bsdtar-debuginfo-3.7.2-150600.3.9.1 * libarchive13-3.7.2-150600.3.9.1 * libarchive-debugsource-3.7.2-150600.3.9.1 * libarchive13-debuginfo-3.7.2-150600.3.9.1 * libarchive-devel-3.7.2-150600.3.9.1 * openSUSE Leap 15.6 (x86_64) * libarchive13-32bit-3.7.2-150600.3.9.1 * libarchive13-32bit-debuginfo-3.7.2-150600.3.9.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libarchive13-64bit-debuginfo-3.7.2-150600.3.9.1 * libarchive13-64bit-3.7.2-150600.3.9.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libarchive13-3.7.2-150600.3.9.1 * libarchive13-debuginfo-3.7.2-150600.3.9.1 * libarchive-devel-3.7.2-150600.3.9.1 * libarchive-debugsource-3.7.2-150600.3.9.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * bsdtar-debuginfo-3.7.2-150600.3.9.1 * bsdtar-3.7.2-150600.3.9.1 * libarchive-debugsource-3.7.2-150600.3.9.1 ## References: * https://www.suse.com/security/cve/CVE-2024-20697.html * https://www.suse.com/security/cve/CVE-2024-48958.html * https://bugzilla.suse.com/show_bug.cgi?id=1225972 * https://bugzilla.suse.com/show_bug.cgi?id=1231624 * CVE-2024-46951 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-46953 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-46955 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-46956 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves four vulnerabilities can now be installed. ## Description: This update for ghostscript fixes the following issues: * CVE-2024-46951: Fixed arbitrary code execution via unchecked "Implementation" pointer in "Pattern" color space (bsc#1232265). * CVE-2024-46953: Fixed integer overflow when parsing the page format results in path truncation, path traversal, code execution (bsc#1232267). * CVE-2024-46956: Fixed arbitrary code execution via out of bounds data access in filenameforall (bsc#1232270). * CVE-2024-46955: Fixed out of bounds read when reading color in "Indexed" color space (bsc#1232269). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3941=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3941=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3941=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3941=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3941=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3941=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3941=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3941=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3941=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3941=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3941=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3941=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3941=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3941=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3941=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3941=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3941=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3941=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3941=1 ## Package List: * SUSE Manager Retail Branch Server 4.3 (x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 * SUSE Manager Proxy 4.3 (x86_64) * ghostscript-debugsource-9.52-150000.200.1 * ghostscript-debuginfo-9.52-150000.200.1 * ghostscript-9.52-150000.200.1 * ghostscript-x11-debuginfo-9.52-150000.200.1 * ghostscript-devel-9.52-150000.200.1 * ghostscript-x11-9.52-150000.200.1 ## References: * https://www.suse.com/security/cve/CVE-2024-46951.html * https://www.suse.com/security/cve/CVE-2024-46953.html * https://www.suse.com/security/cve/CVE-2024-46955.html * https://www.suse.com/security/cve/CVE-2024-46956.html * https://bugzilla.suse.com/show_bug.cgi?id=1232265 * https://bugzilla.suse.com/show_bug.cgi?id=1232267 * https://bugzilla.suse.com/show_bug.cgi?id=1232269 * https://bugzilla.suse.com/show_bug.cgi?id=1232270 * CVE-2023-50782 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for openssl-3 fixes the following issues: * CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3943=1 openSUSE-SLE-15.6-2024-3943=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3943=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * openssl-3-3.1.4-150600.5.21.1 * libopenssl-3-fips-provider-debuginfo-3.1.4-150600.5.21.1 * libopenssl3-3.1.4-150600.5.21.1 * libopenssl-3-fips-provider-3.1.4-150600.5.21.1 * openssl-3-debuginfo-3.1.4-150600.5.21.1 * openssl-3-debugsource-3.1.4-150600.5.21.1 * libopenssl-3-devel-3.1.4-150600.5.21.1 * libopenssl3-debuginfo-3.1.4-150600.5.21.1 * openSUSE Leap 15.6 (x86_64) * libopenssl-3-devel-32bit-3.1.4-150600.5.21.1 * libopenssl-3-fips-provider-32bit-debuginfo-3.1.4-150600.5.21.1 * libopenssl3-32bit-3.1.4-150600.5.21.1 * libopenssl-3-fips-provider-32bit-3.1.4-150600.5.21.1 * libopenssl3-32bit-debuginfo-3.1.4-150600.5.21.1 * openSUSE Leap 15.6 (noarch) * openssl-3-doc-3.1.4-150600.5.21.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libopenssl-3-fips-provider-64bit-3.1.4-150600.5.21.1 * libopenssl3-64bit-3.1.4-150600.5.21.1 * libopenssl-3-devel-64bit-3.1.4-150600.5.21.1 * libopenssl-3-fips-provider-64bit-debuginfo-3.1.4-150600.5.21.1 * libopenssl3-64bit-debuginfo-3.1.4-150600.5.21.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openssl-3-3.1.4-150600.5.21.1 * libopenssl-3-fips-provider-debuginfo-3.1.4-150600.5.21.1 * libopenssl3-3.1.4-150600.5.21.1 * libopenssl-3-fips-provider-3.1.4-150600.5.21.1 * openssl-3-debuginfo-3.1.4-150600.5.21.1 * openssl-3-debugsource-3.1.4-150600.5.21.1 * libopenssl-3-devel-3.1.4-150600.5.21.1 * libopenssl3-debuginfo-3.1.4-150600.5.21.1 * Basesystem Module 15-SP6 (x86_64) * libopenssl-3-fips-provider-32bit-debuginfo-3.1.4-150600.5.21.1 * libopenssl3-32bit-3.1.4-150600.5.21.1 * libopenssl-3-fips-provider-32bit-3.1.4-150600.5.21.1 * libopenssl3-32bit-debuginfo-3.1.4-150600.5.21.1 ## References: * https://www.suse.com/security/cve/CVE-2023-50782.html * https://bugzilla.suse.com/show_bug.cgi?id=1220262 * openSUSE Leap 15.4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature and has four fixes can now be installed. ## Description: This update for wicked fixes the following issues: * Update to version 0.6.77 * compat-suse: use iftype in sysctl handling (bsc#1230911) * Always generate the ipv4/ipv6 <enabled>true|false</enabled> node * Inherit all, default and interface sysctl settings also for loopback, except for use_tempaddr and accept_dad * Consider only interface specific accept_redirects sysctl settings * Adopt ifsysctl(5) manual page with wicked specific behavior * route: fix family and destination processing (bsc#1231060) * man: improve wicked-config(5) file description * dhcp4: add ignore-rfc3927-1-6 wicked-config(5) option * team: set arp link watcher interval default to 1s * systemd: use `BindsTo=dbus.service` in favor of `Requisite=` (bsc#1229745) * compat-suse: fix use of deprecated `INTERFACETYPE=dummy` (bsc#1229555) * arp: don't set target broadcast hardware address * dbus: don't memcpy empty/NULL array value * ethtool: fix leak and free pause data in ethtool_free ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3930=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3930=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3930=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3930=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3930=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3930=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3930=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3930=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3930=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3930=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3930=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3930=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3930=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Manager Proxy 4.3 (x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * wicked-0.6.77-150400.3.36.1 * wicked-service-0.6.77-150400.3.36.1 * wicked-debuginfo-0.6.77-150400.3.36.1 * wicked-debugsource-0.6.77-150400.3.36.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1229555 * https://bugzilla.suse.com/show_bug.cgi?id=1229745 * https://bugzilla.suse.com/show_bug.cgi?id=1230911 * https://bugzilla.suse.com/show_bug.cgi?id=1231060 * https://jira.suse.com/browse/PED-10855 * openSUSE Leap 15.3 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 An update that contains one feature and has four fixes can now be installed. ## Description: This update for wicked fixes the following issues: * Update to version 0.6.77 * compat-suse: use iftype in sysctl handling (bsc#1230911) * Always generate the ipv4/ipv6 <enabled>true|false</enabled> node * Inherit all, default and interface sysctl settings also for loopback, except for use_tempaddr and accept_dad * Consider only interface specific accept_redirects sysctl settings * Adopt ifsysctl(5) manual page with wicked specific behavior * route: fix family and destination processing (bsc#1231060) * man: improve wicked-config(5) file description * dhcp4: add ignore-rfc3927-1-6 wicked-config(5) option * team: set arp link watcher interval default to 1s * systemd: use `BindsTo=dbus.service` in favor of `Requisite=` (bsc#1229745) * compat-suse: fix use of deprecated `INTERFACETYPE=dummy` (bsc#1229555) * arp: don't set target broadcast hardware address * dbus: don't memcpy empty/NULL array value * ethtool: fix leak and free pause data in ethtool_free ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3931=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3931=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3931=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3931=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3931=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3931=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3931=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3931=1 ## Package List: * openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586) * wicked-service-0.6.77-150300.4.41.1 * wicked-debuginfo-0.6.77-150300.4.41.1 * wicked-debugsource-0.6.77-150300.4.41.1 * wicked-0.6.77-150300.4.41.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * wicked-service-0.6.77-150300.4.41.1 * wicked-debuginfo-0.6.77-150300.4.41.1 * wicked-debugsource-0.6.77-150300.4.41.1 * wicked-0.6.77-150300.4.41.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * wicked-service-0.6.77-150300.4.41.1 * wicked-debuginfo-0.6.77-150300.4.41.1 * wicked-debugsource-0.6.77-150300.4.41.1 * wicked-0.6.77-150300.4.41.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * wicked-service-0.6.77-150300.4.41.1 * wicked-debuginfo-0.6.77-150300.4.41.1 * wicked-debugsource-0.6.77-150300.4.41.1 * wicked-0.6.77-150300.4.41.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * wicked-service-0.6.77-150300.4.41.1 * wicked-debuginfo-0.6.77-150300.4.41.1 * wicked-debugsource-0.6.77-150300.4.41.1 * wicked-0.6.77-150300.4.41.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * wicked-service-0.6.77-150300.4.41.1 * wicked-debuginfo-0.6.77-150300.4.41.1 * wicked-debugsource-0.6.77-150300.4.41.1 * wicked-0.6.77-150300.4.41.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * wicked-service-0.6.77-150300.4.41.1 * wicked-debuginfo-0.6.77-150300.4.41.1 * wicked-debugsource-0.6.77-150300.4.41.1 * wicked-0.6.77-150300.4.41.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * wicked-service-0.6.77-150300.4.41.1 * wicked-debuginfo-0.6.77-150300.4.41.1 * wicked-debugsource-0.6.77-150300.4.41.1 * wicked-0.6.77-150300.4.41.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1229555 * https://bugzilla.suse.com/show_bug.cgi?id=1229745 * https://bugzilla.suse.com/show_bug.cgi?id=1230911 * https://bugzilla.suse.com/show_bug.cgi?id=1231060 * https://jira.suse.com/browse/PED-10855 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that contains one feature and has four fixes can now be installed. ## Description: This update for wicked fixes the following issues: * Update to version 0.6.77 * compat-suse: use iftype in sysctl handling (bsc#1230911) * Always generate the ipv4/ipv6 <enabled>true|false</enabled> node * Inherit all, default and interface sysctl settings also for loopback, except for use_tempaddr and accept_dad * Consider only interface specific accept_redirects sysctl settings * Adopt ifsysctl(5) manual page with wicked specific behavior * route: fix family and destination processing (bsc#1231060) * man: improve wicked-config(5) file description * dhcp4: add ignore-rfc3927-1-6 wicked-config(5) option * team: set arp link watcher interval default to 1s * systemd: use `BindsTo=dbus.service` in favor of `Requisite=` (bsc#1229745) * compat-suse: fix use of deprecated `INTERFACETYPE=dummy` (bsc#1229555) * arp: don't set target broadcast hardware address * dbus: don't memcpy empty/NULL array value * ethtool: fix leak and free pause data in ethtool_free ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3935=1 openSUSE-SLE-15.6-2024-3935=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3935=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * wicked-nbft-0.6.77-150600.11.15.1 * wicked-service-0.6.77-150600.11.15.1 * wicked-debuginfo-0.6.77-150600.11.15.1 * wicked-0.6.77-150600.11.15.1 * wicked-debugsource-0.6.77-150600.11.15.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * wicked-nbft-0.6.77-150600.11.15.1 * wicked-service-0.6.77-150600.11.15.1 * wicked-debuginfo-0.6.77-150600.11.15.1 * wicked-0.6.77-150600.11.15.1 * wicked-debugsource-0.6.77-150600.11.15.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1229555 * https://bugzilla.suse.com/show_bug.cgi?id=1229745 * https://bugzilla.suse.com/show_bug.cgi?id=1230911 * https://bugzilla.suse.com/show_bug.cgi?id=1231060 * https://jira.suse.com/browse/PED-10855 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that contains one feature and has four fixes can now be installed. ## Description: This update for wicked fixes the following issues: * Update to version 0.6.77 * compat-suse: use iftype in sysctl handling (bsc#1230911) * Always generate the ipv4/ipv6 <enabled>true|false</enabled> node * Inherit all, default and interface sysctl settings also for loopback, except for use_tempaddr and accept_dad * Consider only interface specific accept_redirects sysctl settings * Adopt ifsysctl(5) manual page with wicked specific behavior * route: fix family and destination processing (bsc#1231060) * man: improve wicked-config(5) file description * dhcp4: add ignore-rfc3927-1-6 wicked-config(5) option * team: set arp link watcher interval default to 1s * systemd: use `BindsTo=dbus.service` in favor of `Requisite=` (bsc#1229745) * compat-suse: fix use of deprecated `INTERFACETYPE=dummy` (bsc#1229555) * arp: don't set target broadcast hardware address * dbus: don't memcpy empty/NULL array value * ethtool: fix leak and free pause data in ethtool_free ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3936=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3936=1 SUSE-2024-3936=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3936=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3936=1 ## Package List: * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * wicked-debuginfo-0.6.77-150500.3.39.1 * wicked-service-0.6.77-150500.3.39.1 * wicked-0.6.77-150500.3.39.1 * wicked-debugsource-0.6.77-150500.3.39.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * wicked-debugsource-0.6.77-150500.3.39.1 * wicked-nbft-0.6.77-150500.3.39.1 * wicked-0.6.77-150500.3.39.1 * wicked-debuginfo-0.6.77-150500.3.39.1 * wicked-service-0.6.77-150500.3.39.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * wicked-debuginfo-0.6.77-150500.3.39.1 * wicked-service-0.6.77-150500.3.39.1 * wicked-0.6.77-150500.3.39.1 * wicked-debugsource-0.6.77-150500.3.39.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * wicked-debugsource-0.6.77-150500.3.39.1 * wicked-nbft-0.6.77-150500.3.39.1 * wicked-0.6.77-150500.3.39.1 * wicked-debuginfo-0.6.77-150500.3.39.1 * wicked-service-0.6.77-150500.3.39.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1229555 * https://bugzilla.suse.com/show_bug.cgi?id=1229745 * https://bugzilla.suse.com/show_bug.cgi?id=1230911 * https://bugzilla.suse.com/show_bug.cgi?id=1231060 * https://jira.suse.com/browse/PED-10855 openSUSE Security Update: Security update for python-mysql-connector-python ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0355-1 Rating: important References: #1231740 Cross-References: CVE-2024-21272 Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python-mysql-connector-python fixes the following issues: - Update to 9.1.0 (boo#1231740, CVE-2024-21272) - WL#16452: Bundle all installable authentication plugins when building the C-extension - WL#16444: Drop build support for DEB packages - WL#16442: Upgrade gssapi version to 1.8.3 - WL#16411: Improve wheel metadata information for Classic and XDevAPI connectors - WL#16341: OpenID Connect (Oauth2 - JWT) Authentication Support - WL#16307: Remove Python 3.8 support - WL#16306: Add support for Python 3.13 - BUG#37055435: Connection fails during the TLS negotiation when specifying TLSv1.3 ciphers - BUG#37013057: mysql-connector-python Parameterized query SQL injection - BUG#36765200: python mysql connector 8.3.0 raise %-.100s:%u when input a wrong host - BUG#36577957: Update charset/collation description indicate this is 16 - 9.0.0: - WL#16350: Update dnspython version - WL#16318: Deprecate Cursors Prepared Raw and Named Tuple - WL#16284: Update the Python Protobuf version - WL#16283: Remove OpenTelemetry Bundled Installation - BUG#36664998: Packets out of order error is raised while changing user in aio - BUG#36611371: Update dnspython required versions to allow latest 2.6.1 - BUG#36570707: Collation set on connect using C-Extension is ignored - BUG#36476195: Incorrect escaping in pure Python mode if sql_mode includes NO_BACKSLASH_ESCAPES - BUG#36289767: MySQLCursorBufferedRaw does not skip conversion - 8.4.0 - WL#16203: GPL License Exception Update - WL#16173: Update allowed cipher and cipher-suite lists - WL#16164: Implement support for new vector data type - WL#16127: Remove the FIDO authentication mechanism - WL#16053: Support GSSAPI/Kerberos authentication on Windows using authentication_ldap_sasl_client plug-in for C-extension - BUG#36227964: Improve OpenTelemetry span coverage - BUG#36167880: Massive memory leak mysqlx native Protobuf adding to collection - 8.3.0 - WL#16015: Remove use of removed COM_ commands - WL#15985: Support GSSAPI/Kerberos authentication on Windows using authentication_ldap_sasl_client plug-in for Pure Python - WL#15983: Stop using mysql_ssl_set api - WL#15982: Remove use of mysql_shutdown - WL#15950: Support query parameters for prepared statements - WL#15942: Improve type hints and standardize byte type handling - WL#15836: Split mysql and mysqlx into different packages - WL#15523: Support Python DB API asynchronous execution - BUG#35912790: Binary strings are converted when using prepared statements - BUG#35832148: Fix Django timezone.utc deprecation warning - BUG#35710145: Bad MySQLCursor.statement and result when query text contains code comments - BUG#21390859: STATEMENTS GET OUT OF SYNCH WITH RESULT SETS Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2024-355=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64): python3-mysql-connector-python-9.1.0-bp156.4.3.1 References: https://www.suse.com/security/cve/CVE-2024-21272.html https://bugzilla.suse.com/1231740 openSUSE Security Update: Security update for kmail-account-wizard ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0353-1 Rating: moderate References: #1232454 Cross-References: CVE-2024-50624 Affected Products: openSUSE Backports SLE-15-SP5 openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for kmail-account-wizard fixes the following issues: - CVE-2024-50624: Fixed that plaintext HTTP was used for URLs when retrieving configuration files (boo#1232454, kde#487882) Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2024-353=1 - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-353=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 x86_64): kmail-account-wizard-23.08.5-bp156.2.3.1 kmail-account-wizard-debuginfo-23.08.5-bp156.2.3.1 kmail-account-wizard-debugsource-23.08.5-bp156.2.3.1 - openSUSE Backports SLE-15-SP6 (noarch): kmail-account-wizard-lang-23.08.5-bp156.2.3.1 - openSUSE Backports SLE-15-SP5 (aarch64 x86_64): kmail-account-wizard-22.12.3-bp155.2.3.1 - openSUSE Backports SLE-15-SP5 (noarch): kmail-account-wizard-lang-22.12.3-bp155.2.3.1 References: https://www.suse.com/security/cve/CVE-2024-50624.html https://bugzilla.suse.com/1232454 openSUSE Security Update: Security update for python-mysql-connector-python ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0351-1 Rating: important References: #1231740 Cross-References: CVE-2024-21272 Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for python-mysql-connector-python fixes the following issues: - Update to 9.1.0 (boo#1231740, CVE-2024-21272) - WL#16452: Bundle all installable authentication plugins when building the C-extension - WL#16444: Drop build support for DEB packages - WL#16442: Upgrade gssapi version to 1.8.3 - WL#16411: Improve wheel metadata information for Classic and XDevAPI connectors - WL#16341: OpenID Connect (Oauth2 - JWT) Authentication Support - WL#16307: Remove Python 3.8 support - WL#16306: Add support for Python 3.13 - BUG#37055435: Connection fails during the TLS negotiation when specifying TLSv1.3 ciphers - BUG#37013057: mysql-connector-python Parameterized query SQL injection - BUG#36765200: python mysql connector 8.3.0 raise %-.100s:%u when input a wrong host - BUG#36577957: Update charset/collation description indicate this is 16 - 9.0.0: - WL#16350: Update dnspython version - WL#16318: Deprecate Cursors Prepared Raw and Named Tuple - WL#16284: Update the Python Protobuf version - WL#16283: Remove OpenTelemetry Bundled Installation - BUG#36664998: Packets out of order error is raised while changing user in aio - BUG#36611371: Update dnspython required versions to allow latest 2.6.1 - BUG#36570707: Collation set on connect using C-Extension is ignored - BUG#36476195: Incorrect escaping in pure Python mode if sql_mode includes NO_BACKSLASH_ESCAPES - BUG#36289767: MySQLCursorBufferedRaw does not skip conversion - 8.4.0 - WL#16203: GPL License Exception Update - WL#16173: Update allowed cipher and cipher-suite lists - WL#16164: Implement support for new vector data type - WL#16127: Remove the FIDO authentication mechanism - WL#16053: Support GSSAPI/Kerberos authentication on Windows using authentication_ldap_sasl_client plug-in for C-extension - BUG#36227964: Improve OpenTelemetry span coverage - BUG#36167880: Massive memory leak mysqlx native Protobuf adding to collection - 8.3.0 - WL#16015: Remove use of removed COM_ commands - WL#15985: Support GSSAPI/Kerberos authentication on Windows using authentication_ldap_sasl_client plug-in for Pure Python - WL#15983: Stop using mysql_ssl_set api - WL#15982: Remove use of mysql_shutdown - WL#15950: Support query parameters for prepared statements - WL#15942: Improve type hints and standardize byte type handling - WL#15836: Split mysql and mysqlx into different packages - WL#15523: Support Python DB API asynchronous execution - BUG#35912790: Binary strings are converted when using prepared statements - BUG#35832148: Fix Django timezone.utc deprecation warning - BUG#35710145: Bad MySQLCursor.statement and result when query text contains code comments - BUG#21390859: STATEMENTS GET OUT OF SYNCH WITH RESULT SETS Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-351=1 Package List: - openSUSE Backports SLE-15-SP5 (aarch64 i586 ppc64le s390x x86_64): python3-mysql-connector-python-9.1.0-bp155.3.3.1 References: https://www.suse.com/security/cve/CVE-2024-21272.html https://bugzilla.suse.com/1231740 openSUSE Recommended Update: Recommended update for orthanc-wsi ______________________________________________________________________________ Announcement ID: openSUSE-RU-2024:0354-1 Rating: moderate References: Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that has 0 recommended fixes can now be installed. Description: This update for orthanc-wsi fixes the following issues: Version 2.1 * Support of sparse encoding of tiles in OpenSlide (notably for MIRAX format) * OrthancWSIDicomizer supports plain TIFF, besides hierarchical TIFF * New option: "--force-openslide" to force the use of OpenSlide on TIFF-like files * New option: "--padding" to control deep zoom of plain PNG/JPEG/TIFF images over IIIF * Added support for DICOM tag "Recommended Absent Pixel CIELab" (0048,0015) * Force version of Mirador to 3.3.0 * In the IIIF manifest, reverse the order of the "sizes" field, which seems to fix compatibility with Mirador v4.0.0-alpha Patch Instructions: To install this openSUSE Recommended Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2024-354=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 ppc64le s390x x86_64): orthanc-wsi-2.1-bp156.2.3.1 References: * CVE-2024-36474 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-36474 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-36474 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-42415 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42415 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-42415 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-42415 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Workstation Extension 15 SP5 An update that solves two vulnerabilities can now be installed. ## Description: This update for libgsf fixes the following issues: * CVE-2024-42415, CVE-2024-36474: Fixed integer overflows affecting memory allocation (bsc#1231282, bsc#1231283). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3922=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3922=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-3922=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3922=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3922=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3922=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3922=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3922=1 * SUSE Linux Enterprise Workstation Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-3922=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libgsf-tools-1.14.50-150400.3.6.1 * libgsf-1-114-1.14.50-150400.3.6.1 * typelib-1_0-Gsf-1-1.14.50-150400.3.6.1 * gsf-office-thumbnailer-debuginfo-1.14.50-150400.3.6.1 * libgsf-1-114-debuginfo-1.14.50-150400.3.6.1 * libgsf-tools-debuginfo-1.14.50-150400.3.6.1 * libgsf-devel-1.14.50-150400.3.6.1 * libgsf-debugsource-1.14.50-150400.3.6.1 * gsf-office-thumbnailer-1.14.50-150400.3.6.1 * openSUSE Leap 15.4 (x86_64) * libgsf-1-114-32bit-1.14.50-150400.3.6.1 * libgsf-1-114-32bit-debuginfo-1.14.50-150400.3.6.1 * openSUSE Leap 15.4 (noarch) * libgsf-lang-1.14.50-150400.3.6.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libgsf-1-114-64bit-1.14.50-150400.3.6.1 * libgsf-1-114-64bit-debuginfo-1.14.50-150400.3.6.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libgsf-tools-1.14.50-150400.3.6.1 * libgsf-1-114-1.14.50-150400.3.6.1 * typelib-1_0-Gsf-1-1.14.50-150400.3.6.1 * gsf-office-thumbnailer-debuginfo-1.14.50-150400.3.6.1 * libgsf-1-114-debuginfo-1.14.50-150400.3.6.1 * libgsf-tools-debuginfo-1.14.50-150400.3.6.1 * libgsf-devel-1.14.50-150400.3.6.1 * libgsf-debugsource-1.14.50-150400.3.6.1 * gsf-office-thumbnailer-1.14.50-150400.3.6.1 * openSUSE Leap 15.5 (x86_64) * libgsf-1-114-32bit-1.14.50-150400.3.6.1 * libgsf-1-114-32bit-debuginfo-1.14.50-150400.3.6.1 * openSUSE Leap 15.5 (noarch) * libgsf-lang-1.14.50-150400.3.6.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libgsf-1-114-1.14.50-150400.3.6.1 * libgsf-1-114-debuginfo-1.14.50-150400.3.6.1 * libgsf-debugsource-1.14.50-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libgsf-1-114-1.14.50-150400.3.6.1 * libgsf-1-114-debuginfo-1.14.50-150400.3.6.1 * libgsf-debugsource-1.14.50-150400.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libgsf-1-114-1.14.50-150400.3.6.1 * libgsf-1-114-debuginfo-1.14.50-150400.3.6.1 * libgsf-debugsource-1.14.50-150400.3.6.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libgsf-1-114-1.14.50-150400.3.6.1 * typelib-1_0-Gsf-1-1.14.50-150400.3.6.1 * libgsf-1-114-debuginfo-1.14.50-150400.3.6.1 * libgsf-devel-1.14.50-150400.3.6.1 * libgsf-debugsource-1.14.50-150400.3.6.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * libgsf-lang-1.14.50-150400.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libgsf-1-114-1.14.50-150400.3.6.1 * libgsf-1-114-debuginfo-1.14.50-150400.3.6.1 * libgsf-debugsource-1.14.50-150400.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libgsf-1-114-1.14.50-150400.3.6.1 * libgsf-1-114-debuginfo-1.14.50-150400.3.6.1 * libgsf-debugsource-1.14.50-150400.3.6.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64) * typelib-1_0-Gsf-1-1.14.50-150400.3.6.1 * libgsf-devel-1.14.50-150400.3.6.1 * libgsf-debugsource-1.14.50-150400.3.6.1 * SUSE Linux Enterprise Workstation Extension 15 SP5 (noarch) * libgsf-lang-1.14.50-150400.3.6.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36474.html * https://www.suse.com/security/cve/CVE-2024-42415.html * https://bugzilla.suse.com/show_bug.cgi?id=1231282 * https://bugzilla.suse.com/show_bug.cgi?id=1231283 * CVE-2024-36474 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-36474 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-36474 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36474 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-42415 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42415 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-42415 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2024-42415 ( NVD ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Linux Enterprise Workstation Extension 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for libgsf fixes the following issues: * CVE-2024-42415, CVE-2024-36474: Fixed integer overflows affecting memory allocation (bsc#1231282, bsc#1231283). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3920=1 openSUSE-SLE-15.6-2024-3920=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-3920=1 * SUSE Linux Enterprise Workstation Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-3920=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libgsf-debuginfo-1.14.51-150600.4.3.1 * typelib-1_0-Gsf-1-1.14.51-150600.4.3.1 * libgsf-1-114-debuginfo-1.14.51-150600.4.3.1 * libgsf-tools-1.14.51-150600.4.3.1 * libgsf-debugsource-1.14.51-150600.4.3.1 * gsf-office-thumbnailer-debuginfo-1.14.51-150600.4.3.1 * libgsf-devel-1.14.51-150600.4.3.1 * gsf-office-thumbnailer-1.14.51-150600.4.3.1 * libgsf-1-114-1.14.51-150600.4.3.1 * libgsf-tools-debuginfo-1.14.51-150600.4.3.1 * openSUSE Leap 15.6 (noarch) * libgsf-lang-1.14.51-150600.4.3.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libgsf-debuginfo-1.14.51-150600.4.3.1 * libgsf-1-114-1.14.51-150600.4.3.1 * libgsf-1-114-debuginfo-1.14.51-150600.4.3.1 * libgsf-debugsource-1.14.51-150600.4.3.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64) * libgsf-debuginfo-1.14.51-150600.4.3.1 * typelib-1_0-Gsf-1-1.14.51-150600.4.3.1 * libgsf-devel-1.14.51-150600.4.3.1 * libgsf-debugsource-1.14.51-150600.4.3.1 * SUSE Linux Enterprise Workstation Extension 15 SP6 (noarch) * libgsf-lang-1.14.51-150600.4.3.1 ## References: * https://www.suse.com/security/cve/CVE-2024-36474.html * https://www.suse.com/security/cve/CVE-2024-42415.html * https://bugzilla.suse.com/show_bug.cgi?id=1231282 * https://bugzilla.suse.com/show_bug.cgi?id=1231283 * CVE-2023-35947 ( SUSE ): 6.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:L * CVE-2023-35947 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Development Tools Module 15-SP5 * Development Tools Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for gradle fixes the following issues: * CVE-2023-35947: Fixed an issue while unpacking tar archives, where files could be created outside of the unpack location (bsc#1212931). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3923=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3923=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3923=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3923=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3923=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3923=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3923=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3923=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3923=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3923=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3923=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3923=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3923=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3923=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3923=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-3923=1 ## Package List: * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * gradle-4.4.1-150200.3.27.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * gradle-4.4.1-150200.3.27.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.27.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.27.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * gradle-4.4.1-150200.3.27.1 ## References: * https://www.suse.com/security/cve/CVE-2023-35947.html * https://bugzilla.suse.com/show_bug.cgi?id=1212931 * CVE-2024-9287 ( SUSE ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green * CVE-2024-9287 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2024-9287 ( NVD ): 5.3 CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:A/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:Green Affected Products: * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap 15.6 An update that solves one vulnerability and has one security fix can now be installed. ## Description: This update for python310 fixes the following issues: * CVE-2024-9287: Fixed quoted path names provided when creating a virtual environment (bsc#1232241). Bug fixes: * Drop .pyc files from docdir for reproducible builds (bsc#1230906). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3924=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3924=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3924=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python310-dbm-debuginfo-3.10.15-150400.4.60.1 * python310-base-3.10.15-150400.4.60.1 * python310-doc-3.10.15-150400.4.60.1 * python310-idle-3.10.15-150400.4.60.1 * python310-3.10.15-150400.4.60.1 * python310-curses-debuginfo-3.10.15-150400.4.60.1 * python310-devel-3.10.15-150400.4.60.1 * python310-core-debugsource-3.10.15-150400.4.60.1 * python310-tools-3.10.15-150400.4.60.1 * python310-debuginfo-3.10.15-150400.4.60.1 * python310-tk-debuginfo-3.10.15-150400.4.60.1 * python310-tk-3.10.15-150400.4.60.1 * python310-curses-3.10.15-150400.4.60.1 * python310-testsuite-debuginfo-3.10.15-150400.4.60.1 * libpython3_10-1_0-3.10.15-150400.4.60.1 * python310-testsuite-3.10.15-150400.4.60.1 * python310-doc-devhelp-3.10.15-150400.4.60.1 * python310-base-debuginfo-3.10.15-150400.4.60.1 * python310-debugsource-3.10.15-150400.4.60.1 * libpython3_10-1_0-debuginfo-3.10.15-150400.4.60.1 * python310-dbm-3.10.15-150400.4.60.1 * openSUSE Leap 15.4 (x86_64) * python310-32bit-debuginfo-3.10.15-150400.4.60.1 * python310-base-32bit-3.10.15-150400.4.60.1 * libpython3_10-1_0-32bit-debuginfo-3.10.15-150400.4.60.1 * python310-base-32bit-debuginfo-3.10.15-150400.4.60.1 * libpython3_10-1_0-32bit-3.10.15-150400.4.60.1 * python310-32bit-3.10.15-150400.4.60.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libpython3_10-1_0-64bit-debuginfo-3.10.15-150400.4.60.1 * python310-64bit-3.10.15-150400.4.60.1 * libpython3_10-1_0-64bit-3.10.15-150400.4.60.1 * python310-base-64bit-3.10.15-150400.4.60.1 * python310-64bit-debuginfo-3.10.15-150400.4.60.1 * python310-base-64bit-debuginfo-3.10.15-150400.4.60.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * python310-dbm-debuginfo-3.10.15-150400.4.60.1 * python310-base-3.10.15-150400.4.60.1 * python310-doc-3.10.15-150400.4.60.1 * python310-idle-3.10.15-150400.4.60.1 * python310-3.10.15-150400.4.60.1 * python310-curses-debuginfo-3.10.15-150400.4.60.1 * python310-devel-3.10.15-150400.4.60.1 * python310-core-debugsource-3.10.15-150400.4.60.1 * python310-tools-3.10.15-150400.4.60.1 * python310-debuginfo-3.10.15-150400.4.60.1 * python310-tk-debuginfo-3.10.15-150400.4.60.1 * python310-tk-3.10.15-150400.4.60.1 * python310-curses-3.10.15-150400.4.60.1 * python310-testsuite-debuginfo-3.10.15-150400.4.60.1 * libpython3_10-1_0-3.10.15-150400.4.60.1 * python310-testsuite-3.10.15-150400.4.60.1 * python310-doc-devhelp-3.10.15-150400.4.60.1 * python310-base-debuginfo-3.10.15-150400.4.60.1 * python310-debugsource-3.10.15-150400.4.60.1 * libpython3_10-1_0-debuginfo-3.10.15-150400.4.60.1 * python310-dbm-3.10.15-150400.4.60.1 * openSUSE Leap 15.5 (x86_64) * python310-32bit-debuginfo-3.10.15-150400.4.60.1 * python310-base-32bit-3.10.15-150400.4.60.1 * libpython3_10-1_0-32bit-debuginfo-3.10.15-150400.4.60.1 * python310-base-32bit-debuginfo-3.10.15-150400.4.60.1 * libpython3_10-1_0-32bit-3.10.15-150400.4.60.1 * python310-32bit-3.10.15-150400.4.60.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * python310-dbm-debuginfo-3.10.15-150400.4.60.1 * python310-base-3.10.15-150400.4.60.1 * python310-doc-3.10.15-150400.4.60.1 * python310-idle-3.10.15-150400.4.60.1 * python310-3.10.15-150400.4.60.1 * python310-curses-debuginfo-3.10.15-150400.4.60.1 * python310-devel-3.10.15-150400.4.60.1 * python310-core-debugsource-3.10.15-150400.4.60.1 * python310-tools-3.10.15-150400.4.60.1 * python310-debuginfo-3.10.15-150400.4.60.1 * python310-tk-debuginfo-3.10.15-150400.4.60.1 * python310-tk-3.10.15-150400.4.60.1 * python310-curses-3.10.15-150400.4.60.1 * python310-testsuite-debuginfo-3.10.15-150400.4.60.1 * libpython3_10-1_0-3.10.15-150400.4.60.1 * python310-testsuite-3.10.15-150400.4.60.1 * python310-doc-devhelp-3.10.15-150400.4.60.1 * python310-base-debuginfo-3.10.15-150400.4.60.1 * python310-debugsource-3.10.15-150400.4.60.1 * libpython3_10-1_0-debuginfo-3.10.15-150400.4.60.1 * python310-dbm-3.10.15-150400.4.60.1 * openSUSE Leap 15.6 (x86_64) * python310-32bit-debuginfo-3.10.15-150400.4.60.1 * python310-base-32bit-3.10.15-150400.4.60.1 * libpython3_10-1_0-32bit-debuginfo-3.10.15-150400.4.60.1 * python310-base-32bit-debuginfo-3.10.15-150400.4.60.1 * libpython3_10-1_0-32bit-3.10.15-150400.4.60.1 * python310-32bit-3.10.15-150400.4.60.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9287.html * https://bugzilla.suse.com/show_bug.cgi?id=1230906 * https://bugzilla.suse.com/show_bug.cgi?id=1232241 * CVE-2024-9681 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-9681 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability can now be installed. ## Description: This update for curl fixes the following issues: * CVE-2024-9681: Fixed HSTS subdomain overwrites parent cache entry (bsc#1232528) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3925=1 openSUSE-SLE-15.6-2024-3925=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3925=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libcurl4-debuginfo-8.6.0-150600.4.12.1 * curl-debugsource-8.6.0-150600.4.12.1 * libcurl4-8.6.0-150600.4.12.1 * curl-debuginfo-8.6.0-150600.4.12.1 * libcurl-devel-8.6.0-150600.4.12.1 * curl-8.6.0-150600.4.12.1 * openSUSE Leap 15.6 (x86_64) * libcurl-devel-32bit-8.6.0-150600.4.12.1 * libcurl4-32bit-debuginfo-8.6.0-150600.4.12.1 * libcurl4-32bit-8.6.0-150600.4.12.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libcurl4-64bit-debuginfo-8.6.0-150600.4.12.1 * libcurl-devel-64bit-8.6.0-150600.4.12.1 * libcurl4-64bit-8.6.0-150600.4.12.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libcurl4-debuginfo-8.6.0-150600.4.12.1 * curl-debugsource-8.6.0-150600.4.12.1 * libcurl4-8.6.0-150600.4.12.1 * curl-debuginfo-8.6.0-150600.4.12.1 * libcurl-devel-8.6.0-150600.4.12.1 * curl-8.6.0-150600.4.12.1 * Basesystem Module 15-SP6 (x86_64) * libcurl4-32bit-8.6.0-150600.4.12.1 * libcurl4-32bit-debuginfo-8.6.0-150600.4.12.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9681.html * https://bugzilla.suse.com/show_bug.cgi?id=1232528 * CVE-2024-9681 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-9681 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: * Basesystem Module 15-SP5 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that solves one vulnerability can now be installed. ## Description: This update for curl fixes the following issues: * CVE-2024-9681: Fixed HSTS subdomain overwrites parent cache entry (bsc#1232528) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3926=1 SUSE-SLE- INSTALLER-15-SP4-2024-3926=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3926=1 SUSE- SLE-INSTALLER-15-SP4-2024-3926=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3926=1 SUSE-SLE-INSTALLER-15-SP4-2024-3926=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3926=1 SUSE- SLE-INSTALLER-15-SP4-2024-3926=1 * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3926=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3926=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3926=1 * SUSE Linux Enterprise High Performance Computing 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3926=1 * SUSE Linux Enterprise Server 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3926=1 * SUSE Linux Enterprise Desktop 15 SP4 zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-3926=1 * SUSE Linux Enterprise High Performance Computing 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3926=1 * SUSE Linux Enterprise Server 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3926=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3926=1 * SUSE Linux Enterprise Desktop 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3926=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3926=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3926=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3926=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3926=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3926=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3926=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3926=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3926=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3926=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3926=1 ## Package List: * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * SUSE Manager Proxy 4.3 (x86_64) * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * libcurl4-32bit-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * libcurl4-32bit-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Manager Server 4.3 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * openSUSE Leap 15.4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-32bit-8.0.1-150400.5.56.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libcurl4-64bit-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-64bit-8.0.1-150400.5.56.1 * libcurl4-64bit-8.0.1-150400.5.56.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * openSUSE Leap 15.5 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-32bit-8.0.1-150400.5.56.1 * SUSE Linux Enterprise High Performance Computing 15 SP4 (aarch64 x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Server 15 SP4 (aarch64 ppc64le s390x x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Desktop 15 SP4 (x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise High Performance Computing 15 SP5 (aarch64 x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Server 15 SP5 (aarch64 ppc64le s390x x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Desktop 15 SP5 (x86_64) * libcurl4-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * Basesystem Module 15-SP5 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * libcurl4-32bit-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * curl-8.0.1-150400.5.56.1 * curl-debugsource-8.0.1-150400.5.56.1 * libcurl4-debuginfo-8.0.1-150400.5.56.1 * libcurl-devel-8.0.1-150400.5.56.1 * libcurl4-8.0.1-150400.5.56.1 * curl-debuginfo-8.0.1-150400.5.56.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * libcurl4-32bit-8.0.1-150400.5.56.1 * libcurl4-32bit-debuginfo-8.0.1-150400.5.56.1 ## References: * https://www.suse.com/security/cve/CVE-2024-9681.html * https://bugzilla.suse.com/show_bug.cgi?id=1232528 * openSUSE Leap 15.6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * Web and Scripting Module 15-SP6 An update that contains one feature can now be installed. ## Description: This update for php-gnupg fixes the following issues: * Ship php8-gnupg. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Web and Scripting Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP6-2024-3917=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3917=1 openSUSE-SLE-15.6-2024-3917=1 ## Package List: * Web and Scripting Module 15-SP6 (aarch64 ppc64le s390x x86_64) * php8-gnupg-debugsource-1.5.1-150600.13.3.2 * php8-gnupg-debuginfo-1.5.1-150600.13.3.2 * php8-gnupg-1.5.1-150600.13.3.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * php7-gnupg-debuginfo-1.5.1-150600.13.3.2 * php8-gnupg-1.5.1-150600.13.3.2 * php7-gnupg-1.5.1-150600.13.3.2 * php8-gnupg-debugsource-1.5.1-150600.13.3.2 * php7-gnupg-debugsource-1.5.1-150600.13.3.2 * php8-gnupg-debuginfo-1.5.1-150600.13.3.2 ## References: * https://jira.suse.com/browse/PED-7973 * openSUSE Leap 15.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for rasdaemon fixes the following issues: * Error logs are not captured in rasdaemon upon error injection (bsc#1226114) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3918=1 openSUSE-SLE-15.5-2024-3918=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3918=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150500.7.3.2 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150500.7.3.2 * rasdaemon-0.6.7.18.git+7ccf12f-150500.7.3.2 * Server Applications Module 15-SP5 (aarch64 s390x x86_64) * rasdaemon-debugsource-0.6.7.18.git+7ccf12f-150500.7.3.2 * rasdaemon-debuginfo-0.6.7.18.git+7ccf12f-150500.7.3.2 * rasdaemon-0.6.7.18.git+7ccf12f-150500.7.3.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1226114 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP6 An update that has two fixes can now be installed. ## Description: This update for pipewire fixes the following issues: * Make sure the pipewire-libjack package doesn't completely replace the original jack libraries unless the pipewire-jack package which installs the ld.so.conf.d file is installed too (bsc#1222253). * Moved modules jack-tunnel and jackdbus-detect to the pipewire-spa- plugins-0_2-jack since those modules should only be used when the real jack server is running. This fixes pipewire starting jackdbus on start (bsc#1230613) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3919=1 openSUSE-SLE-15.6-2024-3919=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3919=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-3919=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3919=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * pipewire-jack-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-spa-plugins-0_2-jack-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-module-x11-0_3-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-spa-tools-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-alsa-1.0.5+git36.60deeb2-150600.3.3.5 * gstreamer-plugin-pipewire-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-libjack-0_3-devel-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-spa-plugins-0_2-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-alsa-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-spa-plugins-0_2-jack-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-tools-1.0.5+git36.60deeb2-150600.3.3.5 * libpipewire-0_3-0-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * libpipewire-0_3-0-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-devel-1.0.5+git36.60deeb2-150600.3.3.5 * gstreamer-plugin-pipewire-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-module-x11-0_3-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-modules-0_3-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-libjack-0_3-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-debugsource-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-pulseaudio-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-doc-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-pulseaudio-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-modules-0_3-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-spa-plugins-0_2-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-tools-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-spa-tools-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-libjack-0_3-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * openSUSE Leap 15.6 (x86_64) * libpipewire-0_3-0-32bit-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-libjack-0_3-32bit-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-spa-plugins-0_2-32bit-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-spa-plugins-0_2-32bit-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-modules-0_3-32bit-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-libjack-0_3-32bit-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * libpipewire-0_3-0-32bit-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-alsa-32bit-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-alsa-32bit-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-modules-0_3-32bit-1.0.5+git36.60deeb2-150600.3.3.5 * openSUSE Leap 15.6 (noarch) * pipewire-lang-1.0.5+git36.60deeb2-150600.3.3.5 * openSUSE Leap 15.6 (aarch64_ilp32) * libpipewire-0_3-0-64bit-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-spa-plugins-0_2-64bit-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-modules-0_3-64bit-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-spa-plugins-0_2-64bit-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-modules-0_3-64bit-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-libjack-0_3-64bit-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-libjack-0_3-64bit-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-alsa-64bit-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * libpipewire-0_3-0-64bit-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-alsa-64bit-1.0.5+git36.60deeb2-150600.3.3.5 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libpipewire-0_3-0-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-spa-plugins-0_2-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-modules-0_3-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-spa-plugins-0_2-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * libpipewire-0_3-0-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-modules-0_3-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-debugsource-1.0.5+git36.60deeb2-150600.3.3.5 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * gstreamer-plugin-pipewire-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * gstreamer-plugin-pipewire-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-tools-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-tools-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-spa-tools-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-debugsource-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-spa-tools-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-1.0.5+git36.60deeb2-150600.3.3.5 * Desktop Applications Module 15-SP6 (noarch) * pipewire-lang-1.0.5+git36.60deeb2-150600.3.3.5 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * pipewire-pulseaudio-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-doc-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-libjack-0_3-devel-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-libjack-0_3-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-spa-plugins-0_2-jack-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-alsa-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-pulseaudio-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-spa-plugins-0_2-jack-debuginfo-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-libjack-0_3-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-debugsource-1.0.5+git36.60deeb2-150600.3.3.5 * pipewire-alsa-1.0.5+git36.60deeb2-150600.3.3.5 * SUSE Package Hub 15 15-SP6 (noarch) * pipewire-lang-1.0.5+git36.60deeb2-150600.3.3.5 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1222253 * https://bugzilla.suse.com/show_bug.cgi?id=1230613 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature and has one fix can now be installed. ## Description: This update for csp-billing-adapter fixes the following issues: * Version update 1.1.0 * Fix unit file (jsc#PED-8482, bsc#1227329). * Support daily billing interval to enable testing on Azure. * Switch build to python 3.11. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3916=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3916=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-3916=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-3916=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-3916=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-csp-billing-adapter-amazon-1.0.0-150400.9.10.2 * python311-csp-billing-adapter-microsoft-1.0.0-150400.9.10.2 * csp-billing-adapter-service-1.1.0-150400.9.18.2 * python311-csp-billing-adapter-local-1.0.0-150400.9.18.2 * python311-csp-billing-adapter-1.1.0-150400.9.18.2 * openSUSE Leap 15.6 (noarch) * csp-billing-adapter-service-1.1.0-150400.9.18.2 * Public Cloud Module 15-SP4 (noarch) * python311-csp-billing-adapter-microsoft-1.0.0-150400.9.10.2 * python311-csp-billing-adapter-amazon-1.0.0-150400.9.10.2 * csp-billing-adapter-service-1.1.0-150400.9.18.2 * python311-csp-billing-adapter-local-1.0.0-150400.9.18.2 * python311-csp-billing-adapter-1.1.0-150400.9.18.2 * Public Cloud Module 15-SP5 (noarch) * python311-csp-billing-adapter-microsoft-1.0.0-150400.9.10.2 * python311-csp-billing-adapter-amazon-1.0.0-150400.9.10.2 * csp-billing-adapter-service-1.1.0-150400.9.18.2 * python311-csp-billing-adapter-local-1.0.0-150400.9.18.2 * python311-csp-billing-adapter-1.1.0-150400.9.18.2 * Public Cloud Module 15-SP6 (noarch) * python311-csp-billing-adapter-microsoft-1.0.0-150400.9.10.2 * python311-csp-billing-adapter-amazon-1.0.0-150400.9.10.2 * csp-billing-adapter-service-1.1.0-150400.9.18.2 * python311-csp-billing-adapter-local-1.0.0-150400.9.18.2 * python311-csp-billing-adapter-1.1.0-150400.9.18.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1227329 * https://jira.suse.com/browse/PED-8482 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.1 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.1 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.1 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 * SUSE Manager Server 4.3 Module 4.3 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that contains one feature can now be installed. ## Description: This update for protobuf fixes the following issues: * Build the java part with maven, so that we create artifacts that correspond to upstream distributed ones. * Add maven artifact metadata to the protoc binary * Package also the bom and pom artifacts ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3914=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3914=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3914=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3914=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3914=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3914=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3914=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3914=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-3914=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3914=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3914=1 * Public Cloud Module 15-SP2 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2024-3914=1 * Public Cloud Module 15-SP3 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2024-3914=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-3914=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-3914=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-3914=1 * SUSE Manager Server 4.3 Module 4.3 zypper in -t patch SUSE-SLE-Module-SUSE-Manager-Server-4.3-2024-3914=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3914=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3914=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3914=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3914=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libprotobuf20-debuginfo-3.9.2-150200.4.24.1 * libprotobuf20-3.9.2-150200.4.24.1 * libprotobuf-lite20-debuginfo-3.9.2-150200.4.24.1 * libprotoc20-3.9.2-150200.4.24.1 * libprotoc20-debuginfo-3.9.2-150200.4.24.1 * python3-protobuf-3.9.2-150200.4.24.1 * libprotobuf-lite20-3.9.2-150200.4.24.1 * openSUSE Leap 15.5 (x86_64) * libprotoc20-32bit-debuginfo-3.9.2-150200.4.24.1 * libprotobuf20-32bit-3.9.2-150200.4.24.1 * libprotoc20-32bit-3.9.2-150200.4.24.1 * libprotobuf20-32bit-debuginfo-3.9.2-150200.4.24.1 * libprotobuf-lite20-32bit-3.9.2-150200.4.24.1 * libprotobuf-lite20-32bit-debuginfo-3.9.2-150200.4.24.1 * openSUSE Leap 15.5 (noarch) * protobuf-source-3.9.2-150200.4.24.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libprotobuf-lite20-debuginfo-3.9.2-150200.4.24.1 * protobuf-debugsource-3.9.2-150200.4.24.1 * libprotobuf-lite20-3.9.2-150200.4.24.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libprotobuf-lite20-debuginfo-3.9.2-150200.4.24.1 * protobuf-debugsource-3.9.2-150200.4.24.1 * libprotobuf-lite20-3.9.2-150200.4.24.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libprotobuf-lite20-debuginfo-3.9.2-150200.4.24.1 * protobuf-debugsource-3.9.2-150200.4.24.1 * libprotobuf-lite20-3.9.2-150200.4.24.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libprotobuf-lite20-debuginfo-3.9.2-150200.4.24.1 * protobuf-debugsource-3.9.2-150200.4.24.1 * libprotobuf-lite20-3.9.2-150200.4.24.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libprotobuf-lite20-debuginfo-3.9.2-150200.4.24.1 * libprotobuf-lite20-3.9.2-150200.4.24.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libprotobuf-lite20-debuginfo-3.9.2-150200.4.24.1 * libprotobuf20-debuginfo-3.9.2-150200.4.24.1 * libprotobuf20-3.9.2-150200.4.24.1 * libprotobuf-lite20-3.9.2-150200.4.24.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * protobuf-debugsource-3.9.2-150200.4.24.1 * libprotobuf20-debuginfo-3.9.2-150200.4.24.1 * libprotobuf20-3.9.2-150200.4.24.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libprotoc20-debuginfo-3.9.2-150200.4.24.1 * libprotoc20-3.9.2-150200.4.24.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * python2-protobuf-3.9.2-150200.4.24.1 * python3-protobuf-3.9.2-150200.4.24.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * protobuf-debugsource-3.9.2-150200.4.24.1 * python3-protobuf-3.9.2-150200.4.24.1 * Public Cloud Module 15-SP2 (aarch64 ppc64le s390x x86_64) * python3-protobuf-3.9.2-150200.4.24.1 * Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64) * protobuf-debugsource-3.9.2-150200.4.24.1 * python3-protobuf-3.9.2-150200.4.24.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * python3-protobuf-3.9.2-150200.4.24.1 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python3-protobuf-3.9.2-150200.4.24.1 * Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64) * protobuf-debugsource-3.9.2-150200.4.24.1 * python3-protobuf-3.9.2-150200.4.24.1 * SUSE Manager Server 4.3 Module 4.3 (aarch64 ppc64le s390x x86_64) * protobuf-debugsource-3.9.2-150200.4.24.1 * SUSE Manager Server 4.3 Module 4.3 (noarch) * protobuf-java-3.9.2-150200.4.24.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * libprotobuf-lite20-3.9.2-150200.4.24.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * libprotobuf-lite20-debuginfo-3.9.2-150200.4.24.1 * protobuf-debugsource-3.9.2-150200.4.24.1 * libprotobuf-lite20-3.9.2-150200.4.24.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * libprotobuf-lite20-debuginfo-3.9.2-150200.4.24.1 * protobuf-debugsource-3.9.2-150200.4.24.1 * libprotobuf-lite20-3.9.2-150200.4.24.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * libprotobuf-lite20-debuginfo-3.9.2-150200.4.24.1 * libprotobuf-lite20-3.9.2-150200.4.24.1 ## References: * https://jira.suse.com/browse/PED-3967 openSUSE Security Update: Security update for chromium ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0347-1 Rating: important References: #1232566 Cross-References: CVE-2024-10487 CVE-2024-10488 Affected Products: openSUSE Backports SLE-15-SP6 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for chromium fixes the following issues: Update to version 130.0.6723.91 (boo#1232566): - CVE-2024-10487: Out of bounds write in Dawn - CVE-2024-10488: Use after free in WebRTC Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2024-347=1 Package List: - openSUSE Backports SLE-15-SP6 (aarch64 x86_64): chromedriver-130.0.6723.91-bp156.2.47.1 chromium-130.0.6723.91-bp156.2.47.1 References: https://www.suse.com/security/cve/CVE-2024-10487.html https://www.suse.com/security/cve/CVE-2024-10488.html https://bugzilla.suse.com/1232566 openSUSE Security Update: Security update for chromium ______________________________________________________________________________ Announcement ID: openSUSE-SU-2024:0348-1 Rating: important References: #1232566 Cross-References: CVE-2024-10487 CVE-2024-10488 Affected Products: openSUSE Backports SLE-15-SP5 ______________________________________________________________________________ An update that fixes two vulnerabilities is now available. Description: This update for chromium fixes the following issues: Update to version 130.0.6723.91 (boo#1232566): - CVE-2024-10487: Out of bounds write in Dawn - CVE-2024-10488: Use after free in WebRTC Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP5: zypper in -t patch openSUSE-2024-348=1 Package List: - openSUSE Backports SLE-15-SP5 (aarch64 x86_64): chromedriver-130.0.6723.91-bp155.2.135.1 chromium-130.0.6723.91-bp155.2.135.1 References: https://www.suse.com/security/cve/CVE-2024-10487.html https://www.suse.com/security/cve/CVE-2024-10488.html https://bugzilla.suse.com/1232566 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that contains one feature can now be installed. ## Description: This update for openssl-ibmca fixes the following issues: * Applied patches required from Jira (jsc#PED-10292) * Enable external AES-GCM IV when libica is in FIPS mode * Do not link against libica use dlopen instead * Explicitly initialize OpenSSL after setting environment variables ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3912=1 SUSE-2024-3912=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-3912=1 ## Package List: * openSUSE Leap 15.6 (s390x) * openssl-ibmca-provider-2.4.1-150600.6.6.2 * openssl1_1-ibmca-2.4.1-150600.6.6.2 * openssl-ibmca-debugsource-2.4.1-150600.6.6.2 * openssl-ibmca-debuginfo-2.4.1-150600.6.6.2 * openssl-ibmca-engine-debuginfo-2.4.1-150600.6.6.2 * openssl-ibmca-engine-2.4.1-150600.6.6.2 * openssl1_1-ibmca-debugsource-2.4.1-150600.6.6.2 * openssl1_1-ibmca-debuginfo-2.4.1-150600.6.6.2 * openssl-ibmca-engine-debugsource-2.4.1-150600.6.6.2 * openssl-ibmca-2.4.1-150600.6.6.2 * openssl-ibmca-provider-debugsource-2.4.1-150600.6.6.2 * openssl-ibmca-provider-debuginfo-2.4.1-150600.6.6.2 * Server Applications Module 15-SP6 (s390x) * openssl-ibmca-provider-2.4.1-150600.6.6.2 * openssl1_1-ibmca-2.4.1-150600.6.6.2 * openssl-ibmca-debugsource-2.4.1-150600.6.6.2 * openssl-ibmca-debuginfo-2.4.1-150600.6.6.2 * openssl-ibmca-engine-debuginfo-2.4.1-150600.6.6.2 * openssl-ibmca-engine-2.4.1-150600.6.6.2 * openssl1_1-ibmca-debugsource-2.4.1-150600.6.6.2 * openssl1_1-ibmca-debuginfo-2.4.1-150600.6.6.2 * openssl-ibmca-engine-debugsource-2.4.1-150600.6.6.2 * openssl-ibmca-2.4.1-150600.6.6.2 * openssl-ibmca-provider-debugsource-2.4.1-150600.6.6.2 * openssl-ibmca-provider-debuginfo-2.4.1-150600.6.6.2 ## References: * https://jira.suse.com/browse/PED-10292 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for buildah fixes the following issue: * Using networking slirp4netns as default instead of pasta on SLE (bsc#1232522). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3913=1 openSUSE-SLE-15.5-2024-3913=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3913=1 * Containers Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-3913=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-3913=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * buildah-1.35.4-150500.3.22.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * buildah-1.35.4-150500.3.22.2 * Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64) * buildah-1.35.4-150500.3.22.2 * Containers Module 15-SP6 (aarch64 ppc64le s390x x86_64) * buildah-1.35.4-150500.3.22.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1232522 * CVE-2023-22644 ( NVD ): 9.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2023-22644 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N * CVE-2023-22644 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-10214 ( NVD ): 3.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N * CVE-2024-10241 ( NVD ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N * CVE-2024-22030 ( NVD ): 8.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2024-36814 ( NVD ): 4.9 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N * CVE-2024-38365 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H * CVE-2024-39223 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-47003 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47003 ( NVD ): 3.1 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L * CVE-2024-47067 ( NVD ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47182 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N * CVE-2024-47182 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-47534 ( NVD ): 8.2 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47534 ( NVD ): 0.0 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N * CVE-2024-47616 ( NVD ): 6.8 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N * CVE-2024-47825 ( NVD ): 4.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:N * CVE-2024-47827 ( NVD ): 5.7 CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2024-47832 ( NVD ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-47877 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-48909 ( NVD ): 2.0 CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:N/A:N * CVE-2024-48909 ( NVD ): 2.4 CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N * CVE-2024-48921 ( NVD ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-49380 ( NVD ): 8.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-49381 ( NVD ): 7.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-49753 ( NVD ): 5.9 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N * CVE-2024-49757 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-50312 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-50312 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-50312 ( NVD ): 5.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-7558 ( NVD ): 8.7 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:H * CVE-2024-7594 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8037 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:H * CVE-2024-8038 ( NVD ): 7.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H * CVE-2024-8901 ( NVD ): 6.9 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-8901 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:N * CVE-2024-8975 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-8975 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-8996 ( NVD ): 7.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2024-8996 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-9180 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-9180 ( NVD ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-9264 ( SUSE ): 9.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-9264 ( SUSE ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-9264 ( NVD ): 9.4 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X * CVE-2024-9264 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-9264 ( NVD ): 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H * CVE-2024-9312 ( NVD ): 7.5 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H * CVE-2024-9313 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-9341 ( SUSE ): 5.8 CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-9341 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9341 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9355 ( NVD ): 6.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L * CVE-2024-9407 ( SUSE ): 5.6 CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:A/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-9407 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:L/A:N * CVE-2024-9407 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N * CVE-2024-9486 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-9594 ( NVD ): 6.3 CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H * CVE-2024-9675 ( SUSE ): 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N * CVE-2024-9675 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N * CVE-2024-9675 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that solves 44 vulnerabilities and contains one feature can now be installed. ## Description: This update for govulncheck-vulndb fixes the following issues: Update to version 0.0.20241030T212825 2024-10-30T21:28:25Z ( jsc#PED-11136 ) * Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3230 CVE-2024-48921 GHSA-qjvc-p88j-j9rm * GO-2024-3232 CVE-2024-10241 GHSA-6mvp-gh77-7vwh * Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3226 CVE-2024-47827 GHSA-ghjw-32xw-ffwr * GO-2024-3227 CVE-2024-10214 GHSA-hm57-h27x-599c * GO-2024-3228 GHSA-wcx9-ccpj-hx3c * Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3207 GHSA-p5wf-cmr4-xrwr * GO-2024-3208 CVE-2024-47825 GHSA-3wwx-63fv-pfq6 * GO-2024-3210 CVE-2024-8901 * GO-2024-3211 CVE-2024-50312 * GO-2024-3212 GHSA-rjfv-pjvx-mjgv * GO-2024-3213 CVE-2024-49380 * GO-2024-3214 CVE-2024-49381 * GO-2024-3215 CVE-2024-9264 GHSA-q99m-qcv4-fpm7 * GO-2024-3216 CVE-2024-49753 GHSA-6cf5-w9h3-4rqv * GO-2024-3217 CVE-2024-49757 GHSA-3rmw-76m6-4gjc * GO-2024-3219 GHSA-7h65-4p22-39j6 * GO-2024-3220 CVE-2023-32197 GHSA-7h8m-pvw3-5gh4 * GO-2024-3221 CVE-2024-22036 GHSA-h99m-6755-rgwc * GO-2024-3222 GHSA-x7xj-jvwp-97rv * GO-2024-3223 CVE-2022-45157 GHSA-xj7w-r753-vj8v * GO-2024-3224 CVE-2024-39223 GHSA-8wxx-35qc-vp6r * Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3189 CVE-2024-38365 GHSA-27vh-h6mc-q6g8 * GO-2024-3203 CVE-2024-9486 * GO-2024-3204 CVE-2024-9594 * Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3189 CVE-2024-38365 GHSA-27vh-h6mc-q6g8 * GO-2024-3196 CVE-2024-47877 GHSA-8rm2-93mq-jqhc * GO-2024-3199 GHSA-vv6c-69r6-chg9 * GO-2024-3200 CVE-2024-48909 GHSA-3c32-4hq9-6wgj * GO-2024-3201 CVE-2023-22644 * Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3166 CVE-2024-47534 GHSA-4f8r-qqr9-fq8j * GO-2024-3171 CVE-2024-9341 GHSA-mc76-5925-c5p6 * Go CVE Numbering Authority IDs added or updated with aliases: * GO-2024-3161 CVE-2024-22030 GHSA-h4h5-9833-v2p4 * GO-2024-3162 CVE-2024-7594 GHSA-jg74-mwgw-v6x3 * GO-2024-3163 CVE-2024-47182 * GO-2024-3164 CVE-2024-47003 GHSA-59hf-mpf8-pqjh * GO-2024-3166 CVE-2024-47534 GHSA-4f8r-qqr9-fq8j * GO-2024-3167 CVE-2024-9355 GHSA-3h3x-2hwv-hr52 * GO-2024-3168 CVE-2024-8975 GHSA-chqx-36rm-rf8h * GO-2024-3169 CVE-2024-9407 GHSA-fhqq-8f65-5xfc * GO-2024-3170 CVE-2024-8996 GHSA-m5gv-m5f9-wgv4 * GO-2024-3172 CVE-2024-33662 GHSA-9mjw-79r6-c9m8 * GO-2024-3173 CVE-2024-7558 GHSA-mh98-763h-m9v4 * GO-2024-3174 CVE-2024-8037 GHSA-8v4w-f4r9-7h6x * GO-2024-3175 CVE-2024-8038 GHSA-xwgj-vpm9-q2rq * GO-2024-3179 CVE-2024-47616 GHSA-r7rh-jww5-5fjr * GO-2024-3181 CVE-2024-9313 GHSA-x5q3-c8rm-w787 * GO-2024-3182 GHSA-wpr2-j6gr-pjw9 * GO-2024-3184 CVE-2024-36814 GHSA-9cp9-8gw2-8v7m * GO-2024-3185 CVE-2024-47832 * GO-2024-3186 CVE-2024-9675 GHSA-586p-749j-fhwp * GO-2024-3188 CVE-2024-9312 GHSA-4gfw-wf7c-w6g2 * GO-2024-3190 CVE-2024-47067 GHSA-8pph-gfhp-w226 * GO-2024-3191 CVE-2024-9180 GHSA-rr8j-7w34-xp5j ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3911=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3911=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3911=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3911=1 ## Package List: * openSUSE Leap 15.5 (noarch) * govulncheck-vulndb-0.0.20241030T212825-150000.1.9.1 * openSUSE Leap 15.6 (noarch) * govulncheck-vulndb-0.0.20241030T212825-150000.1.9.1 * SUSE Package Hub 15 15-SP5 (noarch) * govulncheck-vulndb-0.0.20241030T212825-150000.1.9.1 * SUSE Package Hub 15 15-SP6 (noarch) * govulncheck-vulndb-0.0.20241030T212825-150000.1.9.1 ## References: * https://www.suse.com/security/cve/CVE-2022-45157.html * https://www.suse.com/security/cve/CVE-2023-22644.html * https://www.suse.com/security/cve/CVE-2023-32197.html * https://www.suse.com/security/cve/CVE-2024-10214.html * https://www.suse.com/security/cve/CVE-2024-10241.html * https://www.suse.com/security/cve/CVE-2024-22030.html * https://www.suse.com/security/cve/CVE-2024-22036.html * https://www.suse.com/security/cve/CVE-2024-33662.html * https://www.suse.com/security/cve/CVE-2024-36814.html * https://www.suse.com/security/cve/CVE-2024-38365.html * https://www.suse.com/security/cve/CVE-2024-39223.html * https://www.suse.com/security/cve/CVE-2024-47003.html * https://www.suse.com/security/cve/CVE-2024-47067.html * https://www.suse.com/security/cve/CVE-2024-47182.html * https://www.suse.com/security/cve/CVE-2024-47534.html * https://www.suse.com/security/cve/CVE-2024-47616.html * https://www.suse.com/security/cve/CVE-2024-47825.html * https://www.suse.com/security/cve/CVE-2024-47827.html * https://www.suse.com/security/cve/CVE-2024-47832.html * https://www.suse.com/security/cve/CVE-2024-47877.html * https://www.suse.com/security/cve/CVE-2024-48909.html * https://www.suse.com/security/cve/CVE-2024-48921.html * https://www.suse.com/security/cve/CVE-2024-49380.html * https://www.suse.com/security/cve/CVE-2024-49381.html * https://www.suse.com/security/cve/CVE-2024-49753.html * https://www.suse.com/security/cve/CVE-2024-49757.html * https://www.suse.com/security/cve/CVE-2024-50312.html * https://www.suse.com/security/cve/CVE-2024-7558.html * https://www.suse.com/security/cve/CVE-2024-7594.html * https://www.suse.com/security/cve/CVE-2024-8037.html * https://www.suse.com/security/cve/CVE-2024-8038.html * https://www.suse.com/security/cve/CVE-2024-8901.html * https://www.suse.com/security/cve/CVE-2024-8975.html * https://www.suse.com/security/cve/CVE-2024-8996.html * https://www.suse.com/security/cve/CVE-2024-9180.html * https://www.suse.com/security/cve/CVE-2024-9264.html * https://www.suse.com/security/cve/CVE-2024-9312.html * https://www.suse.com/security/cve/CVE-2024-9313.html * https://www.suse.com/security/cve/CVE-2024-9341.html * https://www.suse.com/security/cve/CVE-2024-9355.html * https://www.suse.com/security/cve/CVE-2024-9407.html * https://www.suse.com/security/cve/CVE-2024-9486.html * https://www.suse.com/security/cve/CVE-2024-9594.html * https://www.suse.com/security/cve/CVE-2024-9675.html * https://jira.suse.com/browse/PED-11136 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains two features can now be installed. ## Description: This update for numatop fixes the following issues: * numatop fix for building with recent gcc * Support for Power11 processors (jsc#PED-9887, jsc#PED-10899) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3906=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3906=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3906=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3906=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3906=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3906=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3906=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3906=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3906=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3906=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3906=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3906=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3906=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3906=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3906=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3906=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3906=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3906=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3906=1 ## Package List: * openSUSE Leap 15.5 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * openSUSE Leap 15.6 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * Basesystem Module 15-SP5 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * Basesystem Module 15-SP6 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Manager Proxy 4.3 (x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Manager Server 4.3 (ppc64le x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 * SUSE Enterprise Storage 7.1 (x86_64) * numatop-debuginfo-2.4-150100.3.12.2 * numatop-2.4-150100.3.12.2 * numatop-debugsource-2.4-150100.3.12.2 ## References: * https://jira.suse.com/browse/PED-10899 * https://jira.suse.com/browse/PED-9887 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for open-vm-tools fixes the following issues: * convert from scm to obs_scm * Version update 12.5.0 (bsc#1231826). There are no new features in the open- vm-tools 12.5.0 release. This is primarily a maintenance release for updating NetworkManager calls in suspend/resume scripts. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3908=1 SUSE-2024-3908=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3908=1 * Containers Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Containers-15-SP6-2024-3908=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-3908=1 ## Package List: * openSUSE Leap 15.6 (aarch64 x86_64 i586) * open-vm-tools-sdmp-12.5.0-150600.3.6.1 * open-vm-tools-containerinfo-debuginfo-12.5.0-150600.3.6.1 * libvmtools0-debuginfo-12.5.0-150600.3.6.1 * libvmtools0-12.5.0-150600.3.6.1 * open-vm-tools-debugsource-12.5.0-150600.3.6.1 * open-vm-tools-containerinfo-12.5.0-150600.3.6.1 * open-vm-tools-12.5.0-150600.3.6.1 * open-vm-tools-sdmp-debuginfo-12.5.0-150600.3.6.1 * libvmtools-devel-12.5.0-150600.3.6.1 * open-vm-tools-desktop-12.5.0-150600.3.6.1 * open-vm-tools-debuginfo-12.5.0-150600.3.6.1 * open-vm-tools-desktop-debuginfo-12.5.0-150600.3.6.1 * openSUSE Leap 15.6 (x86_64) * open-vm-tools-salt-minion-12.5.0-150600.3.6.1 * Basesystem Module 15-SP6 (aarch64 x86_64) * open-vm-tools-sdmp-12.5.0-150600.3.6.1 * libvmtools0-debuginfo-12.5.0-150600.3.6.1 * libvmtools0-12.5.0-150600.3.6.1 * open-vm-tools-debugsource-12.5.0-150600.3.6.1 * open-vm-tools-12.5.0-150600.3.6.1 * open-vm-tools-sdmp-debuginfo-12.5.0-150600.3.6.1 * open-vm-tools-debuginfo-12.5.0-150600.3.6.1 * Basesystem Module 15-SP6 (x86_64) * libvmtools-devel-12.5.0-150600.3.6.1 * open-vm-tools-salt-minion-12.5.0-150600.3.6.1 * Containers Module 15-SP6 (aarch64 x86_64) * open-vm-tools-containerinfo-debuginfo-12.5.0-150600.3.6.1 * open-vm-tools-debugsource-12.5.0-150600.3.6.1 * open-vm-tools-containerinfo-12.5.0-150600.3.6.1 * open-vm-tools-debuginfo-12.5.0-150600.3.6.1 * Desktop Applications Module 15-SP6 (aarch64 x86_64) * open-vm-tools-debugsource-12.5.0-150600.3.6.1 * open-vm-tools-desktop-12.5.0-150600.3.6.1 * open-vm-tools-debuginfo-12.5.0-150600.3.6.1 * open-vm-tools-desktop-debuginfo-12.5.0-150600.3.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1231826 * openSUSE Leap Micro 5.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for open-vm-tools fixes the following issues: * convert to obs_scm * Version update 12.5.0 (bsc#1231826). There are no new features in the open- vm-tools 12.5.0 release. This is primarily a maintenance release for updating NetworkManager calls in suspend/resume scripts. ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3909=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3909=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3909=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3909=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3909=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3909=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3909=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3909=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3909=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-3909=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3909=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3909=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3909=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3909=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3909=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3909=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3909=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3909=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3909=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3909=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3909=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3909=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3909=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3909=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3909=1 ## Package List: * openSUSE Leap 15.3 (aarch64 x86_64 i586) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * openSUSE Leap 15.3 (x86_64) * open-vm-tools-salt-minion-12.5.0-150300.55.3 * openSUSE Leap Micro 5.5 (x86_64) * open-vm-tools-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * openSUSE Leap 15.5 (aarch64 x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * openSUSE Leap 15.5 (x86_64) * open-vm-tools-salt-minion-12.5.0-150300.55.3 * SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64) * open-vm-tools-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Micro 5.3 (x86_64) * open-vm-tools-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64) * open-vm-tools-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Micro 5.4 (x86_64) * open-vm-tools-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Micro 5.5 (x86_64) * open-vm-tools-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * Basesystem Module 15-SP5 (aarch64 x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * Basesystem Module 15-SP5 (x86_64) * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-salt-minion-12.5.0-150300.55.3 * Desktop Applications Module 15-SP5 (aarch64 x86_64) * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-salt-minion-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64) * open-vm-tools-salt-minion-12.5.0-150300.55.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64) * open-vm-tools-salt-minion-12.5.0-150300.55.3 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-salt-minion-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-salt-minion-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64) * open-vm-tools-salt-minion-12.5.0-150300.55.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-salt-minion-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-salt-minion-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Manager Proxy 4.3 (x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-salt-minion-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Manager Retail Branch Server 4.3 (x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-salt-minion-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Manager Server 4.3 (x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-salt-minion-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Enterprise Storage 7.1 (x86_64) * open-vm-tools-sdmp-debuginfo-12.5.0-150300.55.3 * open-vm-tools-12.5.0-150300.55.3 * open-vm-tools-desktop-12.5.0-150300.55.3 * open-vm-tools-containerinfo-12.5.0-150300.55.3 * open-vm-tools-containerinfo-debuginfo-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * libvmtools-devel-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * open-vm-tools-salt-minion-12.5.0-150300.55.3 * open-vm-tools-sdmp-12.5.0-150300.55.3 * open-vm-tools-desktop-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Micro 5.1 (x86_64) * open-vm-tools-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Micro 5.2 (x86_64) * open-vm-tools-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 * SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64) * open-vm-tools-12.5.0-150300.55.3 * libvmtools0-12.5.0-150300.55.3 * open-vm-tools-debugsource-12.5.0-150300.55.3 * open-vm-tools-debuginfo-12.5.0-150300.55.3 * libvmtools0-debuginfo-12.5.0-150300.55.3 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1231826 * openSUSE Leap 15.4 * Public Cloud Module 15-SP4 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that contains one feature can now be installed. ## Description: This update for protobuf fixes the following issues: * Build the java part with maven, so that we create artifacts that correspond to upstream distributed ones. * Add maven artifact metadata to the protoc binary * Package also the bom and pom artifacts ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3900=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3900=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3900=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3900=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3900=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-3900=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * python311-protobuf-4.25.1-150400.9.13.1 * libprotoc25_1_0-25.1-150400.9.13.1 * libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.13.1 * libprotobuf-lite25_1_0-25.1-150400.9.13.1 * libprotoc25_1_0-debuginfo-25.1-150400.9.13.1 * protobuf-devel-25.1-150400.9.13.1 * protobuf-devel-debuginfo-25.1-150400.9.13.1 * libprotobuf25_1_0-debuginfo-25.1-150400.9.13.1 * protobuf-debugsource-25.1-150400.9.13.1 * libprotobuf25_1_0-25.1-150400.9.13.1 * openSUSE Leap 15.4 (x86_64) * libprotobuf-lite25_1_0-32bit-debuginfo-25.1-150400.9.13.1 * libprotoc25_1_0-32bit-25.1-150400.9.13.1 * libprotobuf25_1_0-32bit-25.1-150400.9.13.1 * libprotobuf25_1_0-32bit-debuginfo-25.1-150400.9.13.1 * libprotobuf-lite25_1_0-32bit-25.1-150400.9.13.1 * libprotoc25_1_0-32bit-debuginfo-25.1-150400.9.13.1 * openSUSE Leap 15.4 (noarch) * protobuf-java-bom-25.1-150400.9.13.1 * protobuf-java-25.1-150400.9.13.1 * protobuf-java-parent-25.1-150400.9.13.1 * openSUSE Leap 15.4 (aarch64_ilp32) * libprotobuf25_1_0-64bit-debuginfo-25.1-150400.9.13.1 * libprotoc25_1_0-64bit-25.1-150400.9.13.1 * libprotobuf25_1_0-64bit-25.1-150400.9.13.1 * libprotobuf-lite25_1_0-64bit-25.1-150400.9.13.1 * libprotoc25_1_0-64bit-debuginfo-25.1-150400.9.13.1 * libprotobuf-lite25_1_0-64bit-debuginfo-25.1-150400.9.13.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.13.1 * libprotobuf-lite25_1_0-25.1-150400.9.13.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.13.1 * libprotobuf-lite25_1_0-25.1-150400.9.13.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.13.1 * libprotobuf-lite25_1_0-25.1-150400.9.13.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * libprotobuf-lite25_1_0-debuginfo-25.1-150400.9.13.1 * libprotobuf-lite25_1_0-25.1-150400.9.13.1 * Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64) * protobuf-debugsource-25.1-150400.9.13.1 * python311-protobuf-4.25.1-150400.9.13.1 ## References: * https://jira.suse.com/browse/PED-3967 * Public Cloud Module 15-SP5 * Python 3 Module 15-SP5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Package Hub 15 15-SP5 An update that contains one feature can now be installed. ## Description: This update for protobuf fixes the following issues: * Build the java part with maven, so that we create artifacts that correspond to upstream distributed ones. * Add maven artifact metadata to the protoc binary * Package also the bom and pom artifacts ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3901=1 openSUSE-SLE-15.5-2024-3901=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3901=1 * SUSE Linux Enterprise High Performance Computing 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3901=1 * SUSE Linux Enterprise Server 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3901=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3901=1 * SUSE Linux Enterprise Desktop 15 SP5 zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-3901=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3901=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3901=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-3901=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3901=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-3901=1 * Python 3 Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-3901=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * python311-protobuf-4.25.1-150500.12.8.1 * protobuf-devel-debuginfo-25.1-150500.12.8.1 * libprotobuf-lite25_1_0-25.1-150500.12.8.1 * libprotobuf-lite25_1_0-debuginfo-25.1-150500.12.8.1 * libprotobuf25_1_0-25.1-150500.12.8.1 * protobuf-devel-25.1-150500.12.8.1 * libprotoc25_1_0-25.1-150500.12.8.1 * protobuf-debugsource-25.1-150500.12.8.1 * libprotoc25_1_0-debuginfo-25.1-150500.12.8.1 * libprotobuf25_1_0-debuginfo-25.1-150500.12.8.1 * openSUSE Leap 15.5 (x86_64) * libprotoc25_1_0-32bit-debuginfo-25.1-150500.12.8.1 * libprotobuf25_1_0-32bit-25.1-150500.12.8.1 * libprotoc25_1_0-32bit-25.1-150500.12.8.1 * libprotobuf-lite25_1_0-32bit-debuginfo-25.1-150500.12.8.1 * libprotobuf-lite25_1_0-32bit-25.1-150500.12.8.1 * libprotobuf25_1_0-32bit-debuginfo-25.1-150500.12.8.1 * openSUSE Leap 15.5 (noarch) * protobuf-java-25.1-150500.12.8.1 * protobuf-java-parent-25.1-150500.12.8.1 * protobuf-java-bom-25.1-150500.12.8.1 * openSUSE Leap 15.5 (aarch64_ilp32) * libprotoc25_1_0-64bit-25.1-150500.12.8.1 * libprotobuf-lite25_1_0-64bit-debuginfo-25.1-150500.12.8.1 * libprotobuf25_1_0-64bit-debuginfo-25.1-150500.12.8.1 * libprotobuf-lite25_1_0-64bit-25.1-150500.12.8.1 * libprotobuf25_1_0-64bit-25.1-150500.12.8.1 * libprotoc25_1_0-64bit-debuginfo-25.1-150500.12.8.1 * openSUSE Leap Micro 5.5 (aarch64 ppc64le s390x x86_64) * libprotobuf-lite25_1_0-debuginfo-25.1-150500.12.8.1 * libprotobuf-lite25_1_0-25.1-150500.12.8.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * protobuf-debugsource-25.1-150500.12.8.1 * SUSE Linux Enterprise High Performance Computing 15 SP5 (aarch64 x86_64) * libprotobuf-lite25_1_0-25.1-150500.12.8.1 * SUSE Linux Enterprise Server 15 SP5 (aarch64 ppc64le s390x x86_64) * libprotobuf-lite25_1_0-25.1-150500.12.8.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64) * libprotobuf-lite25_1_0-25.1-150500.12.8.1 * SUSE Linux Enterprise Desktop 15 SP5 (x86_64) * libprotobuf-lite25_1_0-25.1-150500.12.8.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * protobuf-debugsource-25.1-150500.12.8.1 * libprotobuf-lite25_1_0-debuginfo-25.1-150500.12.8.1 * libprotobuf-lite25_1_0-25.1-150500.12.8.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libprotobuf-lite25_1_0-25.1-150500.12.8.1 * libprotobuf-lite25_1_0-debuginfo-25.1-150500.12.8.1 * libprotobuf25_1_0-25.1-150500.12.8.1 * libprotoc25_1_0-25.1-150500.12.8.1 * protobuf-debugsource-25.1-150500.12.8.1 * libprotoc25_1_0-debuginfo-25.1-150500.12.8.1 * libprotobuf25_1_0-debuginfo-25.1-150500.12.8.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libprotoc25_1_0-debuginfo-25.1-150500.12.8.1 * protobuf-devel-25.1-150500.12.8.1 * libprotoc25_1_0-25.1-150500.12.8.1 * protobuf-debugsource-25.1-150500.12.8.1 * protobuf-devel-debuginfo-25.1-150500.12.8.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * protobuf-debugsource-25.1-150500.12.8.1 * Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libprotoc25_1_0-25.1-150500.12.8.1 * protobuf-debugsource-25.1-150500.12.8.1 * libprotoc25_1_0-debuginfo-25.1-150500.12.8.1 * Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64) * python311-protobuf-4.25.1-150500.12.8.1 ## References: * https://jira.suse.com/browse/PED-3967 * openSUSE Leap Micro 5.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro 5.4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has two fixes can now be installed. ## Description: This update for shim fixes the following issues: * Update shim-install to apply the missing fix for openSUSE Leap (bsc#1210382) * Update shim-install to use the 'removable' way for SL-Micro (bsc#1230316) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3902=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3902=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3902=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3902=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3902=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3902=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3902=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3902=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3902=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3902=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3902=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3902=1 * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-3902=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3902=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-3902=1 * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3902=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3902=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3902=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3902=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3902=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3902=1 * SUSE Linux Enterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3902=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2024-3902=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3902=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3902=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3902=1 ## Package List: * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Manager Proxy 4.3 (x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Manager Server 4.3 (x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * openSUSE Leap 15.3 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * openSUSE Leap Micro 5.5 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * openSUSE Leap 15.5 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * openSUSE Leap 15.6 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * Basesystem Module 15-SP5 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 * Basesystem Module 15-SP6 (aarch64 x86_64) * shim-debuginfo-15.8-150300.4.23.1 * shim-15.8-150300.4.23.1 * shim-debugsource-15.8-150300.4.23.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1210382 * https://bugzilla.suse.com/show_bug.cgi?id=1230316 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that contains one feature can now be installed. ## Description: This update for rust fixes the following issues: # Version 1.82.0 (2024-10-17) ## Language * Don't make statement nonterminals match pattern nonterminals * Patterns matching empty types can now be omitted in common cases * Enforce supertrait outlives obligations when using trait impls * `addr_of(_mut)!` macros and the newly stabilized `&amp;raw (const|mut)` are now safe to use with all static items * size_of_val_raw: for length 0 this is safe to call * Reorder trait bound modifiers _after_ `for&lt;...&gt;` binder in trait bounds * Stabilize opaque type precise capturing (RFC 3617) * Stabilize `&amp;raw const` and `&amp;raw mut` operators (RFC 2582) * Stabilize unsafe extern blocks (RFC 3484) * Stabilize nested field access in `offset_of!` * Do not require `T` to be live when dropping `[T; 0]` * Stabilize `const` operands in inline assembly * Stabilize floating-point arithmetic in `const fn` * Stabilize explicit opt-in to unsafe attributes * Document NaN bit patterns guarantees ## Compiler * Promote riscv64gc-unknown-linux-musl to tier 2 * Promote Mac Catalyst targets `aarch64-apple-ios-macabi` and `x86_64-apple- ios-macabi` to Tier 2, and ship them with rustup * Add tier 3 NuttX based targets for RISC-V and ARM * Add tier 3 powerpc-unknown-linux-muslspe target * Improved diagnostics to explain why a pattern is unreachable * The compiler now triggers the unreachable code warning properly for async functions that don't return/are `-&gt; !` * Promote `aarch64-apple-darwin` to Tier 1 * Add Trusty OS target `aarch64-unknown-trusty` and `armv7-unknown-trusty` as tier 3 targets * Promote `wasm32-wasip2` to Tier 2. ## Libraries * Generalize `{Rc,Arc}::make_mut()` to `Path`, `OsStr`, and `CStr`. ## Stabilized APIs * `std::thread::Builder::spawn_unchecked` https://doc.rust- lang.org/stable/std/thread/struct.Builder.html#method.spawn_unchecked * `std::str::CharIndices::offset` https://doc.rust- lang.org/nightly/std/str/struct.CharIndices.html#method.offset * `std::option::Option::is_none_or` https://doc.rust- lang.org/nightly/std/option/enum.Option.html#method.is_none_or * `[T]::is_sorted` https://doc.rust- lang.org/nightly/std/primitive.slice.html#method.is_sorted * `[T]::is_sorted_by` https://doc.rust- lang.org/nightly/std/primitive.slice.html#method.is_sorted_by * `[T]::is_sorted_by_key` https://doc.rust- lang.org/nightly/std/primitive.slice.html#method.is_sorted_by_key * `Iterator::is_sorted` https://doc.rust- lang.org/nightly/std/iter/trait.Iterator.html#method.is_sorted * `Iterator::is_sorted_by` https://doc.rust- lang.org/nightly/std/iter/trait.Iterator.html#method.is_sorted_by * `Iterator::is_sorted_by_key` https://doc.rust- lang.org/nightly/std/iter/trait.Iterator.html#method.is_sorted_by_key * `std::future::Ready::into_inner` https://doc.rust- lang.org/nightly/std/future/struct.Ready.html#method.into_inner * `std::iter::repeat_n` https://doc.rust- lang.org/nightly/std/iter/fn.repeat_n.html * `impl&lt;T: Clone&gt; DoubleEndedIterator for Take&lt;Repeat&lt;T&gt;&gt;` https://doc.rust-lang.org/nightly/std/iter/struct.Take.html#impl- DoubleEndedIterator-for-Take%3CRepeat%3CT%3E%3E * `impl&lt;T: Clone&gt; ExactSizeIterator for Take&lt;Repeat&lt;T&gt;&gt;` https://doc.rust-lang.org/nightly/std/iter/struct.Take.html#impl- ExactSizeIterator-for-Take%3CRepeat%3CT%3E%3E * `impl&lt;T: Clone&gt; ExactSizeIterator for Take&lt;RepeatWith&lt;T&gt;&gt;` https://doc.rust-lang.org/nightly/std/iter/struct.Take.html#impl- ExactSizeIterator-for-Take%3CRepeatWith%3CF%3E%3E * `impl Default for std::collections::binary_heap::Iter` https://doc.rust- lang.org/nightly/std/collections/binary_heap/struct.Iter.html#impl-Default- for-Iter%3C'_,+T%3E * `impl Default for std::collections::btree_map::RangeMut` https://doc.rust- lang.org/nightly/std/collections/btree_map/struct.RangeMut.html#impl- Default-for-RangeMut%3C'_,+K,+V%3E * `impl Default for std::collections::btree_map::ValuesMut` https://doc.rust- lang.org/nightly/std/collections/btree_map/struct.ValuesMut.html#impl- Default-for-ValuesMut%3C'_,+K,+V%3E * `impl Default for std::collections::vec_deque::Iter` https://doc.rust- lang.org/nightly/std/collections/vec_deque/struct.Iter.html#impl-Default- for-Iter%3C'_,+T%3E * `impl Default for std::collections::vec_deque::IterMut` https://doc.rust- lang.org/nightly/std/collections/vec_deque/struct.IterMut.html#impl-Default- for-IterMut%3C'_,+T%3E * `Rc&lt;T&gt;::new_uninit` https://doc.rust- lang.org/nightly/std/rc/struct.Rc.html#method.new_uninit * `Rc&lt;T&gt;::assume_init` https://doc.rust- lang.org/nightly/std/rc/struct.Rc.html#method.assume_init * `Rc&lt;[T]&gt;::new_uninit_slice` https://doc.rust- lang.org/nightly/std/rc/struct.Rc.html#method.new_uninit_slice * `Rc&lt;[MaybeUninit&lt;T&gt;]&gt;::assume_init` https://doc.rust- lang.org/nightly/std/rc/struct.Rc.html#method.assume_init-1 * `Arc&lt;T&gt;::new_uninit` https://doc.rust- lang.org/nightly/std/sync/struct.Arc.html#method.new_uninit * `Arc&lt;T&gt;::assume_init` https://doc.rust- lang.org/nightly/std/sync/struct.Arc.html#method.assume_init * `Arc&lt;[T]&gt;::new_uninit_slice` https://doc.rust- lang.org/nightly/std/sync/struct.Arc.html#method.new_uninit_slice * `Arc&lt;[MaybeUninit&lt;T&gt;]&gt;::assume_init` https://doc.rust- lang.org/nightly/std/sync/struct.Arc.html#method.assume_init-1 * `Box&lt;T&gt;::new_uninit` https://doc.rust- lang.org/nightly/std/boxed/struct.Box.html#method.new_uninit * `Box&lt;T&gt;::assume_init` https://doc.rust- lang.org/nightly/std/boxed/struct.Box.html#method.assume_init * `Box&lt;[T]&gt;::new_uninit_slice` https://doc.rust- lang.org/nightly/std/boxed/struct.Box.html#method.new_uninit_slice * `Box&lt;[MaybeUninit&lt;T&gt;]&gt;::assume_init` https://doc.rust- lang.org/nightly/std/boxed/struct.Box.html#method.assume_init-1 * `core::arch::x86_64::_bextri_u64` https://doc.rust- lang.org/stable/core/arch/x86_64/fn._bextri_u64.html * `core::arch::x86_64::_bextri_u32` https://doc.rust- lang.org/stable/core/arch/x86_64/fn._bextri_u32.html * `core::arch::x86::_mm_broadcastsi128_si256` https://doc.rust- lang.org/stable/core/arch/x86/fn._mm_broadcastsi128_si256.html * `core::arch::x86::_mm256_stream_load_si256` https://doc.rust- lang.org/stable/core/arch/x86/fn._mm256_stream_load_si256.html * `core::arch::x86::_tzcnt_u16` https://doc.rust- lang.org/stable/core/arch/x86/fn._tzcnt_u16.html * `core::arch::x86::_mm_extracti_si64` https://doc.rust- lang.org/stable/core/arch/x86/fn._mm_extracti_si64.html * `core::arch::x86::_mm_inserti_si64` https://doc.rust- lang.org/stable/core/arch/x86/fn._mm_inserti_si64.html * `core::arch::x86::_mm_storeu_si16` https://doc.rust- lang.org/stable/core/arch/x86/fn._mm_storeu_si16.html * `core::arch::x86::_mm_storeu_si32` https://doc.rust- lang.org/stable/core/arch/x86/fn._mm_storeu_si32.html * `core::arch::x86::_mm_storeu_si64` https://doc.rust- lang.org/stable/core/arch/x86/fn._mm_storeu_si64.html * `core::arch::x86::_mm_loadu_si16` https://doc.rust- lang.org/stable/core/arch/x86/fn._mm_loadu_si16.html * `core::arch::x86::_mm_loadu_si32` https://doc.rust- lang.org/stable/core/arch/x86/fn._mm_loadu_si32.html * `core::arch::wasm32::u8x16_relaxed_swizzle` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.u8x16_relaxed_swizzle.html * `core::arch::wasm32::i8x16_relaxed_swizzle` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.i8x16_relaxed_swizzle.html * `core::arch::wasm32::i32x4_relaxed_trunc_f32x4` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.i32x4_relaxed_trunc_f32x4.html * `core::arch::wasm32::u32x4_relaxed_trunc_f32x4` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.u32x4_relaxed_trunc_f32x4.html * `core::arch::wasm32::i32x4_relaxed_trunc_f64x2_zero` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.i32x4_relaxed_trunc_f64x2_zero.html * `core::arch::wasm32::u32x4_relaxed_trunc_f64x2_zero` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.u32x4_relaxed_trunc_f64x2_zero.html * `core::arch::wasm32::f32x4_relaxed_madd` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.f32x4_relaxed_madd.html * `core::arch::wasm32::f32x4_relaxed_nmadd` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.f32x4_relaxed_nmadd.html * `core::arch::wasm32::f64x2_relaxed_madd` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.f64x2_relaxed_madd.html * `core::arch::wasm32::f64x2_relaxed_nmadd` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.f64x2_relaxed_nmadd.html * `core::arch::wasm32::i8x16_relaxed_laneselect` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.i8x16_relaxed_laneselect.html * `core::arch::wasm32::u8x16_relaxed_laneselect` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.u8x16_relaxed_laneselect.html * `core::arch::wasm32::i16x8_relaxed_laneselect` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.i16x8_relaxed_laneselect.html * `core::arch::wasm32::u16x8_relaxed_laneselect` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.u16x8_relaxed_laneselect.html * `core::arch::wasm32::i32x4_relaxed_laneselect` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.i32x4_relaxed_laneselect.html * `core::arch::wasm32::u32x4_relaxed_laneselect` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.u32x4_relaxed_laneselect.html * `core::arch::wasm32::i64x2_relaxed_laneselect` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.i64x2_relaxed_laneselect.html * `core::arch::wasm32::u64x2_relaxed_laneselect` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.u64x2_relaxed_laneselect.html * `core::arch::wasm32::f32x4_relaxed_min` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.f32x4_relaxed_min.html * `core::arch::wasm32::f32x4_relaxed_max` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.f32x4_relaxed_max.html * `core::arch::wasm32::f64x2_relaxed_min` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.f64x2_relaxed_min.html * `core::arch::wasm32::f64x2_relaxed_max` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.f64x2_relaxed_max.html * `core::arch::wasm32::i16x8_relaxed_q15mulr` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.i16x8_relaxed_q15mulr.html * `core::arch::wasm32::u16x8_relaxed_q15mulr` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.u16x8_relaxed_q15mulr.html * `core::arch::wasm32::i16x8_relaxed_dot_i8x16_i7x16` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.i16x8_relaxed_dot_i8x16_i7x16.html * `core::arch::wasm32::u16x8_relaxed_dot_i8x16_i7x16` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.u16x8_relaxed_dot_i8x16_i7x16.html * `core::arch::wasm32::i32x4_relaxed_dot_i8x16_i7x16_add` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.i32x4_relaxed_dot_i8x16_i7x16_add.html * `core::arch::wasm32::u32x4_relaxed_dot_i8x16_i7x16_add` https://doc.rust- lang.org/nightly/core/arch/wasm32/fn.u32x4_relaxed_dot_i8x16_i7x16_add.html These APIs are now stable in const contexts: * `std::task::Waker::from_raw` https://doc.rust- lang.org/nightly/std/task/struct.Waker.html#method.from_raw * `std::task::Context::from_waker` https://doc.rust- lang.org/nightly/std/task/struct.Context.html#method.from_waker * `std::task::Context::waker` https://doc.rust- lang.org/nightly/std/task/struct.Context.html#method.waker * `$integer::from_str_radix` https://doc.rust- lang.org/nightly/std/primitive.u32.html#method.from_str_radix * `std::num::ParseIntError::kind` https://doc.rust- lang.org/nightly/std/num/struct.ParseIntError.html#method.kind ## Cargo * feat: Add `info` cargo subcommand ## Compatibility Notes * We now [disallow setting some built-in cfgs via the command-line with the newly added `explicit_builtin_cfgs_in_flags` https://doc.rust- lang.org/rustc/lints/listing/deny-by-default.html#explicit-builtin-cfgs-in- flags lint in order to prevent incoherent state, eg. `windows` cfg active but target is Linux based. The appropriate `rustc` flag https://doc.rust- lang.org/rustc/command-line-arguments.html should be used instead. * The standard library has a new implementation of `binary_search` which is significantly improves performance. However when a sorted slice has multiple values which compare equal, the new implementation may select a different value among the equal ones than the old implementation. * Removes a problematic hack that always passed the --whole-archive linker flag for tests, which may cause linker errors for code accidentally relying on it. * The WebAssembly target features `multivalue` and `reference-types` are now both enabled by default. These two features both have subtle changes implied for generated WebAssembly binaries. For the `multivalue` feature, WebAssembly target support has changed when upgrading to LLVM 19. Support for generating functions with multiple returns no longer works and `-Ctarget-feature=+multivalue` has a different meaning than it did in LLVM 18 and prior. There is no longer any supported means to generate a module that has a function with multiple returns in WebAssembly from Rust source code. For the `reference-types` feature the encoding of immediates in the `call_indirect`, a commonly used instruction by the WebAssembly backend, has changed. Validators and parsers which don't understand the `reference-types` proposal will no longer accept modules produced by LLVM due to this change in encoding of immediates. Additionally these features being enabled are encoded in the `target_features` custom section and may affect downstream tooling such as `wasm-opt` consuming the module. Generating a WebAssembly module that disables default features requires `-Zbuild-std` support from Cargo and more information can be found at [rust-lang/rust#128511] * Rust now raises unsafety errors for union patterns in parameter-position ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3903=1 openSUSE-SLE-15.5-2024-3903=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3903=1 * Development Tools Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-3903=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3903=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * rust1.82-debuginfo-1.82.0-150500.11.3.1 * rust-1.82.0-150500.27.24.1 * cargo1.82-debuginfo-1.82.0-150500.11.3.1 * cargo-1.82.0-150500.27.24.1 * cargo1.82-1.82.0-150500.11.3.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586 nosrc) * rust1.82-1.82.0-150500.11.3.1 * openSUSE Leap 15.5 (noarch) * rust1.82-src-1.82.0-150500.11.3.1 * openSUSE Leap 15.5 (nosrc) * rust1.82-test-1.82.0-150500.11.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * rust1.82-debuginfo-1.82.0-150500.11.3.1 * rust-1.82.0-150500.27.24.1 * cargo1.82-1.82.0-150500.11.3.1 * cargo-1.82.0-150500.27.24.1 * cargo1.82-debuginfo-1.82.0-150500.11.3.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 nosrc) * rust1.82-1.82.0-150500.11.3.1 * openSUSE Leap 15.6 (noarch) * rust1.82-src-1.82.0-150500.11.3.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64) * rust1.82-debuginfo-1.82.0-150500.11.3.1 * rust-1.82.0-150500.27.24.1 * cargo1.82-1.82.0-150500.11.3.1 * cargo-1.82.0-150500.27.24.1 * cargo1.82-debuginfo-1.82.0-150500.11.3.1 * Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64 nosrc) * rust1.82-1.82.0-150500.11.3.1 * Development Tools Module 15-SP5 (noarch) * rust1.82-src-1.82.0-150500.11.3.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * rust1.82-debuginfo-1.82.0-150500.11.3.1 * rust-1.82.0-150500.27.24.1 * cargo1.82-1.82.0-150500.11.3.1 * cargo-1.82.0-150500.27.24.1 * cargo1.82-debuginfo-1.82.0-150500.11.3.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64 nosrc) * rust1.82-1.82.0-150500.11.3.1 * Development Tools Module 15-SP6 (noarch) * rust1.82-src-1.82.0-150500.11.3.1 ## References: * https://jira.suse.com/browse/SLE-18626 * CVE-2023-50782 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2023-50782 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Affected Products: * Basesystem Module 15-SP6 * Development Tools Module 15-SP6 * Legacy Module 15-SP6 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves one vulnerability and has 16 security fixes can now be installed. ## Description: This update for openssl-1_1 fixes the following issues: Security fixes: * CVE-2023-50782: Implicit rejection in PKCS#1 v1.5 (bsc#1220262) Other fixes: * FIPS: AES GCM external IV implementation (bsc#1228618) * FIPS: Mark PBKDF2 and HKDF HMAC input keys with size >= 112 bits as approved in the SLI. (bsc#1228623) * FIPS: Enforce KDF in FIPS style (bsc#1224270) * FIPS: Mark HKDF and TLSv1.3 KDF as approved in the SLI (bsc#1228619) * FIPS: The X9.31 scheme is not approved for RSA signature operations in FIPS 186-5. (bsc#1224269) * FIPS: Differentiate the PSS length requirements (bsc#1224275) * FIPS: Mark sigGen and sigVer primitives as non-approved (bsc#1224272) * FIPS: Disable PKCSv1.5 and shake in FIPS mode (bsc#1224271) * FIPS: Mark SHA1 as non-approved in the SLI (bsc#1224266) * FIPS: DH FIPS selftest and safe prime group (bsc#1224264) * FIPS: Remove not needed FIPS DRBG files (bsc#1224268) * FIPS: Add Pair-wise Consistency Test when generating DH key (bsc#1224265) * FIPS: Disallow non-approved KDF types (bsc#1224267) * FIPS: Disallow RSA sigVer with 1024 and ECDSA sigVer/keyVer P-192 (bsc#1224273) * FIPS: DRBG component chaining (bsc#1224258) * FIPS: Align CRNGT_BUFSIZ with Jitter RNG output size (bsc#1224260) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * Legacy Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Legacy-15-SP6-2024-3905=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3905=1 openSUSE-SLE-15.6-2024-3905=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3905=1 * Development Tools Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3905=1 ## Package List: * Legacy Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openssl-1_1-debugsource-1.1.1w-150600.5.9.1 * openssl-1_1-debuginfo-1.1.1w-150600.5.9.1 * openssl-1_1-1.1.1w-150600.5.9.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * libopenssl-1_1-devel-1.1.1w-150600.5.9.1 * openssl-1_1-1.1.1w-150600.5.9.1 * openssl-1_1-debuginfo-1.1.1w-150600.5.9.1 * libopenssl1_1-debuginfo-1.1.1w-150600.5.9.1 * openssl-1_1-debugsource-1.1.1w-150600.5.9.1 * libopenssl1_1-1.1.1w-150600.5.9.1 * openSUSE Leap 15.6 (x86_64) * libopenssl1_1-32bit-1.1.1w-150600.5.9.1 * libopenssl-1_1-devel-32bit-1.1.1w-150600.5.9.1 * libopenssl1_1-32bit-debuginfo-1.1.1w-150600.5.9.1 * openSUSE Leap 15.6 (noarch) * openssl-1_1-doc-1.1.1w-150600.5.9.1 * openSUSE Leap 15.6 (aarch64_ilp32) * libopenssl1_1-64bit-1.1.1w-150600.5.9.1 * libopenssl-1_1-devel-64bit-1.1.1w-150600.5.9.1 * libopenssl1_1-64bit-debuginfo-1.1.1w-150600.5.9.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openssl-1_1-debugsource-1.1.1w-150600.5.9.1 * openssl-1_1-debuginfo-1.1.1w-150600.5.9.1 * libopenssl1_1-debuginfo-1.1.1w-150600.5.9.1 * libopenssl1_1-1.1.1w-150600.5.9.1 * Basesystem Module 15-SP6 (x86_64) * libopenssl1_1-32bit-1.1.1w-150600.5.9.1 * libopenssl1_1-32bit-debuginfo-1.1.1w-150600.5.9.1 * Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openssl-1_1-debugsource-1.1.1w-150600.5.9.1 * libopenssl-1_1-devel-1.1.1w-150600.5.9.1 * openssl-1_1-debuginfo-1.1.1w-150600.5.9.1 ## References: * https://www.suse.com/security/cve/CVE-2023-50782.html * https://bugzilla.suse.com/show_bug.cgi?id=1220262 * https://bugzilla.suse.com/show_bug.cgi?id=1224258 * https://bugzilla.suse.com/show_bug.cgi?id=1224260 * https://bugzilla.suse.com/show_bug.cgi?id=1224264 * https://bugzilla.suse.com/show_bug.cgi?id=1224265 * https://bugzilla.suse.com/show_bug.cgi?id=1224266 * https://bugzilla.suse.com/show_bug.cgi?id=1224267 * https://bugzilla.suse.com/show_bug.cgi?id=1224268 * https://bugzilla.suse.com/show_bug.cgi?id=1224269 * https://bugzilla.suse.com/show_bug.cgi?id=1224270 * https://bugzilla.suse.com/show_bug.cgi?id=1224271 * https://bugzilla.suse.com/show_bug.cgi?id=1224272 * https://bugzilla.suse.com/show_bug.cgi?id=1224273 * https://bugzilla.suse.com/show_bug.cgi?id=1224275 * https://bugzilla.suse.com/show_bug.cgi?id=1228618 * https://bugzilla.suse.com/show_bug.cgi?id=1228619 * https://bugzilla.suse.com/show_bug.cgi?id=1228623 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for util-linux fixes the following issue: * Skip aarch64 decode path for rest of the architectures (bsc#1229476). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3237=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3237=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3237=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3237=1 ## Package List: * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * libuuid1-debuginfo-2.37.4-150500.9.17.2 * libblkid1-2.37.4-150500.9.17.2 * util-linux-debuginfo-2.37.4-150500.9.17.2 * util-linux-debugsource-2.37.4-150500.9.17.2 * libfdisk1-2.37.4-150500.9.17.2 * libmount1-2.37.4-150500.9.17.2 * util-linux-2.37.4-150500.9.17.2 * libfdisk1-debuginfo-2.37.4-150500.9.17.2 * util-linux-systemd-2.37.4-150500.9.17.2 * libuuid1-2.37.4-150500.9.17.2 * util-linux-systemd-debuginfo-2.37.4-150500.9.17.2 * libsmartcols1-debuginfo-2.37.4-150500.9.17.2 * libmount1-debuginfo-2.37.4-150500.9.17.2 * libblkid1-debuginfo-2.37.4-150500.9.17.2 * util-linux-systemd-debugsource-2.37.4-150500.9.17.2 * libsmartcols1-2.37.4-150500.9.17.2 * openSUSE Leap Micro 5.5 (s390x) * util-linux-extra-2.37.4-150500.9.17.2 * util-linux-extra-debuginfo-2.37.4-150500.9.17.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * util-linux-debugsource-2.37.4-150500.9.17.2 * uuidd-debuginfo-2.37.4-150500.9.17.2 * libsmartcols-devel-2.37.4-150500.9.17.2 * libfdisk1-debuginfo-2.37.4-150500.9.17.2 * python3-libmount-debuginfo-2.37.4-150500.9.17.2 * libfdisk-devel-2.37.4-150500.9.17.2 * libblkid-devel-static-2.37.4-150500.9.17.2 * libblkid1-debuginfo-2.37.4-150500.9.17.2 * libmount-devel-2.37.4-150500.9.17.2 * libmount-devel-static-2.37.4-150500.9.17.2 * libuuid1-debuginfo-2.37.4-150500.9.17.2 * util-linux-2.37.4-150500.9.17.2 * libuuid1-2.37.4-150500.9.17.2 * uuidd-2.37.4-150500.9.17.2 * libfdisk-devel-static-2.37.4-150500.9.17.2 * python3-libmount-2.37.4-150500.9.17.2 * libsmartcols1-2.37.4-150500.9.17.2 * python3-libmount-debugsource-2.37.4-150500.9.17.2 * libblkid1-2.37.4-150500.9.17.2 * util-linux-debuginfo-2.37.4-150500.9.17.2 * util-linux-systemd-2.37.4-150500.9.17.2 * libmount1-2.37.4-150500.9.17.2 * libmount1-debuginfo-2.37.4-150500.9.17.2 * libsmartcols-devel-static-2.37.4-150500.9.17.2 * util-linux-systemd-debuginfo-2.37.4-150500.9.17.2 * util-linux-systemd-debugsource-2.37.4-150500.9.17.2 * libuuid-devel-static-2.37.4-150500.9.17.2 * libfdisk1-2.37.4-150500.9.17.2 * libblkid-devel-2.37.4-150500.9.17.2 * libsmartcols1-debuginfo-2.37.4-150500.9.17.2 * libuuid-devel-2.37.4-150500.9.17.2 * openSUSE Leap 15.5 (x86_64) * libsmartcols1-32bit-debuginfo-2.37.4-150500.9.17.2 * libuuid1-32bit-2.37.4-150500.9.17.2 * libmount1-32bit-2.37.4-150500.9.17.2 * libfdisk1-32bit-2.37.4-150500.9.17.2 * libuuid1-32bit-debuginfo-2.37.4-150500.9.17.2 * libblkid-devel-32bit-2.37.4-150500.9.17.2 * libmount-devel-32bit-2.37.4-150500.9.17.2 * libmount1-32bit-debuginfo-2.37.4-150500.9.17.2 * libsmartcols-devel-32bit-2.37.4-150500.9.17.2 * libfdisk1-32bit-debuginfo-2.37.4-150500.9.17.2 * libsmartcols1-32bit-2.37.4-150500.9.17.2 * libblkid1-32bit-2.37.4-150500.9.17.2 * libuuid-devel-32bit-2.37.4-150500.9.17.2 * libblkid1-32bit-debuginfo-2.37.4-150500.9.17.2 * libfdisk-devel-32bit-2.37.4-150500.9.17.2 * openSUSE Leap 15.5 (noarch) * util-linux-lang-2.37.4-150500.9.17.2 * openSUSE Leap 15.5 (s390x) * util-linux-extra-2.37.4-150500.9.17.2 * util-linux-extra-debuginfo-2.37.4-150500.9.17.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * libuuid1-debuginfo-2.37.4-150500.9.17.2 * libblkid1-2.37.4-150500.9.17.2 * util-linux-debuginfo-2.37.4-150500.9.17.2 * util-linux-debugsource-2.37.4-150500.9.17.2 * libfdisk1-2.37.4-150500.9.17.2 * libmount1-2.37.4-150500.9.17.2 * util-linux-2.37.4-150500.9.17.2 * libfdisk1-debuginfo-2.37.4-150500.9.17.2 * util-linux-systemd-2.37.4-150500.9.17.2 * libuuid1-2.37.4-150500.9.17.2 * util-linux-systemd-debuginfo-2.37.4-150500.9.17.2 * libsmartcols1-debuginfo-2.37.4-150500.9.17.2 * libmount1-debuginfo-2.37.4-150500.9.17.2 * libblkid1-debuginfo-2.37.4-150500.9.17.2 * util-linux-systemd-debugsource-2.37.4-150500.9.17.2 * libsmartcols1-2.37.4-150500.9.17.2 * SUSE Linux Enterprise Micro 5.5 (s390x) * util-linux-extra-2.37.4-150500.9.17.2 * util-linux-extra-debuginfo-2.37.4-150500.9.17.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * util-linux-debugsource-2.37.4-150500.9.17.2 * libsmartcols-devel-2.37.4-150500.9.17.2 * libfdisk1-debuginfo-2.37.4-150500.9.17.2 * libfdisk-devel-2.37.4-150500.9.17.2 * libblkid-devel-static-2.37.4-150500.9.17.2 * libblkid1-debuginfo-2.37.4-150500.9.17.2 * libmount-devel-2.37.4-150500.9.17.2 * libuuid1-debuginfo-2.37.4-150500.9.17.2 * util-linux-2.37.4-150500.9.17.2 * libuuid1-2.37.4-150500.9.17.2 * libsmartcols1-2.37.4-150500.9.17.2 * libblkid1-2.37.4-150500.9.17.2 * util-linux-debuginfo-2.37.4-150500.9.17.2 * util-linux-systemd-2.37.4-150500.9.17.2 * libmount1-2.37.4-150500.9.17.2 * libmount1-debuginfo-2.37.4-150500.9.17.2 * util-linux-systemd-debuginfo-2.37.4-150500.9.17.2 * util-linux-systemd-debugsource-2.37.4-150500.9.17.2 * libuuid-devel-static-2.37.4-150500.9.17.2 * libfdisk1-2.37.4-150500.9.17.2 * libblkid-devel-2.37.4-150500.9.17.2 * libsmartcols1-debuginfo-2.37.4-150500.9.17.2 * libuuid-devel-2.37.4-150500.9.17.2 * Basesystem Module 15-SP5 (noarch) * util-linux-lang-2.37.4-150500.9.17.2 * Basesystem Module 15-SP5 (s390x) * util-linux-extra-2.37.4-150500.9.17.2 * util-linux-extra-debuginfo-2.37.4-150500.9.17.2 * Basesystem Module 15-SP5 (x86_64) * libuuid1-32bit-2.37.4-150500.9.17.2 * libmount1-32bit-2.37.4-150500.9.17.2 * libuuid1-32bit-debuginfo-2.37.4-150500.9.17.2 * libmount1-32bit-debuginfo-2.37.4-150500.9.17.2 * libblkid1-32bit-2.37.4-150500.9.17.2 * libblkid1-32bit-debuginfo-2.37.4-150500.9.17.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1229476 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Availability Extension 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for lvm2 fixes the following issue: * LVM2 mirror attached to another node couldn't be converted into linear LV (bsc#1231796). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3886=1 openSUSE-SLE-15.5-2024-3886=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3886=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3886=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3886=1 * SUSE Linux Enterprise High Availability Extension 15 SP5 zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-3886=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * liblvm2cmd2_03-2.03.22-150500.7.12.2 * liblvm2cmd2_03-debuginfo-2.03.22-150500.7.12.2 * libdevmapper1_03-2.03.22_1.02.196-150500.7.12.2 * libdevmapper1_03-debuginfo-2.03.22_1.02.196-150500.7.12.2 * lvm2-lvmlockd-debugsource-2.03.22-150500.7.12.2 * lvm2-lockd-debuginfo-2.03.22-150500.7.12.2 * lvm2-devel-2.03.22-150500.7.12.2 * device-mapper-2.03.22_1.02.196-150500.7.12.2 * lvm2-testsuite-debuginfo-2.03.22-150500.7.12.2 * device-mapper-debuginfo-2.03.22_1.02.196-150500.7.12.2 * lvm2-debuginfo-2.03.22-150500.7.12.2 * device-mapper-devel-2.03.22_1.02.196-150500.7.12.2 * lvm2-testsuite-2.03.22-150500.7.12.2 * lvm2-device-mapper-debugsource-2.03.22-150500.7.12.2 * libdevmapper-event1_03-2.03.22_1.02.196-150500.7.12.2 * lvm2-2.03.22-150500.7.12.2 * lvm2-debugsource-2.03.22-150500.7.12.2 * lvm2-lockd-2.03.22-150500.7.12.2 * libdevmapper-event1_03-debuginfo-2.03.22_1.02.196-150500.7.12.2 * openSUSE Leap 15.5 (x86_64) * libdevmapper1_03-32bit-2.03.22_1.02.196-150500.7.12.2 * device-mapper-devel-32bit-2.03.22_1.02.196-150500.7.12.2 * libdevmapper1_03-32bit-debuginfo-2.03.22_1.02.196-150500.7.12.2 * libdevmapper-event1_03-32bit-2.03.22_1.02.196-150500.7.12.2 * libdevmapper-event1_03-32bit-debuginfo-2.03.22_1.02.196-150500.7.12.2 * openSUSE Leap 15.5 (aarch64_ilp32) * libdevmapper-event1_03-64bit-2.03.22_1.02.196-150500.7.12.2 * libdevmapper1_03-64bit-debuginfo-2.03.22_1.02.196-150500.7.12.2 * libdevmapper1_03-64bit-2.03.22_1.02.196-150500.7.12.2 * libdevmapper-event1_03-64bit-debuginfo-2.03.22_1.02.196-150500.7.12.2 * device-mapper-devel-64bit-2.03.22_1.02.196-150500.7.12.2 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * liblvm2cmd2_03-2.03.22-150500.7.12.2 * liblvm2cmd2_03-debuginfo-2.03.22-150500.7.12.2 * libdevmapper1_03-2.03.22_1.02.196-150500.7.12.2 * libdevmapper1_03-debuginfo-2.03.22_1.02.196-150500.7.12.2 * device-mapper-2.03.22_1.02.196-150500.7.12.2 * device-mapper-debuginfo-2.03.22_1.02.196-150500.7.12.2 * lvm2-debuginfo-2.03.22-150500.7.12.2 * libdevmapper-event1_03-2.03.22_1.02.196-150500.7.12.2 * lvm2-2.03.22-150500.7.12.2 * lvm2-debugsource-2.03.22-150500.7.12.2 * libdevmapper-event1_03-debuginfo-2.03.22_1.02.196-150500.7.12.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * liblvm2cmd2_03-2.03.22-150500.7.12.2 * liblvm2cmd2_03-debuginfo-2.03.22-150500.7.12.2 * libdevmapper1_03-2.03.22_1.02.196-150500.7.12.2 * libdevmapper1_03-debuginfo-2.03.22_1.02.196-150500.7.12.2 * device-mapper-2.03.22_1.02.196-150500.7.12.2 * device-mapper-debuginfo-2.03.22_1.02.196-150500.7.12.2 * lvm2-debuginfo-2.03.22-150500.7.12.2 * libdevmapper-event1_03-2.03.22_1.02.196-150500.7.12.2 * lvm2-2.03.22-150500.7.12.2 * lvm2-debugsource-2.03.22-150500.7.12.2 * libdevmapper-event1_03-debuginfo-2.03.22_1.02.196-150500.7.12.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * liblvm2cmd2_03-2.03.22-150500.7.12.2 * liblvm2cmd2_03-debuginfo-2.03.22-150500.7.12.2 * libdevmapper1_03-2.03.22_1.02.196-150500.7.12.2 * libdevmapper1_03-debuginfo-2.03.22_1.02.196-150500.7.12.2 * device-mapper-devel-2.03.22_1.02.196-150500.7.12.2 * device-mapper-2.03.22_1.02.196-150500.7.12.2 * device-mapper-debuginfo-2.03.22_1.02.196-150500.7.12.2 * lvm2-devel-2.03.22-150500.7.12.2 * lvm2-debuginfo-2.03.22-150500.7.12.2 * libdevmapper-event1_03-2.03.22_1.02.196-150500.7.12.2 * lvm2-2.03.22-150500.7.12.2 * lvm2-debugsource-2.03.22-150500.7.12.2 * libdevmapper-event1_03-debuginfo-2.03.22_1.02.196-150500.7.12.2 * Basesystem Module 15-SP5 (x86_64) * libdevmapper1_03-32bit-debuginfo-2.03.22_1.02.196-150500.7.12.2 * libdevmapper1_03-32bit-2.03.22_1.02.196-150500.7.12.2 * SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le s390x x86_64) * lvm2-lockd-2.03.22-150500.7.12.2 * lvm2-lvmlockd-debugsource-2.03.22-150500.7.12.2 * lvm2-lockd-debuginfo-2.03.22-150500.7.12.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1231796 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Availability Extension 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for lvm2 fixes the following issue: * LVM2 mirror attached to another node couldn't be converted into linear LV (bsc#1231796). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3887=1 SUSE-2024-3887=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3887=1 * SUSE Linux Enterprise High Availability Extension 15 SP6 zypper in -t patch SUSE-SLE-Product-HA-15-SP6-2024-3887=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * device-mapper-2.03.22_1.02.196-150600.3.3.2 * lvm2-devel-2.03.22-150600.3.3.2 * device-mapper-debuginfo-2.03.22_1.02.196-150600.3.3.2 * liblvm2cmd2_03-debuginfo-2.03.22-150600.3.3.2 * lvm2-debugsource-2.03.22-150600.3.3.2 * lvm2-debuginfo-2.03.22-150600.3.3.2 * lvm2-testsuite-2.03.22-150600.3.3.2 * lvm2-testsuite-debuginfo-2.03.22-150600.3.3.2 * lvm2-lvmlockd-debugsource-2.03.22-150600.3.3.2 * device-mapper-devel-2.03.22_1.02.196-150600.3.3.2 * liblvm2cmd2_03-2.03.22-150600.3.3.2 * libdevmapper-event1_03-2.03.22_1.02.196-150600.3.3.2 * libdevmapper1_03-debuginfo-2.03.22_1.02.196-150600.3.3.2 * lvm2-2.03.22-150600.3.3.2 * lvm2-lockd-2.03.22-150600.3.3.2 * lvm2-lockd-debuginfo-2.03.22-150600.3.3.2 * lvm2-device-mapper-debugsource-2.03.22-150600.3.3.2 * libdevmapper-event1_03-debuginfo-2.03.22_1.02.196-150600.3.3.2 * libdevmapper1_03-2.03.22_1.02.196-150600.3.3.2 * openSUSE Leap 15.6 (x86_64) * device-mapper-devel-32bit-2.03.22_1.02.196-150600.3.3.2 * libdevmapper1_03-32bit-debuginfo-2.03.22_1.02.196-150600.3.3.2 * libdevmapper-event1_03-32bit-debuginfo-2.03.22_1.02.196-150600.3.3.2 * libdevmapper-event1_03-32bit-2.03.22_1.02.196-150600.3.3.2 * libdevmapper1_03-32bit-2.03.22_1.02.196-150600.3.3.2 * openSUSE Leap 15.6 (aarch64_ilp32) * device-mapper-devel-64bit-2.03.22_1.02.196-150600.3.3.2 * libdevmapper-event1_03-64bit-2.03.22_1.02.196-150600.3.3.2 * libdevmapper1_03-64bit-debuginfo-2.03.22_1.02.196-150600.3.3.2 * libdevmapper-event1_03-64bit-debuginfo-2.03.22_1.02.196-150600.3.3.2 * libdevmapper1_03-64bit-2.03.22_1.02.196-150600.3.3.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * device-mapper-2.03.22_1.02.196-150600.3.3.2 * lvm2-devel-2.03.22-150600.3.3.2 * device-mapper-debuginfo-2.03.22_1.02.196-150600.3.3.2 * liblvm2cmd2_03-debuginfo-2.03.22-150600.3.3.2 * lvm2-debugsource-2.03.22-150600.3.3.2 * lvm2-debuginfo-2.03.22-150600.3.3.2 * device-mapper-devel-2.03.22_1.02.196-150600.3.3.2 * liblvm2cmd2_03-2.03.22-150600.3.3.2 * libdevmapper-event1_03-2.03.22_1.02.196-150600.3.3.2 * libdevmapper1_03-debuginfo-2.03.22_1.02.196-150600.3.3.2 * lvm2-2.03.22-150600.3.3.2 * libdevmapper-event1_03-debuginfo-2.03.22_1.02.196-150600.3.3.2 * libdevmapper1_03-2.03.22_1.02.196-150600.3.3.2 * Basesystem Module 15-SP6 (x86_64) * libdevmapper1_03-32bit-debuginfo-2.03.22_1.02.196-150600.3.3.2 * libdevmapper1_03-32bit-2.03.22_1.02.196-150600.3.3.2 * SUSE Linux Enterprise High Availability Extension 15 SP6 (aarch64 ppc64le s390x x86_64) * lvm2-lockd-2.03.22-150600.3.3.2 * lvm2-lvmlockd-debugsource-2.03.22-150600.3.3.2 * lvm2-lockd-debuginfo-2.03.22-150600.3.3.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1231796 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has two fixes can now be installed. ## Description: This update for wget fixes the following issues: * wget incorrectly truncates long filenames (bsc#1231661). * wget dies writing too long filenames (bsc#1204720). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3888=1 openSUSE-SLE-15.6-2024-3888=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3888=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * wget-1.20.3-150600.19.6.2 * wget-debuginfo-1.20.3-150600.19.6.2 * wget-debugsource-1.20.3-150600.19.6.2 * openSUSE Leap 15.6 (noarch) * wget-lang-1.20.3-150600.19.6.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * wget-1.20.3-150600.19.6.2 * wget-debuginfo-1.20.3-150600.19.6.2 * wget-debugsource-1.20.3-150600.19.6.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1204720 * https://bugzilla.suse.com/show_bug.cgi?id=1231661 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has two fixes can now be installed. ## Description: This update for wget fixes the following issues: * wget incorrectly truncates long filenames (bsc#1231661). * wget dies writing too long filenames (bsc#1204720). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3890=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3890=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3890=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3890=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3890=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3890=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3890=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3890=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3890=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3890=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3890=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3890=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3890=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3890=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3890=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3890=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3890=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3890=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * openSUSE Leap 15.5 (noarch) * wget-lang-1.20.3-150000.3.23.2 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Manager Proxy 4.3 (x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * wget-debugsource-1.20.3-150000.3.23.2 * wget-1.20.3-150000.3.23.2 * wget-debuginfo-1.20.3-150000.3.23.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1204720 * https://bugzilla.suse.com/show_bug.cgi?id=1231661 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has two fixes can now be installed. ## Description: This update for libkdumpfile fixes the following issues: * support for zstd compression (bsc#1231429). * add support for flattened dump files (bsc#1223399). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3891=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3891=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3891=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3891=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3891=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3891=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3891=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3891=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3891=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3891=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3891=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3891=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3891=1 ## Package List: * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * python3-libkdumpfile-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * python3-libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * python3-libkdumpfile-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * python3-libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * python3-libkdumpfile-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * python3-libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * SUSE Manager Proxy 4.3 (x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * SUSE Manager Retail Branch Server 4.3 (x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * libkdumpfile-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat-devel-0.4.1-150400.3.3.2 * libkdumpfile-debugsource-0.4.1-150400.3.3.2 * libaddrxlat2-0.4.1-150400.3.3.2 * libkdumpfile9-debuginfo-0.4.1-150400.3.3.2 * libaddrxlat2-debuginfo-0.4.1-150400.3.3.2 * libkdumpfile-devel-0.4.1-150400.3.3.2 * libkdumpfile9-0.4.1-150400.3.3.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1223399 * https://bugzilla.suse.com/show_bug.cgi?id=1231429 * openSUSE Leap 15.5 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that has one fix can now be installed. ## Description: This update for python-responses fixes the following issues: * Fix request count even if max_retries is exceeded (bsc#1228868) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.3 zypper in -t patch SUSE-2024-3892=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3892=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3892=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3892=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3892=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3892=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3892=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3892=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3892=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3892=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3892=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3892=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3892=1 ## Package List: * openSUSE Leap 15.3 (noarch) * python3-responses-0.21.0-150300.3.6.1 * openSUSE Leap 15.5 (noarch) * python3-responses-0.21.0-150300.3.6.1 * SUSE Package Hub 15 15-SP5 (noarch) * python3-responses-0.21.0-150300.3.6.1 * SUSE Package Hub 15 15-SP6 (noarch) * python3-responses-0.21.0-150300.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * python3-responses-0.21.0-150300.3.6.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * python3-responses-0.21.0-150300.3.6.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * python3-responses-0.21.0-150300.3.6.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * python3-responses-0.21.0-150300.3.6.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * python3-responses-0.21.0-150300.3.6.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * python3-responses-0.21.0-150300.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * python3-responses-0.21.0-150300.3.6.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * python3-responses-0.21.0-150300.3.6.1 * SUSE Enterprise Storage 7.1 (noarch) * python3-responses-0.21.0-150300.3.6.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1228868 * Public Cloud Module 15-SP5 * Public Cloud Module 15-SP6 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has one fix can now be installed. ## Description: This update for python-redis fixes the following issue: * Add missing python311-redis to SLE Module Public-Cloud 15-SP6 (bsc#1231569) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3893=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3893=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3893=1 * Public Cloud Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-3893=1 * Public Cloud Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-3893=1 * Public Cloud Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-3893=1 ## Package List: * openSUSE Leap 15.4 (noarch) * python311-redis-5.0.1-150400.12.6.2 * openSUSE Leap 15.5 (noarch) * python311-redis-5.0.1-150400.12.6.2 * openSUSE Leap 15.6 (noarch) * python311-redis-5.0.1-150400.12.6.2 * Public Cloud Module 15-SP4 (noarch) * python311-redis-5.0.1-150400.12.6.2 * Public Cloud Module 15-SP5 (noarch) * python311-redis-5.0.1-150400.12.6.2 * Public Cloud Module 15-SP6 (noarch) * python311-redis-5.0.1-150400.12.6.2 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1231569 * openSUSE Leap Micro 5.5 * Server Applications Module 15-SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that has one fix can now be installed. ## Description: This update for openCryptoki fixes the following issue: * Improve handling of user/group: use existing user/group if they exist create user/group if not (bsc#1225876) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3894=1 openSUSE-SLE-15.5-2024-3894=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-3894=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-3894=1 * Server Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-3894=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * openCryptoki-devel-3.23.0-150500.3.9.1 * openCryptoki-debugsource-3.23.0-150500.3.9.1 * openCryptoki-3.23.0-150500.3.9.1 * openCryptoki-debuginfo-3.23.0-150500.3.9.1 * openCryptoki-devel-debuginfo-3.23.0-150500.3.9.1 * openSUSE Leap 15.5 (i586) * openCryptoki-32bit-3.23.0-150500.3.9.1 * openCryptoki-32bit-debuginfo-3.23.0-150500.3.9.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * openCryptoki-64bit-3.23.0-150500.3.9.1 * openCryptoki-64bit-debuginfo-3.23.0-150500.3.9.1 * openSUSE Leap Micro 5.5 (s390x) * openCryptoki-3.23.0-150500.3.9.1 * openCryptoki-debuginfo-3.23.0-150500.3.9.1 * openCryptoki-debugsource-3.23.0-150500.3.9.1 * SUSE Linux Enterprise Micro 5.5 (s390x) * openCryptoki-3.23.0-150500.3.9.1 * openCryptoki-debuginfo-3.23.0-150500.3.9.1 * openCryptoki-debugsource-3.23.0-150500.3.9.1 * Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * openCryptoki-3.23.0-150500.3.9.1 * openCryptoki-debuginfo-3.23.0-150500.3.9.1 * openCryptoki-debugsource-3.23.0-150500.3.9.1 * Server Applications Module 15-SP5 (ppc64le s390x) * openCryptoki-64bit-3.23.0-150500.3.9.1 * openCryptoki-64bit-debuginfo-3.23.0-150500.3.9.1 * Server Applications Module 15-SP5 (ppc64le s390x x86_64) * openCryptoki-devel-3.23.0-150500.3.9.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1225876 * openSUSE Leap 15.6 * Server Applications Module 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has two fixes can now be installed. ## Description: This update for openCryptoki fixes the following issues: * Amended for group %{pkcs_group} and user pkcsslotd (bsc#1225876) * Copying example script files from /usr/share/doc/opencryptoki to /usr/share/opencryptoki (policy-example.conf and strength-example.conf) in case that there is 'rpm.install.excludedocs=yes' set in the zypper.conf(zypp.conf) (bsc#1227280) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3895=1 openSUSE-SLE-15.6-2024-3895=1 * Server Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-3895=1 ## Package List: * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * openCryptoki-debugsource-3.23.0-150600.3.5.1 * openCryptoki-3.23.0-150600.3.5.1 * openCryptoki-devel-3.23.0-150600.3.5.1 * openCryptoki-debuginfo-3.23.0-150600.3.5.1 * openCryptoki-devel-debuginfo-3.23.0-150600.3.5.1 * openSUSE Leap 15.6 (i586) * openCryptoki-32bit-debuginfo-3.23.0-150600.3.5.1 * openCryptoki-32bit-3.23.0-150600.3.5.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * openCryptoki-64bit-3.23.0-150600.3.5.1 * openCryptoki-64bit-debuginfo-3.23.0-150600.3.5.1 * Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * openCryptoki-3.23.0-150600.3.5.1 * openCryptoki-debuginfo-3.23.0-150600.3.5.1 * openCryptoki-debugsource-3.23.0-150600.3.5.1 * Server Applications Module 15-SP6 (ppc64le s390x) * openCryptoki-64bit-3.23.0-150600.3.5.1 * openCryptoki-64bit-debuginfo-3.23.0-150600.3.5.1 * Server Applications Module 15-SP6 (ppc64le s390x x86_64) * openCryptoki-devel-3.23.0-150600.3.5.1 * openCryptoki-devel-debuginfo-3.23.0-150600.3.5.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1225876 * https://bugzilla.suse.com/show_bug.cgi?id=1227280 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that has one fix can now be installed. ## Description: This update for shadow fixes the following issues: * Add useradd warnings when requested UID is outside the default range (bsc#1230972) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3896=1 openSUSE-SLE-15.6-2024-3896=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3896=1 ## Package List: * openSUSE Leap 15.6 (noarch) * login_defs-4.8.1-150600.17.9.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586) * shadow-4.8.1-150600.17.9.1 * shadow-debugsource-4.8.1-150600.17.9.1 * shadow-debuginfo-4.8.1-150600.17.9.1 * Basesystem Module 15-SP6 (noarch) * login_defs-4.8.1-150600.17.9.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * shadow-4.8.1-150600.17.9.1 * shadow-debugsource-4.8.1-150600.17.9.1 * shadow-debuginfo-4.8.1-150600.17.9.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1230972 * openSUSE Leap 15.4 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Micro 5.3 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.3 An update that has two fixes can now be installed. ## Description: This update for shadow fixes the following issues: * Add useradd warnings when requested UID is outside the default range (bsc#1230972) * Chage -d date vs passwd -S output is off by one (bsc#1228337) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.4 zypper in -t patch SUSE-2024-3897=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3897=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3897=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2024-3897=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3897=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3897=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3897=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3897=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3897=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3897=1 * SUSE Manager Proxy 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3897=1 * SUSE Manager Retail Branch Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.3-2024-3897=1 * SUSE Manager Server 4.3 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3897=1 ## Package List: * openSUSE Leap 15.4 (noarch) * login_defs-4.8.1-150400.10.24.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * openSUSE Leap 15.5 (noarch) * login_defs-4.8.1-150400.10.24.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) * login_defs-4.8.1-150400.10.24.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * login_defs-4.8.1-150400.10.24.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * Basesystem Module 15-SP5 (noarch) * login_defs-4.8.1-150400.10.24.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * login_defs-4.8.1-150400.10.24.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * login_defs-4.8.1-150400.10.24.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * login_defs-4.8.1-150400.10.24.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * login_defs-4.8.1-150400.10.24.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * login_defs-4.8.1-150400.10.24.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * SUSE Manager Proxy 4.3 (noarch) * login_defs-4.8.1-150400.10.24.1 * SUSE Manager Proxy 4.3 (x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * SUSE Manager Retail Branch Server 4.3 (noarch) * login_defs-4.8.1-150400.10.24.1 * SUSE Manager Retail Branch Server 4.3 (x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 * SUSE Manager Server 4.3 (noarch) * login_defs-4.8.1-150400.10.24.1 * SUSE Manager Server 4.3 (ppc64le s390x x86_64) * shadow-debuginfo-4.8.1-150400.10.24.1 * shadow-4.8.1-150400.10.24.1 * shadow-debugsource-4.8.1-150400.10.24.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1228337 * https://bugzilla.suse.com/show_bug.cgi?id=1230972 * CVE-2024-10458 ( SUSE ): 8.6 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N * CVE-2024-10458 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N * CVE-2024-10458 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-10458 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N * CVE-2024-10459 ( SUSE ): 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N * CVE-2024-10459 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-10459 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2024-10459 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-10460 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-10460 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-10460 ( NVD ): 5.4 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N * CVE-2024-10460 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-10461 ( SUSE ): 5.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N * CVE-2024-10461 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-10461 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N * CVE-2024-10462 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-10462 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N * CVE-2024-10462 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-10463 ( SUSE ): 6.3 CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N * CVE-2024-10463 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N * CVE-2024-10463 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N * CVE-2024-10464 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-10464 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-10464 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-10465 ( SUSE ): 5.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N * CVE-2024-10465 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2024-10465 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N * CVE-2024-10466 ( SUSE ): 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-10466 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2024-10466 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2024-10467 ( SUSE ): 9.3 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-10467 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H * CVE-2024-10467 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Affected Products: * Desktop Applications Module 15-SP5 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 128.4.0 ESR (bsc#1231879): * CVE-2024-10458: Permission leak via embed or object elements * CVE-2024-10459: Use-after-free in layout with accessibility * CVE-2024-10460: Confusing display of origin for external protocol handler prompt * CVE-2024-10461: XSS due to Content-Disposition being ignored in multipart/x-mixed-replace response * CVE-2024-10462: Origin of permission prompt could be spoofed by long URL * CVE-2024-10463: Cross origin video frame leak * CVE-2024-10464: History interface could have been used to cause a Denial of Service condition in the browser * CVE-2024-10465: Clipboard "paste" button persisted across tabs * CVE-2024-10466: DOM push subscription message could hang Firefox * CVE-2024-10467: Memory safety bugs fixed in Firefox 132, Thunderbird 132, Firefox ESR 128.4, and Thunderbird 128.4 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3898=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3898=1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3898=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3898=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3898=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3898=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2024-3898=1 * openSUSE Leap 15.5 zypper in -t patch openSUSE-SLE-15.5-2024-3898=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3898=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-3898=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-3898=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3898=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3898=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3898=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3898=1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3898=1 ## Package List: * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Enterprise Storage 7.1 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * MozillaFirefox-branding-upstream-128.4.0-150200.152.158.1 * openSUSE Leap 15.5 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * MozillaFirefox-branding-upstream-128.4.0-150200.152.158.1 * openSUSE Leap 15.6 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * Desktop Applications Module 15-SP5 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * Desktop Applications Module 15-SP6 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64 x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64) * MozillaFirefox-debuginfo-128.4.0-150200.152.158.1 * MozillaFirefox-translations-other-128.4.0-150200.152.158.1 * MozillaFirefox-128.4.0-150200.152.158.1 * MozillaFirefox-debugsource-128.4.0-150200.152.158.1 * MozillaFirefox-translations-common-128.4.0-150200.152.158.1 * SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch) * MozillaFirefox-devel-128.4.0-150200.152.158.1 ## References: * https://www.suse.com/security/cve/CVE-2024-10458.html * https://www.suse.com/security/cve/CVE-2024-10459.html * https://www.suse.com/security/cve/CVE-2024-10460.html * https://www.suse.com/security/cve/CVE-2024-10461.html * https://www.suse.com/security/cve/CVE-2024-10462.html * https://www.suse.com/security/cve/CVE-2024-10463.html * https://www.suse.com/security/cve/CVE-2024-10464.html * https://www.suse.com/security/cve/CVE-2024-10465.html * https://www.suse.com/security/cve/CVE-2024-10466.html * https://www.suse.com/security/cve/CVE-2024-10467.html * https://bugzilla.suse.com/show_bug.cgi?id=1231879 # Recommended update for ghc-basement, ghc-cryptonite, ghc-memory Announcement ID: SUSE-RU-2024:3883-1 Release Date: 2024-11-04T06:36:43Z Rating: low References: * bsc#1224810 Affected Products: * openSUSE Leap 15.5 * openSUSE Leap 15.6 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 * SUSE Package Hub 15 15-SP5 * SUSE Package Hub 15 15-SP6 An update that has one fix can now be installed. ## Description: This update for ghc-basement, ghc-cryptonite, ghc-memory fixes the following issues: * Fix dependencies of ghc-basement, ghc-cryptonite, ghc-memory (bsc#1224810) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2024-3883=1 openSUSE-SLE-15.5-2024-3883=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-3883=1 * SUSE Package Hub 15 15-SP5 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3883=1 * SUSE Package Hub 15 15-SP6 zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-3883=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64) * ghc-containers-debuginfo-0.6.5.1-150500.3.4.1 * ghc-unix-devel-2.7.2.2-150500.3.4.1 * ghc-debugsource-8.10.7-150500.3.4.1 * ghc-mtl-debuginfo-2.2.2-150500.3.4.1 * ghc-ghc-boot-th-devel-8.10.7-150500.3.4.1 * ghc-hpc-0.6.1.0-150500.3.4.1 * ghc-directory-debuginfo-1.3.6.0-150500.3.4.1 * ghc-xhtml-debuginfo-3000.2.2.1-150500.3.4.1 * ghc-ghc-boot-devel-8.10.7-150500.3.4.1 * ghc-base-4.14.3.0-150500.3.4.1 * ghc-8.10.7-150500.3.4.1 * ghc-binary-0.8.8.0-150500.3.4.1 * ghc-haskeline-0.8.2-150500.3.4.1 * ghc-pretty-devel-1.1.3.6-150500.3.4.1 * ghc-basement-0.0.16-150500.3.5.2 * ghc-array-0.5.4.0-150500.3.4.1 * ghc-memory-0.18.0-150500.3.5.2 * ghc-memory-devel-0.18.0-150500.3.5.2 * ghc-terminfo-devel-0.4.1.4-150500.3.4.1 * ghc-array-debuginfo-0.5.4.0-150500.3.4.1 * ghc-text-devel-1.2.4.1-150500.3.4.1 * ghc-ghc-debuginfo-8.10.7-150500.3.4.1 * ghc-stm-debuginfo-2.5.0.1-150500.3.4.1 * ghc-base-devel-4.14.3.0-150500.3.4.1 * ghc-exceptions-debuginfo-0.10.4-150500.3.4.1 * ghc-hpc-devel-0.6.1.0-150500.3.4.1 * ghc-text-1.2.4.1-150500.3.4.1 * ghc-ghc-8.10.7-150500.3.4.1 * ghc-time-devel-1.9.3-150500.3.4.1 * ghc-template-haskell-devel-2.16.0.0-150500.3.4.1 * ghc-compiler-debuginfo-8.10.7-150500.3.4.1 * ghc-ghc-boot-th-debuginfo-8.10.7-150500.3.4.1 * ghc-pretty-1.1.3.6-150500.3.4.1 * ghc-process-devel-1.6.13.2-150500.3.4.1 * ghc-deepseq-devel-1.4.4.0-150500.3.4.1 * ghc-ghci-devel-8.10.7-150500.3.4.1 * ghc-ghc-compact-devel-0.1.0.0-150500.3.4.1 * ghc-binary-debuginfo-0.8.8.0-150500.3.4.1 * ghc-parsec-3.1.14.0-150500.3.4.1 * ghc-haskeline-debuginfo-0.8.2-150500.3.4.1 * ghc-deepseq-1.4.4.0-150500.3.4.1 * ghc-filepath-devel-1.4.2.1-150500.3.4.1 * ghc-ghc-boot-th-8.10.7-150500.3.4.1 * ghc-libraries-8.10.7-150500.3.4.1 * ghc-deepseq-debuginfo-1.4.4.0-150500.3.4.1 * ghc-hpc-debuginfo-0.6.1.0-150500.3.4.1 * ghc-debuginfo-8.10.7-150500.3.4.1 * ghc-bytestring-devel-0.10.12.0-150500.3.4.1 * ghc-filepath-1.4.2.1-150500.3.4.1 * ghc-parsec-devel-3.1.14.0-150500.3.4.1 * ghc-cryptonite-devel-0.30-150500.3.2.2 * ghc-pretty-debuginfo-1.1.3.6-150500.3.4.1 * ghc-template-haskell-debuginfo-2.16.0.0-150500.3.4.1 * ghc-xhtml-devel-3000.2.2.1-150500.3.4.1 * ghc-ghc-heap-devel-8.10.7-150500.3.4.1 * ghc-libiserv-devel-8.10.7-150500.3.4.1 * ghc-basement-devel-0.0.16-150500.3.5.2 * ghc-stm-2.5.0.1-150500.3.4.1 * ghc-directory-devel-1.3.6.0-150500.3.4.1 * ghc-process-debuginfo-1.6.13.2-150500.3.4.1 * ghc-time-1.9.3-150500.3.4.1 * ghc-unix-debuginfo-2.7.2.2-150500.3.4.1 * ghc-xhtml-3000.2.2.1-150500.3.4.1 * ghc-Cabal-3.2.1.0-150500.3.4.1 * ghc-ghc-heap-8.10.7-150500.3.4.1 * ghc-containers-devel-0.6.5.1-150500.3.4.1 * ghc-Cabal-debuginfo-3.2.1.0-150500.3.4.1 * ghc-cryptonite-0.30-150500.3.2.2 * ghc-ghc-heap-debuginfo-8.10.7-150500.3.4.1 * ghc-libiserv-8.10.7-150500.3.4.1 * ghc-transformers-0.5.6.2-150500.3.4.1 * ghc-containers-0.6.5.1-150500.3.4.1 * ghc-stm-devel-2.5.0.1-150500.3.4.1 * ghc-ghci-debuginfo-8.10.7-150500.3.4.1 * ghc-ghc-compact-0.1.0.0-150500.3.4.1 * ghc-ghci-8.10.7-150500.3.4.1 * ghc-text-debuginfo-1.2.4.1-150500.3.4.1 * ghc-directory-1.3.6.0-150500.3.4.1 * ghc-ghc-compact-debuginfo-0.1.0.0-150500.3.4.1 * ghc-ghc-boot-8.10.7-150500.3.4.1 * ghc-terminfo-debuginfo-0.4.1.4-150500.3.4.1 * ghc-transformers-devel-0.5.6.2-150500.3.4.1 * ghc-libiserv-debuginfo-8.10.7-150500.3.4.1 * ghc-unix-2.7.2.2-150500.3.4.1 * ghc-time-debuginfo-1.9.3-150500.3.4.1 * ghc-filepath-debuginfo-1.4.2.1-150500.3.4.1 * ghc-exceptions-devel-0.10.4-150500.3.4.1 * ghc-compiler-8.10.7-150500.3.4.1 * ghc-array-devel-0.5.4.0-150500.3.4.1 * ghc-haskeline-devel-0.8.2-150500.3.4.1 * ghc-bytestring-0.10.12.0-150500.3.4.1 * ghc-exceptions-0.10.4-150500.3.4.1 * ghc-mtl-2.2.2-150500.3.4.1 * ghc-bytestring-debuginfo-0.10.12.0-150500.3.4.1 * ghc-ghc-devel-8.10.7-150500.3.4.1 * ghc-ghc-boot-debuginfo-8.10.7-150500.3.4.1 * ghc-Cabal-devel-3.2.1.0-150500.3.4.1 * ghc-base-debuginfo-4.14.3.0-150500.3.4.1 * ghc-terminfo-0.4.1.4-150500.3.4.1 * ghc-binary-devel-0.8.8.0-150500.3.4.1 * ghc-template-haskell-2.16.0.0-150500.3.4.1 * ghc-process-1.6.13.2-150500.3.4.1 * ghc-mtl-devel-2.2.2-150500.3.4.1 * ghc-parsec-debuginfo-3.1.14.0-150500.3.4.1 * ghc-transformers-debuginfo-0.5.6.2-150500.3.4.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * ghc-containers-debuginfo-0.6.5.1-150500.3.4.1 * ghc-unix-devel-2.7.2.2-150500.3.4.1 * ghc-debugsource-8.10.7-150500.3.4.1 * ghc-mtl-debuginfo-2.2.2-150500.3.4.1 * ghc-ghc-boot-th-devel-8.10.7-150500.3.4.1 * ghc-hpc-0.6.1.0-150500.3.4.1 * ghc-directory-debuginfo-1.3.6.0-150500.3.4.1 * ghc-xhtml-debuginfo-3000.2.2.1-150500.3.4.1 * ghc-ghc-boot-devel-8.10.7-150500.3.4.1 * ghc-base-4.14.3.0-150500.3.4.1 * ghc-8.10.7-150500.3.4.1 * ghc-binary-0.8.8.0-150500.3.4.1 * ghc-haskeline-0.8.2-150500.3.4.1 * ghc-pretty-devel-1.1.3.6-150500.3.4.1 * ghc-basement-0.0.16-150500.3.5.2 * ghc-array-0.5.4.0-150500.3.4.1 * ghc-memory-0.18.0-150500.3.5.2 * ghc-memory-devel-0.18.0-150500.3.5.2 * ghc-terminfo-devel-0.4.1.4-150500.3.4.1 * ghc-array-debuginfo-0.5.4.0-150500.3.4.1 * ghc-text-devel-1.2.4.1-150500.3.4.1 * ghc-ghc-debuginfo-8.10.7-150500.3.4.1 * ghc-stm-debuginfo-2.5.0.1-150500.3.4.1 * ghc-base-devel-4.14.3.0-150500.3.4.1 * ghc-exceptions-debuginfo-0.10.4-150500.3.4.1 * ghc-hpc-devel-0.6.1.0-150500.3.4.1 * ghc-text-1.2.4.1-150500.3.4.1 * ghc-ghc-8.10.7-150500.3.4.1 * ghc-time-devel-1.9.3-150500.3.4.1 * ghc-template-haskell-devel-2.16.0.0-150500.3.4.1 * ghc-compiler-debuginfo-8.10.7-150500.3.4.1 * ghc-ghc-boot-th-debuginfo-8.10.7-150500.3.4.1 * ghc-pretty-1.1.3.6-150500.3.4.1 * ghc-process-devel-1.6.13.2-150500.3.4.1 * ghc-deepseq-devel-1.4.4.0-150500.3.4.1 * ghc-ghci-devel-8.10.7-150500.3.4.1 * ghc-ghc-compact-devel-0.1.0.0-150500.3.4.1 * ghc-binary-debuginfo-0.8.8.0-150500.3.4.1 * ghc-parsec-3.1.14.0-150500.3.4.1 * ghc-haskeline-debuginfo-0.8.2-150500.3.4.1 * ghc-deepseq-1.4.4.0-150500.3.4.1 * ghc-filepath-devel-1.4.2.1-150500.3.4.1 * ghc-ghc-boot-th-8.10.7-150500.3.4.1 * ghc-libraries-8.10.7-150500.3.4.1 * ghc-deepseq-debuginfo-1.4.4.0-150500.3.4.1 * ghc-hpc-debuginfo-0.6.1.0-150500.3.4.1 * ghc-debuginfo-8.10.7-150500.3.4.1 * ghc-bytestring-devel-0.10.12.0-150500.3.4.1 * ghc-filepath-1.4.2.1-150500.3.4.1 * ghc-parsec-devel-3.1.14.0-150500.3.4.1 * ghc-cryptonite-devel-0.30-150500.3.2.2 * ghc-pretty-debuginfo-1.1.3.6-150500.3.4.1 * ghc-template-haskell-debuginfo-2.16.0.0-150500.3.4.1 * ghc-xhtml-devel-3000.2.2.1-150500.3.4.1 * ghc-ghc-heap-devel-8.10.7-150500.3.4.1 * ghc-libiserv-devel-8.10.7-150500.3.4.1 * ghc-basement-devel-0.0.16-150500.3.5.2 * ghc-stm-2.5.0.1-150500.3.4.1 * ghc-directory-devel-1.3.6.0-150500.3.4.1 * ghc-process-debuginfo-1.6.13.2-150500.3.4.1 * ghc-time-1.9.3-150500.3.4.1 * ghc-unix-debuginfo-2.7.2.2-150500.3.4.1 * ghc-xhtml-3000.2.2.1-150500.3.4.1 * ghc-Cabal-3.2.1.0-150500.3.4.1 * ghc-ghc-heap-8.10.7-150500.3.4.1 * ghc-containers-devel-0.6.5.1-150500.3.4.1 * ghc-Cabal-debuginfo-3.2.1.0-150500.3.4.1 * ghc-cryptonite-0.30-150500.3.2.2 * ghc-ghc-heap-debuginfo-8.10.7-150500.3.4.1 * ghc-libiserv-8.10.7-150500.3.4.1 * ghc-transformers-0.5.6.2-150500.3.4.1 * ghc-containers-0.6.5.1-150500.3.4.1 * ghc-stm-devel-2.5.0.1-150500.3.4.1 * ghc-ghci-debuginfo-8.10.7-150500.3.4.1 * ghc-ghc-compact-0.1.0.0-150500.3.4.1 * ghc-ghci-8.10.7-150500.3.4.1 * ghc-text-debuginfo-1.2.4.1-150500.3.4.1 * ghc-directory-1.3.6.0-150500.3.4.1 * ghc-ghc-compact-debuginfo-0.1.0.0-150500.3.4.1 * ghc-ghc-boot-8.10.7-150500.3.4.1 * ghc-terminfo-debuginfo-0.4.1.4-150500.3.4.1 * ghc-transformers-devel-0.5.6.2-150500.3.4.1 * ghc-libiserv-debuginfo-8.10.7-150500.3.4.1 * ghc-unix-2.7.2.2-150500.3.4.1 * ghc-time-debuginfo-1.9.3-150500.3.4.1 * ghc-filepath-debuginfo-1.4.2.1-150500.3.4.1 * ghc-exceptions-devel-0.10.4-150500.3.4.1 * ghc-compiler-8.10.7-150500.3.4.1 * ghc-array-devel-0.5.4.0-150500.3.4.1 * ghc-haskeline-devel-0.8.2-150500.3.4.1 * ghc-bytestring-0.10.12.0-150500.3.4.1 * ghc-exceptions-0.10.4-150500.3.4.1 * ghc-mtl-2.2.2-150500.3.4.1 * ghc-bytestring-debuginfo-0.10.12.0-150500.3.4.1 * ghc-ghc-devel-8.10.7-150500.3.4.1 * ghc-ghc-boot-debuginfo-8.10.7-150500.3.4.1 * ghc-Cabal-devel-3.2.1.0-150500.3.4.1 * ghc-base-debuginfo-4.14.3.0-150500.3.4.1 * ghc-terminfo-0.4.1.4-150500.3.4.1 * ghc-binary-devel-0.8.8.0-150500.3.4.1 * ghc-template-haskell-2.16.0.0-150500.3.4.1 * ghc-process-1.6.13.2-150500.3.4.1 * ghc-mtl-devel-2.2.2-150500.3.4.1 * ghc-parsec-debuginfo-3.1.14.0-150500.3.4.1 * ghc-transformers-debuginfo-0.5.6.2-150500.3.4.1 * SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64) * ghc-containers-debuginfo-0.6.5.1-150500.3.4.1 * ghc-unix-devel-2.7.2.2-150500.3.4.1 * ghc-debugsource-8.10.7-150500.3.4.1 * ghc-mtl-debuginfo-2.2.2-150500.3.4.1 * ghc-ghc-boot-th-devel-8.10.7-150500.3.4.1 * ghc-hpc-0.6.1.0-150500.3.4.1 * ghc-directory-debuginfo-1.3.6.0-150500.3.4.1 * ghc-xhtml-debuginfo-3000.2.2.1-150500.3.4.1 * ghc-ghc-boot-devel-8.10.7-150500.3.4.1 * ghc-base-4.14.3.0-150500.3.4.1 * ghc-8.10.7-150500.3.4.1 * ghc-binary-0.8.8.0-150500.3.4.1 * ghc-haskeline-0.8.2-150500.3.4.1 * ghc-pretty-devel-1.1.3.6-150500.3.4.1 * ghc-basement-0.0.16-150500.3.5.2 * ghc-array-0.5.4.0-150500.3.4.1 * ghc-memory-0.18.0-150500.3.5.2 * ghc-memory-devel-0.18.0-150500.3.5.2 * ghc-terminfo-devel-0.4.1.4-150500.3.4.1 * ghc-array-debuginfo-0.5.4.0-150500.3.4.1 * ghc-text-devel-1.2.4.1-150500.3.4.1 * ghc-ghc-debuginfo-8.10.7-150500.3.4.1 * ghc-stm-debuginfo-2.5.0.1-150500.3.4.1 * ghc-base-devel-4.14.3.0-150500.3.4.1 * ghc-exceptions-debuginfo-0.10.4-150500.3.4.1 * ghc-hpc-devel-0.6.1.0-150500.3.4.1 * ghc-text-1.2.4.1-150500.3.4.1 * ghc-ghc-8.10.7-150500.3.4.1 * ghc-time-devel-1.9.3-150500.3.4.1 * ghc-template-haskell-devel-2.16.0.0-150500.3.4.1 * ghc-compiler-debuginfo-8.10.7-150500.3.4.1 * ghc-ghc-boot-th-debuginfo-8.10.7-150500.3.4.1 * ghc-pretty-1.1.3.6-150500.3.4.1 * ghc-process-devel-1.6.13.2-150500.3.4.1 * ghc-deepseq-devel-1.4.4.0-150500.3.4.1 * ghc-ghci-devel-8.10.7-150500.3.4.1 * ghc-ghc-compact-devel-0.1.0.0-150500.3.4.1 * ghc-binary-debuginfo-0.8.8.0-150500.3.4.1 * ghc-parsec-3.1.14.0-150500.3.4.1 * ghc-haskeline-debuginfo-0.8.2-150500.3.4.1 * ghc-deepseq-1.4.4.0-150500.3.4.1 * ghc-filepath-devel-1.4.2.1-150500.3.4.1 * ghc-ghc-boot-th-8.10.7-150500.3.4.1 * ghc-libraries-8.10.7-150500.3.4.1 * ghc-deepseq-debuginfo-1.4.4.0-150500.3.4.1 * ghc-hpc-debuginfo-0.6.1.0-150500.3.4.1 * ghc-debuginfo-8.10.7-150500.3.4.1 * ghc-bytestring-devel-0.10.12.0-150500.3.4.1 * ghc-filepath-1.4.2.1-150500.3.4.1 * ghc-parsec-devel-3.1.14.0-150500.3.4.1 * ghc-cryptonite-devel-0.30-150500.3.2.2 * ghc-pretty-debuginfo-1.1.3.6-150500.3.4.1 * ghc-template-haskell-debuginfo-2.16.0.0-150500.3.4.1 * ghc-xhtml-devel-3000.2.2.1-150500.3.4.1 * ghc-ghc-heap-devel-8.10.7-150500.3.4.1 * ghc-libiserv-devel-8.10.7-150500.3.4.1 * ghc-basement-devel-0.0.16-150500.3.5.2 * ghc-stm-2.5.0.1-150500.3.4.1 * ghc-directory-devel-1.3.6.0-150500.3.4.1 * ghc-process-debuginfo-1.6.13.2-150500.3.4.1 * ghc-time-1.9.3-150500.3.4.1 * ghc-unix-debuginfo-2.7.2.2-150500.3.4.1 * ghc-xhtml-3000.2.2.1-150500.3.4.1 * ghc-Cabal-3.2.1.0-150500.3.4.1 * ghc-ghc-heap-8.10.7-150500.3.4.1 * ghc-containers-devel-0.6.5.1-150500.3.4.1 * ghc-Cabal-debuginfo-3.2.1.0-150500.3.4.1 * ghc-cryptonite-0.30-150500.3.2.2 * ghc-ghc-heap-debuginfo-8.10.7-150500.3.4.1 * ghc-libiserv-8.10.7-150500.3.4.1 * ghc-transformers-0.5.6.2-150500.3.4.1 * ghc-containers-0.6.5.1-150500.3.4.1 * ghc-stm-devel-2.5.0.1-150500.3.4.1 * ghc-ghci-debuginfo-8.10.7-150500.3.4.1 * ghc-ghc-compact-0.1.0.0-150500.3.4.1 * ghc-ghci-8.10.7-150500.3.4.1 * ghc-text-debuginfo-1.2.4.1-150500.3.4.1 * ghc-directory-1.3.6.0-150500.3.4.1 * ghc-ghc-compact-debuginfo-0.1.0.0-150500.3.4.1 * ghc-ghc-boot-8.10.7-150500.3.4.1 * ghc-terminfo-debuginfo-0.4.1.4-150500.3.4.1 * ghc-transformers-devel-0.5.6.2-150500.3.4.1 * ghc-libiserv-debuginfo-8.10.7-150500.3.4.1 * ghc-unix-2.7.2.2-150500.3.4.1 * ghc-time-debuginfo-1.9.3-150500.3.4.1 * ghc-filepath-debuginfo-1.4.2.1-150500.3.4.1 * ghc-exceptions-devel-0.10.4-150500.3.4.1 * ghc-compiler-8.10.7-150500.3.4.1 * ghc-array-devel-0.5.4.0-150500.3.4.1 * ghc-haskeline-devel-0.8.2-150500.3.4.1 * ghc-bytestring-0.10.12.0-150500.3.4.1 * ghc-exceptions-0.10.4-150500.3.4.1 * ghc-mtl-2.2.2-150500.3.4.1 * ghc-bytestring-debuginfo-0.10.12.0-150500.3.4.1 * ghc-ghc-devel-8.10.7-150500.3.4.1 * ghc-ghc-boot-debuginfo-8.10.7-150500.3.4.1 * ghc-Cabal-devel-3.2.1.0-150500.3.4.1 * ghc-base-debuginfo-4.14.3.0-150500.3.4.1 * ghc-terminfo-0.4.1.4-150500.3.4.1 * ghc-binary-devel-0.8.8.0-150500.3.4.1 * ghc-template-haskell-2.16.0.0-150500.3.4.1 * ghc-process-1.6.13.2-150500.3.4.1 * ghc-mtl-devel-2.2.2-150500.3.4.1 * ghc-parsec-debuginfo-3.1.14.0-150500.3.4.1 * ghc-transformers-debuginfo-0.5.6.2-150500.3.4.1 * SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64) * ghc-containers-debuginfo-0.6.5.1-150500.3.4.1 * ghc-unix-devel-2.7.2.2-150500.3.4.1 * ghc-debugsource-8.10.7-150500.3.4.1 * ghc-mtl-debuginfo-2.2.2-150500.3.4.1 * ghc-ghc-boot-th-devel-8.10.7-150500.3.4.1 * ghc-hpc-0.6.1.0-150500.3.4.1 * ghc-directory-debuginfo-1.3.6.0-150500.3.4.1 * ghc-xhtml-debuginfo-3000.2.2.1-150500.3.4.1 * ghc-ghc-boot-devel-8.10.7-150500.3.4.1 * ghc-base-4.14.3.0-150500.3.4.1 * ghc-8.10.7-150500.3.4.1 * ghc-binary-0.8.8.0-150500.3.4.1 * ghc-haskeline-0.8.2-150500.3.4.1 * ghc-pretty-devel-1.1.3.6-150500.3.4.1 * ghc-basement-0.0.16-150500.3.5.2 * ghc-array-0.5.4.0-150500.3.4.1 * ghc-memory-0.18.0-150500.3.5.2 * ghc-memory-devel-0.18.0-150500.3.5.2 * ghc-terminfo-devel-0.4.1.4-150500.3.4.1 * ghc-array-debuginfo-0.5.4.0-150500.3.4.1 * ghc-text-devel-1.2.4.1-150500.3.4.1 * ghc-ghc-debuginfo-8.10.7-150500.3.4.1 * ghc-stm-debuginfo-2.5.0.1-150500.3.4.1 * ghc-base-devel-4.14.3.0-150500.3.4.1 * ghc-exceptions-debuginfo-0.10.4-150500.3.4.1 * ghc-hpc-devel-0.6.1.0-150500.3.4.1 * ghc-text-1.2.4.1-150500.3.4.1 * ghc-ghc-8.10.7-150500.3.4.1 * ghc-time-devel-1.9.3-150500.3.4.1 * ghc-template-haskell-devel-2.16.0.0-150500.3.4.1 * ghc-compiler-debuginfo-8.10.7-150500.3.4.1 * ghc-ghc-boot-th-debuginfo-8.10.7-150500.3.4.1 * ghc-pretty-1.1.3.6-150500.3.4.1 * ghc-process-devel-1.6.13.2-150500.3.4.1 * ghc-deepseq-devel-1.4.4.0-150500.3.4.1 * ghc-ghci-devel-8.10.7-150500.3.4.1 * ghc-ghc-compact-devel-0.1.0.0-150500.3.4.1 * ghc-binary-debuginfo-0.8.8.0-150500.3.4.1 * ghc-parsec-3.1.14.0-150500.3.4.1 * ghc-haskeline-debuginfo-0.8.2-150500.3.4.1 * ghc-deepseq-1.4.4.0-150500.3.4.1 * ghc-filepath-devel-1.4.2.1-150500.3.4.1 * ghc-ghc-boot-th-8.10.7-150500.3.4.1 * ghc-libraries-8.10.7-150500.3.4.1 * ghc-deepseq-debuginfo-1.4.4.0-150500.3.4.1 * ghc-hpc-debuginfo-0.6.1.0-150500.3.4.1 * ghc-debuginfo-8.10.7-150500.3.4.1 * ghc-bytestring-devel-0.10.12.0-150500.3.4.1 * ghc-filepath-1.4.2.1-150500.3.4.1 * ghc-parsec-devel-3.1.14.0-150500.3.4.1 * ghc-cryptonite-devel-0.30-150500.3.2.2 * ghc-pretty-debuginfo-1.1.3.6-150500.3.4.1 * ghc-template-haskell-debuginfo-2.16.0.0-150500.3.4.1 * ghc-xhtml-devel-3000.2.2.1-150500.3.4.1 * ghc-ghc-heap-devel-8.10.7-150500.3.4.1 * ghc-libiserv-devel-8.10.7-150500.3.4.1 * ghc-basement-devel-0.0.16-150500.3.5.2 * ghc-stm-2.5.0.1-150500.3.4.1 * ghc-directory-devel-1.3.6.0-150500.3.4.1 * ghc-process-debuginfo-1.6.13.2-150500.3.4.1 * ghc-time-1.9.3-150500.3.4.1 * ghc-unix-debuginfo-2.7.2.2-150500.3.4.1 * ghc-xhtml-3000.2.2.1-150500.3.4.1 * ghc-Cabal-3.2.1.0-150500.3.4.1 * ghc-ghc-heap-8.10.7-150500.3.4.1 * ghc-containers-devel-0.6.5.1-150500.3.4.1 * ghc-Cabal-debuginfo-3.2.1.0-150500.3.4.1 * ghc-cryptonite-0.30-150500.3.2.2 * ghc-ghc-heap-debuginfo-8.10.7-150500.3.4.1 * ghc-libiserv-8.10.7-150500.3.4.1 * ghc-transformers-0.5.6.2-150500.3.4.1 * ghc-containers-0.6.5.1-150500.3.4.1 * ghc-stm-devel-2.5.0.1-150500.3.4.1 * ghc-ghci-debuginfo-8.10.7-150500.3.4.1 * ghc-ghc-compact-0.1.0.0-150500.3.4.1 * ghc-ghci-8.10.7-150500.3.4.1 * ghc-text-debuginfo-1.2.4.1-150500.3.4.1 * ghc-directory-1.3.6.0-150500.3.4.1 * ghc-ghc-compact-debuginfo-0.1.0.0-150500.3.4.1 * ghc-ghc-boot-8.10.7-150500.3.4.1 * ghc-terminfo-debuginfo-0.4.1.4-150500.3.4.1 * ghc-transformers-devel-0.5.6.2-150500.3.4.1 * ghc-libiserv-debuginfo-8.10.7-150500.3.4.1 * ghc-unix-2.7.2.2-150500.3.4.1 * ghc-time-debuginfo-1.9.3-150500.3.4.1 * ghc-filepath-debuginfo-1.4.2.1-150500.3.4.1 * ghc-exceptions-devel-0.10.4-150500.3.4.1 * ghc-compiler-8.10.7-150500.3.4.1 * ghc-array-devel-0.5.4.0-150500.3.4.1 * ghc-haskeline-devel-0.8.2-150500.3.4.1 * ghc-bytestring-0.10.12.0-150500.3.4.1 * ghc-exceptions-0.10.4-150500.3.4.1 * ghc-mtl-2.2.2-150500.3.4.1 * ghc-bytestring-debuginfo-0.10.12.0-150500.3.4.1 * ghc-ghc-devel-8.10.7-150500.3.4.1 * ghc-ghc-boot-debuginfo-8.10.7-150500.3.4.1 * ghc-Cabal-devel-3.2.1.0-150500.3.4.1 * ghc-base-debuginfo-4.14.3.0-150500.3.4.1 * ghc-terminfo-0.4.1.4-150500.3.4.1 * ghc-binary-devel-0.8.8.0-150500.3.4.1 * ghc-template-haskell-2.16.0.0-150500.3.4.1 * ghc-process-1.6.13.2-150500.3.4.1 * ghc-mtl-devel-2.2.2-150500.3.4.1 * ghc-parsec-debuginfo-3.1.14.0-150500.3.4.1 * ghc-transformers-debuginfo-0.5.6.2-150500.3.4.1 ## References: * https://bugzilla.suse.com/show_bug.cgi?id=1224810 # Security update for the Linux Kernel (Live Patch 0 for SLE 15 SP6) Announcement ID: SUSE-SU-2024:3880-1 Release Date: 2024-11-04T06:33:25Z Rating: important References: * bsc#1225011 * bsc#1225012 * bsc#1225099 * bsc#1225309 * bsc#1225311 * bsc#1225312 * bsc#1225313 * bsc#1225739 * bsc#1225819 * bsc#1226325 * bsc#1226327 * bsc#1228786 * bsc#1231419 Cross-References: * CVE-2023-52752 * CVE-2023-52846 * CVE-2024-35817 * CVE-2024-35861 * CVE-2024-35862 * CVE-2024-35863 * CVE-2024-35864 * CVE-2024-35867 * CVE-2024-35905 * CVE-2024-36899 * CVE-2024-36964 * CVE-2024-40954 * CVE-2024-42133 CVSS scores: * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52846 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35817 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35861 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35862 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35863 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35864 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35867 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-35905 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36964 ( SUSE ): 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42133 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42133 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves 13 vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_21 fixes several issues. The following security issues were fixed: * CVE-2024-35905: Fixed int overflow for stack access size (bsc#1226327). * CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG (bsc#1231419) * CVE-2024-35863: Fixed potential UAF in is_valid_oplock_break() (bsc#1225011). * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-35862: Fixed potential UAF in smb2_is_network_name_deleted() (bsc#1225311). * CVE-2024-35867: Fixed potential UAF in cifs_stats_proc_show() (bsc#1225012). * CVE-2024-35864: Fixed potential UAF in smb2_is_valid_lease_break() (bsc#1225309). * CVE-2024-35861: Fixed potential UAF in cifs_signal_cifsd_for_reconnect() (bsc#1225312). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) * CVE-2024-36964: fs/9p: only translate RWX permissions for plain 9P2000 (bsc#1226325). * CVE-2023-52846: hsr: Prevent use after free in prp_create_tagged_frame() (bsc#1225099). * CVE-2024-35817: Set gtt bound flag in amdgpu_ttm_gart_bind (bsc#1225313). ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2024-3880=1 * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3880=1 ## Package List: * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1 * kernel-livepatch-SLE15-SP6_Update_0-debugsource-6-150600.4.10.1 * kernel-livepatch-6_4_0-150600_21-default-debuginfo-6-150600.4.10.1 * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_21-default-6-150600.4.10.1 * kernel-livepatch-SLE15-SP6_Update_0-debugsource-6-150600.4.10.1 * kernel-livepatch-6_4_0-150600_21-default-debuginfo-6-150600.4.10.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2023-52846.html * https://www.suse.com/security/cve/CVE-2024-35817.html * https://www.suse.com/security/cve/CVE-2024-35861.html * https://www.suse.com/security/cve/CVE-2024-35862.html * https://www.suse.com/security/cve/CVE-2024-35863.html * https://www.suse.com/security/cve/CVE-2024-35864.html * https://www.suse.com/security/cve/CVE-2024-35867.html * https://www.suse.com/security/cve/CVE-2024-35905.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-36964.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-42133.html * https://bugzilla.suse.com/show_bug.cgi?id=1225011 * https://bugzilla.suse.com/show_bug.cgi?id=1225012 * https://bugzilla.suse.com/show_bug.cgi?id=1225099 * https://bugzilla.suse.com/show_bug.cgi?id=1225309 * https://bugzilla.suse.com/show_bug.cgi?id=1225311 * https://bugzilla.suse.com/show_bug.cgi?id=1225312 * https://bugzilla.suse.com/show_bug.cgi?id=1225313 * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1226325 * https://bugzilla.suse.com/show_bug.cgi?id=1226327 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1231419 # Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6) Announcement ID: SUSE-SU-2024:3881-1 Release Date: 2024-11-04T06:33:33Z Rating: important References: * bsc#1225739 * bsc#1225819 * bsc#1228786 * bsc#1231419 Cross-References: * CVE-2023-52752 * CVE-2024-36899 * CVE-2024-40954 * CVE-2024-42133 CVSS scores: * CVE-2023-52752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2023-52752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-36899 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-40954 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H * CVE-2024-42133 ( SUSE ): 7.3 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N * CVE-2024-42133 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: * openSUSE Leap 15.6 * SUSE Linux Enterprise Live Patching 15-SP6 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves four vulnerabilities can now be installed. ## Description: This update for the Linux Kernel 6.4.0-150600_23_7 fixes several issues. The following security issues were fixed: * CVE-2024-42133: Bluetooth: Ignore too large handle values in BIG (bsc#1231419) * CVE-2023-52752: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() (bsc#1225819). * CVE-2024-36899: gpiolib: cdev: Fix use after free in lineinfo_changed_notify (bsc#1225739). * CVE-2024-40954: net: do not leave a dangling sk pointer, when socket creation fails (bsc#1227808) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.6 zypper in -t patch SUSE-2024-3881=1 * SUSE Linux Enterprise Live Patching 15-SP6 zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP6-2024-3881=1 ## Package List: * openSUSE Leap 15.6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_7-default-4-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-4-150600.13.6.1 * kernel-livepatch-SLE15-SP6_Update_1-debugsource-4-150600.13.6.1 * SUSE Linux Enterprise Live Patching 15-SP6 (ppc64le s390x x86_64) * kernel-livepatch-6_4_0-150600_23_7-default-4-150600.13.6.1 * kernel-livepatch-6_4_0-150600_23_7-default-debuginfo-4-150600.13.6.1 * kernel-livepatch-SLE15-SP6_Update_1-debugsource-4-150600.13.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-52752.html * https://www.suse.com/security/cve/CVE-2024-36899.html * https://www.suse.com/security/cve/CVE-2024-40954.html * https://www.suse.com/security/cve/CVE-2024-42133.html * https://bugzilla.suse.com/show_bug.cgi?id=1225739 * https://bugzilla.suse.com/show_bug.cgi?id=1225819 * https://bugzilla.suse.com/show_bug.cgi?id=1228786 * https://bugzilla.suse.com/show_bug.cgi?id=1231419