SUSE 5183 Published by

OpenSUSE Leap and SUSE Linux Enterprise have received security updates, including updates for chromedriver, stgit, onefetch, system-user-zabbix, rage-encryption, wpa_supplicant, python310, and ffmpeg4:

openSUSE-SU-2024:14357-1: moderate: chromedriver-129.0.6668.58-1.1 on GA media
openSUSE-SU-2024:14355-1: moderate: stgit-2.4.12-1.1 on GA media
openSUSE-SU-2024:14353-1: moderate: onefetch-2.22.0-1.1 on GA media
openSUSE-SU-2024:14356-1: moderate: system-user-zabbix-6.0.33-1.1 on GA media
openSUSE-SU-2024:14354-1: moderate: rage-encryption-0.10.0+0-3.1 on GA media
SUSE-SU-2024:3354-1: important: Security update for wpa_supplicant
SUSE-SU-2024:3357-1: important: Security update for python310
SUSE-SU-2024:3358-1: important: Security update for ffmpeg-4




openSUSE-SU-2024:14357-1: moderate: chromedriver-129.0.6668.58-1.1 on GA media


# chromedriver-129.0.6668.58-1.1 on GA media

Announcement ID: openSUSE-SU-2024:14357-1
Rating: moderate

Cross-References:

* CVE-2024-8904
* CVE-2024-8905
* CVE-2024-8906
* CVE-2024-8907
* CVE-2024-8908
* CVE-2024-8909

Affected Products:

* openSUSE Tumbleweed

An update that solves 6 vulnerabilities can now be installed.

## Description:

These are all security issues fixed in the chromedriver-129.0.6668.58-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* chromedriver 129.0.6668.58-1.1
* chromium 129.0.6668.58-1.1

## References:

* https://www.suse.com/security/cve/CVE-2024-8904.html
* https://www.suse.com/security/cve/CVE-2024-8905.html
* https://www.suse.com/security/cve/CVE-2024-8906.html
* https://www.suse.com/security/cve/CVE-2024-8907.html
* https://www.suse.com/security/cve/CVE-2024-8908.html
* https://www.suse.com/security/cve/CVE-2024-8909.html



openSUSE-SU-2024:14355-1: moderate: stgit-2.4.12-1.1 on GA media


# stgit-2.4.12-1.1 on GA media

Announcement ID: openSUSE-SU-2024:14355-1
Rating: moderate

Cross-References:

* CVE-2024-45405

CVSS scores:

* CVE-2024-45405 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-45405 ( SUSE ): 7 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the stgit-2.4.12-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* stgit 2.4.12-1.1
* stgit-bash-completion 2.4.12-1.1
* stgit-emacs 2.4.12-1.1
* stgit-fish-completion 2.4.12-1.1
* stgit-vim-plugin 2.4.12-1.1
* stgit-zsh-completion 2.4.12-1.1

## References:

* https://www.suse.com/security/cve/CVE-2024-45405.html



openSUSE-SU-2024:14353-1: moderate: onefetch-2.22.0-1.1 on GA media


# onefetch-2.22.0-1.1 on GA media

Announcement ID: openSUSE-SU-2024:14353-1
Rating: moderate

Cross-References:

* CVE-2024-45405

CVSS scores:

* CVE-2024-45405 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-45405 ( SUSE ): 7 CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the onefetch-2.22.0-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* onefetch 2.22.0-1.1

## References:

* https://www.suse.com/security/cve/CVE-2024-45405.html



openSUSE-SU-2024:14356-1: moderate: system-user-zabbix-6.0.33-1.1 on GA media


# system-user-zabbix-6.0.33-1.1 on GA media

Announcement ID: openSUSE-SU-2024:14356-1
Rating: moderate

Cross-References:

* CVE-2024-36461

CVSS scores:

* CVE-2024-36461 ( SUSE ): 9.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the system-user-zabbix-6.0.33-1.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* system-user-zabbix 6.0.33-1.1
* zabbix-agent 6.0.33-1.1
* zabbix-java-gateway 6.0.33-1.1
* zabbix-proxy 6.0.33-1.1
* zabbix-proxy-mysql 6.0.33-1.1
* zabbix-proxy-postgresql 6.0.33-1.1
* zabbix-proxy-sqlite 6.0.33-1.1
* zabbix-server 6.0.33-1.1
* zabbix-server-mysql 6.0.33-1.1
* zabbix-server-postgresql 6.0.33-1.1
* zabbix-ui 6.0.33-1.1

## References:

* https://www.suse.com/security/cve/CVE-2024-36461.html



openSUSE-SU-2024:14354-1: moderate: rage-encryption-0.10.0+0-3.1 on GA media


# rage-encryption-0.10.0+0-3.1 on GA media

Announcement ID: openSUSE-SU-2024:14354-1
Rating: moderate

Cross-References:

* CVE-2024-43806

CVSS scores:

* CVE-2024-43806 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Tumbleweed

An update that solves one vulnerability can now be installed.

## Description:

These are all security issues fixed in the rage-encryption-0.10.0+0-3.1 package on the GA media of openSUSE Tumbleweed.

## Package List:

* openSUSE Tumbleweed:
* rage-encryption 0.10.0+0-3.1
* rage-encryption-bash-completion 0.10.0+0-3.1
* rage-encryption-fish-completion 0.10.0+0-3.1
* rage-encryption-zsh-completion 0.10.0+0-3.1

## References:

* https://www.suse.com/security/cve/CVE-2024-43806.html



SUSE-SU-2024:3354-1: important: Security update for wpa_supplicant


# Security update for wpa_supplicant

Announcement ID: SUSE-SU-2024:3354-1
Rating: important
References:

* bsc#1219975

Cross-References:

* CVE-2023-52160

CVSS scores:

* CVE-2023-52160 ( SUSE ): 6.5 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-52160 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Affected Products:

* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for wpa_supplicant fixes the following issues:

* CVE-2023-52160: Bypassing WiFi Authentication (bsc#1219975).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2024-3354=1 openSUSE-SLE-15.6-2024-3354=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3354=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* wpa_supplicant-2.10-150600.7.3.1
* wpa_supplicant-debugsource-2.10-150600.7.3.1
* wpa_supplicant-gui-debuginfo-2.10-150600.7.3.1
* wpa_supplicant-debuginfo-2.10-150600.7.3.1
* wpa_supplicant-gui-2.10-150600.7.3.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* wpa_supplicant-2.10-150600.7.3.1
* wpa_supplicant-debugsource-2.10-150600.7.3.1
* wpa_supplicant-debuginfo-2.10-150600.7.3.1

## References:

* https://www.suse.com/security/cve/CVE-2023-52160.html
* https://bugzilla.suse.com/show_bug.cgi?id=1219975



SUSE-SU-2024:3357-1: important: Security update for python310


# Security update for python310

Announcement ID: SUSE-SU-2024:3357-1
Rating: important
References:

* bsc#1229596
* bsc#1229704
* bsc#1230227

Cross-References:

* CVE-2024-6232
* CVE-2024-7592
* CVE-2024-8088

CVSS scores:

* CVE-2024-6232 ( SUSE ): 8.9
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H
* CVE-2024-6232 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-6232 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-7592 ( SUSE ): 2.6 CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:N/I:N/A:L
* CVE-2024-7592 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-8088 ( SUSE ): 5.9
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-8088 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4

An update that solves three vulnerabilities can now be installed.

## Description:

This update for python310 fixes the following issues:

* Update to version 3.10.15
* CVE-2024-8088: Fixed denial of service in zipfile. (bsc#1229704)
* CVE-2024-7592: Fixed uncontrolled CPU resource consumption when in
http.cookies module. (bsc#1229596)
* CVE-2024-6232: Fixed ReDos via excessive backtracking while parsing header
values. (bsc#1230227)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3357=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3357=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-3357=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-3357=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-3357=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3357=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3357=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3357=1

## Package List:

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* python310-base-3.10.15-150400.4.57.1
* libpython3_10-1_0-debuginfo-3.10.15-150400.4.57.1
* python310-base-debuginfo-3.10.15-150400.4.57.1
* python310-dbm-debuginfo-3.10.15-150400.4.57.1
* libpython3_10-1_0-3.10.15-150400.4.57.1
* python310-dbm-3.10.15-150400.4.57.1
* python310-core-debugsource-3.10.15-150400.4.57.1
* python310-curses-3.10.15-150400.4.57.1
* python310-curses-debuginfo-3.10.15-150400.4.57.1
* python310-devel-3.10.15-150400.4.57.1
* python310-tk-debuginfo-3.10.15-150400.4.57.1
* python310-3.10.15-150400.4.57.1
* python310-idle-3.10.15-150400.4.57.1
* python310-debugsource-3.10.15-150400.4.57.1
* python310-debuginfo-3.10.15-150400.4.57.1
* python310-tools-3.10.15-150400.4.57.1
* python310-tk-3.10.15-150400.4.57.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* python310-base-3.10.15-150400.4.57.1
* libpython3_10-1_0-debuginfo-3.10.15-150400.4.57.1
* python310-base-debuginfo-3.10.15-150400.4.57.1
* python310-dbm-debuginfo-3.10.15-150400.4.57.1
* libpython3_10-1_0-3.10.15-150400.4.57.1
* python310-dbm-3.10.15-150400.4.57.1
* python310-core-debugsource-3.10.15-150400.4.57.1
* python310-curses-3.10.15-150400.4.57.1
* python310-curses-debuginfo-3.10.15-150400.4.57.1
* python310-devel-3.10.15-150400.4.57.1
* python310-tk-debuginfo-3.10.15-150400.4.57.1
* python310-3.10.15-150400.4.57.1
* python310-idle-3.10.15-150400.4.57.1
* python310-debugsource-3.10.15-150400.4.57.1
* python310-debuginfo-3.10.15-150400.4.57.1
* python310-tools-3.10.15-150400.4.57.1
* python310-tk-3.10.15-150400.4.57.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* python310-doc-3.10.15-150400.4.57.1
* python310-base-3.10.15-150400.4.57.1
* python310-testsuite-debuginfo-3.10.15-150400.4.57.1
* python310-dbm-debuginfo-3.10.15-150400.4.57.1
* python310-core-debugsource-3.10.15-150400.4.57.1
* python310-idle-3.10.15-150400.4.57.1
* python310-debugsource-3.10.15-150400.4.57.1
* python310-testsuite-3.10.15-150400.4.57.1
* python310-dbm-3.10.15-150400.4.57.1
* python310-curses-3.10.15-150400.4.57.1
* python310-devel-3.10.15-150400.4.57.1
* python310-tk-debuginfo-3.10.15-150400.4.57.1
* python310-tk-3.10.15-150400.4.57.1
* libpython3_10-1_0-3.10.15-150400.4.57.1
* python310-curses-debuginfo-3.10.15-150400.4.57.1
* python310-tools-3.10.15-150400.4.57.1
* python310-doc-devhelp-3.10.15-150400.4.57.1
* libpython3_10-1_0-debuginfo-3.10.15-150400.4.57.1
* python310-base-debuginfo-3.10.15-150400.4.57.1
* python310-3.10.15-150400.4.57.1
* python310-debuginfo-3.10.15-150400.4.57.1
* openSUSE Leap 15.4 (x86_64)
* libpython3_10-1_0-32bit-3.10.15-150400.4.57.1
* python310-32bit-3.10.15-150400.4.57.1
* python310-base-32bit-debuginfo-3.10.15-150400.4.57.1
* python310-32bit-debuginfo-3.10.15-150400.4.57.1
* libpython3_10-1_0-32bit-debuginfo-3.10.15-150400.4.57.1
* python310-base-32bit-3.10.15-150400.4.57.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* python310-64bit-3.10.15-150400.4.57.1
* python310-base-64bit-3.10.15-150400.4.57.1
* libpython3_10-1_0-64bit-debuginfo-3.10.15-150400.4.57.1
* python310-64bit-debuginfo-3.10.15-150400.4.57.1
* python310-base-64bit-debuginfo-3.10.15-150400.4.57.1
* libpython3_10-1_0-64bit-3.10.15-150400.4.57.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python310-doc-3.10.15-150400.4.57.1
* python310-base-3.10.15-150400.4.57.1
* python310-testsuite-debuginfo-3.10.15-150400.4.57.1
* python310-dbm-debuginfo-3.10.15-150400.4.57.1
* python310-core-debugsource-3.10.15-150400.4.57.1
* python310-idle-3.10.15-150400.4.57.1
* python310-debugsource-3.10.15-150400.4.57.1
* python310-testsuite-3.10.15-150400.4.57.1
* python310-dbm-3.10.15-150400.4.57.1
* python310-curses-3.10.15-150400.4.57.1
* python310-devel-3.10.15-150400.4.57.1
* python310-tk-debuginfo-3.10.15-150400.4.57.1
* python310-tk-3.10.15-150400.4.57.1
* libpython3_10-1_0-3.10.15-150400.4.57.1
* python310-curses-debuginfo-3.10.15-150400.4.57.1
* python310-tools-3.10.15-150400.4.57.1
* python310-doc-devhelp-3.10.15-150400.4.57.1
* libpython3_10-1_0-debuginfo-3.10.15-150400.4.57.1
* python310-base-debuginfo-3.10.15-150400.4.57.1
* python310-3.10.15-150400.4.57.1
* python310-debuginfo-3.10.15-150400.4.57.1
* openSUSE Leap 15.5 (x86_64)
* libpython3_10-1_0-32bit-3.10.15-150400.4.57.1
* python310-32bit-3.10.15-150400.4.57.1
* python310-base-32bit-debuginfo-3.10.15-150400.4.57.1
* python310-32bit-debuginfo-3.10.15-150400.4.57.1
* libpython3_10-1_0-32bit-debuginfo-3.10.15-150400.4.57.1
* python310-base-32bit-3.10.15-150400.4.57.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* python310-doc-3.10.15-150400.4.57.1
* python310-base-3.10.15-150400.4.57.1
* python310-testsuite-debuginfo-3.10.15-150400.4.57.1
* python310-dbm-debuginfo-3.10.15-150400.4.57.1
* python310-core-debugsource-3.10.15-150400.4.57.1
* python310-idle-3.10.15-150400.4.57.1
* python310-debugsource-3.10.15-150400.4.57.1
* python310-testsuite-3.10.15-150400.4.57.1
* python310-dbm-3.10.15-150400.4.57.1
* python310-curses-3.10.15-150400.4.57.1
* python310-devel-3.10.15-150400.4.57.1
* python310-tk-debuginfo-3.10.15-150400.4.57.1
* python310-tk-3.10.15-150400.4.57.1
* libpython3_10-1_0-3.10.15-150400.4.57.1
* python310-curses-debuginfo-3.10.15-150400.4.57.1
* python310-tools-3.10.15-150400.4.57.1
* python310-doc-devhelp-3.10.15-150400.4.57.1
* libpython3_10-1_0-debuginfo-3.10.15-150400.4.57.1
* python310-base-debuginfo-3.10.15-150400.4.57.1
* python310-3.10.15-150400.4.57.1
* python310-debuginfo-3.10.15-150400.4.57.1
* openSUSE Leap 15.6 (x86_64)
* libpython3_10-1_0-32bit-3.10.15-150400.4.57.1
* python310-32bit-3.10.15-150400.4.57.1
* python310-base-32bit-debuginfo-3.10.15-150400.4.57.1
* python310-32bit-debuginfo-3.10.15-150400.4.57.1
* libpython3_10-1_0-32bit-debuginfo-3.10.15-150400.4.57.1
* python310-base-32bit-3.10.15-150400.4.57.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* python310-base-3.10.15-150400.4.57.1
* libpython3_10-1_0-debuginfo-3.10.15-150400.4.57.1
* python310-base-debuginfo-3.10.15-150400.4.57.1
* python310-dbm-debuginfo-3.10.15-150400.4.57.1
* libpython3_10-1_0-3.10.15-150400.4.57.1
* python310-dbm-3.10.15-150400.4.57.1
* python310-core-debugsource-3.10.15-150400.4.57.1
* python310-curses-3.10.15-150400.4.57.1
* python310-curses-debuginfo-3.10.15-150400.4.57.1
* python310-devel-3.10.15-150400.4.57.1
* python310-tk-debuginfo-3.10.15-150400.4.57.1
* python310-3.10.15-150400.4.57.1
* python310-idle-3.10.15-150400.4.57.1
* python310-debugsource-3.10.15-150400.4.57.1
* python310-debuginfo-3.10.15-150400.4.57.1
* python310-tools-3.10.15-150400.4.57.1
* python310-tk-3.10.15-150400.4.57.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* python310-base-3.10.15-150400.4.57.1
* libpython3_10-1_0-debuginfo-3.10.15-150400.4.57.1
* python310-base-debuginfo-3.10.15-150400.4.57.1
* python310-dbm-debuginfo-3.10.15-150400.4.57.1
* libpython3_10-1_0-3.10.15-150400.4.57.1
* python310-dbm-3.10.15-150400.4.57.1
* python310-core-debugsource-3.10.15-150400.4.57.1
* python310-curses-3.10.15-150400.4.57.1
* python310-curses-debuginfo-3.10.15-150400.4.57.1
* python310-devel-3.10.15-150400.4.57.1
* python310-tk-debuginfo-3.10.15-150400.4.57.1
* python310-3.10.15-150400.4.57.1
* python310-idle-3.10.15-150400.4.57.1
* python310-debugsource-3.10.15-150400.4.57.1
* python310-debuginfo-3.10.15-150400.4.57.1
* python310-tools-3.10.15-150400.4.57.1
* python310-tk-3.10.15-150400.4.57.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* python310-base-3.10.15-150400.4.57.1
* libpython3_10-1_0-debuginfo-3.10.15-150400.4.57.1
* python310-base-debuginfo-3.10.15-150400.4.57.1
* python310-dbm-debuginfo-3.10.15-150400.4.57.1
* libpython3_10-1_0-3.10.15-150400.4.57.1
* python310-dbm-3.10.15-150400.4.57.1
* python310-core-debugsource-3.10.15-150400.4.57.1
* python310-curses-3.10.15-150400.4.57.1
* python310-curses-debuginfo-3.10.15-150400.4.57.1
* python310-devel-3.10.15-150400.4.57.1
* python310-tk-debuginfo-3.10.15-150400.4.57.1
* python310-3.10.15-150400.4.57.1
* python310-idle-3.10.15-150400.4.57.1
* python310-debugsource-3.10.15-150400.4.57.1
* python310-debuginfo-3.10.15-150400.4.57.1
* python310-tools-3.10.15-150400.4.57.1
* python310-tk-3.10.15-150400.4.57.1

## References:

* https://www.suse.com/security/cve/CVE-2024-6232.html
* https://www.suse.com/security/cve/CVE-2024-7592.html
* https://www.suse.com/security/cve/CVE-2024-8088.html
* https://bugzilla.suse.com/show_bug.cgi?id=1229596
* https://bugzilla.suse.com/show_bug.cgi?id=1229704
* https://bugzilla.suse.com/show_bug.cgi?id=1230227



SUSE-SU-2024:3358-1: important: Security update for ffmpeg-4


# Security update for ffmpeg-4

Announcement ID: SUSE-SU-2024:3358-1
Rating: important
References:

* bsc#1226892
* bsc#1226897
* bsc#1226898
* bsc#1226899
* bsc#1226900
* bsc#1226901
* bsc#1229026
* jsc#PED-10024

Cross-References:

* CVE-2023-22656
* CVE-2023-45221
* CVE-2023-47169
* CVE-2023-47282
* CVE-2023-48368
* CVE-2024-7055

CVSS scores:

* CVE-2023-22656 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
* CVE-2023-45221 ( SUSE ): 4.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
* CVE-2023-47169 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-47282 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
* CVE-2023-48368 ( SUSE ): 5.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H
* CVE-2024-7055 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Workstation Extension 15 SP5
* SUSE Package Hub 15 15-SP5

An update that solves six vulnerabilities, contains one feature and has one
security fix can now be installed.

## Description:

This update for ffmpeg-4 fixes the following issues:

* Dropped support for libmfx to fix the following CVEs:
* libmfx: improper input validation (CVE-2023-48368, bsc#1226897)
* libmfx: improper buffer restrictions (CVE-2023-45221, bsc#1226898)
* libmfx: out-of-bounds read (CVE-2023-22656, bsc#1226899)
* libmfx: out-of-bounds write (CVE-2023-47282, bsc#1226900)
* libmfx: improper buffer restrictions (CVE-2023-47169, bsc#1226901)
* CVE-2024-7055: heap-based buffer overflow in pnmdec.c from the libavcodec
library. (bsc#1229026)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-3358=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-3358=1

* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-3358=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3358=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3358=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3358=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3358=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3358=1

* SUSE Linux Enterprise Workstation Extension 15 SP5
zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-3358=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libavformat58_76-4.4-150400.3.42.1
* ffmpeg-4-libswscale-devel-4.4-150400.3.42.1
* libavdevice58_13-4.4-150400.3.42.1
* libavutil56_70-debuginfo-4.4-150400.3.42.1
* libpostproc55_9-debuginfo-4.4-150400.3.42.1
* ffmpeg-4-private-devel-4.4-150400.3.42.1
* libavformat58_76-debuginfo-4.4-150400.3.42.1
* libavfilter7_110-4.4-150400.3.42.1
* ffmpeg-4-4.4-150400.3.42.1
* ffmpeg-4-debuginfo-4.4-150400.3.42.1
* libswscale5_9-4.4-150400.3.42.1
* libavcodec58_134-4.4-150400.3.42.1
* libswscale5_9-debuginfo-4.4-150400.3.42.1
* ffmpeg-4-debugsource-4.4-150400.3.42.1
* ffmpeg-4-libavfilter-devel-4.4-150400.3.42.1
* ffmpeg-4-libavcodec-devel-4.4-150400.3.42.1
* libavutil56_70-4.4-150400.3.42.1
* ffmpeg-4-libavformat-devel-4.4-150400.3.42.1
* libavdevice58_13-debuginfo-4.4-150400.3.42.1
* ffmpeg-4-libswresample-devel-4.4-150400.3.42.1
* ffmpeg-4-libpostproc-devel-4.4-150400.3.42.1
* libavcodec58_134-debuginfo-4.4-150400.3.42.1
* libavresample4_0-4.4-150400.3.42.1
* libswresample3_9-4.4-150400.3.42.1
* ffmpeg-4-libavutil-devel-4.4-150400.3.42.1
* ffmpeg-4-libavresample-devel-4.4-150400.3.42.1
* libavfilter7_110-debuginfo-4.4-150400.3.42.1
* libpostproc55_9-4.4-150400.3.42.1
* ffmpeg-4-libavdevice-devel-4.4-150400.3.42.1
* libswresample3_9-debuginfo-4.4-150400.3.42.1
* libavresample4_0-debuginfo-4.4-150400.3.42.1
* openSUSE Leap 15.4 (x86_64)
* libavresample4_0-32bit-4.4-150400.3.42.1
* libswresample3_9-32bit-4.4-150400.3.42.1
* libavfilter7_110-32bit-debuginfo-4.4-150400.3.42.1
* libavformat58_76-32bit-4.4-150400.3.42.1
* libpostproc55_9-32bit-4.4-150400.3.42.1
* libswresample3_9-32bit-debuginfo-4.4-150400.3.42.1
* libpostproc55_9-32bit-debuginfo-4.4-150400.3.42.1
* libswscale5_9-32bit-4.4-150400.3.42.1
* libswscale5_9-32bit-debuginfo-4.4-150400.3.42.1
* libavresample4_0-32bit-debuginfo-4.4-150400.3.42.1
* libavutil56_70-32bit-debuginfo-4.4-150400.3.42.1
* libavformat58_76-32bit-debuginfo-4.4-150400.3.42.1
* libavutil56_70-32bit-4.4-150400.3.42.1
* libavdevice58_13-32bit-debuginfo-4.4-150400.3.42.1
* libavdevice58_13-32bit-4.4-150400.3.42.1
* libavfilter7_110-32bit-4.4-150400.3.42.1
* libavcodec58_134-32bit-debuginfo-4.4-150400.3.42.1
* libavcodec58_134-32bit-4.4-150400.3.42.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libswresample3_9-64bit-4.4-150400.3.42.1
* libswscale5_9-64bit-debuginfo-4.4-150400.3.42.1
* libavdevice58_13-64bit-debuginfo-4.4-150400.3.42.1
* libavutil56_70-64bit-debuginfo-4.4-150400.3.42.1
* libavdevice58_13-64bit-4.4-150400.3.42.1
* libavfilter7_110-64bit-4.4-150400.3.42.1
* libavfilter7_110-64bit-debuginfo-4.4-150400.3.42.1
* libavcodec58_134-64bit-debuginfo-4.4-150400.3.42.1
* libpostproc55_9-64bit-4.4-150400.3.42.1
* libavcodec58_134-64bit-4.4-150400.3.42.1
* libpostproc55_9-64bit-debuginfo-4.4-150400.3.42.1
* libavresample4_0-64bit-debuginfo-4.4-150400.3.42.1
* libswresample3_9-64bit-debuginfo-4.4-150400.3.42.1
* libavformat58_76-64bit-4.4-150400.3.42.1
* libavformat58_76-64bit-debuginfo-4.4-150400.3.42.1
* libswscale5_9-64bit-4.4-150400.3.42.1
* libavresample4_0-64bit-4.4-150400.3.42.1
* libavutil56_70-64bit-4.4-150400.3.42.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* libavformat58_76-4.4-150400.3.42.1
* ffmpeg-4-libswscale-devel-4.4-150400.3.42.1
* libavdevice58_13-4.4-150400.3.42.1
* libavutil56_70-debuginfo-4.4-150400.3.42.1
* libpostproc55_9-debuginfo-4.4-150400.3.42.1
* ffmpeg-4-private-devel-4.4-150400.3.42.1
* libavformat58_76-debuginfo-4.4-150400.3.42.1
* libavfilter7_110-4.4-150400.3.42.1
* ffmpeg-4-4.4-150400.3.42.1
* ffmpeg-4-debuginfo-4.4-150400.3.42.1
* libswscale5_9-4.4-150400.3.42.1
* libavcodec58_134-4.4-150400.3.42.1
* libswscale5_9-debuginfo-4.4-150400.3.42.1
* ffmpeg-4-debugsource-4.4-150400.3.42.1
* ffmpeg-4-libavfilter-devel-4.4-150400.3.42.1
* ffmpeg-4-libavcodec-devel-4.4-150400.3.42.1
* libavutil56_70-4.4-150400.3.42.1
* ffmpeg-4-libavformat-devel-4.4-150400.3.42.1
* libavdevice58_13-debuginfo-4.4-150400.3.42.1
* ffmpeg-4-libswresample-devel-4.4-150400.3.42.1
* ffmpeg-4-libpostproc-devel-4.4-150400.3.42.1
* libavcodec58_134-debuginfo-4.4-150400.3.42.1
* libavresample4_0-4.4-150400.3.42.1
* libswresample3_9-4.4-150400.3.42.1
* ffmpeg-4-libavutil-devel-4.4-150400.3.42.1
* ffmpeg-4-libavresample-devel-4.4-150400.3.42.1
* libavfilter7_110-debuginfo-4.4-150400.3.42.1
* libpostproc55_9-4.4-150400.3.42.1
* ffmpeg-4-libavdevice-devel-4.4-150400.3.42.1
* libswresample3_9-debuginfo-4.4-150400.3.42.1
* libavresample4_0-debuginfo-4.4-150400.3.42.1
* openSUSE Leap 15.5 (x86_64)
* libavresample4_0-32bit-4.4-150400.3.42.1
* libswresample3_9-32bit-4.4-150400.3.42.1
* libavfilter7_110-32bit-debuginfo-4.4-150400.3.42.1
* libavformat58_76-32bit-4.4-150400.3.42.1
* libpostproc55_9-32bit-4.4-150400.3.42.1
* libswresample3_9-32bit-debuginfo-4.4-150400.3.42.1
* libpostproc55_9-32bit-debuginfo-4.4-150400.3.42.1
* libswscale5_9-32bit-4.4-150400.3.42.1
* libswscale5_9-32bit-debuginfo-4.4-150400.3.42.1
* libavresample4_0-32bit-debuginfo-4.4-150400.3.42.1
* libavutil56_70-32bit-debuginfo-4.4-150400.3.42.1
* libavformat58_76-32bit-debuginfo-4.4-150400.3.42.1
* libavutil56_70-32bit-4.4-150400.3.42.1
* libavdevice58_13-32bit-debuginfo-4.4-150400.3.42.1
* libavdevice58_13-32bit-4.4-150400.3.42.1
* libavfilter7_110-32bit-4.4-150400.3.42.1
* libavcodec58_134-32bit-debuginfo-4.4-150400.3.42.1
* libavcodec58_134-32bit-4.4-150400.3.42.1
* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64)
* libavformat58_76-4.4-150400.3.42.1
* ffmpeg-4-libswscale-devel-4.4-150400.3.42.1
* libavdevice58_13-4.4-150400.3.42.1
* libavutil56_70-debuginfo-4.4-150400.3.42.1
* libpostproc55_9-debuginfo-4.4-150400.3.42.1
* ffmpeg-4-private-devel-4.4-150400.3.42.1
* libavformat58_76-debuginfo-4.4-150400.3.42.1
* libavfilter7_110-4.4-150400.3.42.1
* ffmpeg-4-4.4-150400.3.42.1
* ffmpeg-4-debuginfo-4.4-150400.3.42.1
* libswscale5_9-4.4-150400.3.42.1
* libavcodec58_134-4.4-150400.3.42.1
* libswscale5_9-debuginfo-4.4-150400.3.42.1
* ffmpeg-4-debugsource-4.4-150400.3.42.1
* ffmpeg-4-libavfilter-devel-4.4-150400.3.42.1
* ffmpeg-4-libavcodec-devel-4.4-150400.3.42.1
* libavutil56_70-4.4-150400.3.42.1
* ffmpeg-4-libavformat-devel-4.4-150400.3.42.1
* libavdevice58_13-debuginfo-4.4-150400.3.42.1
* ffmpeg-4-libswresample-devel-4.4-150400.3.42.1
* ffmpeg-4-libpostproc-devel-4.4-150400.3.42.1
* libavcodec58_134-debuginfo-4.4-150400.3.42.1
* libavresample4_0-4.4-150400.3.42.1
* libswresample3_9-4.4-150400.3.42.1
* ffmpeg-4-libavutil-devel-4.4-150400.3.42.1
* ffmpeg-4-libavresample-devel-4.4-150400.3.42.1
* libavfilter7_110-debuginfo-4.4-150400.3.42.1
* libpostproc55_9-4.4-150400.3.42.1
* ffmpeg-4-libavdevice-devel-4.4-150400.3.42.1
* libswresample3_9-debuginfo-4.4-150400.3.42.1
* libavresample4_0-debuginfo-4.4-150400.3.42.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libavformat58_76-4.4-150400.3.42.1
* libavutil56_70-debuginfo-4.4-150400.3.42.1
* libpostproc55_9-debuginfo-4.4-150400.3.42.1
* libpostproc55_9-4.4-150400.3.42.1
* libavcodec58_134-4.4-150400.3.42.1
* libavformat58_76-debuginfo-4.4-150400.3.42.1
* libswresample3_9-debuginfo-4.4-150400.3.42.1
* libavcodec58_134-debuginfo-4.4-150400.3.42.1
* ffmpeg-4-debugsource-4.4-150400.3.42.1
* ffmpeg-4-debuginfo-4.4-150400.3.42.1
* libswresample3_9-4.4-150400.3.42.1
* libavutil56_70-4.4-150400.3.42.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libavformat58_76-4.4-150400.3.42.1
* libavutil56_70-debuginfo-4.4-150400.3.42.1
* libpostproc55_9-debuginfo-4.4-150400.3.42.1
* libpostproc55_9-4.4-150400.3.42.1
* libavcodec58_134-4.4-150400.3.42.1
* libavformat58_76-debuginfo-4.4-150400.3.42.1
* libswresample3_9-debuginfo-4.4-150400.3.42.1
* libavcodec58_134-debuginfo-4.4-150400.3.42.1
* ffmpeg-4-debugsource-4.4-150400.3.42.1
* ffmpeg-4-debuginfo-4.4-150400.3.42.1
* libswresample3_9-4.4-150400.3.42.1
* libavutil56_70-4.4-150400.3.42.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* libavformat58_76-4.4-150400.3.42.1
* libavutil56_70-debuginfo-4.4-150400.3.42.1
* libpostproc55_9-debuginfo-4.4-150400.3.42.1
* libpostproc55_9-4.4-150400.3.42.1
* libavcodec58_134-4.4-150400.3.42.1
* libavformat58_76-debuginfo-4.4-150400.3.42.1
* libswresample3_9-debuginfo-4.4-150400.3.42.1
* libswscale5_9-debuginfo-4.4-150400.3.42.1
* libavcodec58_134-debuginfo-4.4-150400.3.42.1
* ffmpeg-4-debugsource-4.4-150400.3.42.1
* ffmpeg-4-debuginfo-4.4-150400.3.42.1
* libswresample3_9-4.4-150400.3.42.1
* libavutil56_70-4.4-150400.3.42.1
* libswscale5_9-4.4-150400.3.42.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* libavformat58_76-4.4-150400.3.42.1
* libavutil56_70-debuginfo-4.4-150400.3.42.1
* libpostproc55_9-debuginfo-4.4-150400.3.42.1
* libpostproc55_9-4.4-150400.3.42.1
* libavcodec58_134-4.4-150400.3.42.1
* libavformat58_76-debuginfo-4.4-150400.3.42.1
* libswresample3_9-debuginfo-4.4-150400.3.42.1
* libavcodec58_134-debuginfo-4.4-150400.3.42.1
* ffmpeg-4-debugsource-4.4-150400.3.42.1
* ffmpeg-4-debuginfo-4.4-150400.3.42.1
* libswresample3_9-4.4-150400.3.42.1
* libavutil56_70-4.4-150400.3.42.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libavformat58_76-4.4-150400.3.42.1
* libavutil56_70-debuginfo-4.4-150400.3.42.1
* libpostproc55_9-debuginfo-4.4-150400.3.42.1
* libpostproc55_9-4.4-150400.3.42.1
* libavcodec58_134-4.4-150400.3.42.1
* libavformat58_76-debuginfo-4.4-150400.3.42.1
* libswresample3_9-debuginfo-4.4-150400.3.42.1
* libavcodec58_134-debuginfo-4.4-150400.3.42.1
* ffmpeg-4-debugsource-4.4-150400.3.42.1
* ffmpeg-4-debuginfo-4.4-150400.3.42.1
* libswresample3_9-4.4-150400.3.42.1
* libavutil56_70-4.4-150400.3.42.1
* SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64)
* libavformat58_76-4.4-150400.3.42.1
* libavutil56_70-debuginfo-4.4-150400.3.42.1
* libavcodec58_134-4.4-150400.3.42.1
* libavformat58_76-debuginfo-4.4-150400.3.42.1
* libswresample3_9-debuginfo-4.4-150400.3.42.1
* libswscale5_9-debuginfo-4.4-150400.3.42.1
* libavcodec58_134-debuginfo-4.4-150400.3.42.1
* ffmpeg-4-debugsource-4.4-150400.3.42.1
* ffmpeg-4-debuginfo-4.4-150400.3.42.1
* libswresample3_9-4.4-150400.3.42.1
* libavutil56_70-4.4-150400.3.42.1
* libswscale5_9-4.4-150400.3.42.1

## References:

* https://www.suse.com/security/cve/CVE-2023-22656.html
* https://www.suse.com/security/cve/CVE-2023-45221.html
* https://www.suse.com/security/cve/CVE-2023-47169.html
* https://www.suse.com/security/cve/CVE-2023-47282.html
* https://www.suse.com/security/cve/CVE-2023-48368.html
* https://www.suse.com/security/cve/CVE-2024-7055.html
* https://bugzilla.suse.com/show_bug.cgi?id=1226892
* https://bugzilla.suse.com/show_bug.cgi?id=1226897
* https://bugzilla.suse.com/show_bug.cgi?id=1226898
* https://bugzilla.suse.com/show_bug.cgi?id=1226899
* https://bugzilla.suse.com/show_bug.cgi?id=1226900
* https://bugzilla.suse.com/show_bug.cgi?id=1226901
* https://bugzilla.suse.com/show_bug.cgi?id=1229026
* https://jira.suse.com/browse/PED-10024