SUSE 5185 Published by

The following security updates have been released for openSUSE Leap and SUSE Linux Enterprise:

openSUSE-SU-2024:0137-1: important: Security update for chromium
SUSE-SU-2024:1762-1: important: Security update for perl
SUSE-SU-2024:1698-1: moderate: Security update for python310
SUSE-SU-2024:1704-1: low: Security update for cairo
SUSE-SU-2024:1673-1: critical: Security update for python-Pillow
SUSE-SU-2024:1659-1: important: Security update for the Linux Kernel
SUSE-SU-2024:1639-1: important: Security update for python-arcomplete, python-Fabric, python-PyGithub, python-antlr4-python3-runtime, python-avro, python-chardet, python-distro, python-d ...
SUSE-SU-2024:1641-1: important: Security update for the Linux Kernel
SUSE-SU-2024:1642-1: important: Security update for the Linux Kernel
SUSE-SU-2024:1644-1: important: Security update for the Linux Kernel
SUSE-SU-2024:1647-1: important: Security update for the Linux Kernel
SUSE-SU-2024:1634-1: moderate: Security update for openssl-3
SUSE-SU-2024:1635-1: moderate: Security update for tpm2-0-tss
SUSE-SU-2024:1636-1: moderate: Security update for tpm2.0-tools
SUSE-SU-2024:1624-1: important: Security update for python-Werkzeug



openSUSE-SU-2024:0137-1: important: Security update for chromium


openSUSE Security Update: Security update for chromium
_______________________________

Announcement ID: openSUSE-SU-2024:0137-1
Rating: important
References: #1224818
Cross-References: CVE-2024-5157 CVE-2024-5158 CVE-2024-5159
CVE-2024-5160
Affected Products:
openSUSE Backports SLE-15-SP5
_______________________________

An update that fixes four vulnerabilities is now available.

Description:

This update for chromium fixes the following issues:

- Chromium 125.0.6422.76 (boo#1224818)
* CVE-2024-5157: Use after free in Scheduling
* CVE-2024-5158: Type Confusion in V8
* CVE-2024-5159: Heap buffer overflow in ANGLE
* CVE-2024-5160: Heap buffer overflow in Dawn
* Various fixes from internal audits, fuzzing and other initiatives

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP5:

zypper in -t patch openSUSE-2024-137=1

Package List:

- openSUSE Backports SLE-15-SP5 (aarch64 x86_64):

chromedriver-125.0.6422.76-bp155.2.85.2
chromium-125.0.6422.76-bp155.2.85.2

References:

https://www.suse.com/security/cve/CVE-2024-5157.html
https://www.suse.com/security/cve/CVE-2024-5158.html
https://www.suse.com/security/cve/CVE-2024-5159.html
https://www.suse.com/security/cve/CVE-2024-5160.html
https://bugzilla.suse.com/1224818



SUSE-SU-2024:1762-1: important: Security update for perl


# Security update for perl

Announcement ID: SUSE-SU-2024:1762-1
Rating: important
References:

* bsc#1082216
* bsc#1082233
* bsc#1213638

Cross-References:

* CVE-2018-6798
* CVE-2018-6913

CVSS scores:

* CVE-2018-6798 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2018-6913 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2018-6913 ( NVD ): 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* Basesystem Module 15-SP5
* Basesystem Module 15-SP6
* Development Tools Module 15-SP5
* Development Tools Module 15-SP6
* openSUSE Leap 15.3
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
* SUSE Package Hub 15 15-SP5
* SUSE Package Hub 15 15-SP6

An update that solves two vulnerabilities and has one security fix can now be
installed.

## Description:

This update for perl fixes the following issues:

Security issues fixed:

* CVE-2018-6913: Fixed space calculation issues in pp_pack.c (bsc#1082216)
* CVE-2018-6798: Fixed heap buffer overflow in regexec.c (bsc#1082233)

Non-security issue fixed:

* make Net::FTP work with TLS 1.3 (bsc#1213638)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1762=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1762=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1762=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-1762=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1762=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-1762=1

* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1762=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1762=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1762=1

* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-1762=1

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1762=1

* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1762=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1762=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1762=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1762=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1762=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1762=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1762=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-1762=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1762=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-1762=1

* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1762=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-1762=1

* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1762=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1762=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1762=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1762=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1762=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1762=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1762=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1762=1

## Package List:

* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* perl-5.26.1-150300.17.17.1
* perl-core-DB_File-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* perl-doc-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
* perl-base-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-base-32bit-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* perl-5.26.1-150300.17.17.1
* perl-core-DB_File-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* perl-doc-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* perl-base-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-base-32bit-5.26.1-150300.17.17.1
* SUSE Manager Proxy 4.3 (x86_64)
* perl-5.26.1-150300.17.17.1
* perl-core-DB_File-5.26.1-150300.17.17.1
* perl-base-32bit-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-base-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* perl-5.26.1-150300.17.17.1
* perl-core-DB_File-5.26.1-150300.17.17.1
* perl-base-32bit-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-base-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* perl-5.26.1-150300.17.17.1
* perl-core-DB_File-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* SUSE Manager Server 4.3 (x86_64)
* perl-base-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-base-32bit-5.26.1-150300.17.17.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* perl-5.26.1-150300.17.17.1
* perl-core-DB_File-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* SUSE Enterprise Storage 7.1 (noarch)
* perl-doc-5.26.1-150300.17.17.1
* SUSE Enterprise Storage 7.1 (x86_64)
* perl-base-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-base-32bit-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
* perl-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* perl-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* perl-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* openSUSE Leap 15.3 (x86_64)
* perl-base-32bit-5.26.1-150300.17.17.1
* perl-core-DB_File-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-32bit-5.26.1-150300.17.17.1
* perl-32bit-5.26.1-150300.17.17.1
* perl-base-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-32bit-debuginfo-5.26.1-150300.17.17.1
* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* perl-5.26.1-150300.17.17.1
* perl-core-DB_File-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* openSUSE Leap 15.3 (noarch)
* perl-doc-5.26.1-150300.17.17.1
* openSUSE Leap 15.3 (aarch64_ilp32)
* perl-core-DB_File-64bit-debuginfo-5.26.1-150300.17.17.1
* perl-base-64bit-debuginfo-5.26.1-150300.17.17.1
* perl-64bit-5.26.1-150300.17.17.1
* perl-64bit-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-64bit-5.26.1-150300.17.17.1
* perl-base-64bit-5.26.1-150300.17.17.1
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* perl-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* perl-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* openSUSE Leap 15.5 (x86_64)
* perl-base-32bit-5.26.1-150300.17.17.1
* perl-core-DB_File-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-32bit-5.26.1-150300.17.17.1
* perl-32bit-5.26.1-150300.17.17.1
* perl-base-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-32bit-debuginfo-5.26.1-150300.17.17.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* perl-5.26.1-150300.17.17.1
* perl-core-DB_File-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* openSUSE Leap 15.5 (noarch)
* perl-doc-5.26.1-150300.17.17.1
* openSUSE Leap 15.6 (x86_64)
* perl-base-32bit-5.26.1-150300.17.17.1
* perl-core-DB_File-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-32bit-5.26.1-150300.17.17.1
* perl-32bit-5.26.1-150300.17.17.1
* perl-base-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-32bit-debuginfo-5.26.1-150300.17.17.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* perl-5.26.1-150300.17.17.1
* perl-core-DB_File-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* openSUSE Leap 15.6 (noarch)
* perl-doc-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* perl-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* perl-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* perl-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* perl-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
* perl-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* perl-5.26.1-150300.17.17.1
* perl-core-DB_File-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* Basesystem Module 15-SP5 (x86_64)
* perl-base-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-base-32bit-5.26.1-150300.17.17.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* perl-5.26.1-150300.17.17.1
* perl-core-DB_File-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* Basesystem Module 15-SP6 (x86_64)
* perl-base-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-base-32bit-5.26.1-150300.17.17.1
* Development Tools Module 15-SP5 (noarch)
* perl-doc-5.26.1-150300.17.17.1
* Development Tools Module 15-SP6 (noarch)
* perl-doc-5.26.1-150300.17.17.1
* SUSE Package Hub 15 15-SP5 (x86_64)
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-32bit-5.26.1-150300.17.17.1
* perl-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* SUSE Package Hub 15 15-SP6 (x86_64)
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-32bit-5.26.1-150300.17.17.1
* perl-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* perl-5.26.1-150300.17.17.1
* perl-core-DB_File-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* perl-doc-5.26.1-150300.17.17.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
* perl-base-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-base-32bit-5.26.1-150300.17.17.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* perl-5.26.1-150300.17.17.1
* perl-core-DB_File-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* perl-doc-5.26.1-150300.17.17.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* perl-base-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-base-32bit-5.26.1-150300.17.17.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* perl-5.26.1-150300.17.17.1
* perl-core-DB_File-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* perl-doc-5.26.1-150300.17.17.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* perl-base-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-base-32bit-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* perl-5.26.1-150300.17.17.1
* perl-core-DB_File-5.26.1-150300.17.17.1
* perl-base-32bit-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-base-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch)
* perl-doc-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* perl-5.26.1-150300.17.17.1
* perl-core-DB_File-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch)
* perl-doc-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64)
* perl-base-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-base-32bit-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* perl-5.26.1-150300.17.17.1
* perl-core-DB_File-5.26.1-150300.17.17.1
* perl-base-debuginfo-5.26.1-150300.17.17.1
* perl-debuginfo-5.26.1-150300.17.17.1
* perl-core-DB_File-debuginfo-5.26.1-150300.17.17.1
* perl-base-5.26.1-150300.17.17.1
* perl-debugsource-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* perl-doc-5.26.1-150300.17.17.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64)
* perl-base-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-32bit-debuginfo-5.26.1-150300.17.17.1
* perl-base-32bit-5.26.1-150300.17.17.1

## References:

* https://www.suse.com/security/cve/CVE-2018-6798.html
* https://www.suse.com/security/cve/CVE-2018-6913.html
* https://bugzilla.suse.com/show_bug.cgi?id=1082216
* https://bugzilla.suse.com/show_bug.cgi?id=1082233
* https://bugzilla.suse.com/show_bug.cgi?id=1213638



SUSE-SU-2024:1698-1: moderate: Security update for python310


# Security update for python310

Announcement ID: SUSE-SU-2024:1698-1
Rating: moderate
References:

* bsc#1219559

Cross-References:

* CVE-2023-52425

CVSS scores:

* CVE-2023-52425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52425 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap 15.6

An update that solves one vulnerability can now be installed.

## Description:

This update for python310 fixes the following issues:

* CVE-2023-52425: Fixed using the system libexpat (bsc#1219559).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1698=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1698=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1698=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* python310-doc-3.10.14-150400.4.48.1
* python310-base-3.10.14-150400.4.48.1
* libpython3_10-1_0-3.10.14-150400.4.48.1
* python310-3.10.14-150400.4.48.1
* python310-testsuite-3.10.14-150400.4.48.1
* python310-curses-3.10.14-150400.4.48.1
* python310-tk-3.10.14-150400.4.48.1
* python310-doc-devhelp-3.10.14-150400.4.48.1
* python310-idle-3.10.14-150400.4.48.1
* python310-debuginfo-3.10.14-150400.4.48.1
* python310-curses-debuginfo-3.10.14-150400.4.48.1
* python310-dbm-debuginfo-3.10.14-150400.4.48.1
* python310-debugsource-3.10.14-150400.4.48.1
* python310-devel-3.10.14-150400.4.48.1
* python310-base-debuginfo-3.10.14-150400.4.48.1
* python310-testsuite-debuginfo-3.10.14-150400.4.48.1
* python310-tools-3.10.14-150400.4.48.1
* python310-tk-debuginfo-3.10.14-150400.4.48.1
* python310-core-debugsource-3.10.14-150400.4.48.1
* python310-dbm-3.10.14-150400.4.48.1
* libpython3_10-1_0-debuginfo-3.10.14-150400.4.48.1
* openSUSE Leap 15.4 (x86_64)
* libpython3_10-1_0-32bit-3.10.14-150400.4.48.1
* python310-32bit-3.10.14-150400.4.48.1
* python310-base-32bit-debuginfo-3.10.14-150400.4.48.1
* python310-32bit-debuginfo-3.10.14-150400.4.48.1
* python310-base-32bit-3.10.14-150400.4.48.1
* libpython3_10-1_0-32bit-debuginfo-3.10.14-150400.4.48.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libpython3_10-1_0-64bit-3.10.14-150400.4.48.1
* libpython3_10-1_0-64bit-debuginfo-3.10.14-150400.4.48.1
* python310-64bit-debuginfo-3.10.14-150400.4.48.1
* python310-base-64bit-3.10.14-150400.4.48.1
* python310-base-64bit-debuginfo-3.10.14-150400.4.48.1
* python310-64bit-3.10.14-150400.4.48.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python310-doc-3.10.14-150400.4.48.1
* python310-base-3.10.14-150400.4.48.1
* libpython3_10-1_0-3.10.14-150400.4.48.1
* python310-3.10.14-150400.4.48.1
* python310-testsuite-3.10.14-150400.4.48.1
* python310-curses-3.10.14-150400.4.48.1
* python310-tk-3.10.14-150400.4.48.1
* python310-doc-devhelp-3.10.14-150400.4.48.1
* python310-idle-3.10.14-150400.4.48.1
* python310-debuginfo-3.10.14-150400.4.48.1
* python310-curses-debuginfo-3.10.14-150400.4.48.1
* python310-dbm-debuginfo-3.10.14-150400.4.48.1
* python310-debugsource-3.10.14-150400.4.48.1
* python310-devel-3.10.14-150400.4.48.1
* python310-base-debuginfo-3.10.14-150400.4.48.1
* python310-testsuite-debuginfo-3.10.14-150400.4.48.1
* python310-tools-3.10.14-150400.4.48.1
* python310-tk-debuginfo-3.10.14-150400.4.48.1
* python310-core-debugsource-3.10.14-150400.4.48.1
* python310-dbm-3.10.14-150400.4.48.1
* libpython3_10-1_0-debuginfo-3.10.14-150400.4.48.1
* openSUSE Leap 15.5 (x86_64)
* python310-32bit-3.10.14-150400.4.48.1
* libpython3_10-1_0-32bit-3.10.14-150400.4.48.1
* python310-base-32bit-debuginfo-3.10.14-150400.4.48.1
* python310-32bit-debuginfo-3.10.14-150400.4.48.1
* python310-base-32bit-3.10.14-150400.4.48.1
* libpython3_10-1_0-32bit-debuginfo-3.10.14-150400.4.48.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* python310-doc-3.10.14-150400.4.48.1
* python310-base-3.10.14-150400.4.48.1
* libpython3_10-1_0-3.10.14-150400.4.48.1
* python310-3.10.14-150400.4.48.1
* python310-testsuite-3.10.14-150400.4.48.1
* python310-curses-3.10.14-150400.4.48.1
* python310-tk-3.10.14-150400.4.48.1
* python310-doc-devhelp-3.10.14-150400.4.48.1
* python310-idle-3.10.14-150400.4.48.1
* python310-debuginfo-3.10.14-150400.4.48.1
* python310-curses-debuginfo-3.10.14-150400.4.48.1
* python310-dbm-debuginfo-3.10.14-150400.4.48.1
* python310-debugsource-3.10.14-150400.4.48.1
* python310-devel-3.10.14-150400.4.48.1
* python310-base-debuginfo-3.10.14-150400.4.48.1
* python310-testsuite-debuginfo-3.10.14-150400.4.48.1
* python310-tools-3.10.14-150400.4.48.1
* python310-tk-debuginfo-3.10.14-150400.4.48.1
* python310-core-debugsource-3.10.14-150400.4.48.1
* python310-dbm-3.10.14-150400.4.48.1
* libpython3_10-1_0-debuginfo-3.10.14-150400.4.48.1
* openSUSE Leap 15.6 (x86_64)
* python310-32bit-3.10.14-150400.4.48.1
* libpython3_10-1_0-32bit-3.10.14-150400.4.48.1
* python310-base-32bit-debuginfo-3.10.14-150400.4.48.1
* python310-32bit-debuginfo-3.10.14-150400.4.48.1
* python310-base-32bit-3.10.14-150400.4.48.1
* libpython3_10-1_0-32bit-debuginfo-3.10.14-150400.4.48.1

## References:

* https://www.suse.com/security/cve/CVE-2023-52425.html
* https://bugzilla.suse.com/show_bug.cgi?id=1219559



SUSE-SU-2024:1704-1: low: Security update for cairo


# Security update for cairo

Announcement ID: SUSE-SU-2024:1704-1
Rating: low
References:

* bsc#1122321

Cross-References:

* CVE-2019-6462

CVSS scores:

* CVE-2019-6462 ( SUSE ): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2019-6462 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2019-6462 ( NVD ): 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP5
* Desktop Applications Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves one vulnerability can now be installed.

## Description:

This update for cairo fixes the following issues:

* CVE-2019-6462: Fixed a potentially infinite loop (bsc#1122321).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1704=1

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1704=1

* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1704=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1704=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1704=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1704=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1704=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1704=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-1704=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1704=1

* Desktop Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-1704=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libcairo-script-interpreter2-debuginfo-1.16.0-150400.11.3.1
* cairo-devel-1.16.0-150400.11.3.1
* libcairo2-debuginfo-1.16.0-150400.11.3.1
* cairo-debugsource-1.16.0-150400.11.3.1
* libcairo2-1.16.0-150400.11.3.1
* libcairo-gobject2-1.16.0-150400.11.3.1
* libcairo-script-interpreter2-1.16.0-150400.11.3.1
* cairo-tools-1.16.0-150400.11.3.1
* libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1
* cairo-tools-debuginfo-1.16.0-150400.11.3.1
* openSUSE Leap 15.4 (x86_64)
* libcairo-gobject2-32bit-debuginfo-1.16.0-150400.11.3.1
* libcairo2-32bit-debuginfo-1.16.0-150400.11.3.1
* libcairo-script-interpreter2-32bit-1.16.0-150400.11.3.1
* libcairo-gobject2-32bit-1.16.0-150400.11.3.1
* libcairo2-32bit-1.16.0-150400.11.3.1
* cairo-devel-32bit-1.16.0-150400.11.3.1
* libcairo-script-interpreter2-32bit-debuginfo-1.16.0-150400.11.3.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libcairo-gobject2-64bit-debuginfo-1.16.0-150400.11.3.1
* libcairo-gobject2-64bit-1.16.0-150400.11.3.1
* libcairo2-64bit-1.16.0-150400.11.3.1
* libcairo2-64bit-debuginfo-1.16.0-150400.11.3.1
* libcairo-script-interpreter2-64bit-debuginfo-1.16.0-150400.11.3.1
* libcairo-script-interpreter2-64bit-1.16.0-150400.11.3.1
* cairo-devel-64bit-1.16.0-150400.11.3.1
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* libcairo2-debuginfo-1.16.0-150400.11.3.1
* libcairo2-1.16.0-150400.11.3.1
* libcairo-gobject2-1.16.0-150400.11.3.1
* libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1
* cairo-debugsource-1.16.0-150400.11.3.1
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* libcairo2-debuginfo-1.16.0-150400.11.3.1
* libcairo2-1.16.0-150400.11.3.1
* libcairo-gobject2-1.16.0-150400.11.3.1
* libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1
* cairo-debugsource-1.16.0-150400.11.3.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* libcairo-script-interpreter2-debuginfo-1.16.0-150400.11.3.1
* cairo-devel-1.16.0-150400.11.3.1
* libcairo2-debuginfo-1.16.0-150400.11.3.1
* cairo-debugsource-1.16.0-150400.11.3.1
* libcairo2-1.16.0-150400.11.3.1
* libcairo-gobject2-1.16.0-150400.11.3.1
* libcairo-script-interpreter2-1.16.0-150400.11.3.1
* cairo-tools-1.16.0-150400.11.3.1
* libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1
* cairo-tools-debuginfo-1.16.0-150400.11.3.1
* openSUSE Leap 15.5 (x86_64)
* libcairo-gobject2-32bit-debuginfo-1.16.0-150400.11.3.1
* libcairo2-32bit-debuginfo-1.16.0-150400.11.3.1
* libcairo-script-interpreter2-32bit-1.16.0-150400.11.3.1
* libcairo-gobject2-32bit-1.16.0-150400.11.3.1
* libcairo2-32bit-1.16.0-150400.11.3.1
* cairo-devel-32bit-1.16.0-150400.11.3.1
* libcairo-script-interpreter2-32bit-debuginfo-1.16.0-150400.11.3.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libcairo2-debuginfo-1.16.0-150400.11.3.1
* libcairo2-1.16.0-150400.11.3.1
* libcairo-gobject2-1.16.0-150400.11.3.1
* libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1
* cairo-debugsource-1.16.0-150400.11.3.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libcairo2-debuginfo-1.16.0-150400.11.3.1
* libcairo2-1.16.0-150400.11.3.1
* libcairo-gobject2-1.16.0-150400.11.3.1
* libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1
* cairo-debugsource-1.16.0-150400.11.3.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libcairo2-debuginfo-1.16.0-150400.11.3.1
* libcairo2-1.16.0-150400.11.3.1
* libcairo-gobject2-1.16.0-150400.11.3.1
* libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1
* cairo-debugsource-1.16.0-150400.11.3.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libcairo2-debuginfo-1.16.0-150400.11.3.1
* libcairo2-1.16.0-150400.11.3.1
* libcairo-gobject2-1.16.0-150400.11.3.1
* libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1
* cairo-debugsource-1.16.0-150400.11.3.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
* libcairo2-debuginfo-1.16.0-150400.11.3.1
* libcairo2-1.16.0-150400.11.3.1
* libcairo-gobject2-1.16.0-150400.11.3.1
* libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1
* cairo-debugsource-1.16.0-150400.11.3.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libcairo-script-interpreter2-debuginfo-1.16.0-150400.11.3.1
* cairo-devel-1.16.0-150400.11.3.1
* libcairo2-debuginfo-1.16.0-150400.11.3.1
* libcairo2-1.16.0-150400.11.3.1
* libcairo-gobject2-1.16.0-150400.11.3.1
* libcairo-script-interpreter2-1.16.0-150400.11.3.1
* libcairo-gobject2-debuginfo-1.16.0-150400.11.3.1
* cairo-debugsource-1.16.0-150400.11.3.1
* Desktop Applications Module 15-SP5 (x86_64)
* libcairo2-32bit-1.16.0-150400.11.3.1
* libcairo2-32bit-debuginfo-1.16.0-150400.11.3.1

## References:

* https://www.suse.com/security/cve/CVE-2019-6462.html
* https://bugzilla.suse.com/show_bug.cgi?id=1122321



SUSE-SU-2024:1673-1: critical: Security update for python-Pillow


# Security update for python-Pillow

Announcement ID: SUSE-SU-2024:1673-1
Rating: critical
References:

* bsc#1180833
* bsc#1183101
* bsc#1183102
* bsc#1183103
* bsc#1183105
* bsc#1183107
* bsc#1183108
* bsc#1183110
* bsc#1188574
* bsc#1190229
* bsc#1194551
* bsc#1194552

Cross-References:

* CVE-2020-35654
* CVE-2021-23437
* CVE-2021-25289
* CVE-2021-25290
* CVE-2021-25292
* CVE-2021-25293
* CVE-2021-27921
* CVE-2021-27922
* CVE-2021-27923
* CVE-2021-34552
* CVE-2022-22815
* CVE-2022-22816

CVSS scores:

* CVE-2020-35654 ( SUSE ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2020-35654 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2021-23437 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-23437 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-25289 ( SUSE ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-25289 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2021-25290 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-25290 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-25292 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-25292 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2021-25293 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-25293 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-27921 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-27921 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-27922 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-27922 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-27923 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-27923 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-34552 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-34552 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-22815 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
* CVE-2022-22815 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
* CVE-2022-22816 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
* CVE-2022-22816 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Affected Products:

* openSUSE Leap 15.3
* openSUSE Leap 15.5

An update that solves 12 vulnerabilities can now be installed.

## Description:

This update for python-Pillow fixes the following issues:

* Fixed ImagePath.Path array handling (bsc#1194552, CVE-2022-22815,
bsc#1194551, CVE-2022-22816)
* Use snprintf instead of sprintf (bsc#1188574, CVE-2021-34552)
* Fix Memory DOS in Icns, Ico and Blp Image Plugins. (bsc#1183110,
CVE-2021-27921, bsc#1183108, CVE-2021-27922, bsc#1183107, CVE-2021-27923)
* Fix OOB read in SgiRleDecode.c (bsc#1183102, CVE-2021-25293)
* Use more specific regex chars to prevent ReDoS (bsc#1183101, CVE-2021-25292)
* Fix negative size read in TiffDecode.c (bsc#1183105, CVE-2021-25290)
* Raise ValueError if color specifier is too long (bsc#1190229,
CVE-2021-23437)
* Incorrect error code checking in TiffDecode.c (bsc#1183103, CVE-2021-25289)
* OOB Write in TiffDecode.c (bsc#1180833, CVE-2020-35654)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-1673=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1673=1

## Package List:

* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* python-Pillow-debugsource-7.2.0-150300.3.15.1
* python3-Pillow-tk-7.2.0-150300.3.15.1
* python-Pillow-debuginfo-7.2.0-150300.3.15.1
* python3-Pillow-7.2.0-150300.3.15.1
* python3-Pillow-debuginfo-7.2.0-150300.3.15.1
* python3-Pillow-tk-debuginfo-7.2.0-150300.3.15.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python-Pillow-debugsource-7.2.0-150300.3.15.1
* python3-Pillow-tk-7.2.0-150300.3.15.1
* python-Pillow-debuginfo-7.2.0-150300.3.15.1
* python3-Pillow-7.2.0-150300.3.15.1
* python3-Pillow-debuginfo-7.2.0-150300.3.15.1
* python3-Pillow-tk-debuginfo-7.2.0-150300.3.15.1

## References:

* https://www.suse.com/security/cve/CVE-2020-35654.html
* https://www.suse.com/security/cve/CVE-2021-23437.html
* https://www.suse.com/security/cve/CVE-2021-25289.html
* https://www.suse.com/security/cve/CVE-2021-25290.html
* https://www.suse.com/security/cve/CVE-2021-25292.html
* https://www.suse.com/security/cve/CVE-2021-25293.html
* https://www.suse.com/security/cve/CVE-2021-27921.html
* https://www.suse.com/security/cve/CVE-2021-27922.html
* https://www.suse.com/security/cve/CVE-2021-27923.html
* https://www.suse.com/security/cve/CVE-2021-34552.html
* https://www.suse.com/security/cve/CVE-2022-22815.html
* https://www.suse.com/security/cve/CVE-2022-22816.html
* https://bugzilla.suse.com/show_bug.cgi?id=1180833
* https://bugzilla.suse.com/show_bug.cgi?id=1183101
* https://bugzilla.suse.com/show_bug.cgi?id=1183102
* https://bugzilla.suse.com/show_bug.cgi?id=1183103
* https://bugzilla.suse.com/show_bug.cgi?id=1183105
* https://bugzilla.suse.com/show_bug.cgi?id=1183107
* https://bugzilla.suse.com/show_bug.cgi?id=1183108
* https://bugzilla.suse.com/show_bug.cgi?id=1183110
* https://bugzilla.suse.com/show_bug.cgi?id=1188574
* https://bugzilla.suse.com/show_bug.cgi?id=1190229
* https://bugzilla.suse.com/show_bug.cgi?id=1194551
* https://bugzilla.suse.com/show_bug.cgi?id=1194552



SUSE-SU-2024:1659-1: important: Security update for the Linux Kernel


# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:1659-1
Rating: important
References:

* bsc#1177529
* bsc#1192145
* bsc#1211592
* bsc#1217408
* bsc#1218562
* bsc#1218917
* bsc#1219104
* bsc#1219126
* bsc#1219169
* bsc#1219170
* bsc#1219264
* bsc#1220342
* bsc#1220569
* bsc#1220761
* bsc#1220901
* bsc#1220915
* bsc#1220935
* bsc#1221042
* bsc#1221044
* bsc#1221080
* bsc#1221084
* bsc#1221088
* bsc#1221162
* bsc#1221299
* bsc#1221612
* bsc#1221617
* bsc#1221645
* bsc#1221791
* bsc#1221825
* bsc#1222011
* bsc#1222051
* bsc#1222247
* bsc#1222266
* bsc#1222294
* bsc#1222307
* bsc#1222357
* bsc#1222368
* bsc#1222379
* bsc#1222416
* bsc#1222422
* bsc#1222424
* bsc#1222427
* bsc#1222428
* bsc#1222430
* bsc#1222431
* bsc#1222435
* bsc#1222437
* bsc#1222445
* bsc#1222449
* bsc#1222482
* bsc#1222503
* bsc#1222520
* bsc#1222536
* bsc#1222549
* bsc#1222550
* bsc#1222557
* bsc#1222559
* bsc#1222585
* bsc#1222586
* bsc#1222596
* bsc#1222609
* bsc#1222610
* bsc#1222613
* bsc#1222615
* bsc#1222618
* bsc#1222624
* bsc#1222630
* bsc#1222632
* bsc#1222660
* bsc#1222662
* bsc#1222664
* bsc#1222666
* bsc#1222669
* bsc#1222671
* bsc#1222677
* bsc#1222678
* bsc#1222680
* bsc#1222703
* bsc#1222704
* bsc#1222706
* bsc#1222709
* bsc#1222710
* bsc#1222720
* bsc#1222721
* bsc#1222724
* bsc#1222726
* bsc#1222727
* bsc#1222764
* bsc#1222772
* bsc#1222773
* bsc#1222776
* bsc#1222781
* bsc#1222784
* bsc#1222785
* bsc#1222787
* bsc#1222790
* bsc#1222791
* bsc#1222792
* bsc#1222796
* bsc#1222798
* bsc#1222801
* bsc#1222812
* bsc#1222824
* bsc#1222829
* bsc#1222832
* bsc#1222836
* bsc#1222838
* bsc#1222866
* bsc#1222867
* bsc#1222869
* bsc#1222876
* bsc#1222878
* bsc#1222879
* bsc#1222881
* bsc#1222883
* bsc#1222888
* bsc#1222894
* bsc#1222901
* bsc#1222968
* bsc#1223012
* bsc#1223014
* bsc#1223016
* bsc#1223024
* bsc#1223030
* bsc#1223033
* bsc#1223034
* bsc#1223035
* bsc#1223036
* bsc#1223037
* bsc#1223041
* bsc#1223042
* bsc#1223051
* bsc#1223052
* bsc#1223056
* bsc#1223057
* bsc#1223058
* bsc#1223060
* bsc#1223061
* bsc#1223065
* bsc#1223066
* bsc#1223067
* bsc#1223068
* bsc#1223076
* bsc#1223078
* bsc#1223111
* bsc#1223115
* bsc#1223118
* bsc#1223187
* bsc#1223189
* bsc#1223190
* bsc#1223191
* bsc#1223196
* bsc#1223197
* bsc#1223198
* bsc#1223275
* bsc#1223323
* bsc#1223369
* bsc#1223380
* bsc#1223473
* bsc#1223474
* bsc#1223475
* bsc#1223477
* bsc#1223478
* bsc#1223479
* bsc#1223481
* bsc#1223482
* bsc#1223484
* bsc#1223487
* bsc#1223490
* bsc#1223496
* bsc#1223498
* bsc#1223499
* bsc#1223501
* bsc#1223502
* bsc#1223503
* bsc#1223505
* bsc#1223509
* bsc#1223511
* bsc#1223512
* bsc#1223513
* bsc#1223516
* bsc#1223517
* bsc#1223518
* bsc#1223519
* bsc#1223520
* bsc#1223522
* bsc#1223523
* bsc#1223525
* bsc#1223539
* bsc#1223574
* bsc#1223595
* bsc#1223598
* bsc#1223634
* bsc#1223643
* bsc#1223644
* bsc#1223645
* bsc#1223646
* bsc#1223648
* bsc#1223655
* bsc#1223657
* bsc#1223660
* bsc#1223661
* bsc#1223663
* bsc#1223664
* bsc#1223668
* bsc#1223686
* bsc#1223693
* bsc#1223705
* bsc#1223714
* bsc#1223735
* bsc#1223745
* bsc#1223784
* bsc#1223785
* bsc#1223790
* bsc#1223816
* bsc#1223821
* bsc#1223822
* bsc#1223824
* bsc#1223827
* bsc#1223834
* bsc#1223875
* bsc#1223876
* bsc#1223877
* bsc#1223878
* bsc#1223879
* bsc#1223894
* bsc#1223921
* bsc#1223922
* bsc#1223923
* bsc#1223924
* bsc#1223929
* bsc#1223931
* bsc#1223932
* bsc#1223934
* bsc#1223941
* bsc#1223948
* bsc#1223949
* bsc#1223950
* bsc#1223951
* bsc#1223952
* bsc#1223953
* bsc#1223956
* bsc#1223957
* bsc#1223960
* bsc#1223962
* bsc#1223963
* bsc#1223964
* jsc#PED-7167
* jsc#PED-7619

Cross-References:

* CVE-2021-47047
* CVE-2021-47181
* CVE-2021-47182
* CVE-2021-47183
* CVE-2021-47184
* CVE-2021-47185
* CVE-2021-47187
* CVE-2021-47188
* CVE-2021-47189
* CVE-2021-47191
* CVE-2021-47192
* CVE-2021-47193
* CVE-2021-47194
* CVE-2021-47195
* CVE-2021-47196
* CVE-2021-47197
* CVE-2021-47198
* CVE-2021-47199
* CVE-2021-47200
* CVE-2021-47201
* CVE-2021-47202
* CVE-2021-47203
* CVE-2021-47204
* CVE-2021-47205
* CVE-2021-47206
* CVE-2021-47207
* CVE-2021-47209
* CVE-2021-47210
* CVE-2021-47211
* CVE-2021-47212
* CVE-2021-47214
* CVE-2021-47215
* CVE-2021-47216
* CVE-2021-47217
* CVE-2021-47218
* CVE-2021-47219
* CVE-2022-48631
* CVE-2022-48632
* CVE-2022-48634
* CVE-2022-48636
* CVE-2022-48637
* CVE-2022-48638
* CVE-2022-48639
* CVE-2022-48640
* CVE-2022-48642
* CVE-2022-48644
* CVE-2022-48646
* CVE-2022-48647
* CVE-2022-48648
* CVE-2022-48650
* CVE-2022-48651
* CVE-2022-48652
* CVE-2022-48653
* CVE-2022-48654
* CVE-2022-48655
* CVE-2022-48656
* CVE-2022-48657
* CVE-2022-48658
* CVE-2022-48659
* CVE-2022-48660
* CVE-2022-48662
* CVE-2022-48663
* CVE-2022-48667
* CVE-2022-48668
* CVE-2022-48671
* CVE-2022-48672
* CVE-2022-48673
* CVE-2022-48675
* CVE-2022-48686
* CVE-2022-48687
* CVE-2022-48688
* CVE-2022-48690
* CVE-2022-48692
* CVE-2022-48693
* CVE-2022-48694
* CVE-2022-48695
* CVE-2022-48697
* CVE-2022-48698
* CVE-2022-48700
* CVE-2022-48701
* CVE-2022-48702
* CVE-2022-48703
* CVE-2022-48704
* CVE-2023-2860
* CVE-2023-52488
* CVE-2023-52503
* CVE-2023-52561
* CVE-2023-52585
* CVE-2023-52589
* CVE-2023-52590
* CVE-2023-52591
* CVE-2023-52593
* CVE-2023-52614
* CVE-2023-52616
* CVE-2023-52620
* CVE-2023-52627
* CVE-2023-52635
* CVE-2023-52636
* CVE-2023-52645
* CVE-2023-52652
* CVE-2023-6270
* CVE-2024-0639
* CVE-2024-0841
* CVE-2024-22099
* CVE-2024-23307
* CVE-2024-23848
* CVE-2024-23850
* CVE-2024-26601
* CVE-2024-26610
* CVE-2024-26656
* CVE-2024-26660
* CVE-2024-26671
* CVE-2024-26673
* CVE-2024-26675
* CVE-2024-26680
* CVE-2024-26681
* CVE-2024-26684
* CVE-2024-26685
* CVE-2024-26687
* CVE-2024-26688
* CVE-2024-26689
* CVE-2024-26696
* CVE-2024-26697
* CVE-2024-26702
* CVE-2024-26704
* CVE-2024-26718
* CVE-2024-26722
* CVE-2024-26727
* CVE-2024-26733
* CVE-2024-26736
* CVE-2024-26737
* CVE-2024-26739
* CVE-2024-26743
* CVE-2024-26744
* CVE-2024-26745
* CVE-2024-26747
* CVE-2024-26749
* CVE-2024-26751
* CVE-2024-26754
* CVE-2024-26760
* CVE-2024-26763
* CVE-2024-26764
* CVE-2024-26766
* CVE-2024-26769
* CVE-2024-26771
* CVE-2024-26772
* CVE-2024-26773
* CVE-2024-26776
* CVE-2024-26779
* CVE-2024-26783
* CVE-2024-26787
* CVE-2024-26790
* CVE-2024-26792
* CVE-2024-26793
* CVE-2024-26798
* CVE-2024-26805
* CVE-2024-26807
* CVE-2024-26816
* CVE-2024-26817
* CVE-2024-26820
* CVE-2024-26825
* CVE-2024-26830
* CVE-2024-26833
* CVE-2024-26836
* CVE-2024-26843
* CVE-2024-26848
* CVE-2024-26852
* CVE-2024-26853
* CVE-2024-26855
* CVE-2024-26856
* CVE-2024-26857
* CVE-2024-26861
* CVE-2024-26862
* CVE-2024-26866
* CVE-2024-26872
* CVE-2024-26875
* CVE-2024-26878
* CVE-2024-26879
* CVE-2024-26881
* CVE-2024-26882
* CVE-2024-26883
* CVE-2024-26884
* CVE-2024-26885
* CVE-2024-26891
* CVE-2024-26893
* CVE-2024-26895
* CVE-2024-26896
* CVE-2024-26897
* CVE-2024-26898
* CVE-2024-26901
* CVE-2024-26903
* CVE-2024-26917
* CVE-2024-26927
* CVE-2024-26948
* CVE-2024-26950
* CVE-2024-26951
* CVE-2024-26955
* CVE-2024-26956
* CVE-2024-26960
* CVE-2024-26965
* CVE-2024-26966
* CVE-2024-26969
* CVE-2024-26970
* CVE-2024-26972
* CVE-2024-26981
* CVE-2024-26982
* CVE-2024-26993
* CVE-2024-27013
* CVE-2024-27014
* CVE-2024-27030
* CVE-2024-27038
* CVE-2024-27039
* CVE-2024-27041
* CVE-2024-27043
* CVE-2024-27046
* CVE-2024-27056
* CVE-2024-27062
* CVE-2024-27389

CVSS scores:

* CVE-2021-47181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47187 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47189 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47191 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47193 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47194 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47195 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47195 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47196 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47197 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47198 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47199 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47200 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47203 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47204 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47205 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47206 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47209 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47212 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47214 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47215 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47216 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2021-47217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47218 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47219 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-48631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48632 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48634 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48638 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48639 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48640 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48642 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48644 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48646 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48647 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48648 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48650 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48652 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48653 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48654 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2022-48655 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-48655 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48656 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48657 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48658 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48658 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48659 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48659 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48660 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48660 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48663 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48667 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2022-48668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2022-48671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48672 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2022-48673 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48675 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48686 ( SUSE ): 3.6 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2022-48687 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2022-48688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48690 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48692 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48693 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48694 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48695 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48697 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2022-48698 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48700 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48701 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2022-48702 ( SUSE ): 5.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
* CVE-2022-48703 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-2860 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-2860 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-52488 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52503 ( SUSE ): 4.5 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-52561 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52585 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52589 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52590 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-52593 ( SUSE ): 5.7 CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-52614 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-52616 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52620 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52627 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52635 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52636 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52645 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52645 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52652 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2023-6270 ( SUSE ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-6270 ( NVD ): 7.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-0639 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0639 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0841 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0841 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-23848 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2024-23848 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-23850 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-23850 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26601 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26601 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-26656 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26660 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26671 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26673 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26675 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26680 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26681 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26684 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26685 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26687 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26696 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26697 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26702 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26718 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26722 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26727 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26736 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26737 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26743 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26744 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26745 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26747 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26749 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-26751 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26754 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26760 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26763 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-26764 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26769 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26771 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26772 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26773 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26776 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26779 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26783 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26787 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26790 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26792 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26793 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26798 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26805 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26807 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-26817 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26820 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26825 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26830 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26833 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26836 ( SUSE ): 4.3 CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-26843 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26848 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26852 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26853 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26855 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26856 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26857 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26861 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26862 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-26866 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26872 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26875 ( SUSE ): 6.4 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26878 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26879 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26881 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26881 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26882 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26882 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26883 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26883 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26884 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26884 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26885 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26885 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26891 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26893 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26895 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26896 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26897 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26898 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26898 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26901 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2024-26901 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26917 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26927 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26948 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26950 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26951 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26955 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26956 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26960 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26965 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26966 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26969 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26970 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26972 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26981 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26982 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26993 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27013 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27014 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27030 ( SUSE ): 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-27038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27039 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27041 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-27046 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27056 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27062 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27389 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP5
* Development Tools Module 15-SP5
* Legacy Module 15-SP5
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Availability Extension 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Live Patching 15-SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Workstation Extension 15 SP5

An update that solves 218 vulnerabilities, contains two features and has 29
security fixes can now be installed.

## Description:

The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security
bugfixes.

The following security bugs were fixed:

* CVE-2024-26760: Fixed scsi/target/pscsi bio_put() for error case
(bsc#1222596).
* CVE-2024-27389: Fixed pstore inode handling with d_invalidate()
(bsc#1223705).
* CVE-2024-27062: Fixed nouveau lock inside client object tree (bsc#1223834).
* CVE-2024-27056: Fixed wifi/iwlwifi/mvm to ensure offloading TID queue exists
(bsc#1223822).
* CVE-2024-27046: Fixed nfp/flower handling acti_netdevs allocation failure
(bsc#1223827).
* CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places
(bsc#1223824).
* CVE-2024-27041: Fixed drm/amd/display NULL checks for adev->dm.dc in
amdgpu_dm_fini() (bsc#1223714).
* CVE-2024-27039: Fixed clk/hisilicon/hi3559a an erroneous devm_kfree()
(bsc#1223821).
* CVE-2024-27038: Fixed clk_core_get NULL pointer dereference (bsc#1223816).
* CVE-2024-27030: Fixed octeontx2-af to use separate handlers for interrupts
(bsc#1223790).
* CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS
(bsc#1223735).
* CVE-2024-27013: Fixed tun limit printing rate when illegal packet received
by tun device (bsc#1223745).
* CVE-2024-26993: Fixed fs/sysfs reference leak in
sysfs_break_active_protection() (bsc#1223693).
* CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value
of zero (bsc#1223634).
* CVE-2024-26970: Fixed clk/qcom/gcc-ipq6018 termination of frequency table
arrays (bsc#1223644).
* CVE-2024-26969: Fixed clk/qcom/gcc-ipq8074 termination of frequency table
arrays (bsc#1223645).
* CVE-2024-26966: Fixed clk/qcom/mmcc-apq8084 termination of frequency table
arrays (bsc#1223646).
* CVE-2024-26965: Fixed clk/qcom/mmcc-msm8974 termination of frequency table
arrays (bsc#1223648).
* CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and
swapoff() (bsc#1223655).
* CVE-2024-26951: Fixed wireguard/netlink check for dangling peer via is_dead
instead of empty list (bsc#1223660).
* CVE-2024-26950: Fixed wireguard/netlink to access device through ctx instead
of peer (bsc#1223661).
* CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in
dc_state_release (bsc#1223664).
* CVE-2024-26927: Fixed ASoC/SOF bounds checking to firmware data Smatch
(bsc#1223525).
* CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent
kernel-infoleak (bsc#1223198).
* CVE-2024-26896: Fixed wifi/wfx memory leak when starting AP (bsc#1223042).
* CVE-2024-26893: Fixed firmware/arm_scmi for possible double free in SMC
transport cleanup path (bsc#1223196).
* CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches
(bsc#1223190).
* CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches
(bsc#1223189).
* CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches
(bsc#1223035).
* CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in
ip_tunnel_rcv() (bsc#1223034).
* CVE-2024-26881: Fixed net/hns3 kernel crash when 1588 is received on HIP08
devices (bsc#1223041).
* CVE-2024-26879: Fixed clk/meson by adding missing clocks to axg_clk_regmaps
(bsc#1223066).
* CVE-2024-26878: Fixed quota for potential NULL pointer dereference
(bsc#1223060).
* CVE-2024-26866: Fixed spi/spi-fsl-lpspi by removing redundant
spi_controller_put call (bsc#1223024).
* CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing
(bsc#1223111).
* CVE-2024-26861: Fixed wireguard/receive annotate data-race around
receiving_counter.counter (bsc#1223076).
* CVE-2024-26857: Fixed geneve to make sure to pull inner header in
geneve_rx() (bsc#1223058).
* CVE-2024-26856: Fixed use-after-free inside sparx5_del_mact_entry
(bsc#1223052).
* CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in
ice_bridge_setlink() (bsc#1223051).
* CVE-2024-26853: Fixed igc returning frame twice in XDP_REDIRECT
(bsc#1223061).
* CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in
ip6_route_mpath_notify() (bsc#1223057).
* CVE-2024-26848: Fixed afs endless loop in directory parsing (bsc#1223030).
* CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for
workstations (bsc#1222968).
* CVE-2024-26830: Fixed i40e to not allow untrusted VF to remove
administratively set MAC (bsc#1223012).
* CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid
integer overflow (bsc#1222812).
* CVE-2024-26816: Fixed relocations in .notes section when building with
CONFIG_XEN_PV=y by ignoring them (bsc#1222624).
* CVE-2024-26807: Fixed spi/cadence-qspi NULL pointer reference in runtime PM
hooks (bsc#1222801).
* CVE-2024-26805: Fixed a kernel-infoleak-after-free in __skb_datagram_iter in
netlink (bsc#1222630).
* CVE-2024-26793: Fixed an use-after-free and null-ptr-deref in gtp_newlink()
in gtp (bsc#1222428).
* CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a
wrong zone index (bsc#1222615).
* CVE-2024-26773: Fixed ext4 block allocation from corrupted group in
ext4_mb_try_best_found() (bsc#1222618).
* CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group
in ext4_mb_find_by_goal() (bsc#1222613).
* CVE-2024-26771: Fixed a null pointer dereference on edma_probe in dmaengine
ti edma (bsc#1222610)
* CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs()
(bsc#1222726).
* CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct
aio_kiocb conversion (bsc#1222721).
* CVE-2024-26763: Fixed user corruption via by writing data with O_DIRECT on
device in dm-crypt (bsc#1222720).
* CVE-2024-26754: Fixed an use-after-free and null-ptr-deref in
gtp_genl_dump_pdp() in gtp (bsc#1222632).
* CVE-2024-26751: Fixed ARM/ep93xx terminator to gpiod_lookup_table
(bsc#1222724).
* CVE-2024-26744: Fixed null pointer dereference in srpt_service_guid
parameter in rdma/srpt (bsc#1222449).
* CVE-2024-26743: Fixed memory leak in qedr_create_user_qp error flow in
rdma/qedr (bsc#1222677).
* CVE-2024-26737: Fixed selftests/bpf racing between bpf_timer_cancel_and_free
and bpf_timer_cancel (bsc#1222557).
* CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
* CVE-2024-26727: Fixed assertion if a newly created btrfs subvolume already
gets read (bsc#1222536).
* CVE-2024-26718: Fixed dm-crypt/dm-verity disable tasklets (bsc#1222416).
* CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len
in ext4 (bsc#1222422).
* CVE-2024-26696: Fixed nilfs2 hang in nilfs_lookup_dirty_data_buffers()
(bsc#1222549).
* CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503).
* CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup
(bsc#1222435).
* CVE-2024-26685: Fixed nilfs2 potential bug in end_buffer_async_write
(bsc#1222437).
* CVE-2024-26684: Fixed net/stmmac/xgmac handling of DPP safety error for DMA
channels (bsc#1222445).
* CVE-2024-26681: Fixed netdevsim to avoid potential loop in
nsim_dev_trap_report_work() (bsc#1222431).
* CVE-2024-26680: Fixed net/atlantic DMA mapping for PTP hwts ring
(bsc#1222427).
* CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379).
* CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization
(bsc#1222368).
* CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
* CVE-2024-26660: Fixed drm/amd/display bounds check for stream encoder
creation (bsc#1222266).
* CVE-2024-26656: Fixed drm/amdgpu use-after-free bug (bsc#1222307).
* CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299).
* CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay
(bsc#1220342).
* CVE-2024-23850: Fixed double free of anonymous device after snapshot
creation failure (bsc#1219126).
* CVE-2024-23848: Fixed media/cec for possible use-after-free in
cec_queue_msg_fh (bsc#1219104).
* CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86
and ARM md, raid, raid5 modules (bsc#1219169).
* CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security
(bsc#1219170).
* CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super
function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264).
* CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock
found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).
* CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts
(bsc#1218562).
* CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device()
(bsc#1223686).
* CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd
(bsc#1223033).
* CVE-2023-52636: Fixed libceph cursor init when preparing sparse read in
msgr2 (bsc#1222247).
* CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop]
(bsc#1222294).
* CVE-2023-52627: Fixed iio:adc:ad7091r exports into IIO_AD7091R namespace
(bsc#1222051).
* CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous
sets never used from userspace (bsc#1221825).
* CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in
mpi_ec_init (bsc#1221612).
* CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show
(bsc#1221617).
* CVE-2023-52593: Fixed wifi/wfx possible NULL pointer dereference in
wfx_set_mfp_ap() (bsc#1221042).
* CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via
directory renaming (bsc#1221044).
* CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory
renaming (bsc#1221088).
* CVE-2023-52589: Fixed media/rkisp1 IRQ disable race issue (bsc#1221084).
* CVE-2023-52585: Fixed drm/amdgpu for possible NULL pointer dereference in
amdgpu_ras_query_error_status_helper() (bsc#1221080).
* CVE-2023-52561: Fixed arm64/dts/qcom/sdm845-db845c to mark cont splash
memory region (bsc#1220935).
* CVE-2023-52503: Fixed tee/amdtee use-after-free vulnerability in
amdtee_close_session (bsc#1220915).
* CVE-2023-52488: Fixed serial/sc16is7xx convert from _raw_ to _noinc_ regmap
functions for FIFO (bsc#1221162).
* CVE-2022-48662: Fixed a general protection fault (GPF) in
i915_perf_open_ioctl (bsc#1223505).
* CVE-2022-48659: Fixed mm/slub to return errno if kmalloc() fails
(bsc#1223498).
* CVE-2022-48658: Fixed mm/slub to avoid a problem in
flush_cpu_slab()/__free_slab() task context (bsc#1223496).
* CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset
skb->mac_header (bsc#1223513).
* CVE-2022-48642: Fixed netfilter/nf_tables percpu memory leak at
nf_tables_addchain() (bsc#1223478).
* CVE-2022-48640: Fixed bonding for possible NULL pointer dereference in
bond_rr_gen_slave_id (bsc#1223499).
* CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries
== 0 and eh_depth > 0 (bsc#1223475).
* CVE-2021-47214: Fixed hugetlb/userfaultfd during restore reservation in
hugetlb_mcopy_atomic_pte() (bsc#1222710).
* CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions
(bsc#1222878)
* CVE-2021-47200: Fixed drm/prime for possible use-after-free in mmap within
drm_gem_ttm_mmap() and drm_gem_ttm_mmap() (bsc#1222838).
* CVE-2021-47195: Fixed use-after-free inside SPI via add_lock mutex
(bsc#1222832).
* CVE-2021-47189: Fixed denial of service due to memory ordering issues
between normal and ordered work functions in btrfs (bsc#1222706).
* CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer
(bsc#1222669).
* CVE-2021-47183: Fixed a null pointer dereference during link down processing
in scsi lpfc (bsc#1192145, bsc#1222664).
* CVE-2021-47182: Fixed scsi_mode_sense() buffer length handling
(bsc#1222662).
* CVE-2021-47181: Fixed a null pointer dereference caused by calling
platform_get_resource() (bsc#1222660).

The following non-security bugs were fixed:

* ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block
counter (stable-fixes).
* ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC
(stable-fixes).
* ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes).
* ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes).
* ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).
* ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-
fixes).
* ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-
fixes).
* ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-
fixes).
* ALSA: scarlett2: Add correct product series name to messages (stable-fixes).
* ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).
* ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).
* ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).
* ASoC: meson: axg-card: make links nonatomic (git-fixes).
* ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).
* ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).
* ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes).
* ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).
* ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).
* Bluetooth: Add new quirk for broken read key length on ATS2851 (git-fixes).
* Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).
* Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes).
* Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-
fixes).
* Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes).
* Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes).
* Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes).
* Bluetooth: add quirk for broken address properties (git-fixes).
* Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-
fixes).
* Bluetooth: btintel: Fixe build regression (git-fixes).
* Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-
fixes).
* Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes).
* Bluetooth: hci_event: set the conn encrypted before conn establishes
(stable-fixes).
* Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes).
* Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).
* Documentation: Add missing documentation for EXPORT_OP flags (stable-fixes).
* HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc
(git-fixes).
* HID: logitech-dj: allow mice to use all types of reports (git-fixes).
* HID: uhid: Use READ_ONCE()/WRITE_ONCE() for ->running (stable-fixes).
* Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails
(stable-fixes).
* NFC: trf7970a: disable all regulators on removal (git-fixes).
* NFS: avoid spurious warning of lost lock that is being unlocked
(bsc#1221791).
* PCI/AER: Block runtime suspend when handling errors (git-fixes).
* PCI/DPC: Quirk PIO log size for Intel Ice Lake Root Ports (git-fixes).
* PCI/DPC: Quirk PIO log size for Intel Raptor Lake Root Ports (git-fixes).
* PCI/DPC: Quirk PIO log size for certain Intel Root Ports (git-fixes).
* PCI/PM: Drain runtime-idle callbacks before driver removal (git-fixes).
* PCI: Drop pci_device_remove() test of pci_dev->driver (git-fixes).
* PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369
ltc#205888).
* RAS: Avoid build errors when CONFIG_DEBUG_FS=n (jsc#PED-7619).
* RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes).
* RDMA/cm: add timeout to cm_destroy_id wait (git-fixes)
* Reapply "drm/qxl: simplify qxl_fence_wait" (stable-fixes).
* Revert "ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default"
(stable-fixes).
* Revert "drm/qxl: simplify qxl_fence_wait" (git-fixes).
* Revert "ice: Fix ice VF reset during iavf initialization (jsc#PED-376)."
(bsc#1223275)
* Revert "usb: cdc-wdm: close race between read and workqueue" (git-fixes).
* Revert "usb: phy: generic: Get the vbus supply" (git-fixes).
* USB: UAS: return ENODEV when submit urbs fail with device not attached
(stable-fixes).
* USB: serial: add device ID for VeriFone adapter (stable-fixes).
* USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes).
* USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-
fixes).
* USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-
fixes).
* USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).
* USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).
* USB: serial: option: add MeiG Smart SLM320 product (stable-fixes).
* USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-
fixes).
* USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).
* USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).
* USB: serial: option: support Quectel EM060K sub-models (stable-fixes).
* ahci: asm1064: asm1166: do not limit reported ports (git-fixes).
* ahci: asm1064: correct count of reported ports (stable-fixes).
* arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)
* arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-
fixes)
* arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-
fixes)
* arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)
* arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-
fixes)
* arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)
* arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)
* arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).
* ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes).
* batman-adv: Avoid infinite loop trying to resize local TT (git-fixes).
* bcache: Fix __bch_btree_node_alloc to make the failure behavior consistent
(git-fixes).
* bcache: Remove dead references to cache_readaheads (git-fixes).
* bcache: Remove unnecessary NULL point check in node allocations (git-fixes).
* bcache: add code comments for bch_btree_node_get() and
__bch_btree_node_alloc() (git-fixes).
* bcache: avoid NULL checking to c->root in run_cache_set() (git-fixes).
* bcache: avoid oversize memory allocation by small stripe_size (git-fixes).
* bcache: bset: Fix comment typos (git-fixes).
* bcache: check return value from btree_node_alloc_replacement() (git-fixes).
* bcache: fix NULL pointer reference in cached_dev_detach_finish (git-fixes).
* bcache: fix error info in register_bcache() (git-fixes).
* bcache: fixup bcache_dev_sectors_dirty_add() multithreaded CPU false sharing
(git-fixes).
* bcache: fixup btree_cache_wait list damage (git-fixes).
* bcache: fixup init dirty data errors (git-fixes).
* bcache: fixup lock c->root error (git-fixes).
* bcache: fixup multi-threaded bch_sectors_dirty_init() wake-up race (git-
fixes).
* bcache: move calc_cached_dev_sectors to proper place on backing device
detach (git-fixes).
* bcache: move uapi header bcache.h to bcache code directory (git-fixes).
* bcache: prevent potential division by zero error (git-fixes).
* bcache: remove EXPERIMENTAL for Kconfig option 'Asynchronous device
registration' (git-fixes).
* bcache: remove redundant assignment to variable cur_idx (git-fixes).
* bcache: remove the backing_dev_name field from struct cached_dev (git-
fixes).
* bcache: remove the cache_dev_name field from struct cache (git-fixes).
* bcache: remove unnecessary flush_workqueue (git-fixes).
* bcache: remove unused bch_mark_cache_readahead function def in stats.h (git-
fixes).
* bcache: replace a mistaken IS_ERR() by IS_ERR_OR_NULL() in
btree_gc_coalesce() (git-fixes).
* bcache: replace snprintf in show functions with sysfs_emit (git-fixes).
* bcache: revert replacing IS_ERR_OR_NULL with IS_ERR (git-fixes).
* bcache: use bvec_kmap_local in bch_data_verify (git-fixes).
* bcache: use bvec_kmap_local in bio_csum (git-fixes).
* bcache: use default_groups in kobj_type (git-fixes).
* bcache:: fix repeated words in comments (git-fixes).
* ceph: stop copying to iter at EOF on sync reads (bsc#1223068).
* ceph: switch to corrected encoding of max_xattr_size in mdsmap
(bsc#1223067).
* clk: Get runtime PM before walking tree during disable_unused (git-fixes).
* clk: Initialize struct clk_core kref earlier (stable-fixes).
* clk: Mark 'all_lists' as const (stable-fixes).
* clk: Print an info line before disabling unused clocks (stable-fixes).
* clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes).
* clk: remove extra empty line (stable-fixes).
* comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).
* dm cache policy smq: ensure IO does not prevent cleaner policy progress
(git-fixes).
* dm cache: add cond_resched() to various workqueue loops (git-fixes).
* dm clone: call kmem_cache_destroy() in dm_clone_init() error path (git-
fixes).
* dm crypt: add cond_resched() to dmcrypt_write() (git-fixes).
* dm crypt: avoid accessing uninitialized tasklet (git-fixes).
* dm flakey: do not corrupt the zero page (git-fixes).
* dm flakey: fix a bug with 32-bit highmem systems (git-fixes).
* dm flakey: fix a crash with invalid table line (git-fixes).
* dm flakey: fix logic when corrupting a bio (git-fixes).
* dm init: add dm-mod.waitfor to wait for asynchronously probed block devices
(git-fixes).
* dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path
(git-fixes).
* dm integrity: fix out-of-range warning (git-fixes).
* dm integrity: reduce vmalloc space footprint on 32-bit architectures (git-
fixes).
* dm raid: clean up four equivalent goto tags in raid_ctr() (git-fixes).
* dm raid: fix false positive for requeue needed during reshape (git-fixes).
* dm raid: fix missing reconfig_mutex unlock in raid_ctr() error paths (git-
fixes).
* dm stats: check for and propagate alloc_percpu failure (git-fixes).
* dm thin metadata: Fix ABBA deadlock by resetting dm_bufio_client (git-
fixes).
* dm thin metadata: check fail_io before using data_sm (git-fixes).
* dm thin: add cond_resched() to various workqueue loops (git-fixes).
* dm thin: fix deadlock when swapping to thin device (bsc#1177529).
* dm verity: do not perform FEC for failed readahead IO (git-fixes).
* dm verity: fix error handling for check_at_most_once on FEC (git-fixes).
* dm zoned: free dmz->ddev array in dmz_put_zoned_devices (git-fixes).
* dm-delay: fix a race between delay_presuspend and delay_bio (git-fixes).
* dm-integrity: do not modify bio's immutable bio_vec in integrity_metadata()
(git-fixes).
* dm-raid: fix lockdep waring in "pers->hot_add_disk" (git-fixes).
* dm-verity, dm-crypt: align "struct bvec_iter" correctly (git-fixes).
* dm-verity: align struct dm_verity_fec_io properly (git-fixes).
* dm: add cond_resched() to dm_wq_work() (git-fixes).
* dm: call the resume method on internal suspend (git-fixes).
* dm: do not lock fs when the map is NULL during suspend or resume (git-
fixes).
* dm: do not lock fs when the map is NULL in process of resume (git-fixes).
* dm: remove flush_scheduled_work() during local_exit() (git-fixes).
* dm: send just one event on resize, not two (git-fixes).
* dma: xilinx_dpdma: Fix locking (git-fixes).
* dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).
* dmaengine: owl: fix register access functions (git-fixes).
* dmaengine: tegra186: Fix residual calculation (git-fixes).
* docs: Document the FAN_FS_ERROR event (stable-fixes).
* drm-print: add drm_dbg_driver to improve namespace symmetry (stable-fixes).
* drm/amd/display: Do not recursively call manual trigger programming (stable-
fixes).
* drm/amd/display: Fix nanosec stat overflow (stable-fixes).
* drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes).
* drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes).
* drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).
* drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).
* drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).
* drm/amdgpu: always force full reset for SOC21 (stable-fixes).
* drm/amdgpu: fix incorrect active rb bitmap for gfx11 (stable-fixes).
* drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes).
* drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes).
* drm/amdgpu: validate the parameters of bo mapping operations more clearly
(git-fixes).
* drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes).
* drm/ast: Fix soft lockup (git-fixes).
* drm/client: Fully protect modes[] with dev->mode_config.mutex (stable-
fixes).
* drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-
fixes).
* drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).
* drm/i915: Disable port sync when bigjoiner is used (stable-fixes).
* drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes).
* drm/nouveau/nvkm: add a replacement for nvkm_notify (bsc#1223834)
* drm/panel: ili9341: Respect deferred probe (git-fixes).
* drm/panel: ili9341: Use predefined error codes (git-fixes).
* drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes).
* drm/vc4: do not check if plane->state->fb == state->fb (stable-fixes).
* drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).
* drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes).
* drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).
* drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes).
* drm: nv04: Fix out of bounds access (git-fixes).
* drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes).
* drm: panel-orientation-quirks: Add quirk for Lenovo Legion Go (stable-
fixes).
* dump_stack: Do not get cpu_sync for panic CPU (bsc#1223574).
* fbdev: fix incorrect address computation in deferred IO (git-fixes).
* fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes).
* fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-
fixes).
* fix build warning
* fuse: do not unhash root (bsc#1223951).
* fuse: fix root lookup with nonzero generation (bsc#1223950).
* hwmon: (amc6821) add of_match table (stable-fixes).
* i2c: pxa: hide unused icr_bits[] variable (git-fixes).
* i2c: smbus: fix NULL function pointer dereference (git-fixes).
* i40e: Fix VF MAC filter removal (git-fixes).
* idma64: Do not try to serve interrupts when device is powered off (git-
fixes).
* iio: accel: mxc4005: Interrupt handling fixes (git-fixes).
* iio:imu: adis16475: Fix sync mode setting (git-fixes).
* init/main.c: Fix potential static_command_line memory overflow (git-fixes).
* iommu/amd: Add a length limitation for the ivrs_acpihid command-line
parameter (git-fixes).
* iommu/amd: Fix "Guest Virtual APIC Table Root Pointer" configuration in IRTE
(git-fixes).
* iommu/amd: Fix domain flush size when syncing iotlb (git-fixes).
* iommu/amd: Fix error handling for pdev_pri_ats_enable() (git-fixes).
* iommu/arm-smmu-qcom: Limit the SMR groups to 128 (git-fixes).
* iommu/arm-smmu-v3: Acknowledge pri/event queue overflow if any (git-fixes).
* iommu/fsl: fix all kernel-doc warnings in fsl_pamu.c (git-fixes).
* iommu/iova: Fix alloc iova overflows issue (git-fixes).
* iommu/mediatek: Flush IOTLB completely only if domain has been attached
(git-fixes).
* iommu/rockchip: Fix unwind goto issue (git-fixes).
* iommu/sprd: Release dma buffer to avoid memory leak (git-fixes).
* iommu/vt-d: Allocate local memory for page request queue (git-fixes).
* iommu/vt-d: Allow zero SAGAW if second-stage not supported (git-fixes).
* iommu/vt-d: Fix error handling in sva enable/disable paths (git-fixes).
* iommu: Fix error unwind in iommu_group_alloc() (git-fixes).
* ipv6/addrconf: fix a potential refcount underflow for idev (git-fixes).
* kABI: Adjust trace_iterator.wait_index (git-fixes).
* kprobes: Fix double free of kretprobe_holder (bsc#1220901).
* kprobes: Fix possible use-after-free issue on kprobe registration (git-
fixes).
* libnvdimm/of_pmem: Use devm_kstrdup instead of kstrdup and check its return
value (git-fixes).
* libnvdimm/region: Allow setting align attribute on regions without mappings
(git-fixes).
* livepatch: Fix missing newline character in klp_resolve_symbols()
(bsc#1223539).
* md/raid1: fix choose next idle in read_balance() (git-fixes).
* md: Do not clear MD_CLOSING when the raid is about to stop (git-fixes).
* md: do not clear MD_RECOVERY_FROZEN for new dm-raid until resume (git-
fixes).
* media: cec: core: remove length check of Timer Status (stable-fixes).
* media: sta2x11: fix irq handler cast (stable-fixes).
* mei: me: add arrow lake point H DID (stable-fixes).
* mei: me: add arrow lake point S DID (stable-fixes).
* mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).
* mm/vmscan: make sure wakeup_kswapd with managed zone (bsc#1223473).
* mmc: sdhci-msm: pervent access to suspended controller (git-fixes).
* mtd: diskonchip: work around ubsan link failure (stable-fixes).
* nd_btt: Make BTT lanes preemptible (git-fixes).
* net: bridge: vlan: fix memory leak in __allowed_ingress (git-fixes).
* net: fix a memleak when uncloning an skb dst and its metadata (git-fixes).
* net: fix skb leak in __skb_tstamp_tx() (git-fixes).
* net: ipv6: ensure we call ipv6_mc_down() at most once (git-fixes).
* net: mld: fix reference count leak in mld_{query | report}_work() (git-
fixes).
* net: stream: purge sk_error_queue in sk_stream_kill_queues() (git-fixes).
* net: usb: ax88179_178a: avoid the interface always configured as random
address (git-fixes).
* net: usb: ax88179_178a: avoid writing the mac address before first reading
(git-fixes).
* net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes).
* net: vlan: fix underflow for the real_dev refcnt (git-fixes).
* netfilter: br_netfilter: Drop dst references before setting (git-fixes).
* netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() (git-
fixes).
* netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-
fixes).
* nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380
bsc#1217408).
* nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
* nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
* nouveau: fix function cast warning (git-fixes).
* nouveau: fix instmem race condition around ptr stores (git-fixes).
* nvdimm/namespace: drop nested variable in create_namespace_pmem() (git-
fixes).
* nvdimm: Allow overwrite in the presence of disabled dimms (git-fixes).
* nvdimm: Fix badblocks clear off-by-one error (git-fixes).
* nvdimm: Fix dereference after free in register_nvdimm_pmu() (git-fixes).
* nvdimm: Fix firmware activation deadlock scenarios (git-fixes).
* nvdimm: Fix memleak of pmu attr_groups in unregister_nvdimm_pmu() (git-
fixes).
* pci_iounmap(): Fix MMIO mapping leak (git-fixes).
* phy: tegra: xusb: Add API to retrieve the port number of phy (stable-fixes).
* pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs
(stable-fixes).
* platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi
Vi8 tablet (stable-fixes).
* powerpc/kasan: Do not instrument non-maskable or raw interrupts
(bsc#1223191).
* powerpc/pseries/iommu: LPAR panics when rebooted with a frozen PE
(bsc#1222011 ltc#205900).
* powerpc/rtas: define pr_fmt and convert printk call sites (bsc#1223369
ltc#205888).
* powerpc/rtas: export rtas_error_rc() for reuse (bsc#1223369 ltc#205888).
* powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645
ltc#205739 bsc#1223191).
* powerpc: Refactor verification of MSR_RI (bsc#1223191).
* printk: Add this_cpu_in_panic() (bsc#1223574).
* printk: Adjust mapping for 32bit seq macros (bsc#1223574).
* printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1223574).
* printk: Disable passing console lock owner completely during panic()
(bsc#1223574).
* printk: Drop console_sem during panic (bsc#1223574).
* printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic()
(bsc#1223574).
* printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1223574).
* printk: Wait for all reserved records with pr_flush() (bsc#1223574).
* printk: nbcon: Relocate 32bit seq macros (bsc#1223574).
* printk: ringbuffer: Clarify special lpos values (bsc#1223574).
* printk: ringbuffer: Cleanup reader terminology (bsc#1223574).
* printk: ringbuffer: Do not skip non-finalized records with prb_next_seq()
(bsc#1223574).
* printk: ringbuffer: Improve prb_next_seq() performance (bsc#1223574).
* printk: ringbuffer: Skip non-finalized records in panic (bsc#1223574).
* pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes).
* ring-buffer: Do not set shortest_full when full target is hit (git-fixes).
* ring-buffer: Fix full_waiters_pending in poll (git-fixes).
* ring-buffer: Fix resetting of shortest_full (git-fixes).
* ring-buffer: Fix waking up ring buffer readers (git-fixes).
* ring-buffer: Make wake once of ring_buffer_wait() more robust (git-fixes).
* ring-buffer: Use wait_event_interruptible() in ring_buffer_wait() (git-
fixes).
* ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent
environment (git-fixes).
* s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223875).
* s390/decompressor: fix misaligned symbol build error (git-fixes
bsc#1223785).
* s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223877).
* s390/mm: Fix storage key clearing for guest huge pages (git-fixes
bsc#1223878).
* s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223879).
* s390/scm: fix virtual vs physical address confusion (git-fixes bsc#1223784).
* s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes
bsc#1223876).
* s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223598).
* s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes
bsc#1223595).
* serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes).
* serial: core: Provide port lock wrappers (stable-fixes).
* serial: core: fix kernel-doc for uart_port_unlock_irqrestore() (git-fixes).
* serial: mxs-auart: add spinlock around changing cts state (git-fixes).
* slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).
* speakup: Avoid crash on very long word (git-fixes).
* speakup: Fix 8bit characters from direct synth (git-fixes).
* tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp (git-fixes).
* thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).
* thunderbolt: Fix wake configurations after device unplug (stable-fixes).
* tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-
fixes).
* tracing/ring-buffer: Fix wait_on_pipe() race (git-fixes).
* tracing: Have saved_cmdlines arrays all in one allocation (git-fixes).
* tracing: Remove precision vsnprintf() check from print event (git-fixes).
* tracing: Show size of requested perf buffer (git-fixes).
* tracing: Use .flush() call to wake up readers (git-fixes).
* usb: Disable USB3 LPM at shutdown (stable-fixes).
* usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed
device (git-fixes).
* usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes).
* usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).
* usb: gadget: f_fs: Fix a race condition when processing setup packets (git-
fixes).
* usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport
error (stable-fixes).
* usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (git-fixes).
* usb: ohci: Prevent missed ohci interrupts (git-fixes).
* usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined
(stable-fixes).
* usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes).
* usb: typec: tcpm: Check for port partner validity before consuming it (git-
fixes).
* usb: typec: tcpm: unregister existing source caps before re-registration
(bsc#1220569).
* usb: typec: ucsi: Ack unsupported commands (stable-fixes).
* usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes).
* usb: typec: ucsi: Fix connector check on init (git-fixes).
* usb: udc: remove warning when queue disabled ep (stable-fixes).
* vdpa/mlx5: Allow CVQ size changes (git-fixes).
* virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223949).
* wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes).
* wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-
fixes).
* wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes).
* wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-
fixes).
* wifi: nl80211: do not free NULL coalescing rule (git-fixes).
* x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-
fixes).
* x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type
(jsc#PED-7167 git-fixes).
* x86/sev: Skip ROM range scans and validation for SEV-SNP guests
(jsc#PED-7167 git-fixes).
* x86/xen: Add some null pointer checking to smp.c (git-fixes).
* x86/xen: add CPU dependencies for 32-bit build (git-fixes).
* x86/xen: fix percpu vcpu_info allocation (git-fixes).
* xen-netback: properly sync TX responses (git-fixes).
* xen-netfront: Add missing skb_mark_for_recycle (git-fixes).
* xen/gntdev: Fix the abuse of underlying struct page in DMA-buf import (git-
fixes).
* xen/xenbus: document will_handle argument for xenbus_watch_path() (git-
fixes).
* xfrm6: fix inet6_dev refcount underflow problem (git-fixes).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-1659=1 openSUSE-SLE-15.5-2024-1659=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-1659=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1659=1

* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1659=1

* Legacy Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-1659=1

* SUSE Linux Enterprise Live Patching 15-SP5
zypper in -t patch SUSE-SLE-Module-Live-Patching-15-SP5-2024-1659=1
Please note that this is the initial kernel livepatch without fixes itself, this
package is later updated by separate standalone kernel livepatch updates.

* SUSE Linux Enterprise High Availability Extension 15 SP5
zypper in -t patch SUSE-SLE-Product-HA-15-SP5-2024-1659=1

* SUSE Linux Enterprise Workstation Extension 15 SP5
zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-1659=1

## Package List:

* openSUSE Leap 15.5 (noarch nosrc)
* kernel-docs-5.14.21-150500.55.62.2
* openSUSE Leap 15.5 (noarch)
* kernel-devel-5.14.21-150500.55.62.2
* kernel-macros-5.14.21-150500.55.62.2
* kernel-source-vanilla-5.14.21-150500.55.62.2
* kernel-docs-html-5.14.21-150500.55.62.2
* kernel-source-5.14.21-150500.55.62.2
* openSUSE Leap 15.5 (nosrc ppc64le x86_64)
* kernel-debug-5.14.21-150500.55.62.2
* openSUSE Leap 15.5 (ppc64le x86_64)
* kernel-debug-debugsource-5.14.21-150500.55.62.2
* kernel-debug-devel-5.14.21-150500.55.62.2
* kernel-debug-devel-debuginfo-5.14.21-150500.55.62.2
* kernel-debug-debuginfo-5.14.21-150500.55.62.2
* kernel-debug-livepatch-devel-5.14.21-150500.55.62.2
* openSUSE Leap 15.5 (x86_64)
* kernel-debug-vdso-5.14.21-150500.55.62.2
* kernel-default-vdso-5.14.21-150500.55.62.2
* kernel-kvmsmall-vdso-5.14.21-150500.55.62.2
* kernel-kvmsmall-vdso-debuginfo-5.14.21-150500.55.62.2
* kernel-default-vdso-debuginfo-5.14.21-150500.55.62.2
* kernel-debug-vdso-debuginfo-5.14.21-150500.55.62.2
* openSUSE Leap 15.5 (aarch64 ppc64le x86_64)
* kernel-kvmsmall-devel-debuginfo-5.14.21-150500.55.62.2
* kernel-default-base-5.14.21-150500.55.62.2.150500.6.27.2
* kernel-kvmsmall-livepatch-devel-5.14.21-150500.55.62.2
* kernel-kvmsmall-debugsource-5.14.21-150500.55.62.2
* kernel-kvmsmall-devel-5.14.21-150500.55.62.2
* kernel-default-base-rebuild-5.14.21-150500.55.62.2.150500.6.27.2
* kernel-kvmsmall-debuginfo-5.14.21-150500.55.62.2
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* kernel-obs-build-5.14.21-150500.55.62.2
* gfs2-kmp-default-debuginfo-5.14.21-150500.55.62.2
* kernel-default-livepatch-devel-5.14.21-150500.55.62.2
* kernel-default-optional-5.14.21-150500.55.62.2
* kernel-default-optional-debuginfo-5.14.21-150500.55.62.2
* dlm-kmp-default-5.14.21-150500.55.62.2
* kernel-default-devel-debuginfo-5.14.21-150500.55.62.2
* dlm-kmp-default-debuginfo-5.14.21-150500.55.62.2
* reiserfs-kmp-default-5.14.21-150500.55.62.2
* ocfs2-kmp-default-debuginfo-5.14.21-150500.55.62.2
* cluster-md-kmp-default-debuginfo-5.14.21-150500.55.62.2
* kernel-default-extra-debuginfo-5.14.21-150500.55.62.2
* reiserfs-kmp-default-debuginfo-5.14.21-150500.55.62.2
* ocfs2-kmp-default-5.14.21-150500.55.62.2
* kselftests-kmp-default-debuginfo-5.14.21-150500.55.62.2
* kernel-obs-build-debugsource-5.14.21-150500.55.62.2
* cluster-md-kmp-default-5.14.21-150500.55.62.2
* kernel-obs-qa-5.14.21-150500.55.62.1
* gfs2-kmp-default-5.14.21-150500.55.62.2
* kernel-default-livepatch-5.14.21-150500.55.62.2
* kernel-syms-5.14.21-150500.55.62.1
* kernel-default-debuginfo-5.14.21-150500.55.62.2
* kernel-default-debugsource-5.14.21-150500.55.62.2
* kselftests-kmp-default-5.14.21-150500.55.62.2
* kernel-default-extra-5.14.21-150500.55.62.2
* kernel-default-devel-5.14.21-150500.55.62.2
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-5.14.21-150500.55.62.2
* openSUSE Leap 15.5 (aarch64 nosrc ppc64le x86_64)
* kernel-kvmsmall-5.14.21-150500.55.62.2
* openSUSE Leap 15.5 (ppc64le s390x x86_64)
* kernel-livepatch-SLE15-SP5_Update_13-debugsource-1-150500.11.3.2
* kernel-livepatch-5_14_21-150500_55_62-default-1-150500.11.3.2
* kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-1-150500.11.3.2
* openSUSE Leap 15.5 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150500.55.62.2
* openSUSE Leap 15.5 (s390x)
* kernel-zfcpdump-debuginfo-5.14.21-150500.55.62.2
* kernel-zfcpdump-debugsource-5.14.21-150500.55.62.2
* openSUSE Leap 15.5 (nosrc)
* dtb-aarch64-5.14.21-150500.55.62.1
* openSUSE Leap 15.5 (aarch64)
* dtb-apple-5.14.21-150500.55.62.1
* dtb-socionext-5.14.21-150500.55.62.1
* dlm-kmp-64kb-debuginfo-5.14.21-150500.55.62.2
* kernel-64kb-extra-debuginfo-5.14.21-150500.55.62.2
* kernel-64kb-livepatch-devel-5.14.21-150500.55.62.2
* kselftests-kmp-64kb-debuginfo-5.14.21-150500.55.62.2
* dtb-xilinx-5.14.21-150500.55.62.1
* dtb-mediatek-5.14.21-150500.55.62.1
* dtb-amlogic-5.14.21-150500.55.62.1
* dtb-lg-5.14.21-150500.55.62.1
* dtb-hisilicon-5.14.21-150500.55.62.1
* gfs2-kmp-64kb-5.14.21-150500.55.62.2
* cluster-md-kmp-64kb-debuginfo-5.14.21-150500.55.62.2
* dtb-renesas-5.14.21-150500.55.62.1
* dtb-sprd-5.14.21-150500.55.62.1
* dtb-qcom-5.14.21-150500.55.62.1
* kernel-64kb-extra-5.14.21-150500.55.62.2
* dtb-apm-5.14.21-150500.55.62.1
* dlm-kmp-64kb-5.14.21-150500.55.62.2
* kernel-64kb-devel-5.14.21-150500.55.62.2
* ocfs2-kmp-64kb-5.14.21-150500.55.62.2
* kselftests-kmp-64kb-5.14.21-150500.55.62.2
* kernel-64kb-debugsource-5.14.21-150500.55.62.2
* reiserfs-kmp-64kb-5.14.21-150500.55.62.2
* reiserfs-kmp-64kb-debuginfo-5.14.21-150500.55.62.2
* ocfs2-kmp-64kb-debuginfo-5.14.21-150500.55.62.2
* dtb-amazon-5.14.21-150500.55.62.1
* dtb-allwinner-5.14.21-150500.55.62.1
* dtb-exynos-5.14.21-150500.55.62.1
* kernel-64kb-optional-debuginfo-5.14.21-150500.55.62.2
* dtb-freescale-5.14.21-150500.55.62.1
* dtb-nvidia-5.14.21-150500.55.62.1
* dtb-rockchip-5.14.21-150500.55.62.1
* dtb-arm-5.14.21-150500.55.62.1
* dtb-cavium-5.14.21-150500.55.62.1
* dtb-broadcom-5.14.21-150500.55.62.1
* dtb-amd-5.14.21-150500.55.62.1
* gfs2-kmp-64kb-debuginfo-5.14.21-150500.55.62.2
* kernel-64kb-optional-5.14.21-150500.55.62.2
* dtb-altera-5.14.21-150500.55.62.1
* cluster-md-kmp-64kb-5.14.21-150500.55.62.2
* dtb-marvell-5.14.21-150500.55.62.1
* kernel-64kb-devel-debuginfo-5.14.21-150500.55.62.2
* kernel-64kb-debuginfo-5.14.21-150500.55.62.2
* openSUSE Leap 15.5 (aarch64 nosrc)
* kernel-64kb-5.14.21-150500.55.62.2
* SUSE Linux Enterprise Micro 5.5 (aarch64 nosrc s390x x86_64)
* kernel-default-5.14.21-150500.55.62.2
* SUSE Linux Enterprise Micro 5.5 (aarch64 x86_64)
* kernel-default-base-5.14.21-150500.55.62.2.150500.6.27.2
* SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
* kernel-default-debuginfo-5.14.21-150500.55.62.2
* kernel-default-debugsource-5.14.21-150500.55.62.2
* Basesystem Module 15-SP5 (aarch64 nosrc)
* kernel-64kb-5.14.21-150500.55.62.2
* Basesystem Module 15-SP5 (aarch64)
* kernel-64kb-devel-5.14.21-150500.55.62.2
* kernel-64kb-devel-debuginfo-5.14.21-150500.55.62.2
* kernel-64kb-debuginfo-5.14.21-150500.55.62.2
* kernel-64kb-debugsource-5.14.21-150500.55.62.2
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64 nosrc)
* kernel-default-5.14.21-150500.55.62.2
* Basesystem Module 15-SP5 (aarch64 ppc64le x86_64)
* kernel-default-base-5.14.21-150500.55.62.2.150500.6.27.2
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* kernel-default-debuginfo-5.14.21-150500.55.62.2
* kernel-default-devel-debuginfo-5.14.21-150500.55.62.2
* kernel-default-debugsource-5.14.21-150500.55.62.2
* kernel-default-devel-5.14.21-150500.55.62.2
* Basesystem Module 15-SP5 (noarch)
* kernel-devel-5.14.21-150500.55.62.2
* kernel-macros-5.14.21-150500.55.62.2
* Basesystem Module 15-SP5 (nosrc s390x)
* kernel-zfcpdump-5.14.21-150500.55.62.2
* Basesystem Module 15-SP5 (s390x)
* kernel-zfcpdump-debuginfo-5.14.21-150500.55.62.2
* kernel-zfcpdump-debugsource-5.14.21-150500.55.62.2
* Development Tools Module 15-SP5 (noarch nosrc)
* kernel-docs-5.14.21-150500.55.62.2
* Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* kernel-obs-build-5.14.21-150500.55.62.2
* kernel-syms-5.14.21-150500.55.62.1
* kernel-obs-build-debugsource-5.14.21-150500.55.62.2
* Development Tools Module 15-SP5 (noarch)
* kernel-source-5.14.21-150500.55.62.2
* Legacy Module 15-SP5 (nosrc)
* kernel-default-5.14.21-150500.55.62.2
* Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* kernel-default-debuginfo-5.14.21-150500.55.62.2
* kernel-default-debugsource-5.14.21-150500.55.62.2
* reiserfs-kmp-default-5.14.21-150500.55.62.2
* reiserfs-kmp-default-debuginfo-5.14.21-150500.55.62.2
* SUSE Linux Enterprise Live Patching 15-SP5 (nosrc)
* kernel-default-5.14.21-150500.55.62.2
* SUSE Linux Enterprise Live Patching 15-SP5 (ppc64le s390x x86_64)
* kernel-livepatch-5_14_21-150500_55_62-default-1-150500.11.3.2
* kernel-default-livepatch-5.14.21-150500.55.62.2
* kernel-default-debuginfo-5.14.21-150500.55.62.2
* kernel-livepatch-5_14_21-150500_55_62-default-debuginfo-1-150500.11.3.2
* kernel-livepatch-SLE15-SP5_Update_13-debugsource-1-150500.11.3.2
* kernel-default-livepatch-devel-5.14.21-150500.55.62.2
* kernel-default-debugsource-5.14.21-150500.55.62.2
* SUSE Linux Enterprise High Availability Extension 15 SP5 (aarch64 ppc64le
s390x x86_64)
* cluster-md-kmp-default-5.14.21-150500.55.62.2
* gfs2-kmp-default-debuginfo-5.14.21-150500.55.62.2
* ocfs2-kmp-default-debuginfo-5.14.21-150500.55.62.2
* cluster-md-kmp-default-debuginfo-5.14.21-150500.55.62.2
* gfs2-kmp-default-5.14.21-150500.55.62.2
* dlm-kmp-default-5.14.21-150500.55.62.2
* kernel-default-debuginfo-5.14.21-150500.55.62.2
* ocfs2-kmp-default-5.14.21-150500.55.62.2
* dlm-kmp-default-debuginfo-5.14.21-150500.55.62.2
* kernel-default-debugsource-5.14.21-150500.55.62.2
* SUSE Linux Enterprise High Availability Extension 15 SP5 (nosrc)
* kernel-default-5.14.21-150500.55.62.2
* SUSE Linux Enterprise Workstation Extension 15 SP5 (nosrc)
* kernel-default-5.14.21-150500.55.62.2
* SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64)
* kernel-default-debuginfo-5.14.21-150500.55.62.2
* kernel-default-debugsource-5.14.21-150500.55.62.2
* kernel-default-extra-debuginfo-5.14.21-150500.55.62.2
* kernel-default-extra-5.14.21-150500.55.62.2

## References:

* https://www.suse.com/security/cve/CVE-2021-47047.html
* https://www.suse.com/security/cve/CVE-2021-47181.html
* https://www.suse.com/security/cve/CVE-2021-47182.html
* https://www.suse.com/security/cve/CVE-2021-47183.html
* https://www.suse.com/security/cve/CVE-2021-47184.html
* https://www.suse.com/security/cve/CVE-2021-47185.html
* https://www.suse.com/security/cve/CVE-2021-47187.html
* https://www.suse.com/security/cve/CVE-2021-47188.html
* https://www.suse.com/security/cve/CVE-2021-47189.html
* https://www.suse.com/security/cve/CVE-2021-47191.html
* https://www.suse.com/security/cve/CVE-2021-47192.html
* https://www.suse.com/security/cve/CVE-2021-47193.html
* https://www.suse.com/security/cve/CVE-2021-47194.html
* https://www.suse.com/security/cve/CVE-2021-47195.html
* https://www.suse.com/security/cve/CVE-2021-47196.html
* https://www.suse.com/security/cve/CVE-2021-47197.html
* https://www.suse.com/security/cve/CVE-2021-47198.html
* https://www.suse.com/security/cve/CVE-2021-47199.html
* https://www.suse.com/security/cve/CVE-2021-47200.html
* https://www.suse.com/security/cve/CVE-2021-47201.html
* https://www.suse.com/security/cve/CVE-2021-47202.html
* https://www.suse.com/security/cve/CVE-2021-47203.html
* https://www.suse.com/security/cve/CVE-2021-47204.html
* https://www.suse.com/security/cve/CVE-2021-47205.html
* https://www.suse.com/security/cve/CVE-2021-47206.html
* https://www.suse.com/security/cve/CVE-2021-47207.html
* https://www.suse.com/security/cve/CVE-2021-47209.html
* https://www.suse.com/security/cve/CVE-2021-47210.html
* https://www.suse.com/security/cve/CVE-2021-47211.html
* https://www.suse.com/security/cve/CVE-2021-47212.html
* https://www.suse.com/security/cve/CVE-2021-47214.html
* https://www.suse.com/security/cve/CVE-2021-47215.html
* https://www.suse.com/security/cve/CVE-2021-47216.html
* https://www.suse.com/security/cve/CVE-2021-47217.html
* https://www.suse.com/security/cve/CVE-2021-47218.html
* https://www.suse.com/security/cve/CVE-2021-47219.html
* https://www.suse.com/security/cve/CVE-2022-48631.html
* https://www.suse.com/security/cve/CVE-2022-48632.html
* https://www.suse.com/security/cve/CVE-2022-48634.html
* https://www.suse.com/security/cve/CVE-2022-48636.html
* https://www.suse.com/security/cve/CVE-2022-48637.html
* https://www.suse.com/security/cve/CVE-2022-48638.html
* https://www.suse.com/security/cve/CVE-2022-48639.html
* https://www.suse.com/security/cve/CVE-2022-48640.html
* https://www.suse.com/security/cve/CVE-2022-48642.html
* https://www.suse.com/security/cve/CVE-2022-48644.html
* https://www.suse.com/security/cve/CVE-2022-48646.html
* https://www.suse.com/security/cve/CVE-2022-48647.html
* https://www.suse.com/security/cve/CVE-2022-48648.html
* https://www.suse.com/security/cve/CVE-2022-48650.html
* https://www.suse.com/security/cve/CVE-2022-48651.html
* https://www.suse.com/security/cve/CVE-2022-48652.html
* https://www.suse.com/security/cve/CVE-2022-48653.html
* https://www.suse.com/security/cve/CVE-2022-48654.html
* https://www.suse.com/security/cve/CVE-2022-48655.html
* https://www.suse.com/security/cve/CVE-2022-48656.html
* https://www.suse.com/security/cve/CVE-2022-48657.html
* https://www.suse.com/security/cve/CVE-2022-48658.html
* https://www.suse.com/security/cve/CVE-2022-48659.html
* https://www.suse.com/security/cve/CVE-2022-48660.html
* https://www.suse.com/security/cve/CVE-2022-48662.html
* https://www.suse.com/security/cve/CVE-2022-48663.html
* https://www.suse.com/security/cve/CVE-2022-48667.html
* https://www.suse.com/security/cve/CVE-2022-48668.html
* https://www.suse.com/security/cve/CVE-2022-48671.html
* https://www.suse.com/security/cve/CVE-2022-48672.html
* https://www.suse.com/security/cve/CVE-2022-48673.html
* https://www.suse.com/security/cve/CVE-2022-48675.html
* https://www.suse.com/security/cve/CVE-2022-48686.html
* https://www.suse.com/security/cve/CVE-2022-48687.html
* https://www.suse.com/security/cve/CVE-2022-48688.html
* https://www.suse.com/security/cve/CVE-2022-48690.html
* https://www.suse.com/security/cve/CVE-2022-48692.html
* https://www.suse.com/security/cve/CVE-2022-48693.html
* https://www.suse.com/security/cve/CVE-2022-48694.html
* https://www.suse.com/security/cve/CVE-2022-48695.html
* https://www.suse.com/security/cve/CVE-2022-48697.html
* https://www.suse.com/security/cve/CVE-2022-48698.html
* https://www.suse.com/security/cve/CVE-2022-48700.html
* https://www.suse.com/security/cve/CVE-2022-48701.html
* https://www.suse.com/security/cve/CVE-2022-48702.html
* https://www.suse.com/security/cve/CVE-2022-48703.html
* https://www.suse.com/security/cve/CVE-2022-48704.html
* https://www.suse.com/security/cve/CVE-2023-2860.html
* https://www.suse.com/security/cve/CVE-2023-52488.html
* https://www.suse.com/security/cve/CVE-2023-52503.html
* https://www.suse.com/security/cve/CVE-2023-52561.html
* https://www.suse.com/security/cve/CVE-2023-52585.html
* https://www.suse.com/security/cve/CVE-2023-52589.html
* https://www.suse.com/security/cve/CVE-2023-52590.html
* https://www.suse.com/security/cve/CVE-2023-52591.html
* https://www.suse.com/security/cve/CVE-2023-52593.html
* https://www.suse.com/security/cve/CVE-2023-52614.html
* https://www.suse.com/security/cve/CVE-2023-52616.html
* https://www.suse.com/security/cve/CVE-2023-52620.html
* https://www.suse.com/security/cve/CVE-2023-52627.html
* https://www.suse.com/security/cve/CVE-2023-52635.html
* https://www.suse.com/security/cve/CVE-2023-52636.html
* https://www.suse.com/security/cve/CVE-2023-52645.html
* https://www.suse.com/security/cve/CVE-2023-52652.html
* https://www.suse.com/security/cve/CVE-2023-6270.html
* https://www.suse.com/security/cve/CVE-2024-0639.html
* https://www.suse.com/security/cve/CVE-2024-0841.html
* https://www.suse.com/security/cve/CVE-2024-22099.html
* https://www.suse.com/security/cve/CVE-2024-23307.html
* https://www.suse.com/security/cve/CVE-2024-23848.html
* https://www.suse.com/security/cve/CVE-2024-23850.html
* https://www.suse.com/security/cve/CVE-2024-26601.html
* https://www.suse.com/security/cve/CVE-2024-26610.html
* https://www.suse.com/security/cve/CVE-2024-26656.html
* https://www.suse.com/security/cve/CVE-2024-26660.html
* https://www.suse.com/security/cve/CVE-2024-26671.html
* https://www.suse.com/security/cve/CVE-2024-26673.html
* https://www.suse.com/security/cve/CVE-2024-26675.html
* https://www.suse.com/security/cve/CVE-2024-26680.html
* https://www.suse.com/security/cve/CVE-2024-26681.html
* https://www.suse.com/security/cve/CVE-2024-26684.html
* https://www.suse.com/security/cve/CVE-2024-26685.html
* https://www.suse.com/security/cve/CVE-2024-26687.html
* https://www.suse.com/security/cve/CVE-2024-26688.html
* https://www.suse.com/security/cve/CVE-2024-26689.html
* https://www.suse.com/security/cve/CVE-2024-26696.html
* https://www.suse.com/security/cve/CVE-2024-26697.html
* https://www.suse.com/security/cve/CVE-2024-26702.html
* https://www.suse.com/security/cve/CVE-2024-26704.html
* https://www.suse.com/security/cve/CVE-2024-26718.html
* https://www.suse.com/security/cve/CVE-2024-26722.html
* https://www.suse.com/security/cve/CVE-2024-26727.html
* https://www.suse.com/security/cve/CVE-2024-26733.html
* https://www.suse.com/security/cve/CVE-2024-26736.html
* https://www.suse.com/security/cve/CVE-2024-26737.html
* https://www.suse.com/security/cve/CVE-2024-26739.html
* https://www.suse.com/security/cve/CVE-2024-26743.html
* https://www.suse.com/security/cve/CVE-2024-26744.html
* https://www.suse.com/security/cve/CVE-2024-26745.html
* https://www.suse.com/security/cve/CVE-2024-26747.html
* https://www.suse.com/security/cve/CVE-2024-26749.html
* https://www.suse.com/security/cve/CVE-2024-26751.html
* https://www.suse.com/security/cve/CVE-2024-26754.html
* https://www.suse.com/security/cve/CVE-2024-26760.html
* https://www.suse.com/security/cve/CVE-2024-26763.html
* https://www.suse.com/security/cve/CVE-2024-26764.html
* https://www.suse.com/security/cve/CVE-2024-26766.html
* https://www.suse.com/security/cve/CVE-2024-26769.html
* https://www.suse.com/security/cve/CVE-2024-26771.html
* https://www.suse.com/security/cve/CVE-2024-26772.html
* https://www.suse.com/security/cve/CVE-2024-26773.html
* https://www.suse.com/security/cve/CVE-2024-26776.html
* https://www.suse.com/security/cve/CVE-2024-26779.html
* https://www.suse.com/security/cve/CVE-2024-26783.html
* https://www.suse.com/security/cve/CVE-2024-26787.html
* https://www.suse.com/security/cve/CVE-2024-26790.html
* https://www.suse.com/security/cve/CVE-2024-26792.html
* https://www.suse.com/security/cve/CVE-2024-26793.html
* https://www.suse.com/security/cve/CVE-2024-26798.html
* https://www.suse.com/security/cve/CVE-2024-26805.html
* https://www.suse.com/security/cve/CVE-2024-26807.html
* https://www.suse.com/security/cve/CVE-2024-26816.html
* https://www.suse.com/security/cve/CVE-2024-26817.html
* https://www.suse.com/security/cve/CVE-2024-26820.html
* https://www.suse.com/security/cve/CVE-2024-26825.html
* https://www.suse.com/security/cve/CVE-2024-26830.html
* https://www.suse.com/security/cve/CVE-2024-26833.html
* https://www.suse.com/security/cve/CVE-2024-26836.html
* https://www.suse.com/security/cve/CVE-2024-26843.html
* https://www.suse.com/security/cve/CVE-2024-26848.html
* https://www.suse.com/security/cve/CVE-2024-26852.html
* https://www.suse.com/security/cve/CVE-2024-26853.html
* https://www.suse.com/security/cve/CVE-2024-26855.html
* https://www.suse.com/security/cve/CVE-2024-26856.html
* https://www.suse.com/security/cve/CVE-2024-26857.html
* https://www.suse.com/security/cve/CVE-2024-26861.html
* https://www.suse.com/security/cve/CVE-2024-26862.html
* https://www.suse.com/security/cve/CVE-2024-26866.html
* https://www.suse.com/security/cve/CVE-2024-26872.html
* https://www.suse.com/security/cve/CVE-2024-26875.html
* https://www.suse.com/security/cve/CVE-2024-26878.html
* https://www.suse.com/security/cve/CVE-2024-26879.html
* https://www.suse.com/security/cve/CVE-2024-26881.html
* https://www.suse.com/security/cve/CVE-2024-26882.html
* https://www.suse.com/security/cve/CVE-2024-26883.html
* https://www.suse.com/security/cve/CVE-2024-26884.html
* https://www.suse.com/security/cve/CVE-2024-26885.html
* https://www.suse.com/security/cve/CVE-2024-26891.html
* https://www.suse.com/security/cve/CVE-2024-26893.html
* https://www.suse.com/security/cve/CVE-2024-26895.html
* https://www.suse.com/security/cve/CVE-2024-26896.html
* https://www.suse.com/security/cve/CVE-2024-26897.html
* https://www.suse.com/security/cve/CVE-2024-26898.html
* https://www.suse.com/security/cve/CVE-2024-26901.html
* https://www.suse.com/security/cve/CVE-2024-26903.html
* https://www.suse.com/security/cve/CVE-2024-26917.html
* https://www.suse.com/security/cve/CVE-2024-26927.html
* https://www.suse.com/security/cve/CVE-2024-26948.html
* https://www.suse.com/security/cve/CVE-2024-26950.html
* https://www.suse.com/security/cve/CVE-2024-26951.html
* https://www.suse.com/security/cve/CVE-2024-26955.html
* https://www.suse.com/security/cve/CVE-2024-26956.html
* https://www.suse.com/security/cve/CVE-2024-26960.html
* https://www.suse.com/security/cve/CVE-2024-26965.html
* https://www.suse.com/security/cve/CVE-2024-26966.html
* https://www.suse.com/security/cve/CVE-2024-26969.html
* https://www.suse.com/security/cve/CVE-2024-26970.html
* https://www.suse.com/security/cve/CVE-2024-26972.html
* https://www.suse.com/security/cve/CVE-2024-26981.html
* https://www.suse.com/security/cve/CVE-2024-26982.html
* https://www.suse.com/security/cve/CVE-2024-26993.html
* https://www.suse.com/security/cve/CVE-2024-27013.html
* https://www.suse.com/security/cve/CVE-2024-27014.html
* https://www.suse.com/security/cve/CVE-2024-27030.html
* https://www.suse.com/security/cve/CVE-2024-27038.html
* https://www.suse.com/security/cve/CVE-2024-27039.html
* https://www.suse.com/security/cve/CVE-2024-27041.html
* https://www.suse.com/security/cve/CVE-2024-27043.html
* https://www.suse.com/security/cve/CVE-2024-27046.html
* https://www.suse.com/security/cve/CVE-2024-27056.html
* https://www.suse.com/security/cve/CVE-2024-27062.html
* https://www.suse.com/security/cve/CVE-2024-27389.html
* https://bugzilla.suse.com/show_bug.cgi?id=1177529
* https://bugzilla.suse.com/show_bug.cgi?id=1192145
* https://bugzilla.suse.com/show_bug.cgi?id=1211592
* https://bugzilla.suse.com/show_bug.cgi?id=1217408
* https://bugzilla.suse.com/show_bug.cgi?id=1218562
* https://bugzilla.suse.com/show_bug.cgi?id=1218917
* https://bugzilla.suse.com/show_bug.cgi?id=1219104
* https://bugzilla.suse.com/show_bug.cgi?id=1219126
* https://bugzilla.suse.com/show_bug.cgi?id=1219169
* https://bugzilla.suse.com/show_bug.cgi?id=1219170
* https://bugzilla.suse.com/show_bug.cgi?id=1219264
* https://bugzilla.suse.com/show_bug.cgi?id=1220342
* https://bugzilla.suse.com/show_bug.cgi?id=1220569
* https://bugzilla.suse.com/show_bug.cgi?id=1220761
* https://bugzilla.suse.com/show_bug.cgi?id=1220901
* https://bugzilla.suse.com/show_bug.cgi?id=1220915
* https://bugzilla.suse.com/show_bug.cgi?id=1220935
* https://bugzilla.suse.com/show_bug.cgi?id=1221042
* https://bugzilla.suse.com/show_bug.cgi?id=1221044
* https://bugzilla.suse.com/show_bug.cgi?id=1221080
* https://bugzilla.suse.com/show_bug.cgi?id=1221084
* https://bugzilla.suse.com/show_bug.cgi?id=1221088
* https://bugzilla.suse.com/show_bug.cgi?id=1221162
* https://bugzilla.suse.com/show_bug.cgi?id=1221299
* https://bugzilla.suse.com/show_bug.cgi?id=1221612
* https://bugzilla.suse.com/show_bug.cgi?id=1221617
* https://bugzilla.suse.com/show_bug.cgi?id=1221645
* https://bugzilla.suse.com/show_bug.cgi?id=1221791
* https://bugzilla.suse.com/show_bug.cgi?id=1221825
* https://bugzilla.suse.com/show_bug.cgi?id=1222011
* https://bugzilla.suse.com/show_bug.cgi?id=1222051
* https://bugzilla.suse.com/show_bug.cgi?id=1222247
* https://bugzilla.suse.com/show_bug.cgi?id=1222266
* https://bugzilla.suse.com/show_bug.cgi?id=1222294
* https://bugzilla.suse.com/show_bug.cgi?id=1222307
* https://bugzilla.suse.com/show_bug.cgi?id=1222357
* https://bugzilla.suse.com/show_bug.cgi?id=1222368
* https://bugzilla.suse.com/show_bug.cgi?id=1222379
* https://bugzilla.suse.com/show_bug.cgi?id=1222416
* https://bugzilla.suse.com/show_bug.cgi?id=1222422
* https://bugzilla.suse.com/show_bug.cgi?id=1222424
* https://bugzilla.suse.com/show_bug.cgi?id=1222427
* https://bugzilla.suse.com/show_bug.cgi?id=1222428
* https://bugzilla.suse.com/show_bug.cgi?id=1222430
* https://bugzilla.suse.com/show_bug.cgi?id=1222431
* https://bugzilla.suse.com/show_bug.cgi?id=1222435
* https://bugzilla.suse.com/show_bug.cgi?id=1222437
* https://bugzilla.suse.com/show_bug.cgi?id=1222445
* https://bugzilla.suse.com/show_bug.cgi?id=1222449
* https://bugzilla.suse.com/show_bug.cgi?id=1222482
* https://bugzilla.suse.com/show_bug.cgi?id=1222503
* https://bugzilla.suse.com/show_bug.cgi?id=1222520
* https://bugzilla.suse.com/show_bug.cgi?id=1222536
* https://bugzilla.suse.com/show_bug.cgi?id=1222549
* https://bugzilla.suse.com/show_bug.cgi?id=1222550
* https://bugzilla.suse.com/show_bug.cgi?id=1222557
* https://bugzilla.suse.com/show_bug.cgi?id=1222559
* https://bugzilla.suse.com/show_bug.cgi?id=1222585
* https://bugzilla.suse.com/show_bug.cgi?id=1222586
* https://bugzilla.suse.com/show_bug.cgi?id=1222596
* https://bugzilla.suse.com/show_bug.cgi?id=1222609
* https://bugzilla.suse.com/show_bug.cgi?id=1222610
* https://bugzilla.suse.com/show_bug.cgi?id=1222613
* https://bugzilla.suse.com/show_bug.cgi?id=1222615
* https://bugzilla.suse.com/show_bug.cgi?id=1222618
* https://bugzilla.suse.com/show_bug.cgi?id=1222624
* https://bugzilla.suse.com/show_bug.cgi?id=1222630
* https://bugzilla.suse.com/show_bug.cgi?id=1222632
* https://bugzilla.suse.com/show_bug.cgi?id=1222660
* https://bugzilla.suse.com/show_bug.cgi?id=1222662
* https://bugzilla.suse.com/show_bug.cgi?id=1222664
* https://bugzilla.suse.com/show_bug.cgi?id=1222666
* https://bugzilla.suse.com/show_bug.cgi?id=1222669
* https://bugzilla.suse.com/show_bug.cgi?id=1222671
* https://bugzilla.suse.com/show_bug.cgi?id=1222677
* https://bugzilla.suse.com/show_bug.cgi?id=1222678
* https://bugzilla.suse.com/show_bug.cgi?id=1222680
* https://bugzilla.suse.com/show_bug.cgi?id=1222703
* https://bugzilla.suse.com/show_bug.cgi?id=1222704
* https://bugzilla.suse.com/show_bug.cgi?id=1222706
* https://bugzilla.suse.com/show_bug.cgi?id=1222709
* https://bugzilla.suse.com/show_bug.cgi?id=1222710
* https://bugzilla.suse.com/show_bug.cgi?id=1222720
* https://bugzilla.suse.com/show_bug.cgi?id=1222721
* https://bugzilla.suse.com/show_bug.cgi?id=1222724
* https://bugzilla.suse.com/show_bug.cgi?id=1222726
* https://bugzilla.suse.com/show_bug.cgi?id=1222727
* https://bugzilla.suse.com/show_bug.cgi?id=1222764
* https://bugzilla.suse.com/show_bug.cgi?id=1222772
* https://bugzilla.suse.com/show_bug.cgi?id=1222773
* https://bugzilla.suse.com/show_bug.cgi?id=1222776
* https://bugzilla.suse.com/show_bug.cgi?id=1222781
* https://bugzilla.suse.com/show_bug.cgi?id=1222784
* https://bugzilla.suse.com/show_bug.cgi?id=1222785
* https://bugzilla.suse.com/show_bug.cgi?id=1222787
* https://bugzilla.suse.com/show_bug.cgi?id=1222790
* https://bugzilla.suse.com/show_bug.cgi?id=1222791
* https://bugzilla.suse.com/show_bug.cgi?id=1222792
* https://bugzilla.suse.com/show_bug.cgi?id=1222796
* https://bugzilla.suse.com/show_bug.cgi?id=1222798
* https://bugzilla.suse.com/show_bug.cgi?id=1222801
* https://bugzilla.suse.com/show_bug.cgi?id=1222812
* https://bugzilla.suse.com/show_bug.cgi?id=1222824
* https://bugzilla.suse.com/show_bug.cgi?id=1222829
* https://bugzilla.suse.com/show_bug.cgi?id=1222832
* https://bugzilla.suse.com/show_bug.cgi?id=1222836
* https://bugzilla.suse.com/show_bug.cgi?id=1222838
* https://bugzilla.suse.com/show_bug.cgi?id=1222866
* https://bugzilla.suse.com/show_bug.cgi?id=1222867
* https://bugzilla.suse.com/show_bug.cgi?id=1222869
* https://bugzilla.suse.com/show_bug.cgi?id=1222876
* https://bugzilla.suse.com/show_bug.cgi?id=1222878
* https://bugzilla.suse.com/show_bug.cgi?id=1222879
* https://bugzilla.suse.com/show_bug.cgi?id=1222881
* https://bugzilla.suse.com/show_bug.cgi?id=1222883
* https://bugzilla.suse.com/show_bug.cgi?id=1222888
* https://bugzilla.suse.com/show_bug.cgi?id=1222894
* https://bugzilla.suse.com/show_bug.cgi?id=1222901
* https://bugzilla.suse.com/show_bug.cgi?id=1222968
* https://bugzilla.suse.com/show_bug.cgi?id=1223012
* https://bugzilla.suse.com/show_bug.cgi?id=1223014
* https://bugzilla.suse.com/show_bug.cgi?id=1223016
* https://bugzilla.suse.com/show_bug.cgi?id=1223024
* https://bugzilla.suse.com/show_bug.cgi?id=1223030
* https://bugzilla.suse.com/show_bug.cgi?id=1223033
* https://bugzilla.suse.com/show_bug.cgi?id=1223034
* https://bugzilla.suse.com/show_bug.cgi?id=1223035
* https://bugzilla.suse.com/show_bug.cgi?id=1223036
* https://bugzilla.suse.com/show_bug.cgi?id=1223037
* https://bugzilla.suse.com/show_bug.cgi?id=1223041
* https://bugzilla.suse.com/show_bug.cgi?id=1223042
* https://bugzilla.suse.com/show_bug.cgi?id=1223051
* https://bugzilla.suse.com/show_bug.cgi?id=1223052
* https://bugzilla.suse.com/show_bug.cgi?id=1223056
* https://bugzilla.suse.com/show_bug.cgi?id=1223057
* https://bugzilla.suse.com/show_bug.cgi?id=1223058
* https://bugzilla.suse.com/show_bug.cgi?id=1223060
* https://bugzilla.suse.com/show_bug.cgi?id=1223061
* https://bugzilla.suse.com/show_bug.cgi?id=1223065
* https://bugzilla.suse.com/show_bug.cgi?id=1223066
* https://bugzilla.suse.com/show_bug.cgi?id=1223067
* https://bugzilla.suse.com/show_bug.cgi?id=1223068
* https://bugzilla.suse.com/show_bug.cgi?id=1223076
* https://bugzilla.suse.com/show_bug.cgi?id=1223078
* https://bugzilla.suse.com/show_bug.cgi?id=1223111
* https://bugzilla.suse.com/show_bug.cgi?id=1223115
* https://bugzilla.suse.com/show_bug.cgi?id=1223118
* https://bugzilla.suse.com/show_bug.cgi?id=1223187
* https://bugzilla.suse.com/show_bug.cgi?id=1223189
* https://bugzilla.suse.com/show_bug.cgi?id=1223190
* https://bugzilla.suse.com/show_bug.cgi?id=1223191
* https://bugzilla.suse.com/show_bug.cgi?id=1223196
* https://bugzilla.suse.com/show_bug.cgi?id=1223197
* https://bugzilla.suse.com/show_bug.cgi?id=1223198
* https://bugzilla.suse.com/show_bug.cgi?id=1223275
* https://bugzilla.suse.com/show_bug.cgi?id=1223323
* https://bugzilla.suse.com/show_bug.cgi?id=1223369
* https://bugzilla.suse.com/show_bug.cgi?id=1223380
* https://bugzilla.suse.com/show_bug.cgi?id=1223473
* https://bugzilla.suse.com/show_bug.cgi?id=1223474
* https://bugzilla.suse.com/show_bug.cgi?id=1223475
* https://bugzilla.suse.com/show_bug.cgi?id=1223477
* https://bugzilla.suse.com/show_bug.cgi?id=1223478
* https://bugzilla.suse.com/show_bug.cgi?id=1223479
* https://bugzilla.suse.com/show_bug.cgi?id=1223481
* https://bugzilla.suse.com/show_bug.cgi?id=1223482
* https://bugzilla.suse.com/show_bug.cgi?id=1223484
* https://bugzilla.suse.com/show_bug.cgi?id=1223487
* https://bugzilla.suse.com/show_bug.cgi?id=1223490
* https://bugzilla.suse.com/show_bug.cgi?id=1223496
* https://bugzilla.suse.com/show_bug.cgi?id=1223498
* https://bugzilla.suse.com/show_bug.cgi?id=1223499
* https://bugzilla.suse.com/show_bug.cgi?id=1223501
* https://bugzilla.suse.com/show_bug.cgi?id=1223502
* https://bugzilla.suse.com/show_bug.cgi?id=1223503
* https://bugzilla.suse.com/show_bug.cgi?id=1223505
* https://bugzilla.suse.com/show_bug.cgi?id=1223509
* https://bugzilla.suse.com/show_bug.cgi?id=1223511
* https://bugzilla.suse.com/show_bug.cgi?id=1223512
* https://bugzilla.suse.com/show_bug.cgi?id=1223513
* https://bugzilla.suse.com/show_bug.cgi?id=1223516
* https://bugzilla.suse.com/show_bug.cgi?id=1223517
* https://bugzilla.suse.com/show_bug.cgi?id=1223518
* https://bugzilla.suse.com/show_bug.cgi?id=1223519
* https://bugzilla.suse.com/show_bug.cgi?id=1223520
* https://bugzilla.suse.com/show_bug.cgi?id=1223522
* https://bugzilla.suse.com/show_bug.cgi?id=1223523
* https://bugzilla.suse.com/show_bug.cgi?id=1223525
* https://bugzilla.suse.com/show_bug.cgi?id=1223539
* https://bugzilla.suse.com/show_bug.cgi?id=1223574
* https://bugzilla.suse.com/show_bug.cgi?id=1223595
* https://bugzilla.suse.com/show_bug.cgi?id=1223598
* https://bugzilla.suse.com/show_bug.cgi?id=1223634
* https://bugzilla.suse.com/show_bug.cgi?id=1223643
* https://bugzilla.suse.com/show_bug.cgi?id=1223644
* https://bugzilla.suse.com/show_bug.cgi?id=1223645
* https://bugzilla.suse.com/show_bug.cgi?id=1223646
* https://bugzilla.suse.com/show_bug.cgi?id=1223648
* https://bugzilla.suse.com/show_bug.cgi?id=1223655
* https://bugzilla.suse.com/show_bug.cgi?id=1223657
* https://bugzilla.suse.com/show_bug.cgi?id=1223660
* https://bugzilla.suse.com/show_bug.cgi?id=1223661
* https://bugzilla.suse.com/show_bug.cgi?id=1223663
* https://bugzilla.suse.com/show_bug.cgi?id=1223664
* https://bugzilla.suse.com/show_bug.cgi?id=1223668
* https://bugzilla.suse.com/show_bug.cgi?id=1223686
* https://bugzilla.suse.com/show_bug.cgi?id=1223693
* https://bugzilla.suse.com/show_bug.cgi?id=1223705
* https://bugzilla.suse.com/show_bug.cgi?id=1223714
* https://bugzilla.suse.com/show_bug.cgi?id=1223735
* https://bugzilla.suse.com/show_bug.cgi?id=1223745
* https://bugzilla.suse.com/show_bug.cgi?id=1223784
* https://bugzilla.suse.com/show_bug.cgi?id=1223785
* https://bugzilla.suse.com/show_bug.cgi?id=1223790
* https://bugzilla.suse.com/show_bug.cgi?id=1223816
* https://bugzilla.suse.com/show_bug.cgi?id=1223821
* https://bugzilla.suse.com/show_bug.cgi?id=1223822
* https://bugzilla.suse.com/show_bug.cgi?id=1223824
* https://bugzilla.suse.com/show_bug.cgi?id=1223827
* https://bugzilla.suse.com/show_bug.cgi?id=1223834
* https://bugzilla.suse.com/show_bug.cgi?id=1223875
* https://bugzilla.suse.com/show_bug.cgi?id=1223876
* https://bugzilla.suse.com/show_bug.cgi?id=1223877
* https://bugzilla.suse.com/show_bug.cgi?id=1223878
* https://bugzilla.suse.com/show_bug.cgi?id=1223879
* https://bugzilla.suse.com/show_bug.cgi?id=1223894
* https://bugzilla.suse.com/show_bug.cgi?id=1223921
* https://bugzilla.suse.com/show_bug.cgi?id=1223922
* https://bugzilla.suse.com/show_bug.cgi?id=1223923
* https://bugzilla.suse.com/show_bug.cgi?id=1223924
* https://bugzilla.suse.com/show_bug.cgi?id=1223929
* https://bugzilla.suse.com/show_bug.cgi?id=1223931
* https://bugzilla.suse.com/show_bug.cgi?id=1223932
* https://bugzilla.suse.com/show_bug.cgi?id=1223934
* https://bugzilla.suse.com/show_bug.cgi?id=1223941
* https://bugzilla.suse.com/show_bug.cgi?id=1223948
* https://bugzilla.suse.com/show_bug.cgi?id=1223949
* https://bugzilla.suse.com/show_bug.cgi?id=1223950
* https://bugzilla.suse.com/show_bug.cgi?id=1223951
* https://bugzilla.suse.com/show_bug.cgi?id=1223952
* https://bugzilla.suse.com/show_bug.cgi?id=1223953
* https://bugzilla.suse.com/show_bug.cgi?id=1223956
* https://bugzilla.suse.com/show_bug.cgi?id=1223957
* https://bugzilla.suse.com/show_bug.cgi?id=1223960
* https://bugzilla.suse.com/show_bug.cgi?id=1223962
* https://bugzilla.suse.com/show_bug.cgi?id=1223963
* https://bugzilla.suse.com/show_bug.cgi?id=1223964
* https://jira.suse.com/browse/PED-7167
* https://jira.suse.com/browse/PED-7619



SUSE-SU-2024:1639-1: important: Security update for python-arcomplete, python-Fabric, python-PyGithub, python-antlr4-python3-runtime, python-avro, python-chardet, python-distro, python-d ...


# Security update for python-arcomplete, python-Fabric, python-PyGithub, python-
antlr4-python3-runtime, python-avro, python-chardet, python-distro, python-
docker, python-fakeredis, python-fixedint, pyth

Announcement ID: SUSE-SU-2024:1639-1
Rating: important
References:

* bsc#1209571
* bsc#1209811
* bsc#1209812
* bsc#1216606
* bsc#1222880
* bsc#761162

Cross-References:

* CVE-2023-28858
* CVE-2023-28859

CVSS scores:

* CVE-2023-28858 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-28858 ( NVD ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-28859 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-28859 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* Public Cloud Module 15-SP4
* Public Cloud Module 15-SP5
* Python 3 Module 15-SP5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves two vulnerabilities and has four security fixes can now be
installed.

## Description:

This update for python-argcomplete, python-Fabric, python-PyGithub, python-
antlr4-python3-runtime, python-avro, python-chardet, python-distro, python-
docker, python-fakeredis, python-fixedint, python-httplib2, python-httpretty,
python-javaproperties, python-jsondiff, python-knack, python-marshmallow,
python-opencensus, python-opencensus-context, python-opencensus-ext-threading,
python-opentelemetry-api, python-opentelemetry-sdk, python-opentelemetry-
semantic-conventions, python-opentelemetry-test-utils, python-pycomposefile,
python-pydash, python-redis, python-retrying, python-semver, python-sshtunnel,
python-strictyaml, python-sure, python-vcrpy, python-xmltodict contains the
following fixes:

Changes in python-argcomplete \- Update to 3.3.0 (bsc#1222880): * Preserve
compatibility with argparse option tuples of length 4. This update is required
to use argcomplete on Python 3.11.9+ or 3.12.3+. \- update to 3.2.3: * Allow
register-python-argcomplete output to be used as lazy-loaded zsh completion
module (#475) \- Move debug_stream initialization to helper method to allow fd 9
behavior to be overridden in subclasses (#471)

* update to 3.2.2:
* Expand tilde in zsh

* Remove coverage check

* Fix zsh test failures: avoid coloring terminal

* update to 3.2.1:

* Allow explicit zsh global completion activation (#467)
* Fix and test global completion in zsh (#463, #466)
* Add ā€“yes option to activate-global-python-argcomplete (#461)
* Test suite improvements
* drop without_zsh.patch: obsolete

* update to 3.1.6:

* Respect user choice in activate-global-python-argcomplete
* Escape colon in zsh completions. Fixes #456
* Call _default as a fallback in zsh global completion

* update to 3.1.4:

* Call _default as a fallback in zsh global completion
* zsh: Allow to use external script (#453)
* Add support for Python 3.12 and drop EOL 3.6 and 3.7 (#449)
* Use homebrew prefix by default
* zsh: Allow to use external script (#453)

Changes in python-Fabric: \- Update to 3.2.2 \- add fix-test-deps.patch to
remove vendored dependencies *[Bug]: fabric.runners.Remote failed to properly
deregister its SIGWINCH signal handler on shutdown; in rare situations this
could cause tracebacks when the Python process receives SIGWINCH while no remote
session is active. This has been fixed. * [Bug] #2204: The signal handling
functionality added in Fabric 2.6 caused unrecoverable tracebacks when invoked
from inside a thread (such as the use of fabric.group.ThreadingGroup) under
certain interpreter versions. This has been fixed by simply refusing to register
signal handlers when not in the main thread. Thanks to Francesco Giordano and
others for the reports. * [Bug]: Neglected to actually add deprecated to our
runtime dependency specification (it was still in our development dependencies).
This has been fixed. * [Feature]: Enhanced fabric.testing in ways large and
small: Backwards-compatibly merged the functionality of MockSFTP into MockRemote
(may be opted-into by instantiating the latter with enable_sftp=True) so you can
mock out both SSH and SFTP functionality in the same test, which was previously
impossible. It also means you can use this in a Pytest autouse fixture to
prevent any tests from accidentally hitting the network! A new pytest fixture,
remote_with_sftp, has been added which leverages the previous bullet point (an
all-in-one fixture suitable for, eg, preventing any incidental ssh/sftp attempts
during test execution). A pile of documentation and test enhancements (yes,
testing our testing helpers is a thing). * [Support]: Added a new runtime
dependency on the Deprecated library. * [Support]: Language update: applied
s/sanity/safety/g to the codebase (with the few actual API members using the
term now marked deprecated & new ones added in the meantime, mostly in
fabric.testing). * [Feature]: Add a new CLI flag to fab, fab --list-agent-keys,
which will attempt to connect to your local SSH agent and print a key list,
similarly to ssh-add -l. This is mostly useful for expectations-checking Fabric
and Paramikoā€™s agent functionality, or for situations where you might not have
ssh-add handy. * [Feature]: Implement opt-in support for Paramiko 3.2ā€™s
AuthStrategy machinery, as follows: Added a new module and class,
fabric.auth.OpenSSHAuthStrategy, which leverages aforementioned new Paramiko
functionality to marry loaded SSH config files with Fabric-level and runtime-
level parameters, arriving at what should be OpenSSH-client-compatible
authentication behavior. See its API docs for details. Added new configuration
settings: authentication.strategy_class, which defaults to None, but can be set
to OpenSSHAuthStrategy to opt-in to the new behavior. authentication.identities,
which defaults to the empty list, and can be a list of private key paths for use
by the new strategy class. * [Bug] #2263: Explicitly add our dependency on
decorator to setup.py instead of using Invokeā€™s old, now removed, vendored copy
of same. This allows Fabric to happily use Invoke 2.1 and above

* Update to 3.0.1
* [Bug] #2241: A typo prevented Fabricā€™s command runner from properly calling
its superclass stop() method, which in tandem with a related Invoke bug
meant messy or long shutdowns in many scenarios.
* Changes from 3.0.0
* [Feature]: Change the default configuration value for inline_ssh_env from
False to True, to better align with the practicalities of common SSH server
configurations.
* Warning This change is backwards incompatible if you were using environment-variable-setting kwargs or config settings, such as Connection.run(command, env={'SOME': 'ENV VARS'}), and were not already explicitly specifying the value of inline_ssh_env.
* [Bug] #1981: (fixed in #2195) Automatically close any open SFTP session
during fabric.connection.Connection.close; this avoids issues encountered
upon re-opening a previously-closed connection object.
* [Support]: Drop support for Python = 2.x

* Do not use python-boto3 when building in SLE where it's currently not
available for python311

* Add %{?sle15_python_module_pythons}

* skip failing testsuite tests after requests update

* Add patch relax-test-callback-response.patch:

* Relax timeout for test_callback_response (bsc#1209571)

* Add patch 460-miliseconds_tests.patch (gh#gabrielfalcao/HTTPretty#460):

* Correct tests for s390x and aarch64 because of timeout failures after 2
miliseconds

* Fix test suite:

* Remove nose idioms
* Remove outdated test skips

* Add patch double-slash-paths.patch:

* http.request may replace // with /, handle that in the testcase.

* Add 453-fix-tests-pytest.patch (gh#gabrielfalcao/HTTPretty#449) to make
tests compatible with pytest.

* Add patch remove-mock.patch:

* Use unittest.mock in the functional tests.

* specfile:

* update copyright year
* update to version 1.1.4:
* Bugfix: #435 Fallback to WARNING when logging.getLogger().level is None.
* changes from version 1.1.3:
* Bugfix: #430 Respect socket timeout.
* changes from version 1.1.2:
* Bugfix: #426 Segmentation fault when running against a large amount of tests
with pytest --mypy.
* changes from version 1.1.1:
* Bugfix: httpretty.disable() injects pyopenssl into :py:mod:`urllib3` even if
it originally wasn't #417
* Bugfix: "Incompatibility with boto3 S3 put_object" #416
* Bugfix: "Regular expression for URL -> TypeError: wrap_socket() missing 1
required" #413
* Bugfix: "Making requests to non-stadard port throws TimeoutError "#387
* changes from version 1.1.0:
* Feature: Display mismatched URL within UnmockedError whenever possible. #388
* Feature: Display mismatched URL via logging. #419
* Add new properties to :py:class:`httpretty.core.HTTPrettyRequest` (protocol,
host, url, path, method).

* Updater to 1.0.5

* Bugfix: Support socket.socketpair() . #402
* Bugfix: Prevent exceptions from re-applying monkey patches. #406
* Release 1.0.4
* Python 3.8 and 3.9 support. #407

* Update to 1.0.3

* Fix compatibility with urllib3>=1.26. #410

* Replace nose with nose2

* avoid reading DNS resolver settings gh#gabrielfalcao/HTTPretty#405

* remove unnecessary test packages

* Update to 1.0.2

* Drop Python 2 support.
* Fix usage with redis and improve overall real-socket passthrough.
* Fix TypeError: wrap_socket() missing 1 required positional argument: 'sock'.
* Fix simple typo: neighter -> neither.
* Updated documentation for register_uri concerning using ports.
* Clarify relation between `enabled` and `httprettized` in API docs.
* Align signature with builtin socket.

* Version update to 0.9.6:

* Many fixes all around
* Support for python 3.7
* Make sure we really run the tests

* Remove superfluous devel dependency for noarch package

Changes in python-javaproperties: \- Switch package to modern Python Stack on
SLE-15 \+ Add %{?sle15_python_module_pythons}

* version update to 0.8.1 v0.8.1 (2021-10-05)

* * *

* Fix a typing issue in Python 3.9
* Support Python 3.10

v0.8.0 (2020-11-28)

* * *

* Drop support for Python 2.7, 3.4, and 3.5
* Support Python 3.9
* `ensure_ascii` parameter added to `PropertiesFile.dump()` and
`PropertiesFile.dumps()`
* **Bugfix** : When parsing XML input, empty `<entry>` tags now produce
an empty string as a value, not `None`
* Added type annotations
* `Properties` and `PropertiesFile` no longer raise `TypeError` when given a
non-string key or value, as type correctness is now expected to be enforced
through static type checking
* The `PropertiesElement` classes returned by `parse()` are no longer
subclasses of `namedtuple`, but they can still be iterated over to retrieve
their fields like a tuple
* python-six is not required Changes in python-jsondiff:
* Switch build system from setuptools to pyproject.toml
* Add python-pip and python-wheel to BuildRequires
* Replace %python_build with %pyproject_wheel
* Replace %python_install with %pyproject_install
* Limit Python files matched in %files section

* Add %{?sle15_python_module_pythons}

* Update to version 2.0.0

* Removed deprecated function
* Remove deprecated jsondiff entry point
* from version 1.3.1
* Optionally allow different escape_str than '$'
* Clarified the readme, closes #23
* Fixed readme
* Remove jsondiff command from %install, %post, %postun and %files sections
Changes in python-knack:
* Switch package to modern Python Stack on SLE-15
* Add %{?sle15_python_module_pythons}
* Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }}
* Drop %define skip_python2 1

* Update to version 0.11.0

* Declare support for Python 3.11 and drop support for Python 3.7 (#275)
* Stop converting argument's `bool` default value to `DefaultInt` (#273)

* Update to version 0.10.1

* Support bytearray serialization (#268)

* Update to version 0.10.0

* Enable Virtual Terminal mode on legacy Windows terminal to support ANSI
escape sequences (#265)
* Drop Python 3.6 support (#259)

* python-mock is not required for build Changes in python-marshmallow:

* Switch build system from setuptools to pyproject.toml
* Add python-pip and python-wheel to BuildRequires
* Replace %python_build with %pyproject_wheel
* Replace %python_install with %pyproject_install
* Limit Python files matched in %files section

* update to 3.20.2:

* Bug fixes: - Fix Nested field type hint for lambda Schema types
(:pr:`2164`).
* Other changes: - Officially support Python 3.12 (:pr:`2188`).

* update to 3.20.1:

* Fix call to `get_declared_fields`: pass `dict_cls` again
* Add `absolute` parameter to `URL` validator and `Url`
* Use Abstract Base Classes to define `FieldABC` and `SchemaABC`
* Use `OrderedSet` as default `set_class`. Schemas are now ordered by default.
* Handle `OSError` and `OverflowError` in `utils.from_timestamp` (:pr:`2102`).
* Fix the default inheritance of nested partial schemas
* Officially support Python 3.11 (:pr:`2067`).
* Drop support for Python 3.7 (:pr:`2135`).

* Switch documentation to be within the main package on SLE15

* rename docs subpackage to the more common doc name
* Update to 3.19.0
* Add timestamp and timestamp_ms formats to fields.DateTime (#612). Thanks
@vgavro for the suggestion and thanks @vanHoi for the PR.

Changes in python-opencensus: \- Add Obsoletes for old python3 package on SLE-15
\- Switch build system from setuptools to pyproject.toml \+ Add python-pip and
python-wheel to BuildRequires \+ Replace %python_build with %pyproject_wheel \+
Replace %python_install with %pyproject_install \- Update to 0.11.4 * Changed
bit-mapping for `httpx` and `fastapi` integrations \- Refresh patches for new
version * opencensus-pr1002-remove-mock.patch \- Switch package to modern Python
Stack on SLE-15 * Add %{?sle15_python_module_pythons} * Drop
%{?!python_module:%define python_module() python-%{ **} python3-%{** }}

* update to 0.11.3
* Updated azure modules
* sorry, six is still needed :(

* update to 0.11.2:

* Updated `azure`, `fastapi`,`flask` modules
* Updated `azure`, `httpx` modules

* Update to 0.11.0

* Updated `azure`, `context`, `flask`, `requests` modules
* from version 0.10.0
* Add kwargs to derived gauge (#1135)
* from version 0.9.0
* Make sure handler.flush() doesn't deadlock (#1112)
* Refresh patches for new version
* opencensus-pr1002-remove-mock.patch
* Update Requires from setup.py

Changes in python-opencensus-context: \- Clean up the SPEC file \- Switch
package to modern Python Stack on SLE-15 \+ Add %{?sle15_python_module_pythons}
\+ Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }}
\- Update to 0.1.3 * Move `version.py` file into `runtime_context` folder
(#1143) Changes in python-opencensus-ext-threading: \- Switch package to modern
Python Stack on SLE-15 \+ Add %{?sle15_python_module_pythons} \+ Drop
%{?!python_module:%define python_module() python-%{ **} python3-%{** }} \+ Drop
build support for Python 2.x Changes in python-opentelemetry-api: \- update to
1.23.0: * Use Attribute rather than boundattribute in logrecord (#3567) * Fix
flush error when no LoggerProvider configured for LoggingHandler (#3608) * Fix
OTLPMetricExporter ignores preferred_aggregation property (#3603) * Logs: set
observed_timestamp field (#3565) * Add missing Resource SchemaURL in OTLP
exporters (#3652) * Fix loglevel warning text (#3566) * Prometheus Exporter
string representation for target_info labels (#3659) * Logs: ObservedTimestamp
field is missing in console exporter output (#3564) * Fix explicit bucket
histogram aggregation (#3429) * Add code.lineno, code.function and code.filepath
to all logs (#3645) * Add Synchronous Gauge instrument (#3462) * Drop support
for 3.7 (#3668) * Include key in attribute sequence warning (#3639) * Upgrade
markupsafe, Flask and related dependencies to dev and test environments (#3609)
* Handle HTTP 2XX responses as successful in OTLP exporters (#3623) * Improve
Resource Detector timeout messaging (#3645) * Add Proxy classes for logging
(#3575) * Remove dependency on 'backoff' library (#3679)

* update to 1.22.0:
* Prometheus exporter sanitize info metric (#3572)
* Remove Jaeger exporters (#3554)
* Log stacktrace on `UNKNOWN` status OTLP export error (#3536)
* Fix OTLPExporterMixin shutdown timeout period (#3524)
* Handle `taskName` `logrecord` attribute (#3557)

* update to 1.21.0:

* Fix `SumAggregation`(#3390)
* Fix handling of empty metric collection cycles (#3335)
* Fix error when no LoggerProvider configured for LoggingHandler (#3423)
* Make `opentelemetry_metrics_exporter` entrypoint support pull exporters
(#3428)
* Allow instrument names to have '/' and up to 255 characters (#3442)
* Do not load Resource on sdk import (#3447)
* Update semantic conventions to version 1.21.0 (#3251)
* Add missing schema_url in global api for logging and metrics (#3251)
* Prometheus exporter support for auto instrumentation (#3413)
* Modify Prometheus exporter to translate non-monotonic Sums into Gauges
(#3306)
* Update the body type in the log ($3343)
* Add max_scale option to Exponential Bucket Histogram Aggregation (#3323)
* Use BoundedAttributes instead of raw dict to extract attributes from
LogRecord (#3310)
* Support dropped_attributes_count in LogRecord and exporters (#3351)
* Add unit to view instrument selection criteria (#3341)
* Upgrade opentelemetry-proto to 0.20 and regen #3355)
* Include endpoint in Grpc transient error warning #3362)
* Fixed bug where logging export is tracked as trace #3375)
* Select histogram aggregation with an environment variable
* Move Protobuf encoding to its own package (#3169)
* Add experimental feature to detect resource detectors in auto
instrumentation (#3181)
* Fix exporting of ExponentialBucketHistogramAggregation from
opentelemetry.sdk.metrics.view (#3240)
* Fix headers types mismatch for OTLP Exporters (#3226)
* Fix suppress instrumentation for log batch processor (#3223)
* Add speced out environment variables and arguments for
BatchLogRecordProcessor (#3237)

* Fix `ParentBased` sampler for implicit parent spans. Fix also `trace_state` erasure for dropped spans or spans sampled by the `TraceIdRatioBased` sampler. Changes in python-opentelemetry-sdk:
* Add missing python-wheel build dependency to BuildRequires

* update to 1.23.0:

* Use Attribute rather than boundattribute in logrecord (#3567)
* Fix flush error when no LoggerProvider configured for LoggingHandler (#3608)
* Fix OTLPMetricExporter ignores preferred_aggregation property (#3603)
* Logs: set observed_timestamp field (#3565)
* Add missing Resource SchemaURL in OTLP exporters (#3652)
* Fix loglevel warning text (#3566)
* Prometheus Exporter string representation for target_info labels (#3659)
* Logs: ObservedTimestamp field is missing in console exporter output (#3564)
* Fix explicit bucket histogram aggregation (#3429)
* Add code.lineno, code.function and code.filepath to all logs (#3645)
* Add Synchronous Gauge instrument (#3462)
* Drop support for 3.7 (#3668)
* Include key in attribute sequence warning (#3639)
* Upgrade markupsafe, Flask and related dependencies to dev and test
environments (#3609)
* Handle HTTP 2XX responses as successful in OTLP exporters (#3623)
* Improve Resource Detector timeout messaging (#3645)
* Add Proxy classes for logging (#3575)
* Remove dependency on 'backoff' library (#3679)

* update to 1.23.0:

* Use Attribute rather than boundattribute in logrecord (#3567)
* Fix flush error when no LoggerProvider configured for LoggingHandler (#3608)
* Fix OTLPMetricExporter ignores preferred_aggregation property (#3603)
* Logs: set observed_timestamp field (#3565)
* Add missing Resource SchemaURL in OTLP exporters (#3652)
* Fix loglevel warning text (#3566)
* Prometheus Exporter string representation for target_info labels (#3659)
* Logs: ObservedTimestamp field is missing in console exporter output (#3564)
* Fix explicit bucket histogram aggregation (#3429)
* Add code.lineno, code.function and code.filepath to all logs (#3645)
* Add Synchronous Gauge instrument (#3462)
* Drop support for 3.7 (#3668)
* Include key in attribute sequence warning (#3639)
* Upgrade markupsafe, Flask and related dependencies to dev and test
environments (#3609)
* Handle HTTP 2XX responses as successful in OTLP exporters (#3623)
* Improve Resource Detector timeout messaging (#3645)
* Add Proxy classes for logging (#3575)
* Remove dependency on 'backoff' library (#3679)

* Switch package to modern Python Stack on SLE-15

* Add %{?sle15_python_module_pythons}

* Initial package (1.22.0) Changes in python-opentelemetry-semantic-
conventions:

* update to 0.44b0:

* Use Attribute rather than boundattribute in logrecord (#3567)
* Fix flush error when no LoggerProvider configured for LoggingHandler (#3608)
* Fix OTLPMetricExporter ignores preferred_aggregation property (#3603)
* Logs: set observed_timestamp field (#3565)
* Add missing Resource SchemaURL in OTLP exporters (#3652)
* Fix loglevel warning text (#3566)
* Prometheus Exporter string representation for target_info labels (#3659)
* Logs: ObservedTimestamp field is missing in console exporter output (#3564)
* Fix explicit bucket histogram aggregation (#3429)
* Add code.lineno, code.function and code.filepath to all logs (#3645)
* Add Synchronous Gauge instrument (#3462)
* Drop support for 3.7 (#3668)
* Include key in attribute sequence warning (#3639)
* Upgrade markupsafe, Flask and related dependencies to dev and test
environments (#3609)
* Handle HTTP 2XX responses as successful in OTLP exporters (#3623)
* Improve Resource Detector timeout messaging (#3645)
* Add Proxy classes for logging (#3575)
* Remove dependency on 'backoff' library (#3679)

* update to 0.43b0:

* Prometheus exporter sanitize info metric
* Remove Jaeger exporters
* Log stacktrace on `UNKNOWN` status OTLP export error
* Fix OTLPExporterMixin shutdown timeout period
* Handle `taskName` `logrecord` attribute
* Fix `SumAggregation`
* Fix handling of empty metric collection cycles
* Fix error when no LoggerProvider configured for LoggingHandler
* Make `opentelemetry_metrics_exporter` entrypoint support pull exporters
* Allow instrument names to have '/' and up to 255 characters
* Do not load Resource on sdk import
* Update semantic conventions to version 1.21.0
* Add missing schema_url in global api for logging and metrics
* Prometheus exporter support for auto instrumentation
* Drop `setuptools` runtime requirement.
* Update the body type in the log ($3343)
* Add max_scale option to Exponential Bucket Histogram Aggregation
* Use BoundedAttributes instead of raw dict to extract attributes from
LogRecord
* Support dropped_attributes_count in LogRecord and exporters
* Add unit to view instrument selection criteria
* Upgrade opentelemetry-proto to 0.20 and regen #3355)
* Include endpoint in Grpc transient error warning #3362)
* Fixed bug where logging export is tracked as trace #3375)
* Select histogram aggregation with an environment variable
* Move Protobuf encoding to its own package
* Add experimental feature to detect resource detectors in auto
instrumentation
* Fix exporting of ExponentialBucketHistogramAggregation from
opentelemetry.sdk.metrics.view
* Fix headers types mismatch for OTLP Exporters
* Fix suppress instrumentation for log batch processor
* Add speced out environment variables and arguments for
BatchLogRecordProcessor

* Initial build

* Version 0.25b2 Changes in python-opentelemetry-test-utils:

* update to 0.44b0:

* Use Attribute rather than boundattribute in logrecord (#3567)
* Fix flush error when no LoggerProvider configured for LoggingHandler (#3608)
* Fix OTLPMetricExporter ignores preferred_aggregation property (#3603)
* Logs: set observed_timestamp field (#3565)
* Add missing Resource SchemaURL in OTLP exporters (#3652)
* Fix loglevel warning text (#3566)
* Prometheus Exporter string representation for target_info labels (#3659)
* Logs: ObservedTimestamp field is missing in console exporter output (#3564)
* Fix explicit bucket histogram aggregation (#3429)
* Add code.lineno, code.function and code.filepath to all logs (#3645)
* Add Synchronous Gauge instrument (#3462)
* Drop support for 3.7 (#3668)
* Include key in attribute sequence warning (#3639)
* Upgrade markupsafe, Flask and related dependencies to dev and test
environments (#3609)
* Handle HTTP 2XX responses as successful in OTLP exporters (#3623)
* Improve Resource Detector timeout messaging (#3645)
* Add Proxy classes for logging (#3575)
* Remove dependency on 'backoff' library (#3679)

* Initial package (0.43b0) Changes in python-pycomposefile:

* Switch package to modern Python Stack on SLE-15

* Add %{?sle15_python_module_pythons}

* Initial build

* Version 0.0.30 Changes in python-pydash:

* Switch package to modern Python Stack on SLE-15

* Add %{?sle15_python_module_pythons}
* Drop %{?!python_module:%define python_module() python-%{ **} python3-%{** }}

* Update to version 6.0.2

* Only prevent access to object paths containing `__globals__` or
`__builtins__` instead of all dunder-methods for non-dict/list objects.
* from version 6.0.1
* Fix exception raised due to mishandling of non-string keys in functions like
`get()` for non-dict/list objects that used integer index references like
`"[0]"`.
* from version 6.0.0
* Prevent access to object paths containing dunder-methods in functions like
`get()` for non-dict/list objects. Attempting to access dunder-methods using
get-path keys will raise a `KeyError` (e.g. `get(SomeClass(),
'__init__'` will raise). Access to dict keys are unaffected (e.g.
`get({"__init__": True}, "__init__")` will return
`True`). ( **breaking change** )
* Add support for Python 3.11.
* Drop support for Python 3.6 ( **breaking change** )
* from version 5.1.2
* Remove unnecessary type check and conversion for `exceptions` argument in
`pydash.retry`.
* from version 5.1.1
* Add support for Python 3.10.
* Fix timing assertion issue in test for `pydash.delay` where it could fail on
certain environments.
* Switch build system from setuptools to pyproject.toml
* Update BuildRequires from pyproject.toml

* version update to 5.1.0 v5.1.0 (2021-10-02)

* * *

* Support matches-style callbacks on non-dictionary objects that are
compatible with `pydash.get` in functions like `pydash.find`. v5.0.2
(2021-07-15)

* * *

* Fix compatibility issue between `pydash.py_` / `pydash._` and
`typing.Protocol` \+ `typing.runtime_checkable` that caused an exception to
be raised for `isinstance(py_, SomeRuntimeCheckableProtocol)`. v5.0.1
(2021-06-27)

* * *

* Fix bug in `merge_with` that prevented custom iteratee from being used when
recursively merging. Thanks weineel_! v5.0.0 (2021-03-29)

* * *

* Drop support for Python 2.7. ( **breaking change** )
* Improve Unicode word splitting in string functions to be inline with Lodash.
Thanks mervynlee94_! ( **breaking change** )
* `camel_case`
* `human_case`
* `kebab_case`
* `lower_case`
* `pascal_case`
* `separator_case`
* `slugify`
* `snake_case`
* `start_case`
* `upper_case`
* Optimize regular expression constants used in `pydash.strings` by pre-
compiling them to regular expression pattern objects. v4.9.3 (2021-03-03)

* * *

* Fix regression introduced in `v4.8.0` that caused `merge` and `merge_with`
to raise an exception when passing `None` as the first argument. v4.9.2
(2020-12-24)

* * *

* Fix regression introduced in `v4.9.1` that broke `pydash.get` for
dictionaries and dot-delimited keys that reference integer dict-keys. v4.9.1
(2020-12-14)

* * *

* Fix bug in `get/has` that caused `defaultdict` objects to get populated on
key access. v4.9.0 (2020-10-27)

* * *

* Add `default_to_any`. Thanks gonzalonaveira_!
* Fix mishandling of key names containing `\.` in `set_`, `set_with`, and
`update_with` where the `.` was not treated as a literal value within the
key name. Thanks zhaowb_!
* python-mock is not required for build

* Activate test suite

* Update to v4.8.0

* Initial spec for v4.7.6 Changes in python-redis:

* Switch build system from setuptools to pyproject.toml
* Add python-pip and python-wheel to BuildRequires
* Replace %python_build with %pyproject_wheel
* Replace %python_install with %pyproject_install

* add https://github.com/redis/redis-py/pull/3005 as Close-various-objects-
created-during-asyncio-tests.patch to fix tests for python 3.12

* Add patch to increase timeouts in s390x where tests take longer to run:

* increase-test-timeout.patch

* Disable broken tests for ppc64le, bsc#1216606

* Add pytest.ini source needed to run tests

* Remove/disable broken tests because of suse environment

* drop tox.ini. seems it does no longer exist in 5.0.1

* add support to easily disable the testsuite at build time

* update to 5.0.1

* New Features
* Provide aclose() / close() for classes requiring lifetime management (#2898)
* Add support for ModuleCommands in cluster (#2951)
* Add support for multiple values in RPUSHX (#2949)
* Add Redis.from_pool() class method, for explicitly owning and closing a ConnectionPool (#2913)
* Bug Fixes
* Fixing monitor parsing for messages containing specific substrings (#2950)
* Cluster determine slot command name need to be upper (#2919)
* Support timeout = 0 in search query (#2934)
* Fix async sentinel: add push_request keyword argument to read_response (#2922)
* Fix protocol checking for search commands (#2923)
* Fix: SentinelManagedConnection.read_response() got an unexpected keyword argument 'push_request' (#2894)
* Fix: automatically close connection pool for async Sentinel (#2900)
* Save a reference to created async tasks, to avoid tasks potentially disappearing (#2816)
* Avoid reference cycling by the garbage collector during response reading (#2932)
* Maintenance
* Type hint improvements (#2952)
* Replace clear_connect_callbacks with _deregister_connect_callback (#2955)
* Async fixes, remove del and other things (#2870)
* Add pagination, sorting and grouping examples to search json example (#2890)
* Remove process-id checks from asyncio. Asyncio and fork() does not mix. (#2911)
* Fix resource usage and cleanup Mocks in the unit tests (#2936)
* Remove mentions of tox (#2929)
* Add 7.2 to supported Redis versions (#2896)
* Fix resource warnings in unit tests (#2899)
* Fix typo in redis-stream-example.ipynb (#2918)
* Deprecate RedisGraph (#2927)
* Fix redis 7.2.0 tests (#2902)
* Fix test_scorer (search) (#2920)
* changes from 5.0.0
* What's new?
* Triggers and Functions support Triggers and Functions allow you to execute server-side functions triggered when key values are modified or created in Redis, a stream entry arrival, or explicitly calling them. Simply put, you can replace Lua scripts with easy-to-develop JavaScript or TypeScript code. Move your business logic closer to the data to ensure a lower latency, and forget about updating dependent key values manually in your code. Try it for yourself with Quick start
* Full Redis 7.2 and RESP3 support
* Python 3.7 End-of-Life
* Python 3.7 has reached its end-of-life (EOL) as of June
1. This means that starting from this date, Python 3.7 will no longer receive any updates, including security patches, bug fixes, or improvements. If you continue to use Python 3.7 post-EOL, you may expose your projects and systems to potential security vulnerabilities. We ended its support in this version and strongly recommend migrating to Python 3.10.
* Bug Fixes
* Fix timeout retrying on pipeline execution (#2812)
* Fix socket garbage collection (#2859)
* Maintenance
* Updating client license to clear, MIT (#2884)
* Add py.typed in accordance with PEP-561 (#2738)
* Dependabot label change (#2880)
* Fix type hints in SearchCommands (#2817)
* Add sync modules (except search) tests to cluster CI (#2850)
* Fix a duplicate word in CONTRIBUTING.md (#2848)
* Fixing doc builds (#2869)
* Change cluster docker to edge and enable debug command (#2853)
* changes from 4.6.0
* Experimental Features
* Support JSON.MERGE command (#2761)
* Support JSON.MSET command (#2766)
* New Features
* Extract abstract async connection class (#2734)
* Add support for WAITAOF (#2760)
* Introduce OutOfMemoryError exception for Redis write command rejections due to OOM errors (#2778)
* Add WITHSCORE argument to ZRANK (#2758)
* Bug Fixes
* Fix dead weakref in sentinel connection causing ReferenceError (#2767) (#2771)
* Fix Key Error in parse_xinfo_stream (#2788)
* Remove unnecessary **del** handlers (#2755)
* Added support for missing argument to SentinelManagedConnection.read_response() (#2756)
* Maintenance

* Fix type hint for retry_on_error in async cluster (#2804)
* Clean up documents and fix some redirects (#2801)
* Add unit tests for the connect method of all Redis connection classes (#2631)
* Docstring formatting fix (#2796)
* update to 4.5.5:

* Add support for CLIENT NO-TOUCH
* Add support for CLUSTER MYSHARDID
* Add "address_remap" feature to RedisCluster
* Add WITHSCORES argument to ZREVRANK command
* Improve error output for master discovery
* Fix XADD: allow non negative maxlen
* Fix create single connection client from url
* Optionally disable disconnects in read_response
* Fix SLOWLOG GET return value
* Fix potential race condition during disconnection
* Return response in case of KeyError
* Fix incorrect usage of once flag in async Sentinel
* Fix memory leak caused by hiredis in asyncio case
* Really do not use asyncio's timeout lib before 3.11.2

* add sle15_python_module_pythons

* Update to 4.5.4:

* Security
* Cancelling an async future does not, properly trigger, leading to a potential data leak in specific cases. (CVE-2023-28858, bsc#1209811)
* Cancelling an async future does not, properly trigger, leading to a potential data leak in specific cases. (CVE-2023-28859, bsc#1209812)
* New Features
* Introduce AbstractConnection so that UnixDomainSocketConnection can call super().init (#2588)
* Added queue_class to REDIS_ALLOWED_KEYS (#2577)
* Made search document subscriptable (#2615)
* Sped up the protocol parsing (#2596)
* Use hiredis::pack_command to serialized the commands. (#2570)
* Add support for unlink in cluster pipeline (#2562)
* Bug Fixes
* Fixing cancelled async futures (#2666)
* Fix: do not use asyncio's timeout lib before 3.11.2 (#2659)
* Fix UDS in v4.5.2: UnixDomainSocketConnection missing constructor argument (#2630)
* CWE-404 AsyncIO Race Condition Fix (#2624, #2579)
* Fix behaviour of async PythonParser to match RedisParser as for issue #2349 (#2582)
* Replace async_timeout by asyncio.timeout (#2602)
* Update json().arrindex() default values (#2611)
* Fix #2581 UnixDomainSocketConnection object has no attribute _command_packer (#2583)
* Fix issue with pack_commands returning an empty byte sequence (#2416)
* Async HiredisParser should finish parsing after a Connection.disconnect() (#2557)
* Check for none, prior to raising exception (#2569)
* Tuple function cannot be passed more than one argument (#2573)
* Synchronise concurrent command calls to single-client to single-client mode (#2568)
* Async: added 'blocking' argument to call lock method (#2454)
* Added a replacement for the default cluster node in the event of failure. (#2463)
* Fixed geosearch: Wrong number of arguments for geosearch command (#2464)
* Clean up BuildRequires and Requires.

* Disable broken test test_xautoclaim gh#redis/redis-py#2554

* udpate to 4.3.5:
* Add support for TIMESERIES 1.8 (#2296)
* Graph - add counters for removed labels and properties (#2292)
* Add support for TDIGEST.QUANTILE extensions (#2317)
* Add TDIGEST.TRIMMED_MEAN (#2300)
* Add support for async GRAPH module (#2273)
* Support TDIGEST.MERGESTORE and make compression optional on TDIGEST.CREATE
(#2319)
* Adding reserve as an alias for create, so that we have BF.RESERVE and
CF.RESERVE accuratenly supported (#2331)
* Fix async connection.is_connected to return a boolean value (#2278)
* Fix: workaround asyncio bug on connection reset by peer (#2259)
* Fix crash: key expire while search (#2270)
* Async cluster: fix concurrent pipeline (#2280)
* Fix async SEARCH pipeline (#2316)
* Fix KeyError in async cluster - initialize before execute multi key commands
(#2439)
* Supply chain risk reduction: remove dependency on library named deprecated
(#2386)
* Search test - Ignore order of the items in the response (#2322)
* Fix GRAPH.LIST & TDIGEST.QUANTILE tests (#2335)
* Fix TimeSeries range aggregation (twa) tests (#2358)
* Mark TOPK.COUNT as deprecated (#2363)

* update to 4.3.4:

* Fix backward compatibility from 4.3.2 in Lock.acquire()
* Fix XAUTOCLAIM to return the full response, instead of only keys 2+
* Added dynamic_startup_nodes configuration to RedisCluster.
* Fix retries in async mode
* Async cluster: fix simultaneous initialize
* Uppercased commands in CommandsParser.get_keys
* Late eval of the skip condition in async tests
* Reuse the old nodes' connections when a cluster topology refresh is being
done
* Docs: add pipeline examples
* Correct retention_msecs value
* Cluster: use pipeline to execute split commands
* Docs: Add a note about client_setname and client_name difference

* Delete unused redismod.conf, remove duplicate Source entry for tox.ini

* Add redismod.conf and tox.ini as Sources to SPEC file.

* Update to version 4.3.3

* Fix Lock crash, and versioning 4.3.3 (#2210)
* Async cluster: improve docs (#2208)
* Release 4.3.2
* SHUTDOWN - add support for the new NOW, FORCE and ABORT modifiers (#2150)
* Adding pipeline support for async cluster (#2199)
* Support CF.MEXISTS + Clean bf/commands.py (#2184)
* Extending query_params for FT.PROFILE (#2198)
* Implementing ClusterPipeline Lock (#2190)
* Set default response_callbacks to redis.asyncio.cluster.ClusterNode (#2201)
* Add default None for maxlen at xtrim command (#2188)
* Async cluster: add/update typing (#2195)
* Changed list type to single element type (#2203)
* Made sync lock consistent and added types to it (#2137)
* Async cluster: optimisations (#2205)
* Fix typos in README (#2206)
* Fix modules links to https://redis.io/commands/ (#2185)

* Update to version 4.3.1

* Allow negative `retries` for `Retry` class to retry forever
* Add `items` parameter to `hset` signature
* Create codeql-analysis.yml (#1988). Thanks @chayim
* Add limited support for Lua scripting with RedisCluster
* Implement `.lock()` method on RedisCluster
* Fix cursor returned by SCAN for RedisCluster & change default target to PRIMARIES
* Fix scan_iter for RedisCluster
* Remove verbose logging when initializing ClusterPubSub, ClusterPipeline or RedisCluster
* Fix broken connection writer lock-up for asyncio (#2065)
* Fix auth bug when provided with no username (#2086)
* Release 4.1.3
* Fix flushdb and flushall (#1926)
* Add redis5 and redis4 dockers (#1871)
* Change json.clear test multi to be up to date with redisjson (#1922)
* Fixing volume for unstable_cluster docker (#1914)
* Update changes file with changes since 4.0.0-beta2 (#1915)
* Release 4.1.2
* Invalid OCSP certificates should raise ConnectionError on failed validation (#1907)
* Added retry mechanism on socket timeouts when connecting to the server (#1895)
* LMOVE, BLMOVE return incorrect responses (#1906)
* Fixing AttributeError in UnixDomainSocketConnection (#1903)
* Fixing TypeError in GraphCommands.explain (#1901)
* For tests, increasing wait time for the cluster (#1908)
* Increased pubsub's wait_for_messages timeout to prevent flaky tests (#1893)
* README code snippets formatted to highlight properly (#1888)
* Fix link in the main page (#1897)
* Documentation fixes: JSON Example, SSL Connection Examples, RTD version (#1887)
* Direct link to readthedocs (#1885)
* Release 4.1.1
* Add retries to connections in Sentinel Pools (#1879)
* OCSP Stapling Support (#1873)
* Define incr/decr as aliases of incrby/decrby (#1874)
* FT.CREATE - support MAXTEXTFIELDS, TEMPORARY, NOHL, NOFREQS, SKIPINITIALSCAN (#1847)
* Timeseries docs fix (#1877)
* get_connection: catch OSError too (#1832)
* Set keys var otherwise variable not created (#1853)
* Clusters should optionally require full slot coverage (#1845)
* Triple quote docstrings in client.py PEP 257 (#1876)
* syncing requirements (#1870)
* Typo and typing in GraphCommands documentation (#1855)
* Allowing poetry and redis-py to install together (#1854)
* setup.py: Add project_urls for PyPI (#1867)
* Support test with redis unstable docker (#1850)
* Connection examples (#1835)
* Documentation cleanup (#1841)
* Release 4.1.0
* OCSP stapling support (#1820)
* Support for SELECT (#1825)
* Support for specifying error types with retry (#1817)
* Support for RESET command since Redis 6.2.0 (#1824)
* Support CLIENT TRACKING (#1612)
* Support WRITE in CLIENT PAUSE (#1549)
* JSON set_file and set_path support (#1818)
* Allow ssl_ca_path with rediss:// urls (#1814)
* Support for password-encrypted SSL private keys (#1782)
* Support SYNC and PSYNC (#1741)
* Retry on error exception and timeout fixes (#1821)
* Fixing read race condition during pubsub (#1737)
* Fixing exception in listen (#1823)
* Fixed MovedError, and stopped iterating through startup nodes when slots are fully covered (#1819)
* Socket not closing after server disconnect (#1797)
* Single sourcing the package version (#1791)
* Ensure redis_connect_func is set on uds connection (#1794)
* SRTALGO - Skip for redis versions greater than 7.0.0 (#1831)
* Documentation updates (#1822)
* Add CI action to install package from repository commit hash (#1781) (#1790)
* Fix link in lmove docstring (#1793)
* Disabling JSON.DEBUG tests (#1787)
* Migrated targeted nodes to kwargs in Cluster Mode (#1762)
* Added support for MONITOR in clusters (#1756)
* Adding ROLE Command (#1610)
* Integrate RedisBloom support (#1683)
* Adding RedisGraph support (#1556)
* Allow overriding connection class via keyword arguments (#1752)
* Aggregation LOAD * support for RediSearch (#1735)
* Adding cluster, bloom, and graph docs (#1779)
* Add packaging to setup_requires, and use >= to play nice to setup.py (fixes #1625) (#1780)
* Fixing the license link in the readme (#1778)
* Removing distutils from tests (#1773)
* Fix cluster ACL tests (#1774)
* Improved RedisCluster's reinitialize_steps and documentation (#1765)
* Added black and isort (#1734)
* Link Documents for all module commands (#1711)
* Pyupgrade + flynt + f-strings (#1759)
* Remove unused aggregation subclasses in RediSearch (#1754)
* Adding RedisCluster client to support Redis Cluster Mode (#1660)
* Support RediSearch FT.PROFILE command (#1727)
* Adding support for non-decodable commands (#1731)
* COMMAND GETKEYS support (#1738)
* RedisJSON 2.0.4 behaviour support (#1747)
* Removing deprecating distutils (PEP 632) (#1730)
* Updating PR template (#1745)
* Removing duplication of Script class (#1751)
* Splitting documentation for read the docs (#1743)
* Improve code coverage for aggregation tests (#1713)
* Fixing COMMAND GETKEYS tests (#1750)
* GitHub release improvements (#1684)
* Release 4.0.2
* Restoring Sentinel commands to redis client (#1723)
* Better removal of hiredis warning (#1726)
* Adding links to redis documents in function calls (#1719)
* Release 4.0.1
* Removing command on initial connections (#1722)
* Removing hiredis warning when not installed (#1721)
* Release 4.0.0
* FT.EXPLAINCLI intentionally raising NotImplementedError
* Restoring ZRANGE desc for Redis < 6.2.0 (#1697)
* Response parsing occasionally fails to parse floats (#1692)
* Re-enabling read-the-docs (#1707)
* Call HSET after FT.CREATE to avoid keyspace scan (#1706)
* Unit tests fixes for compatibility (#1703)
* Improve documentation about Locks (#1701)
* Fixes to allow --redis-url to pass through all tests (#1700)
* Fix unit tests running against Redis 4.0.0 (#1699)
* Search alias test fix (#1695)
* Adding RediSearch/RedisJSON tests (#1691)
* Updating codecov rules (#1689)
* Tests to validate custom JSON decoders (#1681)
* Added breaking icon to release drafter (#1702)
* Removing dependency on six (#1676)
* Re-enable pipeline support for JSON and TimeSeries (#1674)
* Export Sentinel, and SSL like other classes (#1671)
* Restore zrange functionality for older versions of Redis (#1670)
* Fixed garbage collection deadlock (#1578)
* Tests to validate built python packages (#1678)
* Sleep for flaky search test (#1680)
* Test function renames, to match standards (#1679)
* Docstring improvements for Redis class (#1675)
* Fix georadius tests (#1672)
* Improvements to JSON coverage (#1666)
* Add python_requires setuptools check for python > 3.6 (#1656)
* SMISMEMBER support (#1667)
* Exposing the module version in loaded_modules (#1648)
* RedisTimeSeries support (#1652)
* Support for json multipath ($) (#1663)
* Added boolean parsing to PEXPIRE and PEXPIREAT (#1665)
* Add python_requires setuptools check for python > 3.6 (#1656)
* Adding vulture for static analysis (#1655)
* Starting to clean the docs (#1657)
* Update README.md (#1654)
* Adding description format for package (#1651)
* Publish to pypi as releases are generated with the release drafter (#1647)
* Restore actions to prs (#1653)
* Fixing the package to include commands (#1649)
* Re-enabling codecov as part of CI process (#1646)
* Adding support for redisearch (#1640) Thanks @chayim
* redisjson support (#1636) Thanks @chayim
* Sentinel: Add SentinelManagedSSLConnection (#1419) Thanks @AbdealiJK
* Enable floating parameters in SET (ex and px) (#1635) Thanks @AvitalFineRedis
* Add warning when hiredis not installed. Recommend installation. (#1621) Thanks @adiamzn
* Raising NotImplementedError for SCRIPT DEBUG and DEBUG SEGFAULT (#1624) Thanks @chayim
* CLIENT REDIR command support (#1623) Thanks @chayim
* REPLICAOF command implementation (#1622) Thanks @chayim
* Add support to NX XX and CH to GEOADD (#1605) Thanks @AvitalFineRedis
* Add support to ZRANGE and ZRANGESTORE parameters (#1603) Thanks @AvitalFineRedis
* Pre 6.2 redis should default to None for script flush (#1641) Thanks @chayim
* Add FULL option to XINFO SUMMARY (#1638) Thanks @agusdmb
* Geosearch test should use any=True (#1594) Thanks @Andrew-Chen-Wang
* Removing packaging dependency (#1626) Thanks @chayim
* Fix client_kill_filter docs for skimpy (#1596) Thanks @Andrew-Chen-Wang
* Normalize minid and maxlen docs (#1593) Thanks @Andrew-Chen-Wang
* Update docs for multiple usernames for ACL DELUSER (#1595) Thanks @Andrew-Chen-Wang
* Fix grammar of get param in set command (#1588) Thanks @Andrew-Chen-Wang
* Fix docs for client_kill_filter (#1584) Thanks @Andrew-Chen-Wang
* Convert README & CONTRIBUTING from rst to md (#1633) Thanks @davidylee
* Test BYLEX param in zrangestore (#1634) Thanks @AvitalFineRedis
* Tox integrations with invoke and docker (#1632) Thanks @chayim
* Adding the release drafter to help simplify release notes (#1618). Thanks @chayim
* BACKWARDS INCOMPATIBLE: Removed support for end of life Python 2.7. #1318
* BACKWARDS INCOMPATIBLE: All values within Redis URLs are unquoted via urllib.parse.unquote. Prior versions of redis-py supported this by specifying the `decode_components` flag to the `from_url` functions. This is now done by default and cannot be disabled. #589
* POTENTIALLY INCOMPATIBLE: Redis commands were moved into a mixin (see commands.py). Anyone importing `redis.client` to access commands directly should import `redis.commands`. #1534, #1550
* Removed technical debt on REDIS_6_VERSION placeholder. Thanks @chayim #1582.
* Various docus fixes. Thanks @Andrew-Chen-Wang #1585, #1586.
* Support for LOLWUT command, available since Redis 5.0.0. Thanks @brainix #1568.
* Added support for CLIENT REPLY, available in Redis 3.2.0. Thanks @chayim #1581.
* Support for Auto-reconnect PubSub on get_message. Thanks @luhn #1574.
* Fix RST syntax error in README/ Thanks @JanCBrammer #1451.
* IDLETIME and FREQ support for RESTORE. Thanks @chayim #1580.
* Supporting args with MODULE LOAD. Thanks @chayim #1579.
* Updating RedisLabs with Redis. Thanks @gkorland #1575.
* Added support for ASYNC to SCRIPT FLUSH available in Redis 6.2.0. Thanks @chayim. #1567
* Added CLIENT LIST fix to support multiple client ids available in Redis 2.8.12. Thanks @chayim #1563.
* Added DISCARD support for pipelines available in Redis 2.0.0. Thanks @chayim #1565.
* Added ACL DELUSER support for deleting lists of users available in Redis 6.2.0. Thanks @chayim. #1562
* Added CLIENT TRACKINFO support available in Redis 6.2.0. Thanks @chayim. #1560
* Added GEOSEARCH and GEOSEARCHSTORE support available in Redis 6.2.0. Thanks @AvitalFine Redis. #1526
* Added LPUSHX support for lists available in Redis 4.0.0. Thanks @chayim. #1559
* Added support for QUIT available in Redis 1.0.0. Thanks @chayim. #1558
* Added support for COMMAND COUNT available in Redis 2.8.13. Thanks @chayim. #1554.
* Added CREATECONSUMER support for XGROUP available in Redis 6.2.0. Thanks @AvitalFineRedis. #1553
* Including slowly complexity in INFO if available. Thanks @ian28223 #1489.
* Added support for STRALGO available in Redis 6.0.0. Thanks @AvitalFineRedis. #1528
* Addes support for ZMSCORE available in Redis 6.2.0. Thanks @2014BDuck and @jiekun.zhu. #1437
* Support MINID and LIMIT on XADD available in Redis 6.2.0. Thanks @AvitalFineRedis. #1548
* Added sentinel commands FLUSHCONFIG, CKQUORUM, FAILOVER, and RESET available in Redis 2.8.12. Thanks @otherpirate. #834
* Migrated Version instead of StrictVersion for Python 3.10. Thanks @tirkarthi. #1552
* Added retry mechanism with backoff. Thanks @nbraun-amazon. #1494
* Migrated commands to a mixin. Thanks @chayim. #1534
* Added support for ZUNION, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1522
* Added support for CLIENT LIST with ID, available in Redis 6.2.0. Thanks @chayim. #1505
* Added support for MINID and LIMIT with xtrim, available in Reds 6.2.0. Thanks @chayim. #1508
* Implemented LMOVE and BLMOVE commands, available in Redis 6.2.0. Thanks @chayim. #1504
* Added GET argument to SET command, available in Redis 6.2.0. Thanks @2014BDuck. #1412
* Documentation fixes. Thanks @enjoy-binbin @jonher937. #1496 #1532
* Added support for XAUTOCLAIM, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1529
* Added IDLE support for XPENDING, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1523
* Add a count parameter to lpop/rpop, available in Redis 6.2.0. Thanks @wavenator. #1487
* Added a (pypy) trove classifier for Python 3.9. Thanks @D3X. #1535
* Added ZINTER support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1520
* Added ZINTER support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1520
* Added ZDIFF and ZDIFFSTORE support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1518
* Added ZRANGESTORE support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1521
* Added LT and GT support for ZADD, available in Redis 6.2.0. Thanks @chayim. #1509
* Added ZRANDMEMBER support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1519
* Added GETDEL support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1514
* Added CLIENT KILL laddr filter, available in Redis 6.2.0. Thanks @chayim. #1506
* Added CLIENT UNPAUSE, available in Redis 6.2.0. Thanks @chayim. #1512
* Added NOMKSTREAM support for XADD, available in Redis 6.2.0. Thanks @chayim. #1507
* Added HRANDFIELD support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1513
* Added CLIENT INFO support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1517
* Added GETEX support, available in Redis 6.2.0. Thanks @AvitalFineRedis. #1515
* Added support for COPY command, available in Redis 6.2.0. Thanks @malinaa96. #1492
* Provide a development and testing environment via docker. Thanks @abrookins. #1365
* Added support for the LPOS command available in Redis 6.0.6. Thanks @aparcar #1353/#1354
* Added support for the ACL LOG command available in Redis 6. Thanks @2014BDuck. #1307
* Added support for ABSTTL option of the RESTORE command available in Redis 5.0. Thanks @charettes. #1423
* Drop account-defaults-redis.patch merged upstream

* Add account-defaults-redis.patch which fixes failing tests by taking into
consideration redis defaults, not overwriting them (gh#andymccurdy/redis-
py#1499).

* Skipp two tests because of gh#andymccurdy/redis-py#1459.

* update to 3.5.3

* Restore try/except clauses to **del** methods. These will be removed in 4.0
when more explicit resource management if enforced. #1339
* Update the master_address when Sentinels promote a new master. #847
* Update SentinelConnectionPool to not forcefully disconnect other in-use
connections which can negatively affect threaded applications. #1345 3.5.2
* Tune the locking in ConnectionPool.get_connection so that the lock is not
held while waiting for the socket to establish and validate the TCP
connection. 3.5.1
* Fix for HSET argument validation to allow any non-None key. Thanks
@AleksMat, #1337, #1341 3.5.0
* Removed exception trapping from **del** methods. redis-py objects that hold
various resources implement **del** cleanup methods to release those
resources when the object goes out of scope. This provides a fallback for
when these objects aren't explicitly closed by user code. Prior to this
change any errors encountered in closing these resources would be hidden
from the user. Thanks @jdufresne. #1281
* Expanded support for connection strings specifying a username connecting to
pre-v6 servers. #1274
* Optimized Lock's blocking_timeout and sleep. If the lock cannot be acquired
and the sleep value would cause the loop to sleep beyond blocking_timeout,
fail immediately. Thanks @clslgrnc. #1263
* Added support for passing Python memoryviews to Redis command args that
expect strings or bytes. The memoryview instance is sent directly to the
socket such that there are zero copies made of the underlying data during
command packing. Thanks @Cody-G. #1265, #1285
* HSET command now can accept multiple pairs. HMSET has been marked as
deprecated now. Thanks to @laixintao #1271
* Don't manually DISCARD when encountering an ExecAbortError. Thanks
@nickgaya, #1300/#1301
* Reset the watched state of pipelines after calling exec. This saves a
roundtrip to the server by not having to call UNWATCH within
Pipeline.reset(). Thanks @nickgaya, #1299/#1302
* Added the KEEPTTL option for the SET command. Thanks @laixintao #1304/#1280
* Added the MEMORY STATS command. #1268
* Lock.extend() now has a new option, `replace_ttl`. When False (the default),
Lock.extend() adds the `additional_time` to the lock's existing TTL. When
replace_ttl=True, the lock's existing TTL is replaced with the value of
`additional_time`.
* Add testing and support for PyPy.

* downgrade requires for redis to recommends

* Better error handling Changes in python-retrying:

* Switch package to modern Python Stack on SLE-15
* Add %{?sle15_python_module_pythons}

* require setuptools

* Switch to pyproject macros.

* Stop using greedy globs in %files.

* Update to version 1.3.4

* Added Greg Roodt as maintainer
* Formatted code with black
* Updated repository references

* Improve summary.

* Remove superfluous devel dependency for noarch package

* Initial package Changes in python-semver:

* update to 3.0.2:
* :pr:`418`: Replace :class:`~collection.OrderedDict` with :class:`dict`.
* The dict datatype is ordered since Python 3.7. As we do not support Python
3.6 anymore, it can be considered safe to avoid
:class:`~collection.OrderedDict`.
* :pr:`431`: Clarify version policy for the different semver versions (v2, v3,
>v3) and the supported Python versions.
* :gh:`432`: Improve external doc links to Python and Pydantic.
* :pr:`417`: Amend GitHub Actions to check against MacOS.

* remove obsolete setup-remove-asterisk.patch

* update to version 3.0.1:
* Remove incorrect dependencies from build-system section of pyproject.toml by
@mgorny in #405
* correct typo in function description of next_version by @treee111 in #406
* Improve GitHub Action by @tomschr in #408
* Add CITATION.cff for citation by @tomschr in #409
* Add Version class to **all** export. Fix #410 by @Soneji in #411
* Configure docformatter by @tomschr in #412
* Prepare version 3.0.1 by @tomschr in #413

* update to version 3.0.0:

* Bugfixes
* :gh:`291`: Disallow negative numbers in VersionInfo arguments for `major`,
`minor`, and `patch`.
* :gh:`310`: Rework API documentation. Follow a more "semi-manual" attempt and
add auto directives into :file:`docs/api.rst`.
* :gh:`344`: Allow empty string, a string with a prefix, or `None` as token in
:meth:`~semver.version.Version.bump_build` and
:meth:`~semver.version.Version.bump_prerelease`.
* :pr:`384`: General cleanup, reformat files:
* Reformat source code with black again as some config options did accidentely exclude the semver source code. Mostly remove some includes/excludes in the black config.
* Integrate concurrency in GH Action
* Ignore Python files on project dirs in .gitignore
* Remove unused patterns in MANIFEST.in
* Use `extend-exclude` for flake in :file:`setup.cfg`` and adapt list.
* Use `skip_install=True` in :file:`tox.ini` for black
* :pr:`393`: Fix command :command:`python -m semver` to avoid the error
"invalid choice"
* :pr:`396`: Calling :meth:`~semver.version.Version.parse` on a derived class
will show correct type of derived class.
* Deprecations
* :gh:`169`: Deprecate CLI functions not imported from `semver.cli`.
* :gh:`234`: In :file:`setup.py` simplified file and remove `Tox` and `Clean`
classes
* :gh:`284`: Deprecate the use of :meth:`~Version.isvalid`. Rename
:meth:`~semver.version.Version.isvalid` to
:meth:`~semver.version.Version.is_valid` for consistency reasons with
:meth:`~semver.version.Version.is_compatible`.
* :pr:`402`: Keep :func:`semver.compare <semver._deprecated.compare>`.
Although it breaks consistency with module level functions, it seems it's a
much needed/used function. It's still unclear if we should deprecate this
function or not (that's why we use :py:exc:`PendingDeprecationWarning`). As
we don't have a uniform initializer yet, this function stays in the
:file:`_deprecated.py` file for the time being until we find a better
solution. See :gh:`258` for details.
* Features
* Remove :file:`semver.py`
* Create :file:`src/semver/__init__.py`
* Create :file:`src/semver/cli.py` for all CLI methods
* Create :file:`src/semver/_deprecated.py` for the `deprecated` decorator and
other deprecated functions
* Create :file:`src/semver/__main__.py` to allow calling the CLI using
:command:`python -m semver`
* Create :file:`src/semver/_types.py` to hold type aliases
* Create :file:`src/semver/version.py` to hold the :class:`Version` class (old
name :class:`VersionInfo`) and its utility functions
* Create :file:`src/semver/__about__.py` for all the metadata variables
* :gh:`213`: Add typing information
* :gh:`284`: Implement :meth:`~semver.version.Version.is_compatible` to make
"is self compatible with X".
* :gh:`305`: Rename :class:`~semver.version.VersionInfo` to
:class:`~semver.version.Version` but keep an alias for compatibility

* add setup-remove-asterisk.patch to fix build error

* update to version 3.0.0-dev.4:
* Bug Fixes:
* :gh:`374`: Correct Towncrier's config entries in the :file:`pyproject.toml`
file. The old entries `[[tool.towncrier.type]]` are deprecated and need to
be replaced by `[tool.towncrier.fragment.<TYPE>]`.
* Deprecations:
* :gh:`372`: Deprecate support for Python 3.6. Python 3.6 reached its end of
life and isn't supported anymore. At the time of writing (Dec 2022), the
lowest version is 3.7. Although the `poll < https://github.com/python-
semver/python-semver/discussions/371>`_ didn't cast many votes, the
majority agree to remove support for Python 3.6.
* Improved Documentation:
* :gh:`335`: Add new section "Converting versions between PyPI and semver" the
limitations and possible use cases to convert from one into the other
versioning scheme.
* :gh:`340`: Describe how to get version from a file
* :gh:`343`: Describe combining Pydantic with semver in the "Advanced topic"
section.
* :gh:`350`: Restructure usage section. Create subdirectory "usage/" and
splitted all section into different files.
* :gh:`351`: Introduce new topics for:
* "Migration to semver3"
* "Advanced topics"
* Features:
* :pr:`359`: Add optional parameter `optional_minor_and_patch` in
:meth:`.Version.parse` to allow optional minor and patch parts.
* :pr:`362`: Make :meth:`.Version.match` accept a bare version string as match
expression, defaulting to equality testing.
* :gh:`364`: Enhance :file:`pyproject.toml` to make it possible to use the
:command:`pyproject-build` command from the build module. For more
information, see :ref:`build-semver`.
* :gh:`365`: Improve :file:`pyproject.toml`.
* Use setuptools, add metadata. Taken approach from `A Practical Guide to
Setuptools and Pyproject.toml < https://godatadriven.com/blog/a-practical-
guide-to-setuptools-and-pyproject-toml/>`_.
* Doc: Describe building of semver
* Remove :file:`.travis.yml` in :file:`MANIFEST.in` (not needed anymore)
* Distinguish between Python 3.6 and others in :file:`tox.ini`
* Add skip_missing_interpreters option for :file:`tox.ini`
* GH Action: Upgrade setuptools and setuptools-scm and test against
3.11.0-rc.2
* Trivial/Internal Changes:
* :gh:`378`: Fix some typos in Towncrier configuration

* switch to the tagged version rather than a gh branch tarball

* fix support for Python 3.10 with update to development version:

* update to revision g4d2df08:
* Changes for the upcoming release can be found in:
* the `"changelog.d" directory < https://github.com/python-
semver/python-semver/tree/master/changelog.d>`_:
* in our repository.:
* update to version 3.0.0-dev.2:
* Deprecations:
* :gh:`169`: Deprecate CLI functions not imported from `semver.cli`.
* Features:
* :gh:`169`: Create semver package and split code among different modules in
the packages.
* Remove :file:`semver.py`
* Create :file:`src/semver/__init__.py`
* Create :file:`src/semver/cli.py` for all CLI methods
* Create :file:`src/semver/_deprecated.py` for the `deprecated` decorator and
other deprecated functions
* Create :file:`src/semver/__main__.py` to allow calling the CLI using
:command:`python -m semver`
* Create :file:`src/semver/_types.py` to hold type aliases
* Create :file:`src/semver/version.py` to hold the :class:`Version` class (old
name :class:`VersionInfo`) and its utility functions
* Create :file:`src/semver/__about__.py` for all the metadata variables
* :gh:`305`: Rename :class:`VersionInfo` to :class:`Version` but keep an alias
for compatibility
* Improved Documentation:
* :gh:`304`: Several improvements in documentation:
* Reorganize API documentation.
* Add migration chapter from semver2 to semver3.
* Distinguish between changlog for version 2 and 3
* :gh:`305`: Add note about :class:`Version` rename.
* Trivial/Internal Changes:
* :gh:`169`: Adapted infrastructure code to the new project layout.
* Replace :file:`setup.py` with :file:`setup.cfg` because the
:file:`setup.cfg` is easier to use
* Adapt documentation code snippets where needed
* Adapt tests
* Changed the `deprecated` to hardcode the `semver` package name in the
warning. Increase coverage to 100% for all non-deprecated APIs
* :gh:`304`: Support PEP-561 :file:`py.typed`. According to the mentioned PEP:
"Package maintainers who wish to support type checking of their code MUST
add a marker file named :file:`py.typed` to their package supporting
typing." Add package_data to :file:`setup.cfg` to include this marker in
dist and whl file.
* update to version 3.0.0-dev.1:
* Deprecations:
* :pr:`290`: For semver 3.0.0-alpha0:
* Remove anything related to Python2
* In :file:`tox.ini` and :file:`.travis.yml` Remove targets py27, py34, py35,
and pypy. Add py38, py39, and nightly (allow to fail)
* In :file:`setup.py` simplified file and remove `Tox` and `Clean` classes
* Remove old Python versions (2.7, 3.4, 3.5, and pypy) from Travis
* :gh:`234`: In :file:`setup.py` simplified file and remove `Tox` and `Clean`
classes
* Features:
* :pr:`290`: Create semver 3.0.0-alpha0
* Update :file:`README.rst`, mention maintenance branch `maint/v2`.
* Remove old code mainly used for Python2 compatibility, adjusted code to
support Python3 features.
* Split test suite into separate files under :file:`tests/` directory
* Adjust and update :file:`setup.py`. Requires Python >=3.6.* Extract metadata
directly from source (affects all the `__version__`, `__author__` etc.
variables)
* :gh:`270`: Configure Towncrier (:pr:`273`:)
* Add :file:`changelog.d/.gitignore` to keep this directory
* Create :file:`changelog.d/README.rst` with some descriptions
* Add :file:`changelog.d/_template.rst` as Towncrier template
* Add `[tool.towncrier]` section in :file:`pyproject.toml`
* Add "changelog" target into :file:`tox.ini`. Use it like :command:`tox -e
changelog -- CMD` whereas `CMD` is a Towncrier command. The default
:command:`tox -e changelog` calls Towncrier to create a draft of the
changelog file and output it to stdout.
* Update documentation and add include a new section "Changelog" included from
:file:`changelog.d/README.rst`.
* :gh:`276`: Document how to create a sublass from :class:`VersionInfo` class
* :gh:`213`: Add typing information
* Bug Fixes:
* :gh:`291`: Disallow negative numbers in VersionInfo arguments for `major`,
`minor`, and `patch`.
* Improved Documentation:
* :pr:`290`: Several improvements in the documentation:
* New layout to distinguish from the semver2 development line.
* Create new logo.
* Remove any occurances of Python2.
* Describe changelog process with Towncrier.
* Update the release process.
* Trivial/Internal Changes:
* :pr:`290`: Add supported Python versions to :command:`black`.
* PR #62. Support custom default names for pre and build Changes in python-
sshtunnel:
* Require update-alternatives for the scriptlets.

* Switch build system from setuptools to pyproject.toml

* Add python-pip and python-wheel to BuildRequires
* Replace %python_build with %pyproject_wheel
* Replace %python_install with %pyproject_install
* Limit Python files matched in %files section

* Use %sle15_python_module_pythons

* do not require python-mock for build

* update to 0.4.0:

* Change the daemon mod flag for all tunnel threads (is not fully backward compatible) to prevent unexpected hangs (`#219`_) + Add docker based end to end functinal tests for Mongo/Postgres/MySQL
* Add docker based end to end hangs tests
* Fix host key directory detection
* Unify default ssh config folder to `~/.ssh`
* Increase open connection timeout to 10 secods
* Change default with context behavior to use `.stop(force=True)` on exit
* Remove useless `daemon_forward_servers = True` hack for hangs prevention
* Set transport keepalive to 5 second by default
* Set default transport timeout to 0.1
* Deprecate and remove `block_on_close` option
* Fix "deadlocks" / "tunneling hangs"
* Add `.stop(force=True)` for force close active connections
* Fixes bug with orphan thread for a tunnel that is DOWN
* Support IPv6 without proxy command. Use built-in paramiko create socket logic. The logic tries to use ipv6 socket family first, then ipv4 socket family.

Changes in python-strictyaml:

* require setuptools

* update to 1.7.3:

* REFACTOR : Fix pipeline.
* TOOLING : Improvements to pyenv multi-environment tester.
* FEATURE : Upgraded package to use pyproject.toml files
* REFACTOR : Fixed linter errors.
* TOOLING : Build wheel and sdist that both work.

* Add %{?sle15_python_module_pythons}

* Update to 1.6.2 No relevant code changes. see details changelog:
https://hitchdev.com/strictyaml/changelog/#latest

* update to 1.6.1 too many changes to be listed here see detailed changelog:
https://hitchdev.com/strictyaml/changelog/

* update to 1.4.4

* Add support for NaN and infinity representations
* Optional keys in mappings and set value to None
* Support underscores in int and decimal
* NullNone - parse 'null' as None like YAML 1.2 does.
* Bundle last propertly working ruamel.yaml version in with strictyaml.

* version update to 1.0.6

* BUGFIX : Fix accidental python 2 breakage.
* BUGFIX : Accidental misrecognition of boolean values as numbers - cause of
#85.
* BUGFIX : Fix for #86 - handle changing multiline strings.
* BUGFIX: handle deprecated collections import in the parser (#82)

* Update to 1.0.5:

* BUGFIX : Fixed python 2 bug introduced when fixing #72.
* FEATURE : Include tests / stories in package.
* BUG: issue #72. Now setitem uses schema.

* Expand %description.

* Initial spec for v1.0.3 Changes in python-sure:

* Switch build system from setuptools to pyproject.toml
* Add python-pip and python-wheel to BuildRequires
* Replace %python_build with %pyproject_wheel
* Replace %python_install with %pyproject_install

* update to 2.0.1:

* Fixes CI build (Github Actions)
* Fixes broken tests
* Housekeeping: Licensing
* Disable nosetests for testing leaving only pytest as supported test-runner
for now

* Add %{?sle15_python_module_pythons}

* Remove mock from BuildRequires.

* Rebase python-sure-no-mock.patch to remove one missed import.

* do not require mock for build nor runtime

* added patches fix https://github.com/gabrielfalcao/sure/pull/161
* python-sure-no-mock.patch

* Update to 2.0.0

* No longer patch the builtin dir() function, which fixes pytest in some cases
such as projects using gevent.

* switch to pytest

* Version update to 1.4.11:

* Reading the version dynamically was causing import errors that caused error
when installing package. Refs #144

Changes in python-vcrpy: \- Update to 6.0.1 * BREAKING: Fix issue with httpx
support (thanks @parkerhancock) in #784. * BREAKING: Drop support for `boto`
(vcrpy still supports boto3, but is dropping the deprecated `boto` support in
this release. (thanks @jairhenrique) * Fix compatibility issue with Python 3.12
(thanks @hartwork) * Drop simplejson (fixes some compatibility issues) (thanks
@jairhenrique) * Run CI on Python 3.12 and PyPy 3.9-3.10 (thanks @mgorny) *
Various linting and docs improvements (thanks @jairhenrique) * Tornado fixes
(thanks @graingert)

* version update to 5.1.0
* Use ruff for linting (instead of current flake8/isort/pyflakes) - thanks
@jairhenrique
* Enable rule B (flake8-bugbear) on ruff - thanks @jairhenrique
* Configure read the docs V2 - thanks @jairhenrique
* Fix typo in docs - thanks @quasimik
* Make json.loads of Python >=3.6 decode bytes by itself - thanks @hartwork
* Fix body matcher for chunked requests (fixes #734) - thanks @hartwork
* Fix query param filter for aiohttp (fixes #517) - thanks @hartwork and
@salomvary
* Remove unnecessary dependency on six. - thanks @charettes
* build(deps): update sphinx requirement from dm.dc in
amdgpu_dm_fini() (bsc#1223714).
* CVE-2024-27039: Fixed clk/hisilicon/hi3559a an erroneous devm_kfree()
(bsc#1223821).
* CVE-2024-27038: Fixed clk_core_get NULL pointer dereference (bsc#1223816).
* CVE-2024-27030: Fixed octeontx2-af to use separate handlers for interrupts
(bsc#1223790).
* CVE-2024-27014: Fixed net/mlx5e to prevent deadlock while disabling aRFS
(bsc#1223735).
* CVE-2024-27013: Fixed tun limit printing rate when illegal packet received
by tun device (bsc#1223745).
* CVE-2024-26993: Fixed fs/sysfs reference leak in
sysfs_break_active_protection() (bsc#1223693).
* CVE-2024-26982: Fixed Squashfs inode number check not to be an invalid value
of zero (bsc#1223634).
* CVE-2024-26970: Fixed clk/qcom/gcc-ipq6018 termination of frequency table
arrays (bsc#1223644).
* CVE-2024-26969: Fixed clk/qcom/gcc-ipq8074 termination of frequency table
arrays (bsc#1223645).
* CVE-2024-26966: Fixed clk/qcom/mmcc-apq8084 termination of frequency table
arrays (bsc#1223646).
* CVE-2024-26965: Fixed clk/qcom/mmcc-msm8974 termination of frequency table
arrays (bsc#1223648).
* CVE-2024-26960: Fixed mm/swap race between free_swap_and_cache() and
swapoff() (bsc#1223655).
* CVE-2024-26951: Fixed wireguard/netlink check for dangling peer via is_dead
instead of empty list (bsc#1223660).
* CVE-2024-26950: Fixed wireguard/netlink to access device through ctx instead
of peer (bsc#1223661).
* CVE-2024-26948: Fixed drm/amd/display by adding dc_state NULL check in
dc_state_release (bsc#1223664).
* CVE-2024-26939: Fixed drm/i915/vma UAF on destroy against retire race
(bsc#1223679).
* CVE-2024-26927: Fixed ASoC/SOF bounds checking to firmware data Smatch
(bsc#1223525).
* CVE-2024-26915: Fixed drm/amdgpu reset IH OVERFLOW_CLEAR bit (bsc#1223207).
* CVE-2024-26901: Fixed do_sys_name_to_handle() to use kzalloc() to prevent
kernel-infoleak (bsc#1223198).
* CVE-2024-26898: Fixed aoe potential use-after-free problem in
aoecmd_cfg_pkts (bsc#1223016).
* CVE-2024-26896: Fixed wifi/wfx memory leak when starting AP (bsc#1223042).
* CVE-2024-26893: Fixed firmware/arm_scmi for possible double free in SMC
transport cleanup path (bsc#1223196).
* CVE-2024-26885: Fixed bpf DEVMAP_HASH overflow check on 32-bit arches
(bsc#1223190).
* CVE-2024-26884: Fixed bpf hashtab overflow check on 32-bit arches
(bsc#1223189).
* CVE-2024-26883: Fixed bpf stackmap overflow check on 32-bit arches
(bsc#1223035).
* CVE-2024-26882: Fixed net/ip_tunnel to make sure to pull inner header in
ip_tunnel_rcv() (bsc#1223034).
* CVE-2024-26881: Fixed net/hns3 kernel crash when 1588 is received on HIP08
devices (bsc#1223041).
* CVE-2024-26879: Fixed clk/meson by adding missing clocks to axg_clk_regmaps
(bsc#1223066).
* CVE-2024-26878: Fixed quota for potential NULL pointer dereference
(bsc#1223060).
* CVE-2024-26876: Fixed drm/bridge/adv7511 crash on irq during probe
(bsc#1223119).
* CVE-2024-26866: Fixed spi/spi-fsl-lpspi by removing redundant
spi_controller_put call (bsc#1223024).
* CVE-2024-26862: Fixed packet annotate data-races around ignore_outgoing
(bsc#1223111).
* CVE-2024-26861: Fixed wireguard/receive annotate data-race around
receiving_counter.counter (bsc#1223076).
* CVE-2024-26857: Fixed geneve to make sure to pull inner header in
geneve_rx() (bsc#1223058).
* CVE-2024-26856: Fixed use-after-free inside sparx5_del_mact_entry
(bsc#1223052).
* CVE-2024-26855: Fixed net/ice potential NULL pointer dereference in
ice_bridge_setlink() (bsc#1223051).
* CVE-2024-26853: Fixed igc returning frame twice in XDP_REDIRECT
(bsc#1223061).
* CVE-2024-26852: Fixed net/ipv6 to avoid possible UAF in
ip6_route_mpath_notify() (bsc#1223057).
* CVE-2024-26840: Fixed a memory leak in cachefiles_add_cache() (bsc#1222976).
* CVE-2024-26836: Fixed platform/x86/think-lmi password opcode ordering for
workstations (bsc#1222968).
* CVE-2024-26830: Fixed i40e to not allow untrusted VF to remove
administratively set MAC (bsc#1223012).
* CVE-2024-26817: Fixed amdkfd to use calloc instead of kzalloc to avoid
integer overflow (bsc#1222812).
* CVE-2024-26816: Fixed relocations in .notes section when building with
CONFIG_XEN_PV=y by ignoring them (bsc#1222624).
* CVE-2024-26791: Fixed btrfs/dev-replace properly validate device names
(bsc#1222793).
* CVE-2024-26783: Fixed mm/vmscan bug when calling wakeup_kswapd() with a
wrong zone index (bsc#1222615).
* CVE-2024-26773: Fixed ext4 block allocation from corrupted group in
ext4_mb_try_best_found() (bsc#1222618).
* CVE-2024-26772: Fixed ext4 to avoid allocating blocks from corrupted group
in ext4_mb_find_by_goal() (bsc#1222613).
* CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs()
(bsc#1222726).
* CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct
aio_kiocb conversion (bsc#1222721).
* CVE-2024-26733: Fixed an overflow in arp_req_get() in arp (bsc#1222585).
* CVE-2024-26700: Fixed drm/amd/display MST Null pointer dereference for RV
(bsc#1222870).
* CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup
(bsc#1222435).
* CVE-2024-26679: Fixed inet read sk->sk_family once in inet_recv_error()
(bsc#1222385).
* CVE-2024-26675: Fixed ppp_async to limit MRU to 64K (bsc#1222379).
* CVE-2024-26673: Fixed netfilter/nft_ct layer 3 and 4 protocol sanitization
(bsc#1222368).
* CVE-2024-26671: Fixed blk-mq IO hang from sbitmap wakeup race (bsc#1222357).
* CVE-2024-26656: Fixed drm/amdgpu use-after-free bug (bsc#1222307).
* CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299).
* CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay
(bsc#1220342).
* CVE-2024-23850: Fixed double free of anonymous device after snapshot
creation failure (bsc#1219126).
* CVE-2024-23848: Fixed media/cec for possible use-after-free in
cec_queue_msg_fh (bsc#1219104).
* CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86
and ARM md, raid, raid5 modules (bsc#1219169).
* CVE-2024-22099: Fixed a null-pointer-dereference in rfcomm_check_security
(bsc#1219170).
* CVE-2024-2201: Fixed information leak in x86/BHI (bsc#1217339).
* CVE-2024-0841: Fixed a null pointer dereference in the hugetlbfs_fill_super
function in hugetlbfs (HugeTLB pages) functionality (bsc#1219264).
* CVE-2024-0639: Fixed a denial-of-service vulnerability due to a deadlock
found in sctp_auto_asconf_init in net/sctp/socket.c (bsc#1218917).
* CVE-2023-6270: Fixed a use-after-free issue in aoecmd_cfg_pkts
(bsc#1218562).
* CVE-2023-52652: Fixed NTB for possible name leak in ntb_register_device()
(bsc#1223686).
* CVE-2023-52645: Fixed pmdomain/mediatek race conditions with genpd
(bsc#1223033).
* CVE-2023-52635: Fixed PM/devfreq to synchronize devfreq_monitor_[start/stop]
(bsc#1222294).
* CVE-2023-52620: Fixed netfilter/nf_tables to disallow timeout for anonymous
sets never used from userspace (bsc#1221825).
* CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in
mpi_ec_init (bsc#1221612).
* CVE-2023-52614: Fixed PM/devfreq buffer overflow in trans_stat_show
(bsc#1221617).
* CVE-2023-52593: Fixed wifi/wfx possible NULL pointer dereference in
wfx_set_mfp_ap() (bsc#1221042).
* CVE-2023-52591: Fixed a possible reiserfs filesystem corruption via
directory renaming (bsc#1221044).
* CVE-2023-52590: Fixed a possible ocfs2 filesystem corruption via directory
renaming (bsc#1221088).
* CVE-2023-52589: Fixed media/rkisp1 IRQ disable race issue (bsc#1221084).
* CVE-2023-52585: Fixed drm/amdgpu for possible NULL pointer dereference in
amdgpu_ras_query_error_status_helper() (bsc#1221080).
* CVE-2022-48662: Fixed a general protection fault (GPF) in
i915_perf_open_ioctl (bsc#1223505).
* CVE-2022-48659: Fixed mm/slub to return errno if kmalloc() fails
(bsc#1223498).
* CVE-2022-48658: Fixed mm/slub to avoid a problem in
flush_cpu_slab()/__free_slab() task context (bsc#1223496).
* CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset
skb->mac_header (bsc#1223513).
* CVE-2022-48642: Fixed netfilter/nf_tables percpu memory leak at
nf_tables_addchain() (bsc#1223478).
* CVE-2022-48640: Fixed bonding for possible NULL pointer dereference in
bond_rr_gen_slave_id (bsc#1223499).
* CVE-2022-48631: Fixed a bug in ext4, when parsing extents where eh_entries
== 0 and eh_depth > 0 (bsc#1223475).
* CVE-2021-47214: Fixed hugetlb/userfaultfd during restore reservation in
hugetlb_mcopy_atomic_pte() (bsc#1222710).
* CVE-2021-47211: Fixed a null pointer dereference on pointer cs_desc in usb-
audio (bsc#1222869).
* CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus
(bsc#1222790).
* CVE-2021-47205: Unregistered clocks/resets when unbinding in sunxi-ng
(bsc#1222888).
* CVE-2021-47202: Fixed NULL pointer dereferences in of_thermal_ functions
(bsc#1222878)
* CVE-2021-47200: Fixed drm/prime for possible use-after-free in mmap within
drm_gem_ttm_mmap() and drm_gem_ttm_mmap() (bsc#1222838).
* CVE-2021-47195: Fixed use-after-free inside SPI via add_lock mutex
(bsc#1222832).
* CVE-2021-47185: Fixed a softlockup issue in flush_to_ldisc in tty tty_buffer
(bsc#1222669).
* CVE-2021-47184: Fixed NULL pointer dereference on VSI filter sync
(bsc#1222666).

The following non-security bugs were fixed:

* ALSA: firewire-lib: handle quirk to calculate payload quadlets as data block
counter (stable-fixes).
* ALSA: hda/realtek - Enable audio jacks of Haier Boyue G42 with ALC269VC
(stable-fixes).
* ALSA: hda/realtek - Fix inactive headset mic jack (stable-fixes).
* ALSA: hda/realtek: Add quirk for HP SnowWhite laptops (stable-fixes).
* ALSA: hda/realtek: Fix mute led of HP Laptop 15-da3001TU (stable-fixes).
* ALSA: hda: intel-sdw-acpi: fix usage of device_get_named_child_node() (git-
fixes).
* ALSA: scarlett2: Add Focusrite Clarett 2Pre and 4Pre USB support (stable-
fixes).
* ALSA: scarlett2: Add Focusrite Clarett+ 2Pre and 4Pre support (stable-
fixes).
* ALSA: scarlett2: Add correct product series name to messages (stable-fixes).
* ALSA: scarlett2: Add support for Clarett 8Pre USB (stable-fixes).
* ALSA: scarlett2: Default mixer driver to enabled (stable-fixes).
* ALSA: scarlett2: Move USB IDs out from device_info struct (stable-fixes).
* ASoC: meson: axg-card: make links nonatomic (git-fixes).
* ASoC: meson: axg-tdm-interface: manage formatters in trigger (git-fixes).
* ASoC: meson: cards: select SND_DYNAMIC_MINORS (git-fixes).
* ASoC: soc-core.c: Skip dummy codec when adding platforms (stable-fixes).
* ASoC: tegra: Fix DSPK 16-bit playback (git-fixes).
* ASoC: ti: davinci-mcasp: Fix race condition during probe (git-fixes).
* Bluetooth: Add new quirk for broken read key length on ATS2851 (git-fixes).
* Bluetooth: Fix TOCTOU in HCI debugfs implementation (git-fixes).
* Bluetooth: Fix memory leak in hci_req_sync_complete() (git-fixes).
* Bluetooth: Fix type of len in {l2cap,sco}_sock_getsockopt_old() (stable-
fixes).
* Bluetooth: L2CAP: Fix not validating setsockopt user input (git-fixes).
* Bluetooth: RFCOMM: Fix not validating setsockopt user input (git-fixes).
* Bluetooth: SCO: Fix not validating setsockopt user input (git-fixes).
* Bluetooth: add quirk for broken address properties (git-fixes).
* Bluetooth: btintel: Fix null ptr deref in btintel_read_version (stable-
fixes).
* Bluetooth: btintel: Fixe build regression (git-fixes).
* Bluetooth: btusb: Add Realtek RTL8852BE support ID 0x0bda:0x4853 (stable-
fixes).
* Bluetooth: hci_event: Fix sending HCI_OP_READ_ENC_KEY_SIZE (git-fixes).
* Bluetooth: hci_event: set the conn encrypted before conn establishes
(stable-fixes).
* Bluetooth: hci_sock: Fix not validating setsockopt user input (git-fixes).
* Bluetooth: qca: fix NULL-deref on non-serdev suspend (git-fixes).
* Documentation: Add missing documentation for EXPORT_OP flags (stable-fixes).
* HID: intel-ish-hid: ipc: Fix dev_err usage with uninitialized dev->devc
(git-fixes).
* HID: logitech-dj: allow mice to use all types of reports (git-fixes).
* HID: uhid: Use READ_ONCE()/WRITE_ONCE() for ->running (stable-fixes).
* Input: allocate keycode for Display refresh rate toggle (stable-fixes).
* Input: synaptics-rmi4 - fail probing if memory allocation for "phys" fails
(stable-fixes).
* NFC: trf7970a: disable all regulators on removal (git-fixes).
* PCI: rpaphp: Error out on busy status from get-sensor-state (bsc#1223369
ltc#205888).
* RDMA/cm: Print the old state when cm_destroy_id gets timeout (git-fixes).
* Reapply "drm/qxl: simplify qxl_fence_wait" (stable-fixes).
* Revert "ACPI: PM: Block ASUS B1400CEAE from suspend to idle by default"
(stable-fixes).
* Revert "drm/qxl: simplify qxl_fence_wait" (git-fixes).
* Revert "ice: Fix ice VF reset during iavf initialization (jsc#PED-376)."
(bsc#1223275)
* Revert "usb: cdc-wdm: close race between read and workqueue" (git-fixes).
* Revert "usb: phy: generic: Get the vbus supply" (git-fixes).
* USB: UAS: return ENODEV when submit urbs fail with device not attached
(stable-fixes).
* USB: core: Add hub_get() and hub_put() routines (git-fixes).
* USB: core: Fix access violation during port device removal (git-fixes).
* USB: core: Fix deadlock in port "disable" sysfs attribute (git-fixes).
* USB: serial: add device ID for VeriFone adapter (stable-fixes).
* USB: serial: cp210x: add ID for MGP Instruments PDS100 (stable-fixes).
* USB: serial: cp210x: add pid/vid for TDK NC0110013M and MM0110113M (stable-
fixes).
* USB: serial: ftdi_sio: add support for GMC Z216C Adapter IR-USB (stable-
fixes).
* USB: serial: option: add Fibocom FM135-GL variants (stable-fixes).
* USB: serial: option: add Lonsung U8300/U9300 product (stable-fixes).
* USB: serial: option: add MeiG Smart SLM320 product (stable-fixes).
* USB: serial: option: add Rolling RW101-GL and RW135-GL support (stable-
fixes).
* USB: serial: option: add Telit FN920C04 rmnet compositions (stable-fixes).
* USB: serial: option: add support for Fibocom FM650/FG650 (stable-fixes).
* USB: serial: option: support Quectel EM060K sub-models (stable-fixes).
* nfsd: Fixed mount kerberized nfs4 share issue (git-fixes bsc#1223858).
* s390: Fixed kernel backtrack (bsc#1141539 git-fixes).
* nfsd: Fixed mount issue with KOTD (bsc#1223380 bsc#1217408 bsc#1223640).
* s390: Fixed LPM of lpar failure with error HSCLA2CF in 19th loops
(jsc#PED-542 git-fixes bsc#1213573 ltc#203238).
* ahci: asm1064: asm1166: do not limit reported ports (git-fixes).
* ahci: asm1064: correct count of reported ports (stable-fixes).
* arm64: dts: imx8-ss-conn: fix usdhc wrong lpcg clock order (git-fixes)
* arm64: dts: rockchip: Remove unsupported node from the Pinebook Pro (git-
fixes)
* arm64: dts: rockchip: enable internal pull-up for Q7_THRM# on RK3399 (git-
fixes)
* arm64: dts: rockchip: enable internal pull-up on PCIE_WAKE# for (git-fixes)
* arm64: dts: rockchip: enable internal pull-up on Q7_USB_ID for RK3399 (git-
fixes)
* arm64: dts: rockchip: fix rk3328 hdmi ports node (git-fixes)
* arm64: dts: rockchip: fix rk3399 hdmi ports node (git-fixes)
* arm64: hibernate: Fix level3 translation fault in swsusp_save() (git-fixes).
* ax25: fix use-after-free bugs caused by ax25_ds_del_timer (git-fixes).
* batman-adv: Avoid infinite loop trying to resize local TT (git-fixes).
* clk: Get runtime PM before walking tree during disable_unused (git-fixes).
* clk: Initialize struct clk_core kref earlier (stable-fixes).
* clk: Mark 'all_lists' as const (stable-fixes).
* clk: Print an info line before disabling unused clocks (stable-fixes).
* clk: Remove prepare_lock hold assertion in __clk_release() (git-fixes).
* clk: remove extra empty line (stable-fixes).
* comedi: vmk80xx: fix incomplete endpoint checking (git-fixes).
* dma: xilinx_dpdma: Fix locking (git-fixes).
* dmaengine: idxd: Fix oops during rmmod on single-CPU platforms (git-fixes).
* dmaengine: owl: fix register access functions (git-fixes).
* dmaengine: tegra186: Fix residual calculation (git-fixes).
* docs: Document the FAN_FS_ERROR event (stable-fixes).
* drm-print: add drm_dbg_driver to improve namespace symmetry (stable-fixes).
* drm/amd/display: Do not recursively call manual trigger programming (stable-
fixes).
* drm/amd/display: Fix nanosec stat overflow (stable-fixes).
* drm/amd/display: fix disable otg wa logic in DCN316 (stable-fixes).
* drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 (stable-fixes).
* drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3 (stable-fixes).
* drm/amdgpu: Fix leak when GPU memory allocation fails (stable-fixes).
* drm/amdgpu: Reset dGPU if suspend got aborted (stable-fixes).
* drm/amdgpu: always force full reset for SOC21 (stable-fixes).
* drm/amdgpu: fix incorrect active rb bitmap for gfx11 (stable-fixes).
* drm/amdgpu: fix incorrect number of active RBs for gfx11 (stable-fixes).
* drm/amdgpu: once more fix the call oder in amdgpu_ttm_move() v2 (git-fixes).
* drm/amdgpu: validate the parameters of bo mapping operations more clearly
(git-fixes).
* drm/amdkfd: Reset GPU on queue preemption failure (stable-fixes).
* drm/ast: Fix soft lockup (git-fixes).
* drm/client: Fully protect modes[] with dev->mode_config.mutex (stable-
fixes).
* drm/i915/cdclk: Fix CDCLK programming order when pipes are active (git-
fixes).
* drm/i915/vrr: Disable VRR when using bigjoiner (stable-fixes).
* drm/i915: Disable port sync when bigjoiner is used (stable-fixes).
* drm/msm/dp: fix typo in dp_display_handle_port_status_changed() (git-fixes).
* drm/nouveau/nvkm: add a replacement for nvkm_notify (bsc#1223834)
* drm/panel: ili9341: Respect deferred probe (git-fixes).
* drm/panel: ili9341: Use predefined error codes (git-fixes).
* drm/panel: visionox-rm69299: do not unregister DSI device (git-fixes).
* drm/vc4: do not check if plane->state->fb == state->fb (stable-fixes).
* drm/vmwgfx: Enable DMA mappings with SEV (git-fixes).
* drm/vmwgfx: Fix crtc's atomic check conditional (git-fixes).
* drm/vmwgfx: Fix invalid reads in fence signaled events (git-fixes).
* drm/vmwgfx: Sort primary plane formats by order of preference (git-fixes).
* drm: nv04: Fix out of bounds access (git-fixes).
* drm: panel-orientation-quirks: Add quirk for GPD Win Mini (stable-fixes).
* drm: panel-orientation-quirks: Add quirk for Lenovo Legion Go (stable-
fixes).
* dump_stack: Do not get cpu_sync for panic CPU (bsc#1223574).
* fbdev: fix incorrect address computation in deferred IO (git-fixes).
* fbdev: viafb: fix typo in hw_bitblt_1 and hw_bitblt_2 (stable-fixes).
* fbmon: prevent division by zero in fb_videomode_from_videomode() (stable-
fixes).
* fuse: do not unhash root (bsc#1223951).
* fuse: fix root lookup with nonzero generation (bsc#1223950).
* hwmon: (amc6821) add of_match table (stable-fixes).
* i2c: pxa: hide unused icr_bits[] variable (git-fixes).
* i2c: smbus: fix NULL function pointer dereference (git-fixes).
* i40e: Fix VF MAC filter removal (git-fixes).
* idma64: Do not try to serve interrupts when device is powered off (git-
fixes).
* iio: accel: mxc4005: Interrupt handling fixes (git-fixes).
* iio:imu: adis16475: Fix sync mode setting (git-fixes).
* init/main.c: Fix potential static_command_line memory overflow (git-fixes).
* ipv6/addrconf: fix a potential refcount underflow for idev (git-fixes).
* irqchip/gic-v3-its: Prevent double free on error (git-fixes).
* kprobes: Fix possible use-after-free issue on kprobe registration (git-
fixes).
* livepatch: Fix missing newline character in klp_resolve_symbols()
(bsc#1223539).
* media: cec: core: remove length check of Timer Status (stable-fixes).
* media: sta2x11: fix irq handler cast (stable-fixes).
* mei: me: add arrow lake point H DID (stable-fixes).
* mei: me: add arrow lake point S DID (stable-fixes).
* mei: me: disable RPL-S on SPS and IGN firmwares (git-fixes).
* mm/vmscan: make sure wakeup_kswapd with managed zone (bsc#1223473).
* mmc: sdhci-msm: pervent access to suspended controller (git-fixes).
* mtd: diskonchip: work around ubsan link failure (stable-fixes).
* net: bridge: vlan: fix memory leak in __allowed_ingress (git-fixes).
* net: fix a memleak when uncloning an skb dst and its metadata (git-fixes).
* net: fix skb leak in __skb_tstamp_tx() (git-fixes).
* net: ipv6: ensure we call ipv6_mc_down() at most once (git-fixes).
* net: mld: fix reference count leak in mld_{query | report}_work() (git-
fixes).
* net: stream: purge sk_error_queue in sk_stream_kill_queues() (git-fixes).
* net: usb: ax88179_178a: avoid writing the mac address before first reading
(git-fixes).
* net: usb: ax88179_178a: stop lying about skb->truesize (git-fixes).
* net: vlan: fix underflow for the real_dev refcnt (git-fixes).
* net: vmxnet3: Fix NULL pointer dereference in vmxnet3_rq_rx_complete()
(bsc#1223360).
* netfilter: br_netfilter: Drop dst references before setting (git-fixes).
* netfilter: ipt_CLUSTERIP: fix refcount leak in clusterip_tg_check() (git-
fixes).
* netfilter: nft_ct: fix l3num expectations with inet pseudo family (git-
fixes).
* nfsd: use __fput_sync() to avoid delayed closing of files (bsc#1223380
bsc#1217408).
* nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
* nilfs2: fix OOB in nilfs_set_de_type (git-fixes).
* nouveau: fix function cast warning (git-fixes).
* nouveau: fix instmem race condition around ptr stores (git-fixes).
* phy: tegra: xusb: Add API to retrieve the port number of phy (stable-fixes).
* pinctrl: renesas: checker: Limit cfg reg enum checks to provided IDs
(stable-fixes).
* platform/x86: intel-vbtn: Update tablet mode switch at end of probe (git-
fixes).
* platform/x86: touchscreen_dmi: Add an extra entry for a variant of the Chuwi
Vi8 tablet (stable-fixes).
* powerpc/kasan: Do not instrument non-maskable or raw interrupts
(bsc#1223191).
* powerpc/rtas: define pr_fmt and convert printk call sites (bsc#1223369
ltc#205888).
* powerpc/rtas: export rtas_error_rc() for reuse (bsc#1223369 ltc#205888).
* powerpc: Avoid nmi_enter/nmi_exit in real mode interrupt (bsc#1221645
ltc#205739 bsc#1223191).
* powerpc: Refactor verification of MSR_RI (bsc#1223191).
* printk: Add this_cpu_in_panic() (bsc#1223574).
* printk: Adjust mapping for 32bit seq macros (bsc#1223574).
* printk: Avoid non-panic CPUs writing to ringbuffer (bsc#1223574).
* printk: Disable passing console lock owner completely during panic()
(bsc#1223574).
* printk: Drop console_sem during panic (bsc#1223574).
* printk: Rename abandon_console_lock_in_panic() to other_cpu_in_panic()
(bsc#1223574).
* printk: Use prb_first_seq() as base for 32bit seq macros (bsc#1223574).
* printk: Wait for all reserved records with pr_flush() (bsc#1223574).
* printk: nbcon: Relocate 32bit seq macros (bsc#1223574).
* printk: ringbuffer: Clarify special lpos values (bsc#1223574).
* printk: ringbuffer: Cleanup reader terminology (bsc#1223574).
* printk: ringbuffer: Do not skip non-finalized records with prb_next_seq()
(bsc#1223574).
* printk: ringbuffer: Improve prb_next_seq() performance (bsc#1223574).
* printk: ringbuffer: Skip non-finalized records in panic (bsc#1223574).
* pstore/zone: Add a null pointer check to the psz_kmsg_read (stable-fixes).
* ring-buffer: Only update pages_touched when a new page is touched (git-
fixes).
* ring-buffer: use READ_ONCE() to read cpu_buffer->commit_page in concurrent
environment (git-fixes).
* s390/cio: Ensure the copied buf is NUL terminated (git-fixes bsc#1223875).
* s390/decompressor: fix misaligned symbol build error (git-fixes
bsc#1223785).
* s390/mm: Fix clearing storage keys for huge pages (git-fixes bsc#1223877).
* s390/mm: Fix storage key clearing for guest huge pages (git-fixes
bsc#1223878).
* s390/qeth: Fix kernel panic after setting hsuid (git-fixes bsc#1223879).
* s390/scm: fix virtual vs physical address confusion (git-fixes bsc#1223784).
* s390/vdso: Add CFI for RA register to asm macro vdso_func (git-fixes
bsc#1223876).
* s390/vdso: drop '-fPIC' from LDFLAGS (git-fixes bsc#1223598).
* s390/zcrypt: fix reference counting on zcrypt card objects (git-fixes
bsc#1223595).
* serial/pmac_zilog: Remove flawed mitigation for rx irq flood (git-fixes).
* serial: core: Provide port lock wrappers (stable-fixes).
* serial: core: fix kernel-doc for uart_port_unlock_irqrestore() (git-fixes).
* serial: mxs-auart: add spinlock around changing cts state (git-fixes).
* slimbus: qcom-ngd-ctrl: Add timeout for wait operation (git-fixes).
* speakup: Avoid crash on very long word (git-fixes).
* speakup: Fix 8bit characters from direct synth (git-fixes).
* spi: hisi-kunpeng: Delete the dump interface of data registers in debugfs
(git-fixes).
* tcp/udp: Fix memleaks of sk and zerocopy skbs with TX timestamp (git-fixes).
* thunderbolt: Avoid notify PM core about runtime PM resume (stable-fixes).
* thunderbolt: Fix wake configurations after device unplug (stable-fixes).
* tracing/net_sched: Fix tracepoints that save qdisc_dev() as a string (git-
fixes).
* tracing: Show size of requested perf buffer (git-fixes).
* usb: Disable USB3 LPM at shutdown (stable-fixes).
* usb: Fix regression caused by invalid ep0 maxpacket in virtual SuperSpeed
device (git-fixes).
* usb: dwc2: host: Fix dereference issue in DDMA completion flow (git-fixes).
* usb: dwc3: core: Prevent phy suspend during init (Git-fixes).
* usb: gadget: composite: fix OS descriptors w_value logic (git-fixes).
* usb: gadget: f_fs: Fix a race condition when processing setup packets (git-
fixes).
* usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep transport
error (stable-fixes).
* usb: gadget: tegra-xudc: Fix USB3 PHY retrieval logic (git-fixes).
* usb: ohci: Prevent missed ohci interrupts (git-fixes).
* usb: sl811-hcd: only defined function checkdone if QUIRK2 is defined
(stable-fixes).
* usb: typec: tcpci: add generic tcpci fallback compatible (stable-fixes).
* usb: typec: tcpm: Check for port partner validity before consuming it (git-
fixes).
* usb: typec: tcpm: unregister existing source caps before re-registration
(bsc#1220569).
* usb: typec: ucsi: Ack unsupported commands (stable-fixes).
* usb: typec: ucsi: Clear UCSI_CCI_RESET_COMPLETE before reset (stable-fixes).
* usb: typec: ucsi: Fix connector check on init (git-fixes).
* usb: udc: remove warning when queue disabled ep (stable-fixes).
* virtio: treat alloc_dax() -EOPNOTSUPP failure as non-fatal (bsc#1223949).
* wifi: ath9k: fix LNA selection in ath_ant_try_scan() (stable-fixes).
* wifi: iwlwifi: mvm: remove old PASN station when adding a new one (git-
fixes).
* wifi: iwlwifi: mvm: return uid from iwl_mvm_build_scan_cmd (git-fixes).
* wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes (stable-
fixes).
* wifi: nl80211: do not free NULL coalescing rule (git-fixes).
* x86/bugs: Cache the value of MSR_IA32_ARCH_CAPABILITIES (git-fixes).
* x86/bugs: Fix BHI documentation (git-fixes).
* x86/bugs: Fix BHI handling of RRSBA (git-fixes).
* x86/bugs: Fix BHI retpoline check (git-fixes).
* x86/bugs: Fix return type of spectre_bhi_state() (git-fixes).
* x86/bugs: Rename various 'ia32_cap' variables to 'x86_arch_cap_msr' (git-
fixes).
* x86/cpufeatures: Fix dependencies for GFNI, VAES, and VPCLMULQDQ (git-
fixes).
* x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type
(jsc#PED-7167 git-fixes).
* x86/sev: Skip ROM range scans and validation for SEV-SNP guests
(jsc#PED-7167 git-fixes).
* xfrm6: fix inet6_dev refcount underflow problem (git-fixes).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1644=1 SUSE-2024-1644=1

* Public Cloud Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-1644=1

## Package List:

* openSUSE Leap 15.5 (aarch64 x86_64)
* cluster-md-kmp-azure-debuginfo-5.14.21-150500.33.51.1
* ocfs2-kmp-azure-debuginfo-5.14.21-150500.33.51.1
* reiserfs-kmp-azure-5.14.21-150500.33.51.1
* kernel-azure-extra-debuginfo-5.14.21-150500.33.51.1
* kernel-azure-debuginfo-5.14.21-150500.33.51.1
* gfs2-kmp-azure-debuginfo-5.14.21-150500.33.51.1
* dlm-kmp-azure-5.14.21-150500.33.51.1
* kernel-azure-debugsource-5.14.21-150500.33.51.1
* kselftests-kmp-azure-5.14.21-150500.33.51.1
* kernel-azure-devel-5.14.21-150500.33.51.1
* dlm-kmp-azure-debuginfo-5.14.21-150500.33.51.1
* kernel-azure-livepatch-devel-5.14.21-150500.33.51.1
* cluster-md-kmp-azure-5.14.21-150500.33.51.1
* kernel-azure-extra-5.14.21-150500.33.51.1
* kernel-azure-optional-debuginfo-5.14.21-150500.33.51.1
* kernel-azure-optional-5.14.21-150500.33.51.1
* reiserfs-kmp-azure-debuginfo-5.14.21-150500.33.51.1
* kselftests-kmp-azure-debuginfo-5.14.21-150500.33.51.1
* ocfs2-kmp-azure-5.14.21-150500.33.51.1
* kernel-azure-devel-debuginfo-5.14.21-150500.33.51.1
* kernel-syms-azure-5.14.21-150500.33.51.1
* gfs2-kmp-azure-5.14.21-150500.33.51.1
* openSUSE Leap 15.5 (aarch64 nosrc x86_64)
* kernel-azure-5.14.21-150500.33.51.1
* openSUSE Leap 15.5 (x86_64)
* kernel-azure-vdso-debuginfo-5.14.21-150500.33.51.1
* kernel-azure-vdso-5.14.21-150500.33.51.1
* openSUSE Leap 15.5 (noarch)
* kernel-source-azure-5.14.21-150500.33.51.1
* kernel-devel-azure-5.14.21-150500.33.51.1
* Public Cloud Module 15-SP5 (aarch64 nosrc x86_64)
* kernel-azure-5.14.21-150500.33.51.1
* Public Cloud Module 15-SP5 (aarch64 x86_64)
* kernel-azure-devel-5.14.21-150500.33.51.1
* kernel-azure-debugsource-5.14.21-150500.33.51.1
* kernel-azure-debuginfo-5.14.21-150500.33.51.1
* kernel-azure-devel-debuginfo-5.14.21-150500.33.51.1
* kernel-syms-azure-5.14.21-150500.33.51.1
* Public Cloud Module 15-SP5 (noarch)
* kernel-source-azure-5.14.21-150500.33.51.1
* kernel-devel-azure-5.14.21-150500.33.51.1

## References:

* https://www.suse.com/security/cve/CVE-2021-47047.html
* https://www.suse.com/security/cve/CVE-2021-47184.html
* https://www.suse.com/security/cve/CVE-2021-47185.html
* https://www.suse.com/security/cve/CVE-2021-47187.html
* https://www.suse.com/security/cve/CVE-2021-47188.html
* https://www.suse.com/security/cve/CVE-2021-47191.html
* https://www.suse.com/security/cve/CVE-2021-47192.html
* https://www.suse.com/security/cve/CVE-2021-47193.html
* https://www.suse.com/security/cve/CVE-2021-47194.html
* https://www.suse.com/security/cve/CVE-2021-47195.html
* https://www.suse.com/security/cve/CVE-2021-47196.html
* https://www.suse.com/security/cve/CVE-2021-47197.html
* https://www.suse.com/security/cve/CVE-2021-47198.html
* https://www.suse.com/security/cve/CVE-2021-47199.html
* https://www.suse.com/security/cve/CVE-2021-47200.html
* https://www.suse.com/security/cve/CVE-2021-47201.html
* https://www.suse.com/security/cve/CVE-2021-47202.html
* https://www.suse.com/security/cve/CVE-2021-47203.html
* https://www.suse.com/security/cve/CVE-2021-47204.html
* https://www.suse.com/security/cve/CVE-2021-47205.html
* https://www.suse.com/security/cve/CVE-2021-47206.html
* https://www.suse.com/security/cve/CVE-2021-47207.html
* https://www.suse.com/security/cve/CVE-2021-47209.html
* https://www.suse.com/security/cve/CVE-2021-47210.html
* https://www.suse.com/security/cve/CVE-2021-47211.html
* https://www.suse.com/security/cve/CVE-2021-47212.html
* https://www.suse.com/security/cve/CVE-2021-47214.html
* https://www.suse.com/security/cve/CVE-2021-47215.html
* https://www.suse.com/security/cve/CVE-2021-47216.html
* https://www.suse.com/security/cve/CVE-2021-47217.html
* https://www.suse.com/security/cve/CVE-2021-47218.html
* https://www.suse.com/security/cve/CVE-2021-47219.html
* https://www.suse.com/security/cve/CVE-2022-48631.html
* https://www.suse.com/security/cve/CVE-2022-48632.html
* https://www.suse.com/security/cve/CVE-2022-48634.html
* https://www.suse.com/security/cve/CVE-2022-48636.html
* https://www.suse.com/security/cve/CVE-2022-48637.html
* https://www.suse.com/security/cve/CVE-2022-48638.html
* https://www.suse.com/security/cve/CVE-2022-48639.html
* https://www.suse.com/security/cve/CVE-2022-48640.html
* https://www.suse.com/security/cve/CVE-2022-48642.html
* https://www.suse.com/security/cve/CVE-2022-48644.html
* https://www.suse.com/security/cve/CVE-2022-48646.html
* https://www.suse.com/security/cve/CVE-2022-48647.html
* https://www.suse.com/security/cve/CVE-2022-48648.html
* https://www.suse.com/security/cve/CVE-2022-48650.html
* https://www.suse.com/security/cve/CVE-2022-48651.html
* https://www.suse.com/security/cve/CVE-2022-48652.html
* https://www.suse.com/security/cve/CVE-2022-48653.html
* https://www.suse.com/security/cve/CVE-2022-48654.html
* https://www.suse.com/security/cve/CVE-2022-48655.html
* https://www.suse.com/security/cve/CVE-2022-48656.html
* https://www.suse.com/security/cve/CVE-2022-48657.html
* https://www.suse.com/security/cve/CVE-2022-48658.html
* https://www.suse.com/security/cve/CVE-2022-48659.html
* https://www.suse.com/security/cve/CVE-2022-48660.html
* https://www.suse.com/security/cve/CVE-2022-48662.html
* https://www.suse.com/security/cve/CVE-2022-48663.html
* https://www.suse.com/security/cve/CVE-2022-48667.html
* https://www.suse.com/security/cve/CVE-2022-48668.html
* https://www.suse.com/security/cve/CVE-2022-48671.html
* https://www.suse.com/security/cve/CVE-2022-48672.html
* https://www.suse.com/security/cve/CVE-2022-48673.html
* https://www.suse.com/security/cve/CVE-2022-48675.html
* https://www.suse.com/security/cve/CVE-2022-48686.html
* https://www.suse.com/security/cve/CVE-2022-48687.html
* https://www.suse.com/security/cve/CVE-2022-48688.html
* https://www.suse.com/security/cve/CVE-2022-48690.html
* https://www.suse.com/security/cve/CVE-2022-48692.html
* https://www.suse.com/security/cve/CVE-2022-48693.html
* https://www.suse.com/security/cve/CVE-2022-48694.html
* https://www.suse.com/security/cve/CVE-2022-48695.html
* https://www.suse.com/security/cve/CVE-2022-48697.html
* https://www.suse.com/security/cve/CVE-2022-48698.html
* https://www.suse.com/security/cve/CVE-2022-48699.html
* https://www.suse.com/security/cve/CVE-2022-48700.html
* https://www.suse.com/security/cve/CVE-2022-48701.html
* https://www.suse.com/security/cve/CVE-2022-48702.html
* https://www.suse.com/security/cve/CVE-2022-48703.html
* https://www.suse.com/security/cve/CVE-2022-48704.html
* https://www.suse.com/security/cve/CVE-2023-2860.html
* https://www.suse.com/security/cve/CVE-2023-52585.html
* https://www.suse.com/security/cve/CVE-2023-52589.html
* https://www.suse.com/security/cve/CVE-2023-52590.html
* https://www.suse.com/security/cve/CVE-2023-52591.html
* https://www.suse.com/security/cve/CVE-2023-52593.html
* https://www.suse.com/security/cve/CVE-2023-52614.html
* https://www.suse.com/security/cve/CVE-2023-52616.html
* https://www.suse.com/security/cve/CVE-2023-52620.html
* https://www.suse.com/security/cve/CVE-2023-52635.html
* https://www.suse.com/security/cve/CVE-2023-52645.html
* https://www.suse.com/security/cve/CVE-2023-52646.html
* https://www.suse.com/security/cve/CVE-2023-52652.html
* https://www.suse.com/security/cve/CVE-2023-6270.html
* https://www.suse.com/security/cve/CVE-2024-0639.html
* https://www.suse.com/security/cve/CVE-2024-0841.html
* https://www.suse.com/security/cve/CVE-2024-2201.html
* https://www.suse.com/security/cve/CVE-2024-22099.html
* https://www.suse.com/security/cve/CVE-2024-23307.html
* https://www.suse.com/security/cve/CVE-2024-23848.html
* https://www.suse.com/security/cve/CVE-2024-23850.html
* https://www.suse.com/security/cve/CVE-2024-26601.html
* https://www.suse.com/security/cve/CVE-2024-26610.html
* https://www.suse.com/security/cve/CVE-2024-26656.html
* https://www.suse.com/security/cve/CVE-2024-26671.html
* https://www.suse.com/security/cve/CVE-2024-26673.html
* https://www.suse.com/security/cve/CVE-2024-26675.html
* https://www.suse.com/security/cve/CVE-2024-26679.html
* https://www.suse.com/security/cve/CVE-2024-26687.html
* https://www.suse.com/security/cve/CVE-2024-26688.html
* https://www.suse.com/security/cve/CVE-2024-26700.html
* https://www.suse.com/security/cve/CVE-2024-26702.html
* https://www.suse.com/security/cve/CVE-2024-26733.html
* https://www.suse.com/security/cve/CVE-2024-26739.html
* https://www.suse.com/security/cve/CVE-2024-26764.html
* https://www.suse.com/security/cve/CVE-2024-26766.html
* https://www.suse.com/security/cve/CVE-2024-26772.html
* https://www.suse.com/security/cve/CVE-2024-26773.html
* https://www.suse.com/security/cve/CVE-2024-26783.html
* https://www.suse.com/security/cve/CVE-2024-26791.html
* https://www.suse.com/security/cve/CVE-2024-26792.html
* https://www.suse.com/security/cve/CVE-2024-26816.html
* https://www.suse.com/security/cve/CVE-2024-26817.html
* https://www.suse.com/security/cve/CVE-2024-26820.html
* https://www.suse.com/security/cve/CVE-2024-26825.html
* https://www.suse.com/security/cve/CVE-2024-26830.html
* https://www.suse.com/security/cve/CVE-2024-26833.html
* https://www.suse.com/security/cve/CVE-2024-26836.html
* https://www.suse.com/security/cve/CVE-2024-26840.html
* https://www.suse.com/security/cve/CVE-2024-26843.html
* https://www.suse.com/security/cve/CVE-2024-26852.html
* https://www.suse.com/security/cve/CVE-2024-26853.html
* https://www.suse.com/security/cve/CVE-2024-26855.html
* https://www.suse.com/security/cve/CVE-2024-26856.html
* https://www.suse.com/security/cve/CVE-2024-26857.html
* https://www.suse.com/security/cve/CVE-2024-26861.html
* https://www.suse.com/security/cve/CVE-2024-26862.html
* https://www.suse.com/security/cve/CVE-2024-26866.html
* https://www.suse.com/security/cve/CVE-2024-26872.html
* https://www.suse.com/security/cve/CVE-2024-26875.html
* https://www.suse.com/security/cve/CVE-2024-26876.html
* https://www.suse.com/security/cve/CVE-2024-26877.html
* https://www.suse.com/security/cve/CVE-2024-26878.html
* https://www.suse.com/security/cve/CVE-2024-26879.html
* https://www.suse.com/security/cve/CVE-2024-26881.html
* https://www.suse.com/security/cve/CVE-2024-26882.html
* https://www.suse.com/security/cve/CVE-2024-26883.html
* https://www.suse.com/security/cve/CVE-2024-26884.html
* https://www.suse.com/security/cve/CVE-2024-26885.html
* https://www.suse.com/security/cve/CVE-2024-26891.html
* https://www.suse.com/security/cve/CVE-2024-26893.html
* https://www.suse.com/security/cve/CVE-2024-26895.html
* https://www.suse.com/security/cve/CVE-2024-26896.html
* https://www.suse.com/security/cve/CVE-2024-26897.html
* https://www.suse.com/security/cve/CVE-2024-26898.html
* https://www.suse.com/security/cve/CVE-2024-26901.html
* https://www.suse.com/security/cve/CVE-2024-26903.html
* https://www.suse.com/security/cve/CVE-2024-26915.html
* https://www.suse.com/security/cve/CVE-2024-26917.html
* https://www.suse.com/security/cve/CVE-2024-26927.html
* https://www.suse.com/security/cve/CVE-2024-26933.html
* https://www.suse.com/security/cve/CVE-2024-26939.html
* https://www.suse.com/security/cve/CVE-2024-26948.html
* https://www.suse.com/security/cve/CVE-2024-26950.html
* https://www.suse.com/security/cve/CVE-2024-26951.html
* https://www.suse.com/security/cve/CVE-2024-26955.html
* https://www.suse.com/security/cve/CVE-2024-26956.html
* https://www.suse.com/security/cve/CVE-2024-26960.html
* https://www.suse.com/security/cve/CVE-2024-26965.html
* https://www.suse.com/security/cve/CVE-2024-26966.html
* https://www.suse.com/security/cve/CVE-2024-26969.html
* https://www.suse.com/security/cve/CVE-2024-26970.html
* https://www.suse.com/security/cve/CVE-2024-26972.html
* https://www.suse.com/security/cve/CVE-2024-26979.html
* https://www.suse.com/security/cve/CVE-2024-26981.html
* https://www.suse.com/security/cve/CVE-2024-26982.html
* https://www.suse.com/security/cve/CVE-2024-26993.html
* https://www.suse.com/security/cve/CVE-2024-27013.html
* https://www.suse.com/security/cve/CVE-2024-27014.html
* https://www.suse.com/security/cve/CVE-2024-27030.html
* https://www.suse.com/security/cve/CVE-2024-27038.html
* https://www.suse.com/security/cve/CVE-2024-27039.html
* https://www.suse.com/security/cve/CVE-2024-27041.html
* https://www.suse.com/security/cve/CVE-2024-27042.html
* https://www.suse.com/security/cve/CVE-2024-27043.html
* https://www.suse.com/security/cve/CVE-2024-27046.html
* https://www.suse.com/security/cve/CVE-2024-27056.html
* https://www.suse.com/security/cve/CVE-2024-27059.html
* https://www.suse.com/security/cve/CVE-2024-27062.html
* https://www.suse.com/security/cve/CVE-2024-27389.html
* https://bugzilla.suse.com/show_bug.cgi?id=1141539
* https://bugzilla.suse.com/show_bug.cgi?id=1190576
* https://bugzilla.suse.com/show_bug.cgi?id=1192145
* https://bugzilla.suse.com/show_bug.cgi?id=1192837
* https://bugzilla.suse.com/show_bug.cgi?id=1193629
* https://bugzilla.suse.com/show_bug.cgi?id=1196869
* https://bugzilla.suse.com/show_bug.cgi?id=1200313
* https://bugzilla.suse.com/show_bug.cgi?id=1201308
* https://bugzilla.suse.com/show_bug.cgi?id=1201489
* https://bugzilla.suse.com/show_bug.cgi?id=1203906
* https://bugzilla.suse.com/show_bug.cgi?id=1203935
* https://bugzilla.suse.com/show_bug.cgi?id=1204614
* https://bugzilla.suse.com/show_bug.cgi?id=1207361
* https://bugzilla.suse.com/show_bug.cgi?id=1211592
* https://bugzilla.suse.com/show_bug.cgi?id=1213573
* https://bugzilla.suse.com/show_bug.cgi?id=1217339
* https://bugzilla.suse.com/show_bug.cgi?id=1217408
* https://bugzilla.suse.com/show_bug.cgi?id=1218562
* https://bugzilla.suse.com/show_bug.cgi?id=1218917
* https://bugzilla.suse.com/show_bug.cgi?id=1219104
* https://bugzilla.suse.com/show_bug.cgi?id=1219126
* https://bugzilla.suse.com/show_bug.cgi?id=1219141
* https://bugzilla.suse.com/show_bug.cgi?id=1219169
* https://bugzilla.suse.com/show_bug.cgi?id=1219170
* https://bugzilla.suse.com/show_bug.cgi?id=1219264
* https://bugzilla.suse.com/show_bug.cgi?id=1220342
* https://bugzilla.suse.com/show_bug.cgi?id=1220569
* https://bugzilla.suse.com/show_bug.cgi?id=1220761
* https://bugzilla.suse.com/show_bug.cgi?id=1221042
* https://bugzilla.suse.com/show_bug.cgi?id=1221044
* https://bugzilla.suse.com/show_bug.cgi?id=1221080
* https://bugzilla.suse.com/show_bug.cgi?id=1221084
* https://bugzilla.suse.com/show_bug.cgi?id=1221088
* https://bugzilla.suse.com/show_bug.cgi?id=1221299
* https://bugzilla.suse.com/show_bug.cgi?id=1221612
* https://bugzilla.suse.com/show_bug.cgi?id=1221617
* https://bugzilla.suse.com/show_bug.cgi?id=1221645
* https://bugzilla.suse.com/show_bug.cgi?id=1221825
* https://bugzilla.suse.com/show_bug.cgi?id=1222294
* https://bugzilla.suse.com/show_bug.cgi?id=1222307
* https://bugzilla.suse.com/show_bug.cgi?id=1222357
* https://bugzilla.suse.com/show_bug.cgi?id=1222368
* https://bugzilla.suse.com/show_bug.cgi?id=1222379
* https://bugzilla.suse.com/show_bug.cgi?id=1222385
* https://bugzilla.suse.com/show_bug.cgi?id=1222424
* https://bugzilla.suse.com/show_bug.cgi?id=1222430
* https://bugzilla.suse.com/show_bug.cgi?id=1222435
* https://bugzilla.suse.com/show_bug.cgi?id=1222482
* https://bugzilla.suse.com/show_bug.cgi?id=1222559
* https://bugzilla.suse.com/show_bug.cgi?id=1222585
* https://bugzilla.suse.com/show_bug.cgi?id=1222613
* https://bugzilla.suse.com/show_bug.cgi?id=1222615
* https://bugzilla.suse.com/show_bug.cgi?id=1222618
* https://bugzilla.suse.com/show_bug.cgi?id=1222624
* https://bugzilla.suse.com/show_bug.cgi?id=1222666
* https://bugzilla.suse.com/show_bug.cgi?id=1222669
* https://bugzilla.suse.com/show_bug.cgi?id=1222671
* https://bugzilla.suse.com/show_bug.cgi?id=1222703
* https://bugzilla.suse.com/show_bug.cgi?id=1222704
* https://bugzilla.suse.com/show_bug.cgi?id=1222709
* https://bugzilla.suse.com/show_bug.cgi?id=1222710
* https://bugzilla.suse.com/show_bug.cgi?id=1222721
* https://bugzilla.suse.com/show_bug.cgi?id=1222726
* https://bugzilla.suse.com/show_bug.cgi?id=1222773
* https://bugzilla.suse.com/show_bug.cgi?id=1222776
* https://bugzilla.suse.com/show_bug.cgi?id=1222785
* https://bugzilla.suse.com/show_bug.cgi?id=1222787
* https://bugzilla.suse.com/show_bug.cgi?id=1222790
* https://bugzilla.suse.com/show_bug.cgi?id=1222791
* https://bugzilla.suse.com/show_bug.cgi?id=1222792
* https://bugzilla.suse.com/show_bug.cgi?id=1222793
* https://bugzilla.suse.com/show_bug.cgi?id=1222796
* https://bugzilla.suse.com/show_bug.cgi?id=1222812
* https://bugzilla.suse.com/show_bug.cgi?id=1222824
* https://bugzilla.suse.com/show_bug.cgi?id=1222829
* https://bugzilla.suse.com/show_bug.cgi?id=1222832
* https://bugzilla.suse.com/show_bug.cgi?id=1222836
* https://bugzilla.suse.com/show_bug.cgi?id=1222838
* https://bugzilla.suse.com/show_bug.cgi?id=1222866
* https://bugzilla.suse.com/show_bug.cgi?id=1222867
* https://bugzilla.suse.com/show_bug.cgi?id=1222869
* https://bugzilla.suse.com/show_bug.cgi?id=1222870
* https://bugzilla.suse.com/show_bug.cgi?id=1222876
* https://bugzilla.suse.com/show_bug.cgi?id=1222878
* https://bugzilla.suse.com/show_bug.cgi?id=1222879
* https://bugzilla.suse.com/show_bug.cgi?id=1222881
* https://bugzilla.suse.com/show_bug.cgi?id=1222883
* https://bugzilla.suse.com/show_bug.cgi?id=1222888
* https://bugzilla.suse.com/show_bug.cgi?id=1222894
* https://bugzilla.suse.com/show_bug.cgi?id=1222901
* https://bugzilla.suse.com/show_bug.cgi?id=1222968
* https://bugzilla.suse.com/show_bug.cgi?id=1222976
* https://bugzilla.suse.com/show_bug.cgi?id=1223012
* https://bugzilla.suse.com/show_bug.cgi?id=1223014
* https://bugzilla.suse.com/show_bug.cgi?id=1223016
* https://bugzilla.suse.com/show_bug.cgi?id=1223024
* https://bugzilla.suse.com/show_bug.cgi?id=1223033
* https://bugzilla.suse.com/show_bug.cgi?id=1223034
* https://bugzilla.suse.com/show_bug.cgi?id=1223035
* https://bugzilla.suse.com/show_bug.cgi?id=1223036
* https://bugzilla.suse.com/show_bug.cgi?id=1223037
* https://bugzilla.suse.com/show_bug.cgi?id=1223041
* https://bugzilla.suse.com/show_bug.cgi?id=1223042
* https://bugzilla.suse.com/show_bug.cgi?id=1223051
* https://bugzilla.suse.com/show_bug.cgi?id=1223052
* https://bugzilla.suse.com/show_bug.cgi?id=1223056
* https://bugzilla.suse.com/show_bug.cgi?id=1223057
* https://bugzilla.suse.com/show_bug.cgi?id=1223058
* https://bugzilla.suse.com/show_bug.cgi?id=1223060
* https://bugzilla.suse.com/show_bug.cgi?id=1223061
* https://bugzilla.suse.com/show_bug.cgi?id=1223065
* https://bugzilla.suse.com/show_bug.cgi?id=1223066
* https://bugzilla.suse.com/show_bug.cgi?id=1223076
* https://bugzilla.suse.com/show_bug.cgi?id=1223078
* https://bugzilla.suse.com/show_bug.cgi?id=1223111
* https://bugzilla.suse.com/show_bug.cgi?id=1223115
* https://bugzilla.suse.com/show_bug.cgi?id=1223118
* https://bugzilla.suse.com/show_bug.cgi?id=1223119
* https://bugzilla.suse.com/show_bug.cgi?id=1223140
* https://bugzilla.suse.com/show_bug.cgi?id=1223187
* https://bugzilla.suse.com/show_bug.cgi?id=1223189
* https://bugzilla.suse.com/show_bug.cgi?id=1223190
* https://bugzilla.suse.com/show_bug.cgi?id=1223191
* https://bugzilla.suse.com/show_bug.cgi?id=1223196
* https://bugzilla.suse.com/show_bug.cgi?id=1223197
* https://bugzilla.suse.com/show_bug.cgi?id=1223198
* https://bugzilla.suse.com/show_bug.cgi?id=1223207
* https://bugzilla.suse.com/show_bug.cgi?id=1223275
* https://bugzilla.suse.com/show_bug.cgi?id=1223323
* https://bugzilla.suse.com/show_bug.cgi?id=1223360
* https://bugzilla.suse.com/show_bug.cgi?id=1223369
* https://bugzilla.suse.com/show_bug.cgi?id=1223380
* https://bugzilla.suse.com/show_bug.cgi?id=1223432
* https://bugzilla.suse.com/show_bug.cgi?id=1223473
* https://bugzilla.suse.com/show_bug.cgi?id=1223474
* https://bugzilla.suse.com/show_bug.cgi?id=1223475
* https://bugzilla.suse.com/show_bug.cgi?id=1223477
* https://bugzilla.suse.com/show_bug.cgi?id=1223478
* https://bugzilla.suse.com/show_bug.cgi?id=1223479
* https://bugzilla.suse.com/show_bug.cgi?id=1223481
* https://bugzilla.suse.com/show_bug.cgi?id=1223482
* https://bugzilla.suse.com/show_bug.cgi?id=1223484
* https://bugzilla.suse.com/show_bug.cgi?id=1223487
* https://bugzilla.suse.com/show_bug.cgi?id=1223490
* https://bugzilla.suse.com/show_bug.cgi?id=1223496
* https://bugzilla.suse.com/show_bug.cgi?id=1223498
* https://bugzilla.suse.com/show_bug.cgi?id=1223499
* https://bugzilla.suse.com/show_bug.cgi?id=1223501
* https://bugzilla.suse.com/show_bug.cgi?id=1223502
* https://bugzilla.suse.com/show_bug.cgi?id=1223503
* https://bugzilla.suse.com/show_bug.cgi?id=1223505
* https://bugzilla.suse.com/show_bug.cgi?id=1223509
* https://bugzilla.suse.com/show_bug.cgi?id=1223511
* https://bugzilla.suse.com/show_bug.cgi?id=1223512
* https://bugzilla.suse.com/show_bug.cgi?id=1223513
* https://bugzilla.suse.com/show_bug.cgi?id=1223516
* https://bugzilla.suse.com/show_bug.cgi?id=1223517
* https://bugzilla.suse.com/show_bug.cgi?id=1223518
* https://bugzilla.suse.com/show_bug.cgi?id=1223519
* https://bugzilla.suse.com/show_bug.cgi?id=1223520
* https://bugzilla.suse.com/show_bug.cgi?id=1223522
* https://bugzilla.suse.com/show_bug.cgi?id=1223523
* https://bugzilla.suse.com/show_bug.cgi?id=1223525
* https://bugzilla.suse.com/show_bug.cgi?id=1223536
* https://bugzilla.suse.com/show_bug.cgi?id=1223539
* https://bugzilla.suse.com/show_bug.cgi?id=1223574
* https://bugzilla.suse.com/show_bug.cgi?id=1223595
* https://bugzilla.suse.com/show_bug.cgi?id=1223598
* https://bugzilla.suse.com/show_bug.cgi?id=1223628
* https://bugzilla.suse.com/show_bug.cgi?id=1223634
* https://bugzilla.suse.com/show_bug.cgi?id=1223640
* https://bugzilla.suse.com/show_bug.cgi?id=1223643
* https://bugzilla.suse.com/show_bug.cgi?id=1223644
* https://bugzilla.suse.com/show_bug.cgi?id=1223645
* https://bugzilla.suse.com/show_bug.cgi?id=1223646
* https://bugzilla.suse.com/show_bug.cgi?id=1223648
* https://bugzilla.suse.com/show_bug.cgi?id=1223655
* https://bugzilla.suse.com/show_bug.cgi?id=1223657
* https://bugzilla.suse.com/show_bug.cgi?id=1223660
* https://bugzilla.suse.com/show_bug.cgi?id=1223661
* https://bugzilla.suse.com/show_bug.cgi?id=1223663
* https://bugzilla.suse.com/show_bug.cgi?id=1223664
* https://bugzilla.suse.com/show_bug.cgi?id=1223668
* https://bugzilla.suse.com/show_bug.cgi?id=1223670
* https://bugzilla.suse.com/show_bug.cgi?id=1223679
* https://bugzilla.suse.com/show_bug.cgi?id=1223686
* https://bugzilla.suse.com/show_bug.cgi?id=1223693
* https://bugzilla.suse.com/show_bug.cgi?id=1223705
* https://bugzilla.suse.com/show_bug.cgi?id=1223714
* https://bugzilla.suse.com/show_bug.cgi?id=1223735
* https://bugzilla.suse.com/show_bug.cgi?id=1223738
* https://bugzilla.suse.com/show_bug.cgi?id=1223745
* https://bugzilla.suse.com/show_bug.cgi?id=1223784
* https://bugzilla.suse.com/show_bug.cgi?id=1223785
* https://bugzilla.suse.com/show_bug.cgi?id=1223790
* https://bugzilla.suse.com/show_bug.cgi?id=1223816
* https://bugzilla.suse.com/show_bug.cgi?id=1223821
* https://bugzilla.suse.com/show_bug.cgi?id=1223822
* https://bugzilla.suse.com/show_bug.cgi?id=1223823
* https://bugzilla.suse.com/show_bug.cgi?id=1223824
* https://bugzilla.suse.com/show_bug.cgi?id=1223827
* https://bugzilla.suse.com/show_bug.cgi?id=1223834
* https://bugzilla.suse.com/show_bug.cgi?id=1223858
* https://bugzilla.suse.com/show_bug.cgi?id=1223875
* https://bugzilla.suse.com/show_bug.cgi?id=1223876
* https://bugzilla.suse.com/show_bug.cgi?id=1223877
* https://bugzilla.suse.com/show_bug.cgi?id=1223878
* https://bugzilla.suse.com/show_bug.cgi?id=1223879
* https://bugzilla.suse.com/show_bug.cgi?id=1223894
* https://bugzilla.suse.com/show_bug.cgi?id=1223921
* https://bugzilla.suse.com/show_bug.cgi?id=1223922
* https://bugzilla.suse.com/show_bug.cgi?id=1223923
* https://bugzilla.suse.com/show_bug.cgi?id=1223924
* https://bugzilla.suse.com/show_bug.cgi?id=1223929
* https://bugzilla.suse.com/show_bug.cgi?id=1223931
* https://bugzilla.suse.com/show_bug.cgi?id=1223932
* https://bugzilla.suse.com/show_bug.cgi?id=1223934
* https://bugzilla.suse.com/show_bug.cgi?id=1223941
* https://bugzilla.suse.com/show_bug.cgi?id=1223948
* https://bugzilla.suse.com/show_bug.cgi?id=1223949
* https://bugzilla.suse.com/show_bug.cgi?id=1223950
* https://bugzilla.suse.com/show_bug.cgi?id=1223951
* https://bugzilla.suse.com/show_bug.cgi?id=1223952
* https://bugzilla.suse.com/show_bug.cgi?id=1223953
* https://bugzilla.suse.com/show_bug.cgi?id=1223956
* https://bugzilla.suse.com/show_bug.cgi?id=1223957
* https://bugzilla.suse.com/show_bug.cgi?id=1223960
* https://bugzilla.suse.com/show_bug.cgi?id=1223962
* https://bugzilla.suse.com/show_bug.cgi?id=1223963
* https://bugzilla.suse.com/show_bug.cgi?id=1223964
* https://bugzilla.suse.com/show_bug.cgi?id=1223996
* https://jira.suse.com/browse/PED-7167



SUSE-SU-2024:1647-1: important: Security update for the Linux Kernel


# Security update for the Linux Kernel

Announcement ID: SUSE-SU-2024:1647-1
Rating: important
References:

* bsc#1190576
* bsc#1192145
* bsc#1192354
* bsc#1192837
* bsc#1193629
* bsc#1203906
* bsc#1203935
* bsc#1204614
* bsc#1206881
* bsc#1209657
* bsc#1215221
* bsc#1216223
* bsc#1218336
* bsc#1218479
* bsc#1218562
* bsc#1219104
* bsc#1219126
* bsc#1219169
* bsc#1219170
* bsc#1219264
* bsc#1220342
* bsc#1220703
* bsc#1220761
* bsc#1220883
* bsc#1221044
* bsc#1221061
* bsc#1221088
* bsc#1221293
* bsc#1221299
* bsc#1221612
* bsc#1221830
* bsc#1222117
* bsc#1222422
* bsc#1222430
* bsc#1222435
* bsc#1222482
* bsc#1222503
* bsc#1222536
* bsc#1222559
* bsc#1222585
* bsc#1222618
* bsc#1222624
* bsc#1222660
* bsc#1222662
* bsc#1222664
* bsc#1222666
* bsc#1222671
* bsc#1222703
* bsc#1222704
* bsc#1222706
* bsc#1222709
* bsc#1222721
* bsc#1222726
* bsc#1222773
* bsc#1222776
* bsc#1222785
* bsc#1222787
* bsc#1222790
* bsc#1222791
* bsc#1222792
* bsc#1222796
* bsc#1222824
* bsc#1222829
* bsc#1222832
* bsc#1222836
* bsc#1222838
* bsc#1222866
* bsc#1222867
* bsc#1222869
* bsc#1222876
* bsc#1222878
* bsc#1222879
* bsc#1222881
* bsc#1222883
* bsc#1222888
* bsc#1222894
* bsc#1222901
* bsc#1223016
* bsc#1223187
* bsc#1223380
* bsc#1223474
* bsc#1223475
* bsc#1223477
* bsc#1223479
* bsc#1223482
* bsc#1223484
* bsc#1223487
* bsc#1223503
* bsc#1223505
* bsc#1223509
* bsc#1223513
* bsc#1223516
* bsc#1223517
* bsc#1223518
* bsc#1223519
* bsc#1223522
* bsc#1223523
* bsc#1223705
* bsc#1223824

Cross-References:

* CVE-2021-47047
* CVE-2021-47181
* CVE-2021-47182
* CVE-2021-47183
* CVE-2021-47184
* CVE-2021-47185
* CVE-2021-47187
* CVE-2021-47188
* CVE-2021-47189
* CVE-2021-47191
* CVE-2021-47192
* CVE-2021-47193
* CVE-2021-47194
* CVE-2021-47195
* CVE-2021-47196
* CVE-2021-47197
* CVE-2021-47198
* CVE-2021-47199
* CVE-2021-47200
* CVE-2021-47201
* CVE-2021-47202
* CVE-2021-47203
* CVE-2021-47204
* CVE-2021-47205
* CVE-2021-47206
* CVE-2021-47207
* CVE-2021-47209
* CVE-2021-47210
* CVE-2021-47211
* CVE-2021-47212
* CVE-2021-47215
* CVE-2021-47216
* CVE-2021-47217
* CVE-2021-47218
* CVE-2021-47219
* CVE-2022-48631
* CVE-2022-48637
* CVE-2022-48638
* CVE-2022-48647
* CVE-2022-48648
* CVE-2022-48650
* CVE-2022-48651
* CVE-2022-48653
* CVE-2022-48654
* CVE-2022-48655
* CVE-2022-48656
* CVE-2022-48657
* CVE-2022-48660
* CVE-2022-48662
* CVE-2022-48663
* CVE-2022-48667
* CVE-2022-48668
* CVE-2023-0160
* CVE-2023-52476
* CVE-2023-52500
* CVE-2023-52590
* CVE-2023-52591
* CVE-2023-52607
* CVE-2023-52616
* CVE-2023-52628
* CVE-2023-7042
* CVE-2023-7192
* CVE-2024-0841
* CVE-2024-22099
* CVE-2024-23307
* CVE-2024-23848
* CVE-2024-23850
* CVE-2024-26601
* CVE-2024-26610
* CVE-2024-26614
* CVE-2024-26642
* CVE-2024-26687
* CVE-2024-26688
* CVE-2024-26689
* CVE-2024-26704
* CVE-2024-26727
* CVE-2024-26733
* CVE-2024-26739
* CVE-2024-26764
* CVE-2024-26766
* CVE-2024-26773
* CVE-2024-26792
* CVE-2024-26816
* CVE-2024-26898
* CVE-2024-26903
* CVE-2024-27043
* CVE-2024-27389

CVSS scores:

* CVE-2021-47181 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47182 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47183 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47184 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47185 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47187 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47188 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47189 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47191 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47193 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47194 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47194 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47195 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47195 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47196 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47197 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47198 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47198 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2021-47199 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47200 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47201 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47202 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47203 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47204 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47205 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47206 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47207 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47209 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47210 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47211 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47212 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47215 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47216 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2021-47217 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47218 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2021-47219 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-48631 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48637 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48638 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48647 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48648 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48650 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48651 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48653 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48654 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2022-48655 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2022-48655 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48656 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48657 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48660 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2022-48660 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48662 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48662 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2022-48663 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2022-48667 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2022-48668 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2023-0160 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-0160 ( NVD ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52476 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52500 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
* CVE-2023-52590 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
* CVE-2023-52591 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
* CVE-2023-52607 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52616 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52628 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2023-7042 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7042 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7192 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-7192 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0841 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-0841 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-22099 ( SUSE ): 5.3 CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-22099 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-23307 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-23307 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-23848 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2024-23848 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-23850 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-23850 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26601 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26601 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
* CVE-2024-26614 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26642 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26687 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26688 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26689 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26704 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26727 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26733 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26739 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26764 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
* CVE-2024-26766 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26773 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26792 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26816 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-26898 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26898 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-26903 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-26903 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27043 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-27389 ( SUSE ): 4.7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4

An update that solves 87 vulnerabilities and has 12 security fixes can now be
installed.

## Description:

The SUSE Linux Enterprise 15 SP4 RT kernel was updated to receive various
security bugfixes.

The following security bugs were fixed:

* CVE-2024-27389: Fixed pstore inode handling with d_invalidate()
(bsc#1223705).
* CVE-2024-27043: Fixed a use-after-free in edia/dvbdev in different places
(bsc#1223824).
* CVE-2024-23307: Fixed Integer Overflow or Wraparound vulnerability in x86
and ARM md, raid, raid5 modules (bsc#1219169).
* CVE-2024-23848: Fixed media/cec for possible use-after-free in
cec_queue_msg_fh (bsc#1219104).
* CVE-2022-48662: Fixed a general protection fault (GPF) in
i915_perf_open_ioctl (bsc#1223505).
* CVE-2022-48651: Fixed an out-of-bound bug in ipvlan caused by unset
skb->mac_header (bsc#1223513).
* CVE-2023-52616: Fixed unexpected pointer access in crypto/lib/mpi in
mpi_ec_init (bsc#1221612).
* CVE-2024-26816: Fixed relocations in .notes section when building with
CONFIG_XEN_PV=y by ignoring them (bsc#1222624).
* CVE-2021-47207: Fixed a null pointer dereference on pointer block in gus
(bsc#1222790).
* CVE-2024-26610: Fixed memory corruption in wifi/iwlwifi (bsc#1221299).
* CVE-2024-26687: Fixed xen/events close evtchn after mapping cleanup
(bsc#1222435).
* CVE-2024-26601: Fixed ext4 buddy bitmap corruption via fast commit replay
(bsc#1220342).
* CVE-2024-26764: Fixed IOCB_AIO_RW check in fs/aio before the struct
aio_kiocb conversion (bsc#1222721).
* CVE-2024-26773: Fixed ext4 block allocation from corrupted group in
ext4_mb_try_best_found() (bsc#1222618).
* CVE-2024-26766: Fixed SDMA off-by-one error in _pad_sdma_tx_descs()
(bsc#1222726).
* CVE-2024-26689: Fixed a use-after-free in encode_cap_msg() (bsc#1222503).
* CVE-2024-26704: Fixed a double-free of blocks due to wrong extents moved_len
in ext4 (bsc#1222422).
* CVE-2023-52500: Fixed information leaking when processing
OPC_INB_SET_CONTROLLER_CONFIG command (bsc#1220883).
* CVE-2023-0160: Fixed deadlock flaw in BPF that could allow a local user to
potentially crash the system (bsc#1209657).
* CVE-2024-26642: Fixed the set of anonymous timeout flag in netfilter
nf_tables (bsc#1221830).
* CVE-2023-7192: Fixed a memory leak problem in ctnetlink_create_conntrack in
net/netfilter/nf_conntrack_netlink.c (bsc#1218479).
* CVE-2024-26614: Fixed the initialization of accept_queue's spinlocks
(bsc#1221293).
* CVE-2023-52607: Fixed NULL pointer dereference in pgtable_cache_add
kasprintf() (bsc#1221061).
* CVE-2023-7042: Fixed a null-pointer-dereference in
ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() (bsc#1218336).
* CVE-2023-52476: Fixed possible unhandled page fault via perf sampling NMI
during vsyscall (bsc#1220703).

The following non-security bugs were fixed:

* Call flush_delayed_fput() from nfsd main-loop (bsc#1223380).
* ibmvfc: make 'max_sectors' a module option (bsc#1216223).
* scsi: Update max_hw_sectors on rescan (bsc#1216223).

## Special Instructions and Notes:

* Please reboot the system after installing this update.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1647=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1647=1

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1647=1

* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1647=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1647=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1647=1

## Package List:

* SUSE Linux Enterprise Micro for Rancher 5.4 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.79.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64)
* kernel-rt-debugsource-5.14.21-150400.15.79.1
* kernel-rt-debuginfo-5.14.21-150400.15.79.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (noarch)
* kernel-source-rt-5.14.21-150400.15.79.1
* SUSE Linux Enterprise Micro 5.4 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.79.1
* SUSE Linux Enterprise Micro 5.4 (x86_64)
* kernel-rt-debugsource-5.14.21-150400.15.79.1
* kernel-rt-debuginfo-5.14.21-150400.15.79.1
* SUSE Linux Enterprise Micro 5.4 (noarch)
* kernel-source-rt-5.14.21-150400.15.79.1
* openSUSE Leap Micro 5.3 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.79.1
* openSUSE Leap Micro 5.3 (x86_64)
* kernel-rt-debugsource-5.14.21-150400.15.79.1
* kernel-rt-debuginfo-5.14.21-150400.15.79.1
* openSUSE Leap Micro 5.4 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.79.1
* openSUSE Leap Micro 5.4 (x86_64)
* kernel-rt-debugsource-5.14.21-150400.15.79.1
* kernel-rt-debuginfo-5.14.21-150400.15.79.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.79.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
* kernel-rt-debugsource-5.14.21-150400.15.79.1
* kernel-rt-debuginfo-5.14.21-150400.15.79.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (noarch)
* kernel-source-rt-5.14.21-150400.15.79.1
* SUSE Linux Enterprise Micro 5.3 (nosrc x86_64)
* kernel-rt-5.14.21-150400.15.79.1
* SUSE Linux Enterprise Micro 5.3 (x86_64)
* kernel-rt-debugsource-5.14.21-150400.15.79.1
* kernel-rt-debuginfo-5.14.21-150400.15.79.1
* SUSE Linux Enterprise Micro 5.3 (noarch)
* kernel-source-rt-5.14.21-150400.15.79.1

## References:

* https://www.suse.com/security/cve/CVE-2021-47047.html
* https://www.suse.com/security/cve/CVE-2021-47181.html
* https://www.suse.com/security/cve/CVE-2021-47182.html
* https://www.suse.com/security/cve/CVE-2021-47183.html
* https://www.suse.com/security/cve/CVE-2021-47184.html
* https://www.suse.com/security/cve/CVE-2021-47185.html
* https://www.suse.com/security/cve/CVE-2021-47187.html
* https://www.suse.com/security/cve/CVE-2021-47188.html
* https://www.suse.com/security/cve/CVE-2021-47189.html
* https://www.suse.com/security/cve/CVE-2021-47191.html
* https://www.suse.com/security/cve/CVE-2021-47192.html
* https://www.suse.com/security/cve/CVE-2021-47193.html
* https://www.suse.com/security/cve/CVE-2021-47194.html
* https://www.suse.com/security/cve/CVE-2021-47195.html
* https://www.suse.com/security/cve/CVE-2021-47196.html
* https://www.suse.com/security/cve/CVE-2021-47197.html
* https://www.suse.com/security/cve/CVE-2021-47198.html
* https://www.suse.com/security/cve/CVE-2021-47199.html
* https://www.suse.com/security/cve/CVE-2021-47200.html
* https://www.suse.com/security/cve/CVE-2021-47201.html
* https://www.suse.com/security/cve/CVE-2021-47202.html
* https://www.suse.com/security/cve/CVE-2021-47203.html
* https://www.suse.com/security/cve/CVE-2021-47204.html
* https://www.suse.com/security/cve/CVE-2021-47205.html
* https://www.suse.com/security/cve/CVE-2021-47206.html
* https://www.suse.com/security/cve/CVE-2021-47207.html
* https://www.suse.com/security/cve/CVE-2021-47209.html
* https://www.suse.com/security/cve/CVE-2021-47210.html
* https://www.suse.com/security/cve/CVE-2021-47211.html
* https://www.suse.com/security/cve/CVE-2021-47212.html
* https://www.suse.com/security/cve/CVE-2021-47215.html
* https://www.suse.com/security/cve/CVE-2021-47216.html
* https://www.suse.com/security/cve/CVE-2021-47217.html
* https://www.suse.com/security/cve/CVE-2021-47218.html
* https://www.suse.com/security/cve/CVE-2021-47219.html
* https://www.suse.com/security/cve/CVE-2022-48631.html
* https://www.suse.com/security/cve/CVE-2022-48637.html
* https://www.suse.com/security/cve/CVE-2022-48638.html
* https://www.suse.com/security/cve/CVE-2022-48647.html
* https://www.suse.com/security/cve/CVE-2022-48648.html
* https://www.suse.com/security/cve/CVE-2022-48650.html
* https://www.suse.com/security/cve/CVE-2022-48651.html
* https://www.suse.com/security/cve/CVE-2022-48653.html
* https://www.suse.com/security/cve/CVE-2022-48654.html
* https://www.suse.com/security/cve/CVE-2022-48655.html
* https://www.suse.com/security/cve/CVE-2022-48656.html
* https://www.suse.com/security/cve/CVE-2022-48657.html
* https://www.suse.com/security/cve/CVE-2022-48660.html
* https://www.suse.com/security/cve/CVE-2022-48662.html
* https://www.suse.com/security/cve/CVE-2022-48663.html
* https://www.suse.com/security/cve/CVE-2022-48667.html
* https://www.suse.com/security/cve/CVE-2022-48668.html
* https://www.suse.com/security/cve/CVE-2023-0160.html
* https://www.suse.com/security/cve/CVE-2023-52476.html
* https://www.suse.com/security/cve/CVE-2023-52500.html
* https://www.suse.com/security/cve/CVE-2023-52590.html
* https://www.suse.com/security/cve/CVE-2023-52591.html
* https://www.suse.com/security/cve/CVE-2023-52607.html
* https://www.suse.com/security/cve/CVE-2023-52616.html
* https://www.suse.com/security/cve/CVE-2023-52628.html
* https://www.suse.com/security/cve/CVE-2023-7042.html
* https://www.suse.com/security/cve/CVE-2023-7192.html
* https://www.suse.com/security/cve/CVE-2024-0841.html
* https://www.suse.com/security/cve/CVE-2024-22099.html
* https://www.suse.com/security/cve/CVE-2024-23307.html
* https://www.suse.com/security/cve/CVE-2024-23848.html
* https://www.suse.com/security/cve/CVE-2024-23850.html
* https://www.suse.com/security/cve/CVE-2024-26601.html
* https://www.suse.com/security/cve/CVE-2024-26610.html
* https://www.suse.com/security/cve/CVE-2024-26614.html
* https://www.suse.com/security/cve/CVE-2024-26642.html
* https://www.suse.com/security/cve/CVE-2024-26687.html
* https://www.suse.com/security/cve/CVE-2024-26688.html
* https://www.suse.com/security/cve/CVE-2024-26689.html
* https://www.suse.com/security/cve/CVE-2024-26704.html
* https://www.suse.com/security/cve/CVE-2024-26727.html
* https://www.suse.com/security/cve/CVE-2024-26733.html
* https://www.suse.com/security/cve/CVE-2024-26739.html
* https://www.suse.com/security/cve/CVE-2024-26764.html
* https://www.suse.com/security/cve/CVE-2024-26766.html
* https://www.suse.com/security/cve/CVE-2024-26773.html
* https://www.suse.com/security/cve/CVE-2024-26792.html
* https://www.suse.com/security/cve/CVE-2024-26816.html
* https://www.suse.com/security/cve/CVE-2024-26898.html
* https://www.suse.com/security/cve/CVE-2024-26903.html
* https://www.suse.com/security/cve/CVE-2024-27043.html
* https://www.suse.com/security/cve/CVE-2024-27389.html
* https://bugzilla.suse.com/show_bug.cgi?id=1190576
* https://bugzilla.suse.com/show_bug.cgi?id=1192145
* https://bugzilla.suse.com/show_bug.cgi?id=1192354
* https://bugzilla.suse.com/show_bug.cgi?id=1192837
* https://bugzilla.suse.com/show_bug.cgi?id=1193629
* https://bugzilla.suse.com/show_bug.cgi?id=1203906
* https://bugzilla.suse.com/show_bug.cgi?id=1203935
* https://bugzilla.suse.com/show_bug.cgi?id=1204614
* https://bugzilla.suse.com/show_bug.cgi?id=1206881
* https://bugzilla.suse.com/show_bug.cgi?id=1209657
* https://bugzilla.suse.com/show_bug.cgi?id=1215221
* https://bugzilla.suse.com/show_bug.cgi?id=1216223
* https://bugzilla.suse.com/show_bug.cgi?id=1218336
* https://bugzilla.suse.com/show_bug.cgi?id=1218479
* https://bugzilla.suse.com/show_bug.cgi?id=1218562
* https://bugzilla.suse.com/show_bug.cgi?id=1219104
* https://bugzilla.suse.com/show_bug.cgi?id=1219126
* https://bugzilla.suse.com/show_bug.cgi?id=1219169
* https://bugzilla.suse.com/show_bug.cgi?id=1219170
* https://bugzilla.suse.com/show_bug.cgi?id=1219264
* https://bugzilla.suse.com/show_bug.cgi?id=1220342
* https://bugzilla.suse.com/show_bug.cgi?id=1220703
* https://bugzilla.suse.com/show_bug.cgi?id=1220761
* https://bugzilla.suse.com/show_bug.cgi?id=1220883
* https://bugzilla.suse.com/show_bug.cgi?id=1221044
* https://bugzilla.suse.com/show_bug.cgi?id=1221061
* https://bugzilla.suse.com/show_bug.cgi?id=1221088
* https://bugzilla.suse.com/show_bug.cgi?id=1221293
* https://bugzilla.suse.com/show_bug.cgi?id=1221299
* https://bugzilla.suse.com/show_bug.cgi?id=1221612
* https://bugzilla.suse.com/show_bug.cgi?id=1221830
* https://bugzilla.suse.com/show_bug.cgi?id=1222117
* https://bugzilla.suse.com/show_bug.cgi?id=1222422
* https://bugzilla.suse.com/show_bug.cgi?id=1222430
* https://bugzilla.suse.com/show_bug.cgi?id=1222435
* https://bugzilla.suse.com/show_bug.cgi?id=1222482
* https://bugzilla.suse.com/show_bug.cgi?id=1222503
* https://bugzilla.suse.com/show_bug.cgi?id=1222536
* https://bugzilla.suse.com/show_bug.cgi?id=1222559
* https://bugzilla.suse.com/show_bug.cgi?id=1222585
* https://bugzilla.suse.com/show_bug.cgi?id=1222618
* https://bugzilla.suse.com/show_bug.cgi?id=1222624
* https://bugzilla.suse.com/show_bug.cgi?id=1222660
* https://bugzilla.suse.com/show_bug.cgi?id=1222662
* https://bugzilla.suse.com/show_bug.cgi?id=1222664
* https://bugzilla.suse.com/show_bug.cgi?id=1222666
* https://bugzilla.suse.com/show_bug.cgi?id=1222671
* https://bugzilla.suse.com/show_bug.cgi?id=1222703
* https://bugzilla.suse.com/show_bug.cgi?id=1222704
* https://bugzilla.suse.com/show_bug.cgi?id=1222706
* https://bugzilla.suse.com/show_bug.cgi?id=1222709
* https://bugzilla.suse.com/show_bug.cgi?id=1222721
* https://bugzilla.suse.com/show_bug.cgi?id=1222726
* https://bugzilla.suse.com/show_bug.cgi?id=1222773
* https://bugzilla.suse.com/show_bug.cgi?id=1222776
* https://bugzilla.suse.com/show_bug.cgi?id=1222785
* https://bugzilla.suse.com/show_bug.cgi?id=1222787
* https://bugzilla.suse.com/show_bug.cgi?id=1222790
* https://bugzilla.suse.com/show_bug.cgi?id=1222791
* https://bugzilla.suse.com/show_bug.cgi?id=1222792
* https://bugzilla.suse.com/show_bug.cgi?id=1222796
* https://bugzilla.suse.com/show_bug.cgi?id=1222824
* https://bugzilla.suse.com/show_bug.cgi?id=1222829
* https://bugzilla.suse.com/show_bug.cgi?id=1222832
* https://bugzilla.suse.com/show_bug.cgi?id=1222836
* https://bugzilla.suse.com/show_bug.cgi?id=1222838
* https://bugzilla.suse.com/show_bug.cgi?id=1222866
* https://bugzilla.suse.com/show_bug.cgi?id=1222867
* https://bugzilla.suse.com/show_bug.cgi?id=1222869
* https://bugzilla.suse.com/show_bug.cgi?id=1222876
* https://bugzilla.suse.com/show_bug.cgi?id=1222878
* https://bugzilla.suse.com/show_bug.cgi?id=1222879
* https://bugzilla.suse.com/show_bug.cgi?id=1222881
* https://bugzilla.suse.com/show_bug.cgi?id=1222883
* https://bugzilla.suse.com/show_bug.cgi?id=1222888
* https://bugzilla.suse.com/show_bug.cgi?id=1222894
* https://bugzilla.suse.com/show_bug.cgi?id=1222901
* https://bugzilla.suse.com/show_bug.cgi?id=1223016
* https://bugzilla.suse.com/show_bug.cgi?id=1223187
* https://bugzilla.suse.com/show_bug.cgi?id=1223380
* https://bugzilla.suse.com/show_bug.cgi?id=1223474
* https://bugzilla.suse.com/show_bug.cgi?id=1223475
* https://bugzilla.suse.com/show_bug.cgi?id=1223477
* https://bugzilla.suse.com/show_bug.cgi?id=1223479
* https://bugzilla.suse.com/show_bug.cgi?id=1223482
* https://bugzilla.suse.com/show_bug.cgi?id=1223484
* https://bugzilla.suse.com/show_bug.cgi?id=1223487
* https://bugzilla.suse.com/show_bug.cgi?id=1223503
* https://bugzilla.suse.com/show_bug.cgi?id=1223505
* https://bugzilla.suse.com/show_bug.cgi?id=1223509
* https://bugzilla.suse.com/show_bug.cgi?id=1223513
* https://bugzilla.suse.com/show_bug.cgi?id=1223516
* https://bugzilla.suse.com/show_bug.cgi?id=1223517
* https://bugzilla.suse.com/show_bug.cgi?id=1223518
* https://bugzilla.suse.com/show_bug.cgi?id=1223519
* https://bugzilla.suse.com/show_bug.cgi?id=1223522
* https://bugzilla.suse.com/show_bug.cgi?id=1223523
* https://bugzilla.suse.com/show_bug.cgi?id=1223705
* https://bugzilla.suse.com/show_bug.cgi?id=1223824



SUSE-SU-2024:1634-1: moderate: Security update for openssl-3


# Security update for openssl-3

Announcement ID: SUSE-SU-2024:1634-1
Rating: moderate
References:

* bsc#1222548

Cross-References:

* CVE-2024-2511

CVSS scores:

* CVE-2024-2511 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP5
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves one vulnerability can now be installed.

## Description:

This update for openssl-3 fixes the following issues:

* CVE-2024-2511: Fixed unconstrained session cache growth in TLSv1.3
(bsc#1222548).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1634=1

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-1634=1 openSUSE-SLE-15.5-2024-1634=1

## Package List:

* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libopenssl3-3.0.8-150500.5.30.1
* openssl-3-3.0.8-150500.5.30.1
* libopenssl3-debuginfo-3.0.8-150500.5.30.1
* openssl-3-debugsource-3.0.8-150500.5.30.1
* libopenssl-3-devel-3.0.8-150500.5.30.1
* openssl-3-debuginfo-3.0.8-150500.5.30.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* libopenssl3-3.0.8-150500.5.30.1
* openssl-3-3.0.8-150500.5.30.1
* libopenssl3-debuginfo-3.0.8-150500.5.30.1
* openssl-3-debugsource-3.0.8-150500.5.30.1
* libopenssl-3-devel-3.0.8-150500.5.30.1
* openssl-3-debuginfo-3.0.8-150500.5.30.1
* openSUSE Leap 15.5 (x86_64)
* libopenssl3-32bit-3.0.8-150500.5.30.1
* libopenssl3-32bit-debuginfo-3.0.8-150500.5.30.1
* libopenssl-3-devel-32bit-3.0.8-150500.5.30.1
* openSUSE Leap 15.5 (noarch)
* openssl-3-doc-3.0.8-150500.5.30.1
* openSUSE Leap 15.5 (aarch64_ilp32)
* libopenssl-3-devel-64bit-3.0.8-150500.5.30.1
* libopenssl3-64bit-3.0.8-150500.5.30.1
* libopenssl3-64bit-debuginfo-3.0.8-150500.5.30.1

## References:

* https://www.suse.com/security/cve/CVE-2024-2511.html
* https://bugzilla.suse.com/show_bug.cgi?id=1222548



SUSE-SU-2024:1635-1: moderate: Security update for tpm2-0-tss


# Security update for tpm2-0-tss

Announcement ID: SUSE-SU-2024:1635-1
Rating: moderate
References:

* bsc#1223690

Cross-References:

* CVE-2024-29040

CVSS scores:

* CVE-2024-29040 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Affected Products:

* Basesystem Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves one vulnerability can now be installed.

## Description:

This update for tpm2-0-tss fixes the following issues:

* CVE-2024-29040: Fixed quote data validation by Fapi_VerifyQuote
(bsc#1223690).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1635=1

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1635=1

* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1635=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1635=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1635=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1635=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1635=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1635=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-1635=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1635=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libtss2-sys1-debuginfo-3.1.0-150400.3.6.1
* tpm2-0-tss-devel-3.1.0-150400.3.6.1
* libtss2-tcti-swtpm0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-mssim0-3.1.0-150400.3.6.1
* tpm2-0-tss-3.1.0-150400.3.6.1
* libtss2-tctildr0-3.1.0-150400.3.6.1
* tpm2-0-tss-debugsource-3.1.0-150400.3.6.1
* libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1
* libtss2-esys0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-device0-3.1.0-150400.3.6.1
* libtss2-esys0-3.1.0-150400.3.6.1
* libtss2-rc0-3.1.0-150400.3.6.1
* libtss2-tcti-cmd0-3.1.0-150400.3.6.1
* libtss2-tcti-pcap0-3.1.0-150400.3.6.1
* libtss2-tcti-swtpm0-3.1.0-150400.3.6.1
* libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1
* libtss2-rc0-debuginfo-3.1.0-150400.3.6.1
* libtss2-mu0-3.1.0-150400.3.6.1
* libtss2-mu0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-cmd0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-mssim0-debuginfo-3.1.0-150400.3.6.1
* libtss2-sys1-3.1.0-150400.3.6.1
* libtss2-fapi1-3.1.0-150400.3.6.1
* libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-pcap0-debuginfo-3.1.0-150400.3.6.1
* openSUSE Leap 15.4 (x86_64)
* libtss2-rc0-32bit-3.1.0-150400.3.6.1
* libtss2-esys0-32bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-sys1-32bit-3.1.0-150400.3.6.1
* libtss2-rc0-32bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-fapi1-32bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-mssim0-32bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-fapi1-32bit-3.1.0-150400.3.6.1
* libtss2-tcti-swtpm0-32bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-swtpm0-32bit-3.1.0-150400.3.6.1
* libtss2-tctildr0-32bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-mu0-32bit-3.1.0-150400.3.6.1
* libtss2-tcti-device0-32bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-device0-32bit-3.1.0-150400.3.6.1
* libtss2-mu0-32bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-cmd0-32bit-3.1.0-150400.3.6.1
* libtss2-esys0-32bit-3.1.0-150400.3.6.1
* libtss2-tcti-cmd0-32bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-sys1-32bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-tctildr0-32bit-3.1.0-150400.3.6.1
* libtss2-tcti-mssim0-32bit-3.1.0-150400.3.6.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libtss2-rc0-64bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-device0-64bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-mu0-64bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-swtpm0-64bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-cmd0-64bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-esys0-64bit-3.1.0-150400.3.6.1
* libtss2-tctildr0-64bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-fapi1-64bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-mssim0-64bit-3.1.0-150400.3.6.1
* libtss2-tctildr0-64bit-3.1.0-150400.3.6.1
* libtss2-tcti-cmd0-64bit-3.1.0-150400.3.6.1
* libtss2-tcti-mssim0-64bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-swtpm0-64bit-3.1.0-150400.3.6.1
* libtss2-esys0-64bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-fapi1-64bit-3.1.0-150400.3.6.1
* libtss2-rc0-64bit-3.1.0-150400.3.6.1
* libtss2-mu0-64bit-3.1.0-150400.3.6.1
* libtss2-sys1-64bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-device0-64bit-3.1.0-150400.3.6.1
* libtss2-sys1-64bit-3.1.0-150400.3.6.1
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* libtss2-mu0-debuginfo-3.1.0-150400.3.6.1
* libtss2-sys1-3.1.0-150400.3.6.1
* libtss2-tctildr0-3.1.0-150400.3.6.1
* tpm2-0-tss-debugsource-3.1.0-150400.3.6.1
* libtss2-rc0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1
* libtss2-esys0-debuginfo-3.1.0-150400.3.6.1
* libtss2-fapi1-3.1.0-150400.3.6.1
* libtss2-tcti-device0-3.1.0-150400.3.6.1
* libtss2-esys0-3.1.0-150400.3.6.1
* libtss2-sys1-debuginfo-3.1.0-150400.3.6.1
* libtss2-mu0-3.1.0-150400.3.6.1
* libtss2-rc0-3.1.0-150400.3.6.1
* libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1
* libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1
* tpm2-0-tss-3.1.0-150400.3.6.1
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* libtss2-mu0-debuginfo-3.1.0-150400.3.6.1
* libtss2-sys1-3.1.0-150400.3.6.1
* libtss2-tctildr0-3.1.0-150400.3.6.1
* tpm2-0-tss-debugsource-3.1.0-150400.3.6.1
* libtss2-rc0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1
* libtss2-esys0-debuginfo-3.1.0-150400.3.6.1
* libtss2-fapi1-3.1.0-150400.3.6.1
* libtss2-tcti-device0-3.1.0-150400.3.6.1
* libtss2-esys0-3.1.0-150400.3.6.1
* libtss2-sys1-debuginfo-3.1.0-150400.3.6.1
* libtss2-mu0-3.1.0-150400.3.6.1
* libtss2-rc0-3.1.0-150400.3.6.1
* libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1
* libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1
* tpm2-0-tss-3.1.0-150400.3.6.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* libtss2-sys1-debuginfo-3.1.0-150400.3.6.1
* tpm2-0-tss-devel-3.1.0-150400.3.6.1
* libtss2-tcti-swtpm0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-mssim0-3.1.0-150400.3.6.1
* tpm2-0-tss-3.1.0-150400.3.6.1
* libtss2-tctildr0-3.1.0-150400.3.6.1
* tpm2-0-tss-debugsource-3.1.0-150400.3.6.1
* libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1
* libtss2-esys0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-device0-3.1.0-150400.3.6.1
* libtss2-esys0-3.1.0-150400.3.6.1
* libtss2-rc0-3.1.0-150400.3.6.1
* libtss2-tcti-cmd0-3.1.0-150400.3.6.1
* libtss2-tcti-pcap0-3.1.0-150400.3.6.1
* libtss2-tcti-swtpm0-3.1.0-150400.3.6.1
* libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1
* libtss2-rc0-debuginfo-3.1.0-150400.3.6.1
* libtss2-mu0-3.1.0-150400.3.6.1
* libtss2-mu0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-cmd0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-mssim0-debuginfo-3.1.0-150400.3.6.1
* libtss2-sys1-3.1.0-150400.3.6.1
* libtss2-fapi1-3.1.0-150400.3.6.1
* libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-pcap0-debuginfo-3.1.0-150400.3.6.1
* openSUSE Leap 15.5 (x86_64)
* libtss2-rc0-32bit-3.1.0-150400.3.6.1
* libtss2-esys0-32bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-sys1-32bit-3.1.0-150400.3.6.1
* libtss2-rc0-32bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-fapi1-32bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-mssim0-32bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-fapi1-32bit-3.1.0-150400.3.6.1
* libtss2-tcti-swtpm0-32bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-swtpm0-32bit-3.1.0-150400.3.6.1
* libtss2-tctildr0-32bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-mu0-32bit-3.1.0-150400.3.6.1
* libtss2-tcti-device0-32bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-device0-32bit-3.1.0-150400.3.6.1
* libtss2-mu0-32bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-cmd0-32bit-3.1.0-150400.3.6.1
* libtss2-esys0-32bit-3.1.0-150400.3.6.1
* libtss2-tcti-cmd0-32bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-sys1-32bit-debuginfo-3.1.0-150400.3.6.1
* libtss2-tctildr0-32bit-3.1.0-150400.3.6.1
* libtss2-tcti-mssim0-32bit-3.1.0-150400.3.6.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libtss2-mu0-debuginfo-3.1.0-150400.3.6.1
* libtss2-sys1-3.1.0-150400.3.6.1
* libtss2-tctildr0-3.1.0-150400.3.6.1
* tpm2-0-tss-debugsource-3.1.0-150400.3.6.1
* libtss2-rc0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1
* libtss2-esys0-debuginfo-3.1.0-150400.3.6.1
* libtss2-fapi1-3.1.0-150400.3.6.1
* libtss2-tcti-device0-3.1.0-150400.3.6.1
* libtss2-esys0-3.1.0-150400.3.6.1
* libtss2-sys1-debuginfo-3.1.0-150400.3.6.1
* libtss2-mu0-3.1.0-150400.3.6.1
* libtss2-rc0-3.1.0-150400.3.6.1
* libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1
* libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1
* tpm2-0-tss-3.1.0-150400.3.6.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libtss2-mu0-debuginfo-3.1.0-150400.3.6.1
* libtss2-sys1-3.1.0-150400.3.6.1
* libtss2-tctildr0-3.1.0-150400.3.6.1
* tpm2-0-tss-debugsource-3.1.0-150400.3.6.1
* libtss2-rc0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1
* libtss2-esys0-debuginfo-3.1.0-150400.3.6.1
* libtss2-fapi1-3.1.0-150400.3.6.1
* libtss2-tcti-device0-3.1.0-150400.3.6.1
* libtss2-esys0-3.1.0-150400.3.6.1
* libtss2-sys1-debuginfo-3.1.0-150400.3.6.1
* libtss2-mu0-3.1.0-150400.3.6.1
* libtss2-rc0-3.1.0-150400.3.6.1
* libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1
* libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1
* tpm2-0-tss-3.1.0-150400.3.6.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libtss2-mu0-debuginfo-3.1.0-150400.3.6.1
* libtss2-sys1-3.1.0-150400.3.6.1
* libtss2-tctildr0-3.1.0-150400.3.6.1
* tpm2-0-tss-debugsource-3.1.0-150400.3.6.1
* libtss2-rc0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1
* libtss2-esys0-debuginfo-3.1.0-150400.3.6.1
* libtss2-fapi1-3.1.0-150400.3.6.1
* libtss2-tcti-device0-3.1.0-150400.3.6.1
* libtss2-esys0-3.1.0-150400.3.6.1
* libtss2-sys1-debuginfo-3.1.0-150400.3.6.1
* libtss2-mu0-3.1.0-150400.3.6.1
* libtss2-rc0-3.1.0-150400.3.6.1
* libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1
* libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1
* tpm2-0-tss-3.1.0-150400.3.6.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libtss2-mu0-debuginfo-3.1.0-150400.3.6.1
* libtss2-sys1-3.1.0-150400.3.6.1
* libtss2-tctildr0-3.1.0-150400.3.6.1
* tpm2-0-tss-debugsource-3.1.0-150400.3.6.1
* libtss2-rc0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1
* libtss2-esys0-debuginfo-3.1.0-150400.3.6.1
* libtss2-fapi1-3.1.0-150400.3.6.1
* libtss2-tcti-device0-3.1.0-150400.3.6.1
* libtss2-esys0-3.1.0-150400.3.6.1
* libtss2-sys1-debuginfo-3.1.0-150400.3.6.1
* libtss2-mu0-3.1.0-150400.3.6.1
* libtss2-rc0-3.1.0-150400.3.6.1
* libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1
* libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1
* tpm2-0-tss-3.1.0-150400.3.6.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
* libtss2-mu0-debuginfo-3.1.0-150400.3.6.1
* libtss2-sys1-3.1.0-150400.3.6.1
* libtss2-tctildr0-3.1.0-150400.3.6.1
* tpm2-0-tss-debugsource-3.1.0-150400.3.6.1
* libtss2-rc0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1
* libtss2-esys0-debuginfo-3.1.0-150400.3.6.1
* libtss2-fapi1-3.1.0-150400.3.6.1
* libtss2-tcti-device0-3.1.0-150400.3.6.1
* libtss2-esys0-3.1.0-150400.3.6.1
* libtss2-sys1-debuginfo-3.1.0-150400.3.6.1
* libtss2-mu0-3.1.0-150400.3.6.1
* libtss2-rc0-3.1.0-150400.3.6.1
* libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1
* libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1
* tpm2-0-tss-3.1.0-150400.3.6.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libtss2-sys1-debuginfo-3.1.0-150400.3.6.1
* tpm2-0-tss-devel-3.1.0-150400.3.6.1
* libtss2-tcti-swtpm0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-mssim0-3.1.0-150400.3.6.1
* tpm2-0-tss-3.1.0-150400.3.6.1
* libtss2-tctildr0-3.1.0-150400.3.6.1
* tpm2-0-tss-debugsource-3.1.0-150400.3.6.1
* libtss2-tctildr0-debuginfo-3.1.0-150400.3.6.1
* libtss2-esys0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-device0-3.1.0-150400.3.6.1
* libtss2-esys0-3.1.0-150400.3.6.1
* libtss2-rc0-3.1.0-150400.3.6.1
* libtss2-tcti-cmd0-3.1.0-150400.3.6.1
* libtss2-tcti-pcap0-3.1.0-150400.3.6.1
* libtss2-tcti-swtpm0-3.1.0-150400.3.6.1
* libtss2-fapi1-debuginfo-3.1.0-150400.3.6.1
* libtss2-rc0-debuginfo-3.1.0-150400.3.6.1
* libtss2-mu0-3.1.0-150400.3.6.1
* libtss2-mu0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-cmd0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-mssim0-debuginfo-3.1.0-150400.3.6.1
* libtss2-sys1-3.1.0-150400.3.6.1
* libtss2-fapi1-3.1.0-150400.3.6.1
* libtss2-tcti-device0-debuginfo-3.1.0-150400.3.6.1
* libtss2-tcti-pcap0-debuginfo-3.1.0-150400.3.6.1

## References:

* https://www.suse.com/security/cve/CVE-2024-29040.html
* https://bugzilla.suse.com/show_bug.cgi?id=1223690



SUSE-SU-2024:1636-1: moderate: Security update for tpm2.0-tools


# Security update for tpm2.0-tools

Announcement ID: SUSE-SU-2024:1636-1
Rating: moderate
References:

* bsc#1223687
* bsc#1223689

Cross-References:

* CVE-2024-29038
* CVE-2024-29039

CVSS scores:

* CVE-2024-29038 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-29039 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Affected Products:

* Basesystem Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves two vulnerabilities can now be installed.

## Description:

This update for tpm2.0-tools fixes the following issues:

* CVE-2024-29038: Fixed arbitrary quote data validation by tpm2_checkquote
(bsc#1223687).
* CVE-2024-29039: Fixed pcr selection value to be compared with the attest
(bsc#1223689).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1636=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1636=1

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1636=1

* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1636=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1636=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1636=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1636=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1636=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1636=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-1636=1

## Package List:

* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* tpm2.0-tools-debugsource-5.2-150400.6.3.1
* tpm2.0-tools-5.2-150400.6.3.1
* tpm2.0-tools-debuginfo-5.2-150400.6.3.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* tpm2.0-tools-debugsource-5.2-150400.6.3.1
* tpm2.0-tools-5.2-150400.6.3.1
* tpm2.0-tools-debuginfo-5.2-150400.6.3.1
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* tpm2.0-tools-debugsource-5.2-150400.6.3.1
* tpm2.0-tools-5.2-150400.6.3.1
* tpm2.0-tools-debuginfo-5.2-150400.6.3.1
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* tpm2.0-tools-debugsource-5.2-150400.6.3.1
* tpm2.0-tools-5.2-150400.6.3.1
* tpm2.0-tools-debuginfo-5.2-150400.6.3.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* tpm2.0-tools-debugsource-5.2-150400.6.3.1
* tpm2.0-tools-5.2-150400.6.3.1
* tpm2.0-tools-debuginfo-5.2-150400.6.3.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* tpm2.0-tools-debugsource-5.2-150400.6.3.1
* tpm2.0-tools-5.2-150400.6.3.1
* tpm2.0-tools-debuginfo-5.2-150400.6.3.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* tpm2.0-tools-debugsource-5.2-150400.6.3.1
* tpm2.0-tools-5.2-150400.6.3.1
* tpm2.0-tools-debuginfo-5.2-150400.6.3.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* tpm2.0-tools-debugsource-5.2-150400.6.3.1
* tpm2.0-tools-5.2-150400.6.3.1
* tpm2.0-tools-debuginfo-5.2-150400.6.3.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* tpm2.0-tools-debugsource-5.2-150400.6.3.1
* tpm2.0-tools-5.2-150400.6.3.1
* tpm2.0-tools-debuginfo-5.2-150400.6.3.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
* tpm2.0-tools-debugsource-5.2-150400.6.3.1
* tpm2.0-tools-5.2-150400.6.3.1
* tpm2.0-tools-debuginfo-5.2-150400.6.3.1

## References:

* https://www.suse.com/security/cve/CVE-2024-29038.html
* https://www.suse.com/security/cve/CVE-2024-29039.html
* https://bugzilla.suse.com/show_bug.cgi?id=1223687
* https://bugzilla.suse.com/show_bug.cgi?id=1223689



SUSE-SU-2024:1624-1: important: Security update for python-Werkzeug


# Security update for python-Werkzeug

Announcement ID: SUSE-SU-2024:1624-1
Rating: important
References:

* bsc#1223979

Cross-References:

* CVE-2024-34069

CVSS scores:

* CVE-2024-34069 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Affected Products:

* Basesystem Module 15-SP5
* openSUSE Leap 15.3
* openSUSE Leap 15.5
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3
* SUSE Package Hub 15 15-SP5

An update that solves one vulnerability can now be installed.

## Description:

This update for python-Werkzeug fixes the following issues:

* CVE-2024-34069: Fixed a remote code execution through debugger when
interacting with attacker controlled domain (bsc#1223979).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-1624=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1624=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1624=1

* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1624=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1624=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1624=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1624=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1624=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1624=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1624=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1624=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1624=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1624=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-1624=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1624=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-1624=1

## Package List:

* openSUSE Leap 15.3 (noarch)
* python3-Werkzeug-1.0.1-150300.3.8.1
* python2-Werkzeug-1.0.1-150300.3.8.1
* openSUSE Leap 15.5 (noarch)
* python3-Werkzeug-1.0.1-150300.3.8.1
* Basesystem Module 15-SP5 (noarch)
* python3-Werkzeug-1.0.1-150300.3.8.1
* SUSE Package Hub 15 15-SP5 (noarch)
* python2-Werkzeug-1.0.1-150300.3.8.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* python3-Werkzeug-1.0.1-150300.3.8.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* python3-Werkzeug-1.0.1-150300.3.8.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* python3-Werkzeug-1.0.1-150300.3.8.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (noarch)
* python3-Werkzeug-1.0.1-150300.3.8.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch)
* python3-Werkzeug-1.0.1-150300.3.8.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* python3-Werkzeug-1.0.1-150300.3.8.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* python3-Werkzeug-1.0.1-150300.3.8.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* python3-Werkzeug-1.0.1-150300.3.8.1
* SUSE Manager Proxy 4.3 (noarch)
* python3-Werkzeug-1.0.1-150300.3.8.1
* SUSE Manager Retail Branch Server 4.3 (noarch)
* python3-Werkzeug-1.0.1-150300.3.8.1
* SUSE Manager Server 4.3 (noarch)
* python3-Werkzeug-1.0.1-150300.3.8.1
* SUSE Enterprise Storage 7.1 (noarch)
* python3-Werkzeug-1.0.1-150300.3.8.1

## References:

* https://www.suse.com/security/cve/CVE-2024-34069.html
* https://bugzilla.suse.com/show_bug.cgi?id=1223979