CUPS-Filters, Frr, OpenSSL, PCP updates for SUSE

SUSE 5101 Published 2024-10-05 07:24 by Philipp Esselbach

News

OpenSUSE Leap and SUSE Linux Enterprise have received security upgrades, which include critical updates for cups-filters, essential updates for frr, openssl-3, and pcp:

SUSE-SU-2024:3523-1: critical: Security update for cups-filters
SUSE-SU-2024:3524-1: important: Security update for frr
SUSE-SU-2024:3525-1: important: Security update for openssl-3
SUSE-SU-2024:3533-1: important: Security update for pcp

SUSE-SU-2024:3523-1: critical: Security update for cups-filters

# Security update for cups-filters

Announcement ID: SUSE-SU-2024:3523-1
Release Date: 2024-10-04T13:17:53Z
Rating: critical
References:

* bsc#1230939

Cross-References:

* CVE-2024-47176

CVSS scores:

* CVE-2024-47176 ( SUSE ): 9.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H
* CVE-2024-47176 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2024-47176 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Affected Products:

* Basesystem Module 15-SP5
* Basesystem Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for cups-filters fixes the following issues:

* cups-browsed would bind on UDP INADDR_ANY:631 and trust any packet from any
source to trigger a Get-Printer-Attributes IPP request to an attacker
controlled URL. This patch removes support for the legacy CUPS and LDAP
protocols(bsc#1230939, CVE-2024-47176)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3523=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-3523=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3523=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3523=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3523=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-3523=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3523=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-3523=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-3523=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-3523=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-3523=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-3523=1

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-3523=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3523=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3523=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3523=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3523=1

* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-3523=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3523=1

## Package List:

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* cups-filters-1.25.0-150200.3.16.1
* cups-filters-debugsource-1.25.0-150200.3.16.1
* cups-filters-devel-1.25.0-150200.3.16.1
* cups-filters-debuginfo-1.25.0-150200.3.16.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
* cups-filters-1.25.0-150200.3.16.1
* cups-filters-debugsource-1.25.0-150200.3.16.1
* cups-filters-devel-1.25.0-150200.3.16.1
* cups-filters-debuginfo-1.25.0-150200.3.16.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* cups-filters-1.25.0-150200.3.16.1
* cups-filters-debugsource-1.25.0-150200.3.16.1
* cups-filters-devel-1.25.0-150200.3.16.1
* cups-filters-debuginfo-1.25.0-150200.3.16.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* cups-filters-1.25.0-150200.3.16.1
* cups-filters-debugsource-1.25.0-150200.3.16.1
* cups-filters-devel-1.25.0-150200.3.16.1
* cups-filters-debuginfo-1.25.0-150200.3.16.1
* SUSE Manager Proxy 4.3 (x86_64)
* cups-filters-1.25.0-150200.3.16.1
* cups-filters-debugsource-1.25.0-150200.3.16.1
* cups-filters-devel-1.25.0-150200.3.16.1
* cups-filters-debuginfo-1.25.0-150200.3.16.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* cups-filters-1.25.0-150200.3.16.1
* cups-filters-debugsource-1.25.0-150200.3.16.1
* cups-filters-devel-1.25.0-150200.3.16.1
* cups-filters-debuginfo-1.25.0-150200.3.16.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* cups-filters-1.25.0-150200.3.16.1
* cups-filters-debugsource-1.25.0-150200.3.16.1
* cups-filters-devel-1.25.0-150200.3.16.1
* cups-filters-debuginfo-1.25.0-150200.3.16.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* cups-filters-1.25.0-150200.3.16.1
* cups-filters-debugsource-1.25.0-150200.3.16.1
* cups-filters-devel-1.25.0-150200.3.16.1
* cups-filters-debuginfo-1.25.0-150200.3.16.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* cups-filters-1.25.0-150200.3.16.1
* cups-filters-debugsource-1.25.0-150200.3.16.1
* cups-filters-devel-1.25.0-150200.3.16.1
* cups-filters-debuginfo-1.25.0-150200.3.16.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* cups-filters-1.25.0-150200.3.16.1
* cups-filters-debugsource-1.25.0-150200.3.16.1
* cups-filters-devel-1.25.0-150200.3.16.1
* cups-filters-debuginfo-1.25.0-150200.3.16.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* cups-filters-1.25.0-150200.3.16.1
* cups-filters-debugsource-1.25.0-150200.3.16.1
* cups-filters-devel-1.25.0-150200.3.16.1
* cups-filters-debuginfo-1.25.0-150200.3.16.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* cups-filters-1.25.0-150200.3.16.1
* cups-filters-debugsource-1.25.0-150200.3.16.1
* cups-filters-devel-1.25.0-150200.3.16.1
* cups-filters-debuginfo-1.25.0-150200.3.16.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64
x86_64)
* cups-filters-1.25.0-150200.3.16.1
* cups-filters-debugsource-1.25.0-150200.3.16.1
* cups-filters-devel-1.25.0-150200.3.16.1
* cups-filters-debuginfo-1.25.0-150200.3.16.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* cups-filters-1.25.0-150200.3.16.1
* cups-filters-debugsource-1.25.0-150200.3.16.1
* cups-filters-devel-1.25.0-150200.3.16.1
* cups-filters-debuginfo-1.25.0-150200.3.16.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* cups-filters-1.25.0-150200.3.16.1
* cups-filters-debugsource-1.25.0-150200.3.16.1
* cups-filters-devel-1.25.0-150200.3.16.1
* cups-filters-debuginfo-1.25.0-150200.3.16.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* cups-filters-1.25.0-150200.3.16.1
* cups-filters-debugsource-1.25.0-150200.3.16.1
* cups-filters-devel-1.25.0-150200.3.16.1
* cups-filters-debuginfo-1.25.0-150200.3.16.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* cups-filters-1.25.0-150200.3.16.1
* cups-filters-debugsource-1.25.0-150200.3.16.1
* cups-filters-devel-1.25.0-150200.3.16.1
* cups-filters-debuginfo-1.25.0-150200.3.16.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x
x86_64)
* cups-filters-1.25.0-150200.3.16.1
* cups-filters-debugsource-1.25.0-150200.3.16.1
* cups-filters-devel-1.25.0-150200.3.16.1
* cups-filters-debuginfo-1.25.0-150200.3.16.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* cups-filters-1.25.0-150200.3.16.1
* cups-filters-debugsource-1.25.0-150200.3.16.1
* cups-filters-devel-1.25.0-150200.3.16.1
* cups-filters-debuginfo-1.25.0-150200.3.16.1

## References:

* https://www.suse.com/security/cve/CVE-2024-47176.html
* https://bugzilla.suse.com/show_bug.cgi?id=1230939

SUSE-SU-2024:3524-1: important: Security update for frr

# Security update for frr

Announcement ID: SUSE-SU-2024:3524-1
Release Date: 2024-10-04T13:18:52Z
Rating: important
References:

* bsc#1230866

Cross-References:

* CVE-2017-15865

CVSS scores:

* CVE-2017-15865 ( SUSE ): 8.7
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
* CVE-2017-15865 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2017-15865 ( NVD ): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.3
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for frr fixes the following issue:

* Arithmetic overflow when parsing attribute of update packet due to
regression introduced by the fix for CVE-2017-15865. (bsc#1230866)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-3524=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-3524=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3524=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3524=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-3524=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3524=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-3524=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3524=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3524=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-3524=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3524=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-3524=1

## Package List:

* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* libfrrospfapiclient0-7.4-150300.4.32.1
* libfrrgrpc_pb0-7.4-150300.4.32.1
* libfrrospfapiclient0-debuginfo-7.4-150300.4.32.1
* libfrrzmq0-7.4-150300.4.32.1
* libfrr_pb0-7.4-150300.4.32.1
* libmlag_pb0-debuginfo-7.4-150300.4.32.1
* libfrr_pb0-debuginfo-7.4-150300.4.32.1
* libfrrcares0-debuginfo-7.4-150300.4.32.1
* libfrrfpm_pb0-7.4-150300.4.32.1
* libfrrsnmp0-debuginfo-7.4-150300.4.32.1
* libfrrgrpc_pb0-debuginfo-7.4-150300.4.32.1
* frr-debugsource-7.4-150300.4.32.1
* libfrrzmq0-debuginfo-7.4-150300.4.32.1
* libfrr0-7.4-150300.4.32.1
* libfrrfpm_pb0-debuginfo-7.4-150300.4.32.1
* libfrrcares0-7.4-150300.4.32.1
* libfrr0-debuginfo-7.4-150300.4.32.1
* libmlag_pb0-7.4-150300.4.32.1
* frr-devel-7.4-150300.4.32.1
* frr-debuginfo-7.4-150300.4.32.1
* libfrrsnmp0-7.4-150300.4.32.1
* frr-7.4-150300.4.32.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* libfrrospfapiclient0-7.4-150300.4.32.1
* libfrrgrpc_pb0-7.4-150300.4.32.1
* libfrrospfapiclient0-debuginfo-7.4-150300.4.32.1
* libfrrzmq0-7.4-150300.4.32.1
* libfrr_pb0-7.4-150300.4.32.1
* libmlag_pb0-debuginfo-7.4-150300.4.32.1
* libfrr_pb0-debuginfo-7.4-150300.4.32.1
* libfrrcares0-debuginfo-7.4-150300.4.32.1
* libfrrfpm_pb0-7.4-150300.4.32.1
* libfrrsnmp0-debuginfo-7.4-150300.4.32.1
* frr-7.4-150300.4.32.1
* libfrrgrpc_pb0-debuginfo-7.4-150300.4.32.1
* frr-debugsource-7.4-150300.4.32.1
* libfrrzmq0-debuginfo-7.4-150300.4.32.1
* libfrr0-7.4-150300.4.32.1
* libfrrcares0-7.4-150300.4.32.1
* libfrr0-debuginfo-7.4-150300.4.32.1
* libmlag_pb0-7.4-150300.4.32.1
* frr-devel-7.4-150300.4.32.1
* frr-debuginfo-7.4-150300.4.32.1
* libfrrsnmp0-7.4-150300.4.32.1
* libfrrfpm_pb0-debuginfo-7.4-150300.4.32.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libfrrospfapiclient0-7.4-150300.4.32.1
* libfrrgrpc_pb0-7.4-150300.4.32.1
* libfrrospfapiclient0-debuginfo-7.4-150300.4.32.1
* libfrrzmq0-7.4-150300.4.32.1
* libfrr_pb0-7.4-150300.4.32.1
* libmlag_pb0-debuginfo-7.4-150300.4.32.1
* libfrr_pb0-debuginfo-7.4-150300.4.32.1
* libfrrcares0-debuginfo-7.4-150300.4.32.1
* libfrrfpm_pb0-7.4-150300.4.32.1
* libfrrsnmp0-debuginfo-7.4-150300.4.32.1
* frr-7.4-150300.4.32.1
* libfrrgrpc_pb0-debuginfo-7.4-150300.4.32.1
* frr-debugsource-7.4-150300.4.32.1
* libfrrzmq0-debuginfo-7.4-150300.4.32.1
* libfrr0-7.4-150300.4.32.1
* libfrrcares0-7.4-150300.4.32.1
* libfrr0-debuginfo-7.4-150300.4.32.1
* libmlag_pb0-7.4-150300.4.32.1
* frr-devel-7.4-150300.4.32.1
* frr-debuginfo-7.4-150300.4.32.1
* libfrrsnmp0-7.4-150300.4.32.1
* libfrrfpm_pb0-debuginfo-7.4-150300.4.32.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libfrrospfapiclient0-7.4-150300.4.32.1
* libfrrgrpc_pb0-7.4-150300.4.32.1
* libfrrospfapiclient0-debuginfo-7.4-150300.4.32.1
* libfrrzmq0-7.4-150300.4.32.1
* libfrr_pb0-7.4-150300.4.32.1
* libmlag_pb0-debuginfo-7.4-150300.4.32.1
* libfrr_pb0-debuginfo-7.4-150300.4.32.1
* libfrrcares0-debuginfo-7.4-150300.4.32.1
* libfrrfpm_pb0-7.4-150300.4.32.1
* libfrrsnmp0-debuginfo-7.4-150300.4.32.1
* frr-7.4-150300.4.32.1
* libfrrgrpc_pb0-debuginfo-7.4-150300.4.32.1
* frr-debugsource-7.4-150300.4.32.1
* libfrrzmq0-debuginfo-7.4-150300.4.32.1
* libfrr0-7.4-150300.4.32.1
* libfrrcares0-7.4-150300.4.32.1
* libfrr0-debuginfo-7.4-150300.4.32.1
* libmlag_pb0-7.4-150300.4.32.1
* frr-devel-7.4-150300.4.32.1
* frr-debuginfo-7.4-150300.4.32.1
* libfrrsnmp0-7.4-150300.4.32.1
* libfrrfpm_pb0-debuginfo-7.4-150300.4.32.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* libfrrospfapiclient0-7.4-150300.4.32.1
* libfrrgrpc_pb0-7.4-150300.4.32.1
* libfrrospfapiclient0-debuginfo-7.4-150300.4.32.1
* libfrrzmq0-7.4-150300.4.32.1
* libfrr_pb0-7.4-150300.4.32.1
* libmlag_pb0-debuginfo-7.4-150300.4.32.1
* libfrr_pb0-debuginfo-7.4-150300.4.32.1
* libfrrcares0-debuginfo-7.4-150300.4.32.1
* libfrrfpm_pb0-7.4-150300.4.32.1
* libfrrsnmp0-debuginfo-7.4-150300.4.32.1
* frr-7.4-150300.4.32.1
* libfrrgrpc_pb0-debuginfo-7.4-150300.4.32.1
* frr-debugsource-7.4-150300.4.32.1
* libfrrzmq0-debuginfo-7.4-150300.4.32.1
* libfrr0-7.4-150300.4.32.1
* libfrrcares0-7.4-150300.4.32.1
* libfrr0-debuginfo-7.4-150300.4.32.1
* libmlag_pb0-7.4-150300.4.32.1
* frr-devel-7.4-150300.4.32.1
* frr-debuginfo-7.4-150300.4.32.1
* libfrrsnmp0-7.4-150300.4.32.1
* libfrrfpm_pb0-debuginfo-7.4-150300.4.32.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* libfrrospfapiclient0-7.4-150300.4.32.1
* libfrrgrpc_pb0-7.4-150300.4.32.1
* libfrrospfapiclient0-debuginfo-7.4-150300.4.32.1
* libfrrzmq0-7.4-150300.4.32.1
* libfrr_pb0-7.4-150300.4.32.1
* libmlag_pb0-debuginfo-7.4-150300.4.32.1
* libfrr_pb0-debuginfo-7.4-150300.4.32.1
* libfrrcares0-debuginfo-7.4-150300.4.32.1
* libfrrfpm_pb0-7.4-150300.4.32.1
* libfrrsnmp0-debuginfo-7.4-150300.4.32.1
* frr-7.4-150300.4.32.1
* libfrrgrpc_pb0-debuginfo-7.4-150300.4.32.1
* frr-debugsource-7.4-150300.4.32.1
* libfrrzmq0-debuginfo-7.4-150300.4.32.1
* libfrr0-7.4-150300.4.32.1
* libfrrcares0-7.4-150300.4.32.1
* libfrr0-debuginfo-7.4-150300.4.32.1
* libmlag_pb0-7.4-150300.4.32.1
* frr-devel-7.4-150300.4.32.1
* frr-debuginfo-7.4-150300.4.32.1
* libfrrsnmp0-7.4-150300.4.32.1
* libfrrfpm_pb0-debuginfo-7.4-150300.4.32.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* libfrrospfapiclient0-7.4-150300.4.32.1
* libfrrgrpc_pb0-7.4-150300.4.32.1
* libfrrospfapiclient0-debuginfo-7.4-150300.4.32.1
* libfrrzmq0-7.4-150300.4.32.1
* libfrr_pb0-7.4-150300.4.32.1
* libmlag_pb0-debuginfo-7.4-150300.4.32.1
* libfrr_pb0-debuginfo-7.4-150300.4.32.1
* libfrrcares0-debuginfo-7.4-150300.4.32.1
* libfrrfpm_pb0-7.4-150300.4.32.1
* libfrrsnmp0-debuginfo-7.4-150300.4.32.1
* frr-7.4-150300.4.32.1
* libfrrgrpc_pb0-debuginfo-7.4-150300.4.32.1
* frr-debugsource-7.4-150300.4.32.1
* libfrrzmq0-debuginfo-7.4-150300.4.32.1
* libfrr0-7.4-150300.4.32.1
* libfrrcares0-7.4-150300.4.32.1
* libfrr0-debuginfo-7.4-150300.4.32.1
* libmlag_pb0-7.4-150300.4.32.1
* frr-devel-7.4-150300.4.32.1
* frr-debuginfo-7.4-150300.4.32.1
* libfrrsnmp0-7.4-150300.4.32.1
* libfrrfpm_pb0-debuginfo-7.4-150300.4.32.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libfrrospfapiclient0-7.4-150300.4.32.1
* libfrrgrpc_pb0-7.4-150300.4.32.1
* libfrrospfapiclient0-debuginfo-7.4-150300.4.32.1
* libfrrzmq0-7.4-150300.4.32.1
* libfrr_pb0-7.4-150300.4.32.1
* libmlag_pb0-debuginfo-7.4-150300.4.32.1
* libfrr_pb0-debuginfo-7.4-150300.4.32.1
* libfrrcares0-debuginfo-7.4-150300.4.32.1
* libfrrfpm_pb0-7.4-150300.4.32.1
* libfrrsnmp0-debuginfo-7.4-150300.4.32.1
* frr-7.4-150300.4.32.1
* libfrrgrpc_pb0-debuginfo-7.4-150300.4.32.1
* frr-debugsource-7.4-150300.4.32.1
* libfrrzmq0-debuginfo-7.4-150300.4.32.1
* libfrr0-7.4-150300.4.32.1
* libfrrcares0-7.4-150300.4.32.1
* libfrr0-debuginfo-7.4-150300.4.32.1
* libmlag_pb0-7.4-150300.4.32.1
* frr-devel-7.4-150300.4.32.1
* frr-debuginfo-7.4-150300.4.32.1
* libfrrsnmp0-7.4-150300.4.32.1
* libfrrfpm_pb0-debuginfo-7.4-150300.4.32.1
* SUSE Manager Proxy 4.3 (x86_64)
* libfrrospfapiclient0-7.4-150300.4.32.1
* libfrrgrpc_pb0-7.4-150300.4.32.1
* libfrrospfapiclient0-debuginfo-7.4-150300.4.32.1
* libfrrzmq0-7.4-150300.4.32.1
* libfrr_pb0-7.4-150300.4.32.1
* libmlag_pb0-debuginfo-7.4-150300.4.32.1
* libfrr_pb0-debuginfo-7.4-150300.4.32.1
* libfrrcares0-debuginfo-7.4-150300.4.32.1
* libfrrfpm_pb0-7.4-150300.4.32.1
* libfrrsnmp0-debuginfo-7.4-150300.4.32.1
* frr-7.4-150300.4.32.1
* libfrrgrpc_pb0-debuginfo-7.4-150300.4.32.1
* frr-debugsource-7.4-150300.4.32.1
* libfrrzmq0-debuginfo-7.4-150300.4.32.1
* libfrr0-7.4-150300.4.32.1
* libfrrcares0-7.4-150300.4.32.1
* libfrr0-debuginfo-7.4-150300.4.32.1
* libmlag_pb0-7.4-150300.4.32.1
* frr-devel-7.4-150300.4.32.1
* frr-debuginfo-7.4-150300.4.32.1
* libfrrsnmp0-7.4-150300.4.32.1
* libfrrfpm_pb0-debuginfo-7.4-150300.4.32.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* libfrrospfapiclient0-7.4-150300.4.32.1
* libfrrgrpc_pb0-7.4-150300.4.32.1
* libfrrospfapiclient0-debuginfo-7.4-150300.4.32.1
* libfrrzmq0-7.4-150300.4.32.1
* libfrr_pb0-7.4-150300.4.32.1
* libmlag_pb0-debuginfo-7.4-150300.4.32.1
* libfrr_pb0-debuginfo-7.4-150300.4.32.1
* libfrrcares0-debuginfo-7.4-150300.4.32.1
* libfrrfpm_pb0-7.4-150300.4.32.1
* libfrrsnmp0-debuginfo-7.4-150300.4.32.1
* frr-7.4-150300.4.32.1
* libfrrgrpc_pb0-debuginfo-7.4-150300.4.32.1
* frr-debugsource-7.4-150300.4.32.1
* libfrrzmq0-debuginfo-7.4-150300.4.32.1
* libfrr0-7.4-150300.4.32.1
* libfrrcares0-7.4-150300.4.32.1
* libfrr0-debuginfo-7.4-150300.4.32.1
* libmlag_pb0-7.4-150300.4.32.1
* frr-devel-7.4-150300.4.32.1
* frr-debuginfo-7.4-150300.4.32.1
* libfrrsnmp0-7.4-150300.4.32.1
* libfrrfpm_pb0-debuginfo-7.4-150300.4.32.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* libfrrospfapiclient0-7.4-150300.4.32.1
* libfrrgrpc_pb0-7.4-150300.4.32.1
* libfrrospfapiclient0-debuginfo-7.4-150300.4.32.1
* libfrrzmq0-7.4-150300.4.32.1
* libfrr_pb0-7.4-150300.4.32.1
* libmlag_pb0-debuginfo-7.4-150300.4.32.1
* libfrr_pb0-debuginfo-7.4-150300.4.32.1
* libfrrcares0-debuginfo-7.4-150300.4.32.1
* libfrrfpm_pb0-7.4-150300.4.32.1
* libfrrsnmp0-debuginfo-7.4-150300.4.32.1
* frr-7.4-150300.4.32.1
* libfrrgrpc_pb0-debuginfo-7.4-150300.4.32.1
* frr-debugsource-7.4-150300.4.32.1
* libfrrzmq0-debuginfo-7.4-150300.4.32.1
* libfrr0-7.4-150300.4.32.1
* libfrrcares0-7.4-150300.4.32.1
* libfrr0-debuginfo-7.4-150300.4.32.1
* libmlag_pb0-7.4-150300.4.32.1
* frr-devel-7.4-150300.4.32.1
* frr-debuginfo-7.4-150300.4.32.1
* libfrrsnmp0-7.4-150300.4.32.1
* libfrrfpm_pb0-debuginfo-7.4-150300.4.32.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* libfrrospfapiclient0-7.4-150300.4.32.1
* libfrrgrpc_pb0-7.4-150300.4.32.1
* libfrrospfapiclient0-debuginfo-7.4-150300.4.32.1
* libfrrzmq0-7.4-150300.4.32.1
* libfrr_pb0-7.4-150300.4.32.1
* libmlag_pb0-debuginfo-7.4-150300.4.32.1
* libfrr_pb0-debuginfo-7.4-150300.4.32.1
* libfrrcares0-debuginfo-7.4-150300.4.32.1
* libfrrfpm_pb0-7.4-150300.4.32.1
* libfrrsnmp0-debuginfo-7.4-150300.4.32.1
* frr-7.4-150300.4.32.1
* libfrrgrpc_pb0-debuginfo-7.4-150300.4.32.1
* frr-debugsource-7.4-150300.4.32.1
* libfrrzmq0-debuginfo-7.4-150300.4.32.1
* libfrr0-7.4-150300.4.32.1
* libfrrcares0-7.4-150300.4.32.1
* libfrr0-debuginfo-7.4-150300.4.32.1
* libmlag_pb0-7.4-150300.4.32.1
* frr-devel-7.4-150300.4.32.1
* frr-debuginfo-7.4-150300.4.32.1
* libfrrsnmp0-7.4-150300.4.32.1
* libfrrfpm_pb0-debuginfo-7.4-150300.4.32.1

## References:

* https://www.suse.com/security/cve/CVE-2017-15865.html
* https://bugzilla.suse.com/show_bug.cgi?id=1230866

SUSE-SU-2024:3525-1: important: Security update for openssl-3

# Security update for openssl-3

Announcement ID: SUSE-SU-2024:3525-1
Release Date: 2024-10-04T13:21:09Z
Rating: important
References:

* bsc#1230698

Cross-References:

* CVE-2024-41996

CVSS scores:

* CVE-2024-41996 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2024-41996 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for openssl-3 fixes the following issues:

* CVE-2024-41996: Validating the order of the public keys in the Diffie-
Hellman Key Agreement Protocol, when an approved safe prime is used, allows
remote attackers to trigger expensive server-side DHE (bsc#1230698)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-3525=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-3525=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-3525=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-3525=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-3525=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-3525=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-3525=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-3525=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-3525=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-3525=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-3525=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-3525=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-3525=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* openssl-3-3.0.8-150400.4.66.1
* openssl-3-debugsource-3.0.8-150400.4.66.1
* libopenssl-3-devel-3.0.8-150400.4.66.1
* openssl-3-debuginfo-3.0.8-150400.4.66.1
* libopenssl3-3.0.8-150400.4.66.1
* libopenssl3-debuginfo-3.0.8-150400.4.66.1
* openSUSE Leap 15.4 (x86_64)
* libopenssl3-32bit-3.0.8-150400.4.66.1
* libopenssl-3-devel-32bit-3.0.8-150400.4.66.1
* libopenssl3-32bit-debuginfo-3.0.8-150400.4.66.1
* openSUSE Leap 15.4 (noarch)
* openssl-3-doc-3.0.8-150400.4.66.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libopenssl3-64bit-3.0.8-150400.4.66.1
* libopenssl-3-devel-64bit-3.0.8-150400.4.66.1
* libopenssl3-64bit-debuginfo-3.0.8-150400.4.66.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* openssl-3-debugsource-3.0.8-150400.4.66.1
* libopenssl3-3.0.8-150400.4.66.1
* libopenssl3-debuginfo-3.0.8-150400.4.66.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* openssl-3-debugsource-3.0.8-150400.4.66.1
* libopenssl3-3.0.8-150400.4.66.1
* libopenssl3-debuginfo-3.0.8-150400.4.66.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* openssl-3-debugsource-3.0.8-150400.4.66.1
* libopenssl3-3.0.8-150400.4.66.1
* libopenssl3-debuginfo-3.0.8-150400.4.66.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* openssl-3-debugsource-3.0.8-150400.4.66.1
* libopenssl3-3.0.8-150400.4.66.1
* libopenssl3-debuginfo-3.0.8-150400.4.66.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* openssl-3-3.0.8-150400.4.66.1
* openssl-3-debugsource-3.0.8-150400.4.66.1
* libopenssl-3-devel-3.0.8-150400.4.66.1
* openssl-3-debuginfo-3.0.8-150400.4.66.1
* libopenssl3-3.0.8-150400.4.66.1
* libopenssl3-debuginfo-3.0.8-150400.4.66.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* openssl-3-3.0.8-150400.4.66.1
* openssl-3-debugsource-3.0.8-150400.4.66.1
* libopenssl-3-devel-3.0.8-150400.4.66.1
* openssl-3-debuginfo-3.0.8-150400.4.66.1
* libopenssl3-3.0.8-150400.4.66.1
* libopenssl3-debuginfo-3.0.8-150400.4.66.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* openssl-3-3.0.8-150400.4.66.1
* openssl-3-debugsource-3.0.8-150400.4.66.1
* libopenssl-3-devel-3.0.8-150400.4.66.1
* openssl-3-debuginfo-3.0.8-150400.4.66.1
* libopenssl3-3.0.8-150400.4.66.1
* libopenssl3-debuginfo-3.0.8-150400.4.66.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* openssl-3-3.0.8-150400.4.66.1
* openssl-3-debugsource-3.0.8-150400.4.66.1
* libopenssl-3-devel-3.0.8-150400.4.66.1
* openssl-3-debuginfo-3.0.8-150400.4.66.1
* libopenssl3-3.0.8-150400.4.66.1
* libopenssl3-debuginfo-3.0.8-150400.4.66.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* openssl-3-3.0.8-150400.4.66.1
* openssl-3-debugsource-3.0.8-150400.4.66.1
* libopenssl-3-devel-3.0.8-150400.4.66.1
* openssl-3-debuginfo-3.0.8-150400.4.66.1
* libopenssl3-3.0.8-150400.4.66.1
* libopenssl3-debuginfo-3.0.8-150400.4.66.1
* SUSE Manager Proxy 4.3 (x86_64)
* openssl-3-3.0.8-150400.4.66.1
* openssl-3-debugsource-3.0.8-150400.4.66.1
* libopenssl-3-devel-3.0.8-150400.4.66.1
* openssl-3-debuginfo-3.0.8-150400.4.66.1
* libopenssl3-3.0.8-150400.4.66.1
* libopenssl3-debuginfo-3.0.8-150400.4.66.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* openssl-3-3.0.8-150400.4.66.1
* openssl-3-debugsource-3.0.8-150400.4.66.1
* libopenssl-3-devel-3.0.8-150400.4.66.1
* openssl-3-debuginfo-3.0.8-150400.4.66.1
* libopenssl3-3.0.8-150400.4.66.1
* libopenssl3-debuginfo-3.0.8-150400.4.66.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* openssl-3-3.0.8-150400.4.66.1
* openssl-3-debugsource-3.0.8-150400.4.66.1
* libopenssl-3-devel-3.0.8-150400.4.66.1
* openssl-3-debuginfo-3.0.8-150400.4.66.1
* libopenssl3-3.0.8-150400.4.66.1
* libopenssl3-debuginfo-3.0.8-150400.4.66.1

## References:

* https://www.suse.com/security/cve/CVE-2024-41996.html
* https://bugzilla.suse.com/show_bug.cgi?id=1230698

SUSE-SU-2024:3533-1: important: Security update for pcp

# Security update for pcp

Announcement ID: SUSE-SU-2024:3533-1
Release Date: 2024-10-04T14:40:38Z
Rating: important
References:

* bsc#1217826
* bsc#1222121
* bsc#1222815
* bsc#1230551
* bsc#1230552
* jsc#PED-8192
* jsc#PED-8389

Cross-References:

* CVE-2023-6917
* CVE-2024-3019
* CVE-2024-45769
* CVE-2024-45770

CVSS scores:

* CVE-2023-6917 ( SUSE ): 6.7 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-3019 ( SUSE ): 8.8 CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-45769 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-45770 ( SUSE ): 4.6
CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N
* CVE-2024-45770 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
* CVE-2024-45770 ( NVD ): 4.4 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Affected Products:

* Development Tools Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves four vulnerabilities, contains two features and has one
security fix can now be installed.

## Description:

This update for pcp fixes the following issues:

pcp was updated from version 5.3.7 to version 6.2.0 (jsc#PED-8192,
jsc#PED-8389):

* Security issues fixed:

* CVE-2024-45770: Fixed a symlink attack that allows escalating from the pcp
to the root user (bsc#1230552)

* CVE-2024-45769: Fixed a heap corruption through metric pmstore operations
(bsc#1230551)
* CVE-2023-6917: Fixed local privilege escalation from pcp user to root in
/usr/libexec/pcp/lib/pmproxy (bsc#1217826)
* CVE-2024-3019: Disabled redis proxy by default (bsc#1222121)

* Major changes:

* Add version 3 PCP archive support: instance domain change-deltas, Y2038-safe
timestamps, nanosecond-precision timestamps, arbitrary timezones support,
64-bit file offsets used throughout for larger (beyond 2GB) individual
volumes.

* Opt-in using the /etc/pcp.conf PCP_ARCHIVE_VERSION setting
* Version 2 archives remain the default (for next few years).
* Switch to using OpenSSL only throughout PCP (dropped NSS/NSPR); this impacts
on libpcp, PMAPI clients and PMCD use of encryption; these are now
configured and used consistently with pmproxy HTTPS support and redis-
server, which were both already using OpenSSL.
* New nanosecond precision timestamp PMAPI calls for PCP library interfaces
that make use of timestamps.
These are all optional, and full backward compatibility is preserved for
existing tools.

* For the full list of changes please consult the packaged CHANGELOG file

* Other packaging changes:

* Moved pmlogger_daily into main package (bsc#1222815)

* Change dependency from openssl-devel >= 1.1.1 to openssl-devel >= 1.0.2p.
Required for SLE-12.
* Introduce 'pmda-resctrl' package, disabled for architectures other than
x86_64.
* Change the architecture for various subpackages to 'noarch' as they contain
no binaries.
* Disable 'pmda-mssql', as it fails to build.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-3533=1 SUSE-2024-3533=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-3533=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* pcp-pmda-dm-6.2.0-150600.3.6.1
* libpcp_web1-debuginfo-6.2.0-150600.3.6.1
* libpcp_gui2-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-nvidia-gpu-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-hacluster-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-lustrecomm-6.2.0-150600.3.6.1
* pcp-pmda-gfs2-6.2.0-150600.3.6.1
* pcp-pmda-mounts-debuginfo-6.2.0-150600.3.6.1
* pcp-devel-debuginfo-6.2.0-150600.3.6.1
* pcp-system-tools-6.2.0-150600.3.6.1
* python3-pcp-6.2.0-150600.3.6.1
* pcp-pmda-systemd-debuginfo-6.2.0-150600.3.6.1
* libpcp3-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-apache-6.2.0-150600.3.6.1
* pcp-pmda-sockets-debuginfo-6.2.0-150600.3.6.1
* perl-PCP-MMV-6.2.0-150600.3.6.1
* pcp-pmda-summary-6.2.0-150600.3.6.1
* pcp-pmda-bash-6.2.0-150600.3.6.1
* pcp-pmda-mailq-6.2.0-150600.3.6.1
* pcp-pmda-sendmail-6.2.0-150600.3.6.1
* libpcp_web1-6.2.0-150600.3.6.1
* pcp-pmda-apache-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-logger-6.2.0-150600.3.6.1
* pcp-testsuite-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-trace-debuginfo-6.2.0-150600.3.6.1
* pcp-devel-6.2.0-150600.3.6.1
* pcp-pmda-summary-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-logger-debuginfo-6.2.0-150600.3.6.1
* perl-PCP-PMDA-6.2.0-150600.3.6.1
* pcp-pmda-sockets-6.2.0-150600.3.6.1
* pcp-pmda-weblog-6.2.0-150600.3.6.1
* perl-PCP-MMV-debuginfo-6.2.0-150600.3.6.1
* pcp-debugsource-6.2.0-150600.3.6.1
* pcp-6.2.0-150600.3.6.1
* pcp-pmda-smart-6.2.0-150600.3.6.1
* pcp-pmda-roomtemp-6.2.0-150600.3.6.1
* pcp-pmda-docker-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-shping-6.2.0-150600.3.6.1
* pcp-pmda-shping-debuginfo-6.2.0-150600.3.6.1
* perl-PCP-LogSummary-6.2.0-150600.3.6.1
* libpcp_gui2-6.2.0-150600.3.6.1
* pcp-pmda-smart-debuginfo-6.2.0-150600.3.6.1
* perl-PCP-LogImport-6.2.0-150600.3.6.1
* libpcp3-6.2.0-150600.3.6.1
* pcp-pmda-cifs-debuginfo-6.2.0-150600.3.6.1
* python3-pcp-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-cifs-6.2.0-150600.3.6.1
* pcp-pmda-cisco-6.2.0-150600.3.6.1
* pcp-pmda-hacluster-6.2.0-150600.3.6.1
* pcp-pmda-mailq-debuginfo-6.2.0-150600.3.6.1
* pcp-import-collectl2pcp-6.2.0-150600.3.6.1
* pcp-pmda-gfs2-debuginfo-6.2.0-150600.3.6.1
* libpcp_import1-debuginfo-6.2.0-150600.3.6.1
* libpcp-devel-6.2.0-150600.3.6.1
* pcp-pmda-roomtemp-debuginfo-6.2.0-150600.3.6.1
* libpcp_trace2-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-trace-6.2.0-150600.3.6.1
* perl-PCP-PMDA-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-zimbra-debuginfo-6.2.0-150600.3.6.1
* libpcp_mmv1-6.2.0-150600.3.6.1
* pcp-pmda-nvidia-gpu-6.2.0-150600.3.6.1
* pcp-pmda-bash-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-cisco-debuginfo-6.2.0-150600.3.6.1
* libpcp_import1-6.2.0-150600.3.6.1
* pcp-gui-debuginfo-6.2.0-150600.3.6.1
* libpcp_trace2-6.2.0-150600.3.6.1
* pcp-testsuite-6.2.0-150600.3.6.1
* libpcp_mmv1-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-systemd-6.2.0-150600.3.6.1
* pcp-pmda-lustrecomm-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-sendmail-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-weblog-debuginfo-6.2.0-150600.3.6.1
* pcp-system-tools-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-mounts-6.2.0-150600.3.6.1
* pcp-import-collectl2pcp-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-zimbra-6.2.0-150600.3.6.1
* pcp-gui-6.2.0-150600.3.6.1
* pcp-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-docker-6.2.0-150600.3.6.1
* pcp-pmda-dm-debuginfo-6.2.0-150600.3.6.1
* perl-PCP-LogImport-debuginfo-6.2.0-150600.3.6.1
* openSUSE Leap 15.6 (noarch)
* pcp-pmda-redis-6.2.0-150600.3.6.1
* pcp-pmda-snmp-6.2.0-150600.3.6.1
* pcp-pmda-postfix-6.2.0-150600.3.6.1
* pcp-pmda-memcache-6.2.0-150600.3.6.1
* pcp-pmda-mysql-6.2.0-150600.3.6.1
* pcp-pmda-news-6.2.0-150600.3.6.1
* pcp-pmda-samba-6.2.0-150600.3.6.1
* pcp-export-pcp2influxdb-6.2.0-150600.3.6.1
* pcp-pmda-nfsclient-6.2.0-150600.3.6.1
* pcp-pmda-openmetrics-6.2.0-150600.3.6.1
* pcp-export-pcp2elasticsearch-6.2.0-150600.3.6.1
* pcp-conf-6.2.0-150600.3.6.1
* pcp-pmda-nutcracker-6.2.0-150600.3.6.1
* pcp-pmda-lmsensors-6.2.0-150600.3.6.1
* pcp-pmda-unbound-6.2.0-150600.3.6.1
* pcp-pmda-gluster-6.2.0-150600.3.6.1
* pcp-pmda-mic-6.2.0-150600.3.6.1
* pcp-pmda-named-6.2.0-150600.3.6.1
* pcp-pmda-netfilter-6.2.0-150600.3.6.1
* pcp-pmda-zswap-6.2.0-150600.3.6.1
* pcp-pmda-ds389-6.2.0-150600.3.6.1
* pcp-pmda-slurm-6.2.0-150600.3.6.1
* pcp-import-mrtg2pcp-6.2.0-150600.3.6.1
* pcp-pmda-dbping-6.2.0-150600.3.6.1
* pcp-pmda-netcheck-6.2.0-150600.3.6.1
* pcp-pmda-openvswitch-6.2.0-150600.3.6.1
* pcp-pmda-json-6.2.0-150600.3.6.1
* pcp-pmda-elasticsearch-6.2.0-150600.3.6.1
* pcp-import-sar2pcp-6.2.0-150600.3.6.1
* pcp-doc-6.2.0-150600.3.6.1
* pcp-pmda-haproxy-6.2.0-150600.3.6.1
* pcp-pmda-gpsd-6.2.0-150600.3.6.1
* pcp-pmda-ds389log-6.2.0-150600.3.6.1
* pcp-export-pcp2json-6.2.0-150600.3.6.1
* pcp-pmda-gpfs-6.2.0-150600.3.6.1
* pcp-pmda-oracle-6.2.0-150600.3.6.1
* pcp-pmda-rsyslog-6.2.0-150600.3.6.1
* pcp-export-pcp2zabbix-6.2.0-150600.3.6.1
* pcp-pmda-lustre-6.2.0-150600.3.6.1
* pcp-import-iostat2pcp-6.2.0-150600.3.6.1
* pcp-pmda-activemq-6.2.0-150600.3.6.1
* pcp-import-ganglia2pcp-6.2.0-150600.3.6.1
* pcp-pmda-bonding-6.2.0-150600.3.6.1
* pcp-pmda-pdns-6.2.0-150600.3.6.1
* pcp-zeroconf-6.2.0-150600.3.6.1
* pcp-export-pcp2spark-6.2.0-150600.3.6.1
* pcp-pmda-rabbitmq-6.2.0-150600.3.6.1
* pcp-pmda-nginx-6.2.0-150600.3.6.1
* pcp-export-pcp2graphite-6.2.0-150600.3.6.1
* pcp-export-pcp2xml-6.2.0-150600.3.6.1
* openSUSE Leap 15.6 (aarch64 ppc64le x86_64 i586)
* pcp-pmda-infiniband-6.2.0-150600.3.6.1
* pcp-pmda-perfevent-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-infiniband-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-perfevent-6.2.0-150600.3.6.1
* openSUSE Leap 15.6 (x86_64)
* pcp-pmda-resctrl-6.2.0-150600.3.6.1
* pcp-pmda-resctrl-debuginfo-6.2.0-150600.3.6.1
* Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libpcp_web1-debuginfo-6.2.0-150600.3.6.1
* libpcp_gui2-debuginfo-6.2.0-150600.3.6.1
* pcp-system-tools-6.2.0-150600.3.6.1
* python3-pcp-6.2.0-150600.3.6.1
* pcp-devel-debuginfo-6.2.0-150600.3.6.1
* libpcp3-debuginfo-6.2.0-150600.3.6.1
* perl-PCP-MMV-6.2.0-150600.3.6.1
* libpcp_web1-6.2.0-150600.3.6.1
* pcp-devel-6.2.0-150600.3.6.1
* perl-PCP-MMV-debuginfo-6.2.0-150600.3.6.1
* pcp-debugsource-6.2.0-150600.3.6.1
* pcp-6.2.0-150600.3.6.1
* perl-PCP-LogSummary-6.2.0-150600.3.6.1
* libpcp_gui2-6.2.0-150600.3.6.1
* perl-PCP-LogImport-6.2.0-150600.3.6.1
* libpcp3-6.2.0-150600.3.6.1
* python3-pcp-debuginfo-6.2.0-150600.3.6.1
* perl-PCP-PMDA-6.2.0-150600.3.6.1
* libpcp_import1-debuginfo-6.2.0-150600.3.6.1
* libpcp-devel-6.2.0-150600.3.6.1
* libpcp_trace2-debuginfo-6.2.0-150600.3.6.1
* libpcp_mmv1-6.2.0-150600.3.6.1
* libpcp_import1-6.2.0-150600.3.6.1
* libpcp_trace2-6.2.0-150600.3.6.1
* libpcp_mmv1-debuginfo-6.2.0-150600.3.6.1
* pcp-system-tools-debuginfo-6.2.0-150600.3.6.1
* perl-PCP-PMDA-debuginfo-6.2.0-150600.3.6.1
* pcp-debuginfo-6.2.0-150600.3.6.1
* perl-PCP-LogImport-debuginfo-6.2.0-150600.3.6.1
* Development Tools Module 15-SP6 (noarch)
* pcp-import-sar2pcp-6.2.0-150600.3.6.1
* pcp-conf-6.2.0-150600.3.6.1
* pcp-import-iostat2pcp-6.2.0-150600.3.6.1
* pcp-import-mrtg2pcp-6.2.0-150600.3.6.1
* pcp-doc-6.2.0-150600.3.6.1
* Development Tools Module 15-SP6 (ppc64le)
* pcp-pmda-perfevent-debuginfo-6.2.0-150600.3.6.1
* pcp-pmda-perfevent-6.2.0-150600.3.6.1

## References:

* https://www.suse.com/security/cve/CVE-2023-6917.html
* https://www.suse.com/security/cve/CVE-2024-3019.html
* https://www.suse.com/security/cve/CVE-2024-45769.html
* https://www.suse.com/security/cve/CVE-2024-45770.html
* https://bugzilla.suse.com/show_bug.cgi?id=1217826
* https://bugzilla.suse.com/show_bug.cgi?id=1222121
* https://bugzilla.suse.com/show_bug.cgi?id=1222815
* https://bugzilla.suse.com/show_bug.cgi?id=1230551
* https://bugzilla.suse.com/show_bug.cgi?id=1230552
* https://jira.suse.com/browse/PED-8192
* https://jira.suse.com/browse/PED-8389

Thunderbird, Golang, Firefox, Linux-Firmware, Go-Toolset updates for AlmaLinux

OAuth-Toolkit, Firefox-ESR, NTFS-3G, e2fsprogs security updates for Debian

CUPS-Filters, Frr, OpenSSL, PCP updates for SUSE

SUSE-SU-2024:3523-1: critical: Security update for cups-filters

SUSE-SU-2024:3524-1: important: Security update for frr

SUSE-SU-2024:3525-1: important: Security update for openssl-3

SUSE-SU-2024:3533-1: important: Security update for pcp

Windows

Linux

macOS

Community