Firefox, Thunderbird, Aws-Iam-Authenticator, Vim, Python-Aiohttp, Libaom, Libyuv updates for SUSE

SUSE 5176 Published by

SUSE Linux has received several security updates, including important updates for Mozilla Firefox, moderate updates for Mozilla Thunderbird, critical updates for aws-iam-authenticator, low updates for Vim, important updates for Python-Aiohttp, and moderate updates for libaom and libyuv:

SUSE-SU-2024:4324-1: important: Security update for MozillaFirefox
SUSE-SU-2024:4326-1: moderate: Security update for MozillaThunderbird
SUSE-SU-2024:4329-1: critical: Security update for aws-iam-authenticator
SUSE-SU-2024:4330-1: low: Security update for vim
SUSE-SU-2024:4327-1: important: Security update for python-aiohttp
SUSE-SU-2024:4328-1: important: Security update for python-aiohttp
SUSE-SU-2024:4333-1: moderate: Security update for libaom, libyuv




SUSE-SU-2024:4324-1: important: Security update for MozillaFirefox


# Security update for MozillaFirefox

Announcement ID: SUSE-SU-2024:4324-1
Release Date: 2024-12-16T12:06:05Z
Rating: important
References:

* bsc#1234326

Affected Products:

* Desktop Applications Module 15-SP5
* Desktop Applications Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that has one security fix can now be installed.

## Description:

This update for MozillaFirefox fixes the following issues:

Update to Firefox Extended Support Release 128.5.1 ESR (bsc#1234326): \- Fixed
an issue that prevented some websites from loading when using SSL Inspection.
(bmo#1933747)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Desktop 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4324=1

* SUSE Linux Enterprise Server 15 SP2 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-4324=1

* SUSE Linux Enterprise Server 15 SP3 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-4324=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4324=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-4324=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-4324=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4324=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-4324=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-4324=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-4324=1

* Desktop Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-4324=1

* Desktop Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-4324=1

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-4324=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-4324=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4324=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4324=1

## Package List:

* SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64)
* MozillaFirefox-128.5.1-150200.152.164.1
* MozillaFirefox-debuginfo-128.5.1-150200.152.164.1
* MozillaFirefox-translations-common-128.5.1-150200.152.164.1
* MozillaFirefox-debugsource-128.5.1-150200.152.164.1
* MozillaFirefox-translations-other-128.5.1-150200.152.164.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch)
* MozillaFirefox-devel-128.5.1-150200.152.164.1
* SUSE Linux Enterprise Server 15 SP2 LTSS (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-128.5.1-150200.152.164.1
* MozillaFirefox-debuginfo-128.5.1-150200.152.164.1
* MozillaFirefox-translations-common-128.5.1-150200.152.164.1
* MozillaFirefox-debugsource-128.5.1-150200.152.164.1
* MozillaFirefox-translations-other-128.5.1-150200.152.164.1
* SUSE Linux Enterprise Server 15 SP2 LTSS (noarch)
* MozillaFirefox-devel-128.5.1-150200.152.164.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-128.5.1-150200.152.164.1
* MozillaFirefox-debuginfo-128.5.1-150200.152.164.1
* MozillaFirefox-translations-common-128.5.1-150200.152.164.1
* MozillaFirefox-debugsource-128.5.1-150200.152.164.1
* MozillaFirefox-translations-other-128.5.1-150200.152.164.1
* SUSE Linux Enterprise Server 15 SP3 LTSS (noarch)
* MozillaFirefox-devel-128.5.1-150200.152.164.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-128.5.1-150200.152.164.1
* MozillaFirefox-debuginfo-128.5.1-150200.152.164.1
* MozillaFirefox-translations-common-128.5.1-150200.152.164.1
* MozillaFirefox-debugsource-128.5.1-150200.152.164.1
* MozillaFirefox-translations-other-128.5.1-150200.152.164.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* MozillaFirefox-devel-128.5.1-150200.152.164.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
* MozillaFirefox-128.5.1-150200.152.164.1
* MozillaFirefox-debuginfo-128.5.1-150200.152.164.1
* MozillaFirefox-translations-common-128.5.1-150200.152.164.1
* MozillaFirefox-debugsource-128.5.1-150200.152.164.1
* MozillaFirefox-translations-other-128.5.1-150200.152.164.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch)
* MozillaFirefox-devel-128.5.1-150200.152.164.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* MozillaFirefox-128.5.1-150200.152.164.1
* MozillaFirefox-debuginfo-128.5.1-150200.152.164.1
* MozillaFirefox-translations-common-128.5.1-150200.152.164.1
* MozillaFirefox-debugsource-128.5.1-150200.152.164.1
* MozillaFirefox-translations-other-128.5.1-150200.152.164.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch)
* MozillaFirefox-devel-128.5.1-150200.152.164.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* MozillaFirefox-128.5.1-150200.152.164.1
* MozillaFirefox-debuginfo-128.5.1-150200.152.164.1
* MozillaFirefox-translations-common-128.5.1-150200.152.164.1
* MozillaFirefox-debugsource-128.5.1-150200.152.164.1
* MozillaFirefox-translations-other-128.5.1-150200.152.164.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* MozillaFirefox-devel-128.5.1-150200.152.164.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* MozillaFirefox-128.5.1-150200.152.164.1
* MozillaFirefox-debuginfo-128.5.1-150200.152.164.1
* MozillaFirefox-translations-common-128.5.1-150200.152.164.1
* MozillaFirefox-debugsource-128.5.1-150200.152.164.1
* MozillaFirefox-translations-other-128.5.1-150200.152.164.1
* SUSE Enterprise Storage 7.1 (noarch)
* MozillaFirefox-devel-128.5.1-150200.152.164.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-128.5.1-150200.152.164.1
* MozillaFirefox-debuginfo-128.5.1-150200.152.164.1
* MozillaFirefox-branding-upstream-128.5.1-150200.152.164.1
* MozillaFirefox-translations-common-128.5.1-150200.152.164.1
* MozillaFirefox-debugsource-128.5.1-150200.152.164.1
* MozillaFirefox-translations-other-128.5.1-150200.152.164.1
* openSUSE Leap 15.5 (noarch)
* MozillaFirefox-devel-128.5.1-150200.152.164.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-128.5.1-150200.152.164.1
* MozillaFirefox-debuginfo-128.5.1-150200.152.164.1
* MozillaFirefox-branding-upstream-128.5.1-150200.152.164.1
* MozillaFirefox-translations-common-128.5.1-150200.152.164.1
* MozillaFirefox-debugsource-128.5.1-150200.152.164.1
* MozillaFirefox-translations-other-128.5.1-150200.152.164.1
* openSUSE Leap 15.6 (noarch)
* MozillaFirefox-devel-128.5.1-150200.152.164.1
* Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-128.5.1-150200.152.164.1
* MozillaFirefox-debuginfo-128.5.1-150200.152.164.1
* MozillaFirefox-translations-common-128.5.1-150200.152.164.1
* MozillaFirefox-debugsource-128.5.1-150200.152.164.1
* MozillaFirefox-translations-other-128.5.1-150200.152.164.1
* Desktop Applications Module 15-SP5 (noarch)
* MozillaFirefox-devel-128.5.1-150200.152.164.1
* Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* MozillaFirefox-128.5.1-150200.152.164.1
* MozillaFirefox-debuginfo-128.5.1-150200.152.164.1
* MozillaFirefox-translations-common-128.5.1-150200.152.164.1
* MozillaFirefox-debugsource-128.5.1-150200.152.164.1
* MozillaFirefox-translations-other-128.5.1-150200.152.164.1
* Desktop Applications Module 15-SP6 (noarch)
* MozillaFirefox-devel-128.5.1-150200.152.164.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS (aarch64
x86_64)
* MozillaFirefox-128.5.1-150200.152.164.1
* MozillaFirefox-debuginfo-128.5.1-150200.152.164.1
* MozillaFirefox-translations-common-128.5.1-150200.152.164.1
* MozillaFirefox-debugsource-128.5.1-150200.152.164.1
* MozillaFirefox-translations-other-128.5.1-150200.152.164.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS (noarch)
* MozillaFirefox-devel-128.5.1-150200.152.164.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* MozillaFirefox-128.5.1-150200.152.164.1
* MozillaFirefox-debuginfo-128.5.1-150200.152.164.1
* MozillaFirefox-translations-common-128.5.1-150200.152.164.1
* MozillaFirefox-debugsource-128.5.1-150200.152.164.1
* MozillaFirefox-translations-other-128.5.1-150200.152.164.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch)
* MozillaFirefox-devel-128.5.1-150200.152.164.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* MozillaFirefox-128.5.1-150200.152.164.1
* MozillaFirefox-debuginfo-128.5.1-150200.152.164.1
* MozillaFirefox-translations-common-128.5.1-150200.152.164.1
* MozillaFirefox-debugsource-128.5.1-150200.152.164.1
* MozillaFirefox-translations-other-128.5.1-150200.152.164.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* MozillaFirefox-devel-128.5.1-150200.152.164.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* MozillaFirefox-128.5.1-150200.152.164.1
* MozillaFirefox-debuginfo-128.5.1-150200.152.164.1
* MozillaFirefox-translations-common-128.5.1-150200.152.164.1
* MozillaFirefox-debugsource-128.5.1-150200.152.164.1
* MozillaFirefox-translations-other-128.5.1-150200.152.164.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* MozillaFirefox-devel-128.5.1-150200.152.164.1

## References:

* https://bugzilla.suse.com/show_bug.cgi?id=1234326



SUSE-SU-2024:4326-1: moderate: Security update for MozillaThunderbird


# Security update for MozillaThunderbird

Announcement ID: SUSE-SU-2024:4326-1
Release Date: 2024-12-16T13:11:21Z
Rating: moderate
References:

* bsc#1234413

Cross-References:

* CVE-2024-50336

CVSS scores:

* CVE-2024-50336 ( SUSE ): 4.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
* CVE-2024-50336 ( NVD ): 5.3
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Affected Products:

* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Linux Enterprise Workstation Extension 15 SP5
* SUSE Linux Enterprise Workstation Extension 15 SP6
* SUSE Package Hub 15 15-SP5
* SUSE Package Hub 15 15-SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for MozillaThunderbird fixes the following issues:

* CVE-2024-50336: Fixed insufficient MXC URI validation which could allow
client-side path traversal (bsc#1234413)

Other fixes: \- Updated to Mozilla Thunderbird 128.5.2i (bsc#1234413): * fixed:
Large virtual folders could be very slow * fixed: Message could disappear after
moving from IMAP folder followed by Undo and Redo * fixed: XMPP chat did not
display messages sent inside a CDATA element * fixed: Selected calendar day did
not move forward at midnight * fixed: Today pane agenda sometimes scrolled for
no apparent reason * fixed: CalDAV calendars without offline support could
degrade start-up performance * fixed: Visual and UX improvements * fixed:
Security fixes

* Updated to Mozilla Thunderbird 128.5.1:
* new: Add end of year donation appeal
* fixed: Total message count for favorite folders did not work consistently

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-4326=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-4326=1

* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-4326=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-4326=1

* SUSE Linux Enterprise Workstation Extension 15 SP5
zypper in -t patch SUSE-SLE-Product-WE-15-SP5-2024-4326=1

* SUSE Linux Enterprise Workstation Extension 15 SP6
zypper in -t patch SUSE-SLE-Product-WE-15-SP6-2024-4326=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* MozillaThunderbird-debuginfo-128.5.2-150200.8.194.1
* MozillaThunderbird-128.5.2-150200.8.194.1
* MozillaThunderbird-translations-common-128.5.2-150200.8.194.1
* MozillaThunderbird-translations-other-128.5.2-150200.8.194.1
* MozillaThunderbird-debugsource-128.5.2-150200.8.194.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* MozillaThunderbird-debuginfo-128.5.2-150200.8.194.1
* MozillaThunderbird-128.5.2-150200.8.194.1
* MozillaThunderbird-translations-common-128.5.2-150200.8.194.1
* MozillaThunderbird-translations-other-128.5.2-150200.8.194.1
* MozillaThunderbird-debugsource-128.5.2-150200.8.194.1
* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x)
* MozillaThunderbird-debuginfo-128.5.2-150200.8.194.1
* MozillaThunderbird-128.5.2-150200.8.194.1
* MozillaThunderbird-translations-common-128.5.2-150200.8.194.1
* MozillaThunderbird-translations-other-128.5.2-150200.8.194.1
* MozillaThunderbird-debugsource-128.5.2-150200.8.194.1
* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x)
* MozillaThunderbird-debuginfo-128.5.2-150200.8.194.1
* MozillaThunderbird-128.5.2-150200.8.194.1
* MozillaThunderbird-translations-common-128.5.2-150200.8.194.1
* MozillaThunderbird-translations-other-128.5.2-150200.8.194.1
* MozillaThunderbird-debugsource-128.5.2-150200.8.194.1
* SUSE Linux Enterprise Workstation Extension 15 SP5 (x86_64)
* MozillaThunderbird-debuginfo-128.5.2-150200.8.194.1
* MozillaThunderbird-128.5.2-150200.8.194.1
* MozillaThunderbird-translations-common-128.5.2-150200.8.194.1
* MozillaThunderbird-translations-other-128.5.2-150200.8.194.1
* MozillaThunderbird-debugsource-128.5.2-150200.8.194.1
* SUSE Linux Enterprise Workstation Extension 15 SP6 (x86_64)
* MozillaThunderbird-debuginfo-128.5.2-150200.8.194.1
* MozillaThunderbird-128.5.2-150200.8.194.1
* MozillaThunderbird-translations-common-128.5.2-150200.8.194.1
* MozillaThunderbird-translations-other-128.5.2-150200.8.194.1
* MozillaThunderbird-debugsource-128.5.2-150200.8.194.1

## References:

* https://www.suse.com/security/cve/CVE-2024-50336.html
* https://bugzilla.suse.com/show_bug.cgi?id=1234413



SUSE-SU-2024:4329-1: critical: Security update for aws-iam-authenticator


# Security update for aws-iam-authenticator

Announcement ID: SUSE-SU-2024:4329-1
Release Date: 2024-12-16T13:16:54Z
Rating: critical
References:

* bsc#1200528

Cross-References:

* CVE-2022-1996

CVSS scores:

* CVE-2022-1996 ( SUSE ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2022-1996 ( NVD ): 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
* CVE-2022-1996 ( NVD ): 9.3 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N

Affected Products:

* openSUSE Leap 15.5
* openSUSE Leap 15.6
* Public Cloud Module 15-SP2
* Public Cloud Module 15-SP3
* Public Cloud Module 15-SP4
* Public Cloud Module 15-SP5
* Public Cloud Module 15-SP6
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.1
* SUSE Manager Proxy 4.2
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.1
* SUSE Manager Retail Branch Server 4.2
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.1
* SUSE Manager Server 4.2
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for aws-iam-authenticator fixes the following issues:

* CVE-2022-1996: Fixed CORS bypass (bsc#1200528).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-4329=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-4329=1

* Public Cloud Module 15-SP2
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2024-4329=1

* Public Cloud Module 15-SP3
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2024-4329=1

* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-4329=1

* Public Cloud Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-4329=1

* Public Cloud Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-4329=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* aws-iam-authenticator-0.5.3-150000.1.12.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* aws-iam-authenticator-0.5.3-150000.1.12.1
* Public Cloud Module 15-SP2 (x86_64)
* aws-iam-authenticator-0.5.3-150000.1.12.1
* Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64)
* aws-iam-authenticator-0.5.3-150000.1.12.1
* Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* aws-iam-authenticator-0.5.3-150000.1.12.1
* Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* aws-iam-authenticator-0.5.3-150000.1.12.1
* Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* aws-iam-authenticator-0.5.3-150000.1.12.1

## References:

* https://www.suse.com/security/cve/CVE-2022-1996.html
* https://bugzilla.suse.com/show_bug.cgi?id=1200528



SUSE-SU-2024:4330-1: low: Security update for vim


# Security update for vim

Announcement ID: SUSE-SU-2024:4330-1
Release Date: 2024-12-16T13:17:36Z
Rating: low
References:

* bsc#1229238
* bsc#1231373

Cross-References:

* CVE-2024-43374
* CVE-2024-47814

CVSS scores:

* CVE-2024-43374 ( SUSE ): 4.6
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N
* CVE-2024-43374 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
* CVE-2024-47814 ( SUSE ): 2.4
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
* CVE-2024-47814 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
* CVE-2024-47814 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L

Affected Products:

* Basesystem Module 15-SP5
* Basesystem Module 15-SP6
* Desktop Applications Module 15-SP5
* Desktop Applications Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* openSUSE Leap Micro 5.5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves two vulnerabilities can now be installed.

## Description:

This update for vim fixes the following issues:

* CVE-2024-47814: Fixed use-after-free when closing buffers in Vim
(bsc#1231373)
* CVE-2024-43374: Fixed use-after-free in alist_add() (bsc#1229238)

Other fixes:

* Updated to version 9.1.0836

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-4330=1 openSUSE-SLE-15.5-2024-4330=1

* openSUSE Leap Micro 5.5
zypper in -t patch openSUSE-Leap-Micro-5.5-2024-4330=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-4330=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-4330=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4330=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4330=1

* Desktop Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-4330=1

* Desktop Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-4330=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* vim-small-9.1.0836-150500.20.15.1
* gvim-9.1.0836-150500.20.15.1
* vim-debuginfo-9.1.0836-150500.20.15.1
* gvim-debuginfo-9.1.0836-150500.20.15.1
* vim-small-debuginfo-9.1.0836-150500.20.15.1
* vim-debugsource-9.1.0836-150500.20.15.1
* vim-9.1.0836-150500.20.15.1
* openSUSE Leap 15.5 (noarch)
* vim-data-common-9.1.0836-150500.20.15.1
* vim-data-9.1.0836-150500.20.15.1
* openSUSE Leap Micro 5.5 (noarch)
* vim-data-common-9.1.0836-150500.20.15.1
* openSUSE Leap Micro 5.5 (aarch64 s390x x86_64)
* vim-debugsource-9.1.0836-150500.20.15.1
* vim-debuginfo-9.1.0836-150500.20.15.1
* vim-small-9.1.0836-150500.20.15.1
* vim-small-debuginfo-9.1.0836-150500.20.15.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* vim-small-9.1.0836-150500.20.15.1
* gvim-9.1.0836-150500.20.15.1
* vim-debuginfo-9.1.0836-150500.20.15.1
* gvim-debuginfo-9.1.0836-150500.20.15.1
* vim-small-debuginfo-9.1.0836-150500.20.15.1
* vim-debugsource-9.1.0836-150500.20.15.1
* vim-9.1.0836-150500.20.15.1
* openSUSE Leap 15.6 (noarch)
* vim-data-common-9.1.0836-150500.20.15.1
* vim-data-9.1.0836-150500.20.15.1
* SUSE Linux Enterprise Micro 5.5 (noarch)
* vim-data-common-9.1.0836-150500.20.15.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64)
* vim-debugsource-9.1.0836-150500.20.15.1
* vim-debuginfo-9.1.0836-150500.20.15.1
* vim-small-9.1.0836-150500.20.15.1
* vim-small-debuginfo-9.1.0836-150500.20.15.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* vim-small-9.1.0836-150500.20.15.1
* vim-debuginfo-9.1.0836-150500.20.15.1
* vim-small-debuginfo-9.1.0836-150500.20.15.1
* vim-debugsource-9.1.0836-150500.20.15.1
* vim-9.1.0836-150500.20.15.1
* Basesystem Module 15-SP5 (noarch)
* vim-data-common-9.1.0836-150500.20.15.1
* vim-data-9.1.0836-150500.20.15.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* vim-small-9.1.0836-150500.20.15.1
* vim-debuginfo-9.1.0836-150500.20.15.1
* vim-small-debuginfo-9.1.0836-150500.20.15.1
* vim-debugsource-9.1.0836-150500.20.15.1
* vim-9.1.0836-150500.20.15.1
* Basesystem Module 15-SP6 (noarch)
* vim-data-common-9.1.0836-150500.20.15.1
* vim-data-9.1.0836-150500.20.15.1
* Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* vim-debugsource-9.1.0836-150500.20.15.1
* vim-debuginfo-9.1.0836-150500.20.15.1
* gvim-debuginfo-9.1.0836-150500.20.15.1
* gvim-9.1.0836-150500.20.15.1
* Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* vim-debugsource-9.1.0836-150500.20.15.1
* vim-debuginfo-9.1.0836-150500.20.15.1
* gvim-debuginfo-9.1.0836-150500.20.15.1
* gvim-9.1.0836-150500.20.15.1

## References:

* https://www.suse.com/security/cve/CVE-2024-43374.html
* https://www.suse.com/security/cve/CVE-2024-47814.html
* https://bugzilla.suse.com/show_bug.cgi?id=1229238
* https://bugzilla.suse.com/show_bug.cgi?id=1231373



SUSE-SU-2024:4327-1: important: Security update for python-aiohttp


# Security update for python-aiohttp

Announcement ID: SUSE-SU-2024:4327-1
Release Date: 2024-12-16T13:14:43Z
Rating: important
References:

* bsc#1223726

Cross-References:

* CVE-2024-30251

CVSS scores:

* CVE-2024-30251 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* Public Cloud Module 15-SP4
* Python 3 Module 15-SP5
* Python 3 Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP4 LTSS
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for python-aiohttp fixes the following issues:

* CVE-2024-30251: Fixed infinite loop on specially crafted POST request
(bsc#1223726).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4327=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4327=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4327=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4327=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-4327=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-4327=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-4327=1

* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-4327=1

* Python 3 Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-4327=1

* Python 3 Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-4327=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4327=1

## Package List:

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* python-aiohttp-debugsource-3.9.3-150400.10.30.1
* python311-aiohttp-3.9.3-150400.10.30.1
* python311-aiohttp-debuginfo-3.9.3-150400.10.30.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64)
* python-aiohttp-debugsource-3.9.3-150400.10.30.1
* python311-aiohttp-3.9.3-150400.10.30.1
* python311-aiohttp-debuginfo-3.9.3-150400.10.30.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* python-aiohttp-debugsource-3.9.3-150400.10.30.1
* python311-aiohttp-3.9.3-150400.10.30.1
* python311-aiohttp-debuginfo-3.9.3-150400.10.30.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* python-aiohttp-debugsource-3.9.3-150400.10.30.1
* python311-aiohttp-3.9.3-150400.10.30.1
* python311-aiohttp-debuginfo-3.9.3-150400.10.30.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* python-aiohttp-debugsource-3.9.3-150400.10.30.1
* python311-aiohttp-3.9.3-150400.10.30.1
* python311-aiohttp-debuginfo-3.9.3-150400.10.30.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python-aiohttp-debugsource-3.9.3-150400.10.30.1
* python311-aiohttp-3.9.3-150400.10.30.1
* python311-aiohttp-debuginfo-3.9.3-150400.10.30.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* python-aiohttp-debugsource-3.9.3-150400.10.30.1
* python311-aiohttp-3.9.3-150400.10.30.1
* python311-aiohttp-debuginfo-3.9.3-150400.10.30.1
* Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* python311-aiohttp-3.9.3-150400.10.30.1
* Python 3 Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* python-aiohttp-debugsource-3.9.3-150400.10.30.1
* python311-aiohttp-3.9.3-150400.10.30.1
* python311-aiohttp-debuginfo-3.9.3-150400.10.30.1
* Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* python-aiohttp-debugsource-3.9.3-150400.10.30.1
* python311-aiohttp-3.9.3-150400.10.30.1
* python311-aiohttp-debuginfo-3.9.3-150400.10.30.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* python-aiohttp-debugsource-3.9.3-150400.10.30.1
* python311-aiohttp-3.9.3-150400.10.30.1
* python311-aiohttp-debuginfo-3.9.3-150400.10.30.1

## References:

* https://www.suse.com/security/cve/CVE-2024-30251.html
* https://bugzilla.suse.com/show_bug.cgi?id=1223726



SUSE-SU-2024:4328-1: important: Security update for python-aiohttp


# Security update for python-aiohttp

Announcement ID: SUSE-SU-2024:4328-1
Release Date: 2024-12-16T13:16:13Z
Rating: important
References:

* bsc#1223726

Cross-References:

* CVE-2024-30251

CVSS scores:

* CVE-2024-30251 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* Public Cloud Module 15-SP2
* Public Cloud Module 15-SP3
* Public Cloud Module 15-SP4
* Public Cloud Module 15-SP5
* Public Cloud Module 15-SP6
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.1
* SUSE Manager Proxy 4.2
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.1
* SUSE Manager Retail Branch Server 4.2
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.1
* SUSE Manager Server 4.2
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for python-aiohttp fixes the following issues:

* CVE-2024-30251: Fixed infinite loop on specially crafted POST request
(bsc#1223726).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-4328=1

* Public Cloud Module 15-SP2
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2024-4328=1

* Public Cloud Module 15-SP3
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP3-2024-4328=1

* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-4328=1

* Public Cloud Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-4328=1

* Public Cloud Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-4328=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python-aiohttp-debugsource-3.6.0-150100.3.21.1
* python3-aiohttp-3.6.0-150100.3.21.1
* python-aiohttp-doc-3.6.0-150100.3.21.1
* python3-aiohttp-debuginfo-3.6.0-150100.3.21.1
* Public Cloud Module 15-SP2 (aarch64 ppc64le s390x x86_64)
* python-aiohttp-debugsource-3.6.0-150100.3.21.1
* python3-aiohttp-3.6.0-150100.3.21.1
* python-aiohttp-doc-3.6.0-150100.3.21.1
* python3-aiohttp-debuginfo-3.6.0-150100.3.21.1
* Public Cloud Module 15-SP3 (aarch64 ppc64le s390x x86_64)
* python-aiohttp-debugsource-3.6.0-150100.3.21.1
* python3-aiohttp-3.6.0-150100.3.21.1
* python3-aiohttp-debuginfo-3.6.0-150100.3.21.1
* Public Cloud Module 15-SP4 (aarch64 ppc64le s390x x86_64)
* python-aiohttp-debugsource-3.6.0-150100.3.21.1
* python3-aiohttp-3.6.0-150100.3.21.1
* python3-aiohttp-debuginfo-3.6.0-150100.3.21.1
* Public Cloud Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* python-aiohttp-debugsource-3.6.0-150100.3.21.1
* python3-aiohttp-3.6.0-150100.3.21.1
* python3-aiohttp-debuginfo-3.6.0-150100.3.21.1
* Public Cloud Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* python-aiohttp-debugsource-3.6.0-150100.3.21.1
* python3-aiohttp-3.6.0-150100.3.21.1
* python3-aiohttp-debuginfo-3.6.0-150100.3.21.1

## References:

* https://www.suse.com/security/cve/CVE-2024-30251.html
* https://bugzilla.suse.com/show_bug.cgi?id=1223726



SUSE-SU-2024:4333-1: moderate: Security update for libaom, libyuv


# Security update for libaom, libyuv

Announcement ID: SUSE-SU-2024:4333-1
Release Date: 2024-12-16T16:43:25Z
Rating: moderate
References:

* jsc#PED-11042
* jsc#PED-11100

Cross-References:

* CVE-2023-6879

CVSS scores:

* CVE-2023-6879 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2023-6879 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* Basesystem Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP4 LTSS
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability and contains two features can now be
installed.

## Description:

This update for libaom, libyuv fixes the following issues:

libaom was updated to version 3.7.1:

* Bug Fixes:

* aomedia:3349: heap overflow when increasing resolution
* aomedia:3478: GCC 12.2.0 emits a -Wstringop-overflow warning on aom/av1/encoder/motion_search_facade.c
* aomedia:3489: Detect encoder and image high bit depth mismatch
* aomedia:3491: heap-buffer-overflow on frame size change
* b/303023614: Segfault at encoding time for high bit depth images
* New upstream release 3.7.0

* New Features

* New codec controls:

* AV1E_SET_QUANTIZER_ONE_PASS: Set quantizer for each frame.

* AV1E_ENABLE_RATE_GUIDE_DELTAQ: enable the rate distribution guided delta quantization in all intra mode. The "enable-rate-guide-deltaq" option is added for this control.
* AV1E_SET_RATE_DISTRIBUTION_INFO: set the input file for rate distribution used in all intra mode. The "rate-distribution-info" option is added for this control.
* AV1E_GET_LUMA_CDEF_STRENGTH
* AV1E_SET_BITRATE_ONE_PASS_CBR

* AOM_SCALING_MODE is extended to include 2/3 and 1/3 scaling.

* aom_tune_metric is extended to include AOM_TUNE_VMAF_SALIENCY_MAP. The "tune" option is extended to include "vmaf_saliency_map".
* SVC example encoder svc_encoder_rtc is able to use the rate control library.
* Loopfilter level and CDEF filter level is supported by RTC rate control library.
* New speed (--cpu-used) 11, intended for RTC screen sharing, added for faster encoding with ~3% bdrate loss with 16% IC (instruction count) speedup compared to speed 10.
* Compression Efficiency Improvements

* Improved VoD encoding performance

* 0.1-0.6% BDrate gains for encoding speeds 2 to 6

* Rate control accuracy improvement in VBR mode

* RTC encoding improvements

* Screen content mode: 10-19% BDrate gains for speeds 6 - 10

* Temporal layers video mode, for speed 10:

* 2 temporal layers on low resolutions: 13-15% BDrate gain
* 3 temporal layers on VGA/HD: 3-4% BDrate gain
* Perceptual Quality Improvements

* Fixed multiple block and color artifacts for RTC screen content by

* Incorporating color into RD cost for IDTX

* Reducing thresholds for palette mode in non RD mode
* Allowing more palette mode testing

* Improved color sensitivity for altref in non-RD mode.

* Reduced video flickering for temporal layer encoding.
* Speedup and Memory Optimizations

* Speed up the VoD encoder

* 2-5% for encoding speed 2 to 4

* 9-15% for encoding speed 5 to 6
* ARM

* Standard bitdepth

* speed 5: +31%

* speed 4: +2%
* speed 3: +9%
* speed 2: +157%

* High bitdepth

* speed 5: +85%

* RTC speedups

* Screen content mode

* 15% IC speedup for speeds 6-8
* ARM: 7% for speed 9, 3% for speed 10
* Temporal layers video mode

* 7% speedup for 3 temporal layers on VGA/HD, for speed 10
* Single layer video

* x86: 2% IC speedup for speeds 7-10
* ARM: 2-4% speedup across speeds 5-10
* Bug Fixes

* aomedia:3261 Assertion failed when encoding av1 with film grain and '\--monochrome' flag
* aomedia:3276 ensure all allocations are checked (partial fix)
* aomedia:3451 The libaom library calls exit()
* aomedia:3450 enable -Wshadow for C++ sources
* aomedia:3449 Test Seg Faults After b459af3e345be402db052a143fcc5383d4b74cbd
* aomedia:3416 prune unused symbols / restrict symbol visibility
* aomedia:3443 Jenkins failure: UninstantiatedParameterizedTestSuite
* aomedia:3434 realtime failures with CONFIG_BITSTREAM_DEBUG=1
* aomedia:3433 DeltaqModeTest crash w/row_mt=0
* aomedia:3429 Encoder crash when turn on both ExternalResize and g_threads > 2
* aomedia:3438 Build failure with `-DSANITIZE=address -DBUILD_SHARED_LIBS=ON` when using clang.
* aomedia:3435 Block artifacts when scrolling with AV1 in screen sharing scenarios
* aomedia:3170 vmaf tune presets produce extreme glitches in one scene
* aomedia:3401 Building shared libaom with MSVC results in a race condition with the export library
* aomedia:3420 Floating point exception in av1_tpl_get_frame_importance()
* aomedia:3424 heap-buffer-overflow in ScaleFilterCols_16_C() (SIGABRT)
* aomedia:3417 examples/svc_encoder_rtc.c is using internal macros and functions
* aomedia:3372 SEGV in assign_frame_buffer_p av1_common_int.h
* aomedia:3130 'cpu-features.h' file not found on Android NDK 22
* aomedia:3415 Encoder/decoder mismatch for svc_encoder_rtc running 1 SL 3 TL
* aomedia:3412 Lossless Mode Fails Loopback Bit Test
* aomedia:3409 The use of AV1_VAR_OFFS in av1/encoder/var_based_part.c is incorrect for high bit depths
* aomedia:3403 test_libaom fails with error message "feenableexcept() failed" on Linux arm
* aomedia:3370 Random color block at fast motion area
* aomedia:3393 Assertion failure in av1_convolve_2d_sr_c()
* aomedia:3392 Strong artifacting for high bit-depth real-time
* aomedia:3376 aomenc --threads=10 --deltaq-mode=3 crashes after "Allintra: multi-threading of calculating differential contrast"
* aomedia:3380 Crashes and ASan and TSan errors in deltaq-mode=3 multithreading code
* chromium:1410766 heap-buffer-overflow in aom_yv12_copy_v_c
* Cannot set level via AV1E_SET_TARGET_SEQ_LEVEL_IDX
* Encoding failure due to the use of loop restoration with unintended use of lossless mode.
* Signed integer overflow in scan_past_frames
* Signed integer overflow in update_a_sep_sym
* Flickering in AV1 1440p/2160p HDR transcodes
* Fixed artifacts with screen share at encoder speed 10
* Fixed prediction setup for IDTX
* Update to version 3.6.1:

* aomedia:2871: Guard the support of the 7.x and 8.x levels for AV1 under the
CONFIG_CWG_C013 config flag, and only output the 7.x and 8.x levels when
explicitly requested.

* aomedia:3382: Choose sb_size by ppi instead of svc.
* aomedia:3384: Fix fullpel search limits.
* aomedia:3388: Replace left shift of xq_active by multiplication.
* aomedia:3389: Fix MV clamping in av1_mv_pred.
* aomedia:3390: set_ld_layer_depth: cap max_layer_depth to MAX_ARF_LAYERS.
* aomedia:3418: Fix MV clamping in av1_int_pro_motion_estimation.
* aomedia:3429: Move lpf thread data init to lpf_pipeline_mt_init().
* b:266719111: Fix undefined behavior in Arm Neon code.
* b:269840681: nonrd_opt: align scan tables.
* rtc: Fix is_key_frame setting in variance partition.
* Build: Fix build with clang-cl and Visual Studio.

* Update to version 3.6.0:

* This release includes compression efficiency and perceptual quality
improvements, speedup and memory optimizations, and some new features. This
release is ABI compatible with the last release.

* New Features:

* New values 20-27 (corresponding to levels 7.0-7.3 and 8.0-8.3) for the encoder control AV1E_SET_TARGET_SEQ_LEVEL_IDX (note that the proposal to add the new levels are still in draft status). The original special value 24 (keep level stats only for level monitoring) is renumbered as 32.
* New encoder control AV1E_SET_SKIP_POSTPROC_FILTERING to skip the application of post-processing filters on reconstructed frame in all intra mode.
* New encoder option "kf-max-pyr-height": Maximum height of pyramid structure used for the GOP starting with a key frame (-1 to 5).
* Make SVC work for screen content.
* Rate control improvements to reduce frame-size spikes for screen content coding.
* RISC-V architecture support with gcc toolchain.
* Compression Efficiency Improvements:

* Peak compression efficiency in VOD setting is improved by 1%.
* 0.7% - 2.2% RTC encoding BDrate gains for real time speed 8 to 10.
* 15% RTC encoding BDrate gains for screen content speed 10.
* Perceptual Quality Improvements:

* Resolved a visual quality issue that was reported for high resolution clips (2K) for speed 4 and above in VOD use case.
* Visual quality improvements to screen content coding.
* Quality improvements to temporal layer RTC coding.
* Speedup and Memory Optimizations:

* RTC single-thread encoder speedup:

. ~6% instruction count reduction for speed 5 and 6. . ~15% instruction count
reduction for speed 7. . ~10% instruction count reduction for speed 8 to 10
(>=360p resolutions).

* RTC multi-thread encoder speedup (beyond single-thread speedup):

. 5-8% encode time reduction for speed 7 to 10.

* RTC screen-content encoder speedup:

. 11% instruction count reduction for speed 9 and 10 (>=720p resolutions).

* ~5% reduction in heap memory requirements for RTC, speed 6 to 10.

* AVIF:

. 4-5% speedup for speed 9 in still-picture encoding mode. . 3-4% heap memory
reduction in still-picture encoding mode for 360p-720p resolutions with multiple
threads.

* Bug Fixes:

* Added a workaround for an AV1 specification bug which makes TRANSLATION type global motion models unusable.
* Fixed AddressSanitizer global-buffer-overflow errors in av1/encoder/arm/neon/av1_fwd_txfm2d_neon.c.
* Fixed AddressSanitizer heap-buffer-overflow error in av1_wiener_convolve_add_src_neon().
* chromium:1393384 Avoid scene detection on spatial resize.
* aomedia:3308 Remove color artifacts under high motion.
* aomedia:3310 Avoid out of memory failures with Visual Studio 2017, 2019, and 2022 for Win32 x86 builds.
* aomedia:3346 Make SVC work properly for screen content.
* aomedia:3348 Fix a bug where an uninitialized search_site is used.
* aomedia:3365 Work around what seems like a Visual Studio 2022 compiler optimization bug.
* aomedia:3369 Incorrect PSNR values reported by libaom for 12-bit encode.
* Update to version 3.5.0:

* This release is ABI compatible with the last one, including speedup and
memory optimizations, and new APIs and features.

* New Features

* Support for frame parallel encode for larger number of threads. --fp-mt flag is available for all build configurations.
* New codec control AV1E_GET_NUM_OPERATING_POINTS
* Speedup and Memory Optimizations

* Speed-up multithreaded encoding for good quality mode for larger number of threads through frame parallel encoding:

. 30-34% encode time reduction for 1080p, 16 threads, 1x1 tile configuration
(tile_rows x tile_columns) . 18-28% encode time reduction for 1080p, 16 threads,
2x4 tile configuration . 18-20% encode time reduction for 2160p, 32 threads, 2x4
tile configuration \- 16-20% speed-up for speed=6 to 8 in still-picture encoding
mode \- 5-6% heap memory reduction for speed=6 to 10 in real-time encoding mode
\- Improvements to the speed for speed=7, 8 in real-time encoding mode \-
Improvements to the speed for speed=9, 10 in real-time screen encoding mode \-
Optimizations to improve multi-thread efficiency in real-time encoding mode \-
10-15% speed up for SVC with temporal layers \- SIMD optimizations:

. Improve av1_quantize_fp_32x32_neon() 1.05x to 1.24x faster . Add
aom_highbd_quantize_b{,_32x32,_64x64}_adaptive_neon() 3.15x to 5.6x faster than
"C" . Improve av1_quantize_fp_64x64_neon() 1.17x to 1.66x faster . Add
aom_quantize_b_avx2() 1.4x to 1.7x faster than aom_quantize_b_avx() . Add
aom_quantize_b_32x32_avx2() 1.4x to 2.3x faster than aom_quantize_b_32x32_avx()
. Add aom_quantize_b_64x64_avx2() 2.0x to 2.4x faster than
aom_quantize_b_64x64_ssse3() . Add aom_highbd_quantize_b_32x32_avx2() 9.0x to
10.5x faster than aom_highbd_quantize_b_32x32_c() . Add
aom_highbd_quantize_b_64x64_avx2() 7.3x to 9.7x faster than
aom_highbd_quantize_b_64x64_c() . Improve aom_highbd_quantize_b_avx2() 1.07x to
1.20x faster . Improve av1_quantize_fp_avx2() 1.13x to 1.49x faster . Improve
av1_quantize_fp_32x32_avx2() 1.07x to 1.54x faster . Improve
av1_quantize_fp_64x64_avx2() 1.03x to 1.25x faster . Improve
av1_quantize_lp_avx2() 1.07x to 1.16x faster

* Bug fixes including but not limited to

* aomedia:3206 Assert that skip_width > 0 for deconvolve function
* aomedia:3278 row_mt enc: Delay top-right sync when intraBC is enabled
* aomedia:3282 blend_a64_*_neon: fix bus error in armv7
* aomedia:3283 FRAME_PARALLEL: Propagate border size to all cpis
* aomedia:3283 RESIZE_MODE: Fix incorrect strides being used for motion search
* aomedia:3286 rtc-svc: Fix to dynamic_enable spatial layers
* aomedia:3289 rtc-screen: Fix to skipping inter-mode test in nonrd
* aomedia:3289 rtc-screen: Fix for skip newmv on flat blocks
* aomedia:3299 Fix build failure with CONFIG_TUNE_VMAF=1
* aomedia:3296 Fix the conflict --enable-tx-size-search=0 with nonrd mode --enable-tx-size-search will be ignored in non-rd pick mode
* aomedia:3304 Fix off-by-one error of max w/h in validate_config
* aomedia:3306 Do not use pthread_setname_np on GNU/Hurd
* aomedia:3325 row-multithreading produces invalid bitstream in some cases
* chromium:1346938, chromium:1338114
* compiler_flags.cmake: fix flag detection w/cmake 3.17-3.18.2
* tools/*.py: update to python3
* aom_configure.cmake: detect PIE and set CONFIG_PIC
* test/simd_cmp_impl: use explicit types w/CompareSimd*
* rtc: Fix to disable segm for aq-mode=3
* rtc: Fix to color_sensitivity in variance partition
* rtc-screen: Fix bsize in model rd computation for intra chroma
* Fixes to ensure the correct behavior of the encoder algorithms (like segmentation, computation of statistics, etc.)
* Update to version 3.4.0:

* This release includes compression efficiency and perceptual quality
improvements, speedup and memory optimizations, and some new features. There
are no ABI or API breaking changes in this release.

* New Features:

* New --dist-metric flag with "qm-psnr" value to use quantization matrices in the distortion computation for RD search. The default value is "psnr".
* New command line option "\--auto-intra-tools-off=1" to make all-intra encoding faster for high bit rate under "\--deltaq-mode=3" mode.
* New rate control library aom_av1_rc for real-time hardware encoders. Supports CBR for both one spatial layer and SVC.
* New image format AOM_IMG_FMT_NV12 can be used as input to the encoder. The presence of AOM_IMG_FMT_NV12 can be detected at compile time by checking if the macro AOM_HAVE_IMG_FMT_NV12 is defined.
* New codec controls for the encoder:

o AV1E_SET_AUTO_INTRA_TOOLS_OFF. Only in effect if \--deltaq-mode=3. o
AV1E_SET_RTC_EXTERNAL_RC o AV1E_SET_FP_MT. Only supported if libaom is built
with -DCONFIG_FRAME_PARALLEL_ENCODE=1. o AV1E_GET_TARGET_SEQ_LEVEL_IDX

* New key-value pairs for the key-value API:

o --auto-intra-tools-off=0 (default) or 1. Only in effect if \--deltaq-mode=3. o
--strict-level-conformance=0 (default) or 1 o --fp-mt=0 (default) or 1. Only
supported if libaom is built with -DCONFIG_FRAME_PARALLEL_ENCODE=1. \- New
aomenc options (not supported by the key-value API):

o --nv12

* Compression Efficiency Improvements:

* Correctly calculate SSE for high bitdepth in skip mode, 0.2% to 0.6% coding gain.
* RTC at speed 9/10: BD-rate gain of ~4/5%
* RTC screen content coding: many improvements for real-time screen at speed 10 (quality, speedup, and rate control), up to high resolutions (1080p).
* RTC-SVC: fixes to make intra-only frames work for spatial layers.
* RTC-SVC: quality improvements for temporal layers.
* AV1 RT: A new passive rate control strategy for screen content, an average of 7.5% coding gain, with some clips of 20+%. The feature is turned off by default due to higher bit rate variation.
* Perceptual Quality Improvements:

* RTC: Visual quality improvements for high speeds (9/10)
* Improvements in coding quality for all intra mode
* Speedup and Memory Optimizations:

* ~10% speedup in good quality mode encoding.
* ~7% heap memory reduction in good quality encoding mode for speed 5 and 6.
* Ongoing improvements to intra-frame encoding performance on Arm
* Faster encoding speed for "\--deltaq-mode=3" mode.
* ~10% speedup for speed 5/6, ~15% speedup for speed 7/8, and ~10% speedup for speed 9/10 in real time encoding mode
* ~20% heap memory reduction in still-picture encoding mode for 360p-720p resolutions with multiple threads
* ~13% speedup for speed 6 and ~12% speedup for speed 9 in still-picture encoding mode.
* Optimizations to improve multi-thread efficiency for still-picture encoding mode.
* Bug Fixes:

* b/204460717: README.md: replace master with main
* b/210677928: libaom disable_order is surprising for max_reference_frames=3
* b/222461449: -DCONFIG_TUNE_BUTTERAUGLI=1 broken
* b/227207606: write_greyscale writes incorrect chroma in highbd mode
* b/229955363: Integer-overflow in linsolve_wiener

Update to version 3.3.0:

* This release includes compression efficiency and perceptual quality
improvements, speedup and memory optimizations, some new features, and
several bug fixes.
* New Features

* AV1 RT: Introducing CDEF search level 5
* Changed real time speed 4 to behave the same as real time speed 5
* Add --deltaq-strength
* rtc: Allow scene-change and overshoot detection for svc
* rtc: Intra-only frame for svc
* AV1 RT: Option 2 for codec control AV1E_SET_ENABLE_CDEF to disable CDEF on non-ref frames
* New codec controls AV1E_SET_LOOPFILTER_CONTROL and AOME_GET_LOOPFILTER_LEVEL
* Improvements to three pass encoding
* Compression Efficiency Improvements: Overall compression gains: 0.6%

* Perceptual Quality Improvements

* Improves the perceptual quality of high QP encoding for delta-q mode 4
* Auto select noise synthesis level for all intra
* Speedup and Memory Optimizations

* Added many SSE2 optimizations.
* Good quality 2-pass encoder speedups:

o Speed 2: 9% o Speed 3: 12.5% o Speed 4: 8% o Speed 5: 3% o Speed 6: 4%

* Real time mode encoder speedups:

o Speed 5: 2.6% BDRate gain, 4% speedup o Speed 6: 3.5% BDRate gain, 4% speedup
o Speed 9: 1% BDRate gain, 3% speedup o Speed 10: 3% BDRate gain, neutral
speedup

* All intra encoding speedups (AVIF):

o Single thread - speed 6: 8% o Single thread - speed 9: 15% o Multi thread(8) -
speed 6: 14% o Multi thread(8) - speed 9: 34%

* Bug Fixes

* Issue 3163: Segmentation fault when using \--enable-keyframe-filtering=2
* Issue 2436: Integer overflow in av1_warp_affine_c()
* Issue 3226: armv7 build failure due to gcc-11
* Issue 3195: Bug report on libaom (AddressSanitizer: heap-buffer-overflow)
* Issue 3191: Bug report on libaom (AddressSanitizer: SEGV on unknown address)
* Drop libaom-devel Requires from libaom-devel-doc sub-package: We do not need the devel package to be able to read the devel documentation.

libyuv was added new in version 20230517+a377993.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-4333=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-4333=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4333=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-4333=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-4333=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-4333=1

* SUSE Linux Enterprise Server 15 SP4 LTSS
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-4333=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-4333=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-4333=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-4333=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-4333=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libyuv-debugsource-20230517+a377993-150400.9.3.1
* libaom-debugsource-3.7.1-150400.3.9.1
* libyuv-tools-debuginfo-20230517+a377993-150400.9.3.1
* libyuv-devel-20230517+a377993-150400.9.3.1
* libaom3-debuginfo-3.7.1-150400.3.9.1
* libyuv-tools-20230517+a377993-150400.9.3.1
* libyuv0-debuginfo-20230517+a377993-150400.9.3.1
* libaom-devel-3.7.1-150400.3.9.1
* libyuv0-20230517+a377993-150400.9.3.1
* libaom3-3.7.1-150400.3.9.1
* aom-tools-3.7.1-150400.3.9.1
* aom-tools-debuginfo-3.7.1-150400.3.9.1
* openSUSE Leap 15.4 (x86_64)
* libaom3-32bit-debuginfo-3.7.1-150400.3.9.1
* libyuv0-32bit-20230517+a377993-150400.9.3.1
* libaom3-32bit-3.7.1-150400.3.9.1
* libyuv0-32bit-debuginfo-20230517+a377993-150400.9.3.1
* openSUSE Leap 15.4 (noarch)
* libaom-devel-doc-3.7.1-150400.3.9.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libaom3-64bit-3.7.1-150400.3.9.1
* libaom3-64bit-debuginfo-3.7.1-150400.3.9.1
* libyuv0-64bit-debuginfo-20230517+a377993-150400.9.3.1
* libyuv0-64bit-20230517+a377993-150400.9.3.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* libyuv-debugsource-20230517+a377993-150400.9.3.1
* libaom-debugsource-3.7.1-150400.3.9.1
* libyuv-tools-debuginfo-20230517+a377993-150400.9.3.1
* libyuv-devel-20230517+a377993-150400.9.3.1
* libaom3-debuginfo-3.7.1-150400.3.9.1
* libyuv-tools-20230517+a377993-150400.9.3.1
* libyuv0-debuginfo-20230517+a377993-150400.9.3.1
* libaom-devel-3.7.1-150400.3.9.1
* libyuv0-20230517+a377993-150400.9.3.1
* libaom3-3.7.1-150400.3.9.1
* aom-tools-3.7.1-150400.3.9.1
* aom-tools-debuginfo-3.7.1-150400.3.9.1
* openSUSE Leap 15.5 (noarch)
* libaom-devel-doc-3.7.1-150400.3.9.1
* openSUSE Leap 15.5 (x86_64)
* libaom3-32bit-debuginfo-3.7.1-150400.3.9.1
* libyuv0-32bit-20230517+a377993-150400.9.3.1
* libaom3-32bit-3.7.1-150400.3.9.1
* libyuv0-32bit-debuginfo-20230517+a377993-150400.9.3.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libyuv-debugsource-20230517+a377993-150400.9.3.1
* libaom-debugsource-3.7.1-150400.3.9.1
* libyuv-tools-debuginfo-20230517+a377993-150400.9.3.1
* libyuv-devel-20230517+a377993-150400.9.3.1
* libaom3-debuginfo-3.7.1-150400.3.9.1
* libyuv-tools-20230517+a377993-150400.9.3.1
* libyuv0-debuginfo-20230517+a377993-150400.9.3.1
* libaom-devel-3.7.1-150400.3.9.1
* libyuv0-20230517+a377993-150400.9.3.1
* libaom3-3.7.1-150400.3.9.1
* aom-tools-3.7.1-150400.3.9.1
* aom-tools-debuginfo-3.7.1-150400.3.9.1
* Basesystem Module 15-SP5 (noarch)
* libaom-devel-doc-3.7.1-150400.3.9.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libyuv-debugsource-20230517+a377993-150400.9.3.1
* libaom-debugsource-3.7.1-150400.3.9.1
* libyuv-tools-debuginfo-20230517+a377993-150400.9.3.1
* libyuv-devel-20230517+a377993-150400.9.3.1
* libaom3-debuginfo-3.7.1-150400.3.9.1
* libyuv-tools-20230517+a377993-150400.9.3.1
* libyuv0-debuginfo-20230517+a377993-150400.9.3.1
* libaom-devel-3.7.1-150400.3.9.1
* libyuv0-20230517+a377993-150400.9.3.1
* libaom3-3.7.1-150400.3.9.1
* aom-tools-3.7.1-150400.3.9.1
* aom-tools-debuginfo-3.7.1-150400.3.9.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* libaom-devel-doc-3.7.1-150400.3.9.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libyuv-debugsource-20230517+a377993-150400.9.3.1
* libaom-debugsource-3.7.1-150400.3.9.1
* libyuv-tools-debuginfo-20230517+a377993-150400.9.3.1
* libyuv-devel-20230517+a377993-150400.9.3.1
* libaom3-debuginfo-3.7.1-150400.3.9.1
* libyuv-tools-20230517+a377993-150400.9.3.1
* libyuv0-debuginfo-20230517+a377993-150400.9.3.1
* libaom-devel-3.7.1-150400.3.9.1
* libyuv0-20230517+a377993-150400.9.3.1
* libaom3-3.7.1-150400.3.9.1
* aom-tools-3.7.1-150400.3.9.1
* aom-tools-debuginfo-3.7.1-150400.3.9.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* libaom-devel-doc-3.7.1-150400.3.9.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS (x86_64)
* libyuv-debugsource-20230517+a377993-150400.9.3.1
* libaom-debugsource-3.7.1-150400.3.9.1
* libyuv-tools-debuginfo-20230517+a377993-150400.9.3.1
* libyuv-devel-20230517+a377993-150400.9.3.1
* libaom3-debuginfo-3.7.1-150400.3.9.1
* libyuv-tools-20230517+a377993-150400.9.3.1
* libyuv0-debuginfo-20230517+a377993-150400.9.3.1
* libaom-devel-3.7.1-150400.3.9.1
* libyuv0-20230517+a377993-150400.9.3.1
* libaom3-3.7.1-150400.3.9.1
* aom-tools-3.7.1-150400.3.9.1
* aom-tools-debuginfo-3.7.1-150400.3.9.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS (noarch)
* libaom-devel-doc-3.7.1-150400.3.9.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64 ppc64le s390x x86_64)
* libyuv-debugsource-20230517+a377993-150400.9.3.1
* libaom-debugsource-3.7.1-150400.3.9.1
* libyuv-tools-debuginfo-20230517+a377993-150400.9.3.1
* libyuv-devel-20230517+a377993-150400.9.3.1
* libaom3-debuginfo-3.7.1-150400.3.9.1
* libyuv-tools-20230517+a377993-150400.9.3.1
* libyuv0-debuginfo-20230517+a377993-150400.9.3.1
* libaom-devel-3.7.1-150400.3.9.1
* libyuv0-20230517+a377993-150400.9.3.1
* libaom3-3.7.1-150400.3.9.1
* aom-tools-3.7.1-150400.3.9.1
* aom-tools-debuginfo-3.7.1-150400.3.9.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (noarch)
* libaom-devel-doc-3.7.1-150400.3.9.1
* SUSE Linux Enterprise Server 15 SP4 LTSS (aarch64_ilp32)
* libyuv0-64bit-debuginfo-20230517+a377993-150400.9.3.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libyuv-debugsource-20230517+a377993-150400.9.3.1
* libaom-debugsource-3.7.1-150400.3.9.1
* libyuv-tools-debuginfo-20230517+a377993-150400.9.3.1
* libyuv-devel-20230517+a377993-150400.9.3.1
* libaom3-debuginfo-3.7.1-150400.3.9.1
* libyuv-tools-20230517+a377993-150400.9.3.1
* libyuv0-debuginfo-20230517+a377993-150400.9.3.1
* libaom-devel-3.7.1-150400.3.9.1
* libyuv0-20230517+a377993-150400.9.3.1
* libaom3-3.7.1-150400.3.9.1
* aom-tools-3.7.1-150400.3.9.1
* aom-tools-debuginfo-3.7.1-150400.3.9.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* libaom-devel-doc-3.7.1-150400.3.9.1
* SUSE Manager Proxy 4.3 (x86_64)
* libyuv-debugsource-20230517+a377993-150400.9.3.1
* libaom-debugsource-3.7.1-150400.3.9.1
* libyuv-tools-debuginfo-20230517+a377993-150400.9.3.1
* libyuv-devel-20230517+a377993-150400.9.3.1
* libaom3-debuginfo-3.7.1-150400.3.9.1
* libyuv-tools-20230517+a377993-150400.9.3.1
* libyuv0-debuginfo-20230517+a377993-150400.9.3.1
* libaom-devel-3.7.1-150400.3.9.1
* libyuv0-20230517+a377993-150400.9.3.1
* libaom3-3.7.1-150400.3.9.1
* aom-tools-3.7.1-150400.3.9.1
* aom-tools-debuginfo-3.7.1-150400.3.9.1
* SUSE Manager Proxy 4.3 (noarch)
* libaom-devel-doc-3.7.1-150400.3.9.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* libyuv-debugsource-20230517+a377993-150400.9.3.1
* libaom-debugsource-3.7.1-150400.3.9.1
* libyuv-tools-debuginfo-20230517+a377993-150400.9.3.1
* libyuv-devel-20230517+a377993-150400.9.3.1
* libaom3-debuginfo-3.7.1-150400.3.9.1
* libyuv-tools-20230517+a377993-150400.9.3.1
* libyuv0-debuginfo-20230517+a377993-150400.9.3.1
* libaom-devel-3.7.1-150400.3.9.1
* libyuv0-20230517+a377993-150400.9.3.1
* libaom3-3.7.1-150400.3.9.1
* aom-tools-3.7.1-150400.3.9.1
* aom-tools-debuginfo-3.7.1-150400.3.9.1
* SUSE Manager Retail Branch Server 4.3 (noarch)
* libaom-devel-doc-3.7.1-150400.3.9.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* libyuv-debugsource-20230517+a377993-150400.9.3.1
* libaom-debugsource-3.7.1-150400.3.9.1
* libyuv-tools-debuginfo-20230517+a377993-150400.9.3.1
* libyuv-devel-20230517+a377993-150400.9.3.1
* libaom3-debuginfo-3.7.1-150400.3.9.1
* libyuv-tools-20230517+a377993-150400.9.3.1
* libyuv0-debuginfo-20230517+a377993-150400.9.3.1
* libaom-devel-3.7.1-150400.3.9.1
* libyuv0-20230517+a377993-150400.9.3.1
* libaom3-3.7.1-150400.3.9.1
* aom-tools-3.7.1-150400.3.9.1
* aom-tools-debuginfo-3.7.1-150400.3.9.1
* SUSE Manager Server 4.3 (noarch)
* libaom-devel-doc-3.7.1-150400.3.9.1

## References:

* https://www.suse.com/security/cve/CVE-2023-6879.html
* https://jira.suse.com/browse/PED-11042
* https://jira.suse.com/browse/PED-11100


Python, PHP, Scap-Security-Guide updates for Oracle Linux

Kernel, cURL, Docker updates for Ubuntu

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.orgĀ  I ...